diff --git a/library/bignum.c b/library/bignum.c index e406cc82a..7a29eb641 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1269,8 +1269,8 @@ cleanup: * d -= s where d and s have the same size and d >= s. */ static void mpi_sub_hlp( size_t n, - const mbedtls_mpi_uint *s, - mbedtls_mpi_uint *d ) + mbedtls_mpi_uint *d, + const mbedtls_mpi_uint *s ) { size_t i; mbedtls_mpi_uint c, z; @@ -1325,7 +1325,7 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi if( B->p[n - 1] != 0 ) break; - mpi_sub_hlp( n, B->p, X->p ); + mpi_sub_hlp( n, X->p, B->p ); cleanup: @@ -1959,7 +1959,7 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi * timing attacks. */ /* Set d to A + (2^biL)^n - N. */ d[n] += 1; - mpi_sub_hlp( n, N->p, d ); + mpi_sub_hlp( n, d, N->p ); /* Now d - (2^biL)^n = A - N so d >= (2^biL)^n iff A >= N. * So we want to copy the result of the subtraction iff d->p[n] != 0. * Note that d->p[n] is either 0 or 1 since A - N <= N <= (2^biL)^n. */