From 3f76113c5d499f7e63b6af49f39eb3c897ffce43 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Sun, 25 Nov 2018 16:58:38 +0100
Subject: [PATCH] Use NETTLE_OCTET_SIZE_TO_LIMB_SIZE.

---
 ChangeLog        | 3 +++
 rsa-decrypt-tr.c | 7 +++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2d17fbf5..60e75ba1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2018-11-25  Niels Möller  <nisse@lysator.liu.se>
 
+	* rsa-decrypt-tr.c (rsa_decrypt_tr): Use
+	NETTLE_OCTET_SIZE_TO_LIMB_SIZE.
+
 	* testsuite/rsa-sec-decrypt-test.c (rsa_decrypt_for_test): Tweak
 	valgrind marking, and document potential leakage of lowest and
 	highest bits of p and q.
diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index dc47f8fb..8fbe847e 100644
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -49,16 +49,19 @@ rsa_decrypt_tr(const struct rsa_public_key *pub,
 {
   TMP_GMP_DECL (m, mp_limb_t);
   TMP_GMP_DECL (em, uint8_t);
+  mp_size_t key_limb_size;
   int res;
 
-  TMP_GMP_ALLOC (m, mpz_size(pub->n));
+  key_limb_size = NETTLE_OCTET_SIZE_TO_LIMB_SIZE(key->size);
+
+  TMP_GMP_ALLOC (m, key_limb_size);
   TMP_GMP_ALLOC (em, key->size);
 
   res = rsa_sec_compute_root_tr (pub, key, random_ctx, random, m,
                                  mpz_limbs_read(gibberish),
                                  mpz_size(gibberish));
 
-  mpn_get_base256 (em, key->size, m, mpz_size(pub->n));
+  mpn_get_base256 (em, key->size, m, key_limb_size);
 
   res &= _pkcs1_sec_decrypt_variable (length, message, key->size, em);
 
-- 
GitLab