[libre-riscv-dev] [Bug 189] Create partitioned right shift using the existing partitioned left shift
bugzilla-daemon at libre-riscv.org
bugzilla-daemon at libre-riscv.org
Thu Feb 27 22:10:09 GMT 2020
http://bugs.libre-riscv.org/show_bug.cgi?id=189
--- Comment #7 from Michael Nolan <mtnolan2640 at gmail.com> ---
(In reply to Jacob Lifshay from comment #6)
> If we do it as microcode, we should try to have it still be a constant-time
> operation, since it's commonly assumed to be constant-time by crypto code.
Rol ra, rb, rc getting translated to
shl tmp1, rb, rc
shr tmp2, rb, (32-rc)
or ra, tmp1, tmp2
should be constant time with respect to the data being manipulated. The actual
timing probably depends on what else is in the pipe, but that's true of other
instructions as well.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the libre-riscv-dev
mailing list