Simplify pivot check

This fixes the Internal Compiler Error described in GH randombit#4444 and makes the code more readable to humans as a side-effect. Note that bitvector::equals() is implemented as (lhs ^ rhs).none() and is meant to be constant time as well.
Rohde-Schwarz · Nov 25, 2024 · c1a0603 · c1a0603
1 parent 446eb8c
commit c1a0603
Showing 1 changed file with 4 additions and 9 deletions.
diff --git a/src/lib/pubkey/classic_mceliece/cmce_keys_internal.cpp b/src/lib/pubkey/classic_mceliece/cmce_keys_internal.cpp
@@ -137,18 +137,13 @@ std::shared_ptr<Classic_McEliece_PublicKeyInternal> Classic_McEliece_PublicKeyIn
    }
    auto& [pk_matrix, pivot] = pk_matrix_and_pivot.value();
 
-   // There should not be a pivot other than 0xff ff ff ff 00 00 00 00.
-   // Otherwise the gauss algorithm failed effectively.
-   const auto pivot_is_valid = (CT::Mask<uint8_t>::expand(pivot.subvector(0, pivot.size() / 2).all()) &
-                                CT::Mask<uint8_t>::expand(pivot.subvector(pivot.size() / 2).none()))
-                                  .as_choice();
-   if(!pivot_is_valid.as_bool()) {
+   // There should not be a pivot of any other form. Otherwise the gauss
+   // algorithm failed effectively.
+   if(!pivot.equals(bitvector{0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00})) {
       throw Decoding_Error("Cannot create public key from private key. Private key is invalid.");
    }
 
-   auto pk = std::make_shared<Classic_McEliece_PublicKeyInternal>(sk.params(), std::move(pk_matrix));
-
-   return pk;
+   return std::make_shared<Classic_McEliece_PublicKeyInternal>(sk.params(), std::move(pk_matrix));
 }
 
 Classic_McEliece_KeyPair_Internal Classic_McEliece_KeyPair_Internal::generate(const Classic_McEliece_Parameters& params,