OLD | NEW |
1 /* crypto/bn/bn_nist.c */ | 1 /* crypto/bn/bn_nist.c */ |
2 /* | 2 /* |
3 * Written by Nils Larsch for the OpenSSL project | 3 * Written by Nils Larsch for the OpenSSL project |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, | 347 int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, |
348 BN_CTX *ctx) | 348 BN_CTX *ctx) |
349 { | 349 { |
350 int top = a->top, i; | 350 int top = a->top, i; |
351 int carry; | 351 int carry; |
352 register BN_ULONG *r_d, *a_d = a->d; | 352 register BN_ULONG *r_d, *a_d = a->d; |
353 BN_ULONG t_d[BN_NIST_192_TOP], | 353 BN_ULONG t_d[BN_NIST_192_TOP], |
354 buf[BN_NIST_192_TOP], | 354 buf[BN_NIST_192_TOP], |
355 c_d[BN_NIST_192_TOP], | 355 c_d[BN_NIST_192_TOP], |
356 *res; | 356 *res; |
357 » size_t mask; | 357 » PTR_SIZE_INT mask; |
358 static const BIGNUM _bignum_nist_p_192_sqr = { | 358 static const BIGNUM _bignum_nist_p_192_sqr = { |
359 (BN_ULONG *)_nist_p_192_sqr, | 359 (BN_ULONG *)_nist_p_192_sqr, |
360 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), | 360 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), |
361 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), | 361 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), |
362 0,BN_FLG_STATIC_DATA }; | 362 0,BN_FLG_STATIC_DATA }; |
363 | 363 |
364 field = &_bignum_nist_p_192; /* just to make sure */ | 364 field = &_bignum_nist_p_192; /* just to make sure */ |
365 | 365 |
366 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_192_sqr)>=0) | 366 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_192_sqr)>=0) |
367 return BN_nnmod(r, a, field, ctx); | 367 return BN_nnmod(r, a, field, ctx); |
(...skipping 30 matching lines...) Expand all Loading... |
398 carry = (int)bn_sub_words(r_d,r_d,_nist_p_192[carry-1],BN_NIST_1
92_TOP); | 398 carry = (int)bn_sub_words(r_d,r_d,_nist_p_192[carry-1],BN_NIST_1
92_TOP); |
399 else | 399 else |
400 carry = 1; | 400 carry = 1; |
401 | 401 |
402 /* | 402 /* |
403 * we need 'if (carry==0 || result>=modulus) result-=modulus;' | 403 * we need 'if (carry==0 || result>=modulus) result-=modulus;' |
404 * as comparison implies subtraction, we can write | 404 * as comparison implies subtraction, we can write |
405 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;' | 405 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;' |
406 * this is what happens below, but without explicit if:-) a. | 406 * this is what happens below, but without explicit if:-) a. |
407 */ | 407 */ |
408 » mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP); | 408 » mask = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_
TOP); |
409 » mask &= 0-(size_t)carry; | 409 » mask &= 0-(PTR_SIZE_INT)carry; |
410 » res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); | 410 » res = (BN_ULONG *) |
| 411 » (((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask)); |
411 nist_cp_bn(r_d, res, BN_NIST_192_TOP); | 412 nist_cp_bn(r_d, res, BN_NIST_192_TOP); |
412 r->top = BN_NIST_192_TOP; | 413 r->top = BN_NIST_192_TOP; |
413 bn_correct_top(r); | 414 bn_correct_top(r); |
414 | 415 |
415 return 1; | 416 return 1; |
416 } | 417 } |
417 | 418 |
418 typedef BN_ULONG (*bn_addsub_f)(BN_ULONG *,const BN_ULONG *,const BN_ULONG *,int
); | 419 typedef BN_ULONG (*bn_addsub_f)(BN_ULONG *,const BN_ULONG *,const BN_ULONG *,int
); |
419 | 420 |
420 #define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \ | 421 #define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \ |
(...skipping 10 matching lines...) Expand all Loading... |
431 int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, | 432 int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, |
432 BN_CTX *ctx) | 433 BN_CTX *ctx) |
433 { | 434 { |
434 int top = a->top, i; | 435 int top = a->top, i; |
435 int carry; | 436 int carry; |
436 BN_ULONG *r_d, *a_d = a->d; | 437 BN_ULONG *r_d, *a_d = a->d; |
437 BN_ULONG t_d[BN_NIST_224_TOP], | 438 BN_ULONG t_d[BN_NIST_224_TOP], |
438 buf[BN_NIST_224_TOP], | 439 buf[BN_NIST_224_TOP], |
439 c_d[BN_NIST_224_TOP], | 440 c_d[BN_NIST_224_TOP], |
440 *res; | 441 *res; |
441 » size_t mask; | 442 » PTR_SIZE_INT mask; |
442 » union { bn_addsub_f f; size_t p; } u; | 443 » union { bn_addsub_f f; PTR_SIZE_INT p; } u; |
443 static const BIGNUM _bignum_nist_p_224_sqr = { | 444 static const BIGNUM _bignum_nist_p_224_sqr = { |
444 (BN_ULONG *)_nist_p_224_sqr, | 445 (BN_ULONG *)_nist_p_224_sqr, |
445 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), | 446 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), |
446 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), | 447 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), |
447 0,BN_FLG_STATIC_DATA }; | 448 0,BN_FLG_STATIC_DATA }; |
448 | 449 |
449 | 450 |
450 field = &_bignum_nist_p_224; /* just to make sure */ | 451 field = &_bignum_nist_p_224; /* just to make sure */ |
451 | 452 |
452 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_224_sqr)>=0) | 453 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_224_sqr)>=0) |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
503 } | 504 } |
504 else if (carry < 0) | 505 else if (carry < 0) |
505 { | 506 { |
506 /* it's a bit more comlicated logic in this case. | 507 /* it's a bit more comlicated logic in this case. |
507 * if bn_add_words yields no carry, then result | 508 * if bn_add_words yields no carry, then result |
508 * has to be adjusted by unconditionally *adding* | 509 * has to be adjusted by unconditionally *adding* |
509 * the modulus. but if it does, then result has | 510 * the modulus. but if it does, then result has |
510 * to be compared to the modulus and conditionally | 511 * to be compared to the modulus and conditionally |
511 * adjusted by *subtracting* the latter. */ | 512 * adjusted by *subtracting* the latter. */ |
512 carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_
224_TOP); | 513 carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_
224_TOP); |
513 » » mask = 0-(size_t)carry; | 514 » » mask = 0-(PTR_SIZE_INT)carry; |
514 » » u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask)
; | 515 » » u.p = ((PTR_SIZE_INT)bn_sub_words&mask) | |
| 516 » » ((PTR_SIZE_INT)bn_add_words&~mask); |
515 } | 517 } |
516 else | 518 else |
517 carry = 1; | 519 carry = 1; |
518 | 520 |
519 /* otherwise it's effectively same as in BN_nist_mod_192... */ | 521 /* otherwise it's effectively same as in BN_nist_mod_192... */ |
520 » mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP); | 522 » mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP); |
521 » mask &= 0-(size_t)carry; | 523 » mask &= 0-(PTR_SIZE_INT)carry; |
522 » res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); | 524 » res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) | |
| 525 » ((PTR_SIZE_INT)r_d&mask)); |
523 nist_cp_bn(r_d, res, BN_NIST_224_TOP); | 526 nist_cp_bn(r_d, res, BN_NIST_224_TOP); |
524 r->top = BN_NIST_224_TOP; | 527 r->top = BN_NIST_224_TOP; |
525 bn_correct_top(r); | 528 bn_correct_top(r); |
526 | 529 |
527 return 1; | 530 return 1; |
528 } | 531 } |
529 | 532 |
530 #define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \ | 533 #define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \ |
531 { \ | 534 { \ |
532 bn_cp_32(to, 0, from, (a8) - 8) \ | 535 bn_cp_32(to, 0, from, (a8) - 8) \ |
533 bn_cp_32(to, 1, from, (a7) - 8) \ | 536 bn_cp_32(to, 1, from, (a7) - 8) \ |
534 bn_cp_32(to, 2, from, (a6) - 8) \ | 537 bn_cp_32(to, 2, from, (a6) - 8) \ |
535 bn_cp_32(to, 3, from, (a5) - 8) \ | 538 bn_cp_32(to, 3, from, (a5) - 8) \ |
536 bn_cp_32(to, 4, from, (a4) - 8) \ | 539 bn_cp_32(to, 4, from, (a4) - 8) \ |
537 bn_cp_32(to, 5, from, (a3) - 8) \ | 540 bn_cp_32(to, 5, from, (a3) - 8) \ |
538 bn_cp_32(to, 6, from, (a2) - 8) \ | 541 bn_cp_32(to, 6, from, (a2) - 8) \ |
539 bn_cp_32(to, 7, from, (a1) - 8) \ | 542 bn_cp_32(to, 7, from, (a1) - 8) \ |
540 } | 543 } |
541 | 544 |
542 int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, | 545 int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, |
543 BN_CTX *ctx) | 546 BN_CTX *ctx) |
544 { | 547 { |
545 int i, top = a->top; | 548 int i, top = a->top; |
546 int carry = 0; | 549 int carry = 0; |
547 register BN_ULONG *a_d = a->d, *r_d; | 550 register BN_ULONG *a_d = a->d, *r_d; |
548 BN_ULONG t_d[BN_NIST_256_TOP], | 551 BN_ULONG t_d[BN_NIST_256_TOP], |
549 buf[BN_NIST_256_TOP], | 552 buf[BN_NIST_256_TOP], |
550 c_d[BN_NIST_256_TOP], | 553 c_d[BN_NIST_256_TOP], |
551 *res; | 554 *res; |
552 » size_t mask; | 555 » PTR_SIZE_INT mask; |
553 » union { bn_addsub_f f; size_t p; } u; | 556 » union { bn_addsub_f f; PTR_SIZE_INT p; } u; |
554 static const BIGNUM _bignum_nist_p_256_sqr = { | 557 static const BIGNUM _bignum_nist_p_256_sqr = { |
555 (BN_ULONG *)_nist_p_256_sqr, | 558 (BN_ULONG *)_nist_p_256_sqr, |
556 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), | 559 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), |
557 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), | 560 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), |
558 0,BN_FLG_STATIC_DATA }; | 561 0,BN_FLG_STATIC_DATA }; |
559 | 562 |
560 field = &_bignum_nist_p_256; /* just to make sure */ | 563 field = &_bignum_nist_p_256; /* just to make sure */ |
561 | 564 |
562 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_256_sqr)>=0) | 565 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_256_sqr)>=0) |
563 return BN_nnmod(r, a, field, ctx); | 566 return BN_nnmod(r, a, field, ctx); |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
622 nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14); | 625 nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14); |
623 carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); | 626 carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); |
624 | 627 |
625 /* see BN_nist_mod_224 for explanation */ | 628 /* see BN_nist_mod_224 for explanation */ |
626 u.f = bn_sub_words; | 629 u.f = bn_sub_words; |
627 if (carry > 0) | 630 if (carry > 0) |
628 carry = (int)bn_sub_words(r_d,r_d,_nist_p_256[carry-1],BN_NIST_2
56_TOP); | 631 carry = (int)bn_sub_words(r_d,r_d,_nist_p_256[carry-1],BN_NIST_2
56_TOP); |
629 else if (carry < 0) | 632 else if (carry < 0) |
630 { | 633 { |
631 carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_
256_TOP); | 634 carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_
256_TOP); |
632 » » mask = 0-(size_t)carry; | 635 » » mask = 0-(PTR_SIZE_INT)carry; |
633 » » u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask)
; | 636 » » u.p = ((PTR_SIZE_INT)bn_sub_words&mask) | |
| 637 » » ((PTR_SIZE_INT)bn_add_words&~mask); |
634 } | 638 } |
635 else | 639 else |
636 carry = 1; | 640 carry = 1; |
637 | 641 |
638 » mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP); | 642 » mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP); |
639 » mask &= 0-(size_t)carry; | 643 » mask &= 0-(PTR_SIZE_INT)carry; |
640 » res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); | 644 » res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) | |
| 645 » ((PTR_SIZE_INT)r_d&mask)); |
641 nist_cp_bn(r_d, res, BN_NIST_256_TOP); | 646 nist_cp_bn(r_d, res, BN_NIST_256_TOP); |
642 r->top = BN_NIST_256_TOP; | 647 r->top = BN_NIST_256_TOP; |
643 bn_correct_top(r); | 648 bn_correct_top(r); |
644 | 649 |
645 return 1; | 650 return 1; |
646 } | 651 } |
647 | 652 |
648 #define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \ | 653 #define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \ |
649 { \ | 654 { \ |
650 bn_cp_32(to, 0, from, (a12) - 12) \ | 655 bn_cp_32(to, 0, from, (a12) - 12) \ |
(...skipping 13 matching lines...) Expand all Loading... |
664 int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, | 669 int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, |
665 BN_CTX *ctx) | 670 BN_CTX *ctx) |
666 { | 671 { |
667 int i, top = a->top; | 672 int i, top = a->top; |
668 int carry = 0; | 673 int carry = 0; |
669 register BN_ULONG *r_d, *a_d = a->d; | 674 register BN_ULONG *r_d, *a_d = a->d; |
670 BN_ULONG t_d[BN_NIST_384_TOP], | 675 BN_ULONG t_d[BN_NIST_384_TOP], |
671 buf[BN_NIST_384_TOP], | 676 buf[BN_NIST_384_TOP], |
672 c_d[BN_NIST_384_TOP], | 677 c_d[BN_NIST_384_TOP], |
673 *res; | 678 *res; |
674 » size_t» mask; | 679 » PTR_SIZE_INT mask; |
675 » union { bn_addsub_f f; size_t p; } u; | 680 » union { bn_addsub_f f; PTR_SIZE_INT p; } u; |
676 static const BIGNUM _bignum_nist_p_384_sqr = { | 681 static const BIGNUM _bignum_nist_p_384_sqr = { |
677 (BN_ULONG *)_nist_p_384_sqr, | 682 (BN_ULONG *)_nist_p_384_sqr, |
678 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), | 683 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), |
679 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), | 684 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), |
680 0,BN_FLG_STATIC_DATA }; | 685 0,BN_FLG_STATIC_DATA }; |
681 | 686 |
682 | 687 |
683 field = &_bignum_nist_p_384; /* just to make sure */ | 688 field = &_bignum_nist_p_384; /* just to make sure */ |
684 | 689 |
685 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_384_sqr)>=0) | 690 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_384_sqr)>=0) |
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
747 nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,23,0,0,0); | 752 nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,23,0,0,0); |
748 carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP); | 753 carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP); |
749 | 754 |
750 /* see BN_nist_mod_224 for explanation */ | 755 /* see BN_nist_mod_224 for explanation */ |
751 u.f = bn_sub_words; | 756 u.f = bn_sub_words; |
752 if (carry > 0) | 757 if (carry > 0) |
753 carry = (int)bn_sub_words(r_d,r_d,_nist_p_384[carry-1],BN_NIST_3
84_TOP); | 758 carry = (int)bn_sub_words(r_d,r_d,_nist_p_384[carry-1],BN_NIST_3
84_TOP); |
754 else if (carry < 0) | 759 else if (carry < 0) |
755 { | 760 { |
756 carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_
384_TOP); | 761 carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_
384_TOP); |
757 » » mask = 0-(size_t)carry; | 762 » » mask = 0-(PTR_SIZE_INT)carry; |
758 » » u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask)
; | 763 » » u.p = ((PTR_SIZE_INT)bn_sub_words&mask) | |
| 764 » » ((PTR_SIZE_INT)bn_add_words&~mask); |
759 } | 765 } |
760 else | 766 else |
761 carry = 1; | 767 carry = 1; |
762 | 768 |
763 » mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP); | 769 » mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP); |
764 » mask &= 0-(size_t)carry; | 770 » mask &= 0-(PTR_SIZE_INT)carry; |
765 » res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); | 771 » res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) | |
| 772 » ((PTR_SIZE_INT)r_d&mask)); |
766 nist_cp_bn(r_d, res, BN_NIST_384_TOP); | 773 nist_cp_bn(r_d, res, BN_NIST_384_TOP); |
767 r->top = BN_NIST_384_TOP; | 774 r->top = BN_NIST_384_TOP; |
768 bn_correct_top(r); | 775 bn_correct_top(r); |
769 | 776 |
770 return 1; | 777 return 1; |
771 } | 778 } |
772 | 779 |
773 #define BN_NIST_521_RSHIFT (521%BN_BITS2) | 780 #define BN_NIST_521_RSHIFT (521%BN_BITS2) |
774 #define BN_NIST_521_LSHIFT (BN_BITS2-BN_NIST_521_RSHIFT) | 781 #define BN_NIST_521_LSHIFT (BN_BITS2-BN_NIST_521_RSHIFT) |
775 #define BN_NIST_521_TOP_MASK ((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT) | 782 #define BN_NIST_521_TOP_MASK ((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT) |
776 | 783 |
777 int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, | 784 int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, |
778 BN_CTX *ctx) | 785 BN_CTX *ctx) |
779 { | 786 { |
780 int top = a->top, i; | 787 int top = a->top, i; |
781 BN_ULONG *r_d, *a_d = a->d, | 788 BN_ULONG *r_d, *a_d = a->d, |
782 t_d[BN_NIST_521_TOP], | 789 t_d[BN_NIST_521_TOP], |
783 val,tmp,*res; | 790 val,tmp,*res; |
784 » size_t» mask; | 791 » PTR_SIZE_INT mask; |
785 static const BIGNUM _bignum_nist_p_521_sqr = { | 792 static const BIGNUM _bignum_nist_p_521_sqr = { |
786 (BN_ULONG *)_nist_p_521_sqr, | 793 (BN_ULONG *)_nist_p_521_sqr, |
787 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), | 794 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), |
788 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), | 795 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), |
789 0,BN_FLG_STATIC_DATA }; | 796 0,BN_FLG_STATIC_DATA }; |
790 | 797 |
791 field = &_bignum_nist_p_521; /* just to make sure */ | 798 field = &_bignum_nist_p_521; /* just to make sure */ |
792 | 799 |
793 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_521_sqr)>=0) | 800 if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_521_sqr)>=0) |
794 return BN_nnmod(r, a, field, ctx); | 801 return BN_nnmod(r, a, field, ctx); |
(...skipping 24 matching lines...) Expand all Loading... |
819 { | 826 { |
820 tmp = val>>BN_NIST_521_RSHIFT; | 827 tmp = val>>BN_NIST_521_RSHIFT; |
821 val = t_d[i+1]; | 828 val = t_d[i+1]; |
822 t_d[i] = (tmp | val<<BN_NIST_521_LSHIFT) & BN_MASK2; | 829 t_d[i] = (tmp | val<<BN_NIST_521_LSHIFT) & BN_MASK2; |
823 } | 830 } |
824 t_d[i] = val>>BN_NIST_521_RSHIFT; | 831 t_d[i] = val>>BN_NIST_521_RSHIFT; |
825 /* lower 521 bits */ | 832 /* lower 521 bits */ |
826 r_d[i] &= BN_NIST_521_TOP_MASK; | 833 r_d[i] &= BN_NIST_521_TOP_MASK; |
827 | 834 |
828 bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP); | 835 bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP); |
829 » mask = 0-(size_t)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP); | 836 » mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP)
; |
830 » res = (BN_ULONG *)(((size_t)t_d&~mask) | ((size_t)r_d&mask)); | 837 » res = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) | |
| 838 » ((PTR_SIZE_INT)r_d&mask)); |
831 nist_cp_bn(r_d,res,BN_NIST_521_TOP); | 839 nist_cp_bn(r_d,res,BN_NIST_521_TOP); |
832 r->top = BN_NIST_521_TOP; | 840 r->top = BN_NIST_521_TOP; |
833 bn_correct_top(r); | 841 bn_correct_top(r); |
834 | 842 |
835 return 1; | 843 return 1; |
836 } | 844 } |
OLD | NEW |