summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2000-10-25 15:23:17 +0000
committercvs2svn <admin@example.com>2000-10-25 15:23:17 +0000
commit690af28bdf827ab9c81648f507eb492c9076d5d3 (patch)
tree1ced1775de07c13c2a5a1d9e3bde843578ac541d /src/lib/libcrypto/bn
parent463e714935b9651a5eb2c08fcf3f8844fc6b653d (diff)
downloadopenbsd-OPENBSD_2_8.tar.gz
openbsd-OPENBSD_2_8.tar.bz2
openbsd-OPENBSD_2_8.zip
This commit was manufactured by cvs2git to create branch 'OPENBSD_2_8'.OPENBSD_2_8
Diffstat (limited to 'src/lib/libcrypto/bn')
-rw-r--r--src/lib/libcrypto/bn/asm/bn-586.pl384
-rw-r--r--src/lib/libcrypto/bn/asm/co-586.pl286
-rw-r--r--src/lib/libcrypto/bn/asm/pa-risc2.s416
-rw-r--r--src/lib/libcrypto/bn/asm/sparcv8.S1458
-rw-r--r--src/lib/libcrypto/bn/asm/sparcv8plus.S1535
-rw-r--r--src/lib/libcrypto/bn/asm/x86.pl28
-rw-r--r--src/lib/libcrypto/bn/asm/x86/add.pl76
-rw-r--r--src/lib/libcrypto/bn/asm/x86/comba.pl277
-rw-r--r--src/lib/libcrypto/bn/asm/x86/div.pl15
-rw-r--r--src/lib/libcrypto/bn/asm/x86/mul.pl77
-rw-r--r--src/lib/libcrypto/bn/asm/x86/mul_add.pl87
-rw-r--r--src/lib/libcrypto/bn/asm/x86/sqr.pl60
-rw-r--r--src/lib/libcrypto/bn/asm/x86/sub.pl76
-rw-r--r--src/lib/libcrypto/bn/bn.h510
-rw-r--r--src/lib/libcrypto/bn/bn_add.c307
-rw-r--r--src/lib/libcrypto/bn/bn_asm.c837
-rw-r--r--src/lib/libcrypto/bn/bn_blind.c144
-rw-r--r--src/lib/libcrypto/bn/bn_ctx.c144
-rw-r--r--src/lib/libcrypto/bn/bn_div.c380
-rw-r--r--src/lib/libcrypto/bn/bn_err.c119
-rw-r--r--src/lib/libcrypto/bn/bn_exp.c749
-rw-r--r--src/lib/libcrypto/bn/bn_exp2.c199
-rw-r--r--src/lib/libcrypto/bn/bn_gcd.c210
-rw-r--r--src/lib/libcrypto/bn/bn_lcl.h321
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c755
-rw-r--r--src/lib/libcrypto/bn/bn_mont.c339
-rw-r--r--src/lib/libcrypto/bn/bn_mpi.c129
-rw-r--r--src/lib/libcrypto/bn/bn_mul.c794
-rw-r--r--src/lib/libcrypto/bn/bn_prime.c465
-rw-r--r--src/lib/libcrypto/bn/bn_prime.h325
-rw-r--r--src/lib/libcrypto/bn/bn_prime.pl117
-rw-r--r--src/lib/libcrypto/bn/bn_print.c332
-rw-r--r--src/lib/libcrypto/bn/bn_rand.c136
-rw-r--r--src/lib/libcrypto/bn/bn_recp.c220
-rw-r--r--src/lib/libcrypto/bn/bn_shift.c200
-rw-r--r--src/lib/libcrypto/bn/bn_sqr.c288
-rw-r--r--src/lib/libcrypto/bn/bn_word.c194
37 files changed, 0 insertions, 12989 deletions
diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl
deleted file mode 100644
index 5191bed273..0000000000
--- a/src/lib/libcrypto/bn/asm/bn-586.pl
+++ /dev/null
@@ -1,384 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6&asm_init($ARGV[0],$0);
7
8&bn_mul_add_words("bn_mul_add_words");
9&bn_mul_words("bn_mul_words");
10&bn_sqr_words("bn_sqr_words");
11&bn_div_words("bn_div_words");
12&bn_add_words("bn_add_words");
13&bn_sub_words("bn_sub_words");
14
15&asm_finish();
16
17sub bn_mul_add_words
18 {
19 local($name)=@_;
20
21 &function_begin($name,"");
22
23 &comment("");
24 $Low="eax";
25 $High="edx";
26 $a="ebx";
27 $w="ebp";
28 $r="edi";
29 $c="esi";
30
31 &xor($c,$c); # clear carry
32 &mov($r,&wparam(0)); #
33
34 &mov("ecx",&wparam(2)); #
35 &mov($a,&wparam(1)); #
36
37 &and("ecx",0xfffffff8); # num / 8
38 &mov($w,&wparam(3)); #
39
40 &push("ecx"); # Up the stack for a tmp variable
41
42 &jz(&label("maw_finish"));
43
44 &set_label("maw_loop",0);
45
46 &mov(&swtmp(0),"ecx"); #
47
48 for ($i=0; $i<32; $i+=4)
49 {
50 &comment("Round $i");
51
52 &mov("eax",&DWP($i,$a,"",0)); # *a
53 &mul($w); # *a * w
54 &add("eax",$c); # L(t)+= *r
55 &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
56 &adc("edx",0); # H(t)+=carry
57 &add("eax",$c); # L(t)+=c
58 &adc("edx",0); # H(t)+=carry
59 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
60 &mov($c,"edx"); # c= H(t);
61 }
62
63 &comment("");
64 &mov("ecx",&swtmp(0)); #
65 &add($a,32);
66 &add($r,32);
67 &sub("ecx",8);
68 &jnz(&label("maw_loop"));
69
70 &set_label("maw_finish",0);
71 &mov("ecx",&wparam(2)); # get num
72 &and("ecx",7);
73 &jnz(&label("maw_finish2")); # helps branch prediction
74 &jmp(&label("maw_end"));
75
76 &set_label("maw_finish2",1);
77 for ($i=0; $i<7; $i++)
78 {
79 &comment("Tail Round $i");
80 &mov("eax",&DWP($i*4,$a,"",0));# *a
81 &mul($w); # *a * w
82 &add("eax",$c); # L(t)+=c
83 &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
84 &adc("edx",0); # H(t)+=carry
85 &add("eax",$c);
86 &adc("edx",0); # H(t)+=carry
87 &dec("ecx") if ($i != 7-1);
88 &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
89 &mov($c,"edx"); # c= H(t);
90 &jz(&label("maw_end")) if ($i != 7-1);
91 }
92 &set_label("maw_end",0);
93 &mov("eax",$c);
94
95 &pop("ecx"); # clear variable from
96
97 &function_end($name);
98 }
99
100sub bn_mul_words
101 {
102 local($name)=@_;
103
104 &function_begin($name,"");
105
106 &comment("");
107 $Low="eax";
108 $High="edx";
109 $a="ebx";
110 $w="ecx";
111 $r="edi";
112 $c="esi";
113 $num="ebp";
114
115 &xor($c,$c); # clear carry
116 &mov($r,&wparam(0)); #
117 &mov($a,&wparam(1)); #
118 &mov($num,&wparam(2)); #
119 &mov($w,&wparam(3)); #
120
121 &and($num,0xfffffff8); # num / 8
122 &jz(&label("mw_finish"));
123
124 &set_label("mw_loop",0);
125 for ($i=0; $i<32; $i+=4)
126 {
127 &comment("Round $i");
128
129 &mov("eax",&DWP($i,$a,"",0)); # *a
130 &mul($w); # *a * w
131 &add("eax",$c); # L(t)+=c
132 # XXX
133
134 &adc("edx",0); # H(t)+=carry
135 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
136
137 &mov($c,"edx"); # c= H(t);
138 }
139
140 &comment("");
141 &add($a,32);
142 &add($r,32);
143 &sub($num,8);
144 &jz(&label("mw_finish"));
145 &jmp(&label("mw_loop"));
146
147 &set_label("mw_finish",0);
148 &mov($num,&wparam(2)); # get num
149 &and($num,7);
150 &jnz(&label("mw_finish2"));
151 &jmp(&label("mw_end"));
152
153 &set_label("mw_finish2",1);
154 for ($i=0; $i<7; $i++)
155 {
156 &comment("Tail Round $i");
157 &mov("eax",&DWP($i*4,$a,"",0));# *a
158 &mul($w); # *a * w
159 &add("eax",$c); # L(t)+=c
160 # XXX
161 &adc("edx",0); # H(t)+=carry
162 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
163 &mov($c,"edx"); # c= H(t);
164 &dec($num) if ($i != 7-1);
165 &jz(&label("mw_end")) if ($i != 7-1);
166 }
167 &set_label("mw_end",0);
168 &mov("eax",$c);
169
170 &function_end($name);
171 }
172
173sub bn_sqr_words
174 {
175 local($name)=@_;
176
177 &function_begin($name,"");
178
179 &comment("");
180 $r="esi";
181 $a="edi";
182 $num="ebx";
183
184 &mov($r,&wparam(0)); #
185 &mov($a,&wparam(1)); #
186 &mov($num,&wparam(2)); #
187
188 &and($num,0xfffffff8); # num / 8
189 &jz(&label("sw_finish"));
190
191 &set_label("sw_loop",0);
192 for ($i=0; $i<32; $i+=4)
193 {
194 &comment("Round $i");
195 &mov("eax",&DWP($i,$a,"",0)); # *a
196 # XXX
197 &mul("eax"); # *a * *a
198 &mov(&DWP($i*2,$r,"",0),"eax"); #
199 &mov(&DWP($i*2+4,$r,"",0),"edx");#
200 }
201
202 &comment("");
203 &add($a,32);
204 &add($r,64);
205 &sub($num,8);
206 &jnz(&label("sw_loop"));
207
208 &set_label("sw_finish",0);
209 &mov($num,&wparam(2)); # get num
210 &and($num,7);
211 &jz(&label("sw_end"));
212
213 for ($i=0; $i<7; $i++)
214 {
215 &comment("Tail Round $i");
216 &mov("eax",&DWP($i*4,$a,"",0)); # *a
217 # XXX
218 &mul("eax"); # *a * *a
219 &mov(&DWP($i*8,$r,"",0),"eax"); #
220 &dec($num) if ($i != 7-1);
221 &mov(&DWP($i*8+4,$r,"",0),"edx");
222 &jz(&label("sw_end")) if ($i != 7-1);
223 }
224 &set_label("sw_end",0);
225
226 &function_end($name);
227 }
228
229sub bn_div_words
230 {
231 local($name)=@_;
232
233 &function_begin($name,"");
234 &mov("edx",&wparam(0)); #
235 &mov("eax",&wparam(1)); #
236 &mov("ebx",&wparam(2)); #
237 &div("ebx");
238 &function_end($name);
239 }
240
241sub bn_add_words
242 {
243 local($name)=@_;
244
245 &function_begin($name,"");
246
247 &comment("");
248 $a="esi";
249 $b="edi";
250 $c="eax";
251 $r="ebx";
252 $tmp1="ecx";
253 $tmp2="edx";
254 $num="ebp";
255
256 &mov($r,&wparam(0)); # get r
257 &mov($a,&wparam(1)); # get a
258 &mov($b,&wparam(2)); # get b
259 &mov($num,&wparam(3)); # get num
260 &xor($c,$c); # clear carry
261 &and($num,0xfffffff8); # num / 8
262
263 &jz(&label("aw_finish"));
264
265 &set_label("aw_loop",0);
266 for ($i=0; $i<8; $i++)
267 {
268 &comment("Round $i");
269
270 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
271 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
272 &add($tmp1,$c);
273 &mov($c,0);
274 &adc($c,$c);
275 &add($tmp1,$tmp2);
276 &adc($c,0);
277 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
278 }
279
280 &comment("");
281 &add($a,32);
282 &add($b,32);
283 &add($r,32);
284 &sub($num,8);
285 &jnz(&label("aw_loop"));
286
287 &set_label("aw_finish",0);
288 &mov($num,&wparam(3)); # get num
289 &and($num,7);
290 &jz(&label("aw_end"));
291
292 for ($i=0; $i<7; $i++)
293 {
294 &comment("Tail Round $i");
295 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
296 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
297 &add($tmp1,$c);
298 &mov($c,0);
299 &adc($c,$c);
300 &add($tmp1,$tmp2);
301 &adc($c,0);
302 &dec($num) if ($i != 6);
303 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
304 &jz(&label("aw_end")) if ($i != 6);
305 }
306 &set_label("aw_end",0);
307
308# &mov("eax",$c); # $c is "eax"
309
310 &function_end($name);
311 }
312
313sub bn_sub_words
314 {
315 local($name)=@_;
316
317 &function_begin($name,"");
318
319 &comment("");
320 $a="esi";
321 $b="edi";
322 $c="eax";
323 $r="ebx";
324 $tmp1="ecx";
325 $tmp2="edx";
326 $num="ebp";
327
328 &mov($r,&wparam(0)); # get r
329 &mov($a,&wparam(1)); # get a
330 &mov($b,&wparam(2)); # get b
331 &mov($num,&wparam(3)); # get num
332 &xor($c,$c); # clear carry
333 &and($num,0xfffffff8); # num / 8
334
335 &jz(&label("aw_finish"));
336
337 &set_label("aw_loop",0);
338 for ($i=0; $i<8; $i++)
339 {
340 &comment("Round $i");
341
342 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
343 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
344 &sub($tmp1,$c);
345 &mov($c,0);
346 &adc($c,$c);
347 &sub($tmp1,$tmp2);
348 &adc($c,0);
349 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
350 }
351
352 &comment("");
353 &add($a,32);
354 &add($b,32);
355 &add($r,32);
356 &sub($num,8);
357 &jnz(&label("aw_loop"));
358
359 &set_label("aw_finish",0);
360 &mov($num,&wparam(3)); # get num
361 &and($num,7);
362 &jz(&label("aw_end"));
363
364 for ($i=0; $i<7; $i++)
365 {
366 &comment("Tail Round $i");
367 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
368 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
369 &sub($tmp1,$c);
370 &mov($c,0);
371 &adc($c,$c);
372 &sub($tmp1,$tmp2);
373 &adc($c,0);
374 &dec($num) if ($i != 6);
375 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
376 &jz(&label("aw_end")) if ($i != 6);
377 }
378 &set_label("aw_end",0);
379
380# &mov("eax",$c); # $c is "eax"
381
382 &function_end($name);
383 }
384
diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl
deleted file mode 100644
index 5d962cb957..0000000000
--- a/src/lib/libcrypto/bn/asm/co-586.pl
+++ /dev/null
@@ -1,286 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6&asm_init($ARGV[0],$0);
7
8&bn_mul_comba("bn_mul_comba8",8);
9&bn_mul_comba("bn_mul_comba4",4);
10&bn_sqr_comba("bn_sqr_comba8",8);
11&bn_sqr_comba("bn_sqr_comba4",4);
12
13&asm_finish();
14
15sub mul_add_c
16 {
17 local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
18
19 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
20 # words, and 1 if load return value
21
22 &comment("mul a[$ai]*b[$bi]");
23
24 # "eax" and "edx" will always be pre-loaded.
25 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
26 # &mov("edx",&DWP($bi*4,$b,"",0));
27
28 &mul("edx");
29 &add($c0,"eax");
30 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
31 &mov("eax",&wparam(0)) if $pos > 0; # load r[]
32 ###
33 &adc($c1,"edx");
34 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
35 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
36 ###
37 &adc($c2,0);
38 # is pos > 1, it means it is the last loop
39 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
40 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
41 }
42
43sub sqr_add_c
44 {
45 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
46
47 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
48 # words, and 1 if load return value
49
50 &comment("sqr a[$ai]*a[$bi]");
51
52 # "eax" and "edx" will always be pre-loaded.
53 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
54 # &mov("edx",&DWP($bi*4,$b,"",0));
55
56 if ($ai == $bi)
57 { &mul("eax");}
58 else
59 { &mul("edx");}
60 &add($c0,"eax");
61 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
62 ###
63 &adc($c1,"edx");
64 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
65 ###
66 &adc($c2,0);
67 # is pos > 1, it means it is the last loop
68 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
69 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
70 }
71
72sub sqr_add_c2
73 {
74 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
75
76 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
77 # words, and 1 if load return value
78
79 &comment("sqr a[$ai]*a[$bi]");
80
81 # "eax" and "edx" will always be pre-loaded.
82 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
83 # &mov("edx",&DWP($bi*4,$a,"",0));
84
85 if ($ai == $bi)
86 { &mul("eax");}
87 else
88 { &mul("edx");}
89 &add("eax","eax");
90 ###
91 &adc("edx","edx");
92 ###
93 &adc($c2,0);
94 &add($c0,"eax");
95 &adc($c1,"edx");
96 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
97 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
98 &adc($c2,0);
99 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
100 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
101 ###
102 }
103
104sub bn_mul_comba
105 {
106 local($name,$num)=@_;
107 local($a,$b,$c0,$c1,$c2);
108 local($i,$as,$ae,$bs,$be,$ai,$bi);
109 local($tot,$end);
110
111 &function_begin_B($name,"");
112
113 $c0="ebx";
114 $c1="ecx";
115 $c2="ebp";
116 $a="esi";
117 $b="edi";
118
119 $as=0;
120 $ae=0;
121 $bs=0;
122 $be=0;
123 $tot=$num+$num-1;
124
125 &push("esi");
126 &mov($a,&wparam(1));
127 &push("edi");
128 &mov($b,&wparam(2));
129 &push("ebp");
130 &push("ebx");
131
132 &xor($c0,$c0);
133 &mov("eax",&DWP(0,$a,"",0)); # load the first word
134 &xor($c1,$c1);
135 &mov("edx",&DWP(0,$b,"",0)); # load the first second
136
137 for ($i=0; $i<$tot; $i++)
138 {
139 $ai=$as;
140 $bi=$bs;
141 $end=$be+1;
142
143 &comment("################## Calculate word $i");
144
145 for ($j=$bs; $j<$end; $j++)
146 {
147 &xor($c2,$c2) if ($j == $bs);
148 if (($j+1) == $end)
149 {
150 $v=1;
151 $v=2 if (($i+1) == $tot);
152 }
153 else
154 { $v=0; }
155 if (($j+1) != $end)
156 {
157 $na=($ai-1);
158 $nb=($bi+1);
159 }
160 else
161 {
162 $na=$as+($i < ($num-1));
163 $nb=$bs+($i >= ($num-1));
164 }
165#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
166 &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
167 if ($v)
168 {
169 &comment("saved r[$i]");
170 # &mov("eax",&wparam(0));
171 # &mov(&DWP($i*4,"eax","",0),$c0);
172 ($c0,$c1,$c2)=($c1,$c2,$c0);
173 }
174 $ai--;
175 $bi++;
176 }
177 $as++ if ($i < ($num-1));
178 $ae++ if ($i >= ($num-1));
179
180 $bs++ if ($i >= ($num-1));
181 $be++ if ($i < ($num-1));
182 }
183 &comment("save r[$i]");
184 # &mov("eax",&wparam(0));
185 &mov(&DWP($i*4,"eax","",0),$c0);
186
187 &pop("ebx");
188 &pop("ebp");
189 &pop("edi");
190 &pop("esi");
191 &ret();
192 &function_end_B($name);
193 }
194
195sub bn_sqr_comba
196 {
197 local($name,$num)=@_;
198 local($r,$a,$c0,$c1,$c2)=@_;
199 local($i,$as,$ae,$bs,$be,$ai,$bi);
200 local($b,$tot,$end,$half);
201
202 &function_begin_B($name,"");
203
204 $c0="ebx";
205 $c1="ecx";
206 $c2="ebp";
207 $a="esi";
208 $r="edi";
209
210 &push("esi");
211 &push("edi");
212 &push("ebp");
213 &push("ebx");
214 &mov($r,&wparam(0));
215 &mov($a,&wparam(1));
216 &xor($c0,$c0);
217 &xor($c1,$c1);
218 &mov("eax",&DWP(0,$a,"",0)); # load the first word
219
220 $as=0;
221 $ae=0;
222 $bs=0;
223 $be=0;
224 $tot=$num+$num-1;
225
226 for ($i=0; $i<$tot; $i++)
227 {
228 $ai=$as;
229 $bi=$bs;
230 $end=$be+1;
231
232 &comment("############### Calculate word $i");
233 for ($j=$bs; $j<$end; $j++)
234 {
235 &xor($c2,$c2) if ($j == $bs);
236 if (($ai-1) < ($bi+1))
237 {
238 $v=1;
239 $v=2 if ($i+1) == $tot;
240 }
241 else
242 { $v=0; }
243 if (!$v)
244 {
245 $na=$ai-1;
246 $nb=$bi+1;
247 }
248 else
249 {
250 $na=$as+($i < ($num-1));
251 $nb=$bs+($i >= ($num-1));
252 }
253 if ($ai == $bi)
254 {
255 &sqr_add_c($r,$a,$ai,$bi,
256 $c0,$c1,$c2,$v,$i,$na,$nb);
257 }
258 else
259 {
260 &sqr_add_c2($r,$a,$ai,$bi,
261 $c0,$c1,$c2,$v,$i,$na,$nb);
262 }
263 if ($v)
264 {
265 &comment("saved r[$i]");
266 #&mov(&DWP($i*4,$r,"",0),$c0);
267 ($c0,$c1,$c2)=($c1,$c2,$c0);
268 last;
269 }
270 $ai--;
271 $bi++;
272 }
273 $as++ if ($i < ($num-1));
274 $ae++ if ($i >= ($num-1));
275
276 $bs++ if ($i >= ($num-1));
277 $be++ if ($i < ($num-1));
278 }
279 &mov(&DWP($i*4,$r,"",0),$c0);
280 &pop("ebx");
281 &pop("ebp");
282 &pop("edi");
283 &pop("esi");
284 &ret();
285 &function_end_B($name);
286 }
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s
deleted file mode 100644
index c2725996a4..0000000000
--- a/src/lib/libcrypto/bn/asm/pa-risc2.s
+++ /dev/null
@@ -1,416 +0,0 @@
1 .SPACE $PRIVATE$
2 .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
3 .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
4 .SPACE $TEXT$
5 .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
6 .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
7 .IMPORT $global$,DATA
8 .IMPORT $$dyncall,MILLICODE
9; gcc_compiled.:
10 .SPACE $TEXT$
11 .SUBSPA $CODE$
12
13 .align 4
14 .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
15bn_mul_add_words
16 .PROC
17 .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
18 .ENTRY
19 stw %r2,-20(0,%r30)
20 stwm %r4,64(0,%r30)
21 copy %r24,%r31
22 stw %r3,-60(0,%r30)
23 ldi 0,%r20
24 ldo 12(%r26),%r2
25 stw %r23,-16(0,%r30)
26 copy %r25,%r3
27 ldo 12(%r3),%r1
28 fldws -16(0,%r30),%fr8L
29L$0010
30 copy %r20,%r25
31 ldi 0,%r24
32 fldws 0(0,%r3),%fr9L
33 ldw 0(0,%r26),%r19
34 xmpyu %fr8L,%fr9L,%fr9
35 fstds %fr9,-16(0,%r30)
36 copy %r19,%r23
37 ldw -16(0,%r30),%r28
38 ldw -12(0,%r30),%r29
39 ldi 0,%r22
40 add %r23,%r29,%r29
41 addc %r22,%r28,%r28
42 add %r25,%r29,%r29
43 addc %r24,%r28,%r28
44 copy %r28,%r21
45 ldi 0,%r20
46 copy %r21,%r20
47 addib,= -1,%r31,L$0011
48 stw %r29,0(0,%r26)
49 copy %r20,%r25
50 ldi 0,%r24
51 fldws -8(0,%r1),%fr9L
52 ldw -8(0,%r2),%r19
53 xmpyu %fr8L,%fr9L,%fr9
54 fstds %fr9,-16(0,%r30)
55 copy %r19,%r23
56 ldw -16(0,%r30),%r28
57 ldw -12(0,%r30),%r29
58 ldi 0,%r22
59 add %r23,%r29,%r29
60 addc %r22,%r28,%r28
61 add %r25,%r29,%r29
62 addc %r24,%r28,%r28
63 copy %r28,%r21
64 ldi 0,%r20
65 copy %r21,%r20
66 addib,= -1,%r31,L$0011
67 stw %r29,-8(0,%r2)
68 copy %r20,%r25
69 ldi 0,%r24
70 fldws -4(0,%r1),%fr9L
71 ldw -4(0,%r2),%r19
72 xmpyu %fr8L,%fr9L,%fr9
73 fstds %fr9,-16(0,%r30)
74 copy %r19,%r23
75 ldw -16(0,%r30),%r28
76 ldw -12(0,%r30),%r29
77 ldi 0,%r22
78 add %r23,%r29,%r29
79 addc %r22,%r28,%r28
80 add %r25,%r29,%r29
81 addc %r24,%r28,%r28
82 copy %r28,%r21
83 ldi 0,%r20
84 copy %r21,%r20
85 addib,= -1,%r31,L$0011
86 stw %r29,-4(0,%r2)
87 copy %r20,%r25
88 ldi 0,%r24
89 fldws 0(0,%r1),%fr9L
90 ldw 0(0,%r2),%r19
91 xmpyu %fr8L,%fr9L,%fr9
92 fstds %fr9,-16(0,%r30)
93 copy %r19,%r23
94 ldw -16(0,%r30),%r28
95 ldw -12(0,%r30),%r29
96 ldi 0,%r22
97 add %r23,%r29,%r29
98 addc %r22,%r28,%r28
99 add %r25,%r29,%r29
100 addc %r24,%r28,%r28
101 copy %r28,%r21
102 ldi 0,%r20
103 copy %r21,%r20
104 addib,= -1,%r31,L$0011
105 stw %r29,0(0,%r2)
106 ldo 16(%r1),%r1
107 ldo 16(%r3),%r3
108 ldo 16(%r2),%r2
109 bl L$0010,0
110 ldo 16(%r26),%r26
111L$0011
112 copy %r20,%r28
113 ldw -84(0,%r30),%r2
114 ldw -60(0,%r30),%r3
115 bv 0(%r2)
116 ldwm -64(0,%r30),%r4
117 .EXIT
118 .PROCEND
119 .align 4
120 .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
121bn_mul_words
122 .PROC
123 .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
124 .ENTRY
125 stw %r2,-20(0,%r30)
126 copy %r25,%r2
127 stwm %r4,64(0,%r30)
128 copy %r24,%r19
129 ldi 0,%r28
130 stw %r23,-16(0,%r30)
131 ldo 12(%r26),%r31
132 ldo 12(%r2),%r29
133 fldws -16(0,%r30),%fr8L
134L$0026
135 fldws 0(0,%r2),%fr9L
136 xmpyu %fr8L,%fr9L,%fr9
137 fstds %fr9,-16(0,%r30)
138 copy %r28,%r21
139 ldi 0,%r20
140 ldw -16(0,%r30),%r24
141 ldw -12(0,%r30),%r25
142 add %r21,%r25,%r25
143 addc %r20,%r24,%r24
144 copy %r24,%r23
145 ldi 0,%r22
146 copy %r23,%r28
147 addib,= -1,%r19,L$0027
148 stw %r25,0(0,%r26)
149 fldws -8(0,%r29),%fr9L
150 xmpyu %fr8L,%fr9L,%fr9
151 fstds %fr9,-16(0,%r30)
152 copy %r28,%r21
153 ldi 0,%r20
154 ldw -16(0,%r30),%r24
155 ldw -12(0,%r30),%r25
156 add %r21,%r25,%r25
157 addc %r20,%r24,%r24
158 copy %r24,%r23
159 ldi 0,%r22
160 copy %r23,%r28
161 addib,= -1,%r19,L$0027
162 stw %r25,-8(0,%r31)
163 fldws -4(0,%r29),%fr9L
164 xmpyu %fr8L,%fr9L,%fr9
165 fstds %fr9,-16(0,%r30)
166 copy %r28,%r21
167 ldi 0,%r20
168 ldw -16(0,%r30),%r24
169 ldw -12(0,%r30),%r25
170 add %r21,%r25,%r25
171 addc %r20,%r24,%r24
172 copy %r24,%r23
173 ldi 0,%r22
174 copy %r23,%r28
175 addib,= -1,%r19,L$0027
176 stw %r25,-4(0,%r31)
177 fldws 0(0,%r29),%fr9L
178 xmpyu %fr8L,%fr9L,%fr9
179 fstds %fr9,-16(0,%r30)
180 copy %r28,%r21
181 ldi 0,%r20
182 ldw -16(0,%r30),%r24
183 ldw -12(0,%r30),%r25
184 add %r21,%r25,%r25
185 addc %r20,%r24,%r24
186 copy %r24,%r23
187 ldi 0,%r22
188 copy %r23,%r28
189 addib,= -1,%r19,L$0027
190 stw %r25,0(0,%r31)
191 ldo 16(%r29),%r29
192 ldo 16(%r2),%r2
193 ldo 16(%r31),%r31
194 bl L$0026,0
195 ldo 16(%r26),%r26
196L$0027
197 ldw -84(0,%r30),%r2
198 bv 0(%r2)
199 ldwm -64(0,%r30),%r4
200 .EXIT
201 .PROCEND
202 .align 4
203 .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
204bn_sqr_words
205 .PROC
206 .CALLINFO FRAME=0,NO_CALLS
207 .ENTRY
208 ldo 28(%r26),%r19
209 ldo 12(%r25),%r28
210L$0042
211 fldws 0(0,%r25),%fr8L
212 fldws 0(0,%r25),%fr8R
213 xmpyu %fr8L,%fr8R,%fr8
214 fstds %fr8,-16(0,%r30)
215 ldw -16(0,%r30),%r22
216 ldw -12(0,%r30),%r23
217 stw %r23,0(0,%r26)
218 copy %r22,%r21
219 ldi 0,%r20
220 addib,= -1,%r24,L$0049
221 stw %r21,-24(0,%r19)
222 fldws -8(0,%r28),%fr8L
223 fldws -8(0,%r28),%fr8R
224 xmpyu %fr8L,%fr8R,%fr8
225 fstds %fr8,-16(0,%r30)
226 ldw -16(0,%r30),%r22
227 ldw -12(0,%r30),%r23
228 stw %r23,-20(0,%r19)
229 copy %r22,%r21
230 ldi 0,%r20
231 addib,= -1,%r24,L$0049
232 stw %r21,-16(0,%r19)
233 fldws -4(0,%r28),%fr8L
234 fldws -4(0,%r28),%fr8R
235 xmpyu %fr8L,%fr8R,%fr8
236 fstds %fr8,-16(0,%r30)
237 ldw -16(0,%r30),%r22
238 ldw -12(0,%r30),%r23
239 stw %r23,-12(0,%r19)
240 copy %r22,%r21
241 ldi 0,%r20
242 addib,= -1,%r24,L$0049
243 stw %r21,-8(0,%r19)
244 fldws 0(0,%r28),%fr8L
245 fldws 0(0,%r28),%fr8R
246 xmpyu %fr8L,%fr8R,%fr8
247 fstds %fr8,-16(0,%r30)
248 ldw -16(0,%r30),%r22
249 ldw -12(0,%r30),%r23
250 stw %r23,-4(0,%r19)
251 copy %r22,%r21
252 ldi 0,%r20
253 addib,= -1,%r24,L$0049
254 stw %r21,0(0,%r19)
255 ldo 16(%r28),%r28
256 ldo 16(%r25),%r25
257 ldo 32(%r19),%r19
258 bl L$0042,0
259 ldo 32(%r26),%r26
260L$0049
261 bv,n 0(%r2)
262 .EXIT
263 .PROCEND
264 .IMPORT BN_num_bits_word,CODE
265 .IMPORT fprintf,CODE
266 .IMPORT __iob,DATA
267 .SPACE $TEXT$
268 .SUBSPA $LIT$
269
270 .align 4
271L$C0000
272 .STRING "Division would overflow (%d)\x0a\x00"
273 .IMPORT abort,CODE
274 .SPACE $TEXT$
275 .SUBSPA $CODE$
276
277 .align 4
278 .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
279bn_div64
280 .PROC
281 .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
282 .ENTRY
283 stw %r2,-20(0,%r30)
284 stwm %r8,128(0,%r30)
285 stw %r7,-124(0,%r30)
286 stw %r4,-112(0,%r30)
287 stw %r3,-108(0,%r30)
288 copy %r26,%r3
289 copy %r25,%r4
290 stw %r6,-120(0,%r30)
291 ldi 0,%r7
292 stw %r5,-116(0,%r30)
293 movb,<> %r24,%r5,L$0051
294 ldi 2,%r6
295 bl L$0068,0
296 ldi -1,%r28
297L$0051
298 .CALL ARGW0=GR
299 bl BN_num_bits_word,%r2
300 copy %r5,%r26
301 copy %r28,%r24
302 ldi 32,%r19
303 comb,= %r19,%r24,L$0052
304 subi 31,%r24,%r19
305 mtsar %r19
306 zvdepi 1,32,%r19
307 comb,>>= %r19,%r3,L$0052
308 addil LR'__iob-$global$+32,%r27
309 ldo RR'__iob-$global$+32(%r1),%r26
310 ldil LR'L$C0000,%r25
311 .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
312 bl fprintf,%r2
313 ldo RR'L$C0000(%r25),%r25
314 .CALL
315 bl abort,%r2
316 nop
317L$0052
318 comb,>> %r5,%r3,L$0053
319 subi 32,%r24,%r24
320 sub %r3,%r5,%r3
321L$0053
322 comib,= 0,%r24,L$0054
323 subi 31,%r24,%r19
324 mtsar %r19
325 zvdep %r5,32,%r5
326 zvdep %r3,32,%r21
327 subi 32,%r24,%r20
328 mtsar %r20
329 vshd 0,%r4,%r20
330 or %r21,%r20,%r3
331 mtsar %r19
332 zvdep %r4,32,%r4
333L$0054
334 extru %r5,15,16,%r23
335 extru %r5,31,16,%r28
336L$0055
337 extru %r3,15,16,%r19
338 comb,<> %r23,%r19,L$0058
339 copy %r3,%r26
340 bl L$0059,0
341 zdepi -1,31,16,%r29
342L$0058
343 .IMPORT $$divU,MILLICODE
344 bl $$divU,%r31
345 copy %r23,%r25
346L$0059
347 stw %r29,-16(0,%r30)
348 fldws -16(0,%r30),%fr10L
349 stw %r28,-16(0,%r30)
350 fldws -16(0,%r30),%fr10R
351 stw %r23,-16(0,%r30)
352 xmpyu %fr10L,%fr10R,%fr8
353 fldws -16(0,%r30),%fr10R
354 fstws %fr8R,-16(0,%r30)
355 xmpyu %fr10L,%fr10R,%fr9
356 ldw -16(0,%r30),%r8
357 fstws %fr9R,-16(0,%r30)
358 copy %r8,%r22
359 ldw -16(0,%r30),%r8
360 extru %r4,15,16,%r24
361 copy %r8,%r21
362L$0060
363 sub %r3,%r21,%r20
364 copy %r20,%r19
365 depi 0,31,16,%r19
366 comib,<> 0,%r19,L$0061
367 zdep %r20,15,16,%r19
368 addl %r19,%r24,%r19
369 comb,>>= %r19,%r22,L$0061
370 sub %r22,%r28,%r22
371 sub %r21,%r23,%r21
372 bl L$0060,0
373 ldo -1(%r29),%r29
374L$0061
375 stw %r29,-16(0,%r30)
376 fldws -16(0,%r30),%fr10L
377 stw %r28,-16(0,%r30)
378 fldws -16(0,%r30),%fr10R
379 xmpyu %fr10L,%fr10R,%fr8
380 fstws %fr8R,-16(0,%r30)
381 ldw -16(0,%r30),%r8
382 stw %r23,-16(0,%r30)
383 fldws -16(0,%r30),%fr10R
384 copy %r8,%r19
385 xmpyu %fr10L,%fr10R,%fr8
386 fstws %fr8R,-16(0,%r30)
387 extru %r19,15,16,%r20
388 ldw -16(0,%r30),%r8
389 zdep %r19,15,16,%r19
390 addl %r8,%r20,%r20
391 comclr,<<= %r19,%r4,0
392 addi 1,%r20,%r20
393 comb,<<= %r20,%r3,L$0066
394 sub %r4,%r19,%r4
395 addl %r3,%r5,%r3
396 ldo -1(%r29),%r29
397L$0066
398 addib,= -1,%r6,L$0056
399 sub %r3,%r20,%r3
400 zdep %r29,15,16,%r7
401 shd %r3,%r4,16,%r3
402 bl L$0055,0
403 zdep %r4,15,16,%r4
404L$0056
405 or %r7,%r29,%r28
406L$0068
407 ldw -148(0,%r30),%r2
408 ldw -124(0,%r30),%r7
409 ldw -120(0,%r30),%r6
410 ldw -116(0,%r30),%r5
411 ldw -112(0,%r30),%r4
412 ldw -108(0,%r30),%r3
413 bv 0(%r2)
414 ldwm -128(0,%r30),%r8
415 .EXIT
416 .PROCEND
diff --git a/src/lib/libcrypto/bn/asm/sparcv8.S b/src/lib/libcrypto/bn/asm/sparcv8.S
deleted file mode 100644
index 88c5dc480a..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8.S
+++ /dev/null
@@ -1,1458 +0,0 @@
1.ident "sparcv8.s, Version 1.4"
2.ident "SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
3
4/*
5 * ====================================================================
6 * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
7 * project.
8 *
9 * Rights for redistribution and usage in source and binary forms are
10 * granted according to the OpenSSL license. Warranty of any kind is
11 * disclaimed.
12 * ====================================================================
13 */
14
15/*
16 * This is my modest contributon to OpenSSL project (see
17 * http://www.openssl.org/ for more information about it) and is
18 * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
19 * module. For updates see http://fy.chalmers.se/~appro/hpe/.
20 *
21 * See bn_asm.sparc.v8plus.S for more details.
22 */
23
24/*
25 * Revision history.
26 *
27 * 1.1 - new loop unrolling model(*);
28 * 1.2 - made gas friendly;
29 * 1.3 - fixed problem with /usr/ccs/lib/cpp;
30 * 1.4 - some retunes;
31 *
32 * (*) see bn_asm.sparc.v8plus.S for details
33 */
34
35.section ".text",#alloc,#execinstr
36.file "bn_asm.sparc.v8.S"
37
38.align 32
39
40.global bn_mul_add_words
41/*
42 * BN_ULONG bn_mul_add_words(rp,ap,num,w)
43 * BN_ULONG *rp,*ap;
44 * int num;
45 * BN_ULONG w;
46 */
47bn_mul_add_words:
48 cmp %o2,0
49 bg,a .L_bn_mul_add_words_proceed
50 ld [%o1],%g2
51 retl
52 clr %o0
53
54.L_bn_mul_add_words_proceed:
55 andcc %o2,-4,%g0
56 bz .L_bn_mul_add_words_tail
57 clr %o5
58
59.L_bn_mul_add_words_loop:
60 ld [%o0],%o4
61 ld [%o1+4],%g3
62 umul %o3,%g2,%g2
63 rd %y,%g1
64 addcc %o4,%o5,%o4
65 addx %g1,0,%g1
66 addcc %o4,%g2,%o4
67 st %o4,[%o0]
68 addx %g1,0,%o5
69
70 ld [%o0+4],%o4
71 ld [%o1+8],%g2
72 umul %o3,%g3,%g3
73 dec 4,%o2
74 rd %y,%g1
75 addcc %o4,%o5,%o4
76 addx %g1,0,%g1
77 addcc %o4,%g3,%o4
78 st %o4,[%o0+4]
79 addx %g1,0,%o5
80
81 ld [%o0+8],%o4
82 ld [%o1+12],%g3
83 umul %o3,%g2,%g2
84 inc 16,%o1
85 rd %y,%g1
86 addcc %o4,%o5,%o4
87 addx %g1,0,%g1
88 addcc %o4,%g2,%o4
89 st %o4,[%o0+8]
90 addx %g1,0,%o5
91
92 ld [%o0+12],%o4
93 umul %o3,%g3,%g3
94 inc 16,%o0
95 rd %y,%g1
96 addcc %o4,%o5,%o4
97 addx %g1,0,%g1
98 addcc %o4,%g3,%o4
99 st %o4,[%o0-4]
100 addx %g1,0,%o5
101 andcc %o2,-4,%g0
102 bnz,a .L_bn_mul_add_words_loop
103 ld [%o1],%g2
104
105 tst %o2
106 bnz,a .L_bn_mul_add_words_tail
107 ld [%o1],%g2
108.L_bn_mul_add_words_return:
109 retl
110 mov %o5,%o0
111 nop
112
113.L_bn_mul_add_words_tail:
114 ld [%o0],%o4
115 umul %o3,%g2,%g2
116 addcc %o4,%o5,%o4
117 rd %y,%g1
118 addx %g1,0,%g1
119 addcc %o4,%g2,%o4
120 addx %g1,0,%o5
121 deccc %o2
122 bz .L_bn_mul_add_words_return
123 st %o4,[%o0]
124
125 ld [%o1+4],%g2
126 ld [%o0+4],%o4
127 umul %o3,%g2,%g2
128 rd %y,%g1
129 addcc %o4,%o5,%o4
130 addx %g1,0,%g1
131 addcc %o4,%g2,%o4
132 addx %g1,0,%o5
133 deccc %o2
134 bz .L_bn_mul_add_words_return
135 st %o4,[%o0+4]
136
137 ld [%o1+8],%g2
138 ld [%o0+8],%o4
139 umul %o3,%g2,%g2
140 rd %y,%g1
141 addcc %o4,%o5,%o4
142 addx %g1,0,%g1
143 addcc %o4,%g2,%o4
144 st %o4,[%o0+8]
145 retl
146 addx %g1,0,%o0
147
148.type bn_mul_add_words,#function
149.size bn_mul_add_words,(.-bn_mul_add_words)
150
151.align 32
152
153.global bn_mul_words
154/*
155 * BN_ULONG bn_mul_words(rp,ap,num,w)
156 * BN_ULONG *rp,*ap;
157 * int num;
158 * BN_ULONG w;
159 */
160bn_mul_words:
161 cmp %o2,0
162 bg,a .L_bn_mul_words_proceeed
163 ld [%o1],%g2
164 retl
165 clr %o0
166
167.L_bn_mul_words_proceeed:
168 andcc %o2,-4,%g0
169 bz .L_bn_mul_words_tail
170 clr %o5
171
172.L_bn_mul_words_loop:
173 ld [%o1+4],%g3
174 umul %o3,%g2,%g2
175 addcc %g2,%o5,%g2
176 rd %y,%g1
177 addx %g1,0,%o5
178 st %g2,[%o0]
179
180 ld [%o1+8],%g2
181 umul %o3,%g3,%g3
182 addcc %g3,%o5,%g3
183 rd %y,%g1
184 dec 4,%o2
185 addx %g1,0,%o5
186 st %g3,[%o0+4]
187
188 ld [%o1+12],%g3
189 umul %o3,%g2,%g2
190 addcc %g2,%o5,%g2
191 rd %y,%g1
192 inc 16,%o1
193 st %g2,[%o0+8]
194 addx %g1,0,%o5
195
196 umul %o3,%g3,%g3
197 addcc %g3,%o5,%g3
198 rd %y,%g1
199 inc 16,%o0
200 addx %g1,0,%o5
201 st %g3,[%o0-4]
202 andcc %o2,-4,%g0
203 nop
204 bnz,a .L_bn_mul_words_loop
205 ld [%o1],%g2
206
207 tst %o2
208 bnz,a .L_bn_mul_words_tail
209 ld [%o1],%g2
210.L_bn_mul_words_return:
211 retl
212 mov %o5,%o0
213 nop
214
215.L_bn_mul_words_tail:
216 umul %o3,%g2,%g2
217 addcc %g2,%o5,%g2
218 rd %y,%g1
219 addx %g1,0,%o5
220 deccc %o2
221 bz .L_bn_mul_words_return
222 st %g2,[%o0]
223 nop
224
225 ld [%o1+4],%g2
226 umul %o3,%g2,%g2
227 addcc %g2,%o5,%g2
228 rd %y,%g1
229 addx %g1,0,%o5
230 deccc %o2
231 bz .L_bn_mul_words_return
232 st %g2,[%o0+4]
233
234 ld [%o1+8],%g2
235 umul %o3,%g2,%g2
236 addcc %g2,%o5,%g2
237 rd %y,%g1
238 st %g2,[%o0+8]
239 retl
240 addx %g1,0,%o0
241
242.type bn_mul_words,#function
243.size bn_mul_words,(.-bn_mul_words)
244
245.align 32
246.global bn_sqr_words
247/*
248 * void bn_sqr_words(r,a,n)
249 * BN_ULONG *r,*a;
250 * int n;
251 */
252bn_sqr_words:
253 cmp %o2,0
254 bg,a .L_bn_sqr_words_proceeed
255 ld [%o1],%g2
256 retl
257 clr %o0
258
259.L_bn_sqr_words_proceeed:
260 andcc %o2,-4,%g0
261 bz .L_bn_sqr_words_tail
262 clr %o5
263
264.L_bn_sqr_words_loop:
265 ld [%o1+4],%g3
266 umul %g2,%g2,%o4
267 st %o4,[%o0]
268 rd %y,%o5
269 st %o5,[%o0+4]
270
271 ld [%o1+8],%g2
272 umul %g3,%g3,%o4
273 dec 4,%o2
274 st %o4,[%o0+8]
275 rd %y,%o5
276 st %o5,[%o0+12]
277 nop
278
279 ld [%o1+12],%g3
280 umul %g2,%g2,%o4
281 st %o4,[%o0+16]
282 rd %y,%o5
283 inc 16,%o1
284 st %o5,[%o0+20]
285
286 umul %g3,%g3,%o4
287 inc 32,%o0
288 st %o4,[%o0-8]
289 rd %y,%o5
290 st %o5,[%o0-4]
291 andcc %o2,-4,%g2
292 bnz,a .L_bn_sqr_words_loop
293 ld [%o1],%g2
294
295 tst %o2
296 nop
297 bnz,a .L_bn_sqr_words_tail
298 ld [%o1],%g2
299.L_bn_sqr_words_return:
300 retl
301 clr %o0
302
303.L_bn_sqr_words_tail:
304 umul %g2,%g2,%o4
305 st %o4,[%o0]
306 deccc %o2
307 rd %y,%o5
308 bz .L_bn_sqr_words_return
309 st %o5,[%o0+4]
310
311 ld [%o1+4],%g2
312 umul %g2,%g2,%o4
313 st %o4,[%o0+8]
314 deccc %o2
315 rd %y,%o5
316 nop
317 bz .L_bn_sqr_words_return
318 st %o5,[%o0+12]
319
320 ld [%o1+8],%g2
321 umul %g2,%g2,%o4
322 st %o4,[%o0+16]
323 rd %y,%o5
324 st %o5,[%o0+20]
325 retl
326 clr %o0
327
328.type bn_sqr_words,#function
329.size bn_sqr_words,(.-bn_sqr_words)
330
331.align 32
332
333.global bn_div_words
334/*
335 * BN_ULONG bn_div_words(h,l,d)
336 * BN_ULONG h,l,d;
337 */
338bn_div_words:
339 wr %o0,%y
340 udiv %o1,%o2,%o0
341 retl
342 nop
343
344.type bn_div_words,#function
345.size bn_div_words,(.-bn_div_words)
346
347.align 32
348
349.global bn_add_words
350/*
351 * BN_ULONG bn_add_words(rp,ap,bp,n)
352 * BN_ULONG *rp,*ap,*bp;
353 * int n;
354 */
355bn_add_words:
356 cmp %o3,0
357 bg,a .L_bn_add_words_proceed
358 ld [%o1],%o4
359 retl
360 clr %o0
361
362.L_bn_add_words_proceed:
363 andcc %o3,-4,%g0
364 bz .L_bn_add_words_tail
365 clr %g1
366 ba .L_bn_add_words_warn_loop
367 addcc %g0,0,%g0 ! clear carry flag
368
369.L_bn_add_words_loop:
370 ld [%o1],%o4
371.L_bn_add_words_warn_loop:
372 ld [%o2],%o5
373 ld [%o1+4],%g3
374 ld [%o2+4],%g4
375 dec 4,%o3
376 addxcc %o5,%o4,%o5
377 st %o5,[%o0]
378
379 ld [%o1+8],%o4
380 ld [%o2+8],%o5
381 inc 16,%o1
382 addxcc %g3,%g4,%g3
383 st %g3,[%o0+4]
384
385 ld [%o1-4],%g3
386 ld [%o2+12],%g4
387 inc 16,%o2
388 addxcc %o5,%o4,%o5
389 st %o5,[%o0+8]
390
391 inc 16,%o0
392 addxcc %g3,%g4,%g3
393 st %g3,[%o0-4]
394 addx %g0,0,%g1
395 andcc %o3,-4,%g0
396 bnz,a .L_bn_add_words_loop
397 addcc %g1,-1,%g0
398
399 tst %o3
400 bnz,a .L_bn_add_words_tail
401 ld [%o1],%o4
402.L_bn_add_words_return:
403 retl
404 mov %g1,%o0
405
406.L_bn_add_words_tail:
407 addcc %g1,-1,%g0
408 ld [%o2],%o5
409 addxcc %o5,%o4,%o5
410 addx %g0,0,%g1
411 deccc %o3
412 bz .L_bn_add_words_return
413 st %o5,[%o0]
414
415 ld [%o1+4],%o4
416 addcc %g1,-1,%g0
417 ld [%o2+4],%o5
418 addxcc %o5,%o4,%o5
419 addx %g0,0,%g1
420 deccc %o3
421 bz .L_bn_add_words_return
422 st %o5,[%o0+4]
423
424 ld [%o1+8],%o4
425 addcc %g1,-1,%g0
426 ld [%o2+8],%o5
427 addxcc %o5,%o4,%o5
428 st %o5,[%o0+8]
429 retl
430 addx %g0,0,%o0
431
432.type bn_add_words,#function
433.size bn_add_words,(.-bn_add_words)
434
435.align 32
436
437.global bn_sub_words
438/*
439 * BN_ULONG bn_sub_words(rp,ap,bp,n)
440 * BN_ULONG *rp,*ap,*bp;
441 * int n;
442 */
443bn_sub_words:
444 cmp %o3,0
445 bg,a .L_bn_sub_words_proceed
446 ld [%o1],%o4
447 retl
448 clr %o0
449
450.L_bn_sub_words_proceed:
451 andcc %o3,-4,%g0
452 bz .L_bn_sub_words_tail
453 clr %g1
454 ba .L_bn_sub_words_warm_loop
455 addcc %g0,0,%g0 ! clear carry flag
456
457.L_bn_sub_words_loop:
458 ld [%o1],%o4
459.L_bn_sub_words_warm_loop:
460 ld [%o2],%o5
461 ld [%o1+4],%g3
462 ld [%o2+4],%g4
463 dec 4,%o3
464 subxcc %o4,%o5,%o5
465 st %o5,[%o0]
466
467 ld [%o1+8],%o4
468 ld [%o2+8],%o5
469 inc 16,%o1
470 subxcc %g3,%g4,%g4
471 st %g4,[%o0+4]
472
473 ld [%o1-4],%g3
474 ld [%o2+12],%g4
475 inc 16,%o2
476 subxcc %o4,%o5,%o5
477 st %o5,[%o0+8]
478
479 inc 16,%o0
480 subxcc %g3,%g4,%g4
481 st %g4,[%o0-4]
482 addx %g0,0,%g1
483 andcc %o3,-4,%g0
484 bnz,a .L_bn_sub_words_loop
485 addcc %g1,-1,%g0
486
487 tst %o3
488 nop
489 bnz,a .L_bn_sub_words_tail
490 ld [%o1],%o4
491.L_bn_sub_words_return:
492 retl
493 mov %g1,%o0
494
495.L_bn_sub_words_tail:
496 addcc %g1,-1,%g0
497 ld [%o2],%o5
498 subxcc %o4,%o5,%o5
499 addx %g0,0,%g1
500 deccc %o3
501 bz .L_bn_sub_words_return
502 st %o5,[%o0]
503 nop
504
505 ld [%o1+4],%o4
506 addcc %g1,-1,%g0
507 ld [%o2+4],%o5
508 subxcc %o4,%o5,%o5
509 addx %g0,0,%g1
510 deccc %o3
511 bz .L_bn_sub_words_return
512 st %o5,[%o0+4]
513
514 ld [%o1+8],%o4
515 addcc %g1,-1,%g0
516 ld [%o2+8],%o5
517 subxcc %o4,%o5,%o5
518 st %o5,[%o0+8]
519 retl
520 addx %g0,0,%o0
521
522.type bn_sub_words,#function
523.size bn_sub_words,(.-bn_sub_words)
524
525#define FRAME_SIZE -96
526
527/*
528 * Here is register usage map for *all* routines below.
529 */
530#define t_1 %o0
531#define t_2 %o1
532#define c_1 %o2
533#define c_2 %o3
534#define c_3 %o4
535
536#define ap(I) [%i1+4*I]
537#define bp(I) [%i2+4*I]
538#define rp(I) [%i0+4*I]
539
540#define a_0 %l0
541#define a_1 %l1
542#define a_2 %l2
543#define a_3 %l3
544#define a_4 %l4
545#define a_5 %l5
546#define a_6 %l6
547#define a_7 %l7
548
549#define b_0 %i3
550#define b_1 %i4
551#define b_2 %i5
552#define b_3 %o5
553#define b_4 %g1
554#define b_5 %g2
555#define b_6 %g3
556#define b_7 %g4
557
558.align 32
559.global bn_mul_comba8
560/*
561 * void bn_mul_comba8(r,a,b)
562 * BN_ULONG *r,*a,*b;
563 */
564bn_mul_comba8:
565 save %sp,FRAME_SIZE,%sp
566 ld ap(0),a_0
567 ld bp(0),b_0
568 umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
569 ld bp(1),b_1
570 rd %y,c_2
571 st c_1,rp(0) !r[0]=c1;
572
573 umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
574 ld ap(1),a_1
575 addcc c_2,t_1,c_2
576 rd %y,t_2
577 addxcc %g0,t_2,c_3 !=
578 addx %g0,%g0,c_1
579 ld ap(2),a_2
580 umul a_1,b_0,t_1 !mul_add_c(a[1],b[0],c2,c3,c1);
581 addcc c_2,t_1,c_2 !=
582 rd %y,t_2
583 addxcc c_3,t_2,c_3
584 st c_2,rp(1) !r[1]=c2;
585 addx c_1,%g0,c_1 !=
586
587 umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
588 addcc c_3,t_1,c_3
589 rd %y,t_2
590 addxcc c_1,t_2,c_1 !=
591 addx %g0,%g0,c_2
592 ld bp(2),b_2
593 umul a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
594 addcc c_3,t_1,c_3 !=
595 rd %y,t_2
596 addxcc c_1,t_2,c_1
597 ld bp(3),b_3
598 addx c_2,%g0,c_2 !=
599 umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
600 addcc c_3,t_1,c_3
601 rd %y,t_2
602 addxcc c_1,t_2,c_1 !=
603 addx c_2,%g0,c_2
604 st c_3,rp(2) !r[2]=c3;
605
606 umul a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
607 addcc c_1,t_1,c_1 !=
608 rd %y,t_2
609 addxcc c_2,t_2,c_2
610 addx %g0,%g0,c_3
611 umul a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
612 addcc c_1,t_1,c_1
613 rd %y,t_2
614 addxcc c_2,t_2,c_2
615 addx c_3,%g0,c_3 !=
616 ld ap(3),a_3
617 umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
618 addcc c_1,t_1,c_1
619 rd %y,t_2 !=
620 addxcc c_2,t_2,c_2
621 addx c_3,%g0,c_3
622 ld ap(4),a_4
623 umul a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
624 addcc c_1,t_1,c_1
625 rd %y,t_2
626 addxcc c_2,t_2,c_2
627 addx c_3,%g0,c_3 !=
628 st c_1,rp(3) !r[3]=c1;
629
630 umul a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
631 addcc c_2,t_1,c_2
632 rd %y,t_2 !=
633 addxcc c_3,t_2,c_3
634 addx %g0,%g0,c_1
635 umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
636 addcc c_2,t_1,c_2 !=
637 rd %y,t_2
638 addxcc c_3,t_2,c_3
639 addx c_1,%g0,c_1
640 umul a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
641 addcc c_2,t_1,c_2
642 rd %y,t_2
643 addxcc c_3,t_2,c_3
644 addx c_1,%g0,c_1 !=
645 ld bp(4),b_4
646 umul a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
647 addcc c_2,t_1,c_2
648 rd %y,t_2 !=
649 addxcc c_3,t_2,c_3
650 addx c_1,%g0,c_1
651 ld bp(5),b_5
652 umul a_0,b_4,t_1 !=!mul_add_c(a[0],b[4],c2,c3,c1);
653 addcc c_2,t_1,c_2
654 rd %y,t_2
655 addxcc c_3,t_2,c_3
656 addx c_1,%g0,c_1 !=
657 st c_2,rp(4) !r[4]=c2;
658
659 umul a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
660 addcc c_3,t_1,c_3
661 rd %y,t_2 !=
662 addxcc c_1,t_2,c_1
663 addx %g0,%g0,c_2
664 umul a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
665 addcc c_3,t_1,c_3 !=
666 rd %y,t_2
667 addxcc c_1,t_2,c_1
668 addx c_2,%g0,c_2
669 umul a_2,b_3,t_1 !=!mul_add_c(a[2],b[3],c3,c1,c2);
670 addcc c_3,t_1,c_3
671 rd %y,t_2
672 addxcc c_1,t_2,c_1
673 addx c_2,%g0,c_2 !=
674 umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
675 addcc c_3,t_1,c_3
676 rd %y,t_2
677 addxcc c_1,t_2,c_1 !=
678 addx c_2,%g0,c_2
679 ld ap(5),a_5
680 umul a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
681 addcc c_3,t_1,c_3 !=
682 rd %y,t_2
683 addxcc c_1,t_2,c_1
684 ld ap(6),a_6
685 addx c_2,%g0,c_2 !=
686 umul a_5,b_0,t_1 !mul_add_c(a[5],b[0],c3,c1,c2);
687 addcc c_3,t_1,c_3
688 rd %y,t_2
689 addxcc c_1,t_2,c_1 !=
690 addx c_2,%g0,c_2
691 st c_3,rp(5) !r[5]=c3;
692
693 umul a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
694 addcc c_1,t_1,c_1 !=
695 rd %y,t_2
696 addxcc c_2,t_2,c_2
697 addx %g0,%g0,c_3
698 umul a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
699 addcc c_1,t_1,c_1
700 rd %y,t_2
701 addxcc c_2,t_2,c_2
702 addx c_3,%g0,c_3 !=
703 umul a_4,b_2,t_1 !mul_add_c(a[4],b[2],c1,c2,c3);
704 addcc c_1,t_1,c_1
705 rd %y,t_2
706 addxcc c_2,t_2,c_2 !=
707 addx c_3,%g0,c_3
708 umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
709 addcc c_1,t_1,c_1
710 rd %y,t_2 !=
711 addxcc c_2,t_2,c_2
712 addx c_3,%g0,c_3
713 umul a_2,b_4,t_1 !mul_add_c(a[2],b[4],c1,c2,c3);
714 addcc c_1,t_1,c_1 !=
715 rd %y,t_2
716 addxcc c_2,t_2,c_2
717 ld bp(6),b_6
718 addx c_3,%g0,c_3 !=
719 umul a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
720 addcc c_1,t_1,c_1
721 rd %y,t_2
722 addxcc c_2,t_2,c_2 !=
723 addx c_3,%g0,c_3
724 ld bp(7),b_7
725 umul a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
726 addcc c_1,t_1,c_1 !=
727 rd %y,t_2
728 addxcc c_2,t_2,c_2
729 st c_1,rp(6) !r[6]=c1;
730 addx c_3,%g0,c_3 !=
731
732 umul a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
733 addcc c_2,t_1,c_2
734 rd %y,t_2
735 addxcc c_3,t_2,c_3 !=
736 addx %g0,%g0,c_1
737 umul a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
738 addcc c_2,t_1,c_2
739 rd %y,t_2 !=
740 addxcc c_3,t_2,c_3
741 addx c_1,%g0,c_1
742 umul a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
743 addcc c_2,t_1,c_2 !=
744 rd %y,t_2
745 addxcc c_3,t_2,c_3
746 addx c_1,%g0,c_1
747 umul a_3,b_4,t_1 !=!mul_add_c(a[3],b[4],c2,c3,c1);
748 addcc c_2,t_1,c_2
749 rd %y,t_2
750 addxcc c_3,t_2,c_3
751 addx c_1,%g0,c_1 !=
752 umul a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
753 addcc c_2,t_1,c_2
754 rd %y,t_2
755 addxcc c_3,t_2,c_3 !=
756 addx c_1,%g0,c_1
757 umul a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
758 addcc c_2,t_1,c_2
759 rd %y,t_2 !=
760 addxcc c_3,t_2,c_3
761 addx c_1,%g0,c_1
762 ld ap(7),a_7
763 umul a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
764 addcc c_2,t_1,c_2
765 rd %y,t_2
766 addxcc c_3,t_2,c_3
767 addx c_1,%g0,c_1 !=
768 umul a_7,b_0,t_1 !mul_add_c(a[7],b[0],c2,c3,c1);
769 addcc c_2,t_1,c_2
770 rd %y,t_2
771 addxcc c_3,t_2,c_3 !=
772 addx c_1,%g0,c_1
773 st c_2,rp(7) !r[7]=c2;
774
775 umul a_7,b_1,t_1 !mul_add_c(a[7],b[1],c3,c1,c2);
776 addcc c_3,t_1,c_3 !=
777 rd %y,t_2
778 addxcc c_1,t_2,c_1
779 addx %g0,%g0,c_2
780 umul a_6,b_2,t_1 !=!mul_add_c(a[6],b[2],c3,c1,c2);
781 addcc c_3,t_1,c_3
782 rd %y,t_2
783 addxcc c_1,t_2,c_1
784 addx c_2,%g0,c_2 !=
785 umul a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
786 addcc c_3,t_1,c_3
787 rd %y,t_2
788 addxcc c_1,t_2,c_1 !=
789 addx c_2,%g0,c_2
790 umul a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
791 addcc c_3,t_1,c_3
792 rd %y,t_2 !=
793 addxcc c_1,t_2,c_1
794 addx c_2,%g0,c_2
795 umul a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
796 addcc c_3,t_1,c_3 !=
797 rd %y,t_2
798 addxcc c_1,t_2,c_1
799 addx c_2,%g0,c_2
800 umul a_2,b_6,t_1 !=!mul_add_c(a[2],b[6],c3,c1,c2);
801 addcc c_3,t_1,c_3
802 rd %y,t_2
803 addxcc c_1,t_2,c_1
804 addx c_2,%g0,c_2 !=
805 umul a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
806 addcc c_3,t_1,c_3
807 rd %y,t_2
808 addxcc c_1,t_2,c_1 !
809 addx c_2,%g0,c_2
810 st c_3,rp(8) !r[8]=c3;
811
812 umul a_2,b_7,t_1 !mul_add_c(a[2],b[7],c1,c2,c3);
813 addcc c_1,t_1,c_1 !=
814 rd %y,t_2
815 addxcc c_2,t_2,c_2
816 addx %g0,%g0,c_3
817 umul a_3,b_6,t_1 !=!mul_add_c(a[3],b[6],c1,c2,c3);
818 addcc c_1,t_1,c_1
819 rd %y,t_2
820 addxcc c_2,t_2,c_2
821 addx c_3,%g0,c_3 !=
822 umul a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
823 addcc c_1,t_1,c_1
824 rd %y,t_2
825 addxcc c_2,t_2,c_2 !=
826 addx c_3,%g0,c_3
827 umul a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
828 addcc c_1,t_1,c_1
829 rd %y,t_2 !=
830 addxcc c_2,t_2,c_2
831 addx c_3,%g0,c_3
832 umul a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
833 addcc c_1,t_1,c_1 !=
834 rd %y,t_2
835 addxcc c_2,t_2,c_2
836 addx c_3,%g0,c_3
837 umul a_7,b_2,t_1 !=!mul_add_c(a[7],b[2],c1,c2,c3);
838 addcc c_1,t_1,c_1
839 rd %y,t_2
840 addxcc c_2,t_2,c_2
841 addx c_3,%g0,c_3 !=
842 st c_1,rp(9) !r[9]=c1;
843
844 umul a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
845 addcc c_2,t_1,c_2
846 rd %y,t_2 !=
847 addxcc c_3,t_2,c_3
848 addx %g0,%g0,c_1
849 umul a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
850 addcc c_2,t_1,c_2 !=
851 rd %y,t_2
852 addxcc c_3,t_2,c_3
853 addx c_1,%g0,c_1
854 umul a_5,b_5,t_1 !=!mul_add_c(a[5],b[5],c2,c3,c1);
855 addcc c_2,t_1,c_2
856 rd %y,t_2
857 addxcc c_3,t_2,c_3
858 addx c_1,%g0,c_1 !=
859 umul a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
860 addcc c_2,t_1,c_2
861 rd %y,t_2
862 addxcc c_3,t_2,c_3 !=
863 addx c_1,%g0,c_1
864 umul a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
865 addcc c_2,t_1,c_2
866 rd %y,t_2 !=
867 addxcc c_3,t_2,c_3
868 addx c_1,%g0,c_1
869 st c_2,rp(10) !r[10]=c2;
870
871 umul a_4,b_7,t_1 !=!mul_add_c(a[4],b[7],c3,c1,c2);
872 addcc c_3,t_1,c_3
873 rd %y,t_2
874 addxcc c_1,t_2,c_1
875 addx %g0,%g0,c_2 !=
876 umul a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
877 addcc c_3,t_1,c_3
878 rd %y,t_2
879 addxcc c_1,t_2,c_1 !=
880 addx c_2,%g0,c_2
881 umul a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
882 addcc c_3,t_1,c_3
883 rd %y,t_2 !=
884 addxcc c_1,t_2,c_1
885 addx c_2,%g0,c_2
886 umul a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
887 addcc c_3,t_1,c_3 !=
888 rd %y,t_2
889 addxcc c_1,t_2,c_1
890 st c_3,rp(11) !r[11]=c3;
891 addx c_2,%g0,c_2 !=
892
893 umul a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
894 addcc c_1,t_1,c_1
895 rd %y,t_2
896 addxcc c_2,t_2,c_2 !=
897 addx %g0,%g0,c_3
898 umul a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
899 addcc c_1,t_1,c_1
900 rd %y,t_2 !=
901 addxcc c_2,t_2,c_2
902 addx c_3,%g0,c_3
903 umul a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
904 addcc c_1,t_1,c_1 !=
905 rd %y,t_2
906 addxcc c_2,t_2,c_2
907 st c_1,rp(12) !r[12]=c1;
908 addx c_3,%g0,c_3 !=
909
910 umul a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
911 addcc c_2,t_1,c_2
912 rd %y,t_2
913 addxcc c_3,t_2,c_3 !=
914 addx %g0,%g0,c_1
915 umul a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
916 addcc c_2,t_1,c_2
917 rd %y,t_2 !=
918 addxcc c_3,t_2,c_3
919 addx c_1,%g0,c_1
920 st c_2,rp(13) !r[13]=c2;
921
922 umul a_7,b_7,t_1 !=!mul_add_c(a[7],b[7],c3,c1,c2);
923 addcc c_3,t_1,c_3
924 rd %y,t_2
925 addxcc c_1,t_2,c_1
926 nop !=
927 st c_3,rp(14) !r[14]=c3;
928 st c_1,rp(15) !r[15]=c1;
929
930 ret
931 restore %g0,%g0,%o0
932
933.type bn_mul_comba8,#function
934.size bn_mul_comba8,(.-bn_mul_comba8)
935
936.align 32
937
938.global bn_mul_comba4
939/*
940 * void bn_mul_comba4(r,a,b)
941 * BN_ULONG *r,*a,*b;
942 */
943bn_mul_comba4:
944 save %sp,FRAME_SIZE,%sp
945 ld ap(0),a_0
946 ld bp(0),b_0
947 umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
948 ld bp(1),b_1
949 rd %y,c_2
950 st c_1,rp(0) !r[0]=c1;
951
952 umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
953 ld ap(1),a_1
954 addcc c_2,t_1,c_2
955 rd %y,t_2 !=
956 addxcc %g0,t_2,c_3
957 addx %g0,%g0,c_1
958 ld ap(2),a_2
959 umul a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
960 addcc c_2,t_1,c_2
961 rd %y,t_2
962 addxcc c_3,t_2,c_3
963 addx c_1,%g0,c_1 !=
964 st c_2,rp(1) !r[1]=c2;
965
966 umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
967 addcc c_3,t_1,c_3
968 rd %y,t_2 !=
969 addxcc c_1,t_2,c_1
970 addx %g0,%g0,c_2
971 ld bp(2),b_2
972 umul a_1,b_1,t_1 !=!mul_add_c(a[1],b[1],c3,c1,c2);
973 addcc c_3,t_1,c_3
974 rd %y,t_2
975 addxcc c_1,t_2,c_1
976 addx c_2,%g0,c_2 !=
977 ld bp(3),b_3
978 umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
979 addcc c_3,t_1,c_3
980 rd %y,t_2 !=
981 addxcc c_1,t_2,c_1
982 addx c_2,%g0,c_2
983 st c_3,rp(2) !r[2]=c3;
984
985 umul a_0,b_3,t_1 !=!mul_add_c(a[0],b[3],c1,c2,c3);
986 addcc c_1,t_1,c_1
987 rd %y,t_2
988 addxcc c_2,t_2,c_2
989 addx %g0,%g0,c_3 !=
990 umul a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
991 addcc c_1,t_1,c_1
992 rd %y,t_2
993 addxcc c_2,t_2,c_2 !=
994 addx c_3,%g0,c_3
995 ld ap(3),a_3
996 umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
997 addcc c_1,t_1,c_1 !=
998 rd %y,t_2
999 addxcc c_2,t_2,c_2
1000 addx c_3,%g0,c_3
1001 umul a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);
1002 addcc c_1,t_1,c_1
1003 rd %y,t_2
1004 addxcc c_2,t_2,c_2
1005 addx c_3,%g0,c_3 !=
1006 st c_1,rp(3) !r[3]=c1;
1007
1008 umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
1009 addcc c_2,t_1,c_2
1010 rd %y,t_2 !=
1011 addxcc c_3,t_2,c_3
1012 addx %g0,%g0,c_1
1013 umul a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
1014 addcc c_2,t_1,c_2 !=
1015 rd %y,t_2
1016 addxcc c_3,t_2,c_3
1017 addx c_1,%g0,c_1
1018 umul a_1,b_3,t_1 !=!mul_add_c(a[1],b[3],c2,c3,c1);
1019 addcc c_2,t_1,c_2
1020 rd %y,t_2
1021 addxcc c_3,t_2,c_3
1022 addx c_1,%g0,c_1 !=
1023 st c_2,rp(4) !r[4]=c2;
1024
1025 umul a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
1026 addcc c_3,t_1,c_3
1027 rd %y,t_2 !=
1028 addxcc c_1,t_2,c_1
1029 addx %g0,%g0,c_2
1030 umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
1031 addcc c_3,t_1,c_3 !=
1032 rd %y,t_2
1033 addxcc c_1,t_2,c_1
1034 st c_3,rp(5) !r[5]=c3;
1035 addx c_2,%g0,c_2 !=
1036
1037 umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
1038 addcc c_1,t_1,c_1
1039 rd %y,t_2
1040 addxcc c_2,t_2,c_2 !=
1041 st c_1,rp(6) !r[6]=c1;
1042 st c_2,rp(7) !r[7]=c2;
1043
1044 ret
1045 restore %g0,%g0,%o0
1046
1047.type bn_mul_comba4,#function
1048.size bn_mul_comba4,(.-bn_mul_comba4)
1049
1050.align 32
1051
1052.global bn_sqr_comba8
1053bn_sqr_comba8:
1054 save %sp,FRAME_SIZE,%sp
1055 ld ap(0),a_0
1056 ld ap(1),a_1
1057 umul a_0,a_0,c_1 !=!sqr_add_c(a,0,c1,c2,c3);
1058 rd %y,c_2
1059 st c_1,rp(0) !r[0]=c1;
1060
1061 ld ap(2),a_2
1062 umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1063 addcc c_2,t_1,c_2
1064 rd %y,t_2
1065 addxcc %g0,t_2,c_3
1066 addx %g0,%g0,c_1 !=
1067 addcc c_2,t_1,c_2
1068 addxcc c_3,t_2,c_3
1069 st c_2,rp(1) !r[1]=c2;
1070 addx c_1,%g0,c_1 !=
1071
1072 umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1073 addcc c_3,t_1,c_3
1074 rd %y,t_2
1075 addxcc c_1,t_2,c_1 !=
1076 addx %g0,%g0,c_2
1077 addcc c_3,t_1,c_3
1078 addxcc c_1,t_2,c_1
1079 addx c_2,%g0,c_2 !=
1080 ld ap(3),a_3
1081 umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1082 addcc c_3,t_1,c_3
1083 rd %y,t_2 !=
1084 addxcc c_1,t_2,c_1
1085 addx c_2,%g0,c_2
1086 st c_3,rp(2) !r[2]=c3;
1087
1088 umul a_0,a_3,t_1 !=!sqr_add_c2(a,3,0,c1,c2,c3);
1089 addcc c_1,t_1,c_1
1090 rd %y,t_2
1091 addxcc c_2,t_2,c_2
1092 addx %g0,%g0,c_3 !=
1093 addcc c_1,t_1,c_1
1094 addxcc c_2,t_2,c_2
1095 ld ap(4),a_4
1096 addx c_3,%g0,c_3 !=
1097 umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1098 addcc c_1,t_1,c_1
1099 rd %y,t_2
1100 addxcc c_2,t_2,c_2 !=
1101 addx c_3,%g0,c_3
1102 addcc c_1,t_1,c_1
1103 addxcc c_2,t_2,c_2
1104 addx c_3,%g0,c_3 !=
1105 st c_1,rp(3) !r[3]=c1;
1106
1107 umul a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
1108 addcc c_2,t_1,c_2
1109 rd %y,t_2 !=
1110 addxcc c_3,t_2,c_3
1111 addx %g0,%g0,c_1
1112 addcc c_2,t_1,c_2
1113 addxcc c_3,t_2,c_3 !=
1114 addx c_1,%g0,c_1
1115 umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1116 addcc c_2,t_1,c_2
1117 rd %y,t_2 !=
1118 addxcc c_3,t_2,c_3
1119 addx c_1,%g0,c_1
1120 addcc c_2,t_1,c_2
1121 addxcc c_3,t_2,c_3 !=
1122 addx c_1,%g0,c_1
1123 ld ap(5),a_5
1124 umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1125 addcc c_2,t_1,c_2 !=
1126 rd %y,t_2
1127 addxcc c_3,t_2,c_3
1128 st c_2,rp(4) !r[4]=c2;
1129 addx c_1,%g0,c_1 !=
1130
1131 umul a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
1132 addcc c_3,t_1,c_3
1133 rd %y,t_2
1134 addxcc c_1,t_2,c_1 !=
1135 addx %g0,%g0,c_2
1136 addcc c_3,t_1,c_3
1137 addxcc c_1,t_2,c_1
1138 addx c_2,%g0,c_2 !=
1139 umul a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
1140 addcc c_3,t_1,c_3
1141 rd %y,t_2
1142 addxcc c_1,t_2,c_1 !=
1143 addx c_2,%g0,c_2
1144 addcc c_3,t_1,c_3
1145 addxcc c_1,t_2,c_1
1146 addx c_2,%g0,c_2 !=
1147 ld ap(6),a_6
1148 umul a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1149 addcc c_3,t_1,c_3
1150 rd %y,t_2 !=
1151 addxcc c_1,t_2,c_1
1152 addx c_2,%g0,c_2
1153 addcc c_3,t_1,c_3
1154 addxcc c_1,t_2,c_1 !=
1155 addx c_2,%g0,c_2
1156 st c_3,rp(5) !r[5]=c3;
1157
1158 umul a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
1159 addcc c_1,t_1,c_1 !=
1160 rd %y,t_2
1161 addxcc c_2,t_2,c_2
1162 addx %g0,%g0,c_3
1163 addcc c_1,t_1,c_1 !=
1164 addxcc c_2,t_2,c_2
1165 addx c_3,%g0,c_3
1166 umul a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
1167 addcc c_1,t_1,c_1 !=
1168 rd %y,t_2
1169 addxcc c_2,t_2,c_2
1170 addx c_3,%g0,c_3
1171 addcc c_1,t_1,c_1 !=
1172 addxcc c_2,t_2,c_2
1173 addx c_3,%g0,c_3
1174 umul a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
1175 addcc c_1,t_1,c_1 !=
1176 rd %y,t_2
1177 addxcc c_2,t_2,c_2
1178 addx c_3,%g0,c_3
1179 addcc c_1,t_1,c_1 !=
1180 addxcc c_2,t_2,c_2
1181 addx c_3,%g0,c_3
1182 ld ap(7),a_7
1183 umul a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
1184 addcc c_1,t_1,c_1
1185 rd %y,t_2
1186 addxcc c_2,t_2,c_2
1187 addx c_3,%g0,c_3 !=
1188 st c_1,rp(6) !r[6]=c1;
1189
1190 umul a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
1191 addcc c_2,t_1,c_2
1192 rd %y,t_2 !=
1193 addxcc c_3,t_2,c_3
1194 addx %g0,%g0,c_1
1195 addcc c_2,t_1,c_2
1196 addxcc c_3,t_2,c_3 !=
1197 addx c_1,%g0,c_1
1198 umul a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
1199 addcc c_2,t_1,c_2
1200 rd %y,t_2 !=
1201 addxcc c_3,t_2,c_3
1202 addx c_1,%g0,c_1
1203 addcc c_2,t_1,c_2
1204 addxcc c_3,t_2,c_3 !=
1205 addx c_1,%g0,c_1
1206 umul a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
1207 addcc c_2,t_1,c_2
1208 rd %y,t_2 !=
1209 addxcc c_3,t_2,c_3
1210 addx c_1,%g0,c_1
1211 addcc c_2,t_1,c_2
1212 addxcc c_3,t_2,c_3 !=
1213 addx c_1,%g0,c_1
1214 umul a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
1215 addcc c_2,t_1,c_2
1216 rd %y,t_2 !=
1217 addxcc c_3,t_2,c_3
1218 addx c_1,%g0,c_1
1219 addcc c_2,t_1,c_2
1220 addxcc c_3,t_2,c_3 !=
1221 addx c_1,%g0,c_1
1222 st c_2,rp(7) !r[7]=c2;
1223
1224 umul a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
1225 addcc c_3,t_1,c_3 !=
1226 rd %y,t_2
1227 addxcc c_1,t_2,c_1
1228 addx %g0,%g0,c_2
1229 addcc c_3,t_1,c_3 !=
1230 addxcc c_1,t_2,c_1
1231 addx c_2,%g0,c_2
1232 umul a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
1233 addcc c_3,t_1,c_3 !=
1234 rd %y,t_2
1235 addxcc c_1,t_2,c_1
1236 addx c_2,%g0,c_2
1237 addcc c_3,t_1,c_3 !=
1238 addxcc c_1,t_2,c_1
1239 addx c_2,%g0,c_2
1240 umul a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
1241 addcc c_3,t_1,c_3 !=
1242 rd %y,t_2
1243 addxcc c_1,t_2,c_1
1244 addx c_2,%g0,c_2
1245 addcc c_3,t_1,c_3 !=
1246 addxcc c_1,t_2,c_1
1247 addx c_2,%g0,c_2
1248 umul a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
1249 addcc c_3,t_1,c_3 !=
1250 rd %y,t_2
1251 addxcc c_1,t_2,c_1
1252 st c_3,rp(8) !r[8]=c3;
1253 addx c_2,%g0,c_2 !=
1254
1255 umul a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
1256 addcc c_1,t_1,c_1
1257 rd %y,t_2
1258 addxcc c_2,t_2,c_2 !=
1259 addx %g0,%g0,c_3
1260 addcc c_1,t_1,c_1
1261 addxcc c_2,t_2,c_2
1262 addx c_3,%g0,c_3 !=
1263 umul a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
1264 addcc c_1,t_1,c_1
1265 rd %y,t_2
1266 addxcc c_2,t_2,c_2 !=
1267 addx c_3,%g0,c_3
1268 addcc c_1,t_1,c_1
1269 addxcc c_2,t_2,c_2
1270 addx c_3,%g0,c_3 !=
1271 umul a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
1272 addcc c_1,t_1,c_1
1273 rd %y,t_2
1274 addxcc c_2,t_2,c_2 !=
1275 addx c_3,%g0,c_3
1276 addcc c_1,t_1,c_1
1277 addxcc c_2,t_2,c_2
1278 addx c_3,%g0,c_3 !=
1279 st c_1,rp(9) !r[9]=c1;
1280
1281 umul a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
1282 addcc c_2,t_1,c_2
1283 rd %y,t_2 !=
1284 addxcc c_3,t_2,c_3
1285 addx %g0,%g0,c_1
1286 addcc c_2,t_1,c_2
1287 addxcc c_3,t_2,c_3 !=
1288 addx c_1,%g0,c_1
1289 umul a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
1290 addcc c_2,t_1,c_2
1291 rd %y,t_2 !=
1292 addxcc c_3,t_2,c_3
1293 addx c_1,%g0,c_1
1294 addcc c_2,t_1,c_2
1295 addxcc c_3,t_2,c_3 !=
1296 addx c_1,%g0,c_1
1297 umul a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
1298 addcc c_2,t_1,c_2
1299 rd %y,t_2 !=
1300 addxcc c_3,t_2,c_3
1301 addx c_1,%g0,c_1
1302 st c_2,rp(10) !r[10]=c2;
1303
1304 umul a_4,a_7,t_1 !=!sqr_add_c2(a,7,4,c3,c1,c2);
1305 addcc c_3,t_1,c_3
1306 rd %y,t_2
1307 addxcc c_1,t_2,c_1
1308 addx %g0,%g0,c_2 !=
1309 addcc c_3,t_1,c_3
1310 addxcc c_1,t_2,c_1
1311 addx c_2,%g0,c_2
1312 umul a_5,a_6,t_1 !=!sqr_add_c2(a,6,5,c3,c1,c2);
1313 addcc c_3,t_1,c_3
1314 rd %y,t_2
1315 addxcc c_1,t_2,c_1
1316 addx c_2,%g0,c_2 !=
1317 addcc c_3,t_1,c_3
1318 addxcc c_1,t_2,c_1
1319 st c_3,rp(11) !r[11]=c3;
1320 addx c_2,%g0,c_2 !=
1321
1322 umul a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
1323 addcc c_1,t_1,c_1
1324 rd %y,t_2
1325 addxcc c_2,t_2,c_2 !=
1326 addx %g0,%g0,c_3
1327 addcc c_1,t_1,c_1
1328 addxcc c_2,t_2,c_2
1329 addx c_3,%g0,c_3 !=
1330 umul a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
1331 addcc c_1,t_1,c_1
1332 rd %y,t_2
1333 addxcc c_2,t_2,c_2 !=
1334 addx c_3,%g0,c_3
1335 st c_1,rp(12) !r[12]=c1;
1336
1337 umul a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
1338 addcc c_2,t_1,c_2 !=
1339 rd %y,t_2
1340 addxcc c_3,t_2,c_3
1341 addx %g0,%g0,c_1
1342 addcc c_2,t_1,c_2 !=
1343 addxcc c_3,t_2,c_3
1344 st c_2,rp(13) !r[13]=c2;
1345 addx c_1,%g0,c_1 !=
1346
1347 umul a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
1348 addcc c_3,t_1,c_3
1349 rd %y,t_2
1350 addxcc c_1,t_2,c_1 !=
1351 st c_3,rp(14) !r[14]=c3;
1352 st c_1,rp(15) !r[15]=c1;
1353
1354 ret
1355 restore %g0,%g0,%o0
1356
1357.type bn_sqr_comba8,#function
1358.size bn_sqr_comba8,(.-bn_sqr_comba8)
1359
1360.align 32
1361
1362.global bn_sqr_comba4
1363/*
1364 * void bn_sqr_comba4(r,a)
1365 * BN_ULONG *r,*a;
1366 */
1367bn_sqr_comba4:
1368 save %sp,FRAME_SIZE,%sp
1369 ld ap(0),a_0
1370 umul a_0,a_0,c_1 !sqr_add_c(a,0,c1,c2,c3);
1371 ld ap(1),a_1 !=
1372 rd %y,c_2
1373 st c_1,rp(0) !r[0]=c1;
1374
1375 ld ap(2),a_2
1376 umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1377 addcc c_2,t_1,c_2
1378 rd %y,t_2
1379 addxcc %g0,t_2,c_3
1380 addx %g0,%g0,c_1 !=
1381 addcc c_2,t_1,c_2
1382 addxcc c_3,t_2,c_3
1383 addx c_1,%g0,c_1 !=
1384 st c_2,rp(1) !r[1]=c2;
1385
1386 umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1387 addcc c_3,t_1,c_3
1388 rd %y,t_2 !=
1389 addxcc c_1,t_2,c_1
1390 addx %g0,%g0,c_2
1391 addcc c_3,t_1,c_3
1392 addxcc c_1,t_2,c_1 !=
1393 addx c_2,%g0,c_2
1394 ld ap(3),a_3
1395 umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1396 addcc c_3,t_1,c_3 !=
1397 rd %y,t_2
1398 addxcc c_1,t_2,c_1
1399 st c_3,rp(2) !r[2]=c3;
1400 addx c_2,%g0,c_2 !=
1401
1402 umul a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1403 addcc c_1,t_1,c_1
1404 rd %y,t_2
1405 addxcc c_2,t_2,c_2 !=
1406 addx %g0,%g0,c_3
1407 addcc c_1,t_1,c_1
1408 addxcc c_2,t_2,c_2
1409 addx c_3,%g0,c_3 !=
1410 umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1411 addcc c_1,t_1,c_1
1412 rd %y,t_2
1413 addxcc c_2,t_2,c_2 !=
1414 addx c_3,%g0,c_3
1415 addcc c_1,t_1,c_1
1416 addxcc c_2,t_2,c_2
1417 addx c_3,%g0,c_3 !=
1418 st c_1,rp(3) !r[3]=c1;
1419
1420 umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1421 addcc c_2,t_1,c_2
1422 rd %y,t_2 !=
1423 addxcc c_3,t_2,c_3
1424 addx %g0,%g0,c_1
1425 addcc c_2,t_1,c_2
1426 addxcc c_3,t_2,c_3 !=
1427 addx c_1,%g0,c_1
1428 umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1429 addcc c_2,t_1,c_2
1430 rd %y,t_2 !=
1431 addxcc c_3,t_2,c_3
1432 addx c_1,%g0,c_1
1433 st c_2,rp(4) !r[4]=c2;
1434
1435 umul a_2,a_3,t_1 !=!sqr_add_c2(a,3,2,c3,c1,c2);
1436 addcc c_3,t_1,c_3
1437 rd %y,t_2
1438 addxcc c_1,t_2,c_1
1439 addx %g0,%g0,c_2 !=
1440 addcc c_3,t_1,c_3
1441 addxcc c_1,t_2,c_1
1442 st c_3,rp(5) !r[5]=c3;
1443 addx c_2,%g0,c_2 !=
1444
1445 umul a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
1446 addcc c_1,t_1,c_1
1447 rd %y,t_2
1448 addxcc c_2,t_2,c_2 !=
1449 st c_1,rp(6) !r[6]=c1;
1450 st c_2,rp(7) !r[7]=c2;
1451
1452 ret
1453 restore %g0,%g0,%o0
1454
1455.type bn_sqr_comba4,#function
1456.size bn_sqr_comba4,(.-bn_sqr_comba4)
1457
1458.align 32
diff --git a/src/lib/libcrypto/bn/asm/sparcv8plus.S b/src/lib/libcrypto/bn/asm/sparcv8plus.S
deleted file mode 100644
index 0074dfdb75..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8plus.S
+++ /dev/null
@@ -1,1535 +0,0 @@
1.ident "sparcv8plus.s, Version 1.4"
2.ident "SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
3
4/*
5 * ====================================================================
6 * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
7 * project.
8 *
9 * Rights for redistribution and usage in source and binary forms are
10 * granted according to the OpenSSL license. Warranty of any kind is
11 * disclaimed.
12 * ====================================================================
13 */
14
15/*
16 * This is my modest contributon to OpenSSL project (see
17 * http://www.openssl.org/ for more information about it) and is
18 * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
19 * module. For updates see http://fy.chalmers.se/~appro/hpe/.
20 *
21 * Questions-n-answers.
22 *
23 * Q. How to compile?
24 * A. With SC4.x/SC5.x:
25 *
26 * cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
27 *
28 * and with gcc:
29 *
30 * gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
31 *
32 * or if above fails (it does if you have gas installed):
33 *
34 * gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
35 *
36 * Quick-n-dirty way to fuse the module into the library.
37 * Provided that the library is already configured and built
38 * (in 0.9.2 case with no-asm option):
39 *
40 * # cd crypto/bn
41 * # cp /some/place/bn_asm.sparc.v8plus.S .
42 * # cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
43 * # make
44 * # cd ../..
45 * # make; make test
46 *
47 * Quick-n-dirty way to get rid of it:
48 *
49 * # cd crypto/bn
50 * # touch bn_asm.c
51 * # make
52 * # cd ../..
53 * # make; make test
54 *
55 * Q. V8plus achitecture? What kind of beast is that?
56 * A. Well, it's rather a programming model than an architecture...
57 * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
58 * special conditions, namely when kernel doesn't preserve upper
59 * 32 bits of otherwise 64-bit registers during a context switch.
60 *
61 * Q. Why just UltraSPARC? What about SuperSPARC?
62 * A. Original release did target UltraSPARC only. Now SuperSPARC
63 * version is provided along. Both version share bn_*comba[48]
64 * implementations (see comment later in code for explanation).
65 * But what's so special about this UltraSPARC implementation?
66 * Why didn't I let compiler do the job? Trouble is that most of
67 * available compilers (well, SC5.0 is the only exception) don't
68 * attempt to take advantage of UltraSPARC's 64-bitness under
69 * 32-bit kernels even though it's perfectly possible (see next
70 * question).
71 *
72 * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
73 * doesn't work?
74 * A. You can't adress *all* registers as 64-bit wide:-( The catch is
75 * that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
76 * preserved if you're in a leaf function, i.e. such never calling
77 * any other functions. All functions in this module are leaf and
78 * 10 registers is a handful. And as a matter of fact none-"comba"
79 * routines don't require even that much and I could even afford to
80 * not allocate own stack frame for 'em:-)
81 *
82 * Q. What about 64-bit kernels?
83 * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
84 * under evaluation and development...
85 *
86 * Q. What about shared libraries?
87 * A. What about 'em? Kidding again:-) Code does *not* contain any
88 * code position dependencies and it's safe to include it into
89 * shared library as is.
90 *
91 * Q. How much faster does it go?
92 * A. Do you have a good benchmark? In either case below is what I
93 * experience with crypto/bn/expspeed.c test program:
94 *
95 * v8plus module on U10/300MHz against bn_asm.c compiled with:
96 *
97 * cc-5.0 -xarch=v8plus -xO5 -xdepend +7-12%
98 * cc-4.2 -xarch=v8plus -xO5 -xdepend +25-35%
99 * egcs-1.1.2 -mcpu=ultrasparc -O3 +35-45%
100 *
101 * v8 module on SS10/60MHz against bn_asm.c compiled with:
102 *
103 * cc-5.0 -xarch=v8 -xO5 -xdepend +7-10%
104 * cc-4.2 -xarch=v8 -xO5 -xdepend +10%
105 * egcs-1.1.2 -mv8 -O3 +35-45%
106 *
107 * As you can see it's damn hard to beat the new Sun C compiler
108 * and it's in first place GNU C users who will appreciate this
109 * assembler implementation:-)
110 */
111
112/*
113 * Revision history.
114 *
115 * 1.0 - initial release;
116 * 1.1 - new loop unrolling model(*);
117 * - some more fine tuning;
118 * 1.2 - made gas friendly;
119 * - updates to documentation concerning v9;
120 * - new performance comparison matrix;
121 * 1.3 - fixed problem with /usr/ccs/lib/cpp;
122 * 1.4 - native V9 bn_*_comba[48] implementation (15% more efficient)
123 * resulting in slight overall performance kick;
124 * - some retunes;
125 * - support for GNU as added;
126 *
127 * (*) Originally unrolled loop looked like this:
128 * for (;;) {
129 * op(p+0); if (--n==0) break;
130 * op(p+1); if (--n==0) break;
131 * op(p+2); if (--n==0) break;
132 * op(p+3); if (--n==0) break;
133 * p+=4;
134 * }
135 * I unroll according to following:
136 * while (n&~3) {
137 * op(p+0); op(p+1); op(p+2); op(p+3);
138 * p+=4; n=-4;
139 * }
140 * if (n) {
141 * op(p+0); if (--n==0) return;
142 * op(p+2); if (--n==0) return;
143 * op(p+3); return;
144 * }
145 */
146
147/*
148 * GNU assembler can't stand stuw:-(
149 */
150#define stuw st
151
152.section ".text",#alloc,#execinstr
153.file "bn_asm.sparc.v8plus.S"
154
155.align 32
156
157.global bn_mul_add_words
158/*
159 * BN_ULONG bn_mul_add_words(rp,ap,num,w)
160 * BN_ULONG *rp,*ap;
161 * int num;
162 * BN_ULONG w;
163 */
164bn_mul_add_words:
165 brgz,a %o2,.L_bn_mul_add_words_proceed
166 lduw [%o1],%g2
167 retl
168 clr %o0
169
170.L_bn_mul_add_words_proceed:
171 srl %o3,%g0,%o3 ! clruw %o3
172 andcc %o2,-4,%g0
173 bz,pn %icc,.L_bn_mul_add_words_tail
174 clr %o5
175
176.L_bn_mul_add_words_loop: ! wow! 32 aligned!
177 lduw [%o0],%g1
178 lduw [%o1+4],%g3
179 mulx %o3,%g2,%g2
180 add %g1,%o5,%o4
181 nop
182 add %o4,%g2,%o4
183 stuw %o4,[%o0]
184 srlx %o4,32,%o5
185
186 lduw [%o0+4],%g1
187 lduw [%o1+8],%g2
188 mulx %o3,%g3,%g3
189 add %g1,%o5,%o4
190 dec 4,%o2
191 add %o4,%g3,%o4
192 stuw %o4,[%o0+4]
193 srlx %o4,32,%o5
194
195 lduw [%o0+8],%g1
196 lduw [%o1+12],%g3
197 mulx %o3,%g2,%g2
198 add %g1,%o5,%o4
199 inc 16,%o1
200 add %o4,%g2,%o4
201 stuw %o4,[%o0+8]
202 srlx %o4,32,%o5
203
204 lduw [%o0+12],%g1
205 mulx %o3,%g3,%g3
206 add %g1,%o5,%o4
207 inc 16,%o0
208 add %o4,%g3,%o4
209 andcc %o2,-4,%g0
210 stuw %o4,[%o0-4]
211 srlx %o4,32,%o5
212 bnz,a,pt %icc,.L_bn_mul_add_words_loop
213 lduw [%o1],%g2
214
215 brnz,a,pn %o2,.L_bn_mul_add_words_tail
216 lduw [%o1],%g2
217.L_bn_mul_add_words_return:
218 retl
219 mov %o5,%o0
220
221.L_bn_mul_add_words_tail:
222 lduw [%o0],%g1
223 mulx %o3,%g2,%g2
224 add %g1,%o5,%o4
225 dec %o2
226 add %o4,%g2,%o4
227 srlx %o4,32,%o5
228 brz,pt %o2,.L_bn_mul_add_words_return
229 stuw %o4,[%o0]
230
231 lduw [%o1+4],%g2
232 lduw [%o0+4],%g1
233 mulx %o3,%g2,%g2
234 add %g1,%o5,%o4
235 dec %o2
236 add %o4,%g2,%o4
237 srlx %o4,32,%o5
238 brz,pt %o2,.L_bn_mul_add_words_return
239 stuw %o4,[%o0+4]
240
241 lduw [%o1+8],%g2
242 lduw [%o0+8],%g1
243 mulx %o3,%g2,%g2
244 add %g1,%o5,%o4
245 add %o4,%g2,%o4
246 stuw %o4,[%o0+8]
247 retl
248 srlx %o4,32,%o0
249
250.type bn_mul_add_words,#function
251.size bn_mul_add_words,(.-bn_mul_add_words)
252
253.align 32
254
255.global bn_mul_words
256/*
257 * BN_ULONG bn_mul_words(rp,ap,num,w)
258 * BN_ULONG *rp,*ap;
259 * int num;
260 * BN_ULONG w;
261 */
262bn_mul_words:
263 brgz,a %o2,.L_bn_mul_words_proceeed
264 lduw [%o1],%g2
265 retl
266 clr %o0
267
268.L_bn_mul_words_proceeed:
269 srl %o3,%g0,%o3 ! clruw %o3
270 andcc %o2,-4,%g0
271 bz,pn %icc,.L_bn_mul_words_tail
272 clr %o5
273
274.L_bn_mul_words_loop: ! wow! 32 aligned!
275 lduw [%o1+4],%g3
276 mulx %o3,%g2,%g2
277 add %g2,%o5,%o4
278 nop
279 stuw %o4,[%o0]
280 srlx %o4,32,%o5
281
282 lduw [%o1+8],%g2
283 mulx %o3,%g3,%g3
284 add %g3,%o5,%o4
285 dec 4,%o2
286 stuw %o4,[%o0+4]
287 srlx %o4,32,%o5
288
289 lduw [%o1+12],%g3
290 mulx %o3,%g2,%g2
291 add %g2,%o5,%o4
292 inc 16,%o1
293 stuw %o4,[%o0+8]
294 srlx %o4,32,%o5
295
296 mulx %o3,%g3,%g3
297 add %g3,%o5,%o4
298 inc 16,%o0
299 stuw %o4,[%o0-4]
300 srlx %o4,32,%o5
301 andcc %o2,-4,%g0
302 bnz,a,pt %icc,.L_bn_mul_words_loop
303 lduw [%o1],%g2
304 nop
305 nop
306
307 brnz,a,pn %o2,.L_bn_mul_words_tail
308 lduw [%o1],%g2
309.L_bn_mul_words_return:
310 retl
311 mov %o5,%o0
312
313.L_bn_mul_words_tail:
314 mulx %o3,%g2,%g2
315 add %g2,%o5,%o4
316 dec %o2
317 srlx %o4,32,%o5
318 brz,pt %o2,.L_bn_mul_words_return
319 stuw %o4,[%o0]
320
321 lduw [%o1+4],%g2
322 mulx %o3,%g2,%g2
323 add %g2,%o5,%o4
324 dec %o2
325 srlx %o4,32,%o5
326 brz,pt %o2,.L_bn_mul_words_return
327 stuw %o4,[%o0+4]
328
329 lduw [%o1+8],%g2
330 mulx %o3,%g2,%g2
331 add %g2,%o5,%o4
332 stuw %o4,[%o0+8]
333 retl
334 srlx %o4,32,%o0
335
336.type bn_mul_words,#function
337.size bn_mul_words,(.-bn_mul_words)
338
339.align 32
340.global bn_sqr_words
341/*
342 * void bn_sqr_words(r,a,n)
343 * BN_ULONG *r,*a;
344 * int n;
345 */
346bn_sqr_words:
347 brgz,a %o2,.L_bn_sqr_words_proceeed
348 lduw [%o1],%g2
349 retl
350 clr %o0
351
352.L_bn_sqr_words_proceeed:
353 andcc %o2,-4,%g0
354 nop
355 bz,pn %icc,.L_bn_sqr_words_tail
356 nop
357
358.L_bn_sqr_words_loop: ! wow! 32 aligned!
359 lduw [%o1+4],%g3
360 mulx %g2,%g2,%o4
361 stuw %o4,[%o0]
362 srlx %o4,32,%o5
363 stuw %o5,[%o0+4]
364 nop
365
366 lduw [%o1+8],%g2
367 mulx %g3,%g3,%o4
368 dec 4,%o2
369 stuw %o4,[%o0+8]
370 srlx %o4,32,%o5
371 stuw %o5,[%o0+12]
372
373 lduw [%o1+12],%g3
374 mulx %g2,%g2,%o4
375 srlx %o4,32,%o5
376 stuw %o4,[%o0+16]
377 inc 16,%o1
378 stuw %o5,[%o0+20]
379
380 mulx %g3,%g3,%o4
381 inc 32,%o0
382 stuw %o4,[%o0-8]
383 srlx %o4,32,%o5
384 andcc %o2,-4,%g2
385 stuw %o5,[%o0-4]
386 bnz,a,pt %icc,.L_bn_sqr_words_loop
387 lduw [%o1],%g2
388 nop
389
390 brnz,a,pn %o2,.L_bn_sqr_words_tail
391 lduw [%o1],%g2
392.L_bn_sqr_words_return:
393 retl
394 clr %o0
395
396.L_bn_sqr_words_tail:
397 mulx %g2,%g2,%o4
398 dec %o2
399 stuw %o4,[%o0]
400 srlx %o4,32,%o5
401 brz,pt %o2,.L_bn_sqr_words_return
402 stuw %o5,[%o0+4]
403
404 lduw [%o1+4],%g2
405 mulx %g2,%g2,%o4
406 dec %o2
407 stuw %o4,[%o0+8]
408 srlx %o4,32,%o5
409 brz,pt %o2,.L_bn_sqr_words_return
410 stuw %o5,[%o0+12]
411
412 lduw [%o1+8],%g2
413 mulx %g2,%g2,%o4
414 srlx %o4,32,%o5
415 stuw %o4,[%o0+16]
416 stuw %o5,[%o0+20]
417 retl
418 clr %o0
419
420.type bn_sqr_words,#function
421.size bn_sqr_words,(.-bn_sqr_words)
422
423.align 32
424.global bn_div_words
425/*
426 * BN_ULONG bn_div_words(h,l,d)
427 * BN_ULONG h,l,d;
428 */
429bn_div_words:
430 sllx %o0,32,%o0
431 or %o0,%o1,%o0
432 udivx %o0,%o2,%o0
433 retl
434 srl %o0,%g0,%o0 ! clruw %o0
435
436.type bn_div_words,#function
437.size bn_div_words,(.-bn_div_words)
438
439.align 32
440
441.global bn_add_words
442/*
443 * BN_ULONG bn_add_words(rp,ap,bp,n)
444 * BN_ULONG *rp,*ap,*bp;
445 * int n;
446 */
447bn_add_words:
448 brgz,a %o3,.L_bn_add_words_proceed
449 lduw [%o1],%o4
450 retl
451 clr %o0
452
453.L_bn_add_words_proceed:
454 andcc %o3,-4,%g0
455 bz,pn %icc,.L_bn_add_words_tail
456 addcc %g0,0,%g0 ! clear carry flag
457 nop
458
459.L_bn_add_words_loop: ! wow! 32 aligned!
460 dec 4,%o3
461 lduw [%o2],%o5
462 lduw [%o1+4],%g1
463 lduw [%o2+4],%g2
464 lduw [%o1+8],%g3
465 lduw [%o2+8],%g4
466 addccc %o5,%o4,%o5
467 stuw %o5,[%o0]
468
469 lduw [%o1+12],%o4
470 lduw [%o2+12],%o5
471 inc 16,%o1
472 addccc %g1,%g2,%g1
473 stuw %g1,[%o0+4]
474
475 inc 16,%o2
476 addccc %g3,%g4,%g3
477 stuw %g3,[%o0+8]
478
479 inc 16,%o0
480 addccc %o5,%o4,%o5
481 stuw %o5,[%o0-4]
482 and %o3,-4,%g1
483 brnz,a,pt %g1,.L_bn_add_words_loop
484 lduw [%o1],%o4
485
486 brnz,a,pn %o3,.L_bn_add_words_tail
487 lduw [%o1],%o4
488.L_bn_add_words_return:
489 clr %o0
490 retl
491 movcs %icc,1,%o0
492 nop
493
494.L_bn_add_words_tail:
495 lduw [%o2],%o5
496 dec %o3
497 addccc %o5,%o4,%o5
498 brz,pt %o3,.L_bn_add_words_return
499 stuw %o5,[%o0]
500
501 lduw [%o1+4],%o4
502 lduw [%o2+4],%o5
503 dec %o3
504 addccc %o5,%o4,%o5
505 brz,pt %o3,.L_bn_add_words_return
506 stuw %o5,[%o0+4]
507
508 lduw [%o1+8],%o4
509 lduw [%o2+8],%o5
510 addccc %o5,%o4,%o5
511 stuw %o5,[%o0+8]
512 clr %o0
513 retl
514 movcs %icc,1,%o0
515
516.type bn_add_words,#function
517.size bn_add_words,(.-bn_add_words)
518
519.global bn_sub_words
520/*
521 * BN_ULONG bn_sub_words(rp,ap,bp,n)
522 * BN_ULONG *rp,*ap,*bp;
523 * int n;
524 */
525bn_sub_words:
526 brgz,a %o3,.L_bn_sub_words_proceed
527 lduw [%o1],%o4
528 retl
529 clr %o0
530
531.L_bn_sub_words_proceed:
532 andcc %o3,-4,%g0
533 bz,pn %icc,.L_bn_sub_words_tail
534 addcc %g0,0,%g0 ! clear carry flag
535 nop
536
537.L_bn_sub_words_loop: ! wow! 32 aligned!
538 dec 4,%o3
539 lduw [%o2],%o5
540 lduw [%o1+4],%g1
541 lduw [%o2+4],%g2
542 lduw [%o1+8],%g3
543 lduw [%o2+8],%g4
544 subccc %o4,%o5,%o5
545 stuw %o5,[%o0]
546
547 lduw [%o1+12],%o4
548 lduw [%o2+12],%o5
549 inc 16,%o1
550 subccc %g1,%g2,%g2
551 stuw %g2,[%o0+4]
552
553 inc 16,%o2
554 subccc %g3,%g4,%g4
555 stuw %g4,[%o0+8]
556
557 inc 16,%o0
558 subccc %o4,%o5,%o5
559 stuw %o5,[%o0-4]
560 and %o3,-4,%g1
561 brnz,a,pt %g1,.L_bn_sub_words_loop
562 lduw [%o1],%o4
563
564 brnz,a,pn %o3,.L_bn_sub_words_tail
565 lduw [%o1],%o4
566.L_bn_sub_words_return:
567 clr %o0
568 retl
569 movcs %icc,1,%o0
570 nop
571
572.L_bn_sub_words_tail: ! wow! 32 aligned!
573 lduw [%o2],%o5
574 dec %o3
575 subccc %o4,%o5,%o5
576 brz,pt %o3,.L_bn_sub_words_return
577 stuw %o5,[%o0]
578
579 lduw [%o1+4],%o4
580 lduw [%o2+4],%o5
581 dec %o3
582 subccc %o4,%o5,%o5
583 brz,pt %o3,.L_bn_sub_words_return
584 stuw %o5,[%o0+4]
585
586 lduw [%o1+8],%o4
587 lduw [%o2+8],%o5
588 subccc %o4,%o5,%o5
589 stuw %o5,[%o0+8]
590 clr %o0
591 retl
592 movcs %icc,1,%o0
593
594.type bn_sub_words,#function
595.size bn_sub_words,(.-bn_sub_words)
596
597/*
598 * Code below depends on the fact that upper parts of the %l0-%l7
599 * and %i0-%i7 are zeroed by kernel after context switch. In
600 * previous versions this comment stated that "the trouble is that
601 * it's not feasible to implement the mumbo-jumbo in less V9
602 * instructions:-(" which apparently isn't true thanks to
603 * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
604 * results not from the shorter code, but from elimination of
605 * multicycle none-pairable 'rd %y,%rd' instructions.
606 *
607 * Andy.
608 */
609
610#define FRAME_SIZE -96
611
612/*
613 * Here is register usage map for *all* routines below.
614 */
615#define t_1 %o0
616#define t_2 %o1
617#define c_12 %o2
618#define c_3 %o3
619
620#define ap(I) [%i1+4*I]
621#define bp(I) [%i2+4*I]
622#define rp(I) [%i0+4*I]
623
624#define a_0 %l0
625#define a_1 %l1
626#define a_2 %l2
627#define a_3 %l3
628#define a_4 %l4
629#define a_5 %l5
630#define a_6 %l6
631#define a_7 %l7
632
633#define b_0 %i3
634#define b_1 %i4
635#define b_2 %i5
636#define b_3 %o4
637#define b_4 %o5
638#define b_5 %o7
639#define b_6 %g1
640#define b_7 %g4
641
642.align 32
643.global bn_mul_comba8
644/*
645 * void bn_mul_comba8(r,a,b)
646 * BN_ULONG *r,*a,*b;
647 */
648bn_mul_comba8:
649 save %sp,FRAME_SIZE,%sp
650 mov 1,t_2
651 lduw ap(0),a_0
652 sllx t_2,32,t_2
653 lduw bp(0),b_0 !=
654 lduw bp(1),b_1
655 mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
656 srlx t_1,32,c_12
657 stuw t_1,rp(0) !=!r[0]=c1;
658
659 lduw ap(1),a_1
660 mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
661 addcc c_12,t_1,c_12
662 clr c_3 !=
663 bcs,a %xcc,.+8
664 add c_3,t_2,c_3
665 lduw ap(2),a_2
666 mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
667 addcc c_12,t_1,t_1
668 bcs,a %xcc,.+8
669 add c_3,t_2,c_3
670 srlx t_1,32,c_12 !=
671 stuw t_1,rp(1) !r[1]=c2;
672 or c_12,c_3,c_12
673
674 mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
675 addcc c_12,t_1,c_12 !=
676 clr c_3
677 bcs,a %xcc,.+8
678 add c_3,t_2,c_3
679 lduw bp(2),b_2 !=
680 mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
681 addcc c_12,t_1,c_12
682 bcs,a %xcc,.+8
683 add c_3,t_2,c_3 !=
684 lduw bp(3),b_3
685 mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
686 addcc c_12,t_1,t_1
687 bcs,a %xcc,.+8 !=
688 add c_3,t_2,c_3
689 srlx t_1,32,c_12
690 stuw t_1,rp(2) !r[2]=c3;
691 or c_12,c_3,c_12 !=
692
693 mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
694 addcc c_12,t_1,c_12
695 clr c_3
696 bcs,a %xcc,.+8 !=
697 add c_3,t_2,c_3
698 mulx a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
699 addcc c_12,t_1,c_12
700 bcs,a %xcc,.+8 !=
701 add c_3,t_2,c_3
702 lduw ap(3),a_3
703 mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
704 addcc c_12,t_1,c_12 !=
705 bcs,a %xcc,.+8
706 add c_3,t_2,c_3
707 lduw ap(4),a_4
708 mulx a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);!=
709 addcc c_12,t_1,t_1
710 bcs,a %xcc,.+8
711 add c_3,t_2,c_3
712 srlx t_1,32,c_12 !=
713 stuw t_1,rp(3) !r[3]=c1;
714 or c_12,c_3,c_12
715
716 mulx a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
717 addcc c_12,t_1,c_12 !=
718 clr c_3
719 bcs,a %xcc,.+8
720 add c_3,t_2,c_3
721 mulx a_3,b_1,t_1 !=!mul_add_c(a[3],b[1],c2,c3,c1);
722 addcc c_12,t_1,c_12
723 bcs,a %xcc,.+8
724 add c_3,t_2,c_3
725 mulx a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
726 addcc c_12,t_1,c_12
727 bcs,a %xcc,.+8
728 add c_3,t_2,c_3
729 lduw bp(4),b_4 !=
730 mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
731 addcc c_12,t_1,c_12
732 bcs,a %xcc,.+8
733 add c_3,t_2,c_3 !=
734 lduw bp(5),b_5
735 mulx a_0,b_4,t_1 !mul_add_c(a[0],b[4],c2,c3,c1);
736 addcc c_12,t_1,t_1
737 bcs,a %xcc,.+8 !=
738 add c_3,t_2,c_3
739 srlx t_1,32,c_12
740 stuw t_1,rp(4) !r[4]=c2;
741 or c_12,c_3,c_12 !=
742
743 mulx a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
744 addcc c_12,t_1,c_12
745 clr c_3
746 bcs,a %xcc,.+8 !=
747 add c_3,t_2,c_3
748 mulx a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
749 addcc c_12,t_1,c_12
750 bcs,a %xcc,.+8 !=
751 add c_3,t_2,c_3
752 mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
753 addcc c_12,t_1,c_12
754 bcs,a %xcc,.+8 !=
755 add c_3,t_2,c_3
756 mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
757 addcc c_12,t_1,c_12
758 bcs,a %xcc,.+8 !=
759 add c_3,t_2,c_3
760 lduw ap(5),a_5
761 mulx a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
762 addcc c_12,t_1,c_12 !=
763 bcs,a %xcc,.+8
764 add c_3,t_2,c_3
765 lduw ap(6),a_6
766 mulx a_5,b_0,t_1 !=!mul_add_c(a[5],b[0],c3,c1,c2);
767 addcc c_12,t_1,t_1
768 bcs,a %xcc,.+8
769 add c_3,t_2,c_3
770 srlx t_1,32,c_12 !=
771 stuw t_1,rp(5) !r[5]=c3;
772 or c_12,c_3,c_12
773
774 mulx a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
775 addcc c_12,t_1,c_12 !=
776 clr c_3
777 bcs,a %xcc,.+8
778 add c_3,t_2,c_3
779 mulx a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
780 addcc c_12,t_1,c_12
781 bcs,a %xcc,.+8
782 add c_3,t_2,c_3
783 mulx a_4,b_2,t_1 !=!mul_add_c(a[4],b[2],c1,c2,c3);
784 addcc c_12,t_1,c_12
785 bcs,a %xcc,.+8
786 add c_3,t_2,c_3
787 mulx a_3,b_3,t_1 !=!mul_add_c(a[3],b[3],c1,c2,c3);
788 addcc c_12,t_1,c_12
789 bcs,a %xcc,.+8
790 add c_3,t_2,c_3
791 mulx a_2,b_4,t_1 !=!mul_add_c(a[2],b[4],c1,c2,c3);
792 addcc c_12,t_1,c_12
793 bcs,a %xcc,.+8
794 add c_3,t_2,c_3
795 lduw bp(6),b_6 !=
796 mulx a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
797 addcc c_12,t_1,c_12
798 bcs,a %xcc,.+8
799 add c_3,t_2,c_3 !=
800 lduw bp(7),b_7
801 mulx a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
802 addcc c_12,t_1,t_1
803 bcs,a %xcc,.+8 !=
804 add c_3,t_2,c_3
805 srlx t_1,32,c_12
806 stuw t_1,rp(6) !r[6]=c1;
807 or c_12,c_3,c_12 !=
808
809 mulx a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
810 addcc c_12,t_1,c_12
811 clr c_3
812 bcs,a %xcc,.+8 !=
813 add c_3,t_2,c_3
814 mulx a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
815 addcc c_12,t_1,c_12
816 bcs,a %xcc,.+8 !=
817 add c_3,t_2,c_3
818 mulx a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
819 addcc c_12,t_1,c_12
820 bcs,a %xcc,.+8 !=
821 add c_3,t_2,c_3
822 mulx a_3,b_4,t_1 !mul_add_c(a[3],b[4],c2,c3,c1);
823 addcc c_12,t_1,c_12
824 bcs,a %xcc,.+8 !=
825 add c_3,t_2,c_3
826 mulx a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
827 addcc c_12,t_1,c_12
828 bcs,a %xcc,.+8 !=
829 add c_3,t_2,c_3
830 mulx a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
831 addcc c_12,t_1,c_12
832 bcs,a %xcc,.+8 !=
833 add c_3,t_2,c_3
834 lduw ap(7),a_7
835 mulx a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
836 addcc c_12,t_1,c_12
837 bcs,a %xcc,.+8
838 add c_3,t_2,c_3
839 mulx a_7,b_0,t_1 !=!mul_add_c(a[7],b[0],c2,c3,c1);
840 addcc c_12,t_1,t_1
841 bcs,a %xcc,.+8
842 add c_3,t_2,c_3
843 srlx t_1,32,c_12 !=
844 stuw t_1,rp(7) !r[7]=c2;
845 or c_12,c_3,c_12
846
847 mulx a_7,b_1,t_1 !=!mul_add_c(a[7],b[1],c3,c1,c2);
848 addcc c_12,t_1,c_12
849 clr c_3
850 bcs,a %xcc,.+8
851 add c_3,t_2,c_3 !=
852 mulx a_6,b_2,t_1 !mul_add_c(a[6],b[2],c3,c1,c2);
853 addcc c_12,t_1,c_12
854 bcs,a %xcc,.+8
855 add c_3,t_2,c_3 !=
856 mulx a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
857 addcc c_12,t_1,c_12
858 bcs,a %xcc,.+8
859 add c_3,t_2,c_3 !=
860 mulx a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
861 addcc c_12,t_1,c_12
862 bcs,a %xcc,.+8
863 add c_3,t_2,c_3 !=
864 mulx a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
865 addcc c_12,t_1,c_12
866 bcs,a %xcc,.+8
867 add c_3,t_2,c_3 !=
868 mulx a_2,b_6,t_1 !mul_add_c(a[2],b[6],c3,c1,c2);
869 addcc c_12,t_1,c_12
870 bcs,a %xcc,.+8
871 add c_3,t_2,c_3 !=
872 mulx a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
873 addcc c_12,t_1,t_1
874 bcs,a %xcc,.+8
875 add c_3,t_2,c_3 !=
876 srlx t_1,32,c_12
877 stuw t_1,rp(8) !r[8]=c3;
878 or c_12,c_3,c_12
879
880 mulx a_2,b_7,t_1 !=!mul_add_c(a[2],b[7],c1,c2,c3);
881 addcc c_12,t_1,c_12
882 clr c_3
883 bcs,a %xcc,.+8
884 add c_3,t_2,c_3 !=
885 mulx a_3,b_6,t_1 !mul_add_c(a[3],b[6],c1,c2,c3);
886 addcc c_12,t_1,c_12
887 bcs,a %xcc,.+8 !=
888 add c_3,t_2,c_3
889 mulx a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
890 addcc c_12,t_1,c_12
891 bcs,a %xcc,.+8 !=
892 add c_3,t_2,c_3
893 mulx a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
894 addcc c_12,t_1,c_12
895 bcs,a %xcc,.+8 !=
896 add c_3,t_2,c_3
897 mulx a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
898 addcc c_12,t_1,c_12
899 bcs,a %xcc,.+8 !=
900 add c_3,t_2,c_3
901 mulx a_7,b_2,t_1 !mul_add_c(a[7],b[2],c1,c2,c3);
902 addcc c_12,t_1,t_1
903 bcs,a %xcc,.+8 !=
904 add c_3,t_2,c_3
905 srlx t_1,32,c_12
906 stuw t_1,rp(9) !r[9]=c1;
907 or c_12,c_3,c_12 !=
908
909 mulx a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
910 addcc c_12,t_1,c_12
911 clr c_3
912 bcs,a %xcc,.+8 !=
913 add c_3,t_2,c_3
914 mulx a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
915 addcc c_12,t_1,c_12
916 bcs,a %xcc,.+8 !=
917 add c_3,t_2,c_3
918 mulx a_5,b_5,t_1 !mul_add_c(a[5],b[5],c2,c3,c1);
919 addcc c_12,t_1,c_12
920 bcs,a %xcc,.+8 !=
921 add c_3,t_2,c_3
922 mulx a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
923 addcc c_12,t_1,c_12
924 bcs,a %xcc,.+8 !=
925 add c_3,t_2,c_3
926 mulx a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
927 addcc c_12,t_1,t_1
928 bcs,a %xcc,.+8 !=
929 add c_3,t_2,c_3
930 srlx t_1,32,c_12
931 stuw t_1,rp(10) !r[10]=c2;
932 or c_12,c_3,c_12 !=
933
934 mulx a_4,b_7,t_1 !mul_add_c(a[4],b[7],c3,c1,c2);
935 addcc c_12,t_1,c_12
936 clr c_3
937 bcs,a %xcc,.+8 !=
938 add c_3,t_2,c_3
939 mulx a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
940 addcc c_12,t_1,c_12
941 bcs,a %xcc,.+8 !=
942 add c_3,t_2,c_3
943 mulx a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
944 addcc c_12,t_1,c_12
945 bcs,a %xcc,.+8 !=
946 add c_3,t_2,c_3
947 mulx a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
948 addcc c_12,t_1,t_1
949 bcs,a %xcc,.+8 !=
950 add c_3,t_2,c_3
951 srlx t_1,32,c_12
952 stuw t_1,rp(11) !r[11]=c3;
953 or c_12,c_3,c_12 !=
954
955 mulx a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
956 addcc c_12,t_1,c_12
957 clr c_3
958 bcs,a %xcc,.+8 !=
959 add c_3,t_2,c_3
960 mulx a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
961 addcc c_12,t_1,c_12
962 bcs,a %xcc,.+8 !=
963 add c_3,t_2,c_3
964 mulx a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
965 addcc c_12,t_1,t_1
966 bcs,a %xcc,.+8 !=
967 add c_3,t_2,c_3
968 srlx t_1,32,c_12
969 stuw t_1,rp(12) !r[12]=c1;
970 or c_12,c_3,c_12 !=
971
972 mulx a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
973 addcc c_12,t_1,c_12
974 clr c_3
975 bcs,a %xcc,.+8 !=
976 add c_3,t_2,c_3
977 mulx a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
978 addcc c_12,t_1,t_1
979 bcs,a %xcc,.+8 !=
980 add c_3,t_2,c_3
981 srlx t_1,32,c_12
982 st t_1,rp(13) !r[13]=c2;
983 or c_12,c_3,c_12 !=
984
985 mulx a_7,b_7,t_1 !mul_add_c(a[7],b[7],c3,c1,c2);
986 addcc c_12,t_1,t_1
987 srlx t_1,32,c_12 !=
988 stuw t_1,rp(14) !r[14]=c3;
989 stuw c_12,rp(15) !r[15]=c1;
990
991 ret
992 restore %g0,%g0,%o0 !=
993
994.type bn_mul_comba8,#function
995.size bn_mul_comba8,(.-bn_mul_comba8)
996
997.align 32
998
999.global bn_mul_comba4
1000/*
1001 * void bn_mul_comba4(r,a,b)
1002 * BN_ULONG *r,*a,*b;
1003 */
1004bn_mul_comba4:
1005 save %sp,FRAME_SIZE,%sp
1006 lduw ap(0),a_0
1007 mov 1,t_2
1008 lduw bp(0),b_0
1009 sllx t_2,32,t_2 !=
1010 lduw bp(1),b_1
1011 mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
1012 srlx t_1,32,c_12
1013 stuw t_1,rp(0) !=!r[0]=c1;
1014
1015 lduw ap(1),a_1
1016 mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
1017 addcc c_12,t_1,c_12
1018 clr c_3 !=
1019 bcs,a %xcc,.+8
1020 add c_3,t_2,c_3
1021 lduw ap(2),a_2
1022 mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
1023 addcc c_12,t_1,t_1
1024 bcs,a %xcc,.+8
1025 add c_3,t_2,c_3
1026 srlx t_1,32,c_12 !=
1027 stuw t_1,rp(1) !r[1]=c2;
1028 or c_12,c_3,c_12
1029
1030 mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
1031 addcc c_12,t_1,c_12 !=
1032 clr c_3
1033 bcs,a %xcc,.+8
1034 add c_3,t_2,c_3
1035 lduw bp(2),b_2 !=
1036 mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
1037 addcc c_12,t_1,c_12
1038 bcs,a %xcc,.+8
1039 add c_3,t_2,c_3 !=
1040 lduw bp(3),b_3
1041 mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
1042 addcc c_12,t_1,t_1
1043 bcs,a %xcc,.+8 !=
1044 add c_3,t_2,c_3
1045 srlx t_1,32,c_12
1046 stuw t_1,rp(2) !r[2]=c3;
1047 or c_12,c_3,c_12 !=
1048
1049 mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
1050 addcc c_12,t_1,c_12
1051 clr c_3
1052 bcs,a %xcc,.+8 !=
1053 add c_3,t_2,c_3
1054 mulx a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
1055 addcc c_12,t_1,c_12
1056 bcs,a %xcc,.+8 !=
1057 add c_3,t_2,c_3
1058 lduw ap(3),a_3
1059 mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
1060 addcc c_12,t_1,c_12 !=
1061 bcs,a %xcc,.+8
1062 add c_3,t_2,c_3
1063 mulx a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
1064 addcc c_12,t_1,t_1 !=
1065 bcs,a %xcc,.+8
1066 add c_3,t_2,c_3
1067 srlx t_1,32,c_12
1068 stuw t_1,rp(3) !=!r[3]=c1;
1069 or c_12,c_3,c_12
1070
1071 mulx a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
1072 addcc c_12,t_1,c_12
1073 clr c_3 !=
1074 bcs,a %xcc,.+8
1075 add c_3,t_2,c_3
1076 mulx a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
1077 addcc c_12,t_1,c_12 !=
1078 bcs,a %xcc,.+8
1079 add c_3,t_2,c_3
1080 mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
1081 addcc c_12,t_1,t_1 !=
1082 bcs,a %xcc,.+8
1083 add c_3,t_2,c_3
1084 srlx t_1,32,c_12
1085 stuw t_1,rp(4) !=!r[4]=c2;
1086 or c_12,c_3,c_12
1087
1088 mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
1089 addcc c_12,t_1,c_12
1090 clr c_3 !=
1091 bcs,a %xcc,.+8
1092 add c_3,t_2,c_3
1093 mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
1094 addcc c_12,t_1,t_1 !=
1095 bcs,a %xcc,.+8
1096 add c_3,t_2,c_3
1097 srlx t_1,32,c_12
1098 stuw t_1,rp(5) !=!r[5]=c3;
1099 or c_12,c_3,c_12
1100
1101 mulx a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
1102 addcc c_12,t_1,t_1
1103 srlx t_1,32,c_12 !=
1104 stuw t_1,rp(6) !r[6]=c1;
1105 stuw c_12,rp(7) !r[7]=c2;
1106
1107 ret
1108 restore %g0,%g0,%o0
1109
1110.type bn_mul_comba4,#function
1111.size bn_mul_comba4,(.-bn_mul_comba4)
1112
1113.align 32
1114
1115.global bn_sqr_comba8
1116bn_sqr_comba8:
1117 save %sp,FRAME_SIZE,%sp
1118 mov 1,t_2
1119 lduw ap(0),a_0
1120 sllx t_2,32,t_2
1121 lduw ap(1),a_1
1122 mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
1123 srlx t_1,32,c_12
1124 stuw t_1,rp(0) !r[0]=c1;
1125
1126 lduw ap(2),a_2
1127 mulx a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
1128 addcc c_12,t_1,c_12
1129 clr c_3
1130 bcs,a %xcc,.+8
1131 add c_3,t_2,c_3
1132 addcc c_12,t_1,t_1
1133 bcs,a %xcc,.+8
1134 add c_3,t_2,c_3
1135 srlx t_1,32,c_12
1136 stuw t_1,rp(1) !r[1]=c2;
1137 or c_12,c_3,c_12
1138
1139 mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1140 addcc c_12,t_1,c_12
1141 clr c_3
1142 bcs,a %xcc,.+8
1143 add c_3,t_2,c_3
1144 addcc c_12,t_1,c_12
1145 bcs,a %xcc,.+8
1146 add c_3,t_2,c_3
1147 lduw ap(3),a_3
1148 mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1149 addcc c_12,t_1,t_1
1150 bcs,a %xcc,.+8
1151 add c_3,t_2,c_3
1152 srlx t_1,32,c_12
1153 stuw t_1,rp(2) !r[2]=c3;
1154 or c_12,c_3,c_12
1155
1156 mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1157 addcc c_12,t_1,c_12
1158 clr c_3
1159 bcs,a %xcc,.+8
1160 add c_3,t_2,c_3
1161 addcc c_12,t_1,c_12
1162 bcs,a %xcc,.+8
1163 add c_3,t_2,c_3
1164 lduw ap(4),a_4
1165 mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1166 addcc c_12,t_1,c_12
1167 bcs,a %xcc,.+8
1168 add c_3,t_2,c_3
1169 addcc c_12,t_1,t_1
1170 bcs,a %xcc,.+8
1171 add c_3,t_2,c_3
1172 srlx t_1,32,c_12
1173 st t_1,rp(3) !r[3]=c1;
1174 or c_12,c_3,c_12
1175
1176 mulx a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
1177 addcc c_12,t_1,c_12
1178 clr c_3
1179 bcs,a %xcc,.+8
1180 add c_3,t_2,c_3
1181 addcc c_12,t_1,c_12
1182 bcs,a %xcc,.+8
1183 add c_3,t_2,c_3
1184 mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1185 addcc c_12,t_1,c_12
1186 bcs,a %xcc,.+8
1187 add c_3,t_2,c_3
1188 addcc c_12,t_1,c_12
1189 bcs,a %xcc,.+8
1190 add c_3,t_2,c_3
1191 lduw ap(5),a_5
1192 mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1193 addcc c_12,t_1,t_1
1194 bcs,a %xcc,.+8
1195 add c_3,t_2,c_3
1196 srlx t_1,32,c_12
1197 stuw t_1,rp(4) !r[4]=c2;
1198 or c_12,c_3,c_12
1199
1200 mulx a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
1201 addcc c_12,t_1,c_12
1202 clr c_3
1203 bcs,a %xcc,.+8
1204 add c_3,t_2,c_3
1205 addcc c_12,t_1,c_12
1206 bcs,a %xcc,.+8
1207 add c_3,t_2,c_3
1208 mulx a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
1209 addcc c_12,t_1,c_12
1210 bcs,a %xcc,.+8
1211 add c_3,t_2,c_3
1212 addcc c_12,t_1,c_12
1213 bcs,a %xcc,.+8
1214 add c_3,t_2,c_3
1215 lduw ap(6),a_6
1216 mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1217 addcc c_12,t_1,c_12
1218 bcs,a %xcc,.+8
1219 add c_3,t_2,c_3
1220 addcc c_12,t_1,t_1
1221 bcs,a %xcc,.+8
1222 add c_3,t_2,c_3
1223 srlx t_1,32,c_12
1224 stuw t_1,rp(5) !r[5]=c3;
1225 or c_12,c_3,c_12
1226
1227 mulx a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
1228 addcc c_12,t_1,c_12
1229 clr c_3
1230 bcs,a %xcc,.+8
1231 add c_3,t_2,c_3
1232 addcc c_12,t_1,c_12
1233 bcs,a %xcc,.+8
1234 add c_3,t_2,c_3
1235 mulx a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
1236 addcc c_12,t_1,c_12
1237 bcs,a %xcc,.+8
1238 add c_3,t_2,c_3
1239 addcc c_12,t_1,c_12
1240 bcs,a %xcc,.+8
1241 add c_3,t_2,c_3
1242 mulx a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
1243 addcc c_12,t_1,c_12
1244 bcs,a %xcc,.+8
1245 add c_3,t_2,c_3
1246 addcc c_12,t_1,c_12
1247 bcs,a %xcc,.+8
1248 add c_3,t_2,c_3
1249 lduw ap(7),a_7
1250 mulx a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
1251 addcc c_12,t_1,t_1
1252 bcs,a %xcc,.+8
1253 add c_3,t_2,c_3
1254 srlx t_1,32,c_12
1255 stuw t_1,rp(6) !r[6]=c1;
1256 or c_12,c_3,c_12
1257
1258 mulx a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
1259 addcc c_12,t_1,c_12
1260 clr c_3
1261 bcs,a %xcc,.+8
1262 add c_3,t_2,c_3
1263 addcc c_12,t_1,c_12
1264 bcs,a %xcc,.+8
1265 add c_3,t_2,c_3
1266 mulx a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
1267 addcc c_12,t_1,c_12
1268 bcs,a %xcc,.+8
1269 add c_3,t_2,c_3
1270 addcc c_12,t_1,c_12
1271 bcs,a %xcc,.+8
1272 add c_3,t_2,c_3
1273 mulx a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
1274 addcc c_12,t_1,c_12
1275 bcs,a %xcc,.+8
1276 add c_3,t_2,c_3
1277 addcc c_12,t_1,c_12
1278 bcs,a %xcc,.+8
1279 add c_3,t_2,c_3
1280 mulx a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
1281 addcc c_12,t_1,c_12
1282 bcs,a %xcc,.+8
1283 add c_3,t_2,c_3
1284 addcc c_12,t_1,t_1
1285 bcs,a %xcc,.+8
1286 add c_3,t_2,c_3
1287 srlx t_1,32,c_12
1288 stuw t_1,rp(7) !r[7]=c2;
1289 or c_12,c_3,c_12
1290
1291 mulx a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
1292 addcc c_12,t_1,c_12
1293 clr c_3
1294 bcs,a %xcc,.+8
1295 add c_3,t_2,c_3
1296 addcc c_12,t_1,c_12
1297 bcs,a %xcc,.+8
1298 add c_3,t_2,c_3
1299 mulx a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
1300 addcc c_12,t_1,c_12
1301 bcs,a %xcc,.+8
1302 add c_3,t_2,c_3
1303 addcc c_12,t_1,c_12
1304 bcs,a %xcc,.+8
1305 add c_3,t_2,c_3
1306 mulx a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
1307 addcc c_12,t_1,c_12
1308 bcs,a %xcc,.+8
1309 add c_3,t_2,c_3
1310 addcc c_12,t_1,c_12
1311 bcs,a %xcc,.+8
1312 add c_3,t_2,c_3
1313 mulx a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
1314 addcc c_12,t_1,t_1
1315 bcs,a %xcc,.+8
1316 add c_3,t_2,c_3
1317 srlx t_1,32,c_12
1318 stuw t_1,rp(8) !r[8]=c3;
1319 or c_12,c_3,c_12
1320
1321 mulx a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
1322 addcc c_12,t_1,c_12
1323 clr c_3
1324 bcs,a %xcc,.+8
1325 add c_3,t_2,c_3
1326 addcc c_12,t_1,c_12
1327 bcs,a %xcc,.+8
1328 add c_3,t_2,c_3
1329 mulx a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
1330 addcc c_12,t_1,c_12
1331 bcs,a %xcc,.+8
1332 add c_3,t_2,c_3
1333 addcc c_12,t_1,c_12
1334 bcs,a %xcc,.+8
1335 add c_3,t_2,c_3
1336 mulx a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
1337 addcc c_12,t_1,c_12
1338 bcs,a %xcc,.+8
1339 add c_3,t_2,c_3
1340 addcc c_12,t_1,t_1
1341 bcs,a %xcc,.+8
1342 add c_3,t_2,c_3
1343 srlx t_1,32,c_12
1344 stuw t_1,rp(9) !r[9]=c1;
1345 or c_12,c_3,c_12
1346
1347 mulx a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
1348 addcc c_12,t_1,c_12
1349 clr c_3
1350 bcs,a %xcc,.+8
1351 add c_3,t_2,c_3
1352 addcc c_12,t_1,c_12
1353 bcs,a %xcc,.+8
1354 add c_3,t_2,c_3
1355 mulx a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
1356 addcc c_12,t_1,c_12
1357 bcs,a %xcc,.+8
1358 add c_3,t_2,c_3
1359 addcc c_12,t_1,c_12
1360 bcs,a %xcc,.+8
1361 add c_3,t_2,c_3
1362 mulx a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
1363 addcc c_12,t_1,t_1
1364 bcs,a %xcc,.+8
1365 add c_3,t_2,c_3
1366 srlx t_1,32,c_12
1367 stuw t_1,rp(10) !r[10]=c2;
1368 or c_12,c_3,c_12
1369
1370 mulx a_4,a_7,t_1 !sqr_add_c2(a,7,4,c3,c1,c2);
1371 addcc c_12,t_1,c_12
1372 clr c_3
1373 bcs,a %xcc,.+8
1374 add c_3,t_2,c_3
1375 addcc c_12,t_1,c_12
1376 bcs,a %xcc,.+8
1377 add c_3,t_2,c_3
1378 mulx a_5,a_6,t_1 !sqr_add_c2(a,6,5,c3,c1,c2);
1379 addcc c_12,t_1,c_12
1380 bcs,a %xcc,.+8
1381 add c_3,t_2,c_3
1382 addcc c_12,t_1,t_1
1383 bcs,a %xcc,.+8
1384 add c_3,t_2,c_3
1385 srlx t_1,32,c_12
1386 stuw t_1,rp(11) !r[11]=c3;
1387 or c_12,c_3,c_12
1388
1389 mulx a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
1390 addcc c_12,t_1,c_12
1391 clr c_3
1392 bcs,a %xcc,.+8
1393 add c_3,t_2,c_3
1394 addcc c_12,t_1,c_12
1395 bcs,a %xcc,.+8
1396 add c_3,t_2,c_3
1397 mulx a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
1398 addcc c_12,t_1,t_1
1399 bcs,a %xcc,.+8
1400 add c_3,t_2,c_3
1401 srlx t_1,32,c_12
1402 stuw t_1,rp(12) !r[12]=c1;
1403 or c_12,c_3,c_12
1404
1405 mulx a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
1406 addcc c_12,t_1,c_12
1407 clr c_3
1408 bcs,a %xcc,.+8
1409 add c_3,t_2,c_3
1410 addcc c_12,t_1,t_1
1411 bcs,a %xcc,.+8
1412 add c_3,t_2,c_3
1413 srlx t_1,32,c_12
1414 stuw t_1,rp(13) !r[13]=c2;
1415 or c_12,c_3,c_12
1416
1417 mulx a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
1418 addcc c_12,t_1,t_1
1419 srlx t_1,32,c_12
1420 stuw t_1,rp(14) !r[14]=c3;
1421 stuw c_12,rp(15) !r[15]=c1;
1422
1423 ret
1424 restore %g0,%g0,%o0
1425
1426.type bn_sqr_comba8,#function
1427.size bn_sqr_comba8,(.-bn_sqr_comba8)
1428
1429.align 32
1430
1431.global bn_sqr_comba4
1432/*
1433 * void bn_sqr_comba4(r,a)
1434 * BN_ULONG *r,*a;
1435 */
1436bn_sqr_comba4:
1437 save %sp,FRAME_SIZE,%sp
1438 mov 1,t_2
1439 lduw ap(0),a_0
1440 sllx t_2,32,t_2
1441 lduw ap(1),a_1
1442 mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
1443 srlx t_1,32,c_12
1444 stuw t_1,rp(0) !r[0]=c1;
1445
1446 lduw ap(2),a_2
1447 mulx a_0,a_1,t_1 !sqr_add_c2(a,1,0,c2,c3,c1);
1448 addcc c_12,t_1,c_12
1449 clr c_3
1450 bcs,a %xcc,.+8
1451 add c_3,t_2,c_3
1452 addcc c_12,t_1,t_1
1453 bcs,a %xcc,.+8
1454 add c_3,t_2,c_3
1455 srlx t_1,32,c_12
1456 stuw t_1,rp(1) !r[1]=c2;
1457 or c_12,c_3,c_12
1458
1459 mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
1460 addcc c_12,t_1,c_12
1461 clr c_3
1462 bcs,a %xcc,.+8
1463 add c_3,t_2,c_3
1464 addcc c_12,t_1,c_12
1465 bcs,a %xcc,.+8
1466 add c_3,t_2,c_3
1467 lduw ap(3),a_3
1468 mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
1469 addcc c_12,t_1,t_1
1470 bcs,a %xcc,.+8
1471 add c_3,t_2,c_3
1472 srlx t_1,32,c_12
1473 stuw t_1,rp(2) !r[2]=c3;
1474 or c_12,c_3,c_12
1475
1476 mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
1477 addcc c_12,t_1,c_12
1478 clr c_3
1479 bcs,a %xcc,.+8
1480 add c_3,t_2,c_3
1481 addcc c_12,t_1,c_12
1482 bcs,a %xcc,.+8
1483 add c_3,t_2,c_3
1484 mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
1485 addcc c_12,t_1,c_12
1486 bcs,a %xcc,.+8
1487 add c_3,t_2,c_3
1488 addcc c_12,t_1,t_1
1489 bcs,a %xcc,.+8
1490 add c_3,t_2,c_3
1491 srlx t_1,32,c_12
1492 stuw t_1,rp(3) !r[3]=c1;
1493 or c_12,c_3,c_12
1494
1495 mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
1496 addcc c_12,t_1,c_12
1497 clr c_3
1498 bcs,a %xcc,.+8
1499 add c_3,t_2,c_3
1500 addcc c_12,t_1,c_12
1501 bcs,a %xcc,.+8
1502 add c_3,t_2,c_3
1503 mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
1504 addcc c_12,t_1,t_1
1505 bcs,a %xcc,.+8
1506 add c_3,t_2,c_3
1507 srlx t_1,32,c_12
1508 stuw t_1,rp(4) !r[4]=c2;
1509 or c_12,c_3,c_12
1510
1511 mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
1512 addcc c_12,t_1,c_12
1513 clr c_3
1514 bcs,a %xcc,.+8
1515 add c_3,t_2,c_3
1516 addcc c_12,t_1,t_1
1517 bcs,a %xcc,.+8
1518 add c_3,t_2,c_3
1519 srlx t_1,32,c_12
1520 stuw t_1,rp(5) !r[5]=c3;
1521 or c_12,c_3,c_12
1522
1523 mulx a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
1524 addcc c_12,t_1,t_1
1525 srlx t_1,32,c_12
1526 stuw t_1,rp(6) !r[6]=c1;
1527 stuw c_12,rp(7) !r[7]=c2;
1528
1529 ret
1530 restore %g0,%g0,%o0
1531
1532.type bn_sqr_comba4,#function
1533.size bn_sqr_comba4,(.-bn_sqr_comba4)
1534
1535.align 32
diff --git a/src/lib/libcrypto/bn/asm/x86.pl b/src/lib/libcrypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb27..0000000000
--- a/src/lib/libcrypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
1#!/usr/local/bin/perl
2
3push(@INC,"perlasm","../../perlasm");
4require "x86asm.pl";
5
6require("x86/mul_add.pl");
7require("x86/mul.pl");
8require("x86/sqr.pl");
9require("x86/div.pl");
10require("x86/add.pl");
11require("x86/sub.pl");
12require("x86/comba.pl");
13
14&asm_init($ARGV[0],$0);
15
16&bn_mul_add_words("bn_mul_add_words");
17&bn_mul_words("bn_mul_words");
18&bn_sqr_words("bn_sqr_words");
19&bn_div_words("bn_div_words");
20&bn_add_words("bn_add_words");
21&bn_sub_words("bn_sub_words");
22&bn_mul_comba("bn_mul_comba8",8);
23&bn_mul_comba("bn_mul_comba4",4);
24&bn_sqr_comba("bn_sqr_comba8",8);
25&bn_sqr_comba("bn_sqr_comba4",4);
26
27&asm_finish();
28
diff --git a/src/lib/libcrypto/bn/asm/x86/add.pl b/src/lib/libcrypto/bn/asm/x86/add.pl
deleted file mode 100644
index 0b5cf583e3..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_add_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $a="esi";
12 $b="edi";
13 $c="eax";
14 $r="ebx";
15 $tmp1="ecx";
16 $tmp2="edx";
17 $num="ebp";
18
19 &mov($r,&wparam(0)); # get r
20 &mov($a,&wparam(1)); # get a
21 &mov($b,&wparam(2)); # get b
22 &mov($num,&wparam(3)); # get num
23 &xor($c,$c); # clear carry
24 &and($num,0xfffffff8); # num / 8
25
26 &jz(&label("aw_finish"));
27
28 &set_label("aw_loop",0);
29 for ($i=0; $i<8; $i++)
30 {
31 &comment("Round $i");
32
33 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
34 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
35 &add($tmp1,$c);
36 &mov($c,0);
37 &adc($c,$c);
38 &add($tmp1,$tmp2);
39 &adc($c,0);
40 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
41 }
42
43 &comment("");
44 &add($a,32);
45 &add($b,32);
46 &add($r,32);
47 &sub($num,8);
48 &jnz(&label("aw_loop"));
49
50 &set_label("aw_finish",0);
51 &mov($num,&wparam(3)); # get num
52 &and($num,7);
53 &jz(&label("aw_end"));
54
55 for ($i=0; $i<7; $i++)
56 {
57 &comment("Tail Round $i");
58 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
59 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
60 &add($tmp1,$c);
61 &mov($c,0);
62 &adc($c,$c);
63 &add($tmp1,$tmp2);
64 &adc($c,0);
65 &dec($num) if ($i != 6);
66 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
67 &jz(&label("aw_end")) if ($i != 6);
68 }
69 &set_label("aw_end",0);
70
71# &mov("eax",$c); # $c is "eax"
72
73 &function_end($name);
74 }
75
761;
diff --git a/src/lib/libcrypto/bn/asm/x86/comba.pl b/src/lib/libcrypto/bn/asm/x86/comba.pl
deleted file mode 100644
index 2291253629..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub mul_add_c
5 {
6 local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
7
8 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
9 # words, and 1 if load return value
10
11 &comment("mul a[$ai]*b[$bi]");
12
13 # "eax" and "edx" will always be pre-loaded.
14 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
15 # &mov("edx",&DWP($bi*4,$b,"",0));
16
17 &mul("edx");
18 &add($c0,"eax");
19 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
20 &mov("eax",&wparam(0)) if $pos > 0; # load r[]
21 ###
22 &adc($c1,"edx");
23 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
24 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
25 ###
26 &adc($c2,0);
27 # is pos > 1, it means it is the last loop
28 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
29 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
30 }
31
32sub sqr_add_c
33 {
34 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
35
36 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
37 # words, and 1 if load return value
38
39 &comment("sqr a[$ai]*a[$bi]");
40
41 # "eax" and "edx" will always be pre-loaded.
42 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
43 # &mov("edx",&DWP($bi*4,$b,"",0));
44
45 if ($ai == $bi)
46 { &mul("eax");}
47 else
48 { &mul("edx");}
49 &add($c0,"eax");
50 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
51 ###
52 &adc($c1,"edx");
53 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
54 ###
55 &adc($c2,0);
56 # is pos > 1, it means it is the last loop
57 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
58 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
59 }
60
61sub sqr_add_c2
62 {
63 local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
64
65 # pos == -1 if eax and edx are pre-loaded, 0 to load from next
66 # words, and 1 if load return value
67
68 &comment("sqr a[$ai]*a[$bi]");
69
70 # "eax" and "edx" will always be pre-loaded.
71 # &mov("eax",&DWP($ai*4,$a,"",0)) ;
72 # &mov("edx",&DWP($bi*4,$a,"",0));
73
74 if ($ai == $bi)
75 { &mul("eax");}
76 else
77 { &mul("edx");}
78 &add("eax","eax");
79 ###
80 &adc("edx","edx");
81 ###
82 &adc($c2,0);
83 &add($c0,"eax");
84 &adc($c1,"edx");
85 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
86 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
87 &adc($c2,0);
88 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
89 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
90 ###
91 }
92
93sub bn_mul_comba
94 {
95 local($name,$num)=@_;
96 local($a,$b,$c0,$c1,$c2);
97 local($i,$as,$ae,$bs,$be,$ai,$bi);
98 local($tot,$end);
99
100 &function_begin_B($name,"");
101
102 $c0="ebx";
103 $c1="ecx";
104 $c2="ebp";
105 $a="esi";
106 $b="edi";
107
108 $as=0;
109 $ae=0;
110 $bs=0;
111 $be=0;
112 $tot=$num+$num-1;
113
114 &push("esi");
115 &mov($a,&wparam(1));
116 &push("edi");
117 &mov($b,&wparam(2));
118 &push("ebp");
119 &push("ebx");
120
121 &xor($c0,$c0);
122 &mov("eax",&DWP(0,$a,"",0)); # load the first word
123 &xor($c1,$c1);
124 &mov("edx",&DWP(0,$b,"",0)); # load the first second
125
126 for ($i=0; $i<$tot; $i++)
127 {
128 $ai=$as;
129 $bi=$bs;
130 $end=$be+1;
131
132 &comment("################## Calculate word $i");
133
134 for ($j=$bs; $j<$end; $j++)
135 {
136 &xor($c2,$c2) if ($j == $bs);
137 if (($j+1) == $end)
138 {
139 $v=1;
140 $v=2 if (($i+1) == $tot);
141 }
142 else
143 { $v=0; }
144 if (($j+1) != $end)
145 {
146 $na=($ai-1);
147 $nb=($bi+1);
148 }
149 else
150 {
151 $na=$as+($i < ($num-1));
152 $nb=$bs+($i >= ($num-1));
153 }
154#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
155 &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
156 if ($v)
157 {
158 &comment("saved r[$i]");
159 # &mov("eax",&wparam(0));
160 # &mov(&DWP($i*4,"eax","",0),$c0);
161 ($c0,$c1,$c2)=($c1,$c2,$c0);
162 }
163 $ai--;
164 $bi++;
165 }
166 $as++ if ($i < ($num-1));
167 $ae++ if ($i >= ($num-1));
168
169 $bs++ if ($i >= ($num-1));
170 $be++ if ($i < ($num-1));
171 }
172 &comment("save r[$i]");
173 # &mov("eax",&wparam(0));
174 &mov(&DWP($i*4,"eax","",0),$c0);
175
176 &pop("ebx");
177 &pop("ebp");
178 &pop("edi");
179 &pop("esi");
180 &ret();
181 &function_end_B($name);
182 }
183
184sub bn_sqr_comba
185 {
186 local($name,$num)=@_;
187 local($r,$a,$c0,$c1,$c2)=@_;
188 local($i,$as,$ae,$bs,$be,$ai,$bi);
189 local($b,$tot,$end,$half);
190
191 &function_begin_B($name,"");
192
193 $c0="ebx";
194 $c1="ecx";
195 $c2="ebp";
196 $a="esi";
197 $r="edi";
198
199 &push("esi");
200 &push("edi");
201 &push("ebp");
202 &push("ebx");
203 &mov($r,&wparam(0));
204 &mov($a,&wparam(1));
205 &xor($c0,$c0);
206 &xor($c1,$c1);
207 &mov("eax",&DWP(0,$a,"",0)); # load the first word
208
209 $as=0;
210 $ae=0;
211 $bs=0;
212 $be=0;
213 $tot=$num+$num-1;
214
215 for ($i=0; $i<$tot; $i++)
216 {
217 $ai=$as;
218 $bi=$bs;
219 $end=$be+1;
220
221 &comment("############### Calculate word $i");
222 for ($j=$bs; $j<$end; $j++)
223 {
224 &xor($c2,$c2) if ($j == $bs);
225 if (($ai-1) < ($bi+1))
226 {
227 $v=1;
228 $v=2 if ($i+1) == $tot;
229 }
230 else
231 { $v=0; }
232 if (!$v)
233 {
234 $na=$ai-1;
235 $nb=$bi+1;
236 }
237 else
238 {
239 $na=$as+($i < ($num-1));
240 $nb=$bs+($i >= ($num-1));
241 }
242 if ($ai == $bi)
243 {
244 &sqr_add_c($r,$a,$ai,$bi,
245 $c0,$c1,$c2,$v,$i,$na,$nb);
246 }
247 else
248 {
249 &sqr_add_c2($r,$a,$ai,$bi,
250 $c0,$c1,$c2,$v,$i,$na,$nb);
251 }
252 if ($v)
253 {
254 &comment("saved r[$i]");
255 #&mov(&DWP($i*4,$r,"",0),$c0);
256 ($c0,$c1,$c2)=($c1,$c2,$c0);
257 last;
258 }
259 $ai--;
260 $bi++;
261 }
262 $as++ if ($i < ($num-1));
263 $ae++ if ($i >= ($num-1));
264
265 $bs++ if ($i >= ($num-1));
266 $be++ if ($i < ($num-1));
267 }
268 &mov(&DWP($i*4,$r,"",0),$c0);
269 &pop("ebx");
270 &pop("ebp");
271 &pop("edi");
272 &pop("esi");
273 &ret();
274 &function_end_B($name);
275 }
276
2771;
diff --git a/src/lib/libcrypto/bn/asm/x86/div.pl b/src/lib/libcrypto/bn/asm/x86/div.pl
deleted file mode 100644
index 0e90152caa..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_div_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9 &mov("edx",&wparam(0)); #
10 &mov("eax",&wparam(1)); #
11 &mov("ebx",&wparam(2)); #
12 &div("ebx");
13 &function_end($name);
14 }
151;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul.pl b/src/lib/libcrypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 674cb9b055..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_mul_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $Low="eax";
12 $High="edx";
13 $a="ebx";
14 $w="ecx";
15 $r="edi";
16 $c="esi";
17 $num="ebp";
18
19 &xor($c,$c); # clear carry
20 &mov($r,&wparam(0)); #
21 &mov($a,&wparam(1)); #
22 &mov($num,&wparam(2)); #
23 &mov($w,&wparam(3)); #
24
25 &and($num,0xfffffff8); # num / 8
26 &jz(&label("mw_finish"));
27
28 &set_label("mw_loop",0);
29 for ($i=0; $i<32; $i+=4)
30 {
31 &comment("Round $i");
32
33 &mov("eax",&DWP($i,$a,"",0)); # *a
34 &mul($w); # *a * w
35 &add("eax",$c); # L(t)+=c
36 # XXX
37
38 &adc("edx",0); # H(t)+=carry
39 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
40
41 &mov($c,"edx"); # c= H(t);
42 }
43
44 &comment("");
45 &add($a,32);
46 &add($r,32);
47 &sub($num,8);
48 &jz(&label("mw_finish"));
49 &jmp(&label("mw_loop"));
50
51 &set_label("mw_finish",0);
52 &mov($num,&wparam(2)); # get num
53 &and($num,7);
54 &jnz(&label("mw_finish2"));
55 &jmp(&label("mw_end"));
56
57 &set_label("mw_finish2",1);
58 for ($i=0; $i<7; $i++)
59 {
60 &comment("Tail Round $i");
61 &mov("eax",&DWP($i*4,$a,"",0));# *a
62 &mul($w); # *a * w
63 &add("eax",$c); # L(t)+=c
64 # XXX
65 &adc("edx",0); # H(t)+=carry
66 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
67 &mov($c,"edx"); # c= H(t);
68 &dec($num) if ($i != 7-1);
69 &jz(&label("mw_end")) if ($i != 7-1);
70 }
71 &set_label("mw_end",0);
72 &mov("eax",$c);
73
74 &function_end($name);
75 }
76
771;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul_add.pl b/src/lib/libcrypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 61830d3a90..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_mul_add_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $Low="eax";
12 $High="edx";
13 $a="ebx";
14 $w="ebp";
15 $r="edi";
16 $c="esi";
17
18 &xor($c,$c); # clear carry
19 &mov($r,&wparam(0)); #
20
21 &mov("ecx",&wparam(2)); #
22 &mov($a,&wparam(1)); #
23
24 &and("ecx",0xfffffff8); # num / 8
25 &mov($w,&wparam(3)); #
26
27 &push("ecx"); # Up the stack for a tmp variable
28
29 &jz(&label("maw_finish"));
30
31 &set_label("maw_loop",0);
32
33 &mov(&swtmp(0),"ecx"); #
34
35 for ($i=0; $i<32; $i+=4)
36 {
37 &comment("Round $i");
38
39 &mov("eax",&DWP($i,$a,"",0)); # *a
40 &mul($w); # *a * w
41 &add("eax",$c); # L(t)+= *r
42 &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
43 &adc("edx",0); # H(t)+=carry
44 &add("eax",$c); # L(t)+=c
45 &adc("edx",0); # H(t)+=carry
46 &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
47 &mov($c,"edx"); # c= H(t);
48 }
49
50 &comment("");
51 &mov("ecx",&swtmp(0)); #
52 &add($a,32);
53 &add($r,32);
54 &sub("ecx",8);
55 &jnz(&label("maw_loop"));
56
57 &set_label("maw_finish",0);
58 &mov("ecx",&wparam(2)); # get num
59 &and("ecx",7);
60 &jnz(&label("maw_finish2")); # helps branch prediction
61 &jmp(&label("maw_end"));
62
63 &set_label("maw_finish2",1);
64 for ($i=0; $i<7; $i++)
65 {
66 &comment("Tail Round $i");
67 &mov("eax",&DWP($i*4,$a,"",0));# *a
68 &mul($w); # *a * w
69 &add("eax",$c); # L(t)+=c
70 &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
71 &adc("edx",0); # H(t)+=carry
72 &add("eax",$c);
73 &adc("edx",0); # H(t)+=carry
74 &dec("ecx") if ($i != 7-1);
75 &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
76 &mov($c,"edx"); # c= H(t);
77 &jz(&label("maw_end")) if ($i != 7-1);
78 }
79 &set_label("maw_end",0);
80 &mov("eax",$c);
81
82 &pop("ecx"); # clear variable from
83
84 &function_end($name);
85 }
86
871;
diff --git a/src/lib/libcrypto/bn/asm/x86/sqr.pl b/src/lib/libcrypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 1f90993cf6..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_sqr_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $r="esi";
12 $a="edi";
13 $num="ebx";
14
15 &mov($r,&wparam(0)); #
16 &mov($a,&wparam(1)); #
17 &mov($num,&wparam(2)); #
18
19 &and($num,0xfffffff8); # num / 8
20 &jz(&label("sw_finish"));
21
22 &set_label("sw_loop",0);
23 for ($i=0; $i<32; $i+=4)
24 {
25 &comment("Round $i");
26 &mov("eax",&DWP($i,$a,"",0)); # *a
27 # XXX
28 &mul("eax"); # *a * *a
29 &mov(&DWP($i*2,$r,"",0),"eax"); #
30 &mov(&DWP($i*2+4,$r,"",0),"edx");#
31 }
32
33 &comment("");
34 &add($a,32);
35 &add($r,64);
36 &sub($num,8);
37 &jnz(&label("sw_loop"));
38
39 &set_label("sw_finish",0);
40 &mov($num,&wparam(2)); # get num
41 &and($num,7);
42 &jz(&label("sw_end"));
43
44 for ($i=0; $i<7; $i++)
45 {
46 &comment("Tail Round $i");
47 &mov("eax",&DWP($i*4,$a,"",0)); # *a
48 # XXX
49 &mul("eax"); # *a * *a
50 &mov(&DWP($i*8,$r,"",0),"eax"); #
51 &dec($num) if ($i != 7-1);
52 &mov(&DWP($i*8+4,$r,"",0),"edx");
53 &jz(&label("sw_end")) if ($i != 7-1);
54 }
55 &set_label("sw_end",0);
56
57 &function_end($name);
58 }
59
601;
diff --git a/src/lib/libcrypto/bn/asm/x86/sub.pl b/src/lib/libcrypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 837b0e1b07..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
1#!/usr/local/bin/perl
2# x86 assember
3
4sub bn_sub_words
5 {
6 local($name)=@_;
7
8 &function_begin($name,"");
9
10 &comment("");
11 $a="esi";
12 $b="edi";
13 $c="eax";
14 $r="ebx";
15 $tmp1="ecx";
16 $tmp2="edx";
17 $num="ebp";
18
19 &mov($r,&wparam(0)); # get r
20 &mov($a,&wparam(1)); # get a
21 &mov($b,&wparam(2)); # get b
22 &mov($num,&wparam(3)); # get num
23 &xor($c,$c); # clear carry
24 &and($num,0xfffffff8); # num / 8
25
26 &jz(&label("aw_finish"));
27
28 &set_label("aw_loop",0);
29 for ($i=0; $i<8; $i++)
30 {
31 &comment("Round $i");
32
33 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
34 &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
35 &sub($tmp1,$c);
36 &mov($c,0);
37 &adc($c,$c);
38 &sub($tmp1,$tmp2);
39 &adc($c,0);
40 &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
41 }
42
43 &comment("");
44 &add($a,32);
45 &add($b,32);
46 &add($r,32);
47 &sub($num,8);
48 &jnz(&label("aw_loop"));
49
50 &set_label("aw_finish",0);
51 &mov($num,&wparam(3)); # get num
52 &and($num,7);
53 &jz(&label("aw_end"));
54
55 for ($i=0; $i<7; $i++)
56 {
57 &comment("Tail Round $i");
58 &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
59 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
60 &sub($tmp1,$c);
61 &mov($c,0);
62 &adc($c,$c);
63 &sub($tmp1,$tmp2);
64 &adc($c,0);
65 &dec($num) if ($i != 6);
66 &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
67 &jz(&label("aw_end")) if ($i != 6);
68 }
69 &set_label("aw_end",0);
70
71# &mov("eax",$c); # $c is "eax"
72
73 &function_end($name);
74 }
75
761;
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
deleted file mode 100644
index 009b0eb685..0000000000
--- a/src/lib/libcrypto/bn/bn.h
+++ /dev/null
@@ -1,510 +0,0 @@
1/* crypto/bn/bn.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BN_H
60#define HEADER_BN_H
61
62#ifndef WIN16
63#include <stdio.h> /* FILE */
64#endif
65#include <openssl/opensslconf.h>
66
67#ifdef __cplusplus
68extern "C" {
69#endif
70
71#ifdef VMS
72#undef BN_LLONG /* experimental, so far... */
73#endif
74
75#define BN_MUL_COMBA
76#define BN_SQR_COMBA
77#define BN_RECURSION
78#define RECP_MUL_MOD
79#define MONT_MUL_MOD
80
81/* This next option uses the C libraries (2 word)/(1 word) function.
82 * If it is not defined, I use my C version (which is slower).
83 * The reason for this flag is that when the particular C compiler
84 * library routine is used, and the library is linked with a different
85 * compiler, the library is missing. This mostly happens when the
86 * library is built with gcc and then linked using normal cc. This would
87 * be a common occurrence because gcc normally produces code that is
88 * 2 times faster than system compilers for the big number stuff.
89 * For machines with only one compiler (or shared libraries), this should
90 * be on. Again this in only really a problem on machines
91 * using "long long's", are 32bit, and are not using my assembler code. */
92#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux)
93#define BN_DIV2W
94#endif
95
96/* assuming long is 64bit - this is the DEC Alpha
97 * unsigned long long is only 64 bits :-(, don't define
98 * BN_LLONG for the DEC Alpha */
99#ifdef SIXTY_FOUR_BIT_LONG
100#define BN_ULLONG unsigned long long
101#define BN_ULONG unsigned long
102#define BN_LONG long
103#define BN_BITS 128
104#define BN_BYTES 8
105#define BN_BITS2 64
106#define BN_BITS4 32
107#define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
108#define BN_MASK2 (0xffffffffffffffffL)
109#define BN_MASK2l (0xffffffffL)
110#define BN_MASK2h (0xffffffff00000000L)
111#define BN_MASK2h1 (0xffffffff80000000L)
112#define BN_TBIT (0x8000000000000000L)
113#define BN_DEC_CONV (10000000000000000000UL)
114#define BN_DEC_FMT1 "%lu"
115#define BN_DEC_FMT2 "%019lu"
116#define BN_DEC_NUM 19
117#endif
118
119/* This is where the long long data type is 64 bits, but long is 32.
120 * For machines where there are 64bit registers, this is the mode to use.
121 * IRIX, on R4000 and above should use this mode, along with the relevant
122 * assembler code :-). Do NOT define BN_LLONG.
123 */
124#ifdef SIXTY_FOUR_BIT
125#undef BN_LLONG
126#undef BN_ULLONG
127#define BN_ULONG unsigned long long
128#define BN_LONG long long
129#define BN_BITS 128
130#define BN_BYTES 8
131#define BN_BITS2 64
132#define BN_BITS4 32
133#define BN_MASK2 (0xffffffffffffffffLL)
134#define BN_MASK2l (0xffffffffL)
135#define BN_MASK2h (0xffffffff00000000LL)
136#define BN_MASK2h1 (0xffffffff80000000LL)
137#define BN_TBIT (0x8000000000000000LL)
138#define BN_DEC_CONV (10000000000000000000LL)
139#define BN_DEC_FMT1 "%llu"
140#define BN_DEC_FMT2 "%019llu"
141#define BN_DEC_NUM 19
142#endif
143
144#ifdef THIRTY_TWO_BIT
145#if defined(WIN32) && !defined(__GNUC__)
146#define BN_ULLONG unsigned _int64
147#else
148#define BN_ULLONG unsigned long long
149#endif
150#define BN_ULONG unsigned long
151#define BN_LONG long
152#define BN_BITS 64
153#define BN_BYTES 4
154#define BN_BITS2 32
155#define BN_BITS4 16
156#ifdef WIN32
157/* VC++ doesn't like the LL suffix */
158#define BN_MASK (0xffffffffffffffffL)
159#else
160#define BN_MASK (0xffffffffffffffffLL)
161#endif
162#define BN_MASK2 (0xffffffffL)
163#define BN_MASK2l (0xffff)
164#define BN_MASK2h1 (0xffff8000L)
165#define BN_MASK2h (0xffff0000L)
166#define BN_TBIT (0x80000000L)
167#define BN_DEC_CONV (1000000000L)
168#define BN_DEC_FMT1 "%lu"
169#define BN_DEC_FMT2 "%09lu"
170#define BN_DEC_NUM 9
171#endif
172
173#ifdef SIXTEEN_BIT
174#ifndef BN_DIV2W
175#define BN_DIV2W
176#endif
177#define BN_ULLONG unsigned long
178#define BN_ULONG unsigned short
179#define BN_LONG short
180#define BN_BITS 32
181#define BN_BYTES 2
182#define BN_BITS2 16
183#define BN_BITS4 8
184#define BN_MASK (0xffffffff)
185#define BN_MASK2 (0xffff)
186#define BN_MASK2l (0xff)
187#define BN_MASK2h1 (0xff80)
188#define BN_MASK2h (0xff00)
189#define BN_TBIT (0x8000)
190#define BN_DEC_CONV (100000)
191#define BN_DEC_FMT1 "%u"
192#define BN_DEC_FMT2 "%05u"
193#define BN_DEC_NUM 5
194#endif
195
196#ifdef EIGHT_BIT
197#ifndef BN_DIV2W
198#define BN_DIV2W
199#endif
200#define BN_ULLONG unsigned short
201#define BN_ULONG unsigned char
202#define BN_LONG char
203#define BN_BITS 16
204#define BN_BYTES 1
205#define BN_BITS2 8
206#define BN_BITS4 4
207#define BN_MASK (0xffff)
208#define BN_MASK2 (0xff)
209#define BN_MASK2l (0xf)
210#define BN_MASK2h1 (0xf8)
211#define BN_MASK2h (0xf0)
212#define BN_TBIT (0x80)
213#define BN_DEC_CONV (100)
214#define BN_DEC_FMT1 "%u"
215#define BN_DEC_FMT2 "%02u"
216#define BN_DEC_NUM 2
217#endif
218
219#define BN_DEFAULT_BITS 1280
220
221#ifdef BIGNUM
222#undef BIGNUM
223#endif
224
225#define BN_FLG_MALLOCED 0x01
226#define BN_FLG_STATIC_DATA 0x02
227#define BN_FLG_FREE 0x8000 /* used for debuging */
228#define BN_set_flags(b,n) ((b)->flags|=(n))
229#define BN_get_flags(b,n) ((b)->flags&(n))
230
231typedef struct bignum_st
232 {
233 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
234 int top; /* Index of last used d +1. */
235 /* The next are internal book keeping for bn_expand. */
236 int max; /* Size of the d array. */
237 int neg; /* one if the number is negative */
238 int flags;
239 } BIGNUM;
240
241/* Used for temp variables */
242#define BN_CTX_NUM 12
243#define BN_CTX_NUM_POS 12
244typedef struct bignum_ctx
245 {
246 int tos;
247 BIGNUM bn[BN_CTX_NUM];
248 int flags;
249 int depth;
250 int pos[BN_CTX_NUM_POS];
251 int too_many;
252 } BN_CTX;
253
254typedef struct bn_blinding_st
255 {
256 int init;
257 BIGNUM *A;
258 BIGNUM *Ai;
259 BIGNUM *mod; /* just a reference */
260 } BN_BLINDING;
261
262/* Used for montgomery multiplication */
263typedef struct bn_mont_ctx_st
264 {
265 int ri; /* number of bits in R */
266 BIGNUM RR; /* used to convert to montgomery form */
267 BIGNUM N; /* The modulus */
268 BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
269 * (Ni is only stored for bignum algorithm) */
270 BN_ULONG n0; /* least significant word of Ni */
271 int flags;
272 } BN_MONT_CTX;
273
274/* Used for reciprocal division/mod functions
275 * It cannot be shared between threads
276 */
277typedef struct bn_recp_ctx_st
278 {
279 BIGNUM N; /* the divisor */
280 BIGNUM Nr; /* the reciprocal */
281 int num_bits;
282 int shift;
283 int flags;
284 } BN_RECP_CTX;
285
286#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
287 r,a,&((mont)->RR),(mont),ctx)
288
289#define BN_prime_checks 0 /* default: select number of iterations
290 based on the size of the number */
291
292/* number of Miller-Rabin iterations for an error rate of less than 2^-80
293 * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
294 * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
295 * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
296 * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
297#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
298 (b) >= 850 ? 3 : \
299 (b) >= 650 ? 4 : \
300 (b) >= 550 ? 5 : \
301 (b) >= 450 ? 6 : \
302 (b) >= 400 ? 7 : \
303 (b) >= 350 ? 8 : \
304 (b) >= 300 ? 9 : \
305 (b) >= 250 ? 12 : \
306 (b) >= 200 ? 15 : \
307 (b) >= 150 ? 18 : \
308 /* b >= 100 */ 27)
309
310#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
311#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
312#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0))
313#define BN_is_one(a) (BN_is_word((a),1))
314#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
315#define BN_one(a) (BN_set_word((a),1))
316#define BN_zero(a) (BN_set_word((a),0))
317
318/*#define BN_ascii2bn(a) BN_hex2bn(a) */
319/*#define BN_bn2ascii(a) BN_bn2hex(a) */
320
321BIGNUM *BN_value_one(void);
322char * BN_options(void);
323BN_CTX *BN_CTX_new(void);
324void BN_CTX_init(BN_CTX *c);
325void BN_CTX_free(BN_CTX *c);
326void BN_CTX_start(BN_CTX *ctx);
327BIGNUM *BN_CTX_get(BN_CTX *ctx);
328void BN_CTX_end(BN_CTX *ctx);
329int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
330int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
331int BN_num_bits(const BIGNUM *a);
332int BN_num_bits_word(BN_ULONG);
333BIGNUM *BN_new(void);
334void BN_init(BIGNUM *);
335void BN_clear_free(BIGNUM *a);
336BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
337BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
338int BN_bn2bin(const BIGNUM *a, unsigned char *to);
339BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret);
340int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
341int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
342int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
343int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
344int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
345int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
346int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
347 BN_CTX *ctx);
348int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
349int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
350BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
351BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
352int BN_mul_word(BIGNUM *a, BN_ULONG w);
353int BN_add_word(BIGNUM *a, BN_ULONG w);
354int BN_sub_word(BIGNUM *a, BN_ULONG w);
355int BN_set_word(BIGNUM *a, BN_ULONG w);
356BN_ULONG BN_get_word(BIGNUM *a);
357int BN_cmp(const BIGNUM *a, const BIGNUM *b);
358void BN_free(BIGNUM *a);
359int BN_is_bit_set(const BIGNUM *a, int n);
360int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
361int BN_lshift1(BIGNUM *r, BIGNUM *a);
362int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx);
363int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
364 const BIGNUM *m,BN_CTX *ctx);
365int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
366 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
367int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2,
368 BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx);
369int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
370 BIGNUM *m,BN_CTX *ctx);
371int BN_mask_bits(BIGNUM *a,int n);
372int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
373#ifndef NO_FP_API
374int BN_print_fp(FILE *fp, const BIGNUM *a);
375#endif
376#ifdef HEADER_BIO_H
377int BN_print(BIO *fp, const BIGNUM *a);
378#else
379int BN_print(void *fp, const BIGNUM *a);
380#endif
381int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx);
382int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
383int BN_rshift1(BIGNUM *r, BIGNUM *a);
384void BN_clear(BIGNUM *a);
385BIGNUM *BN_dup(const BIGNUM *a);
386int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
387int BN_set_bit(BIGNUM *a, int n);
388int BN_clear_bit(BIGNUM *a, int n);
389char * BN_bn2hex(const BIGNUM *a);
390char * BN_bn2dec(const BIGNUM *a);
391int BN_hex2bn(BIGNUM **a, const char *str);
392int BN_dec2bn(BIGNUM **a, const char *str);
393int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
394BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
395BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add,
396 BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg);
397int BN_is_prime(const BIGNUM *p,int nchecks,
398 void (*callback)(int,int,void *),
399 BN_CTX *ctx,void *cb_arg);
400int BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
401 void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
402 int do_trial_division);
403void ERR_load_BN_strings(void );
404
405BN_MONT_CTX *BN_MONT_CTX_new(void );
406void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
407int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
408 BN_CTX *ctx);
409int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
410void BN_MONT_CTX_free(BN_MONT_CTX *mont);
411int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx);
412BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
413
414BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
415void BN_BLINDING_free(BN_BLINDING *b);
416int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
417int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
418int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
419
420void BN_set_params(int mul,int high,int low,int mont);
421int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
422
423void BN_RECP_CTX_init(BN_RECP_CTX *recp);
424BN_RECP_CTX *BN_RECP_CTX_new(void);
425void BN_RECP_CTX_free(BN_RECP_CTX *recp);
426int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
427int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y,
428 BN_RECP_CTX *recp,BN_CTX *ctx);
429int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
430 const BIGNUM *m, BN_CTX *ctx);
431int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m,
432 BN_RECP_CTX *recp, BN_CTX *ctx);
433
434/* library internal functions */
435
436#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->max)?\
437 (a):bn_expand2((a),(bits)/BN_BITS2+1))
438#define bn_wexpand(a,words) (((words) <= (a)->max)?(a):bn_expand2((a),(words)))
439BIGNUM *bn_expand2(BIGNUM *a, int words);
440
441#define bn_fix_top(a) \
442 { \
443 BN_ULONG *ftl; \
444 if ((a)->top > 0) \
445 { \
446 for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
447 if (*(ftl--)) break; \
448 } \
449 }
450
451BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
452BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
453void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
454BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
455BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
456BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
457
458#ifdef BN_DEBUG
459 void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n);
460# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
461 fprintf(stderr,"\n");}
462# define bn_dump(a,n) bn_dump1(stderr,#a,a,n);
463#else
464# define bn_print(a)
465# define bn_dump(a,b)
466#endif
467
468/* BEGIN ERROR CODES */
469/* The following lines are auto generated by the script mkerr.pl. Any changes
470 * made after this point may be overwritten when the script is next run.
471 */
472
473/* Error codes for the BN functions. */
474
475/* Function codes. */
476#define BN_F_BN_BLINDING_CONVERT 100
477#define BN_F_BN_BLINDING_INVERT 101
478#define BN_F_BN_BLINDING_NEW 102
479#define BN_F_BN_BLINDING_UPDATE 103
480#define BN_F_BN_BN2DEC 104
481#define BN_F_BN_BN2HEX 105
482#define BN_F_BN_CTX_GET 116
483#define BN_F_BN_CTX_NEW 106
484#define BN_F_BN_DIV 107
485#define BN_F_BN_EXPAND2 108
486#define BN_F_BN_MOD_EXP_MONT 109
487#define BN_F_BN_MOD_INVERSE 110
488#define BN_F_BN_MOD_MUL_RECIPROCAL 111
489#define BN_F_BN_MPI2BN 112
490#define BN_F_BN_NEW 113
491#define BN_F_BN_RAND 114
492#define BN_F_BN_USUB 115
493
494/* Reason codes. */
495#define BN_R_ARG2_LT_ARG3 100
496#define BN_R_BAD_RECIPROCAL 101
497#define BN_R_CALLED_WITH_EVEN_MODULUS 102
498#define BN_R_DIV_BY_ZERO 103
499#define BN_R_ENCODING_ERROR 104
500#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
501#define BN_R_INVALID_LENGTH 106
502#define BN_R_NOT_INITIALIZED 107
503#define BN_R_NO_INVERSE 108
504#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
505
506#ifdef __cplusplus
507}
508#endif
509#endif
510
diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c
deleted file mode 100644
index 5d24691233..0000000000
--- a/src/lib/libcrypto/bn/bn_add.c
+++ /dev/null
@@ -1,307 +0,0 @@
1/* crypto/bn/bn_add.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63/* r can == a or b */
64int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
65 {
66 const BIGNUM *tmp;
67
68 bn_check_top(a);
69 bn_check_top(b);
70
71 /* a + b a+b
72 * a + -b a-b
73 * -a + b b-a
74 * -a + -b -(a+b)
75 */
76 if (a->neg ^ b->neg)
77 {
78 /* only one is negative */
79 if (a->neg)
80 { tmp=a; a=b; b=tmp; }
81
82 /* we are now a - b */
83
84 if (BN_ucmp(a,b) < 0)
85 {
86 if (!BN_usub(r,b,a)) return(0);
87 r->neg=1;
88 }
89 else
90 {
91 if (!BN_usub(r,a,b)) return(0);
92 r->neg=0;
93 }
94 return(1);
95 }
96
97 if (a->neg) /* both are neg */
98 r->neg=1;
99 else
100 r->neg=0;
101
102 if (!BN_uadd(r,a,b)) return(0);
103 return(1);
104 }
105
106/* unsigned add of b to a, r must be large enough */
107int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
108 {
109 register int i;
110 int max,min;
111 BN_ULONG *ap,*bp,*rp,carry,t1;
112 const BIGNUM *tmp;
113
114 bn_check_top(a);
115 bn_check_top(b);
116
117 if (a->top < b->top)
118 { tmp=a; a=b; b=tmp; }
119 max=a->top;
120 min=b->top;
121
122 if (bn_wexpand(r,max+1) == NULL)
123 return(0);
124
125 r->top=max;
126
127
128 ap=a->d;
129 bp=b->d;
130 rp=r->d;
131 carry=0;
132
133 carry=bn_add_words(rp,ap,bp,min);
134 rp+=min;
135 ap+=min;
136 bp+=min;
137 i=min;
138
139 if (carry)
140 {
141 while (i < max)
142 {
143 i++;
144 t1= *(ap++);
145 if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
146 {
147 carry=0;
148 break;
149 }
150 }
151 if ((i >= max) && carry)
152 {
153 *(rp++)=1;
154 r->top++;
155 }
156 }
157 if (rp != ap)
158 {
159 for (; i<max; i++)
160 *(rp++)= *(ap++);
161 }
162 /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
163 return(1);
164 }
165
166/* unsigned subtraction of b from a, a must be larger than b. */
167int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
168 {
169 int max,min;
170 register BN_ULONG t1,t2,*ap,*bp,*rp;
171 int i,carry;
172#if defined(IRIX_CC_BUG) && !defined(LINT)
173 int dummy;
174#endif
175
176 bn_check_top(a);
177 bn_check_top(b);
178
179 if (a->top < b->top) /* hmm... should not be happening */
180 {
181 BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3);
182 return(0);
183 }
184
185 max=a->top;
186 min=b->top;
187 if (bn_wexpand(r,max) == NULL) return(0);
188
189 ap=a->d;
190 bp=b->d;
191 rp=r->d;
192
193#if 1
194 carry=0;
195 for (i=0; i<min; i++)
196 {
197 t1= *(ap++);
198 t2= *(bp++);
199 if (carry)
200 {
201 carry=(t1 <= t2);
202 t1=(t1-t2-1)&BN_MASK2;
203 }
204 else
205 {
206 carry=(t1 < t2);
207 t1=(t1-t2)&BN_MASK2;
208 }
209#if defined(IRIX_CC_BUG) && !defined(LINT)
210 dummy=t1;
211#endif
212 *(rp++)=t1&BN_MASK2;
213 }
214#else
215 carry=bn_sub_words(rp,ap,bp,min);
216 ap+=min;
217 bp+=min;
218 rp+=min;
219 i=min;
220#endif
221 if (carry) /* subtracted */
222 {
223 while (i < max)
224 {
225 i++;
226 t1= *(ap++);
227 t2=(t1-1)&BN_MASK2;
228 *(rp++)=t2;
229 if (t1 > t2) break;
230 }
231 }
232#if 0
233 memcpy(rp,ap,sizeof(*rp)*(max-i));
234#else
235 if (rp != ap)
236 {
237 for (;;)
238 {
239 if (i++ >= max) break;
240 rp[0]=ap[0];
241 if (i++ >= max) break;
242 rp[1]=ap[1];
243 if (i++ >= max) break;
244 rp[2]=ap[2];
245 if (i++ >= max) break;
246 rp[3]=ap[3];
247 rp+=4;
248 ap+=4;
249 }
250 }
251#endif
252
253 r->top=max;
254 bn_fix_top(r);
255 return(1);
256 }
257
258int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
259 {
260 int max;
261 int add=0,neg=0;
262 const BIGNUM *tmp;
263
264 bn_check_top(a);
265 bn_check_top(b);
266
267 /* a - b a-b
268 * a - -b a+b
269 * -a - b -(a+b)
270 * -a - -b b-a
271 */
272 if (a->neg)
273 {
274 if (b->neg)
275 { tmp=a; a=b; b=tmp; }
276 else
277 { add=1; neg=1; }
278 }
279 else
280 {
281 if (b->neg) { add=1; neg=0; }
282 }
283
284 if (add)
285 {
286 if (!BN_uadd(r,a,b)) return(0);
287 r->neg=neg;
288 return(1);
289 }
290
291 /* We are actually doing a - b :-) */
292
293 max=(a->top > b->top)?a->top:b->top;
294 if (bn_wexpand(r,max) == NULL) return(0);
295 if (BN_ucmp(a,b) < 0)
296 {
297 if (!BN_usub(r,b,a)) return(0);
298 r->neg=1;
299 }
300 else
301 {
302 if (!BN_usub(r,a,b)) return(0);
303 r->neg=0;
304 }
305 return(1);
306 }
307
diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c
deleted file mode 100644
index 3329cc18e6..0000000000
--- a/src/lib/libcrypto/bn/bn_asm.c
+++ /dev/null
@@ -1,837 +0,0 @@
1/* crypto/bn/bn_asm.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef BN_DEBUG
60# undef NDEBUG /* avoid conflicting definitions */
61# define NDEBUG
62#endif
63
64#include <stdio.h>
65#include <assert.h>
66#include "cryptlib.h"
67#include "bn_lcl.h"
68
69#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
70
71BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
72 {
73 BN_ULONG c1=0;
74
75 assert(num >= 0);
76 if (num <= 0) return(c1);
77
78 while (num&~3)
79 {
80 mul_add(rp[0],ap[0],w,c1);
81 mul_add(rp[1],ap[1],w,c1);
82 mul_add(rp[2],ap[2],w,c1);
83 mul_add(rp[3],ap[3],w,c1);
84 ap+=4; rp+=4; num-=4;
85 }
86 if (num)
87 {
88 mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
89 mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
90 mul_add(rp[2],ap[2],w,c1); return c1;
91 }
92
93 return(c1);
94 }
95
96BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
97 {
98 BN_ULONG c1=0;
99
100 assert(num >= 0);
101 if (num <= 0) return(c1);
102
103 while (num&~3)
104 {
105 mul(rp[0],ap[0],w,c1);
106 mul(rp[1],ap[1],w,c1);
107 mul(rp[2],ap[2],w,c1);
108 mul(rp[3],ap[3],w,c1);
109 ap+=4; rp+=4; num-=4;
110 }
111 if (num)
112 {
113 mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
114 mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
115 mul(rp[2],ap[2],w,c1);
116 }
117 return(c1);
118 }
119
120void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
121 {
122 assert(n >= 0);
123 if (n <= 0) return;
124 while (n&~3)
125 {
126 sqr(r[0],r[1],a[0]);
127 sqr(r[2],r[3],a[1]);
128 sqr(r[4],r[5],a[2]);
129 sqr(r[6],r[7],a[3]);
130 a+=4; r+=8; n-=4;
131 }
132 if (n)
133 {
134 sqr(r[0],r[1],a[0]); if (--n == 0) return;
135 sqr(r[2],r[3],a[1]); if (--n == 0) return;
136 sqr(r[4],r[5],a[2]);
137 }
138 }
139
140#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
141
142BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
143 {
144 BN_ULONG c=0;
145 BN_ULONG bl,bh;
146
147 assert(num >= 0);
148 if (num <= 0) return((BN_ULONG)0);
149
150 bl=LBITS(w);
151 bh=HBITS(w);
152
153 for (;;)
154 {
155 mul_add(rp[0],ap[0],bl,bh,c);
156 if (--num == 0) break;
157 mul_add(rp[1],ap[1],bl,bh,c);
158 if (--num == 0) break;
159 mul_add(rp[2],ap[2],bl,bh,c);
160 if (--num == 0) break;
161 mul_add(rp[3],ap[3],bl,bh,c);
162 if (--num == 0) break;
163 ap+=4;
164 rp+=4;
165 }
166 return(c);
167 }
168
169BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
170 {
171 BN_ULONG carry=0;
172 BN_ULONG bl,bh;
173
174 assert(num >= 0);
175 if (num <= 0) return((BN_ULONG)0);
176
177 bl=LBITS(w);
178 bh=HBITS(w);
179
180 for (;;)
181 {
182 mul(rp[0],ap[0],bl,bh,carry);
183 if (--num == 0) break;
184 mul(rp[1],ap[1],bl,bh,carry);
185 if (--num == 0) break;
186 mul(rp[2],ap[2],bl,bh,carry);
187 if (--num == 0) break;
188 mul(rp[3],ap[3],bl,bh,carry);
189 if (--num == 0) break;
190 ap+=4;
191 rp+=4;
192 }
193 return(carry);
194 }
195
196void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
197 {
198 assert(n >= 0);
199 if (n <= 0) return;
200 for (;;)
201 {
202 sqr64(r[0],r[1],a[0]);
203 if (--n == 0) break;
204
205 sqr64(r[2],r[3],a[1]);
206 if (--n == 0) break;
207
208 sqr64(r[4],r[5],a[2]);
209 if (--n == 0) break;
210
211 sqr64(r[6],r[7],a[3]);
212 if (--n == 0) break;
213
214 a+=4;
215 r+=8;
216 }
217 }
218
219#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
220
221#if defined(BN_LLONG) && defined(BN_DIV2W)
222
223BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
224 {
225 return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
226 }
227
228#else
229
230/* Divide h-l by d and return the result. */
231/* I need to test this some more :-( */
232BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
233 {
234 BN_ULONG dh,dl,q,ret=0,th,tl,t;
235 int i,count=2;
236
237 if (d == 0) return(BN_MASK2);
238
239 i=BN_num_bits_word(d);
240 if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
241 {
242#if !defined(NO_STDIO) && !defined(WIN16)
243 fprintf(stderr,"Division would overflow (%d)\n",i);
244#endif
245 abort();
246 }
247 i=BN_BITS2-i;
248 if (h >= d) h-=d;
249
250 if (i)
251 {
252 d<<=i;
253 h=(h<<i)|(l>>(BN_BITS2-i));
254 l<<=i;
255 }
256 dh=(d&BN_MASK2h)>>BN_BITS4;
257 dl=(d&BN_MASK2l);
258 for (;;)
259 {
260 if ((h>>BN_BITS4) == dh)
261 q=BN_MASK2l;
262 else
263 q=h/dh;
264
265 th=q*dh;
266 tl=dl*q;
267 for (;;)
268 {
269 t=h-th;
270 if ((t&BN_MASK2h) ||
271 ((tl) <= (
272 (t<<BN_BITS4)|
273 ((l&BN_MASK2h)>>BN_BITS4))))
274 break;
275 q--;
276 th-=dh;
277 tl-=dl;
278 }
279 t=(tl>>BN_BITS4);
280 tl=(tl<<BN_BITS4)&BN_MASK2h;
281 th+=t;
282
283 if (l < tl) th++;
284 l-=tl;
285 if (h < th)
286 {
287 h+=d;
288 q--;
289 }
290 h-=th;
291
292 if (--count == 0) break;
293
294 ret=q<<BN_BITS4;
295 h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
296 l=(l&BN_MASK2l)<<BN_BITS4;
297 }
298 ret|=q;
299 return(ret);
300 }
301#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
302
303#ifdef BN_LLONG
304BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
305 {
306 BN_ULLONG ll=0;
307
308 assert(n >= 0);
309 if (n <= 0) return((BN_ULONG)0);
310
311 for (;;)
312 {
313 ll+=(BN_ULLONG)a[0]+b[0];
314 r[0]=(BN_ULONG)ll&BN_MASK2;
315 ll>>=BN_BITS2;
316 if (--n <= 0) break;
317
318 ll+=(BN_ULLONG)a[1]+b[1];
319 r[1]=(BN_ULONG)ll&BN_MASK2;
320 ll>>=BN_BITS2;
321 if (--n <= 0) break;
322
323 ll+=(BN_ULLONG)a[2]+b[2];
324 r[2]=(BN_ULONG)ll&BN_MASK2;
325 ll>>=BN_BITS2;
326 if (--n <= 0) break;
327
328 ll+=(BN_ULLONG)a[3]+b[3];
329 r[3]=(BN_ULONG)ll&BN_MASK2;
330 ll>>=BN_BITS2;
331 if (--n <= 0) break;
332
333 a+=4;
334 b+=4;
335 r+=4;
336 }
337 return((BN_ULONG)ll);
338 }
339#else /* !BN_LLONG */
340BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
341 {
342 BN_ULONG c,l,t;
343
344 assert(n >= 0);
345 if (n <= 0) return((BN_ULONG)0);
346
347 c=0;
348 for (;;)
349 {
350 t=a[0];
351 t=(t+c)&BN_MASK2;
352 c=(t < c);
353 l=(t+b[0])&BN_MASK2;
354 c+=(l < t);
355 r[0]=l;
356 if (--n <= 0) break;
357
358 t=a[1];
359 t=(t+c)&BN_MASK2;
360 c=(t < c);
361 l=(t+b[1])&BN_MASK2;
362 c+=(l < t);
363 r[1]=l;
364 if (--n <= 0) break;
365
366 t=a[2];
367 t=(t+c)&BN_MASK2;
368 c=(t < c);
369 l=(t+b[2])&BN_MASK2;
370 c+=(l < t);
371 r[2]=l;
372 if (--n <= 0) break;
373
374 t=a[3];
375 t=(t+c)&BN_MASK2;
376 c=(t < c);
377 l=(t+b[3])&BN_MASK2;
378 c+=(l < t);
379 r[3]=l;
380 if (--n <= 0) break;
381
382 a+=4;
383 b+=4;
384 r+=4;
385 }
386 return((BN_ULONG)c);
387 }
388#endif /* !BN_LLONG */
389
390BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
391 {
392 BN_ULONG t1,t2;
393 int c=0;
394
395 assert(n >= 0);
396 if (n <= 0) return((BN_ULONG)0);
397
398 for (;;)
399 {
400 t1=a[0]; t2=b[0];
401 r[0]=(t1-t2-c)&BN_MASK2;
402 if (t1 != t2) c=(t1 < t2);
403 if (--n <= 0) break;
404
405 t1=a[1]; t2=b[1];
406 r[1]=(t1-t2-c)&BN_MASK2;
407 if (t1 != t2) c=(t1 < t2);
408 if (--n <= 0) break;
409
410 t1=a[2]; t2=b[2];
411 r[2]=(t1-t2-c)&BN_MASK2;
412 if (t1 != t2) c=(t1 < t2);
413 if (--n <= 0) break;
414
415 t1=a[3]; t2=b[3];
416 r[3]=(t1-t2-c)&BN_MASK2;
417 if (t1 != t2) c=(t1 < t2);
418 if (--n <= 0) break;
419
420 a+=4;
421 b+=4;
422 r+=4;
423 }
424 return(c);
425 }
426
427#ifdef BN_MUL_COMBA
428
429#undef bn_mul_comba8
430#undef bn_mul_comba4
431#undef bn_sqr_comba8
432#undef bn_sqr_comba4
433
434/* mul_add_c(a,b,c0,c1,c2) -- c+=a*b for three word number c=(c2,c1,c0) */
435/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
436/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
437/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
438
439#ifdef BN_LLONG
440#define mul_add_c(a,b,c0,c1,c2) \
441 t=(BN_ULLONG)a*b; \
442 t1=(BN_ULONG)Lw(t); \
443 t2=(BN_ULONG)Hw(t); \
444 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
445 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
446
447#define mul_add_c2(a,b,c0,c1,c2) \
448 t=(BN_ULLONG)a*b; \
449 tt=(t+t)&BN_MASK; \
450 if (tt < t) c2++; \
451 t1=(BN_ULONG)Lw(tt); \
452 t2=(BN_ULONG)Hw(tt); \
453 c0=(c0+t1)&BN_MASK2; \
454 if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
455 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
456
457#define sqr_add_c(a,i,c0,c1,c2) \
458 t=(BN_ULLONG)a[i]*a[i]; \
459 t1=(BN_ULONG)Lw(t); \
460 t2=(BN_ULONG)Hw(t); \
461 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
462 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
463
464#define sqr_add_c2(a,i,j,c0,c1,c2) \
465 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
466
467#elif defined(BN_UMULT_HIGH)
468
469#define mul_add_c(a,b,c0,c1,c2) { \
470 BN_ULONG ta=(a),tb=(b); \
471 t1 = ta * tb; \
472 t2 = BN_UMULT_HIGH(ta,tb); \
473 c0 += t1; t2 += (c0<t1)?1:0; \
474 c1 += t2; c2 += (c1<t2)?1:0; \
475 }
476
477#define mul_add_c2(a,b,c0,c1,c2) { \
478 BN_ULONG ta=(a),tb=(b),t0; \
479 t1 = BN_UMULT_HIGH(ta,tb); \
480 t0 = ta * tb; \
481 t2 = t1+t1; c2 += (t2<t1)?1:0; \
482 t1 = t0+t0; t2 += (t1<t0)?1:0; \
483 c0 += t1; t2 += (c0<t1)?1:0; \
484 c1 += t2; c2 += (c1<t2)?1:0; \
485 }
486
487#define sqr_add_c(a,i,c0,c1,c2) { \
488 BN_ULONG ta=(a)[i]; \
489 t1 = ta * ta; \
490 t2 = BN_UMULT_HIGH(ta,ta); \
491 c0 += t1; t2 += (c0<t1)?1:0; \
492 c1 += t2; c2 += (c1<t2)?1:0; \
493 }
494
495#define sqr_add_c2(a,i,j,c0,c1,c2) \
496 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
497
498#else /* !BN_LLONG */
499#define mul_add_c(a,b,c0,c1,c2) \
500 t1=LBITS(a); t2=HBITS(a); \
501 bl=LBITS(b); bh=HBITS(b); \
502 mul64(t1,t2,bl,bh); \
503 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
504 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
505
506#define mul_add_c2(a,b,c0,c1,c2) \
507 t1=LBITS(a); t2=HBITS(a); \
508 bl=LBITS(b); bh=HBITS(b); \
509 mul64(t1,t2,bl,bh); \
510 if (t2 & BN_TBIT) c2++; \
511 t2=(t2+t2)&BN_MASK2; \
512 if (t1 & BN_TBIT) t2++; \
513 t1=(t1+t1)&BN_MASK2; \
514 c0=(c0+t1)&BN_MASK2; \
515 if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
516 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
517
518#define sqr_add_c(a,i,c0,c1,c2) \
519 sqr64(t1,t2,(a)[i]); \
520 c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
521 c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
522
523#define sqr_add_c2(a,i,j,c0,c1,c2) \
524 mul_add_c2((a)[i],(a)[j],c0,c1,c2)
525#endif /* !BN_LLONG */
526
527void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
528 {
529#ifdef BN_LLONG
530 BN_ULLONG t;
531#else
532 BN_ULONG bl,bh;
533#endif
534 BN_ULONG t1,t2;
535 BN_ULONG c1,c2,c3;
536
537 c1=0;
538 c2=0;
539 c3=0;
540 mul_add_c(a[0],b[0],c1,c2,c3);
541 r[0]=c1;
542 c1=0;
543 mul_add_c(a[0],b[1],c2,c3,c1);
544 mul_add_c(a[1],b[0],c2,c3,c1);
545 r[1]=c2;
546 c2=0;
547 mul_add_c(a[2],b[0],c3,c1,c2);
548 mul_add_c(a[1],b[1],c3,c1,c2);
549 mul_add_c(a[0],b[2],c3,c1,c2);
550 r[2]=c3;
551 c3=0;
552 mul_add_c(a[0],b[3],c1,c2,c3);
553 mul_add_c(a[1],b[2],c1,c2,c3);
554 mul_add_c(a[2],b[1],c1,c2,c3);
555 mul_add_c(a[3],b[0],c1,c2,c3);
556 r[3]=c1;
557 c1=0;
558 mul_add_c(a[4],b[0],c2,c3,c1);
559 mul_add_c(a[3],b[1],c2,c3,c1);
560 mul_add_c(a[2],b[2],c2,c3,c1);
561 mul_add_c(a[1],b[3],c2,c3,c1);
562 mul_add_c(a[0],b[4],c2,c3,c1);
563 r[4]=c2;
564 c2=0;
565 mul_add_c(a[0],b[5],c3,c1,c2);
566 mul_add_c(a[1],b[4],c3,c1,c2);
567 mul_add_c(a[2],b[3],c3,c1,c2);
568 mul_add_c(a[3],b[2],c3,c1,c2);
569 mul_add_c(a[4],b[1],c3,c1,c2);
570 mul_add_c(a[5],b[0],c3,c1,c2);
571 r[5]=c3;
572 c3=0;
573 mul_add_c(a[6],b[0],c1,c2,c3);
574 mul_add_c(a[5],b[1],c1,c2,c3);
575 mul_add_c(a[4],b[2],c1,c2,c3);
576 mul_add_c(a[3],b[3],c1,c2,c3);
577 mul_add_c(a[2],b[4],c1,c2,c3);
578 mul_add_c(a[1],b[5],c1,c2,c3);
579 mul_add_c(a[0],b[6],c1,c2,c3);
580 r[6]=c1;
581 c1=0;
582 mul_add_c(a[0],b[7],c2,c3,c1);
583 mul_add_c(a[1],b[6],c2,c3,c1);
584 mul_add_c(a[2],b[5],c2,c3,c1);
585 mul_add_c(a[3],b[4],c2,c3,c1);
586 mul_add_c(a[4],b[3],c2,c3,c1);
587 mul_add_c(a[5],b[2],c2,c3,c1);
588 mul_add_c(a[6],b[1],c2,c3,c1);
589 mul_add_c(a[7],b[0],c2,c3,c1);
590 r[7]=c2;
591 c2=0;
592 mul_add_c(a[7],b[1],c3,c1,c2);
593 mul_add_c(a[6],b[2],c3,c1,c2);
594 mul_add_c(a[5],b[3],c3,c1,c2);
595 mul_add_c(a[4],b[4],c3,c1,c2);
596 mul_add_c(a[3],b[5],c3,c1,c2);
597 mul_add_c(a[2],b[6],c3,c1,c2);
598 mul_add_c(a[1],b[7],c3,c1,c2);
599 r[8]=c3;
600 c3=0;
601 mul_add_c(a[2],b[7],c1,c2,c3);
602 mul_add_c(a[3],b[6],c1,c2,c3);
603 mul_add_c(a[4],b[5],c1,c2,c3);
604 mul_add_c(a[5],b[4],c1,c2,c3);
605 mul_add_c(a[6],b[3],c1,c2,c3);
606 mul_add_c(a[7],b[2],c1,c2,c3);
607 r[9]=c1;
608 c1=0;
609 mul_add_c(a[7],b[3],c2,c3,c1);
610 mul_add_c(a[6],b[4],c2,c3,c1);
611 mul_add_c(a[5],b[5],c2,c3,c1);
612 mul_add_c(a[4],b[6],c2,c3,c1);
613 mul_add_c(a[3],b[7],c2,c3,c1);
614 r[10]=c2;
615 c2=0;
616 mul_add_c(a[4],b[7],c3,c1,c2);
617 mul_add_c(a[5],b[6],c3,c1,c2);
618 mul_add_c(a[6],b[5],c3,c1,c2);
619 mul_add_c(a[7],b[4],c3,c1,c2);
620 r[11]=c3;
621 c3=0;
622 mul_add_c(a[7],b[5],c1,c2,c3);
623 mul_add_c(a[6],b[6],c1,c2,c3);
624 mul_add_c(a[5],b[7],c1,c2,c3);
625 r[12]=c1;
626 c1=0;
627 mul_add_c(a[6],b[7],c2,c3,c1);
628 mul_add_c(a[7],b[6],c2,c3,c1);
629 r[13]=c2;
630 c2=0;
631 mul_add_c(a[7],b[7],c3,c1,c2);
632 r[14]=c3;
633 r[15]=c1;
634 }
635
636void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
637 {
638#ifdef BN_LLONG
639 BN_ULLONG t;
640#else
641 BN_ULONG bl,bh;
642#endif
643 BN_ULONG t1,t2;
644 BN_ULONG c1,c2,c3;
645
646 c1=0;
647 c2=0;
648 c3=0;
649 mul_add_c(a[0],b[0],c1,c2,c3);
650 r[0]=c1;
651 c1=0;
652 mul_add_c(a[0],b[1],c2,c3,c1);
653 mul_add_c(a[1],b[0],c2,c3,c1);
654 r[1]=c2;
655 c2=0;
656 mul_add_c(a[2],b[0],c3,c1,c2);
657 mul_add_c(a[1],b[1],c3,c1,c2);
658 mul_add_c(a[0],b[2],c3,c1,c2);
659 r[2]=c3;
660 c3=0;
661 mul_add_c(a[0],b[3],c1,c2,c3);
662 mul_add_c(a[1],b[2],c1,c2,c3);
663 mul_add_c(a[2],b[1],c1,c2,c3);
664 mul_add_c(a[3],b[0],c1,c2,c3);
665 r[3]=c1;
666 c1=0;
667 mul_add_c(a[3],b[1],c2,c3,c1);
668 mul_add_c(a[2],b[2],c2,c3,c1);
669 mul_add_c(a[1],b[3],c2,c3,c1);
670 r[4]=c2;
671 c2=0;
672 mul_add_c(a[2],b[3],c3,c1,c2);
673 mul_add_c(a[3],b[2],c3,c1,c2);
674 r[5]=c3;
675 c3=0;
676 mul_add_c(a[3],b[3],c1,c2,c3);
677 r[6]=c1;
678 r[7]=c2;
679 }
680
681void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
682 {
683#ifdef BN_LLONG
684 BN_ULLONG t,tt;
685#else
686 BN_ULONG bl,bh;
687#endif
688 BN_ULONG t1,t2;
689 BN_ULONG c1,c2,c3;
690
691 c1=0;
692 c2=0;
693 c3=0;
694 sqr_add_c(a,0,c1,c2,c3);
695 r[0]=c1;
696 c1=0;
697 sqr_add_c2(a,1,0,c2,c3,c1);
698 r[1]=c2;
699 c2=0;
700 sqr_add_c(a,1,c3,c1,c2);
701 sqr_add_c2(a,2,0,c3,c1,c2);
702 r[2]=c3;
703 c3=0;
704 sqr_add_c2(a,3,0,c1,c2,c3);
705 sqr_add_c2(a,2,1,c1,c2,c3);
706 r[3]=c1;
707 c1=0;
708 sqr_add_c(a,2,c2,c3,c1);
709 sqr_add_c2(a,3,1,c2,c3,c1);
710 sqr_add_c2(a,4,0,c2,c3,c1);
711 r[4]=c2;
712 c2=0;
713 sqr_add_c2(a,5,0,c3,c1,c2);
714 sqr_add_c2(a,4,1,c3,c1,c2);
715 sqr_add_c2(a,3,2,c3,c1,c2);
716 r[5]=c3;
717 c3=0;
718 sqr_add_c(a,3,c1,c2,c3);
719 sqr_add_c2(a,4,2,c1,c2,c3);
720 sqr_add_c2(a,5,1,c1,c2,c3);
721 sqr_add_c2(a,6,0,c1,c2,c3);
722 r[6]=c1;
723 c1=0;
724 sqr_add_c2(a,7,0,c2,c3,c1);
725 sqr_add_c2(a,6,1,c2,c3,c1);
726 sqr_add_c2(a,5,2,c2,c3,c1);
727 sqr_add_c2(a,4,3,c2,c3,c1);
728 r[7]=c2;
729 c2=0;
730 sqr_add_c(a,4,c3,c1,c2);
731 sqr_add_c2(a,5,3,c3,c1,c2);
732 sqr_add_c2(a,6,2,c3,c1,c2);
733 sqr_add_c2(a,7,1,c3,c1,c2);
734 r[8]=c3;
735 c3=0;
736 sqr_add_c2(a,7,2,c1,c2,c3);
737 sqr_add_c2(a,6,3,c1,c2,c3);
738 sqr_add_c2(a,5,4,c1,c2,c3);
739 r[9]=c1;
740 c1=0;
741 sqr_add_c(a,5,c2,c3,c1);
742 sqr_add_c2(a,6,4,c2,c3,c1);
743 sqr_add_c2(a,7,3,c2,c3,c1);
744 r[10]=c2;
745 c2=0;
746 sqr_add_c2(a,7,4,c3,c1,c2);
747 sqr_add_c2(a,6,5,c3,c1,c2);
748 r[11]=c3;
749 c3=0;
750 sqr_add_c(a,6,c1,c2,c3);
751 sqr_add_c2(a,7,5,c1,c2,c3);
752 r[12]=c1;
753 c1=0;
754 sqr_add_c2(a,7,6,c2,c3,c1);
755 r[13]=c2;
756 c2=0;
757 sqr_add_c(a,7,c3,c1,c2);
758 r[14]=c3;
759 r[15]=c1;
760 }
761
762void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
763 {
764#ifdef BN_LLONG
765 BN_ULLONG t,tt;
766#else
767 BN_ULONG bl,bh;
768#endif
769 BN_ULONG t1,t2;
770 BN_ULONG c1,c2,c3;
771
772 c1=0;
773 c2=0;
774 c3=0;
775 sqr_add_c(a,0,c1,c2,c3);
776 r[0]=c1;
777 c1=0;
778 sqr_add_c2(a,1,0,c2,c3,c1);
779 r[1]=c2;
780 c2=0;
781 sqr_add_c(a,1,c3,c1,c2);
782 sqr_add_c2(a,2,0,c3,c1,c2);
783 r[2]=c3;
784 c3=0;
785 sqr_add_c2(a,3,0,c1,c2,c3);
786 sqr_add_c2(a,2,1,c1,c2,c3);
787 r[3]=c1;
788 c1=0;
789 sqr_add_c(a,2,c2,c3,c1);
790 sqr_add_c2(a,3,1,c2,c3,c1);
791 r[4]=c2;
792 c2=0;
793 sqr_add_c2(a,3,2,c3,c1,c2);
794 r[5]=c3;
795 c3=0;
796 sqr_add_c(a,3,c1,c2,c3);
797 r[6]=c1;
798 r[7]=c2;
799 }
800#else /* !BN_MUL_COMBA */
801
802/* hmm... is it faster just to do a multiply? */
803#undef bn_sqr_comba4
804void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
805 {
806 BN_ULONG t[8];
807 bn_sqr_normal(r,a,4,t);
808 }
809
810#undef bn_sqr_comba8
811void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
812 {
813 BN_ULONG t[16];
814 bn_sqr_normal(r,a,8,t);
815 }
816
817void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
818 {
819 r[4]=bn_mul_words( &(r[0]),a,4,b[0]);
820 r[5]=bn_mul_add_words(&(r[1]),a,4,b[1]);
821 r[6]=bn_mul_add_words(&(r[2]),a,4,b[2]);
822 r[7]=bn_mul_add_words(&(r[3]),a,4,b[3]);
823 }
824
825void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
826 {
827 r[ 8]=bn_mul_words( &(r[0]),a,8,b[0]);
828 r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
829 r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
830 r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
831 r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
832 r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
833 r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
834 r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
835 }
836
837#endif /* !BN_MUL_COMBA */
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
deleted file mode 100644
index 1b1bb06046..0000000000
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/bn/bn_blind.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
64 {
65 BN_BLINDING *ret=NULL;
66
67 bn_check_top(Ai);
68 bn_check_top(mod);
69
70 if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL)
71 {
72 BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
73 return(NULL);
74 }
75 memset(ret,0,sizeof(BN_BLINDING));
76 if ((ret->A=BN_new()) == NULL) goto err;
77 if ((ret->Ai=BN_new()) == NULL) goto err;
78 if (!BN_copy(ret->A,A)) goto err;
79 if (!BN_copy(ret->Ai,Ai)) goto err;
80 ret->mod=mod;
81 return(ret);
82err:
83 if (ret != NULL) BN_BLINDING_free(ret);
84 return(NULL);
85 }
86
87void BN_BLINDING_free(BN_BLINDING *r)
88 {
89 if(r == NULL)
90 return;
91
92 if (r->A != NULL) BN_free(r->A );
93 if (r->Ai != NULL) BN_free(r->Ai);
94 Free(r);
95 }
96
97int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
98 {
99 int ret=0;
100
101 if ((b->A == NULL) || (b->Ai == NULL))
102 {
103 BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
104 goto err;
105 }
106
107 if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
108 if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
109
110 ret=1;
111err:
112 return(ret);
113 }
114
115int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
116 {
117 bn_check_top(n);
118
119 if ((b->A == NULL) || (b->Ai == NULL))
120 {
121 BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
122 return(0);
123 }
124 return(BN_mod_mul(n,n,b->A,b->mod,ctx));
125 }
126
127int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
128 {
129 int ret;
130
131 bn_check_top(n);
132 if ((b->A == NULL) || (b->Ai == NULL))
133 {
134 BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
135 return(0);
136 }
137 if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
138 {
139 if (!BN_BLINDING_update(b,ctx))
140 return(0);
141 }
142 return(ret);
143 }
144
diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c
deleted file mode 100644
index 46132fd180..0000000000
--- a/src/lib/libcrypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,144 +0,0 @@
1/* crypto/bn/bn_ctx.c */
2/* Written by Ulf Moeller for the OpenSSL project. */
3/* ====================================================================
4 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This product includes cryptographic software written by Eric Young
52 * (eay@cryptsoft.com). This product includes software written by Tim
53 * Hudson (tjh@cryptsoft.com).
54 *
55 */
56
57#ifndef BN_CTX_DEBUG
58# undef NDEBUG /* avoid conflicting definitions */
59# define NDEBUG
60#endif
61
62#include <stdio.h>
63#include <assert.h>
64#include "cryptlib.h"
65#include <openssl/bn.h>
66
67
68BN_CTX *BN_CTX_new(void)
69 {
70 BN_CTX *ret;
71
72 ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
73 if (ret == NULL)
74 {
75 BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
76 return(NULL);
77 }
78
79 BN_CTX_init(ret);
80 ret->flags=BN_FLG_MALLOCED;
81 return(ret);
82 }
83
84void BN_CTX_init(BN_CTX *ctx)
85 {
86 int i;
87 ctx->tos = 0;
88 ctx->flags = 0;
89 ctx->depth = 0;
90 ctx->too_many = 0;
91 for (i = 0; i < BN_CTX_NUM; i++)
92 BN_init(&(ctx->bn[i]));
93 }
94
95void BN_CTX_free(BN_CTX *ctx)
96 {
97 int i;
98
99 if (ctx == NULL) return;
100 assert(ctx->depth == 0);
101
102 for (i=0; i < BN_CTX_NUM; i++)
103 BN_clear_free(&(ctx->bn[i]));
104 if (ctx->flags & BN_FLG_MALLOCED)
105 Free(ctx);
106 }
107
108void BN_CTX_start(BN_CTX *ctx)
109 {
110 if (ctx->depth < BN_CTX_NUM_POS)
111 ctx->pos[ctx->depth] = ctx->tos;
112 ctx->depth++;
113 }
114
115BIGNUM *BN_CTX_get(BN_CTX *ctx)
116 {
117 if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
118 {
119 if (!ctx->too_many)
120 {
121 BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
122 /* disable error code until BN_CTX_end is called: */
123 ctx->too_many = 1;
124 }
125 return NULL;
126 }
127 return (&(ctx->bn[ctx->tos++]));
128 }
129
130void BN_CTX_end(BN_CTX *ctx)
131 {
132 if (ctx == NULL) return;
133 assert(ctx->depth > 0);
134 if (ctx->depth == 0)
135 /* should never happen, but we can tolerate it if not in
136 * debug mode (could be a 'goto err' in the calling function
137 * before BN_CTX_start was reached) */
138 BN_CTX_start(ctx);
139
140 ctx->too_many = 0;
141 ctx->depth--;
142 if (ctx->depth < BN_CTX_NUM_POS)
143 ctx->tos = ctx->pos[ctx->depth];
144 }
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
deleted file mode 100644
index 07af1d3b44..0000000000
--- a/src/lib/libcrypto/bn/bn_div.c
+++ /dev/null
@@ -1,380 +0,0 @@
1/* crypto/bn/bn_div.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include "cryptlib.h"
62#include "bn_lcl.h"
63
64/* The old slow way */
65#if 0
66int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
67 BN_CTX *ctx)
68 {
69 int i,nm,nd;
70 int ret = 0;
71 BIGNUM *D;
72
73 bn_check_top(m);
74 bn_check_top(d);
75 if (BN_is_zero(d))
76 {
77 BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
78 return(0);
79 }
80
81 if (BN_ucmp(m,d) < 0)
82 {
83 if (rem != NULL)
84 { if (BN_copy(rem,m) == NULL) return(0); }
85 if (dv != NULL) BN_zero(dv);
86 return(1);
87 }
88
89 BN_CTX_start(ctx);
90 D = BN_CTX_get(ctx);
91 if (dv == NULL) dv = BN_CTX_get(ctx);
92 if (rem == NULL) rem = BN_CTX_get(ctx);
93 if (D == NULL || dv == NULL || rem == NULL)
94 goto end;
95
96 nd=BN_num_bits(d);
97 nm=BN_num_bits(m);
98 if (BN_copy(D,d) == NULL) goto end;
99 if (BN_copy(rem,m) == NULL) goto end;
100
101 /* The next 2 are needed so we can do a dv->d[0]|=1 later
102 * since BN_lshift1 will only work once there is a value :-) */
103 BN_zero(dv);
104 bn_wexpand(dv,1);
105 dv->top=1;
106
107 if (!BN_lshift(D,D,nm-nd)) goto end;
108 for (i=nm-nd; i>=0; i--)
109 {
110 if (!BN_lshift1(dv,dv)) goto end;
111 if (BN_ucmp(rem,D) >= 0)
112 {
113 dv->d[0]|=1;
114 if (!BN_usub(rem,rem,D)) goto end;
115 }
116/* CAN IMPROVE (and have now :=) */
117 if (!BN_rshift1(D,D)) goto end;
118 }
119 rem->neg=BN_is_zero(rem)?0:m->neg;
120 dv->neg=m->neg^d->neg;
121 ret = 1;
122 end:
123 BN_CTX_end(ctx);
124 return(ret);
125 }
126
127#else
128
129#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC) && !defined(BN_DIV3W)
130# if defined(__GNUC__) && __GNUC__>=2
131# if defined(__i386)
132 /*
133 * There were two reasons for implementing this template:
134 * - GNU C generates a call to a function (__udivdi3 to be exact)
135 * in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
136 * understand why...);
137 * - divl doesn't only calculate quotient, but also leaves
138 * remainder in %edx which we can definitely use here:-)
139 *
140 * <appro@fy.chalmers.se>
141 */
142# define bn_div_words(n0,n1,d0) \
143 ({ asm volatile ( \
144 "divl %4" \
145 : "=a"(q), "=d"(rem) \
146 : "a"(n1), "d"(n0), "g"(d0) \
147 : "cc"); \
148 q; \
149 })
150# define REMAINDER_IS_ALREADY_CALCULATED
151# endif /* __<cpu> */
152# endif /* __GNUC__ */
153#endif /* NO_ASM */
154
155int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
156 BN_CTX *ctx)
157 {
158 int norm_shift,i,j,loop;
159 BIGNUM *tmp,wnum,*snum,*sdiv,*res;
160 BN_ULONG *resp,*wnump;
161 BN_ULONG d0,d1;
162 int num_n,div_n;
163
164 bn_check_top(num);
165 bn_check_top(divisor);
166
167 if (BN_is_zero(divisor))
168 {
169 BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
170 return(0);
171 }
172
173 if (BN_ucmp(num,divisor) < 0)
174 {
175 if (rm != NULL)
176 { if (BN_copy(rm,num) == NULL) return(0); }
177 if (dv != NULL) BN_zero(dv);
178 return(1);
179 }
180
181 BN_CTX_start(ctx);
182 tmp=BN_CTX_get(ctx);
183 tmp->neg=0;
184 snum=BN_CTX_get(ctx);
185 sdiv=BN_CTX_get(ctx);
186 if (dv == NULL)
187 res=BN_CTX_get(ctx);
188 else res=dv;
189 if (res == NULL) goto err;
190
191 /* First we normalise the numbers */
192 norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
193 BN_lshift(sdiv,divisor,norm_shift);
194 sdiv->neg=0;
195 norm_shift+=BN_BITS2;
196 BN_lshift(snum,num,norm_shift);
197 snum->neg=0;
198 div_n=sdiv->top;
199 num_n=snum->top;
200 loop=num_n-div_n;
201
202 /* Lets setup a 'window' into snum
203 * This is the part that corresponds to the current
204 * 'area' being divided */
205 BN_init(&wnum);
206 wnum.d= &(snum->d[loop]);
207 wnum.top= div_n;
208 wnum.max= snum->max+1; /* a bit of a lie */
209
210 /* Get the top 2 words of sdiv */
211 /* i=sdiv->top; */
212 d0=sdiv->d[div_n-1];
213 d1=(div_n == 1)?0:sdiv->d[div_n-2];
214
215 /* pointer to the 'top' of snum */
216 wnump= &(snum->d[num_n-1]);
217
218 /* Setup to 'res' */
219 res->neg= (num->neg^divisor->neg);
220 if (!bn_wexpand(res,(loop+1))) goto err;
221 res->top=loop;
222 resp= &(res->d[loop-1]);
223
224 /* space for temp */
225 if (!bn_wexpand(tmp,(div_n+1))) goto err;
226
227 if (BN_ucmp(&wnum,sdiv) >= 0)
228 {
229 if (!BN_usub(&wnum,&wnum,sdiv)) goto err;
230 *resp=1;
231 res->d[res->top-1]=1;
232 }
233 else
234 res->top--;
235 resp--;
236
237 for (i=0; i<loop-1; i++)
238 {
239 BN_ULONG q,l0;
240#ifdef BN_DIV3W
241 q=bn_div_3_words(wnump,d1,d0);
242#else
243 BN_ULONG n0,n1,rem=0;
244
245 n0=wnump[0];
246 n1=wnump[-1];
247 if (n0 == d0)
248 q=BN_MASK2;
249 else /* n0 < d0 */
250 {
251#ifdef BN_LLONG
252 BN_ULLONG t2;
253
254#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
255 q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
256#else
257 q=bn_div_words(n0,n1,d0);
258#endif
259
260#ifndef REMAINDER_IS_ALREADY_CALCULATED
261 /*
262 * rem doesn't have to be BN_ULLONG. The least we
263 * know it's less that d0, isn't it?
264 */
265 rem=(n1-q*d0)&BN_MASK2;
266#endif
267 t2=(BN_ULLONG)d1*q;
268
269 for (;;)
270 {
271 if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
272 break;
273 q--;
274 rem += d0;
275 if (rem < d0) break; /* don't let rem overflow */
276 t2 -= d1;
277 }
278#else /* !BN_LLONG */
279 BN_ULONG t2l,t2h,ql,qh;
280
281 q=bn_div_words(n0,n1,d0);
282#ifndef REMAINDER_IS_ALREADY_CALCULATED
283 rem=(n1-q*d0)&BN_MASK2;
284#endif
285
286#ifdef BN_UMULT_HIGH
287 t2l = d1 * q;
288 t2h = BN_UMULT_HIGH(d1,q);
289#else
290 t2l=LBITS(d1); t2h=HBITS(d1);
291 ql =LBITS(q); qh =HBITS(q);
292 mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
293#endif
294
295 for (;;)
296 {
297 if ((t2h < rem) ||
298 ((t2h == rem) && (t2l <= wnump[-2])))
299 break;
300 q--;
301 rem += d0;
302 if (rem < d0) break; /* don't let rem overflow */
303 if (t2l < d1) t2h--; t2l -= d1;
304 }
305#endif /* !BN_LLONG */
306 }
307#endif /* !BN_DIV3W */
308
309 l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
310 wnum.d--; wnum.top++;
311 tmp->d[div_n]=l0;
312 for (j=div_n+1; j>0; j--)
313 if (tmp->d[j-1]) break;
314 tmp->top=j;
315
316 j=wnum.top;
317 BN_sub(&wnum,&wnum,tmp);
318
319 snum->top=snum->top+wnum.top-j;
320
321 if (wnum.neg)
322 {
323 q--;
324 j=wnum.top;
325 BN_add(&wnum,&wnum,sdiv);
326 snum->top+=wnum.top-j;
327 }
328 *(resp--)=q;
329 wnump--;
330 }
331 if (rm != NULL)
332 {
333 BN_rshift(rm,snum,norm_shift);
334 rm->neg=num->neg;
335 }
336 BN_CTX_end(ctx);
337 return(1);
338err:
339 BN_CTX_end(ctx);
340 return(0);
341 }
342
343#endif
344
345/* rem != m */
346int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
347 {
348#if 0 /* The old slow way */
349 int i,nm,nd;
350 BIGNUM *dv;
351
352 if (BN_ucmp(m,d) < 0)
353 return((BN_copy(rem,m) == NULL)?0:1);
354
355 BN_CTX_start(ctx);
356 dv=BN_CTX_get(ctx);
357
358 if (!BN_copy(rem,m)) goto err;
359
360 nm=BN_num_bits(rem);
361 nd=BN_num_bits(d);
362 if (!BN_lshift(dv,d,nm-nd)) goto err;
363 for (i=nm-nd; i>=0; i--)
364 {
365 if (BN_cmp(rem,dv) >= 0)
366 {
367 if (!BN_sub(rem,rem,dv)) goto err;
368 }
369 if (!BN_rshift1(dv,dv)) goto err;
370 }
371 BN_CTX_end(ctx);
372 return(1);
373 err:
374 BN_CTX_end(ctx);
375 return(0);
376#else
377 return(BN_div(NULL,rem,m,d,ctx));
378#endif
379 }
380
diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c
deleted file mode 100644
index 988270bcf4..0000000000
--- a/src/lib/libcrypto/bn/bn_err.c
+++ /dev/null
@@ -1,119 +0,0 @@
1/* crypto/bn/bn_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/bn.h>
64
65/* BEGIN ERROR CODES */
66#ifndef NO_ERR
67static ERR_STRING_DATA BN_str_functs[]=
68 {
69{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"},
70{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
71{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"},
72{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
73{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
74{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
75{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"},
76{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
77{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"},
78{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
79{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"},
80{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"},
81{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"},
82{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"},
83{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"},
84{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"},
85{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"},
86{0,NULL}
87 };
88
89static ERR_STRING_DATA BN_str_reasons[]=
90 {
91{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"},
92{BN_R_BAD_RECIPROCAL ,"bad reciprocal"},
93{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"},
94{BN_R_DIV_BY_ZERO ,"div by zero"},
95{BN_R_ENCODING_ERROR ,"encoding error"},
96{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"},
97{BN_R_INVALID_LENGTH ,"invalid length"},
98{BN_R_NOT_INITIALIZED ,"not initialized"},
99{BN_R_NO_INVERSE ,"no inverse"},
100{BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"},
101{0,NULL}
102 };
103
104#endif
105
106void ERR_load_BN_strings(void)
107 {
108 static int init=1;
109
110 if (init)
111 {
112 init=0;
113#ifndef NO_ERR
114 ERR_load_strings(ERR_LIB_BN,BN_str_functs);
115 ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
116#endif
117
118 }
119 }
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
deleted file mode 100644
index 0c11601675..0000000000
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ /dev/null
@@ -1,749 +0,0 @@
1/* crypto/bn/bn_exp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62#ifdef ATALLA
63# include <alloca.h>
64# include <atasi.h>
65# include <assert.h>
66# include <dlfcn.h>
67#endif
68
69#define TABLE_SIZE 16
70
71/* slow but works */
72int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
73 {
74 BIGNUM *t;
75 int r=0;
76
77 bn_check_top(a);
78 bn_check_top(b);
79 bn_check_top(m);
80
81 BN_CTX_start(ctx);
82 if ((t = BN_CTX_get(ctx)) == NULL) goto err;
83 if (a == b)
84 { if (!BN_sqr(t,a,ctx)) goto err; }
85 else
86 { if (!BN_mul(t,a,b,ctx)) goto err; }
87 if (!BN_mod(ret,t,m,ctx)) goto err;
88 r=1;
89err:
90 BN_CTX_end(ctx);
91 return(r);
92 }
93
94#if 0
95/* this one works - simple but works */
96int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx)
97 {
98 int i,bits,ret=0;
99 BIGNUM *v,*tmp;
100
101 BN_CTX_start(ctx);
102 v = BN_CTX_get(ctx);
103 tmp = BN_CTX_get(ctx);
104 if (v == NULL || tmp == NULL) goto err;
105
106 if (BN_copy(v,a) == NULL) goto err;
107 bits=BN_num_bits(p);
108
109 if (BN_is_odd(p))
110 { if (BN_copy(r,a) == NULL) goto err; }
111 else { if (!BN_one(r)) goto err; }
112
113 for (i=1; i<bits; i++)
114 {
115 if (!BN_sqr(tmp,v,ctx)) goto err;
116 if (!BN_mod(v,tmp,m,ctx)) goto err;
117 if (BN_is_bit_set(p,i))
118 {
119 if (!BN_mul(tmp,r,v,ctx)) goto err;
120 if (!BN_mod(r,tmp,m,ctx)) goto err;
121 }
122 }
123 ret=1;
124err:
125 BN_CTX_end(ctx);
126 return(ret);
127 }
128
129#endif
130
131/* this one works - simple but works */
132int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx)
133 {
134 int i,bits,ret=0;
135 BIGNUM *v,*rr;
136
137 BN_CTX_start(ctx);
138 if ((r == a) || (r == p))
139 rr = BN_CTX_get(ctx);
140 else
141 rr = r;
142 if ((v = BN_CTX_get(ctx)) == NULL) goto err;
143
144 if (BN_copy(v,a) == NULL) goto err;
145 bits=BN_num_bits(p);
146
147 if (BN_is_odd(p))
148 { if (BN_copy(rr,a) == NULL) goto err; }
149 else { if (!BN_one(rr)) goto err; }
150
151 for (i=1; i<bits; i++)
152 {
153 if (!BN_sqr(v,v,ctx)) goto err;
154 if (BN_is_bit_set(p,i))
155 {
156 if (!BN_mul(rr,rr,v,ctx)) goto err;
157 }
158 }
159 ret=1;
160err:
161 if (r != rr) BN_copy(r,rr);
162 BN_CTX_end(ctx);
163 return(ret);
164 }
165
166#ifdef ATALLA
167
168/*
169 * This routine will dynamically check for the existance of an Atalla AXL-200
170 * SSL accelerator module. If one is found, the variable
171 * asi_accelerator_present is set to 1 and the function pointers
172 * ptr_ASI_xxxxxx above will be initialized to corresponding ASI API calls.
173 */
174typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
175 unsigned int *ret_buf);
176typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
177typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
178 unsigned char *output,
179 unsigned char *input,
180 unsigned int modulus_len);
181
182static tfnASI_GetHardwareConfig *ptr_ASI_GetHardwareConfig;
183static tfnASI_RSAPrivateKeyOpFn *ptr_ASI_RSAPrivateKeyOpFn;
184static tfnASI_GetPerformanceStatistics *ptr_ASI_GetPerformanceStatistics;
185static int asi_accelerator_present;
186static int tried_atalla;
187
188void atalla_initialize_accelerator_handle(void)
189 {
190 void *dl_handle;
191 int status;
192 unsigned int config_buf[1024];
193 static int tested;
194
195 if(tested)
196 return;
197
198 tested=1;
199
200 bzero((void *)config_buf, 1024);
201
202 /*
203 * Check to see if the library is present on the system
204 */
205 dl_handle = dlopen("atasi.so", RTLD_NOW);
206 if (dl_handle == (void *) NULL)
207 {
208/* printf("atasi.so library is not present on the system\n");
209 printf("No HW acceleration available\n");*/
210 return;
211 }
212
213 /*
214 * The library is present. Now we'll check to insure that the
215 * LDM is up and running. First we'll get the address of the
216 * function in the atasi library that we need to see if the
217 * LDM is operating.
218 */
219
220 ptr_ASI_GetHardwareConfig =
221 (tfnASI_GetHardwareConfig *)dlsym(dl_handle,"ASI_GetHardwareConfig");
222
223 if (ptr_ASI_GetHardwareConfig)
224 {
225 /*
226 * We found the call, now we'll get our config
227 * status. If we get a non 0 result, the LDM is not
228 * running and we cannot use the Atalla ASI *
229 * library.
230 */
231 status = (*ptr_ASI_GetHardwareConfig)(0L, config_buf);
232 if (status != 0)
233 {
234 printf("atasi.so library is present but not initialized\n");
235 printf("No HW acceleration available\n");
236 return;
237 }
238 }
239 else
240 {
241/* printf("We found the library, but not the function. Very Strange!\n");*/
242 return ;
243 }
244
245 /*
246 * It looks like we have acceleration capabilities. Load up the
247 * pointers to our ASI API calls.
248 */
249 ptr_ASI_RSAPrivateKeyOpFn=
250 (tfnASI_RSAPrivateKeyOpFn *)dlsym(dl_handle, "ASI_RSAPrivateKeyOpFn");
251 if (ptr_ASI_RSAPrivateKeyOpFn == NULL)
252 {
253/* printf("We found the library, but no RSA function. Very Strange!\n");*/
254 return;
255 }
256
257 ptr_ASI_GetPerformanceStatistics =
258 (tfnASI_GetPerformanceStatistics *)dlsym(dl_handle, "ASI_GetPerformanceStatistics");
259 if (ptr_ASI_GetPerformanceStatistics == NULL)
260 {
261/* printf("We found the library, but no stat function. Very Strange!\n");*/
262 return;
263 }
264
265 /*
266 * Indicate that acceleration is available
267 */
268 asi_accelerator_present = 1;
269
270/* printf("This system has acceleration!\n");*/
271
272 return;
273 }
274
275/* make sure this only gets called once when bn_mod_exp calls bn_mod_exp_mont */
276int BN_mod_exp_atalla(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m)
277 {
278 unsigned char *abin;
279 unsigned char *pbin;
280 unsigned char *mbin;
281 unsigned char *rbin;
282 int an,pn,mn,ret;
283 RSAPrivateKey keydata;
284
285 atalla_initialize_accelerator_handle();
286 if(!asi_accelerator_present)
287 return 0;
288
289
290/* We should be able to run without size testing */
291# define ASIZE 128
292 an=BN_num_bytes(a);
293 pn=BN_num_bytes(p);
294 mn=BN_num_bytes(m);
295
296 if(an <= ASIZE && pn <= ASIZE && mn <= ASIZE)
297 {
298 int size=mn;
299
300 assert(an <= mn);
301 abin=alloca(size);
302 memset(abin,'\0',mn);
303 BN_bn2bin(a,abin+size-an);
304
305 pbin=alloca(pn);
306 BN_bn2bin(p,pbin);
307
308 mbin=alloca(size);
309 memset(mbin,'\0',mn);
310 BN_bn2bin(m,mbin+size-mn);
311
312 rbin=alloca(size);
313
314 memset(&keydata,'\0',sizeof keydata);
315 keydata.privateExponent.data=pbin;
316 keydata.privateExponent.len=pn;
317 keydata.modulus.data=mbin;
318 keydata.modulus.len=size;
319
320 ret=(*ptr_ASI_RSAPrivateKeyOpFn)(&keydata,rbin,abin,keydata.modulus.len);
321/*fprintf(stderr,"!%s\n",BN_bn2hex(a));*/
322 if(!ret)
323 {
324 BN_bin2bn(rbin,keydata.modulus.len,r);
325/*fprintf(stderr,"?%s\n",BN_bn2hex(r));*/
326 return 1;
327 }
328 }
329 return 0;
330 }
331#endif /* def ATALLA */
332
333int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
334 BN_CTX *ctx)
335 {
336 int ret;
337
338 bn_check_top(a);
339 bn_check_top(p);
340 bn_check_top(m);
341
342#ifdef ATALLA
343 if(BN_mod_exp_atalla(r,a,p,m))
344 return 1;
345/* If it fails, try the other methods (but don't try atalla again) */
346 tried_atalla=1;
347#endif
348
349#ifdef MONT_MUL_MOD
350 /* I have finally been able to take out this pre-condition of
351 * the top bit being set. It was caused by an error in BN_div
352 * with negatives. There was also another problem when for a^b%m
353 * a >= m. eay 07-May-97 */
354/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
355
356 if (BN_is_odd(m))
357 { ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); }
358 else
359#endif
360#ifdef RECP_MUL_MOD
361 { ret=BN_mod_exp_recp(r,a,p,m,ctx); }
362#else
363 { ret=BN_mod_exp_simple(r,a,p,m,ctx); }
364#endif
365
366#ifdef ATALLA
367 tried_atalla=0;
368#endif
369
370 return(ret);
371 }
372
373/* #ifdef RECP_MUL_MOD */
374int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
375 const BIGNUM *m, BN_CTX *ctx)
376 {
377 int i,j,bits,ret=0,wstart,wend,window,wvalue;
378 int start=1,ts=0;
379 BIGNUM *aa;
380 BIGNUM val[TABLE_SIZE];
381 BN_RECP_CTX recp;
382
383 bits=BN_num_bits(p);
384
385 if (bits == 0)
386 {
387 BN_one(r);
388 return(1);
389 }
390
391 BN_CTX_start(ctx);
392 if ((aa = BN_CTX_get(ctx)) == NULL) goto err;
393
394 BN_RECP_CTX_init(&recp);
395 if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err;
396
397 BN_init(&(val[0]));
398 ts=1;
399
400 if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
401 if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx))
402 goto err; /* 2 */
403
404 if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
405 window=1;
406 else if (bits >= 256)
407 window=5; /* max size of window */
408 else if (bits >= 128)
409 window=4;
410 else
411 window=3;
412
413 j=1<<(window-1);
414 for (i=1; i<j; i++)
415 {
416 BN_init(&val[i]);
417 if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx))
418 goto err;
419 }
420 ts=i;
421
422 start=1; /* This is used to avoid multiplication etc
423 * when there is only the value '1' in the
424 * buffer. */
425 wvalue=0; /* The 'value' of the window */
426 wstart=bits-1; /* The top bit of the window */
427 wend=0; /* The bottom bit of the window */
428
429 if (!BN_one(r)) goto err;
430
431 for (;;)
432 {
433 if (BN_is_bit_set(p,wstart) == 0)
434 {
435 if (!start)
436 if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
437 goto err;
438 if (wstart == 0) break;
439 wstart--;
440 continue;
441 }
442 /* We now have wstart on a 'set' bit, we now need to work out
443 * how bit a window to do. To do this we need to scan
444 * forward until the last set bit before the end of the
445 * window */
446 j=wstart;
447 wvalue=1;
448 wend=0;
449 for (i=1; i<window; i++)
450 {
451 if (wstart-i < 0) break;
452 if (BN_is_bit_set(p,wstart-i))
453 {
454 wvalue<<=(i-wend);
455 wvalue|=1;
456 wend=i;
457 }
458 }
459
460 /* wend is the size of the current window */
461 j=wend+1;
462 /* add the 'bytes above' */
463 if (!start)
464 for (i=0; i<j; i++)
465 {
466 if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
467 goto err;
468 }
469
470 /* wvalue will be an odd number < 2^window */
471 if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx))
472 goto err;
473
474 /* move the 'window' down further */
475 wstart-=wend+1;
476 wvalue=0;
477 start=0;
478 if (wstart < 0) break;
479 }
480 ret=1;
481err:
482 BN_CTX_end(ctx);
483 for (i=0; i<ts; i++)
484 BN_clear_free(&(val[i]));
485 BN_RECP_CTX_free(&recp);
486 return(ret);
487 }
488/* #endif */
489
490/* #ifdef MONT_MUL_MOD */
491int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p,
492 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
493 {
494 int i,j,bits,ret=0,wstart,wend,window,wvalue;
495 int start=1,ts=0;
496 BIGNUM *d,*r;
497 BIGNUM *aa;
498 BIGNUM val[TABLE_SIZE];
499 BN_MONT_CTX *mont=NULL;
500
501 bn_check_top(a);
502 bn_check_top(p);
503 bn_check_top(m);
504
505#ifdef ATALLA
506 if(!tried_atalla && BN_mod_exp_atalla(rr,a,p,m))
507 return 1;
508/* If it fails, try the other methods */
509#endif
510
511 if (!(m->d[0] & 1))
512 {
513 BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
514 return(0);
515 }
516 bits=BN_num_bits(p);
517 if (bits == 0)
518 {
519 BN_one(rr);
520 return(1);
521 }
522 BN_CTX_start(ctx);
523 d = BN_CTX_get(ctx);
524 r = BN_CTX_get(ctx);
525 if (d == NULL || r == NULL) goto err;
526
527 /* If this is not done, things will break in the montgomery
528 * part */
529
530#if 1
531 if (in_mont != NULL)
532 mont=in_mont;
533 else
534#endif
535 {
536 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
537 if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
538 }
539
540 BN_init(&val[0]);
541 ts=1;
542 if (BN_ucmp(a,m) >= 0)
543 {
544 BN_mod(&(val[0]),a,m,ctx);
545 aa= &(val[0]);
546 }
547 else
548 aa=a;
549 if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */
550 if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */
551
552 if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */
553 window=1;
554 else if (bits >= 256)
555 window=5; /* max size of window */
556 else if (bits >= 128)
557 window=4;
558 else
559 window=3;
560
561 j=1<<(window-1);
562 for (i=1; i<j; i++)
563 {
564 BN_init(&(val[i]));
565 if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx))
566 goto err;
567 }
568 ts=i;
569
570 start=1; /* This is used to avoid multiplication etc
571 * when there is only the value '1' in the
572 * buffer. */
573 wvalue=0; /* The 'value' of the window */
574 wstart=bits-1; /* The top bit of the window */
575 wend=0; /* The bottom bit of the window */
576
577 if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
578 for (;;)
579 {
580 if (BN_is_bit_set(p,wstart) == 0)
581 {
582 if (!start)
583 {
584 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
585 goto err;
586 }
587 if (wstart == 0) break;
588 wstart--;
589 continue;
590 }
591 /* We now have wstart on a 'set' bit, we now need to work out
592 * how bit a window to do. To do this we need to scan
593 * forward until the last set bit before the end of the
594 * window */
595 j=wstart;
596 wvalue=1;
597 wend=0;
598 for (i=1; i<window; i++)
599 {
600 if (wstart-i < 0) break;
601 if (BN_is_bit_set(p,wstart-i))
602 {
603 wvalue<<=(i-wend);
604 wvalue|=1;
605 wend=i;
606 }
607 }
608
609 /* wend is the size of the current window */
610 j=wend+1;
611 /* add the 'bytes above' */
612 if (!start)
613 for (i=0; i<j; i++)
614 {
615 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
616 goto err;
617 }
618
619 /* wvalue will be an odd number < 2^window */
620 if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx))
621 goto err;
622
623 /* move the 'window' down further */
624 wstart-=wend+1;
625 wvalue=0;
626 start=0;
627 if (wstart < 0) break;
628 }
629 BN_from_montgomery(rr,r,mont,ctx);
630 ret=1;
631err:
632 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
633 BN_CTX_end(ctx);
634 for (i=0; i<ts; i++)
635 BN_clear_free(&(val[i]));
636 return(ret);
637 }
638/* #endif */
639
640/* The old fallback, simple version :-) */
641int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
642 BN_CTX *ctx)
643 {
644 int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0;
645 int start=1;
646 BIGNUM *d;
647 BIGNUM val[TABLE_SIZE];
648
649 bits=BN_num_bits(p);
650
651 if (bits == 0)
652 {
653 BN_one(r);
654 return(1);
655 }
656
657 BN_CTX_start(ctx);
658 if ((d = BN_CTX_get(ctx)) == NULL) goto err;
659
660 BN_init(&(val[0]));
661 ts=1;
662 if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
663 if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx))
664 goto err; /* 2 */
665
666 if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
667 window=1;
668 else if (bits >= 256)
669 window=5; /* max size of window */
670 else if (bits >= 128)
671 window=4;
672 else
673 window=3;
674
675 j=1<<(window-1);
676 for (i=1; i<j; i++)
677 {
678 BN_init(&(val[i]));
679 if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx))
680 goto err;
681 }
682 ts=i;
683
684 start=1; /* This is used to avoid multiplication etc
685 * when there is only the value '1' in the
686 * buffer. */
687 wvalue=0; /* The 'value' of the window */
688 wstart=bits-1; /* The top bit of the window */
689 wend=0; /* The bottom bit of the window */
690
691 if (!BN_one(r)) goto err;
692
693 for (;;)
694 {
695 if (BN_is_bit_set(p,wstart) == 0)
696 {
697 if (!start)
698 if (!BN_mod_mul(r,r,r,m,ctx))
699 goto err;
700 if (wstart == 0) break;
701 wstart--;
702 continue;
703 }
704 /* We now have wstart on a 'set' bit, we now need to work out
705 * how bit a window to do. To do this we need to scan
706 * forward until the last set bit before the end of the
707 * window */
708 j=wstart;
709 wvalue=1;
710 wend=0;
711 for (i=1; i<window; i++)
712 {
713 if (wstart-i < 0) break;
714 if (BN_is_bit_set(p,wstart-i))
715 {
716 wvalue<<=(i-wend);
717 wvalue|=1;
718 wend=i;
719 }
720 }
721
722 /* wend is the size of the current window */
723 j=wend+1;
724 /* add the 'bytes above' */
725 if (!start)
726 for (i=0; i<j; i++)
727 {
728 if (!BN_mod_mul(r,r,r,m,ctx))
729 goto err;
730 }
731
732 /* wvalue will be an odd number < 2^window */
733 if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx))
734 goto err;
735
736 /* move the 'window' down further */
737 wstart-=wend+1;
738 wvalue=0;
739 start=0;
740 if (wstart < 0) break;
741 }
742 ret=1;
743err:
744 BN_CTX_end(ctx);
745 for (i=0; i<ts; i++)
746 BN_clear_free(&(val[i]));
747 return(ret);
748 }
749
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
deleted file mode 100644
index 4f4e9e3299..0000000000
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,199 +0,0 @@
1#include <stdio.h>
2#include "cryptlib.h"
3#include "bn_lcl.h"
4
5/* I've done some timing with different table sizes.
6 * The main hassle is that even with bits set at 3, this requires
7 * 63 BIGNUMs to store the pre-calculated values.
8 * 512 1024
9 * bits=1 75.4% 79.4%
10 * bits=2 61.2% 62.4%
11 * bits=3 61.3% 59.3%
12 * The lack of speed improvement is also a function of the pre-calculation
13 * which could be removed.
14 */
15#define EXP2_TABLE_BITS 2 /* 1 2 3 4 5 */
16#define EXP2_TABLE_SIZE 4 /* 2 4 8 16 32 */
17
18int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2,
19 BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
20 {
21 int i,j,k,bits,bits1,bits2,ret=0,wstart,wend,window,xvalue,yvalue;
22 int start=1,ts=0,x,y;
23 BIGNUM *d,*aa1,*aa2,*r;
24 BIGNUM val[EXP2_TABLE_SIZE][EXP2_TABLE_SIZE];
25 BN_MONT_CTX *mont=NULL;
26
27 bn_check_top(a1);
28 bn_check_top(p1);
29 bn_check_top(a2);
30 bn_check_top(p2);
31 bn_check_top(m);
32
33 if (!(m->d[0] & 1))
34 {
35 BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
36 return(0);
37 }
38 bits1=BN_num_bits(p1);
39 bits2=BN_num_bits(p2);
40 if ((bits1 == 0) && (bits2 == 0))
41 {
42 BN_one(rr);
43 return(1);
44 }
45
46 BN_CTX_start(ctx);
47 d = BN_CTX_get(ctx);
48 r = BN_CTX_get(ctx);
49 if (d == NULL || r == NULL) goto err;
50
51 bits=(bits1 > bits2)?bits1:bits2;
52
53 /* If this is not done, things will break in the montgomery
54 * part */
55
56 if (in_mont != NULL)
57 mont=in_mont;
58 else
59 {
60 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
61 if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
62 }
63
64 BN_init(&(val[0][0]));
65 BN_init(&(val[1][1]));
66 BN_init(&(val[0][1]));
67 BN_init(&(val[1][0]));
68 ts=1;
69 if (BN_ucmp(a1,m) >= 0)
70 {
71 BN_mod(&(val[1][0]),a1,m,ctx);
72 aa1= &(val[1][0]);
73 }
74 else
75 aa1=a1;
76 if (BN_ucmp(a2,m) >= 0)
77 {
78 BN_mod(&(val[0][1]),a2,m,ctx);
79 aa2= &(val[0][1]);
80 }
81 else
82 aa2=a2;
83 if (!BN_to_montgomery(&(val[1][0]),aa1,mont,ctx)) goto err;
84 if (!BN_to_montgomery(&(val[0][1]),aa2,mont,ctx)) goto err;
85 if (!BN_mod_mul_montgomery(&(val[1][1]),
86 &(val[1][0]),&(val[0][1]),mont,ctx))
87 goto err;
88
89#if 0
90 if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */
91 window=1;
92 else if (bits > 250)
93 window=5; /* max size of window */
94 else if (bits >= 120)
95 window=4;
96 else
97 window=3;
98#else
99 window=EXP2_TABLE_BITS;
100#endif
101
102 k=1<<window;
103 for (x=0; x<k; x++)
104 {
105 if (x >= 2)
106 {
107 BN_init(&(val[x][0]));
108 BN_init(&(val[x][1]));
109 if (!BN_mod_mul_montgomery(&(val[x][0]),
110 &(val[1][0]),&(val[x-1][0]),mont,ctx)) goto err;
111 if (!BN_mod_mul_montgomery(&(val[x][1]),
112 &(val[1][0]),&(val[x-1][1]),mont,ctx)) goto err;
113 }
114 for (y=2; y<k; y++)
115 {
116 BN_init(&(val[x][y]));
117 if (!BN_mod_mul_montgomery(&(val[x][y]),
118 &(val[x][y-1]),&(val[0][1]),mont,ctx))
119 goto err;
120 }
121 }
122 ts=k;
123
124 start=1; /* This is used to avoid multiplication etc
125 * when there is only the value '1' in the
126 * buffer. */
127 xvalue=0; /* The 'x value' of the window */
128 yvalue=0; /* The 'y value' of the window */
129 wstart=bits-1; /* The top bit of the window */
130 wend=0; /* The bottom bit of the window */
131
132 if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
133 for (;;)
134 {
135 xvalue=BN_is_bit_set(p1,wstart);
136 yvalue=BN_is_bit_set(p2,wstart);
137 if (!(xvalue || yvalue))
138 {
139 if (!start)
140 {
141 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
142 goto err;
143 }
144 wstart--;
145 if (wstart < 0) break;
146 continue;
147 }
148 /* We now have wstart on a 'set' bit, we now need to work out
149 * how bit a window to do. To do this we need to scan
150 * forward until the last set bit before the end of the
151 * window */
152 j=wstart;
153 /* xvalue=BN_is_bit_set(p1,wstart); already set */
154 /* yvalue=BN_is_bit_set(p1,wstart); already set */
155 wend=0;
156 for (i=1; i<window; i++)
157 {
158 if (wstart-i < 0) break;
159 xvalue+=xvalue;
160 xvalue|=BN_is_bit_set(p1,wstart-i);
161 yvalue+=yvalue;
162 yvalue|=BN_is_bit_set(p2,wstart-i);
163 }
164
165 /* i is the size of the current window */
166 /* add the 'bytes above' */
167 if (!start)
168 for (j=0; j<i; j++)
169 {
170 if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
171 goto err;
172 }
173
174 /* wvalue will be an odd number < 2^window */
175 if (xvalue || yvalue)
176 {
177 if (!BN_mod_mul_montgomery(r,r,&(val[xvalue][yvalue]),
178 mont,ctx)) goto err;
179 }
180
181 /* move the 'window' down further */
182 wstart-=i;
183 start=0;
184 if (wstart < 0) break;
185 }
186 BN_from_montgomery(rr,r,mont,ctx);
187 ret=1;
188err:
189 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
190 BN_CTX_end(ctx);
191 for (i=0; i<ts; i++)
192 {
193 for (j=0; j<ts; j++)
194 {
195 BN_clear_free(&(val[i][j]));
196 }
197 }
198 return(ret);
199 }
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
deleted file mode 100644
index 398207196b..0000000000
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,210 +0,0 @@
1/* crypto/bn/bn_gcd.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
64
65int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx)
66 {
67 BIGNUM *a,*b,*t;
68 int ret=0;
69
70 bn_check_top(in_a);
71 bn_check_top(in_b);
72
73 BN_CTX_start(ctx);
74 a = BN_CTX_get(ctx);
75 b = BN_CTX_get(ctx);
76 if (a == NULL || b == NULL) goto err;
77
78 if (BN_copy(a,in_a) == NULL) goto err;
79 if (BN_copy(b,in_b) == NULL) goto err;
80
81 if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
82 t=euclid(a,b);
83 if (t == NULL) goto err;
84
85 if (BN_copy(r,t) == NULL) goto err;
86 ret=1;
87err:
88 BN_CTX_end(ctx);
89 return(ret);
90 }
91
92static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
93 {
94 BIGNUM *t;
95 int shifts=0;
96
97 bn_check_top(a);
98 bn_check_top(b);
99
100 for (;;)
101 {
102 if (BN_is_zero(b))
103 break;
104
105 if (BN_is_odd(a))
106 {
107 if (BN_is_odd(b))
108 {
109 if (!BN_sub(a,a,b)) goto err;
110 if (!BN_rshift1(a,a)) goto err;
111 if (BN_cmp(a,b) < 0)
112 { t=a; a=b; b=t; }
113 }
114 else /* a odd - b even */
115 {
116 if (!BN_rshift1(b,b)) goto err;
117 if (BN_cmp(a,b) < 0)
118 { t=a; a=b; b=t; }
119 }
120 }
121 else /* a is even */
122 {
123 if (BN_is_odd(b))
124 {
125 if (!BN_rshift1(a,a)) goto err;
126 if (BN_cmp(a,b) < 0)
127 { t=a; a=b; b=t; }
128 }
129 else /* a even - b even */
130 {
131 if (!BN_rshift1(a,a)) goto err;
132 if (!BN_rshift1(b,b)) goto err;
133 shifts++;
134 }
135 }
136 }
137 if (shifts)
138 {
139 if (!BN_lshift(a,a,shifts)) goto err;
140 }
141 return(a);
142err:
143 return(NULL);
144 }
145
146/* solves ax == 1 (mod n) */
147BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
148 {
149 BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL;
150 BIGNUM *T,*ret=NULL;
151 int sign;
152
153 bn_check_top(a);
154 bn_check_top(n);
155
156 BN_CTX_start(ctx);
157 A = BN_CTX_get(ctx);
158 B = BN_CTX_get(ctx);
159 X = BN_CTX_get(ctx);
160 D = BN_CTX_get(ctx);
161 M = BN_CTX_get(ctx);
162 Y = BN_CTX_get(ctx);
163 if (Y == NULL) goto err;
164
165 if (in == NULL)
166 R=BN_new();
167 else
168 R=in;
169 if (R == NULL) goto err;
170
171 BN_zero(X);
172 BN_one(Y);
173 if (BN_copy(A,a) == NULL) goto err;
174 if (BN_copy(B,n) == NULL) goto err;
175 sign=1;
176
177 while (!BN_is_zero(B))
178 {
179 if (!BN_div(D,M,A,B,ctx)) goto err;
180 T=A;
181 A=B;
182 B=M;
183 /* T has a struct, M does not */
184
185 if (!BN_mul(T,D,X,ctx)) goto err;
186 if (!BN_add(T,T,Y)) goto err;
187 M=Y;
188 Y=X;
189 X=T;
190 sign= -sign;
191 }
192 if (sign < 0)
193 {
194 if (!BN_sub(Y,n,Y)) goto err;
195 }
196
197 if (BN_is_one(A))
198 { if (!BN_mod(R,Y,n,ctx)) goto err; }
199 else
200 {
201 BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
202 goto err;
203 }
204 ret=R;
205err:
206 if ((ret == NULL) && (in == NULL)) BN_free(R);
207 BN_CTX_end(ctx);
208 return(ret);
209 }
210
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h
deleted file mode 100644
index e36ccbc4c2..0000000000
--- a/src/lib/libcrypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,321 +0,0 @@
1/* crypto/bn/bn_lcl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_BN_LCL_H
60#define HEADER_BN_LCL_H
61
62#include <openssl/bn.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68/* Pentium pro 16,16,16,32,64 */
69/* Alpha 16,16,16,16.64 */
70#define BN_MULL_SIZE_NORMAL (16) /* 32 */
71#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */
72#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */
73#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */
74#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */
75
76#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC)
77/*
78 * BN_UMULT_HIGH section.
79 *
80 * No, I'm not trying to overwhelm you when stating that the
81 * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
82 * you to be impressed when I say that if the compiler doesn't
83 * support 2*N integer type, then you have to replace every N*N
84 * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
85 * and additions which unavoidably results in severe performance
86 * penalties. Of course provided that the hardware is capable of
87 * producing 2*N result... That's when you normally start
88 * considering assembler implementation. However! It should be
89 * pointed out that some CPUs (most notably Alpha, PowerPC and
90 * upcoming IA-64 family:-) provide *separate* instruction
91 * calculating the upper half of the product placing the result
92 * into a general purpose register. Now *if* the compiler supports
93 * inline assembler, then it's not impossible to implement the
94 * "bignum" routines (and have the compiler optimize 'em)
95 * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
96 * macro is about:-)
97 *
98 * <appro@fy.chalmers.se>
99 */
100# if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
101# if defined(__DECC)
102# include <c_asm.h>
103# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
104# elif defined(__GNUC__)
105# define BN_UMULT_HIGH(a,b) ({ \
106 register BN_ULONG ret; \
107 asm ("umulh %1,%2,%0" \
108 : "=r"(ret) \
109 : "r"(a), "r"(b)); \
110 ret; })
111# endif /* compiler */
112# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
113# if defined(__GNUC__)
114# define BN_UMULT_HIGH(a,b) ({ \
115 register BN_ULONG ret; \
116 asm ("mulhdu %0,%1,%2" \
117 : "=r"(ret) \
118 : "r"(a), "r"(b)); \
119 ret; })
120# endif /* compiler */
121# endif /* cpu */
122#endif /* NO_ASM */
123
124/*************************************************************
125 * Using the long long type
126 */
127#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
128#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
129
130/* This is used for internal error checking and is not normally used */
131#ifdef BN_DEBUG
132# include <assert.h>
133# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->max);
134#else
135# define bn_check_top(a)
136#endif
137
138/* This macro is to add extra stuff for development checking */
139#ifdef BN_DEBUG
140#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA))
141#else
142#define bn_set_max(r)
143#endif
144
145/* These macros are used to 'take' a section of a bignum for read only use */
146#define bn_set_low(r,a,n) \
147 { \
148 (r)->top=((a)->top > (n))?(n):(a)->top; \
149 (r)->d=(a)->d; \
150 (r)->neg=(a)->neg; \
151 (r)->flags|=BN_FLG_STATIC_DATA; \
152 bn_set_max(r); \
153 }
154
155#define bn_set_high(r,a,n) \
156 { \
157 if ((a)->top > (n)) \
158 { \
159 (r)->top=(a)->top-n; \
160 (r)->d= &((a)->d[n]); \
161 } \
162 else \
163 (r)->top=0; \
164 (r)->neg=(a)->neg; \
165 (r)->flags|=BN_FLG_STATIC_DATA; \
166 bn_set_max(r); \
167 }
168
169#ifdef BN_LLONG
170#define mul_add(r,a,w,c) { \
171 BN_ULLONG t; \
172 t=(BN_ULLONG)w * (a) + (r) + (c); \
173 (r)= Lw(t); \
174 (c)= Hw(t); \
175 }
176
177#define mul(r,a,w,c) { \
178 BN_ULLONG t; \
179 t=(BN_ULLONG)w * (a) + (c); \
180 (r)= Lw(t); \
181 (c)= Hw(t); \
182 }
183
184#define sqr(r0,r1,a) { \
185 BN_ULLONG t; \
186 t=(BN_ULLONG)(a)*(a); \
187 (r0)=Lw(t); \
188 (r1)=Hw(t); \
189 }
190
191#elif defined(BN_UMULT_HIGH)
192#define mul_add(r,a,w,c) { \
193 BN_ULONG high,low,ret,tmp=(a); \
194 ret = (r); \
195 high= BN_UMULT_HIGH(w,tmp); \
196 ret += (c); \
197 low = (w) * tmp; \
198 (c) = (ret<(c))?1:0; \
199 (c) += high; \
200 ret += low; \
201 (c) += (ret<low)?1:0; \
202 (r) = ret; \
203 }
204
205#define mul(r,a,w,c) { \
206 BN_ULONG high,low,ret,ta=(a); \
207 low = (w) * ta; \
208 high= BN_UMULT_HIGH(w,ta); \
209 ret = low + (c); \
210 (c) = high; \
211 (c) += (ret<low)?1:0; \
212 (r) = ret; \
213 }
214
215#define sqr(r0,r1,a) { \
216 BN_ULONG tmp=(a); \
217 (r0) = tmp * tmp; \
218 (r1) = BN_UMULT_HIGH(tmp,tmp); \
219 }
220
221#else
222/*************************************************************
223 * No long long type
224 */
225
226#define LBITS(a) ((a)&BN_MASK2l)
227#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
228#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
229
230#define LLBITS(a) ((a)&BN_MASKl)
231#define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl)
232#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
233
234#define mul64(l,h,bl,bh) \
235 { \
236 BN_ULONG m,m1,lt,ht; \
237 \
238 lt=l; \
239 ht=h; \
240 m =(bh)*(lt); \
241 lt=(bl)*(lt); \
242 m1=(bl)*(ht); \
243 ht =(bh)*(ht); \
244 m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
245 ht+=HBITS(m); \
246 m1=L2HBITS(m); \
247 lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
248 (l)=lt; \
249 (h)=ht; \
250 }
251
252#define sqr64(lo,ho,in) \
253 { \
254 BN_ULONG l,h,m; \
255 \
256 h=(in); \
257 l=LBITS(h); \
258 h=HBITS(h); \
259 m =(l)*(h); \
260 l*=l; \
261 h*=h; \
262 h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
263 m =(m&BN_MASK2l)<<(BN_BITS4+1); \
264 l=(l+m)&BN_MASK2; if (l < m) h++; \
265 (lo)=l; \
266 (ho)=h; \
267 }
268
269#define mul_add(r,a,bl,bh,c) { \
270 BN_ULONG l,h; \
271 \
272 h= (a); \
273 l=LBITS(h); \
274 h=HBITS(h); \
275 mul64(l,h,(bl),(bh)); \
276 \
277 /* non-multiply part */ \
278 l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
279 (c)=(r); \
280 l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
281 (c)=h&BN_MASK2; \
282 (r)=l; \
283 }
284
285#define mul(r,a,bl,bh,c) { \
286 BN_ULONG l,h; \
287 \
288 h= (a); \
289 l=LBITS(h); \
290 h=HBITS(h); \
291 mul64(l,h,(bl),(bh)); \
292 \
293 /* non-multiply part */ \
294 l+=(c); if ((l&BN_MASK2) < (c)) h++; \
295 (c)=h&BN_MASK2; \
296 (r)=l&BN_MASK2; \
297 }
298#endif /* !BN_LLONG */
299
300void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
301void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
302void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
303void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
304void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a);
305void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a);
306int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n);
307void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t);
308void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
309 int tn, int n,BN_ULONG *t);
310void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t);
311void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
312void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
313 BN_ULONG *t);
314void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
315 BN_ULONG *t);
316
317#ifdef __cplusplus
318}
319#endif
320
321#endif
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
deleted file mode 100644
index 0e6b12d9c3..0000000000
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ /dev/null
@@ -1,755 +0,0 @@
1/* crypto/bn/bn_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
64
65/* For a 32 bit machine
66 * 2 - 4 == 128
67 * 3 - 8 == 256
68 * 4 - 16 == 512
69 * 5 - 32 == 1024
70 * 6 - 64 == 2048
71 * 7 - 128 == 4096
72 * 8 - 256 == 8192
73 */
74static int bn_limit_bits=0;
75static int bn_limit_num=8; /* (1<<bn_limit_bits) */
76static int bn_limit_bits_low=0;
77static int bn_limit_num_low=8; /* (1<<bn_limit_bits_low) */
78static int bn_limit_bits_high=0;
79static int bn_limit_num_high=8; /* (1<<bn_limit_bits_high) */
80static int bn_limit_bits_mont=0;
81static int bn_limit_num_mont=8; /* (1<<bn_limit_bits_mont) */
82
83void BN_set_params(int mult, int high, int low, int mont)
84 {
85 if (mult >= 0)
86 {
87 if (mult > (sizeof(int)*8)-1)
88 mult=sizeof(int)*8-1;
89 bn_limit_bits=mult;
90 bn_limit_num=1<<mult;
91 }
92 if (high >= 0)
93 {
94 if (high > (sizeof(int)*8)-1)
95 high=sizeof(int)*8-1;
96 bn_limit_bits_high=high;
97 bn_limit_num_high=1<<high;
98 }
99 if (low >= 0)
100 {
101 if (low > (sizeof(int)*8)-1)
102 low=sizeof(int)*8-1;
103 bn_limit_bits_low=low;
104 bn_limit_num_low=1<<low;
105 }
106 if (mont >= 0)
107 {
108 if (mont > (sizeof(int)*8)-1)
109 mont=sizeof(int)*8-1;
110 bn_limit_bits_mont=mont;
111 bn_limit_num_mont=1<<mont;
112 }
113 }
114
115int BN_get_params(int which)
116 {
117 if (which == 0) return(bn_limit_bits);
118 else if (which == 1) return(bn_limit_bits_high);
119 else if (which == 2) return(bn_limit_bits_low);
120 else if (which == 3) return(bn_limit_bits_mont);
121 else return(0);
122 }
123
124BIGNUM *BN_value_one(void)
125 {
126 static BN_ULONG data_one=1L;
127 static BIGNUM const_one={&data_one,1,1,0};
128
129 return(&const_one);
130 }
131
132char *BN_options(void)
133 {
134 static int init=0;
135 static char data[16];
136
137 if (!init)
138 {
139 init++;
140#ifdef BN_LLONG
141 sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
142 (int)sizeof(BN_ULONG)*8);
143#else
144 sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
145 (int)sizeof(BN_ULONG)*8);
146#endif
147 }
148 return(data);
149 }
150
151int BN_num_bits_word(BN_ULONG l)
152 {
153 static const char bits[256]={
154 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
155 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
156 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
157 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
158 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
159 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
160 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
161 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
162 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
163 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
164 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
165 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
166 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
167 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
168 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
169 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
170 };
171
172#if defined(SIXTY_FOUR_BIT_LONG)
173 if (l & 0xffffffff00000000L)
174 {
175 if (l & 0xffff000000000000L)
176 {
177 if (l & 0xff00000000000000L)
178 {
179 return(bits[(int)(l>>56)]+56);
180 }
181 else return(bits[(int)(l>>48)]+48);
182 }
183 else
184 {
185 if (l & 0x0000ff0000000000L)
186 {
187 return(bits[(int)(l>>40)]+40);
188 }
189 else return(bits[(int)(l>>32)]+32);
190 }
191 }
192 else
193#else
194#ifdef SIXTY_FOUR_BIT
195 if (l & 0xffffffff00000000LL)
196 {
197 if (l & 0xffff000000000000LL)
198 {
199 if (l & 0xff00000000000000LL)
200 {
201 return(bits[(int)(l>>56)]+56);
202 }
203 else return(bits[(int)(l>>48)]+48);
204 }
205 else
206 {
207 if (l & 0x0000ff0000000000LL)
208 {
209 return(bits[(int)(l>>40)]+40);
210 }
211 else return(bits[(int)(l>>32)]+32);
212 }
213 }
214 else
215#endif
216#endif
217 {
218#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
219 if (l & 0xffff0000L)
220 {
221 if (l & 0xff000000L)
222 return(bits[(int)(l>>24L)]+24);
223 else return(bits[(int)(l>>16L)]+16);
224 }
225 else
226#endif
227 {
228#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
229 if (l & 0xff00L)
230 return(bits[(int)(l>>8)]+8);
231 else
232#endif
233 return(bits[(int)(l )] );
234 }
235 }
236 }
237
238int BN_num_bits(const BIGNUM *a)
239 {
240 BN_ULONG l;
241 int i;
242
243 bn_check_top(a);
244
245 if (a->top == 0) return(0);
246 l=a->d[a->top-1];
247 i=(a->top-1)*BN_BITS2;
248 if (l == 0)
249 {
250#if !defined(NO_STDIO) && !defined(WIN16)
251 fprintf(stderr,"BAD TOP VALUE\n");
252#endif
253 abort();
254 }
255 return(i+BN_num_bits_word(l));
256 }
257
258void BN_clear_free(BIGNUM *a)
259 {
260 int i;
261
262 if (a == NULL) return;
263 if (a->d != NULL)
264 {
265 memset(a->d,0,a->max*sizeof(a->d[0]));
266 if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
267 Free(a->d);
268 }
269 i=BN_get_flags(a,BN_FLG_MALLOCED);
270 memset(a,0,sizeof(BIGNUM));
271 if (i)
272 Free(a);
273 }
274
275void BN_free(BIGNUM *a)
276 {
277 if (a == NULL) return;
278 if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
279 Free(a->d);
280 a->flags|=BN_FLG_FREE; /* REMOVE? */
281 if (a->flags & BN_FLG_MALLOCED)
282 Free(a);
283 }
284
285void BN_init(BIGNUM *a)
286 {
287 memset(a,0,sizeof(BIGNUM));
288 }
289
290BIGNUM *BN_new(void)
291 {
292 BIGNUM *ret;
293
294 if ((ret=(BIGNUM *)Malloc(sizeof(BIGNUM))) == NULL)
295 {
296 BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
297 return(NULL);
298 }
299 ret->flags=BN_FLG_MALLOCED;
300 ret->top=0;
301 ret->neg=0;
302 ret->max=0;
303 ret->d=NULL;
304 return(ret);
305 }
306
307/* This is an internal function that should not be used in applications.
308 * It ensures that 'b' has enough room for a 'words' word number number.
309 * It is mostly used by the various BIGNUM routines. If there is an error,
310 * NULL is returned. If not, 'b' is returned. */
311
312BIGNUM *bn_expand2(BIGNUM *b, int words)
313 {
314 BN_ULONG *A,*a;
315 const BN_ULONG *B;
316 int i;
317
318 bn_check_top(b);
319
320 if (words > b->max)
321 {
322 bn_check_top(b);
323 if (BN_get_flags(b,BN_FLG_STATIC_DATA))
324 {
325 BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
326 return(NULL);
327 }
328 a=A=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(words+1));
329 if (A == NULL)
330 {
331 BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
332 return(NULL);
333 }
334#if 1
335 B=b->d;
336 /* Check if the previous number needs to be copied */
337 if (B != NULL)
338 {
339#if 0
340 /* This lot is an unrolled loop to copy b->top
341 * BN_ULONGs from B to A
342 */
343/*
344 * I have nothing against unrolling but it's usually done for
345 * several reasons, namely:
346 * - minimize percentage of decision making code, i.e. branches;
347 * - avoid cache trashing;
348 * - make it possible to schedule loads earlier;
349 * Now let's examine the code below. The cornerstone of C is
350 * "programmer is always right" and that's what we love it for:-)
351 * For this very reason C compilers have to be paranoid when it
352 * comes to data aliasing and assume the worst. Yeah, but what
353 * does it mean in real life? This means that loop body below will
354 * be compiled to sequence of loads immediately followed by stores
355 * as compiler assumes the worst, something in A==B+1 style. As a
356 * result CPU pipeline is going to starve for incoming data. Secondly
357 * if A and B happen to share same cache line such code is going to
358 * cause severe cache trashing. Both factors have severe impact on
359 * performance of modern CPUs and this is the reason why this
360 * particular piece of code is #ifdefed away and replaced by more
361 * "friendly" version found in #else section below. This comment
362 * also applies to BN_copy function.
363 *
364 * <appro@fy.chalmers.se>
365 */
366 for (i=b->top&(~7); i>0; i-=8)
367 {
368 A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3];
369 A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7];
370 A+=8;
371 B+=8;
372 }
373 switch (b->top&7)
374 {
375 case 7:
376 A[6]=B[6];
377 case 6:
378 A[5]=B[5];
379 case 5:
380 A[4]=B[4];
381 case 4:
382 A[3]=B[3];
383 case 3:
384 A[2]=B[2];
385 case 2:
386 A[1]=B[1];
387 case 1:
388 A[0]=B[0];
389 case 0:
390 /* I need the 'case 0' entry for utrix cc.
391 * If the optimizer is turned on, it does the
392 * switch table by doing
393 * a=top&7
394 * a--;
395 * goto jump_table[a];
396 * If top is 0, this makes us jump to 0xffffffc
397 * which is rather bad :-(.
398 * eric 23-Apr-1998
399 */
400 ;
401 }
402#else
403 for (i=b->top>>2; i>0; i--,A+=4,B+=4)
404 {
405 /*
406 * The fact that the loop is unrolled
407 * 4-wise is a tribute to Intel. It's
408 * the one that doesn't have enough
409 * registers to accomodate more data.
410 * I'd unroll it 8-wise otherwise:-)
411 *
412 * <appro@fy.chalmers.se>
413 */
414 BN_ULONG a0,a1,a2,a3;
415 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
416 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
417 }
418 switch (b->top&3)
419 {
420 case 3: A[2]=B[2];
421 case 2: A[1]=B[1];
422 case 1: A[0]=B[0];
423 case 0: ; /* ultrix cc workaround, see above */
424 }
425#endif
426 Free(b->d);
427 }
428
429 b->d=a;
430 b->max=words;
431
432 /* Now need to zero any data between b->top and b->max */
433
434 A= &(b->d[b->top]);
435 for (i=(b->max - b->top)>>3; i>0; i--,A+=8)
436 {
437 A[0]=0; A[1]=0; A[2]=0; A[3]=0;
438 A[4]=0; A[5]=0; A[6]=0; A[7]=0;
439 }
440 for (i=(b->max - b->top)&7; i>0; i--,A++)
441 A[0]=0;
442#else
443 memset(A,0,sizeof(BN_ULONG)*(words+1));
444 memcpy(A,b->d,sizeof(b->d[0])*b->top);
445 b->d=a;
446 b->max=words;
447#endif
448
449/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */
450/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */
451
452 }
453 return(b);
454 }
455
456BIGNUM *BN_dup(const BIGNUM *a)
457 {
458 BIGNUM *r;
459
460 if (a == NULL) return NULL;
461
462 bn_check_top(a);
463
464 r=BN_new();
465 if (r == NULL) return(NULL);
466 return((BIGNUM *)BN_copy(r,a));
467 }
468
469BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
470 {
471 int i;
472 BN_ULONG *A;
473 const BN_ULONG *B;
474
475 bn_check_top(b);
476
477 if (a == b) return(a);
478 if (bn_wexpand(a,b->top) == NULL) return(NULL);
479
480#if 1
481 A=a->d;
482 B=b->d;
483 for (i=b->top>>2; i>0; i--,A+=4,B+=4)
484 {
485 BN_ULONG a0,a1,a2,a3;
486 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
487 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
488 }
489 switch (b->top&3)
490 {
491 case 3: A[2]=B[2];
492 case 2: A[1]=B[1];
493 case 1: A[0]=B[0];
494 case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */
495 }
496#else
497 memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
498#endif
499
500/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
501 a->top=b->top;
502 if ((a->top == 0) && (a->d != NULL))
503 a->d[0]=0;
504 a->neg=b->neg;
505 return(a);
506 }
507
508void BN_clear(BIGNUM *a)
509 {
510 if (a->d != NULL)
511 memset(a->d,0,a->max*sizeof(a->d[0]));
512 a->top=0;
513 a->neg=0;
514 }
515
516BN_ULONG BN_get_word(BIGNUM *a)
517 {
518 int i,n;
519 BN_ULONG ret=0;
520
521 n=BN_num_bytes(a);
522 if (n > sizeof(BN_ULONG))
523 return(BN_MASK2);
524 for (i=a->top-1; i>=0; i--)
525 {
526#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
527 ret<<=BN_BITS4; /* stops the compiler complaining */
528 ret<<=BN_BITS4;
529#else
530 ret=0;
531#endif
532 ret|=a->d[i];
533 }
534 return(ret);
535 }
536
537int BN_set_word(BIGNUM *a, BN_ULONG w)
538 {
539 int i,n;
540 if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);
541
542 n=sizeof(BN_ULONG)/BN_BYTES;
543 a->neg=0;
544 a->top=0;
545 a->d[0]=(BN_ULONG)w&BN_MASK2;
546 if (a->d[0] != 0) a->top=1;
547 for (i=1; i<n; i++)
548 {
549 /* the following is done instead of
550 * w>>=BN_BITS2 so compilers don't complain
551 * on builds where sizeof(long) == BN_TYPES */
552#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
553 w>>=BN_BITS4;
554 w>>=BN_BITS4;
555#else
556 w=0;
557#endif
558 a->d[i]=(BN_ULONG)w&BN_MASK2;
559 if (a->d[i] != 0) a->top=i+1;
560 }
561 return(1);
562 }
563
564/* ignore negative */
565BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
566 {
567 unsigned int i,m;
568 unsigned int n;
569 BN_ULONG l;
570
571 if (ret == NULL) ret=BN_new();
572 if (ret == NULL) return(NULL);
573 l=0;
574 n=len;
575 if (n == 0)
576 {
577 ret->top=0;
578 return(ret);
579 }
580 if (bn_expand(ret,(int)(n+2)*8) == NULL)
581 return(NULL);
582 i=((n-1)/BN_BYTES)+1;
583 m=((n-1)%(BN_BYTES));
584 ret->top=i;
585 while (n-- > 0)
586 {
587 l=(l<<8L)| *(s++);
588 if (m-- == 0)
589 {
590 ret->d[--i]=l;
591 l=0;
592 m=BN_BYTES-1;
593 }
594 }
595 /* need to call this due to clear byte at top if avoiding
596 * having the top bit set (-ve number) */
597 bn_fix_top(ret);
598 return(ret);
599 }
600
601/* ignore negative */
602int BN_bn2bin(const BIGNUM *a, unsigned char *to)
603 {
604 int n,i;
605 BN_ULONG l;
606
607 n=i=BN_num_bytes(a);
608 while (i-- > 0)
609 {
610 l=a->d[i/BN_BYTES];
611 *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
612 }
613 return(n);
614 }
615
616int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
617 {
618 int i;
619 BN_ULONG t1,t2,*ap,*bp;
620
621 bn_check_top(a);
622 bn_check_top(b);
623
624 i=a->top-b->top;
625 if (i != 0) return(i);
626 ap=a->d;
627 bp=b->d;
628 for (i=a->top-1; i>=0; i--)
629 {
630 t1= ap[i];
631 t2= bp[i];
632 if (t1 != t2)
633 return(t1 > t2?1:-1);
634 }
635 return(0);
636 }
637
638int BN_cmp(const BIGNUM *a, const BIGNUM *b)
639 {
640 int i;
641 int gt,lt;
642 BN_ULONG t1,t2;
643
644 if ((a == NULL) || (b == NULL))
645 {
646 if (a != NULL)
647 return(-1);
648 else if (b != NULL)
649 return(1);
650 else
651 return(0);
652 }
653
654 bn_check_top(a);
655 bn_check_top(b);
656
657 if (a->neg != b->neg)
658 {
659 if (a->neg)
660 return(-1);
661 else return(1);
662 }
663 if (a->neg == 0)
664 { gt=1; lt= -1; }
665 else { gt= -1; lt=1; }
666
667 if (a->top > b->top) return(gt);
668 if (a->top < b->top) return(lt);
669 for (i=a->top-1; i>=0; i--)
670 {
671 t1=a->d[i];
672 t2=b->d[i];
673 if (t1 > t2) return(gt);
674 if (t1 < t2) return(lt);
675 }
676 return(0);
677 }
678
679int BN_set_bit(BIGNUM *a, int n)
680 {
681 int i,j,k;
682
683 i=n/BN_BITS2;
684 j=n%BN_BITS2;
685 if (a->top <= i)
686 {
687 if (bn_wexpand(a,i+1) == NULL) return(0);
688 for(k=a->top; k<i+1; k++)
689 a->d[k]=0;
690 a->top=i+1;
691 }
692
693 a->d[i]|=(((BN_ULONG)1)<<j);
694 return(1);
695 }
696
697int BN_clear_bit(BIGNUM *a, int n)
698 {
699 int i,j;
700
701 i=n/BN_BITS2;
702 j=n%BN_BITS2;
703 if (a->top <= i) return(0);
704
705 a->d[i]&=(~(((BN_ULONG)1)<<j));
706 bn_fix_top(a);
707 return(1);
708 }
709
710int BN_is_bit_set(const BIGNUM *a, int n)
711 {
712 int i,j;
713
714 if (n < 0) return(0);
715 i=n/BN_BITS2;
716 j=n%BN_BITS2;
717 if (a->top <= i) return(0);
718 return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
719 }
720
721int BN_mask_bits(BIGNUM *a, int n)
722 {
723 int b,w;
724
725 w=n/BN_BITS2;
726 b=n%BN_BITS2;
727 if (w >= a->top) return(0);
728 if (b == 0)
729 a->top=w;
730 else
731 {
732 a->top=w+1;
733 a->d[w]&= ~(BN_MASK2<<b);
734 }
735 bn_fix_top(a);
736 return(1);
737 }
738
739int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n)
740 {
741 int i;
742 BN_ULONG aa,bb;
743
744 aa=a[n-1];
745 bb=b[n-1];
746 if (aa != bb) return((aa > bb)?1:-1);
747 for (i=n-2; i>=0; i--)
748 {
749 aa=a[i];
750 bb=b[i];
751 if (aa != bb) return((aa > bb)?1:-1);
752 }
753 return(0);
754 }
755
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
deleted file mode 100644
index 598fecbf0c..0000000000
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ /dev/null
@@ -1,339 +0,0 @@
1/* crypto/bn/bn_mont.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * Details about Montgomery multiplication algorithms can be found at
61 * http://security.ece.orst.edu/publications.html, e.g.
62 * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
63 * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
64 */
65
66#include <stdio.h>
67#include "cryptlib.h"
68#include "bn_lcl.h"
69
70#define MONT_WORD /* use the faster word-based algorithm */
71
72int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
73 BN_MONT_CTX *mont, BN_CTX *ctx)
74 {
75 BIGNUM *tmp,*tmp2;
76 int ret=0;
77
78 BN_CTX_start(ctx);
79 tmp = BN_CTX_get(ctx);
80 tmp2 = BN_CTX_get(ctx);
81 if (tmp == NULL || tmp2 == NULL) goto err;
82
83 bn_check_top(tmp);
84 bn_check_top(tmp2);
85
86 if (a == b)
87 {
88#if 0
89 bn_wexpand(tmp,a->top*2);
90 bn_wexpand(tmp2,a->top*4);
91 bn_sqr_recursive(tmp->d,a->d,a->top,tmp2->d);
92 tmp->top=a->top*2;
93 if (tmp->d[tmp->top-1] == 0)
94 tmp->top--;
95#else
96 if (!BN_sqr(tmp,a,ctx)) goto err;
97#endif
98 }
99 else
100 {
101 if (!BN_mul(tmp,a,b,ctx)) goto err;
102 }
103 /* reduce from aRR to aR */
104 if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
105 ret=1;
106err:
107 BN_CTX_end(ctx);
108 return(ret);
109 }
110
111int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont,
112 BN_CTX *ctx)
113 {
114 int retn=0;
115
116#ifdef MONT_WORD
117 BIGNUM *n,*r;
118 BN_ULONG *ap,*np,*rp,n0,v,*nrp;
119 int al,nl,max,i,x,ri;
120
121 BN_CTX_start(ctx);
122 if ((r = BN_CTX_get(ctx)) == NULL) goto err;
123
124 if (!BN_copy(r,a)) goto err;
125 n= &(mont->N);
126
127 ap=a->d;
128 /* mont->ri is the size of mont->N in bits (rounded up
129 to the word size) */
130 al=ri=mont->ri/BN_BITS2;
131
132 nl=n->top;
133 if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
134
135 max=(nl+al+1); /* allow for overflow (no?) XXX */
136 if (bn_wexpand(r,max) == NULL) goto err;
137 if (bn_wexpand(ret,max) == NULL) goto err;
138
139 r->neg=a->neg^n->neg;
140 np=n->d;
141 rp=r->d;
142 nrp= &(r->d[nl]);
143
144 /* clear the top words of T */
145#if 1
146 for (i=r->top; i<max; i++) /* memset? XXX */
147 r->d[i]=0;
148#else
149 memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
150#endif
151
152 r->top=max;
153 n0=mont->n0;
154
155#ifdef BN_COUNT
156 printf("word BN_from_montgomery %d * %d\n",nl,nl);
157#endif
158 for (i=0; i<nl; i++)
159 {
160 v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
161 nrp++;
162 rp++;
163 if (((nrp[-1]+=v)&BN_MASK2) >= v)
164 continue;
165 else
166 {
167 if (((++nrp[0])&BN_MASK2) != 0) continue;
168 if (((++nrp[1])&BN_MASK2) != 0) continue;
169 for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ;
170 }
171 }
172 bn_fix_top(r);
173
174 /* mont->ri will be a multiple of the word size */
175#if 0
176 BN_rshift(ret,r,mont->ri);
177#else
178 x=ri;
179 rp=ret->d;
180 ap= &(r->d[x]);
181 if (r->top < x)
182 al=0;
183 else
184 al=r->top-x;
185 ret->top=al;
186 al-=4;
187 for (i=0; i<al; i+=4)
188 {
189 BN_ULONG t1,t2,t3,t4;
190
191 t1=ap[i+0];
192 t2=ap[i+1];
193 t3=ap[i+2];
194 t4=ap[i+3];
195 rp[i+0]=t1;
196 rp[i+1]=t2;
197 rp[i+2]=t3;
198 rp[i+3]=t4;
199 }
200 al+=4;
201 for (; i<al; i++)
202 rp[i]=ap[i];
203#endif
204#else /* !MONT_WORD */
205 BIGNUM *t1,*t2;
206
207 BN_CTX_start(ctx);
208 t1 = BN_CTX_get(ctx);
209 t2 = BN_CTX_get(ctx);
210 if (t1 == NULL || t2 == NULL) goto err;
211
212 if (!BN_copy(t1,a)) goto err;
213 BN_mask_bits(t1,mont->ri);
214
215 if (!BN_mul(t2,t1,&mont->Ni,ctx)) goto err;
216 BN_mask_bits(t2,mont->ri);
217
218 if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
219 if (!BN_add(t2,a,t1)) goto err;
220 BN_rshift(ret,t2,mont->ri);
221#endif /* MONT_WORD */
222
223 if (BN_ucmp(ret, &(mont->N)) >= 0)
224 {
225 BN_usub(ret,ret,&(mont->N));
226 }
227 retn=1;
228 err:
229 BN_CTX_end(ctx);
230 return(retn);
231 }
232
233BN_MONT_CTX *BN_MONT_CTX_new(void)
234 {
235 BN_MONT_CTX *ret;
236
237 if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL)
238 return(NULL);
239
240 BN_MONT_CTX_init(ret);
241 ret->flags=BN_FLG_MALLOCED;
242 return(ret);
243 }
244
245void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
246 {
247 ctx->ri=0;
248 BN_init(&(ctx->RR));
249 BN_init(&(ctx->N));
250 BN_init(&(ctx->Ni));
251 ctx->flags=0;
252 }
253
254void BN_MONT_CTX_free(BN_MONT_CTX *mont)
255 {
256 if(mont == NULL)
257 return;
258
259 BN_free(&(mont->RR));
260 BN_free(&(mont->N));
261 BN_free(&(mont->Ni));
262 if (mont->flags & BN_FLG_MALLOCED)
263 Free(mont);
264 }
265
266int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
267 {
268 BIGNUM Ri,*R;
269
270 BN_init(&Ri);
271 R= &(mont->RR); /* grab RR as a temp */
272 BN_copy(&(mont->N),mod); /* Set N */
273
274#ifdef MONT_WORD
275 {
276 BIGNUM tmod;
277 BN_ULONG buf[2];
278
279 mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
280 BN_zero(R);
281 BN_set_bit(R,BN_BITS2); /* R */
282
283 buf[0]=mod->d[0]; /* tmod = N mod word size */
284 buf[1]=0;
285 tmod.d=buf;
286 tmod.top=1;
287 tmod.max=2;
288 tmod.neg=mod->neg;
289 /* Ri = R^-1 mod N*/
290 if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL)
291 goto err;
292 BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */
293 if (!BN_is_zero(&Ri))
294 BN_sub_word(&Ri,1);
295 else /* if N mod word size == 1 */
296 BN_set_word(&Ri,BN_MASK2); /* Ri-- (mod word size) */
297 BN_div(&Ri,NULL,&Ri,&tmod,ctx); /* Ni = (R*Ri-1)/N,
298 * keep only least significant word: */
299 mont->n0=Ri.d[0];
300 BN_free(&Ri);
301 }
302#else /* !MONT_WORD */
303 { /* bignum version */
304 mont->ri=BN_num_bits(mod);
305 BN_zero(R);
306 BN_set_bit(R,mont->ri); /* R = 2^ri */
307 /* Ri = R^-1 mod N*/
308 if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL)
309 goto err;
310 BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */
311 BN_sub_word(&Ri,1);
312 /* Ni = (R*Ri-1) / N */
313 BN_div(&(mont->Ni),NULL,&Ri,mod,ctx);
314 BN_free(&Ri);
315 }
316#endif
317
318 /* setup RR for conversions */
319 BN_zero(&(mont->RR));
320 BN_set_bit(&(mont->RR),mont->ri*2);
321 BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx);
322
323 return(1);
324err:
325 return(0);
326 }
327
328BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
329 {
330 if (to == from) return(to);
331
332 BN_copy(&(to->RR),&(from->RR));
333 BN_copy(&(to->N),&(from->N));
334 BN_copy(&(to->Ni),&(from->Ni));
335 to->ri=from->ri;
336 to->n0=from->n0;
337 return(to);
338 }
339
diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c
deleted file mode 100644
index 80e1dca6b7..0000000000
--- a/src/lib/libcrypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,129 +0,0 @@
1/* crypto/bn/bn_mpi.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
64 {
65 int bits;
66 int num=0;
67 int ext=0;
68 long l;
69
70 bits=BN_num_bits(a);
71 num=(bits+7)/8;
72 if (bits > 0)
73 {
74 ext=((bits & 0x07) == 0);
75 }
76 if (d == NULL)
77 return(num+4+ext);
78
79 l=num+ext;
80 d[0]=(unsigned char)(l>>24)&0xff;
81 d[1]=(unsigned char)(l>>16)&0xff;
82 d[2]=(unsigned char)(l>> 8)&0xff;
83 d[3]=(unsigned char)(l )&0xff;
84 if (ext) d[4]=0;
85 num=BN_bn2bin(a,&(d[4+ext]));
86 if (a->neg)
87 d[4]|=0x80;
88 return(num+4+ext);
89 }
90
91BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a)
92 {
93 long len;
94 int neg=0;
95
96 if (n < 4)
97 {
98 BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
99 return(NULL);
100 }
101 len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3];
102 if ((len+4) != n)
103 {
104 BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
105 return(NULL);
106 }
107
108 if (a == NULL) a=BN_new();
109 if (a == NULL) return(NULL);
110
111 if (len == 0)
112 {
113 a->neg=0;
114 a->top=0;
115 return(a);
116 }
117 d+=4;
118 if ((*d) & 0x80)
119 neg=1;
120 if (BN_bin2bn(d,(int)len,a) == NULL)
121 return(NULL);
122 a->neg=neg;
123 if (neg)
124 {
125 BN_clear_bit(a,BN_num_bits(a)-1);
126 }
127 return(a);
128 }
129
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
deleted file mode 100644
index 3e8baaad9a..0000000000
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ /dev/null
@@ -1,794 +0,0 @@
1/* crypto/bn/bn_mul.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63#ifdef BN_RECURSION
64/* Karatsuba recursive multiplication algorithm
65 * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
66
67/* r is 2*n2 words in size,
68 * a and b are both n2 words in size.
69 * n2 must be a power of 2.
70 * We multiply and return the result.
71 * t must be 2*n2 words in size
72 * We calculate
73 * a[0]*b[0]
74 * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
75 * a[1]*b[1]
76 */
77void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
78 BN_ULONG *t)
79 {
80 int n=n2/2,c1,c2;
81 unsigned int neg,zero;
82 BN_ULONG ln,lo,*p;
83
84# ifdef BN_COUNT
85 printf(" bn_mul_recursive %d * %d\n",n2,n2);
86# endif
87# ifdef BN_MUL_COMBA
88# if 0
89 if (n2 == 4)
90 {
91 bn_mul_comba4(r,a,b);
92 return;
93 }
94# endif
95 if (n2 == 8)
96 {
97 bn_mul_comba8(r,a,b);
98 return;
99 }
100# endif /* BN_MUL_COMBA */
101 if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
102 {
103 /* This should not happen */
104 bn_mul_normal(r,a,n2,b,n2);
105 return;
106 }
107 /* r=(a[0]-a[1])*(b[1]-b[0]) */
108 c1=bn_cmp_words(a,&(a[n]),n);
109 c2=bn_cmp_words(&(b[n]),b,n);
110 zero=neg=0;
111 switch (c1*3+c2)
112 {
113 case -4:
114 bn_sub_words(t, &(a[n]),a, n); /* - */
115 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
116 break;
117 case -3:
118 zero=1;
119 break;
120 case -2:
121 bn_sub_words(t, &(a[n]),a, n); /* - */
122 bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
123 neg=1;
124 break;
125 case -1:
126 case 0:
127 case 1:
128 zero=1;
129 break;
130 case 2:
131 bn_sub_words(t, a, &(a[n]),n); /* + */
132 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
133 neg=1;
134 break;
135 case 3:
136 zero=1;
137 break;
138 case 4:
139 bn_sub_words(t, a, &(a[n]),n);
140 bn_sub_words(&(t[n]),&(b[n]),b, n);
141 break;
142 }
143
144# ifdef BN_MUL_COMBA
145 if (n == 4)
146 {
147 if (!zero)
148 bn_mul_comba4(&(t[n2]),t,&(t[n]));
149 else
150 memset(&(t[n2]),0,8*sizeof(BN_ULONG));
151
152 bn_mul_comba4(r,a,b);
153 bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n]));
154 }
155 else if (n == 8)
156 {
157 if (!zero)
158 bn_mul_comba8(&(t[n2]),t,&(t[n]));
159 else
160 memset(&(t[n2]),0,16*sizeof(BN_ULONG));
161
162 bn_mul_comba8(r,a,b);
163 bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
164 }
165 else
166# endif /* BN_MUL_COMBA */
167 {
168 p= &(t[n2*2]);
169 if (!zero)
170 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
171 else
172 memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
173 bn_mul_recursive(r,a,b,n,p);
174 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
175 }
176
177 /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
178 * r[10] holds (a[0]*b[0])
179 * r[32] holds (b[1]*b[1])
180 */
181
182 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
183
184 if (neg) /* if t[32] is negative */
185 {
186 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
187 }
188 else
189 {
190 /* Might have a carry */
191 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
192 }
193
194 /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
195 * r[10] holds (a[0]*b[0])
196 * r[32] holds (b[1]*b[1])
197 * c1 holds the carry bits
198 */
199 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
200 if (c1)
201 {
202 p= &(r[n+n2]);
203 lo= *p;
204 ln=(lo+c1)&BN_MASK2;
205 *p=ln;
206
207 /* The overflow will stop before we over write
208 * words we should not overwrite */
209 if (ln < (BN_ULONG)c1)
210 {
211 do {
212 p++;
213 lo= *p;
214 ln=(lo+1)&BN_MASK2;
215 *p=ln;
216 } while (ln == 0);
217 }
218 }
219 }
220
221/* n+tn is the word length
222 * t needs to be n*4 is size, as does r */
223void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
224 int n, BN_ULONG *t)
225 {
226 int i,j,n2=n*2;
227 unsigned int c1,c2,neg,zero;
228 BN_ULONG ln,lo,*p;
229
230# ifdef BN_COUNT
231 printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
232# endif
233 if (n < 8)
234 {
235 i=tn+n;
236 bn_mul_normal(r,a,i,b,i);
237 return;
238 }
239
240 /* r=(a[0]-a[1])*(b[1]-b[0]) */
241 c1=bn_cmp_words(a,&(a[n]),n);
242 c2=bn_cmp_words(&(b[n]),b,n);
243 zero=neg=0;
244 switch (c1*3+c2)
245 {
246 case -4:
247 bn_sub_words(t, &(a[n]),a, n); /* - */
248 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
249 break;
250 case -3:
251 zero=1;
252 /* break; */
253 case -2:
254 bn_sub_words(t, &(a[n]),a, n); /* - */
255 bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
256 neg=1;
257 break;
258 case -1:
259 case 0:
260 case 1:
261 zero=1;
262 /* break; */
263 case 2:
264 bn_sub_words(t, a, &(a[n]),n); /* + */
265 bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
266 neg=1;
267 break;
268 case 3:
269 zero=1;
270 /* break; */
271 case 4:
272 bn_sub_words(t, a, &(a[n]),n);
273 bn_sub_words(&(t[n]),&(b[n]),b, n);
274 break;
275 }
276 /* The zero case isn't yet implemented here. The speedup
277 would probably be negligible. */
278# if 0
279 if (n == 4)
280 {
281 bn_mul_comba4(&(t[n2]),t,&(t[n]));
282 bn_mul_comba4(r,a,b);
283 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
284 memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
285 }
286 else
287# endif
288 if (n == 8)
289 {
290 bn_mul_comba8(&(t[n2]),t,&(t[n]));
291 bn_mul_comba8(r,a,b);
292 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
293 memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
294 }
295 else
296 {
297 p= &(t[n2*2]);
298 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
299 bn_mul_recursive(r,a,b,n,p);
300 i=n/2;
301 /* If there is only a bottom half to the number,
302 * just do it */
303 j=tn-i;
304 if (j == 0)
305 {
306 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
307 memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
308 }
309 else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
310 {
311 bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
312 j,i,p);
313 memset(&(r[n2+tn*2]),0,
314 sizeof(BN_ULONG)*(n2-tn*2));
315 }
316 else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
317 {
318 memset(&(r[n2]),0,sizeof(BN_ULONG)*n2);
319 if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL)
320 {
321 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
322 }
323 else
324 {
325 for (;;)
326 {
327 i/=2;
328 if (i < tn)
329 {
330 bn_mul_part_recursive(&(r[n2]),
331 &(a[n]),&(b[n]),
332 tn-i,i,p);
333 break;
334 }
335 else if (i == tn)
336 {
337 bn_mul_recursive(&(r[n2]),
338 &(a[n]),&(b[n]),
339 i,p);
340 break;
341 }
342 }
343 }
344 }
345 }
346
347 /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
348 * r[10] holds (a[0]*b[0])
349 * r[32] holds (b[1]*b[1])
350 */
351
352 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
353
354 if (neg) /* if t[32] is negative */
355 {
356 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
357 }
358 else
359 {
360 /* Might have a carry */
361 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
362 }
363
364 /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
365 * r[10] holds (a[0]*b[0])
366 * r[32] holds (b[1]*b[1])
367 * c1 holds the carry bits
368 */
369 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
370 if (c1)
371 {
372 p= &(r[n+n2]);
373 lo= *p;
374 ln=(lo+c1)&BN_MASK2;
375 *p=ln;
376
377 /* The overflow will stop before we over write
378 * words we should not overwrite */
379 if (ln < c1)
380 {
381 do {
382 p++;
383 lo= *p;
384 ln=(lo+1)&BN_MASK2;
385 *p=ln;
386 } while (ln == 0);
387 }
388 }
389 }
390
391/* a and b must be the same size, which is n2.
392 * r needs to be n2 words and t needs to be n2*2
393 */
394void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
395 BN_ULONG *t)
396 {
397 int n=n2/2;
398
399# ifdef BN_COUNT
400 printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
401# endif
402
403 bn_mul_recursive(r,a,b,n,&(t[0]));
404 if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
405 {
406 bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
407 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
408 bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
409 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
410 }
411 else
412 {
413 bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
414 bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
415 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
416 bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
417 }
418 }
419
420/* a and b must be the same size, which is n2.
421 * r needs to be n2 words and t needs to be n2*2
422 * l is the low words of the output.
423 * t needs to be n2*3
424 */
425void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
426 BN_ULONG *t)
427 {
428 int i,n;
429 int c1,c2;
430 int neg,oneg,zero;
431 BN_ULONG ll,lc,*lp,*mp;
432
433# ifdef BN_COUNT
434 printf(" bn_mul_high %d * %d\n",n2,n2);
435# endif
436 n=n2/2;
437
438 /* Calculate (al-ah)*(bh-bl) */
439 neg=zero=0;
440 c1=bn_cmp_words(&(a[0]),&(a[n]),n);
441 c2=bn_cmp_words(&(b[n]),&(b[0]),n);
442 switch (c1*3+c2)
443 {
444 case -4:
445 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
446 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
447 break;
448 case -3:
449 zero=1;
450 break;
451 case -2:
452 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
453 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
454 neg=1;
455 break;
456 case -1:
457 case 0:
458 case 1:
459 zero=1;
460 break;
461 case 2:
462 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
463 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
464 neg=1;
465 break;
466 case 3:
467 zero=1;
468 break;
469 case 4:
470 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
471 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
472 break;
473 }
474
475 oneg=neg;
476 /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
477 /* r[10] = (a[1]*b[1]) */
478# ifdef BN_MUL_COMBA
479 if (n == 8)
480 {
481 bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
482 bn_mul_comba8(r,&(a[n]),&(b[n]));
483 }
484 else
485# endif
486 {
487 bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
488 bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
489 }
490
491 /* s0 == low(al*bl)
492 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
493 * We know s0 and s1 so the only unknown is high(al*bl)
494 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
495 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
496 */
497 if (l != NULL)
498 {
499 lp= &(t[n2+n]);
500 c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
501 }
502 else
503 {
504 c1=0;
505 lp= &(r[0]);
506 }
507
508 if (neg)
509 neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
510 else
511 {
512 bn_add_words(&(t[n2]),lp,&(t[0]),n);
513 neg=0;
514 }
515
516 if (l != NULL)
517 {
518 bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
519 }
520 else
521 {
522 lp= &(t[n2+n]);
523 mp= &(t[n2]);
524 for (i=0; i<n; i++)
525 lp[i]=((~mp[i])+1)&BN_MASK2;
526 }
527
528 /* s[0] = low(al*bl)
529 * t[3] = high(al*bl)
530 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
531 * r[10] = (a[1]*b[1])
532 */
533 /* R[10] = al*bl
534 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
535 * R[32] = ah*bh
536 */
537 /* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
538 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
539 * R[3]=r[1]+(carry/borrow)
540 */
541 if (l != NULL)
542 {
543 lp= &(t[n2]);
544 c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
545 }
546 else
547 {
548 lp= &(t[n2+n]);
549 c1=0;
550 }
551 c1+=(int)(bn_add_words(&(t[n2]),lp, &(r[0]),n));
552 if (oneg)
553 c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
554 else
555 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
556
557 c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
558 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
559 if (oneg)
560 c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
561 else
562 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
563
564 if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
565 {
566 i=0;
567 if (c1 > 0)
568 {
569 lc=c1;
570 do {
571 ll=(r[i]+lc)&BN_MASK2;
572 r[i++]=ll;
573 lc=(lc > ll);
574 } while (lc);
575 }
576 else
577 {
578 lc= -c1;
579 do {
580 ll=r[i];
581 r[i++]=(ll-lc)&BN_MASK2;
582 lc=(lc > ll);
583 } while (lc);
584 }
585 }
586 if (c2 != 0) /* Add starting at r[1] */
587 {
588 i=n;
589 if (c2 > 0)
590 {
591 lc=c2;
592 do {
593 ll=(r[i]+lc)&BN_MASK2;
594 r[i++]=ll;
595 lc=(lc > ll);
596 } while (lc);
597 }
598 else
599 {
600 lc= -c2;
601 do {
602 ll=r[i];
603 r[i++]=(ll-lc)&BN_MASK2;
604 lc=(lc > ll);
605 } while (lc);
606 }
607 }
608 }
609#endif /* BN_RECURSION */
610
611int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
612 {
613 int top,al,bl;
614 BIGNUM *rr;
615 int ret = 0;
616#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
617 int i;
618#endif
619#ifdef BN_RECURSION
620 BIGNUM *t;
621 int j,k;
622#endif
623
624#ifdef BN_COUNT
625 printf("BN_mul %d * %d\n",a->top,b->top);
626#endif
627
628 bn_check_top(a);
629 bn_check_top(b);
630 bn_check_top(r);
631
632 al=a->top;
633 bl=b->top;
634 r->neg=a->neg^b->neg;
635
636 if ((al == 0) || (bl == 0))
637 {
638 BN_zero(r);
639 return(1);
640 }
641 top=al+bl;
642
643 BN_CTX_start(ctx);
644 if ((r == a) || (r == b))
645 {
646 if ((rr = BN_CTX_get(ctx)) == NULL) goto err;
647 }
648 else
649 rr = r;
650
651#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
652 i = al-bl;
653#endif
654#ifdef BN_MUL_COMBA
655 if (i == 0)
656 {
657# if 0
658 if (al == 4)
659 {
660 if (bn_wexpand(rr,8) == NULL) goto err;
661 rr->top=8;
662 bn_mul_comba4(rr->d,a->d,b->d);
663 goto end;
664 }
665# endif
666 if (al == 8)
667 {
668 if (bn_wexpand(rr,16) == NULL) goto err;
669 rr->top=16;
670 bn_mul_comba8(rr->d,a->d,b->d);
671 goto end;
672 }
673 }
674#endif /* BN_MUL_COMBA */
675#ifdef BN_RECURSION
676 if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
677 {
678 if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
679 {
680 bn_wexpand(b,al);
681 b->d[bl]=0;
682 bl++;
683 i--;
684 }
685 else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
686 {
687 bn_wexpand(a,bl);
688 a->d[al]=0;
689 al++;
690 i++;
691 }
692 if (i == 0)
693 {
694 /* symmetric and > 4 */
695 /* 16 or larger */
696 j=BN_num_bits_word((BN_ULONG)al);
697 j=1<<(j-1);
698 k=j+j;
699 t = BN_CTX_get(ctx);
700 if (al == j) /* exact multiple */
701 {
702 bn_wexpand(t,k*2);
703 bn_wexpand(rr,k*2);
704 bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
705 }
706 else
707 {
708 bn_wexpand(a,k);
709 bn_wexpand(b,k);
710 bn_wexpand(t,k*4);
711 bn_wexpand(rr,k*4);
712 for (i=a->top; i<k; i++)
713 a->d[i]=0;
714 for (i=b->top; i<k; i++)
715 b->d[i]=0;
716 bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
717 }
718 rr->top=top;
719 goto end;
720 }
721 }
722#endif /* BN_RECURSION */
723 if (bn_wexpand(rr,top) == NULL) goto err;
724 rr->top=top;
725 bn_mul_normal(rr->d,a->d,al,b->d,bl);
726
727#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
728end:
729#endif
730 bn_fix_top(rr);
731 if (r != rr) BN_copy(r,rr);
732 ret=1;
733err:
734 BN_CTX_end(ctx);
735 return(ret);
736 }
737
738void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
739 {
740 BN_ULONG *rr;
741
742#ifdef BN_COUNT
743 printf(" bn_mul_normal %d * %d\n",na,nb);
744#endif
745
746 if (na < nb)
747 {
748 int itmp;
749 BN_ULONG *ltmp;
750
751 itmp=na; na=nb; nb=itmp;
752 ltmp=a; a=b; b=ltmp;
753
754 }
755 rr= &(r[na]);
756 rr[0]=bn_mul_words(r,a,na,b[0]);
757
758 for (;;)
759 {
760 if (--nb <= 0) return;
761 rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
762 if (--nb <= 0) return;
763 rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
764 if (--nb <= 0) return;
765 rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
766 if (--nb <= 0) return;
767 rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
768 rr+=4;
769 r+=4;
770 b+=4;
771 }
772 }
773
774void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
775 {
776#ifdef BN_COUNT
777 printf(" bn_mul_low_normal %d * %d\n",n,n);
778#endif
779 bn_mul_words(r,a,n,b[0]);
780
781 for (;;)
782 {
783 if (--n <= 0) return;
784 bn_mul_add_words(&(r[1]),a,n,b[1]);
785 if (--n <= 0) return;
786 bn_mul_add_words(&(r[2]),a,n,b[2]);
787 if (--n <= 0) return;
788 bn_mul_add_words(&(r[3]),a,n,b[3]);
789 if (--n <= 0) return;
790 bn_mul_add_words(&(r[4]),a,n,b[4]);
791 r+=4;
792 b+=4;
793 }
794 }
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
deleted file mode 100644
index a5f01b92eb..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ /dev/null
@@ -1,465 +0,0 @@
1/* crypto/bn/bn_prime.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <time.h>
114#include "cryptlib.h"
115#include "bn_lcl.h"
116#include <openssl/rand.h>
117
118/* The quick sieve algorithm approach to weeding out primes is
119 * Philip Zimmermann's, as implemented in PGP. I have had a read of
120 * his comments and implemented my own version.
121 */
122#include "bn_prime.h"
123
124static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
125 const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
126static int probable_prime(BIGNUM *rnd, int bits);
127static int probable_prime_dh(BIGNUM *rnd, int bits,
128 BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
129static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
130 BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
131
132BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,
133 BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)
134 {
135 BIGNUM *rnd=NULL;
136 BIGNUM t;
137 int found=0;
138 int i,j,c1=0;
139 BN_CTX *ctx;
140 int checks = BN_prime_checks_for_size(bits);
141
142 ctx=BN_CTX_new();
143 if (ctx == NULL) goto err;
144 if (ret == NULL)
145 {
146 if ((rnd=BN_new()) == NULL) goto err;
147 }
148 else
149 rnd=ret;
150 BN_init(&t);
151loop:
152 /* make a random number and set the top and bottom bits */
153 if (add == NULL)
154 {
155 if (!probable_prime(rnd,bits)) goto err;
156 }
157 else
158 {
159 if (safe)
160 {
161 if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx))
162 goto err;
163 }
164 else
165 {
166 if (!probable_prime_dh(rnd,bits,add,rem,ctx))
167 goto err;
168 }
169 }
170 /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
171 if (callback != NULL) callback(0,c1++,cb_arg);
172
173 if (!safe)
174 {
175 i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0);
176 if (i == -1) goto err;
177 if (i == 0) goto loop;
178 }
179 else
180 {
181 /* for "safe prime" generation,
182 * check that (p-1)/2 is prime.
183 * Since a prime is odd, We just
184 * need to divide by 2 */
185 if (!BN_rshift1(&t,rnd)) goto err;
186
187 for (i=0; i<checks; i++)
188 {
189 j=BN_is_prime_fasttest(rnd,1,callback,ctx,cb_arg,0);
190 if (j == -1) goto err;
191 if (j == 0) goto loop;
192
193 j=BN_is_prime_fasttest(&t,1,callback,ctx,cb_arg,0);
194 if (j == -1) goto err;
195 if (j == 0) goto loop;
196
197 if (callback != NULL) callback(2,c1-1,cb_arg);
198 /* We have a safe prime test pass */
199 }
200 }
201 /* we have a prime :-) */
202 found = 1;
203err:
204 if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd);
205 BN_free(&t);
206 if (ctx != NULL) BN_CTX_free(ctx);
207 return(found ? rnd : NULL);
208 }
209
210int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *),
211 BN_CTX *ctx_passed, void *cb_arg)
212 {
213 return BN_is_prime_fasttest(a, checks, callback, ctx_passed, cb_arg, 0);
214 }
215
216int BN_is_prime_fasttest(const BIGNUM *a, int checks,
217 void (*callback)(int,int,void *),
218 BN_CTX *ctx_passed, void *cb_arg,
219 int do_trial_division)
220 {
221 int i, j, ret = -1;
222 int k;
223 BN_CTX *ctx = NULL;
224 BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
225 BN_MONT_CTX *mont = NULL;
226 const BIGNUM *A = NULL;
227
228 if (checks == BN_prime_checks)
229 checks = BN_prime_checks_for_size(BN_num_bits(a));
230
231 /* first look for small factors */
232 if (!BN_is_odd(a))
233 return(0);
234 if (do_trial_division)
235 {
236 for (i = 1; i < NUMPRIMES; i++)
237 if (BN_mod_word(a, primes[i]) == 0)
238 return 0;
239 if (callback != NULL) callback(1, -1, cb_arg);
240 }
241
242 if (ctx_passed != NULL)
243 ctx = ctx_passed;
244 else
245 if ((ctx=BN_CTX_new()) == NULL)
246 goto err;
247 BN_CTX_start(ctx);
248
249 /* A := abs(a) */
250 if (a->neg)
251 {
252 BIGNUM *t;
253 if ((t = BN_CTX_get(ctx)) == NULL) goto err;
254 BN_copy(t, a);
255 t->neg = 0;
256 A = t;
257 }
258 else
259 A = a;
260 A1 = BN_CTX_get(ctx);
261 A1_odd = BN_CTX_get(ctx);
262 check = BN_CTX_get(ctx);
263 if (check == NULL) goto err;
264
265 /* compute A1 := A - 1 */
266 if (!BN_copy(A1, A))
267 goto err;
268 if (!BN_sub_word(A1, 1))
269 goto err;
270 if (BN_is_zero(A1))
271 {
272 ret = 0;
273 goto err;
274 }
275
276 /* write A1 as A1_odd * 2^k */
277 k = 1;
278 while (!BN_is_bit_set(A1, k))
279 k++;
280 if (!BN_rshift(A1_odd, A1, k))
281 goto err;
282
283 /* Montgomery setup for computations mod A */
284 mont = BN_MONT_CTX_new();
285 if (mont == NULL)
286 goto err;
287 if (!BN_MONT_CTX_set(mont, A, ctx))
288 goto err;
289
290 for (i = 0; i < checks; i++)
291 {
292 if (!BN_pseudo_rand(check, BN_num_bits(A1), 0, 0))
293 goto err;
294 if (BN_cmp(check, A1) >= 0)
295 if (!BN_sub(check, check, A1))
296 goto err;
297 if (!BN_add_word(check, 1))
298 goto err;
299 /* now 1 <= check < A */
300
301 j = witness(check, A, A1, A1_odd, k, ctx, mont);
302 if (j == -1) goto err;
303 if (j)
304 {
305 ret=0;
306 goto err;
307 }
308 if (callback != NULL) callback(1,i,cb_arg);
309 }
310 ret=1;
311err:
312 if (ctx != NULL)
313 {
314 BN_CTX_end(ctx);
315 if (ctx_passed == NULL)
316 BN_CTX_free(ctx);
317 }
318 if (mont != NULL)
319 BN_MONT_CTX_free(mont);
320
321 return(ret);
322 }
323
324static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
325 const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont)
326 {
327 if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
328 return -1;
329 if (BN_is_one(w))
330 return 0; /* probably prime */
331 if (BN_cmp(w, a1) == 0)
332 return 0; /* w == -1 (mod a), 'a' is probably prime */
333 while (--k)
334 {
335 if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
336 return -1;
337 if (BN_is_one(w))
338 return 1; /* 'a' is composite, otherwise a previous 'w' would
339 * have been == -1 (mod 'a') */
340 if (BN_cmp(w, a1) == 0)
341 return 0; /* w == -1 (mod a), 'a' is probably prime */
342 }
343 /* If we get here, 'w' is the (a-1)/2-th power of the original 'w',
344 * and it is neither -1 nor +1 -- so 'a' cannot be prime */
345 return 1;
346 }
347
348static int probable_prime(BIGNUM *rnd, int bits)
349 {
350 int i;
351 BN_ULONG mods[NUMPRIMES];
352 BN_ULONG delta,d;
353
354again:
355 if (!BN_rand(rnd,bits,1,1)) return(0);
356 /* we now have a random number 'rand' to test. */
357 for (i=1; i<NUMPRIMES; i++)
358 mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
359 delta=0;
360 loop: for (i=1; i<NUMPRIMES; i++)
361 {
362 /* check that rnd is not a prime and also
363 * that gcd(rnd-1,primes) == 1 (except for 2) */
364 if (((mods[i]+delta)%primes[i]) <= 1)
365 {
366 d=delta;
367 delta+=2;
368 /* perhaps need to check for overflow of
369 * delta (but delta can be up to 2^32)
370 * 21-May-98 eay - added overflow check */
371 if (delta < d) goto again;
372 goto loop;
373 }
374 }
375 if (!BN_add_word(rnd,delta)) return(0);
376 return(1);
377 }
378
379static int probable_prime_dh(BIGNUM *rnd, int bits, BIGNUM *add, BIGNUM *rem,
380 BN_CTX *ctx)
381 {
382 int i,ret=0;
383 BIGNUM *t1;
384
385 BN_CTX_start(ctx);
386 if ((t1 = BN_CTX_get(ctx)) == NULL) goto err;
387
388 if (!BN_rand(rnd,bits,0,1)) goto err;
389
390 /* we need ((rnd-rem) % add) == 0 */
391
392 if (!BN_mod(t1,rnd,add,ctx)) goto err;
393 if (!BN_sub(rnd,rnd,t1)) goto err;
394 if (rem == NULL)
395 { if (!BN_add_word(rnd,1)) goto err; }
396 else
397 { if (!BN_add(rnd,rnd,rem)) goto err; }
398
399 /* we now have a random number 'rand' to test. */
400
401 loop: for (i=1; i<NUMPRIMES; i++)
402 {
403 /* check that rnd is a prime */
404 if (BN_mod_word(rnd,(BN_ULONG)primes[i]) <= 1)
405 {
406 if (!BN_add(rnd,rnd,add)) goto err;
407 goto loop;
408 }
409 }
410 ret=1;
411err:
412 BN_CTX_end(ctx);
413 return(ret);
414 }
415
416static int probable_prime_dh_safe(BIGNUM *p, int bits, BIGNUM *padd,
417 BIGNUM *rem, BN_CTX *ctx)
418 {
419 int i,ret=0;
420 BIGNUM *t1,*qadd,*q;
421
422 bits--;
423 BN_CTX_start(ctx);
424 t1 = BN_CTX_get(ctx);
425 q = BN_CTX_get(ctx);
426 qadd = BN_CTX_get(ctx);
427 if (qadd == NULL) goto err;
428
429 if (!BN_rshift1(qadd,padd)) goto err;
430
431 if (!BN_rand(q,bits,0,1)) goto err;
432
433 /* we need ((rnd-rem) % add) == 0 */
434 if (!BN_mod(t1,q,qadd,ctx)) goto err;
435 if (!BN_sub(q,q,t1)) goto err;
436 if (rem == NULL)
437 { if (!BN_add_word(q,1)) goto err; }
438 else
439 {
440 if (!BN_rshift1(t1,rem)) goto err;
441 if (!BN_add(q,q,t1)) goto err;
442 }
443
444 /* we now have a random number 'rand' to test. */
445 if (!BN_lshift1(p,q)) goto err;
446 if (!BN_add_word(p,1)) goto err;
447
448 loop: for (i=1; i<NUMPRIMES; i++)
449 {
450 /* check that p and q are prime */
451 /* check that for p and q
452 * gcd(p-1,primes) == 1 (except for 2) */
453 if ( (BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
454 (BN_mod_word(q,(BN_ULONG)primes[i]) == 0))
455 {
456 if (!BN_add(p,p,padd)) goto err;
457 if (!BN_add(q,q,qadd)) goto err;
458 goto loop;
459 }
460 }
461 ret=1;
462err:
463 BN_CTX_end(ctx);
464 return(ret);
465 }
diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h
deleted file mode 100644
index b7cf9a9bfe..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.h
+++ /dev/null
@@ -1,325 +0,0 @@
1/* Auto generated by bn_prime.pl */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef EIGHT_BIT
60#define NUMPRIMES 2048
61#else
62#define NUMPRIMES 54
63#endif
64static const unsigned int primes[NUMPRIMES]=
65 {
66 2, 3, 5, 7, 11, 13, 17, 19,
67 23, 29, 31, 37, 41, 43, 47, 53,
68 59, 61, 67, 71, 73, 79, 83, 89,
69 97, 101, 103, 107, 109, 113, 127, 131,
70 137, 139, 149, 151, 157, 163, 167, 173,
71 179, 181, 191, 193, 197, 199, 211, 223,
72 227, 229, 233, 239, 241, 251,
73#ifndef EIGHT_BIT
74 257, 263,
75 269, 271, 277, 281, 283, 293, 307, 311,
76 313, 317, 331, 337, 347, 349, 353, 359,
77 367, 373, 379, 383, 389, 397, 401, 409,
78 419, 421, 431, 433, 439, 443, 449, 457,
79 461, 463, 467, 479, 487, 491, 499, 503,
80 509, 521, 523, 541, 547, 557, 563, 569,
81 571, 577, 587, 593, 599, 601, 607, 613,
82 617, 619, 631, 641, 643, 647, 653, 659,
83 661, 673, 677, 683, 691, 701, 709, 719,
84 727, 733, 739, 743, 751, 757, 761, 769,
85 773, 787, 797, 809, 811, 821, 823, 827,
86 829, 839, 853, 857, 859, 863, 877, 881,
87 883, 887, 907, 911, 919, 929, 937, 941,
88 947, 953, 967, 971, 977, 983, 991, 997,
89 1009,1013,1019,1021,1031,1033,1039,1049,
90 1051,1061,1063,1069,1087,1091,1093,1097,
91 1103,1109,1117,1123,1129,1151,1153,1163,
92 1171,1181,1187,1193,1201,1213,1217,1223,
93 1229,1231,1237,1249,1259,1277,1279,1283,
94 1289,1291,1297,1301,1303,1307,1319,1321,
95 1327,1361,1367,1373,1381,1399,1409,1423,
96 1427,1429,1433,1439,1447,1451,1453,1459,
97 1471,1481,1483,1487,1489,1493,1499,1511,
98 1523,1531,1543,1549,1553,1559,1567,1571,
99 1579,1583,1597,1601,1607,1609,1613,1619,
100 1621,1627,1637,1657,1663,1667,1669,1693,
101 1697,1699,1709,1721,1723,1733,1741,1747,
102 1753,1759,1777,1783,1787,1789,1801,1811,
103 1823,1831,1847,1861,1867,1871,1873,1877,
104 1879,1889,1901,1907,1913,1931,1933,1949,
105 1951,1973,1979,1987,1993,1997,1999,2003,
106 2011,2017,2027,2029,2039,2053,2063,2069,
107 2081,2083,2087,2089,2099,2111,2113,2129,
108 2131,2137,2141,2143,2153,2161,2179,2203,
109 2207,2213,2221,2237,2239,2243,2251,2267,
110 2269,2273,2281,2287,2293,2297,2309,2311,
111 2333,2339,2341,2347,2351,2357,2371,2377,
112 2381,2383,2389,2393,2399,2411,2417,2423,
113 2437,2441,2447,2459,2467,2473,2477,2503,
114 2521,2531,2539,2543,2549,2551,2557,2579,
115 2591,2593,2609,2617,2621,2633,2647,2657,
116 2659,2663,2671,2677,2683,2687,2689,2693,
117 2699,2707,2711,2713,2719,2729,2731,2741,
118 2749,2753,2767,2777,2789,2791,2797,2801,
119 2803,2819,2833,2837,2843,2851,2857,2861,
120 2879,2887,2897,2903,2909,2917,2927,2939,
121 2953,2957,2963,2969,2971,2999,3001,3011,
122 3019,3023,3037,3041,3049,3061,3067,3079,
123 3083,3089,3109,3119,3121,3137,3163,3167,
124 3169,3181,3187,3191,3203,3209,3217,3221,
125 3229,3251,3253,3257,3259,3271,3299,3301,
126 3307,3313,3319,3323,3329,3331,3343,3347,
127 3359,3361,3371,3373,3389,3391,3407,3413,
128 3433,3449,3457,3461,3463,3467,3469,3491,
129 3499,3511,3517,3527,3529,3533,3539,3541,
130 3547,3557,3559,3571,3581,3583,3593,3607,
131 3613,3617,3623,3631,3637,3643,3659,3671,
132 3673,3677,3691,3697,3701,3709,3719,3727,
133 3733,3739,3761,3767,3769,3779,3793,3797,
134 3803,3821,3823,3833,3847,3851,3853,3863,
135 3877,3881,3889,3907,3911,3917,3919,3923,
136 3929,3931,3943,3947,3967,3989,4001,4003,
137 4007,4013,4019,4021,4027,4049,4051,4057,
138 4073,4079,4091,4093,4099,4111,4127,4129,
139 4133,4139,4153,4157,4159,4177,4201,4211,
140 4217,4219,4229,4231,4241,4243,4253,4259,
141 4261,4271,4273,4283,4289,4297,4327,4337,
142 4339,4349,4357,4363,4373,4391,4397,4409,
143 4421,4423,4441,4447,4451,4457,4463,4481,
144 4483,4493,4507,4513,4517,4519,4523,4547,
145 4549,4561,4567,4583,4591,4597,4603,4621,
146 4637,4639,4643,4649,4651,4657,4663,4673,
147 4679,4691,4703,4721,4723,4729,4733,4751,
148 4759,4783,4787,4789,4793,4799,4801,4813,
149 4817,4831,4861,4871,4877,4889,4903,4909,
150 4919,4931,4933,4937,4943,4951,4957,4967,
151 4969,4973,4987,4993,4999,5003,5009,5011,
152 5021,5023,5039,5051,5059,5077,5081,5087,
153 5099,5101,5107,5113,5119,5147,5153,5167,
154 5171,5179,5189,5197,5209,5227,5231,5233,
155 5237,5261,5273,5279,5281,5297,5303,5309,
156 5323,5333,5347,5351,5381,5387,5393,5399,
157 5407,5413,5417,5419,5431,5437,5441,5443,
158 5449,5471,5477,5479,5483,5501,5503,5507,
159 5519,5521,5527,5531,5557,5563,5569,5573,
160 5581,5591,5623,5639,5641,5647,5651,5653,
161 5657,5659,5669,5683,5689,5693,5701,5711,
162 5717,5737,5741,5743,5749,5779,5783,5791,
163 5801,5807,5813,5821,5827,5839,5843,5849,
164 5851,5857,5861,5867,5869,5879,5881,5897,
165 5903,5923,5927,5939,5953,5981,5987,6007,
166 6011,6029,6037,6043,6047,6053,6067,6073,
167 6079,6089,6091,6101,6113,6121,6131,6133,
168 6143,6151,6163,6173,6197,6199,6203,6211,
169 6217,6221,6229,6247,6257,6263,6269,6271,
170 6277,6287,6299,6301,6311,6317,6323,6329,
171 6337,6343,6353,6359,6361,6367,6373,6379,
172 6389,6397,6421,6427,6449,6451,6469,6473,
173 6481,6491,6521,6529,6547,6551,6553,6563,
174 6569,6571,6577,6581,6599,6607,6619,6637,
175 6653,6659,6661,6673,6679,6689,6691,6701,
176 6703,6709,6719,6733,6737,6761,6763,6779,
177 6781,6791,6793,6803,6823,6827,6829,6833,
178 6841,6857,6863,6869,6871,6883,6899,6907,
179 6911,6917,6947,6949,6959,6961,6967,6971,
180 6977,6983,6991,6997,7001,7013,7019,7027,
181 7039,7043,7057,7069,7079,7103,7109,7121,
182 7127,7129,7151,7159,7177,7187,7193,7207,
183 7211,7213,7219,7229,7237,7243,7247,7253,
184 7283,7297,7307,7309,7321,7331,7333,7349,
185 7351,7369,7393,7411,7417,7433,7451,7457,
186 7459,7477,7481,7487,7489,7499,7507,7517,
187 7523,7529,7537,7541,7547,7549,7559,7561,
188 7573,7577,7583,7589,7591,7603,7607,7621,
189 7639,7643,7649,7669,7673,7681,7687,7691,
190 7699,7703,7717,7723,7727,7741,7753,7757,
191 7759,7789,7793,7817,7823,7829,7841,7853,
192 7867,7873,7877,7879,7883,7901,7907,7919,
193 7927,7933,7937,7949,7951,7963,7993,8009,
194 8011,8017,8039,8053,8059,8069,8081,8087,
195 8089,8093,8101,8111,8117,8123,8147,8161,
196 8167,8171,8179,8191,8209,8219,8221,8231,
197 8233,8237,8243,8263,8269,8273,8287,8291,
198 8293,8297,8311,8317,8329,8353,8363,8369,
199 8377,8387,8389,8419,8423,8429,8431,8443,
200 8447,8461,8467,8501,8513,8521,8527,8537,
201 8539,8543,8563,8573,8581,8597,8599,8609,
202 8623,8627,8629,8641,8647,8663,8669,8677,
203 8681,8689,8693,8699,8707,8713,8719,8731,
204 8737,8741,8747,8753,8761,8779,8783,8803,
205 8807,8819,8821,8831,8837,8839,8849,8861,
206 8863,8867,8887,8893,8923,8929,8933,8941,
207 8951,8963,8969,8971,8999,9001,9007,9011,
208 9013,9029,9041,9043,9049,9059,9067,9091,
209 9103,9109,9127,9133,9137,9151,9157,9161,
210 9173,9181,9187,9199,9203,9209,9221,9227,
211 9239,9241,9257,9277,9281,9283,9293,9311,
212 9319,9323,9337,9341,9343,9349,9371,9377,
213 9391,9397,9403,9413,9419,9421,9431,9433,
214 9437,9439,9461,9463,9467,9473,9479,9491,
215 9497,9511,9521,9533,9539,9547,9551,9587,
216 9601,9613,9619,9623,9629,9631,9643,9649,
217 9661,9677,9679,9689,9697,9719,9721,9733,
218 9739,9743,9749,9767,9769,9781,9787,9791,
219 9803,9811,9817,9829,9833,9839,9851,9857,
220 9859,9871,9883,9887,9901,9907,9923,9929,
221 9931,9941,9949,9967,9973,10007,10009,10037,
222 10039,10061,10067,10069,10079,10091,10093,10099,
223 10103,10111,10133,10139,10141,10151,10159,10163,
224 10169,10177,10181,10193,10211,10223,10243,10247,
225 10253,10259,10267,10271,10273,10289,10301,10303,
226 10313,10321,10331,10333,10337,10343,10357,10369,
227 10391,10399,10427,10429,10433,10453,10457,10459,
228 10463,10477,10487,10499,10501,10513,10529,10531,
229 10559,10567,10589,10597,10601,10607,10613,10627,
230 10631,10639,10651,10657,10663,10667,10687,10691,
231 10709,10711,10723,10729,10733,10739,10753,10771,
232 10781,10789,10799,10831,10837,10847,10853,10859,
233 10861,10867,10883,10889,10891,10903,10909,10937,
234 10939,10949,10957,10973,10979,10987,10993,11003,
235 11027,11047,11057,11059,11069,11071,11083,11087,
236 11093,11113,11117,11119,11131,11149,11159,11161,
237 11171,11173,11177,11197,11213,11239,11243,11251,
238 11257,11261,11273,11279,11287,11299,11311,11317,
239 11321,11329,11351,11353,11369,11383,11393,11399,
240 11411,11423,11437,11443,11447,11467,11471,11483,
241 11489,11491,11497,11503,11519,11527,11549,11551,
242 11579,11587,11593,11597,11617,11621,11633,11657,
243 11677,11681,11689,11699,11701,11717,11719,11731,
244 11743,11777,11779,11783,11789,11801,11807,11813,
245 11821,11827,11831,11833,11839,11863,11867,11887,
246 11897,11903,11909,11923,11927,11933,11939,11941,
247 11953,11959,11969,11971,11981,11987,12007,12011,
248 12037,12041,12043,12049,12071,12073,12097,12101,
249 12107,12109,12113,12119,12143,12149,12157,12161,
250 12163,12197,12203,12211,12227,12239,12241,12251,
251 12253,12263,12269,12277,12281,12289,12301,12323,
252 12329,12343,12347,12373,12377,12379,12391,12401,
253 12409,12413,12421,12433,12437,12451,12457,12473,
254 12479,12487,12491,12497,12503,12511,12517,12527,
255 12539,12541,12547,12553,12569,12577,12583,12589,
256 12601,12611,12613,12619,12637,12641,12647,12653,
257 12659,12671,12689,12697,12703,12713,12721,12739,
258 12743,12757,12763,12781,12791,12799,12809,12821,
259 12823,12829,12841,12853,12889,12893,12899,12907,
260 12911,12917,12919,12923,12941,12953,12959,12967,
261 12973,12979,12983,13001,13003,13007,13009,13033,
262 13037,13043,13049,13063,13093,13099,13103,13109,
263 13121,13127,13147,13151,13159,13163,13171,13177,
264 13183,13187,13217,13219,13229,13241,13249,13259,
265 13267,13291,13297,13309,13313,13327,13331,13337,
266 13339,13367,13381,13397,13399,13411,13417,13421,
267 13441,13451,13457,13463,13469,13477,13487,13499,
268 13513,13523,13537,13553,13567,13577,13591,13597,
269 13613,13619,13627,13633,13649,13669,13679,13681,
270 13687,13691,13693,13697,13709,13711,13721,13723,
271 13729,13751,13757,13759,13763,13781,13789,13799,
272 13807,13829,13831,13841,13859,13873,13877,13879,
273 13883,13901,13903,13907,13913,13921,13931,13933,
274 13963,13967,13997,13999,14009,14011,14029,14033,
275 14051,14057,14071,14081,14083,14087,14107,14143,
276 14149,14153,14159,14173,14177,14197,14207,14221,
277 14243,14249,14251,14281,14293,14303,14321,14323,
278 14327,14341,14347,14369,14387,14389,14401,14407,
279 14411,14419,14423,14431,14437,14447,14449,14461,
280 14479,14489,14503,14519,14533,14537,14543,14549,
281 14551,14557,14561,14563,14591,14593,14621,14627,
282 14629,14633,14639,14653,14657,14669,14683,14699,
283 14713,14717,14723,14731,14737,14741,14747,14753,
284 14759,14767,14771,14779,14783,14797,14813,14821,
285 14827,14831,14843,14851,14867,14869,14879,14887,
286 14891,14897,14923,14929,14939,14947,14951,14957,
287 14969,14983,15013,15017,15031,15053,15061,15073,
288 15077,15083,15091,15101,15107,15121,15131,15137,
289 15139,15149,15161,15173,15187,15193,15199,15217,
290 15227,15233,15241,15259,15263,15269,15271,15277,
291 15287,15289,15299,15307,15313,15319,15329,15331,
292 15349,15359,15361,15373,15377,15383,15391,15401,
293 15413,15427,15439,15443,15451,15461,15467,15473,
294 15493,15497,15511,15527,15541,15551,15559,15569,
295 15581,15583,15601,15607,15619,15629,15641,15643,
296 15647,15649,15661,15667,15671,15679,15683,15727,
297 15731,15733,15737,15739,15749,15761,15767,15773,
298 15787,15791,15797,15803,15809,15817,15823,15859,
299 15877,15881,15887,15889,15901,15907,15913,15919,
300 15923,15937,15959,15971,15973,15991,16001,16007,
301 16033,16057,16061,16063,16067,16069,16073,16087,
302 16091,16097,16103,16111,16127,16139,16141,16183,
303 16187,16189,16193,16217,16223,16229,16231,16249,
304 16253,16267,16273,16301,16319,16333,16339,16349,
305 16361,16363,16369,16381,16411,16417,16421,16427,
306 16433,16447,16451,16453,16477,16481,16487,16493,
307 16519,16529,16547,16553,16561,16567,16573,16603,
308 16607,16619,16631,16633,16649,16651,16657,16661,
309 16673,16691,16693,16699,16703,16729,16741,16747,
310 16759,16763,16787,16811,16823,16829,16831,16843,
311 16871,16879,16883,16889,16901,16903,16921,16927,
312 16931,16937,16943,16963,16979,16981,16987,16993,
313 17011,17021,17027,17029,17033,17041,17047,17053,
314 17077,17093,17099,17107,17117,17123,17137,17159,
315 17167,17183,17189,17191,17203,17207,17209,17231,
316 17239,17257,17291,17293,17299,17317,17321,17327,
317 17333,17341,17351,17359,17377,17383,17387,17389,
318 17393,17401,17417,17419,17431,17443,17449,17467,
319 17471,17477,17483,17489,17491,17497,17509,17519,
320 17539,17551,17569,17573,17579,17581,17597,17599,
321 17609,17623,17627,17657,17659,17669,17681,17683,
322 17707,17713,17729,17737,17747,17749,17761,17783,
323 17789,17791,17807,17827,17837,17839,17851,17863,
324#endif
325 };
diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl
deleted file mode 100644
index 9fc3765486..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.pl
+++ /dev/null
@@ -1,117 +0,0 @@
1#!/usr/local/bin/perl
2# bn_prime.pl
3
4$num=2048;
5$num=$ARGV[0] if ($#ARGV >= 0);
6
7push(@primes,2);
8$p=1;
9loop: while ($#primes < $num-1)
10 {
11 $p+=2;
12 $s=int(sqrt($p));
13
14 for ($i=0; $primes[$i]<=$s; $i++)
15 {
16 next loop if (($p%$primes[$i]) == 0);
17 }
18 push(@primes,$p);
19 }
20
21# print <<"EOF";
22# /* Auto generated by bn_prime.pl */
23# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
24# * All rights reserved.
25# * Copyright remains Eric Young's, and as such any Copyright notices in
26# * the code are not to be removed.
27# * See the COPYRIGHT file in the SSLeay distribution for more details.
28# */
29#
30# EOF
31
32print <<\EOF;
33/* Auto generated by bn_prime.pl */
34/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
35 * All rights reserved.
36 *
37 * This package is an SSL implementation written
38 * by Eric Young (eay@cryptsoft.com).
39 * The implementation was written so as to conform with Netscapes SSL.
40 *
41 * This library is free for commercial and non-commercial use as long as
42 * the following conditions are aheared to. The following conditions
43 * apply to all code found in this distribution, be it the RC4, RSA,
44 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
45 * included with this distribution is covered by the same copyright terms
46 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
47 *
48 * Copyright remains Eric Young's, and as such any Copyright notices in
49 * the code are not to be removed.
50 * If this package is used in a product, Eric Young should be given attribution
51 * as the author of the parts of the library used.
52 * This can be in the form of a textual message at program startup or
53 * in documentation (online or textual) provided with the package.
54 *
55 * Redistribution and use in source and binary forms, with or without
56 * modification, are permitted provided that the following conditions
57 * are met:
58 * 1. Redistributions of source code must retain the copyright
59 * notice, this list of conditions and the following disclaimer.
60 * 2. Redistributions in binary form must reproduce the above copyright
61 * notice, this list of conditions and the following disclaimer in the
62 * documentation and/or other materials provided with the distribution.
63 * 3. All advertising materials mentioning features or use of this software
64 * must display the following acknowledgement:
65 * "This product includes cryptographic software written by
66 * Eric Young (eay@cryptsoft.com)"
67 * The word 'cryptographic' can be left out if the rouines from the library
68 * being used are not cryptographic related :-).
69 * 4. If you include any Windows specific code (or a derivative thereof) from
70 * the apps directory (application code) you must include an acknowledgement:
71 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
72 *
73 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
74 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
75 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
76 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
77 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
78 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
79 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
80 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
81 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
82 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
83 * SUCH DAMAGE.
84 *
85 * The licence and distribution terms for any publically available version or
86 * derivative of this code cannot be changed. i.e. this code cannot simply be
87 * copied and put under another distribution licence
88 * [including the GNU Public Licence.]
89 */
90
91EOF
92
93for ($i=0; $i <= $#primes; $i++)
94 {
95 if ($primes[$i] > 256)
96 {
97 $eight=$i;
98 last;
99 }
100 }
101
102printf "#ifndef EIGHT_BIT\n";
103printf "#define NUMPRIMES %d\n",$num;
104printf "#else\n";
105printf "#define NUMPRIMES %d\n",$eight;
106printf "#endif\n";
107print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
108$init=0;
109for ($i=0; $i <= $#primes; $i++)
110 {
111 printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
112 printf("\n\t") if (($i%8) == 0) && ($i != 0);
113 printf("%4d,",$primes[$i]);
114 }
115print "\n#endif\n\t};\n";
116
117
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
deleted file mode 100644
index 782a96e7e0..0000000000
--- a/src/lib/libcrypto/bn/bn_print.c
+++ /dev/null
@@ -1,332 +0,0 @@
1/* crypto/bn/bn_print.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include "bn_lcl.h"
64
65static const char *Hex="0123456789ABCDEF";
66
67/* Must 'Free' the returned data */
68char *BN_bn2hex(const BIGNUM *a)
69 {
70 int i,j,v,z=0;
71 char *buf;
72 char *p;
73
74 buf=(char *)Malloc(a->top*BN_BYTES*2+2);
75 if (buf == NULL)
76 {
77 BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
78 goto err;
79 }
80 p=buf;
81 if (a->neg) *(p++)='-';
82 if (a->top == 0) *(p++)='0';
83 for (i=a->top-1; i >=0; i--)
84 {
85 for (j=BN_BITS2-8; j >= 0; j-=8)
86 {
87 /* strip leading zeros */
88 v=((int)(a->d[i]>>(long)j))&0xff;
89 if (z || (v != 0))
90 {
91 *(p++)=Hex[v>>4];
92 *(p++)=Hex[v&0x0f];
93 z=1;
94 }
95 }
96 }
97 *p='\0';
98err:
99 return(buf);
100 }
101
102/* Must 'Free' the returned data */
103char *BN_bn2dec(const BIGNUM *a)
104 {
105 int i=0,num;
106 char *buf=NULL;
107 char *p;
108 BIGNUM *t=NULL;
109 BN_ULONG *bn_data=NULL,*lp;
110
111 i=BN_num_bits(a)*3;
112 num=(i/10+i/1000+3)+1;
113 bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
114 buf=(char *)Malloc(num+3);
115 if ((buf == NULL) || (bn_data == NULL))
116 {
117 BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
118 goto err;
119 }
120 if ((t=BN_dup(a)) == NULL) goto err;
121
122 p=buf;
123 lp=bn_data;
124 if (t->neg) *(p++)='-';
125 if (t->top == 0)
126 {
127 *(p++)='0';
128 *(p++)='\0';
129 }
130 else
131 {
132 i=0;
133 while (!BN_is_zero(t))
134 {
135 *lp=BN_div_word(t,BN_DEC_CONV);
136 lp++;
137 }
138 lp--;
139 /* We now have a series of blocks, BN_DEC_NUM chars
140 * in length, where the last one needs truncation.
141 * The blocks need to be reversed in order. */
142 sprintf(p,BN_DEC_FMT1,*lp);
143 while (*p) p++;
144 while (lp != bn_data)
145 {
146 lp--;
147 sprintf(p,BN_DEC_FMT2,*lp);
148 while (*p) p++;
149 }
150 }
151err:
152 if (bn_data != NULL) Free(bn_data);
153 if (t != NULL) BN_free(t);
154 return(buf);
155 }
156
157int BN_hex2bn(BIGNUM **bn, const char *a)
158 {
159 BIGNUM *ret=NULL;
160 BN_ULONG l=0;
161 int neg=0,h,m,i,j,k,c;
162 int num;
163
164 if ((a == NULL) || (*a == '\0')) return(0);
165
166 if (*a == '-') { neg=1; a++; }
167
168 for (i=0; isxdigit((unsigned char) a[i]); i++)
169 ;
170
171 num=i+neg;
172 if (bn == NULL) return(num);
173
174 /* a is the start of the hex digits, and it is 'i' long */
175 if (*bn == NULL)
176 {
177 if ((ret=BN_new()) == NULL) return(0);
178 }
179 else
180 {
181 ret= *bn;
182 BN_zero(ret);
183 }
184
185 /* i is the number of hex digests; */
186 if (bn_expand(ret,i*4) == NULL) goto err;
187
188 j=i; /* least significant 'hex' */
189 m=0;
190 h=0;
191 while (j > 0)
192 {
193 m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
194 l=0;
195 for (;;)
196 {
197 c=a[j-m];
198 if ((c >= '0') && (c <= '9')) k=c-'0';
199 else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
200 else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
201 else k=0; /* paranoia */
202 l=(l<<4)|k;
203
204 if (--m <= 0)
205 {
206 ret->d[h++]=l;
207 break;
208 }
209 }
210 j-=(BN_BYTES*2);
211 }
212 ret->top=h;
213 bn_fix_top(ret);
214 ret->neg=neg;
215
216 *bn=ret;
217 return(num);
218err:
219 if (*bn == NULL) BN_free(ret);
220 return(0);
221 }
222
223int BN_dec2bn(BIGNUM **bn, const char *a)
224 {
225 BIGNUM *ret=NULL;
226 BN_ULONG l=0;
227 int neg=0,i,j;
228 int num;
229
230 if ((a == NULL) || (*a == '\0')) return(0);
231 if (*a == '-') { neg=1; a++; }
232
233 for (i=0; isdigit((unsigned char) a[i]); i++)
234 ;
235
236 num=i+neg;
237 if (bn == NULL) return(num);
238
239 /* a is the start of the digits, and it is 'i' long.
240 * We chop it into BN_DEC_NUM digits at a time */
241 if (*bn == NULL)
242 {
243 if ((ret=BN_new()) == NULL) return(0);
244 }
245 else
246 {
247 ret= *bn;
248 BN_zero(ret);
249 }
250
251 /* i is the number of digests, a bit of an over expand; */
252 if (bn_expand(ret,i*4) == NULL) goto err;
253
254 j=BN_DEC_NUM-(i%BN_DEC_NUM);
255 if (j == BN_DEC_NUM) j=0;
256 l=0;
257 while (*a)
258 {
259 l*=10;
260 l+= *a-'0';
261 a++;
262 if (++j == BN_DEC_NUM)
263 {
264 BN_mul_word(ret,BN_DEC_CONV);
265 BN_add_word(ret,l);
266 l=0;
267 j=0;
268 }
269 }
270 ret->neg=neg;
271
272 bn_fix_top(ret);
273 *bn=ret;
274 return(num);
275err:
276 if (*bn == NULL) BN_free(ret);
277 return(0);
278 }
279
280#ifndef NO_BIO
281#ifndef NO_FP_API
282int BN_print_fp(FILE *fp, const BIGNUM *a)
283 {
284 BIO *b;
285 int ret;
286
287 if ((b=BIO_new(BIO_s_file())) == NULL)
288 return(0);
289 BIO_set_fp(b,fp,BIO_NOCLOSE);
290 ret=BN_print(b,a);
291 BIO_free(b);
292 return(ret);
293 }
294#endif
295
296int BN_print(BIO *bp, const BIGNUM *a)
297 {
298 int i,j,v,z=0;
299 int ret=0;
300
301 if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
302 if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
303 for (i=a->top-1; i >=0; i--)
304 {
305 for (j=BN_BITS2-4; j >= 0; j-=4)
306 {
307 /* strip leading zeros */
308 v=((int)(a->d[i]>>(long)j))&0x0f;
309 if (z || (v != 0))
310 {
311 if (BIO_write(bp,&(Hex[v]),1) != 1)
312 goto end;
313 z=1;
314 }
315 }
316 }
317 ret=1;
318end:
319 return(ret);
320 }
321#endif
322
323#ifdef BN_DEBUG
324void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n)
325 {
326 int i;
327 fprintf(o, "%s=", a);
328 for (i=n-1;i>=0;i--)
329 fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */
330 fprintf(o, "\n");
331 }
332#endif
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c
deleted file mode 100644
index 943712c15b..0000000000
--- a/src/lib/libcrypto/bn/bn_rand.c
+++ /dev/null
@@ -1,136 +0,0 @@
1/* crypto/bn/bn_rand.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include "cryptlib.h"
62#include "bn_lcl.h"
63#include <openssl/rand.h>
64
65static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
66 {
67 unsigned char *buf=NULL;
68 int ret=0,bit,bytes,mask;
69 time_t tim;
70
71 bytes=(bits+7)/8;
72 bit=(bits-1)%8;
73 mask=0xff<<bit;
74
75 buf=(unsigned char *)Malloc(bytes);
76 if (buf == NULL)
77 {
78 BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
79 goto err;
80 }
81
82 /* make a random number and set the top and bottom bits */
83 time(&tim);
84 RAND_add(&tim,sizeof(tim),0);
85
86 if (pseudorand)
87 {
88 if (RAND_pseudo_bytes(buf, bytes) == -1)
89 goto err;
90 }
91 else
92 {
93 if (RAND_bytes(buf, bytes) <= 0)
94 goto err;
95 }
96
97 if (top)
98 {
99 if (bit == 0)
100 {
101 buf[0]=1;
102 buf[1]|=0x80;
103 }
104 else
105 {
106 buf[0]|=(3<<(bit-1));
107 buf[0]&= ~(mask<<1);
108 }
109 }
110 else
111 {
112 buf[0]|=(1<<bit);
113 buf[0]&= ~(mask<<1);
114 }
115 if (bottom) /* set bottom bits to whatever odd is */
116 buf[bytes-1]|=1;
117 if (!BN_bin2bn(buf,bytes,rnd)) goto err;
118 ret=1;
119err:
120 if (buf != NULL)
121 {
122 memset(buf,0,bytes);
123 Free(buf);
124 }
125 return(ret);
126 }
127
128int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
129 {
130 return bnrand(0, rnd, bits, top, bottom);
131 }
132
133int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
134 {
135 return bnrand(1, rnd, bits, top, bottom);
136 }
diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c
deleted file mode 100644
index a8796bd0aa..0000000000
--- a/src/lib/libcrypto/bn/bn_recp.c
+++ /dev/null
@@ -1,220 +0,0 @@
1/* crypto/bn/bn_recp.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63void BN_RECP_CTX_init(BN_RECP_CTX *recp)
64 {
65 BN_init(&(recp->N));
66 BN_init(&(recp->Nr));
67 recp->num_bits=0;
68 recp->flags=0;
69 }
70
71BN_RECP_CTX *BN_RECP_CTX_new(void)
72 {
73 BN_RECP_CTX *ret;
74
75 if ((ret=(BN_RECP_CTX *)Malloc(sizeof(BN_RECP_CTX))) == NULL)
76 return(NULL);
77
78 BN_RECP_CTX_init(ret);
79 ret->flags=BN_FLG_MALLOCED;
80 return(ret);
81 }
82
83void BN_RECP_CTX_free(BN_RECP_CTX *recp)
84 {
85 if(recp == NULL)
86 return;
87
88 BN_free(&(recp->N));
89 BN_free(&(recp->Nr));
90 if (recp->flags & BN_FLG_MALLOCED)
91 Free(recp);
92 }
93
94int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
95 {
96 BN_copy(&(recp->N),d);
97 BN_zero(&(recp->Nr));
98 recp->num_bits=BN_num_bits(d);
99 recp->shift=0;
100 return(1);
101 }
102
103int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp,
104 BN_CTX *ctx)
105 {
106 int ret=0;
107 BIGNUM *a;
108
109 BN_CTX_start(ctx);
110 if ((a = BN_CTX_get(ctx)) == NULL) goto err;
111 if (y != NULL)
112 {
113 if (x == y)
114 { if (!BN_sqr(a,x,ctx)) goto err; }
115 else
116 { if (!BN_mul(a,x,y,ctx)) goto err; }
117 }
118 else
119 a=x; /* Just do the mod */
120
121 BN_div_recp(NULL,r,a,recp,ctx);
122 ret=1;
123err:
124 BN_CTX_end(ctx);
125 return(ret);
126 }
127
128int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp,
129 BN_CTX *ctx)
130 {
131 int i,j,ret=0;
132 BIGNUM *a,*b,*d,*r;
133
134 BN_CTX_start(ctx);
135 a=BN_CTX_get(ctx);
136 b=BN_CTX_get(ctx);
137 if (dv != NULL)
138 d=dv;
139 else
140 d=BN_CTX_get(ctx);
141 if (rem != NULL)
142 r=rem;
143 else
144 r=BN_CTX_get(ctx);
145 if (a == NULL || b == NULL || d == NULL || r == NULL) goto err;
146
147 if (BN_ucmp(m,&(recp->N)) < 0)
148 {
149 BN_zero(d);
150 BN_copy(r,m);
151 BN_CTX_end(ctx);
152 return(1);
153 }
154
155 /* We want the remainder
156 * Given input of ABCDEF / ab
157 * we need multiply ABCDEF by 3 digests of the reciprocal of ab
158 *
159 */
160 i=BN_num_bits(m);
161
162 j=recp->num_bits<<1;
163 if (j>i) i=j;
164 j>>=1;
165
166 if (i != recp->shift)
167 recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N),
168 i,ctx);
169
170 if (!BN_rshift(a,m,j)) goto err;
171 if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err;
172 if (!BN_rshift(d,b,i-j)) goto err;
173 d->neg=0;
174 if (!BN_mul(b,&(recp->N),d,ctx)) goto err;
175 if (!BN_usub(r,m,b)) goto err;
176 r->neg=0;
177
178#if 1
179 j=0;
180 while (BN_ucmp(r,&(recp->N)) >= 0)
181 {
182 if (j++ > 2)
183 {
184 BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
185 goto err;
186 }
187 if (!BN_usub(r,r,&(recp->N))) goto err;
188 if (!BN_add_word(d,1)) goto err;
189 }
190#endif
191
192 r->neg=BN_is_zero(r)?0:m->neg;
193 d->neg=m->neg^recp->N.neg;
194 ret=1;
195err:
196 BN_CTX_end(ctx);
197 return(ret);
198 }
199
200/* len is the expected size of the result
201 * We actually calculate with an extra word of precision, so
202 * we can do faster division if the remainder is not required.
203 */
204int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx)
205 {
206 int ret= -1;
207 BIGNUM t;
208
209 BN_init(&t);
210
211 BN_zero(&t);
212 if (!BN_set_bit(&t,len)) goto err;
213
214 if (!BN_div(r,NULL,&t,m,ctx)) goto err;
215 ret=len;
216err:
217 BN_free(&t);
218 return(ret);
219 }
220
diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c
deleted file mode 100644
index 61aae65a6b..0000000000
--- a/src/lib/libcrypto/bn/bn_shift.c
+++ /dev/null
@@ -1,200 +0,0 @@
1/* crypto/bn/bn_shift.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63int BN_lshift1(BIGNUM *r, BIGNUM *a)
64 {
65 register BN_ULONG *ap,*rp,t,c;
66 int i;
67
68 if (r != a)
69 {
70 r->neg=a->neg;
71 if (bn_wexpand(r,a->top+1) == NULL) return(0);
72 r->top=a->top;
73 }
74 else
75 {
76 if (bn_wexpand(r,a->top+1) == NULL) return(0);
77 }
78 ap=a->d;
79 rp=r->d;
80 c=0;
81 for (i=0; i<a->top; i++)
82 {
83 t= *(ap++);
84 *(rp++)=((t<<1)|c)&BN_MASK2;
85 c=(t & BN_TBIT)?1:0;
86 }
87 if (c)
88 {
89 *rp=1;
90 r->top++;
91 }
92 return(1);
93 }
94
95int BN_rshift1(BIGNUM *r, BIGNUM *a)
96 {
97 BN_ULONG *ap,*rp,t,c;
98 int i;
99
100 if (BN_is_zero(a))
101 {
102 BN_zero(r);
103 return(1);
104 }
105 if (a != r)
106 {
107 if (bn_wexpand(r,a->top) == NULL) return(0);
108 r->top=a->top;
109 r->neg=a->neg;
110 }
111 ap=a->d;
112 rp=r->d;
113 c=0;
114 for (i=a->top-1; i>=0; i--)
115 {
116 t=ap[i];
117 rp[i]=((t>>1)&BN_MASK2)|c;
118 c=(t&1)?BN_TBIT:0;
119 }
120 bn_fix_top(r);
121 return(1);
122 }
123
124int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
125 {
126 int i,nw,lb,rb;
127 BN_ULONG *t,*f;
128 BN_ULONG l;
129
130 r->neg=a->neg;
131 if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0);
132 nw=n/BN_BITS2;
133 lb=n%BN_BITS2;
134 rb=BN_BITS2-lb;
135 f=a->d;
136 t=r->d;
137 t[a->top+nw]=0;
138 if (lb == 0)
139 for (i=a->top-1; i>=0; i--)
140 t[nw+i]=f[i];
141 else
142 for (i=a->top-1; i>=0; i--)
143 {
144 l=f[i];
145 t[nw+i+1]|=(l>>rb)&BN_MASK2;
146 t[nw+i]=(l<<lb)&BN_MASK2;
147 }
148 memset(t,0,nw*sizeof(t[0]));
149/* for (i=0; i<nw; i++)
150 t[i]=0;*/
151 r->top=a->top+nw+1;
152 bn_fix_top(r);
153 return(1);
154 }
155
156int BN_rshift(BIGNUM *r, BIGNUM *a, int n)
157 {
158 int i,j,nw,lb,rb;
159 BN_ULONG *t,*f;
160 BN_ULONG l,tmp;
161
162 nw=n/BN_BITS2;
163 rb=n%BN_BITS2;
164 lb=BN_BITS2-rb;
165 if (nw > a->top)
166 {
167 BN_zero(r);
168 return(1);
169 }
170 if (r != a)
171 {
172 r->neg=a->neg;
173 if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
174 }
175
176 f= &(a->d[nw]);
177 t=r->d;
178 j=a->top-nw;
179 r->top=j;
180
181 if (rb == 0)
182 {
183 for (i=j+1; i > 0; i--)
184 *(t++)= *(f++);
185 }
186 else
187 {
188 l= *(f++);
189 for (i=1; i<j; i++)
190 {
191 tmp =(l>>rb)&BN_MASK2;
192 l= *(f++);
193 *(t++) =(tmp|(l<<lb))&BN_MASK2;
194 }
195 *(t++) =(l>>rb)&BN_MASK2;
196 }
197 *t=0;
198 bn_fix_top(r);
199 return(1);
200 }
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
deleted file mode 100644
index fe00c5f69a..0000000000
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,288 +0,0 @@
1/* crypto/bn/bn_sqr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63/* r must not be a */
64/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
65int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx)
66 {
67 int max,al;
68 int ret = 0;
69 BIGNUM *tmp,*rr;
70
71#ifdef BN_COUNT
72printf("BN_sqr %d * %d\n",a->top,a->top);
73#endif
74 bn_check_top(a);
75
76 al=a->top;
77 if (al <= 0)
78 {
79 r->top=0;
80 return(1);
81 }
82
83 BN_CTX_start(ctx);
84 rr=(a != r) ? r : BN_CTX_get(ctx);
85 tmp=BN_CTX_get(ctx);
86 if (tmp == NULL) goto err;
87
88 max=(al+al);
89 if (bn_wexpand(rr,max+1) == NULL) goto err;
90
91 r->neg=0;
92 if (al == 4)
93 {
94#ifndef BN_SQR_COMBA
95 BN_ULONG t[8];
96 bn_sqr_normal(rr->d,a->d,4,t);
97#else
98 bn_sqr_comba4(rr->d,a->d);
99#endif
100 }
101 else if (al == 8)
102 {
103#ifndef BN_SQR_COMBA
104 BN_ULONG t[16];
105 bn_sqr_normal(rr->d,a->d,8,t);
106#else
107 bn_sqr_comba8(rr->d,a->d);
108#endif
109 }
110 else
111 {
112#if defined(BN_RECURSION)
113 if (al < BN_SQR_RECURSIVE_SIZE_NORMAL)
114 {
115 BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2];
116 bn_sqr_normal(rr->d,a->d,al,t);
117 }
118 else
119 {
120 int j,k;
121
122 j=BN_num_bits_word((BN_ULONG)al);
123 j=1<<(j-1);
124 k=j+j;
125 if (al == j)
126 {
127 if (bn_wexpand(a,k*2) == NULL) goto err;
128 if (bn_wexpand(tmp,k*2) == NULL) goto err;
129 bn_sqr_recursive(rr->d,a->d,al,tmp->d);
130 }
131 else
132 {
133 if (bn_wexpand(tmp,max) == NULL) goto err;
134 bn_sqr_normal(rr->d,a->d,al,tmp->d);
135 }
136 }
137#else
138 if (bn_wexpand(tmp,max) == NULL) goto err;
139 bn_sqr_normal(rr->d,a->d,al,tmp->d);
140#endif
141 }
142
143 rr->top=max;
144 if ((max > 0) && (rr->d[max-1] == 0)) rr->top--;
145 if (rr != r) BN_copy(r,rr);
146 ret = 1;
147 err:
148 BN_CTX_end(ctx);
149 return(ret);
150 }
151
152/* tmp must have 2*n words */
153void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp)
154 {
155 int i,j,max;
156 BN_ULONG *ap,*rp;
157
158 max=n*2;
159 ap=a;
160 rp=r;
161 rp[0]=rp[max-1]=0;
162 rp++;
163 j=n;
164
165 if (--j > 0)
166 {
167 ap++;
168 rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
169 rp+=2;
170 }
171
172 for (i=n-2; i>0; i--)
173 {
174 j--;
175 ap++;
176 rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
177 rp+=2;
178 }
179
180 bn_add_words(r,r,r,max);
181
182 /* There will not be a carry */
183
184 bn_sqr_words(tmp,a,n);
185
186 bn_add_words(r,r,tmp,max);
187 }
188
189#ifdef BN_RECURSION
190/* r is 2*n words in size,
191 * a and b are both n words in size.
192 * n must be a power of 2.
193 * We multiply and return the result.
194 * t must be 2*n words in size
195 * We calculate
196 * a[0]*b[0]
197 * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
198 * a[1]*b[1]
199 */
200void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t)
201 {
202 int n=n2/2;
203 int zero,c1;
204 BN_ULONG ln,lo,*p;
205
206#ifdef BN_COUNT
207printf(" bn_sqr_recursive %d * %d\n",n2,n2);
208#endif
209 if (n2 == 4)
210 {
211#ifndef BN_SQR_COMBA
212 bn_sqr_normal(r,a,4,t);
213#else
214 bn_sqr_comba4(r,a);
215#endif
216 return;
217 }
218 else if (n2 == 8)
219 {
220#ifndef BN_SQR_COMBA
221 bn_sqr_normal(r,a,8,t);
222#else
223 bn_sqr_comba8(r,a);
224#endif
225 return;
226 }
227 if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
228 {
229 bn_sqr_normal(r,a,n2,t);
230 return;
231 }
232 /* r=(a[0]-a[1])*(a[1]-a[0]) */
233 c1=bn_cmp_words(a,&(a[n]),n);
234 zero=0;
235 if (c1 > 0)
236 bn_sub_words(t,a,&(a[n]),n);
237 else if (c1 < 0)
238 bn_sub_words(t,&(a[n]),a,n);
239 else
240 zero=1;
241
242 /* The result will always be negative unless it is zero */
243 p= &(t[n2*2]);
244
245 if (!zero)
246 bn_sqr_recursive(&(t[n2]),t,n,p);
247 else
248 memset(&(t[n2]),0,n*sizeof(BN_ULONG));
249 bn_sqr_recursive(r,a,n,p);
250 bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
251
252 /* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
253 * r[10] holds (a[0]*b[0])
254 * r[32] holds (b[1]*b[1])
255 */
256
257 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
258
259 /* t[32] is negative */
260 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
261
262 /* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
263 * r[10] holds (a[0]*a[0])
264 * r[32] holds (a[1]*a[1])
265 * c1 holds the carry bits
266 */
267 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
268 if (c1)
269 {
270 p= &(r[n+n2]);
271 lo= *p;
272 ln=(lo+c1)&BN_MASK2;
273 *p=ln;
274
275 /* The overflow will stop before we over write
276 * words we should not overwrite */
277 if (ln < (BN_ULONG)c1)
278 {
279 do {
280 p++;
281 lo= *p;
282 ln=(lo+1)&BN_MASK2;
283 *p=ln;
284 } while (ln == 0);
285 }
286 }
287 }
288#endif
diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c
deleted file mode 100644
index 73157a7d43..0000000000
--- a/src/lib/libcrypto/bn/bn_word.c
+++ /dev/null
@@ -1,194 +0,0 @@
1/* crypto/bn/bn_word.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn_lcl.h"
62
63BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
64 {
65#ifndef BN_LLONG
66 BN_ULONG ret=0;
67#else
68 BN_ULLONG ret=0;
69#endif
70 int i;
71
72 w&=BN_MASK2;
73 for (i=a->top-1; i>=0; i--)
74 {
75#ifndef BN_LLONG
76 ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%w;
77 ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%w;
78#else
79 ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
80 (BN_ULLONG)w);
81#endif
82 }
83 return((BN_ULONG)ret);
84 }
85
86BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
87 {
88 BN_ULONG ret;
89 int i;
90
91 if (a->top == 0) return(0);
92 ret=0;
93 w&=BN_MASK2;
94 for (i=a->top-1; i>=0; i--)
95 {
96 BN_ULONG l,d;
97
98 l=a->d[i];
99 d=bn_div_words(ret,l,w);
100 ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
101 a->d[i]=d;
102 }
103 if ((a->top > 0) && (a->d[a->top-1] == 0))
104 a->top--;
105 return(ret);
106 }
107
108int BN_add_word(BIGNUM *a, BN_ULONG w)
109 {
110 BN_ULONG l;
111 int i;
112
113 if (a->neg)
114 {
115 a->neg=0;
116 i=BN_sub_word(a,w);
117 if (!BN_is_zero(a))
118 a->neg=1;
119 return(i);
120 }
121 w&=BN_MASK2;
122 if (bn_wexpand(a,a->top+1) == NULL) return(0);
123 i=0;
124 for (;;)
125 {
126 l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
127 a->d[i]=l;
128 if (w > l)
129 w=1;
130 else
131 break;
132 i++;
133 }
134 if (i >= a->top)
135 a->top++;
136 return(1);
137 }
138
139int BN_sub_word(BIGNUM *a, BN_ULONG w)
140 {
141 int i;
142
143 if (a->neg)
144 {
145 a->neg=0;
146 i=BN_add_word(a,w);
147 a->neg=1;
148 return(i);
149 }
150
151 w&=BN_MASK2;
152 if ((a->top == 1) && (a->d[0] < w))
153 {
154 a->d[0]=w-a->d[0];
155 a->neg=1;
156 return(1);
157 }
158 i=0;
159 for (;;)
160 {
161 if (a->d[i] >= w)
162 {
163 a->d[i]-=w;
164 break;
165 }
166 else
167 {
168 a->d[i]=(a->d[i]-w)&BN_MASK2;
169 i++;
170 w=1;
171 }
172 }
173 if ((a->d[i] == 0) && (i == (a->top-1)))
174 a->top--;
175 return(1);
176 }
177
178int BN_mul_word(BIGNUM *a, BN_ULONG w)
179 {
180 BN_ULONG ll;
181
182 w&=BN_MASK2;
183 if (a->top)
184 {
185 ll=bn_mul_words(a->d,a->d,a->top,w);
186 if (ll)
187 {
188 if (bn_wexpand(a,a->top+1) == NULL) return(0);
189 a->d[a->top++]=ll;
190 }
191 }
192 return(1);
193 }
194
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-04 09:10:54 +0000