summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn
diff options
context:
space:
mode:
authordjm <>2008-09-06 12:15:54 +0000
committerdjm <>2008-09-06 12:15:54 +0000
commitf1625f274acf5dcd5601f6cb5e29e233b2a441a3 (patch)
tree44899ddfbef8f24aacbea50086c041c1b150f6d6 /src/lib/libcrypto/bn
parent4f828b924f54507141fb95ebe49dfcd261945e85 (diff)
downloadopenbsd-f1625f274acf5dcd5601f6cb5e29e233b2a441a3.tar.gz
openbsd-f1625f274acf5dcd5601f6cb5e29e233b2a441a3.tar.bz2
openbsd-f1625f274acf5dcd5601f6cb5e29e233b2a441a3.zip
import of OpenSSL 0.9.8h
Diffstat (limited to 'src/lib/libcrypto/bn')
-rw-r--r--src/lib/libcrypto/bn/Makefile286
-rw-r--r--src/lib/libcrypto/bn/asm/mo-586.pl603
-rw-r--r--src/lib/libcrypto/bn/bntest.c775
-rw-r--r--src/lib/libcrypto/bn/exptest.c3
4 files changed, 1506 insertions, 161 deletions
diff --git a/src/lib/libcrypto/bn/Makefile b/src/lib/libcrypto/bn/Makefile
index 9969d242cc..e97c751390 100644
--- a/src/lib/libcrypto/bn/Makefile
+++ b/src/lib/libcrypto/bn/Makefile
@@ -8,11 +8,6 @@ CC= cc
8CPP= $(CC) -E 8CPP= $(CC) -E
9INCLUDES= -I.. -I$(TOP) -I../../include 9INCLUDES= -I.. -I$(TOP) -I../../include
10CFLAG=-g 10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile 11MAKEFILE= Makefile
17AR= ar r 12AR= ar r
18 13
@@ -22,6 +17,7 @@ BN_ASM= bn_asm.o
22 17
23CFLAGS= $(INCLUDES) $(CFLAG) 18CFLAGS= $(INCLUDES) $(CFLAG)
24ASFLAGS= $(INCLUDES) $(ASFLAG) 19ASFLAGS= $(INCLUDES) $(ASFLAG)
20AFLAGS= $(ASFLAGS)
25 21
26GENERAL=Makefile 22GENERAL=Makefile
27TEST=bntest.c exptest.c 23TEST=bntest.c exptest.c
@@ -31,12 +27,14 @@ LIB=$(TOP)/libcrypto.a
31LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ 27LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
32 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ 28 bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
33 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ 29 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
34 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c 30 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
31 bn_depr.c bn_const.c
35 32
36LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ 33LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
37 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ 34 bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
38 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ 35 bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
39 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o 36 bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
37 bn_depr.o bn_const.o
40 38
41SRC= $(LIBSRC) 39SRC= $(LIBSRC)
42 40
@@ -64,70 +62,60 @@ lib: $(LIBOBJ)
64 $(RANLIB) $(LIB) || echo Never mind. 62 $(RANLIB) $(LIB) || echo Never mind.
65 @touch lib 63 @touch lib
66 64
67# elf 65# ELF
68asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl 66bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl
69 (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) 67 (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@)
70 68co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl
71asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl 69 (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@)
72 (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) 70mo86-elf.s: asm/mo-586.pl ../perlasm/x86asm.pl
73 71 (cd asm; $(PERL) mo-586.pl elf $(CFLAGS) > ../$@)
72# COFF
73bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl
74 (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@)
75co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl
76 (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@)
77mo86-cof.s: asm/mo-586.pl ../perlasm/x86asm.pl
78 (cd asm; $(PERL) mo-586.pl coff $(CFLAGS) > ../$@)
74# a.out 79# a.out
75asm/bn86-out.o: asm/bn86unix.cpp 80bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl
76 $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o 81 (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@)
77 82co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl
78asm/co86-out.o: asm/co86unix.cpp 83 (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@)
79 $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o 84mo86-out.s: asm/mo-586.pl ../perlasm/x86asm.pl
80 85 (cd asm; $(PERL) mo-586.pl a.out $(CFLAGS) > ../$@)
81# bsdi 86
82asm/bn86bsdi.o: asm/bn86unix.cpp 87sparcv8.o: asm/sparcv8.S
83 $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o 88 $(CC) $(CFLAGS) -c asm/sparcv8.S
84 89sparcv8plus.o: asm/sparcv8plus.S
85asm/co86bsdi.o: asm/co86unix.cpp 90 $(CC) $(CFLAGS) -c asm/sparcv8plus.S
86 $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o 91
87 92bn-mips3.o: asm/mips3.s
88asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl 93 @if [ "$(CC)" = "gcc" ]; then \
89 (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp ) 94 ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
90 95 as -$$ABI -O -o $@ asm/mips3.s; \
91asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl 96 else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
92 (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp ) 97
93 98x86_64-gcc.o: asm/x86_64-gcc.c
94asm/sparcv8.o: asm/sparcv8.S 99 $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
95 100x86_64-mont.s: asm/x86_64-mont.pl
96asm/sparcv8plus.o: asm/sparcv8plus.S 101 $(PERL) asm/x86_64-mont.pl $@
97 102
98# Old GNU assembler doesn't understand V9 instructions, so we 103bn-ia64.s: asm/ia64.S
99# hire /usr/ccs/bin/as to do the job. Note that option is called 104 $(CC) $(CFLAGS) -E asm/ia64.S > $@
100# *-gcc27, but even gcc 2>=8 users may experience similar problem 105
101# if they didn't bother to upgrade GNU assembler. Such users should 106# GNU assembler fails to compile PA-RISC2 modules, insist on calling
102# not choose this option, but be adviced to *remove* GNU assembler 107# vendor assembler...
103# or upgrade it. 108pa-risc2W.o: asm/pa-risc2W.s
104asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S 109 /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
105 $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \ 110pa-risc2.o: asm/pa-risc2.s
106 /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o 111 /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
107 112
108 113# ppc - AIX, Linux, MacOS X...
109asm/ia64.o: asm/ia64.S 114linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@
110 115linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@
111# Some compiler drivers (most notably HP-UX and Intel C++) don't 116aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
112# understand .S extension:-( I wish I could pipe output from cc -E, 117aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
113# but it's too compiler driver/ABI dependent to cover with a single 118osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@
114# rule... <appro@fy.chalmers.se>
115asm/ia64-cpp.o: asm/ia64.S
116 $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \
117 $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \
118 rm -f /tmp/ia64.$$$$.s
119
120asm/x86_64-gcc.o: asm/x86_64-gcc.c
121 $(CC) $(ASFLAGS) -c -o $@ $<
122
123asm/pa-risc2W.o: asm/pa-risc2W.s
124 /usr/ccs/bin/as -o asm/pa-risc2W.o asm/pa-risc2W.s
125
126asm/linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@
127asm/linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@
128asm/aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
129asm/aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
130asm/osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@
131 119
132files: 120files:
133 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO 121 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -138,6 +126,7 @@ links:
138 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) 126 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
139 127
140install: 128install:
129 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
141 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ 130 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
142 do \ 131 do \
143 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ 132 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
@@ -161,6 +150,7 @@ lint:
161 lint -DLINT $(INCLUDES) $(SRC)>fluff 150 lint -DLINT $(INCLUDES) $(SRC)>fluff
162 151
163depend: 152depend:
153 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
164 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) 154 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
165 155
166dclean: 156dclean:
@@ -168,7 +158,7 @@ dclean:
168 mv -f Makefile.new $(MAKEFILE) 158 mv -f Makefile.new $(MAKEFILE)
169 159
170clean: 160clean:
171 rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s 161 rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
172 162
173# DO NOT DELETE THIS LINE -- make depend depends on it. 163# DO NOT DELETE THIS LINE -- make depend depends on it.
174 164
@@ -176,101 +166,131 @@ bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
176bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 166bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
177bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 167bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
178bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 168bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
179bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 169bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
180bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 170bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
181bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h 171bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
182bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 172bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
183bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 173bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
184bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 174bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
185bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 175bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
186bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 176bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
187bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 177bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
188bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h 178bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
189bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 179bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
190bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 180bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
191bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 181bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
192bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 182bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
193bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 183bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
194bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 184bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
195bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h 185bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
186bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
187bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c
196bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 188bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
197bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 189bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
198bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 190bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
199bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 191bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
200bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 192bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
201bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 193bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
202bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h 194bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
195bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
196bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
197bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
198bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
199bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
200bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
201bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
202bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
203bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 203bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
204bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 204bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
205bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 205bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
206bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 206bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
207bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 207bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
208bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 208bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
209bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h 209bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
210bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 210bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
211bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h 211bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
212bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 212bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
213bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 213bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
214bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 214bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
215bn_err.o: ../../include/openssl/symhacks.h bn_err.c 215bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
216bn_err.o: bn_err.c
216bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 217bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
217bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 218bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
218bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 219bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
219bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 220bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
220bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 221bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
221bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 222bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
222bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h 223bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
223bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 224bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
224bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 225bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
225bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 226bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
226bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 227bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
227bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 228bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
228bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 229bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
229bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h 230bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
230bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 231bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
231bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 232bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
232bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 233bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
233bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 234bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
234bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 235bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
235bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 236bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
236bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h 237bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
237bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h 238bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
238bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h 239bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
240bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
241bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
242bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
243bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
244bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
245bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
246bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
247bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
248bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
249bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
250bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
251bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
239bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 252bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
240bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 253bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
241bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 254bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
242bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 255bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
243bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 256bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
244bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 257bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
245bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c 258bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
246bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 259bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
247bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 260bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
248bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 261bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
249bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 262bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
250bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 263bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
251bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 264bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
252bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c 265bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
253bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 266bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
254bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 267bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
255bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 268bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
256bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 269bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
257bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 270bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
258bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 271bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
259bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c 272bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
260bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 273bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
261bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 274bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
262bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 275bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
263bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 276bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
264bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 277bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
265bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 278bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
266bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c 279bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
267bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 280bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
268bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 281bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
269bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 282bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
270bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 283bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
271bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 284bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
272bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 285bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
273bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c 286bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
287bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
288bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
289bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
290bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
291bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
292bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
293bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
274bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 294bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
275bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 295bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
276bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 296bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -283,9 +303,9 @@ bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
283bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 303bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
284bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 304bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
285bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 305bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
286bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 306bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
287bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 307bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
288bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c 308bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
289bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 309bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
290bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 310bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
291bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 311bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -298,36 +318,34 @@ bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
298bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 318bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
299bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 319bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
300bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 320bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
301bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 321bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
302bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 322bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
303bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c 323bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
304bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 324bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
305bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 325bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
306bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 326bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
307bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 327bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
308bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 328bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
309bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 329bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
310bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c 330bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
311bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 331bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
312bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 332bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
313bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 333bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
314bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 334bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
315bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 335bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
316bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 336bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
317bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c 337bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
318bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 338bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
319bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 339bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
320bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 340bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
321bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 341bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
322bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 342bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
323bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 343bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
324bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c 344bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
325bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h 345bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
326bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 346bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
327bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 347bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
328bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 348bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
329bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 349bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
330bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 350bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
331bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c 351bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
332bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
333bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c
diff --git a/src/lib/libcrypto/bn/asm/mo-586.pl b/src/lib/libcrypto/bn/asm/mo-586.pl
new file mode 100644
index 0000000000..0982293094
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/mo-586.pl
@@ -0,0 +1,603 @@
1#!/usr/bin/env perl
2
3# This is crypto/bn/asm/x86-mont.pl (with asciz from crypto/perlasm/x86asm.pl)
4# from OpenSSL 0.9.9-dev
5
6sub ::asciz
7{ my @str=unpack("C*",shift);
8 push @str,0;
9 while ($#str>15) {
10 &data_byte(@str[0..15]);
11 foreach (0..15) { shift @str; }
12 }
13 &data_byte(@str) if (@str);
14}
15
16# ====================================================================
17# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
18# project. The module is, however, dual licensed under OpenSSL and
19# CRYPTOGAMS licenses depending on where you obtain it. For further
20# details see http://www.openssl.org/~appro/cryptogams/.
21# ====================================================================
22
23# October 2005
24#
25# This is a "teaser" code, as it can be improved in several ways...
26# First of all non-SSE2 path should be implemented (yes, for now it
27# performs Montgomery multiplication/convolution only on SSE2-capable
28# CPUs such as P4, others fall down to original code). Then inner loop
29# can be unrolled and modulo-scheduled to improve ILP and possibly
30# moved to 128-bit XMM register bank (though it would require input
31# rearrangement and/or increase bus bandwidth utilization). Dedicated
32# squaring procedure should give further performance improvement...
33# Yet, for being draft, the code improves rsa512 *sign* benchmark by
34# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
35
36# December 2006
37#
38# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
39# Integer-only code [being equipped with dedicated squaring procedure]
40# gives ~40% on rsa512 sign benchmark...
41
42push(@INC,"perlasm","../../perlasm");
43require "x86asm.pl";
44
45&asm_init($ARGV[0],$0);
46
47$sse2=0;
48for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
49
50&external_label("OPENSSL_ia32cap_P") if ($sse2);
51
52&function_begin("bn_mul_mont");
53
54$i="edx";
55$j="ecx";
56$ap="esi"; $tp="esi"; # overlapping variables!!!
57$rp="edi"; $bp="edi"; # overlapping variables!!!
58$np="ebp";
59$num="ebx";
60
61$_num=&DWP(4*0,"esp"); # stack top layout
62$_rp=&DWP(4*1,"esp");
63$_ap=&DWP(4*2,"esp");
64$_bp=&DWP(4*3,"esp");
65$_np=&DWP(4*4,"esp");
66$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp");
67$_sp=&DWP(4*6,"esp");
68$_bpend=&DWP(4*7,"esp");
69$frame=32; # size of above frame rounded up to 16n
70
71 &xor ("eax","eax");
72 &mov ("edi",&wparam(5)); # int num
73 &cmp ("edi",4);
74 &jl (&label("just_leave"));
75
76 &lea ("esi",&wparam(0)); # put aside pointer to argument block
77 &lea ("edx",&wparam(1)); # load ap
78 &mov ("ebp","esp"); # saved stack pointer!
79 &add ("edi",2); # extra two words on top of tp
80 &neg ("edi");
81 &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2))
82 &neg ("edi");
83
84 # minimize cache contention by arraning 2K window between stack
85 # pointer and ap argument [np is also position sensitive vector,
86 # but it's assumed to be near ap, as it's allocated at ~same
87 # time].
88 &mov ("eax","esp");
89 &sub ("eax","edx");
90 &and ("eax",2047);
91 &sub ("esp","eax"); # this aligns sp and ap modulo 2048
92
93 &xor ("edx","esp");
94 &and ("edx",2048);
95 &xor ("edx",2048);
96 &sub ("esp","edx"); # this splits them apart modulo 4096
97
98 &and ("esp",-64); # align to cache line
99
100 ################################# load argument block...
101 &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
102 &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
103 &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
104 &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
105 &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
106 #&mov ("edi",&DWP(5*4,"esi"));# int num
107
108 &mov ("esi",&DWP(0,"esi")); # pull n0[0]
109 &mov ($_rp,"eax"); # ... save a copy of argument block
110 &mov ($_ap,"ebx");
111 &mov ($_bp,"ecx");
112 &mov ($_np,"edx");
113 &mov ($_n0,"esi");
114 &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
115 #&mov ($_num,$num); # redundant as $num is not reused
116 &mov ($_sp,"ebp"); # saved stack pointer!
117
118if($sse2) {
119$acc0="mm0"; # mmx register bank layout
120$acc1="mm1";
121$car0="mm2";
122$car1="mm3";
123$mul0="mm4";
124$mul1="mm5";
125$temp="mm6";
126$mask="mm7";
127
128 &picmeup("eax","OPENSSL_ia32cap_P");
129 &bt (&DWP(0,"eax"),26);
130 &jnc (&label("non_sse2"));
131
132 &mov ("eax",-1);
133 &movd ($mask,"eax"); # mask 32 lower bits
134
135 &mov ($ap,$_ap); # load input pointers
136 &mov ($bp,$_bp);
137 &mov ($np,$_np);
138
139 &xor ($i,$i); # i=0
140 &xor ($j,$j); # j=0
141
142 &movd ($mul0,&DWP(0,$bp)); # bp[0]
143 &movd ($mul1,&DWP(0,$ap)); # ap[0]
144 &movd ($car1,&DWP(0,$np)); # np[0]
145
146 &pmuludq($mul1,$mul0); # ap[0]*bp[0]
147 &movq ($car0,$mul1);
148 &movq ($acc0,$mul1); # I wish movd worked for
149 &pand ($acc0,$mask); # inter-register transfers
150
151 &pmuludq($mul1,$_n0q); # *=n0
152
153 &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0
154 &paddq ($car1,$acc0);
155
156 &movd ($acc1,&DWP(4,$np)); # np[1]
157 &movd ($acc0,&DWP(4,$ap)); # ap[1]
158
159 &psrlq ($car0,32);
160 &psrlq ($car1,32);
161
162 &inc ($j); # j++
163&set_label("1st",16);
164 &pmuludq($acc0,$mul0); # ap[j]*bp[0]
165 &pmuludq($acc1,$mul1); # np[j]*m1
166 &paddq ($car0,$acc0); # +=c0
167 &paddq ($car1,$acc1); # +=c1
168
169 &movq ($acc0,$car0);
170 &pand ($acc0,$mask);
171 &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
172 &paddq ($car1,$acc0); # +=ap[j]*bp[0];
173 &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
174 &psrlq ($car0,32);
175 &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]=
176 &psrlq ($car1,32);
177
178 &lea ($j,&DWP(1,$j));
179 &cmp ($j,$num);
180 &jl (&label("1st"));
181
182 &pmuludq($acc0,$mul0); # ap[num-1]*bp[0]
183 &pmuludq($acc1,$mul1); # np[num-1]*m1
184 &paddq ($car0,$acc0); # +=c0
185 &paddq ($car1,$acc1); # +=c1
186
187 &movq ($acc0,$car0);
188 &pand ($acc0,$mask);
189 &paddq ($car1,$acc0); # +=ap[num-1]*bp[0];
190 &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
191
192 &psrlq ($car0,32);
193 &psrlq ($car1,32);
194
195 &paddq ($car1,$car0);
196 &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
197
198 &inc ($i); # i++
199&set_label("outer");
200 &xor ($j,$j); # j=0
201
202 &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i]
203 &movd ($mul1,&DWP(0,$ap)); # ap[0]
204 &movd ($temp,&DWP($frame,"esp")); # tp[0]
205 &movd ($car1,&DWP(0,$np)); # np[0]
206 &pmuludq($mul1,$mul0); # ap[0]*bp[i]
207
208 &paddq ($mul1,$temp); # +=tp[0]
209 &movq ($acc0,$mul1);
210 &movq ($car0,$mul1);
211 &pand ($acc0,$mask);
212
213 &pmuludq($mul1,$_n0q); # *=n0
214
215 &pmuludq($car1,$mul1);
216 &paddq ($car1,$acc0);
217
218 &movd ($temp,&DWP($frame+4,"esp")); # tp[1]
219 &movd ($acc1,&DWP(4,$np)); # np[1]
220 &movd ($acc0,&DWP(4,$ap)); # ap[1]
221
222 &psrlq ($car0,32);
223 &psrlq ($car1,32);
224 &paddq ($car0,$temp); # +=tp[1]
225
226 &inc ($j); # j++
227 &dec ($num);
228&set_label("inner");
229 &pmuludq($acc0,$mul0); # ap[j]*bp[i]
230 &pmuludq($acc1,$mul1); # np[j]*m1
231 &paddq ($car0,$acc0); # +=c0
232 &paddq ($car1,$acc1); # +=c1
233
234 &movq ($acc0,$car0);
235 &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
236 &pand ($acc0,$mask);
237 &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
238 &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j]
239 &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
240 &psrlq ($car0,32);
241 &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
242 &psrlq ($car1,32);
243 &paddq ($car0,$temp); # +=tp[j+1]
244
245 &dec ($num);
246 &lea ($j,&DWP(1,$j)); # j++
247 &jnz (&label("inner"));
248
249 &mov ($num,$j);
250 &pmuludq($acc0,$mul0); # ap[num-1]*bp[i]
251 &pmuludq($acc1,$mul1); # np[num-1]*m1
252 &paddq ($car0,$acc0); # +=c0
253 &paddq ($car1,$acc1); # +=c1
254
255 &movq ($acc0,$car0);
256 &pand ($acc0,$mask);
257 &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1]
258 &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
259 &psrlq ($car0,32);
260 &psrlq ($car1,32);
261
262 &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num]
263 &paddq ($car1,$car0);
264 &paddq ($car1,$temp);
265 &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
266
267 &lea ($i,&DWP(1,$i)); # i++
268 &cmp ($i,$num);
269 &jle (&label("outer"));
270
271 &emms (); # done with mmx bank
272 &jmp (&label("common_tail"));
273
274&set_label("non_sse2",16);
275}
276
277if (0) {
278 &mov ("esp",$_sp);
279 &xor ("eax","eax"); # signal "not fast enough [yet]"
280 &jmp (&label("just_leave"));
281 # While the below code provides competitive performance for
282 # all key lengthes on modern Intel cores, it's still more
283 # than 10% slower for 4096-bit key elsewhere:-( "Competitive"
284 # means compared to the original integer-only assembler.
285 # 512-bit RSA sign is better by ~40%, but that's about all
286 # one can say about all CPUs...
287} else {
288$inp="esi"; # integer path uses these registers differently
289$word="edi";
290$carry="ebp";
291
292 &mov ($inp,$_ap);
293 &lea ($carry,&DWP(1,$num));
294 &mov ($word,$_bp);
295 &xor ($j,$j); # j=0
296 &mov ("edx",$inp);
297 &and ($carry,1); # see if num is even
298 &sub ("edx",$word); # see if ap==bp
299 &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num]
300 &or ($carry,"edx");
301 &mov ($word,&DWP(0,$word)); # bp[0]
302 &jz (&label("bn_sqr_mont"));
303 &mov ($_bpend,"eax");
304 &mov ("eax",&DWP(0,$inp));
305 &xor ("edx","edx");
306
307&set_label("mull",16);
308 &mov ($carry,"edx");
309 &mul ($word); # ap[j]*bp[0]
310 &add ($carry,"eax");
311 &lea ($j,&DWP(1,$j));
312 &adc ("edx",0);
313 &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
314 &cmp ($j,$num);
315 &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
316 &jl (&label("mull"));
317
318 &mov ($carry,"edx");
319 &mul ($word); # ap[num-1]*bp[0]
320 &mov ($word,$_n0);
321 &add ("eax",$carry);
322 &mov ($inp,$_np);
323 &adc ("edx",0);
324 &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
325
326 &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]=
327 &xor ($j,$j);
328 &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
329 &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
330
331 &mov ("eax",&DWP(0,$inp)); # np[0]
332 &mul ($word); # np[0]*m
333 &add ("eax",&DWP($frame,"esp")); # +=tp[0]
334 &mov ("eax",&DWP(4,$inp)); # np[1]
335 &adc ("edx",0);
336 &inc ($j);
337
338 &jmp (&label("2ndmadd"));
339
340&set_label("1stmadd",16);
341 &mov ($carry,"edx");
342 &mul ($word); # ap[j]*bp[i]
343 &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
344 &lea ($j,&DWP(1,$j));
345 &adc ("edx",0);
346 &add ($carry,"eax");
347 &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
348 &adc ("edx",0);
349 &cmp ($j,$num);
350 &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
351 &jl (&label("1stmadd"));
352
353 &mov ($carry,"edx");
354 &mul ($word); # ap[num-1]*bp[i]
355 &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1]
356 &mov ($word,$_n0);
357 &adc ("edx",0);
358 &mov ($inp,$_np);
359 &add ($carry,"eax");
360 &adc ("edx",0);
361 &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
362
363 &xor ($j,$j);
364 &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
365 &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]=
366 &adc ($j,0);
367 &mov ("eax",&DWP(0,$inp)); # np[0]
368 &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
369 &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
370
371 &mul ($word); # np[0]*m
372 &add ("eax",&DWP($frame,"esp")); # +=tp[0]
373 &mov ("eax",&DWP(4,$inp)); # np[1]
374 &adc ("edx",0);
375 &mov ($j,1);
376
377&set_label("2ndmadd",16);
378 &mov ($carry,"edx");
379 &mul ($word); # np[j]*m
380 &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
381 &lea ($j,&DWP(1,$j));
382 &adc ("edx",0);
383 &add ($carry,"eax");
384 &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1]
385 &adc ("edx",0);
386 &cmp ($j,$num);
387 &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]=
388 &jl (&label("2ndmadd"));
389
390 &mov ($carry,"edx");
391 &mul ($word); # np[j]*m
392 &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
393 &adc ("edx",0);
394 &add ($carry,"eax");
395 &adc ("edx",0);
396 &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
397
398 &xor ("eax","eax");
399 &mov ($j,$_bp); # &bp[i]
400 &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
401 &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
402 &lea ($j,&DWP(4,$j));
403 &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
404 &cmp ($j,$_bpend);
405 &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
406 &je (&label("common_tail"));
407
408 &mov ($word,&DWP(0,$j)); # bp[i+1]
409 &mov ($inp,$_ap);
410 &mov ($_bp,$j); # &bp[++i]
411 &xor ($j,$j);
412 &xor ("edx","edx");
413 &mov ("eax",&DWP(0,$inp));
414 &jmp (&label("1stmadd"));
415
416&set_label("bn_sqr_mont",16);
417$sbit=$num;
418 &mov ($_num,$num);
419 &mov ($_bp,$j); # i=0
420
421 &mov ("eax",$word); # ap[0]
422 &mul ($word); # ap[0]*ap[0]
423 &mov (&DWP($frame,"esp"),"eax"); # tp[0]=
424 &mov ($sbit,"edx");
425 &shr ("edx",1);
426 &and ($sbit,1);
427 &inc ($j);
428&set_label("sqr",16);
429 &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
430 &mov ($carry,"edx");
431 &mul ($word); # ap[j]*ap[0]
432 &add ("eax",$carry);
433 &lea ($j,&DWP(1,$j));
434 &adc ("edx",0);
435 &lea ($carry,&DWP(0,$sbit,"eax",2));
436 &shr ("eax",31);
437 &cmp ($j,$_num);
438 &mov ($sbit,"eax");
439 &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
440 &jl (&label("sqr"));
441
442 &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1]
443 &mov ($carry,"edx");
444 &mul ($word); # ap[num-1]*ap[0]
445 &add ("eax",$carry);
446 &mov ($word,$_n0);
447 &adc ("edx",0);
448 &mov ($inp,$_np);
449 &lea ($carry,&DWP(0,$sbit,"eax",2));
450 &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
451 &shr ("eax",31);
452 &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]=
453
454 &lea ($carry,&DWP(0,"eax","edx",2));
455 &mov ("eax",&DWP(0,$inp)); # np[0]
456 &shr ("edx",31);
457 &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]=
458 &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]=
459
460 &mul ($word); # np[0]*m
461 &add ("eax",&DWP($frame,"esp")); # +=tp[0]
462 &mov ($num,$j);
463 &adc ("edx",0);
464 &mov ("eax",&DWP(4,$inp)); # np[1]
465 &mov ($j,1);
466
467&set_label("3rdmadd",16);
468 &mov ($carry,"edx");
469 &mul ($word); # np[j]*m
470 &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
471 &adc ("edx",0);
472 &add ($carry,"eax");
473 &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1]
474 &adc ("edx",0);
475 &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]=
476
477 &mov ($carry,"edx");
478 &mul ($word); # np[j+1]*m
479 &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1]
480 &lea ($j,&DWP(2,$j));
481 &adc ("edx",0);
482 &add ($carry,"eax");
483 &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2]
484 &adc ("edx",0);
485 &cmp ($j,$num);
486 &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]=
487 &jl (&label("3rdmadd"));
488
489 &mov ($carry,"edx");
490 &mul ($word); # np[j]*m
491 &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
492 &adc ("edx",0);
493 &add ($carry,"eax");
494 &adc ("edx",0);
495 &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
496
497 &mov ($j,$_bp); # i
498 &xor ("eax","eax");
499 &mov ($inp,$_ap);
500 &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
501 &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
502 &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
503 &cmp ($j,$num);
504 &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
505 &je (&label("common_tail"));
506
507 &mov ($word,&DWP(4,$inp,$j,4)); # ap[i]
508 &lea ($j,&DWP(1,$j));
509 &mov ("eax",$word);
510 &mov ($_bp,$j); # ++i
511 &mul ($word); # ap[i]*ap[i]
512 &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i]
513 &adc ("edx",0);
514 &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]=
515 &xor ($carry,$carry);
516 &cmp ($j,$num);
517 &lea ($j,&DWP(1,$j));
518 &je (&label("sqrlast"));
519
520 &mov ($sbit,"edx"); # zaps $num
521 &shr ("edx",1);
522 &and ($sbit,1);
523&set_label("sqradd",16);
524 &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
525 &mov ($carry,"edx");
526 &mul ($word); # ap[j]*ap[i]
527 &add ("eax",$carry);
528 &lea ($carry,&DWP(0,"eax","eax"));
529 &adc ("edx",0);
530 &shr ("eax",31);
531 &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
532 &lea ($j,&DWP(1,$j));
533 &adc ("eax",0);
534 &add ($carry,$sbit);
535 &adc ("eax",0);
536 &cmp ($j,$_num);
537 &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
538 &mov ($sbit,"eax");
539 &jle (&label("sqradd"));
540
541 &mov ($carry,"edx");
542 &lea ("edx",&DWP(0,$sbit,"edx",2));
543 &shr ($carry,31);
544&set_label("sqrlast");
545 &mov ($word,$_n0);
546 &mov ($inp,$_np);
547 &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
548
549 &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num]
550 &mov ("eax",&DWP(0,$inp)); # np[0]
551 &adc ($carry,0);
552 &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]=
553 &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]=
554
555 &mul ($word); # np[0]*m
556 &add ("eax",&DWP($frame,"esp")); # +=tp[0]
557 &lea ($num,&DWP(-1,$j));
558 &adc ("edx",0);
559 &mov ($j,1);
560 &mov ("eax",&DWP(4,$inp)); # np[1]
561
562 &jmp (&label("3rdmadd"));
563}
564
565&set_label("common_tail",16);
566 &mov ($np,$_np); # load modulus pointer
567 &mov ($rp,$_rp); # load result pointer
568 &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped]
569
570 &mov ("eax",&DWP(0,$tp)); # tp[0]
571 &mov ($j,$num); # j=num-1
572 &xor ($i,$i); # i=0 and clear CF!
573
574&set_label("sub",16);
575 &sbb ("eax",&DWP(0,$np,$i,4));
576 &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i]
577 &dec ($j); # doesn't affect CF!
578 &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1]
579 &lea ($i,&DWP(1,$i)); # i++
580 &jge (&label("sub"));
581
582 &sbb ("eax",0); # handle upmost overflow bit
583 &and ($tp,"eax");
584 &not ("eax");
585 &mov ($np,$rp);
586 &and ($np,"eax");
587 &or ($tp,$np); # tp=carry?tp:rp
588
589&set_label("copy",16); # copy or in-place refresh
590 &mov ("eax",&DWP(0,$tp,$num,4));
591 &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
592 &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
593 &dec ($num);
594 &jge (&label("copy"));
595
596 &mov ("esp",$_sp); # pull saved stack pointer
597 &mov ("eax",1);
598&set_label("just_leave");
599&function_end("bn_mul_mont");
600
601&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
602
603&asm_finish();
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 685007d330..310763eca0 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -55,6 +55,25 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the Eric Young open source
65 * license provided above.
66 *
67 * The binary polynomial arithmetic software is originally written by
68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
69 *
70 */
71
72/* Until the key-gen callbacks are modified to use newer prototypes, we allow
73 * deprecated functions for openssl-internal code */
74#ifdef OPENSSL_NO_DEPRECATED
75#undef OPENSSL_NO_DEPRECATED
76#endif
58 77
59#include <stdio.h> 78#include <stdio.h>
60#include <stdlib.h> 79#include <stdlib.h>
@@ -79,6 +98,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
79int test_rshift1(BIO *bp); 98int test_rshift1(BIO *bp);
80int test_rshift(BIO *bp,BN_CTX *ctx); 99int test_rshift(BIO *bp,BN_CTX *ctx);
81int test_div(BIO *bp,BN_CTX *ctx); 100int test_div(BIO *bp,BN_CTX *ctx);
101int test_div_word(BIO *bp);
82int test_div_recp(BIO *bp,BN_CTX *ctx); 102int test_div_recp(BIO *bp,BN_CTX *ctx);
83int test_mul(BIO *bp); 103int test_mul(BIO *bp);
84int test_sqr(BIO *bp,BN_CTX *ctx); 104int test_sqr(BIO *bp,BN_CTX *ctx);
@@ -88,6 +108,15 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx);
88int test_mod_exp(BIO *bp,BN_CTX *ctx); 108int test_mod_exp(BIO *bp,BN_CTX *ctx);
89int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); 109int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
90int test_exp(BIO *bp,BN_CTX *ctx); 110int test_exp(BIO *bp,BN_CTX *ctx);
111int test_gf2m_add(BIO *bp);
112int test_gf2m_mod(BIO *bp);
113int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx);
114int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx);
115int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx);
116int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx);
117int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx);
118int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx);
119int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx);
91int test_kron(BIO *bp,BN_CTX *ctx); 120int test_kron(BIO *bp,BN_CTX *ctx);
92int test_sqrt(BIO *bp,BN_CTX *ctx); 121int test_sqrt(BIO *bp,BN_CTX *ctx);
93int rand_neg(void); 122int rand_neg(void);
@@ -155,80 +184,120 @@ int main(int argc, char *argv[])
155 184
156 message(out,"BN_add"); 185 message(out,"BN_add");
157 if (!test_add(out)) goto err; 186 if (!test_add(out)) goto err;
158 BIO_flush(out); 187 (void)BIO_flush(out);
159 188
160 message(out,"BN_sub"); 189 message(out,"BN_sub");
161 if (!test_sub(out)) goto err; 190 if (!test_sub(out)) goto err;
162 BIO_flush(out); 191 (void)BIO_flush(out);
163 192
164 message(out,"BN_lshift1"); 193 message(out,"BN_lshift1");
165 if (!test_lshift1(out)) goto err; 194 if (!test_lshift1(out)) goto err;
166 BIO_flush(out); 195 (void)BIO_flush(out);
167 196
168 message(out,"BN_lshift (fixed)"); 197 message(out,"BN_lshift (fixed)");
169 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) 198 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
170 goto err; 199 goto err;
171 BIO_flush(out); 200 (void)BIO_flush(out);
172 201
173 message(out,"BN_lshift"); 202 message(out,"BN_lshift");
174 if (!test_lshift(out,ctx,NULL)) goto err; 203 if (!test_lshift(out,ctx,NULL)) goto err;
175 BIO_flush(out); 204 (void)BIO_flush(out);
176 205
177 message(out,"BN_rshift1"); 206 message(out,"BN_rshift1");
178 if (!test_rshift1(out)) goto err; 207 if (!test_rshift1(out)) goto err;
179 BIO_flush(out); 208 (void)BIO_flush(out);
180 209
181 message(out,"BN_rshift"); 210 message(out,"BN_rshift");
182 if (!test_rshift(out,ctx)) goto err; 211 if (!test_rshift(out,ctx)) goto err;
183 BIO_flush(out); 212 (void)BIO_flush(out);
184 213
185 message(out,"BN_sqr"); 214 message(out,"BN_sqr");
186 if (!test_sqr(out,ctx)) goto err; 215 if (!test_sqr(out,ctx)) goto err;
187 BIO_flush(out); 216 (void)BIO_flush(out);
188 217
189 message(out,"BN_mul"); 218 message(out,"BN_mul");
190 if (!test_mul(out)) goto err; 219 if (!test_mul(out)) goto err;
191 BIO_flush(out); 220 (void)BIO_flush(out);
192 221
193 message(out,"BN_div"); 222 message(out,"BN_div");
194 if (!test_div(out,ctx)) goto err; 223 if (!test_div(out,ctx)) goto err;
195 BIO_flush(out); 224 (void)BIO_flush(out);
225
226 message(out,"BN_div_word");
227 if (!test_div_word(out)) goto err;
228 (void)BIO_flush(out);
196 229
197 message(out,"BN_div_recp"); 230 message(out,"BN_div_recp");
198 if (!test_div_recp(out,ctx)) goto err; 231 if (!test_div_recp(out,ctx)) goto err;
199 BIO_flush(out); 232 (void)BIO_flush(out);
200 233
201 message(out,"BN_mod"); 234 message(out,"BN_mod");
202 if (!test_mod(out,ctx)) goto err; 235 if (!test_mod(out,ctx)) goto err;
203 BIO_flush(out); 236 (void)BIO_flush(out);
204 237
205 message(out,"BN_mod_mul"); 238 message(out,"BN_mod_mul");
206 if (!test_mod_mul(out,ctx)) goto err; 239 if (!test_mod_mul(out,ctx)) goto err;
207 BIO_flush(out); 240 (void)BIO_flush(out);
208 241
209 message(out,"BN_mont"); 242 message(out,"BN_mont");
210 if (!test_mont(out,ctx)) goto err; 243 if (!test_mont(out,ctx)) goto err;
211 BIO_flush(out); 244 (void)BIO_flush(out);
212 245
213 message(out,"BN_mod_exp"); 246 message(out,"BN_mod_exp");
214 if (!test_mod_exp(out,ctx)) goto err; 247 if (!test_mod_exp(out,ctx)) goto err;
215 BIO_flush(out); 248 (void)BIO_flush(out);
216 249
217 message(out,"BN_mod_exp_mont_consttime"); 250 message(out,"BN_mod_exp_mont_consttime");
218 if (!test_mod_exp_mont_consttime(out,ctx)) goto err; 251 if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
219 BIO_flush(out); 252 (void)BIO_flush(out);
220 253
221 message(out,"BN_exp"); 254 message(out,"BN_exp");
222 if (!test_exp(out,ctx)) goto err; 255 if (!test_exp(out,ctx)) goto err;
223 BIO_flush(out); 256 (void)BIO_flush(out);
224 257
225 message(out,"BN_kronecker"); 258 message(out,"BN_kronecker");
226 if (!test_kron(out,ctx)) goto err; 259 if (!test_kron(out,ctx)) goto err;
227 BIO_flush(out); 260 (void)BIO_flush(out);
228 261
229 message(out,"BN_mod_sqrt"); 262 message(out,"BN_mod_sqrt");
230 if (!test_sqrt(out,ctx)) goto err; 263 if (!test_sqrt(out,ctx)) goto err;
231 BIO_flush(out); 264 (void)BIO_flush(out);
265
266 message(out,"BN_GF2m_add");
267 if (!test_gf2m_add(out)) goto err;
268 (void)BIO_flush(out);
269
270 message(out,"BN_GF2m_mod");
271 if (!test_gf2m_mod(out)) goto err;
272 (void)BIO_flush(out);
273
274 message(out,"BN_GF2m_mod_mul");
275 if (!test_gf2m_mod_mul(out,ctx)) goto err;
276 (void)BIO_flush(out);
277
278 message(out,"BN_GF2m_mod_sqr");
279 if (!test_gf2m_mod_sqr(out,ctx)) goto err;
280 (void)BIO_flush(out);
281
282 message(out,"BN_GF2m_mod_inv");
283 if (!test_gf2m_mod_inv(out,ctx)) goto err;
284 (void)BIO_flush(out);
285
286 message(out,"BN_GF2m_mod_div");
287 if (!test_gf2m_mod_div(out,ctx)) goto err;
288 (void)BIO_flush(out);
289
290 message(out,"BN_GF2m_mod_exp");
291 if (!test_gf2m_mod_exp(out,ctx)) goto err;
292 (void)BIO_flush(out);
293
294 message(out,"BN_GF2m_mod_sqrt");
295 if (!test_gf2m_mod_sqrt(out,ctx)) goto err;
296 (void)BIO_flush(out);
297
298 message(out,"BN_GF2m_mod_solve_quad");
299 if (!test_gf2m_mod_solve_quad(out,ctx)) goto err;
300 (void)BIO_flush(out);
232 301
233 BN_CTX_free(ctx); 302 BN_CTX_free(ctx);
234 BIO_free(out); 303 BIO_free(out);
@@ -237,8 +306,8 @@ int main(int argc, char *argv[])
237 EXIT(0); 306 EXIT(0);
238err: 307err:
239 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices 308 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
240 * the failure, see test_bn in test/Makefile */ 309 * the failure, see test_bn in test/Makefile.ssl*/
241 BIO_flush(out); 310 (void)BIO_flush(out);
242 ERR_load_crypto_strings(); 311 ERR_load_crypto_strings();
243 ERR_print_errors_fp(stderr); 312 ERR_print_errors_fp(stderr);
244 EXIT(1); 313 EXIT(1);
@@ -404,6 +473,78 @@ int test_div(BIO *bp, BN_CTX *ctx)
404 return(1); 473 return(1);
405 } 474 }
406 475
476static void print_word(BIO *bp,BN_ULONG w)
477 {
478#ifdef SIXTY_FOUR_BIT
479 if (sizeof(w) > sizeof(unsigned long))
480 {
481 unsigned long h=(unsigned long)(w>>32),
482 l=(unsigned long)(w);
483
484 if (h) BIO_printf(bp,"%lX%08lX",h,l);
485 else BIO_printf(bp,"%lX",l);
486 return;
487 }
488#endif
489 BIO_printf(bp,"%lX",w);
490 }
491
492int test_div_word(BIO *bp)
493 {
494 BIGNUM a,b;
495 BN_ULONG r,s;
496 int i;
497
498 BN_init(&a);
499 BN_init(&b);
500
501 for (i=0; i<num0; i++)
502 {
503 do {
504 BN_bntest_rand(&a,512,-1,0);
505 BN_bntest_rand(&b,BN_BITS2,-1,0);
506 s = b.d[0];
507 } while (!s);
508
509 BN_copy(&b, &a);
510 r = BN_div_word(&b, s);
511
512 if (bp != NULL)
513 {
514 if (!results)
515 {
516 BN_print(bp,&a);
517 BIO_puts(bp," / ");
518 print_word(bp,s);
519 BIO_puts(bp," - ");
520 }
521 BN_print(bp,&b);
522 BIO_puts(bp,"\n");
523
524 if (!results)
525 {
526 BN_print(bp,&a);
527 BIO_puts(bp," % ");
528 print_word(bp,s);
529 BIO_puts(bp," - ");
530 }
531 print_word(bp,r);
532 BIO_puts(bp,"\n");
533 }
534 BN_mul_word(&b,s);
535 BN_add_word(&b,r);
536 BN_sub(&b,&a,&b);
537 if(!BN_is_zero(&b))
538 {
539 fprintf(stderr,"Division (word) test failed!\n");
540 return 0;
541 }
542 }
543 BN_free(&a);
544 BN_free(&b);
545 return(1);
546 }
547
407int test_div_recp(BIO *bp, BN_CTX *ctx) 548int test_div_recp(BIO *bp, BN_CTX *ctx)
408 { 549 {
409 BIGNUM a,b,c,d,e; 550 BIGNUM a,b,c,d,e;
@@ -919,7 +1060,582 @@ int test_exp(BIO *bp, BN_CTX *ctx)
919 return(1); 1060 return(1);
920 } 1061 }
921 1062
922static void genprime_cb(int p, int n, void *arg) 1063int test_gf2m_add(BIO *bp)
1064 {
1065 BIGNUM a,b,c;
1066 int i, ret = 0;
1067
1068 BN_init(&a);
1069 BN_init(&b);
1070 BN_init(&c);
1071
1072 for (i=0; i<num0; i++)
1073 {
1074 BN_rand(&a,512,0,0);
1075 BN_copy(&b, BN_value_one());
1076 a.neg=rand_neg();
1077 b.neg=rand_neg();
1078 BN_GF2m_add(&c,&a,&b);
1079#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1080 if (bp != NULL)
1081 {
1082 if (!results)
1083 {
1084 BN_print(bp,&a);
1085 BIO_puts(bp," ^ ");
1086 BN_print(bp,&b);
1087 BIO_puts(bp," = ");
1088 }
1089 BN_print(bp,&c);
1090 BIO_puts(bp,"\n");
1091 }
1092#endif
1093 /* Test that two added values have the correct parity. */
1094 if((BN_is_odd(&a) && BN_is_odd(&c)) || (!BN_is_odd(&a) && !BN_is_odd(&c)))
1095 {
1096 fprintf(stderr,"GF(2^m) addition test (a) failed!\n");
1097 goto err;
1098 }
1099 BN_GF2m_add(&c,&c,&c);
1100 /* Test that c + c = 0. */
1101 if(!BN_is_zero(&c))
1102 {
1103 fprintf(stderr,"GF(2^m) addition test (b) failed!\n");
1104 goto err;
1105 }
1106 }
1107 ret = 1;
1108 err:
1109 BN_free(&a);
1110 BN_free(&b);
1111 BN_free(&c);
1112 return ret;
1113 }
1114
1115int test_gf2m_mod(BIO *bp)
1116 {
1117 BIGNUM *a,*b[2],*c,*d,*e;
1118 int i, j, ret = 0;
1119 unsigned int p0[] = {163,7,6,3,0};
1120 unsigned int p1[] = {193,15,0};
1121
1122 a=BN_new();
1123 b[0]=BN_new();
1124 b[1]=BN_new();
1125 c=BN_new();
1126 d=BN_new();
1127 e=BN_new();
1128
1129 BN_GF2m_arr2poly(p0, b[0]);
1130 BN_GF2m_arr2poly(p1, b[1]);
1131
1132 for (i=0; i<num0; i++)
1133 {
1134 BN_bntest_rand(a, 1024, 0, 0);
1135 for (j=0; j < 2; j++)
1136 {
1137 BN_GF2m_mod(c, a, b[j]);
1138#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1139 if (bp != NULL)
1140 {
1141 if (!results)
1142 {
1143 BN_print(bp,a);
1144 BIO_puts(bp," % ");
1145 BN_print(bp,b[j]);
1146 BIO_puts(bp," - ");
1147 BN_print(bp,c);
1148 BIO_puts(bp,"\n");
1149 }
1150 }
1151#endif
1152 BN_GF2m_add(d, a, c);
1153 BN_GF2m_mod(e, d, b[j]);
1154 /* Test that a + (a mod p) mod p == 0. */
1155 if(!BN_is_zero(e))
1156 {
1157 fprintf(stderr,"GF(2^m) modulo test failed!\n");
1158 goto err;
1159 }
1160 }
1161 }
1162 ret = 1;
1163 err:
1164 BN_free(a);
1165 BN_free(b[0]);
1166 BN_free(b[1]);
1167 BN_free(c);
1168 BN_free(d);
1169 BN_free(e);
1170 return ret;
1171 }
1172
1173int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx)
1174 {
1175 BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h;
1176 int i, j, ret = 0;
1177 unsigned int p0[] = {163,7,6,3,0};
1178 unsigned int p1[] = {193,15,0};
1179
1180 a=BN_new();
1181 b[0]=BN_new();
1182 b[1]=BN_new();
1183 c=BN_new();
1184 d=BN_new();
1185 e=BN_new();
1186 f=BN_new();
1187 g=BN_new();
1188 h=BN_new();
1189
1190 BN_GF2m_arr2poly(p0, b[0]);
1191 BN_GF2m_arr2poly(p1, b[1]);
1192
1193 for (i=0; i<num0; i++)
1194 {
1195 BN_bntest_rand(a, 1024, 0, 0);
1196 BN_bntest_rand(c, 1024, 0, 0);
1197 BN_bntest_rand(d, 1024, 0, 0);
1198 for (j=0; j < 2; j++)
1199 {
1200 BN_GF2m_mod_mul(e, a, c, b[j], ctx);
1201#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1202 if (bp != NULL)
1203 {
1204 if (!results)
1205 {
1206 BN_print(bp,a);
1207 BIO_puts(bp," * ");
1208 BN_print(bp,c);
1209 BIO_puts(bp," % ");
1210 BN_print(bp,b[j]);
1211 BIO_puts(bp," - ");
1212 BN_print(bp,e);
1213 BIO_puts(bp,"\n");
1214 }
1215 }
1216#endif
1217 BN_GF2m_add(f, a, d);
1218 BN_GF2m_mod_mul(g, f, c, b[j], ctx);
1219 BN_GF2m_mod_mul(h, d, c, b[j], ctx);
1220 BN_GF2m_add(f, e, g);
1221 BN_GF2m_add(f, f, h);
1222 /* Test that (a+d)*c = a*c + d*c. */
1223 if(!BN_is_zero(f))
1224 {
1225 fprintf(stderr,"GF(2^m) modular multiplication test failed!\n");
1226 goto err;
1227 }
1228 }
1229 }
1230 ret = 1;
1231 err:
1232 BN_free(a);
1233 BN_free(b[0]);
1234 BN_free(b[1]);
1235 BN_free(c);
1236 BN_free(d);
1237 BN_free(e);
1238 BN_free(f);
1239 BN_free(g);
1240 BN_free(h);
1241 return ret;
1242 }
1243
1244int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx)
1245 {
1246 BIGNUM *a,*b[2],*c,*d;
1247 int i, j, ret = 0;
1248 unsigned int p0[] = {163,7,6,3,0};
1249 unsigned int p1[] = {193,15,0};
1250
1251 a=BN_new();
1252 b[0]=BN_new();
1253 b[1]=BN_new();
1254 c=BN_new();
1255 d=BN_new();
1256
1257 BN_GF2m_arr2poly(p0, b[0]);
1258 BN_GF2m_arr2poly(p1, b[1]);
1259
1260 for (i=0; i<num0; i++)
1261 {
1262 BN_bntest_rand(a, 1024, 0, 0);
1263 for (j=0; j < 2; j++)
1264 {
1265 BN_GF2m_mod_sqr(c, a, b[j], ctx);
1266 BN_copy(d, a);
1267 BN_GF2m_mod_mul(d, a, d, b[j], ctx);
1268#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1269 if (bp != NULL)
1270 {
1271 if (!results)
1272 {
1273 BN_print(bp,a);
1274 BIO_puts(bp," ^ 2 % ");
1275 BN_print(bp,b[j]);
1276 BIO_puts(bp, " = ");
1277 BN_print(bp,c);
1278 BIO_puts(bp,"; a * a = ");
1279 BN_print(bp,d);
1280 BIO_puts(bp,"\n");
1281 }
1282 }
1283#endif
1284 BN_GF2m_add(d, c, d);
1285 /* Test that a*a = a^2. */
1286 if(!BN_is_zero(d))
1287 {
1288 fprintf(stderr,"GF(2^m) modular squaring test failed!\n");
1289 goto err;
1290 }
1291 }
1292 }
1293 ret = 1;
1294 err:
1295 BN_free(a);
1296 BN_free(b[0]);
1297 BN_free(b[1]);
1298 BN_free(c);
1299 BN_free(d);
1300 return ret;
1301 }
1302
1303int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx)
1304 {
1305 BIGNUM *a,*b[2],*c,*d;
1306 int i, j, ret = 0;
1307 unsigned int p0[] = {163,7,6,3,0};
1308 unsigned int p1[] = {193,15,0};
1309
1310 a=BN_new();
1311 b[0]=BN_new();
1312 b[1]=BN_new();
1313 c=BN_new();
1314 d=BN_new();
1315
1316 BN_GF2m_arr2poly(p0, b[0]);
1317 BN_GF2m_arr2poly(p1, b[1]);
1318
1319 for (i=0; i<num0; i++)
1320 {
1321 BN_bntest_rand(a, 512, 0, 0);
1322 for (j=0; j < 2; j++)
1323 {
1324 BN_GF2m_mod_inv(c, a, b[j], ctx);
1325 BN_GF2m_mod_mul(d, a, c, b[j], ctx);
1326#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1327 if (bp != NULL)
1328 {
1329 if (!results)
1330 {
1331 BN_print(bp,a);
1332 BIO_puts(bp, " * ");
1333 BN_print(bp,c);
1334 BIO_puts(bp," - 1 % ");
1335 BN_print(bp,b[j]);
1336 BIO_puts(bp,"\n");
1337 }
1338 }
1339#endif
1340 /* Test that ((1/a)*a) = 1. */
1341 if(!BN_is_one(d))
1342 {
1343 fprintf(stderr,"GF(2^m) modular inversion test failed!\n");
1344 goto err;
1345 }
1346 }
1347 }
1348 ret = 1;
1349 err:
1350 BN_free(a);
1351 BN_free(b[0]);
1352 BN_free(b[1]);
1353 BN_free(c);
1354 BN_free(d);
1355 return ret;
1356 }
1357
1358int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx)
1359 {
1360 BIGNUM *a,*b[2],*c,*d,*e,*f;
1361 int i, j, ret = 0;
1362 unsigned int p0[] = {163,7,6,3,0};
1363 unsigned int p1[] = {193,15,0};
1364
1365 a=BN_new();
1366 b[0]=BN_new();
1367 b[1]=BN_new();
1368 c=BN_new();
1369 d=BN_new();
1370 e=BN_new();
1371 f=BN_new();
1372
1373 BN_GF2m_arr2poly(p0, b[0]);
1374 BN_GF2m_arr2poly(p1, b[1]);
1375
1376 for (i=0; i<num0; i++)
1377 {
1378 BN_bntest_rand(a, 512, 0, 0);
1379 BN_bntest_rand(c, 512, 0, 0);
1380 for (j=0; j < 2; j++)
1381 {
1382 BN_GF2m_mod_div(d, a, c, b[j], ctx);
1383 BN_GF2m_mod_mul(e, d, c, b[j], ctx);
1384 BN_GF2m_mod_div(f, a, e, b[j], ctx);
1385#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1386 if (bp != NULL)
1387 {
1388 if (!results)
1389 {
1390 BN_print(bp,a);
1391 BIO_puts(bp, " = ");
1392 BN_print(bp,c);
1393 BIO_puts(bp," * ");
1394 BN_print(bp,d);
1395 BIO_puts(bp, " % ");
1396 BN_print(bp,b[j]);
1397 BIO_puts(bp,"\n");
1398 }
1399 }
1400#endif
1401 /* Test that ((a/c)*c)/a = 1. */
1402 if(!BN_is_one(f))
1403 {
1404 fprintf(stderr,"GF(2^m) modular division test failed!\n");
1405 goto err;
1406 }
1407 }
1408 }
1409 ret = 1;
1410 err:
1411 BN_free(a);
1412 BN_free(b[0]);
1413 BN_free(b[1]);
1414 BN_free(c);
1415 BN_free(d);
1416 BN_free(e);
1417 BN_free(f);
1418 return ret;
1419 }
1420
1421int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx)
1422 {
1423 BIGNUM *a,*b[2],*c,*d,*e,*f;
1424 int i, j, ret = 0;
1425 unsigned int p0[] = {163,7,6,3,0};
1426 unsigned int p1[] = {193,15,0};
1427
1428 a=BN_new();
1429 b[0]=BN_new();
1430 b[1]=BN_new();
1431 c=BN_new();
1432 d=BN_new();
1433 e=BN_new();
1434 f=BN_new();
1435
1436 BN_GF2m_arr2poly(p0, b[0]);
1437 BN_GF2m_arr2poly(p1, b[1]);
1438
1439 for (i=0; i<num0; i++)
1440 {
1441 BN_bntest_rand(a, 512, 0, 0);
1442 BN_bntest_rand(c, 512, 0, 0);
1443 BN_bntest_rand(d, 512, 0, 0);
1444 for (j=0; j < 2; j++)
1445 {
1446 BN_GF2m_mod_exp(e, a, c, b[j], ctx);
1447 BN_GF2m_mod_exp(f, a, d, b[j], ctx);
1448 BN_GF2m_mod_mul(e, e, f, b[j], ctx);
1449 BN_add(f, c, d);
1450 BN_GF2m_mod_exp(f, a, f, b[j], ctx);
1451#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1452 if (bp != NULL)
1453 {
1454 if (!results)
1455 {
1456 BN_print(bp,a);
1457 BIO_puts(bp, " ^ (");
1458 BN_print(bp,c);
1459 BIO_puts(bp," + ");
1460 BN_print(bp,d);
1461 BIO_puts(bp, ") = ");
1462 BN_print(bp,e);
1463 BIO_puts(bp, "; - ");
1464 BN_print(bp,f);
1465 BIO_puts(bp, " % ");
1466 BN_print(bp,b[j]);
1467 BIO_puts(bp,"\n");
1468 }
1469 }
1470#endif
1471 BN_GF2m_add(f, e, f);
1472 /* Test that a^(c+d)=a^c*a^d. */
1473 if(!BN_is_zero(f))
1474 {
1475 fprintf(stderr,"GF(2^m) modular exponentiation test failed!\n");
1476 goto err;
1477 }
1478 }
1479 }
1480 ret = 1;
1481 err:
1482 BN_free(a);
1483 BN_free(b[0]);
1484 BN_free(b[1]);
1485 BN_free(c);
1486 BN_free(d);
1487 BN_free(e);
1488 BN_free(f);
1489 return ret;
1490 }
1491
1492int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx)
1493 {
1494 BIGNUM *a,*b[2],*c,*d,*e,*f;
1495 int i, j, ret = 0;
1496 unsigned int p0[] = {163,7,6,3,0};
1497 unsigned int p1[] = {193,15,0};
1498
1499 a=BN_new();
1500 b[0]=BN_new();
1501 b[1]=BN_new();
1502 c=BN_new();
1503 d=BN_new();
1504 e=BN_new();
1505 f=BN_new();
1506
1507 BN_GF2m_arr2poly(p0, b[0]);
1508 BN_GF2m_arr2poly(p1, b[1]);
1509
1510 for (i=0; i<num0; i++)
1511 {
1512 BN_bntest_rand(a, 512, 0, 0);
1513 for (j=0; j < 2; j++)
1514 {
1515 BN_GF2m_mod(c, a, b[j]);
1516 BN_GF2m_mod_sqrt(d, a, b[j], ctx);
1517 BN_GF2m_mod_sqr(e, d, b[j], ctx);
1518#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1519 if (bp != NULL)
1520 {
1521 if (!results)
1522 {
1523 BN_print(bp,d);
1524 BIO_puts(bp, " ^ 2 - ");
1525 BN_print(bp,a);
1526 BIO_puts(bp,"\n");
1527 }
1528 }
1529#endif
1530 BN_GF2m_add(f, c, e);
1531 /* Test that d^2 = a, where d = sqrt(a). */
1532 if(!BN_is_zero(f))
1533 {
1534 fprintf(stderr,"GF(2^m) modular square root test failed!\n");
1535 goto err;
1536 }
1537 }
1538 }
1539 ret = 1;
1540 err:
1541 BN_free(a);
1542 BN_free(b[0]);
1543 BN_free(b[1]);
1544 BN_free(c);
1545 BN_free(d);
1546 BN_free(e);
1547 BN_free(f);
1548 return ret;
1549 }
1550
1551int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx)
1552 {
1553 BIGNUM *a,*b[2],*c,*d,*e;
1554 int i, j, s = 0, t, ret = 0;
1555 unsigned int p0[] = {163,7,6,3,0};
1556 unsigned int p1[] = {193,15,0};
1557
1558 a=BN_new();
1559 b[0]=BN_new();
1560 b[1]=BN_new();
1561 c=BN_new();
1562 d=BN_new();
1563 e=BN_new();
1564
1565 BN_GF2m_arr2poly(p0, b[0]);
1566 BN_GF2m_arr2poly(p1, b[1]);
1567
1568 for (i=0; i<num0; i++)
1569 {
1570 BN_bntest_rand(a, 512, 0, 0);
1571 for (j=0; j < 2; j++)
1572 {
1573 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
1574 if (t)
1575 {
1576 s++;
1577 BN_GF2m_mod_sqr(d, c, b[j], ctx);
1578 BN_GF2m_add(d, c, d);
1579 BN_GF2m_mod(e, a, b[j]);
1580#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1581 if (bp != NULL)
1582 {
1583 if (!results)
1584 {
1585 BN_print(bp,c);
1586 BIO_puts(bp, " is root of z^2 + z = ");
1587 BN_print(bp,a);
1588 BIO_puts(bp, " % ");
1589 BN_print(bp,b[j]);
1590 BIO_puts(bp, "\n");
1591 }
1592 }
1593#endif
1594 BN_GF2m_add(e, e, d);
1595 /* Test that solution of quadratic c satisfies c^2 + c = a. */
1596 if(!BN_is_zero(e))
1597 {
1598 fprintf(stderr,"GF(2^m) modular solve quadratic test failed!\n");
1599 goto err;
1600 }
1601
1602 }
1603 else
1604 {
1605#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1606 if (bp != NULL)
1607 {
1608 if (!results)
1609 {
1610 BIO_puts(bp, "There are no roots of z^2 + z = ");
1611 BN_print(bp,a);
1612 BIO_puts(bp, " % ");
1613 BN_print(bp,b[j]);
1614 BIO_puts(bp, "\n");
1615 }
1616 }
1617#endif
1618 }
1619 }
1620 }
1621 if (s == 0)
1622 {
1623 fprintf(stderr,"All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n", num0);
1624 fprintf(stderr,"this is very unlikely and probably indicates an error.\n");
1625 goto err;
1626 }
1627 ret = 1;
1628 err:
1629 BN_free(a);
1630 BN_free(b[0]);
1631 BN_free(b[1]);
1632 BN_free(c);
1633 BN_free(d);
1634 BN_free(e);
1635 return ret;
1636 }
1637
1638static int genprime_cb(int p, int n, BN_GENCB *arg)
923 { 1639 {
924 char c='*'; 1640 char c='*';
925 1641
@@ -929,12 +1645,12 @@ static void genprime_cb(int p, int n, void *arg)
929 if (p == 3) c='\n'; 1645 if (p == 3) c='\n';
930 putc(c, stderr); 1646 putc(c, stderr);
931 fflush(stderr); 1647 fflush(stderr);
932 (void)n; 1648 return 1;
933 (void)arg;
934 } 1649 }
935 1650
936int test_kron(BIO *bp, BN_CTX *ctx) 1651int test_kron(BIO *bp, BN_CTX *ctx)
937 { 1652 {
1653 BN_GENCB cb;
938 BIGNUM *a,*b,*r,*t; 1654 BIGNUM *a,*b,*r,*t;
939 int i; 1655 int i;
940 int legendre, kronecker; 1656 int legendre, kronecker;
@@ -945,6 +1661,8 @@ int test_kron(BIO *bp, BN_CTX *ctx)
945 r = BN_new(); 1661 r = BN_new();
946 t = BN_new(); 1662 t = BN_new();
947 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; 1663 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
1664
1665 BN_GENCB_set(&cb, genprime_cb, NULL);
948 1666
949 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). 1667 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol).
950 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) 1668 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx)
@@ -955,7 +1673,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
955 * don't want to test whether b is prime but whether BN_kronecker 1673 * don't want to test whether b is prime but whether BN_kronecker
956 * works.) */ 1674 * works.) */
957 1675
958 if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; 1676 if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) goto err;
959 b->neg = rand_neg(); 1677 b->neg = rand_neg();
960 putc('\n', stderr); 1678 putc('\n', stderr);
961 1679
@@ -1023,6 +1741,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
1023 1741
1024int test_sqrt(BIO *bp, BN_CTX *ctx) 1742int test_sqrt(BIO *bp, BN_CTX *ctx)
1025 { 1743 {
1744 BN_GENCB cb;
1026 BIGNUM *a,*p,*r; 1745 BIGNUM *a,*p,*r;
1027 int i, j; 1746 int i, j;
1028 int ret = 0; 1747 int ret = 0;
@@ -1031,7 +1750,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1031 p = BN_new(); 1750 p = BN_new();
1032 r = BN_new(); 1751 r = BN_new();
1033 if (a == NULL || p == NULL || r == NULL) goto err; 1752 if (a == NULL || p == NULL || r == NULL) goto err;
1034 1753
1754 BN_GENCB_set(&cb, genprime_cb, NULL);
1755
1035 for (i = 0; i < 16; i++) 1756 for (i = 0; i < 16; i++)
1036 { 1757 {
1037 if (i < 8) 1758 if (i < 8)
@@ -1045,7 +1766,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1045 if (!BN_set_word(a, 32)) goto err; 1766 if (!BN_set_word(a, 32)) goto err;
1046 if (!BN_set_word(r, 2*i + 1)) goto err; 1767 if (!BN_set_word(r, 2*i + 1)) goto err;
1047 1768
1048 if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; 1769 if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err;
1049 putc('\n', stderr); 1770 putc('\n', stderr);
1050 } 1771 }
1051 p->neg = rand_neg(); 1772 p->neg = rand_neg();
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c
index 28aaac2ac1..f598a07cf5 100644
--- a/src/lib/libcrypto/bn/exptest.c
+++ b/src/lib/libcrypto/bn/exptest.c
@@ -195,6 +195,9 @@ int main(int argc, char *argv[])
195err: 195err:
196 ERR_load_crypto_strings(); 196 ERR_load_crypto_strings();
197 ERR_print_errors(out); 197 ERR_print_errors(out);
198#ifdef OPENSSL_SYS_NETWARE
199 printf("ERROR\n");
200#endif
198 EXIT(1); 201 EXIT(1);
199 return(1); 202 return(1);
200 } 203 }