import OpenSSL 1.0.0e

9 files changed, 125 insertions, 98 deletions

diff --git a/src/lib/libcrypto/bn/asm/alpha-mont.pl b/src/lib/libcrypto/bn/asm/alpha-mont.pl
index f7e0ca1646..03596e2014 100644
--- a/src/lib/libcrypto/bn/asm/alpha-mont.pl
+++ b/src/lib/libcrypto/bn/asm/alpha-mont.pl
@@ -41,8 +41,12 @@ $j="s4";
 $m1="s5";
 
 $code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
 #include <asm.h>
 #include <regdef.h>
+#endif
 
 .text
 
@@ -76,7 +80,7 @@ bn_mul_mont:
         ldq     $aj,8($ap)
         subq    sp,AT,sp
         ldq     $bi,0($bp)      # bp[0]
-        mov     -4096,AT
+        lda     AT,-4096(zero)  # mov   -4096,AT
         ldq     $n0,0($n0)
         and     sp,AT,sp
 
@@ -106,9 +110,9 @@ bn_mul_mont:
 .align  4
 .L1st:
         .set    noreorder
-        ldq     $aj,($aj)
+        ldq     $aj,0($aj)
         addl    $j,1,$j
-        ldq     $nj,($nj)
+        ldq     $nj,0($nj)
         lda     $tp,8($tp)
 
         addq    $alo,$hi0,$lo0
@@ -159,12 +163,12 @@ bn_mul_mont:
 .align  4
 .Louter:
         s8addq  $i,$bp,$bi
-        ldq     $hi0,($ap)
+        ldq     $hi0,0($ap)
         ldq     $aj,8($ap)
-        ldq     $bi,($bi)
-        ldq     $hi1,($np)
+        ldq     $bi,0($bi)
+        ldq     $hi1,0($np)
         ldq     $nj,8($np)
-        ldq     $tj,(sp)
+        ldq     $tj,0(sp)
 
         mulq    $hi0,$bi,$lo0
         umulh   $hi0,$bi,$hi0
@@ -195,10 +199,10 @@ bn_mul_mont:
         .set    noreorder
         ldq     $tj,8($tp)      #L0
         nop                     #U1
-        ldq     $aj,($aj)       #L1
+        ldq     $aj,0($aj)      #L1
         s8addq  $j,$np,$nj      #U0
 
-        ldq     $nj,($nj)       #L0
+        ldq     $nj,0($nj)      #L0
         nop                     #U1
         addq    $alo,$hi0,$lo0  #L1
         lda     $tp,8($tp)
@@ -247,7 +251,7 @@ bn_mul_mont:
         addq    $hi1,v0,$hi1
 
         addq    $hi1,$hi0,$lo1
-        stq     $j,($tp)
+        stq     $j,0($tp)
         cmpult  $lo1,$hi0,$hi1
         addq    $lo1,$tj,$lo1
         cmpult  $lo1,$tj,AT
@@ -265,8 +269,8 @@ bn_mul_mont:
         mov     0,$hi0          # clear borrow bit
 
 .align  4
-.Lsub:  ldq     $lo0,($tp)
-        ldq     $lo1,($np)
+.Lsub:  ldq     $lo0,0($tp)
+        ldq     $lo1,0($np)
         lda     $tp,8($tp)
         lda     $np,8($np)
         subq    $lo0,$lo1,$lo1  # tp[i]-np[i]
@@ -274,7 +278,7 @@ bn_mul_mont:
         subq    $lo1,$hi0,$lo0
         cmpult  $lo1,$lo0,$hi0
         or      $hi0,AT,$hi0
-        stq     $lo0,($rp)
+        stq     $lo0,0($rp)
         cmpult  $tp,$tj,v0
         lda     $rp,8($rp)
         bne     v0,.Lsub
@@ -288,7 +292,7 @@ bn_mul_mont:
         bis     $bp,$ap,$ap     # ap=borrow?tp:rp
 
 .align  4
-.Lcopy: ldq     $aj,($ap)       # copy or in-place refresh
+.Lcopy: ldq     $aj,0($ap)      # copy or in-place refresh
         lda     $tp,8($tp)
         lda     $rp,8($rp)
         lda     $ap,8($ap)
@@ -309,8 +313,8 @@ bn_mul_mont:
         lda     sp,48(sp)
         ret     (ra)
 .end    bn_mul_mont
-.rdata
-.asciiz "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.ascii  "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align  2
 ___
 
 print $code;
diff --git a/src/lib/libcrypto/bn/asm/s390x-mont.pl b/src/lib/libcrypto/bn/asm/s390x-mont.pl
index d23251033b..f61246f5b6 100644
--- a/src/lib/libcrypto/bn/asm/s390x-mont.pl
+++ b/src/lib/libcrypto/bn/asm/s390x-mont.pl
@@ -69,8 +69,8 @@ bn_mul_mont:
         cghi    $num,16         #
         lghi    %r2,0           #
         blr     %r14            # if($num<16) return 0;
-        cghi    $num,128        #
-        bhr     %r14            # if($num>128) return 0;
+        cghi    $num,96         #
+        bhr     %r14            # if($num>96) return 0;
 
         stmg    %r3,%r15,24($sp)
 
diff --git a/src/lib/libcrypto/bn/asm/s390x.S b/src/lib/libcrypto/bn/asm/s390x.S
index 8f45f5d513..43fcb79bc0 100755
--- a/src/lib/libcrypto/bn/asm/s390x.S
+++ b/src/lib/libcrypto/bn/asm/s390x.S
@@ -1,4 +1,4 @@
-.ident "s390x.S, version 1.0"
+.ident "s390x.S, version 1.1"
 // ====================================================================
 // Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
 // project.
@@ -24,67 +24,67 @@ bn_mul_add_words:
         bler    %r14            // if (len<=0) return 0;
 
         stmg    %r6,%r10,48(%r15)
+        lghi    %r10,3
         lghi    %r8,0           // carry = 0
-        srag    %r10,%r4,2      // cnt=len/4
-        jz      .Loop1_madd
+        nr      %r10,%r4        // len%4
+        sra     %r4,2           // cnt=len/4
+        jz      .Loop1_madd     // carry is incidentally cleared if branch taken
+        algr    zero,zero       // clear carry
 
 .Loop4_madd:
         lg      %r7,0(%r2,%r3)  // ap[i]
         mlgr    %r6,%r5         // *=w
-        algr    %r7,%r8         // +=carry
+        alcgr   %r7,%r8         // +=carry
         alcgr   %r6,zero
         alg     %r7,0(%r2,%r1)  // +=rp[i]
-        alcgr   %r6,zero
         stg     %r7,0(%r2,%r1)  // rp[i]=
 
         lg      %r9,8(%r2,%r3)
         mlgr    %r8,%r5
-        algr    %r9,%r6
+        alcgr   %r9,%r6
         alcgr   %r8,zero
         alg     %r9,8(%r2,%r1)
-        alcgr   %r8,zero
         stg     %r9,8(%r2,%r1)
 
         lg      %r7,16(%r2,%r3)
         mlgr    %r6,%r5
-        algr    %r7,%r8
+        alcgr   %r7,%r8
         alcgr   %r6,zero
         alg     %r7,16(%r2,%r1)
-        alcgr   %r6,zero
         stg     %r7,16(%r2,%r1)
 
         lg      %r9,24(%r2,%r3)
         mlgr    %r8,%r5
-        algr    %r9,%r6
+        alcgr   %r9,%r6
         alcgr   %r8,zero
         alg     %r9,24(%r2,%r1)
-        alcgr   %r8,zero
         stg     %r9,24(%r2,%r1)
 
         la      %r2,32(%r2)     // i+=4
-        brct    %r10,.Loop4_madd
+        brct    %r4,.Loop4_madd
 
-        lghi    %r10,3
-        nr      %r4,%r10        // cnt=len%4
-        jz      .Lend_madd
+        la      %r10,1(%r10)            // see if len%4 is zero ...
+        brct    %r10,.Loop1_madd        // without touching condition code:-)
+
+.Lend_madd:
+        alcgr   %r8,zero        // collect carry bit
+        lgr     %r2,%r8
+        lmg     %r6,%r10,48(%r15)
+        br      %r14
 
 .Loop1_madd:
         lg      %r7,0(%r2,%r3)  // ap[i]
         mlgr    %r6,%r5         // *=w
-        algr    %r7,%r8         // +=carry
+        alcgr   %r7,%r8         // +=carry
         alcgr   %r6,zero
         alg     %r7,0(%r2,%r1)  // +=rp[i]
-        alcgr   %r6,zero
         stg     %r7,0(%r2,%r1)  // rp[i]=
 
         lgr     %r8,%r6
         la      %r2,8(%r2)      // i++
-        brct    %r4,.Loop1_madd
+        brct    %r10,.Loop1_madd
 
-.Lend_madd:
-        lgr     %r2,%r8
-        lmg     %r6,%r10,48(%r15)
-        br      %r14
+        j       .Lend_madd
 .size   bn_mul_add_words,.-bn_mul_add_words
 
 // BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
@@ -99,57 +99,57 @@ bn_mul_words:
         bler    %r14            // if (len<=0) return 0;
 
         stmg    %r6,%r10,48(%r15)
+        lghi    %r10,3
         lghi    %r8,0           // carry = 0
-        srag    %r10,%r4,2      // cnt=len/4
-        jz      .Loop1_mul
+        nr      %r10,%r4        // len%4
+        sra     %r4,2           // cnt=len/4
+        jz      .Loop1_mul      // carry is incidentally cleared if branch taken
+        algr    zero,zero       // clear carry
 
 .Loop4_mul:
         lg      %r7,0(%r2,%r3)  // ap[i]
         mlgr    %r6,%r5         // *=w
-        algr    %r7,%r8         // +=carry
-        alcgr   %r6,zero
+        alcgr   %r7,%r8         // +=carry
         stg     %r7,0(%r2,%r1)  // rp[i]=
 
         lg      %r9,8(%r2,%r3)
         mlgr    %r8,%r5
-        algr    %r9,%r6
-        alcgr   %r8,zero
+        alcgr   %r9,%r6
         stg     %r9,8(%r2,%r1)
 
         lg      %r7,16(%r2,%r3)
         mlgr    %r6,%r5
-        algr    %r7,%r8
-        alcgr   %r6,zero
+        alcgr   %r7,%r8
         stg     %r7,16(%r2,%r1)
 
         lg      %r9,24(%r2,%r3)
         mlgr    %r8,%r5
-        algr    %r9,%r6
-        alcgr   %r8,zero
+        alcgr   %r9,%r6
         stg     %r9,24(%r2,%r1)
 
         la      %r2,32(%r2)     // i+=4
-        brct    %r10,.Loop4_mul
+        brct    %r4,.Loop4_mul
 
-        lghi    %r10,3
-        nr      %r4,%r10        // cnt=len%4
-        jz      .Lend_mul
+        la      %r10,1(%r10)            // see if len%4 is zero ...
+        brct    %r10,.Loop1_mul         // without touching condition code:-)
+
+.Lend_mul:
+        alcgr   %r8,zero        // collect carry bit
+        lgr     %r2,%r8
+        lmg     %r6,%r10,48(%r15)
+        br      %r14
 
 .Loop1_mul:
         lg      %r7,0(%r2,%r3)  // ap[i]
         mlgr    %r6,%r5         // *=w
-        algr    %r7,%r8         // +=carry
-        alcgr   %r6,zero
+        alcgr   %r7,%r8         // +=carry
         stg     %r7,0(%r2,%r1)  // rp[i]=
 
         lgr     %r8,%r6
         la      %r2,8(%r2)      // i++
-        brct    %r4,.Loop1_mul
+        brct    %r10,.Loop1_mul
 
-.Lend_mul:
-        lgr     %r2,%r8
-        lmg     %r6,%r10,48(%r15)
-        br      %r14
+        j       .Lend_mul
 .size   bn_mul_words,.-bn_mul_words
 
 // void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index e484b7fc11..a0bc47837d 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -253,6 +253,24 @@ extern "C" {
 #define BN_HEX_FMT2     "%08X"
 #endif
 
+/* 2011-02-22 SMS.
+ * In various places, a size_t variable or a type cast to size_t was
+ * used to perform integer-only operations on pointers.  This failed on
+ * VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
+ * still only 32 bits.  What's needed in these cases is an integer type
+ * with the same size as a pointer, which size_t is not certain to be. 
+ * The only fix here is VMS-specific.
+ */
+#if defined(OPENSSL_SYS_VMS)
+# if __INITIAL_POINTER_SIZE == 64
+#  define PTR_SIZE_INT long long
+# else /* __INITIAL_POINTER_SIZE == 64 */
+#  define PTR_SIZE_INT int
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+#else /* defined(OPENSSL_SYS_VMS) */
+# define PTR_SIZE_INT size_t
+#endif /* defined(OPENSSL_SYS_VMS) [else] */
+
 #define BN_DEFAULT_BITS 1280
 
 #define BN_FLG_MALLOCED         0x01
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
index b3f43cec8c..bd0c34b91b 100644
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ b/src/lib/libcrypto/bn/bn_exp2.c
@@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
                         r_is_one = 0;
                         }
                 }
-        BN_from_montgomery(rr,r,mont,ctx);
+        if (!BN_from_montgomery(rr,r,mont,ctx))
+                goto err;
         ret=1;
 err:
         if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c
index 527b0fa15b..432a3aa338 100644
--- a/src/lib/libcrypto/bn/bn_gf2m.c
+++ b/src/lib/libcrypto/bn/bn_gf2m.c
@@ -545,6 +545,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
                 {
                 while (!BN_is_odd(u))
                         {
+                        if (BN_is_zero(u)) goto err;
                         if (!BN_rshift1(u, u)) goto err;
                         if (BN_is_odd(b))
                                 {
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
index 7224637ab3..1a866880f5 100644
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ b/src/lib/libcrypto/bn/bn_mont.c
@@ -277,7 +277,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
         m1|=m2;                 /* (al!=ri) */
         m1|=(0-(size_t)v);      /* (al!=ri || v) */
         m1&=~m2;                /* (al!=ri || v) && !al>ri */
-        nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1));
+        nrp=(BN_ULONG *)(((PTR_SIZE_INT)rp&~m1)|((PTR_SIZE_INT)ap&m1));
         }
 
         /* 'i<ri' is chosen to eliminate dependency on input data, even
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
index a0e9ec3b46..12e5be80eb 100644
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ b/src/lib/libcrypto/bn/bn_mul.c
@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
              int tna, int tnb, BN_ULONG *t)
         {
         int i,j,n2=n*2;
-        int c1,c2,neg,zero;
+        int c1,c2,neg;
         BN_ULONG ln,lo,*p;
 
 # ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
         /* r=(a[0]-a[1])*(b[1]-b[0]) */
         c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
         c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
-        zero=neg=0;
+        neg=0;
         switch (c1*3+c2)
                 {
         case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
                 bn_sub_part_words(&(t[n]),b,      &(b[n]),tnb,n-tnb); /* - */
                 break;
         case -3:
-                zero=1;
                 /* break; */
         case -2:
                 bn_sub_part_words(t,      &(a[n]),a,      tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
         case -1:
         case 0:
         case 1:
-                zero=1;
                 /* break; */
         case 2:
                 bn_sub_part_words(t,      a,      &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
                 neg=1;
                 break;
         case 3:
-                zero=1;
                 /* break; */
         case 4:
                 bn_sub_part_words(t,      a,      &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                 {
                 if (i >= -1 && i <= 1)
                         {
-                        int sav_j =0;
                         /* Find out the power of two lower or equal
                            to the longest of the two numbers */
                         if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                                 {
                                 j = BN_num_bits_word((BN_ULONG)bl);
                                 }
-                        sav_j = j;
                         j = 1<<(j-1);
                         assert(j <= al || j <= bl);
                         k = j+j;
diff --git a/src/lib/libcrypto/bn/bn_nist.c b/src/lib/libcrypto/bn/bn_nist.c
index 2ca5b01391..c6de032696 100644
--- a/src/lib/libcrypto/bn/bn_nist.c
+++ b/src/lib/libcrypto/bn/bn_nist.c
@@ -354,7 +354,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
                  buf[BN_NIST_192_TOP],
                  c_d[BN_NIST_192_TOP],
                 *res;
-        size_t   mask;
+        PTR_SIZE_INT mask;
         static const BIGNUM _bignum_nist_p_192_sqr = {
                 (BN_ULONG *)_nist_p_192_sqr,
                 sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]),
@@ -405,9 +405,10 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
          * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
          * this is what happens below, but without explicit if:-) a.
          */
-        mask  = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
-        mask &= 0-(size_t)carry;
-        res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+        mask  = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
+        mask &= 0-(PTR_SIZE_INT)carry;
+        res   = (BN_ULONG *)
+         (((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask));
         nist_cp_bn(r_d, res, BN_NIST_192_TOP);
         r->top = BN_NIST_192_TOP;
         bn_correct_top(r);
@@ -438,8 +439,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
                  buf[BN_NIST_224_TOP],
                  c_d[BN_NIST_224_TOP],
                 *res;
-        size_t   mask;
-        union { bn_addsub_f f; size_t p; } u;
+        PTR_SIZE_INT mask;
+        union { bn_addsub_f f; PTR_SIZE_INT p; } u;
         static const BIGNUM _bignum_nist_p_224_sqr = {
                 (BN_ULONG *)_nist_p_224_sqr,
                 sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]),
@@ -510,16 +511,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
                  * to be compared to the modulus and conditionally
                  * adjusted by *subtracting* the latter. */
                 carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_224_TOP);
-                mask = 0-(size_t)carry;
-                u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
+                mask = 0-(PTR_SIZE_INT)carry;
+                u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
+                 ((PTR_SIZE_INT)bn_add_words&~mask);
                 }
         else
                 carry = 1;
 
         /* otherwise it's effectively same as in BN_nist_mod_192... */
-        mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
-        mask &= 0-(size_t)carry;
-        res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+        mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
+        mask &= 0-(PTR_SIZE_INT)carry;
+        res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+         ((PTR_SIZE_INT)r_d&mask));
         nist_cp_bn(r_d, res, BN_NIST_224_TOP);
         r->top = BN_NIST_224_TOP;
         bn_correct_top(r);
@@ -549,8 +552,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
                  buf[BN_NIST_256_TOP],
                  c_d[BN_NIST_256_TOP],
                 *res;
-        size_t   mask;
-        union { bn_addsub_f f; size_t p; } u;
+        PTR_SIZE_INT mask;
+        union { bn_addsub_f f; PTR_SIZE_INT p; } u;
         static const BIGNUM _bignum_nist_p_256_sqr = {
                 (BN_ULONG *)_nist_p_256_sqr,
                 sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]),
@@ -629,15 +632,17 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
         else if (carry < 0)
                 {
                 carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_256_TOP);
-                mask = 0-(size_t)carry;
-                u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
+                mask = 0-(PTR_SIZE_INT)carry;
+                u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
+                 ((PTR_SIZE_INT)bn_add_words&~mask);
                 }
         else
                 carry = 1;
 
-        mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
-        mask &= 0-(size_t)carry;
-        res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+        mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
+        mask &= 0-(PTR_SIZE_INT)carry;
+        res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+         ((PTR_SIZE_INT)r_d&mask));
         nist_cp_bn(r_d, res, BN_NIST_256_TOP);
         r->top = BN_NIST_256_TOP;
         bn_correct_top(r);
@@ -671,8 +676,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
                  buf[BN_NIST_384_TOP],
                  c_d[BN_NIST_384_TOP],
                 *res;
-        size_t   mask;
-        union { bn_addsub_f f; size_t p; } u;
+        PTR_SIZE_INT mask;
+        union { bn_addsub_f f; PTR_SIZE_INT p; } u;
         static const BIGNUM _bignum_nist_p_384_sqr = {
                 (BN_ULONG *)_nist_p_384_sqr,
                 sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]),
@@ -754,15 +759,17 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
         else if (carry < 0)
                 {
                 carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_384_TOP);
-                mask = 0-(size_t)carry;
-                u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
+                mask = 0-(PTR_SIZE_INT)carry;
+                u.p = ((PTR_SIZE_INT)bn_sub_words&mask) |
+                 ((PTR_SIZE_INT)bn_add_words&~mask);
                 }
         else
                 carry = 1;
 
-        mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
-        mask &= 0-(size_t)carry;
-        res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+        mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
+        mask &= 0-(PTR_SIZE_INT)carry;
+        res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+         ((PTR_SIZE_INT)r_d&mask));
         nist_cp_bn(r_d, res, BN_NIST_384_TOP);
         r->top = BN_NIST_384_TOP;
         bn_correct_top(r);
@@ -781,7 +788,7 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
         BN_ULONG *r_d, *a_d = a->d,
                  t_d[BN_NIST_521_TOP],
                  val,tmp,*res;
-        size_t  mask;
+        PTR_SIZE_INT mask;
         static const BIGNUM _bignum_nist_p_521_sqr = {
                 (BN_ULONG *)_nist_p_521_sqr,
                 sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]),
@@ -826,8 +833,9 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
         r_d[i] &= BN_NIST_521_TOP_MASK;
 
         bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
-        mask = 0-(size_t)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
-        res  = (BN_ULONG *)(((size_t)t_d&~mask) | ((size_t)r_d&mask));
+        mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
+        res  = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) |
+         ((PTR_SIZE_INT)r_d&mask));
         nist_cp_bn(r_d,res,BN_NIST_521_TOP);
         r->top = BN_NIST_521_TOP;
         bn_correct_top(r);