Provide bn_mul_words() on amd64.

This uses s2n-bignum's bignum_mul() and provides significant performance
gains for a range of multiplication sizes.

2 files changed, 12 insertions, 2 deletions

diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
index 5f3549fc26..0fe6070efa 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
+++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bn_arch.c,v 1.15 2025/08/31 09:34:51 jsing Exp $ */
+/*      $OpenBSD: bn_arch.c,v 1.16 2025/09/01 15:15:44 jsing Exp $ */
 /*
  * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
  *
@@ -126,6 +126,15 @@ bn_mul_comba8(BN_ULONG *rd, const BN_ULONG *ad, const BN_ULONG *bd)
 }
 #endif
 
+#ifdef HAVE_BN_MUL_WORDS
+void
+bn_mul_words(BN_ULONG *r, BN_ULONG *a, int a_len, BN_ULONG *b, int b_len)
+{
+        bignum_mul(a_len + b_len, (uint64_t *)r, a_len, (const uint64_t *)a,
+            b_len, (const uint64_t *)b);
+}
+#endif
+
 #ifdef HAVE_BN_MULW_ADD_WORDS
 BN_ULONG
 bn_mulw_add_words(BN_ULONG *rd, const BN_ULONG *ad, int num, BN_ULONG w)
diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
index f42c6bc201..3cb1d1d274 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
+++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bn_arch.h,v 1.18 2025/08/30 07:54:27 jsing Exp $ */
+/*      $OpenBSD: bn_arch.h,v 1.19 2025/09/01 15:15:44 jsing Exp $ */
 /*
  * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
  *
@@ -33,6 +33,7 @@
 #define HAVE_BN_MUL_COMBA4
 #define HAVE_BN_MUL_COMBA6
 #define HAVE_BN_MUL_COMBA8
+#define HAVE_BN_MUL_WORDS
 #define HAVE_BN_MULW_ADD_WORDS
 #define HAVE_BN_MULW_WORDS