Refactor BN_mul().

This splits BN_mul() into two parts, one of which is a separate bn_mul() function. This makes the code more readable and managable, while also providing a better entry point for assembly optimisation. A separate bn_mul() is provided for the BN_RECURSION implementation, to reduce complexity. This also enables bn_mul_comba4() for four word long bignums - this was disabled for unknown reasons. ok tb@
author: jsing <> 2023-01-21 15:40:13 +0000
committer: jsing <> 2023-01-21 15:40:13 +0000
commit: d200d65169579227bd90b20b4b228b4f31f27930 (patch)
tree: 8bf2ccf07fee4cf031c6c47db20924e0147e85e9 /src
parent: 2214dcc033ff3579f3a48443478f30f86f6ab1fd (diff)
download: openbsd-d200d65169579227bd90b20b4b228b4f31f27930.tar.gz
openbsd-d200d65169579227bd90b20b4b228b4f31f27930.tar.bz2
openbsd-d200d65169579227bd90b20b4b228b4f31f27930.zip
1 files changed, 81 insertions, 67 deletions
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
index 3a69ef35da..3bf8ce6986 100644
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ b/src/lib/libcrypto/bn/bn_mul.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_mul.c,v 1.28 2023/01/20 17:31:52 jsing Exp $ */
+/* $OpenBSD: bn_mul.c,v 1.29 2023/01/21 15:40:13 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -710,63 +710,32 @@ bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, int tna,
 }
 #endif /* BN_RECURSION */
+#ifndef HAVE_BN_MUL
+#ifndef BN_RECURSION
 int
-BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+bn_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, int rn, BN_CTX *ctx)
 {
-        int ret = 0;
+        bn_mul_normal(r->d, a->d, a->top, b->d, b->top);
-        int top, al, bl;
-        BIGNUM *rr;
+        return 1;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+}
-        int i;
-#endif
-#ifdef BN_RECURSION
-        BIGNUM *t = NULL;
-        int j = 0, k;
-#endif
+#else /* BN_RECURSION */
+int
+bn_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, int rn, BN_CTX *ctx)
+{
+        BIGNUM *t = NULL;
+        int al, bl, i, k;
+        int j = 0;
+        int ret = 0;
+        BN_CTX_start(ctx);
        al = a->top;
        bl = b->top;
-        if ((al == 0) || (bl == 0)) {
-                BN_zero(r);
-                return (1);
-        }
-        top = al + bl;
-        BN_CTX_start(ctx);
-        if ((r == a) || (r == b)) {
-                if ((rr = BN_CTX_get(ctx)) == NULL)
-                        goto err;
-        } else
-                rr = r;
-        rr->neg = a->neg ^ b->neg;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
        i = al - bl;
-#endif
-#ifdef BN_MUL_COMBA
-        if (i == 0) {
-# if 0
-                if (al == 4) {
-                        if (!bn_wexpand(rr, 8))
-                                goto err;
-                        rr->top = 8;
-                        bn_mul_comba4(rr->d, a->d, b->d);
-                        goto end;
-                }
-# endif
-                if (al == 8) {
-                        if (!bn_wexpand(rr, 16))
-                                goto err;
-                        rr->top = 16;
-                        bn_mul_comba8(rr->d, a->d, b->d);
-                        goto end;
-                }
-        }
-#endif /* BN_MUL_COMBA */
-#ifdef BN_RECURSION
        if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {
                if (i >= -1 && i <= 1) {
                        /* Find out the power of two lower or equal
@@ -785,21 +754,21 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                        if (al > j || bl > j) {
                                if (!bn_wexpand(t, k * 4))
                                        goto err;
-                                if (!bn_wexpand(rr, k * 4))
+                                if (!bn_wexpand(r, k * 4))
                                        goto err;
-                                bn_mul_part_recursive(rr->d, a->d, b->d,
+                                bn_mul_part_recursive(r->d, a->d, b->d,
                                    j, al - j, bl - j, t->d);
                        }
                        else    /* al <= j || bl <= j */
                        {
                                if (!bn_wexpand(t, k * 2))
                                        goto err;
-                                if (!bn_wexpand(rr, k * 2))
+                                if (!bn_wexpand(r, k * 2))
                                        goto err;
-                                bn_mul_recursive(rr->d, a->d, b->d,
+                                bn_mul_recursive(r->d, a->d, b->d,
                                    j, al - j, bl - j, t->d);
                        }
-                        rr->top = top;
+                        r->top = rn;
                        goto end;
                }
 #if 0
@@ -830,36 +799,81 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                        {
                                if (!bn_wexpand(t, k * 2))
                                        goto err;
-                                if (!bn_wexpand(rr, k * 2))
+                                if (!bn_wexpand(r, k * 2))
                                        goto err;
-                                bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
+                                bn_mul_recursive(r->d, a->d, b->d, al, t->d);
                        } else {
                                if (!bn_wexpand(t, k * 4))
                                        goto err;
-                                if (!bn_wexpand(rr, k * 4))
+                                if (!bn_wexpand(r, k * 4))
                                        goto err;
-                                bn_mul_part_recursive(rr->d, a->d, b->d,
+                                bn_mul_part_recursive(r->d, a->d, b->d,
                                    al - j, j, t->d);
                        }
-                        rr->top = top;
+                        r->top = top;
                        goto end;
                }
 #endif
        }
+        bn_mul_normal(r->d, a->d, al, b->d, bl);
+ end:
+        ret = 1;
+ err:
+        BN_CTX_end(ctx);
+        return ret;
+}
 #endif /* BN_RECURSION */
-        if (!bn_wexpand(rr, top))
+#endif /* HAVE_BN_MUL */
+int
+BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+        BIGNUM *rr;
+        int rn;
+        int ret = 0;
+        BN_CTX_start(ctx);
+        if (BN_is_zero(a) || BN_is_zero(b)) {
+                BN_zero(r);
+                goto done;
+        }
+        rr = r;
+        if (rr == a || rr == b)
+                rr = BN_CTX_get(ctx);
+        if (rr == NULL)
                goto err;
-        rr->top = top;
-        bn_mul_normal(rr->d, a->d, al, b->d, bl);
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+        rn = a->top + b->top;
-end:
+        if (rn < a->top)
-#endif
+                goto err;
+        if (!bn_wexpand(rr, rn))
+                goto err;
+        if (a->top == 4 && b->top == 4) {
+                bn_mul_comba4(rr->d, a->d, b->d);
+        } else if (a->top == 8 && b->top == 8) {
+                bn_mul_comba8(rr->d, a->d, b->d);
+        } else {
+                if (!bn_mul(rr, a, b, rn, ctx))
+                        goto err;
+        }
+        rr->top = rn;
+        rr->neg = a->neg ^ b->neg;
        bn_correct_top(rr);
        if (r != rr)
                BN_copy(r, rr);
+ done:
        ret = 1;
-err:
+ err:
        BN_CTX_end(ctx);
-        return (ret);
+        return ret;
 }
author	jsing <>	2023-01-21 15:40:13 +0000
committer	jsing <>	2023-01-21 15:40:13 +0000
commit	d200d65169579227bd90b20b4b228b4f31f27930 (patch)
tree	8bf2ccf07fee4cf031c6c47db20924e0147e85e9 /src
parent	2214dcc033ff3579f3a48443478f30f86f6ab1fd (diff)
download	openbsd-d200d65169579227bd90b20b4b228b4f31f27930.tar.gz openbsd-d200d65169579227bd90b20b4b228b4f31f27930.tar.bz2 openbsd-d200d65169579227bd90b20b4b228b4f31f27930.zip

diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index 3a69ef35da..3bf8ce6986 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_mul.c,v 1.28 2023/01/20 17:31:52 jsing Exp $ */	1	/* $OpenBSD: bn_mul.c,v 1.29 2023/01/21 15:40:13 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -710,63 +710,32 @@ bn_mul_part_recursive(BN_ULONG r, BN_ULONG a, BN_ULONG *b, int n, int tna,
710	}	710	}
711	#endif /* BN_RECURSION */	711	#endif /* BN_RECURSION */
712		712
		713	#ifndef HAVE_BN_MUL
		714	#ifndef BN_RECURSION
713	int	715	int
714	BN_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX ctx)	716	bn_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, int rn, BN_CTX ctx)
715	{	717	{
716	int ret = 0;	718	bn_mul_normal(r->d, a->d, a->top, b->d, b->top);
717	int top, al, bl;	719
718	BIGNUM *rr;	720	return 1;
719	#if defined(BN_MUL_COMBA) \|\| defined(BN_RECURSION)	721	}
720	int i;
721	#endif
722	#ifdef BN_RECURSION
723	BIGNUM *t = NULL;
724	int j = 0, k;
725	#endif
726		722
		723	#else /* BN_RECURSION */
		724	int
		725	bn_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, int rn, BN_CTX ctx)
		726	{
		727	BIGNUM *t = NULL;
		728	int al, bl, i, k;
		729	int j = 0;
		730	int ret = 0;
727		731
		732	BN_CTX_start(ctx);
728		733
729	al = a->top;	734	al = a->top;
730	bl = b->top;	735	bl = b->top;
731		736
732	if ((al == 0) \|\| (bl == 0)) {
733	BN_zero(r);
734	return (1);
735	}
736	top = al + bl;
737
738	BN_CTX_start(ctx);
739	if ((r == a) \|\| (r == b)) {
740	if ((rr = BN_CTX_get(ctx)) == NULL)
741	goto err;
742	} else
743	rr = r;
744	rr->neg = a->neg ^ b->neg;
745
746	#if defined(BN_MUL_COMBA) \|\| defined(BN_RECURSION)
747	i = al - bl;	737	i = al - bl;
748	#endif	738
749	#ifdef BN_MUL_COMBA
750	if (i == 0) {
751	# if 0
752	if (al == 4) {
753	if (!bn_wexpand(rr, 8))
754	goto err;
755	rr->top = 8;
756	bn_mul_comba4(rr->d, a->d, b->d);
757	goto end;
758	}
759	# endif
760	if (al == 8) {
761	if (!bn_wexpand(rr, 16))
762	goto err;
763	rr->top = 16;
764	bn_mul_comba8(rr->d, a->d, b->d);
765	goto end;
766	}
767	}
768	#endif /* BN_MUL_COMBA */
769	#ifdef BN_RECURSION
770	if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {	739	if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {
771	if (i >= -1 && i <= 1) {	740	if (i >= -1 && i <= 1) {
772	/* Find out the power of two lower or equal	741	/* Find out the power of two lower or equal
@@ -785,21 +754,21 @@ BN_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX ctx)
785	if (al > j \|\| bl > j) {	754	if (al > j \|\| bl > j) {
786	if (!bn_wexpand(t, k * 4))	755	if (!bn_wexpand(t, k * 4))
787	goto err;	756	goto err;
788	if (!bn_wexpand(rr, k * 4))	757	if (!bn_wexpand(r, k * 4))
789	goto err;	758	goto err;
790	bn_mul_part_recursive(rr->d, a->d, b->d,	759	bn_mul_part_recursive(r->d, a->d, b->d,
791	j, al - j, bl - j, t->d);	760	j, al - j, bl - j, t->d);
792	}	761	}
793	else /* al <= j \|\| bl <= j */	762	else /* al <= j \|\| bl <= j */
794	{	763	{
795	if (!bn_wexpand(t, k * 2))	764	if (!bn_wexpand(t, k * 2))
796	goto err;	765	goto err;
797	if (!bn_wexpand(rr, k * 2))	766	if (!bn_wexpand(r, k * 2))
798	goto err;	767	goto err;
799	bn_mul_recursive(rr->d, a->d, b->d,	768	bn_mul_recursive(r->d, a->d, b->d,
800	j, al - j, bl - j, t->d);	769	j, al - j, bl - j, t->d);
801	}	770	}
802	rr->top = top;	771	r->top = rn;
803	goto end;	772	goto end;
804	}	773	}
805	#if 0	774	#if 0
@@ -830,36 +799,81 @@ BN_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX ctx)
830	{	799	{
831	if (!bn_wexpand(t, k * 2))	800	if (!bn_wexpand(t, k * 2))
832	goto err;	801	goto err;
833	if (!bn_wexpand(rr, k * 2))	802	if (!bn_wexpand(r, k * 2))
834	goto err;	803	goto err;
835	bn_mul_recursive(rr->d, a->d, b->d, al, t->d);	804	bn_mul_recursive(r->d, a->d, b->d, al, t->d);
836	} else {	805	} else {
837	if (!bn_wexpand(t, k * 4))	806	if (!bn_wexpand(t, k * 4))
838	goto err;	807	goto err;
839	if (!bn_wexpand(rr, k * 4))	808	if (!bn_wexpand(r, k * 4))
840	goto err;	809	goto err;
841	bn_mul_part_recursive(rr->d, a->d, b->d,	810	bn_mul_part_recursive(r->d, a->d, b->d,
842	al - j, j, t->d);	811	al - j, j, t->d);
843	}	812	}
844	rr->top = top;	813	r->top = top;
845	goto end;	814	goto end;
846	}	815	}
847	#endif	816	#endif
848	}	817	}
		818
		819	bn_mul_normal(r->d, a->d, al, b->d, bl);
		820
		821	end:
		822	ret = 1;
		823	err:
		824	BN_CTX_end(ctx);
		825
		826	return ret;
		827	}
849	#endif /* BN_RECURSION */	828	#endif /* BN_RECURSION */
850	if (!bn_wexpand(rr, top))	829	#endif /* HAVE_BN_MUL */
		830
		831	int
		832	BN_mul(BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX ctx)
		833	{
		834	BIGNUM *rr;
		835	int rn;
		836	int ret = 0;
		837
		838	BN_CTX_start(ctx);
		839
		840	if (BN_is_zero(a) \|\| BN_is_zero(b)) {
		841	BN_zero(r);
		842	goto done;
		843	}
		844
		845	rr = r;
		846	if (rr == a \|\| rr == b)
		847	rr = BN_CTX_get(ctx);
		848	if (rr == NULL)
851	goto err;	849	goto err;
852	rr->top = top;
853	bn_mul_normal(rr->d, a->d, al, b->d, bl);
854		850
855	#if defined(BN_MUL_COMBA) \|\| defined(BN_RECURSION)	851	rn = a->top + b->top;
856	end:	852	if (rn < a->top)
857	#endif	853	goto err;
		854	if (!bn_wexpand(rr, rn))
		855	goto err;
		856
		857	if (a->top == 4 && b->top == 4) {
		858	bn_mul_comba4(rr->d, a->d, b->d);
		859	} else if (a->top == 8 && b->top == 8) {
		860	bn_mul_comba8(rr->d, a->d, b->d);
		861	} else {
		862	if (!bn_mul(rr, a, b, rn, ctx))
		863	goto err;
		864	}
		865
		866	rr->top = rn;
		867	rr->neg = a->neg ^ b->neg;
		868
858	bn_correct_top(rr);	869	bn_correct_top(rr);
		870
859	if (r != rr)	871	if (r != rr)
860	BN_copy(r, rr);	872	BN_copy(r, rr);
		873	done:
861	ret = 1;	874	ret = 1;
862	err:	875	err:
863	BN_CTX_end(ctx);	876	BN_CTX_end(ctx);
864	return (ret);	877
		878	return ret;
865	}	879	}