3 files changed, 44 insertions, 39 deletions
diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
index 55275aa14e..a377a05681 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
+++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bn_arch.c,v 1.6 2023/02/22 05:46:37 jsing Exp $ */
+/*      $OpenBSD: bn_arch.c,v 1.7 2023/06/24 16:01:44 jsing Exp $ */
 /*
 * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
 *
@@ -96,9 +96,9 @@ bn_mul_comba8(BN_ULONG *rd, BN_ULONG *ad, BN_ULONG *bd)
 #ifdef HAVE_BN_SQR
 int
-bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx)
+bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx)
 {
-        bignum_sqr(rn, (uint64_t *)r->d, a->top, (uint64_t *)a->d);
+        bignum_sqr(r_len, (uint64_t *)r->d, a->top, (uint64_t *)a->d);
        return 1;
 }
diff --git a/src/lib/libcrypto/bn/bn_local.h b/src/lib/libcrypto/bn/bn_local.h
index c86e4d032b..17f5447bec 100644
--- a/src/lib/libcrypto/bn/bn_local.h
+++ b/src/lib/libcrypto/bn/bn_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_local.h,v 1.23 2023/06/21 07:41:55 jsing Exp $ */
+/* $OpenBSD: bn_local.h,v 1.24 2023/06/24 16:01:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -252,7 +252,6 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
 void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
 void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
 void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
 void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
index d414800feb..4eab796c90 100644
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ b/src/lib/libcrypto/bn/bn_sqr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_sqr.c,v 1.30 2023/04/19 10:51:22 jsing Exp $ */
+/* $OpenBSD: bn_sqr.c,v 1.31 2023/06/24 16:01:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -191,52 +191,58 @@ bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
 }
 #endif
-/* tmp must have 2*n words */
+#ifndef HAVE_BN_SQR
-void
+static void
-bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
+bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len,
+    BN_ULONG *tmp)
 {
-        int i, j, max;
        const BN_ULONG *ap;
        BN_ULONG *rp;
+        BN_ULONG w;
+        int n;
+        if (a_len <= 0)
+                return;
-        max = n * 2;
        ap = a;
+        w = ap[0];
+        ap++;
        rp = r;
-        rp[0] = rp[max - 1] = 0;
+        rp[0] = rp[r_len - 1] = 0;
        rp++;
-        j = n;
-        if (--j > 0) {
+        /* Compute initial product - r[n:1] = a[n:1] * a[0] */
-                ap++;
+        n = a_len - 1;
-                rp[j] = bn_mul_words(rp, ap, j, ap[-1]);
+        rp[n] = bn_mul_words(rp, ap, n, w);
-                rp += 2;
+        rp += 2;
-        }
+        n--;
-        for (i = n - 2; i > 0; i--) {
+        /* Compute and sum remaining products. */
-                j--;
+        while (n > 0) {
+                w = ap[0];
                ap++;
-                rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);
+                rp[n] = bn_mul_add_words(rp, ap, n, w);
                rp += 2;
+                n--;
        }
-        bn_add_words(r, r, r, max);
+        /* Double the sum of products. */
+        bn_add_words(r, r, r, r_len);
-        /* There will not be a carry */
-        bn_sqr_words(tmp, a, n);
-        bn_add_words(r, r, tmp, max);
+        /* Add squares. */
+        bn_sqr_words(tmp, a, a_len);
+        bn_add_words(r, r, tmp, r_len);
 }
 /*
 * bn_sqr() computes a * a, storing the result in r. The caller must ensure that
 * r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2
 * words.
 */
-#ifndef HAVE_BN_SQR
 int
-bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx)
+bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx)
 {
        BIGNUM *tmp;
        int ret = 0;
@@ -245,10 +251,10 @@ bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx)
        if ((tmp = BN_CTX_get(ctx)) == NULL)
                goto err;
+        if (!bn_wexpand(tmp, r_len))
-        if (!bn_wexpand(tmp, rn))
                goto err;
-        bn_sqr_normal(r->d, a->d, a->top, tmp->d);
+        bn_sqr_normal(r->d, r_len, a->d, a->top, tmp->d);
        ret = 1;
@@ -263,7 +269,7 @@ int
 BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
 {
        BIGNUM *rr;
-        int rn;
+        int r_len;
        int ret = 1;
        BN_CTX_start(ctx);
@@ -278,10 +284,10 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
        if (rr == NULL)
                goto err;
-        rn = a->top * 2;
+        r_len = a->top * 2;
-        if (rn < a->top)
+        if (r_len < a->top)
                goto err;
-        if (!bn_wexpand(rr, rn))
+        if (!bn_wexpand(rr, r_len))
                goto err;
        if (a->top == 4) {
@@ -289,11 +295,11 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
        } else if (a->top == 8) {
                bn_sqr_comba8(rr->d, a->d);
        } else {
-                if (!bn_sqr(rr, a, rn, ctx))
+                if (!bn_sqr(rr, a, r_len, ctx))
                        goto err;
        }
-        rr->top = rn;
+        rr->top = r_len;
        bn_correct_top(rr);
        rr->neg = 0;

diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c index 55275aa14e..a377a05681 100644 --- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c +++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_arch.c,v 1.6 2023/02/22 05:46:37 jsing Exp $ */	1	/* $OpenBSD: bn_arch.c,v 1.7 2023/06/24 16:01:44 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -96,9 +96,9 @@ bn_mul_comba8(BN_ULONG rd, BN_ULONG ad, BN_ULONG *bd)
96		96
97	#ifdef HAVE_BN_SQR	97	#ifdef HAVE_BN_SQR
98	int	98	int
99	bn_sqr(BIGNUM r, const BIGNUM a, int rn, BN_CTX *ctx)	99	bn_sqr(BIGNUM r, const BIGNUM a, int r_len, BN_CTX *ctx)
100	{	100	{
101	bignum_sqr(rn, (uint64_t )r->d, a->top, (uint64_t )a->d);	101	bignum_sqr(r_len, (uint64_t )r->d, a->top, (uint64_t )a->d);
102		102
103	return 1;	103	return 1;
104	}	104	}


diff --git a/src/lib/libcrypto/bn/bn_local.h b/src/lib/libcrypto/bn/bn_local.h index c86e4d032b..17f5447bec 100644 --- a/src/lib/libcrypto/bn/bn_local.h +++ b/src/lib/libcrypto/bn/bn_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_local.h,v 1.23 2023/06/21 07:41:55 jsing Exp $ */	1	/* $OpenBSD: bn_local.h,v 1.24 2023/06/24 16:01:43 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -252,7 +252,6 @@ void bn_mul_normal(BN_ULONG r, BN_ULONG a, int na, BN_ULONG *b, int nb);
252	void bn_mul_comba4(BN_ULONG r, BN_ULONG a, BN_ULONG *b);	252	void bn_mul_comba4(BN_ULONG r, BN_ULONG a, BN_ULONG *b);
253	void bn_mul_comba8(BN_ULONG r, BN_ULONG a, BN_ULONG *b);	253	void bn_mul_comba8(BN_ULONG r, BN_ULONG a, BN_ULONG *b);
254		254
255	void bn_sqr_normal(BN_ULONG r, const BN_ULONG a, int n, BN_ULONG *tmp);
256	void bn_sqr_comba4(BN_ULONG r, const BN_ULONG a);	255	void bn_sqr_comba4(BN_ULONG r, const BN_ULONG a);
257	void bn_sqr_comba8(BN_ULONG r, const BN_ULONG a);	256	void bn_sqr_comba8(BN_ULONG r, const BN_ULONG a);
258		257


diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c index d414800feb..4eab796c90 100644 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ b/src/lib/libcrypto/bn/bn_sqr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_sqr.c,v 1.30 2023/04/19 10:51:22 jsing Exp $ */	1	/* $OpenBSD: bn_sqr.c,v 1.31 2023/06/24 16:01:43 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -191,52 +191,58 @@ bn_sqr_words(BN_ULONG r, const BN_ULONG a, int n)
191	}	191	}
192	#endif	192	#endif
193		193
194	/* tmp must have 2n words /	194	#ifndef HAVE_BN_SQR
195	void	195	static void
196	bn_sqr_normal(BN_ULONG r, const BN_ULONG a, int n, BN_ULONG *tmp)	196	bn_sqr_normal(BN_ULONG r, int r_len, const BN_ULONG a, int a_len,
		197	BN_ULONG *tmp)
197	{	198	{
198	int i, j, max;
199	const BN_ULONG *ap;	199	const BN_ULONG *ap;
200	BN_ULONG *rp;	200	BN_ULONG *rp;
		201	BN_ULONG w;
		202	int n;
		203
		204	if (a_len <= 0)
		205	return;
201		206
202	max = n * 2;
203	ap = a;	207	ap = a;
		208	w = ap[0];
		209	ap++;
		210
204	rp = r;	211	rp = r;
205	rp[0] = rp[max - 1] = 0;	212	rp[0] = rp[r_len - 1] = 0;
206	rp++;	213	rp++;
207	j = n;
208		214
209	if (--j > 0) {	215	/* Compute initial product - r[n:1] = a[n:1] * a[0] */
210	ap++;	216	n = a_len - 1;
211	rp[j] = bn_mul_words(rp, ap, j, ap[-1]);	217	rp[n] = bn_mul_words(rp, ap, n, w);
212	rp += 2;	218	rp += 2;
213	}	219	n--;
214		220
215	for (i = n - 2; i > 0; i--) {	221	/* Compute and sum remaining products. */
216	j--;	222	while (n > 0) {
		223	w = ap[0];
217	ap++;	224	ap++;
218	rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);	225
		226	rp[n] = bn_mul_add_words(rp, ap, n, w);
219	rp += 2;	227	rp += 2;
		228	n--;
220	}	229	}
221		230
222	bn_add_words(r, r, r, max);	231	/* Double the sum of products. */
223		232	bn_add_words(r, r, r, r_len);
224	/* There will not be a carry */
225
226	bn_sqr_words(tmp, a, n);
227		233
228	bn_add_words(r, r, tmp, max);	234	/* Add squares. */
		235	bn_sqr_words(tmp, a, a_len);
		236	bn_add_words(r, r, tmp, r_len);
229	}	237	}
230		238
231
232	/*	239	/*
233	* bn_sqr() computes a * a, storing the result in r. The caller must ensure that	240	* bn_sqr() computes a * a, storing the result in r. The caller must ensure that
234	* r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2	241	* r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2
235	* words.	242	* words.
236	*/	243	*/
237	#ifndef HAVE_BN_SQR
238	int	244	int
239	bn_sqr(BIGNUM r, const BIGNUM a, int rn, BN_CTX *ctx)	245	bn_sqr(BIGNUM r, const BIGNUM a, int r_len, BN_CTX *ctx)
240	{	246	{
241	BIGNUM *tmp;	247	BIGNUM *tmp;
242	int ret = 0;	248	int ret = 0;
@@ -245,10 +251,10 @@ bn_sqr(BIGNUM r, const BIGNUM a, int rn, BN_CTX *ctx)
245		251
246	if ((tmp = BN_CTX_get(ctx)) == NULL)	252	if ((tmp = BN_CTX_get(ctx)) == NULL)
247	goto err;	253	goto err;
248		254	if (!bn_wexpand(tmp, r_len))
249	if (!bn_wexpand(tmp, rn))
250	goto err;	255	goto err;
251	bn_sqr_normal(r->d, a->d, a->top, tmp->d);	256
		257	bn_sqr_normal(r->d, r_len, a->d, a->top, tmp->d);
252		258
253	ret = 1;	259	ret = 1;
254		260
@@ -263,7 +269,7 @@ int
263	BN_sqr(BIGNUM r, const BIGNUM a, BN_CTX *ctx)	269	BN_sqr(BIGNUM r, const BIGNUM a, BN_CTX *ctx)
264	{	270	{
265	BIGNUM *rr;	271	BIGNUM *rr;
266	int rn;	272	int r_len;
267	int ret = 1;	273	int ret = 1;
268		274
269	BN_CTX_start(ctx);	275	BN_CTX_start(ctx);
@@ -278,10 +284,10 @@ BN_sqr(BIGNUM r, const BIGNUM a, BN_CTX *ctx)
278	if (rr == NULL)	284	if (rr == NULL)
279	goto err;	285	goto err;
280		286
281	rn = a->top * 2;	287	r_len = a->top * 2;
282	if (rn < a->top)	288	if (r_len < a->top)
283	goto err;	289	goto err;
284	if (!bn_wexpand(rr, rn))	290	if (!bn_wexpand(rr, r_len))
285	goto err;	291	goto err;
286		292
287	if (a->top == 4) {	293	if (a->top == 4) {
@@ -289,11 +295,11 @@ BN_sqr(BIGNUM r, const BIGNUM a, BN_CTX *ctx)
289	} else if (a->top == 8) {	295	} else if (a->top == 8) {
290	bn_sqr_comba8(rr->d, a->d);	296	bn_sqr_comba8(rr->d, a->d);
291	} else {	297	} else {
292	if (!bn_sqr(rr, a, rn, ctx))	298	if (!bn_sqr(rr, a, r_len, ctx))
293	goto err;	299	goto err;
294	}	300	}
295		301
296	rr->top = rn;	302	rr->top = r_len;
297	bn_correct_top(rr);	303	bn_correct_top(rr);
298		304
299	rr->neg = 0;	305	rr->neg = 0;