summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bn_exp2.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/bn/bn_exp2.c')
-rw-r--r--src/lib/libcrypto/bn/bn_exp2.c56
1 files changed, 29 insertions, 27 deletions
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
index b3f43cec8c..73ccd58a83 100644
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ b/src/lib/libcrypto/bn/bn_exp2.c
@@ -120,11 +120,10 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
120 BN_CTX *ctx, BN_MONT_CTX *in_mont) 120 BN_CTX *ctx, BN_MONT_CTX *in_mont)
121 { 121 {
122 int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; 122 int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2;
123 int r_is_one=1; 123 int r_is_one=1,ts1=0,ts2=0;
124 BIGNUM *d,*r; 124 BIGNUM *d,*r;
125 const BIGNUM *a_mod_m; 125 const BIGNUM *a_mod_m;
126 /* Tables of variables obtained from 'ctx' */ 126 BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE];
127 BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE];
128 BN_MONT_CTX *mont=NULL; 127 BN_MONT_CTX *mont=NULL;
129 128
130 bn_check_top(a1); 129 bn_check_top(a1);
@@ -151,9 +150,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
151 BN_CTX_start(ctx); 150 BN_CTX_start(ctx);
152 d = BN_CTX_get(ctx); 151 d = BN_CTX_get(ctx);
153 r = BN_CTX_get(ctx); 152 r = BN_CTX_get(ctx);
154 val1[0] = BN_CTX_get(ctx); 153 if (d == NULL || r == NULL) goto err;
155 val2[0] = BN_CTX_get(ctx);
156 if(!d || !r || !val1[0] || !val2[0]) goto err;
157 154
158 if (in_mont != NULL) 155 if (in_mont != NULL)
159 mont=in_mont; 156 mont=in_mont;
@@ -169,67 +166,69 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
169 /* 166 /*
170 * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1) 167 * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1)
171 */ 168 */
169 BN_init(&val1[0]);
170 ts1=1;
172 if (a1->neg || BN_ucmp(a1,m) >= 0) 171 if (a1->neg || BN_ucmp(a1,m) >= 0)
173 { 172 {
174 if (!BN_mod(val1[0],a1,m,ctx)) 173 if (!BN_mod(&(val1[0]),a1,m,ctx))
175 goto err; 174 goto err;
176 a_mod_m = val1[0]; 175 a_mod_m = &(val1[0]);
177 } 176 }
178 else 177 else
179 a_mod_m = a1; 178 a_mod_m = a1;
180 if (BN_is_zero(a_mod_m)) 179 if (BN_is_zero(a_mod_m))
181 { 180 {
182 BN_zero(rr); 181 ret = BN_zero(rr);
183 ret = 1;
184 goto err; 182 goto err;
185 } 183 }
186 184
187 if (!BN_to_montgomery(val1[0],a_mod_m,mont,ctx)) goto err; 185 if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err;
188 if (window1 > 1) 186 if (window1 > 1)
189 { 187 {
190 if (!BN_mod_mul_montgomery(d,val1[0],val1[0],mont,ctx)) goto err; 188 if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err;
191 189
192 j=1<<(window1-1); 190 j=1<<(window1-1);
193 for (i=1; i<j; i++) 191 for (i=1; i<j; i++)
194 { 192 {
195 if(((val1[i] = BN_CTX_get(ctx)) == NULL) || 193 BN_init(&(val1[i]));
196 !BN_mod_mul_montgomery(val1[i],val1[i-1], 194 if (!BN_mod_mul_montgomery(&(val1[i]),&(val1[i-1]),d,mont,ctx))
197 d,mont,ctx))
198 goto err; 195 goto err;
199 } 196 }
197 ts1=i;
200 } 198 }
201 199
202 200
203 /* 201 /*
204 * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1) 202 * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1)
205 */ 203 */
204 BN_init(&val2[0]);
205 ts2=1;
206 if (a2->neg || BN_ucmp(a2,m) >= 0) 206 if (a2->neg || BN_ucmp(a2,m) >= 0)
207 { 207 {
208 if (!BN_mod(val2[0],a2,m,ctx)) 208 if (!BN_mod(&(val2[0]),a2,m,ctx))
209 goto err; 209 goto err;
210 a_mod_m = val2[0]; 210 a_mod_m = &(val2[0]);
211 } 211 }
212 else 212 else
213 a_mod_m = a2; 213 a_mod_m = a2;
214 if (BN_is_zero(a_mod_m)) 214 if (BN_is_zero(a_mod_m))
215 { 215 {
216 BN_zero(rr); 216 ret = BN_zero(rr);
217 ret = 1;
218 goto err; 217 goto err;
219 } 218 }
220 if (!BN_to_montgomery(val2[0],a_mod_m,mont,ctx)) goto err; 219 if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err;
221 if (window2 > 1) 220 if (window2 > 1)
222 { 221 {
223 if (!BN_mod_mul_montgomery(d,val2[0],val2[0],mont,ctx)) goto err; 222 if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err;
224 223
225 j=1<<(window2-1); 224 j=1<<(window2-1);
226 for (i=1; i<j; i++) 225 for (i=1; i<j; i++)
227 { 226 {
228 if(((val2[i] = BN_CTX_get(ctx)) == NULL) || 227 BN_init(&(val2[i]));
229 !BN_mod_mul_montgomery(val2[i],val2[i-1], 228 if (!BN_mod_mul_montgomery(&(val2[i]),&(val2[i-1]),d,mont,ctx))
230 d,mont,ctx))
231 goto err; 229 goto err;
232 } 230 }
231 ts2=i;
233 } 232 }
234 233
235 234
@@ -286,7 +285,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
286 if (wvalue1 && b == wpos1) 285 if (wvalue1 && b == wpos1)
287 { 286 {
288 /* wvalue1 is odd and < 2^window1 */ 287 /* wvalue1 is odd and < 2^window1 */
289 if (!BN_mod_mul_montgomery(r,r,val1[wvalue1>>1],mont,ctx)) 288 if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx))
290 goto err; 289 goto err;
291 wvalue1 = 0; 290 wvalue1 = 0;
292 r_is_one = 0; 291 r_is_one = 0;
@@ -295,7 +294,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
295 if (wvalue2 && b == wpos2) 294 if (wvalue2 && b == wpos2)
296 { 295 {
297 /* wvalue2 is odd and < 2^window2 */ 296 /* wvalue2 is odd and < 2^window2 */
298 if (!BN_mod_mul_montgomery(r,r,val2[wvalue2>>1],mont,ctx)) 297 if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx))
299 goto err; 298 goto err;
300 wvalue2 = 0; 299 wvalue2 = 0;
301 r_is_one = 0; 300 r_is_one = 0;
@@ -306,6 +305,9 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
306err: 305err:
307 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); 306 if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
308 BN_CTX_end(ctx); 307 BN_CTX_end(ctx);
309 bn_check_top(rr); 308 for (i=0; i<ts1; i++)
309 BN_clear_free(&(val1[i]));
310 for (i=0; i<ts2; i++)
311 BN_clear_free(&(val2[i]));
310 return(ret); 312 return(ret);
311 } 313 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 14:09:23 +0000