summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bn_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/bn/bn_lib.c')
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c942
1 files changed, 493 insertions, 449 deletions
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 7ae14ee4d0..a3a96662e8 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -67,7 +67,7 @@
67#include "cryptlib.h" 67#include "cryptlib.h"
68#include "bn_lcl.h" 68#include "bn_lcl.h"
69 69
70const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT; 70const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
71 71
72/* This stuff appears to be completely unused, so is deprecated */ 72/* This stuff appears to be completely unused, so is deprecated */
73#ifndef OPENSSL_NO_DEPRECATED 73#ifndef OPENSSL_NO_DEPRECATED
@@ -80,150 +80,152 @@ const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
80 * 7 - 128 == 4096 80 * 7 - 128 == 4096
81 * 8 - 256 == 8192 81 * 8 - 256 == 8192
82 */ 82 */
83static int bn_limit_bits=0; 83static int bn_limit_bits = 0;
84static int bn_limit_num=8; /* (1<<bn_limit_bits) */ 84static int bn_limit_num = 8; /* (1<<bn_limit_bits) */
85static int bn_limit_bits_low=0; 85static int bn_limit_bits_low = 0;
86static int bn_limit_num_low=8; /* (1<<bn_limit_bits_low) */ 86static int bn_limit_num_low = 8; /* (1<<bn_limit_bits_low) */
87static int bn_limit_bits_high=0; 87static int bn_limit_bits_high = 0;
88static int bn_limit_num_high=8; /* (1<<bn_limit_bits_high) */ 88static int bn_limit_num_high = 8; /* (1<<bn_limit_bits_high) */
89static int bn_limit_bits_mont=0; 89static int bn_limit_bits_mont = 0;
90static int bn_limit_num_mont=8; /* (1<<bn_limit_bits_mont) */ 90static int bn_limit_num_mont = 8; /* (1<<bn_limit_bits_mont) */
91
92void BN_set_params(int mult, int high, int low, int mont)
93 {
94 if (mult >= 0)
95 {
96 if (mult > (int)(sizeof(int)*8)-1)
97 mult=sizeof(int)*8-1;
98 bn_limit_bits=mult;
99 bn_limit_num=1<<mult;
100 }
101 if (high >= 0)
102 {
103 if (high > (int)(sizeof(int)*8)-1)
104 high=sizeof(int)*8-1;
105 bn_limit_bits_high=high;
106 bn_limit_num_high=1<<high;
107 }
108 if (low >= 0)
109 {
110 if (low > (int)(sizeof(int)*8)-1)
111 low=sizeof(int)*8-1;
112 bn_limit_bits_low=low;
113 bn_limit_num_low=1<<low;
114 }
115 if (mont >= 0)
116 {
117 if (mont > (int)(sizeof(int)*8)-1)
118 mont=sizeof(int)*8-1;
119 bn_limit_bits_mont=mont;
120 bn_limit_num_mont=1<<mont;
121 }
122 }
123 91
124int BN_get_params(int which) 92void
125 { 93BN_set_params(int mult, int high, int low, int mont)
126 if (which == 0) return(bn_limit_bits); 94{
127 else if (which == 1) return(bn_limit_bits_high); 95 if (mult >= 0) {
128 else if (which == 2) return(bn_limit_bits_low); 96 if (mult > (int)(sizeof(int) * 8) - 1)
129 else if (which == 3) return(bn_limit_bits_mont); 97 mult = sizeof(int) * 8 - 1;
130 else return(0); 98 bn_limit_bits = mult;
99 bn_limit_num = 1 << mult;
131 } 100 }
101 if (high >= 0) {
102 if (high > (int)(sizeof(int) * 8) - 1)
103 high = sizeof(int) * 8 - 1;
104 bn_limit_bits_high = high;
105 bn_limit_num_high = 1 << high;
106 }
107 if (low >= 0) {
108 if (low > (int)(sizeof(int) * 8) - 1)
109 low = sizeof(int) * 8 - 1;
110 bn_limit_bits_low = low;
111 bn_limit_num_low = 1 << low;
112 }
113 if (mont >= 0) {
114 if (mont > (int)(sizeof(int) * 8) - 1)
115 mont = sizeof(int) * 8 - 1;
116 bn_limit_bits_mont = mont;
117 bn_limit_num_mont = 1 << mont;
118 }
119}
120
121int
122BN_get_params(int which)
123{
124 if (which == 0)
125 return (bn_limit_bits);
126 else if (which == 1)
127 return (bn_limit_bits_high);
128 else if (which == 2)
129 return (bn_limit_bits_low);
130 else if (which == 3)
131 return (bn_limit_bits_mont);
132 else
133 return (0);
134}
132#endif 135#endif
133 136
134const BIGNUM *BN_value_one(void) 137const BIGNUM *
135 { 138BN_value_one(void)
136 static const BN_ULONG data_one=1L; 139{
137 static const BIGNUM const_one={(BN_ULONG *)&data_one,1,1,0,BN_FLG_STATIC_DATA}; 140 static const BN_ULONG data_one = 1L;
141 static const BIGNUM const_one = {
142 (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA
143 };
138 144
139 return(&const_one); 145 return (&const_one);
140 } 146}
141 147
142int BN_num_bits_word(BN_ULONG l) 148int
143 { 149BN_num_bits_word(BN_ULONG l)
144 static const unsigned char bits[256]={ 150{
145 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4, 151 static const unsigned char bits[256] = {
146 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5, 152 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
147 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, 153 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
148 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, 154 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
149 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 155 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
150 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 156 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
151 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 157 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
152 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 158 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
153 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 159 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
154 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 160 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
155 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 161 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
156 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 162 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
157 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 163 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
158 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 164 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
159 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 165 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
160 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 166 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
161 }; 167 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
168 };
162 169
163#ifdef _LP64 170#ifdef _LP64
164 if (l & 0xffffffff00000000L) 171 if (l & 0xffffffff00000000L) {
165 { 172 if (l & 0xffff000000000000L) {
166 if (l & 0xffff000000000000L) 173 if (l & 0xff00000000000000L) {
167 { 174 return (bits[(int)(l >> 56)] + 56);
168 if (l & 0xff00000000000000L) 175 } else
169 { 176 return (bits[(int)(l >> 48)] + 48);
170 return(bits[(int)(l>>56)]+56); 177 } else {
171 } 178 if (l & 0x0000ff0000000000L) {
172 else return(bits[(int)(l>>48)]+48); 179 return (bits[(int)(l >> 40)] + 40);
173 } 180 } else
174 else 181 return (bits[(int)(l >> 32)] + 32);
175 { 182 }
176 if (l & 0x0000ff0000000000L) 183 } else
177 {
178 return(bits[(int)(l>>40)]+40);
179 }
180 else return(bits[(int)(l>>32)]+32);
181 }
182 }
183 else
184#endif 184#endif
185 { 185 {
186 if (l & 0xffff0000L) 186 if (l & 0xffff0000L) {
187 {
188 if (l & 0xff000000L) 187 if (l & 0xff000000L)
189 return(bits[(int)(l>>24L)]+24); 188 return (bits[(int)(l >> 24L)] + 24);
190 else return(bits[(int)(l>>16L)]+16); 189 else
191 } 190 return (bits[(int)(l >> 16L)] + 16);
192 else 191 } else {
193 {
194 if (l & 0xff00L) 192 if (l & 0xff00L)
195 return(bits[(int)(l>>8)]+8); 193 return (bits[(int)(l >> 8)] + 8);
196 else 194 else
197 return(bits[(int)(l )] ); 195 return (bits[(int)(l)]);
198 }
199 } 196 }
200 } 197 }
198}
201 199
202int BN_num_bits(const BIGNUM *a) 200int
203 { 201BN_num_bits(const BIGNUM *a)
202{
204 int i = a->top - 1; 203 int i = a->top - 1;
204
205 bn_check_top(a); 205 bn_check_top(a);
206 206
207 if (BN_is_zero(a)) return 0; 207 if (BN_is_zero(a))
208 return ((i*BN_BITS2) + BN_num_bits_word(a->d[i])); 208 return 0;
209 } 209 return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
210}
210 211
211void BN_clear_free(BIGNUM *a) 212void
212 { 213BN_clear_free(BIGNUM *a)
214{
213 int i; 215 int i;
214 216
215 if (a == NULL) return; 217 if (a == NULL)
218 return;
216 bn_check_top(a); 219 bn_check_top(a);
217 if (a->d != NULL && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) 220 if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) {
218 { 221 OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
219 OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
220 free(a->d); 222 free(a->d);
221 } 223 }
222 i=BN_get_flags(a,BN_FLG_MALLOCED); 224 i = BN_get_flags(a, BN_FLG_MALLOCED);
223 OPENSSL_cleanse(a,sizeof(BIGNUM)); 225 OPENSSL_cleanse(a, sizeof(BIGNUM));
224 if (i) 226 if (i)
225 free(a); 227 free(a);
226 } 228}
227 229
228void 230void
229BN_free(BIGNUM *a) 231BN_free(BIGNUM *a)
@@ -231,63 +233,61 @@ BN_free(BIGNUM *a)
231 BN_clear_free(a); 233 BN_clear_free(a);
232} 234}
233 235
234void BN_init(BIGNUM *a) 236void
235 { 237BN_init(BIGNUM *a)
236 memset(a,0,sizeof(BIGNUM)); 238{
239 memset(a, 0, sizeof(BIGNUM));
237 bn_check_top(a); 240 bn_check_top(a);
238 } 241}
239 242
240BIGNUM *BN_new(void) 243BIGNUM *
241 { 244BN_new(void)
245{
242 BIGNUM *ret; 246 BIGNUM *ret;
243 247
244 if ((ret=(BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) 248 if ((ret = (BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) {
245 { 249 BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
246 BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); 250 return (NULL);
247 return(NULL);
248 }
249 ret->flags=BN_FLG_MALLOCED;
250 ret->top=0;
251 ret->neg=0;
252 ret->dmax=0;
253 ret->d=NULL;
254 bn_check_top(ret);
255 return(ret);
256 } 251 }
252 ret->flags = BN_FLG_MALLOCED;
253 ret->top = 0;
254 ret->neg = 0;
255 ret->dmax = 0;
256 ret->d = NULL;
257 bn_check_top(ret);
258 return (ret);
259}
257 260
258/* This is used both by bn_expand2() and bn_dup_expand() */ 261/* This is used both by bn_expand2() and bn_dup_expand() */
259/* The caller MUST check that words > b->dmax before calling this */ 262/* The caller MUST check that words > b->dmax before calling this */
260static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) 263static BN_ULONG *
261 { 264bn_expand_internal(const BIGNUM *b, int words)
262 BN_ULONG *A,*a = NULL; 265{
266 BN_ULONG *A, *a = NULL;
263 const BN_ULONG *B; 267 const BN_ULONG *B;
264 int i; 268 int i;
265 269
266 bn_check_top(b); 270 bn_check_top(b);
267 271
268 if (words > (INT_MAX/(4*BN_BITS2))) 272 if (words > (INT_MAX/(4*BN_BITS2))) {
269 { 273 BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
270 BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);
271 return NULL; 274 return NULL;
272 } 275 }
273 if (BN_get_flags(b,BN_FLG_STATIC_DATA)) 276 if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
274 { 277 BNerr(BN_F_BN_EXPAND_INTERNAL,
275 BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); 278 BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
276 return(NULL); 279 return (NULL);
277 } 280 }
278 a=A=(BN_ULONG *)malloc(sizeof(BN_ULONG)*words); 281 a = A = (BN_ULONG *)malloc(sizeof(BN_ULONG)*words);
279 if (A == NULL) 282 if (A == NULL) {
280 { 283 BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
281 BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); 284 return (NULL);
282 return(NULL); 285 }
283 }
284#if 1 286#if 1
285 B=b->d; 287 B = b->d;
286 /* Check if the previous number needs to be copied */ 288 /* Check if the previous number needs to be copied */
287 if (B != NULL) 289 if (B != NULL) {
288 { 290 for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
289 for (i=b->top>>2; i>0; i--,A+=4,B+=4)
290 {
291 /* 291 /*
292 * The fact that the loop is unrolled 292 * The fact that the loop is unrolled
293 * 4-wise is a tribute to Intel. It's 293 * 4-wise is a tribute to Intel. It's
@@ -297,25 +297,33 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
297 * 297 *
298 * <appro@fy.chalmers.se> 298 * <appro@fy.chalmers.se>
299 */ 299 */
300 BN_ULONG a0,a1,a2,a3; 300 BN_ULONG a0, a1, a2, a3;
301 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; 301 a0 = B[0];
302 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; 302 a1 = B[1];
303 } 303 a2 = B[2];
304 switch (b->top&3) 304 a3 = B[3];
305 { 305 A[0] = a0;
306 case 3: A[2]=B[2]; 306 A[1] = a1;
307 case 2: A[1]=B[1]; 307 A[2] = a2;
308 case 1: A[0]=B[0]; 308 A[3] = a3;
309 } 309 }
310 switch (b->top & 3) {
311 case 3:
312 A[2] = B[2];
313 case 2:
314 A[1] = B[1];
315 case 1:
316 A[0] = B[0];
310 } 317 }
318 }
311 319
312#else 320#else
313 memset(A,0,sizeof(BN_ULONG)*words); 321 memset(A, 0, sizeof(BN_ULONG) * words);
314 memcpy(A,b->d,sizeof(b->d[0])*b->top); 322 memcpy(A, b->d, sizeof(b->d[0]) * b->top);
315#endif 323#endif
316 324
317 return(a); 325 return (a);
318 } 326}
319 327
320/* This is an internal function that can be used instead of bn_expand2() 328/* This is an internal function that can be used instead of bn_expand2()
321 * when there is a need to copy BIGNUMs instead of only expanding the 329 * when there is a need to copy BIGNUMs instead of only expanding the
@@ -329,8 +337,9 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
329 */ 337 */
330 338
331#ifndef OPENSSL_NO_DEPRECATED 339#ifndef OPENSSL_NO_DEPRECATED
332BIGNUM *bn_dup_expand(const BIGNUM *b, int words) 340BIGNUM *
333 { 341bn_dup_expand(const BIGNUM *b, int words)
342{
334 BIGNUM *r = NULL; 343 BIGNUM *r = NULL;
335 344
336 bn_check_top(b); 345 bn_check_top(b);
@@ -341,37 +350,30 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
341 * (But bn_dup_expand() is not used anywhere yet.) 350 * (But bn_dup_expand() is not used anywhere yet.)
342 */ 351 */
343 352
344 if (words > b->dmax) 353 if (words > b->dmax) {
345 {
346 BN_ULONG *a = bn_expand_internal(b, words); 354 BN_ULONG *a = bn_expand_internal(b, words);
347 355
348 if (a) 356 if (a) {
349 {
350 r = BN_new(); 357 r = BN_new();
351 if (r) 358 if (r) {
352 {
353 r->top = b->top; 359 r->top = b->top;
354 r->dmax = words; 360 r->dmax = words;
355 r->neg = b->neg; 361 r->neg = b->neg;
356 r->d = a; 362 r->d = a;
357 } 363 } else {
358 else
359 {
360 /* r == NULL, BN_new failure */ 364 /* r == NULL, BN_new failure */
361 free(a); 365 free(a);
362 }
363 } 366 }
367 }
364 /* If a == NULL, there was an error in allocation in 368 /* If a == NULL, there was an error in allocation in
365 bn_expand_internal(), and NULL should be returned */ 369 bn_expand_internal(), and NULL should be returned */
366 } 370 } else {
367 else
368 {
369 r = BN_dup(b); 371 r = BN_dup(b);
370 } 372 }
371 373
372 bn_check_top(r); 374 bn_check_top(r);
373 return r; 375 return r;
374 } 376}
375#endif 377#endif
376 378
377/* This is an internal function that should not be used in applications. 379/* This is an internal function that should not be used in applications.
@@ -380,103 +382,121 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
380 * It is mostly used by the various BIGNUM routines. If there is an error, 382 * It is mostly used by the various BIGNUM routines. If there is an error,
381 * NULL is returned. If not, 'b' is returned. */ 383 * NULL is returned. If not, 'b' is returned. */
382 384
383BIGNUM *bn_expand2(BIGNUM *b, int words) 385BIGNUM *
384 { 386bn_expand2(BIGNUM *b, int words)
387{
385 bn_check_top(b); 388 bn_check_top(b);
386 389
387 if (words > b->dmax) 390 if (words > b->dmax) {
388 {
389 BN_ULONG *a = bn_expand_internal(b, words); 391 BN_ULONG *a = bn_expand_internal(b, words);
390 if(!a) return NULL; 392 if (!a)
391 if(b->d) { 393 return NULL;
394 if (b->d) {
392 OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0])); 395 OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
393 free(b->d); 396 free(b->d);
394 } 397 }
395 b->d=a; 398 b->d = a;
396 b->dmax=words; 399 b->dmax = words;
397 } 400 }
398 401
399/* None of this should be necessary because of what b->top means! */ 402/* None of this should be necessary because of what b->top means! */
400#if 0 403#if 0
401 /* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */ 404 /* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */
402 if (b->top < b->dmax) 405 if (b->top < b->dmax) {
403 {
404 int i; 406 int i;
405 BN_ULONG *A = &(b->d[b->top]); 407 BN_ULONG *A = &(b->d[b->top]);
406 for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) 408 for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
407 { 409 A[0] = 0;
408 A[0]=0; A[1]=0; A[2]=0; A[3]=0; 410 A[1] = 0;
409 A[4]=0; A[5]=0; A[6]=0; A[7]=0; 411 A[2] = 0;
410 } 412 A[3] = 0;
411 for (i=(b->dmax - b->top)&7; i>0; i--,A++) 413 A[4] = 0;
412 A[0]=0; 414 A[5] = 0;
415 A[6] = 0;
416 A[7] = 0;
417 }
418 for (i = (b->dmax - b->top)&7; i > 0; i--, A++)
419 A[0] = 0;
413 assert(A == &(b->d[b->dmax])); 420 assert(A == &(b->d[b->dmax]));
414 } 421 }
415#endif 422#endif
416 bn_check_top(b); 423 bn_check_top(b);
417 return b; 424 return b;
418 } 425}
419 426
420BIGNUM *BN_dup(const BIGNUM *a) 427BIGNUM *
421 { 428BN_dup(const BIGNUM *a)
429{
422 BIGNUM *t; 430 BIGNUM *t;
423 431
424 if (a == NULL) return NULL; 432 if (a == NULL)
433 return NULL;
425 bn_check_top(a); 434 bn_check_top(a);
426 435
427 t = BN_new(); 436 t = BN_new();
428 if (t == NULL) return NULL; 437 if (t == NULL)
429 if(!BN_copy(t, a)) 438 return NULL;
430 { 439 if (!BN_copy(t, a)) {
431 BN_free(t); 440 BN_free(t);
432 return NULL; 441 return NULL;
433 } 442 }
434 bn_check_top(t); 443 bn_check_top(t);
435 return t; 444 return t;
436 } 445}
437 446
438BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) 447BIGNUM *
439 { 448BN_copy(BIGNUM *a, const BIGNUM *b)
449{
440 int i; 450 int i;
441 BN_ULONG *A; 451 BN_ULONG *A;
442 const BN_ULONG *B; 452 const BN_ULONG *B;
443 453
444 bn_check_top(b); 454 bn_check_top(b);
445 455
446 if (a == b) return(a); 456 if (a == b)
447 if (bn_wexpand(a,b->top) == NULL) return(NULL); 457 return (a);
458 if (bn_wexpand(a, b->top) == NULL)
459 return (NULL);
448 460
449#if 1 461#if 1
450 A=a->d; 462 A = a->d;
451 B=b->d; 463 B = b->d;
452 for (i=b->top>>2; i>0; i--,A+=4,B+=4) 464 for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
453 { 465 BN_ULONG a0, a1, a2, a3;
454 BN_ULONG a0,a1,a2,a3; 466 a0 = B[0];
455 a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; 467 a1 = B[1];
456 A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; 468 a2 = B[2];
457 } 469 a3 = B[3];
458 switch (b->top&3) 470 A[0] = a0;
459 { 471 A[1] = a1;
460 case 3: A[2]=B[2]; 472 A[2] = a2;
461 case 2: A[1]=B[1]; 473 A[3] = a3;
462 case 1: A[0]=B[0]; 474 }
463 } 475 switch (b->top & 3) {
476 case 3:
477 A[2] = B[2];
478 case 2:
479 A[1] = B[1];
480 case 1:
481 A[0] = B[0];
482 }
464#else 483#else
465 memcpy(a->d,b->d,sizeof(b->d[0])*b->top); 484 memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
466#endif 485#endif
467 486
468 a->top=b->top; 487 a->top = b->top;
469 a->neg=b->neg; 488 a->neg = b->neg;
470 bn_check_top(a); 489 bn_check_top(a);
471 return(a); 490 return (a);
472 } 491}
473 492
474void BN_swap(BIGNUM *a, BIGNUM *b) 493void
475 { 494BN_swap(BIGNUM *a, BIGNUM *b)
495{
476 int flags_old_a, flags_old_b; 496 int flags_old_a, flags_old_b;
477 BN_ULONG *tmp_d; 497 BN_ULONG *tmp_d;
478 int tmp_top, tmp_dmax, tmp_neg; 498 int tmp_top, tmp_dmax, tmp_neg;
479 499
480 bn_check_top(a); 500 bn_check_top(a);
481 bn_check_top(b); 501 bn_check_top(b);
482 502
@@ -487,270 +507,295 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
487 tmp_top = a->top; 507 tmp_top = a->top;
488 tmp_dmax = a->dmax; 508 tmp_dmax = a->dmax;
489 tmp_neg = a->neg; 509 tmp_neg = a->neg;
490 510
491 a->d = b->d; 511 a->d = b->d;
492 a->top = b->top; 512 a->top = b->top;
493 a->dmax = b->dmax; 513 a->dmax = b->dmax;
494 a->neg = b->neg; 514 a->neg = b->neg;
495 515
496 b->d = tmp_d; 516 b->d = tmp_d;
497 b->top = tmp_top; 517 b->top = tmp_top;
498 b->dmax = tmp_dmax; 518 b->dmax = tmp_dmax;
499 b->neg = tmp_neg; 519 b->neg = tmp_neg;
500 520
501 a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); 521 a->flags = (flags_old_a & BN_FLG_MALLOCED) |
502 b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); 522 (flags_old_b & BN_FLG_STATIC_DATA);
523 b->flags = (flags_old_b & BN_FLG_MALLOCED) |
524 (flags_old_a & BN_FLG_STATIC_DATA);
503 bn_check_top(a); 525 bn_check_top(a);
504 bn_check_top(b); 526 bn_check_top(b);
505 } 527}
506 528
507void BN_clear(BIGNUM *a) 529void
508 { 530BN_clear(BIGNUM *a)
531{
509 bn_check_top(a); 532 bn_check_top(a);
510 if (a->d != NULL) 533 if (a->d != NULL)
511 memset(a->d,0,a->dmax*sizeof(a->d[0])); 534 memset(a->d, 0, a->dmax * sizeof(a->d[0]));
512 a->top=0; 535 a->top = 0;
513 a->neg=0; 536 a->neg = 0;
514 } 537}
515 538
516BN_ULONG BN_get_word(const BIGNUM *a) 539BN_ULONG
517 { 540BN_get_word(const BIGNUM *a)
541{
518 if (a->top > 1) 542 if (a->top > 1)
519 return BN_MASK2; 543 return BN_MASK2;
520 else if (a->top == 1) 544 else if (a->top == 1)
521 return a->d[0]; 545 return a->d[0];
522 /* a->top == 0 */ 546 /* a->top == 0 */
523 return 0; 547 return 0;
524 } 548}
525 549
526int BN_set_word(BIGNUM *a, BN_ULONG w) 550int
527 { 551BN_set_word(BIGNUM *a, BN_ULONG w)
552{
528 bn_check_top(a); 553 bn_check_top(a);
529 if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0); 554 if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
555 return (0);
530 a->neg = 0; 556 a->neg = 0;
531 a->d[0] = w; 557 a->d[0] = w;
532 a->top = (w ? 1 : 0); 558 a->top = (w ? 1 : 0);
533 bn_check_top(a); 559 bn_check_top(a);
534 return(1); 560 return (1);
535 } 561}
536 562
537BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) 563BIGNUM *
538 { 564BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
539 unsigned int i,m; 565{
566 unsigned int i, m;
540 unsigned int n; 567 unsigned int n;
541 BN_ULONG l; 568 BN_ULONG l;
542 BIGNUM *bn = NULL; 569 BIGNUM *bn = NULL;
543 570
544 if (ret == NULL) 571 if (ret == NULL)
545 ret = bn = BN_new(); 572 ret = bn = BN_new();
546 if (ret == NULL) return(NULL); 573 if (ret == NULL)
574 return (NULL);
547 bn_check_top(ret); 575 bn_check_top(ret);
548 l=0; 576 l = 0;
549 n=len; 577 n = len;
550 if (n == 0) 578 if (n == 0) {
551 { 579 ret->top = 0;
552 ret->top=0; 580 return (ret);
553 return(ret); 581 }
554 } 582 i = ((n - 1) / BN_BYTES) + 1;
555 i=((n-1)/BN_BYTES)+1; 583 m = ((n - 1) % (BN_BYTES));
556 m=((n-1)%(BN_BYTES)); 584 if (bn_wexpand(ret, (int)i) == NULL) {
557 if (bn_wexpand(ret, (int)i) == NULL) 585 if (bn)
558 { 586 BN_free(bn);
559 if (bn) BN_free(bn);
560 return NULL; 587 return NULL;
588 }
589 ret->top = i;
590 ret->neg = 0;
591 while (n--) {
592 l = (l << 8L) | *(s++);
593 if (m-- == 0) {
594 ret->d[--i] = l;
595 l = 0;
596 m = BN_BYTES - 1;
561 } 597 }
562 ret->top=i; 598 }
563 ret->neg=0;
564 while (n--)
565 {
566 l=(l<<8L)| *(s++);
567 if (m-- == 0)
568 {
569 ret->d[--i]=l;
570 l=0;
571 m=BN_BYTES-1;
572 }
573 }
574 /* need to call this due to clear byte at top if avoiding 599 /* need to call this due to clear byte at top if avoiding
575 * having the top bit set (-ve number) */ 600 * having the top bit set (-ve number) */
576 bn_correct_top(ret); 601 bn_correct_top(ret);
577 return(ret); 602 return (ret);
578 } 603}
579 604
580/* ignore negative */ 605/* ignore negative */
581int BN_bn2bin(const BIGNUM *a, unsigned char *to) 606int
582 { 607BN_bn2bin(const BIGNUM *a, unsigned char *to)
583 int n,i; 608{
609 int n, i;
584 BN_ULONG l; 610 BN_ULONG l;
585 611
586 bn_check_top(a); 612 bn_check_top(a);
587 n=i=BN_num_bytes(a); 613 n = i=BN_num_bytes(a);
588 while (i--) 614 while (i--) {
589 { 615 l = a->d[i / BN_BYTES];
590 l=a->d[i/BN_BYTES]; 616 *(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
591 *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
592 }
593 return(n);
594 } 617 }
618 return (n);
619}
595 620
596int BN_ucmp(const BIGNUM *a, const BIGNUM *b) 621int
597 { 622BN_ucmp(const BIGNUM *a, const BIGNUM *b)
623{
598 int i; 624 int i;
599 BN_ULONG t1,t2,*ap,*bp; 625 BN_ULONG t1, t2, *ap, *bp;
600 626
601 bn_check_top(a); 627 bn_check_top(a);
602 bn_check_top(b); 628 bn_check_top(b);
603 629
604 i=a->top-b->top; 630 i = a->top - b->top;
605 if (i != 0) return(i); 631 if (i != 0)
606 ap=a->d; 632 return (i);
607 bp=b->d; 633 ap = a->d;
608 for (i=a->top-1; i>=0; i--) 634 bp = b->d;
609 { 635 for (i = a->top - 1; i >= 0; i--) {
610 t1= ap[i]; 636 t1 = ap[i];
611 t2= bp[i]; 637 t2 = bp[i];
612 if (t1 != t2) 638 if (t1 != t2)
613 return((t1 > t2) ? 1 : -1); 639 return ((t1 > t2) ? 1 : -1);
614 }
615 return(0);
616 } 640 }
641 return (0);
642}
617 643
618int BN_cmp(const BIGNUM *a, const BIGNUM *b) 644int
619 { 645BN_cmp(const BIGNUM *a, const BIGNUM *b)
646{
620 int i; 647 int i;
621 int gt,lt; 648 int gt, lt;
622 BN_ULONG t1,t2; 649 BN_ULONG t1, t2;
623 650
624 if ((a == NULL) || (b == NULL)) 651 if ((a == NULL) || (b == NULL)) {
625 {
626 if (a != NULL) 652 if (a != NULL)
627 return(-1); 653 return (-1);
628 else if (b != NULL) 654 else if (b != NULL)
629 return(1); 655 return (1);
630 else 656 else
631 return(0); 657 return (0);
632 } 658 }
633 659
634 bn_check_top(a); 660 bn_check_top(a);
635 bn_check_top(b); 661 bn_check_top(b);
636 662
637 if (a->neg != b->neg) 663 if (a->neg != b->neg) {
638 {
639 if (a->neg) 664 if (a->neg)
640 return(-1); 665 return (-1);
641 else return(1); 666 else
642 } 667 return (1);
643 if (a->neg == 0) 668 }
644 { gt=1; lt= -1; } 669 if (a->neg == 0) {
645 else { gt= -1; lt=1; } 670 gt = 1;
646 671 lt = -1;
647 if (a->top > b->top) return(gt); 672 } else {
648 if (a->top < b->top) return(lt); 673 gt = -1;
649 for (i=a->top-1; i>=0; i--) 674 lt = 1;
650 {
651 t1=a->d[i];
652 t2=b->d[i];
653 if (t1 > t2) return(gt);
654 if (t1 < t2) return(lt);
655 }
656 return(0);
657 } 675 }
658 676
659int BN_set_bit(BIGNUM *a, int n) 677 if (a->top > b->top)
660 { 678 return (gt);
661 int i,j,k; 679 if (a->top < b->top)
680 return (lt);
681 for (i = a->top - 1; i >= 0; i--) {
682 t1 = a->d[i];
683 t2 = b->d[i];
684 if (t1 > t2)
685 return (gt);
686 if (t1 < t2)
687 return (lt);
688 }
689 return (0);
690}
691
692int
693BN_set_bit(BIGNUM *a, int n)
694{
695 int i, j, k;
662 696
663 if (n < 0) 697 if (n < 0)
664 return 0; 698 return 0;
665 699
666 i=n/BN_BITS2; 700 i = n / BN_BITS2;
667 j=n%BN_BITS2; 701 j = n % BN_BITS2;
668 if (a->top <= i) 702 if (a->top <= i) {
669 { 703 if (bn_wexpand(a, i + 1) == NULL)
670 if (bn_wexpand(a,i+1) == NULL) return(0); 704 return (0);
671 for(k=a->top; k<i+1; k++) 705 for (k = a->top; k < i + 1; k++)
672 a->d[k]=0; 706 a->d[k] = 0;
673 a->top=i+1; 707 a->top = i + 1;
674 } 708 }
675 709
676 a->d[i]|=(((BN_ULONG)1)<<j); 710 a->d[i] |= (((BN_ULONG)1) << j);
677 bn_check_top(a); 711 bn_check_top(a);
678 return(1); 712 return (1);
679 } 713}
680 714
681int BN_clear_bit(BIGNUM *a, int n) 715int
682 { 716BN_clear_bit(BIGNUM *a, int n)
683 int i,j; 717{
718 int i, j;
684 719
685 bn_check_top(a); 720 bn_check_top(a);
686 if (n < 0) return 0; 721 if (n < 0)
722 return 0;
687 723
688 i=n/BN_BITS2; 724 i = n / BN_BITS2;
689 j=n%BN_BITS2; 725 j = n % BN_BITS2;
690 if (a->top <= i) return(0); 726 if (a->top <= i)
727 return (0);
691 728
692 a->d[i]&=(~(((BN_ULONG)1)<<j)); 729 a->d[i] &= (~(((BN_ULONG)1) << j));
693 bn_correct_top(a); 730 bn_correct_top(a);
694 return(1); 731 return (1);
695 } 732}
696 733
697int BN_is_bit_set(const BIGNUM *a, int n) 734int
698 { 735BN_is_bit_set(const BIGNUM *a, int n)
699 int i,j; 736{
737 int i, j;
700 738
701 bn_check_top(a); 739 bn_check_top(a);
702 if (n < 0) return 0; 740 if (n < 0)
703 i=n/BN_BITS2; 741 return 0;
704 j=n%BN_BITS2; 742 i = n / BN_BITS2;
705 if (a->top <= i) return 0; 743 j = n % BN_BITS2;
706 return (int)(((a->d[i])>>j)&((BN_ULONG)1)); 744 if (a->top <= i)
707 } 745 return 0;
746 return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
747}
708 748
709int BN_mask_bits(BIGNUM *a, int n) 749int
710 { 750BN_mask_bits(BIGNUM *a, int n)
711 int b,w; 751{
752 int b, w;
712 753
713 bn_check_top(a); 754 bn_check_top(a);
714 if (n < 0) return 0; 755 if (n < 0)
756 return 0;
715 757
716 w=n/BN_BITS2; 758 w = n / BN_BITS2;
717 b=n%BN_BITS2; 759 b = n % BN_BITS2;
718 if (w >= a->top) return 0; 760 if (w >= a->top)
761 return 0;
719 if (b == 0) 762 if (b == 0)
720 a->top=w; 763 a->top = w;
721 else 764 else {
722 { 765 a->top = w + 1;
723 a->top=w+1; 766 a->d[w] &= ~(BN_MASK2 << b);
724 a->d[w]&= ~(BN_MASK2<<b);
725 }
726 bn_correct_top(a);
727 return(1);
728 } 767 }
768 bn_correct_top(a);
769 return (1);
770}
729 771
730void BN_set_negative(BIGNUM *a, int b) 772void
731 { 773BN_set_negative(BIGNUM *a, int b)
774{
732 if (b && !BN_is_zero(a)) 775 if (b && !BN_is_zero(a))
733 a->neg = 1; 776 a->neg = 1;
734 else 777 else
735 a->neg = 0; 778 a->neg = 0;
736 } 779}
737 780
738int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) 781int
739 { 782bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
783{
740 int i; 784 int i;
741 BN_ULONG aa,bb; 785 BN_ULONG aa, bb;
742 786
743 aa=a[n-1]; 787 aa = a[n - 1];
744 bb=b[n-1]; 788 bb = b[n - 1];
745 if (aa != bb) return((aa > bb)?1:-1); 789 if (aa != bb)
746 for (i=n-2; i>=0; i--) 790 return ((aa > bb) ? 1 : -1);
747 { 791 for (i = n - 2; i >= 0; i--) {
748 aa=a[i]; 792 aa = a[i];
749 bb=b[i]; 793 bb = b[i];
750 if (aa != bb) return((aa > bb)?1:-1); 794 if (aa != bb)
751 } 795 return ((aa > bb) ? 1 : -1);
752 return(0);
753 } 796 }
797 return (0);
798}
754 799
755/* Here follows a specialised variants of bn_cmp_words(). It has the 800/* Here follows a specialised variants of bn_cmp_words(). It has the
756 property of performing the operation on arrays of different sizes. 801 property of performing the operation on arrays of different sizes.
@@ -759,40 +804,38 @@ int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
759 delta between the two lengths, calculated as len(a)-len(b). 804 delta between the two lengths, calculated as len(a)-len(b).
760 All lengths are the number of BN_ULONGs... */ 805 All lengths are the number of BN_ULONGs... */
761 806
762int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, 807int
763 int cl, int dl) 808bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
764 { 809{
765 int n,i; 810 int n, i;
766 n = cl-1; 811
767 812 n = cl - 1;
768 if (dl < 0) 813
769 { 814 if (dl < 0) {
770 for (i=dl; i<0; i++) 815 for (i = dl; i < 0; i++) {
771 { 816 if (b[n - i] != 0)
772 if (b[n-i] != 0)
773 return -1; /* a < b */ 817 return -1; /* a < b */
774 }
775 } 818 }
776 if (dl > 0) 819 }
777 { 820 if (dl > 0) {
778 for (i=dl; i>0; i--) 821 for (i = dl; i > 0; i--) {
779 { 822 if (a[n + i] != 0)
780 if (a[n+i] != 0)
781 return 1; /* a > b */ 823 return 1; /* a > b */
782 }
783 } 824 }
784 return bn_cmp_words(a,b,cl);
785 } 825 }
826 return bn_cmp_words(a, b, cl);
827}
786 828
787/* 829/*
788 * Constant-time conditional swap of a and b. 830 * Constant-time conditional swap of a and b.
789 * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. 831 * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
790 * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, 832 * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
791 * and that no more than nwords are used by either a or b. 833 * and that no more than nwords are used by either a or b.
792 * a and b cannot be the same number 834 * a and b cannot be the same number
793 */ 835 */
794void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) 836void
795 { 837BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
838{
796 BN_ULONG t; 839 BN_ULONG t;
797 int i; 840 int i;
798 841
@@ -819,7 +862,7 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
819 862
820 switch (nwords) { 863 switch (nwords) {
821 default: 864 default:
822 for (i = 10; i < nwords; i++) 865 for (i = 10; i < nwords; i++)
823 BN_CONSTTIME_SWAP(i); 866 BN_CONSTTIME_SWAP(i);
824 /* Fallthrough */ 867 /* Fallthrough */
825 case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ 868 case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */
@@ -831,7 +874,8 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
831 case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ 874 case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */
832 case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ 875 case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */
833 case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ 876 case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */
834 case 1: BN_CONSTTIME_SWAP(0); 877 case 1:
878 BN_CONSTTIME_SWAP(0);
835 } 879 }
836#undef BN_CONSTTIME_SWAP 880#undef BN_CONSTTIME_SWAP
837} 881}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 05:05:07 +0000