summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bn_mont.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/bn/bn_mont.c')
-rw-r--r--src/lib/libcrypto/bn/bn_mont.c55
1 files changed, 54 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
index f8b870266c..8b364ff716 100644
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ b/src/lib/libcrypto/bn/bn_mont.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_mont.c,v 1.33 2023/01/16 16:53:19 jsing Exp $ */ 1/* $OpenBSD: bn_mont.c,v 1.34 2023/01/28 17:07:02 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -121,6 +121,59 @@
121 121
122#include "bn_local.h" 122#include "bn_local.h"
123 123
124#ifdef OPENSSL_NO_ASM
125#ifdef OPENSSL_BN_ASM_MONT
126int
127bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
128 const BN_ULONG *np, const BN_ULONG *n0p, int num)
129{
130 BN_ULONG c0, c1, *tp, n0 = *n0p;
131 int i = 0, j;
132
133 tp = calloc(NULL, num + 2, sizeof(BN_ULONG));
134 if (tp == NULL)
135 return 0;
136
137 for (i = 0; i < num; i++) {
138 c0 = bn_mul_add_words(tp, ap, num, bp[i]);
139 c1 = (tp[num] + c0) & BN_MASK2;
140 tp[num] = c1;
141 tp[num + 1] = (c1 < c0 ? 1 : 0);
142
143 c0 = bn_mul_add_words(tp, np, num, tp[0] * n0);
144 c1 = (tp[num] + c0) & BN_MASK2;
145 tp[num] = c1;
146 tp[num + 1] += (c1 < c0 ? 1 : 0);
147 for (j = 0; j <= num; j++)
148 tp[j] = tp[j + 1];
149 }
150
151 if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
152 c0 = bn_sub_words(rp, tp, np, num);
153 if (tp[num] != 0 || c0 == 0) {
154 goto out;
155 }
156 }
157 memcpy(rp, tp, num * sizeof(BN_ULONG));
158out:
159 freezero(tp, (num + 2) * sizeof(BN_ULONG));
160 return 1;
161}
162#else /* !OPENSSL_BN_ASM_MONT */
163int
164bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
165 const BN_ULONG *np, const BN_ULONG *n0, int num)
166{
167 /*
168 * Return value of 0 indicates that multiplication/convolution was not
169 * performed to signal the caller to fall down to alternative/original
170 * code-path.
171 */
172 return 0;
173}
174#endif /* !OPENSSL_BN_ASM_MONT */
175#endif /* OPENSSL_NO_ASM */
176
124#define MONT_WORD /* use the faster word-based algorithm */ 177#define MONT_WORD /* use the faster word-based algorithm */
125 178
126#ifdef MONT_WORD 179#ifdef MONT_WORD