diff options
Diffstat (limited to 'src/lib/libcrypto/bn/bn_mont.c')
-rw-r--r-- | src/lib/libcrypto/bn/bn_mont.c | 55 |
1 files changed, 54 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c index f8b870266c..8b364ff716 100644 --- a/src/lib/libcrypto/bn/bn_mont.c +++ b/src/lib/libcrypto/bn/bn_mont.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: bn_mont.c,v 1.33 2023/01/16 16:53:19 jsing Exp $ */ | 1 | /* $OpenBSD: bn_mont.c,v 1.34 2023/01/28 17:07:02 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -121,6 +121,59 @@ | |||
121 | 121 | ||
122 | #include "bn_local.h" | 122 | #include "bn_local.h" |
123 | 123 | ||
124 | #ifdef OPENSSL_NO_ASM | ||
125 | #ifdef OPENSSL_BN_ASM_MONT | ||
126 | int | ||
127 | bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, | ||
128 | const BN_ULONG *np, const BN_ULONG *n0p, int num) | ||
129 | { | ||
130 | BN_ULONG c0, c1, *tp, n0 = *n0p; | ||
131 | int i = 0, j; | ||
132 | |||
133 | tp = calloc(NULL, num + 2, sizeof(BN_ULONG)); | ||
134 | if (tp == NULL) | ||
135 | return 0; | ||
136 | |||
137 | for (i = 0; i < num; i++) { | ||
138 | c0 = bn_mul_add_words(tp, ap, num, bp[i]); | ||
139 | c1 = (tp[num] + c0) & BN_MASK2; | ||
140 | tp[num] = c1; | ||
141 | tp[num + 1] = (c1 < c0 ? 1 : 0); | ||
142 | |||
143 | c0 = bn_mul_add_words(tp, np, num, tp[0] * n0); | ||
144 | c1 = (tp[num] + c0) & BN_MASK2; | ||
145 | tp[num] = c1; | ||
146 | tp[num + 1] += (c1 < c0 ? 1 : 0); | ||
147 | for (j = 0; j <= num; j++) | ||
148 | tp[j] = tp[j + 1]; | ||
149 | } | ||
150 | |||
151 | if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) { | ||
152 | c0 = bn_sub_words(rp, tp, np, num); | ||
153 | if (tp[num] != 0 || c0 == 0) { | ||
154 | goto out; | ||
155 | } | ||
156 | } | ||
157 | memcpy(rp, tp, num * sizeof(BN_ULONG)); | ||
158 | out: | ||
159 | freezero(tp, (num + 2) * sizeof(BN_ULONG)); | ||
160 | return 1; | ||
161 | } | ||
162 | #else /* !OPENSSL_BN_ASM_MONT */ | ||
163 | int | ||
164 | bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, | ||
165 | const BN_ULONG *np, const BN_ULONG *n0, int num) | ||
166 | { | ||
167 | /* | ||
168 | * Return value of 0 indicates that multiplication/convolution was not | ||
169 | * performed to signal the caller to fall down to alternative/original | ||
170 | * code-path. | ||
171 | */ | ||
172 | return 0; | ||
173 | } | ||
174 | #endif /* !OPENSSL_BN_ASM_MONT */ | ||
175 | #endif /* OPENSSL_NO_ASM */ | ||
176 | |||
124 | #define MONT_WORD /* use the faster word-based algorithm */ | 177 | #define MONT_WORD /* use the faster word-based algorithm */ |
125 | 178 | ||
126 | #ifdef MONT_WORD | 179 | #ifdef MONT_WORD |