1 files changed, 56 insertions, 44 deletions
diff --git a/src/lib/libcrypto/ec/ecp_nistputil.c b/src/lib/libcrypto/ec/ecp_nistputil.c
index c8140c807f..0312fb16ad 100644
--- a/src/lib/libcrypto/ec/ecp_nistputil.c
+++ b/src/lib/libcrypto/ec/ecp_nistputil.c
@@ -41,16 +41,17 @@
 * tmp_felems needs to point to a temporary array of 'num'+1 field elements
 * for storage of intermediate values.
 */
-void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+void 
-        size_t felem_size, void *tmp_felems,
+ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
-        void (*felem_one)(void *out),
+    size_t felem_size, void *tmp_felems,
-        int (*felem_is_zero)(const void *in),
+    void (*felem_one) (void *out),
-        void (*felem_assign)(void *out, const void *in),
+    int (*felem_is_zero) (const void *in),
-        void (*felem_square)(void *out, const void *in),
+    void (*felem_assign) (void *out, const void *in),
-        void (*felem_mul)(void *out, const void *in1, const void *in2),
+    void (*felem_square) (void *out, const void *in),
-        void (*felem_inv)(void *out, const void *in),
+    void (*felem_mul) (void *out, const void *in1, const void *in2),
-        void (*felem_contract)(void *out, const void *in))
+    void (*felem_inv) (void *out, const void *in),
-        {
+    void (*felem_contract) (void *out, const void *in))
+{
        int i = 0;
 #define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
@@ -62,50 +63,59 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
                felem_assign(tmp_felem(0), Z(0));
        else
                felem_one(tmp_felem(0));
-        for (i = 1; i < (int)num; i++)
+        for (i = 1; i < (int) num; i++) {
-                {
                if (!felem_is_zero(Z(i)))
-                        felem_mul(tmp_felem(i), tmp_felem(i-1), Z(i));
+                        felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
                else
-                        felem_assign(tmp_felem(i), tmp_felem(i-1));
+                        felem_assign(tmp_felem(i), tmp_felem(i - 1));
-                }
+        }
-        /* Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any zero-valued factors:
+        /*
-         * if Z(i) = 0, we essentially pretend that Z(i) = 1 */
+         * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
+         * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i)
+         * = 1
+         */
-        felem_inv(tmp_felem(num-1), tmp_felem(num-1));
+        felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
-        for (i = num - 1; i >= 0; i--)
+        for (i = num - 1; i >= 0; i--) {
-                {
                if (i > 0)
-                        /* tmp_felem(i-1) is the product of Z(0) .. Z(i-1),
+                        /*
-                         * tmp_felem(i) is the inverse of the product of Z(0) .. Z(i)
+                         * tmp_felem(i-1) is the product of Z(0) .. Z(i-1),
+                         * tmp_felem(i) is the inverse of the product of Z(0)
+                         * .. Z(i)
                         */
-                        felem_mul(tmp_felem(num), tmp_felem(i-1), tmp_felem(i)); /* 1/Z(i) */
+                        felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i));      /* 1/Z(i) */
                else
-                        felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */
+                        felem_assign(tmp_felem(num), tmp_felem(0));     /* 1/Z(0) */
-                if (!felem_is_zero(Z(i)))
+                if (!felem_is_zero(Z(i))) {
-                        {
                        if (i > 0)
-                                /* For next iteration, replace tmp_felem(i-1) by its inverse */
+                                /*
-                                felem_mul(tmp_felem(i-1), tmp_felem(i), Z(i));
+                                 * For next iteration, replace tmp_felem(i-1)
+                                 * by its inverse
+                                 */
+                                felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
-                        /* Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1) */
+                        /*
-                        felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */
+                         * Convert point (X, Y, Z) into affine form (X/(Z^2),
-                        felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */
+                         * Y/(Z^3), 1)
-                        felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */
+                         */
-                        felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */
+                        felem_square(Z(i), tmp_felem(num));     /* 1/(Z^2) */
+                        felem_mul(X(i), X(i), Z(i));    /* X/(Z^2) */
+                        felem_mul(Z(i), Z(i), tmp_felem(num));  /* 1/(Z^3) */
+                        felem_mul(Y(i), Y(i), Z(i));    /* Y/(Z^3) */
                        felem_contract(X(i), X(i));
                        felem_contract(Y(i), Y(i));
                        felem_one(Z(i));
-                        }
+                } else {
-                else
-                        {
                        if (i > 0)
-                                /* For next iteration, replace tmp_felem(i-1) by its inverse */
+                                /*
-                                felem_assign(tmp_felem(i-1), tmp_felem(i));
+                                 * For next iteration, replace tmp_felem(i-1)
-                        }
+                                 * by its inverse
+                                 */
+                                felem_assign(tmp_felem(i - 1), tmp_felem(i));
                }
        }
+}
 /*
 * This function looks at 5+1 scalar bits (5 current, 1 adjacent less
@@ -180,18 +190,20 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
 * has to be b_4 b_3 b_2 b_1 b_0 0.
 *
 */
-void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in)
+void 
-        {
+ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in)
+{
        unsigned char s, d;
-        s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as 6-bit value */
+        s = ~((in >> 5) - 1);   /* sets all bits to MSB(in), 'in' seen as
+                                 * 6-bit value */
        d = (1 << 6) - in - 1;
        d = (d & s) | (in & ~s);
        d = (d >> 1) + (d & 1);
        *sign = s & 1;
        *digit = d;
-        }
+}
 #else
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 #endif

diff --git a/src/lib/libcrypto/ec/ecp_nistputil.c b/src/lib/libcrypto/ec/ecp_nistputil.c index c8140c807f..0312fb16ad 100644 --- a/src/lib/libcrypto/ec/ecp_nistputil.c +++ b/src/lib/libcrypto/ec/ecp_nistputil.c
@@ -41,16 +41,17 @@
41	* tmp_felems needs to point to a temporary array of 'num'+1 field elements	41	* tmp_felems needs to point to a temporary array of 'num'+1 field elements
42	* for storage of intermediate values.	42	* for storage of intermediate values.
43	*/	43	*/
44	void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,	44	void
45	size_t felem_size, void *tmp_felems,	45	ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
46	void (felem_one)(void out),	46	size_t felem_size, void *tmp_felems,
47	int (felem_is_zero)(const void in),	47	void (felem_one) (void out),
48	void (felem_assign)(void out, const void *in),	48	int (felem_is_zero) (const void in),
49	void (felem_square)(void out, const void *in),	49	void (felem_assign) (void out, const void *in),
50	void (felem_mul)(void out, const void in1, const void in2),	50	void (felem_square) (void out, const void *in),
51	void (felem_inv)(void out, const void *in),	51	void (felem_mul) (void out, const void in1, const void in2),
52	void (felem_contract)(void out, const void *in))	52	void (felem_inv) (void out, const void *in),
53	{	53	void (felem_contract) (void out, const void *in))
		54	{
54	int i = 0;	55	int i = 0;
55		56
56	#define tmp_felem(I) (&((char )tmp_felems)[(I) felem_size])	57	#define tmp_felem(I) (&((char )tmp_felems)[(I) felem_size])
@@ -62,50 +63,59 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
62	felem_assign(tmp_felem(0), Z(0));	63	felem_assign(tmp_felem(0), Z(0));
63	else	64	else
64	felem_one(tmp_felem(0));	65	felem_one(tmp_felem(0));
65	for (i = 1; i < (int)num; i++)	66	for (i = 1; i < (int) num; i++) {
66	{
67	if (!felem_is_zero(Z(i)))	67	if (!felem_is_zero(Z(i)))
68	felem_mul(tmp_felem(i), tmp_felem(i-1), Z(i));	68	felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
69	else	69	else
70	felem_assign(tmp_felem(i), tmp_felem(i-1));	70	felem_assign(tmp_felem(i), tmp_felem(i - 1));
71	}	71	}
72	/* Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any zero-valued factors:	72	/*
73	* if Z(i) = 0, we essentially pretend that Z(i) = 1 */	73	* Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
		74	* zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i)
		75	* = 1
		76	*/
74		77
75	felem_inv(tmp_felem(num-1), tmp_felem(num-1));	78	felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
76	for (i = num - 1; i >= 0; i--)	79	for (i = num - 1; i >= 0; i--) {
77	{
78	if (i > 0)	80	if (i > 0)
79	/* tmp_felem(i-1) is the product of Z(0) .. Z(i-1),	81	/*
80	* tmp_felem(i) is the inverse of the product of Z(0) .. Z(i)	82	* tmp_felem(i-1) is the product of Z(0) .. Z(i-1),
		83	* tmp_felem(i) is the inverse of the product of Z(0)
		84	* .. Z(i)
81	*/	85	*/
82	felem_mul(tmp_felem(num), tmp_felem(i-1), tmp_felem(i)); /* 1/Z(i) */	86	felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i)); /* 1/Z(i) */
83	else	87	else
84	felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */	88	felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */
85		89
86	if (!felem_is_zero(Z(i)))	90	if (!felem_is_zero(Z(i))) {
87	{
88	if (i > 0)	91	if (i > 0)
89	/* For next iteration, replace tmp_felem(i-1) by its inverse */	92	/*
90	felem_mul(tmp_felem(i-1), tmp_felem(i), Z(i));	93	* For next iteration, replace tmp_felem(i-1)
		94	* by its inverse
		95	*/
		96	felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
91		97
92	/* Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1) */	98	/*
93	felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */	99	* Convert point (X, Y, Z) into affine form (X/(Z^2),
94	felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */	100	* Y/(Z^3), 1)
95	felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */	101	*/
96	felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */	102	felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */
		103	felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */
		104	felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */
		105	felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */
97	felem_contract(X(i), X(i));	106	felem_contract(X(i), X(i));
98	felem_contract(Y(i), Y(i));	107	felem_contract(Y(i), Y(i));
99	felem_one(Z(i));	108	felem_one(Z(i));
100	}	109	} else {
101	else
102	{
103	if (i > 0)	110	if (i > 0)
104	/* For next iteration, replace tmp_felem(i-1) by its inverse */	111	/*
105	felem_assign(tmp_felem(i-1), tmp_felem(i));	112	* For next iteration, replace tmp_felem(i-1)
106	}	113	* by its inverse
		114	*/
		115	felem_assign(tmp_felem(i - 1), tmp_felem(i));
107	}	116	}
108	}	117	}
		118	}
109		119
110	/*	120	/*
111	* This function looks at 5+1 scalar bits (5 current, 1 adjacent less	121	* This function looks at 5+1 scalar bits (5 current, 1 adjacent less
@@ -180,18 +190,20 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
180	* has to be b_4 b_3 b_2 b_1 b_0 0.	190	* has to be b_4 b_3 b_2 b_1 b_0 0.
181	*	191	*
182	*/	192	*/
183	void ec_GFp_nistp_recode_scalar_bits(unsigned char sign, unsigned char digit, unsigned char in)	193	void
184	{	194	ec_GFp_nistp_recode_scalar_bits(unsigned char sign, unsigned char digit, unsigned char in)
		195	{
185	unsigned char s, d;	196	unsigned char s, d;
186		197
187	s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as 6-bit value */	198	s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as
		199	* 6-bit value */
188	d = (1 << 6) - in - 1;	200	d = (1 << 6) - in - 1;
189	d = (d & s) \| (in & ~s);	201	d = (d & s) \| (in & ~s);
190	d = (d >> 1) + (d & 1);	202	d = (d >> 1) + (d & 1);
191		203
192	*sign = s & 1;	204	*sign = s & 1;
193	*digit = d;	205	*digit = d;
194	}	206	}
195	#else	207	#else
196	static void *dummy=&dummy;	208	static void *dummy = &dummy;
197	#endif	209	#endif