1 files changed, 25 insertions, 20 deletions
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 32ac7ae606..b792250fbc 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.74 2023/02/14 18:01:15 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.75 2023/02/14 18:06:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -220,26 +220,31 @@ BN_value_one(void)
        return (&const_one);
 }
+#ifndef HAVE_BN_WORD_CLZ
 int
-BN_num_bits_word(BN_ULONG l)
+bn_word_clz(BN_ULONG w)
-{
+{
-        BN_ULONG x, mask;
+        BN_ULONG bits, mask, shift;
-        int bits;
-        unsigned int shift;
+        bits = shift = BN_BITS2;
+        mask = 0;
-        /* Constant time calculation of floor(log2(l)) + 1. */
-        bits = (l != 0);
+        while ((shift >>= 1) != 0) {
-        shift = BN_BITS4;       /* On _LP64 this is 32, otherwise 16. */
+                bits += (shift & mask) - (shift & ~mask);
-        do {
+                mask = bn_ct_ne_zero_mask(w >> bits);
-                x = l >> shift;
+        }
-                /* If x is 0, set mask to 0, otherwise set it to all 1s. */
+        bits += 1 & mask;
-                mask = ((~x & (x - 1)) >> (BN_BITS2 - 1)) - 1;
-                bits += shift & mask;
+        bits -= bn_ct_eq_zero(w);
-                /* If x is 0, leave l alone, otherwise set l = x. */
-                l ^= (x ^ l) & mask;
+        return BN_BITS2 - bits;
-        } while ((shift /= 2) != 0);
+}
+#endif
-        return bits;
+int
+BN_num_bits_word(BN_ULONG w)
+{
+        return BN_BITS2 - bn_word_clz(w);
 }
 int

diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index 32ac7ae606..b792250fbc 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_lib.c,v 1.74 2023/02/14 18:01:15 jsing Exp $ */	1	/* $OpenBSD: bn_lib.c,v 1.75 2023/02/14 18:06:06 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -220,26 +220,31 @@ BN_value_one(void)
220	return (&const_one);	220	return (&const_one);
221	}	221	}
222		222
		223	#ifndef HAVE_BN_WORD_CLZ
223	int	224	int
224	BN_num_bits_word(BN_ULONG l)	225	bn_word_clz(BN_ULONG w)
225	{	226	{
226	BN_ULONG x, mask;	227	BN_ULONG bits, mask, shift;
227	int bits;	228
228	unsigned int shift;	229	bits = shift = BN_BITS2;
229		230	mask = 0;
230	/* Constant time calculation of floor(log2(l)) + 1. */	231
231	bits = (l != 0);	232	while ((shift >>= 1) != 0) {
232	shift = BN_BITS4; /* On _LP64 this is 32, otherwise 16. */	233	bits += (shift & mask) - (shift & ~mask);
233	do {	234	mask = bn_ct_ne_zero_mask(w >> bits);
234	x = l >> shift;	235	}
235	/* If x is 0, set mask to 0, otherwise set it to all 1s. */	236	bits += 1 & mask;
236	mask = ((~x & (x - 1)) >> (BN_BITS2 - 1)) - 1;	237
237	bits += shift & mask;	238	bits -= bn_ct_eq_zero(w);
238	/* If x is 0, leave l alone, otherwise set l = x. */	239
239	l ^= (x ^ l) & mask;	240	return BN_BITS2 - bits;
240	} while ((shift /= 2) != 0);	241	}
241		242	#endif
242	return bits;	243
		244	int
		245	BN_num_bits_word(BN_ULONG w)
		246	{
		247	return BN_BITS2 - bn_word_clz(w);
243	}	248	}
244		249
245	int	250	int