diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_mod.c | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c index 8a660ff0dc..4a62715974 100644 --- a/src/lib/libcrypto/bn/bn_mod.c +++ b/src/lib/libcrypto/bn/bn_mod.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_mod.c,v 1.16 2023/02/03 04:55:13 jsing Exp $ */ | 1 | /* $OpenBSD: bn_mod.c,v 1.17 2023/02/03 05:06:20 jsing Exp $ */ |
| 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> | 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> |
| 3 | * for the OpenSSL project. */ | 3 | * for the OpenSSL project. */ |
| 4 | /* ==================================================================== | 4 | /* ==================================================================== |
| @@ -152,8 +152,10 @@ BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, | |||
| 152 | return BN_nnmod(r, r, m, ctx); | 152 | return BN_nnmod(r, r, m, ctx); |
| 153 | } | 153 | } |
| 154 | 154 | ||
| 155 | /* BN_mod_add variant that may be used if both a and b are non-negative | 155 | /* |
| 156 | * and less than m */ | 156 | * BN_mod_add() variant that may only be used if both a and b are non-negative |
| 157 | * and have already been reduced (less than m). | ||
| 158 | */ | ||
| 157 | int | 159 | int |
| 158 | BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) | 160 | BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) |
| 159 | { | 161 | { |
| @@ -173,16 +175,18 @@ BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, | |||
| 173 | return BN_nnmod(r, r, m, ctx); | 175 | return BN_nnmod(r, r, m, ctx); |
| 174 | } | 176 | } |
| 175 | 177 | ||
| 176 | /* BN_mod_sub variant that may be used if both a and b are non-negative | 178 | /* |
| 177 | * and less than m */ | 179 | * BN_mod_sub() variant that may only be used if both a and b are non-negative |
| 180 | * and have already been reduced (less than m). | ||
| 181 | */ | ||
| 178 | int | 182 | int |
| 179 | BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) | 183 | BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) |
| 180 | { | 184 | { |
| 181 | if (!BN_sub(r, a, b)) | 185 | if (BN_ucmp(a, b) >= 0) |
| 186 | return BN_usub(r, a, b); | ||
| 187 | if (!BN_usub(r, b, a)) | ||
| 182 | return 0; | 188 | return 0; |
| 183 | if (r->neg) | 189 | return BN_usub(r, m, r); |
| 184 | return BN_add(r, r, m); | ||
| 185 | return 1; | ||
| 186 | } | 190 | } |
| 187 | 191 | ||
| 188 | /* slow but works */ | 192 | /* slow but works */ |
| @@ -230,15 +234,17 @@ BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) | |||
| 230 | return BN_nnmod(r, r, m, ctx); | 234 | return BN_nnmod(r, r, m, ctx); |
| 231 | } | 235 | } |
| 232 | 236 | ||
| 233 | /* BN_mod_lshift1 variant that may be used if a is non-negative | 237 | /* |
| 234 | * and less than m */ | 238 | * BN_mod_lshift1() variant that may be used if a is non-negative |
| 239 | * and has already been reduced (less than m). | ||
| 240 | */ | ||
| 235 | int | 241 | int |
| 236 | BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) | 242 | BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) |
| 237 | { | 243 | { |
| 238 | if (!BN_lshift1(r, a)) | 244 | if (!BN_lshift1(r, a)) |
| 239 | return 0; | 245 | return 0; |
| 240 | if (BN_cmp(r, m) >= 0) | 246 | if (BN_ucmp(r, m) >= 0) |
| 241 | return BN_sub(r, r, m); | 247 | return BN_usub(r, r, m); |
| 242 | return 1; | 248 | return 1; |
| 243 | } | 249 | } |
| 244 | 250 | ||