From 3adccdb355e2f651255227b11a6324730cb85e48 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 30 Aug 2025 07:16:06 +0000 Subject: Rework bn_sqr() to use bn_sqr_words(). Rework some of the squaring code so that it calls bn_sqr_words() and use this as the integration point for assembly. Convert bn_sqr_normal() to bn_sqr_words(), which is then used on architectures that do not provide their own version. This means that we resume using the assembly version of bn_sqr_words() on i386, mips64 and powerpc, which can provide considerable performance gains. ok tb@ --- src/lib/libcrypto/bn/arch/amd64/bn_arch.c | 20 +++++++++----------- src/lib/libcrypto/bn/arch/amd64/bn_arch.h | 4 ++-- src/lib/libcrypto/bn/bn_local.h | 4 ++-- src/lib/libcrypto/bn/bn_sqr.c | 25 ++++++++++++++----------- 4 files changed, 27 insertions(+), 26 deletions(-) (limited to 'src/lib/libcrypto') diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c index 9ff8920ca2..e4fbb4cfc3 100644 --- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c +++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_arch.c,v 1.12 2025/08/14 15:29:17 jsing Exp $ */ +/* $OpenBSD: bn_arch.c,v 1.13 2025/08/30 07:16:06 jsing Exp $ */ /* * Copyright (c) 2023 Joel Sing * @@ -142,16 +142,6 @@ bn_mul_comba8(BN_ULONG *rd, const BN_ULONG *ad, const BN_ULONG *bd) } #endif -#ifdef HAVE_BN_SQR -int -bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx) -{ - bignum_sqr(r_len, (uint64_t *)r->d, a->top, (const uint64_t *)a->d); - - return 1; -} -#endif - #ifdef HAVE_BN_SQR_COMBA4 void bn_sqr_comba4(BN_ULONG *rd, const BN_ULONG *ad) @@ -191,6 +181,14 @@ bn_sqr_comba8(BN_ULONG *rd, const BN_ULONG *ad) } #endif +#ifdef HAVE_BN_SQR_WORDS +void +bn_sqr_words(BN_ULONG *rd, const BN_ULONG *ad, int a_len) +{ + bignum_sqr(a_len * 2, (uint64_t *)rd, a_len, (const uint64_t *)ad); +} +#endif + #ifdef HAVE_BN_WORD_CLZ int bn_word_clz(BN_ULONG w) diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h index 7359f993a7..dd7abd3002 100644 --- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h +++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_arch.h,v 1.16 2025/08/14 15:22:54 jsing Exp $ */ +/* $OpenBSD: bn_arch.h,v 1.17 2025/08/30 07:16:06 jsing Exp $ */ /* * Copyright (c) 2023 Joel Sing * @@ -36,10 +36,10 @@ #define HAVE_BN_MUL_COMBA8 #define HAVE_BN_MUL_WORDS -#define HAVE_BN_SQR #define HAVE_BN_SQR_COMBA4 #define HAVE_BN_SQR_COMBA6 #define HAVE_BN_SQR_COMBA8 +#define HAVE_BN_SQR_WORDS #define HAVE_BN_SUB #define HAVE_BN_SUB_WORDS diff --git a/src/lib/libcrypto/bn/bn_local.h b/src/lib/libcrypto/bn/bn_local.h index 1bd4c16baf..16d270b6a1 100644 --- a/src/lib/libcrypto/bn/bn_local.h +++ b/src/lib/libcrypto/bn/bn_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_local.h,v 1.54 2025/08/05 15:08:13 jsing Exp $ */ +/* $OpenBSD: bn_local.h,v 1.55 2025/08/30 07:16:06 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -247,6 +247,7 @@ void bn_mul_comba8(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b); void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a); void bn_sqr_comba6(BN_ULONG *r, const BN_ULONG *a); void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a); +void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int a_len); int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); @@ -258,7 +259,6 @@ int bn_wexpand(BIGNUM *a, int words); BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); -void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num); BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); void bn_div_rem_words(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, BN_ULONG *out_r); diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c index 2f7f71f819..3a6eed06c6 100644 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ b/src/lib/libcrypto/bn/bn_sqr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqr.c,v 1.38 2025/08/14 15:15:04 jsing Exp $ */ +/* $OpenBSD: bn_sqr.c,v 1.39 2025/08/30 07:16:06 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -64,8 +64,6 @@ #include "bn_local.h" #include "bn_internal.h" -int bn_sqr(BIGNUM *r, const BIGNUM *a, int max, BN_CTX *ctx); - /* * bn_sqr_comba4() computes r[] = a[] * a[] using Comba multiplication * (https://everything2.com/title/Comba+multiplication), where a is a @@ -205,7 +203,7 @@ bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a) } #endif -#ifndef HAVE_BN_SQR +#ifndef HAVE_BN_SQR_WORDS /* * bn_sqr_add_words() computes (r[i*2+1]:r[i*2]) = (r[i*2+1]:r[i*2]) + a[i] * a[i]. */ @@ -242,12 +240,16 @@ bn_sqr_add_words(BN_ULONG *r, const BN_ULONG *a, int n) } } -static void -bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len) +/* + * bn_sqr_words() computes r[] = a[] * a[]. + */ +void +bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int a_len) { const BN_ULONG *ap; BN_ULONG *rp; BN_ULONG w; + int r_len; int n; if (a_len <= 0) @@ -258,6 +260,7 @@ bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len) ap++; rp = r; + r_len = a_len * 2; rp[0] = rp[r_len - 1] = 0; rp++; @@ -285,20 +288,20 @@ bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len) /* Add squares. */ bn_sqr_add_words(r, a, a_len); } +#endif /* * bn_sqr() computes a * a, storing the result in r. The caller must ensure that * r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2 * words. */ -int -bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx) +static int +bn_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { - bn_sqr_normal(r->d, r_len, a->d, a->top); + bn_sqr_words(r->d, a->d, a->top); return 1; } -#endif int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) @@ -331,7 +334,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) } else if (a->top == 8) { bn_sqr_comba8(rr->d, a->d); } else { - if (!bn_sqr(rr, a, r_len, ctx)) + if (!bn_sqr(rr, a, ctx)) goto err; } -- cgit v1.2.3-55-g6feb