{0x0000000000000001ULL,0xFFFFFFFF00000000ULL,
0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL},
{0x0000000000000002ULL,0xFFFFFFFE00000000ULL,
- 0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL}
+ 0xFFFFFFFFFFFFFFFFULL,0x00000001FFFFFFFFULL} /* this one is "carry-full" */
};
static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
{0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL,
0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
0xFFFFFFFF,0x000001FF};
+#else
+#error "unsupported BN_BITS2"
#endif
const BIGNUM *BN_get0_nist_prime_192(void)
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
BN_CTX *ctx)
{
-#if BN_BITS2 == 32
int top = a->top, i;
int carry;
BN_ULONG *r_d, *a_d = a->d;
else
r_d = a_d;
+#if BN_BITS2==64
+ /* copy upper 256 bits of 448 bit number ... */
+ nist_cp_bn_0(t_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
+ /* ... and right shift by 32 to obtain upper 224 bits */
+ nist_set_224(buf, t_d, 14, 13, 12, 11, 10, 9, 8);
+ /* truncate lower part to 224 bits too */
+ r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
+#else
nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
-
+#endif
nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
carry = bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
carry -= bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+#if BN_BITS2==64
+ carry = (int)(r_d[BN_NIST_224_TOP-1]>>32);
+#endif
u.f = bn_sub_words;
if (carry > 0)
+ {
carry = bn_sub_words(r_d,r_d,_nist_p_224[carry-1],BN_NIST_224_TOP);
+#if BN_BITS2==64
+ carry=(int)(~(r_d[BN_NIST_224_TOP-1]>>32))&1;
+#endif
+ }
else if (carry < 0)
{
/* it's a bit more comlicated logic in this case.
bn_correct_top(r);
return 1;
-#else /* BN_BITS!=32 */
- return 0;
-#endif
}
#define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \
return &ret;
}
-#if BN_BITS2 == 64
-#define NO_32_BIT_TYPE
-#endif
-
int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
{
dest->field_mod_func = src->field_mod_func;
if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
group->field_mod_func = BN_nist_mod_192;
else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
- {
-#ifndef NO_32_BIT_TYPE
group->field_mod_func = BN_nist_mod_224;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- }
else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
- {
-#ifndef NO_32_BIT_TYPE
group->field_mod_func = BN_nist_mod_256;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- }
else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
- {
-#ifndef NO_32_BIT_TYPE
group->field_mod_func = BN_nist_mod_384;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- }
else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
- /* this one works in the NO_32_BIT_TYPE case */
group->field_mod_func = BN_nist_mod_521;
else
{
projects / openssl.git / commitdiff