1 /* crypto/bn/bn_mul.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
60 # undef NDEBUG /* avoid conflicting definitions */
69 #if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
70 /* Here follows specialised variants of bn_add_words() and
71 bn_sub_words(). They have the property performing operations on
72 arrays of different sizes. The sizes of those arrays is expressed through
73 cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl,
74 which is the delta between the two lengths, calculated as len(a)-len(b).
75 All lengths are the number of BN_ULONGs... For the operations that require
76 a result array as parameter, it must have the length cl+abs(dl).
77 These functions should probably end up in bn_asm.c as soon as there are
78 assembler counterparts for the systems that use assembler files. */
80 BN_ULONG bn_sub_part_words(BN_ULONG *r,
81 const BN_ULONG *a, const BN_ULONG *b,
87 c = bn_sub_words(r, a, b, cl);
99 fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c);
104 r[0] = (0-t-c)&BN_MASK2;
106 if (++dl >= 0) break;
109 r[1] = (0-t-c)&BN_MASK2;
111 if (++dl >= 0) break;
114 r[2] = (0-t-c)&BN_MASK2;
116 if (++dl >= 0) break;
119 r[3] = (0-t-c)&BN_MASK2;
121 if (++dl >= 0) break;
131 fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c);
136 r[0] = (t-c)&BN_MASK2;
138 if (--dl <= 0) break;
141 r[1] = (t-c)&BN_MASK2;
143 if (--dl <= 0) break;
146 r[2] = (t-c)&BN_MASK2;
148 if (--dl <= 0) break;
151 r[3] = (t-c)&BN_MASK2;
153 if (--dl <= 0) break;
162 fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl);
166 switch (save_dl - dl)
170 if (--dl <= 0) break;
173 if (--dl <= 0) break;
176 if (--dl <= 0) break;
185 fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl);
190 if (--dl <= 0) break;
192 if (--dl <= 0) break;
194 if (--dl <= 0) break;
196 if (--dl <= 0) break;
207 BN_ULONG bn_add_part_words(BN_ULONG *r,
208 const BN_ULONG *a, const BN_ULONG *b,
214 c = bn_add_words(r, a, b, cl);
227 fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c);
234 if (++dl >= 0) break;
239 if (++dl >= 0) break;
244 if (++dl >= 0) break;
249 if (++dl >= 0) break;
258 fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl);
262 switch (dl - save_dl)
266 if (++dl >= 0) break;
269 if (++dl >= 0) break;
272 if (++dl >= 0) break;
281 fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl);
286 if (++dl >= 0) break;
288 if (++dl >= 0) break;
290 if (++dl >= 0) break;
292 if (++dl >= 0) break;
303 fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl);
310 if (--dl <= 0) break;
315 if (--dl <= 0) break;
320 if (--dl <= 0) break;
325 if (--dl <= 0) break;
332 fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl);
338 switch (save_dl - dl)
342 if (--dl <= 0) break;
345 if (--dl <= 0) break;
348 if (--dl <= 0) break;
357 fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl);
362 if (--dl <= 0) break;
364 if (--dl <= 0) break;
366 if (--dl <= 0) break;
368 if (--dl <= 0) break;
379 /* Karatsuba recursive multiplication algorithm
380 * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
383 * r is 2*n2 words in size,
384 * a and b are both n2 words in size.
385 * n2 must be a power of 2.
386 * We multiply and return the result.
387 * t must be 2*n2 words in size
390 * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
393 /* dnX may not be positive, but n2/2+dnX has to be */
394 void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
395 int dna, int dnb, BN_ULONG *t)
398 int tna=n+dna, tnb=n+dnb;
399 unsigned int neg,zero;
403 fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb);
409 bn_mul_comba4(r,a,b);
413 /* Only call bn_mul_comba 8 if n2 == 8 and the
414 * two arrays are complete [steve]
416 if (n2 == 8 && dna == 0 && dnb == 0)
418 bn_mul_comba8(r,a,b);
421 # endif /* BN_MUL_COMBA */
422 /* Else do normal multiply */
423 if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
425 bn_mul_normal(r,a,n2+dna,b,n2+dnb);
427 memset(&r[2*n2 + dna + dnb], 0,
428 sizeof(BN_ULONG) * -(dna + dnb));
431 /* r=(a[0]-a[1])*(b[1]-b[0]) */
432 c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
433 c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
438 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
439 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
445 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
446 bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */
455 bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
456 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
463 bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
464 bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n);
469 if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take
470 extra args to do this well */
473 bn_mul_comba4(&(t[n2]),t,&(t[n]));
475 memset(&(t[n2]),0,8*sizeof(BN_ULONG));
477 bn_mul_comba4(r,a,b);
478 bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n]));
480 else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could
481 take extra args to do this
485 bn_mul_comba8(&(t[n2]),t,&(t[n]));
487 memset(&(t[n2]),0,16*sizeof(BN_ULONG));
489 bn_mul_comba8(r,a,b);
490 bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
493 # endif /* BN_MUL_COMBA */
497 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p);
499 memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
500 bn_mul_recursive(r,a,b,n,0,0,p);
501 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p);
505 * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
506 * r[10] holds (a[0]*b[0])
507 * r[32] holds (b[1]*b[1])
510 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
512 if (neg) /* if t[32] is negative */
514 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
518 /* Might have a carry */
519 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
523 * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
524 * r[10] holds (a[0]*b[0])
525 * r[32] holds (b[1]*b[1])
526 * c1 holds the carry bits
528 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
536 /* The overflow will stop before we over write
537 * words we should not overwrite */
538 if (ln < (BN_ULONG)c1)
550 /* n+tn is the word length
551 * t needs to be n*4 is size, as does r */
552 /* tnX may not be negative but less than n */
553 void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
554 int tna, int tnb, BN_ULONG *t)
561 fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
566 bn_mul_normal(r,a,n+tna,b,n+tnb);
570 /* r=(a[0]-a[1])*(b[1]-b[0]) */
571 c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
572 c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
577 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
578 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
583 bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
584 bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */
592 bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
593 bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
599 bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
600 bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n);
603 /* The zero case isn't yet implemented here. The speedup
604 would probably be negligible. */
608 bn_mul_comba4(&(t[n2]),t,&(t[n]));
609 bn_mul_comba4(r,a,b);
610 bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
611 memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
617 bn_mul_comba8(&(t[n2]),t,&(t[n]));
618 bn_mul_comba8(r,a,b);
619 bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb);
620 memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb));
625 bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p);
626 bn_mul_recursive(r,a,b,n,0,0,p);
628 /* If there is only a bottom half to the number,
636 bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),
638 memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
640 else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
642 bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
644 memset(&(r[n2+tna+tnb]),0,
645 sizeof(BN_ULONG)*(n2-tna-tnb));
647 else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
649 memset(&(r[n2]),0,sizeof(BN_ULONG)*n2);
650 if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL
651 && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL)
653 bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb);
660 /* these simplified conditions work
661 * exclusively because difference
662 * between tna and tnb is 1 or 0 */
663 if (i < tna || i < tnb)
665 bn_mul_part_recursive(&(r[n2]),
670 else if (i == tna || i == tnb)
672 bn_mul_recursive(&(r[n2]),
683 * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
684 * r[10] holds (a[0]*b[0])
685 * r[32] holds (b[1]*b[1])
688 c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
690 if (neg) /* if t[32] is negative */
692 c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
696 /* Might have a carry */
697 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
701 * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
702 * r[10] holds (a[0]*b[0])
703 * r[32] holds (b[1]*b[1])
704 * c1 holds the carry bits
706 c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
714 /* The overflow will stop before we over write
715 * words we should not overwrite */
716 if (ln < (BN_ULONG)c1)
729 * a and b must be the same size, which is n2.
730 * r needs to be n2 words and t needs to be n2*2
732 void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
738 fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2);
741 bn_mul_recursive(r,a,b,n,0,0,&(t[0]));
742 if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
744 bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
745 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
746 bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
747 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
751 bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
752 bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
753 bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
754 bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
759 * a and b must be the same size, which is n2.
760 * r needs to be n2 words and t needs to be n2*2
761 * l is the low words of the output.
764 void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
770 BN_ULONG ll,lc,*lp,*mp;
773 fprintf(stderr," bn_mul_high %d * %d\n",n2,n2);
777 /* Calculate (al-ah)*(bh-bl) */
779 c1=bn_cmp_words(&(a[0]),&(a[n]),n);
780 c2=bn_cmp_words(&(b[n]),&(b[0]),n);
784 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
785 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
791 bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
792 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
801 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
802 bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
809 bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
810 bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
815 /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
816 /* r[10] = (a[1]*b[1]) */
820 bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
821 bn_mul_comba8(r,&(a[n]),&(b[n]));
826 bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2]));
827 bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2]));
832 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
833 * We know s0 and s1 so the only unknown is high(al*bl)
834 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
835 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
840 c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
849 neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
852 bn_add_words(&(t[n2]),lp,&(t[0]),n);
858 bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
865 lp[i]=((~mp[i])+1)&BN_MASK2;
871 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
872 * r[10] = (a[1]*b[1])
876 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
880 * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
881 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
882 * R[3]=r[1]+(carry/borrow)
887 c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
894 c1+=(int)(bn_add_words(&(t[n2]),lp, &(r[0]),n));
896 c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
898 c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
900 c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
901 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
903 c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
905 c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
907 if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
914 ll=(r[i]+lc)&BN_MASK2;
924 r[i++]=(ll-lc)&BN_MASK2;
929 if (c2 != 0) /* Add starting at r[1] */
936 ll=(r[i]+lc)&BN_MASK2;
946 r[i++]=(ll-lc)&BN_MASK2;
952 #endif /* BN_RECURSION */
954 int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
959 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
968 fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top);
978 if ((al == 0) || (bl == 0))
986 if ((r == a) || (r == b))
988 if ((rr = BN_CTX_get(ctx)) == NULL) goto err;
992 rr->neg=a->neg^b->neg;
994 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
1003 if (bn_wexpand(rr,8) == NULL) goto err;
1005 bn_mul_comba4(rr->d,a->d,b->d);
1011 if (bn_wexpand(rr,16) == NULL) goto err;
1013 bn_mul_comba8(rr->d,a->d,b->d);
1017 #endif /* BN_MUL_COMBA */
1019 if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
1021 if (i >= -1 && i <= 1)
1023 /* Find out the power of two lower or equal
1024 to the longest of the two numbers */
1027 j = BN_num_bits_word((BN_ULONG)al);
1031 j = BN_num_bits_word((BN_ULONG)bl);
1034 assert(j <= al || j <= bl);
1036 t = BN_CTX_get(ctx);
1039 if (al > j || bl > j)
1041 if (bn_wexpand(t,k*4) == NULL) goto err;
1042 if (bn_wexpand(rr,k*4) == NULL) goto err;
1043 bn_mul_part_recursive(rr->d,a->d,b->d,
1046 else /* al <= j || bl <= j */
1048 if (bn_wexpand(t,k*2) == NULL) goto err;
1049 if (bn_wexpand(rr,k*2) == NULL) goto err;
1050 bn_mul_recursive(rr->d,a->d,b->d,
1057 if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
1059 BIGNUM *tmp_bn = (BIGNUM *)b;
1060 if (bn_wexpand(tmp_bn,al) == NULL) goto err;
1065 else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
1067 BIGNUM *tmp_bn = (BIGNUM *)a;
1068 if (bn_wexpand(tmp_bn,bl) == NULL) goto err;
1075 /* symmetric and > 4 */
1077 j=BN_num_bits_word((BN_ULONG)al);
1080 t = BN_CTX_get(ctx);
1081 if (al == j) /* exact multiple */
1083 if (bn_wexpand(t,k*2) == NULL) goto err;
1084 if (bn_wexpand(rr,k*2) == NULL) goto err;
1085 bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
1089 if (bn_wexpand(t,k*4) == NULL) goto err;
1090 if (bn_wexpand(rr,k*4) == NULL) goto err;
1091 bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
1098 #endif /* BN_RECURSION */
1099 if (bn_wexpand(rr,top) == NULL) goto err;
1101 bn_mul_normal(rr->d,a->d,al,b->d,bl);
1103 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
1107 if (r != rr) BN_copy(r,rr);
1115 void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
1120 fprintf(stderr," bn_mul_normal %d * %d\n",na,nb);
1128 itmp=na; na=nb; nb=itmp;
1129 ltmp=a; a=b; b=ltmp;
1135 (void)bn_mul_words(r,a,na,0);
1139 rr[0]=bn_mul_words(r,a,na,b[0]);
1143 if (--nb <= 0) return;
1144 rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
1145 if (--nb <= 0) return;
1146 rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
1147 if (--nb <= 0) return;
1148 rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
1149 if (--nb <= 0) return;
1150 rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
1157 void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
1160 fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n);
1162 bn_mul_words(r,a,n,b[0]);
1166 if (--n <= 0) return;
1167 bn_mul_add_words(&(r[1]),a,n,b[1]);
1168 if (--n <= 0) return;
1169 bn_mul_add_words(&(r[2]),a,n,b[2]);
1170 if (--n <= 0) return;
1171 bn_mul_add_words(&(r[3]),a,n,b[3]);
1172 if (--n <= 0) return;
1173 bn_mul_add_words(&(r[4]),a,n,b[4]);
projects / openssl.git / blob