projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update source files to handle new FIPS_lock() location. Add FIPS_lock()
[openssl.git] / crypto / bn / bn_mont.c
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index e3146240b5a52c3efc45a706338bfb3622a4d8b5..ba659cfd1d51719bcb7d53c0dbdbb182828f9c0e 100644 (file)
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -116,10 +116,16 @@
  * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 #define MONT_WORD /* use the faster word-based algorithm */
 
 #ifdef MONT_WORD
@@ -434,6 +440,11 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
                mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
 
 #if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
+               /* Only certain BN_BITS2<=32 platforms actually make use of
+                * n0[1], and we could use the #else case (with a shorter R
+                * value) for the others.  However, currently only the assembler
+                * files do know which is which. */
+
                BN_zero(R);
                if (!(BN_set_bit(R,2*BN_BITS2))) goto err;
 
Unnamed repository; edit this file 'description' to name the repository.