- Timestamp:
- Jun 22, 2021, 9:00:19 PM (3 years ago)
- Location:
- azure_iot_hub_f767zi/trunk/wolfssl-4.7.0
- Files:
-
- 1 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfcrypt/src/integer.c
r457 r464 272 272 int mp_leading_bit (mp_int * a) 273 273 { 274 int bit = 0; 275 mp_int t; 276 277 if (mp_init_copy(&t, a) != MP_OKAY) 278 return 0; 279 280 while (mp_iszero(&t) == MP_NO) { 281 #ifndef MP_8BIT 282 bit = (t.dp[0] & 0x80) != 0; 283 #else 284 bit = ((t.dp[0] | ((t.dp[1] & 0x01) << 7)) & 0x80) != 0; 285 #endif 286 if (mp_div_2d (&t, 8, &t, NULL) != MP_OKAY) 287 break; 288 } 289 mp_clear(&t); 290 return bit; 274 int c = mp_count_bits(a); 275 276 if (c == 0) return 0; 277 return (c % 8) == 0; 291 278 } 292 279 … … 335 322 len = mp_unsigned_bin_size(a); 336 323 324 if (len > c) { 325 return MP_VAL; 326 } 327 337 328 /* pad front w/ zeros to match length */ 338 for (i = 0; i < c - len; i++) 339 b[i] = 0x00; 329 for (i = 0; i < c - len; i++) { 330 b[i] = 0x00; 331 } 340 332 return mp_to_unsigned_bin(a, b + i); 341 333 } … … 555 547 } 556 548 549 int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m) 550 { 551 (void)c; 552 if (m == 1) 553 mp_exch(a, b); 554 return MP_OKAY; 555 } 556 557 557 558 558 /* shift right a certain number of bits */ … … 563 563 mp_digit D = x; 564 564 565 /* shifting by a negative number not supported, and shifting by 566 * zero changes nothing. 567 */ 568 if (x <= 0) return; 569 570 /* shift digits first if needed */ 571 if (x >= DIGIT_BIT) { 572 mp_rshd(c, x / DIGIT_BIT); 573 /* recalculate number of bits to shift */ 574 D = x % DIGIT_BIT; 575 /* check if any more shifting needed */ 576 if (D == 0) return; 577 } 578 579 /* zero shifted is always zero */ 565 580 if (mp_iszero(c)) return; 566 581 … … 670 685 } 671 686 /* clear the digit that is not completely outside/inside the modulus */ 672 c->dp[b / DIGIT_BIT] &= (mp_digit) ((((mp_digit) 1) << 673 (((mp_digit) b) % DIGIT_BIT)) - ((mp_digit) 1)); 687 x = DIGIT_BIT - (b % DIGIT_BIT); 688 if (x != DIGIT_BIT) { 689 c->dp[b / DIGIT_BIT] &= ~((mp_digit)0) >> (x + ((sizeof(mp_digit)*8) - DIGIT_BIT)); 690 } 674 691 mp_clamp (c); 675 692 return MP_OKAY; … … 681 698 { 682 699 int res; 683 684 /* make sure there are at least two digits */ 685 if (a->alloc < 2) { 686 if ((res = mp_grow(a, 2)) != MP_OKAY) { 700 int digits_needed; 701 702 while (c > 0 && b[0] == 0) { 703 c--; 704 b++; 705 } 706 707 digits_needed = ((c * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT; 708 709 /* make sure there are enough digits available */ 710 if (a->alloc < digits_needed) { 711 if ((res = mp_grow(a, digits_needed)) != MP_OKAY) { 687 712 return res; 688 713 } … … 700 725 #ifndef MP_8BIT 701 726 a->dp[0] |= *b++; 702 a->used += 1; 727 if (a->used == 0) 728 a->used = 1; 703 729 #else 704 730 a->dp[0] = (*b & MP_MASK); 705 731 a->dp[1] |= ((*b++ >> 7U) & 1); 706 a->used += 2; 732 if (a->used == 0) 733 a->used = 2; 707 734 #endif 708 735 } … … 1578 1605 mp_clamp (b); 1579 1606 return MP_OKAY; 1607 } 1608 1609 /* c = a / 2 (mod b) - constant time (a < b and positive) */ 1610 int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c) 1611 { 1612 int res; 1613 1614 if (mp_isodd(a)) { 1615 res = mp_add(a, b, c); 1616 if (res == MP_OKAY) { 1617 res = mp_div_2(c, c); 1618 } 1619 } 1620 else { 1621 res = mp_div_2(a, c); 1622 } 1623 1624 return res; 1580 1625 } 1581 1626 … … 1991 2036 #ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C 1992 2037 if (((P->used * 2 + 1) < (int)MP_WARRAY) && 1993 P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {2038 P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 1994 2039 redux = fast_mp_montgomery_reduce; 1995 2040 } else … … 2237 2282 #ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C 2238 2283 if (((P->used * 2 + 1) < (int)MP_WARRAY) && 2239 P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {2284 P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 2240 2285 redux = fast_mp_montgomery_reduce; 2241 2286 } else 2242 2287 #endif 2288 #ifdef BN_MP_MONTGOMERY_REDUCE_C 2243 2289 { 2244 #ifdef BN_MP_MONTGOMERY_REDUCE_C2245 2290 /* use slower baseline Montgomery method */ 2246 2291 redux = mp_montgomery_reduce; 2247 #else 2248 return MP_VAL; 2249 #endif 2292 } 2293 #endif 2294 2295 if (redux == NULL) { 2296 return MP_VAL; 2250 2297 } 2251 2298 … … 2449 2496 #endif 2450 2497 2498 XMEMSET(W, 0, (n->used * 2 + 1) * sizeof(mp_word)); 2499 2451 2500 /* first we have to get the digits of the input into 2452 2501 * an array of double precision words W[...] … … 2465 2514 for (ix = 0; ix < x->used; ix++) { 2466 2515 *_W++ = *tmpx++; 2467 }2468 2469 /* zero the high words of W[a->used..m->used*2] */2470 for (; ix < n->used * 2 + 1; ix++) {2471 *_W++ = 0;2472 2516 } 2473 2517 } … … 2597 2641 if ((digs < (int)MP_WARRAY) && 2598 2642 n->used < 2599 (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {2643 (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 2600 2644 return fast_mp_montgomery_reduce (x, n, rho); 2601 2645 } … … 2997 3041 } 2998 3042 3043 /* d = a - b (mod c) - a < c and b < c and positive */ 3044 int mp_submod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d) 3045 { 3046 int res; 3047 3048 res = mp_sub(a, b, d); 3049 if (res == MP_OKAY && mp_isneg(d)) { 3050 res = mp_add(d, c, d); 3051 } 3052 3053 return res; 3054 } 3055 3056 /* d = a + b (mod c) - a < c and b < c and positive */ 3057 int mp_addmod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d) 3058 { 3059 int res; 3060 3061 res = mp_add(a, b, d); 3062 if (res == MP_OKAY && mp_cmp(d, c) != MP_LT) { 3063 res = mp_sub(d, c, d); 3064 } 3065 3066 return res; 3067 } 3068 2999 3069 /* computes b = a*a */ 3000 3070 int mp_sqr (mp_int * a, mp_int * b) … … 3044 3114 if ((digs < (int)MP_WARRAY) && 3045 3115 MIN(a->used, b->used) <= 3046 (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {3116 (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 3047 3117 res = fast_s_mp_mul_digs (a, b, c, digs); 3048 3118 } else … … 3507 3577 if ((digs < (int)MP_WARRAY) && 3508 3578 MIN (a->used, b->used) < 3509 (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {3579 (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 3510 3580 return fast_s_mp_mul_digs (a, b, c, digs); 3511 3581 } … … 4015 4085 if (((a->used + b->used + 1) < (int)MP_WARRAY) 4016 4086 && MIN (a->used, b->used) < 4017 (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {4087 (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { 4018 4088 return fast_s_mp_mul_high_digs (a, b, c, digs); 4019 4089 } … … 4325 4395 int res, ix, oldused; 4326 4396 4397 if (b > MP_MASK) return MP_VAL; 4398 4327 4399 /* grow c as required */ 4328 4400 if (c->alloc < a->used + 1) { … … 4512 4584 4513 4585 if (w >= b) { 4586 #ifdef WOLFSSL_LINUXKM 4587 t = (mp_digit)w; 4588 /* Linux kernel macro for in-place 64 bit integer division. */ 4589 do_div(t, b); 4590 #else 4514 4591 t = (mp_digit)(w / b); 4592 #endif 4515 4593 w -= ((mp_word)t) * ((mp_word)b); 4516 4594 } else { … … 4544 4622 #if defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) 4545 4623 4546 const mp_digit ltm_prime_tab[PRIME_SIZE] = {4624 const FLASH_QUALIFIER mp_digit ltm_prime_tab[PRIME_SIZE] = { 4547 4625 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, 4548 4626 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, … … 4635 4713 #if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) 4636 4714 #ifndef WOLFSSL_SP_NO_2048 4637 if (mp_count_bits(a) == 1024 )4715 if (mp_count_bits(a) == 1024 && mp_isodd(a)) 4638 4716 err = sp_ModExp_1024(b, &r, a, &y); 4639 else if (mp_count_bits(a) == 2048 )4717 else if (mp_count_bits(a) == 2048 && mp_isodd(a)) 4640 4718 err = sp_ModExp_2048(b, &r, a, &y); 4641 4719 else 4642 4720 #endif 4643 4721 #ifndef WOLFSSL_SP_NO_3072 4644 if (mp_count_bits(a) == 1536 )4722 if (mp_count_bits(a) == 1536 && mp_isodd(a)) 4645 4723 err = sp_ModExp_1536(b, &r, a, &y); 4646 else if (mp_count_bits(a) == 3072 )4724 else if (mp_count_bits(a) == 3072 && mp_isodd(a)) 4647 4725 err = sp_ModExp_3072(b, &r, a, &y); 4648 4726 else 4649 4727 #endif 4650 4728 #ifdef WOLFSSL_SP_4096 4651 if (mp_count_bits(a) == 4096 )4729 if (mp_count_bits(a) == 4096 && mp_isodd(a)) 4652 4730 err = sp_ModExp_4096(b, &r, a, &y); 4653 4731 else … … 5090 5168 5091 5169 /* chars used in radix conversions */ 5092 const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ \5093 5170 const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" 5171 "abcdefghijklmnopqrstuvwxyz+/"; 5094 5172 #endif 5095 5173 … … 5179 5257 /* special case for binary */ 5180 5258 if (radix == MP_RADIX_BIN) { 5181 *size = mp_count_bits (a) + (a->sign == MP_NEG ? 1 : 0) + 1; 5259 *size = mp_count_bits(a); 5260 if (*size == 0) 5261 *size = 1; 5262 *size += (a->sign == MP_NEG ? 1 : 0) + 1; /* "-" sign + null term */ 5182 5263 return MP_OKAY; 5183 5264 } … … 5189 5270 5190 5271 if (mp_iszero(a) == MP_YES) { 5191 *size = 2; 5272 #ifndef WC_DISABLE_RADIX_ZERO_PAD 5273 if (radix == 16) 5274 *size = 3; 5275 else 5276 #endif 5277 *size = 2; 5192 5278 return MP_OKAY; 5193 5279 } … … 5195 5281 /* digs is the digit count */ 5196 5282 digs = 0; 5197 5198 /* if it's negative add one for the sign */5199 if (a->sign == MP_NEG) {5200 ++digs;5201 }5202 5283 5203 5284 /* init a copy of the input */ … … 5219 5300 mp_clear (&t); 5220 5301 5302 #ifndef WC_DISABLE_RADIX_ZERO_PAD 5303 /* For hexadecimal output, add zero padding when number of digits is odd */ 5304 if ((digs & 1) && (radix == 16)) { 5305 ++digs; 5306 } 5307 #endif 5308 5309 /* if it's negative add one for the sign */ 5310 if (a->sign == MP_NEG) { 5311 ++digs; 5312 } 5313 5221 5314 /* return digs + 1, the 1 is for the NULL byte that would be required. */ 5222 5315 *size = digs + 1; … … 5239 5332 /* quick out if its zero */ 5240 5333 if (mp_iszero(a) == MP_YES) { 5334 #ifndef WC_DISABLE_RADIX_ZERO_PAD 5335 if (radix == 16) { 5336 *str++ = '0'; 5337 } 5338 #endif 5241 5339 *str++ = '0'; 5242 5340 *str = '\0';
Note:
See TracChangeset
for help on using the changeset viewer.