summaryrefslogtreecommitdiffstats
path: root/libtommath/pre_gen/mpi.c
diff options
context:
space:
mode:
Diffstat (limited to 'libtommath/pre_gen/mpi.c')
-rw-r--r--libtommath/pre_gen/mpi.c773
1 files changed, 501 insertions, 272 deletions
diff --git a/libtommath/pre_gen/mpi.c b/libtommath/pre_gen/mpi.c
index 7d832e7..d2224c0 100644
--- a/libtommath/pre_gen/mpi.c
+++ b/libtommath/pre_gen/mpi.c
@@ -13,7 +13,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
static const struct {
@@ -60,7 +60,7 @@ char *mp_error_to_string(int code)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes the modular inverse via binary extended euclidean algorithm,
@@ -69,8 +69,7 @@ char *mp_error_to_string(int code)
* Based on slow invmod except this is optimized for the case where b is
* odd as per HAC Note 14.64 on pp. 610
*/
-int
-fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
+int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
{
mp_int x, y, u, v, B, D;
int res, neg;
@@ -91,7 +90,7 @@ fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
}
/* we need y = |a| */
- if ((res = mp_abs (a, &y)) != MP_OKAY) {
+ if ((res = mp_mod (a, b, &y)) != MP_OKAY) {
goto LBL_ERR;
}
@@ -209,7 +208,7 @@ LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &B, &D, NULL);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes xR**-1 == x (mod N) via Montgomery Reduction
@@ -220,8 +219,7 @@ LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &B, &D, NULL);
*
* Based on Algorithm 14.32 on pp.601 of HAC.
*/
-int
-fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
+int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
{
int ix, res, olduse;
mp_word W[MP_WARRAY];
@@ -382,7 +380,7 @@ fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Fast (comba) multiplier
@@ -401,8 +399,7 @@ fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* Based on Algorithm 14.12 on pp.595 of HAC.
*
*/
-int
-fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
{
int olduse, res, pa, ix, iz;
mp_digit W[MP_WARRAY];
@@ -433,7 +430,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
tmpx = a->dp + tx;
tmpy = b->dp + ty;
- /* this is the number of times the loop will iterrate, essentially its
+ /* this is the number of times the loop will iterrate, essentially
while (tx++ < a->used && ty-- >= 0) { ... }
*/
iy = MIN(a->used-tx, ty+1);
@@ -441,6 +438,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
/* execute loop */
for (iz = 0; iz < iy; ++iz) {
_W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
+
}
/* store term */
@@ -448,19 +446,16 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
/* make next carry */
_W = _W >> ((mp_word)DIGIT_BIT);
- }
-
- /* store final carry */
- W[ix] = _W;
+ }
/* setup dest */
olduse = c->used;
- c->used = digs;
+ c->used = pa;
{
register mp_digit *tmpc;
tmpc = c->dp;
- for (ix = 0; ix < digs; ix++) {
+ for (ix = 0; ix < pa+1; ix++) {
/* now extract the previous digit [below the carry] */
*tmpc++ = W[ix];
}
@@ -492,7 +487,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* this is a modified version of fast_s_mul_digs that only produces
@@ -504,8 +499,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
*
* Based on Algorithm 14.12 on pp.595 of HAC.
*/
-int
-fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
{
int olduse, res, pa, ix, iz;
mp_digit W[MP_WARRAY];
@@ -551,9 +545,6 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
_W = _W >> ((mp_word)DIGIT_BIT);
}
- /* store final carry */
- W[ix] = _W;
-
/* setup dest */
olduse = c->used;
c->used = pa;
@@ -562,7 +553,7 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
register mp_digit *tmpc;
tmpc = c->dp + digs;
- for (ix = digs; ix <= pa; ix++) {
+ for (ix = digs; ix < pa; ix++) {
/* now extract the previous digit [below the carry] */
*tmpc++ = W[ix];
}
@@ -594,36 +585,17 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
-/* fast squaring
- *
- * This is the comba method where the columns of the product
- * are computed first then the carries are computed. This
- * has the effect of making a very simple inner loop that
- * is executed the most
- *
- * W2 represents the outer products and W the inner.
- *
- * A further optimizations is made because the inner
- * products are of the form "A * B * 2". The *2 part does
- * not need to be computed until the end which is good
- * because 64-bit shifts are slow!
- *
- * Based on Algorithm 14.16 on pp.597 of HAC.
- *
- */
/* the jist of squaring...
-
-you do like mult except the offset of the tmpx [one that starts closer to zero]
-can't equal the offset of tmpy. So basically you set up iy like before then you min it with
-(ty-tx) so that it never happens. You double all those you add in the inner loop
+ * you do like mult except the offset of the tmpx [one that
+ * starts closer to zero] can't equal the offset of tmpy.
+ * So basically you set up iy like before then you min it with
+ * (ty-tx) so that it never happens. You double all those
+ * you add in the inner loop
After that loop you do the squares and add them in.
-
-Remove W2 and don't memset W
-
*/
int fast_s_mp_sqr (mp_int * a, mp_int * b)
@@ -658,7 +630,7 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
tmpx = a->dp + tx;
tmpy = a->dp + ty;
- /* this is the number of times the loop will iterrate, essentially its
+ /* this is the number of times the loop will iterrate, essentially
while (tx++ < a->used && ty-- >= 0) { ... }
*/
iy = MIN(a->used-tx, ty+1);
@@ -683,7 +655,7 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
}
/* store it */
- W[ix] = _W;
+ W[ix] = (mp_digit)(_W & MP_MASK);
/* make next carry */
W1 = _W >> ((mp_word)DIGIT_BIT);
@@ -727,7 +699,7 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes a = 2**b
@@ -775,7 +747,7 @@ mp_2expt (mp_int * a, int b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* b = |a|
@@ -818,7 +790,7 @@ mp_abs (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* high level addition (handles signs) */
@@ -871,7 +843,7 @@ int mp_add (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* single digit addition */
@@ -899,6 +871,9 @@ mp_add_d (mp_int * a, mp_digit b, mp_int * c)
/* fix sign */
a->sign = c->sign = MP_NEG;
+ /* clamp */
+ mp_clamp(c);
+
return res;
}
@@ -980,7 +955,7 @@ mp_add_d (mp_int * a, mp_digit b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* d = a + b (mod c) */
@@ -1021,7 +996,7 @@ mp_addmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* AND two ints together */
@@ -1078,7 +1053,7 @@ mp_and (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* trim unused digits
@@ -1122,7 +1097,7 @@ mp_clamp (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* clear one (frees) */
@@ -1166,7 +1141,7 @@ mp_clear (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
#include <stdarg.h>
@@ -1200,7 +1175,7 @@ void mp_clear_multi(mp_int *mp, ...)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* compare two ints (signed)*/
@@ -1243,7 +1218,7 @@ mp_cmp (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* compare a digit */
@@ -1287,7 +1262,7 @@ int mp_cmp_d(mp_int * a, mp_digit b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* compare maginitude of two ints (unsigned) */
@@ -1342,7 +1317,7 @@ int mp_cmp_mag (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
static const int lnz[16] = {
@@ -1395,7 +1370,7 @@ int mp_cnt_lsb(mp_int *a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* copy, b = a */
@@ -1463,7 +1438,7 @@ mp_copy (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* returns the number of bits in an int */
@@ -1508,7 +1483,7 @@ mp_count_bits (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
#ifdef BN_MP_DIV_SMALL
@@ -1800,7 +1775,7 @@ LBL_Q:mp_clear (&q);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* b = a/2 */
@@ -1868,7 +1843,7 @@ int mp_div_2(mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* shift right by a certain bit count (store quotient in c, optional remainder in d) */
@@ -1965,7 +1940,7 @@ int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* divide by three (based on routine from MPI and the GMP manual) */
@@ -2044,14 +2019,19 @@ mp_div_3 (mp_int * a, mp_int *c, mp_digit * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
static int s_is_power_of_two(mp_digit b, int *p)
{
int x;
- for (x = 1; x < DIGIT_BIT; x++) {
+ /* fast return if no power of two */
+ if ((b==0) || (b & (b-1))) {
+ return 0;
+ }
+
+ for (x = 0; x < DIGIT_BIT; x++) {
if (b == (((mp_digit)1)<<x)) {
*p = x;
return 1;
@@ -2154,7 +2134,7 @@ int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* determines if a number is a valid DR modulus */
@@ -2197,7 +2177,7 @@ int mp_dr_is_modulus(mp_int *a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* reduce "x" in place modulo "n" using the Diminished Radix algorithm.
@@ -2291,7 +2271,7 @@ top:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* determines the setup value */
@@ -2323,7 +2303,7 @@ void mp_dr_setup(mp_int *a, mp_digit *d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* swap the elements of two integers, for cases where you can't simply swap the
@@ -2357,7 +2337,7 @@ mp_exch (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* calculate c = a**b using a square-multiply algorithm */
@@ -2414,7 +2394,7 @@ int mp_expt_d (mp_int * a, mp_digit b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
@@ -2467,21 +2447,29 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
#endif
}
+/* modified diminished radix reduction */
+#if defined(BN_MP_REDUCE_IS_2K_L_C) && defined(BN_MP_REDUCE_2K_L_C) && defined(BN_S_MP_EXPTMOD_C)
+ if (mp_reduce_is_2k_l(P) == MP_YES) {
+ return s_mp_exptmod(G, X, P, Y, 1);
+ }
+#endif
+
#ifdef BN_MP_DR_IS_MODULUS_C
/* is it a DR modulus? */
dr = mp_dr_is_modulus(P);
#else
+ /* default to no */
dr = 0;
#endif
#ifdef BN_MP_REDUCE_IS_2K_C
- /* if not, is it a uDR modulus? */
+ /* if not, is it a unrestricted DR modulus? */
if (dr == 0) {
dr = mp_reduce_is_2k(P) << 1;
}
#endif
- /* if the modulus is odd or dr != 0 use the fast method */
+ /* if the modulus is odd or dr != 0 use the montgomery method */
#ifdef BN_MP_EXPTMOD_FAST_C
if (mp_isodd (P) == 1 || dr != 0) {
return mp_exptmod_fast (G, X, P, Y, dr);
@@ -2489,7 +2477,7 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
#endif
#ifdef BN_S_MP_EXPTMOD_C
/* otherwise use the generic Barrett reduction technique */
- return s_mp_exptmod (G, X, P, Y);
+ return s_mp_exptmod (G, X, P, Y, 0);
#else
/* no exptmod for evens */
return MP_VAL;
@@ -2518,7 +2506,7 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85
@@ -2535,8 +2523,7 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
#define TAB_SIZE 256
#endif
-int
-mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
+int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
{
mp_int M[TAB_SIZE], res;
mp_digit buf, mp;
@@ -2822,7 +2809,6 @@ LBL_M:
}
#endif
-
/* End: bn_mp_exptmod_fast.c */
/* Start: bn_mp_exteuclid.c */
@@ -2840,7 +2826,7 @@ LBL_M:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Extended euclidean algorithm of (a, b) produces
@@ -2887,6 +2873,13 @@ int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3)
if ((err = mp_copy(&t3, &v3)) != MP_OKAY) { goto _ERR; }
}
+ /* make sure U3 >= 0 */
+ if (u3.sign == MP_NEG) {
+ mp_neg(&u1, &u1);
+ mp_neg(&u2, &u2);
+ mp_neg(&u3, &u3);
+ }
+
/* copy result out */
if (U1 != NULL) { mp_exch(U1, &u1); }
if (U2 != NULL) { mp_exch(U2, &u2); }
@@ -2915,7 +2908,7 @@ _ERR: mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* read a bigint from a file stream in ASCII */
@@ -2982,7 +2975,7 @@ int mp_fread(mp_int *a, int radix, FILE *stream)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
int mp_fwrite(mp_int *a, int radix, FILE *stream)
@@ -3034,7 +3027,7 @@ int mp_fwrite(mp_int *a, int radix, FILE *stream)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Greatest Common Divisor using the binary method */
@@ -3044,21 +3037,13 @@ int mp_gcd (mp_int * a, mp_int * b, mp_int * c)
int k, u_lsb, v_lsb, res;
/* either zero than gcd is the largest */
- if (mp_iszero (a) == 1 && mp_iszero (b) == 0) {
+ if (mp_iszero (a) == MP_YES) {
return mp_abs (b, c);
}
- if (mp_iszero (a) == 0 && mp_iszero (b) == 1) {
+ if (mp_iszero (b) == MP_YES) {
return mp_abs (a, c);
}
- /* optimized. At this point if a == 0 then
- * b must equal zero too
- */
- if (mp_iszero (a) == 1) {
- mp_zero(c);
- return MP_OKAY;
- }
-
/* get copies of a and b we can modify */
if ((res = mp_init_copy (&u, a)) != MP_OKAY) {
return res;
@@ -3147,7 +3132,7 @@ LBL_U:mp_clear (&v);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* get the lower 32-bits of an mp_int */
@@ -3192,7 +3177,7 @@ unsigned long mp_get_int(mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* grow as required */
@@ -3249,7 +3234,7 @@ int mp_grow (mp_int * a, int size)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* init a new mp_int */
@@ -3295,7 +3280,7 @@ int mp_init (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* creates "a" then copies b into it */
@@ -3327,7 +3312,7 @@ int mp_init_copy (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
#include <stdarg.h>
@@ -3386,7 +3371,7 @@ int mp_init_multi(mp_int *mp, ...)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* initialize and set a digit */
@@ -3418,7 +3403,7 @@ int mp_init_set (mp_int * a, mp_digit b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* initialize and set a digit */
@@ -3449,7 +3434,7 @@ int mp_init_set_int (mp_int * a, unsigned long b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* init an mp_init for a given size */
@@ -3497,7 +3482,7 @@ int mp_init_size (mp_int * a, int size)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* hac 14.61, pp608 */
@@ -3540,7 +3525,7 @@ int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* hac 14.61, pp608 */
@@ -3561,8 +3546,8 @@ int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
}
/* x = a, y = b */
- if ((res = mp_copy (a, &x)) != MP_OKAY) {
- goto LBL_ERR;
+ if ((res = mp_mod(a, b, &x)) != MP_OKAY) {
+ goto LBL_ERR;
}
if ((res = mp_copy (b, &y)) != MP_OKAY) {
goto LBL_ERR;
@@ -3715,7 +3700,7 @@ LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &A, &B, &C, &D, NULL);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Check if remainders are possible squares - fast exclude non-squares */
@@ -3824,7 +3809,7 @@ ERR:mp_clear(&t);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes the jacobi c = (a | n) (or Legendre if n is prime)
@@ -3929,7 +3914,7 @@ LBL_A1:mp_clear (&a1);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* c = |a| * |b| using Karatsuba Multiplication using
@@ -3943,12 +3928,12 @@ LBL_A1:mp_clear (&a1);
* b = b1 * B**n + b0
*
* Then, a * b =>
- a1b1 * B**2n + ((a1 - a0)(b1 - b0) + a0b0 + a1b1) * B + a0b0
+ a1b1 * B**2n + ((a1 + a0)(b1 + b0) - (a0b0 + a1b1)) * B + a0b0
*
* Note that a1b1 and a0b0 are used twice and only need to be
* computed once. So in total three half size (half # of
* digit) multiplications are performed, a0b0, a1b1 and
- * (a1-b1)(a0-b0)
+ * (a1+b1)(a0+b0)
*
* Note that a multiplication of half the digits requires
* 1/4th the number of single precision multiplications so in
@@ -4039,19 +4024,19 @@ int mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c)
if (mp_mul (&x1, &y1, &x1y1) != MP_OKAY)
goto X1Y1; /* x1y1 = x1*y1 */
- /* now calc x1-x0 and y1-y0 */
- if (mp_sub (&x1, &x0, &t1) != MP_OKAY)
+ /* now calc x1+x0 and y1+y0 */
+ if (s_mp_add (&x1, &x0, &t1) != MP_OKAY)
goto X1Y1; /* t1 = x1 - x0 */
- if (mp_sub (&y1, &y0, &x0) != MP_OKAY)
+ if (s_mp_add (&y1, &y0, &x0) != MP_OKAY)
goto X1Y1; /* t2 = y1 - y0 */
if (mp_mul (&t1, &x0, &t1) != MP_OKAY)
- goto X1Y1; /* t1 = (x1 - x0) * (y1 - y0) */
+ goto X1Y1; /* t1 = (x1 + x0) * (y1 + y0) */
/* add x0y0 */
if (mp_add (&x0y0, &x1y1, &x0) != MP_OKAY)
goto X1Y1; /* t2 = x0y0 + x1y1 */
- if (mp_sub (&x0, &t1, &t1) != MP_OKAY)
- goto X1Y1; /* t1 = x0y0 + x1y1 - (x1-x0)*(y1-y0) */
+ if (s_mp_sub (&t1, &x0, &t1) != MP_OKAY)
+ goto X1Y1; /* t1 = (x1+x0)*(y1+y0) - (x1y1 + x0y0) */
/* shift by B */
if (mp_lshd (&t1, B) != MP_OKAY)
@@ -4096,7 +4081,7 @@ ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Karatsuba squaring, computes b = a*a using three
@@ -4164,8 +4149,8 @@ int mp_karatsuba_sqr (mp_int * a, mp_int * b)
if (mp_sqr (&x1, &x1x1) != MP_OKAY)
goto X1X1; /* x1x1 = x1*x1 */
- /* now calc (x1-x0)**2 */
- if (mp_sub (&x1, &x0, &t1) != MP_OKAY)
+ /* now calc (x1+x0)**2 */
+ if (s_mp_add (&x1, &x0, &t1) != MP_OKAY)
goto X1X1; /* t1 = x1 - x0 */
if (mp_sqr (&t1, &t1) != MP_OKAY)
goto X1X1; /* t1 = (x1 - x0) * (x1 - x0) */
@@ -4173,8 +4158,8 @@ int mp_karatsuba_sqr (mp_int * a, mp_int * b)
/* add x0y0 */
if (s_mp_add (&x0x0, &x1x1, &t2) != MP_OKAY)
goto X1X1; /* t2 = x0x0 + x1x1 */
- if (mp_sub (&t2, &t1, &t1) != MP_OKAY)
- goto X1X1; /* t1 = x0x0 + x1x1 - (x1-x0)*(x1-x0) */
+ if (s_mp_sub (&t1, &t2, &t1) != MP_OKAY)
+ goto X1X1; /* t1 = (x1+x0)**2 - (x0x0 + x1x1) */
/* shift by B */
if (mp_lshd (&t1, B) != MP_OKAY)
@@ -4217,7 +4202,7 @@ ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes least common multiple as |a*b|/(a, b) */
@@ -4277,7 +4262,7 @@ LBL_T:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* shift left a certain amount of digits */
@@ -4344,7 +4329,7 @@ int mp_lshd (mp_int * a, int b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* c = a mod b, 0 <= c < b */
@@ -4392,7 +4377,7 @@ mp_mod (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* calc a value mod 2**b */
@@ -4447,7 +4432,7 @@ mp_mod_2d (mp_int * a, int b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
int
@@ -4474,7 +4459,7 @@ mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/*
@@ -4490,7 +4475,6 @@ int mp_montgomery_calc_normalization (mp_int * a, mp_int * b)
/* how many bits of last digit does b use */
bits = mp_count_bits (b) % DIGIT_BIT;
-
if (b->used > 1) {
if ((res = mp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1)) != MP_OKAY) {
return res;
@@ -4534,7 +4518,7 @@ int mp_montgomery_calc_normalization (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes xR**-1 == x (mod N) via Montgomery Reduction */
@@ -4652,7 +4636,7 @@ mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* setups the montgomery reduction stuff */
@@ -4688,7 +4672,7 @@ mp_montgomery_setup (mp_int * n, mp_digit * rho)
#endif
/* rho = -1/m mod b */
- *rho = (((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
+ *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
return MP_OKAY;
}
@@ -4711,7 +4695,7 @@ mp_montgomery_setup (mp_int * n, mp_digit * rho)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* high level multiplication (handles sign) */
@@ -4777,7 +4761,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* b = a*2 */
@@ -4859,7 +4843,7 @@ int mp_mul_2(mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* shift left by a certain bit count */
@@ -4944,7 +4928,7 @@ int mp_mul_2d (mp_int * a, int b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* multiply by a digit */
@@ -4989,8 +4973,9 @@ mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
u = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
}
- /* store final carry [if any] */
+ /* store final carry [if any] and increment ix offset */
*tmpc++ = u;
+ ++ix;
/* now zero digits above the top */
while (ix++ < olduse) {
@@ -5022,12 +5007,11 @@ mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* d = a * b (mod c) */
-int
-mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
+int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
{
int res;
mp_int t;
@@ -5063,7 +5047,7 @@ mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* find the n'th root of an integer
@@ -5195,19 +5179,25 @@ LBL_T1:mp_clear (&t1);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* b = -a */
int mp_neg (mp_int * a, mp_int * b)
{
int res;
- if ((res = mp_copy (a, b)) != MP_OKAY) {
- return res;
+ if (a != b) {
+ if ((res = mp_copy (a, b)) != MP_OKAY) {
+ return res;
+ }
}
+
if (mp_iszero(b) != MP_YES) {
b->sign = (a->sign == MP_ZPOS) ? MP_NEG : MP_ZPOS;
+ } else {
+ b->sign = MP_ZPOS;
}
+
return MP_OKAY;
}
#endif
@@ -5229,7 +5219,7 @@ int mp_neg (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* OR two ints together */
@@ -5279,7 +5269,7 @@ int mp_or (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* performs one Fermat test.
@@ -5341,7 +5331,7 @@ LBL_T:mp_clear (&t);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* determines if an integers is divisible by one
@@ -5391,7 +5381,7 @@ int mp_prime_is_divisible (mp_int * a, int *result)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* performs a variable number of rounds of Miller-Rabin
@@ -5474,7 +5464,7 @@ LBL_B:mp_clear (&b);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Miller-Rabin test of "a" to the base of "b" as described in
@@ -5577,7 +5567,7 @@ LBL_N1:mp_clear (&n1);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* finds the next prime after the number "a" using "t" trials
@@ -5708,7 +5698,7 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style)
/* is this prime? */
for (x = 0; x < t; x++) {
- mp_set(&b, ltm_prime_tab[t]);
+ mp_set(&b, ltm_prime_tab[x]);
if ((err = mp_prime_miller_rabin(a, &b, &res)) != MP_OKAY) {
goto LBL_ERR;
}
@@ -5747,7 +5737,7 @@ LBL_ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
@@ -5799,7 +5789,7 @@ int mp_prime_rabin_miller_trials(int size)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* makes a truly random prime of a given size (bits),
@@ -5847,15 +5837,13 @@ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback
/* calc the maskOR_msb */
maskOR_msb = 0;
- maskOR_msb_offset = (size - 2) >> 3;
+ maskOR_msb_offset = ((size & 7) == 1) ? 1 : 0;
if (flags & LTM_PRIME_2MSB_ON) {
- maskOR_msb |= 1 << ((size - 2) & 7);
- } else if (flags & LTM_PRIME_2MSB_OFF) {
- maskAND &= ~(1 << ((size - 2) & 7));
- }
+ maskOR_msb |= 0x80 >> ((9 - size) & 7);
+ }
/* get the maskOR_lsb */
- maskOR_lsb = 0;
+ maskOR_lsb = 1;
if (flags & LTM_PRIME_BBS) {
maskOR_lsb |= 3;
}
@@ -5926,7 +5914,7 @@ error:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* returns size of ASCII reprensentation */
@@ -5949,22 +5937,29 @@ int mp_radix_size (mp_int * a, int radix, int *size)
return MP_VAL;
}
- /* init a copy of the input */
- if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
- return res;
+ if (mp_iszero(a) == MP_YES) {
+ *size = 2;
+ return MP_OKAY;
}
/* digs is the digit count */
digs = 0;
/* if it's negative add one for the sign */
- if (t.sign == MP_NEG) {
+ if (a->sign == MP_NEG) {
++digs;
- t.sign = MP_ZPOS;
}
+ /* init a copy of the input */
+ if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
+ return res;
+ }
+
+ /* force temp to positive */
+ t.sign = MP_ZPOS;
+
/* fetch out all of the digits */
- while (mp_iszero (&t) == 0) {
+ while (mp_iszero (&t) == MP_NO) {
if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
mp_clear (&t);
return res;
@@ -5997,7 +5992,7 @@ int mp_radix_size (mp_int * a, int radix, int *size)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* chars used in radix conversions */
@@ -6021,7 +6016,7 @@ const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrs
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* makes a pseudo-random int of a given size */
@@ -6038,14 +6033,14 @@ mp_rand (mp_int * a, int digits)
/* first place a random non-zero digit */
do {
- d = ((mp_digit) abs (rand ()));
+ d = ((mp_digit) abs (rand ())) & MP_MASK;
} while (d == 0);
if ((res = mp_add_d (a, d, a)) != MP_OKAY) {
return res;
}
- while (digits-- > 0) {
+ while (--digits > 0) {
if ((res = mp_lshd (a, 1)) != MP_OKAY) {
return res;
}
@@ -6076,15 +6071,18 @@ mp_rand (mp_int * a, int digits)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* read a string [ASCII] in a given radix */
-int mp_read_radix (mp_int * a, char *str, int radix)
+int mp_read_radix (mp_int * a, const char *str, int radix)
{
int y, res, neg;
char ch;
+ /* zero the digit bignum */
+ mp_zero(a);
+
/* make sure the radix is ok */
if (radix < 2 || radix > 64) {
return MP_VAL;
@@ -6158,12 +6156,11 @@ int mp_read_radix (mp_int * a, char *str, int radix)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* read signed bin, big endian, first byte is 0==positive or 1==negative */
-int
-mp_read_signed_bin (mp_int * a, unsigned char *b, int c)
+int mp_read_signed_bin (mp_int * a, const unsigned char *b, int c)
{
int res;
@@ -6200,12 +6197,11 @@ mp_read_signed_bin (mp_int * a, unsigned char *b, int c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* reads a unsigned char array, assumes the msb is stored first [big endian] */
-int
-mp_read_unsigned_bin (mp_int * a, unsigned char *b, int c)
+int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
{
int res;
@@ -6256,15 +6252,14 @@ mp_read_unsigned_bin (mp_int * a, unsigned char *b, int c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* reduces x mod m, assumes 0 < x < m**2, mu is
* precomputed via mp_reduce_setup.
* From HAC pp.604 Algorithm 14.42
*/
-int
-mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
+int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
{
mp_int q;
int res, um = m->used;
@@ -6284,11 +6279,11 @@ mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
}
} else {
#ifdef BN_S_MP_MUL_HIGH_DIGS_C
- if ((res = s_mp_mul_high_digs (&q, mu, &q, um - 1)) != MP_OKAY) {
+ if ((res = s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
goto CLEANUP;
}
#elif defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
- if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um - 1)) != MP_OKAY) {
+ if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
goto CLEANUP;
}
#else
@@ -6357,12 +6352,11 @@ CLEANUP:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* reduces a modulo n where n is of the form 2**p - d */
-int
-mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d)
+int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d)
{
mp_int q;
int p, res;
@@ -6404,6 +6398,68 @@ ERR:
/* End: bn_mp_reduce_2k.c */
+/* Start: bn_mp_reduce_2k_l.c */
+#include <tommath.h>
+#ifdef BN_MP_REDUCE_2K_L_C
+/* LibTomMath, multiple-precision integer library -- Tom St Denis
+ *
+ * LibTomMath is a library that provides multiple-precision
+ * integer arithmetic as well as number theoretic functionality.
+ *
+ * The library was designed directly after the MPI library by
+ * Michael Fromberger but has been written from scratch with
+ * additional optimizations in place.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
+ */
+
+/* reduces a modulo n where n is of the form 2**p - d
+ This differs from reduce_2k since "d" can be larger
+ than a single digit.
+*/
+int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d)
+{
+ mp_int q;
+ int p, res;
+
+ if ((res = mp_init(&q)) != MP_OKAY) {
+ return res;
+ }
+
+ p = mp_count_bits(n);
+top:
+ /* q = a/2**p, a = a mod 2**p */
+ if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
+ goto ERR;
+ }
+
+ /* q = q * d */
+ if ((res = mp_mul(&q, d, &q)) != MP_OKAY) {
+ goto ERR;
+ }
+
+ /* a = a + q */
+ if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
+ goto ERR;
+ }
+
+ if (mp_cmp_mag(a, n) != MP_LT) {
+ s_mp_sub(a, n, a);
+ goto top;
+ }
+
+ERR:
+ mp_clear(&q);
+ return res;
+}
+
+#endif
+
+/* End: bn_mp_reduce_2k_l.c */
+
/* Start: bn_mp_reduce_2k_setup.c */
#include <tommath.h>
#ifdef BN_MP_REDUCE_2K_SETUP_C
@@ -6419,12 +6475,11 @@ ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* determines the setup value */
-int
-mp_reduce_2k_setup(mp_int *a, mp_digit *d)
+int mp_reduce_2k_setup(mp_int *a, mp_digit *d)
{
int res, p;
mp_int tmp;
@@ -6452,6 +6507,50 @@ mp_reduce_2k_setup(mp_int *a, mp_digit *d)
/* End: bn_mp_reduce_2k_setup.c */
+/* Start: bn_mp_reduce_2k_setup_l.c */
+#include <tommath.h>
+#ifdef BN_MP_REDUCE_2K_SETUP_L_C
+/* LibTomMath, multiple-precision integer library -- Tom St Denis
+ *
+ * LibTomMath is a library that provides multiple-precision
+ * integer arithmetic as well as number theoretic functionality.
+ *
+ * The library was designed directly after the MPI library by
+ * Michael Fromberger but has been written from scratch with
+ * additional optimizations in place.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
+ */
+
+/* determines the setup value */
+int mp_reduce_2k_setup_l(mp_int *a, mp_int *d)
+{
+ int res;
+ mp_int tmp;
+
+ if ((res = mp_init(&tmp)) != MP_OKAY) {
+ return res;
+ }
+
+ if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) {
+ goto ERR;
+ }
+
+ if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) {
+ goto ERR;
+ }
+
+ERR:
+ mp_clear(&tmp);
+ return res;
+}
+#endif
+
+/* End: bn_mp_reduce_2k_setup_l.c */
+
/* Start: bn_mp_reduce_is_2k.c */
#include <tommath.h>
#ifdef BN_MP_REDUCE_IS_2K_C
@@ -6467,7 +6566,7 @@ mp_reduce_2k_setup(mp_int *a, mp_digit *d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* determines if mp_reduce_2k can be used */
@@ -6477,9 +6576,9 @@ int mp_reduce_is_2k(mp_int *a)
mp_digit iz;
if (a->used == 0) {
- return 0;
+ return MP_NO;
} else if (a->used == 1) {
- return 1;
+ return MP_YES;
} else if (a->used > 1) {
iy = mp_count_bits(a);
iz = 1;
@@ -6488,7 +6587,7 @@ int mp_reduce_is_2k(mp_int *a)
/* Test every bit from the second digit up, must be 1 */
for (ix = DIGIT_BIT; ix < iy; ix++) {
if ((a->dp[iw] & iz) == 0) {
- return 0;
+ return MP_NO;
}
iz <<= 1;
if (iz > (mp_digit)MP_MASK) {
@@ -6497,13 +6596,57 @@ int mp_reduce_is_2k(mp_int *a)
}
}
}
- return 1;
+ return MP_YES;
}
#endif
/* End: bn_mp_reduce_is_2k.c */
+/* Start: bn_mp_reduce_is_2k_l.c */
+#include <tommath.h>
+#ifdef BN_MP_REDUCE_IS_2K_L_C
+/* LibTomMath, multiple-precision integer library -- Tom St Denis
+ *
+ * LibTomMath is a library that provides multiple-precision
+ * integer arithmetic as well as number theoretic functionality.
+ *
+ * The library was designed directly after the MPI library by
+ * Michael Fromberger but has been written from scratch with
+ * additional optimizations in place.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
+ */
+
+/* determines if reduce_2k_l can be used */
+int mp_reduce_is_2k_l(mp_int *a)
+{
+ int ix, iy;
+
+ if (a->used == 0) {
+ return MP_NO;
+ } else if (a->used == 1) {
+ return MP_YES;
+ } else if (a->used > 1) {
+ /* if more than half of the digits are -1 we're sold */
+ for (iy = ix = 0; ix < a->used; ix++) {
+ if (a->dp[ix] == MP_MASK) {
+ ++iy;
+ }
+ }
+ return (iy >= (a->used/2)) ? MP_YES : MP_NO;
+
+ }
+ return MP_NO;
+}
+
+#endif
+
+/* End: bn_mp_reduce_is_2k_l.c */
+
/* Start: bn_mp_reduce_setup.c */
#include <tommath.h>
#ifdef BN_MP_REDUCE_SETUP_C
@@ -6519,7 +6662,7 @@ int mp_reduce_is_2k(mp_int *a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* pre-calculate the value required for Barrett reduction
@@ -6553,7 +6696,7 @@ int mp_reduce_setup (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* shift right a certain amount of digits */
@@ -6625,7 +6768,7 @@ void mp_rshd (mp_int * a, int b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* set to a digit */
@@ -6654,7 +6797,7 @@ void mp_set (mp_int * a, mp_digit b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* set a 32-bit const */
@@ -6702,19 +6845,24 @@ int mp_set_int (mp_int * a, unsigned long b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* shrink a bignum */
int mp_shrink (mp_int * a)
{
mp_digit *tmp;
- if (a->alloc != a->used && a->used > 0) {
- if ((tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * a->used)) == NULL) {
+ int used = 1;
+
+ if(a->used > 0)
+ used = a->used;
+
+ if (a->alloc != used) {
+ if ((tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * used)) == NULL) {
return MP_MEM;
}
a->dp = tmp;
- a->alloc = a->used;
+ a->alloc = used;
}
return MP_OKAY;
}
@@ -6737,7 +6885,7 @@ int mp_shrink (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* get the size for an signed equivalent */
@@ -6764,7 +6912,7 @@ int mp_signed_bin_size (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* computes b = a*a */
@@ -6822,7 +6970,7 @@ if (a->used >= KARATSUBA_SQR_CUTOFF) {
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* c = a * a (mod b) */
@@ -6850,6 +6998,7 @@ mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
/* Start: bn_mp_sqrt.c */
#include <tommath.h>
+
#ifdef BN_MP_SQRT_C
/* LibTomMath, multiple-precision integer library -- Tom St Denis
*
@@ -6863,7 +7012,7 @@ mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* this function is less generic than mp_n_root, simpler and faster */
@@ -6944,7 +7093,7 @@ E2: mp_clear(&t1);
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* high level subtraction (handles signs) */
@@ -7003,7 +7152,7 @@ mp_sub (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* single digit subtraction */
@@ -7027,6 +7176,10 @@ mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
a->sign = MP_ZPOS;
res = mp_add_d(a, b, c);
a->sign = c->sign = MP_NEG;
+
+ /* clamp */
+ mp_clamp(c);
+
return res;
}
@@ -7092,7 +7245,7 @@ mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* d = a - b (mod c) */
@@ -7134,12 +7287,11 @@ mp_submod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* store in signed [big endian] format */
-int
-mp_to_signed_bin (mp_int * a, unsigned char *b)
+int mp_to_signed_bin (mp_int * a, unsigned char *b)
{
int res;
@@ -7153,6 +7305,37 @@ mp_to_signed_bin (mp_int * a, unsigned char *b)
/* End: bn_mp_to_signed_bin.c */
+/* Start: bn_mp_to_signed_bin_n.c */
+#include <tommath.h>
+#ifdef BN_MP_TO_SIGNED_BIN_N_C
+/* LibTomMath, multiple-precision integer library -- Tom St Denis
+ *
+ * LibTomMath is a library that provides multiple-precision
+ * integer arithmetic as well as number theoretic functionality.
+ *
+ * The library was designed directly after the MPI library by
+ * Michael Fromberger but has been written from scratch with
+ * additional optimizations in place.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
+ */
+
+/* store in signed [big endian] format */
+int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen)
+{
+ if (*outlen < (unsigned long)mp_signed_bin_size(a)) {
+ return MP_VAL;
+ }
+ *outlen = mp_signed_bin_size(a);
+ return mp_to_signed_bin(a, b);
+}
+#endif
+
+/* End: bn_mp_to_signed_bin_n.c */
+
/* Start: bn_mp_to_unsigned_bin.c */
#include <tommath.h>
#ifdef BN_MP_TO_UNSIGNED_BIN_C
@@ -7168,12 +7351,11 @@ mp_to_signed_bin (mp_int * a, unsigned char *b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* store in unsigned [big endian] format */
-int
-mp_to_unsigned_bin (mp_int * a, unsigned char *b)
+int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
{
int x, res;
mp_int t;
@@ -7202,6 +7384,37 @@ mp_to_unsigned_bin (mp_int * a, unsigned char *b)
/* End: bn_mp_to_unsigned_bin.c */
+/* Start: bn_mp_to_unsigned_bin_n.c */
+#include <tommath.h>
+#ifdef BN_MP_TO_UNSIGNED_BIN_N_C
+/* LibTomMath, multiple-precision integer library -- Tom St Denis
+ *
+ * LibTomMath is a library that provides multiple-precision
+ * integer arithmetic as well as number theoretic functionality.
+ *
+ * The library was designed directly after the MPI library by
+ * Michael Fromberger but has been written from scratch with
+ * additional optimizations in place.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
+ */
+
+/* store in unsigned [big endian] format */
+int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen)
+{
+ if (*outlen < (unsigned long)mp_unsigned_bin_size(a)) {
+ return MP_VAL;
+ }
+ *outlen = mp_unsigned_bin_size(a);
+ return mp_to_unsigned_bin(a, b);
+}
+#endif
+
+/* End: bn_mp_to_unsigned_bin_n.c */
+
/* Start: bn_mp_toom_mul.c */
#include <tommath.h>
#ifdef BN_MP_TOOM_MUL_C
@@ -7217,14 +7430,15 @@ mp_to_unsigned_bin (mp_int * a, unsigned char *b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* multiplication using the Toom-Cook 3-way algorithm
*
- * Much more complicated than Karatsuba but has a lower asymptotic running time of
- * O(N**1.464). This algorithm is only particularly useful on VERY large
- * inputs (we're talking 1000s of digits here...).
+ * Much more complicated than Karatsuba but has a lower
+ * asymptotic running time of O(N**1.464). This algorithm is
+ * only particularly useful on VERY large inputs
+ * (we're talking 1000s of digits here...).
*/
int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c)
{
@@ -7500,7 +7714,7 @@ ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* squaring using Toom-Cook 3-way algorithm */
@@ -7726,7 +7940,7 @@ ERR:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* stores a bignum as a ASCII string in a given radix (2..64) */
@@ -7801,7 +8015,7 @@ int mp_toradix (mp_int * a, char *str, int radix)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* stores a bignum as a ASCII string in a given radix (2..64)
@@ -7816,12 +8030,12 @@ int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen)
char *_s = str;
/* check range of the maxlen, radix */
- if (maxlen < 3 || radix < 2 || radix > 64) {
+ if (maxlen < 2 || radix < 2 || radix > 64) {
return MP_VAL;
}
/* quick out if its zero */
- if (mp_iszero(a) == 1) {
+ if (mp_iszero(a) == MP_YES) {
*str++ = '0';
*str = '\0';
return MP_OKAY;
@@ -7846,21 +8060,20 @@ int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen)
digs = 0;
while (mp_iszero (&t) == 0) {
+ if (--maxlen < 1) {
+ /* no more room */
+ break;
+ }
if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
mp_clear (&t);
return res;
}
*str++ = mp_s_rmap[d];
++digs;
-
- if (--maxlen == 1) {
- /* no more room */
- break;
- }
}
/* reverse the digits of the string. In this case _s points
- * to the first digit [exluding the sign] of the number]
+ * to the first digit [exluding the sign] of the number
*/
bn_reverse ((unsigned char *)_s, digs);
@@ -7890,12 +8103,11 @@ int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* get the size for an unsigned equivalent */
-int
-mp_unsigned_bin_size (mp_int * a)
+int mp_unsigned_bin_size (mp_int * a)
{
int size = mp_count_bits (a);
return (size / 8 + ((size & 7) != 0 ? 1 : 0));
@@ -7919,7 +8131,7 @@ mp_unsigned_bin_size (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* XOR two ints together */
@@ -7944,7 +8156,7 @@ mp_xor (mp_int * a, mp_int * b, mp_int * c)
}
for (ix = 0; ix < px; ix++) {
-
+ t.dp[ix] ^= x->dp[ix];
}
mp_clamp (&t);
mp_exch (c, &t);
@@ -7970,16 +8182,22 @@ mp_xor (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* set to zero */
-void
-mp_zero (mp_int * a)
+void mp_zero (mp_int * a)
{
+ int n;
+ mp_digit *tmp;
+
a->sign = MP_ZPOS;
a->used = 0;
- memset (a->dp, 0, sizeof (mp_digit) * a->alloc);
+
+ tmp = a->dp;
+ for (n = 0; n < a->alloc; n++) {
+ *tmp++ = 0;
+ }
}
#endif
@@ -8000,7 +8218,7 @@ mp_zero (mp_int * a)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
const mp_digit ltm_prime_tab[] = {
0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
@@ -8061,7 +8279,7 @@ const mp_digit ltm_prime_tab[] = {
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* reverse an array, used for radix code */
@@ -8100,7 +8318,7 @@ bn_reverse (unsigned char *s, int len)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* low level addition, based on HAC pp.594, Algorithm 14.7 */
@@ -8209,20 +8427,20 @@ s_mp_add (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
-
#ifdef MP_LOW_MEM
#define TAB_SIZE 32
#else
#define TAB_SIZE 256
#endif
-int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
+int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
{
mp_int M[TAB_SIZE], res, mu;
mp_digit buf;
int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
+ int (*redux)(mp_int*,mp_int*,mp_int*);
/* find window size */
x = mp_count_bits (X);
@@ -8269,9 +8487,18 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_init (&mu)) != MP_OKAY) {
goto LBL_M;
}
- if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
- goto LBL_MU;
- }
+
+ if (redmode == 0) {
+ if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
+ goto LBL_MU;
+ }
+ redux = mp_reduce;
+ } else {
+ if ((err = mp_reduce_2k_setup_l (P, &mu)) != MP_OKAY) {
+ goto LBL_MU;
+ }
+ redux = mp_reduce_2k_l;
+ }
/* create M table
*
@@ -8293,11 +8520,14 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
}
for (x = 0; x < (winsize - 1); x++) {
+ /* square it */
if ((err = mp_sqr (&M[1 << (winsize - 1)],
&M[1 << (winsize - 1)])) != MP_OKAY) {
goto LBL_MU;
}
- if ((err = mp_reduce (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) {
+
+ /* reduce modulo P */
+ if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) {
goto LBL_MU;
}
}
@@ -8309,7 +8539,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) {
goto LBL_MU;
}
- if ((err = mp_reduce (&M[x], P, &mu)) != MP_OKAY) {
+ if ((err = redux (&M[x], P, &mu)) != MP_OKAY) {
goto LBL_MU;
}
}
@@ -8358,7 +8588,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
goto LBL_RES;
}
- if ((err = mp_reduce (&res, P, &mu)) != MP_OKAY) {
+ if ((err = redux (&res, P, &mu)) != MP_OKAY) {
goto LBL_RES;
}
continue;
@@ -8375,7 +8605,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
goto LBL_RES;
}
- if ((err = mp_reduce (&res, P, &mu)) != MP_OKAY) {
+ if ((err = redux (&res, P, &mu)) != MP_OKAY) {
goto LBL_RES;
}
}
@@ -8384,7 +8614,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) {
goto LBL_RES;
}
- if ((err = mp_reduce (&res, P, &mu)) != MP_OKAY) {
+ if ((err = redux (&res, P, &mu)) != MP_OKAY) {
goto LBL_RES;
}
@@ -8402,7 +8632,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
goto LBL_RES;
}
- if ((err = mp_reduce (&res, P, &mu)) != MP_OKAY) {
+ if ((err = redux (&res, P, &mu)) != MP_OKAY) {
goto LBL_RES;
}
@@ -8412,7 +8642,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) {
goto LBL_RES;
}
- if ((err = mp_reduce (&res, P, &mu)) != MP_OKAY) {
+ if ((err = redux (&res, P, &mu)) != MP_OKAY) {
goto LBL_RES;
}
}
@@ -8449,15 +8679,14 @@ LBL_M:
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* multiplies |a| * |b| and only computes upto digs digits of result
* HAC pp. 595, Algorithm 14.12 Modified so you can control how
* many digits of output are created.
*/
-int
-s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
{
mp_int t;
int res, pa, pb, ix, iy;
@@ -8540,7 +8769,7 @@ s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* multiplies |a| * |b| and does not compute the lower digs digits
@@ -8621,12 +8850,11 @@ s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* low level squaring, b = a*a, HAC pp.596-597, Algorithm 14.16 */
-int
-s_mp_sqr (mp_int * a, mp_int * b)
+int s_mp_sqr (mp_int * a, mp_int * b)
{
mp_int t;
int res, ix, iy, pa;
@@ -8706,7 +8934,7 @@ s_mp_sqr (mp_int * a, mp_int * b)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* low level subtraction (assumes |a| > |b|), HAC pp.595 Algorithm 14.9 */
@@ -8795,7 +9023,7 @@ s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com
*/
/* Known optimal configurations
@@ -8803,11 +9031,12 @@ s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
CPU /Compiler /MUL CUTOFF/SQR CUTOFF
-------------------------------------------------------------
Intel P4 Northwood /GCC v3.4.1 / 88/ 128/LTM 0.32 ;-)
+ AMD Athlon64 /GCC v3.4.4 / 80/ 120/LTM 0.35
*/
-int KARATSUBA_MUL_CUTOFF = 88, /* Min. number of digits before Karatsuba multiplication is used. */
- KARATSUBA_SQR_CUTOFF = 128, /* Min. number of digits before Karatsuba squaring is used. */
+int KARATSUBA_MUL_CUTOFF = 80, /* Min. number of digits before Karatsuba multiplication is used. */
+ KARATSUBA_SQR_CUTOFF = 120, /* Min. number of digits before Karatsuba squaring is used. */
TOOM_MUL_CUTOFF = 350, /* no optimal values of these are known yet so set em high */
TOOM_SQR_CUTOFF = 400;
generated by cgit v0.12 at 2025-11-15 23:18:28 (GMT)