1 /* crypto/bn/bn.h */ 2 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #ifndef HEADER_BN_H 60 #define HEADER_BN_H 61 62 #include <openssl/e_os2.h> 63 #ifndef OPENSSL_NO_FP_API 64 #include <stdio.h> /* FILE */ 65 #endif 66 67 #ifdef __cplusplus 68 extern "C" { 69 #endif 70 71 #ifdef OPENSSL_SYS_VMS 72 #undef BN_LLONG /* experimental, so far... */ 73 #endif 74 75 #define BN_MUL_COMBA 76 #define BN_SQR_COMBA 77 #define BN_RECURSION 78 79 /* This next option uses the C libraries (2 word)/(1 word) function. 80 * If it is not defined, I use my C version (which is slower). 81 * The reason for this flag is that when the particular C compiler 82 * library routine is used, and the library is linked with a different 83 * compiler, the library is missing. This mostly happens when the 84 * library is built with gcc and then linked using normal cc. This would 85 * be a common occurrence because gcc normally produces code that is 86 * 2 times faster than system compilers for the big number stuff. 87 * For machines with only one compiler (or shared libraries), this should 88 * be on. Again this in only really a problem on machines 89 * using "long long's", are 32bit, and are not using my assembler code. */ 90 #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \ 91 defined(OPENSSL_SYS_WIN32) || defined(linux) 92 # ifndef BN_DIV2W 93 # define BN_DIV2W 94 # endif 95 #endif 96 97 /* assuming long is 64bit - this is the DEC Alpha 98 * unsigned long long is only 64 bits :-(, don't define 99 * BN_LLONG for the DEC Alpha */ 100 #ifdef SIXTY_FOUR_BIT_LONG 101 #define BN_ULLONG unsigned long long 102 #define BN_ULONG unsigned long 103 #define BN_LONG long 104 #define BN_BITS 128 105 #define BN_BYTES 8 106 #define BN_BITS2 64 107 #define BN_BITS4 32 108 #define BN_MASK (0xffffffffffffffffffffffffffffffffLL) 109 #define BN_MASK2 (0xffffffffffffffffL) 110 #define BN_MASK2l (0xffffffffL) 111 #define BN_MASK2h (0xffffffff00000000L) 112 #define BN_MASK2h1 (0xffffffff80000000L) 113 #define BN_TBIT (0x8000000000000000L) 114 #define BN_DEC_CONV (10000000000000000000UL) 115 #define BN_DEC_FMT1 "%lu" 116 #define BN_DEC_FMT2 "%019lu" 117 #define BN_DEC_NUM 19 118 #endif 119 120 /* This is where the long long data type is 64 bits, but long is 32. 121 * For machines where there are 64bit registers, this is the mode to use. 122 * IRIX, on R4000 and above should use this mode, along with the relevant 123 * assembler code :-). Do NOT define BN_LLONG. 124 */ 125 #ifdef SIXTY_FOUR_BIT 126 #undef BN_LLONG 127 #undef BN_ULLONG 128 #define BN_ULONG unsigned long long 129 #define BN_LONG long long 130 #define BN_BITS 128 131 #define BN_BYTES 8 132 #define BN_BITS2 64 133 #define BN_BITS4 32 134 #define BN_MASK2 (0xffffffffffffffffLL) 135 #define BN_MASK2l (0xffffffffL) 136 #define BN_MASK2h (0xffffffff00000000LL) 137 #define BN_MASK2h1 (0xffffffff80000000LL) 138 #define BN_TBIT (0x8000000000000000LL) 139 #define BN_DEC_CONV (10000000000000000000ULL) 140 #define BN_DEC_FMT1 "%llu" 141 #define BN_DEC_FMT2 "%019llu" 142 #define BN_DEC_NUM 19 143 #endif 144 145 #ifdef THIRTY_TWO_BIT 146 #if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) 147 #define BN_ULLONG unsigned _int64 148 #else 149 #define BN_ULLONG unsigned long long 150 #endif 151 #define BN_ULONG unsigned long 152 #define BN_LONG long 153 #define BN_BITS 64 154 #define BN_BYTES 4 155 #define BN_BITS2 32 156 #define BN_BITS4 16 157 #ifdef OPENSSL_SYS_WIN32 158 /* VC++ doesn't like the LL suffix */ 159 #define BN_MASK (0xffffffffffffffffL) 160 #else 161 #define BN_MASK (0xffffffffffffffffLL) 162 #endif 163 #define BN_MASK2 (0xffffffffL) 164 #define BN_MASK2l (0xffff) 165 #define BN_MASK2h1 (0xffff8000L) 166 #define BN_MASK2h (0xffff0000L) 167 #define BN_TBIT (0x80000000L) 168 #define BN_DEC_CONV (1000000000L) 169 #define BN_DEC_FMT1 "%lu" 170 #define BN_DEC_FMT2 "%09lu" 171 #define BN_DEC_NUM 9 172 #endif 173 174 #ifdef SIXTEEN_BIT 175 #ifndef BN_DIV2W 176 #define BN_DIV2W 177 #endif 178 #define BN_ULLONG unsigned long 179 #define BN_ULONG unsigned short 180 #define BN_LONG short 181 #define BN_BITS 32 182 #define BN_BYTES 2 183 #define BN_BITS2 16 184 #define BN_BITS4 8 185 #define BN_MASK (0xffffffff) 186 #define BN_MASK2 (0xffff) 187 #define BN_MASK2l (0xff) 188 #define BN_MASK2h1 (0xff80) 189 #define BN_MASK2h (0xff00) 190 #define BN_TBIT (0x8000) 191 #define BN_DEC_CONV (100000) 192 #define BN_DEC_FMT1 "%u" 193 #define BN_DEC_FMT2 "%05u" 194 #define BN_DEC_NUM 5 195 #endif 196 197 #ifdef EIGHT_BIT 198 #ifndef BN_DIV2W 199 #define BN_DIV2W 200 #endif 201 #define BN_ULLONG unsigned short 202 #define BN_ULONG unsigned char 203 #define BN_LONG char 204 #define BN_BITS 16 205 #define BN_BYTES 1 206 #define BN_BITS2 8 207 #define BN_BITS4 4 208 #define BN_MASK (0xffff) 209 #define BN_MASK2 (0xff) 210 #define BN_MASK2l (0xf) 211 #define BN_MASK2h1 (0xf8) 212 #define BN_MASK2h (0xf0) 213 #define BN_TBIT (0x80) 214 #define BN_DEC_CONV (100) 215 #define BN_DEC_FMT1 "%u" 216 #define BN_DEC_FMT2 "%02u" 217 #define BN_DEC_NUM 2 218 #endif 219 220 #define BN_DEFAULT_BITS 1280 221 222 #ifdef BIGNUM 223 #undef BIGNUM 224 #endif 225 226 #define BN_FLG_MALLOCED 0x01 227 #define BN_FLG_STATIC_DATA 0x02 228 #define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings 229 * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ 230 #define BN_FLG_FREE 0x8000 /* used for debuging */ 231 #define BN_set_flags(b,n) ((b)->flags|=(n)) 232 #define BN_get_flags(b,n) ((b)->flags&(n)) 233 234 /* get a clone of a BIGNUM with changed flags, for *temporary* use only 235 * (the two BIGNUMs cannot not be used in parallel!) */ 236 #define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \ 237 (dest)->top=(b)->top, \ 238 (dest)->dmax=(b)->dmax, \ 239 (dest)->neg=(b)->neg, \ 240 (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \ 241 | ((b)->flags & ~BN_FLG_MALLOCED) \ 242 | BN_FLG_STATIC_DATA \ 243 | (n))) 244 245 typedef struct bignum_st 246 { 247 BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ 248 int top; /* Index of last used d +1. */ 249 /* The next are internal book keeping for bn_expand. */ 250 int dmax; /* Size of the d array. */ 251 int neg; /* one if the number is negative */ 252 int flags; 253 } BIGNUM; 254 255 /* Used for temp variables (declaration hidden in bn_lcl.h) */ 256 typedef struct bignum_ctx BN_CTX; 257 258 typedef struct bn_blinding_st 259 { 260 int init; 261 BIGNUM *A; 262 BIGNUM *Ai; 263 BIGNUM *mod; /* just a reference */ 264 unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; 265 * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ 266 } BN_BLINDING; 267 268 /* Used for montgomery multiplication */ 269 typedef struct bn_mont_ctx_st 270 { 271 int ri; /* number of bits in R */ 272 BIGNUM RR; /* used to convert to montgomery form */ 273 BIGNUM N; /* The modulus */ 274 BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 275 * (Ni is only stored for bignum algorithm) */ 276 BN_ULONG n0; /* least significant word of Ni */ 277 int flags; 278 } BN_MONT_CTX; 279 280 /* Used for reciprocal division/mod functions 281 * It cannot be shared between threads 282 */ 283 typedef struct bn_recp_ctx_st 284 { 285 BIGNUM N; /* the divisor */ 286 BIGNUM Nr; /* the reciprocal */ 287 int num_bits; 288 int shift; 289 int flags; 290 } BN_RECP_CTX; 291 292 #define BN_prime_checks 0 /* default: select number of iterations 293 based on the size of the number */ 294 295 /* number of Miller-Rabin iterations for an error rate of less than 2^-80 296 * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook 297 * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996]; 298 * original paper: Damgaard, Landrock, Pomerance: Average case error estimates 299 * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */ 300 #define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \ 301 (b) >= 850 ? 3 : \ 302 (b) >= 650 ? 4 : \ 303 (b) >= 550 ? 5 : \ 304 (b) >= 450 ? 6 : \ 305 (b) >= 400 ? 7 : \ 306 (b) >= 350 ? 8 : \ 307 (b) >= 300 ? 9 : \ 308 (b) >= 250 ? 12 : \ 309 (b) >= 200 ? 15 : \ 310 (b) >= 150 ? 18 : \ 311 /* b >= 100 */ 27) 312 313 #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) 314 315 /* Note that BN_abs_is_word does not work reliably for w == 0 */ 316 #define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) 317 #define BN_is_zero(a) (((a)->top == 0) || BN_abs_is_word(a,0)) 318 #define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) 319 #define BN_is_word(a,w) ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \ 320 BN_is_zero((a))) 321 #define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) 322 323 #define BN_one(a) (BN_set_word((a),1)) 324 #define BN_zero(a) (BN_set_word((a),0)) 325 326 /*#define BN_ascii2bn(a) BN_hex2bn(a) */ 327 /*#define BN_bn2ascii(a) BN_bn2hex(a) */ 328 329 const BIGNUM *BN_value_one(void); 330 char * BN_options(void); 331 BN_CTX *BN_CTX_new(void); 332 void BN_CTX_init(BN_CTX *c); 333 void BN_CTX_free(BN_CTX *c); 334 void BN_CTX_start(BN_CTX *ctx); 335 BIGNUM *BN_CTX_get(BN_CTX *ctx); 336 void BN_CTX_end(BN_CTX *ctx); 337 int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); 338 int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom); 339 int BN_rand_range(BIGNUM *rnd, BIGNUM *range); 340 int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); 341 int BN_num_bits(const BIGNUM *a); 342 int BN_num_bits_word(BN_ULONG); 343 BIGNUM *BN_new(void); 344 void BN_init(BIGNUM *); 345 void BN_clear_free(BIGNUM *a); 346 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); 347 void BN_swap(BIGNUM *a, BIGNUM *b); 348 BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); 349 int BN_bn2bin(const BIGNUM *a, unsigned char *to); 350 BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret); 351 int BN_bn2mpi(const BIGNUM *a, unsigned char *to); 352 int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); 353 int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); 354 int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); 355 int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); 356 int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); 357 int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); 358 359 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, 360 BN_CTX *ctx); 361 #define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) 362 int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); 363 int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); 364 int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); 365 int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); 366 int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); 367 int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, 368 const BIGNUM *m, BN_CTX *ctx); 369 int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); 370 int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); 371 int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m); 372 int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx); 373 int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m); 374 375 BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); 376 BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); 377 int BN_mul_word(BIGNUM *a, BN_ULONG w); 378 int BN_add_word(BIGNUM *a, BN_ULONG w); 379 int BN_sub_word(BIGNUM *a, BN_ULONG w); 380 int BN_set_word(BIGNUM *a, BN_ULONG w); 381 BN_ULONG BN_get_word(const BIGNUM *a); 382 383 int BN_cmp(const BIGNUM *a, const BIGNUM *b); 384 void BN_free(BIGNUM *a); 385 int BN_is_bit_set(const BIGNUM *a, int n); 386 int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); 387 int BN_lshift1(BIGNUM *r, const BIGNUM *a); 388 int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx); 389 390 int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 391 const BIGNUM *m,BN_CTX *ctx); 392 int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 393 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 394 int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, 395 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); 396 int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, 397 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 398 int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, 399 const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m, 400 BN_CTX *ctx,BN_MONT_CTX *m_ctx); 401 int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 402 const BIGNUM *m,BN_CTX *ctx); 403 404 int BN_mask_bits(BIGNUM *a,int n); 405 #ifndef OPENSSL_NO_FP_API 406 int BN_print_fp(FILE *fp, const BIGNUM *a); 407 #endif 408 #ifdef HEADER_BIO_H 409 int BN_print(BIO *fp, const BIGNUM *a); 410 #else 411 int BN_print(void *fp, const BIGNUM *a); 412 #endif 413 int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx); 414 int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); 415 int BN_rshift1(BIGNUM *r, const BIGNUM *a); 416 void BN_clear(BIGNUM *a); 417 BIGNUM *BN_dup(const BIGNUM *a); 418 int BN_ucmp(const BIGNUM *a, const BIGNUM *b); 419 int BN_set_bit(BIGNUM *a, int n); 420 int BN_clear_bit(BIGNUM *a, int n); 421 char * BN_bn2hex(const BIGNUM *a); 422 char * BN_bn2dec(const BIGNUM *a); 423 int BN_hex2bn(BIGNUM **a, const char *str); 424 int BN_dec2bn(BIGNUM **a, const char *str); 425 int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); 426 int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ 427 BIGNUM *BN_mod_inverse(BIGNUM *ret, 428 const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); 429 BIGNUM *BN_mod_sqrt(BIGNUM *ret, 430 const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); 431 BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, 432 const BIGNUM *add, const BIGNUM *rem, 433 void (*callback)(int,int,void *),void *cb_arg); 434 int BN_is_prime(const BIGNUM *p,int nchecks, 435 void (*callback)(int,int,void *), 436 BN_CTX *ctx,void *cb_arg); 437 int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, 438 void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, 439 int do_trial_division); 440 441 #ifdef OPENSSL_FIPS 442 int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, 443 void (*cb)(int, int, void *), void *cb_arg, 444 const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, 445 const BIGNUM *e, BN_CTX *ctx); 446 int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); 447 int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, 448 BIGNUM *Xp1, BIGNUM *Xp2, 449 const BIGNUM *Xp, 450 const BIGNUM *e, BN_CTX *ctx, 451 void (*cb)(int, int, void *), void *cb_arg); 452 #endif 453 454 BN_MONT_CTX *BN_MONT_CTX_new(void ); 455 void BN_MONT_CTX_init(BN_MONT_CTX *ctx); 456 int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, 457 BN_MONT_CTX *mont, BN_CTX *ctx); 458 #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ 459 (r),(a),&((mont)->RR),(mont),(ctx)) 460 int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, 461 BN_MONT_CTX *mont, BN_CTX *ctx); 462 void BN_MONT_CTX_free(BN_MONT_CTX *mont); 463 int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx); 464 BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); 465 BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, 466 const BIGNUM *mod, BN_CTX *ctx); 467 468 BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); 469 void BN_BLINDING_free(BN_BLINDING *b); 470 int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); 471 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); 472 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); 473 474 void BN_set_params(int mul,int high,int low,int mont); 475 int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ 476 477 void BN_RECP_CTX_init(BN_RECP_CTX *recp); 478 BN_RECP_CTX *BN_RECP_CTX_new(void); 479 void BN_RECP_CTX_free(BN_RECP_CTX *recp); 480 int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx); 481 int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, 482 BN_RECP_CTX *recp,BN_CTX *ctx); 483 int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 484 const BIGNUM *m, BN_CTX *ctx); 485 int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, 486 BN_RECP_CTX *recp, BN_CTX *ctx); 487 488 /* library internal functions */ 489 490 #define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ 491 (a):bn_expand2((a),(bits)/BN_BITS2+1)) 492 #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) 493 BIGNUM *bn_expand2(BIGNUM *a, int words); 494 BIGNUM *bn_dup_expand(const BIGNUM *a, int words); 495 496 #define bn_fix_top(a) \ 497 { \ 498 BN_ULONG *ftl; \ 499 if ((a)->top > 0) \ 500 { \ 501 for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ 502 if (*(ftl--)) break; \ 503 } \ 504 } 505 506 BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); 507 BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); 508 void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num); 509 BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); 510 BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); 511 BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); 512 513 #ifdef BN_DEBUG 514 void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); 515 # define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ 516 fprintf(stderr,"\n");} 517 # define bn_dump(a,n) bn_dump1(stderr,#a,a,n); 518 #else 519 # define bn_print(a) 520 # define bn_dump(a,b) 521 #endif 522 523 int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); 524 525 /* BEGIN ERROR CODES */ 526 /* The following lines are auto generated by the script mkerr.pl. Any changes 527 * made after this point may be overwritten when the script is next run. 528 */ 529 void ERR_load_BN_strings(void); 530 531 /* Error codes for the BN functions. */ 532 533 /* Function codes. */ 534 #define BN_F_BN_BLINDING_CONVERT 100 535 #define BN_F_BN_BLINDING_INVERT 101 536 #define BN_F_BN_BLINDING_NEW 102 537 #define BN_F_BN_BLINDING_UPDATE 103 538 #define BN_F_BN_BN2DEC 104 539 #define BN_F_BN_BN2HEX 105 540 #define BN_F_BN_CTX_GET 116 541 #define BN_F_BN_CTX_NEW 106 542 #define BN_F_BN_DIV 107 543 #define BN_F_BN_EXP 123 544 #define BN_F_BN_EXPAND2 108 545 #define BN_F_BN_EXPAND_INTERNAL 120 546 #define BN_F_BN_MOD_EXP2_MONT 118 547 #define BN_F_BN_MOD_EXP_MONT 109 548 #define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 549 #define BN_F_BN_MOD_EXP_MONT_WORD 117 550 #define BN_F_BN_MOD_EXP_RECP 125 551 #define BN_F_BN_MOD_EXP_SIMPLE 126 552 #define BN_F_BN_MOD_INVERSE 110 553 #define BN_F_BN_MOD_LSHIFT_QUICK 119 554 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 555 #define BN_F_BN_MOD_SQRT 121 556 #define BN_F_BN_MPI2BN 112 557 #define BN_F_BN_NEW 113 558 #define BN_F_BN_RAND 114 559 #define BN_F_BN_RAND_RANGE 122 560 #define BN_F_BN_USUB 115 561 562 /* Reason codes. */ 563 #define BN_R_ARG2_LT_ARG3 100 564 #define BN_R_BAD_RECIPROCAL 101 565 #define BN_R_BIGNUM_TOO_LONG 114 566 #define BN_R_CALLED_WITH_EVEN_MODULUS 102 567 #define BN_R_DIV_BY_ZERO 103 568 #define BN_R_ENCODING_ERROR 104 569 #define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 570 #define BN_R_INPUT_NOT_REDUCED 110 571 #define BN_R_INVALID_LENGTH 106 572 #define BN_R_INVALID_RANGE 115 573 #define BN_R_NOT_A_SQUARE 111 574 #define BN_R_NOT_INITIALIZED 107 575 #define BN_R_NO_INVERSE 108 576 #define BN_R_P_IS_NOT_PRIME 112 577 #define BN_R_TOO_MANY_ITERATIONS 113 578 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 579 580 #ifdef __cplusplus 581 } 582 #endif 583 #endif 584