Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 25439b76 编写于 作者: B Bodo Möller
浏览文件
操作

Move reduction step from BN_mod_exp to BN_mod_exp_mont_word. 

Fix BN_mod_exp_simple for a==0 (mod m).
Skip useless round in BN_mod_sqrt (1 is always a square, no need
to test BN_kronecker for it).
上级 3465dd38
隐藏空白更改
内联 并排
Showing with 12 addition and 8 deletion
crypto/bn/bn_exp.c
浏览文件 @ 25439b76
...@@ -191,6 +191,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, ...@@ -191,6 +191,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
*/ */
#define MONT_MUL_MOD #define MONT_MUL_MOD
#define MONT_EXP_WORD
#define RECP_MUL_MOD #define RECP_MUL_MOD
#ifdef MONT_MUL_MOD #ifdef MONT_MUL_MOD
...@@ -202,14 +203,14 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, ...@@ -202,14 +203,14 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
if (BN_is_odd(m)) if (BN_is_odd(m))
{ {
# ifdef MONT_EXP_WORD
if (a->top == 1 && !a->neg) if (a->top == 1 && !a->neg)
{ {
BN_ULONG A = a->d[0]; BN_ULONG A = a->d[0];
if (m->top == 1)
A %= m->d[0]; /* make sure that A is reduced */
ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
} }
else else
# endif
ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL);
} }
else else
...@@ -505,11 +506,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, ...@@ -505,11 +506,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
bn_check_top(p); bn_check_top(p);
bn_check_top(m); bn_check_top(m);
if (!(m->d[0] & 1)) if (m->top == 0 || !(m->d[0] & 1))
{ {
BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS);
return(0); return(0);
} }
if (m->top == 1)
a %= m->d[0]; /* make sure that 'a' is reduced */
bits = BN_num_bits(p); bits = BN_num_bits(p);
if (bits == 0) if (bits == 0)
{ {
...@@ -642,8 +646,8 @@ int BN_mod_exp_simple(BIGNUM *r, ...@@ -642,8 +646,8 @@ int BN_mod_exp_simple(BIGNUM *r,
if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */
if (BN_is_zero(&(val[0]))) if (BN_is_zero(&(val[0])))
{ {
ret = BN_one(r); ret = BN_zero(r);
return ret; goto err;
} }
window = BN_window_bits_for_exponent_size(bits); window = BN_window_bits_for_exponent_size(bits);
......
crypto/bn/bn_sqrt.c
浏览文件 @ 25439b76
...@@ -140,13 +140,13 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ...@@ -140,13 +140,13 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
/* e > 1, so we really have to use the Tonelli/Shanks algorithm. /* e > 1, so we really have to use the Tonelli/Shanks algorithm.
* First, find some y that is not a square. */ * First, find some y that is not a square. */
i = 1; i = 2;
do do
{ {
/* For efficiency, try small numbers first; /* For efficiency, try small numbers first;
* if this fails, try random numbers. * if this fails, try random numbers.
*/ */
if (i < 20) if (i < 22)
{ {
if (!BN_set_word(y, i)) goto end; if (!BN_set_word(y, i)) goto end;
} }
...@@ -171,7 +171,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ...@@ -171,7 +171,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto end; goto end;
} }
} }
while (r == 1 && i++ < 80); while (r == 1 && ++i < 82);
if (r != -1) if (r != -1)
{ {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册