spacrv9cap.c: addenum to recent EC optimizations.

crypto/ec/ec_cvt.c

@@ -80,7 +80,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
 	const EC_METHOD *meth;
 	EC_GROUP *ret;
 
-#if defined(OPENSSL_BN_ASM_MONT) && !defined(__sparc)
+#if defined(OPENSSL_BN_ASM_MONT)
 	/*
 	 * This might appear controversial, but the fact is that generic
 	 * prime method was observed to deliver better performance even
@@ -93,7 +93,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
 	 * arguable, because the dependency of improvement coefficient
 	 * from key length is not a "monotone" curve. For example while
 	 * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
-	 * generally faster, sometimes "respectfully" faster, or
+	 * generally faster, sometimes "respectfully" faster, sometimes
 	 * "tolerably" slower... What effectively happens is that loop
 	 * with bn_mul_add_words is put against bn_mul_mont, and the
 	 * latter "wins" on short vectors. Correct solution should be

crypto/sparcv9cap.c

@@ -20,7 +20,8 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_U
 	int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
 	int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
 
-	if ((OPENSSL_sparcv9cap_P&(SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
+	if (num>=8 && !(num&1) &&
+	    (OPENSSL_sparcv9cap_P&(SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
 		(SPARCV9_PREFER_FPU|SPARCV9_VIS1))
 		return bn_mul_mont_fpu(rp,ap,bp,np,n0,num);
 	else