Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
db5bda67
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
db5bda67
编写于
11月 30, 2000
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Changes to Lenka's Montgomery implementation.
Submitted by: Lenka Fibikova
上级
0ae485dc
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
186 addition
and
122 deletion
+186
-122
crypto/bn/bn_mont2.c
crypto/bn/bn_mont2.c
+142
-76
crypto/bn/bn_mont2.h
crypto/bn/bn_mont2.h
+3
-3
crypto/ec/ec.c
crypto/ec/ec.c
+3
-4
crypto/ec/ec_point.c
crypto/ec/ec_point.c
+38
-39
未找到文件。
crypto/bn/bn_mont2.c
浏览文件 @
db5bda67
...
...
@@ -14,8 +14,7 @@
#include <stdlib.h>
#include <assert.h>
#include "bn.h"
#include "bn_modfs.h"
#include "bn_lcl.h"
#include "bn_mont2.h"
#define BN_mask_word(x, m) ((x->d[0]) & (m))
...
...
@@ -145,25 +144,97 @@ int BN_mont_set(BIGNUM *p, BN_MONTGOMERY *mont, BN_CTX *ctx)
}
static
int
BN_cpy_mul_word
(
BIGNUM
*
ret
,
BIGNUM
*
a
,
BN_ULONG
w
)
/* ret = a * w */
#ifdef BN_LLONG
#define cpy_mul_add(r, b, a, w, c) { \
BN_ULLONG t; \
t = (BN_ULLONG)w * (a) + (b) + (c); \
(r)= Lw(t); \
(c)= Hw(t); \
}
BN_ULONG
BN_mul_add_rshift
(
BN_ULONG
*
r
,
BN_ULONG
*
a
,
int
num
,
BN_ULONG
w
)
/* r = (r + a * w) >> BN_BITS2 */
{
if
(
BN_copy
(
ret
,
a
)
==
NULL
)
return
0
;
BN_ULONG
c
=
0
;
if
(
!
BN_mul_word
(
ret
,
w
))
return
0
;
mul_add
(
r
[
0
],
a
[
0
],
w
,
c
);
if
(
--
num
==
0
)
return
c
;
a
++
;
return
1
;
for
(;;)
{
cpy_mul_add
(
r
[
0
],
r
[
1
],
a
[
0
],
w
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
1
],
r
[
2
],
a
[
1
],
w
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
2
],
r
[
3
],
a
[
2
],
w
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
3
],
r
[
4
],
a
[
3
],
w
,
c
);
if
(
--
num
==
0
)
break
;
a
+=
4
;
r
+=
4
;
}
return
c
;
}
#else
#define cpy_mul_add(r, b, a, bl, bh, c) { \
BN_ULONG l,h; \
\
h=(a); \
l=LBITS(h); \
h=HBITS(h); \
mul64(l,h,(bl),(bh)); \
\
/* non-multiply part */
\
l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
(c)=(b); \
l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
(c)=h&BN_MASK2; \
(r)=l; \
}
static
BN_ULONG
BN_mul_add_rshift
(
BN_ULONG
*
r
,
BN_ULONG
*
a
,
int
num
,
BN_ULONG
w
)
/* ret = (ret + a * w) << shift * BN_BITS2 */
{
BN_ULONG
c
=
0
;
BN_ULONG
bl
,
bh
;
bl
=
LBITS
(
w
);
bh
=
HBITS
(
w
);
mul_add
(
r
[
0
],
a
[
0
],
bl
,
bh
,
c
);
if
(
--
num
==
0
)
return
c
;
a
++
;
for
(;;)
{
cpy_mul_add
(
r
[
0
],
r
[
1
],
a
[
0
],
bl
,
bh
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
1
],
r
[
2
],
a
[
1
],
bl
,
bh
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
2
],
r
[
3
],
a
[
2
],
bl
,
bh
,
c
);
if
(
--
num
==
0
)
break
;
cpy_mul_add
(
r
[
3
],
r
[
4
],
a
[
3
],
bl
,
bh
,
c
);
if
(
--
num
==
0
)
break
;
a
+=
4
;
r
+=
4
;
}
return
c
;
}
#endif
/* BN_LLONG */
int
BN_mont_red
(
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
,
BN_CTX
*
ctx
)
int
BN_mont_red
(
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
)
/* yR^{-1} (mod p) */
{
int
i
;
B
IGNUM
*
up
,
*
p
;
BN_ULONG
u
;
BIGNUM
*
p
;
B
N_ULONG
c
;
int
i
,
max
;
assert
(
y
!=
NULL
&&
mont
!=
NULL
&&
ctx
!=
NULL
);
assert
(
y
!=
NULL
&&
mont
!=
NULL
);
assert
(
mont
->
p
!=
NULL
);
assert
(
BN_cmp
(
y
,
mont
->
p
)
<
0
);
assert
(
!
y
->
neg
);
...
...
@@ -172,50 +243,40 @@ int BN_mont_red(BIGNUM *y, BN_MONTGOMERY *mont, BN_CTX *ctx)
if
(
BN_is_zero
(
y
))
return
1
;
p
=
mont
->
p
;
max
=
mont
->
p_num_bytes
;
BN_CTX_start
(
ctx
)
;
up
=
BN_CTX_get
(
ctx
)
;
if
(
up
==
NULL
)
goto
err
;
if
(
bn_wexpand
(
y
,
max
)
==
NULL
)
return
0
;
for
(
i
=
y
->
top
;
i
<
max
;
i
++
)
y
->
d
[
i
]
=
0
;
y
->
top
=
max
;
for
(
i
=
0
;
i
<
mont
->
p_num_bytes
;
i
++
)
/* r = [r + (y_0 * p') * p] / b */
for
(
i
=
0
;
i
<
max
;
i
++
)
{
u
=
(
y
->
d
[
0
])
*
mont
->
p_inv_b_neg
;
/* u = y_0 * p' */
if
(
!
BN_cpy_mul_word
(
up
,
p
,
u
))
goto
err
;
/* up = u * p */
if
(
!
BN_add
(
y
,
y
,
up
))
goto
err
;
#ifdef TEST
if
(
y
->
d
[
0
])
goto
err
;
#endif
if
(
!
BN_rshift
(
y
,
y
,
BN_BITS2
))
goto
err
;
/* y = (y + up)/b */
c
=
BN_mul_add_rshift
(
y
->
d
,
p
->
d
,
max
,
((
y
->
d
[
0
])
*
mont
->
p_inv_b_neg
)
&
BN_MASK2
);
y
->
d
[
max
-
1
]
=
c
;
}
while
(
y
->
d
[
y
->
top
-
1
]
==
0
)
y
->
top
--
;
if
(
BN_cmp
(
y
,
mont
->
p
)
>=
0
)
if
(
BN_cmp
(
y
,
p
)
>=
0
)
{
if
(
!
BN_sub
(
y
,
y
,
mont
->
p
))
goto
err
;
if
(
!
BN_sub
(
y
,
y
,
p
))
return
0
;
}
BN_CTX_end
(
ctx
);
return
1
;
err:
BN_CTX_end
(
ctx
);
return
0
;
}
int
BN_mont_mod_mul
(
BIGNUM
*
r
,
BIGNUM
*
x
,
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
,
BN_CTX
*
ctx
)
int
BN_mont_mod_mul
(
BIGNUM
*
r
,
BIGNUM
*
x
,
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
)
/* r = x * y mod p */
/* r != x && r! = y !!! */
{
BIGNUM
*
xiy
,
*
up
;
BN_ULONG
u
;
int
i
;
BN_ULONG
c
;
BIGNUM
*
p
;
int
i
,
j
,
max
;
assert
(
r
!=
x
&&
r
!=
y
);
assert
(
r
!=
NULL
&&
x
!=
NULL
&&
y
!=
NULL
&&
mont
!=
NULL
&&
ctx
!=
NULL
);
assert
(
r
!=
NULL
&&
x
!=
NULL
&&
y
!=
NULL
&&
mont
!=
NULL
);
assert
(
mont
->
p
!=
NULL
);
assert
(
BN_cmp
(
x
,
mont
->
p
)
<
0
);
assert
(
BN_cmp
(
y
,
mont
->
p
)
<
0
);
...
...
@@ -228,56 +289,61 @@ int BN_mont_mod_mul(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_MONTGOMERY *mont, BN_CTX
return
1
;
}
p
=
mont
->
p
;
max
=
mont
->
p_num_bytes
;
BN_CTX_start
(
ctx
);
xiy
=
BN_CTX_get
(
ctx
);
up
=
BN_CTX_get
(
ctx
);
if
(
up
==
NULL
)
goto
err
;
if
(
!
BN_zero
(
r
))
goto
err
;
/* for multiplication we need at most max + 2 words
the last one --- max + 3 --- is only as a backstop
for incorrect input
*/
if
(
bn_wexpand
(
r
,
max
+
3
)
==
NULL
)
return
0
;
for
(
i
=
0
;
i
<
max
+
3
;
i
++
)
r
->
d
[
i
]
=
0
;
r
->
top
=
max
+
2
;
for
(
i
=
0
;
i
<
x
->
top
;
i
++
)
{
u
=
(
r
->
d
[
0
]
+
x
->
d
[
i
]
*
y
->
d
[
0
])
*
mont
->
p_inv_b_neg
;
if
(
!
BN_cpy_mul_word
(
xiy
,
y
,
x
->
d
[
i
]))
goto
err
;
if
(
!
BN_cpy_mul_word
(
up
,
mont
->
p
,
u
))
goto
err
;
if
(
!
BN_add
(
r
,
r
,
xiy
))
goto
err
;
if
(
!
BN_add
(
r
,
r
,
up
))
goto
err
;
#ifdef TEST
if
(
r
->
d
[
0
])
goto
err
;
#endif
if
(
!
BN_rshift
(
r
,
r
,
BN_BITS2
))
goto
err
;
/* r = r + (r_0 + x_i * y_0) * p' * p */
c
=
bn_mul_add_words
(
r
->
d
,
p
->
d
,
max
,
\
((
r
->
d
[
0
]
+
x
->
d
[
i
]
*
y
->
d
[
0
])
*
mont
->
p_inv_b_neg
)
&
BN_MASK2
);
if
(
c
)
{
if
(((
r
->
d
[
max
]
+=
c
)
&
BN_MASK2
)
<
c
)
if
(((
r
->
d
[
max
+
1
]
++
)
&
BN_MASK2
)
==
0
)
return
0
;
}
/* r = (r + x_i * y) / b */
c
=
BN_mul_add_rshift
(
r
->
d
,
y
->
d
,
y
->
top
,
x
->
d
[
i
]);
for
(
j
=
y
->
top
;
j
<=
max
+
1
;
j
++
)
r
->
d
[
j
-
1
]
=
r
->
d
[
j
];
if
(
c
)
{
if
(((
r
->
d
[
y
->
top
-
1
]
+=
c
)
&
BN_MASK2
)
<
c
)
{
j
=
y
->
top
;
while
(((
++
(
r
->
d
[
j
])
)
&
BN_MASK2
)
==
0
)
j
++
;
if
(
j
>
max
)
return
0
;
}
}
r
->
d
[
max
+
1
]
=
0
;
}
for
(
i
=
x
->
top
;
i
<
m
ont
->
p_num_bytes
;
i
++
)
for
(
i
=
x
->
top
;
i
<
m
ax
;
i
++
)
{
u
=
(
r
->
d
[
0
])
*
mont
->
p_inv_b_neg
;
if
(
!
BN_cpy_mul_word
(
up
,
mont
->
p
,
u
))
goto
err
;
if
(
!
BN_add
(
r
,
r
,
up
))
goto
err
;
#ifdef TEST
if
(
r
->
d
[
0
])
goto
err
;
#endif
if
(
!
BN_rshift
(
r
,
r
,
BN_BITS2
))
goto
err
;
/* r = (r + r_0 * p' * p) / b */
c
=
BN_mul_add_rshift
(
r
->
d
,
p
->
d
,
max
,
((
r
->
d
[
0
])
*
mont
->
p_inv_b_neg
)
&
BN_MASK2
);
j
=
max
-
1
;
r
->
d
[
j
]
=
c
+
r
->
d
[
max
];
if
(
r
->
d
[
j
++
]
<
c
)
r
->
d
[
j
]
=
r
->
d
[
++
j
]
+
1
;
else
r
->
d
[
j
]
=
r
->
d
[
++
j
];
r
->
d
[
max
+
1
]
=
0
;
}
while
(
r
->
d
[
r
->
top
-
1
]
==
0
)
r
->
top
--
;
if
(
BN_cmp
(
r
,
mont
->
p
)
>=
0
)
if
(
BN_cmp
(
r
,
mont
->
p
)
>=
0
)
{
if
(
!
BN_sub
(
r
,
r
,
mont
->
p
))
goto
err
;
if
(
!
BN_sub
(
r
,
r
,
mont
->
p
))
return
0
;
}
BN_CTX_end
(
ctx
);
return
1
;
err:
BN_CTX_end
(
ctx
);
return
0
;
}
crypto/bn/bn_mont2.h
浏览文件 @
db5bda67
...
...
@@ -23,14 +23,14 @@ typedef struct bn_mont_st{
BN_ULONG
p_inv_b_neg
;
/* p' = p^{-1} mod b; b = 2^BN_BITS */
}
BN_MONTGOMERY
;
#define BN_from_mont(x, mont
, ctx) (BN_mont_red((x), (mont), (ctx
)))
#define BN_from_mont(x, mont
) (BN_mont_red((x), (mont
)))
BN_MONTGOMERY
*
BN_mont_new
();
int
BN_to_mont
(
BIGNUM
*
x
,
BN_MONTGOMERY
*
mont
,
BN_CTX
*
ctx
);
void
BN_mont_clear_free
(
BN_MONTGOMERY
*
mont
);
int
BN_mont_set
(
BIGNUM
*
p
,
BN_MONTGOMERY
*
mont
,
BN_CTX
*
ctx
);
int
BN_mont_red
(
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
,
BN_CTX
*
ctx
);
BN_ULONG
BN_mont_inv
(
BIGNUM
*
x
,
int
e
,
BN_CTX
*
ctx
);
int
BN_mont_red
(
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
);
int
BN_mont_mod_mul
(
BIGNUM
*
r
,
BIGNUM
*
x
,
BIGNUM
*
y
,
BN_MONTGOMERY
*
mont
);
#endif
crypto/ec/ec.c
浏览文件 @
db5bda67
...
...
@@ -15,7 +15,6 @@
#include <assert.h>
#include "ec.h"
#include "bn_modfs.h"
...
...
@@ -97,9 +96,9 @@ int EC_from_montgomery(EC *E, BN_MONTGOMERY *mont, BN_CTX *ctx)
if
(
!
E
->
is_in_mont
)
return
1
;
if
(
!
BN_mont_red
(
E
->
A
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
E
->
B
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
E
->
h
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
E
->
A
,
mont
))
return
0
;
if
(
!
BN_mont_red
(
E
->
B
,
mont
))
return
0
;
if
(
!
BN_mont_red
(
E
->
h
,
mont
))
return
0
;
E
->
is_in_mont
=
0
;
return
1
;
...
...
crypto/ec/ec_point.c
浏览文件 @
db5bda67
...
...
@@ -16,7 +16,6 @@
#include <openssl/bn.h>
#include "../bn/bn_modfs.h"
/* XXX */
#include "../bn/bn_mont2.h"
/* XXX */
#include "ec.h"
...
...
@@ -965,9 +964,9 @@ int ECP_from_montgomery(EC_POINT *P, BN_MONTGOMERY *mont, BN_CTX *ctx)
if
(
!
P
->
is_in_mont
)
return
1
;
if
(
!
BN_mont_red
(
P
->
X
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
P
->
Y
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
P
->
Z
,
mont
,
ctx
))
return
0
;
if
(
!
BN_mont_red
(
P
->
X
,
mont
))
return
0
;
if
(
!
BN_mont_red
(
P
->
Y
,
mont
))
return
0
;
if
(
!
BN_mont_red
(
P
->
Z
,
mont
))
return
0
;
P
->
is_in_mont
=
0
;
return
1
;
...
...
@@ -1019,17 +1018,17 @@ int ECP_mont_cmp(EC_POINT *P, EC_POINT *Q, BN_MONTGOMERY *mont, BN_CTX *ctx)
p
=
mont
->
p
;
if
(
!
BN_mont_mod_mul
(
n5
,
Q
->
Z
,
Q
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
n5
,
mont
,
ctx
))
goto
err
;
/* L1 = x_p * z_q^2 */
if
(
!
BN_mont_mod_mul
(
n5
,
Q
->
Z
,
Q
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
n5
,
mont
))
goto
err
;
/* L1 = x_p * z_q^2 */
if
(
!
BN_mont_mod_mul
(
n0
,
n5
,
Q
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
Y
,
n0
,
mont
,
ctx
))
goto
err
;
/* L2 = y_p * z_q^3 */
if
(
!
BN_mont_mod_mul
(
n0
,
n5
,
Q
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
Y
,
n0
,
mont
))
goto
err
;
/* L2 = y_p * z_q^3 */
if
(
!
BN_mont_mod_mul
(
n5
,
P
->
Z
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
Q
->
X
,
n5
,
mont
,
ctx
))
goto
err
;
/* L3 = x_q * z_p^2 */
if
(
!
BN_mont_mod_mul
(
n5
,
P
->
Z
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
Q
->
X
,
n5
,
mont
))
goto
err
;
/* L3 = x_q * z_p^2 */
if
(
!
BN_mont_mod_mul
(
n0
,
n5
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
Q
->
Y
,
n0
,
mont
,
ctx
))
goto
err
;
/* L4 = y_q * z_p^3 */
if
(
!
BN_mont_mod_mul
(
n0
,
n5
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
Q
->
Y
,
n0
,
mont
))
goto
err
;
/* L4 = y_q * z_p^3 */
if
(
!
BN_mod_sub_quick
(
n0
,
n1
,
n3
,
p
))
goto
err
;
/* L5 = L1 - L3 */
...
...
@@ -1098,36 +1097,36 @@ int ECP_mont_double(EC_POINT *R, EC_POINT *P, EC *E, BN_MONTGOMERY *mont, BN_CTX
p
=
E
->
p
;
/* L1 */
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Z
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
n0
,
n0
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n2
,
E
->
A
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
P
->
X
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Z
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
n0
,
n0
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n2
,
E
->
A
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
P
->
X
,
mont
))
goto
err
;
if
(
!
BN_mod_lshift1_quick
(
n2
,
n1
,
p
))
goto
err
;
if
(
!
BN_mod_add_quick
(
n1
,
n1
,
n2
,
p
))
goto
err
;
if
(
!
BN_mod_add_quick
(
n1
,
n1
,
n0
,
p
))
goto
err
;
/* L1 = 3 * x^2 + a * z^4 */
/* Z */
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Y
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Y
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mod_lshift1_quick
(
R
->
Z
,
n0
,
p
))
goto
err
;
/* Z = 2 * y * z */
/* L2 */
if
(
!
BN_mont_mod_mul
(
n3
,
P
->
Y
,
P
->
Y
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
X
,
n3
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
P
->
Y
,
P
->
Y
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
X
,
n3
,
mont
))
goto
err
;
if
(
!
BN_mod_lshift_quick
(
n2
,
n2
,
2
,
p
))
goto
err
;
/* L2 = 4 * x * y^2 */
/* X */
if
(
!
BN_mod_lshift1_quick
(
n0
,
n2
,
p
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
R
->
X
,
n1
,
n1
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
R
->
X
,
n1
,
n1
,
mont
))
goto
err
;
if
(
!
BN_mod_sub_quick
(
R
->
X
,
R
->
X
,
n0
,
p
))
goto
err
;
/* X = L1^2 - 2 * L2 */
/* L3 */
if
(
!
BN_mont_mod_mul
(
n0
,
n3
,
n3
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n3
,
n3
,
mont
))
goto
err
;
if
(
!
BN_mod_lshift_quick
(
n3
,
n0
,
3
,
p
))
goto
err
;
/* L3 = 8 * y^4 */
/* Y */
if
(
!
BN_mod_sub_quick
(
n2
,
n2
,
R
->
X
,
p
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n1
,
n2
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n1
,
n2
,
mont
))
goto
err
;
if
(
!
BN_mod_sub_quick
(
R
->
Y
,
n0
,
n3
,
p
))
goto
err
;
/* Y = L1 * (L2 - X) - L3 */
BN_CTX_end
(
ctx
);
...
...
@@ -1190,19 +1189,19 @@ int ECP_mont_add(EC_POINT *R, EC_POINT *P, EC_POINT *Q, EC *E, BN_MONTGOMERY *mo
R
->
is_in_mont
=
1
;
/* L1; L2 */
if
(
!
BN_mont_mod_mul
(
n6
,
Q
->
Z
,
Q
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
n6
,
mont
,
ctx
))
goto
err
;
/* L1 = x_p * z_q^2 */
if
(
!
BN_mont_mod_mul
(
n6
,
Q
->
Z
,
Q
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
P
->
X
,
n6
,
mont
))
goto
err
;
/* L1 = x_p * z_q^2 */
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
Q
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
Y
,
n0
,
mont
,
ctx
))
goto
err
;
/* L2 = y_p * z_q^3 */
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
Q
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n2
,
P
->
Y
,
n0
,
mont
))
goto
err
;
/* L2 = y_p * z_q^3 */
/* L3; L4 */
if
(
!
BN_mont_mod_mul
(
n6
,
P
->
Z
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
Q
->
X
,
n6
,
mont
,
ctx
))
goto
err
;
/* L3 = x_q * z_p^2 */
if
(
!
BN_mont_mod_mul
(
n6
,
P
->
Z
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
Q
->
X
,
n6
,
mont
))
goto
err
;
/* L3 = x_q * z_p^2 */
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
P
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
Q
->
Y
,
n0
,
mont
,
ctx
))
goto
err
;
/* L4 = y_q * z_p^3 */
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
P
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
Q
->
Y
,
n0
,
mont
))
goto
err
;
/* L4 = y_q * z_p^3 */
/* L5; L6 */
...
...
@@ -1232,14 +1231,14 @@ int ECP_mont_add(EC_POINT *R, EC_POINT *P, EC_POINT *Q, EC *E, BN_MONTGOMERY *mo
/* Z */
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Z
,
Q
->
Z
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
R
->
Z
,
n0
,
n5
,
mont
,
ctx
))
goto
err
;
/* Z = z_p * z_q * L_5 */
if
(
!
BN_mont_mod_mul
(
n0
,
P
->
Z
,
Q
->
Z
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
R
->
Z
,
n0
,
n5
,
mont
))
goto
err
;
/* Z = z_p * z_q * L_5 */
/* X */
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
n6
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
n5
,
n5
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
n1
,
n4
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n6
,
n6
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n4
,
n5
,
n5
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n3
,
n1
,
n4
,
mont
))
goto
err
;
if
(
!
BN_mod_sub_quick
(
R
->
X
,
n0
,
n3
,
p
))
goto
err
;
/* X = L6^2 - L5^2 * L7 */
...
...
@@ -1249,11 +1248,11 @@ int ECP_mont_add(EC_POINT *R, EC_POINT *P, EC_POINT *Q, EC *E, BN_MONTGOMERY *mo
/* Y */
if
(
!
BN_mont_mod_mul
(
n0
,
n3
,
n6
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n6
,
n4
,
n5
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
n2
,
n6
,
mont
,
ctx
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n0
,
n3
,
n6
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n6
,
n4
,
n5
,
mont
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
n1
,
n2
,
n6
,
mont
))
goto
err
;
if
(
!
BN_mod_sub_quick
(
n0
,
n0
,
n1
,
p
))
goto
err
;
if
(
!
BN_mont_mod_mul
(
R
->
Y
,
n0
,
E
->
h
,
mont
,
ctx
))
goto
err
;
/* Y = (L6 * L9 - L8 * L5^3) / 2 */
if
(
!
BN_mont_mod_mul
(
R
->
Y
,
n0
,
E
->
h
,
mont
))
goto
err
;
/* Y = (L6 * L9 - L8 * L5^3) / 2 */
BN_CTX_end
(
ctx
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录