const BIGNUM *BN_value_one(void) {
static const BN_ULONG kOneLimbs[1] = { 1 };
STATIC_BIGNUM_DIAGNOSTIC_PUSH
static const BIGNUM kOne = STATIC_BIGNUM(kOneLimbs);
STATIC_BIGNUM_DIAGNOSTIC_POP
return &kOne;
}
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) {
int ret = 0;
BIGNUM *Ri, *R;
BIGNUM tmod;
BN_ULONG buf[2];
if (BN_is_zero(mod)) {
OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO);
return 0;
}
BN_CTX_start(ctx);
Ri = BN_CTX_get(ctx);
if (Ri == NULL) {
goto err;
}
R = &mont->RR; /* grab RR as a temp */
if (!BN_copy(&mont->N, mod)) {
goto err; /* Set N */
}
if (BN_get_flags(mod, BN_FLG_CONSTTIME)) {
BN_set_flags(&mont->N, BN_FLG_CONSTTIME);
}
mont->N.neg = 0;
BN_init(&tmod);
tmod.d = buf;
tmod.dmax = 2;
tmod.neg = 0;
BN_zero(R);
if (!BN_set_bit(R, BN_MONT_CTX_N0_LIMBS * BN_BITS2)) {
goto err;
}
tmod.top = 0;
buf[0] = mod->d[0];
if (buf[0] != 0) {
tmod.top = 1;
}
buf[1] = 0;
if (BN_MONT_CTX_N0_LIMBS == 2 && mod->top > 1 && mod->d[1] != 0) {
buf[1] = mod->d[1];
tmod.top = 2;
}
if (BN_mod_inverse(Ri, R, &tmod, ctx) == NULL) {
goto err;
}
if (!BN_lshift(Ri, Ri, BN_MONT_CTX_N0_LIMBS * BN_BITS2)) {
goto err; /* R*Ri */
}
const BIGNUM *Ri_dividend;
if (!BN_is_zero(Ri)) {
if (!BN_usub(Ri, Ri, BN_value_one())) {
goto err;
}
Ri_dividend = Ri;
} else {
/* Ri == 0 so Ri - 1 == -1. -1 % tmod == 0xff..ff. */
static const BN_ULONG kMinusOneLimbs[BN_MONT_CTX_N0_LIMBS] = {
BN_MASK2,
#if BN_MONT_CTX_N0_LIMBS == 2
BN_MASK2
#endif
};
STATIC_BIGNUM_DIAGNOSTIC_PUSH
static const BIGNUM kMinusOne = STATIC_BIGNUM(kMinusOneLimbs);
STATIC_BIGNUM_DIAGNOSTIC_POP
Ri_dividend = &kMinusOne;
}
if (!BN_div(Ri, NULL, Ri_dividend, &tmod, ctx)) {
goto err;
}
mont->n0[0] = 0;
if (Ri->top > 0) {
mont->n0[0] = Ri->d[0];
}
mont->n0[1] = 0;
if (BN_MONT_CTX_N0_LIMBS == 2 && Ri->top > 1) {
mont->n0[1] = Ri->d[1];
}
/* RR = (2^ri)^2 == 2^(ri*2) == 1 << (ri*2), which has its (ri*2)th bit set. */
int ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
BN_zero(&(mont->RR));
if (!BN_set_bit(&(mont->RR), ri * 2)) {
goto err;
}
if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx)) {
goto err;
}
ret = 1;
err:
BN_CTX_end(ctx);
return ret;
}
TOBN(0xBDD4798E, 0x7CF180C3), TOBN(0x495BE32C, 0xE6969D3D)};
static const BN_ULONG bn_two_data[] = {2};
#define STATIC_BIGNUM(x) \
{ \
(BN_ULONG *) x, sizeof(x) / sizeof(BN_ULONG), \
sizeof(x) / sizeof(BN_ULONG), 0, BN_FLG_STATIC_DATA \
}
struct standard_parameters {
BIGNUM p, q, g;
};
static const struct standard_parameters dh1024_160 = {
STATIC_BIGNUM(dh1024_160_p),
STATIC_BIGNUM(dh1024_160_q),
STATIC_BIGNUM(dh1024_160_g),
};
static const struct standard_parameters dh2048_224 = {
STATIC_BIGNUM(dh2048_224_p),
STATIC_BIGNUM(dh2048_224_q),
STATIC_BIGNUM(dh2048_224_g),
};
static const struct standard_parameters dh2048_256 = {
STATIC_BIGNUM(dh2048_256_p),
STATIC_BIGNUM(dh2048_256_q),
STATIC_BIGNUM(dh2048_256_g),
};
const BIGNUM *BN_value_one(void) {
static const BN_ULONG kOneLimbs[1] = { 1 };
static const BIGNUM kOne = STATIC_BIGNUM(kOneLimbs);
return &kOne;
}
