-/* totally untested */
-
/* crypto/bn/bn_kron.c */
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
*
*/
+#include "cryptlib.h"
#include "bn_lcl.h"
-
/* least significant word */
#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
int i;
- int ret;
+ int ret = -2; /* avoid 'uninitialized' warning */
int err = 0;
BIGNUM *A, *B, *tmp;
/* In 'tab', only odd-indexed entries are relevant:
*/
static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1};
+ bn_check_top(a);
+ bn_check_top(b);
+
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
B = BN_CTX_get(ctx);
/* Cohen's step 4: */
/* multiply 'ret' by $(-1)^{(A-1)(B-1)/4}$ */
- if (BN_lsw(A) & BN_lsw(B) & 2)
+ if ((A->neg ? ~BN_lsw(A) : BN_lsw(A)) & BN_lsw(B) & 2)
ret = -ret;
/* (A, B) := (B mod |A|, |A|) */
tmp = A; A = B; B = tmp;
tmp->neg = 0;
}
-
- end:
+end:
BN_CTX_end(ctx);
if (err)
return -2;