X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fbn%2Fbn.h;h=670584ad74a7cbe683c0df7d8045dad624ae0722;hb=a51a97262de196f8d4940fe68d9412ec99cd555a;hp=5346a353ab9cd7dc4a8607f7e92c622b9aee79f6;hpb=46cb8d368965c07f760662a755b4248afc0087b8;p=oweals%2Fopenssl.git diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 5346a353ab..670584ad74 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -76,6 +76,7 @@ #ifndef OPENSSL_NO_FP_API #include /* FILE */ #endif +#include #ifdef __cplusplus extern "C" { @@ -89,17 +90,9 @@ extern "C" { * BN_DEBUG - turn on various debugging alterations to the bignum code * BN_DEBUG_RAND - uses random poisoning of unused words to trip up * mismanagement of bignum internals. You must also define BN_DEBUG. - * BN_STRICT - disables anything (not already caught by BN_DEBUG) that uses the - * old ambiguity over zero representation. At some point, this behaviour should - * become standard. */ /* #define BN_DEBUG */ /* #define BN_DEBUG_RAND */ -/* #define BN_STRICT */ - -#ifdef OPENSSL_SYS_VMS -#undef BN_LLONG /* experimental, so far... */ -#endif #define BN_MUL_COMBA #define BN_SQR_COMBA @@ -172,10 +165,12 @@ extern "C" { #endif #ifdef THIRTY_TWO_BIT -#if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) -#define BN_ULLONG unsigned _int64 -#else -#define BN_ULLONG unsigned long long +#ifdef BN_LLONG +# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) +# define BN_ULLONG unsigned __int64 +# else +# define BN_ULLONG unsigned long long +# endif #endif #define BN_ULONG unsigned long #define BN_LONG long @@ -248,17 +243,39 @@ extern "C" { #define BN_DEFAULT_BITS 1280 -#ifdef BIGNUM -#undef BIGNUM -#endif - #define BN_FLG_MALLOCED 0x01 #define BN_FLG_STATIC_DATA 0x02 +#define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings + * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ +#ifndef OPENSSL_NO_DEPRECATED #define BN_FLG_FREE 0x8000 /* used for debuging */ +#endif #define BN_set_flags(b,n) ((b)->flags|=(n)) #define BN_get_flags(b,n) ((b)->flags&(n)) -typedef struct bignum_st +/* get a clone of a BIGNUM with changed flags, for *temporary* use only + * (the two BIGNUMs cannot not be used in parallel!) */ +#define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \ + (dest)->top=(b)->top, \ + (dest)->dmax=(b)->dmax, \ + (dest)->neg=(b)->neg, \ + (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \ + | ((b)->flags & ~BN_FLG_MALLOCED) \ + | BN_FLG_STATIC_DATA \ + | (n))) + +/* Already declared in ossl_typ.h */ +#if 0 +typedef struct bignum_st BIGNUM; +/* Used for temp variables (declaration hidden in bn_lcl.h) */ +typedef struct bignum_ctx BN_CTX; +typedef struct bn_blinding_st BN_BLINDING; +typedef struct bn_mont_ctx_st BN_MONT_CTX; +typedef struct bn_recp_ctx_st BN_RECP_CTX; +typedef struct bn_gencb_st BN_GENCB; +#endif + +struct bignum_st { BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ int top; /* Index of last used d +1. */ @@ -266,23 +283,10 @@ typedef struct bignum_st int dmax; /* Size of the d array. */ int neg; /* one if the number is negative */ int flags; - } BIGNUM; - -/* Used for temp variables (declaration hidden in bn_lcl.h) */ -typedef struct bignum_ctx BN_CTX; - -typedef struct bn_blinding_st - { - int init; - BIGNUM *A; - BIGNUM *Ai; - BIGNUM *mod; /* just a reference */ - unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; - * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ - } BN_BLINDING; + }; /* Used for montgomery multiplication */ -typedef struct bn_mont_ctx_st +struct bn_mont_ctx_st { int ri; /* number of bits in R */ BIGNUM RR; /* used to convert to montgomery form */ @@ -291,22 +295,21 @@ typedef struct bn_mont_ctx_st * (Ni is only stored for bignum algorithm) */ BN_ULONG n0; /* least significant word of Ni */ int flags; - } BN_MONT_CTX; + }; /* Used for reciprocal division/mod functions * It cannot be shared between threads */ -typedef struct bn_recp_ctx_st +struct bn_recp_ctx_st { BIGNUM N; /* the divisor */ BIGNUM Nr; /* the reciprocal */ int num_bits; int shift; int flags; - } BN_RECP_CTX; + }; /* Used for slow "generation" functions. */ -typedef struct bn_gencb_st BN_GENCB; struct bn_gencb_st { unsigned int ver; /* To handle binary (in)compatibility */ @@ -360,25 +363,23 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b); /* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */ #define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \ (((w) == 0) && ((a)->top == 0))) -#ifdef BN_STRICT #define BN_is_zero(a) ((a)->top == 0) -#else -#define BN_is_zero(a) BN_abs_is_word(a,0) -#endif #define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) #define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg)) #define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) #define BN_one(a) (BN_set_word((a),1)) +#define BN_zero_ex(a) \ + do { \ + BIGNUM *_tmp_bn = (a); \ + _tmp_bn->top = 0; \ + _tmp_bn->neg = 0; \ + } while(0) +#ifdef OPENSSL_NO_DEPRECATED +#define BN_zero(a) BN_zero_ex(a) +#else #define BN_zero(a) (BN_set_word((a),0)) -/* BN_set_sign(BIGNUM *, int) sets the sign of a BIGNUM - * (0 for a non-negative value, 1 for negative) */ -#define BN_set_sign(a,b) ((a)->neg = (b)) -/* BN_get_sign(BIGNUM *) returns the sign of the BIGNUM */ -#define BN_get_sign(a) ((a)->neg) - -/*#define BN_ascii2bn(a) BN_hex2bn(a) */ -/*#define BN_bn2ascii(a) BN_bn2hex(a) */ +#endif const BIGNUM *BN_value_one(void); char * BN_options(void); @@ -400,8 +401,6 @@ BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); -/* BN_ncopy(): like BN_copy() but copies at most the first n BN_ULONGs */ -BIGNUM *BN_ncopy(BIGNUM *a, const BIGNUM *b, size_t n); void BN_swap(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(const BIGNUM *a, unsigned char *to); @@ -413,6 +412,10 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); +/* BN_set_negative(): sets sign of a bignum */ +void BN_set_negative(BIGNUM *b, int n); +/* BN_get_negative(): returns 1 if the bignum is < 0 and 0 otherwise */ +#define BN_is_negative(a) ((a)->neg != 0) int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); @@ -449,6 +452,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx); int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, @@ -516,15 +521,34 @@ int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx); BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); +BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, + const BIGNUM *mod, BN_CTX *ctx); -BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); +/* BN_BLINDING flags */ +#define BN_BLINDING_NO_UPDATE 0x00000001 +#define BN_BLINDING_NO_RECREATE 0x00000002 + +BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod); void BN_BLINDING_free(BN_BLINDING *b); int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); +int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); +int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); +int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); +unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); +void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); +unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); +void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); +BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, + const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), + BN_MONT_CTX *m_ctx); +#ifndef OPENSSL_NO_DEPRECATED void BN_set_params(int mul,int high,int low,int mont); int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ +#endif void BN_RECP_CTX_init(BN_RECP_CTX *recp); BN_RECP_CTX *BN_RECP_CTX_new(void); @@ -605,10 +629,12 @@ const BIGNUM *BN_get0_nist_prime_521(void); /* library internal functions */ #define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ - (a):bn_expand2((a),(bits)/BN_BITS2+1)) + (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)) #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) BIGNUM *bn_expand2(BIGNUM *a, int words); -BIGNUM *bn_dup_expand(const BIGNUM *a, int words); +#ifndef OPENSSL_NO_DEPRECATED +BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */ +#endif /* Bignum consistency macros * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from @@ -706,16 +732,6 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); -#ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); -# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ - fprintf(stderr,"\n");} -# define bn_dump(a,n) bn_dump1(stderr,#a,a,n); -#else -# define bn_print(a) -# define bn_dump(a,b) -#endif - int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); /* BEGIN ERROR CODES */ @@ -727,27 +743,35 @@ void ERR_load_BN_strings(void); /* Error codes for the BN functions. */ /* Function codes. */ -#define BN_F_BN_BLINDING_CONVERT 100 -#define BN_F_BN_BLINDING_INVERT 101 +#define BN_F_BNRAND 127 +#define BN_F_BN_BLINDING_CONVERT_EX 100 +#define BN_F_BN_BLINDING_CREATE_PARAM 128 +#define BN_F_BN_BLINDING_INVERT_EX 101 #define BN_F_BN_BLINDING_NEW 102 #define BN_F_BN_BLINDING_UPDATE 103 #define BN_F_BN_BN2DEC 104 #define BN_F_BN_BN2HEX 105 #define BN_F_BN_CTX_GET 116 #define BN_F_BN_CTX_NEW 106 +#define BN_F_BN_CTX_START 129 #define BN_F_BN_DIV 107 +#define BN_F_BN_DIV_RECP 130 +#define BN_F_BN_EXP 123 #define BN_F_BN_EXPAND2 108 #define BN_F_BN_EXPAND_INTERNAL 120 -#define BN_F_BN_GF2M_MOD 126 -#define BN_F_BN_GF2M_MOD_DIV 123 -#define BN_F_BN_GF2M_MOD_EXP 127 -#define BN_F_BN_GF2M_MOD_MUL 124 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 128 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 129 -#define BN_F_BN_GF2M_MOD_SQR 125 +#define BN_F_BN_GF2M_MOD 131 +#define BN_F_BN_GF2M_MOD_EXP 132 +#define BN_F_BN_GF2M_MOD_MUL 133 +#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134 +#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 +#define BN_F_BN_GF2M_MOD_SQR 136 +#define BN_F_BN_GF2M_MOD_SQRT 137 #define BN_F_BN_MOD_EXP2_MONT 118 #define BN_F_BN_MOD_EXP_MONT 109 +#define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 #define BN_F_BN_MOD_EXP_MONT_WORD 117 +#define BN_F_BN_MOD_EXP_RECP 125 +#define BN_F_BN_MOD_EXP_SIMPLE 126 #define BN_F_BN_MOD_INVERSE 110 #define BN_F_BN_MOD_LSHIFT_QUICK 119 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 @@ -770,9 +794,9 @@ void ERR_load_BN_strings(void); #define BN_R_INVALID_LENGTH 106 #define BN_R_INVALID_RANGE 115 #define BN_R_NOT_A_SQUARE 111 -#define BN_R_NOT_IMPLEMENTED 116 #define BN_R_NOT_INITIALIZED 107 #define BN_R_NO_INVERSE 108 +#define BN_R_NO_SOLUTION 116 #define BN_R_P_IS_NOT_PRIME 112 #define BN_R_TOO_MANY_ITERATIONS 113 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109