X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fbn%2Fbn_gf2m.c;h=0bb4f9b2515f62a43c4d0e2ad74466df92c4d765;hb=18f62d4b82cc3101f3e1ae026c5e077193cfca5b;hp=c969685c87467a0b18d4c2580009f1fa77bd72e6;hpb=bac6012308e05c187bc11bcb44b984bcd71365e7;p=oweals%2Fopenssl.git

diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index c969685c87..0bb4f9b251 100644
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -27,6 +27,13 @@
  *
  */
 
+/* NOTE: This file is licensed pursuant to the OpenSSL license below
+ * and may be modified; but after modifications, the above covenant
+ * may no longer apply!  In such cases, the corresponding paragraph
+ * ["In addition, Sun covenants ... causes the infringement."] and
+ * this note can be edited out; but please keep the Sun copyright
+ * notice and attribution. */
+
 /* ====================================================================
  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -296,7 +303,7 @@ int	BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 		}
 	
 	r->top = at->top;
-	bn_fix_top(r);
+	bn_correct_top(r);
 	
 	return 1;
 	}
@@ -316,10 +323,10 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 	int n, dN, d0, d1;
 	BN_ULONG zz, *z;
 	
-	/* Since the algorithm does reduction in place, if a == r, copy the
+	/* Since the algorithm does reduction in the r value, if a != r, copy the
 	 * contents of a into r so we can do reduction in r. 
 	 */
-	if ((a != NULL) && (a->d != r->d))
+	if (a != r)
 		{
 		if (!bn_wexpand(r, a->top)) return 0;
 		for (j = 0; j < a->top; j++)
@@ -370,18 +377,22 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 
 		for (k = 1; p[k] > 0; k++)
 			{
+			BN_ULONG tmp_ulong;
+
 			/* reducing component t^p[k]*/
 			n = p[k] / BN_BITS2;   
 			d0 = p[k] % BN_BITS2;
 			d1 = BN_BITS2 - d0;
 			z[n] ^= (zz << d0);
-			if (d0) z[n+1] ^= (zz >> d1);
+			tmp_ulong = zz >> d1;
+                        if (d0 && tmp_ulong)
+                                z[n+1] ^= tmp_ulong;
 			}
 
 		
 		}
 
-	bn_fix_top(r);
+	bn_correct_top(r);
 	
 	return 1;
 	}
@@ -403,6 +414,7 @@ int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
 		goto err;
 		}
 	ret = BN_GF2m_mod_arr(r, a, arr);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -427,7 +439,7 @@ int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 	BN_CTX_start(ctx);
 	if ((s = BN_CTX_get(ctx)) == NULL) goto err;
 	
-	zlen = a->top + b->top;
+	zlen = a->top + b->top + 4;
 	if (!bn_wexpand(s, zlen)) goto err;
 	s->top = zlen;
 
@@ -446,8 +458,9 @@ int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 			}
 		}
 
-	bn_fix_top(s);
+	bn_correct_top(s);
 	BN_GF2m_mod_arr(r, s, p);
+	bn_check_top(r);
 	ret = 1;
 
   err:
@@ -474,6 +487,7 @@ int	BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p
 		goto err;
 		}
 	ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -497,8 +511,9 @@ int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_C
 		}
 
 	s->top = 2 * a->top;
-	bn_fix_top(s);
+	bn_correct_top(s);
 	if (!BN_GF2m_mod_arr(r, s, p)) goto err;
+	bn_check_top(r);
 	ret = 1;
   err:
 	BN_CTX_end(ctx);
@@ -522,6 +537,7 @@ int	BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		goto err;
 		}
 	ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -583,6 +599,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 
 
 	if (!BN_copy(r, b)) goto err;
+	bn_check_top(r);
 	ret = 1;
 
   err:
@@ -606,6 +623,7 @@ int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[], BN_
 	if (!BN_GF2m_arr2poly(p, field)) goto err;
 	
 	ret = BN_GF2m_mod_inv(r, xx, field, ctx);
+	bn_check_top(r);
 
   err:
 	BN_CTX_end(ctx);
@@ -628,6 +646,7 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	
 	if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) goto err;
 	if (!BN_GF2m_mod_mul(r, y, xinv, p, ctx)) goto err;
+	bn_check_top(r);
 	ret = 1;
 
   err:
@@ -700,6 +719,7 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 		} while (1);
 
 	if (!BN_copy(r, u)) goto err;
+	bn_check_top(r);
 	ret = 1;
 
   err:
@@ -725,6 +745,7 @@ int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const uns
 	if (!BN_GF2m_arr2poly(p, field)) goto err;
 	
 	ret = BN_GF2m_mod_div(r, yy, xx, field, ctx);
+	bn_check_top(r);
 
   err:
 	BN_CTX_end(ctx);
@@ -762,6 +783,7 @@ int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 			}
 		}
 	if (!BN_copy(r, u)) goto err;
+	bn_check_top(r);
 
 	ret = 1;
 
@@ -788,6 +810,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p
 		goto err;
 		}
 	ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -808,6 +831,7 @@ int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_
 	if (!BN_zero(u)) goto err;
 	if (!BN_set_bit(u, p[0] - 1)) goto err;
 	ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx);
+	bn_check_top(r);
 
   err:
 	BN_CTX_end(ctx);
@@ -832,6 +856,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		goto err;
 		}
 	ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -842,7 +867,8 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
  */
 int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p[], BN_CTX *ctx)
 	{
-	int ret = 0, i, count = 0;
+	int ret = 0, count = 0;
+	unsigned int j;
 	BIGNUM *a, *z, *rho, *w, *w2, *tmp;
 	
 	BN_CTX_start(ctx);
@@ -863,7 +889,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 		{
 		/* compute half-trace of a */
 		if (!BN_copy(z, a)) goto err;
-		for (i = 1; i <= (p[0] - 1) / 2; i++)
+		for (j = 1; j <= (p[0] - 1) / 2; j++)
 			{
 			if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx)) goto err;
 			if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx)) goto err;
@@ -883,7 +909,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 			if (!BN_GF2m_mod_arr(rho, rho, p)) goto err;
 			if (!BN_zero(z)) goto err;
 			if (!BN_copy(w, rho)) goto err;
-			for (i = 1; i <= p[0] - 1; i++)
+			for (j = 1; j <= p[0] - 1; j++)
 				{
 				if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx)) goto err;
 				if (!BN_GF2m_mod_sqr_arr(w2, w, p, ctx)) goto err;
@@ -905,6 +931,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 	if (BN_GF2m_cmp(w, a)) goto err;
 
 	if (!BN_copy(r, z)) goto err;
+	bn_check_top(r);
 
 	ret = 1;
 
@@ -930,6 +957,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *
 		goto err;
 		}
 	ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
+	bn_check_top(r);
   err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
@@ -978,6 +1006,7 @@ int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
 		BN_set_bit(a, p[i]);
 		}
 	BN_set_bit(a, 0);
+	bn_check_top(a);
 	
 	return 1;
 	}