summaryrefslogtreecommitdiff
path: root/deps/openssl/openssl/crypto/bn
diff options
context:
space:
mode:
Diffstat (limited to 'deps/openssl/openssl/crypto/bn')
-rw-r--r--deps/openssl/openssl/crypto/bn/Makefile389
-rw-r--r--deps/openssl/openssl/crypto/bn/README.pod247
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/README27
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/alpha-mont.pl12
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/armv4-gf2m.pl65
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl690
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/armv8-mont.pl1510
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/bn-586.pl15
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/bn-c64xplus.asm382
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/c64xplus-gf2m.pl160
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/co-586.pl13
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ia64-mont.pl13
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ia64.S15
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/mips-mont.pl11
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/mips.pl13
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/mips3-mont.pl327
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/mips3.s2201
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/pa-risc2.s6
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/pa-risc2W.s7
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl11
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl9
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc.pl12
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl9
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl11
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl15
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/s390x-gf2m.pl11
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl11
-rw-r--r--[-rwxr-xr-x]deps/openssl/openssl/crypto/bn/asm/s390x.S10
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl12
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/sparcv8.S10
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/sparcv8plus.S18
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/sparcv9-gf2m.pl12
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/sparcv9-mont.pl26
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl31
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/via-mont.pl14
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/vis3-mont.pl29
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/vms.mar6440
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86-gf2m.pl14
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/x86-mont.pl20
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86.pl28
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/add.pl76
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/comba.pl277
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/div.pl15
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/f3
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/mul.pl77
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/mul_add.pl87
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/sqr.pl60
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86/sub.pl76
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86_64-gcc.c23
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl11
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl15
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl15
-rw-r--r--deps/openssl/openssl/crypto/bn/bn.h951
-rw-r--r--deps/openssl/openssl/crypto/bn/bn.mul19
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_add.c208
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_asm.c72
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_blind.c196
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_const.c28
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_ctx.c203
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_depr.c81
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_dh.c220
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_div.c82
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_err.c81
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_exp.c140
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_exp2.c118
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_gcd.c184
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_gf2m.c122
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_intern.c210
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_kron.c62
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_lcl.h406
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_lib.c495
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_mod.c129
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_mont.c148
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_mpi.c88
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_mul.c160
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_nist.c109
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_prime.c412
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_prime.h588
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_prime.pl149
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_print.c105
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_rand.c210
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_recp.c79
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_shift.c77
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_sqr.c72
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_sqrt.c65
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_srp.c545
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_word.c66
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_x931p.c95
-rw-r--r--deps/openssl/openssl/crypto/bn/bnspeed.c232
-rw-r--r--deps/openssl/openssl/crypto/bn/bntest.c2160
-rw-r--r--deps/openssl/openssl/crypto/bn/build.info84
-rw-r--r--deps/openssl/openssl/crypto/bn/divtest.c42
-rw-r--r--deps/openssl/openssl/crypto/bn/exp.c61
-rw-r--r--deps/openssl/openssl/crypto/bn/expspeed.c381
-rw-r--r--deps/openssl/openssl/crypto/bn/exptest.c315
-rw-r--r--deps/openssl/openssl/crypto/bn/rsaz_exp.c22
-rw-r--r--deps/openssl/openssl/crypto/bn/rsaz_exp.h9
-rw-r--r--deps/openssl/openssl/crypto/bn/todo3
-rw-r--r--deps/openssl/openssl/crypto/bn/vms-helper.c68
99 files changed, 5968 insertions, 17975 deletions
diff --git a/deps/openssl/openssl/crypto/bn/Makefile b/deps/openssl/openssl/crypto/bn/Makefile
deleted file mode 100644
index 20e8ef0a28..0000000000
--- a/deps/openssl/openssl/crypto/bn/Makefile
+++ /dev/null
@@ -1,389 +0,0 @@
-#
-# OpenSSL/crypto/bn/Makefile
-#
-
-DIR= bn
-TOP= ../..
-CC= cc
-CPP= $(CC) -E
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-
-BN_ASM= bn_asm.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=bntest.c exptest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
- bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
- bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
- bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
- bn_depr.c bn_const.c bn_x931p.c
-
-LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
- bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
- bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
- bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
- bn_depr.o bn_const.o bn_x931p.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bn.h
-HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all: lib
-
-bn_prime.h: bn_prime.pl
- $(PERL) bn_prime.pl >bn_prime.h
-
-divtest: divtest.c ../../libcrypto.a
- cc -I../../include divtest.c -o divtest ../../libcrypto.a
-
-bnbug: bnbug.c ../../libcrypto.a top
- cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- $(RANLIB) $(LIB) || echo Never mind.
- @touch lib
-
-bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl
- $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
- $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
- $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
- $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-
-sparcv8.o: asm/sparcv8.S
- $(CC) $(CFLAGS) -c asm/sparcv8.S
-bn-sparcv9.o: asm/sparcv8plus.S
- $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
-sparcv9a-mont.s: asm/sparcv9a-mont.pl
- $(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
-sparcv9-mont.s: asm/sparcv9-mont.pl
- $(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
-vis3-mont.s: asm/vis3-mont.pl
- $(PERL) asm/vis3-mont.pl $(CFLAGS) > $@
-sparct4-mont.S: asm/sparct4-mont.pl
- $(PERL) asm/sparct4-mont.pl $(CFLAGS) > $@
-sparcv9-gf2m.S: asm/sparcv9-gf2m.pl
- $(PERL) asm/sparcv9-gf2m.pl $(CFLAGS) > $@
-
-bn-mips3.o: asm/mips3.s
- @if [ "$(CC)" = "gcc" ]; then \
- ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
- as -$$ABI -O -o $@ asm/mips3.s; \
- else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
-
-bn-mips.s: asm/mips.pl
- $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
-mips-mont.s: asm/mips-mont.pl
- $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
-
-bn-s390x.o: asm/s390x.S
- $(CC) $(CFLAGS) -c -o $@ asm/s390x.S
-s390x-gf2m.s: asm/s390x-gf2m.pl
- $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
-
-x86_64-gcc.o: asm/x86_64-gcc.c
- $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
-x86_64-mont.s: asm/x86_64-mont.pl
- $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
-x86_64-mont5.s: asm/x86_64-mont5.pl
- $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
-x86_64-gf2m.s: asm/x86_64-gf2m.pl
- $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
-rsaz-x86_64.s: asm/rsaz-x86_64.pl
- $(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) > $@
-rsaz-avx2.s: asm/rsaz-avx2.pl
- $(PERL) asm/rsaz-avx2.pl $(PERLASM_SCHEME) > $@
-
-bn-ia64.s: asm/ia64.S
- $(CC) $(CFLAGS) -E asm/ia64.S > $@
-ia64-mont.s: asm/ia64-mont.pl
- $(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
-
-# GNU assembler fails to compile PA-RISC2 modules, insist on calling
-# vendor assembler...
-pa-risc2W.o: asm/pa-risc2W.s
- /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
-pa-risc2.o: asm/pa-risc2.s
- /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
-parisc-mont.s: asm/parisc-mont.pl
- $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
-
-# ppc - AIX, Linux, MacOS X...
-bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
-ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
-ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
-
-alpha-mont.s: asm/alpha-mont.pl
- (preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
- $(PERL) asm/alpha-mont.pl > $$preproc && \
- $(CC) -E -P $$preproc > $@ && rm $$preproc)
-
-# GNU make "catch all"
-%-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
-%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
-
-armv4-mont.o: armv4-mont.S
-armv4-gf2m.o: armv4-gf2m.S
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-
-exptest:
- rm -f exptest
- gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
-
-div:
- rm -f a.out
- gcc -I.. -g div.c ../../libcrypto.a
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-update: bn_prime.h depend
-
-depend:
- @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
-bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
-bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
-bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_const.o: ../../include/openssl/opensslconf.h
-bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
-bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
-bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
-bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
-bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_err.o: bn_err.c
-bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
-bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h rsaz_exp.h
-bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
-bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
-bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
-bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
-bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
-bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
-bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
-bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
-bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
-bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
-bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
-bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
-bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
-bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
-bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
-bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
-bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
-bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
-bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
diff --git a/deps/openssl/openssl/crypto/bn/README.pod b/deps/openssl/openssl/crypto/bn/README.pod
new file mode 100644
index 0000000000..109ab0d914
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/README.pod
@@ -0,0 +1,247 @@
+=pod
+
+=head1 NAME
+
+bn_mul_words, bn_mul_add_words, bn_sqr_words, bn_div_words,
+bn_add_words, bn_sub_words, bn_mul_comba4, bn_mul_comba8,
+bn_sqr_comba4, bn_sqr_comba8, bn_cmp_words, bn_mul_normal,
+bn_mul_low_normal, bn_mul_recursive, bn_mul_part_recursive,
+bn_mul_low_recursive, bn_mul_high, bn_sqr_normal, bn_sqr_recursive,
+bn_expand, bn_wexpand, bn_expand2, bn_fix_top, bn_check_top,
+bn_print, bn_dump, bn_set_max, bn_set_high, bn_set_low - BIGNUM
+library internal functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num,
+ BN_ULONG w);
+ void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+ BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
+ int num);
+ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
+ int num);
+
+ void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+ void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a);
+ void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a);
+
+ int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n);
+
+ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b,
+ int nb);
+ void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
+ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+ int dna, int dnb, BN_ULONG *tmp);
+ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+ int n, int tna, int tnb, BN_ULONG *tmp);
+ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+ int n2, BN_ULONG *tmp);
+ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l,
+ int n2, BN_ULONG *tmp);
+
+ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
+ void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *tmp);
+
+ void mul(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
+ void mul_add(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
+ void sqr(BN_ULONG r0, BN_ULONG r1, BN_ULONG a);
+
+ BIGNUM *bn_expand(BIGNUM *a, int bits);
+ BIGNUM *bn_wexpand(BIGNUM *a, int n);
+ BIGNUM *bn_expand2(BIGNUM *a, int n);
+ void bn_fix_top(BIGNUM *a);
+
+ void bn_check_top(BIGNUM *a);
+ void bn_print(BIGNUM *a);
+ void bn_dump(BN_ULONG *d, int n);
+ void bn_set_max(BIGNUM *a);
+ void bn_set_high(BIGNUM *r, BIGNUM *a, int n);
+ void bn_set_low(BIGNUM *r, BIGNUM *a, int n);
+
+=head1 DESCRIPTION
+
+This page documents the internal functions used by the OpenSSL
+B<BIGNUM> implementation. They are described here to facilitate
+debugging and extending the library. They are I<not> to be used by
+applications.
+
+=head2 The BIGNUM structure
+
+ typedef struct bignum_st BIGNUM;
+
+ struct bignum_st
+ {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+ };
+
+
+The integer value is stored in B<d>, a malloc()ed array of words (B<BN_ULONG>),
+least significant word first. A B<BN_ULONG> can be either 16, 32 or 64 bits
+in size, depending on the 'number of bits' (B<BITS2>) specified in
+C<openssl/bn.h>.
+
+B<dmax> is the size of the B<d> array that has been allocated. B<top>
+is the number of words being used, so for a value of 4, bn.d[0]=4 and
+bn.top=1. B<neg> is 1 if the number is negative. When a B<BIGNUM> is
+B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
+
+B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
+flags begin with B<BN_FLG_>. The macros BN_set_flags(b, n) and
+BN_get_flags(b, n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
+structure B<b>.
+
+Various routines in this library require the use of temporary
+B<BIGNUM> variables during their execution. Since dynamic memory
+allocation to create B<BIGNUM>s is rather expensive when used in
+conjunction with repeated subroutine calls, the B<BN_CTX> structure is
+used. This structure contains B<BN_CTX_NUM> B<BIGNUM>s, see
+L<BN_CTX_start(3)>.
+
+=head2 Low-level arithmetic operations
+
+These functions are implemented in C and for several platforms in
+assembly language:
+
+bn_mul_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num> word
+arrays B<rp> and B<ap>. It computes B<ap> * B<w>, places the result
+in B<rp>, and returns the high word (carry).
+
+bn_mul_add_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num>
+word arrays B<rp> and B<ap>. It computes B<ap> * B<w> + B<rp>, places
+the result in B<rp>, and returns the high word (carry).
+
+bn_sqr_words(B<rp>, B<ap>, B<n>) operates on the B<num> word array
+B<ap> and the 2*B<num> word array B<ap>. It computes B<ap> * B<ap>
+word-wise, and places the low and high bytes of the result in B<rp>.
+
+bn_div_words(B<h>, B<l>, B<d>) divides the two word number (B<h>, B<l>)
+by B<d> and returns the result.
+
+bn_add_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
+arrays B<ap>, B<bp> and B<rp>. It computes B<ap> + B<bp>, places the
+result in B<rp>, and returns the high word (carry).
+
+bn_sub_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
+arrays B<ap>, B<bp> and B<rp>. It computes B<ap> - B<bp>, places the
+result in B<rp>, and returns the carry (1 if B<bp> E<gt> B<ap>, 0
+otherwise).
+
+bn_mul_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
+B<b> and the 8 word array B<r>. It computes B<a>*B<b> and places the
+result in B<r>.
+
+bn_mul_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
+B<b> and the 16 word array B<r>. It computes B<a>*B<b> and places the
+result in B<r>.
+
+bn_sqr_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
+B<b> and the 8 word array B<r>.
+
+bn_sqr_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
+B<b> and the 16 word array B<r>.
+
+The following functions are implemented in C:
+
+bn_cmp_words(B<a>, B<b>, B<n>) operates on the B<n> word arrays B<a>
+and B<b>. It returns 1, 0 and -1 if B<a> is greater than, equal and
+less than B<b>.
+
+bn_mul_normal(B<r>, B<a>, B<na>, B<b>, B<nb>) operates on the B<na>
+word array B<a>, the B<nb> word array B<b> and the B<na>+B<nb> word
+array B<r>. It computes B<a>*B<b> and places the result in B<r>.
+
+bn_mul_low_normal(B<r>, B<a>, B<b>, B<n>) operates on the B<n> word
+arrays B<r>, B<a> and B<b>. It computes the B<n> low words of
+B<a>*B<b> and places the result in B<r>.
+
+bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<dna>, B<dnb>, B<t>) operates
+on the word arrays B<a> and B<b> of length B<n2>+B<dna> and B<n2>+B<dnb>
+(B<dna> and B<dnb> are currently allowed to be 0 or negative) and the 2*B<n2>
+word arrays B<r> and B<t>. B<n2> must be a power of 2. It computes
+B<a>*B<b> and places the result in B<r>.
+
+bn_mul_part_recursive(B<r>, B<a>, B<b>, B<n>, B<tna>, B<tnb>, B<tmp>)
+operates on the word arrays B<a> and B<b> of length B<n>+B<tna> and
+B<n>+B<tnb> and the 4*B<n> word arrays B<r> and B<tmp>.
+
+bn_mul_low_recursive(B<r>, B<a>, B<b>, B<n2>, B<tmp>) operates on the
+B<n2> word arrays B<r> and B<tmp> and the B<n2>/2 word arrays B<a>
+and B<b>.
+
+bn_mul_high(B<r>, B<a>, B<b>, B<l>, B<n2>, B<tmp>) operates on the
+B<n2> word arrays B<r>, B<a>, B<b> and B<l> (?) and the 3*B<n2> word
+array B<tmp>.
+
+BN_mul() calls bn_mul_normal(), or an optimized implementation if the
+factors have the same size: bn_mul_comba8() is used if they are 8
+words long, bn_mul_recursive() if they are larger than
+B<BN_MULL_SIZE_NORMAL> and the size is an exact multiple of the word
+size, and bn_mul_part_recursive() for others that are larger than
+B<BN_MULL_SIZE_NORMAL>.
+
+bn_sqr_normal(B<r>, B<a>, B<n>, B<tmp>) operates on the B<n> word array
+B<a> and the 2*B<n> word arrays B<tmp> and B<r>.
+
+The implementations use the following macros which, depending on the
+architecture, may use "long long" C operations or inline assembler.
+They are defined in C<bn_lcl.h>.
+
+mul(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<c> and places the
+low word of the result in B<r> and the high word in B<c>.
+
+mul_add(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<r>+B<c> and
+places the low word of the result in B<r> and the high word in B<c>.
+
+sqr(B<r0>, B<r1>, B<a>) computes B<a>*B<a> and places the low word
+of the result in B<r0> and the high word in B<r1>.
+
+=head2 Size changes
+
+bn_expand() ensures that B<b> has enough space for a B<bits> bit
+number. bn_wexpand() ensures that B<b> has enough space for an
+B<n> word number. If the number has to be expanded, both macros
+call bn_expand2(), which allocates a new B<d> array and copies the
+data. They return B<NULL> on error, B<b> otherwise.
+
+The bn_fix_top() macro reduces B<a-E<gt>top> to point to the most
+significant non-zero word plus one when B<a> has shrunk.
+
+=head2 Debugging
+
+bn_check_top() verifies that C<((a)-E<gt>top E<gt>= 0 && (a)-E<gt>top
+E<lt>= (a)-E<gt>dmax)>. A violation will cause the program to abort.
+
+bn_print() prints B<a> to stderr. bn_dump() prints B<n> words at B<d>
+(in reverse order, i.e. most significant word first) to stderr.
+
+bn_set_max() makes B<a> a static number with a B<dmax> of its current size.
+This is used by bn_set_low() and bn_set_high() to make B<r> a read-only
+B<BIGNUM> that contains the B<n> low or high words of B<a>.
+
+If B<BN_DEBUG> is not defined, bn_check_top(), bn_print(), bn_dump()
+and bn_set_max() are defined as empty macros.
+
+=head1 SEE ALSO
+
+L<bn(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/deps/openssl/openssl/crypto/bn/asm/README b/deps/openssl/openssl/crypto/bn/asm/README
deleted file mode 100644
index b0f3a68a06..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/README
+++ /dev/null
@@ -1,27 +0,0 @@
-<OBSOLETE>
-
-All assember in this directory are just version of the file
-crypto/bn/bn_asm.c.
-
-Quite a few of these files are just the assember output from gcc since on
-quite a few machines they are 2 times faster than the system compiler.
-
-For the x86, I have hand written assember because of the bad job all
-compilers seem to do on it. This normally gives a 2 time speed up in the RSA
-routines.
-
-For the DEC alpha, I also hand wrote the assember (except the division which
-is just the output from the C compiler pasted on the end of the file).
-On the 2 alpha C compilers I had access to, it was not possible to do
-64b x 64b -> 128b calculations (both long and the long long data types
-were 64 bits). So the hand assember gives access to the 128 bit result and
-a 2 times speedup :-).
-
-There are 3 versions of assember for the HP PA-RISC.
-
-pa-risc.s is the origional one which works fine and generated using gcc :-)
-
-pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
-by Chris Ruemmler from HP (with some help from the HP C compiler).
-
-</OBSOLETE>
diff --git a/deps/openssl/openssl/crypto/bn/asm/alpha-mont.pl b/deps/openssl/openssl/crypto/bn/asm/alpha-mont.pl
index 03596e2014..1d68d6d072 100644
--- a/deps/openssl/openssl/crypto/bn/asm/alpha-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/alpha-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -15,6 +22,9 @@
# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x
# difference.
+$output=pop;
+open STDOUT,">$output";
+
# int bn_mul_mont(
$rp="a0"; # BN_ULONG *rp,
$ap="a1"; # const BN_ULONG *ap,
diff --git a/deps/openssl/openssl/crypto/bn/asm/armv4-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/armv4-gf2m.pl
index 72381a7724..0bb5433075 100644
--- a/deps/openssl/openssl/crypto/bn/asm/armv4-gf2m.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/armv4-gf2m.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -32,14 +39,31 @@
#
# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
+$flavour = shift;
+if ($flavour=~/\w[\w\-]*\.\w+$/) { $output=$flavour; undef $flavour; }
+else { while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} }
+
+if ($flavour && $flavour ne "void") {
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or
+ ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or
+ die "can't locate arm-xlate.pl";
+
+ open STDOUT,"| \"$^X\" $xlate $flavour $output";
+} else {
+ open STDOUT,">$output";
+}
$code=<<___;
#include "arm_arch.h"
.text
+#if defined(__thumb2__)
+.syntax unified
+.thumb
+#else
.code 32
+#endif
___
################
# private interface to mul_1x1_ialu
@@ -120,11 +144,17 @@ mul_1x1_ialu:
eor $hi,$hi,$t0,lsr#8
ldr $t0,[sp,$i0] @ tab[b >> 30 ]
+#ifdef __thumb2__
+ itt ne
+#endif
eorne $lo,$lo,$b,lsl#30
eorne $hi,$hi,$b,lsr#2
tst $a,#1<<31
eor $lo,$lo,$t1,lsl#27
eor $hi,$hi,$t1,lsr#5
+#ifdef __thumb2__
+ itt ne
+#endif
eorne $lo,$lo,$b,lsl#31
eorne $hi,$hi,$b,lsr#1
eor $lo,$lo,$t0,lsl#30
@@ -144,20 +174,33 @@ $code.=<<___;
.align 5
bn_GF2m_mul_2x2:
#if __ARM_MAX_ARCH__>=7
+ stmdb sp!,{r10,lr}
ldr r12,.LOPENSSL_armcap
-.Lpic: ldr r12,[pc,r12]
- tst r12,#1
+ adr r10,.LOPENSSL_armcap
+ ldr r12,[r12,r10]
+#ifdef __APPLE__
+ ldr r12,[r12]
+#endif
+ tst r12,#ARMV7_NEON
+ itt ne
+ ldrne r10,[sp],#8
bne .LNEON
+ stmdb sp!,{r4-r9}
+#else
+ stmdb sp!,{r4-r10,lr}
#endif
___
$ret="r10"; # reassigned 1st argument
$code.=<<___;
- stmdb sp!,{r4-r10,lr}
mov $ret,r0 @ reassign 1st argument
mov $b,r3 @ $b=b1
+ sub r7,sp,#36
+ mov r8,sp
+ and r7,r7,#-32
ldr r3,[sp,#32] @ load b0
mov $mask,#7<<2
- sub sp,sp,#32 @ allocate tab[8]
+ mov sp,r7 @ allocate tab[8]
+ str r8,[r7,#32]
bl mul_1x1_ialu @ a1·b1
str $lo,[$ret,#8]
@@ -181,6 +224,7 @@ ___
$code.=<<___;
ldmia $ret,{@r[0]-@r[3]}
eor $lo,$lo,$hi
+ ldr sp,[sp,#32] @ destroy tab[8]
eor $hi,$hi,@r[1]
eor $lo,$lo,@r[0]
eor $hi,$hi,@r[2]
@@ -188,7 +232,6 @@ $code.=<<___;
eor $hi,$hi,@r[3]
str $hi,[$ret,#8]
eor $lo,$lo,$hi
- add sp,sp,#32 @ destroy tab[8]
str $lo,[$ret,#4]
#if __ARM_ARCH__>=5
@@ -213,8 +256,8 @@ $code.=<<___;
.align 5
.LNEON:
ldr r12, [sp] @ 5th argument
- vmov.32 $a, r2, r1
- vmov.32 $b, r12, r3
+ vmov $a, r2, r1
+ vmov $b, r12, r3
vmov.i64 $k48, #0x0000ffffffffffff
vmov.i64 $k32, #0x00000000ffffffff
vmov.i64 $k16, #0x000000000000ffff
@@ -267,7 +310,7 @@ $code.=<<___;
#if __ARM_MAX_ARCH__>=7
.align 5
.LOPENSSL_armcap:
-.word OPENSSL_armcap_P-(.Lpic+8)
+.word OPENSSL_armcap_P-.
#endif
.asciz "GF(2^m) Multiplication for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
.align 5
diff --git a/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl b/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
index 1d330e9f8a..0dc4fe95e4 100644
--- a/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -38,8 +45,29 @@
# for execution on all NEON-capable processors, because gain on
# others outweighs the marginal loss on Cortex-A9.
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
+# September 2015
+#
+# Align Cortex-A9 performance with November 2013 improvements, i.e.
+# NEON code is now ~20-105% faster than integer-only one on this
+# processor. But this optimization further improved performance even
+# on other processors: NEON code path is ~45-180% faster than original
+# integer-only on Cortex-A8, ~10-210% on Cortex-A15, ~70-450% on
+# Snapdragon S4.
+
+$flavour = shift;
+if ($flavour=~/\w[\w\-]*\.\w+$/) { $output=$flavour; undef $flavour; }
+else { while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} }
+
+if ($flavour && $flavour ne "void") {
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or
+ ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or
+ die "can't locate arm-xlate.pl";
+
+ open STDOUT,"| \"$^X\" $xlate $flavour $output";
+} else {
+ open STDOUT,">$output";
+}
$num="r0"; # starts as num argument, but holds &tp[num-1]
$ap="r1";
@@ -70,12 +98,17 @@ $code=<<___;
#include "arm_arch.h"
.text
+#if defined(__thumb2__)
+.syntax unified
+.thumb
+#else
.code 32
+#endif
#if __ARM_MAX_ARCH__>=7
.align 5
.LOPENSSL_armcap:
-.word OPENSSL_armcap_P-bn_mul_mont
+.word OPENSSL_armcap_P-.Lbn_mul_mont
#endif
.global bn_mul_mont
@@ -83,15 +116,19 @@ $code=<<___;
.align 5
bn_mul_mont:
+.Lbn_mul_mont:
ldr ip,[sp,#4] @ load num
stmdb sp!,{r0,r2} @ sp points at argument block
#if __ARM_MAX_ARCH__>=7
tst ip,#7
bne .Lialu
- adr r0,bn_mul_mont
+ adr r0,.Lbn_mul_mont
ldr r2,.LOPENSSL_armcap
ldr r0,[r0,r2]
- tst r0,#1 @ NEON available?
+#ifdef __APPLE__
+ ldr r0,[r0]
+#endif
+ tst r0,#ARMV7_NEON @ NEON available?
ldmia sp, {r0,r2}
beq .Lialu
add sp,sp,#8
@@ -101,6 +138,9 @@ bn_mul_mont:
#endif
cmp ip,#2
mov $num,ip @ load num
+#ifdef __thumb2__
+ ittt lt
+#endif
movlt r0,#0
addlt sp,sp,#2*4
blt .Labrt
@@ -148,10 +188,11 @@ bn_mul_mont:
ldr $n0,[$_n0] @ restore n0
adc $nhi,$nhi,#0
str $nlo,[$num] @ tp[num-1]=
+ mov $tj,sp
str $nhi,[$num,#4] @ tp[num]=
.Louter:
- sub $tj,$num,sp @ "original" $num-1 value
+ sub $tj,$num,$tj @ "original" $num-1 value
sub $ap,$ap,$tj @ "rewind" ap to &ap[1]
ldr $bi,[$tp,#4]! @ *(++bp)
sub $np,$np,$tj @ "rewind" np to &np[1]
@@ -196,11 +237,16 @@ bn_mul_mont:
str $nhi,[$num,#4] @ tp[num]=
cmp $tp,$tj
+#ifdef __thumb2__
+ itt ne
+#endif
+ movne $tj,sp
bne .Louter
ldr $rp,[$_rp] @ pull rp
+ mov $aj,sp
add $num,$num,#4 @ $num to point at &tp[num]
- sub $aj,$num,sp @ "original" num value
+ sub $aj,$num,$aj @ "original" num value
mov $tp,sp @ "rewind" $tp
mov $ap,$tp @ "borrow" $ap
sub $np,$np,$aj @ "rewind" $np to &np[0]
@@ -226,7 +272,8 @@ bn_mul_mont:
cmp $tp,$num
bne .Lcopy
- add sp,$num,#4 @ skip over tp[num+1]
+ mov sp,$num
+ add sp,sp,#4 @ skip over tp[num+1]
ldmia sp!,{r4-r12,lr} @ restore registers
add sp,sp,#2*4 @ skip over {r0,r2}
mov r0,#1
@@ -241,19 +288,16 @@ bn_mul_mont:
.size bn_mul_mont,.-bn_mul_mont
___
{
-sub Dlo() { shift=~m|q([1]?[0-9])|?"d".($1*2):""; }
-sub Dhi() { shift=~m|q([1]?[0-9])|?"d".($1*2+1):""; }
-
my ($A0,$A1,$A2,$A3)=map("d$_",(0..3));
my ($N0,$N1,$N2,$N3)=map("d$_",(4..7));
my ($Z,$Temp)=("q4","q5");
-my ($A0xB,$A1xB,$A2xB,$A3xB,$A4xB,$A5xB,$A6xB,$A7xB)=map("q$_",(6..13));
+my @ACC=map("q$_",(6..13));
my ($Bi,$Ni,$M0)=map("d$_",(28..31));
-my $zero=&Dlo($Z);
-my $temp=&Dlo($Temp);
+my $zero="$Z#lo";
+my $temp="$Temp#lo";
my ($rptr,$aptr,$bptr,$nptr,$n0,$num)=map("r$_",(0..5));
-my ($tinptr,$toutptr,$inner,$outer)=map("r$_",(6..9));
+my ($tinptr,$toutptr,$inner,$outer,$bnptr)=map("r$_",(6..11));
$code.=<<___;
#if __ARM_MAX_ARCH__>=7
@@ -267,60 +311,60 @@ bn_mul8x_mont_neon:
stmdb sp!,{r4-r11}
vstmdb sp!,{d8-d15} @ ABI specification says so
ldmia ip,{r4-r5} @ load rest of parameter block
+ mov ip,sp
+
+ cmp $num,#8
+ bhi .LNEON_8n
+
+ @ special case for $num==8, everything is in register bank...
- sub $toutptr,sp,#16
vld1.32 {${Bi}[0]}, [$bptr,:32]!
- sub $toutptr,$toutptr,$num,lsl#4
+ veor $zero,$zero,$zero
+ sub $toutptr,sp,$num,lsl#4
vld1.32 {$A0-$A3}, [$aptr]! @ can't specify :32 :-(
and $toutptr,$toutptr,#-64
vld1.32 {${M0}[0]}, [$n0,:32]
mov sp,$toutptr @ alloca
- veor $zero,$zero,$zero
- subs $inner,$num,#8
vzip.16 $Bi,$zero
- vmull.u32 $A0xB,$Bi,${A0}[0]
- vmull.u32 $A1xB,$Bi,${A0}[1]
- vmull.u32 $A2xB,$Bi,${A1}[0]
- vshl.i64 $temp,`&Dhi("$A0xB")`,#16
- vmull.u32 $A3xB,$Bi,${A1}[1]
+ vmull.u32 @ACC[0],$Bi,${A0}[0]
+ vmull.u32 @ACC[1],$Bi,${A0}[1]
+ vmull.u32 @ACC[2],$Bi,${A1}[0]
+ vshl.i64 $Ni,@ACC[0]#hi,#16
+ vmull.u32 @ACC[3],$Bi,${A1}[1]
- vadd.u64 $temp,$temp,`&Dlo("$A0xB")`
+ vadd.u64 $Ni,$Ni,@ACC[0]#lo
veor $zero,$zero,$zero
- vmul.u32 $Ni,$temp,$M0
+ vmul.u32 $Ni,$Ni,$M0
- vmull.u32 $A4xB,$Bi,${A2}[0]
+ vmull.u32 @ACC[4],$Bi,${A2}[0]
vld1.32 {$N0-$N3}, [$nptr]!
- vmull.u32 $A5xB,$Bi,${A2}[1]
- vmull.u32 $A6xB,$Bi,${A3}[0]
+ vmull.u32 @ACC[5],$Bi,${A2}[1]
+ vmull.u32 @ACC[6],$Bi,${A3}[0]
vzip.16 $Ni,$zero
- vmull.u32 $A7xB,$Bi,${A3}[1]
-
- bne .LNEON_1st
-
- @ special case for num=8, everything is in register bank...
+ vmull.u32 @ACC[7],$Bi,${A3}[1]
- vmlal.u32 $A0xB,$Ni,${N0}[0]
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
sub $outer,$num,#1
- vmlal.u32 $A1xB,$Ni,${N0}[1]
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vmov $Temp,$A0xB
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vmov $A0xB,$A1xB
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vmov $A1xB,$A2xB
- vmlal.u32 $A7xB,$Ni,${N3}[1]
- vmov $A2xB,$A3xB
- vmov $A3xB,$A4xB
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vmov $Temp,@ACC[0]
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vmov @ACC[0],@ACC[1]
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vmov @ACC[1],@ACC[2]
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+ vmov @ACC[2],@ACC[3]
+ vmov @ACC[3],@ACC[4]
vshr.u64 $temp,$temp,#16
- vmov $A4xB,$A5xB
- vmov $A5xB,$A6xB
- vadd.u64 $temp,$temp,`&Dhi("$Temp")`
- vmov $A6xB,$A7xB
- veor $A7xB,$A7xB
+ vmov @ACC[4],@ACC[5]
+ vmov @ACC[5],@ACC[6]
+ vadd.u64 $temp,$temp,$Temp#hi
+ vmov @ACC[6],@ACC[7]
+ veor @ACC[7],@ACC[7]
vshr.u64 $temp,$temp,#16
b .LNEON_outer8
@@ -330,279 +374,302 @@ bn_mul8x_mont_neon:
vld1.32 {${Bi}[0]}, [$bptr,:32]!
veor $zero,$zero,$zero
vzip.16 $Bi,$zero
- vadd.u64 `&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+ vadd.u64 @ACC[0]#lo,@ACC[0]#lo,$temp
- vmlal.u32 $A0xB,$Bi,${A0}[0]
- vmlal.u32 $A1xB,$Bi,${A0}[1]
- vmlal.u32 $A2xB,$Bi,${A1}[0]
- vshl.i64 $temp,`&Dhi("$A0xB")`,#16
- vmlal.u32 $A3xB,$Bi,${A1}[1]
+ vmlal.u32 @ACC[0],$Bi,${A0}[0]
+ vmlal.u32 @ACC[1],$Bi,${A0}[1]
+ vmlal.u32 @ACC[2],$Bi,${A1}[0]
+ vshl.i64 $Ni,@ACC[0]#hi,#16
+ vmlal.u32 @ACC[3],$Bi,${A1}[1]
- vadd.u64 $temp,$temp,`&Dlo("$A0xB")`
+ vadd.u64 $Ni,$Ni,@ACC[0]#lo
veor $zero,$zero,$zero
subs $outer,$outer,#1
- vmul.u32 $Ni,$temp,$M0
+ vmul.u32 $Ni,$Ni,$M0
- vmlal.u32 $A4xB,$Bi,${A2}[0]
- vmlal.u32 $A5xB,$Bi,${A2}[1]
- vmlal.u32 $A6xB,$Bi,${A3}[0]
+ vmlal.u32 @ACC[4],$Bi,${A2}[0]
+ vmlal.u32 @ACC[5],$Bi,${A2}[1]
+ vmlal.u32 @ACC[6],$Bi,${A3}[0]
vzip.16 $Ni,$zero
- vmlal.u32 $A7xB,$Bi,${A3}[1]
-
- vmlal.u32 $A0xB,$Ni,${N0}[0]
- vmlal.u32 $A1xB,$Ni,${N0}[1]
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vmov $Temp,$A0xB
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vmov $A0xB,$A1xB
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vmov $A1xB,$A2xB
- vmlal.u32 $A7xB,$Ni,${N3}[1]
- vmov $A2xB,$A3xB
- vmov $A3xB,$A4xB
+ vmlal.u32 @ACC[7],$Bi,${A3}[1]
+
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vmov $Temp,@ACC[0]
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vmov @ACC[0],@ACC[1]
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vmov @ACC[1],@ACC[2]
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+ vmov @ACC[2],@ACC[3]
+ vmov @ACC[3],@ACC[4]
vshr.u64 $temp,$temp,#16
- vmov $A4xB,$A5xB
- vmov $A5xB,$A6xB
- vadd.u64 $temp,$temp,`&Dhi("$Temp")`
- vmov $A6xB,$A7xB
- veor $A7xB,$A7xB
+ vmov @ACC[4],@ACC[5]
+ vmov @ACC[5],@ACC[6]
+ vadd.u64 $temp,$temp,$Temp#hi
+ vmov @ACC[6],@ACC[7]
+ veor @ACC[7],@ACC[7]
vshr.u64 $temp,$temp,#16
bne .LNEON_outer8
- vadd.u64 `&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+ vadd.u64 @ACC[0]#lo,@ACC[0]#lo,$temp
mov $toutptr,sp
- vshr.u64 $temp,`&Dlo("$A0xB")`,#16
+ vshr.u64 $temp,@ACC[0]#lo,#16
mov $inner,$num
- vadd.u64 `&Dhi("$A0xB")`,`&Dhi("$A0xB")`,$temp
- add $tinptr,sp,#16
- vshr.u64 $temp,`&Dhi("$A0xB")`,#16
- vzip.16 `&Dlo("$A0xB")`,`&Dhi("$A0xB")`
+ vadd.u64 @ACC[0]#hi,@ACC[0]#hi,$temp
+ add $tinptr,sp,#96
+ vshr.u64 $temp,@ACC[0]#hi,#16
+ vzip.16 @ACC[0]#lo,@ACC[0]#hi
- b .LNEON_tail2
+ b .LNEON_tail_entry
.align 4
-.LNEON_1st:
- vmlal.u32 $A0xB,$Ni,${N0}[0]
- vld1.32 {$A0-$A3}, [$aptr]!
- vmlal.u32 $A1xB,$Ni,${N0}[1]
+.LNEON_8n:
+ veor @ACC[0],@ACC[0],@ACC[0]
+ sub $toutptr,sp,#128
+ veor @ACC[1],@ACC[1],@ACC[1]
+ sub $toutptr,$toutptr,$num,lsl#4
+ veor @ACC[2],@ACC[2],@ACC[2]
+ and $toutptr,$toutptr,#-64
+ veor @ACC[3],@ACC[3],@ACC[3]
+ mov sp,$toutptr @ alloca
+ veor @ACC[4],@ACC[4],@ACC[4]
+ add $toutptr,$toutptr,#256
+ veor @ACC[5],@ACC[5],@ACC[5]
+ sub $inner,$num,#8
+ veor @ACC[6],@ACC[6],@ACC[6]
+ veor @ACC[7],@ACC[7],@ACC[7]
+
+.LNEON_8n_init:
+ vst1.64 {@ACC[0]-@ACC[1]},[$toutptr,:256]!
subs $inner,$inner,#8
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vld1.32 {$N0-$N1}, [$nptr]!
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vst1.64 {$A0xB-$A1xB}, [$toutptr,:256]!
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vmlal.u32 $A7xB,$Ni,${N3}[1]
- vst1.64 {$A2xB-$A3xB}, [$toutptr,:256]!
-
- vmull.u32 $A0xB,$Bi,${A0}[0]
- vld1.32 {$N2-$N3}, [$nptr]!
- vmull.u32 $A1xB,$Bi,${A0}[1]
- vst1.64 {$A4xB-$A5xB}, [$toutptr,:256]!
- vmull.u32 $A2xB,$Bi,${A1}[0]
- vmull.u32 $A3xB,$Bi,${A1}[1]
- vst1.64 {$A6xB-$A7xB}, [$toutptr,:256]!
-
- vmull.u32 $A4xB,$Bi,${A2}[0]
- vmull.u32 $A5xB,$Bi,${A2}[1]
- vmull.u32 $A6xB,$Bi,${A3}[0]
- vmull.u32 $A7xB,$Bi,${A3}[1]
-
- bne .LNEON_1st
-
- vmlal.u32 $A0xB,$Ni,${N0}[0]
- add $tinptr,sp,#16
- vmlal.u32 $A1xB,$Ni,${N0}[1]
- sub $aptr,$aptr,$num,lsl#2 @ rewind $aptr
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vld1.64 {$Temp}, [sp,:128]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
- sub $outer,$num,#1
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vst1.64 {$A0xB-$A1xB}, [$toutptr,:256]!
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vshr.u64 $temp,$temp,#16
- vld1.64 {$A0xB}, [$tinptr, :128]!
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vst1.64 {$A2xB-$A3xB}, [$toutptr,:256]!
- vmlal.u32 $A7xB,$Ni,${N3}[1]
-
- vst1.64 {$A4xB-$A5xB}, [$toutptr,:256]!
- vadd.u64 $temp,$temp,`&Dhi("$Temp")`
- veor $Z,$Z,$Z
- vst1.64 {$A6xB-$A7xB}, [$toutptr,:256]!
- vld1.64 {$A1xB-$A2xB}, [$tinptr, :256]!
- vst1.64 {$Z}, [$toutptr,:128]
- vshr.u64 $temp,$temp,#16
-
- b .LNEON_outer
+ vst1.64 {@ACC[2]-@ACC[3]},[$toutptr,:256]!
+ vst1.64 {@ACC[4]-@ACC[5]},[$toutptr,:256]!
+ vst1.64 {@ACC[6]-@ACC[7]},[$toutptr,:256]!
+ bne .LNEON_8n_init
+
+ add $tinptr,sp,#256
+ vld1.32 {$A0-$A3},[$aptr]!
+ add $bnptr,sp,#8
+ vld1.32 {${M0}[0]},[$n0,:32]
+ mov $outer,$num
+ b .LNEON_8n_outer
.align 4
-.LNEON_outer:
- vld1.32 {${Bi}[0]}, [$bptr,:32]!
- sub $nptr,$nptr,$num,lsl#2 @ rewind $nptr
- vld1.32 {$A0-$A3}, [$aptr]!
+.LNEON_8n_outer:
+ vld1.32 {${Bi}[0]},[$bptr,:32]! @ *b++
veor $zero,$zero,$zero
- mov $toutptr,sp
vzip.16 $Bi,$zero
+ add $toutptr,sp,#128
+ vld1.32 {$N0-$N3},[$nptr]!
+
+ vmlal.u32 @ACC[0],$Bi,${A0}[0]
+ vmlal.u32 @ACC[1],$Bi,${A0}[1]
+ veor $zero,$zero,$zero
+ vmlal.u32 @ACC[2],$Bi,${A1}[0]
+ vshl.i64 $Ni,@ACC[0]#hi,#16
+ vmlal.u32 @ACC[3],$Bi,${A1}[1]
+ vadd.u64 $Ni,$Ni,@ACC[0]#lo
+ vmlal.u32 @ACC[4],$Bi,${A2}[0]
+ vmul.u32 $Ni,$Ni,$M0
+ vmlal.u32 @ACC[5],$Bi,${A2}[1]
+ vst1.32 {$Bi},[sp,:64] @ put aside smashed b[8*i+0]
+ vmlal.u32 @ACC[6],$Bi,${A3}[0]
+ vzip.16 $Ni,$zero
+ vmlal.u32 @ACC[7],$Bi,${A3}[1]
+___
+for ($i=0; $i<7;) {
+$code.=<<___;
+ vld1.32 {${Bi}[0]},[$bptr,:32]! @ *b++
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
+ veor $temp,$temp,$temp
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vzip.16 $Bi,$temp
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ vshr.u64 @ACC[0]#lo,@ACC[0]#lo,#16
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vadd.u64 @ACC[0]#lo,@ACC[0]#lo,@ACC[0]#hi
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vshr.u64 @ACC[0]#lo,@ACC[0]#lo,#16
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+ vadd.u64 @ACC[1]#lo,@ACC[1]#lo,@ACC[0]#lo
+ vst1.32 {$Ni},[$bnptr,:64]! @ put aside smashed m[8*i+$i]
+___
+ push(@ACC,shift(@ACC)); $i++;
+$code.=<<___;
+ vmlal.u32 @ACC[0],$Bi,${A0}[0]
+ vld1.64 {@ACC[7]},[$tinptr,:128]!
+ vmlal.u32 @ACC[1],$Bi,${A0}[1]
+ veor $zero,$zero,$zero
+ vmlal.u32 @ACC[2],$Bi,${A1}[0]
+ vshl.i64 $Ni,@ACC[0]#hi,#16
+ vmlal.u32 @ACC[3],$Bi,${A1}[1]
+ vadd.u64 $Ni,$Ni,@ACC[0]#lo
+ vmlal.u32 @ACC[4],$Bi,${A2}[0]
+ vmul.u32 $Ni,$Ni,$M0
+ vmlal.u32 @ACC[5],$Bi,${A2}[1]
+ vst1.32 {$Bi},[$bnptr,:64]! @ put aside smashed b[8*i+$i]
+ vmlal.u32 @ACC[6],$Bi,${A3}[0]
+ vzip.16 $Ni,$zero
+ vmlal.u32 @ACC[7],$Bi,${A3}[1]
+___
+}
+$code.=<<___;
+ vld1.32 {$Bi},[sp,:64] @ pull smashed b[8*i+0]
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
+ vld1.32 {$A0-$A3},[$aptr]!
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ vshr.u64 @ACC[0]#lo,@ACC[0]#lo,#16
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vadd.u64 @ACC[0]#lo,@ACC[0]#lo,@ACC[0]#hi
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vshr.u64 @ACC[0]#lo,@ACC[0]#lo,#16
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+ vadd.u64 @ACC[1]#lo,@ACC[1]#lo,@ACC[0]#lo
+ vst1.32 {$Ni},[$bnptr,:64] @ put aside smashed m[8*i+$i]
+ add $bnptr,sp,#8 @ rewind
+___
+ push(@ACC,shift(@ACC));
+$code.=<<___;
sub $inner,$num,#8
- vadd.u64 `&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
-
- vmlal.u32 $A0xB,$Bi,${A0}[0]
- vld1.64 {$A3xB-$A4xB},[$tinptr,:256]!
- vmlal.u32 $A1xB,$Bi,${A0}[1]
- vmlal.u32 $A2xB,$Bi,${A1}[0]
- vld1.64 {$A5xB-$A6xB},[$tinptr,:256]!
- vmlal.u32 $A3xB,$Bi,${A1}[1]
+ b .LNEON_8n_inner
- vshl.i64 $temp,`&Dhi("$A0xB")`,#16
- veor $zero,$zero,$zero
- vadd.u64 $temp,$temp,`&Dlo("$A0xB")`
- vld1.64 {$A7xB},[$tinptr,:128]!
- vmul.u32 $Ni,$temp,$M0
-
- vmlal.u32 $A4xB,$Bi,${A2}[0]
- vld1.32 {$N0-$N3}, [$nptr]!
- vmlal.u32 $A5xB,$Bi,${A2}[1]
- vmlal.u32 $A6xB,$Bi,${A3}[0]
- vzip.16 $Ni,$zero
- vmlal.u32 $A7xB,$Bi,${A3}[1]
-
-.LNEON_inner:
- vmlal.u32 $A0xB,$Ni,${N0}[0]
- vld1.32 {$A0-$A3}, [$aptr]!
- vmlal.u32 $A1xB,$Ni,${N0}[1]
- subs $inner,$inner,#8
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
- vst1.64 {$A0xB-$A1xB}, [$toutptr,:256]!
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vld1.64 {$A0xB}, [$tinptr, :128]!
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vst1.64 {$A2xB-$A3xB}, [$toutptr,:256]!
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vld1.64 {$A1xB-$A2xB}, [$tinptr, :256]!
- vmlal.u32 $A7xB,$Ni,${N3}[1]
- vst1.64 {$A4xB-$A5xB}, [$toutptr,:256]!
-
- vmlal.u32 $A0xB,$Bi,${A0}[0]
- vld1.64 {$A3xB-$A4xB}, [$tinptr, :256]!
- vmlal.u32 $A1xB,$Bi,${A0}[1]
- vst1.64 {$A6xB-$A7xB}, [$toutptr,:256]!
- vmlal.u32 $A2xB,$Bi,${A1}[0]
- vld1.64 {$A5xB-$A6xB}, [$tinptr, :256]!
- vmlal.u32 $A3xB,$Bi,${A1}[1]
- vld1.32 {$N0-$N3}, [$nptr]!
-
- vmlal.u32 $A4xB,$Bi,${A2}[0]
- vld1.64 {$A7xB}, [$tinptr, :128]!
- vmlal.u32 $A5xB,$Bi,${A2}[1]
- vmlal.u32 $A6xB,$Bi,${A3}[0]
- vmlal.u32 $A7xB,$Bi,${A3}[1]
-
- bne .LNEON_inner
-
- vmlal.u32 $A0xB,$Ni,${N0}[0]
- add $tinptr,sp,#16
- vmlal.u32 $A1xB,$Ni,${N0}[1]
- sub $aptr,$aptr,$num,lsl#2 @ rewind $aptr
- vmlal.u32 $A2xB,$Ni,${N1}[0]
- vld1.64 {$Temp}, [sp,:128]
- vmlal.u32 $A3xB,$Ni,${N1}[1]
- subs $outer,$outer,#1
-
- vmlal.u32 $A4xB,$Ni,${N2}[0]
- vst1.64 {$A0xB-$A1xB}, [$toutptr,:256]!
- vmlal.u32 $A5xB,$Ni,${N2}[1]
- vld1.64 {$A0xB}, [$tinptr, :128]!
- vshr.u64 $temp,$temp,#16
- vst1.64 {$A2xB-$A3xB}, [$toutptr,:256]!
- vmlal.u32 $A6xB,$Ni,${N3}[0]
- vld1.64 {$A1xB-$A2xB}, [$tinptr, :256]!
- vmlal.u32 $A7xB,$Ni,${N3}[1]
-
- vst1.64 {$A4xB-$A5xB}, [$toutptr,:256]!
- vadd.u64 $temp,$temp,`&Dhi("$Temp")`
- vst1.64 {$A6xB-$A7xB}, [$toutptr,:256]!
- vshr.u64 $temp,$temp,#16
-
- bne .LNEON_outer
+.align 4
+.LNEON_8n_inner:
+ subs $inner,$inner,#8
+ vmlal.u32 @ACC[0],$Bi,${A0}[0]
+ vld1.64 {@ACC[7]},[$tinptr,:128]
+ vmlal.u32 @ACC[1],$Bi,${A0}[1]
+ vld1.32 {$Ni},[$bnptr,:64]! @ pull smashed m[8*i+0]
+ vmlal.u32 @ACC[2],$Bi,${A1}[0]
+ vld1.32 {$N0-$N3},[$nptr]!
+ vmlal.u32 @ACC[3],$Bi,${A1}[1]
+ it ne
+ addne $tinptr,$tinptr,#16 @ don't advance in last iteration
+ vmlal.u32 @ACC[4],$Bi,${A2}[0]
+ vmlal.u32 @ACC[5],$Bi,${A2}[1]
+ vmlal.u32 @ACC[6],$Bi,${A3}[0]
+ vmlal.u32 @ACC[7],$Bi,${A3}[1]
+___
+for ($i=1; $i<8; $i++) {
+$code.=<<___;
+ vld1.32 {$Bi},[$bnptr,:64]! @ pull smashed b[8*i+$i]
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+ vst1.64 {@ACC[0]},[$toutptr,:128]!
+___
+ push(@ACC,shift(@ACC));
+$code.=<<___;
+ vmlal.u32 @ACC[0],$Bi,${A0}[0]
+ vld1.64 {@ACC[7]},[$tinptr,:128]
+ vmlal.u32 @ACC[1],$Bi,${A0}[1]
+ vld1.32 {$Ni},[$bnptr,:64]! @ pull smashed m[8*i+$i]
+ vmlal.u32 @ACC[2],$Bi,${A1}[0]
+ it ne
+ addne $tinptr,$tinptr,#16 @ don't advance in last iteration
+ vmlal.u32 @ACC[3],$Bi,${A1}[1]
+ vmlal.u32 @ACC[4],$Bi,${A2}[0]
+ vmlal.u32 @ACC[5],$Bi,${A2}[1]
+ vmlal.u32 @ACC[6],$Bi,${A3}[0]
+ vmlal.u32 @ACC[7],$Bi,${A3}[1]
+___
+}
+$code.=<<___;
+ it eq
+ subeq $aptr,$aptr,$num,lsl#2 @ rewind
+ vmlal.u32 @ACC[0],$Ni,${N0}[0]
+ vld1.32 {$Bi},[sp,:64] @ pull smashed b[8*i+0]
+ vmlal.u32 @ACC[1],$Ni,${N0}[1]
+ vld1.32 {$A0-$A3},[$aptr]!
+ vmlal.u32 @ACC[2],$Ni,${N1}[0]
+ add $bnptr,sp,#8 @ rewind
+ vmlal.u32 @ACC[3],$Ni,${N1}[1]
+ vmlal.u32 @ACC[4],$Ni,${N2}[0]
+ vmlal.u32 @ACC[5],$Ni,${N2}[1]
+ vmlal.u32 @ACC[6],$Ni,${N3}[0]
+ vst1.64 {@ACC[0]},[$toutptr,:128]!
+ vmlal.u32 @ACC[7],$Ni,${N3}[1]
+
+ bne .LNEON_8n_inner
+___
+ push(@ACC,shift(@ACC));
+$code.=<<___;
+ add $tinptr,sp,#128
+ vst1.64 {@ACC[0]-@ACC[1]},[$toutptr,:256]!
+ veor q2,q2,q2 @ $N0-$N1
+ vst1.64 {@ACC[2]-@ACC[3]},[$toutptr,:256]!
+ veor q3,q3,q3 @ $N2-$N3
+ vst1.64 {@ACC[4]-@ACC[5]},[$toutptr,:256]!
+ vst1.64 {@ACC[6]},[$toutptr,:128]
+
+ subs $outer,$outer,#8
+ vld1.64 {@ACC[0]-@ACC[1]},[$tinptr,:256]!
+ vld1.64 {@ACC[2]-@ACC[3]},[$tinptr,:256]!
+ vld1.64 {@ACC[4]-@ACC[5]},[$tinptr,:256]!
+ vld1.64 {@ACC[6]-@ACC[7]},[$tinptr,:256]!
+
+ itt ne
+ subne $nptr,$nptr,$num,lsl#2 @ rewind
+ bne .LNEON_8n_outer
+
+ add $toutptr,sp,#128
+ vst1.64 {q2-q3}, [sp,:256]! @ start wiping stack frame
+ vshr.u64 $temp,@ACC[0]#lo,#16
+ vst1.64 {q2-q3},[sp,:256]!
+ vadd.u64 @ACC[0]#hi,@ACC[0]#hi,$temp
+ vst1.64 {q2-q3}, [sp,:256]!
+ vshr.u64 $temp,@ACC[0]#hi,#16
+ vst1.64 {q2-q3}, [sp,:256]!
+ vzip.16 @ACC[0]#lo,@ACC[0]#hi
- mov $toutptr,sp
mov $inner,$num
+ b .LNEON_tail_entry
+.align 4
.LNEON_tail:
- vadd.u64 `&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
- vld1.64 {$A3xB-$A4xB}, [$tinptr, :256]!
- vshr.u64 $temp,`&Dlo("$A0xB")`,#16
- vadd.u64 `&Dhi("$A0xB")`,`&Dhi("$A0xB")`,$temp
- vld1.64 {$A5xB-$A6xB}, [$tinptr, :256]!
- vshr.u64 $temp,`&Dhi("$A0xB")`,#16
- vld1.64 {$A7xB}, [$tinptr, :128]!
- vzip.16 `&Dlo("$A0xB")`,`&Dhi("$A0xB")`
-
-.LNEON_tail2:
- vadd.u64 `&Dlo("$A1xB")`,`&Dlo("$A1xB")`,$temp
- vst1.32 {`&Dlo("$A0xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A1xB")`,#16
- vadd.u64 `&Dhi("$A1xB")`,`&Dhi("$A1xB")`,$temp
- vshr.u64 $temp,`&Dhi("$A1xB")`,#16
- vzip.16 `&Dlo("$A1xB")`,`&Dhi("$A1xB")`
-
- vadd.u64 `&Dlo("$A2xB")`,`&Dlo("$A2xB")`,$temp
- vst1.32 {`&Dlo("$A1xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A2xB")`,#16
- vadd.u64 `&Dhi("$A2xB")`,`&Dhi("$A2xB")`,$temp
- vshr.u64 $temp,`&Dhi("$A2xB")`,#16
- vzip.16 `&Dlo("$A2xB")`,`&Dhi("$A2xB")`
-
- vadd.u64 `&Dlo("$A3xB")`,`&Dlo("$A3xB")`,$temp
- vst1.32 {`&Dlo("$A2xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A3xB")`,#16
- vadd.u64 `&Dhi("$A3xB")`,`&Dhi("$A3xB")`,$temp
- vshr.u64 $temp,`&Dhi("$A3xB")`,#16
- vzip.16 `&Dlo("$A3xB")`,`&Dhi("$A3xB")`
-
- vadd.u64 `&Dlo("$A4xB")`,`&Dlo("$A4xB")`,$temp
- vst1.32 {`&Dlo("$A3xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A4xB")`,#16
- vadd.u64 `&Dhi("$A4xB")`,`&Dhi("$A4xB")`,$temp
- vshr.u64 $temp,`&Dhi("$A4xB")`,#16
- vzip.16 `&Dlo("$A4xB")`,`&Dhi("$A4xB")`
-
- vadd.u64 `&Dlo("$A5xB")`,`&Dlo("$A5xB")`,$temp
- vst1.32 {`&Dlo("$A4xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A5xB")`,#16
- vadd.u64 `&Dhi("$A5xB")`,`&Dhi("$A5xB")`,$temp
- vshr.u64 $temp,`&Dhi("$A5xB")`,#16
- vzip.16 `&Dlo("$A5xB")`,`&Dhi("$A5xB")`
-
- vadd.u64 `&Dlo("$A6xB")`,`&Dlo("$A6xB")`,$temp
- vst1.32 {`&Dlo("$A5xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A6xB")`,#16
- vadd.u64 `&Dhi("$A6xB")`,`&Dhi("$A6xB")`,$temp
- vld1.64 {$A0xB}, [$tinptr, :128]!
- vshr.u64 $temp,`&Dhi("$A6xB")`,#16
- vzip.16 `&Dlo("$A6xB")`,`&Dhi("$A6xB")`
-
- vadd.u64 `&Dlo("$A7xB")`,`&Dlo("$A7xB")`,$temp
- vst1.32 {`&Dlo("$A6xB")`[0]}, [$toutptr, :32]!
- vshr.u64 $temp,`&Dlo("$A7xB")`,#16
- vadd.u64 `&Dhi("$A7xB")`,`&Dhi("$A7xB")`,$temp
- vld1.64 {$A1xB-$A2xB}, [$tinptr, :256]!
- vshr.u64 $temp,`&Dhi("$A7xB")`,#16
- vzip.16 `&Dlo("$A7xB")`,`&Dhi("$A7xB")`
+ vadd.u64 @ACC[0]#lo,@ACC[0]#lo,$temp
+ vshr.u64 $temp,@ACC[0]#lo,#16
+ vld1.64 {@ACC[2]-@ACC[3]}, [$tinptr, :256]!
+ vadd.u64 @ACC[0]#hi,@ACC[0]#hi,$temp
+ vld1.64 {@ACC[4]-@ACC[5]}, [$tinptr, :256]!
+ vshr.u64 $temp,@ACC[0]#hi,#16
+ vld1.64 {@ACC[6]-@ACC[7]}, [$tinptr, :256]!
+ vzip.16 @ACC[0]#lo,@ACC[0]#hi
+
+.LNEON_tail_entry:
+___
+for ($i=1; $i<8; $i++) {
+$code.=<<___;
+ vadd.u64 @ACC[1]#lo,@ACC[1]#lo,$temp
+ vst1.32 {@ACC[0]#lo[0]}, [$toutptr, :32]!
+ vshr.u64 $temp,@ACC[1]#lo,#16
+ vadd.u64 @ACC[1]#hi,@ACC[1]#hi,$temp
+ vshr.u64 $temp,@ACC[1]#hi,#16
+ vzip.16 @ACC[1]#lo,@ACC[1]#hi
+___
+ push(@ACC,shift(@ACC));
+}
+ push(@ACC,shift(@ACC));
+$code.=<<___;
+ vld1.64 {@ACC[0]-@ACC[1]}, [$tinptr, :256]!
subs $inner,$inner,#8
- vst1.32 {`&Dlo("$A7xB")`[0]}, [$toutptr, :32]!
-
+ vst1.32 {@ACC[7]#lo[0]}, [$toutptr, :32]!
bne .LNEON_tail
vst1.32 {${temp}[0]}, [$toutptr, :32] @ top-most bit
@@ -622,8 +689,9 @@ bn_mul8x_mont_neon:
bne .LNEON_sub
ldr r10, [$aptr] @ load top-most bit
+ mov r11,sp
veor q0,q0,q0
- sub r11,$bptr,sp @ this is num*4
+ sub r11,$bptr,r11 @ this is num*4
veor q1,q1,q1
mov $aptr,sp
sub $rptr,$rptr,r11 @ rewind $rptr
@@ -633,27 +701,33 @@ bn_mul8x_mont_neon:
.LNEON_copy_n_zap:
ldmia $aptr!, {r4-r7}
ldmia $rptr, {r8-r11}
+ it cc
movcc r8, r4
vst1.64 {q0-q1}, [$nptr,:256]! @ wipe
+ itt cc
movcc r9, r5
movcc r10,r6
vst1.64 {q0-q1}, [$nptr,:256]! @ wipe
+ it cc
movcc r11,r7
ldmia $aptr, {r4-r7}
stmia $rptr!, {r8-r11}
sub $aptr,$aptr,#16
ldmia $rptr, {r8-r11}
+ it cc
movcc r8, r4
vst1.64 {q0-q1}, [$aptr,:256]! @ wipe
+ itt cc
movcc r9, r5
movcc r10,r6
vst1.64 {q0-q1}, [$nptr,:256]! @ wipe
+ it cc
movcc r11,r7
teq $aptr,$bptr @ preserves carry
stmia $rptr!, {r8-r11}
bne .LNEON_copy_n_zap
- sub sp,ip,#96
+ mov sp,ip
vldmia sp!,{d8-d15}
ldmia sp!,{r4-r11}
ret @ bx lr
@@ -669,8 +743,14 @@ $code.=<<___;
#endif
___
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
-$code =~ s/\bret\b/bx lr/gm;
-print $code;
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+
+ s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/ge or
+ s/\bret\b/bx lr/g or
+ s/\bbx\s+lr\b/.word\t0xe12fff1e/g; # make it possible to compile with -march=armv4
+
+ print $_,"\n";
+}
+
close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl b/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl
new file mode 100755
index 0000000000..5d5af1b6be
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl
@@ -0,0 +1,1510 @@
+#! /usr/bin/env perl
+# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# March 2015
+#
+# "Teaser" Montgomery multiplication module for ARMv8. Needs more
+# work. While it does improve RSA sign performance by 20-30% (less for
+# longer keys) on most processors, for some reason RSA2048 is not
+# faster and RSA4096 goes 15-20% slower on Cortex-A57. Multiplication
+# instruction issue rate is limited on processor in question, meaning
+# that dedicated squaring procedure is a must. Well, actually all
+# contemporary AArch64 processors seem to have limited multiplication
+# issue rate, i.e. they can't issue multiplication every cycle, which
+# explains moderate improvement coefficients in comparison to
+# compiler-generated code. Recall that compiler is instructed to use
+# umulh and therefore uses same amount of multiplication instructions
+# to do the job. Assembly's edge is to minimize number of "collateral"
+# instructions and of course instruction scheduling.
+#
+# April 2015
+#
+# Squaring procedure that handles lengths divisible by 8 improves
+# RSA/DSA performance by 25-40-60% depending on processor and key
+# length. Overall improvement coefficients are always positive in
+# comparison to compiler-generated code. On Cortex-A57 improvement
+# is still modest on longest key lengths, while others exhibit e.g.
+# 50-70% improvement for RSA4096 sign. RSA2048 sign is ~25% faster
+# on Cortex-A57 and ~60-100% faster on others.
+
+$flavour = shift;
+$output = shift;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or
+die "can't locate arm-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+($lo0,$hi0,$aj,$m0,$alo,$ahi,
+ $lo1,$hi1,$nj,$m1,$nlo,$nhi,
+ $ovf, $i,$j,$tp,$tj) = map("x$_",6..17,19..24);
+
+# int bn_mul_mont(
+$rp="x0"; # BN_ULONG *rp,
+$ap="x1"; # const BN_ULONG *ap,
+$bp="x2"; # const BN_ULONG *bp,
+$np="x3"; # const BN_ULONG *np,
+$n0="x4"; # const BN_ULONG *n0,
+$num="x5"; # int num);
+
+$code.=<<___;
+.text
+
+.globl bn_mul_mont
+.type bn_mul_mont,%function
+.align 5
+bn_mul_mont:
+ tst $num,#7
+ b.eq __bn_sqr8x_mont
+ tst $num,#3
+ b.eq __bn_mul4x_mont
+.Lmul_mont:
+ stp x29,x30,[sp,#-64]!
+ add x29,sp,#0
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+
+ ldr $m0,[$bp],#8 // bp[0]
+ sub $tp,sp,$num,lsl#3
+ ldp $hi0,$aj,[$ap],#16 // ap[0..1]
+ lsl $num,$num,#3
+ ldr $n0,[$n0] // *n0
+ and $tp,$tp,#-16 // ABI says so
+ ldp $hi1,$nj,[$np],#16 // np[0..1]
+
+ mul $lo0,$hi0,$m0 // ap[0]*bp[0]
+ sub $j,$num,#16 // j=num-2
+ umulh $hi0,$hi0,$m0
+ mul $alo,$aj,$m0 // ap[1]*bp[0]
+ umulh $ahi,$aj,$m0
+
+ mul $m1,$lo0,$n0 // "tp[0]"*n0
+ mov sp,$tp // alloca
+
+ // (*) mul $lo1,$hi1,$m1 // np[0]*m1
+ umulh $hi1,$hi1,$m1
+ mul $nlo,$nj,$m1 // np[1]*m1
+ // (*) adds $lo1,$lo1,$lo0 // discarded
+ // (*) As for removal of first multiplication and addition
+ // instructions. The outcome of first addition is
+ // guaranteed to be zero, which leaves two computationally
+ // significant outcomes: it either carries or not. Then
+ // question is when does it carry? Is there alternative
+ // way to deduce it? If you follow operations, you can
+ // observe that condition for carry is quite simple:
+ // $lo0 being non-zero. So that carry can be calculated
+ // by adding -1 to $lo0. That's what next instruction does.
+ subs xzr,$lo0,#1 // (*)
+ umulh $nhi,$nj,$m1
+ adc $hi1,$hi1,xzr
+ cbz $j,.L1st_skip
+
+.L1st:
+ ldr $aj,[$ap],#8
+ adds $lo0,$alo,$hi0
+ sub $j,$j,#8 // j--
+ adc $hi0,$ahi,xzr
+
+ ldr $nj,[$np],#8
+ adds $lo1,$nlo,$hi1
+ mul $alo,$aj,$m0 // ap[j]*bp[0]
+ adc $hi1,$nhi,xzr
+ umulh $ahi,$aj,$m0
+
+ adds $lo1,$lo1,$lo0
+ mul $nlo,$nj,$m1 // np[j]*m1
+ adc $hi1,$hi1,xzr
+ umulh $nhi,$nj,$m1
+ str $lo1,[$tp],#8 // tp[j-1]
+ cbnz $j,.L1st
+
+.L1st_skip:
+ adds $lo0,$alo,$hi0
+ sub $ap,$ap,$num // rewind $ap
+ adc $hi0,$ahi,xzr
+
+ adds $lo1,$nlo,$hi1
+ sub $np,$np,$num // rewind $np
+ adc $hi1,$nhi,xzr
+
+ adds $lo1,$lo1,$lo0
+ sub $i,$num,#8 // i=num-1
+ adcs $hi1,$hi1,$hi0
+
+ adc $ovf,xzr,xzr // upmost overflow bit
+ stp $lo1,$hi1,[$tp]
+
+.Louter:
+ ldr $m0,[$bp],#8 // bp[i]
+ ldp $hi0,$aj,[$ap],#16
+ ldr $tj,[sp] // tp[0]
+ add $tp,sp,#8
+
+ mul $lo0,$hi0,$m0 // ap[0]*bp[i]
+ sub $j,$num,#16 // j=num-2
+ umulh $hi0,$hi0,$m0
+ ldp $hi1,$nj,[$np],#16
+ mul $alo,$aj,$m0 // ap[1]*bp[i]
+ adds $lo0,$lo0,$tj
+ umulh $ahi,$aj,$m0
+ adc $hi0,$hi0,xzr
+
+ mul $m1,$lo0,$n0
+ sub $i,$i,#8 // i--
+
+ // (*) mul $lo1,$hi1,$m1 // np[0]*m1
+ umulh $hi1,$hi1,$m1
+ mul $nlo,$nj,$m1 // np[1]*m1
+ // (*) adds $lo1,$lo1,$lo0
+ subs xzr,$lo0,#1 // (*)
+ umulh $nhi,$nj,$m1
+ cbz $j,.Linner_skip
+
+.Linner:
+ ldr $aj,[$ap],#8
+ adc $hi1,$hi1,xzr
+ ldr $tj,[$tp],#8 // tp[j]
+ adds $lo0,$alo,$hi0
+ sub $j,$j,#8 // j--
+ adc $hi0,$ahi,xzr
+
+ adds $lo1,$nlo,$hi1
+ ldr $nj,[$np],#8
+ adc $hi1,$nhi,xzr
+
+ mul $alo,$aj,$m0 // ap[j]*bp[i]
+ adds $lo0,$lo0,$tj
+ umulh $ahi,$aj,$m0
+ adc $hi0,$hi0,xzr
+
+ mul $nlo,$nj,$m1 // np[j]*m1
+ adds $lo1,$lo1,$lo0
+ umulh $nhi,$nj,$m1
+ str $lo1,[$tp,#-16] // tp[j-1]
+ cbnz $j,.Linner
+
+.Linner_skip:
+ ldr $tj,[$tp],#8 // tp[j]
+ adc $hi1,$hi1,xzr
+ adds $lo0,$alo,$hi0
+ sub $ap,$ap,$num // rewind $ap
+ adc $hi0,$ahi,xzr
+
+ adds $lo1,$nlo,$hi1
+ sub $np,$np,$num // rewind $np
+ adcs $hi1,$nhi,$ovf
+ adc $ovf,xzr,xzr
+
+ adds $lo0,$lo0,$tj
+ adc $hi0,$hi0,xzr
+
+ adds $lo1,$lo1,$lo0
+ adcs $hi1,$hi1,$hi0
+ adc $ovf,$ovf,xzr // upmost overflow bit
+ stp $lo1,$hi1,[$tp,#-16]
+
+ cbnz $i,.Louter
+
+ // Final step. We see if result is larger than modulus, and
+ // if it is, subtract the modulus. But comparison implies
+ // subtraction. So we subtract modulus, see if it borrowed,
+ // and conditionally copy original value.
+ ldr $tj,[sp] // tp[0]
+ add $tp,sp,#8
+ ldr $nj,[$np],#8 // np[0]
+ subs $j,$num,#8 // j=num-1 and clear borrow
+ mov $ap,$rp
+.Lsub:
+ sbcs $aj,$tj,$nj // tp[j]-np[j]
+ ldr $tj,[$tp],#8
+ sub $j,$j,#8 // j--
+ ldr $nj,[$np],#8
+ str $aj,[$ap],#8 // rp[j]=tp[j]-np[j]
+ cbnz $j,.Lsub
+
+ sbcs $aj,$tj,$nj
+ sbcs $ovf,$ovf,xzr // did it borrow?
+ str $aj,[$ap],#8 // rp[num-1]
+
+ ldr $tj,[sp] // tp[0]
+ add $tp,sp,#8
+ ldr $aj,[$rp],#8 // rp[0]
+ sub $num,$num,#8 // num--
+ nop
+.Lcond_copy:
+ sub $num,$num,#8 // num--
+ csel $nj,$tj,$aj,lo // did it borrow?
+ ldr $tj,[$tp],#8
+ ldr $aj,[$rp],#8
+ str xzr,[$tp,#-16] // wipe tp
+ str $nj,[$rp,#-16]
+ cbnz $num,.Lcond_copy
+
+ csel $nj,$tj,$aj,lo
+ str xzr,[$tp,#-8] // wipe tp
+ str $nj,[$rp,#-8]
+
+ ldp x19,x20,[x29,#16]
+ mov sp,x29
+ ldp x21,x22,[x29,#32]
+ mov x0,#1
+ ldp x23,x24,[x29,#48]
+ ldr x29,[sp],#64
+ ret
+.size bn_mul_mont,.-bn_mul_mont
+___
+{
+########################################################################
+# Following is ARMv8 adaptation of sqrx8x_mont from x86_64-mont5 module.
+
+my ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("x$_",(6..13));
+my ($t0,$t1,$t2,$t3)=map("x$_",(14..17));
+my ($acc0,$acc1,$acc2,$acc3,$acc4,$acc5,$acc6,$acc7)=map("x$_",(19..26));
+my ($cnt,$carry,$topmost)=("x27","x28","x30");
+my ($tp,$ap_end,$na0)=($bp,$np,$carry);
+
+$code.=<<___;
+.type __bn_sqr8x_mont,%function
+.align 5
+__bn_sqr8x_mont:
+ cmp $ap,$bp
+ b.ne __bn_mul4x_mont
+.Lsqr8x_mont:
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+ stp $rp,$np,[sp,#96] // offload rp and np
+
+ ldp $a0,$a1,[$ap,#8*0]
+ ldp $a2,$a3,[$ap,#8*2]
+ ldp $a4,$a5,[$ap,#8*4]
+ ldp $a6,$a7,[$ap,#8*6]
+
+ sub $tp,sp,$num,lsl#4
+ lsl $num,$num,#3
+ ldr $n0,[$n0] // *n0
+ mov sp,$tp // alloca
+ sub $cnt,$num,#8*8
+ b .Lsqr8x_zero_start
+
+.Lsqr8x_zero:
+ sub $cnt,$cnt,#8*8
+ stp xzr,xzr,[$tp,#8*0]
+ stp xzr,xzr,[$tp,#8*2]
+ stp xzr,xzr,[$tp,#8*4]
+ stp xzr,xzr,[$tp,#8*6]
+.Lsqr8x_zero_start:
+ stp xzr,xzr,[$tp,#8*8]
+ stp xzr,xzr,[$tp,#8*10]
+ stp xzr,xzr,[$tp,#8*12]
+ stp xzr,xzr,[$tp,#8*14]
+ add $tp,$tp,#8*16
+ cbnz $cnt,.Lsqr8x_zero
+
+ add $ap_end,$ap,$num
+ add $ap,$ap,#8*8
+ mov $acc0,xzr
+ mov $acc1,xzr
+ mov $acc2,xzr
+ mov $acc3,xzr
+ mov $acc4,xzr
+ mov $acc5,xzr
+ mov $acc6,xzr
+ mov $acc7,xzr
+ mov $tp,sp
+ str $n0,[x29,#112] // offload n0
+
+ // Multiply everything but a[i]*a[i]
+.align 4
+.Lsqr8x_outer_loop:
+ // a[1]a[0] (i)
+ // a[2]a[0]
+ // a[3]a[0]
+ // a[4]a[0]
+ // a[5]a[0]
+ // a[6]a[0]
+ // a[7]a[0]
+ // a[2]a[1] (ii)
+ // a[3]a[1]
+ // a[4]a[1]
+ // a[5]a[1]
+ // a[6]a[1]
+ // a[7]a[1]
+ // a[3]a[2] (iii)
+ // a[4]a[2]
+ // a[5]a[2]
+ // a[6]a[2]
+ // a[7]a[2]
+ // a[4]a[3] (iv)
+ // a[5]a[3]
+ // a[6]a[3]
+ // a[7]a[3]
+ // a[5]a[4] (v)
+ // a[6]a[4]
+ // a[7]a[4]
+ // a[6]a[5] (vi)
+ // a[7]a[5]
+ // a[7]a[6] (vii)
+
+ mul $t0,$a1,$a0 // lo(a[1..7]*a[0]) (i)
+ mul $t1,$a2,$a0
+ mul $t2,$a3,$a0
+ mul $t3,$a4,$a0
+ adds $acc1,$acc1,$t0 // t[1]+lo(a[1]*a[0])
+ mul $t0,$a5,$a0
+ adcs $acc2,$acc2,$t1
+ mul $t1,$a6,$a0
+ adcs $acc3,$acc3,$t2
+ mul $t2,$a7,$a0
+ adcs $acc4,$acc4,$t3
+ umulh $t3,$a1,$a0 // hi(a[1..7]*a[0])
+ adcs $acc5,$acc5,$t0
+ umulh $t0,$a2,$a0
+ adcs $acc6,$acc6,$t1
+ umulh $t1,$a3,$a0
+ adcs $acc7,$acc7,$t2
+ umulh $t2,$a4,$a0
+ stp $acc0,$acc1,[$tp],#8*2 // t[0..1]
+ adc $acc0,xzr,xzr // t[8]
+ adds $acc2,$acc2,$t3 // t[2]+lo(a[1]*a[0])
+ umulh $t3,$a5,$a0
+ adcs $acc3,$acc3,$t0
+ umulh $t0,$a6,$a0
+ adcs $acc4,$acc4,$t1
+ umulh $t1,$a7,$a0
+ adcs $acc5,$acc5,$t2
+ mul $t2,$a2,$a1 // lo(a[2..7]*a[1]) (ii)
+ adcs $acc6,$acc6,$t3
+ mul $t3,$a3,$a1
+ adcs $acc7,$acc7,$t0
+ mul $t0,$a4,$a1
+ adc $acc0,$acc0,$t1
+
+ mul $t1,$a5,$a1
+ adds $acc3,$acc3,$t2
+ mul $t2,$a6,$a1
+ adcs $acc4,$acc4,$t3
+ mul $t3,$a7,$a1
+ adcs $acc5,$acc5,$t0
+ umulh $t0,$a2,$a1 // hi(a[2..7]*a[1])
+ adcs $acc6,$acc6,$t1
+ umulh $t1,$a3,$a1
+ adcs $acc7,$acc7,$t2
+ umulh $t2,$a4,$a1
+ adcs $acc0,$acc0,$t3
+ umulh $t3,$a5,$a1
+ stp $acc2,$acc3,[$tp],#8*2 // t[2..3]
+ adc $acc1,xzr,xzr // t[9]
+ adds $acc4,$acc4,$t0
+ umulh $t0,$a6,$a1
+ adcs $acc5,$acc5,$t1
+ umulh $t1,$a7,$a1
+ adcs $acc6,$acc6,$t2
+ mul $t2,$a3,$a2 // lo(a[3..7]*a[2]) (iii)
+ adcs $acc7,$acc7,$t3
+ mul $t3,$a4,$a2
+ adcs $acc0,$acc0,$t0
+ mul $t0,$a5,$a2
+ adc $acc1,$acc1,$t1
+
+ mul $t1,$a6,$a2
+ adds $acc5,$acc5,$t2
+ mul $t2,$a7,$a2
+ adcs $acc6,$acc6,$t3
+ umulh $t3,$a3,$a2 // hi(a[3..7]*a[2])
+ adcs $acc7,$acc7,$t0
+ umulh $t0,$a4,$a2
+ adcs $acc0,$acc0,$t1
+ umulh $t1,$a5,$a2
+ adcs $acc1,$acc1,$t2
+ umulh $t2,$a6,$a2
+ stp $acc4,$acc5,[$tp],#8*2 // t[4..5]
+ adc $acc2,xzr,xzr // t[10]
+ adds $acc6,$acc6,$t3
+ umulh $t3,$a7,$a2
+ adcs $acc7,$acc7,$t0
+ mul $t0,$a4,$a3 // lo(a[4..7]*a[3]) (iv)
+ adcs $acc0,$acc0,$t1
+ mul $t1,$a5,$a3
+ adcs $acc1,$acc1,$t2
+ mul $t2,$a6,$a3
+ adc $acc2,$acc2,$t3
+
+ mul $t3,$a7,$a3
+ adds $acc7,$acc7,$t0
+ umulh $t0,$a4,$a3 // hi(a[4..7]*a[3])
+ adcs $acc0,$acc0,$t1
+ umulh $t1,$a5,$a3
+ adcs $acc1,$acc1,$t2
+ umulh $t2,$a6,$a3
+ adcs $acc2,$acc2,$t3
+ umulh $t3,$a7,$a3
+ stp $acc6,$acc7,[$tp],#8*2 // t[6..7]
+ adc $acc3,xzr,xzr // t[11]
+ adds $acc0,$acc0,$t0
+ mul $t0,$a5,$a4 // lo(a[5..7]*a[4]) (v)
+ adcs $acc1,$acc1,$t1
+ mul $t1,$a6,$a4
+ adcs $acc2,$acc2,$t2
+ mul $t2,$a7,$a4
+ adc $acc3,$acc3,$t3
+
+ umulh $t3,$a5,$a4 // hi(a[5..7]*a[4])
+ adds $acc1,$acc1,$t0
+ umulh $t0,$a6,$a4
+ adcs $acc2,$acc2,$t1
+ umulh $t1,$a7,$a4
+ adcs $acc3,$acc3,$t2
+ mul $t2,$a6,$a5 // lo(a[6..7]*a[5]) (vi)
+ adc $acc4,xzr,xzr // t[12]
+ adds $acc2,$acc2,$t3
+ mul $t3,$a7,$a5
+ adcs $acc3,$acc3,$t0
+ umulh $t0,$a6,$a5 // hi(a[6..7]*a[5])
+ adc $acc4,$acc4,$t1
+
+ umulh $t1,$a7,$a5
+ adds $acc3,$acc3,$t2
+ mul $t2,$a7,$a6 // lo(a[7]*a[6]) (vii)
+ adcs $acc4,$acc4,$t3
+ umulh $t3,$a7,$a6 // hi(a[7]*a[6])
+ adc $acc5,xzr,xzr // t[13]
+ adds $acc4,$acc4,$t0
+ sub $cnt,$ap_end,$ap // done yet?
+ adc $acc5,$acc5,$t1
+
+ adds $acc5,$acc5,$t2
+ sub $t0,$ap_end,$num // rewinded ap
+ adc $acc6,xzr,xzr // t[14]
+ add $acc6,$acc6,$t3
+
+ cbz $cnt,.Lsqr8x_outer_break
+
+ mov $n0,$a0
+ ldp $a0,$a1,[$tp,#8*0]
+ ldp $a2,$a3,[$tp,#8*2]
+ ldp $a4,$a5,[$tp,#8*4]
+ ldp $a6,$a7,[$tp,#8*6]
+ adds $acc0,$acc0,$a0
+ adcs $acc1,$acc1,$a1
+ ldp $a0,$a1,[$ap,#8*0]
+ adcs $acc2,$acc2,$a2
+ adcs $acc3,$acc3,$a3
+ ldp $a2,$a3,[$ap,#8*2]
+ adcs $acc4,$acc4,$a4
+ adcs $acc5,$acc5,$a5
+ ldp $a4,$a5,[$ap,#8*4]
+ adcs $acc6,$acc6,$a6
+ mov $rp,$ap
+ adcs $acc7,xzr,$a7
+ ldp $a6,$a7,[$ap,#8*6]
+ add $ap,$ap,#8*8
+ //adc $carry,xzr,xzr // moved below
+ mov $cnt,#-8*8
+
+ // a[8]a[0]
+ // a[9]a[0]
+ // a[a]a[0]
+ // a[b]a[0]
+ // a[c]a[0]
+ // a[d]a[0]
+ // a[e]a[0]
+ // a[f]a[0]
+ // a[8]a[1]
+ // a[f]a[1]........................
+ // a[8]a[2]
+ // a[f]a[2]........................
+ // a[8]a[3]
+ // a[f]a[3]........................
+ // a[8]a[4]
+ // a[f]a[4]........................
+ // a[8]a[5]
+ // a[f]a[5]........................
+ // a[8]a[6]
+ // a[f]a[6]........................
+ // a[8]a[7]
+ // a[f]a[7]........................
+.Lsqr8x_mul:
+ mul $t0,$a0,$n0
+ adc $carry,xzr,xzr // carry bit, modulo-scheduled
+ mul $t1,$a1,$n0
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$n0
+ mul $t3,$a3,$n0
+ adds $acc0,$acc0,$t0
+ mul $t0,$a4,$n0
+ adcs $acc1,$acc1,$t1
+ mul $t1,$a5,$n0
+ adcs $acc2,$acc2,$t2
+ mul $t2,$a6,$n0
+ adcs $acc3,$acc3,$t3
+ mul $t3,$a7,$n0
+ adcs $acc4,$acc4,$t0
+ umulh $t0,$a0,$n0
+ adcs $acc5,$acc5,$t1
+ umulh $t1,$a1,$n0
+ adcs $acc6,$acc6,$t2
+ umulh $t2,$a2,$n0
+ adcs $acc7,$acc7,$t3
+ umulh $t3,$a3,$n0
+ adc $carry,$carry,xzr
+ str $acc0,[$tp],#8
+ adds $acc0,$acc1,$t0
+ umulh $t0,$a4,$n0
+ adcs $acc1,$acc2,$t1
+ umulh $t1,$a5,$n0
+ adcs $acc2,$acc3,$t2
+ umulh $t2,$a6,$n0
+ adcs $acc3,$acc4,$t3
+ umulh $t3,$a7,$n0
+ ldr $n0,[$rp,$cnt]
+ adcs $acc4,$acc5,$t0
+ adcs $acc5,$acc6,$t1
+ adcs $acc6,$acc7,$t2
+ adcs $acc7,$carry,$t3
+ //adc $carry,xzr,xzr // moved above
+ cbnz $cnt,.Lsqr8x_mul
+ // note that carry flag is guaranteed
+ // to be zero at this point
+ cmp $ap,$ap_end // done yet?
+ b.eq .Lsqr8x_break
+
+ ldp $a0,$a1,[$tp,#8*0]
+ ldp $a2,$a3,[$tp,#8*2]
+ ldp $a4,$a5,[$tp,#8*4]
+ ldp $a6,$a7,[$tp,#8*6]
+ adds $acc0,$acc0,$a0
+ ldr $n0,[$rp,#-8*8]
+ adcs $acc1,$acc1,$a1
+ ldp $a0,$a1,[$ap,#8*0]
+ adcs $acc2,$acc2,$a2
+ adcs $acc3,$acc3,$a3
+ ldp $a2,$a3,[$ap,#8*2]
+ adcs $acc4,$acc4,$a4
+ adcs $acc5,$acc5,$a5
+ ldp $a4,$a5,[$ap,#8*4]
+ adcs $acc6,$acc6,$a6
+ mov $cnt,#-8*8
+ adcs $acc7,$acc7,$a7
+ ldp $a6,$a7,[$ap,#8*6]
+ add $ap,$ap,#8*8
+ //adc $carry,xzr,xzr // moved above
+ b .Lsqr8x_mul
+
+.align 4
+.Lsqr8x_break:
+ ldp $a0,$a1,[$rp,#8*0]
+ add $ap,$rp,#8*8
+ ldp $a2,$a3,[$rp,#8*2]
+ sub $t0,$ap_end,$ap // is it last iteration?
+ ldp $a4,$a5,[$rp,#8*4]
+ sub $t1,$tp,$t0
+ ldp $a6,$a7,[$rp,#8*6]
+ cbz $t0,.Lsqr8x_outer_loop
+
+ stp $acc0,$acc1,[$tp,#8*0]
+ ldp $acc0,$acc1,[$t1,#8*0]
+ stp $acc2,$acc3,[$tp,#8*2]
+ ldp $acc2,$acc3,[$t1,#8*2]
+ stp $acc4,$acc5,[$tp,#8*4]
+ ldp $acc4,$acc5,[$t1,#8*4]
+ stp $acc6,$acc7,[$tp,#8*6]
+ mov $tp,$t1
+ ldp $acc6,$acc7,[$t1,#8*6]
+ b .Lsqr8x_outer_loop
+
+.align 4
+.Lsqr8x_outer_break:
+ // Now multiply above result by 2 and add a[n-1]*a[n-1]|...|a[0]*a[0]
+ ldp $a1,$a3,[$t0,#8*0] // recall that $t0 is &a[0]
+ ldp $t1,$t2,[sp,#8*1]
+ ldp $a5,$a7,[$t0,#8*2]
+ add $ap,$t0,#8*4
+ ldp $t3,$t0,[sp,#8*3]
+
+ stp $acc0,$acc1,[$tp,#8*0]
+ mul $acc0,$a1,$a1
+ stp $acc2,$acc3,[$tp,#8*2]
+ umulh $a1,$a1,$a1
+ stp $acc4,$acc5,[$tp,#8*4]
+ mul $a2,$a3,$a3
+ stp $acc6,$acc7,[$tp,#8*6]
+ mov $tp,sp
+ umulh $a3,$a3,$a3
+ adds $acc1,$a1,$t1,lsl#1
+ extr $t1,$t2,$t1,#63
+ sub $cnt,$num,#8*4
+
+.Lsqr4x_shift_n_add:
+ adcs $acc2,$a2,$t1
+ extr $t2,$t3,$t2,#63
+ sub $cnt,$cnt,#8*4
+ adcs $acc3,$a3,$t2
+ ldp $t1,$t2,[$tp,#8*5]
+ mul $a4,$a5,$a5
+ ldp $a1,$a3,[$ap],#8*2
+ umulh $a5,$a5,$a5
+ mul $a6,$a7,$a7
+ umulh $a7,$a7,$a7
+ extr $t3,$t0,$t3,#63
+ stp $acc0,$acc1,[$tp,#8*0]
+ adcs $acc4,$a4,$t3
+ extr $t0,$t1,$t0,#63
+ stp $acc2,$acc3,[$tp,#8*2]
+ adcs $acc5,$a5,$t0
+ ldp $t3,$t0,[$tp,#8*7]
+ extr $t1,$t2,$t1,#63
+ adcs $acc6,$a6,$t1
+ extr $t2,$t3,$t2,#63
+ adcs $acc7,$a7,$t2
+ ldp $t1,$t2,[$tp,#8*9]
+ mul $a0,$a1,$a1
+ ldp $a5,$a7,[$ap],#8*2
+ umulh $a1,$a1,$a1
+ mul $a2,$a3,$a3
+ umulh $a3,$a3,$a3
+ stp $acc4,$acc5,[$tp,#8*4]
+ extr $t3,$t0,$t3,#63
+ stp $acc6,$acc7,[$tp,#8*6]
+ add $tp,$tp,#8*8
+ adcs $acc0,$a0,$t3
+ extr $t0,$t1,$t0,#63
+ adcs $acc1,$a1,$t0
+ ldp $t3,$t0,[$tp,#8*3]
+ extr $t1,$t2,$t1,#63
+ cbnz $cnt,.Lsqr4x_shift_n_add
+___
+my ($np,$np_end)=($ap,$ap_end);
+$code.=<<___;
+ ldp $np,$n0,[x29,#104] // pull np and n0
+
+ adcs $acc2,$a2,$t1
+ extr $t2,$t3,$t2,#63
+ adcs $acc3,$a3,$t2
+ ldp $t1,$t2,[$tp,#8*5]
+ mul $a4,$a5,$a5
+ umulh $a5,$a5,$a5
+ stp $acc0,$acc1,[$tp,#8*0]
+ mul $a6,$a7,$a7
+ umulh $a7,$a7,$a7
+ stp $acc2,$acc3,[$tp,#8*2]
+ extr $t3,$t0,$t3,#63
+ adcs $acc4,$a4,$t3
+ extr $t0,$t1,$t0,#63
+ ldp $acc0,$acc1,[sp,#8*0]
+ adcs $acc5,$a5,$t0
+ extr $t1,$t2,$t1,#63
+ ldp $a0,$a1,[$np,#8*0]
+ adcs $acc6,$a6,$t1
+ extr $t2,xzr,$t2,#63
+ ldp $a2,$a3,[$np,#8*2]
+ adc $acc7,$a7,$t2
+ ldp $a4,$a5,[$np,#8*4]
+
+ // Reduce by 512 bits per iteration
+ mul $na0,$n0,$acc0 // t[0]*n0
+ ldp $a6,$a7,[$np,#8*6]
+ add $np_end,$np,$num
+ ldp $acc2,$acc3,[sp,#8*2]
+ stp $acc4,$acc5,[$tp,#8*4]
+ ldp $acc4,$acc5,[sp,#8*4]
+ stp $acc6,$acc7,[$tp,#8*6]
+ ldp $acc6,$acc7,[sp,#8*6]
+ add $np,$np,#8*8
+ mov $topmost,xzr // initial top-most carry
+ mov $tp,sp
+ mov $cnt,#8
+
+.Lsqr8x_reduction:
+ // (*) mul $t0,$a0,$na0 // lo(n[0-7])*lo(t[0]*n0)
+ mul $t1,$a1,$na0
+ sub $cnt,$cnt,#1
+ mul $t2,$a2,$na0
+ str $na0,[$tp],#8 // put aside t[0]*n0 for tail processing
+ mul $t3,$a3,$na0
+ // (*) adds xzr,$acc0,$t0
+ subs xzr,$acc0,#1 // (*)
+ mul $t0,$a4,$na0
+ adcs $acc0,$acc1,$t1
+ mul $t1,$a5,$na0
+ adcs $acc1,$acc2,$t2
+ mul $t2,$a6,$na0
+ adcs $acc2,$acc3,$t3
+ mul $t3,$a7,$na0
+ adcs $acc3,$acc4,$t0
+ umulh $t0,$a0,$na0 // hi(n[0-7])*lo(t[0]*n0)
+ adcs $acc4,$acc5,$t1
+ umulh $t1,$a1,$na0
+ adcs $acc5,$acc6,$t2
+ umulh $t2,$a2,$na0
+ adcs $acc6,$acc7,$t3
+ umulh $t3,$a3,$na0
+ adc $acc7,xzr,xzr
+ adds $acc0,$acc0,$t0
+ umulh $t0,$a4,$na0
+ adcs $acc1,$acc1,$t1
+ umulh $t1,$a5,$na0
+ adcs $acc2,$acc2,$t2
+ umulh $t2,$a6,$na0
+ adcs $acc3,$acc3,$t3
+ umulh $t3,$a7,$na0
+ mul $na0,$n0,$acc0 // next t[0]*n0
+ adcs $acc4,$acc4,$t0
+ adcs $acc5,$acc5,$t1
+ adcs $acc6,$acc6,$t2
+ adc $acc7,$acc7,$t3
+ cbnz $cnt,.Lsqr8x_reduction
+
+ ldp $t0,$t1,[$tp,#8*0]
+ ldp $t2,$t3,[$tp,#8*2]
+ mov $rp,$tp
+ sub $cnt,$np_end,$np // done yet?
+ adds $acc0,$acc0,$t0
+ adcs $acc1,$acc1,$t1
+ ldp $t0,$t1,[$tp,#8*4]
+ adcs $acc2,$acc2,$t2
+ adcs $acc3,$acc3,$t3
+ ldp $t2,$t3,[$tp,#8*6]
+ adcs $acc4,$acc4,$t0
+ adcs $acc5,$acc5,$t1
+ adcs $acc6,$acc6,$t2
+ adcs $acc7,$acc7,$t3
+ //adc $carry,xzr,xzr // moved below
+ cbz $cnt,.Lsqr8x8_post_condition
+
+ ldr $n0,[$tp,#-8*8]
+ ldp $a0,$a1,[$np,#8*0]
+ ldp $a2,$a3,[$np,#8*2]
+ ldp $a4,$a5,[$np,#8*4]
+ mov $cnt,#-8*8
+ ldp $a6,$a7,[$np,#8*6]
+ add $np,$np,#8*8
+
+.Lsqr8x_tail:
+ mul $t0,$a0,$n0
+ adc $carry,xzr,xzr // carry bit, modulo-scheduled
+ mul $t1,$a1,$n0
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$n0
+ mul $t3,$a3,$n0
+ adds $acc0,$acc0,$t0
+ mul $t0,$a4,$n0
+ adcs $acc1,$acc1,$t1
+ mul $t1,$a5,$n0
+ adcs $acc2,$acc2,$t2
+ mul $t2,$a6,$n0
+ adcs $acc3,$acc3,$t3
+ mul $t3,$a7,$n0
+ adcs $acc4,$acc4,$t0
+ umulh $t0,$a0,$n0
+ adcs $acc5,$acc5,$t1
+ umulh $t1,$a1,$n0
+ adcs $acc6,$acc6,$t2
+ umulh $t2,$a2,$n0
+ adcs $acc7,$acc7,$t3
+ umulh $t3,$a3,$n0
+ adc $carry,$carry,xzr
+ str $acc0,[$tp],#8
+ adds $acc0,$acc1,$t0
+ umulh $t0,$a4,$n0
+ adcs $acc1,$acc2,$t1
+ umulh $t1,$a5,$n0
+ adcs $acc2,$acc3,$t2
+ umulh $t2,$a6,$n0
+ adcs $acc3,$acc4,$t3
+ umulh $t3,$a7,$n0
+ ldr $n0,[$rp,$cnt]
+ adcs $acc4,$acc5,$t0
+ adcs $acc5,$acc6,$t1
+ adcs $acc6,$acc7,$t2
+ adcs $acc7,$carry,$t3
+ //adc $carry,xzr,xzr // moved above
+ cbnz $cnt,.Lsqr8x_tail
+ // note that carry flag is guaranteed
+ // to be zero at this point
+ ldp $a0,$a1,[$tp,#8*0]
+ sub $cnt,$np_end,$np // done yet?
+ sub $t2,$np_end,$num // rewinded np
+ ldp $a2,$a3,[$tp,#8*2]
+ ldp $a4,$a5,[$tp,#8*4]
+ ldp $a6,$a7,[$tp,#8*6]
+ cbz $cnt,.Lsqr8x_tail_break
+
+ ldr $n0,[$rp,#-8*8]
+ adds $acc0,$acc0,$a0
+ adcs $acc1,$acc1,$a1
+ ldp $a0,$a1,[$np,#8*0]
+ adcs $acc2,$acc2,$a2
+ adcs $acc3,$acc3,$a3
+ ldp $a2,$a3,[$np,#8*2]
+ adcs $acc4,$acc4,$a4
+ adcs $acc5,$acc5,$a5
+ ldp $a4,$a5,[$np,#8*4]
+ adcs $acc6,$acc6,$a6
+ mov $cnt,#-8*8
+ adcs $acc7,$acc7,$a7
+ ldp $a6,$a7,[$np,#8*6]
+ add $np,$np,#8*8
+ //adc $carry,xzr,xzr // moved above
+ b .Lsqr8x_tail
+
+.align 4
+.Lsqr8x_tail_break:
+ ldr $n0,[x29,#112] // pull n0
+ add $cnt,$tp,#8*8 // end of current t[num] window
+
+ subs xzr,$topmost,#1 // "move" top-most carry to carry bit
+ adcs $t0,$acc0,$a0
+ adcs $t1,$acc1,$a1
+ ldp $acc0,$acc1,[$rp,#8*0]
+ adcs $acc2,$acc2,$a2
+ ldp $a0,$a1,[$t2,#8*0] // recall that $t2 is &n[0]
+ adcs $acc3,$acc3,$a3
+ ldp $a2,$a3,[$t2,#8*2]
+ adcs $acc4,$acc4,$a4
+ adcs $acc5,$acc5,$a5
+ ldp $a4,$a5,[$t2,#8*4]
+ adcs $acc6,$acc6,$a6
+ adcs $acc7,$acc7,$a7
+ ldp $a6,$a7,[$t2,#8*6]
+ add $np,$t2,#8*8
+ adc $topmost,xzr,xzr // top-most carry
+ mul $na0,$n0,$acc0
+ stp $t0,$t1,[$tp,#8*0]
+ stp $acc2,$acc3,[$tp,#8*2]
+ ldp $acc2,$acc3,[$rp,#8*2]
+ stp $acc4,$acc5,[$tp,#8*4]
+ ldp $acc4,$acc5,[$rp,#8*4]
+ cmp $cnt,x29 // did we hit the bottom?
+ stp $acc6,$acc7,[$tp,#8*6]
+ mov $tp,$rp // slide the window
+ ldp $acc6,$acc7,[$rp,#8*6]
+ mov $cnt,#8
+ b.ne .Lsqr8x_reduction
+
+ // Final step. We see if result is larger than modulus, and
+ // if it is, subtract the modulus. But comparison implies
+ // subtraction. So we subtract modulus, see if it borrowed,
+ // and conditionally copy original value.
+ ldr $rp,[x29,#96] // pull rp
+ add $tp,$tp,#8*8
+ subs $t0,$acc0,$a0
+ sbcs $t1,$acc1,$a1
+ sub $cnt,$num,#8*8
+ mov $ap_end,$rp // $rp copy
+
+.Lsqr8x_sub:
+ sbcs $t2,$acc2,$a2
+ ldp $a0,$a1,[$np,#8*0]
+ sbcs $t3,$acc3,$a3
+ stp $t0,$t1,[$rp,#8*0]
+ sbcs $t0,$acc4,$a4
+ ldp $a2,$a3,[$np,#8*2]
+ sbcs $t1,$acc5,$a5
+ stp $t2,$t3,[$rp,#8*2]
+ sbcs $t2,$acc6,$a6
+ ldp $a4,$a5,[$np,#8*4]
+ sbcs $t3,$acc7,$a7
+ ldp $a6,$a7,[$np,#8*6]
+ add $np,$np,#8*8
+ ldp $acc0,$acc1,[$tp,#8*0]
+ sub $cnt,$cnt,#8*8
+ ldp $acc2,$acc3,[$tp,#8*2]
+ ldp $acc4,$acc5,[$tp,#8*4]
+ ldp $acc6,$acc7,[$tp,#8*6]
+ add $tp,$tp,#8*8
+ stp $t0,$t1,[$rp,#8*4]
+ sbcs $t0,$acc0,$a0
+ stp $t2,$t3,[$rp,#8*6]
+ add $rp,$rp,#8*8
+ sbcs $t1,$acc1,$a1
+ cbnz $cnt,.Lsqr8x_sub
+
+ sbcs $t2,$acc2,$a2
+ mov $tp,sp
+ add $ap,sp,$num
+ ldp $a0,$a1,[$ap_end,#8*0]
+ sbcs $t3,$acc3,$a3
+ stp $t0,$t1,[$rp,#8*0]
+ sbcs $t0,$acc4,$a4
+ ldp $a2,$a3,[$ap_end,#8*2]
+ sbcs $t1,$acc5,$a5
+ stp $t2,$t3,[$rp,#8*2]
+ sbcs $t2,$acc6,$a6
+ ldp $acc0,$acc1,[$ap,#8*0]
+ sbcs $t3,$acc7,$a7
+ ldp $acc2,$acc3,[$ap,#8*2]
+ sbcs xzr,$topmost,xzr // did it borrow?
+ ldr x30,[x29,#8] // pull return address
+ stp $t0,$t1,[$rp,#8*4]
+ stp $t2,$t3,[$rp,#8*6]
+
+ sub $cnt,$num,#8*4
+.Lsqr4x_cond_copy:
+ sub $cnt,$cnt,#8*4
+ csel $t0,$acc0,$a0,lo
+ stp xzr,xzr,[$tp,#8*0]
+ csel $t1,$acc1,$a1,lo
+ ldp $a0,$a1,[$ap_end,#8*4]
+ ldp $acc0,$acc1,[$ap,#8*4]
+ csel $t2,$acc2,$a2,lo
+ stp xzr,xzr,[$tp,#8*2]
+ add $tp,$tp,#8*4
+ csel $t3,$acc3,$a3,lo
+ ldp $a2,$a3,[$ap_end,#8*6]
+ ldp $acc2,$acc3,[$ap,#8*6]
+ add $ap,$ap,#8*4
+ stp $t0,$t1,[$ap_end,#8*0]
+ stp $t2,$t3,[$ap_end,#8*2]
+ add $ap_end,$ap_end,#8*4
+ stp xzr,xzr,[$ap,#8*0]
+ stp xzr,xzr,[$ap,#8*2]
+ cbnz $cnt,.Lsqr4x_cond_copy
+
+ csel $t0,$acc0,$a0,lo
+ stp xzr,xzr,[$tp,#8*0]
+ csel $t1,$acc1,$a1,lo
+ stp xzr,xzr,[$tp,#8*2]
+ csel $t2,$acc2,$a2,lo
+ csel $t3,$acc3,$a3,lo
+ stp $t0,$t1,[$ap_end,#8*0]
+ stp $t2,$t3,[$ap_end,#8*2]
+
+ b .Lsqr8x_done
+
+.align 4
+.Lsqr8x8_post_condition:
+ adc $carry,xzr,xzr
+ ldr x30,[x29,#8] // pull return address
+ // $acc0-7,$carry hold result, $a0-7 hold modulus
+ subs $a0,$acc0,$a0
+ ldr $ap,[x29,#96] // pull rp
+ sbcs $a1,$acc1,$a1
+ stp xzr,xzr,[sp,#8*0]
+ sbcs $a2,$acc2,$a2
+ stp xzr,xzr,[sp,#8*2]
+ sbcs $a3,$acc3,$a3
+ stp xzr,xzr,[sp,#8*4]
+ sbcs $a4,$acc4,$a4
+ stp xzr,xzr,[sp,#8*6]
+ sbcs $a5,$acc5,$a5
+ stp xzr,xzr,[sp,#8*8]
+ sbcs $a6,$acc6,$a6
+ stp xzr,xzr,[sp,#8*10]
+ sbcs $a7,$acc7,$a7
+ stp xzr,xzr,[sp,#8*12]
+ sbcs $carry,$carry,xzr // did it borrow?
+ stp xzr,xzr,[sp,#8*14]
+
+ // $a0-7 hold result-modulus
+ csel $a0,$acc0,$a0,lo
+ csel $a1,$acc1,$a1,lo
+ csel $a2,$acc2,$a2,lo
+ csel $a3,$acc3,$a3,lo
+ stp $a0,$a1,[$ap,#8*0]
+ csel $a4,$acc4,$a4,lo
+ csel $a5,$acc5,$a5,lo
+ stp $a2,$a3,[$ap,#8*2]
+ csel $a6,$acc6,$a6,lo
+ csel $a7,$acc7,$a7,lo
+ stp $a4,$a5,[$ap,#8*4]
+ stp $a6,$a7,[$ap,#8*6]
+
+.Lsqr8x_done:
+ ldp x19,x20,[x29,#16]
+ mov sp,x29
+ ldp x21,x22,[x29,#32]
+ mov x0,#1
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldr x29,[sp],#128
+ ret
+.size __bn_sqr8x_mont,.-__bn_sqr8x_mont
+___
+}
+
+{
+########################################################################
+# Even though this might look as ARMv8 adaptation of mulx4x_mont from
+# x86_64-mont5 module, it's different in sense that it performs
+# reduction 256 bits at a time.
+
+my ($a0,$a1,$a2,$a3,
+ $t0,$t1,$t2,$t3,
+ $m0,$m1,$m2,$m3,
+ $acc0,$acc1,$acc2,$acc3,$acc4,
+ $bi,$mi,$tp,$ap_end,$cnt) = map("x$_",(6..17,19..28));
+my $bp_end=$rp;
+my ($carry,$topmost) = ($rp,"x30");
+
+$code.=<<___;
+.type __bn_mul4x_mont,%function
+.align 5
+__bn_mul4x_mont:
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+
+ sub $tp,sp,$num,lsl#3
+ lsl $num,$num,#3
+ ldr $n0,[$n0] // *n0
+ sub sp,$tp,#8*4 // alloca
+
+ add $t0,$bp,$num
+ add $ap_end,$ap,$num
+ stp $rp,$t0,[x29,#96] // offload rp and &b[num]
+
+ ldr $bi,[$bp,#8*0] // b[0]
+ ldp $a0,$a1,[$ap,#8*0] // a[0..3]
+ ldp $a2,$a3,[$ap,#8*2]
+ add $ap,$ap,#8*4
+ mov $acc0,xzr
+ mov $acc1,xzr
+ mov $acc2,xzr
+ mov $acc3,xzr
+ ldp $m0,$m1,[$np,#8*0] // n[0..3]
+ ldp $m2,$m3,[$np,#8*2]
+ adds $np,$np,#8*4 // clear carry bit
+ mov $carry,xzr
+ mov $cnt,#0
+ mov $tp,sp
+
+.Loop_mul4x_1st_reduction:
+ mul $t0,$a0,$bi // lo(a[0..3]*b[0])
+ adc $carry,$carry,xzr // modulo-scheduled
+ mul $t1,$a1,$bi
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$bi
+ and $cnt,$cnt,#31
+ mul $t3,$a3,$bi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$a0,$bi // hi(a[0..3]*b[0])
+ adcs $acc1,$acc1,$t1
+ mul $mi,$acc0,$n0 // t[0]*n0
+ adcs $acc2,$acc2,$t2
+ umulh $t1,$a1,$bi
+ adcs $acc3,$acc3,$t3
+ umulh $t2,$a2,$bi
+ adc $acc4,xzr,xzr
+ umulh $t3,$a3,$bi
+ ldr $bi,[$bp,$cnt] // next b[i] (or b[0])
+ adds $acc1,$acc1,$t0
+ // (*) mul $t0,$m0,$mi // lo(n[0..3]*t[0]*n0)
+ str $mi,[$tp],#8 // put aside t[0]*n0 for tail processing
+ adcs $acc2,$acc2,$t1
+ mul $t1,$m1,$mi
+ adcs $acc3,$acc3,$t2
+ mul $t2,$m2,$mi
+ adc $acc4,$acc4,$t3 // can't overflow
+ mul $t3,$m3,$mi
+ // (*) adds xzr,$acc0,$t0
+ subs xzr,$acc0,#1 // (*)
+ umulh $t0,$m0,$mi // hi(n[0..3]*t[0]*n0)
+ adcs $acc0,$acc1,$t1
+ umulh $t1,$m1,$mi
+ adcs $acc1,$acc2,$t2
+ umulh $t2,$m2,$mi
+ adcs $acc2,$acc3,$t3
+ umulh $t3,$m3,$mi
+ adcs $acc3,$acc4,$carry
+ adc $carry,xzr,xzr
+ adds $acc0,$acc0,$t0
+ sub $t0,$ap_end,$ap
+ adcs $acc1,$acc1,$t1
+ adcs $acc2,$acc2,$t2
+ adcs $acc3,$acc3,$t3
+ //adc $carry,$carry,xzr
+ cbnz $cnt,.Loop_mul4x_1st_reduction
+
+ cbz $t0,.Lmul4x4_post_condition
+
+ ldp $a0,$a1,[$ap,#8*0] // a[4..7]
+ ldp $a2,$a3,[$ap,#8*2]
+ add $ap,$ap,#8*4
+ ldr $mi,[sp] // a[0]*n0
+ ldp $m0,$m1,[$np,#8*0] // n[4..7]
+ ldp $m2,$m3,[$np,#8*2]
+ add $np,$np,#8*4
+
+.Loop_mul4x_1st_tail:
+ mul $t0,$a0,$bi // lo(a[4..7]*b[i])
+ adc $carry,$carry,xzr // modulo-scheduled
+ mul $t1,$a1,$bi
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$bi
+ and $cnt,$cnt,#31
+ mul $t3,$a3,$bi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$a0,$bi // hi(a[4..7]*b[i])
+ adcs $acc1,$acc1,$t1
+ umulh $t1,$a1,$bi
+ adcs $acc2,$acc2,$t2
+ umulh $t2,$a2,$bi
+ adcs $acc3,$acc3,$t3
+ umulh $t3,$a3,$bi
+ adc $acc4,xzr,xzr
+ ldr $bi,[$bp,$cnt] // next b[i] (or b[0])
+ adds $acc1,$acc1,$t0
+ mul $t0,$m0,$mi // lo(n[4..7]*a[0]*n0)
+ adcs $acc2,$acc2,$t1
+ mul $t1,$m1,$mi
+ adcs $acc3,$acc3,$t2
+ mul $t2,$m2,$mi
+ adc $acc4,$acc4,$t3 // can't overflow
+ mul $t3,$m3,$mi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$m0,$mi // hi(n[4..7]*a[0]*n0)
+ adcs $acc1,$acc1,$t1
+ umulh $t1,$m1,$mi
+ adcs $acc2,$acc2,$t2
+ umulh $t2,$m2,$mi
+ adcs $acc3,$acc3,$t3
+ adcs $acc4,$acc4,$carry
+ umulh $t3,$m3,$mi
+ adc $carry,xzr,xzr
+ ldr $mi,[sp,$cnt] // next t[0]*n0
+ str $acc0,[$tp],#8 // result!!!
+ adds $acc0,$acc1,$t0
+ sub $t0,$ap_end,$ap // done yet?
+ adcs $acc1,$acc2,$t1
+ adcs $acc2,$acc3,$t2
+ adcs $acc3,$acc4,$t3
+ //adc $carry,$carry,xzr
+ cbnz $cnt,.Loop_mul4x_1st_tail
+
+ sub $t1,$ap_end,$num // rewinded $ap
+ cbz $t0,.Lmul4x_proceed
+
+ ldp $a0,$a1,[$ap,#8*0]
+ ldp $a2,$a3,[$ap,#8*2]
+ add $ap,$ap,#8*4
+ ldp $m0,$m1,[$np,#8*0]
+ ldp $m2,$m3,[$np,#8*2]
+ add $np,$np,#8*4
+ b .Loop_mul4x_1st_tail
+
+.align 5
+.Lmul4x_proceed:
+ ldr $bi,[$bp,#8*4]! // *++b
+ adc $topmost,$carry,xzr
+ ldp $a0,$a1,[$t1,#8*0] // a[0..3]
+ sub $np,$np,$num // rewind np
+ ldp $a2,$a3,[$t1,#8*2]
+ add $ap,$t1,#8*4
+
+ stp $acc0,$acc1,[$tp,#8*0] // result!!!
+ ldp $acc0,$acc1,[sp,#8*4] // t[0..3]
+ stp $acc2,$acc3,[$tp,#8*2] // result!!!
+ ldp $acc2,$acc3,[sp,#8*6]
+
+ ldp $m0,$m1,[$np,#8*0] // n[0..3]
+ mov $tp,sp
+ ldp $m2,$m3,[$np,#8*2]
+ adds $np,$np,#8*4 // clear carry bit
+ mov $carry,xzr
+
+.align 4
+.Loop_mul4x_reduction:
+ mul $t0,$a0,$bi // lo(a[0..3]*b[4])
+ adc $carry,$carry,xzr // modulo-scheduled
+ mul $t1,$a1,$bi
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$bi
+ and $cnt,$cnt,#31
+ mul $t3,$a3,$bi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$a0,$bi // hi(a[0..3]*b[4])
+ adcs $acc1,$acc1,$t1
+ mul $mi,$acc0,$n0 // t[0]*n0
+ adcs $acc2,$acc2,$t2
+ umulh $t1,$a1,$bi
+ adcs $acc3,$acc3,$t3
+ umulh $t2,$a2,$bi
+ adc $acc4,xzr,xzr
+ umulh $t3,$a3,$bi
+ ldr $bi,[$bp,$cnt] // next b[i]
+ adds $acc1,$acc1,$t0
+ // (*) mul $t0,$m0,$mi
+ str $mi,[$tp],#8 // put aside t[0]*n0 for tail processing
+ adcs $acc2,$acc2,$t1
+ mul $t1,$m1,$mi // lo(n[0..3]*t[0]*n0
+ adcs $acc3,$acc3,$t2
+ mul $t2,$m2,$mi
+ adc $acc4,$acc4,$t3 // can't overflow
+ mul $t3,$m3,$mi
+ // (*) adds xzr,$acc0,$t0
+ subs xzr,$acc0,#1 // (*)
+ umulh $t0,$m0,$mi // hi(n[0..3]*t[0]*n0
+ adcs $acc0,$acc1,$t1
+ umulh $t1,$m1,$mi
+ adcs $acc1,$acc2,$t2
+ umulh $t2,$m2,$mi
+ adcs $acc2,$acc3,$t3
+ umulh $t3,$m3,$mi
+ adcs $acc3,$acc4,$carry
+ adc $carry,xzr,xzr
+ adds $acc0,$acc0,$t0
+ adcs $acc1,$acc1,$t1
+ adcs $acc2,$acc2,$t2
+ adcs $acc3,$acc3,$t3
+ //adc $carry,$carry,xzr
+ cbnz $cnt,.Loop_mul4x_reduction
+
+ adc $carry,$carry,xzr
+ ldp $t0,$t1,[$tp,#8*4] // t[4..7]
+ ldp $t2,$t3,[$tp,#8*6]
+ ldp $a0,$a1,[$ap,#8*0] // a[4..7]
+ ldp $a2,$a3,[$ap,#8*2]
+ add $ap,$ap,#8*4
+ adds $acc0,$acc0,$t0
+ adcs $acc1,$acc1,$t1
+ adcs $acc2,$acc2,$t2
+ adcs $acc3,$acc3,$t3
+ //adc $carry,$carry,xzr
+
+ ldr $mi,[sp] // t[0]*n0
+ ldp $m0,$m1,[$np,#8*0] // n[4..7]
+ ldp $m2,$m3,[$np,#8*2]
+ add $np,$np,#8*4
+
+.align 4
+.Loop_mul4x_tail:
+ mul $t0,$a0,$bi // lo(a[4..7]*b[4])
+ adc $carry,$carry,xzr // modulo-scheduled
+ mul $t1,$a1,$bi
+ add $cnt,$cnt,#8
+ mul $t2,$a2,$bi
+ and $cnt,$cnt,#31
+ mul $t3,$a3,$bi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$a0,$bi // hi(a[4..7]*b[4])
+ adcs $acc1,$acc1,$t1
+ umulh $t1,$a1,$bi
+ adcs $acc2,$acc2,$t2
+ umulh $t2,$a2,$bi
+ adcs $acc3,$acc3,$t3
+ umulh $t3,$a3,$bi
+ adc $acc4,xzr,xzr
+ ldr $bi,[$bp,$cnt] // next b[i]
+ adds $acc1,$acc1,$t0
+ mul $t0,$m0,$mi // lo(n[4..7]*t[0]*n0)
+ adcs $acc2,$acc2,$t1
+ mul $t1,$m1,$mi
+ adcs $acc3,$acc3,$t2
+ mul $t2,$m2,$mi
+ adc $acc4,$acc4,$t3 // can't overflow
+ mul $t3,$m3,$mi
+ adds $acc0,$acc0,$t0
+ umulh $t0,$m0,$mi // hi(n[4..7]*t[0]*n0)
+ adcs $acc1,$acc1,$t1
+ umulh $t1,$m1,$mi
+ adcs $acc2,$acc2,$t2
+ umulh $t2,$m2,$mi
+ adcs $acc3,$acc3,$t3
+ umulh $t3,$m3,$mi
+ adcs $acc4,$acc4,$carry
+ ldr $mi,[sp,$cnt] // next a[0]*n0
+ adc $carry,xzr,xzr
+ str $acc0,[$tp],#8 // result!!!
+ adds $acc0,$acc1,$t0
+ sub $t0,$ap_end,$ap // done yet?
+ adcs $acc1,$acc2,$t1
+ adcs $acc2,$acc3,$t2
+ adcs $acc3,$acc4,$t3
+ //adc $carry,$carry,xzr
+ cbnz $cnt,.Loop_mul4x_tail
+
+ sub $t1,$np,$num // rewinded np?
+ adc $carry,$carry,xzr
+ cbz $t0,.Loop_mul4x_break
+
+ ldp $t0,$t1,[$tp,#8*4]
+ ldp $t2,$t3,[$tp,#8*6]
+ ldp $a0,$a1,[$ap,#8*0]
+ ldp $a2,$a3,[$ap,#8*2]
+ add $ap,$ap,#8*4
+ adds $acc0,$acc0,$t0
+ adcs $acc1,$acc1,$t1
+ adcs $acc2,$acc2,$t2
+ adcs $acc3,$acc3,$t3
+ //adc $carry,$carry,xzr
+ ldp $m0,$m1,[$np,#8*0]
+ ldp $m2,$m3,[$np,#8*2]
+ add $np,$np,#8*4
+ b .Loop_mul4x_tail
+
+.align 4
+.Loop_mul4x_break:
+ ldp $t2,$t3,[x29,#96] // pull rp and &b[num]
+ adds $acc0,$acc0,$topmost
+ add $bp,$bp,#8*4 // bp++
+ adcs $acc1,$acc1,xzr
+ sub $ap,$ap,$num // rewind ap
+ adcs $acc2,$acc2,xzr
+ stp $acc0,$acc1,[$tp,#8*0] // result!!!
+ adcs $acc3,$acc3,xzr
+ ldp $acc0,$acc1,[sp,#8*4] // t[0..3]
+ adc $topmost,$carry,xzr
+ stp $acc2,$acc3,[$tp,#8*2] // result!!!
+ cmp $bp,$t3 // done yet?
+ ldp $acc2,$acc3,[sp,#8*6]
+ ldp $m0,$m1,[$t1,#8*0] // n[0..3]
+ ldp $m2,$m3,[$t1,#8*2]
+ add $np,$t1,#8*4
+ b.eq .Lmul4x_post
+
+ ldr $bi,[$bp]
+ ldp $a0,$a1,[$ap,#8*0] // a[0..3]
+ ldp $a2,$a3,[$ap,#8*2]
+ adds $ap,$ap,#8*4 // clear carry bit
+ mov $carry,xzr
+ mov $tp,sp
+ b .Loop_mul4x_reduction
+
+.align 4
+.Lmul4x_post:
+ // Final step. We see if result is larger than modulus, and
+ // if it is, subtract the modulus. But comparison implies
+ // subtraction. So we subtract modulus, see if it borrowed,
+ // and conditionally copy original value.
+ mov $rp,$t2
+ mov $ap_end,$t2 // $rp copy
+ subs $t0,$acc0,$m0
+ add $tp,sp,#8*8
+ sbcs $t1,$acc1,$m1
+ sub $cnt,$num,#8*4
+
+.Lmul4x_sub:
+ sbcs $t2,$acc2,$m2
+ ldp $m0,$m1,[$np,#8*0]
+ sub $cnt,$cnt,#8*4
+ ldp $acc0,$acc1,[$tp,#8*0]
+ sbcs $t3,$acc3,$m3
+ ldp $m2,$m3,[$np,#8*2]
+ add $np,$np,#8*4
+ ldp $acc2,$acc3,[$tp,#8*2]
+ add $tp,$tp,#8*4
+ stp $t0,$t1,[$rp,#8*0]
+ sbcs $t0,$acc0,$m0
+ stp $t2,$t3,[$rp,#8*2]
+ add $rp,$rp,#8*4
+ sbcs $t1,$acc1,$m1
+ cbnz $cnt,.Lmul4x_sub
+
+ sbcs $t2,$acc2,$m2
+ mov $tp,sp
+ add $ap,sp,#8*4
+ ldp $a0,$a1,[$ap_end,#8*0]
+ sbcs $t3,$acc3,$m3
+ stp $t0,$t1,[$rp,#8*0]
+ ldp $a2,$a3,[$ap_end,#8*2]
+ stp $t2,$t3,[$rp,#8*2]
+ ldp $acc0,$acc1,[$ap,#8*0]
+ ldp $acc2,$acc3,[$ap,#8*2]
+ sbcs xzr,$topmost,xzr // did it borrow?
+ ldr x30,[x29,#8] // pull return address
+
+ sub $cnt,$num,#8*4
+.Lmul4x_cond_copy:
+ sub $cnt,$cnt,#8*4
+ csel $t0,$acc0,$a0,lo
+ stp xzr,xzr,[$tp,#8*0]
+ csel $t1,$acc1,$a1,lo
+ ldp $a0,$a1,[$ap_end,#8*4]
+ ldp $acc0,$acc1,[$ap,#8*4]
+ csel $t2,$acc2,$a2,lo
+ stp xzr,xzr,[$tp,#8*2]
+ add $tp,$tp,#8*4
+ csel $t3,$acc3,$a3,lo
+ ldp $a2,$a3,[$ap_end,#8*6]
+ ldp $acc2,$acc3,[$ap,#8*6]
+ add $ap,$ap,#8*4
+ stp $t0,$t1,[$ap_end,#8*0]
+ stp $t2,$t3,[$ap_end,#8*2]
+ add $ap_end,$ap_end,#8*4
+ cbnz $cnt,.Lmul4x_cond_copy
+
+ csel $t0,$acc0,$a0,lo
+ stp xzr,xzr,[$tp,#8*0]
+ csel $t1,$acc1,$a1,lo
+ stp xzr,xzr,[$tp,#8*2]
+ csel $t2,$acc2,$a2,lo
+ stp xzr,xzr,[$tp,#8*3]
+ csel $t3,$acc3,$a3,lo
+ stp xzr,xzr,[$tp,#8*4]
+ stp $t0,$t1,[$ap_end,#8*0]
+ stp $t2,$t3,[$ap_end,#8*2]
+
+ b .Lmul4x_done
+
+.align 4
+.Lmul4x4_post_condition:
+ adc $carry,$carry,xzr
+ ldr $ap,[x29,#96] // pull rp
+ // $acc0-3,$carry hold result, $m0-7 hold modulus
+ subs $a0,$acc0,$m0
+ ldr x30,[x29,#8] // pull return address
+ sbcs $a1,$acc1,$m1
+ stp xzr,xzr,[sp,#8*0]
+ sbcs $a2,$acc2,$m2
+ stp xzr,xzr,[sp,#8*2]
+ sbcs $a3,$acc3,$m3
+ stp xzr,xzr,[sp,#8*4]
+ sbcs xzr,$carry,xzr // did it borrow?
+ stp xzr,xzr,[sp,#8*6]
+
+ // $a0-3 hold result-modulus
+ csel $a0,$acc0,$a0,lo
+ csel $a1,$acc1,$a1,lo
+ csel $a2,$acc2,$a2,lo
+ csel $a3,$acc3,$a3,lo
+ stp $a0,$a1,[$ap,#8*0]
+ stp $a2,$a3,[$ap,#8*2]
+
+.Lmul4x_done:
+ ldp x19,x20,[x29,#16]
+ mov sp,x29
+ ldp x21,x22,[x29,#32]
+ mov x0,#1
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldr x29,[sp],#128
+ ret
+.size __bn_mul4x_mont,.-__bn_mul4x_mont
+___
+}
+$code.=<<___;
+.asciz "Montgomery Multiplication for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align 4
+___
+
+print $code;
+
+close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/bn-586.pl b/deps/openssl/openssl/crypto/bn/asm/bn-586.pl
index 332ef3e91d..1ca1bbf7d4 100644
--- a/deps/openssl/openssl/crypto/bn/asm/bn-586.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/bn-586.pl
@@ -1,9 +1,19 @@
-#!/usr/local/bin/perl
+#! /usr/bin/env perl
+# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
+$output = pop;
+open STDOUT,">$output";
+
&asm_init($ARGV[0],$0);
$sse2=0;
@@ -21,6 +31,8 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&asm_finish();
+close STDOUT;
+
sub bn_mul_add_words
{
local($name)=@_;
@@ -771,4 +783,3 @@ sub bn_sub_part_words
&function_end($name);
}
-
diff --git a/deps/openssl/openssl/crypto/bn/asm/bn-c64xplus.asm b/deps/openssl/openssl/crypto/bn/asm/bn-c64xplus.asm
new file mode 100644
index 0000000000..de6d37728f
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/asm/bn-c64xplus.asm
@@ -0,0 +1,382 @@
+;; Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+;;
+;; Licensed under the OpenSSL license (the "License"). You may not use
+;; this file except in compliance with the License. You can obtain a copy
+;; in the file LICENSE in the source distribution or at
+;; https://www.openssl.org/source/license.html
+;;
+;;====================================================================
+;; Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+;; project.
+;;
+;; Rights for redistribution and usage in source and binary forms are
+;; granted according to the OpenSSL license. Warranty of any kind is
+;; disclaimed.
+;;====================================================================
+;; Compiler-generated multiply-n-add SPLOOP runs at 12*n cycles, n
+;; being the number of 32-bit words, addition - 8*n. Corresponding 4x
+;; unrolled SPLOOP-free loops - at ~8*n and ~5*n. Below assembler
+;; SPLOOPs spin at ... 2*n cycles [plus epilogue].
+;;====================================================================
+ .text
+
+ .if .ASSEMBLER_VERSION<7000000
+ .asg 0,__TI_EABI__
+ .endif
+ .if __TI_EABI__
+ .asg bn_mul_add_words,_bn_mul_add_words
+ .asg bn_mul_words,_bn_mul_words
+ .asg bn_sqr_words,_bn_sqr_words
+ .asg bn_add_words,_bn_add_words
+ .asg bn_sub_words,_bn_sub_words
+ .asg bn_div_words,_bn_div_words
+ .asg bn_sqr_comba8,_bn_sqr_comba8
+ .asg bn_mul_comba8,_bn_mul_comba8
+ .asg bn_sqr_comba4,_bn_sqr_comba4
+ .asg bn_mul_comba4,_bn_mul_comba4
+ .endif
+
+ .asg B3,RA
+ .asg A4,ARG0
+ .asg B4,ARG1
+ .asg A6,ARG2
+ .asg B6,ARG3
+ .asg A8,ARG4
+ .asg B8,ARG5
+ .asg A4,RET
+ .asg A15,FP
+ .asg B14,DP
+ .asg B15,SP
+
+ .global _bn_mul_add_words
+_bn_mul_add_words:
+ .asmfunc
+ MV ARG2,B0
+ [!B0] BNOP RA
+||[!B0] MVK 0,RET
+ [B0] MVC B0,ILC
+ [B0] ZERO A19 ; high part of accumulator
+|| [B0] MV ARG0,A2
+|| [B0] MV ARG3,A3
+ NOP 3
+
+ SPLOOP 2 ; 2*n+10
+;;====================================================================
+ LDW *ARG1++,B7 ; ap[i]
+ NOP 3
+ LDW *ARG0++,A7 ; rp[i]
+ MPY32U B7,A3,A17:A16
+ NOP 3 ; [2,0] in epilogue
+ ADDU A16,A7,A21:A20
+ ADDU A19,A21:A20,A19:A18
+|| MV.S A17,A23
+ SPKERNEL 2,1 ; leave slot for "return value"
+|| STW A18,*A2++ ; rp[i]
+|| ADD A19,A23,A19
+;;====================================================================
+ BNOP RA,4
+ MV A19,RET ; return value
+ .endasmfunc
+
+ .global _bn_mul_words
+_bn_mul_words:
+ .asmfunc
+ MV ARG2,B0
+ [!B0] BNOP RA
+||[!B0] MVK 0,RET
+ [B0] MVC B0,ILC
+ [B0] ZERO A19 ; high part of accumulator
+ NOP 3
+
+ SPLOOP 2 ; 2*n+10
+;;====================================================================
+ LDW *ARG1++,A7 ; ap[i]
+ NOP 4
+ MPY32U A7,ARG3,A17:A16
+ NOP 4 ; [2,0] in epiloque
+ ADDU A19,A16,A19:A18
+|| MV.S A17,A21
+ SPKERNEL 2,1 ; leave slot for "return value"
+|| STW A18,*ARG0++ ; rp[i]
+|| ADD.L A19,A21,A19
+;;====================================================================
+ BNOP RA,4
+ MV A19,RET ; return value
+ .endasmfunc
+
+ .global _bn_sqr_words
+_bn_sqr_words:
+ .asmfunc
+ MV ARG2,B0
+ [!B0] BNOP RA
+||[!B0] MVK 0,RET
+ [B0] MVC B0,ILC
+ [B0] MV ARG0,B2
+|| [B0] ADD 4,ARG0,ARG0
+ NOP 3
+
+ SPLOOP 2 ; 2*n+10
+;;====================================================================
+ LDW *ARG1++,B7 ; ap[i]
+ NOP 4
+ MPY32U B7,B7,B1:B0
+ NOP 3 ; [2,0] in epilogue
+ STW B0,*B2++(8) ; rp[2*i]
+ MV B1,A1
+ SPKERNEL 2,0 ; fully overlap BNOP RA,5
+|| STW A1,*ARG0++(8) ; rp[2*i+1]
+;;====================================================================
+ BNOP RA,5
+ .endasmfunc
+
+ .global _bn_add_words
+_bn_add_words:
+ .asmfunc
+ MV ARG3,B0
+ [!B0] BNOP RA
+||[!B0] MVK 0,RET
+ [B0] MVC B0,ILC
+ [B0] ZERO A1 ; carry flag
+|| [B0] MV ARG0,A3
+ NOP 3
+
+ SPLOOP 2 ; 2*n+6
+;;====================================================================
+ LDW *ARG2++,A7 ; bp[i]
+|| LDW *ARG1++,B7 ; ap[i]
+ NOP 4
+ ADDU A7,B7,A9:A8
+ ADDU A1,A9:A8,A1:A0
+ SPKERNEL 0,0 ; fully overlap BNOP RA,5
+|| STW A0,*A3++ ; write result
+|| MV A1,RET ; keep carry flag in RET
+;;====================================================================
+ BNOP RA,5
+ .endasmfunc
+
+ .global _bn_sub_words
+_bn_sub_words:
+ .asmfunc
+ MV ARG3,B0
+ [!B0] BNOP RA
+||[!B0] MVK 0,RET
+ [B0] MVC B0,ILC
+ [B0] ZERO A2 ; borrow flag
+|| [B0] MV ARG0,A3
+ NOP 3
+
+ SPLOOP 2 ; 2*n+6
+;;====================================================================
+ LDW *ARG2++,A7 ; bp[i]
+|| LDW *ARG1++,B7 ; ap[i]
+ NOP 4
+ SUBU B7,A7,A1:A0
+ [A2] SUB A1:A0,1,A1:A0
+ SPKERNEL 0,1 ; leave slot for "return borrow flag"
+|| STW A0,*A3++ ; write result
+|| AND 1,A1,A2 ; pass on borrow flag
+;;====================================================================
+ BNOP RA,4
+ AND 1,A1,RET ; return borrow flag
+ .endasmfunc
+
+ .global _bn_div_words
+_bn_div_words:
+ .asmfunc
+ LMBD 1,A6,A0 ; leading zero bits in dv
+ LMBD 1,A4,A1 ; leading zero bits in hi
+|| MVK 32,B0
+ CMPLTU A1,A0,A2
+|| ADD A0,B0,B0
+ [ A2] BNOP RA
+||[ A2] MVK -1,A4 ; return overflow
+||[!A2] MV A4,A3 ; reassign hi
+ [!A2] MV B4,A4 ; reassign lo, will be quotient
+||[!A2] MVC B0,ILC
+ [!A2] SHL A6,A0,A6 ; normalize dv
+|| MVK 1,A1
+
+ [!A2] CMPLTU A3,A6,A1 ; hi<dv?
+||[!A2] SHL A4,1,A5:A4 ; lo<<1
+ [!A1] SUB A3,A6,A3 ; hi-=dv
+||[!A1] OR 1,A4,A4
+ [!A2] SHRU A3,31,A1 ; upper bit
+||[!A2] ADDAH A5,A3,A3 ; hi<<1|lo>>31
+
+ SPLOOP 3
+ [!A1] CMPLTU A3,A6,A1 ; hi<dv?
+||[ A1] ZERO A1
+|| SHL A4,1,A5:A4 ; lo<<1
+ [!A1] SUB A3,A6,A3 ; hi-=dv
+||[!A1] OR 1,A4,A4 ; quotient
+ SHRU A3,31,A1 ; upper bit
+|| ADDAH A5,A3,A3 ; hi<<1|lo>>31
+ SPKERNEL
+
+ BNOP RA,5
+ .endasmfunc
+
+;;====================================================================
+;; Not really Comba algorithm, just straightforward NxM... Dedicated
+;; fully unrolled real Comba implementations are asymptotically 2x
+;; faster, but naturally larger undertaking. Purpose of this exercise
+;; was rather to learn to master nested SPLOOPs...
+;;====================================================================
+ .global _bn_sqr_comba8
+ .global _bn_mul_comba8
+_bn_sqr_comba8:
+ MV ARG1,ARG2
+_bn_mul_comba8:
+ .asmfunc
+ MVK 8,B0 ; N, RILC
+|| MVK 8,A0 ; M, outer loop counter
+|| MV ARG1,A5 ; copy ap
+|| MV ARG0,B4 ; copy rp
+|| ZERO B19 ; high part of accumulator
+ MVC B0,RILC
+|| SUB B0,2,B1 ; N-2, initial ILC
+|| SUB B0,1,B2 ; const B2=N-1
+|| LDW *A5++,B6 ; ap[0]
+|| MV A0,A3 ; const A3=M
+sploopNxM?: ; for best performance arrange M<=N
+ [A0] SPLOOPD 2 ; 2*n+10
+|| MVC B1,ILC
+|| ADDAW B4,B0,B5
+|| ZERO B7
+|| LDW *A5++,A9 ; pre-fetch ap[1]
+|| ZERO A1
+|| SUB A0,1,A0
+;;====================================================================
+;; SPLOOP from bn_mul_add_words, but with flipped A<>B register files.
+;; This is because of Advisory 15 from TI publication SPRZ247I.
+ LDW *ARG2++,A7 ; bp[i]
+ NOP 3
+ [A1] LDW *B5++,B7 ; rp[i]
+ MPY32U A7,B6,B17:B16
+ NOP 3
+ ADDU B16,B7,B21:B20
+ ADDU B19,B21:B20,B19:B18
+|| MV.S B17,B23
+ SPKERNEL
+|| STW B18,*B4++ ; rp[i]
+|| ADD.S B19,B23,B19
+;;====================================================================
+outer?: ; m*2*(n+1)+10
+ SUBAW ARG2,A3,ARG2 ; rewind bp to bp[0]
+ SPMASKR
+|| CMPGT A0,1,A2 ; done pre-fetching ap[i+1]?
+ MVD A9,B6 ; move through .M unit(*)
+ [A2] LDW *A5++,A9 ; pre-fetch ap[i+1]
+ SUBAW B5,B2,B5 ; rewind rp to rp[1]
+ MVK 1,A1
+ [A0] BNOP.S1 outer?,4
+|| [A0] SUB.L A0,1,A0
+ STW B19,*B4--[B2] ; rewind rp tp rp[1]
+|| ZERO.S B19 ; high part of accumulator
+;; end of outer?
+ BNOP RA,5 ; return
+ .endasmfunc
+;; (*) It should be noted that B6 is used as input to MPY32U in
+;; chronologically next cycle in *preceding* SPLOOP iteration.
+;; Normally such arrangement would require DINT, but at this
+;; point SPLOOP is draining and interrupts are disabled
+;; implicitly.
+
+ .global _bn_sqr_comba4
+ .global _bn_mul_comba4
+_bn_sqr_comba4:
+ MV ARG1,ARG2
+_bn_mul_comba4:
+ .asmfunc
+ .if 0
+ BNOP sploopNxM?,3
+ ;; Above mentioned m*2*(n+1)+10 does not apply in n=m=4 case,
+ ;; because of low-counter effect, when prologue phase finishes
+ ;; before SPKERNEL instruction is reached. As result it's 25%
+ ;; slower than expected...
+ MVK 4,B0 ; N, RILC
+|| MVK 4,A0 ; M, outer loop counter
+|| MV ARG1,A5 ; copy ap
+|| MV ARG0,B4 ; copy rp
+|| ZERO B19 ; high part of accumulator
+ MVC B0,RILC
+|| SUB B0,2,B1 ; first ILC
+|| SUB B0,1,B2 ; const B2=N-1
+|| LDW *A5++,B6 ; ap[0]
+|| MV A0,A3 ; const A3=M
+ .else
+ ;; This alternative is an exercise in fully unrolled Comba
+ ;; algorithm implementation that operates at n*(n+1)+12, or
+ ;; as little as 32 cycles...
+ LDW *ARG1[0],B16 ; a[0]
+|| LDW *ARG2[0],A16 ; b[0]
+ LDW *ARG1[1],B17 ; a[1]
+|| LDW *ARG2[1],A17 ; b[1]
+ LDW *ARG1[2],B18 ; a[2]
+|| LDW *ARG2[2],A18 ; b[2]
+ LDW *ARG1[3],B19 ; a[3]
+|| LDW *ARG2[3],A19 ; b[3]
+ NOP
+ MPY32U A16,B16,A1:A0 ; a[0]*b[0]
+ MPY32U A17,B16,A23:A22 ; a[0]*b[1]
+ MPY32U A16,B17,A25:A24 ; a[1]*b[0]
+ MPY32U A16,B18,A27:A26 ; a[2]*b[0]
+ STW A0,*ARG0[0]
+|| MPY32U A17,B17,A29:A28 ; a[1]*b[1]
+ MPY32U A18,B16,A31:A30 ; a[0]*b[2]
+|| ADDU A22,A1,A1:A0
+ MV A23,B0
+|| MPY32U A19,B16,A21:A20 ; a[3]*b[0]
+|| ADDU A24,A1:A0,A1:A0
+ ADDU A25,B0,B1:B0
+|| STW A0,*ARG0[1]
+|| MPY32U A18,B17,A23:A22 ; a[2]*b[1]
+|| ADDU A26,A1,A9:A8
+ ADDU A27,B1,B9:B8
+|| MPY32U A17,B18,A25:A24 ; a[1]*b[2]
+|| ADDU A28,A9:A8,A9:A8
+ ADDU A29,B9:B8,B9:B8
+|| MPY32U A16,B19,A27:A26 ; a[0]*b[3]
+|| ADDU A30,A9:A8,A9:A8
+ ADDU A31,B9:B8,B9:B8
+|| ADDU B0,A9:A8,A9:A8
+ STW A8,*ARG0[2]
+|| ADDU A20,A9,A1:A0
+ ADDU A21,B9,B1:B0
+|| MPY32U A19,B17,A21:A20 ; a[3]*b[1]
+|| ADDU A22,A1:A0,A1:A0
+ ADDU A23,B1:B0,B1:B0
+|| MPY32U A18,B18,A23:A22 ; a[2]*b[2]
+|| ADDU A24,A1:A0,A1:A0
+ ADDU A25,B1:B0,B1:B0
+|| MPY32U A17,B19,A25:A24 ; a[1]*b[3]
+|| ADDU A26,A1:A0,A1:A0
+ ADDU A27,B1:B0,B1:B0
+|| ADDU B8,A1:A0,A1:A0
+ STW A0,*ARG0[3]
+|| MPY32U A19,B18,A27:A26 ; a[3]*b[2]
+|| ADDU A20,A1,A9:A8
+ ADDU A21,B1,B9:B8
+|| MPY32U A18,B19,A29:A28 ; a[2]*b[3]
+|| ADDU A22,A9:A8,A9:A8
+ ADDU A23,B9:B8,B9:B8
+|| MPY32U A19,B19,A31:A30 ; a[3]*b[3]
+|| ADDU A24,A9:A8,A9:A8
+ ADDU A25,B9:B8,B9:B8
+|| ADDU B0,A9:A8,A9:A8
+ STW A8,*ARG0[4]
+|| ADDU A26,A9,A1:A0
+ ADDU A27,B9,B1:B0
+|| ADDU A28,A1:A0,A1:A0
+ ADDU A29,B1:B0,B1:B0
+|| BNOP RA
+|| ADDU B8,A1:A0,A1:A0
+ STW A0,*ARG0[5]
+|| ADDU A30,A1,A9:A8
+ ADD A31,B1,B8
+ ADDU B0,A9:A8,A9:A8 ; removed || to avoid cross-path stall below
+ ADD B8,A9,A9
+|| STW A8,*ARG0[6]
+ STW A9,*ARG0[7]
+ .endif
+ .endasmfunc
diff --git a/deps/openssl/openssl/crypto/bn/asm/c64xplus-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/c64xplus-gf2m.pl
new file mode 100644
index 0000000000..c0e5400807
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/asm/c64xplus-gf2m.pl
@@ -0,0 +1,160 @@
+#! /usr/bin/env perl
+# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# February 2012
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication
+# used in bn_gf2m.c. It's kind of low-hanging mechanical port from
+# C for the time being... The subroutine runs in 37 cycles, which is
+# 4.5x faster than compiler-generated code. Though comparison is
+# totally unfair, because this module utilizes Galois Field Multiply
+# instruction.
+
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+($rp,$a1,$a0,$b1,$b0)=("A4","B4","A6","B6","A8"); # argument vector
+
+($Alo,$Alox0,$Alox1,$Alox2,$Alox3)=map("A$_",(16..20));
+($Ahi,$Ahix0,$Ahix1,$Ahix2,$Ahix3)=map("B$_",(16..20));
+($B_0,$B_1,$B_2,$B_3)=("B5","A5","A7","B7");
+($A,$B)=($Alo,$B_1);
+$xFF="B1";
+
+sub mul_1x1_upper {
+my ($A,$B)=@_;
+$code.=<<___;
+ EXTU $B,8,24,$B_2 ; smash $B to 4 bytes
+|| AND $B,$xFF,$B_0
+|| SHRU $B,24,$B_3
+ SHRU $A,16, $Ahi ; smash $A to two halfwords
+|| EXTU $A,16,16,$Alo
+
+ XORMPY $Alo,$B_2,$Alox2 ; 16x8 bits muliplication
+|| XORMPY $Ahi,$B_2,$Ahix2
+|| EXTU $B,16,24,$B_1
+ XORMPY $Alo,$B_0,$Alox0
+|| XORMPY $Ahi,$B_0,$Ahix0
+ XORMPY $Alo,$B_3,$Alox3
+|| XORMPY $Ahi,$B_3,$Ahix3
+ XORMPY $Alo,$B_1,$Alox1
+|| XORMPY $Ahi,$B_1,$Ahix1
+___
+}
+sub mul_1x1_merged {
+my ($OUTlo,$OUThi,$A,$B)=@_;
+$code.=<<___;
+ EXTU $B,8,24,$B_2 ; smash $B to 4 bytes
+|| AND $B,$xFF,$B_0
+|| SHRU $B,24,$B_3
+ SHRU $A,16, $Ahi ; smash $A to two halfwords
+|| EXTU $A,16,16,$Alo
+
+ XOR $Ahix0,$Alox2,$Ahix0
+|| MV $Ahix2,$OUThi
+|| XORMPY $Alo,$B_2,$Alox2
+ XORMPY $Ahi,$B_2,$Ahix2
+|| EXTU $B,16,24,$B_1
+|| XORMPY $Alo,$B_0,A1 ; $Alox0
+ XOR $Ahix1,$Alox3,$Ahix1
+|| SHL $Ahix0,16,$OUTlo
+|| SHRU $Ahix0,16,$Ahix0
+ XOR $Alox0,$OUTlo,$OUTlo
+|| XOR $Ahix0,$OUThi,$OUThi
+|| XORMPY $Ahi,$B_0,$Ahix0
+|| XORMPY $Alo,$B_3,$Alox3
+|| SHL $Alox1,8,$Alox1
+|| SHL $Ahix3,8,$Ahix3
+ XOR $Alox1,$OUTlo,$OUTlo
+|| XOR $Ahix3,$OUThi,$OUThi
+|| XORMPY $Ahi,$B_3,$Ahix3
+|| SHL $Ahix1,24,$Alox1
+|| SHRU $Ahix1,8, $Ahix1
+ XOR $Alox1,$OUTlo,$OUTlo
+|| XOR $Ahix1,$OUThi,$OUThi
+|| XORMPY $Alo,$B_1,$Alox1
+|| XORMPY $Ahi,$B_1,$Ahix1
+|| MV A1,$Alox0
+___
+}
+sub mul_1x1_lower {
+my ($OUTlo,$OUThi)=@_;
+$code.=<<___;
+ ;NOP
+ XOR $Ahix0,$Alox2,$Ahix0
+|| MV $Ahix2,$OUThi
+ NOP
+ XOR $Ahix1,$Alox3,$Ahix1
+|| SHL $Ahix0,16,$OUTlo
+|| SHRU $Ahix0,16,$Ahix0
+ XOR $Alox0,$OUTlo,$OUTlo
+|| XOR $Ahix0,$OUThi,$OUThi
+|| SHL $Alox1,8,$Alox1
+|| SHL $Ahix3,8,$Ahix3
+ XOR $Alox1,$OUTlo,$OUTlo
+|| XOR $Ahix3,$OUThi,$OUThi
+|| SHL $Ahix1,24,$Alox1
+|| SHRU $Ahix1,8, $Ahix1
+ XOR $Alox1,$OUTlo,$OUTlo
+|| XOR $Ahix1,$OUThi,$OUThi
+___
+}
+$code.=<<___;
+ .text
+
+ .if .ASSEMBLER_VERSION<7000000
+ .asg 0,__TI_EABI__
+ .endif
+ .if __TI_EABI__
+ .asg bn_GF2m_mul_2x2,_bn_GF2m_mul_2x2
+ .endif
+
+ .global _bn_GF2m_mul_2x2
+_bn_GF2m_mul_2x2:
+ .asmfunc
+ MVK 0xFF,$xFF
+___
+ &mul_1x1_upper($a0,$b0); # a0·b0
+$code.=<<___;
+|| MV $b1,$B
+ MV $a1,$A
+___
+ &mul_1x1_merged("A28","B28",$A,$B); # a0·b0/a1·b1
+$code.=<<___;
+|| XOR $b0,$b1,$B
+ XOR $a0,$a1,$A
+___
+ &mul_1x1_merged("A31","B31",$A,$B); # a1·b1/(a0+a1)·(b0+b1)
+$code.=<<___;
+ XOR A28,A31,A29
+|| XOR B28,B31,B29 ; a0·b0+a1·b1
+___
+ &mul_1x1_lower("A30","B30"); # (a0+a1)·(b0+b1)
+$code.=<<___;
+|| BNOP B3
+ XOR A29,A30,A30
+|| XOR B29,B30,B30 ; (a0+a1)·(b0+b1)-a0·b0-a1·b1
+ XOR B28,A30,A30
+|| STW A28,*${rp}[0]
+ XOR B30,A31,A31
+|| STW A30,*${rp}[1]
+ STW A31,*${rp}[2]
+ STW B31,*${rp}[3]
+ .endasmfunc
+___
+
+print $code;
+close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/co-586.pl b/deps/openssl/openssl/crypto/bn/asm/co-586.pl
index 57101a6bd7..60d0363660 100644
--- a/deps/openssl/openssl/crypto/bn/asm/co-586.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/co-586.pl
@@ -1,9 +1,18 @@
-#!/usr/local/bin/perl
+#! /usr/bin/env perl
+# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
+$output = pop;
+open STDOUT,">$output";
+
&asm_init($ARGV[0],$0);
&bn_mul_comba("bn_mul_comba8",8);
@@ -13,6 +22,8 @@ require "x86asm.pl";
&asm_finish();
+close STDOUT;
+
sub mul_add_c
{
local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
diff --git a/deps/openssl/openssl/crypto/bn/asm/ia64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/ia64-mont.pl
index e258658428..5cc5c599f9 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ia64-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ia64-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -60,6 +67,8 @@
# hereafter less for longer keys, while verify - by 74-13%.
# DSA performance improves by 115-30%.
+$output=pop;
+
if ($^O eq "hpux") {
$ADDP="addp4";
for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
@@ -846,6 +855,6 @@ copyright:
stringz "Montgomery multiplication for IA-64, CRYPTOGAMS by <appro\@openssl.org>"
___
-$output=shift and open STDOUT,">$output";
+open STDOUT,">$output" if $output;
print $code;
close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/ia64.S b/deps/openssl/openssl/crypto/bn/asm/ia64.S
index a9a42abfc3..f2404a3c1e 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ia64.S
+++ b/deps/openssl/openssl/crypto/bn/asm/ia64.S
@@ -3,6 +3,13 @@
.ident "ia64.S, Version 2.1"
.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+// Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+//
+// Licensed under the OpenSSL license (the "License"). You may not use
+// this file except in compliance with the License. You can obtain a copy
+// in the file LICENSE in the source distribution or at
+// https://www.openssl.org/source/license.html
+
//
// ====================================================================
// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -22,7 +29,7 @@
// ports is the same, i.e. 2, while I need 4. In other words, to this
// module Itanium2 remains effectively as "wide" as Itanium. Yet it's
// essentially different in respect to this module, and a re-tune was
-// required. Well, because some intruction latencies has changed. Most
+// required. Well, because some instruction latencies has changed. Most
// noticeably those intensively used:
//
// Itanium Itanium2
@@ -363,7 +370,7 @@ bn_mul_words:
// The loop therefore spins at the latency of xma minus 1, or in other
// words at 6*(n+4) ticks:-( Compare to the "production" loop above
// that runs in 2*(n+11) where the low latency problem is worked around
-// by moving the dependency to one-tick latent interger ALU. Note that
+// by moving the dependency to one-tick latent integer ALU. Note that
// "distance" between ldf8 and xma is not latency of ldf8, but the
// *difference* between xma and ldf8 latencies.
.L_bn_mul_words_ctop:
@@ -425,7 +432,7 @@ bn_mul_add_words:
// version was performing *all* additions in IALU and was starving
// for those even on Itanium 2. In this version one addition is
// moved to FPU and is folded with multiplication. This is at cost
-// of propogating the result from previous call to this subroutine
+// of propagating the result from previous call to this subroutine
// to L2 cache... In other words negligible even for shorter keys.
// *Overall* performance improvement [over previous version] varies
// from 11 to 22 percent depending on key length.
@@ -495,7 +502,7 @@ bn_sqr_words:
// scalability. The decision will very likely be reconsidered after the
// benchmark program is profiled. I.e. if perfomance gain on Itanium
// will appear larger than loss on "wider" IA-64, then the loop should
-// be explicitely split and the epilogue compressed.
+// be explicitly split and the epilogue compressed.
.L_bn_sqr_words_ctop:
{ .mfi; (p16) ldf8 f32=[r33],8
(p25) xmpy.lu f42=f41,f41
diff --git a/deps/openssl/openssl/crypto/bn/asm/mips-mont.pl b/deps/openssl/openssl/crypto/bn/asm/mips-mont.pl
index a33cdf4111..a907571bec 100644
--- a/deps/openssl/openssl/crypto/bn/asm/mips-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/mips-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -67,7 +74,7 @@ $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0x00fff000 : 0x00ff0000;
#
######################################################################
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
if ($flavour =~ /64|n32/i) {
diff --git a/deps/openssl/openssl/crypto/bn/asm/mips.pl b/deps/openssl/openssl/crypto/bn/asm/mips.pl
index acafde5e56..420f01f3a4 100644
--- a/deps/openssl/openssl/crypto/bn/asm/mips.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/mips.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -15,7 +22,7 @@
# This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c.
#
# The module is designed to work with either of the "new" MIPS ABI(5),
-# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under
# IRIX 5.x not only because it doesn't support new ABIs but also
# because 5.x kernels put R4x00 CPU into 32-bit mode and all those
# 64-bit instructions (daddu, dmultu, etc.) found below gonna only
@@ -49,7 +56,7 @@
# key length, more for longer keys.
$flavour = shift || "o32";
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
if ($flavour =~ /64|n32/i) {
diff --git a/deps/openssl/openssl/crypto/bn/asm/mips3-mont.pl b/deps/openssl/openssl/crypto/bn/asm/mips3-mont.pl
deleted file mode 100644
index 8f9156e02a..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/mips3-mont.pl
+++ /dev/null
@@ -1,327 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# This module doesn't present direct interest for OpenSSL, because it
-# doesn't provide better performance for longer keys. While 512-bit
-# RSA private key operations are 40% faster, 1024-bit ones are hardly
-# faster at all, while longer key operations are slower by up to 20%.
-# It might be of interest to embedded system developers though, as
-# it's smaller than 1KB, yet offers ~3x improvement over compiler
-# generated code.
-#
-# The module targets N32 and N64 MIPS ABIs and currently is a bit
-# IRIX-centric, i.e. is likely to require adaptation for other OSes.
-
-# int bn_mul_mont(
-$rp="a0"; # BN_ULONG *rp,
-$ap="a1"; # const BN_ULONG *ap,
-$bp="a2"; # const BN_ULONG *bp,
-$np="a3"; # const BN_ULONG *np,
-$n0="a4"; # const BN_ULONG *n0,
-$num="a5"; # int num);
-
-$lo0="a6";
-$hi0="a7";
-$lo1="v0";
-$hi1="v1";
-$aj="t0";
-$bi="t1";
-$nj="t2";
-$tp="t3";
-$alo="s0";
-$ahi="s1";
-$nlo="s2";
-$nhi="s3";
-$tj="s4";
-$i="s5";
-$j="s6";
-$fp="t8";
-$m1="t9";
-
-$FRAME=8*(2+8);
-
-$code=<<___;
-#include <asm.h>
-#include <regdef.h>
-
-.text
-
-.set noat
-.set reorder
-
-.align 5
-.globl bn_mul_mont
-.ent bn_mul_mont
-bn_mul_mont:
- .set noreorder
- PTR_SUB sp,64
- move $fp,sp
- .frame $fp,64,ra
- slt AT,$num,4
- li v0,0
- beqzl AT,.Lproceed
- nop
- jr ra
- PTR_ADD sp,$fp,64
- .set reorder
-.align 5
-.Lproceed:
- ld $n0,0($n0)
- ld $bi,0($bp) # bp[0]
- ld $aj,0($ap) # ap[0]
- ld $nj,0($np) # np[0]
- PTR_SUB sp,16 # place for two extra words
- sll $num,3
- li AT,-4096
- PTR_SUB sp,$num
- and sp,AT
-
- sd s0,0($fp)
- sd s1,8($fp)
- sd s2,16($fp)
- sd s3,24($fp)
- sd s4,32($fp)
- sd s5,40($fp)
- sd s6,48($fp)
- sd s7,56($fp)
-
- dmultu $aj,$bi
- ld $alo,8($ap)
- ld $nlo,8($np)
- mflo $lo0
- mfhi $hi0
- dmultu $lo0,$n0
- mflo $m1
-
- dmultu $alo,$bi
- mflo $alo
- mfhi $ahi
-
- dmultu $nj,$m1
- mflo $lo1
- mfhi $hi1
- dmultu $nlo,$m1
- daddu $lo1,$lo0
- sltu AT,$lo1,$lo0
- daddu $hi1,AT
- mflo $nlo
- mfhi $nhi
-
- move $tp,sp
- li $j,16
-.align 4
-.L1st:
- .set noreorder
- PTR_ADD $aj,$ap,$j
- ld $aj,($aj)
- PTR_ADD $nj,$np,$j
- ld $nj,($nj)
-
- dmultu $aj,$bi
- daddu $lo0,$alo,$hi0
- daddu $lo1,$nlo,$hi1
- sltu AT,$lo0,$hi0
- sltu s7,$lo1,$hi1
- daddu $hi0,$ahi,AT
- daddu $hi1,$nhi,s7
- mflo $alo
- mfhi $ahi
-
- daddu $lo1,$lo0
- sltu AT,$lo1,$lo0
- dmultu $nj,$m1
- daddu $hi1,AT
- addu $j,8
- sd $lo1,($tp)
- sltu s7,$j,$num
- mflo $nlo
- mfhi $nhi
-
- bnez s7,.L1st
- PTR_ADD $tp,8
- .set reorder
-
- daddu $lo0,$alo,$hi0
- sltu AT,$lo0,$hi0
- daddu $hi0,$ahi,AT
-
- daddu $lo1,$nlo,$hi1
- sltu s7,$lo1,$hi1
- daddu $hi1,$nhi,s7
- daddu $lo1,$lo0
- sltu AT,$lo1,$lo0
- daddu $hi1,AT
-
- sd $lo1,($tp)
-
- daddu $hi1,$hi0
- sltu AT,$hi1,$hi0
- sd $hi1,8($tp)
- sd AT,16($tp)
-
- li $i,8
-.align 4
-.Louter:
- PTR_ADD $bi,$bp,$i
- ld $bi,($bi)
- ld $aj,($ap)
- ld $alo,8($ap)
- ld $tj,(sp)
-
- dmultu $aj,$bi
- ld $nj,($np)
- ld $nlo,8($np)
- mflo $lo0
- mfhi $hi0
- daddu $lo0,$tj
- dmultu $lo0,$n0
- sltu AT,$lo0,$tj
- daddu $hi0,AT
- mflo $m1
-
- dmultu $alo,$bi
- mflo $alo
- mfhi $ahi
-
- dmultu $nj,$m1
- mflo $lo1
- mfhi $hi1
-
- dmultu $nlo,$m1
- daddu $lo1,$lo0
- sltu AT,$lo1,$lo0
- daddu $hi1,AT
- mflo $nlo
- mfhi $nhi
-
- move $tp,sp
- li $j,16
- ld $tj,8($tp)
-.align 4
-.Linner:
- .set noreorder
- PTR_ADD $aj,$ap,$j
- ld $aj,($aj)
- PTR_ADD $nj,$np,$j
- ld $nj,($nj)
-
- dmultu $aj,$bi
- daddu $lo0,$alo,$hi0
- daddu $lo1,$nlo,$hi1
- sltu AT,$lo0,$hi0
- sltu s7,$lo1,$hi1
- daddu $hi0,$ahi,AT
- daddu $hi1,$nhi,s7
- mflo $alo
- mfhi $ahi
-
- daddu $lo0,$tj
- addu $j,8
- dmultu $nj,$m1
- sltu AT,$lo0,$tj
- daddu $lo1,$lo0
- daddu $hi0,AT
- sltu s7,$lo1,$lo0
- ld $tj,16($tp)
- daddu $hi1,s7
- sltu AT,$j,$num
- mflo $nlo
- mfhi $nhi
- sd $lo1,($tp)
- bnez AT,.Linner
- PTR_ADD $tp,8
- .set reorder
-
- daddu $lo0,$alo,$hi0
- sltu AT,$lo0,$hi0
- daddu $hi0,$ahi,AT
- daddu $lo0,$tj
- sltu s7,$lo0,$tj
- daddu $hi0,s7
-
- ld $tj,16($tp)
- daddu $lo1,$nlo,$hi1
- sltu AT,$lo1,$hi1
- daddu $hi1,$nhi,AT
- daddu $lo1,$lo0
- sltu s7,$lo1,$lo0
- daddu $hi1,s7
- sd $lo1,($tp)
-
- daddu $lo1,$hi1,$hi0
- sltu $hi1,$lo1,$hi0
- daddu $lo1,$tj
- sltu AT,$lo1,$tj
- daddu $hi1,AT
- sd $lo1,8($tp)
- sd $hi1,16($tp)
-
- addu $i,8
- sltu s7,$i,$num
- bnez s7,.Louter
-
- .set noreorder
- PTR_ADD $tj,sp,$num # &tp[num]
- move $tp,sp
- move $ap,sp
- li $hi0,0 # clear borrow bit
-
-.align 4
-.Lsub: ld $lo0,($tp)
- ld $lo1,($np)
- PTR_ADD $tp,8
- PTR_ADD $np,8
- dsubu $lo1,$lo0,$lo1 # tp[i]-np[i]
- sgtu AT,$lo1,$lo0
- dsubu $lo0,$lo1,$hi0
- sgtu $hi0,$lo0,$lo1
- sd $lo0,($rp)
- or $hi0,AT
- sltu AT,$tp,$tj
- bnez AT,.Lsub
- PTR_ADD $rp,8
-
- dsubu $hi0,$hi1,$hi0 # handle upmost overflow bit
- move $tp,sp
- PTR_SUB $rp,$num # restore rp
- not $hi1,$hi0
-
- and $ap,$hi0,sp
- and $bp,$hi1,$rp
- or $ap,$ap,$bp # ap=borrow?tp:rp
-
-.align 4
-.Lcopy: ld $aj,($ap)
- PTR_ADD $ap,8
- PTR_ADD $tp,8
- sd zero,-8($tp)
- sltu AT,$tp,$tj
- sd $aj,($rp)
- bnez AT,.Lcopy
- PTR_ADD $rp,8
-
- ld s0,0($fp)
- ld s1,8($fp)
- ld s2,16($fp)
- ld s3,24($fp)
- ld s4,32($fp)
- ld s5,40($fp)
- ld s6,48($fp)
- ld s7,56($fp)
- li v0,1
- jr ra
- PTR_ADD sp,$fp,64
- .set reorder
-END(bn_mul_mont)
-.rdata
-.asciiz "Montgomery Multiplication for MIPS III/IV, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-print $code;
-close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/mips3.s b/deps/openssl/openssl/crypto/bn/asm/mips3.s
deleted file mode 100644
index dca4105c7d..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/mips3.s
+++ /dev/null
@@ -1,2201 +0,0 @@
-.rdata
-.asciiz "mips3.s, Version 1.1"
-.asciiz "MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to the OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * The module is designed to work with either of the "new" MIPS ABI(5),
- * namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
- * IRIX 5.x not only because it doesn't support new ABIs but also
- * because 5.x kernels put R4x00 CPU into 32-bit mode and all those
- * 64-bit instructions (daddu, dmultu, etc.) found below gonna only
- * cause illegal instruction exception:-(
- *
- * In addition the code depends on preprocessor flags set up by MIPSpro
- * compiler driver (either as or cc) and therefore (probably?) can't be
- * compiled by the GNU assembler. GNU C driver manages fine though...
- * I mean as long as -mmips-as is specified or is the default option,
- * because then it simply invokes /usr/bin/as which in turn takes
- * perfect care of the preprocessor definitions. Another neat feature
- * offered by the MIPSpro assembler is an optimization pass. This gave
- * me the opportunity to have the code looking more regular as all those
- * architecture dependent instruction rescheduling details were left to
- * the assembler. Cool, huh?
- *
- * Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
- * goes way over 3 times faster!
- *
- * <appro@fy.chalmers.se>
- */
-#include <asm.h>
-#include <regdef.h>
-
-#if _MIPS_ISA>=4
-#define MOVNZ(cond,dst,src) \
- movn dst,src,cond
-#else
-#define MOVNZ(cond,dst,src) \
- .set noreorder; \
- bnezl cond,.+8; \
- move dst,src; \
- .set reorder
-#endif
-
-.text
-
-.set noat
-.set reorder
-
-#define MINUS4 v1
-
-.align 5
-LEAF(bn_mul_add_words)
- .set noreorder
- bgtzl a2,.L_bn_mul_add_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_mul_add_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_mul_add_words_tail
-
-.L_bn_mul_add_words_loop:
- dmultu t0,a3
- ld t1,0(a0)
- ld t2,8(a1)
- ld t3,8(a0)
- ld ta0,16(a1)
- ld ta1,16(a0)
- daddu t1,v0
- sltu v0,t1,v0 /* All manuals say it "compares 32-bit
- * values", but it seems to work fine
- * even on 64-bit registers. */
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,0(a0)
- daddu v0,AT
-
- dmultu t2,a3
- ld ta2,24(a1)
- ld ta3,24(a0)
- daddu t3,v0
- sltu v0,t3,v0
- mflo AT
- mfhi t2
- daddu t3,AT
- daddu v0,t2
- sltu AT,t3,AT
- sd t3,8(a0)
- daddu v0,AT
-
- dmultu ta0,a3
- subu a2,4
- PTR_ADD a0,32
- PTR_ADD a1,32
- daddu ta1,v0
- sltu v0,ta1,v0
- mflo AT
- mfhi ta0
- daddu ta1,AT
- daddu v0,ta0
- sltu AT,ta1,AT
- sd ta1,-16(a0)
- daddu v0,AT
-
-
- dmultu ta2,a3
- and ta0,a2,MINUS4
- daddu ta3,v0
- sltu v0,ta3,v0
- mflo AT
- mfhi ta2
- daddu ta3,AT
- daddu v0,ta2
- sltu AT,ta3,AT
- sd ta3,-8(a0)
- daddu v0,AT
- .set noreorder
- bgtzl ta0,.L_bn_mul_add_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_mul_add_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_mul_add_words_return:
- jr ra
-
-.L_bn_mul_add_words_tail:
- dmultu t0,a3
- ld t1,0(a0)
- subu a2,1
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,0(a0)
- daddu v0,AT
- beqz a2,.L_bn_mul_add_words_return
-
- ld t0,8(a1)
- dmultu t0,a3
- ld t1,8(a0)
- subu a2,1
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,8(a0)
- daddu v0,AT
- beqz a2,.L_bn_mul_add_words_return
-
- ld t0,16(a1)
- dmultu t0,a3
- ld t1,16(a0)
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,16(a0)
- daddu v0,AT
- jr ra
-END(bn_mul_add_words)
-
-.align 5
-LEAF(bn_mul_words)
- .set noreorder
- bgtzl a2,.L_bn_mul_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_mul_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_mul_words_tail
-
-.L_bn_mul_words_loop:
- dmultu t0,a3
- ld t2,8(a1)
- ld ta0,16(a1)
- ld ta2,24(a1)
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,0(a0)
- daddu v0,t1,t0
-
- dmultu t2,a3
- subu a2,4
- PTR_ADD a0,32
- PTR_ADD a1,32
- mflo AT
- mfhi t2
- daddu v0,AT
- sltu t3,v0,AT
- sd v0,-24(a0)
- daddu v0,t3,t2
-
- dmultu ta0,a3
- mflo AT
- mfhi ta0
- daddu v0,AT
- sltu ta1,v0,AT
- sd v0,-16(a0)
- daddu v0,ta1,ta0
-
-
- dmultu ta2,a3
- and ta0,a2,MINUS4
- mflo AT
- mfhi ta2
- daddu v0,AT
- sltu ta3,v0,AT
- sd v0,-8(a0)
- daddu v0,ta3,ta2
- .set noreorder
- bgtzl ta0,.L_bn_mul_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_mul_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_mul_words_return:
- jr ra
-
-.L_bn_mul_words_tail:
- dmultu t0,a3
- subu a2,1
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,0(a0)
- daddu v0,t1,t0
- beqz a2,.L_bn_mul_words_return
-
- ld t0,8(a1)
- dmultu t0,a3
- subu a2,1
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,8(a0)
- daddu v0,t1,t0
- beqz a2,.L_bn_mul_words_return
-
- ld t0,16(a1)
- dmultu t0,a3
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,16(a0)
- daddu v0,t1,t0
- jr ra
-END(bn_mul_words)
-
-.align 5
-LEAF(bn_sqr_words)
- .set noreorder
- bgtzl a2,.L_bn_sqr_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_sqr_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_sqr_words_tail
-
-.L_bn_sqr_words_loop:
- dmultu t0,t0
- ld t2,8(a1)
- ld ta0,16(a1)
- ld ta2,24(a1)
- mflo t1
- mfhi t0
- sd t1,0(a0)
- sd t0,8(a0)
-
- dmultu t2,t2
- subu a2,4
- PTR_ADD a0,64
- PTR_ADD a1,32
- mflo t3
- mfhi t2
- sd t3,-48(a0)
- sd t2,-40(a0)
-
- dmultu ta0,ta0
- mflo ta1
- mfhi ta0
- sd ta1,-32(a0)
- sd ta0,-24(a0)
-
-
- dmultu ta2,ta2
- and ta0,a2,MINUS4
- mflo ta3
- mfhi ta2
- sd ta3,-16(a0)
- sd ta2,-8(a0)
-
- .set noreorder
- bgtzl ta0,.L_bn_sqr_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_sqr_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_sqr_words_return:
- move v0,zero
- jr ra
-
-.L_bn_sqr_words_tail:
- dmultu t0,t0
- subu a2,1
- mflo t1
- mfhi t0
- sd t1,0(a0)
- sd t0,8(a0)
- beqz a2,.L_bn_sqr_words_return
-
- ld t0,8(a1)
- dmultu t0,t0
- subu a2,1
- mflo t1
- mfhi t0
- sd t1,16(a0)
- sd t0,24(a0)
- beqz a2,.L_bn_sqr_words_return
-
- ld t0,16(a1)
- dmultu t0,t0
- mflo t1
- mfhi t0
- sd t1,32(a0)
- sd t0,40(a0)
- jr ra
-END(bn_sqr_words)
-
-.align 5
-LEAF(bn_add_words)
- .set noreorder
- bgtzl a3,.L_bn_add_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_add_words_proceed:
- li MINUS4,-4
- and AT,a3,MINUS4
- move v0,zero
- beqz AT,.L_bn_add_words_tail
-
-.L_bn_add_words_loop:
- ld ta0,0(a2)
- subu a3,4
- ld t1,8(a1)
- and AT,a3,MINUS4
- ld t2,16(a1)
- PTR_ADD a2,32
- ld t3,24(a1)
- PTR_ADD a0,32
- ld ta1,-24(a2)
- PTR_ADD a1,32
- ld ta2,-16(a2)
- ld ta3,-8(a2)
- daddu ta0,t0
- sltu t8,ta0,t0
- daddu t0,ta0,v0
- sltu v0,t0,ta0
- sd t0,-32(a0)
- daddu v0,t8
-
- daddu ta1,t1
- sltu t9,ta1,t1
- daddu t1,ta1,v0
- sltu v0,t1,ta1
- sd t1,-24(a0)
- daddu v0,t9
-
- daddu ta2,t2
- sltu t8,ta2,t2
- daddu t2,ta2,v0
- sltu v0,t2,ta2
- sd t2,-16(a0)
- daddu v0,t8
-
- daddu ta3,t3
- sltu t9,ta3,t3
- daddu t3,ta3,v0
- sltu v0,t3,ta3
- sd t3,-8(a0)
- daddu v0,t9
-
- .set noreorder
- bgtzl AT,.L_bn_add_words_loop
- ld t0,0(a1)
-
- bnezl a3,.L_bn_add_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_add_words_return:
- jr ra
-
-.L_bn_add_words_tail:
- ld ta0,0(a2)
- daddu ta0,t0
- subu a3,1
- sltu t8,ta0,t0
- daddu t0,ta0,v0
- sltu v0,t0,ta0
- sd t0,0(a0)
- daddu v0,t8
- beqz a3,.L_bn_add_words_return
-
- ld t1,8(a1)
- ld ta1,8(a2)
- daddu ta1,t1
- subu a3,1
- sltu t9,ta1,t1
- daddu t1,ta1,v0
- sltu v0,t1,ta1
- sd t1,8(a0)
- daddu v0,t9
- beqz a3,.L_bn_add_words_return
-
- ld t2,16(a1)
- ld ta2,16(a2)
- daddu ta2,t2
- sltu t8,ta2,t2
- daddu t2,ta2,v0
- sltu v0,t2,ta2
- sd t2,16(a0)
- daddu v0,t8
- jr ra
-END(bn_add_words)
-
-.align 5
-LEAF(bn_sub_words)
- .set noreorder
- bgtzl a3,.L_bn_sub_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_sub_words_proceed:
- li MINUS4,-4
- and AT,a3,MINUS4
- move v0,zero
- beqz AT,.L_bn_sub_words_tail
-
-.L_bn_sub_words_loop:
- ld ta0,0(a2)
- subu a3,4
- ld t1,8(a1)
- and AT,a3,MINUS4
- ld t2,16(a1)
- PTR_ADD a2,32
- ld t3,24(a1)
- PTR_ADD a0,32
- ld ta1,-24(a2)
- PTR_ADD a1,32
- ld ta2,-16(a2)
- ld ta3,-8(a2)
- sltu t8,t0,ta0
- dsubu t0,ta0
- dsubu ta0,t0,v0
- sd ta0,-32(a0)
- MOVNZ (t0,v0,t8)
-
- sltu t9,t1,ta1
- dsubu t1,ta1
- dsubu ta1,t1,v0
- sd ta1,-24(a0)
- MOVNZ (t1,v0,t9)
-
-
- sltu t8,t2,ta2
- dsubu t2,ta2
- dsubu ta2,t2,v0
- sd ta2,-16(a0)
- MOVNZ (t2,v0,t8)
-
- sltu t9,t3,ta3
- dsubu t3,ta3
- dsubu ta3,t3,v0
- sd ta3,-8(a0)
- MOVNZ (t3,v0,t9)
-
- .set noreorder
- bgtzl AT,.L_bn_sub_words_loop
- ld t0,0(a1)
-
- bnezl a3,.L_bn_sub_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_sub_words_return:
- jr ra
-
-.L_bn_sub_words_tail:
- ld ta0,0(a2)
- subu a3,1
- sltu t8,t0,ta0
- dsubu t0,ta0
- dsubu ta0,t0,v0
- MOVNZ (t0,v0,t8)
- sd ta0,0(a0)
- beqz a3,.L_bn_sub_words_return
-
- ld t1,8(a1)
- subu a3,1
- ld ta1,8(a2)
- sltu t9,t1,ta1
- dsubu t1,ta1
- dsubu ta1,t1,v0
- MOVNZ (t1,v0,t9)
- sd ta1,8(a0)
- beqz a3,.L_bn_sub_words_return
-
- ld t2,16(a1)
- ld ta2,16(a2)
- sltu t8,t2,ta2
- dsubu t2,ta2
- dsubu ta2,t2,v0
- MOVNZ (t2,v0,t8)
- sd ta2,16(a0)
- jr ra
-END(bn_sub_words)
-
-#undef MINUS4
-
-.align 5
-LEAF(bn_div_3_words)
- .set reorder
- move a3,a0 /* we know that bn_div_words doesn't
- * touch a3, ta2, ta3 and preserves a2
- * so that we can save two arguments
- * and return address in registers
- * instead of stack:-)
- */
- ld a0,(a3)
- move ta2,a1
- ld a1,-8(a3)
- bne a0,a2,.L_bn_div_3_words_proceed
- li v0,-1
- jr ra
-.L_bn_div_3_words_proceed:
- move ta3,ra
- bal bn_div_words
- move ra,ta3
- dmultu ta2,v0
- ld t2,-16(a3)
- move ta0,zero
- mfhi t1
- mflo t0
- sltu t8,t1,v1
-.L_bn_div_3_words_inner_loop:
- bnez t8,.L_bn_div_3_words_inner_loop_done
- sgeu AT,t2,t0
- seq t9,t1,v1
- and AT,t9
- sltu t3,t0,ta2
- daddu v1,a2
- dsubu t1,t3
- dsubu t0,ta2
- sltu t8,t1,v1
- sltu ta0,v1,a2
- or t8,ta0
- .set noreorder
- beqzl AT,.L_bn_div_3_words_inner_loop
- dsubu v0,1
- .set reorder
-.L_bn_div_3_words_inner_loop_done:
- jr ra
-END(bn_div_3_words)
-
-.align 5
-LEAF(bn_div_words)
- .set noreorder
- bnezl a2,.L_bn_div_words_proceed
- move v1,zero
- jr ra
- li v0,-1 /* I'd rather signal div-by-zero
- * which can be done with 'break 7' */
-
-.L_bn_div_words_proceed:
- bltz a2,.L_bn_div_words_body
- move t9,v1
- dsll a2,1
- bgtz a2,.-4
- addu t9,1
-
- .set reorder
- negu t1,t9
- li t2,-1
- dsll t2,t1
- and t2,a0
- dsrl AT,a1,t1
- .set noreorder
- bnezl t2,.+8
- break 6 /* signal overflow */
- .set reorder
- dsll a0,t9
- dsll a1,t9
- or a0,AT
-
-#define QT ta0
-#define HH ta1
-#define DH v1
-.L_bn_div_words_body:
- dsrl DH,a2,32
- sgeu AT,a0,a2
- .set noreorder
- bnezl AT,.+8
- dsubu a0,a2
- .set reorder
-
- li QT,-1
- dsrl HH,a0,32
- dsrl QT,32 /* q=0xffffffff */
- beq DH,HH,.L_bn_div_words_skip_div1
- ddivu zero,a0,DH
- mflo QT
-.L_bn_div_words_skip_div1:
- dmultu a2,QT
- dsll t3,a0,32
- dsrl AT,a1,32
- or t3,AT
- mflo t0
- mfhi t1
-.L_bn_div_words_inner_loop1:
- sltu t2,t3,t0
- seq t8,HH,t1
- sltu AT,HH,t1
- and t2,t8
- sltu v0,t0,a2
- or AT,t2
- .set noreorder
- beqz AT,.L_bn_div_words_inner_loop1_done
- dsubu t1,v0
- dsubu t0,a2
- b .L_bn_div_words_inner_loop1
- dsubu QT,1
- .set reorder
-.L_bn_div_words_inner_loop1_done:
-
- dsll a1,32
- dsubu a0,t3,t0
- dsll v0,QT,32
-
- li QT,-1
- dsrl HH,a0,32
- dsrl QT,32 /* q=0xffffffff */
- beq DH,HH,.L_bn_div_words_skip_div2
- ddivu zero,a0,DH
- mflo QT
-.L_bn_div_words_skip_div2:
-#undef DH
- dmultu a2,QT
- dsll t3,a0,32
- dsrl AT,a1,32
- or t3,AT
- mflo t0
- mfhi t1
-.L_bn_div_words_inner_loop2:
- sltu t2,t3,t0
- seq t8,HH,t1
- sltu AT,HH,t1
- and t2,t8
- sltu v1,t0,a2
- or AT,t2
- .set noreorder
- beqz AT,.L_bn_div_words_inner_loop2_done
- dsubu t1,v1
- dsubu t0,a2
- b .L_bn_div_words_inner_loop2
- dsubu QT,1
- .set reorder
-.L_bn_div_words_inner_loop2_done:
-#undef HH
-
- dsubu a0,t3,t0
- or v0,QT
- dsrl v1,a0,t9 /* v1 contains remainder if anybody wants it */
- dsrl a2,t9 /* restore a2 */
- jr ra
-#undef QT
-END(bn_div_words)
-
-#define a_0 t0
-#define a_1 t1
-#define a_2 t2
-#define a_3 t3
-#define b_0 ta0
-#define b_1 ta1
-#define b_2 ta2
-#define b_3 ta3
-
-#define a_4 s0
-#define a_5 s2
-#define a_6 s4
-#define a_7 a1 /* once we load a[7] we don't need a anymore */
-#define b_4 s1
-#define b_5 s3
-#define b_6 s5
-#define b_7 a2 /* once we load b[7] we don't need b anymore */
-
-#define t_1 t8
-#define t_2 t9
-
-#define c_1 v0
-#define c_2 v1
-#define c_3 a3
-
-#define FRAME_SIZE 48
-
-.align 5
-LEAF(bn_mul_comba8)
- .set noreorder
- PTR_SUB sp,FRAME_SIZE
- .frame sp,64,ra
- .set reorder
- ld a_0,0(a1) /* If compiled with -mips3 option on
- * R5000 box assembler barks on this
- * line with "shouldn't have mult/div
- * as last instruction in bb (R10K
- * bug)" warning. If anybody out there
- * has a clue about how to circumvent
- * this do send me a note.
- * <appro@fy.chalmers.se>
- */
- ld b_0,0(a2)
- ld a_1,8(a1)
- ld a_2,16(a1)
- ld a_3,24(a1)
- ld b_1,8(a2)
- ld b_2,16(a2)
- ld b_3,24(a2)
- dmultu a_0,b_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- sd s0,0(sp)
- sd s1,8(sp)
- sd s2,16(sp)
- sd s3,24(sp)
- sd s4,32(sp)
- sd s5,40(sp)
- mflo c_1
- mfhi c_2
-
- dmultu a_0,b_1 /* mul_add_c(a[0],b[1],c2,c3,c1); */
- ld a_4,32(a1)
- ld a_5,40(a1)
- ld a_6,48(a1)
- ld a_7,56(a1)
- ld b_4,32(a2)
- ld b_5,40(a2)
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- dmultu a_1,b_0 /* mul_add_c(a[1],b[0],c2,c3,c1); */
- ld b_6,48(a2)
- ld b_7,56(a2)
- sd c_1,0(a0) /* r[0]=c1; */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- sd c_2,8(a0) /* r[1]=c2; */
-
- dmultu a_2,b_0 /* mul_add_c(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- dmultu a_1,b_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_0,b_2 /* mul_add_c(a[0],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0) /* r[2]=c3; */
-
- dmultu a_0,b_3 /* mul_add_c(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_0 /* mul_add_c(a[3],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0) /* r[3]=c1; */
-
- dmultu a_4,b_0 /* mul_add_c(a[4],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_0,b_4 /* mul_add_c(a[0],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0) /* r[4]=c2; */
-
- dmultu a_0,b_5 /* mul_add_c(a[0],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_1,b_4 /* mul_add_c(a[1],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_4,b_1 /* mul_add_c(a[4],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,b_0 /* mul_add_c(a[5],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0) /* r[5]=c3; */
-
- dmultu a_6,b_0 /* mul_add_c(a[6],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_5,b_1 /* mul_add_c(a[5],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,b_2 /* mul_add_c(a[4],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_4 /* mul_add_c(a[2],b[4],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_1,b_5 /* mul_add_c(a[1],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_0,b_6 /* mul_add_c(a[0],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,48(a0) /* r[6]=c1; */
-
- dmultu a_0,b_7 /* mul_add_c(a[0],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_1,b_6 /* mul_add_c(a[1],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,b_5 /* mul_add_c(a[2],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,b_4 /* mul_add_c(a[3],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_4,b_3 /* mul_add_c(a[4],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_5,b_2 /* mul_add_c(a[5],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_6,b_1 /* mul_add_c(a[6],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_7,b_0 /* mul_add_c(a[7],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,56(a0) /* r[7]=c2; */
-
- dmultu a_7,b_1 /* mul_add_c(a[7],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_6,b_2 /* mul_add_c(a[6],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,b_3 /* mul_add_c(a[5],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_4,b_4 /* mul_add_c(a[4],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_3,b_5 /* mul_add_c(a[3],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_2,b_6 /* mul_add_c(a[2],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_1,b_7 /* mul_add_c(a[1],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,64(a0) /* r[8]=c3; */
-
- dmultu a_2,b_7 /* mul_add_c(a[2],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_3,b_6 /* mul_add_c(a[3],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,b_5 /* mul_add_c(a[4],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_5,b_4 /* mul_add_c(a[5],b[4],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_6,b_3 /* mul_add_c(a[6],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_7,b_2 /* mul_add_c(a[7],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,72(a0) /* r[9]=c1; */
-
- dmultu a_7,b_3 /* mul_add_c(a[7],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_6,b_4 /* mul_add_c(a[6],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_5,b_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_4,b_6 /* mul_add_c(a[4],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,b_7 /* mul_add_c(a[3],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,80(a0) /* r[10]=c2; */
-
- dmultu a_4,b_7 /* mul_add_c(a[4],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_5,b_6 /* mul_add_c(a[5],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_6,b_5 /* mul_add_c(a[6],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_7,b_4 /* mul_add_c(a[7],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,88(a0) /* r[11]=c3; */
-
- dmultu a_7,b_5 /* mul_add_c(a[7],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_6,b_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_5,b_7 /* mul_add_c(a[5],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,96(a0) /* r[12]=c1; */
-
- dmultu a_6,b_7 /* mul_add_c(a[6],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_7,b_6 /* mul_add_c(a[7],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,104(a0) /* r[13]=c2; */
-
- dmultu a_7,b_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
- ld s0,0(sp)
- ld s1,8(sp)
- ld s2,16(sp)
- ld s3,24(sp)
- ld s4,32(sp)
- ld s5,40(sp)
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sd c_3,112(a0) /* r[14]=c3; */
- sd c_1,120(a0) /* r[15]=c1; */
-
- PTR_ADD sp,FRAME_SIZE
-
- jr ra
-END(bn_mul_comba8)
-
-.align 5
-LEAF(bn_mul_comba4)
- .set reorder
- ld a_0,0(a1)
- ld b_0,0(a2)
- ld a_1,8(a1)
- ld a_2,16(a1)
- dmultu a_0,b_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- ld a_3,24(a1)
- ld b_1,8(a2)
- ld b_2,16(a2)
- ld b_3,24(a2)
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,b_1 /* mul_add_c(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- dmultu a_1,b_0 /* mul_add_c(a[1],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- sd c_2,8(a0)
-
- dmultu a_2,b_0 /* mul_add_c(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- dmultu a_1,b_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_0,b_2 /* mul_add_c(a[0],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,b_3 /* mul_add_c(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_0 /* mul_add_c(a[3],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0)
-
- dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0)
-
- dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sd c_1,48(a0)
- sd c_2,56(a0)
-
- jr ra
-END(bn_mul_comba4)
-
-#undef a_4
-#undef a_5
-#undef a_6
-#undef a_7
-#define a_4 b_0
-#define a_5 b_1
-#define a_6 b_2
-#define a_7 b_3
-
-.align 5
-LEAF(bn_sqr_comba8)
- .set reorder
- ld a_0,0(a1)
- ld a_1,8(a1)
- ld a_2,16(a1)
- ld a_3,24(a1)
-
- dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- ld a_4,32(a1)
- ld a_5,40(a1)
- ld a_6,48(a1)
- ld a_7,56(a1)
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- sd c_2,8(a0)
-
- dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_1,a_2 /* mul_add_c2(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0)
-
- dmultu a_4,a_0 /* mul_add_c2(a[4],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_0,a_5 /* mul_add_c2(a[0],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_1,a_4 /* mul_add_c2(a[1],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0)
-
- dmultu a_6,a_0 /* mul_add_c2(a[6],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_5,a_1 /* mul_add_c2(a[5],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,a_2 /* mul_add_c2(a[4],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,48(a0)
-
- dmultu a_0,a_7 /* mul_add_c2(a[0],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_1,a_6 /* mul_add_c2(a[1],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,a_5 /* mul_add_c2(a[2],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,a_4 /* mul_add_c2(a[3],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,56(a0)
-
- dmultu a_7,a_1 /* mul_add_c2(a[7],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_6,a_2 /* mul_add_c2(a[6],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,a_3 /* mul_add_c2(a[5],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_4,a_4 /* mul_add_c(a[4],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,64(a0)
-
- dmultu a_2,a_7 /* mul_add_c2(a[2],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,a_6 /* mul_add_c2(a[3],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,a_5 /* mul_add_c2(a[4],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,72(a0)
-
- dmultu a_7,a_3 /* mul_add_c2(a[7],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_6,a_4 /* mul_add_c2(a[6],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_5,a_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,80(a0)
-
- dmultu a_4,a_7 /* mul_add_c2(a[4],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,a_6 /* mul_add_c2(a[5],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,88(a0)
-
- dmultu a_7,a_5 /* mul_add_c2(a[7],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_6,a_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,96(a0)
-
- dmultu a_6,a_7 /* mul_add_c2(a[6],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,104(a0)
-
- dmultu a_7,a_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sd c_3,112(a0)
- sd c_1,120(a0)
-
- jr ra
-END(bn_sqr_comba8)
-
-.align 5
-LEAF(bn_sqr_comba4)
- .set reorder
- ld a_0,0(a1)
- ld a_1,8(a1)
- ld a_2,16(a1)
- ld a_3,24(a1)
- dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- sd c_2,8(a0)
-
- dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_1,a_2 /* mul_add_c(a2[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0)
-
- dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0)
-
- dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sd c_1,48(a0)
- sd c_2,56(a0)
-
- jr ra
-END(bn_sqr_comba4)
diff --git a/deps/openssl/openssl/crypto/bn/asm/pa-risc2.s b/deps/openssl/openssl/crypto/bn/asm/pa-risc2.s
index f3b16290eb..413eac7123 100644
--- a/deps/openssl/openssl/crypto/bn/asm/pa-risc2.s
+++ b/deps/openssl/openssl/crypto/bn/asm/pa-risc2.s
@@ -1,3 +1,9 @@
+; Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+;
+; Licensed under the OpenSSL license (the "License"). You may not use
+; this file except in compliance with the License. You can obtain a copy
+; in the file LICENSE in the source distribution or at
+; https://www.openssl.org/source/license.html
;
; PA-RISC 2.0 implementation of bn_asm code, based on the
; 64-bit version of the code. This code is effectively the
diff --git a/deps/openssl/openssl/crypto/bn/asm/pa-risc2W.s b/deps/openssl/openssl/crypto/bn/asm/pa-risc2W.s
index a99545754d..97381172e7 100644
--- a/deps/openssl/openssl/crypto/bn/asm/pa-risc2W.s
+++ b/deps/openssl/openssl/crypto/bn/asm/pa-risc2W.s
@@ -1,3 +1,10 @@
+; Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+;
+; Licensed under the OpenSSL license (the "License"). You may not use
+; this file except in compliance with the License. You can obtain a copy
+; in the file LICENSE in the source distribution or at
+; https://www.openssl.org/source/license.html
+
;
; PA-RISC 64-bit implementation of bn_asm code
;
diff --git a/deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl b/deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl
index c02ef6f014..8aa94e8511 100644
--- a/deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -126,7 +133,7 @@ $fp="%r3";
$hi1="%r2";
$hi0="%r1";
-$xfer=$n0; # accomodates [-16..15] offset in fld[dw]s
+$xfer=$n0; # accommodates [-16..15] offset in fld[dw]s
$fm0="%fr4"; $fti=$fm0;
$fbi="%fr5L";
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl b/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
index 6930a3aceb..5802260ca6 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc.pl b/deps/openssl/openssl/crypto/bn/asm/ppc.pl
index 446d8ba949..4ea534a1c7 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc.pl
@@ -1,5 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# Implemented as a Perl wrapper as we want to support several different
# architectures with single file. We pick up the target based on the
# file name we are asked to generate.
@@ -419,7 +425,7 @@ $data=<<EOF;
# r9,r10, r11 are the equivalents of c1,c2, c3.
#
# Possible optimization of loading all 8 longs of a into registers
-# doesnt provide any speedup
+# doesn't provide any speedup
#
xor r0,r0,r0 #set r0 = 0.Used in addze
@@ -1009,7 +1015,7 @@ $data=<<EOF;
$UMULL r8,r6,r7
$UMULH r9,r6,r7
addc r11,r11,r8
- addze r12,r9 # since we didnt set r12 to zero before.
+ addze r12,r9 # since we didn't set r12 to zero before.
addze r10,r0
#mul_add_c(a[1],b[0],c2,c3,c1);
$LD r6,`1*$BNSZ`(r4)
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
index 595fc6d31f..1e19c958a1 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
diff --git a/deps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl b/deps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl
index 2b3f8b0e21..46d746b7d0 100755
--- a/deps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
##############################################################################
# #
@@ -103,7 +110,7 @@ if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-
$addx = ($ver>=3.03);
}
-open OUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT = *OUT;
if ($avx>1) {{{
diff --git a/deps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl b/deps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl
index 87ce2c34d9..6f3b664f7a 100755
--- a/deps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
##############################################################################
# #
@@ -95,7 +102,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open OUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
@@ -1767,7 +1774,7 @@ ___
{ # __rsaz_512_mul
#
# input: %rsi - ap, %rbp - bp
- # ouput:
+ # output:
# clobbers: everything
my ($ap,$bp) = ("%rsi","%rbp");
$code.=<<___;
@@ -1919,7 +1926,7 @@ if ($addx) {
# __rsaz_512_mulx
#
# input: %rsi - ap, %rbp - bp
- # ouput:
+ # output:
# clobbers: everything
my ($ap,$bp,$zero) = ("%rsi","%rbp","%rdi");
$code.=<<___;
diff --git a/deps/openssl/openssl/crypto/bn/asm/s390x-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/s390x-gf2m.pl
index 9d18d40e77..cbd16f4214 100644
--- a/deps/openssl/openssl/crypto/bn/asm/s390x-gf2m.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/s390x-gf2m.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -35,7 +42,7 @@ if ($flavour =~ /3[12]/) {
$g="g";
}
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$stdframe=16*$SIZE_T+4*8;
diff --git a/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl b/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
index 9fd64e81ee..2205bc2ca0 100644
--- a/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -54,7 +61,7 @@ if ($flavour =~ /3[12]/) {
$g="g";
}
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$stdframe=16*$SIZE_T+4*8;
diff --git a/deps/openssl/openssl/crypto/bn/asm/s390x.S b/deps/openssl/openssl/crypto/bn/asm/s390x.S
index f5eebe413a..292a7a9998 100755..100644
--- a/deps/openssl/openssl/crypto/bn/asm/s390x.S
+++ b/deps/openssl/openssl/crypto/bn/asm/s390x.S
@@ -1,11 +1,11 @@
.ident "s390x.S, version 1.1"
// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project.
+// Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
+// Licensed under the OpenSSL license (the "License"). You may not use
+// this file except in compliance with the License. You can obtain a copy
+// in the file LICENSE in the source distribution or at
+// https://www.openssl.org/source/license.html
// ====================================================================
.text
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl b/deps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl
index 71b45002a4..4faf66f10a 100755
--- a/deps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by David S. Miller <davem@devemloft.net> and Andy Polyakov
@@ -76,6 +83,9 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "sparcv9_modes.pl";
+$output = pop;
+open STDOUT,">$output";
+
$code.=<<___;
#include "sparc_arch.h"
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv8.S b/deps/openssl/openssl/crypto/bn/asm/sparcv8.S
index 88c5dc480a..9c31073b24 100644
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv8.S
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv8.S
@@ -3,12 +3,12 @@
/*
* ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
+ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
* ====================================================================
*/
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv8plus.S b/deps/openssl/openssl/crypto/bn/asm/sparcv8plus.S
index 63de1860f2..714a136675 100644
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv8plus.S
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv8plus.S
@@ -3,12 +3,12 @@
/*
* ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
+ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
* ====================================================================
*/
@@ -52,7 +52,7 @@
* # cd ../..
* # make; make test
*
- * Q. V8plus achitecture? What kind of beast is that?
+ * Q. V8plus architecture? What kind of beast is that?
* A. Well, it's rather a programming model than an architecture...
* It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
* special conditions, namely when kernel doesn't preserve upper
@@ -71,7 +71,7 @@
*
* Q. 64-bit registers under 32-bit kernels? Didn't you just say it
* doesn't work?
- * A. You can't adress *all* registers as 64-bit wide:-( The catch is
+ * A. You can't address *all* registers as 64-bit wide:-( The catch is
* that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
* preserved if you're in a leaf function, i.e. such never calling
* any other functions. All functions in this module are leaf and
@@ -144,6 +144,10 @@
* }
*/
+#ifdef OPENSSL_FIPSCANISTER
+#include <openssl/fipssyms.h>
+#endif
+
#if defined(__SUNPRO_C) && defined(__sparcv9)
/* They've said -xarch=v9 at command line */
.register %g2,#scratch
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv9-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/sparcv9-gf2m.pl
index ab94cd917c..dcf11a87a1 100644
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv9-gf2m.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv9-gf2m.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -18,6 +25,9 @@
# ~100-230% faster than gcc-generated code and ~35-90% faster than
# the pure SPARCv9 code path.
+$output = pop;
+open STDOUT,">$output";
+
$locals=16*8;
$tab="%l0";
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv9-mont.pl b/deps/openssl/openssl/crypto/bn/asm/sparcv9-mont.pl
index d866287800..6807c8b6e0 100644
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv9-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv9-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -13,7 +20,7 @@
# for undertaken effort are multiple. First of all, UltraSPARC is not
# the whole SPARCv9 universe and other VIS-free implementations deserve
# optimized code as much. Secondly, newly introduced UltraSPARC T1,
-# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
+# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive paths,
# such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
# several integrated RSA/DSA accelerator circuits accessible through
# kernel driver [only(*)], but having decent user-land software
@@ -23,7 +30,7 @@
# instructions...
# (*) Engine accessing the driver in question is on my TODO list.
-# For reference, acceleator is estimated to give 6 to 10 times
+# For reference, accelerator is estimated to give 6 to 10 times
# improvement on single-threaded RSA sign. It should be noted
# that 6-10x improvement coefficient does not actually mean
# something extraordinary in terms of absolute [single-threaded]
@@ -42,6 +49,9 @@
# module still have hidden potential [see TODO list there], which is
# estimated to be larger than 20%...
+$output = pop;
+open STDOUT,">$output";
+
# int bn_mul_mont(
$rp="%i0"; # BN_ULONG *rp,
$ap="%i1"; # const BN_ULONG *ap,
@@ -50,10 +60,8 @@ $np="%i3"; # const BN_ULONG *np,
$n0="%i4"; # const BN_ULONG *n0,
$num="%i5"; # int num);
-$bits=32;
-for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64) { $bias=2047; $frame=192; }
-else { $bias=0; $frame=128; }
+$frame="STACK_FRAME";
+$bias="STACK_BIAS";
$car0="%o0";
$car1="%o1";
@@ -76,6 +84,8 @@ $tpj="%l7";
$fname="bn_mul_mont_int";
$code=<<___;
+#include "sparc_arch.h"
+
.section ".text",#alloc,#execinstr
.global $fname
@@ -105,7 +115,7 @@ $fname:
ld [$np],$car1 ! np[0]
sub %o7,$bias,%sp ! alloca
ld [$np+4],$npj ! np[1]
- be,pt `$bits==32?"%icc":"%xcc"`,.Lbn_sqr_mont
+ be,pt SIZE_T_CC,.Lbn_sqr_mont
mov 12,$j
mulx $car0,$mul0,$car0 ! ap[0]*bp[0]
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl b/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
index a14205f2f0..50b690653f 100755
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -51,21 +58,17 @@
#
# Modulo-scheduled inner loops allow to interleave floating point and
# integer instructions and minimize Read-After-Write penalties. This
-# results in *further* 20-50% perfromance improvement [depending on
+# results in *further* 20-50% performance improvement [depending on
# key length, more for longer keys] on USI&II cores and 30-80% - on
# USIII&IV.
+$output = pop;
+open STDOUT,">$output";
+
$fname="bn_mul_mont_fpu";
-$bits=32;
-for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-
-if ($bits==64) {
- $bias=2047;
- $frame=192;
-} else {
- $bias=0;
- $frame=128; # 96 rounded up to largest known cache-line
-}
+
+$frame="STACK_FRAME";
+$bias="STACK_BIAS";
$locals=64;
# In order to provide for 32-/64-bit ABI duality, I keep integers wider
@@ -121,6 +124,8 @@ $nhia="%f56"; $nhib="%f58"; $nhic="%f60"; $nhid="%f62";
$ASI_FL16_P=0xD2; # magic ASI value to engage 16-bit FP load
$code=<<___;
+#include "sparc_arch.h"
+
.section ".text",#alloc,#execinstr
.global $fname
@@ -867,7 +872,7 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
# Below substitution makes it possible to compile without demanding
-# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
+# VIS extensions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
# dare to do this, because VIS capability is detected at run-time now
# and this routine is not called on CPU not capable to execute it. Do
# note that fzeros is not the only VIS dependency! Another dependency
diff --git a/deps/openssl/openssl/crypto/bn/asm/via-mont.pl b/deps/openssl/openssl/crypto/bn/asm/via-mont.pl
index c046a514c8..9f81bc822e 100644
--- a/deps/openssl/openssl/crypto/bn/asm/via-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/via-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -81,6 +88,9 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
+$output = pop;
+open STDOUT,">$output";
+
&asm_init($ARGV[0],"via-mont.pl");
# int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
@@ -240,3 +250,5 @@ $sp=&DWP(28,"esp");
&asciz("Padlock Montgomery Multiplication, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
+
+close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/vis3-mont.pl b/deps/openssl/openssl/crypto/bn/asm/vis3-mont.pl
index 263ac02b6f..64dba4480f 100644
--- a/deps/openssl/openssl/crypto/bn/asm/vis3-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/vis3-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -18,16 +25,20 @@
# for reference purposes, because T4 has dedicated Montgomery
# multiplication and squaring *instructions* that deliver even more.
-$bits=32;
-for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64) { $bias=2047; $frame=192; }
-else { $bias=0; $frame=112; }
+$output = pop;
+open STDOUT,">$output";
+
+$frame = "STACK_FRAME";
+$bias = "STACK_BIAS";
+
+$code.=<<___;
+#include "sparc_arch.h"
-$code.=<<___ if ($bits==64);
+#ifdef __arch64__
.register %g2,#scratch
.register %g3,#scratch
-___
-$code.=<<___;
+#endif
+
.section ".text",#alloc,#execinstr
___
@@ -333,7 +344,7 @@ ___
# Purpose of these subroutines is to explicitly encode VIS instructions,
# so that one can compile the module without having to specify VIS
-# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
# Idea is to reserve for option to produce "universal" binary and let
# programmer detect if current CPU is VIS capable at run-time.
sub unvis3 {
diff --git a/deps/openssl/openssl/crypto/bn/asm/vms.mar b/deps/openssl/openssl/crypto/bn/asm/vms.mar
deleted file mode 100644
index aefab15cdb..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/vms.mar
+++ /dev/null
@@ -1,6440 +0,0 @@
- .title vax_bn_mul_add_words unsigned multiply & add, 32*32+32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
-; ULONG c = 0;
-; int i;
-; for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
-; return c;
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP) n by value (input)
-w=16 ;(AP) w by value (input)
-
-
- .psect code,nowrt
-
-.entry bn_mul_add_words,^m<r2,r3,r4,r5,r6>
-
- moval @r(ap),r2
- moval @a(ap),r3
- movl n(ap),r4 ; assumed >0 by C code
- movl w(ap),r5
- clrl r6 ; c
-
-0$:
- emul r5,(r3),(r2),r0 ; w, a[], r[] considered signed
-
- ; fixup for "negative" r[]
- tstl (r2)
- bgeq 10$
- incl r1
-10$:
-
- ; add in c
- addl2 r6,r0
- adwc #0,r1
-
- ; combined fixup for "negative" w, a[]
- tstl r5
- bgeq 20$
- addl2 (r3),r1
-20$:
- tstl (r3)
- bgeq 30$
- addl2 r5,r1
-30$:
-
- movl r0,(r2)+ ; store lo result in r[] & advance
- addl #4,r3 ; advance a[]
- movl r1,r6 ; store hi result => c
-
- sobgtr r4,0$
-
- movl r6,r0 ; return c
- ret
-
- .title vax_bn_mul_words unsigned multiply & add, 32*32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
-; ULONG c = 0;
-; int i;
-; for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
-; return(c);
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP) n by value (input)
-w=16 ;(AP) w by value (input)
-
-
- .psect code,nowrt
-
-.entry bn_mul_words,^m<r2,r3,r4,r5,r6>
-
- moval @r(ap),r2 ; r2 -> r[]
- moval @a(ap),r3 ; r3 -> a[]
- movl n(ap),r4 ; r4 = loop count (assumed >0 by C code)
- movl w(ap),r5 ; r5 = w
- clrl r6 ; r6 = c
-
-0$:
- ; <r1,r0> := w * a[] + c
- emul r5,(r3),r6,r0 ; w, a[], c considered signed
-
- ; fixup for "negative" c
- tstl r6 ; c
- bgeq 10$
- incl r1
-10$:
-
- ; combined fixup for "negative" w, a[]
- tstl r5 ; w
- bgeq 20$
- addl2 (r3),r1 ; a[]
-20$:
- tstl (r3) ; a[]
- bgeq 30$
- addl2 r5,r1 ; w
-30$:
-
- movl r0,(r2)+ ; store lo result in r[] & advance
- addl #4,r3 ; advance a[]
- movl r1,r6 ; store hi result => c
-
- sobgtr r4,0$
-
- movl r6,r0 ; return c
- ret
-
- .title vax_bn_sqr_words unsigned square, 32*32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
-; int i;
-; for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP) n by value (input)
-
-
- .psect code,nowrt
-
-.entry bn_sqr_words,^m<r2,r3,r4,r5>
-
- moval @r(ap),r2 ; r2 -> r[]
- moval @a(ap),r3 ; r3 -> a[]
- movl n(ap),r4 ; r4 = n (assumed >0 by C code)
-
-0$:
- movl (r3)+,r5 ; r5 = a[] & advance
-
- ; <r1,r0> := a[] * a[]
- emul r5,r5,#0,r0 ; a[] considered signed
-
- ; fixup for "negative" a[]
- tstl r5 ; a[]
- bgeq 30$
- addl2 r5,r1 ; a[]
- addl2 r5,r1 ; a[]
-30$:
-
- movl r0,(r2)+ ; store lo result in r[] & advance
- movl r1,(r2)+ ; store hi result in r[] & advance
-
- sobgtr r4,0$
-
- movl #1,r0 ; return SS$_NORMAL
- ret
-
- .title vax_bn_div_words unsigned divide
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_div_words(ULONG h, ULONG l, ULONG d)
-; {
-; return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d);
-; }
-;
-; Using EDIV would be very easy, if it didn't do signed calculations.
-; Any time any of the input numbers are signed, there are problems,
-; usually with integer overflow, at which point it returns useless
-; data (the quotient gets the value of l, and the remainder becomes 0).
-;
-; If it was just for the dividend, it would be very easy, just divide
-; it by 2 (unsigned), do the division, multiply the resulting quotient
-; and remainder by 2, add the bit that was dropped when dividing by 2
-; to the remainder, and do some adjustment so the remainder doesn't
-; end up larger than the divisor. For some cases when the divisor is
-; negative (from EDIV's point of view, i.e. when the highest bit is set),
-; dividing the dividend by 2 isn't enough, and since some operations
-; might generate integer overflows even when the dividend is divided by
-; 4 (when the high part of the shifted down dividend ends up being exactly
-; half of the divisor, the result is the quotient 0x80000000, which is
-; negative...) it needs to be divided by 8. Furthermore, the divisor needs
-; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
-; In this case, a little extra fiddling with the remainder is required.
-;
-; So, the simplest way to handle this is always to divide the dividend
-; by 8, and to divide the divisor by 2 if it's highest bit is set.
-; After EDIV has been used, the quotient gets multiplied by 8 if the
-; original divisor was positive, otherwise 4. The remainder, oddly
-; enough, is *always* multiplied by 8.
-; NOTE: in the case mentioned above, where the high part of the shifted
-; down dividend ends up being exactly half the shifted down divisor, we
-; end up with a 33 bit quotient. That's no problem however, it usually
-; means we have ended up with a too large remainder as well, and the
-; problem is fixed by the last part of the algorithm (next paragraph).
-;
-; The routine ends with comparing the resulting remainder with the
-; original divisor and if the remainder is larger, subtract the
-; original divisor from it, and increase the quotient by 1. This is
-; done until the remainder is smaller than the divisor.
-;
-; The complete algorithm looks like this:
-;
-; d' = d
-; l' = l & 7
-; [h,l] = [h,l] >> 3
-; [q,r] = floor([h,l] / d) # This is the EDIV operation
-; if (q < 0) q = -q # I doubt this is necessary any more
-;
-; r' = r >> 29
-; if (d' >= 0)
-; q' = q >> 29
-; q = q << 3
-; else
-; q' = q >> 30
-; q = q << 2
-; r = (r << 3) + l'
-;
-; if (d' < 0)
-; {
-; [r',r] = [r',r] - q
-; while ([r',r] < 0)
-; {
-; [r',r] = [r',r] + d
-; [q',q] = [q',q] - 1
-; }
-; }
-;
-; while ([r',r] >= d')
-; {
-; [r',r] = [r',r] - d'
-; [q',q] = [q',q] + 1
-; }
-;
-; return q
-
-h=4 ;(AP) h by value (input)
-l=8 ;(AP) l by value (input)
-d=12 ;(AP) d by value (input)
-
-;r2 = l, q
-;r3 = h, r
-;r4 = d
-;r5 = l'
-;r6 = r'
-;r7 = d'
-;r8 = q'
-
- .psect code,nowrt
-
-.entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8>
- movl l(ap),r2
- movl h(ap),r3
- movl d(ap),r4
-
- bicl3 #^XFFFFFFF8,r2,r5 ; l' = l & 7
- bicl3 #^X00000007,r2,r2
-
- bicl3 #^XFFFFFFF8,r3,r6
- bicl3 #^X00000007,r3,r3
-
- addl r6,r2
-
- rotl #-3,r2,r2 ; l = l >> 3
- rotl #-3,r3,r3 ; h = h >> 3
-
- movl r4,r7 ; d' = d
-
- movl #0,r6 ; r' = 0
- movl #0,r8 ; q' = 0
-
- tstl r4
- beql 666$ ; Uh-oh, the divisor is 0...
- bgtr 1$
- rotl #-1,r4,r4 ; If d is negative, shift it right.
- bicl2 #^X80000000,r4 ; Since d is then a large number, the
- ; lowest bit is insignificant
- ; (contradict that, and I'll fix the problem!)
-1$:
- ediv r4,r2,r2,r3 ; Do the actual division
-
- tstl r2
- bgeq 3$
- mnegl r2,r2 ; if q < 0, negate it
-3$:
- tstl r7
- blss 4$
- rotl #3,r2,r2 ; q = q << 3
- bicl3 #^XFFFFFFF8,r2,r8 ; q' gets the high bits from q
- bicl3 #^X00000007,r2,r2
- bsb 41$
-4$: ; else
- rotl #2,r2,r2 ; q = q << 2
- bicl3 #^XFFFFFFFC,r2,r8 ; q' gets the high bits from q
- bicl3 #^X00000003,r2,r2
-41$:
- rotl #3,r3,r3 ; r = r << 3
- bicl3 #^XFFFFFFF8,r3,r6 ; r' gets the high bits from r
- bicl3 #^X00000007,r3,r3
- addl r5,r3 ; r = r + l'
-
- tstl r7
- bgeq 5$
- bitl #1,r7
- beql 5$ ; if d' < 0 && d' & 1
- subl r2,r3 ; [r',r] = [r',r] - [q',q]
- sbwc r8,r6
-45$:
- bgeq 5$ ; while r < 0
- decl r2 ; [q',q] = [q',q] - 1
- sbwc #0,r8
- addl r7,r3 ; [r',r] = [r',r] + d'
- adwc #0,r6
- brb 45$
-
-; The return points are placed in the middle to keep a short distance from
-; all the branch points
-42$:
-; movl r3,r1
- movl r2,r0
- ret
-666$:
- movl #^XFFFFFFFF,r0
- ret
-
-5$:
- tstl r6
- bneq 6$
- cmpl r3,r7
- blssu 42$ ; while [r',r] >= d'
-6$:
- subl r7,r3 ; [r',r] = [r',r] - d'
- sbwc #0,r6
- incl r2 ; [q',q] = [q',q] + 1
- adwc #0,r8
- brb 5$
-
- .title vax_bn_add_words unsigned add of two arrays
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) {
-; ULONG c = 0;
-; int i;
-; for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c;
-; return(c);
-; }
-
-r=4 ;(AP) r by reference (output)
-a=8 ;(AP) a by reference (input)
-b=12 ;(AP) b by reference (input)
-n=16 ;(AP) n by value (input)
-
-
- .psect code,nowrt
-
-.entry bn_add_words,^m<r2,r3,r4,r5,r6>
-
- moval @r(ap),r2
- moval @a(ap),r3
- moval @b(ap),r4
- movl n(ap),r5 ; assumed >0 by C code
- clrl r0 ; c
-
- tstl r5 ; carry = 0
- bleq 666$
-
-0$:
- movl (r3)+,r6 ; carry untouched
- adwc (r4)+,r6 ; carry used and touched
- movl r6,(r2)+ ; carry untouched
- sobgtr r5,0$ ; carry untouched
-
- adwc #0,r0
-666$:
- ret
-
- .title vax_bn_sub_words unsigned add of two arrays
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) {
-; ULONG c = 0;
-; int i;
-; for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c;
-; return(c);
-; }
-
-r=4 ;(AP) r by reference (output)
-a=8 ;(AP) a by reference (input)
-b=12 ;(AP) b by reference (input)
-n=16 ;(AP) n by value (input)
-
-
- .psect code,nowrt
-
-.entry bn_sub_words,^m<r2,r3,r4,r5,r6>
-
- moval @r(ap),r2
- moval @a(ap),r3
- moval @b(ap),r4
- movl n(ap),r5 ; assumed >0 by C code
- clrl r0 ; c
-
- tstl r5 ; carry = 0
- bleq 666$
-
-0$:
- movl (r3)+,r6 ; carry untouched
- sbwc (r4)+,r6 ; carry used and touched
- movl r6,(r2)+ ; carry untouched
- sobgtr r5,0$ ; carry untouched
-
- adwc #0,r0
-666$:
- ret
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP) n by value (input)
-
- .psect code,nowrt
-
-.entry BN_MUL_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
- movab -924(sp),sp
- clrq r8
-
- clrl r10
-
- movl 8(ap),r6
- movzwl 2(r6),r3
- movl 12(ap),r7
- bicl3 #-65536,(r7),r2
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-12(fp)
- bicl3 #-65536,r3,-16(fp)
- mull3 r0,-12(fp),-4(fp)
- mull2 r2,-12(fp)
- mull3 r2,-16(fp),-8(fp)
- mull2 r0,-16(fp)
- addl3 -4(fp),-8(fp),r0
- bicl3 #0,r0,-4(fp)
- cmpl -4(fp),-8(fp)
- bgequ noname.45
- addl2 #65536,-16(fp)
-noname.45:
- movzwl -2(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-16(fp)
- bicl3 #-65536,-4(fp),r0
- ashl #16,r0,-8(fp)
- addl3 -8(fp),-12(fp),r0
- bicl3 #0,r0,-12(fp)
- cmpl -12(fp),-8(fp)
- bgequ noname.46
- incl -16(fp)
-noname.46:
- movl -12(fp),r1
- movl -16(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.47
- incl r2
-noname.47:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.48
- incl r10
-noname.48:
-
- movl 4(ap),r11
- movl r9,(r11)
-
- clrl r9
-
- movzwl 2(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-28(fp)
- bicl3 #-65536,r2,-32(fp)
- mull3 r0,-28(fp),-20(fp)
- mull2 r3,-28(fp)
- mull3 r3,-32(fp),-24(fp)
- mull2 r0,-32(fp)
- addl3 -20(fp),-24(fp),r0
- bicl3 #0,r0,-20(fp)
- cmpl -20(fp),-24(fp)
- bgequ noname.49
- addl2 #65536,-32(fp)
-noname.49:
- movzwl -18(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-32(fp)
- bicl3 #-65536,-20(fp),r0
- ashl #16,r0,-24(fp)
- addl3 -24(fp),-28(fp),r0
- bicl3 #0,r0,-28(fp)
- cmpl -28(fp),-24(fp)
- bgequ noname.50
- incl -32(fp)
-noname.50:
- movl -28(fp),r1
- movl -32(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.51
- incl r2
-noname.51:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.52
- incl r9
-noname.52:
-
- movzwl 6(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-44(fp)
- bicl3 #-65536,r2,-48(fp)
- mull3 r0,-44(fp),-36(fp)
- mull2 r3,-44(fp)
- mull3 r3,-48(fp),-40(fp)
- mull2 r0,-48(fp)
- addl3 -36(fp),-40(fp),r0
- bicl3 #0,r0,-36(fp)
- cmpl -36(fp),-40(fp)
- bgequ noname.53
- addl2 #65536,-48(fp)
-noname.53:
- movzwl -34(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-48(fp)
- bicl3 #-65536,-36(fp),r0
- ashl #16,r0,-40(fp)
- addl3 -40(fp),-44(fp),r0
- bicl3 #0,r0,-44(fp)
- cmpl -44(fp),-40(fp)
- bgequ noname.54
- incl -48(fp)
-noname.54:
- movl -44(fp),r1
- movl -48(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.55
- incl r2
-noname.55:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.56
- incl r9
-noname.56:
-
- movl r8,4(r11)
-
- clrl r8
-
- movzwl 10(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-60(fp)
- bicl3 #-65536,r2,-64(fp)
- mull3 r0,-60(fp),-52(fp)
- mull2 r3,-60(fp)
- mull3 r3,-64(fp),-56(fp)
- mull2 r0,-64(fp)
- addl3 -52(fp),-56(fp),r0
- bicl3 #0,r0,-52(fp)
- cmpl -52(fp),-56(fp)
- bgequ noname.57
- addl2 #65536,-64(fp)
-noname.57:
- movzwl -50(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-64(fp)
- bicl3 #-65536,-52(fp),r0
- ashl #16,r0,-56(fp)
- addl3 -56(fp),-60(fp),r0
- bicl3 #0,r0,-60(fp)
- cmpl -60(fp),-56(fp)
- bgequ noname.58
- incl -64(fp)
-noname.58:
- movl -60(fp),r1
- movl -64(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.59
- incl r2
-noname.59:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.60
- incl r8
-noname.60:
-
- movzwl 6(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-76(fp)
- bicl3 #-65536,r2,-80(fp)
- mull3 r0,-76(fp),-68(fp)
- mull2 r3,-76(fp)
- mull3 r3,-80(fp),-72(fp)
- mull2 r0,-80(fp)
- addl3 -68(fp),-72(fp),r0
- bicl3 #0,r0,-68(fp)
- cmpl -68(fp),-72(fp)
- bgequ noname.61
- addl2 #65536,-80(fp)
-noname.61:
- movzwl -66(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-80(fp)
- bicl3 #-65536,-68(fp),r0
- ashl #16,r0,-72(fp)
- addl3 -72(fp),-76(fp),r0
- bicl3 #0,r0,-76(fp)
- cmpl -76(fp),-72(fp)
- bgequ noname.62
- incl -80(fp)
-noname.62:
- movl -76(fp),r1
- movl -80(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.63
- incl r2
-noname.63:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.64
- incl r8
-noname.64:
-
- movzwl 2(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-92(fp)
- bicl3 #-65536,r2,-96(fp)
- mull3 r0,-92(fp),-84(fp)
- mull2 r3,-92(fp)
- mull3 r3,-96(fp),-88(fp)
- mull2 r0,-96(fp)
- addl3 -84(fp),-88(fp),r0
- bicl3 #0,r0,-84(fp)
- cmpl -84(fp),-88(fp)
- bgequ noname.65
- addl2 #65536,-96(fp)
-noname.65:
- movzwl -82(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-96(fp)
- bicl3 #-65536,-84(fp),r0
- ashl #16,r0,-88(fp)
- addl3 -88(fp),-92(fp),r0
- bicl3 #0,r0,-92(fp)
- cmpl -92(fp),-88(fp)
- bgequ noname.66
- incl -96(fp)
-noname.66:
- movl -92(fp),r1
- movl -96(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.67
- incl r2
-noname.67:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.68
- incl r8
-noname.68:
-
- movl r10,8(r11)
-
- clrl r10
-
- movzwl 2(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-108(fp)
- bicl3 #-65536,r2,-112(fp)
- mull3 r0,-108(fp),-100(fp)
- mull2 r3,-108(fp)
- mull3 r3,-112(fp),-104(fp)
- mull2 r0,-112(fp)
- addl3 -100(fp),-104(fp),r0
- bicl3 #0,r0,-100(fp)
- cmpl -100(fp),-104(fp)
- bgequ noname.69
- addl2 #65536,-112(fp)
-noname.69:
- movzwl -98(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-112(fp)
- bicl3 #-65536,-100(fp),r0
- ashl #16,r0,-104(fp)
- addl3 -104(fp),-108(fp),r0
- bicl3 #0,r0,-108(fp)
- cmpl -108(fp),-104(fp)
- bgequ noname.70
- incl -112(fp)
-noname.70:
- movl -108(fp),r1
- movl -112(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.71
- incl r2
-noname.71:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.72
- incl r10
-noname.72:
-
- movzwl 6(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-124(fp)
- bicl3 #-65536,r2,-128(fp)
- mull3 r0,-124(fp),-116(fp)
- mull2 r3,-124(fp)
- mull3 r3,-128(fp),-120(fp)
- mull2 r0,-128(fp)
- addl3 -116(fp),-120(fp),r0
- bicl3 #0,r0,-116(fp)
- cmpl -116(fp),-120(fp)
- bgequ noname.73
- addl2 #65536,-128(fp)
-noname.73:
- movzwl -114(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-128(fp)
- bicl3 #-65536,-116(fp),r0
- ashl #16,r0,-120(fp)
- addl3 -120(fp),-124(fp),r0
- bicl3 #0,r0,-124(fp)
- cmpl -124(fp),-120(fp)
- bgequ noname.74
- incl -128(fp)
-noname.74:
- movl -124(fp),r1
- movl -128(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.75
- incl r2
-noname.75:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.76
- incl r10
-noname.76:
-
- movzwl 10(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-140(fp)
- bicl3 #-65536,r2,-144(fp)
- mull3 r0,-140(fp),-132(fp)
- mull2 r3,-140(fp)
- mull3 r3,-144(fp),-136(fp)
- mull2 r0,-144(fp)
- addl3 -132(fp),-136(fp),r0
- bicl3 #0,r0,-132(fp)
- cmpl -132(fp),-136(fp)
- bgequ noname.77
- addl2 #65536,-144(fp)
-noname.77:
- movzwl -130(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-144(fp)
- bicl3 #-65536,-132(fp),r0
- ashl #16,r0,-136(fp)
- addl3 -136(fp),-140(fp),r0
- bicl3 #0,r0,-140(fp)
- cmpl -140(fp),-136(fp)
- bgequ noname.78
- incl -144(fp)
-noname.78:
- movl -140(fp),r1
- movl -144(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.79
- incl r2
-noname.79:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.80
- incl r10
-noname.80:
-
- movzwl 14(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-156(fp)
- bicl3 #-65536,r2,-160(fp)
- mull3 r0,-156(fp),-148(fp)
- mull2 r3,-156(fp)
- mull3 r3,-160(fp),-152(fp)
- mull2 r0,-160(fp)
- addl3 -148(fp),-152(fp),r0
- bicl3 #0,r0,-148(fp)
- cmpl -148(fp),-152(fp)
- bgequ noname.81
- addl2 #65536,-160(fp)
-noname.81:
- movzwl -146(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-160(fp)
- bicl3 #-65536,-148(fp),r0
- ashl #16,r0,-152(fp)
- addl3 -152(fp),-156(fp),r0
- bicl3 #0,r0,-156(fp)
- cmpl -156(fp),-152(fp)
- bgequ noname.82
- incl -160(fp)
-noname.82:
- movl -156(fp),r1
- movl -160(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.83
- incl r2
-noname.83:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.84
- incl r10
-noname.84:
-
- movl r9,12(r11)
-
- clrl r9
-
- movzwl 18(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-172(fp)
- bicl3 #-65536,r2,-176(fp)
- mull3 r0,-172(fp),-164(fp)
- mull2 r3,-172(fp)
- mull3 r3,-176(fp),-168(fp)
- mull2 r0,-176(fp)
- addl3 -164(fp),-168(fp),r0
- bicl3 #0,r0,-164(fp)
- cmpl -164(fp),-168(fp)
- bgequ noname.85
- addl2 #65536,-176(fp)
-noname.85:
- movzwl -162(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-176(fp)
- bicl3 #-65536,-164(fp),r0
- ashl #16,r0,-168(fp)
- addl3 -168(fp),-172(fp),r0
- bicl3 #0,r0,-172(fp)
- cmpl -172(fp),-168(fp)
- bgequ noname.86
- incl -176(fp)
-noname.86:
- movl -172(fp),r1
- movl -176(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.87
- incl r2
-noname.87:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.88
- incl r9
-noname.88:
-
- movzwl 14(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-188(fp)
- bicl3 #-65536,r2,-192(fp)
- mull3 r0,-188(fp),-180(fp)
- mull2 r3,-188(fp)
- mull3 r3,-192(fp),-184(fp)
- mull2 r0,-192(fp)
- addl3 -180(fp),-184(fp),r0
- bicl3 #0,r0,-180(fp)
- cmpl -180(fp),-184(fp)
- bgequ noname.89
- addl2 #65536,-192(fp)
-noname.89:
- movzwl -178(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-192(fp)
- bicl3 #-65536,-180(fp),r0
- ashl #16,r0,-184(fp)
- addl3 -184(fp),-188(fp),r0
- bicl3 #0,r0,-188(fp)
- cmpl -188(fp),-184(fp)
- bgequ noname.90
- incl -192(fp)
-noname.90:
- movl -188(fp),r1
- movl -192(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.91
- incl r2
-noname.91:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.92
- incl r9
-noname.92:
-
- movzwl 10(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-204(fp)
- bicl3 #-65536,r2,-208(fp)
- mull3 r0,-204(fp),-196(fp)
- mull2 r3,-204(fp)
- mull3 r3,-208(fp),-200(fp)
- mull2 r0,-208(fp)
- addl3 -196(fp),-200(fp),r0
- bicl3 #0,r0,-196(fp)
- cmpl -196(fp),-200(fp)
- bgequ noname.93
- addl2 #65536,-208(fp)
-noname.93:
- movzwl -194(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-208(fp)
- bicl3 #-65536,-196(fp),r0
- ashl #16,r0,-200(fp)
- addl3 -200(fp),-204(fp),r0
- bicl3 #0,r0,-204(fp)
- cmpl -204(fp),-200(fp)
- bgequ noname.94
- incl -208(fp)
-noname.94:
- movl -204(fp),r1
- movl -208(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.95
- incl r2
-noname.95:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.96
- incl r9
-noname.96:
-
- movzwl 6(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-220(fp)
- bicl3 #-65536,r2,-224(fp)
- mull3 r0,-220(fp),-212(fp)
- mull2 r3,-220(fp)
- mull3 r3,-224(fp),-216(fp)
- mull2 r0,-224(fp)
- addl3 -212(fp),-216(fp),r0
- bicl3 #0,r0,-212(fp)
- cmpl -212(fp),-216(fp)
- bgequ noname.97
- addl2 #65536,-224(fp)
-noname.97:
- movzwl -210(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-224(fp)
- bicl3 #-65536,-212(fp),r0
- ashl #16,r0,-216(fp)
- addl3 -216(fp),-220(fp),r0
- bicl3 #0,r0,-220(fp)
- cmpl -220(fp),-216(fp)
- bgequ noname.98
- incl -224(fp)
-noname.98:
- movl -220(fp),r1
- movl -224(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.99
- incl r2
-noname.99:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.100
- incl r9
-noname.100:
-
- movzwl 2(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-236(fp)
- bicl3 #-65536,r2,-240(fp)
- mull3 r0,-236(fp),-228(fp)
- mull2 r3,-236(fp)
- mull3 r3,-240(fp),-232(fp)
- mull2 r0,-240(fp)
- addl3 -228(fp),-232(fp),r0
- bicl3 #0,r0,-228(fp)
- cmpl -228(fp),-232(fp)
- bgequ noname.101
- addl2 #65536,-240(fp)
-noname.101:
- movzwl -226(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-240(fp)
- bicl3 #-65536,-228(fp),r0
- ashl #16,r0,-232(fp)
- addl3 -232(fp),-236(fp),r0
- bicl3 #0,r0,-236(fp)
- cmpl -236(fp),-232(fp)
- bgequ noname.102
- incl -240(fp)
-noname.102:
- movl -236(fp),r1
- movl -240(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.103
- incl r2
-noname.103:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.104
- incl r9
-noname.104:
-
- movl r8,16(r11)
-
- clrl r8
-
- movzwl 2(r6),r2
- bicl3 #-65536,20(r7),r3
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-252(fp)
- bicl3 #-65536,r2,-256(fp)
- mull3 r0,-252(fp),-244(fp)
- mull2 r3,-252(fp)
- mull3 r3,-256(fp),-248(fp)
- mull2 r0,-256(fp)
- addl3 -244(fp),-248(fp),r0
- bicl3 #0,r0,-244(fp)
- cmpl -244(fp),-248(fp)
- bgequ noname.105
- addl2 #65536,-256(fp)
-noname.105:
- movzwl -242(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-256(fp)
- bicl3 #-65536,-244(fp),r0
- ashl #16,r0,-248(fp)
- addl3 -248(fp),-252(fp),r0
- bicl3 #0,r0,-252(fp)
- cmpl -252(fp),-248(fp)
- bgequ noname.106
- incl -256(fp)
-noname.106:
- movl -252(fp),r1
- movl -256(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.107
- incl r2
-noname.107:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.108
- incl r8
-noname.108:
-
- movzwl 6(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-268(fp)
- bicl3 #-65536,r2,-272(fp)
- mull3 r0,-268(fp),-260(fp)
- mull2 r3,-268(fp)
- mull3 r3,-272(fp),-264(fp)
- mull2 r0,-272(fp)
- addl3 -260(fp),-264(fp),r0
- bicl3 #0,r0,-260(fp)
- cmpl -260(fp),-264(fp)
- bgequ noname.109
- addl2 #65536,-272(fp)
-noname.109:
- movzwl -258(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-272(fp)
- bicl3 #-65536,-260(fp),r0
- ashl #16,r0,-264(fp)
- addl3 -264(fp),-268(fp),r0
- bicl3 #0,r0,-268(fp)
- cmpl -268(fp),-264(fp)
- bgequ noname.110
- incl -272(fp)
-noname.110:
- movl -268(fp),r1
- movl -272(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.111
- incl r2
-noname.111:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.112
- incl r8
-noname.112:
-
- movzwl 10(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-284(fp)
- bicl3 #-65536,r2,-288(fp)
- mull3 r0,-284(fp),-276(fp)
- mull2 r3,-284(fp)
- mull3 r3,-288(fp),-280(fp)
- mull2 r0,-288(fp)
- addl3 -276(fp),-280(fp),r0
- bicl3 #0,r0,-276(fp)
- cmpl -276(fp),-280(fp)
- bgequ noname.113
- addl2 #65536,-288(fp)
-noname.113:
- movzwl -274(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-288(fp)
- bicl3 #-65536,-276(fp),r0
- ashl #16,r0,-280(fp)
- addl3 -280(fp),-284(fp),r0
- bicl3 #0,r0,-284(fp)
- cmpl -284(fp),-280(fp)
- bgequ noname.114
- incl -288(fp)
-noname.114:
- movl -284(fp),r1
- movl -288(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.115
- incl r2
-noname.115:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.116
- incl r8
-noname.116:
-
- movzwl 14(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-300(fp)
- bicl3 #-65536,r2,-304(fp)
- mull3 r0,-300(fp),-292(fp)
- mull2 r3,-300(fp)
- mull3 r3,-304(fp),-296(fp)
- mull2 r0,-304(fp)
- addl3 -292(fp),-296(fp),r0
- bicl3 #0,r0,-292(fp)
- cmpl -292(fp),-296(fp)
- bgequ noname.117
- addl2 #65536,-304(fp)
-noname.117:
- movzwl -290(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-304(fp)
- bicl3 #-65536,-292(fp),r0
- ashl #16,r0,-296(fp)
- addl3 -296(fp),-300(fp),r0
- bicl3 #0,r0,-300(fp)
- cmpl -300(fp),-296(fp)
- bgequ noname.118
- incl -304(fp)
-noname.118:
- movl -300(fp),r1
- movl -304(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.119
- incl r2
-noname.119:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.120
- incl r8
-noname.120:
-
- movzwl 18(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-316(fp)
- bicl3 #-65536,r2,-320(fp)
- mull3 r0,-316(fp),-308(fp)
- mull2 r3,-316(fp)
- mull3 r3,-320(fp),-312(fp)
- mull2 r0,-320(fp)
- addl3 -308(fp),-312(fp),r0
- bicl3 #0,r0,-308(fp)
- cmpl -308(fp),-312(fp)
- bgequ noname.121
- addl2 #65536,-320(fp)
-noname.121:
- movzwl -306(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-320(fp)
- bicl3 #-65536,-308(fp),r0
- ashl #16,r0,-312(fp)
- addl3 -312(fp),-316(fp),r0
- bicl3 #0,r0,-316(fp)
- cmpl -316(fp),-312(fp)
- bgequ noname.122
- incl -320(fp)
-noname.122:
- movl -316(fp),r1
- movl -320(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.123
- incl r2
-
-noname.123:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.124
- incl r8
-noname.124:
-
- movzwl 22(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-332(fp)
- bicl3 #-65536,r2,-336(fp)
- mull3 r0,-332(fp),-324(fp)
- mull2 r3,-332(fp)
- mull3 r3,-336(fp),-328(fp)
- mull2 r0,-336(fp)
- addl3 -324(fp),-328(fp),r0
- bicl3 #0,r0,-324(fp)
- cmpl -324(fp),-328(fp)
- bgequ noname.125
- addl2 #65536,-336(fp)
-noname.125:
- movzwl -322(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-336(fp)
- bicl3 #-65536,-324(fp),r0
- ashl #16,r0,-328(fp)
- addl3 -328(fp),-332(fp),r0
- bicl3 #0,r0,-332(fp)
- cmpl -332(fp),-328(fp)
- bgequ noname.126
- incl -336(fp)
-noname.126:
- movl -332(fp),r1
- movl -336(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.127
- incl r2
-noname.127:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.128
- incl r8
-noname.128:
-
- movl r10,20(r11)
-
- clrl r10
-
- movzwl 26(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,24(r6),-348(fp)
- bicl3 #-65536,r2,-352(fp)
- mull3 r0,-348(fp),-340(fp)
- mull2 r3,-348(fp)
- mull3 r3,-352(fp),-344(fp)
- mull2 r0,-352(fp)
- addl3 -340(fp),-344(fp),r0
- bicl3 #0,r0,-340(fp)
- cmpl -340(fp),-344(fp)
- bgequ noname.129
- addl2 #65536,-352(fp)
-noname.129:
- movzwl -338(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-352(fp)
- bicl3 #-65536,-340(fp),r0
- ashl #16,r0,-344(fp)
- addl3 -344(fp),-348(fp),r0
- bicl3 #0,r0,-348(fp)
- cmpl -348(fp),-344(fp)
- bgequ noname.130
- incl -352(fp)
-noname.130:
- movl -348(fp),r1
- movl -352(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.131
- incl r2
-noname.131:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.132
- incl r10
-noname.132:
-
- movzwl 22(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-364(fp)
- bicl3 #-65536,r2,-368(fp)
- mull3 r0,-364(fp),-356(fp)
- mull2 r3,-364(fp)
- mull3 r3,-368(fp),-360(fp)
- mull2 r0,-368(fp)
- addl3 -356(fp),-360(fp),r0
- bicl3 #0,r0,-356(fp)
- cmpl -356(fp),-360(fp)
- bgequ noname.133
- addl2 #65536,-368(fp)
-noname.133:
- movzwl -354(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-368(fp)
- bicl3 #-65536,-356(fp),r0
- ashl #16,r0,-360(fp)
- addl3 -360(fp),-364(fp),r0
- bicl3 #0,r0,-364(fp)
- cmpl -364(fp),-360(fp)
- bgequ noname.134
- incl -368(fp)
-noname.134:
- movl -364(fp),r1
- movl -368(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.135
- incl r2
-noname.135:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.136
- incl r10
-noname.136:
-
- movzwl 18(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-380(fp)
- bicl3 #-65536,r2,-384(fp)
- mull3 r0,-380(fp),-372(fp)
- mull2 r3,-380(fp)
- mull3 r3,-384(fp),-376(fp)
- mull2 r0,-384(fp)
- addl3 -372(fp),-376(fp),r0
- bicl3 #0,r0,-372(fp)
- cmpl -372(fp),-376(fp)
- bgequ noname.137
- addl2 #65536,-384(fp)
-noname.137:
- movzwl -370(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-384(fp)
- bicl3 #-65536,-372(fp),r0
- ashl #16,r0,-376(fp)
- addl3 -376(fp),-380(fp),r0
- bicl3 #0,r0,-380(fp)
- cmpl -380(fp),-376(fp)
- bgequ noname.138
- incl -384(fp)
-noname.138:
- movl -380(fp),r1
- movl -384(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.139
- incl r2
-noname.139:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.140
- incl r10
-noname.140:
-
- movzwl 14(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-396(fp)
- bicl3 #-65536,r2,-400(fp)
- mull3 r0,-396(fp),-388(fp)
- mull2 r3,-396(fp)
- mull3 r3,-400(fp),-392(fp)
- mull2 r0,-400(fp)
- addl3 -388(fp),-392(fp),r0
- bicl3 #0,r0,-388(fp)
- cmpl -388(fp),-392(fp)
- bgequ noname.141
- addl2 #65536,-400(fp)
-noname.141:
- movzwl -386(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-400(fp)
- bicl3 #-65536,-388(fp),r0
- ashl #16,r0,-392(fp)
- addl3 -392(fp),-396(fp),r0
- bicl3 #0,r0,-396(fp)
- cmpl -396(fp),-392(fp)
- bgequ noname.142
- incl -400(fp)
-noname.142:
- movl -396(fp),r1
- movl -400(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.143
- incl r2
-noname.143:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.144
- incl r10
-noname.144:
-
- movzwl 10(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-412(fp)
- bicl3 #-65536,r2,-416(fp)
- mull3 r0,-412(fp),-404(fp)
- mull2 r3,-412(fp)
- mull3 r3,-416(fp),-408(fp)
- mull2 r0,-416(fp)
- addl3 -404(fp),-408(fp),r0
- bicl3 #0,r0,-404(fp)
- cmpl -404(fp),-408(fp)
- bgequ noname.145
- addl2 #65536,-416(fp)
-noname.145:
- movzwl -402(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-416(fp)
- bicl3 #-65536,-404(fp),r0
- ashl #16,r0,-408(fp)
- addl3 -408(fp),-412(fp),r0
- bicl3 #0,r0,-412(fp)
- cmpl -412(fp),-408(fp)
- bgequ noname.146
- incl -416(fp)
-noname.146:
- movl -412(fp),r1
- movl -416(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.147
- incl r2
-noname.147:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.148
- incl r10
-noname.148:
-
- movzwl 6(r6),r2
- bicl3 #-65536,20(r7),r3
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-428(fp)
- bicl3 #-65536,r2,-432(fp)
- mull3 r0,-428(fp),-420(fp)
- mull2 r3,-428(fp)
- mull3 r3,-432(fp),-424(fp)
- mull2 r0,-432(fp)
- addl3 -420(fp),-424(fp),r0
- bicl3 #0,r0,-420(fp)
- cmpl -420(fp),-424(fp)
- bgequ noname.149
- addl2 #65536,-432(fp)
-noname.149:
- movzwl -418(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-432(fp)
- bicl3 #-65536,-420(fp),r0
- ashl #16,r0,-424(fp)
- addl3 -424(fp),-428(fp),r0
- bicl3 #0,r0,-428(fp)
- cmpl -428(fp),-424(fp)
- bgequ noname.150
- incl -432(fp)
-noname.150:
- movl -428(fp),r1
- movl -432(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.151
- incl r2
-noname.151:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.152
- incl r10
-noname.152:
-
- movzwl 2(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-444(fp)
- bicl3 #-65536,r2,-448(fp)
- mull3 r0,-444(fp),-436(fp)
- mull2 r3,-444(fp)
- mull3 r3,-448(fp),-440(fp)
- mull2 r0,-448(fp)
- addl3 -436(fp),-440(fp),r0
- bicl3 #0,r0,-436(fp)
- cmpl -436(fp),-440(fp)
- bgequ noname.153
- addl2 #65536,-448(fp)
-noname.153:
- movzwl -434(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-448(fp)
- bicl3 #-65536,-436(fp),r0
- ashl #16,r0,-440(fp)
- addl3 -440(fp),-444(fp),r0
- bicl3 #0,r0,-444(fp)
- cmpl -444(fp),-440(fp)
- bgequ noname.154
- incl -448(fp)
-noname.154:
- movl -444(fp),r1
- movl -448(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.155
- incl r2
-noname.155:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.156
- incl r10
-noname.156:
-
- movl r9,24(r11)
-
- clrl r9
-
- movzwl 2(r6),r2
- bicl3 #-65536,28(r7),r3
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,(r6),-460(fp)
- bicl3 #-65536,r2,-464(fp)
- mull3 r0,-460(fp),-452(fp)
- mull2 r3,-460(fp)
- mull3 r3,-464(fp),-456(fp)
- mull2 r0,-464(fp)
- addl3 -452(fp),-456(fp),r0
- bicl3 #0,r0,-452(fp)
- cmpl -452(fp),-456(fp)
- bgequ noname.157
- addl2 #65536,-464(fp)
-noname.157:
- movzwl -450(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-464(fp)
- bicl3 #-65536,-452(fp),r0
- ashl #16,r0,-456(fp)
- addl3 -456(fp),-460(fp),r0
- bicl3 #0,r0,-460(fp)
- cmpl -460(fp),-456(fp)
- bgequ noname.158
- incl -464(fp)
-noname.158:
- movl -460(fp),r1
- movl -464(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.159
- incl r2
-noname.159:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.160
- incl r9
-noname.160:
-
- movzwl 6(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-476(fp)
- bicl3 #-65536,r2,-480(fp)
- mull3 r0,-476(fp),-468(fp)
- mull2 r3,-476(fp)
- mull3 r3,-480(fp),-472(fp)
- mull2 r0,-480(fp)
- addl3 -468(fp),-472(fp),r0
- bicl3 #0,r0,-468(fp)
- cmpl -468(fp),-472(fp)
- bgequ noname.161
- addl2 #65536,-480(fp)
-noname.161:
- movzwl -466(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-480(fp)
- bicl3 #-65536,-468(fp),r0
- ashl #16,r0,-472(fp)
- addl3 -472(fp),-476(fp),r0
- bicl3 #0,r0,-476(fp)
- cmpl -476(fp),-472(fp)
- bgequ noname.162
- incl -480(fp)
-noname.162:
- movl -476(fp),r1
- movl -480(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.163
- incl r2
-noname.163:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.164
- incl r9
-noname.164:
-
- movzwl 10(r6),r2
- bicl3 #-65536,20(r7),r3
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-492(fp)
- bicl3 #-65536,r2,-496(fp)
- mull3 r0,-492(fp),-484(fp)
- mull2 r3,-492(fp)
- mull3 r3,-496(fp),-488(fp)
- mull2 r0,-496(fp)
- addl3 -484(fp),-488(fp),r0
- bicl3 #0,r0,-484(fp)
- cmpl -484(fp),-488(fp)
- bgequ noname.165
- addl2 #65536,-496(fp)
-noname.165:
- movzwl -482(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-496(fp)
- bicl3 #-65536,-484(fp),r0
- ashl #16,r0,-488(fp)
- addl3 -488(fp),-492(fp),r0
- bicl3 #0,r0,-492(fp)
- cmpl -492(fp),-488(fp)
- bgequ noname.166
- incl -496(fp)
-noname.166:
- movl -492(fp),r1
- movl -496(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.167
- incl r2
-noname.167:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.168
- incl r9
-noname.168:
-
- movzwl 14(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-508(fp)
- bicl3 #-65536,r2,-512(fp)
- mull3 r0,-508(fp),-500(fp)
- mull2 r3,-508(fp)
- mull3 r3,-512(fp),-504(fp)
- mull2 r0,-512(fp)
- addl3 -500(fp),-504(fp),r0
- bicl3 #0,r0,-500(fp)
- cmpl -500(fp),-504(fp)
- bgequ noname.169
- addl2 #65536,-512(fp)
-noname.169:
- movzwl -498(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-512(fp)
- bicl3 #-65536,-500(fp),r0
- ashl #16,r0,-504(fp)
- addl3 -504(fp),-508(fp),r0
- bicl3 #0,r0,-508(fp)
- cmpl -508(fp),-504(fp)
- bgequ noname.170
- incl -512(fp)
-noname.170:
- movl -508(fp),r1
- movl -512(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.171
- incl r2
-noname.171:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.172
- incl r9
-noname.172:
-
- movzwl 18(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-524(fp)
- bicl3 #-65536,r2,-528(fp)
- mull3 r0,-524(fp),-516(fp)
- mull2 r3,-524(fp)
- mull3 r3,-528(fp),-520(fp)
- mull2 r0,-528(fp)
- addl3 -516(fp),-520(fp),r0
- bicl3 #0,r0,-516(fp)
- cmpl -516(fp),-520(fp)
- bgequ noname.173
- addl2 #65536,-528(fp)
-noname.173:
- movzwl -514(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-528(fp)
- bicl3 #-65536,-516(fp),r0
- ashl #16,r0,-520(fp)
- addl3 -520(fp),-524(fp),r0
- bicl3 #0,r0,-524(fp)
- cmpl -524(fp),-520(fp)
- bgequ noname.174
- incl -528(fp)
-noname.174:
- movl -524(fp),r1
- movl -528(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.175
- incl r2
-noname.175:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.176
- incl r9
-noname.176:
-
- movzwl 22(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-540(fp)
- bicl3 #-65536,r2,-544(fp)
- mull3 r0,-540(fp),-532(fp)
- mull2 r3,-540(fp)
- mull3 r3,-544(fp),-536(fp)
- mull2 r0,-544(fp)
- addl3 -532(fp),-536(fp),r0
- bicl3 #0,r0,-532(fp)
- cmpl -532(fp),-536(fp)
- bgequ noname.177
- addl2 #65536,-544(fp)
-noname.177:
- movzwl -530(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-544(fp)
- bicl3 #-65536,-532(fp),r0
- ashl #16,r0,-536(fp)
- addl3 -536(fp),-540(fp),r0
- bicl3 #0,r0,-540(fp)
- cmpl -540(fp),-536(fp)
- bgequ noname.178
- incl -544(fp)
-noname.178:
- movl -540(fp),r1
- movl -544(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.179
- incl r2
-noname.179:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.180
- incl r9
-noname.180:
-
- movzwl 26(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,24(r6),-556(fp)
- bicl3 #-65536,r2,-560(fp)
- mull3 r0,-556(fp),-548(fp)
- mull2 r3,-556(fp)
- mull3 r3,-560(fp),-552(fp)
- mull2 r0,-560(fp)
- addl3 -548(fp),-552(fp),r0
- bicl3 #0,r0,-548(fp)
- cmpl -548(fp),-552(fp)
- bgequ noname.181
- addl2 #65536,-560(fp)
-noname.181:
- movzwl -546(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-560(fp)
- bicl3 #-65536,-548(fp),r0
- ashl #16,r0,-552(fp)
- addl3 -552(fp),-556(fp),r0
- bicl3 #0,r0,-556(fp)
- cmpl -556(fp),-552(fp)
- bgequ noname.182
- incl -560(fp)
-noname.182:
- movl -556(fp),r1
- movl -560(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.183
- incl r2
-noname.183:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.184
- incl r9
-noname.184:
-
- movzwl 30(r6),r2
- bicl3 #-65536,(r7),r3
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,28(r6),-572(fp)
- bicl3 #-65536,r2,-576(fp)
- mull3 r0,-572(fp),-564(fp)
- mull2 r3,-572(fp)
- mull3 r3,-576(fp),-568(fp)
- mull2 r0,-576(fp)
- addl3 -564(fp),-568(fp),r0
- bicl3 #0,r0,-564(fp)
- cmpl -564(fp),-568(fp)
- bgequ noname.185
- addl2 #65536,-576(fp)
-noname.185:
- movzwl -562(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-576(fp)
- bicl3 #-65536,-564(fp),r0
- ashl #16,r0,-568(fp)
- addl3 -568(fp),-572(fp),r0
- bicl3 #0,r0,-572(fp)
- cmpl -572(fp),-568(fp)
- bgequ noname.186
- incl -576(fp)
-noname.186:
- movl -572(fp),r1
- movl -576(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.187
- incl r2
-noname.187:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.188
- incl r9
-noname.188:
-
- movl r8,28(r11)
-
- clrl r8
-
- movzwl 30(r6),r2
- bicl3 #-65536,4(r7),r3
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,28(r6),-588(fp)
- bicl3 #-65536,r2,-592(fp)
- mull3 r0,-588(fp),-580(fp)
- mull2 r3,-588(fp)
- mull3 r3,-592(fp),-584(fp)
- mull2 r0,-592(fp)
- addl3 -580(fp),-584(fp),r0
- bicl3 #0,r0,-580(fp)
- cmpl -580(fp),-584(fp)
- bgequ noname.189
- addl2 #65536,-592(fp)
-noname.189:
- movzwl -578(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-592(fp)
- bicl3 #-65536,-580(fp),r0
- ashl #16,r0,-584(fp)
- addl3 -584(fp),-588(fp),r0
- bicl3 #0,r0,-588(fp)
- cmpl -588(fp),-584(fp)
- bgequ noname.190
- incl -592(fp)
-noname.190:
- movl -588(fp),r1
- movl -592(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.191
- incl r2
-noname.191:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.192
- incl r8
-noname.192:
-
- movzwl 26(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,24(r6),-604(fp)
- bicl3 #-65536,r2,-608(fp)
- mull3 r0,-604(fp),-596(fp)
- mull2 r3,-604(fp)
- mull3 r3,-608(fp),-600(fp)
- mull2 r0,-608(fp)
- addl3 -596(fp),-600(fp),r0
- bicl3 #0,r0,-596(fp)
- cmpl -596(fp),-600(fp)
- bgequ noname.193
- addl2 #65536,-608(fp)
-noname.193:
- movzwl -594(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-608(fp)
- bicl3 #-65536,-596(fp),r0
- ashl #16,r0,-600(fp)
- addl3 -600(fp),-604(fp),r0
- bicl3 #0,r0,-604(fp)
- cmpl -604(fp),-600(fp)
- bgequ noname.194
- incl -608(fp)
-noname.194:
- movl -604(fp),r1
- movl -608(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.195
- incl r2
-noname.195:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.196
- incl r8
-noname.196:
-
- movzwl 22(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-620(fp)
- bicl3 #-65536,r2,-624(fp)
- mull3 r0,-620(fp),-612(fp)
- mull2 r3,-620(fp)
- mull3 r3,-624(fp),-616(fp)
- mull2 r0,-624(fp)
- addl3 -612(fp),-616(fp),r0
- bicl3 #0,r0,-612(fp)
- cmpl -612(fp),-616(fp)
- bgequ noname.197
- addl2 #65536,-624(fp)
-noname.197:
- movzwl -610(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-624(fp)
- bicl3 #-65536,-612(fp),r0
- ashl #16,r0,-616(fp)
- addl3 -616(fp),-620(fp),r0
- bicl3 #0,r0,-620(fp)
- cmpl -620(fp),-616(fp)
- bgequ noname.198
- incl -624(fp)
-noname.198:
- movl -620(fp),r1
- movl -624(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.199
- incl r2
-noname.199:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.200
- incl r8
-noname.200:
-
- movzwl 18(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-636(fp)
- bicl3 #-65536,r2,-640(fp)
- mull3 r0,-636(fp),-628(fp)
- mull2 r3,-636(fp)
- mull3 r3,-640(fp),-632(fp)
- mull2 r0,-640(fp)
- addl3 -628(fp),-632(fp),r0
- bicl3 #0,r0,-628(fp)
- cmpl -628(fp),-632(fp)
- bgequ noname.201
- addl2 #65536,-640(fp)
-noname.201:
- movzwl -626(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-640(fp)
- bicl3 #-65536,-628(fp),r0
- ashl #16,r0,-632(fp)
- addl3 -632(fp),-636(fp),r0
- bicl3 #0,r0,-636(fp)
- cmpl -636(fp),-632(fp)
- bgequ noname.202
- incl -640(fp)
-noname.202:
- movl -636(fp),r1
- movl -640(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.203
- incl r2
-noname.203:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.204
- incl r8
-noname.204:
-
- movzwl 14(r6),r2
- bicl3 #-65536,20(r7),r3
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-652(fp)
- bicl3 #-65536,r2,-656(fp)
- mull3 r0,-652(fp),-644(fp)
- mull2 r3,-652(fp)
- mull3 r3,-656(fp),-648(fp)
- mull2 r0,-656(fp)
- addl3 -644(fp),-648(fp),r0
- bicl3 #0,r0,-644(fp)
- cmpl -644(fp),-648(fp)
- bgequ noname.205
- addl2 #65536,-656(fp)
-noname.205:
- movzwl -642(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-656(fp)
- bicl3 #-65536,-644(fp),r0
- ashl #16,r0,-648(fp)
- addl3 -648(fp),-652(fp),r0
- bicl3 #0,r0,-652(fp)
- cmpl -652(fp),-648(fp)
- bgequ noname.206
- incl -656(fp)
-noname.206:
- movl -652(fp),r1
- movl -656(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.207
- incl r2
-noname.207:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.208
- incl r8
-noname.208:
-
- movzwl 10(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-668(fp)
- bicl3 #-65536,r2,-672(fp)
- mull3 r0,-668(fp),-660(fp)
- mull2 r3,-668(fp)
- mull3 r3,-672(fp),-664(fp)
- mull2 r0,-672(fp)
- addl3 -660(fp),-664(fp),r0
- bicl3 #0,r0,-660(fp)
- cmpl -660(fp),-664(fp)
- bgequ noname.209
- addl2 #65536,-672(fp)
-noname.209:
- movzwl -658(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-672(fp)
- bicl3 #-65536,-660(fp),r0
- ashl #16,r0,-664(fp)
- addl3 -664(fp),-668(fp),r0
- bicl3 #0,r0,-668(fp)
- cmpl -668(fp),-664(fp)
- bgequ noname.210
- incl -672(fp)
-noname.210:
- movl -668(fp),r1
- movl -672(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.211
- incl r2
-noname.211:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.212
- incl r8
-noname.212:
-
- movzwl 6(r6),r2
- bicl3 #-65536,28(r7),r3
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-684(fp)
- bicl3 #-65536,r2,-688(fp)
- mull3 r0,-684(fp),-676(fp)
- mull2 r3,-684(fp)
- mull3 r3,-688(fp),-680(fp)
- mull2 r0,-688(fp)
- addl3 -676(fp),-680(fp),r0
- bicl3 #0,r0,-676(fp)
- cmpl -676(fp),-680(fp)
- bgequ noname.213
- addl2 #65536,-688(fp)
-noname.213:
- movzwl -674(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-688(fp)
- bicl3 #-65536,-676(fp),r0
- ashl #16,r0,-680(fp)
- addl3 -680(fp),-684(fp),r0
- bicl3 #0,r0,-684(fp)
- cmpl -684(fp),-680(fp)
- bgequ noname.214
- incl -688(fp)
-noname.214:
- movl -684(fp),r1
- movl -688(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.215
- incl r2
-noname.215:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.216
- incl r8
-noname.216:
-
- movl r10,32(r11)
-
- clrl r10
-
- movzwl 10(r6),r2
- bicl3 #-65536,28(r7),r3
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r6),-700(fp)
- bicl3 #-65536,r2,-704(fp)
- mull3 r0,-700(fp),-692(fp)
- mull2 r3,-700(fp)
- mull3 r3,-704(fp),-696(fp)
- mull2 r0,-704(fp)
- addl3 -692(fp),-696(fp),r0
- bicl3 #0,r0,-692(fp)
- cmpl -692(fp),-696(fp)
- bgequ noname.217
- addl2 #65536,-704(fp)
-noname.217:
- movzwl -690(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-704(fp)
- bicl3 #-65536,-692(fp),r0
- ashl #16,r0,-696(fp)
- addl3 -696(fp),-700(fp),r0
- bicl3 #0,r0,-700(fp)
- cmpl -700(fp),-696(fp)
- bgequ noname.218
- incl -704(fp)
-noname.218:
- movl -700(fp),r1
- movl -704(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.219
- incl r2
-noname.219:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.220
- incl r10
-noname.220:
-
- movzwl 14(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-716(fp)
- bicl3 #-65536,r2,-720(fp)
- mull3 r0,-716(fp),-708(fp)
- mull2 r3,-716(fp)
- mull3 r3,-720(fp),-712(fp)
- mull2 r0,-720(fp)
- addl3 -708(fp),-712(fp),r0
- bicl3 #0,r0,-708(fp)
- cmpl -708(fp),-712(fp)
- bgequ noname.221
- addl2 #65536,-720(fp)
-noname.221:
- movzwl -706(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-720(fp)
- bicl3 #-65536,-708(fp),r0
- ashl #16,r0,-712(fp)
- addl3 -712(fp),-716(fp),r0
- bicl3 #0,r0,-716(fp)
- cmpl -716(fp),-712(fp)
- bgequ noname.222
- incl -720(fp)
-noname.222:
- movl -716(fp),r1
- movl -720(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.223
- incl r2
-noname.223:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.224
- incl r10
-noname.224:
-
- movzwl 18(r6),r2
- bicl3 #-65536,20(r7),r3
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r6),-732(fp)
- bicl3 #-65536,r2,-736(fp)
- mull3 r0,-732(fp),-724(fp)
- mull2 r3,-732(fp)
- mull3 r3,-736(fp),-728(fp)
- mull2 r0,-736(fp)
- addl3 -724(fp),-728(fp),r0
- bicl3 #0,r0,-724(fp)
- cmpl -724(fp),-728(fp)
- bgequ noname.225
- addl2 #65536,-736(fp)
-noname.225:
- movzwl -722(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-736(fp)
- bicl3 #-65536,-724(fp),r0
- ashl #16,r0,-728(fp)
- addl3 -728(fp),-732(fp),r0
- bicl3 #0,r0,-732(fp)
- cmpl -732(fp),-728(fp)
- bgequ noname.226
- incl -736(fp)
-noname.226:
- movl -732(fp),r1
- movl -736(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.227
- incl r2
-noname.227:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.228
- incl r10
-noname.228:
-
- movzwl 22(r6),r2
- bicl3 #-65536,16(r7),r3
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-748(fp)
- bicl3 #-65536,r2,-752(fp)
- mull3 r0,-748(fp),-740(fp)
- mull2 r3,-748(fp)
- mull3 r3,-752(fp),-744(fp)
- mull2 r0,-752(fp)
- addl3 -740(fp),-744(fp),r0
- bicl3 #0,r0,-740(fp)
- cmpl -740(fp),-744(fp)
- bgequ noname.229
- addl2 #65536,-752(fp)
-noname.229:
- movzwl -738(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-752(fp)
- bicl3 #-65536,-740(fp),r0
- ashl #16,r0,-744(fp)
- addl3 -744(fp),-748(fp),r0
- bicl3 #0,r0,-748(fp)
- cmpl -748(fp),-744(fp)
- bgequ noname.230
- incl -752(fp)
-noname.230:
- movl -748(fp),r1
- movl -752(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.231
- incl r2
-noname.231:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.232
- incl r10
-noname.232:
-
- movzwl 26(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,24(r6),-764(fp)
- bicl3 #-65536,r2,-768(fp)
- mull3 r0,-764(fp),-756(fp)
- mull2 r3,-764(fp)
- mull3 r3,-768(fp),-760(fp)
- mull2 r0,-768(fp)
- addl3 -756(fp),-760(fp),r0
- bicl3 #0,r0,-756(fp)
- cmpl -756(fp),-760(fp)
- bgequ noname.233
- addl2 #65536,-768(fp)
-noname.233:
- movzwl -754(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-768(fp)
- bicl3 #-65536,-756(fp),r0
- ashl #16,r0,-760(fp)
- addl3 -760(fp),-764(fp),r0
- bicl3 #0,r0,-764(fp)
- cmpl -764(fp),-760(fp)
- bgequ noname.234
- incl -768(fp)
-noname.234:
- movl -764(fp),r1
- movl -768(fp),r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.235
- incl r2
-noname.235:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.236
- incl r10
-noname.236:
-
- bicl3 #-65536,28(r6),r3
- movzwl 30(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r7),r2
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-772(fp)
- mull2 r2,r5
- mull3 r2,r4,-776(fp)
- mull2 r0,r4
- addl3 -772(fp),-776(fp),r0
- bicl3 #0,r0,-772(fp)
- cmpl -772(fp),-776(fp)
- bgequ noname.237
- addl2 #65536,r4
-noname.237:
- movzwl -770(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-772(fp),r0
- ashl #16,r0,-776(fp)
- addl2 -776(fp),r5
- bicl2 #0,r5
- cmpl r5,-776(fp)
- bgequ noname.238
- incl r4
-noname.238:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.239
- incl r2
-noname.239:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.240
- incl r10
-noname.240:
-
- movl r9,36(r11)
-
- clrl r9
-
- bicl3 #-65536,28(r6),r3
- movzwl 30(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r7),r2
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-780(fp)
- mull2 r2,r5
- mull3 r2,r4,-784(fp)
- mull2 r0,r4
- addl3 -780(fp),-784(fp),r0
- bicl3 #0,r0,-780(fp)
- cmpl -780(fp),-784(fp)
- bgequ noname.241
- addl2 #65536,r4
-noname.241:
- movzwl -778(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-780(fp),r0
- ashl #16,r0,-784(fp)
- addl2 -784(fp),r5
- bicl2 #0,r5
- cmpl r5,-784(fp)
- bgequ noname.242
- incl r4
-noname.242:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.243
- incl r2
-noname.243:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.244
- incl r9
-noname.244:
-
- bicl3 #-65536,24(r6),r3
- movzwl 26(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r7),r2
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-788(fp)
- mull2 r2,r5
- mull3 r2,r4,-792(fp)
- mull2 r0,r4
- addl3 -788(fp),-792(fp),r0
- bicl3 #0,r0,-788(fp)
- cmpl -788(fp),-792(fp)
- bgequ noname.245
- addl2 #65536,r4
-noname.245:
- movzwl -786(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-788(fp),r0
- ashl #16,r0,-792(fp)
- addl2 -792(fp),r5
- bicl2 #0,r5
- cmpl r5,-792(fp)
- bgequ noname.246
- incl r4
-noname.246:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.247
- incl r2
-noname.247:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.248
- incl r9
-noname.248:
-
- bicl3 #-65536,20(r6),r3
- movzwl 22(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r7),r2
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-796(fp)
- mull2 r2,r5
- mull3 r2,r4,-800(fp)
- mull2 r0,r4
- addl3 -796(fp),-800(fp),r0
- bicl3 #0,r0,-796(fp)
- cmpl -796(fp),-800(fp)
- bgequ noname.249
- addl2 #65536,r4
-noname.249:
- movzwl -794(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-796(fp),r0
- ashl #16,r0,-800(fp)
- addl2 -800(fp),r5
- bicl2 #0,r5
- cmpl r5,-800(fp)
- bgequ noname.250
- incl r4
-noname.250:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.251
- incl r2
-noname.251:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.252
- incl r9
-noname.252:
-
- bicl3 #-65536,16(r6),r3
- movzwl 18(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,24(r7),r2
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-804(fp)
- mull2 r2,r5
- mull3 r2,r4,-808(fp)
- mull2 r0,r4
- addl3 -804(fp),-808(fp),r0
- bicl3 #0,r0,-804(fp)
- cmpl -804(fp),-808(fp)
- bgequ noname.253
- addl2 #65536,r4
-noname.253:
- movzwl -802(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-804(fp),r0
- ashl #16,r0,-808(fp)
- addl2 -808(fp),r5
- bicl2 #0,r5
- cmpl r5,-808(fp)
- bgequ noname.254
- incl r4
-noname.254:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.255
- incl r2
-noname.255:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.256
- incl r9
-noname.256:
-
- bicl3 #-65536,12(r6),r3
- movzwl 14(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,28(r7),r2
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-812(fp)
- mull2 r2,r5
- mull3 r2,r4,-816(fp)
- mull2 r0,r4
- addl3 -812(fp),-816(fp),r0
- bicl3 #0,r0,-812(fp)
- cmpl -812(fp),-816(fp)
- bgequ noname.257
- addl2 #65536,r4
-noname.257:
- movzwl -810(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-812(fp),r0
- ashl #16,r0,-816(fp)
- addl2 -816(fp),r5
- bicl2 #0,r5
- cmpl r5,-816(fp)
- bgequ noname.258
- incl r4
-noname.258:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.259
- incl r2
-noname.259:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.260
- incl r9
-noname.260:
-
- movl r8,40(r11)
-
- clrl r8
-
- bicl3 #-65536,16(r6),r3
- movzwl 18(r6),r2
- bicl3 #-65536,28(r7),r1
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- movl r3,r4
- bicl3 #-65536,r2,-828(fp)
- mull3 r0,r4,-820(fp)
- mull2 r1,r4
- mull3 r1,-828(fp),-824(fp)
- mull2 r0,-828(fp)
- addl3 -820(fp),-824(fp),r0
- bicl3 #0,r0,-820(fp)
- cmpl -820(fp),-824(fp)
- bgequ noname.261
- addl2 #65536,-828(fp)
-noname.261:
- movzwl -818(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-828(fp)
- bicl3 #-65536,-820(fp),r0
- ashl #16,r0,-824(fp)
- addl2 -824(fp),r4
- bicl2 #0,r4
- cmpl r4,-824(fp)
- bgequ noname.262
- incl -828(fp)
-noname.262:
- movl r4,r1
- movl -828(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.263
- incl r2
-noname.263:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.264
- incl r8
-noname.264:
-
- movzwl 22(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,20(r6),-840(fp)
- bicl3 #-65536,r2,-844(fp)
- mull3 r0,-840(fp),-832(fp)
- mull2 r3,-840(fp)
- mull3 r3,-844(fp),-836(fp)
- mull2 r0,-844(fp)
- addl3 -832(fp),-836(fp),r0
- bicl3 #0,r0,-832(fp)
- cmpl -832(fp),-836(fp)
- bgequ noname.265
- addl2 #65536,-844(fp)
-noname.265:
- movzwl -830(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-844(fp)
- bicl3 #-65536,-832(fp),r0
- ashl #16,r0,-836(fp)
- addl3 -836(fp),-840(fp),r0
- bicl3 #0,r0,-840(fp)
- cmpl -840(fp),-836(fp)
- bgequ noname.266
- incl -844(fp)
-noname.266:
- movl -840(fp),r1
- movl -844(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.267
- incl r2
-noname.267:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.268
- incl r8
-noname.268:
-
- bicl3 #-65536,24(r6),r3
- movzwl 26(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r7),r2
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-848(fp)
- mull2 r2,r5
- mull3 r2,r4,-852(fp)
- mull2 r0,r4
- addl3 -848(fp),-852(fp),r0
- bicl3 #0,r0,-848(fp)
- cmpl -848(fp),-852(fp)
- bgequ noname.269
- addl2 #65536,r4
-noname.269:
- movzwl -846(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-848(fp),r0
- ashl #16,r0,-852(fp)
- addl2 -852(fp),r5
- bicl2 #0,r5
- cmpl r5,-852(fp)
- bgequ noname.270
- incl r4
-noname.270:
- movl r5,r1
- movl r4,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.271
- incl r2
-noname.271:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.272
- incl r8
-noname.272:
-
- bicl3 #-65536,28(r6),r3
- movzwl 30(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r7),r2
- movzwl 18(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-856(fp)
- mull2 r2,r5
- mull3 r2,r4,-860(fp)
- mull2 r0,r4
- addl3 -856(fp),-860(fp),r0
- bicl3 #0,r0,-856(fp)
- cmpl -856(fp),-860(fp)
- bgequ noname.273
- addl2 #65536,r4
-noname.273:
- movzwl -854(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-856(fp),r0
- ashl #16,r0,-860(fp)
- addl2 -860(fp),r5
- bicl2 #0,r5
- cmpl r5,-860(fp)
- bgequ noname.274
- incl r4
-noname.274:
- movl r5,r1
- movl r4,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.275
- incl r2
-noname.275:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.276
- incl r8
-noname.276:
-
- movl r10,44(r11)
-
- clrl r10
-
- bicl3 #-65536,28(r6),r3
- movzwl 30(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r7),r2
- movzwl 22(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-864(fp)
- mull2 r2,r5
- mull3 r2,r4,-868(fp)
- mull2 r0,r4
- addl3 -864(fp),-868(fp),r0
- bicl3 #0,r0,-864(fp)
- cmpl -864(fp),-868(fp)
- bgequ noname.277
- addl2 #65536,r4
-noname.277:
- movzwl -862(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-864(fp),r0
- ashl #16,r0,-868(fp)
- addl2 -868(fp),r5
- bicl2 #0,r5
- cmpl r5,-868(fp)
- bgequ noname.278
- incl r4
-noname.278:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.279
- incl r2
-noname.279:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.280
- incl r10
-noname.280:
-
- bicl3 #-65536,24(r6),r3
- movzwl 26(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,24(r7),r2
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-872(fp)
- mull2 r2,r5
- mull3 r2,r4,-876(fp)
- mull2 r0,r4
- addl3 -872(fp),-876(fp),r0
- bicl3 #0,r0,-872(fp)
- cmpl -872(fp),-876(fp)
- bgequ noname.281
- addl2 #65536,r4
-noname.281:
- movzwl -870(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-872(fp),r0
- ashl #16,r0,-876(fp)
- addl2 -876(fp),r5
- bicl2 #0,r5
- cmpl r5,-876(fp)
- bgequ noname.282
- incl r4
-noname.282:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.283
- incl r2
-noname.283:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.284
- incl r10
-noname.284:
-
- bicl3 #-65536,20(r6),r3
- movzwl 22(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,28(r7),r2
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-880(fp)
- mull2 r2,r5
- mull3 r2,r4,-884(fp)
- mull2 r0,r4
- addl3 -880(fp),-884(fp),r0
- bicl3 #0,r0,-880(fp)
- cmpl -880(fp),-884(fp)
- bgequ noname.285
- addl2 #65536,r4
-noname.285:
- movzwl -878(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-880(fp),r0
- ashl #16,r0,-884(fp)
- addl2 -884(fp),r5
- bicl2 #0,r5
- cmpl r5,-884(fp)
- bgequ noname.286
- incl r4
-noname.286:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.287
- incl r2
-noname.287:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.288
- incl r10
-noname.288:
-
- movl r9,48(r11)
-
- clrl r9
-
- bicl3 #-65536,24(r6),r3
- movzwl 26(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,28(r7),r2
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-888(fp)
- mull2 r2,r5
- mull3 r2,r4,-892(fp)
- mull2 r0,r4
- addl3 -888(fp),-892(fp),r0
- bicl3 #0,r0,-888(fp)
- cmpl -888(fp),-892(fp)
- bgequ noname.289
- addl2 #65536,r4
-noname.289:
- movzwl -886(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-888(fp),r0
- ashl #16,r0,-892(fp)
- addl2 -892(fp),r5
- bicl2 #0,r5
- cmpl r5,-892(fp)
- bgequ noname.290
- incl r4
-noname.290:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.291
- incl r2
-noname.291:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.292
- incl r9
-noname.292:
-
- movzwl 30(r6),r2
- bicl3 #-65536,24(r7),r3
- movzwl 26(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,28(r6),-904(fp)
- bicl3 #-65536,r2,-908(fp)
- mull3 r0,-904(fp),-896(fp)
- mull2 r3,-904(fp)
- mull3 r3,-908(fp),-900(fp)
- mull2 r0,-908(fp)
- addl3 -896(fp),-900(fp),r0
- bicl3 #0,r0,-896(fp)
- cmpl -896(fp),-900(fp)
- bgequ noname.293
- addl2 #65536,-908(fp)
-noname.293:
- movzwl -894(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-908(fp)
- bicl3 #-65536,-896(fp),r0
- ashl #16,r0,-900(fp)
- addl3 -900(fp),-904(fp),r0
- bicl3 #0,r0,-904(fp)
- cmpl -904(fp),-900(fp)
- bgequ noname.294
- incl -908(fp)
-noname.294:
- movl -904(fp),r1
- movl -908(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.295
- incl r2
-noname.295:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.296
- incl r9
-noname.296:
-
- movl r8,52(r11)
-
- clrl r8
-
- movzwl 30(r6),r2
- bicl3 #-65536,28(r7),r3
- movzwl 30(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,28(r6),-920(fp)
- bicl3 #-65536,r2,-924(fp)
- mull3 r0,-920(fp),-912(fp)
- mull2 r3,-920(fp)
- mull3 r3,-924(fp),-916(fp)
- mull2 r0,-924(fp)
- addl3 -912(fp),-916(fp),r0
- bicl3 #0,r0,-912(fp)
- cmpl -912(fp),-916(fp)
- bgequ noname.297
- addl2 #65536,-924(fp)
-noname.297:
- movzwl -910(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-924(fp)
- bicl3 #-65536,-912(fp),r0
- ashl #16,r0,-916(fp)
- addl3 -916(fp),-920(fp),r0
- bicl3 #0,r0,-920(fp)
- cmpl -920(fp),-916(fp)
- bgequ noname.298
- incl -924(fp)
-noname.298:
- movl -920(fp),r1
- movl -924(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.299
- incl r2
-noname.299:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.300
- incl r8
-noname.300:
-
- movl r10,56(r11)
-
- movl r9,60(r11)
-
- ret
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP) n by value (input)
-
- .psect code,nowrt
-
-.entry BN_MUL_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
- movab -156(sp),sp
-
- clrq r9
-
- clrl r8
-
- movl 8(ap),r6
- bicl3 #-65536,(r6),r3
- movzwl 2(r6),r2
- bicl2 #-65536,r2
- movl 12(ap),r7
- bicl3 #-65536,(r7),r1
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r2,r4
- mull3 r0,r5,-4(fp)
- mull2 r1,r5
- mull3 r1,r4,-8(fp)
- mull2 r0,r4
- addl3 -4(fp),-8(fp),r0
- bicl3 #0,r0,-4(fp)
- cmpl -4(fp),-8(fp)
- bgequ noname.303
- addl2 #65536,r4
-noname.303:
- movzwl -2(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-4(fp),r0
- ashl #16,r0,-8(fp)
- addl2 -8(fp),r5
- bicl2 #0,r5
- cmpl r5,-8(fp)
- bgequ noname.304
- incl r4
-noname.304:
- movl r5,r1
- movl r4,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.305
- incl r2
-noname.305:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.306
- incl r8
-noname.306:
-
- movl 4(ap),r11
- movl r10,(r11)
-
- clrl r10
-
- bicl3 #-65536,(r6),r3
- movzwl 2(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r7),r2
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-12(fp)
- mull2 r2,r5
- mull3 r2,r4,-16(fp)
- mull2 r0,r4
- addl3 -12(fp),-16(fp),r0
- bicl3 #0,r0,-12(fp)
- cmpl -12(fp),-16(fp)
- bgequ noname.307
- addl2 #65536,r4
-noname.307:
- movzwl -10(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-12(fp),r0
- ashl #16,r0,-16(fp)
- addl2 -16(fp),r5
- bicl2 #0,r5
- cmpl r5,-16(fp)
- bgequ noname.308
- incl r4
-noname.308:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.309
- incl r2
-noname.309:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.310
- incl r10
-noname.310:
-
- bicl3 #-65536,4(r6),r3
- movzwl 6(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r7),r2
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-20(fp)
- mull2 r2,r5
- mull3 r2,r4,-24(fp)
- mull2 r0,r4
- addl3 -20(fp),-24(fp),r0
- bicl3 #0,r0,-20(fp)
- cmpl -20(fp),-24(fp)
- bgequ noname.311
- addl2 #65536,r4
-noname.311:
- movzwl -18(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-20(fp),r0
- ashl #16,r0,-24(fp)
- addl2 -24(fp),r5
- bicl2 #0,r5
- cmpl r5,-24(fp)
- bgequ noname.312
- incl r4
-noname.312:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.313
- incl r2
-noname.313:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.314
- incl r10
-noname.314:
-
- movl r9,4(r11)
-
- clrl r9
-
- bicl3 #-65536,8(r6),r3
- movzwl 10(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r7),r2
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-28(fp)
- mull2 r2,r5
- mull3 r2,r4,-32(fp)
- mull2 r0,r4
- addl3 -28(fp),-32(fp),r0
- bicl3 #0,r0,-28(fp)
- cmpl -28(fp),-32(fp)
- bgequ noname.315
- addl2 #65536,r4
-noname.315:
- movzwl -26(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-28(fp),r0
- ashl #16,r0,-32(fp)
- addl2 -32(fp),r5
- bicl2 #0,r5
- cmpl r5,-32(fp)
- bgequ noname.316
- incl r4
-noname.316:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.317
- incl r2
-noname.317:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.318
- incl r9
-noname.318:
-
- bicl3 #-65536,4(r6),r3
- movzwl 6(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r7),r2
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-36(fp)
- mull2 r2,r5
- mull3 r2,r4,-40(fp)
- mull2 r0,r4
- addl3 -36(fp),-40(fp),r0
- bicl3 #0,r0,-36(fp)
- cmpl -36(fp),-40(fp)
- bgequ noname.319
- addl2 #65536,r4
-noname.319:
- movzwl -34(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-36(fp),r0
- ashl #16,r0,-40(fp)
- addl2 -40(fp),r5
- bicl2 #0,r5
- cmpl r5,-40(fp)
- bgequ noname.320
- incl r4
-noname.320:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.321
- incl r2
-noname.321:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.322
- incl r9
-noname.322:
-
- bicl3 #-65536,(r6),r3
- movzwl 2(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r7),r2
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-44(fp)
- mull2 r2,r5
- mull3 r2,r4,-48(fp)
- mull2 r0,r4
- addl3 -44(fp),-48(fp),r0
- bicl3 #0,r0,-44(fp)
- cmpl -44(fp),-48(fp)
- bgequ noname.323
- addl2 #65536,r4
-noname.323:
- movzwl -42(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-44(fp),r0
- ashl #16,r0,-48(fp)
- addl2 -48(fp),r5
- bicl2 #0,r5
- cmpl r5,-48(fp)
- bgequ noname.324
- incl r4
-noname.324:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.325
- incl r2
-noname.325:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.326
- incl r9
-noname.326:
-
- movl r8,8(r11)
-
- clrl r8
-
- bicl3 #-65536,(r6),r3
- movzwl 2(r6),r2
- bicl3 #-65536,12(r7),r1
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- movl r3,r4
- bicl3 #-65536,r2,-60(fp)
- mull3 r0,r4,-52(fp)
- mull2 r1,r4
- mull3 r1,-60(fp),-56(fp)
- mull2 r0,-60(fp)
- addl3 -52(fp),-56(fp),r0
- bicl3 #0,r0,-52(fp)
- cmpl -52(fp),-56(fp)
- bgequ noname.327
- addl2 #65536,-60(fp)
-noname.327:
- movzwl -50(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-60(fp)
- bicl3 #-65536,-52(fp),r0
- ashl #16,r0,-56(fp)
- addl2 -56(fp),r4
- bicl2 #0,r4
- cmpl r4,-56(fp)
- bgequ noname.328
- incl -60(fp)
-noname.328:
- movl r4,r1
- movl -60(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.329
- incl r2
-noname.329:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.330
- incl r8
-noname.330:
-
- movzwl 6(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r6),-72(fp)
- bicl3 #-65536,r2,-76(fp)
- mull3 r0,-72(fp),-64(fp)
- mull2 r3,-72(fp)
- mull3 r3,-76(fp),-68(fp)
- mull2 r0,-76(fp)
- addl3 -64(fp),-68(fp),r0
- bicl3 #0,r0,-64(fp)
- cmpl -64(fp),-68(fp)
- bgequ noname.331
- addl2 #65536,-76(fp)
-noname.331:
- movzwl -62(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-76(fp)
- bicl3 #-65536,-64(fp),r0
- ashl #16,r0,-68(fp)
- addl3 -68(fp),-72(fp),r0
- bicl3 #0,r0,-72(fp)
- cmpl -72(fp),-68(fp)
- bgequ noname.332
- incl -76(fp)
-noname.332:
- movl -72(fp),r1
- movl -76(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.333
- incl r2
-noname.333:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.334
- incl r8
-noname.334:
-
- bicl3 #-65536,8(r6),r3
- movzwl 10(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r7),r2
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-80(fp)
- mull2 r2,r5
- mull3 r2,r4,-84(fp)
- mull2 r0,r4
- addl3 -80(fp),-84(fp),r0
- bicl3 #0,r0,-80(fp)
- cmpl -80(fp),-84(fp)
- bgequ noname.335
- addl2 #65536,r4
-noname.335:
- movzwl -78(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-80(fp),r0
- ashl #16,r0,-84(fp)
- addl2 -84(fp),r5
- bicl2 #0,r5
- cmpl r5,-84(fp)
- bgequ noname.336
- incl r4
-noname.336:
- movl r5,r1
- movl r4,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.337
- incl r2
-noname.337:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.338
- incl r8
-noname.338:
-
- bicl3 #-65536,12(r6),r3
- movzwl 14(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r7),r2
- movzwl 2(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-88(fp)
- mull2 r2,r5
- mull3 r2,r4,-92(fp)
- mull2 r0,r4
- addl3 -88(fp),-92(fp),r0
- bicl3 #0,r0,-88(fp)
- cmpl -88(fp),-92(fp)
- bgequ noname.339
- addl2 #65536,r4
-noname.339:
- movzwl -86(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-88(fp),r0
- ashl #16,r0,-92(fp)
- addl2 -92(fp),r5
- bicl2 #0,r5
- cmpl r5,-92(fp)
- bgequ noname.340
- incl r4
-noname.340:
- movl r5,r1
- movl r4,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.341
- incl r2
-noname.341:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.342
- incl r8
-noname.342:
-
- movl r10,12(r11)
-
- clrl r10
-
- bicl3 #-65536,12(r6),r3
- movzwl 14(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r7),r2
- movzwl 6(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-96(fp)
- mull2 r2,r5
- mull3 r2,r4,-100(fp)
- mull2 r0,r4
- addl3 -96(fp),-100(fp),r0
- bicl3 #0,r0,-96(fp)
- cmpl -96(fp),-100(fp)
- bgequ noname.343
- addl2 #65536,r4
-noname.343:
- movzwl -94(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-96(fp),r0
- ashl #16,r0,-100(fp)
- addl2 -100(fp),r5
- bicl2 #0,r5
- cmpl r5,-100(fp)
- bgequ noname.344
- incl r4
-noname.344:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.345
- incl r2
-noname.345:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.346
- incl r10
-noname.346:
-
- bicl3 #-65536,8(r6),r3
- movzwl 10(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r7),r2
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-104(fp)
- mull2 r2,r5
- mull3 r2,r4,-108(fp)
- mull2 r0,r4
- addl3 -104(fp),-108(fp),r0
- bicl3 #0,r0,-104(fp)
- cmpl -104(fp),-108(fp)
- bgequ noname.347
- addl2 #65536,r4
-noname.347:
- movzwl -102(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-104(fp),r0
- ashl #16,r0,-108(fp)
- addl2 -108(fp),r5
- bicl2 #0,r5
- cmpl r5,-108(fp)
- bgequ noname.348
- incl r4
-noname.348:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.349
- incl r2
-noname.349:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.350
- incl r10
-noname.350:
-
- bicl3 #-65536,4(r6),r3
- movzwl 6(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r7),r2
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-112(fp)
- mull2 r2,r5
- mull3 r2,r4,-116(fp)
- mull2 r0,r4
- addl3 -112(fp),-116(fp),r0
- bicl3 #0,r0,-112(fp)
- cmpl -112(fp),-116(fp)
- bgequ noname.351
- addl2 #65536,r4
-noname.351:
- movzwl -110(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-112(fp),r0
- ashl #16,r0,-116(fp)
- addl2 -116(fp),r5
- bicl2 #0,r5
- cmpl r5,-116(fp)
- bgequ noname.352
- incl r4
-noname.352:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.353
- incl r2
-noname.353:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.354
- incl r10
-noname.354:
-
- movl r9,16(r11)
-
- clrl r9
-
- bicl3 #-65536,8(r6),r3
- movzwl 10(r6),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r7),r2
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-120(fp)
- mull2 r2,r5
- mull3 r2,r4,-124(fp)
- mull2 r0,r4
- addl3 -120(fp),-124(fp),r0
- bicl3 #0,r0,-120(fp)
- cmpl -120(fp),-124(fp)
- bgequ noname.355
- addl2 #65536,r4
-noname.355:
- movzwl -118(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-120(fp),r0
- ashl #16,r0,-124(fp)
- addl2 -124(fp),r5
- bicl2 #0,r5
- cmpl r5,-124(fp)
- bgequ noname.356
- incl r4
-noname.356:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.357
- incl r2
-noname.357:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.358
- incl r9
-noname.358:
-
- movzwl 14(r6),r2
- bicl3 #-65536,8(r7),r3
- movzwl 10(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-136(fp)
- bicl3 #-65536,r2,-140(fp)
- mull3 r0,-136(fp),-128(fp)
- mull2 r3,-136(fp)
- mull3 r3,-140(fp),-132(fp)
- mull2 r0,-140(fp)
- addl3 -128(fp),-132(fp),r0
- bicl3 #0,r0,-128(fp)
- cmpl -128(fp),-132(fp)
- bgequ noname.359
- addl2 #65536,-140(fp)
-noname.359:
- movzwl -126(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-140(fp)
- bicl3 #-65536,-128(fp),r0
- ashl #16,r0,-132(fp)
- addl3 -132(fp),-136(fp),r0
- bicl3 #0,r0,-136(fp)
- cmpl -136(fp),-132(fp)
- bgequ noname.360
- incl -140(fp)
-noname.360:
- movl -136(fp),r1
- movl -140(fp),r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.361
- incl r2
-noname.361:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.362
- incl r9
-noname.362:
-
- movl r8,20(r11)
-
- clrl r8
-
- movzwl 14(r6),r2
- bicl3 #-65536,12(r7),r3
- movzwl 14(r7),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r6),-152(fp)
- bicl3 #-65536,r2,-156(fp)
- mull3 r0,-152(fp),-144(fp)
- mull2 r3,-152(fp)
- mull3 r3,-156(fp),-148(fp)
- mull2 r0,-156(fp)
- addl3 -144(fp),-148(fp),r0
- bicl3 #0,r0,-144(fp)
- cmpl -144(fp),-148(fp)
- bgequ noname.363
- addl2 #65536,-156(fp)
-noname.363:
- movzwl -142(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-156(fp)
- bicl3 #-65536,-144(fp),r0
- ashl #16,r0,-148(fp)
- addl3 -148(fp),-152(fp),r0
- bicl3 #0,r0,-152(fp)
- cmpl -152(fp),-148(fp)
- bgequ noname.364
- incl -156(fp)
-noname.364:
- movl -152(fp),r1
- movl -156(fp),r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.365
- incl r2
-noname.365:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.366
- incl r8
-noname.366:
-
- movl r10,24(r11)
-
- movl r9,28(r11)
-
- ret
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP) n by value (input)
-
- .psect code,nowrt
-
-.entry BN_SQR_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9>
- movab -444(sp),sp
-
- clrq r8
-
- clrl r7
-
- movl 8(ap),r4
- movl (r4),r3
- bicl3 #-65536,r3,-4(fp)
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- movl -4(fp),r0
- mull3 r0,r3,-8(fp)
- mull3 r0,r0,-4(fp)
- mull2 r3,r3
- bicl3 #32767,-8(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl3 #-65536,-8(fp),r0
- ashl #17,r0,-8(fp)
- addl3 -4(fp),-8(fp),r0
- bicl3 #0,r0,-4(fp)
- cmpl -4(fp),-8(fp)
- bgequ noname.369
- incl r3
-noname.369:
- movl -4(fp),r1
- movl r3,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.370
- incl r2
-noname.370:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.371
- incl r7
-noname.371:
-
- movl r9,@4(ap)
-
- clrl r9
-
- movzwl 6(r4),r2
- bicl3 #-65536,(r4),r3
- movzwl 2(r4),r0
- bicl2 #-65536,r0
- bicl3 #-65536,4(r4),-20(fp)
- bicl3 #-65536,r2,-24(fp)
- mull3 r0,-20(fp),-12(fp)
- mull2 r3,-20(fp)
- mull3 r3,-24(fp),-16(fp)
- mull2 r0,-24(fp)
- addl3 -12(fp),-16(fp),r0
- bicl3 #0,r0,-12(fp)
- cmpl -12(fp),-16(fp)
- bgequ noname.372
- addl2 #65536,-24(fp)
-noname.372:
- movzwl -10(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-24(fp)
- bicl3 #-65536,-12(fp),r0
- ashl #16,r0,-16(fp)
- addl3 -16(fp),-20(fp),r0
- bicl3 #0,r0,-20(fp)
- cmpl -20(fp),-16(fp)
- bgequ noname.373
- incl -24(fp)
-noname.373:
- movl -20(fp),r3
- movl -24(fp),r2
- bbc #31,r2,noname.374
- incl r9
-noname.374:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.375
- incl r2
-noname.375:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.376
- incl r2
- bicl3 #0,r2,r0
- bneq noname.376
- incl r9
-noname.376:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.377
- incl r9
-noname.377:
-
- movl 4(ap),r0
- movl r8,4(r0)
-
- clrl r8
-
- movl 8(ap),r4
- movl 4(r4),r3
- bicl3 #-65536,r3,-28(fp)
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- movl -28(fp),r0
- mull3 r0,r3,-32(fp)
- mull3 r0,r0,-28(fp)
- mull2 r3,r3
- bicl3 #32767,-32(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl3 #-65536,-32(fp),r0
- ashl #17,r0,-32(fp)
- addl3 -28(fp),-32(fp),r0
- bicl3 #0,r0,-28(fp)
- cmpl -28(fp),-32(fp)
- bgequ noname.378
- incl r3
-noname.378:
- movl -28(fp),r1
- movl r3,r2
- addl2 r1,r7
- bicl2 #0,r7
- cmpl r7,r1
- bgequ noname.379
- incl r2
-noname.379:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.380
- incl r8
-noname.380:
-
- movzwl 10(r4),r2
- bicl3 #-65536,(r4),r3
- movzwl 2(r4),r0
- bicl2 #-65536,r0
- bicl3 #-65536,8(r4),-44(fp)
- bicl3 #-65536,r2,-48(fp)
- mull3 r0,-44(fp),-36(fp)
- mull2 r3,-44(fp)
- mull3 r3,-48(fp),-40(fp)
- mull2 r0,-48(fp)
- addl3 -36(fp),-40(fp),r0
- bicl3 #0,r0,-36(fp)
- cmpl -36(fp),-40(fp)
- bgequ noname.381
- addl2 #65536,-48(fp)
-noname.381:
- movzwl -34(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-48(fp)
- bicl3 #-65536,-36(fp),r0
- ashl #16,r0,-40(fp)
- addl3 -40(fp),-44(fp),r0
- bicl3 #0,r0,-44(fp)
- cmpl -44(fp),-40(fp)
- bgequ noname.382
- incl -48(fp)
-noname.382:
- movl -44(fp),r3
- movl -48(fp),r2
- bbc #31,r2,noname.383
- incl r8
-noname.383:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.384
- incl r2
-noname.384:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.385
- incl r2
- bicl3 #0,r2,r0
- bneq noname.385
- incl r8
-noname.385:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.386
- incl r8
-noname.386:
-
- movl 4(ap),r0
- movl r7,8(r0)
-
- clrl r7
-
- movl 8(ap),r0
- movzwl 14(r0),r2
- bicl3 #-65536,(r0),r3
- movzwl 2(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r0),-60(fp)
- bicl3 #-65536,r2,-64(fp)
- mull3 r1,-60(fp),-52(fp)
- mull2 r3,-60(fp)
- mull3 r3,-64(fp),-56(fp)
- mull2 r1,-64(fp)
- addl3 -52(fp),-56(fp),r0
- bicl3 #0,r0,-52(fp)
- cmpl -52(fp),-56(fp)
- bgequ noname.387
- addl2 #65536,-64(fp)
-noname.387:
- movzwl -50(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-64(fp)
- bicl3 #-65536,-52(fp),r0
- ashl #16,r0,-56(fp)
- addl3 -56(fp),-60(fp),r0
- bicl3 #0,r0,-60(fp)
- cmpl -60(fp),-56(fp)
- bgequ noname.388
- incl -64(fp)
-noname.388:
- movl -60(fp),r3
- movl -64(fp),r2
- bbc #31,r2,noname.389
- incl r7
-noname.389:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.390
- incl r2
-noname.390:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.391
- incl r2
- bicl3 #0,r2,r0
- bneq noname.391
- incl r7
-noname.391:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.392
- incl r7
-noname.392:
-
- movl 8(ap),r0
- movzwl 10(r0),r2
- bicl3 #-65536,4(r0),r3
- movzwl 6(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r0),-76(fp)
- bicl3 #-65536,r2,-80(fp)
- mull3 r1,-76(fp),-68(fp)
- mull2 r3,-76(fp)
- mull3 r3,-80(fp),-72(fp)
- mull2 r1,-80(fp)
- addl3 -68(fp),-72(fp),r0
- bicl3 #0,r0,-68(fp)
- cmpl -68(fp),-72(fp)
- bgequ noname.393
- addl2 #65536,-80(fp)
-noname.393:
- movzwl -66(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-80(fp)
- bicl3 #-65536,-68(fp),r0
- ashl #16,r0,-72(fp)
- addl3 -72(fp),-76(fp),r0
- bicl3 #0,r0,-76(fp)
- cmpl -76(fp),-72(fp)
- bgequ noname.394
- incl -80(fp)
-noname.394:
- movl -76(fp),r3
- movl -80(fp),r2
- bbc #31,r2,noname.395
- incl r7
-noname.395:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.396
- incl r2
-noname.396:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.397
- incl r2
- bicl3 #0,r2,r0
- bneq noname.397
- incl r7
-noname.397:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.398
- incl r7
-noname.398:
-
- movl 4(ap),r0
- movl r9,12(r0)
-
- clrl r9
-
- movl 8(ap),r2
- movl 8(r2),r4
- bicl3 #-65536,r4,-84(fp)
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- movl -84(fp),r0
- mull3 r0,r4,-88(fp)
- mull3 r0,r0,-84(fp)
- mull2 r4,r4
- bicl3 #32767,-88(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-88(fp),r0
- ashl #17,r0,-88(fp)
- addl3 -84(fp),-88(fp),r0
- bicl3 #0,r0,-84(fp)
- cmpl -84(fp),-88(fp)
- bgequ noname.399
- incl r4
-noname.399:
- movl -84(fp),r1
- movl r4,r3
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.400
- incl r3
-noname.400:
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.401
- incl r9
-noname.401:
-
- movzwl 14(r2),r3
- bicl3 #-65536,4(r2),r1
- movzwl 6(r2),r0
- bicl2 #-65536,r0
- bicl3 #-65536,12(r2),-100(fp)
- bicl3 #-65536,r3,-104(fp)
- mull3 r0,-100(fp),-92(fp)
- mull2 r1,-100(fp)
- mull3 r1,-104(fp),-96(fp)
- mull2 r0,-104(fp)
- addl3 -92(fp),-96(fp),r0
- bicl3 #0,r0,-92(fp)
- cmpl -92(fp),-96(fp)
- bgequ noname.402
- addl2 #65536,-104(fp)
-noname.402:
- movzwl -90(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-104(fp)
- bicl3 #-65536,-92(fp),r0
- ashl #16,r0,-96(fp)
- addl3 -96(fp),-100(fp),r0
- bicl3 #0,r0,-100(fp)
- cmpl -100(fp),-96(fp)
- bgequ noname.403
- incl -104(fp)
-noname.403:
- movl -100(fp),r3
- movl -104(fp),r2
- bbc #31,r2,noname.404
- incl r9
-noname.404:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.405
- incl r2
-noname.405:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.406
- incl r2
- bicl3 #0,r2,r0
- bneq noname.406
- incl r9
-noname.406:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.407
- incl r9
-noname.407:
-
- movl 8(ap),r0
- movzwl 18(r0),r2
- bicl3 #-65536,(r0),r3
- movzwl 2(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r0),-116(fp)
- bicl3 #-65536,r2,-120(fp)
- mull3 r1,-116(fp),-108(fp)
- mull2 r3,-116(fp)
- mull3 r3,-120(fp),-112(fp)
- mull2 r1,-120(fp)
- addl3 -108(fp),-112(fp),r0
- bicl3 #0,r0,-108(fp)
- cmpl -108(fp),-112(fp)
- bgequ noname.408
- addl2 #65536,-120(fp)
-noname.408:
- movzwl -106(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-120(fp)
- bicl3 #-65536,-108(fp),r0
- ashl #16,r0,-112(fp)
- addl3 -112(fp),-116(fp),r0
- bicl3 #0,r0,-116(fp)
- cmpl -116(fp),-112(fp)
- bgequ noname.409
- incl -120(fp)
-noname.409:
- movl -116(fp),r3
- movl -120(fp),r2
- bbc #31,r2,noname.410
- incl r9
-noname.410:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.411
- incl r2
-noname.411:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.412
- incl r2
- bicl3 #0,r2,r0
- bneq noname.412
- incl r9
-noname.412:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.413
- incl r9
-noname.413:
-
- movl 4(ap),r0
- movl r8,16(r0)
-
- clrl r8
-
- movl 8(ap),r0
- movzwl 22(r0),r2
- bicl3 #-65536,(r0),r3
- movzwl 2(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r0),-132(fp)
- bicl3 #-65536,r2,-136(fp)
- mull3 r1,-132(fp),-124(fp)
- mull2 r3,-132(fp)
- mull3 r3,-136(fp),-128(fp)
- mull2 r1,-136(fp)
- addl3 -124(fp),-128(fp),r0
- bicl3 #0,r0,-124(fp)
- cmpl -124(fp),-128(fp)
- bgequ noname.414
- addl2 #65536,-136(fp)
-noname.414:
- movzwl -122(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-136(fp)
- bicl3 #-65536,-124(fp),r0
- ashl #16,r0,-128(fp)
- addl3 -128(fp),-132(fp),r0
- bicl3 #0,r0,-132(fp)
- cmpl -132(fp),-128(fp)
- bgequ noname.415
- incl -136(fp)
-noname.415:
- movl -132(fp),r3
- movl -136(fp),r2
- bbc #31,r2,noname.416
- incl r8
-noname.416:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.417
- incl r2
-noname.417:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.418
- incl r2
- bicl3 #0,r2,r0
- bneq noname.418
- incl r8
-noname.418:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.419
- incl r8
-noname.419:
-
- movl 8(ap),r0
- movzwl 18(r0),r2
- bicl3 #-65536,4(r0),r3
- movzwl 6(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r0),-148(fp)
- bicl3 #-65536,r2,-152(fp)
- mull3 r1,-148(fp),-140(fp)
- mull2 r3,-148(fp)
- mull3 r3,-152(fp),-144(fp)
- mull2 r1,-152(fp)
- addl3 -140(fp),-144(fp),r0
- bicl3 #0,r0,-140(fp)
- cmpl -140(fp),-144(fp)
- bgequ noname.420
- addl2 #65536,-152(fp)
-noname.420:
- movzwl -138(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-152(fp)
- bicl3 #-65536,-140(fp),r0
- ashl #16,r0,-144(fp)
- addl3 -144(fp),-148(fp),r0
- bicl3 #0,r0,-148(fp)
- cmpl -148(fp),-144(fp)
- bgequ noname.421
- incl -152(fp)
-noname.421:
- movl -148(fp),r3
- movl -152(fp),r2
- bbc #31,r2,noname.422
- incl r8
-noname.422:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.423
- incl r2
-noname.423:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.424
- incl r2
- bicl3 #0,r2,r0
- bneq noname.424
- incl r8
-noname.424:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.425
- incl r8
-noname.425:
-
- movl 8(ap),r0
- movzwl 14(r0),r2
- bicl3 #-65536,8(r0),r3
- movzwl 10(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r0),-164(fp)
- bicl3 #-65536,r2,-168(fp)
- mull3 r1,-164(fp),-156(fp)
- mull2 r3,-164(fp)
- mull3 r3,-168(fp),-160(fp)
- mull2 r1,-168(fp)
- addl3 -156(fp),-160(fp),r0
- bicl3 #0,r0,-156(fp)
- cmpl -156(fp),-160(fp)
- bgequ noname.426
- addl2 #65536,-168(fp)
-noname.426:
- movzwl -154(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-168(fp)
- bicl3 #-65536,-156(fp),r0
- ashl #16,r0,-160(fp)
- addl3 -160(fp),-164(fp),r0
- bicl3 #0,r0,-164(fp)
- cmpl -164(fp),-160(fp)
- bgequ noname.427
- incl -168(fp)
-noname.427:
- movl -164(fp),r3
- movl -168(fp),r2
- bbc #31,r2,noname.428
- incl r8
-noname.428:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.429
- incl r2
-noname.429:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.430
- incl r2
- bicl3 #0,r2,r0
- bneq noname.430
- incl r8
-noname.430:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.431
- incl r8
-noname.431:
-
- movl 4(ap),r0
- movl r7,20(r0)
-
- clrl r7
-
- movl 8(ap),r2
- movl 12(r2),r4
- bicl3 #-65536,r4,-172(fp)
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- movl -172(fp),r0
- mull3 r0,r4,-176(fp)
- mull3 r0,r0,-172(fp)
- mull2 r4,r4
- bicl3 #32767,-176(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-176(fp),r0
- ashl #17,r0,-176(fp)
- addl3 -172(fp),-176(fp),r0
- bicl3 #0,r0,-172(fp)
- cmpl -172(fp),-176(fp)
- bgequ noname.432
- incl r4
-noname.432:
- movl -172(fp),r1
- movl r4,r3
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.433
- incl r3
-noname.433:
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.434
- incl r7
-noname.434:
-
- movzwl 18(r2),r3
- bicl3 #-65536,8(r2),r1
- movzwl 10(r2),r0
- bicl2 #-65536,r0
- bicl3 #-65536,16(r2),-188(fp)
- bicl3 #-65536,r3,-192(fp)
- mull3 r0,-188(fp),-180(fp)
- mull2 r1,-188(fp)
- mull3 r1,-192(fp),-184(fp)
- mull2 r0,-192(fp)
- addl3 -180(fp),-184(fp),r0
- bicl3 #0,r0,-180(fp)
- cmpl -180(fp),-184(fp)
- bgequ noname.435
- addl2 #65536,-192(fp)
-noname.435:
- movzwl -178(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-192(fp)
- bicl3 #-65536,-180(fp),r0
- ashl #16,r0,-184(fp)
- addl3 -184(fp),-188(fp),r0
- bicl3 #0,r0,-188(fp)
- cmpl -188(fp),-184(fp)
- bgequ noname.436
- incl -192(fp)
-noname.436:
- movl -188(fp),r3
- movl -192(fp),r2
- bbc #31,r2,noname.437
- incl r7
-noname.437:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.438
- incl r2
-noname.438:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.439
- incl r2
- bicl3 #0,r2,r0
- bneq noname.439
- incl r7
-noname.439:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.440
- incl r7
-noname.440:
-
- movl 8(ap),r0
- movzwl 22(r0),r2
- bicl3 #-65536,4(r0),r3
- movzwl 6(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r0),-204(fp)
- bicl3 #-65536,r2,-208(fp)
- mull3 r1,-204(fp),-196(fp)
- mull2 r3,-204(fp)
- mull3 r3,-208(fp),-200(fp)
- mull2 r1,-208(fp)
- addl3 -196(fp),-200(fp),r0
- bicl3 #0,r0,-196(fp)
- cmpl -196(fp),-200(fp)
- bgequ noname.441
- addl2 #65536,-208(fp)
-noname.441:
- movzwl -194(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-208(fp)
- bicl3 #-65536,-196(fp),r0
- ashl #16,r0,-200(fp)
- addl3 -200(fp),-204(fp),r0
- bicl3 #0,r0,-204(fp)
- cmpl -204(fp),-200(fp)
- bgequ noname.442
- incl -208(fp)
-noname.442:
- movl -204(fp),r3
- movl -208(fp),r2
- bbc #31,r2,noname.443
- incl r7
-noname.443:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.444
- incl r2
-noname.444:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.445
- incl r2
- bicl3 #0,r2,r0
- bneq noname.445
- incl r7
-noname.445:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.446
- incl r7
-noname.446:
-
- movl 8(ap),r0
- movzwl 26(r0),r2
- bicl3 #-65536,(r0),r3
- movzwl 2(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,24(r0),-220(fp)
- bicl3 #-65536,r2,-224(fp)
- mull3 r1,-220(fp),-212(fp)
- mull2 r3,-220(fp)
- mull3 r3,-224(fp),-216(fp)
- mull2 r1,-224(fp)
- addl3 -212(fp),-216(fp),r0
- bicl3 #0,r0,-212(fp)
- cmpl -212(fp),-216(fp)
- bgequ noname.447
- addl2 #65536,-224(fp)
-noname.447:
- movzwl -210(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-224(fp)
- bicl3 #-65536,-212(fp),r0
- ashl #16,r0,-216(fp)
- addl3 -216(fp),-220(fp),r0
- bicl3 #0,r0,-220(fp)
- cmpl -220(fp),-216(fp)
- bgequ noname.448
- incl -224(fp)
-noname.448:
- movl -220(fp),r3
- movl -224(fp),r2
- bbc #31,r2,noname.449
- incl r7
-noname.449:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.450
- incl r2
-noname.450:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.451
- incl r2
- bicl3 #0,r2,r0
- bneq noname.451
- incl r7
-noname.451:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.452
- incl r7
-noname.452:
-
- movl 4(ap),r0
- movl r9,24(r0)
-
- clrl r9
-
- movl 8(ap),r0
- movzwl 30(r0),r2
- bicl3 #-65536,(r0),r3
- movzwl 2(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,28(r0),-236(fp)
- bicl3 #-65536,r2,-240(fp)
- mull3 r1,-236(fp),-228(fp)
- mull2 r3,-236(fp)
- mull3 r3,-240(fp),-232(fp)
- mull2 r1,-240(fp)
- addl3 -228(fp),-232(fp),r0
- bicl3 #0,r0,-228(fp)
- cmpl -228(fp),-232(fp)
- bgequ noname.453
- addl2 #65536,-240(fp)
-noname.453:
- movzwl -226(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-240(fp)
- bicl3 #-65536,-228(fp),r0
- ashl #16,r0,-232(fp)
- addl3 -232(fp),-236(fp),r0
- bicl3 #0,r0,-236(fp)
- cmpl -236(fp),-232(fp)
- bgequ noname.454
- incl -240(fp)
-noname.454:
- movl -236(fp),r3
- movl -240(fp),r2
- bbc #31,r2,noname.455
- incl r9
-noname.455:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.456
- incl r2
-noname.456:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.457
- incl r2
- bicl3 #0,r2,r0
- bneq noname.457
- incl r9
-noname.457:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.458
- incl r9
-noname.458:
-
- movl 8(ap),r0
- movzwl 26(r0),r2
- bicl3 #-65536,4(r0),r3
- movzwl 6(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,24(r0),-252(fp)
- bicl3 #-65536,r2,-256(fp)
- mull3 r1,-252(fp),-244(fp)
- mull2 r3,-252(fp)
- mull3 r3,-256(fp),-248(fp)
- mull2 r1,-256(fp)
- addl3 -244(fp),-248(fp),r0
- bicl3 #0,r0,-244(fp)
- cmpl -244(fp),-248(fp)
- bgequ noname.459
- addl2 #65536,-256(fp)
-noname.459:
- movzwl -242(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-256(fp)
- bicl3 #-65536,-244(fp),r0
- ashl #16,r0,-248(fp)
- addl3 -248(fp),-252(fp),r0
- bicl3 #0,r0,-252(fp)
- cmpl -252(fp),-248(fp)
- bgequ noname.460
- incl -256(fp)
-noname.460:
- movl -252(fp),r3
- movl -256(fp),r2
- bbc #31,r2,noname.461
- incl r9
-noname.461:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.462
- incl r2
-noname.462:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.463
- incl r2
- bicl3 #0,r2,r0
- bneq noname.463
- incl r9
-noname.463:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.464
- incl r9
-noname.464:
-
- movl 8(ap),r0
- movzwl 22(r0),r2
- bicl3 #-65536,8(r0),r3
- movzwl 10(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r0),-268(fp)
- bicl3 #-65536,r2,-272(fp)
- mull3 r1,-268(fp),-260(fp)
- mull2 r3,-268(fp)
- mull3 r3,-272(fp),-264(fp)
- mull2 r1,-272(fp)
- addl3 -260(fp),-264(fp),r0
- bicl3 #0,r0,-260(fp)
- cmpl -260(fp),-264(fp)
- bgequ noname.465
- addl2 #65536,-272(fp)
-noname.465:
- movzwl -258(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-272(fp)
- bicl3 #-65536,-260(fp),r0
- ashl #16,r0,-264(fp)
- addl3 -264(fp),-268(fp),r0
- bicl3 #0,r0,-268(fp)
- cmpl -268(fp),-264(fp)
- bgequ noname.466
- incl -272(fp)
-noname.466:
- movl -268(fp),r3
- movl -272(fp),r2
- bbc #31,r2,noname.467
- incl r9
-noname.467:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.468
- incl r2
-noname.468:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.469
- incl r2
- bicl3 #0,r2,r0
- bneq noname.469
- incl r9
-noname.469:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.470
- incl r9
-noname.470:
-
- movl 8(ap),r0
- movzwl 18(r0),r2
- bicl3 #-65536,12(r0),r3
- movzwl 14(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r0),-284(fp)
- bicl3 #-65536,r2,-288(fp)
- mull3 r1,-284(fp),-276(fp)
- mull2 r3,-284(fp)
- mull3 r3,-288(fp),-280(fp)
- mull2 r1,-288(fp)
- addl3 -276(fp),-280(fp),r0
- bicl3 #0,r0,-276(fp)
- cmpl -276(fp),-280(fp)
- bgequ noname.471
- addl2 #65536,-288(fp)
-noname.471:
- movzwl -274(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-288(fp)
- bicl3 #-65536,-276(fp),r0
- ashl #16,r0,-280(fp)
- addl3 -280(fp),-284(fp),r0
- bicl3 #0,r0,-284(fp)
- cmpl -284(fp),-280(fp)
- bgequ noname.472
- incl -288(fp)
-noname.472:
- movl -284(fp),r3
- movl -288(fp),r2
- bbc #31,r2,noname.473
- incl r9
-noname.473:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.474
- incl r2
-noname.474:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.475
- incl r2
- bicl3 #0,r2,r0
- bneq noname.475
- incl r9
-noname.475:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.476
- incl r9
-noname.476:
-
- movl 4(ap),r0
- movl r8,28(r0)
-
- clrl r8
-
- movl 8(ap),r3
- movl 16(r3),r4
- bicl3 #-65536,r4,r5
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- mull3 r5,r4,-292(fp)
- mull2 r5,r5
- mull2 r4,r4
- bicl3 #32767,-292(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-292(fp),r0
- ashl #17,r0,-292(fp)
- addl2 -292(fp),r5
- bicl2 #0,r5
- cmpl r5,-292(fp)
- bgequ noname.477
- incl r4
-noname.477:
- movl r5,r1
- movl r4,r2
- addl2 r1,r7
- bicl2 #0,r7
- cmpl r7,r1
- bgequ noname.478
- incl r2
-noname.478:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.479
- incl r8
-noname.479:
-
- bicl3 #-65536,20(r3),r4
- movzwl 22(r3),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r3),r2
- movzwl 14(r3),r0
- bicl2 #-65536,r0
- movl r4,r6
- movl r1,r5
- mull3 r0,r6,-296(fp)
- mull2 r2,r6
- mull3 r2,r5,-300(fp)
- mull2 r0,r5
- addl3 -296(fp),-300(fp),r0
- bicl3 #0,r0,-296(fp)
- cmpl -296(fp),-300(fp)
- bgequ noname.480
- addl2 #65536,r5
-noname.480:
- movzwl -294(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r5
- bicl3 #-65536,-296(fp),r0
- ashl #16,r0,-300(fp)
- addl2 -300(fp),r6
- bicl2 #0,r6
- cmpl r6,-300(fp)
- bgequ noname.481
- incl r5
-noname.481:
- movl r6,r3
- movl r5,r2
- bbc #31,r2,noname.482
- incl r8
-noname.482:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.483
- incl r2
-noname.483:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.484
- incl r2
- bicl3 #0,r2,r0
- bneq noname.484
- incl r8
-noname.484:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.485
- incl r8
-noname.485:
-
- movl 8(ap),r0
- bicl3 #-65536,24(r0),r3
- movzwl 26(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r0),r2
- movzwl 10(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-304(fp)
- mull2 r2,r5
- mull3 r2,r4,-308(fp)
- mull2 r0,r4
- addl3 -304(fp),-308(fp),r0
- bicl3 #0,r0,-304(fp)
- cmpl -304(fp),-308(fp)
- bgequ noname.486
- addl2 #65536,r4
-noname.486:
- movzwl -302(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-304(fp),r0
- ashl #16,r0,-308(fp)
- addl2 -308(fp),r5
- bicl2 #0,r5
- cmpl r5,-308(fp)
- bgequ noname.487
- incl r4
-noname.487:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.488
- incl r8
-noname.488:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.489
- incl r2
-noname.489:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.490
- incl r2
- bicl3 #0,r2,r0
- bneq noname.490
- incl r8
-noname.490:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.491
- incl r8
-noname.491:
-
- movl 8(ap),r0
- bicl3 #-65536,28(r0),r3
- movzwl 30(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r0),r2
- movzwl 6(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-312(fp)
- mull2 r2,r5
- mull3 r2,r4,-316(fp)
- mull2 r0,r4
- addl3 -312(fp),-316(fp),r0
- bicl3 #0,r0,-312(fp)
- cmpl -312(fp),-316(fp)
- bgequ noname.492
- addl2 #65536,r4
-noname.492:
- movzwl -310(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-312(fp),r0
- ashl #16,r0,-316(fp)
- addl2 -316(fp),r5
- bicl2 #0,r5
- cmpl r5,-316(fp)
- bgequ noname.493
- incl r4
-noname.493:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.494
- incl r8
-noname.494:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.495
- incl r2
-noname.495:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.496
- incl r2
- bicl3 #0,r2,r0
- bneq noname.496
- incl r8
-noname.496:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.497
- incl r8
-noname.497:
-
- movl 4(ap),r0
- movl r7,32(r0)
-
- clrl r7
-
- movl 8(ap),r0
- bicl3 #-65536,28(r0),r3
- movzwl 30(r0),r2
- bicl3 #-65536,8(r0),r1
- movzwl 10(r0),r0
- bicl2 #-65536,r0
- movl r3,r4
- bicl3 #-65536,r2,-328(fp)
- mull3 r0,r4,-320(fp)
- mull2 r1,r4
- mull3 r1,-328(fp),-324(fp)
- mull2 r0,-328(fp)
- addl3 -320(fp),-324(fp),r0
- bicl3 #0,r0,-320(fp)
- cmpl -320(fp),-324(fp)
- bgequ noname.498
- addl2 #65536,-328(fp)
-noname.498:
- movzwl -318(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-328(fp)
- bicl3 #-65536,-320(fp),r0
- ashl #16,r0,-324(fp)
- addl2 -324(fp),r4
- bicl2 #0,r4
- cmpl r4,-324(fp)
- bgequ noname.499
- incl -328(fp)
-noname.499:
- movl r4,r3
- movl -328(fp),r2
- bbc #31,r2,noname.500
- incl r7
-noname.500:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.501
- incl r2
-noname.501:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.502
- incl r2
- bicl3 #0,r2,r0
- bneq noname.502
- incl r7
-noname.502:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.503
- incl r7
-noname.503:
-
- movl 8(ap),r0
- movzwl 26(r0),r2
- bicl3 #-65536,12(r0),r3
- movzwl 14(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,24(r0),-340(fp)
- bicl3 #-65536,r2,-344(fp)
- mull3 r1,-340(fp),-332(fp)
- mull2 r3,-340(fp)
- mull3 r3,-344(fp),-336(fp)
- mull2 r1,-344(fp)
- addl3 -332(fp),-336(fp),r0
- bicl3 #0,r0,-332(fp)
- cmpl -332(fp),-336(fp)
- bgequ noname.504
- addl2 #65536,-344(fp)
-noname.504:
- movzwl -330(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-344(fp)
- bicl3 #-65536,-332(fp),r0
- ashl #16,r0,-336(fp)
- addl3 -336(fp),-340(fp),r0
- bicl3 #0,r0,-340(fp)
- cmpl -340(fp),-336(fp)
- bgequ noname.505
- incl -344(fp)
-noname.505:
- movl -340(fp),r3
- movl -344(fp),r2
- bbc #31,r2,noname.506
- incl r7
-noname.506:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.507
- incl r2
-noname.507:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.508
- incl r2
- bicl3 #0,r2,r0
- bneq noname.508
- incl r7
-noname.508:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.509
- incl r7
-noname.509:
-
- movl 8(ap),r0
- movzwl 22(r0),r2
- bicl3 #-65536,16(r0),r3
- movzwl 18(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r0),-356(fp)
- bicl3 #-65536,r2,-360(fp)
- mull3 r1,-356(fp),-348(fp)
- mull2 r3,-356(fp)
- mull3 r3,-360(fp),-352(fp)
- mull2 r1,-360(fp)
- addl3 -348(fp),-352(fp),r0
- bicl3 #0,r0,-348(fp)
- cmpl -348(fp),-352(fp)
- bgequ noname.510
- addl2 #65536,-360(fp)
-noname.510:
- movzwl -346(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-360(fp)
- bicl3 #-65536,-348(fp),r0
- ashl #16,r0,-352(fp)
- addl3 -352(fp),-356(fp),r0
- bicl3 #0,r0,-356(fp)
- cmpl -356(fp),-352(fp)
- bgequ noname.511
- incl -360(fp)
-noname.511:
- movl -356(fp),r3
- movl -360(fp),r2
- bbc #31,r2,noname.512
- incl r7
-noname.512:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.513
- incl r2
-noname.513:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.514
- incl r2
- bicl3 #0,r2,r0
- bneq noname.514
- incl r7
-noname.514:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.515
- incl r7
-noname.515:
-
- movl 4(ap),r0
- movl r9,36(r0)
-
- clrl r9
-
- movl 8(ap),r3
- movl 20(r3),r4
- bicl3 #-65536,r4,-364(fp)
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- movl -364(fp),r0
- mull3 r0,r4,-368(fp)
- mull3 r0,r0,-364(fp)
- mull2 r4,r4
- bicl3 #32767,-368(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-368(fp),r0
- ashl #17,r0,-368(fp)
- addl3 -364(fp),-368(fp),r0
- bicl3 #0,r0,-364(fp)
- cmpl -364(fp),-368(fp)
- bgequ noname.516
- incl r4
-noname.516:
- movl -364(fp),r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.517
- incl r2
-noname.517:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.518
- incl r9
-noname.518:
-
- bicl3 #-65536,24(r3),r4
- movzwl 26(r3),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r3),r2
- movzwl 18(r3),r0
- bicl2 #-65536,r0
- movl r4,r6
- movl r1,r5
- mull3 r0,r6,-372(fp)
- mull2 r2,r6
- mull3 r2,r5,-376(fp)
- mull2 r0,r5
- addl3 -372(fp),-376(fp),r0
- bicl3 #0,r0,-372(fp)
- cmpl -372(fp),-376(fp)
- bgequ noname.519
- addl2 #65536,r5
-noname.519:
- movzwl -370(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r5
- bicl3 #-65536,-372(fp),r0
- ashl #16,r0,-376(fp)
- addl2 -376(fp),r6
- bicl2 #0,r6
- cmpl r6,-376(fp)
- bgequ noname.520
- incl r5
-noname.520:
- movl r6,r3
- movl r5,r2
- bbc #31,r2,noname.521
- incl r9
-noname.521:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.522
- incl r2
-noname.522:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.523
- incl r2
- bicl3 #0,r2,r0
- bneq noname.523
- incl r9
-noname.523:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.524
- incl r9
-noname.524:
-
- movl 8(ap),r0
- bicl3 #-65536,28(r0),r3
- movzwl 30(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,12(r0),r2
- movzwl 14(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-380(fp)
- mull2 r2,r5
- mull3 r2,r4,-384(fp)
- mull2 r0,r4
- addl3 -380(fp),-384(fp),r0
- bicl3 #0,r0,-380(fp)
- cmpl -380(fp),-384(fp)
- bgequ noname.525
- addl2 #65536,r4
-noname.525:
- movzwl -378(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-380(fp),r0
- ashl #16,r0,-384(fp)
- addl2 -384(fp),r5
- bicl2 #0,r5
- cmpl r5,-384(fp)
- bgequ noname.526
- incl r4
-noname.526:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.527
- incl r9
-noname.527:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.528
- incl r2
-noname.528:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.529
- incl r2
- bicl3 #0,r2,r0
- bneq noname.529
- incl r9
-noname.529:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.530
- incl r9
-noname.530:
- movl 4(ap),r0
- movl r8,40(r0)
-
- clrl r8
-
- movl 8(ap),r0
- bicl3 #-65536,28(r0),r3
- movzwl 30(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,16(r0),r2
- movzwl 18(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-388(fp)
- mull2 r2,r5
- mull3 r2,r4,-392(fp)
- mull2 r0,r4
- addl3 -388(fp),-392(fp),r0
- bicl3 #0,r0,-388(fp)
- cmpl -388(fp),-392(fp)
- bgequ noname.531
- addl2 #65536,r4
-noname.531:
- movzwl -386(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-388(fp),r0
- ashl #16,r0,-392(fp)
- addl2 -392(fp),r5
- bicl2 #0,r5
- cmpl r5,-392(fp)
- bgequ noname.532
- incl r4
-noname.532:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.533
- incl r8
-noname.533:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.534
- incl r2
-noname.534:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.535
- incl r2
- bicl3 #0,r2,r0
- bneq noname.535
- incl r8
-noname.535:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.536
- incl r8
-noname.536:
-
- movl 8(ap),r0
- bicl3 #-65536,24(r0),r3
- movzwl 26(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,20(r0),r2
- movzwl 22(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-396(fp)
- mull2 r2,r5
- mull3 r2,r4,-400(fp)
- mull2 r0,r4
- addl3 -396(fp),-400(fp),r0
- bicl3 #0,r0,-396(fp)
- cmpl -396(fp),-400(fp)
- bgequ noname.537
- addl2 #65536,r4
-noname.537:
- movzwl -394(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-396(fp),r0
- ashl #16,r0,-400(fp)
- addl2 -400(fp),r5
- bicl2 #0,r5
- cmpl r5,-400(fp)
- bgequ noname.538
- incl r4
-noname.538:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.539
- incl r8
-noname.539:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.540
- incl r2
-noname.540:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r7
- bicl2 #0,r7
- cmpl r7,r3
- bgequ noname.541
- incl r2
- bicl3 #0,r2,r0
- bneq noname.541
- incl r8
-noname.541:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.542
- incl r8
-noname.542:
-
- movl 4(ap),r0
- movl r7,44(r0)
-
- clrl r7
-
- movl 8(ap),r3
- movl 24(r3),r4
- bicl3 #-65536,r4,r5
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- mull3 r5,r4,-404(fp)
- mull2 r5,r5
- mull2 r4,r4
- bicl3 #32767,-404(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-404(fp),r0
- ashl #17,r0,-404(fp)
- addl2 -404(fp),r5
- bicl2 #0,r5
- cmpl r5,-404(fp)
- bgequ noname.543
- incl r4
-noname.543:
- movl r5,r1
- movl r4,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.544
- incl r2
-noname.544:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.545
- incl r7
-noname.545:
-
- movzwl 30(r3),r2
- bicl3 #-65536,20(r3),r1
- movzwl 22(r3),r0
- bicl2 #-65536,r0
- bicl3 #-65536,28(r3),-416(fp)
- bicl3 #-65536,r2,-420(fp)
- mull3 r0,-416(fp),-408(fp)
- mull2 r1,-416(fp)
- mull3 r1,-420(fp),-412(fp)
- mull2 r0,-420(fp)
- addl3 -408(fp),-412(fp),r0
- bicl3 #0,r0,-408(fp)
- cmpl -408(fp),-412(fp)
- bgequ noname.546
- addl2 #65536,-420(fp)
-noname.546:
- movzwl -406(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-420(fp)
- bicl3 #-65536,-408(fp),r0
- ashl #16,r0,-412(fp)
- addl3 -412(fp),-416(fp),r0
- bicl3 #0,r0,-416(fp)
- cmpl -416(fp),-412(fp)
- bgequ noname.547
- incl -420(fp)
-noname.547:
- movl -416(fp),r3
- movl -420(fp),r2
- bbc #31,r2,noname.548
- incl r7
-noname.548:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.549
- incl r2
-noname.549:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.550
- incl r2
- bicl3 #0,r2,r0
- bneq noname.550
- incl r7
-noname.550:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.551
- incl r7
-noname.551:
-
- movl 4(ap),r0
- movl r9,48(r0)
-
- clrl r9
-
- movl 8(ap),r0
- movzwl 30(r0),r2
- bicl3 #-65536,24(r0),r3
- movzwl 26(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,28(r0),-432(fp)
- bicl3 #-65536,r2,-436(fp)
- mull3 r1,-432(fp),-424(fp)
- mull2 r3,-432(fp)
- mull3 r3,-436(fp),-428(fp)
- mull2 r1,-436(fp)
- addl3 -424(fp),-428(fp),r0
- bicl3 #0,r0,-424(fp)
- cmpl -424(fp),-428(fp)
- bgequ noname.552
- addl2 #65536,-436(fp)
-noname.552:
- movzwl -422(fp),r0
- bicl2 #-65536,r0
- addl2 r0,-436(fp)
- bicl3 #-65536,-424(fp),r0
- ashl #16,r0,-428(fp)
- addl3 -428(fp),-432(fp),r0
- bicl3 #0,r0,-432(fp)
- cmpl -432(fp),-428(fp)
- bgequ noname.553
- incl -436(fp)
-noname.553:
- movl -432(fp),r3
- movl -436(fp),r2
- bbc #31,r2,noname.554
- incl r9
-noname.554:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.555
- incl r2
-noname.555:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.556
- incl r2
- bicl3 #0,r2,r0
- bneq noname.556
- incl r9
-noname.556:
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.557
- incl r9
-noname.557:
-
- movl 4(ap),r4
- movl r8,52(r4)
-
- clrl r8
-
- movl 8(ap),r0
- movl 28(r0),r3
- bicl3 #-65536,r3,-440(fp)
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- movl -440(fp),r0
- mull3 r0,r3,-444(fp)
- mull3 r0,r0,-440(fp)
- mull2 r3,r3
- bicl3 #32767,-444(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl3 #-65536,-444(fp),r0
- ashl #17,r0,-444(fp)
- addl3 -440(fp),-444(fp),r0
- bicl3 #0,r0,-440(fp)
- cmpl -440(fp),-444(fp)
- bgequ noname.558
- incl r3
-noname.558:
- movl -440(fp),r1
- movl r3,r2
- addl2 r1,r7
- bicl2 #0,r7
- cmpl r7,r1
- bgequ noname.559
- incl r2
-noname.559:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.560
- incl r8
-noname.560:
-
- movl r7,56(r4)
-
- movl r9,60(r4)
-
- ret
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP) n by value (input)
-
- .psect code,nowrt
-
-.entry BN_SQR_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
- subl2 #44,sp
-
- clrq r8
-
- clrl r10
-
- movl 8(ap),r5
- movl (r5),r3
- bicl3 #-65536,r3,r4
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- mull3 r4,r3,-4(fp)
- mull2 r4,r4
- mull2 r3,r3
- bicl3 #32767,-4(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl3 #-65536,-4(fp),r0
- ashl #17,r0,-4(fp)
- addl2 -4(fp),r4
- bicl2 #0,r4
- cmpl r4,-4(fp)
- bgequ noname.563
- incl r3
-noname.563:
- movl r4,r1
- movl r3,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.564
- incl r2
-noname.564:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.565
- incl r10
-noname.565:
-
- movl r9,@4(ap)
-
- clrl r9
-
- bicl3 #-65536,4(r5),r3
- movzwl 6(r5),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r5),r2
- movzwl 2(r5),r0
- bicl2 #-65536,r0
- movl r3,r6
- movl r1,r4
- mull3 r0,r6,-8(fp)
- mull2 r2,r6
- mull2 r4,r2
- mull2 r0,r4
- addl3 -8(fp),r2,r0
- bicl3 #0,r0,-8(fp)
- cmpl -8(fp),r2
- bgequ noname.566
- addl2 #65536,r4
-noname.566:
- movzwl -6(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-8(fp),r0
- ashl #16,r0,r1
- addl2 r1,r6
- bicl2 #0,r6
- cmpl r6,r1
- bgequ noname.567
- incl r4
-noname.567:
- movl r6,r3
- movl r4,r2
- bbc #31,r2,noname.568
- incl r9
-noname.568:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.569
- incl r2
-noname.569:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.570
- incl r2
- bicl3 #0,r2,r0
- bneq noname.570
- incl r9
-noname.570:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.571
- incl r9
-noname.571:
-
- movl 4(ap),r0
- movl r8,4(r0)
-
- clrl r8
-
- movl 8(ap),r4
- movl 4(r4),r3
- bicl3 #-65536,r3,r5
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- mull3 r5,r3,r1
- mull2 r5,r5
- mull2 r3,r3
- bicl3 #32767,r1,r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl2 #-65536,r1
- ashl #17,r1,r1
- addl2 r1,r5
- bicl2 #0,r5
- cmpl r5,r1
- bgequ noname.572
- incl r3
-noname.572:
- movl r5,r1
- movl r3,r2
- addl2 r1,r10
- bicl2 #0,r10
- cmpl r10,r1
- bgequ noname.573
- incl r2
-noname.573:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.574
- incl r8
-noname.574:
-
- bicl3 #-65536,8(r4),r3
- movzwl 10(r4),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r4),r2
- movzwl 2(r4),r0
- bicl2 #-65536,r0
- movl r3,r6
- movl r1,r5
- mull3 r0,r6,r7
- mull2 r2,r6
- mull2 r5,r2
- mull2 r0,r5
- addl2 r2,r7
- bicl2 #0,r7
- cmpl r7,r2
- bgequ noname.575
- addl2 #65536,r5
-noname.575:
- extzv #16,#16,r7,r0
- bicl2 #-65536,r0
- addl2 r0,r5
- bicl3 #-65536,r7,r0
- ashl #16,r0,r1
- addl2 r1,r6
- bicl2 #0,r6
- cmpl r6,r1
- bgequ noname.576
- incl r5
-noname.576:
- movl r6,r3
- movl r5,r2
- bbc #31,r2,noname.577
- incl r8
-noname.577:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.578
- incl r2
-noname.578:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r10
- bicl2 #0,r10
- cmpl r10,r3
- bgequ noname.579
- incl r2
- bicl3 #0,r2,r0
- bneq noname.579
- incl r8
-noname.579:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.580
- incl r8
-noname.580:
-
- movl 4(ap),r0
- movl r10,8(r0)
-
- clrl r10
-
- movl 8(ap),r0
- bicl3 #-65536,12(r0),r3
- movzwl 14(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,(r0),r2
- movzwl 2(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,r6
- mull2 r2,r5
- mull3 r2,r4,-12(fp)
- mull2 r0,r4
- addl2 -12(fp),r6
- bicl2 #0,r6
- cmpl r6,-12(fp)
- bgequ noname.581
- addl2 #65536,r4
-noname.581:
- extzv #16,#16,r6,r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,r6,r0
- ashl #16,r0,-12(fp)
- addl2 -12(fp),r5
- bicl2 #0,r5
- cmpl r5,-12(fp)
- bgequ noname.582
- incl r4
-noname.582:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.583
- incl r10
-noname.583:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.584
- incl r2
-noname.584:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.585
- incl r2
- bicl3 #0,r2,r0
- bneq noname.585
- incl r10
-noname.585:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.586
- incl r10
-noname.586:
-
- movl 8(ap),r0
- bicl3 #-65536,8(r0),r3
- movzwl 10(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r0),r2
- movzwl 6(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-16(fp)
- mull2 r2,r5
- mull3 r2,r4,-20(fp)
- mull2 r0,r4
- addl3 -16(fp),-20(fp),r0
- bicl3 #0,r0,-16(fp)
- cmpl -16(fp),-20(fp)
- bgequ noname.587
- addl2 #65536,r4
-noname.587:
- movzwl -14(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-16(fp),r0
- ashl #16,r0,-20(fp)
- addl2 -20(fp),r5
- bicl2 #0,r5
- cmpl r5,-20(fp)
- bgequ noname.588
- incl r4
-noname.588:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.589
- incl r10
-noname.589:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.590
- incl r2
-noname.590:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r9
- bicl2 #0,r9
- cmpl r9,r3
- bgequ noname.591
- incl r2
- bicl3 #0,r2,r0
- bneq noname.591
- incl r10
-noname.591:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.592
- incl r10
-noname.592:
- movl 4(ap),r0
- movl r9,12(r0)
-
- clrl r9
-
- movl 8(ap),r3
- movl 8(r3),r4
- bicl3 #-65536,r4,r5
- extzv #16,#16,r4,r0
- bicl3 #-65536,r0,r4
- mull3 r5,r4,-24(fp)
- mull2 r5,r5
- mull2 r4,r4
- bicl3 #32767,-24(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r4
- bicl3 #-65536,-24(fp),r0
- ashl #17,r0,-24(fp)
- addl2 -24(fp),r5
- bicl2 #0,r5
- cmpl r5,-24(fp)
- bgequ noname.593
- incl r4
-noname.593:
- movl r5,r1
- movl r4,r2
- addl2 r1,r8
- bicl2 #0,r8
- cmpl r8,r1
- bgequ noname.594
- incl r2
-noname.594:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.595
- incl r9
-noname.595:
-
- bicl3 #-65536,12(r3),r4
- movzwl 14(r3),r1
- bicl2 #-65536,r1
- bicl3 #-65536,4(r3),r2
- movzwl 6(r3),r0
- bicl2 #-65536,r0
- movl r4,r6
- movl r1,r5
- mull3 r0,r6,-28(fp)
- mull2 r2,r6
- mull3 r2,r5,-32(fp)
- mull2 r0,r5
- addl3 -28(fp),-32(fp),r0
- bicl3 #0,r0,-28(fp)
- cmpl -28(fp),-32(fp)
- bgequ noname.596
- addl2 #65536,r5
-noname.596:
- movzwl -26(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r5
- bicl3 #-65536,-28(fp),r0
- ashl #16,r0,-32(fp)
- addl2 -32(fp),r6
- bicl2 #0,r6
- cmpl r6,-32(fp)
- bgequ noname.597
- incl r5
-noname.597:
- movl r6,r3
- movl r5,r2
- bbc #31,r2,noname.598
- incl r9
-noname.598:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.599
- incl r2
-noname.599:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r8
- bicl2 #0,r8
- cmpl r8,r3
- bgequ noname.600
- incl r2
- bicl3 #0,r2,r0
- bneq noname.600
- incl r9
-noname.600:
- addl2 r2,r10
- bicl2 #0,r10
- cmpl r10,r2
- bgequ noname.601
- incl r9
-noname.601:
-
- movl 4(ap),r0
- movl r8,16(r0)
-
- clrl r8
-
- movl 8(ap),r0
- bicl3 #-65536,12(r0),r3
- movzwl 14(r0),r1
- bicl2 #-65536,r1
- bicl3 #-65536,8(r0),r2
- movzwl 10(r0),r0
- bicl2 #-65536,r0
- movl r3,r5
- movl r1,r4
- mull3 r0,r5,-36(fp)
- mull2 r2,r5
- mull3 r2,r4,-40(fp)
- mull2 r0,r4
- addl3 -36(fp),-40(fp),r0
- bicl3 #0,r0,-36(fp)
- cmpl -36(fp),-40(fp)
- bgequ noname.602
- addl2 #65536,r4
-noname.602:
- movzwl -34(fp),r0
- bicl2 #-65536,r0
- addl2 r0,r4
- bicl3 #-65536,-36(fp),r0
- ashl #16,r0,-40(fp)
- addl2 -40(fp),r5
- bicl2 #0,r5
- cmpl r5,-40(fp)
- bgequ noname.603
- incl r4
-noname.603:
- movl r5,r3
- movl r4,r2
- bbc #31,r2,noname.604
- incl r8
-noname.604:
- addl2 r2,r2
- bicl2 #0,r2
- bbc #31,r3,noname.605
- incl r2
-noname.605:
- addl2 r3,r3
- bicl2 #0,r3
- addl2 r3,r10
- bicl2 #0,r10
- cmpl r10,r3
- bgequ noname.606
- incl r2
- bicl3 #0,r2,r0
- bneq noname.606
- incl r8
-noname.606:
- addl2 r2,r9
- bicl2 #0,r9
- cmpl r9,r2
- bgequ noname.607
- incl r8
-noname.607:
-
- movl 4(ap),r4
- movl r10,20(r4)
-
- clrl r10
-
- movl 8(ap),r0
- movl 12(r0),r3
- bicl3 #-65536,r3,r5
- extzv #16,#16,r3,r0
- bicl3 #-65536,r0,r3
- mull3 r5,r3,-44(fp)
- mull2 r5,r5
- mull2 r3,r3
- bicl3 #32767,-44(fp),r0
- extzv #15,#17,r0,r0
- addl2 r0,r3
- bicl3 #-65536,-44(fp),r0
- ashl #17,r0,-44(fp)
- addl2 -44(fp),r5
- bicl2 #0,r5
- cmpl r5,-44(fp)
- bgequ noname.608
- incl r3
-noname.608:
- movl r5,r1
- movl r3,r2
- addl2 r1,r9
- bicl2 #0,r9
- cmpl r9,r1
- bgequ noname.609
- incl r2
-noname.609:
- addl2 r2,r8
- bicl2 #0,r8
- cmpl r8,r2
- bgequ noname.610
- incl r10
-noname.610:
-
- movl r9,24(r4)
-
- movl r8,28(r4)
-
- ret
-
-; For now, the code below doesn't work, so I end this prematurely.
-.end
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/x86-gf2m.pl
index b579530272..f464368733 100644
--- a/deps/openssl/openssl/crypto/bn/asm/x86-gf2m.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86-gf2m.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -36,6 +43,9 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
+$output = pop;
+open STDOUT,">$output";
+
&asm_init($ARGV[0],$0,$x86only = $ARGV[$#ARGV] eq "386");
$sse2=0;
@@ -311,3 +321,5 @@ if ($sse2) {
&asciz ("GF(2^m) Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
+
+close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
index 1c4003efc2..a8b402d59b 100755
--- a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -30,6 +37,9 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
+$output = pop;
+open STDOUT,">$output";
+
&asm_init($ARGV[0],$0);
$sse2=0;
@@ -84,7 +94,9 @@ $frame=32; # size of above frame rounded up to 16n
&and ("ebp",-64); # align to cache line
- # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # An OS-agnostic version of __chkstk.
+ #
+ # Some OSes (Windows) insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
@@ -289,7 +301,7 @@ if (0) {
&xor ("eax","eax"); # signal "not fast enough [yet]"
&jmp (&label("just_leave"));
# While the below code provides competitive performance for
- # all key lengthes on modern Intel cores, it's still more
+ # all key lengths on modern Intel cores, it's still more
# than 10% slower for 4096-bit key elsewhere:-( "Competitive"
# means compared to the original integer-only assembler.
# 512-bit RSA sign is better by ~40%, but that's about all
@@ -613,3 +625,5 @@ $sbit=$num;
&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
+
+close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86.pl b/deps/openssl/openssl/crypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb27..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/add.pl b/deps/openssl/openssl/crypto/bn/asm/x86/add.pl
deleted file mode 100644
index 0b5cf583e3..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/comba.pl b/deps/openssl/openssl/crypto/bn/asm/x86/comba.pl
deleted file mode 100644
index 2291253629..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub mul_add_c
- {
- local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("mul a[$ai]*b[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- &mul("edx");
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
- &mov("eax",&wparam(0)) if $pos > 0; # load r[]
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
- }
-
-sub sqr_add_c
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- }
-
-sub sqr_add_c2
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$a,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add("eax","eax");
- ###
- &adc("edx","edx");
- ###
- &adc($c2,0);
- &add($c0,"eax");
- &adc($c1,"edx");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- &adc($c2,0);
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
- ###
- }
-
-sub bn_mul_comba
- {
- local($name,$num)=@_;
- local($a,$b,$c0,$c1,$c2);
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($tot,$end);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $b="edi";
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- &push("esi");
- &mov($a,&wparam(1));
- &push("edi");
- &mov($b,&wparam(2));
- &push("ebp");
- &push("ebx");
-
- &xor($c0,$c0);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
- &xor($c1,$c1);
- &mov("edx",&DWP(0,$b,"",0)); # load the first second
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("################## Calculate word $i");
-
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($j+1) == $end)
- {
- $v=1;
- $v=2 if (($i+1) == $tot);
- }
- else
- { $v=0; }
- if (($j+1) != $end)
- {
- $na=($ai-1);
- $nb=($bi+1);
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
- &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
- if ($v)
- {
- &comment("saved r[$i]");
- # &mov("eax",&wparam(0));
- # &mov(&DWP($i*4,"eax","",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &comment("save r[$i]");
- # &mov("eax",&wparam(0));
- &mov(&DWP($i*4,"eax","",0),$c0);
-
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
-sub bn_sqr_comba
- {
- local($name,$num)=@_;
- local($r,$a,$c0,$c1,$c2)=@_;
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($b,$tot,$end,$half);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $r="edi";
-
- &push("esi");
- &push("edi");
- &push("ebp");
- &push("ebx");
- &mov($r,&wparam(0));
- &mov($a,&wparam(1));
- &xor($c0,$c0);
- &xor($c1,$c1);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("############### Calculate word $i");
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($ai-1) < ($bi+1))
- {
- $v=1;
- $v=2 if ($i+1) == $tot;
- }
- else
- { $v=0; }
- if (!$v)
- {
- $na=$ai-1;
- $nb=$bi+1;
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
- if ($ai == $bi)
- {
- &sqr_add_c($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- else
- {
- &sqr_add_c2($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- if ($v)
- {
- &comment("saved r[$i]");
- #&mov(&DWP($i*4,$r,"",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- last;
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &mov(&DWP($i*4,$r,"",0),$c0);
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/div.pl b/deps/openssl/openssl/crypto/bn/asm/x86/div.pl
deleted file mode 100644
index 0e90152caa..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_div_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
- &mov("edx",&wparam(0)); #
- &mov("eax",&wparam(1)); #
- &mov("ebx",&wparam(2)); #
- &div("ebx");
- &function_end($name);
- }
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/f b/deps/openssl/openssl/crypto/bn/asm/x86/f
deleted file mode 100644
index 22e4112224..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/f
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/mul.pl b/deps/openssl/openssl/crypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 674cb9b055..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ecx";
- $r="edi";
- $c="esi";
- $num="ebp";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
- &mov($w,&wparam(3)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("mw_finish"));
-
- &set_label("mw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
-
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
-
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &add($a,32);
- &add($r,32);
- &sub($num,8);
- &jz(&label("mw_finish"));
- &jmp(&label("mw_loop"));
-
- &set_label("mw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jnz(&label("mw_finish2"));
- &jmp(&label("mw_end"));
-
- &set_label("mw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &dec($num) if ($i != 7-1);
- &jz(&label("mw_end")) if ($i != 7-1);
- }
- &set_label("mw_end",0);
- &mov("eax",$c);
-
- &function_end($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/mul_add.pl b/deps/openssl/openssl/crypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 61830d3a90..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ebp";
- $r="edi";
- $c="esi";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
-
- &mov("ecx",&wparam(2)); #
- &mov($a,&wparam(1)); #
-
- &and("ecx",0xfffffff8); # num / 8
- &mov($w,&wparam(3)); #
-
- &push("ecx"); # Up the stack for a tmp variable
-
- &jz(&label("maw_finish"));
-
- &set_label("maw_loop",0);
-
- &mov(&swtmp(0),"ecx"); #
-
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+= *r
- &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c); # L(t)+=c
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &mov("ecx",&swtmp(0)); #
- &add($a,32);
- &add($r,32);
- &sub("ecx",8);
- &jnz(&label("maw_loop"));
-
- &set_label("maw_finish",0);
- &mov("ecx",&wparam(2)); # get num
- &and("ecx",7);
- &jnz(&label("maw_finish2")); # helps branch prediction
- &jmp(&label("maw_end"));
-
- &set_label("maw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c);
- &adc("edx",0); # H(t)+=carry
- &dec("ecx") if ($i != 7-1);
- &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &jz(&label("maw_end")) if ($i != 7-1);
- }
- &set_label("maw_end",0);
- &mov("eax",$c);
-
- &pop("ecx"); # clear variable from
-
- &function_end($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/sqr.pl b/deps/openssl/openssl/crypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 1f90993cf6..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sqr_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $r="esi";
- $a="edi";
- $num="ebx";
-
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("sw_finish"));
-
- &set_label("sw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
- &mov("eax",&DWP($i,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*2,$r,"",0),"eax"); #
- &mov(&DWP($i*2+4,$r,"",0),"edx");#
- }
-
- &comment("");
- &add($a,32);
- &add($r,64);
- &sub($num,8);
- &jnz(&label("sw_loop"));
-
- &set_label("sw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jz(&label("sw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*8,$r,"",0),"eax"); #
- &dec($num) if ($i != 7-1);
- &mov(&DWP($i*8+4,$r,"",0),"edx");
- &jz(&label("sw_end")) if ($i != 7-1);
- }
- &set_label("sw_end",0);
-
- &function_end($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86/sub.pl b/deps/openssl/openssl/crypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 837b0e1b07..0000000000
--- a/deps/openssl/openssl/crypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sub_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
-1;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-gcc.c b/deps/openssl/openssl/crypto/bn/asm/x86_64-gcc.c
index 1729b479d4..0ff3805a61 100644
--- a/deps/openssl/openssl/crypto/bn/asm/x86_64-gcc.c
+++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-gcc.c
@@ -1,3 +1,12 @@
+/*
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
#include "../bn_lcl.h"
#if !(defined(__GNUC__) && __GNUC__>=2)
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
@@ -216,9 +225,10 @@ BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
" adcq (%5,%2,8),%0 \n"
" movq %0,(%3,%2,8) \n"
" lea 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&r" (ret), "+c"(n),
- "+r"(i)
+ " dec %1 \n"
+ " jnz 1b \n"
+ " sbbq %0,%0 \n"
+ :"=&r" (ret), "+c"(n), "+r"(i)
:"r"(rp), "r"(ap), "r"(bp)
:"cc", "memory");
@@ -242,9 +252,10 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
" sbbq (%5,%2,8),%0 \n"
" movq %0,(%3,%2,8) \n"
" lea 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&r" (ret), "+c"(n),
- "+r"(i)
+ " dec %1 \n"
+ " jnz 1b \n"
+ " sbbq %0,%0 \n"
+ :"=&r" (ret), "+c"(n), "+r"(i)
:"r"(rp), "r"(ap), "r"(bp)
:"cc", "memory");
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl
index 42bbec2fb7..d962f62033 100644
--- a/deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -31,7 +38,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open OUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
($lo,$hi)=("%rax","%rdx"); $a=$lo;
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
index 80492d8e63..df4cca5bfe 100755
--- a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -50,7 +57,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open OUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
@@ -129,7 +136,9 @@ $code.=<<___;
neg $num # restore $num
and \$-1024,%r10 # minimize TLB usage
- # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # An OS-agnostic version of __chkstk.
+ #
+ # Some OSes (Windows) insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl
index 42178e455a..5779059ea2 100755
--- a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl
@@ -1,4 +1,11 @@
-#!/usr/bin/env perl
+#! /usr/bin/env perl
+# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@@ -35,7 +42,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open OUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
@@ -113,7 +120,9 @@ $code.=<<___;
neg $num # restore $num
and \$-1024,%r10 # minimize TLB usage
- # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # An OS-agnostic version of __chkstk.
+ #
+ # Some OSes (Windows) insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
diff --git a/deps/openssl/openssl/crypto/bn/bn.h b/deps/openssl/openssl/crypto/bn/bn.h
deleted file mode 100644
index 633d1b1f60..0000000000
--- a/deps/openssl/openssl/crypto/bn/bn.h
+++ /dev/null
@@ -1,951 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <limits.h>
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-# include <stdio.h> /* FILE */
-# endif
-# include <openssl/ossl_typ.h>
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * These preprocessor symbols control various aspects of the bignum headers
- * and library code. They're not defined by any "normal" configuration, as
- * they are intended for development and testing purposes. NB: defining all
- * three can be useful for debugging application code as well as openssl
- * itself. BN_DEBUG - turn on various debugging alterations to the bignum
- * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-# define BN_MUL_COMBA
-# define BN_SQR_COMBA
-# define BN_RECURSION
-# endif
-
-/*
- * This next option uses the C libraries (2 word)/(1 word) function. If it is
- * not defined, I use my C version (which is slower). The reason for this
- * flag is that when the particular C compiler library routine is used, and
- * the library is linked with a different compiler, the library is missing.
- * This mostly happens when the library is built with gcc and then linked
- * using normal cc. This would be a common occurrence because gcc normally
- * produces code that is 2 times faster than system compilers for the big
- * number stuff. For machines with only one compiler (or shared libraries),
- * this should be on. Again this in only really a problem on machines using
- * "long long's", are 32bit, and are not using my assembler code.
- */
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
- defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-# define BN_DIV2W
-# endif
-# endif
-
-/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
-# ifdef SIXTY_FOUR_BIT_LONG
-# define BN_ULLONG unsigned long long
-# define BN_ULONG unsigned long
-# define BN_LONG long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
-# define BN_MASK2 (0xffffffffffffffffL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000L)
-# define BN_MASK2h1 (0xffffffff80000000L)
-# define BN_TBIT (0x8000000000000000L)
-# define BN_DEC_CONV (10000000000000000000UL)
-# define BN_DEC_FMT1 "%lu"
-# define BN_DEC_FMT2 "%019lu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%lX"
-# define BN_HEX_FMT2 "%016lX"
-# endif
-
-/*
- * This is where the long long data type is 64 bits, but long is 32. For
- * machines where there are 64bit registers, this is the mode to use. IRIX,
- * on R4000 and above should use this mode, along with the relevant assembler
- * code :-). Do NOT define BN_LLONG.
- */
-# ifdef SIXTY_FOUR_BIT
-# undef BN_LLONG
-# undef BN_ULLONG
-# define BN_ULONG unsigned long long
-# define BN_LONG long long
-# define BN_BITS 128
-# define BN_BYTES 8
-# define BN_BITS2 64
-# define BN_BITS4 32
-# define BN_MASK2 (0xffffffffffffffffLL)
-# define BN_MASK2l (0xffffffffL)
-# define BN_MASK2h (0xffffffff00000000LL)
-# define BN_MASK2h1 (0xffffffff80000000LL)
-# define BN_TBIT (0x8000000000000000LL)
-# define BN_DEC_CONV (10000000000000000000ULL)
-# define BN_DEC_FMT1 "%llu"
-# define BN_DEC_FMT2 "%019llu"
-# define BN_DEC_NUM 19
-# define BN_HEX_FMT1 "%llX"
-# define BN_HEX_FMT2 "%016llX"
-# endif
-
-# ifdef THIRTY_TWO_BIT
-# ifdef BN_LLONG
-# if defined(_WIN32) && !defined(__GNUC__)
-# define BN_ULLONG unsigned __int64
-# define BN_MASK (0xffffffffffffffffI64)
-# else
-# define BN_ULLONG unsigned long long
-# define BN_MASK (0xffffffffffffffffLL)
-# endif
-# endif
-# define BN_ULONG unsigned int
-# define BN_LONG int
-# define BN_BITS 64
-# define BN_BYTES 4
-# define BN_BITS2 32
-# define BN_BITS4 16
-# define BN_MASK2 (0xffffffffL)
-# define BN_MASK2l (0xffff)
-# define BN_MASK2h1 (0xffff8000L)
-# define BN_MASK2h (0xffff0000L)
-# define BN_TBIT (0x80000000L)
-# define BN_DEC_CONV (1000000000L)
-# define BN_DEC_FMT1 "%u"
-# define BN_DEC_FMT2 "%09u"
-# define BN_DEC_NUM 9
-# define BN_HEX_FMT1 "%X"
-# define BN_HEX_FMT2 "%08X"
-# endif
-
-# define BN_DEFAULT_BITS 1280
-
-# define BN_FLG_MALLOCED 0x01
-# define BN_FLG_STATIC_DATA 0x02
-
-/*
- * avoid leaking exponent information through timing,
- * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
- * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
- */
-# define BN_FLG_CONSTTIME 0x04
-
-# ifdef OPENSSL_NO_DEPRECATED
-/* deprecated name for the flag */
-# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
-/*
- * avoid leaking exponent information through timings
- * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
- */
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-# define BN_FLG_FREE 0x8000
- /* used for debuging */
-# endif
-# define BN_set_flags(b,n) ((b)->flags|=(n))
-# define BN_get_flags(b,n) ((b)->flags&(n))
-
-/*
- * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
- * two BIGNUMs cannot not be used in parallel!)
- */
-# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
- (dest)->top=(b)->top, \
- (dest)->dmax=(b)->dmax, \
- (dest)->neg=(b)->neg, \
- (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
- | ((b)->flags & ~BN_FLG_MALLOCED) \
- | BN_FLG_STATIC_DATA \
- | (n)))
-
-/* Already declared in ossl_typ.h */
-# if 0
-typedef struct bignum_st BIGNUM;
-/* Used for temp variables (declaration hidden in bn_lcl.h) */
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-# endif
-
-struct bignum_st {
- BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
- * chunks. */
- int top; /* Index of last used d +1. */
- /* The next are internal book keeping for bn_expand. */
- int dmax; /* Size of the d array. */
- int neg; /* one if the number is negative */
- int flags;
-};
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st {
- int ri; /* number of bits in R */
- BIGNUM RR; /* used to convert to montgomery form */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
- * stored for bignum algorithm) */
- BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
- * changed with 0.9.9, was "BN_ULONG n0;"
- * before) */
- int flags;
-};
-
-/*
- * Used for reciprocal division/mod functions It cannot be shared between
- * threads
- */
-struct bn_recp_ctx_st {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
-};
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st {
- unsigned int ver; /* To handle binary (in)compatibility */
- void *arg; /* callback-specific data */
- union {
- /* if(ver==1) - handles old style callbacks */
- void (*cb_1) (int, int, void *);
- /* if(ver==2) - new callback style */
- int (*cb_2) (int, int, BN_GENCB *);
- } cb;
-};
-/* Wrapper function to make using BN_GENCB easier, */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 1; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-# define BN_GENCB_set(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 2; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_2 = (callback); }
-
-# define BN_prime_checks 0 /* default: select number of iterations based
- * on the size of the number */
-
-/*
- * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
- * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
- * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error
- * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
- * 177-194)
- */
-# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
- (b) >= 850 ? 3 : \
- (b) >= 650 ? 4 : \
- (b) >= 550 ? 5 : \
- (b) >= 450 ? 6 : \
- (b) >= 400 ? 7 : \
- (b) >= 350 ? 8 : \
- (b) >= 300 ? 9 : \
- (b) >= 250 ? 12 : \
- (b) >= 200 ? 15 : \
- (b) >= 150 ? 18 : \
- /* b >= 100 */ 27)
-
-# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
- (((w) == 0) && ((a)->top == 0)))
-# define BN_is_zero(a) ((a)->top == 0)
-# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
-# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
-
-# define BN_one(a) (BN_set_word((a),1))
-# define BN_zero_ex(a) \
- do { \
- BIGNUM *_tmp_bn = (a); \
- _tmp_bn->top = 0; \
- _tmp_bn->neg = 0; \
- } while(0)
-# ifdef OPENSSL_NO_DEPRECATED
-# define BN_zero(a) BN_zero_ex(a)
-# else
-# define BN_zero(a) (BN_set_word((a),0))
-# endif
-
-const BIGNUM *BN_value_one(void);
-char *BN_options(void);
-BN_CTX *BN_CTX_new(void);
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *c);
-# endif
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
-void BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param b pointer to the BIGNUM object
- * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
- */
-void BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param a pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-# define BN_is_negative(a) ((a)->neg != 0)
-
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx);
-# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
- BN_CTX *ctx);
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
- const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-int BN_mask_bits(BIGNUM *a, int n);
-# ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-# endif
-# ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-# else
-int BN_print(void *fp, const BIGNUM *a);
-# endif
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char *BN_bn2hex(const BIGNUM *a);
-char *BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_asc2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
- * -2 for
- * error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-
-void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-
-/* Deprecated versions */
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
- const BIGNUM *add, const BIGNUM *rem,
- void (*callback) (int, int, void *), void *cb_arg);
-int BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg);
-int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *), BN_CTX *ctx,
- void *cb_arg, int do_trial_division);
-# endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
-int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
- const BIGNUM *rem, BN_GENCB *cb);
-int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
- int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
- const BIGNUM *Xp, const BIGNUM *Xp1,
- const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
- BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
- BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
- BN_CTX *ctx, BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void);
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
- (r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
- const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-# define BN_BLINDING_NO_UPDATE 0x00000001
-# define BN_BLINDING_NO_RECREATE 0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
- BN_CTX *);
-# ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-# endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
- const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
- int (*bn_mod_exp) (BIGNUM *r,
- const BIGNUM *a,
- const BIGNUM *p,
- const BIGNUM *m,
- BN_CTX *ctx,
- BN_MONT_CTX *m_ctx),
- BN_MONT_CTX *m_ctx);
-
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul, int high, int low, int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-# endif
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-
-/*
- * Functions for arithmetic over binary polynomials represented by BIGNUMs.
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored. Note that input arguments are not const so that their bit arrays
- * can be expanded to the appropriate size if needed.
- */
-
-/*
- * r = a + b
- */
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-/*
- * r=a mod p
- */
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx);
-# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/*-
- * Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p. The irreducible f(t) is then of the form:
- * t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-/* r = a mod p */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
- BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
- BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const int p[], BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const int p[], BN_CTX *ctx);
-int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-# endif
-
-/*
- * faster mod functions for the 'NIST primes' 0 <= a < p^2
- */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-# define bn_expand(a,bits) \
- ( \
- bits > (INT_MAX - BN_BITS2 + 1) ? \
- NULL \
- : \
- (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
- (a) \
- : \
- bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
- )
-
-# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-# endif
-
-/*-
- * Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- * bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- * consistent. (ed: only if BN_DEBUG_RAND is defined)
- * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-# ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-# include <assert.h>
-
-# ifdef BN_DEBUG_RAND
-/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-# ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf, int num);
-# define BN_DEBUG_TRIX
-# endif
-# define bn_pollute(a) \
- do { \
- const BIGNUM *_bnum1 = (a); \
- if(_bnum1->top < _bnum1->dmax) { \
- unsigned char _tmp_char; \
- /* We cast away const without the compiler knowing, any \
- * *genuinely* constant variables that aren't mutable \
- * wouldn't be constructed with top!=dmax. */ \
- BN_ULONG *_not_const; \
- memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
- /* Debug only - safe to ignore error return */ \
- RAND_pseudo_bytes(&_tmp_char, 1); \
- memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
- (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
- } \
- } while(0)
-# ifdef BN_DEBUG_TRIX
-# undef RAND_pseudo_bytes
-# endif
-# else
-# define bn_pollute(a)
-# endif
-# define bn_check_top(a) \
- do { \
- const BIGNUM *_bnum2 = (a); \
- if (_bnum2 != NULL) { \
- assert((_bnum2->top == 0) || \
- (_bnum2->d[_bnum2->top - 1] != 0)); \
- bn_pollute(_bnum2); \
- } \
- } while(0)
-
-# define bn_fix_top(a) bn_check_top(a)
-
-# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-# define bn_wcheck_size(bn, words) \
- do { \
- const BIGNUM *_bnum2 = (bn); \
- assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
- /* avoid unused variable warning with NDEBUG */ \
- (void)(_bnum2); \
- } while(0)
-
-# else /* !BN_DEBUG */
-
-# define bn_pollute(a)
-# define bn_check_top(a)
-# define bn_fix_top(a) bn_correct_top(a)
-# define bn_check_size(bn, bits)
-# define bn_wcheck_size(bn, words)
-
-# endif
-
-# define bn_correct_top(a) \
- { \
- BN_ULONG *ftl; \
- int tmp_top = (a)->top; \
- if (tmp_top > 0) \
- { \
- for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
- if (*(ftl--)) break; \
- (a)->top = tmp_top; \
- } \
- if ((a)->top == 0) \
- (a)->neg = 0; \
- bn_pollute(a); \
- }
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
- BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- int num);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-# define BN_F_BNRAND 127
-# define BN_F_BN_BLINDING_CONVERT_EX 100
-# define BN_F_BN_BLINDING_CREATE_PARAM 128
-# define BN_F_BN_BLINDING_INVERT_EX 101
-# define BN_F_BN_BLINDING_NEW 102
-# define BN_F_BN_BLINDING_UPDATE 103
-# define BN_F_BN_BN2DEC 104
-# define BN_F_BN_BN2HEX 105
-# define BN_F_BN_CTX_GET 116
-# define BN_F_BN_CTX_NEW 106
-# define BN_F_BN_CTX_START 129
-# define BN_F_BN_DIV 107
-# define BN_F_BN_DIV_NO_BRANCH 138
-# define BN_F_BN_DIV_RECP 130
-# define BN_F_BN_EXP 123
-# define BN_F_BN_EXPAND2 108
-# define BN_F_BN_EXPAND_INTERNAL 120
-# define BN_F_BN_GF2M_MOD 131
-# define BN_F_BN_GF2M_MOD_EXP 132
-# define BN_F_BN_GF2M_MOD_MUL 133
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
-# define BN_F_BN_GF2M_MOD_SQR 136
-# define BN_F_BN_GF2M_MOD_SQRT 137
-# define BN_F_BN_LSHIFT 145
-# define BN_F_BN_MOD_EXP2_MONT 118
-# define BN_F_BN_MOD_EXP_MONT 109
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
-# define BN_F_BN_MOD_EXP_MONT_WORD 117
-# define BN_F_BN_MOD_EXP_RECP 125
-# define BN_F_BN_MOD_EXP_SIMPLE 126
-# define BN_F_BN_MOD_INVERSE 110
-# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
-# define BN_F_BN_MOD_LSHIFT_QUICK 119
-# define BN_F_BN_MOD_MUL_RECIPROCAL 111
-# define BN_F_BN_MOD_SQRT 121
-# define BN_F_BN_MPI2BN 112
-# define BN_F_BN_NEW 113
-# define BN_F_BN_RAND 114
-# define BN_F_BN_RAND_RANGE 122
-# define BN_F_BN_RSHIFT 146
-# define BN_F_BN_USUB 115
-
-/* Reason codes. */
-# define BN_R_ARG2_LT_ARG3 100
-# define BN_R_BAD_RECIPROCAL 101
-# define BN_R_BIGNUM_TOO_LONG 114
-# define BN_R_BITS_TOO_SMALL 118
-# define BN_R_CALLED_WITH_EVEN_MODULUS 102
-# define BN_R_DIV_BY_ZERO 103
-# define BN_R_ENCODING_ERROR 104
-# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
-# define BN_R_INPUT_NOT_REDUCED 110
-# define BN_R_INVALID_LENGTH 106
-# define BN_R_INVALID_RANGE 115
-# define BN_R_INVALID_SHIFT 119
-# define BN_R_NOT_A_SQUARE 111
-# define BN_R_NOT_INITIALIZED 107
-# define BN_R_NO_INVERSE 108
-# define BN_R_NO_SOLUTION 116
-# define BN_R_P_IS_NOT_PRIME 112
-# define BN_R_TOO_MANY_ITERATIONS 113
-# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn.mul b/deps/openssl/openssl/crypto/bn/bn.mul
deleted file mode 100644
index 9728870d38..0000000000
--- a/deps/openssl/openssl/crypto/bn/bn.mul
+++ /dev/null
@@ -1,19 +0,0 @@
-We need
-
-* bn_mul_comba8
-* bn_mul_comba4
-* bn_mul_normal
-* bn_mul_recursive
-
-* bn_sqr_comba8
-* bn_sqr_comba4
-bn_sqr_normal -> BN_sqr
-* bn_sqr_recursive
-
-* bn_mul_low_recursive
-* bn_mul_low_normal
-* bn_mul_high
-
-* bn_mul_part_recursive # symetric but not power of 2
-
-bn_mul_asymetric_recursive # uneven, but do the chop up.
diff --git a/deps/openssl/openssl/crypto/bn/bn_add.c b/deps/openssl/openssl/crypto/bn/bn_add.c
index 2f3d110449..7cdefa77a1 100644
--- a/deps/openssl/openssl/crypto/bn/bn_add.c
+++ b/deps/openssl/openssl/crypto/bn/bn_add.c
@@ -1,69 +1,18 @@
-/* crypto/bn/bn_add.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
/* r can == a or b */
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
{
- const BIGNUM *tmp;
int a_neg = a->neg, ret;
bn_check_top(a);
@@ -78,6 +27,8 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
if (a_neg ^ b->neg) {
/* only one is negative */
if (a_neg) {
+ const BIGNUM *tmp;
+
tmp = a;
a = b;
b = tmp;
@@ -87,14 +38,14 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
if (BN_ucmp(a, b) < 0) {
if (!BN_usub(r, b, a))
- return (0);
+ return 0;
r->neg = 1;
} else {
if (!BN_usub(r, a, b))
- return (0);
+ return 0;
r->neg = 0;
}
- return (1);
+ return 1;
}
ret = BN_uadd(r, a, b);
@@ -107,13 +58,15 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
{
int max, min, dif;
- BN_ULONG *ap, *bp, *rp, carry, t1, t2;
- const BIGNUM *tmp;
+ const BN_ULONG *ap, *bp;
+ BN_ULONG *rp, carry, t1, t2;
bn_check_top(a);
bn_check_top(b);
if (a->top < b->top) {
+ const BIGNUM *tmp;
+
tmp = a;
a = b;
b = tmp;
@@ -134,29 +87,17 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
carry = bn_add_words(rp, ap, bp, min);
rp += min;
ap += min;
- bp += min;
-
- if (carry) {
- while (dif) {
- dif--;
- t1 = *(ap++);
- t2 = (t1 + 1) & BN_MASK2;
- *(rp++) = t2;
- if (t2) {
- carry = 0;
- break;
- }
- }
- if (carry) {
- /* carry != 0 => dif == 0 */
- *rp = 1;
- r->top++;
- }
+
+ while (dif) {
+ dif--;
+ t1 = *(ap++);
+ t2 = (t1 + carry) & BN_MASK2;
+ *(rp++) = t2;
+ carry &= (t2 == 0);
}
- if (dif && rp != ap)
- while (dif--)
- /* copy remaining words if ap != rp */
- *(rp++) = *(ap++);
+ *rp = carry;
+ r->top += carry;
+
r->neg = 0;
bn_check_top(r);
return 1;
@@ -166,11 +107,8 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
{
int max, min, dif;
- register BN_ULONG t1, t2, *ap, *bp, *rp;
- int i, carry;
-#if defined(IRIX_CC_BUG) && !defined(LINT)
- int dummy;
-#endif
+ BN_ULONG t1, t2, borrow, *rp;
+ const BN_ULONG *ap, *bp;
bn_check_top(a);
bn_check_top(b);
@@ -181,86 +119,42 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
if (dif < 0) { /* hmm... should not be happening */
BNerr(BN_F_BN_USUB, BN_R_ARG2_LT_ARG3);
- return (0);
+ return 0;
}
if (bn_wexpand(r, max) == NULL)
- return (0);
+ return 0;
ap = a->d;
bp = b->d;
rp = r->d;
-#if 1
- carry = 0;
- for (i = min; i != 0; i--) {
- t1 = *(ap++);
- t2 = *(bp++);
- if (carry) {
- carry = (t1 <= t2);
- t1 = (t1 - t2 - 1) & BN_MASK2;
- } else {
- carry = (t1 < t2);
- t1 = (t1 - t2) & BN_MASK2;
- }
-# if defined(IRIX_CC_BUG) && !defined(LINT)
- dummy = t1;
-# endif
- *(rp++) = t1 & BN_MASK2;
- }
-#else
- carry = bn_sub_words(rp, ap, bp, min);
+ borrow = bn_sub_words(rp, ap, bp, min);
ap += min;
- bp += min;
rp += min;
-#endif
- if (carry) { /* subtracted */
- if (!dif)
- /* error: a < b */
- return 0;
- while (dif) {
- dif--;
- t1 = *(ap++);
- t2 = (t1 - 1) & BN_MASK2;
- *(rp++) = t2;
- if (t1)
- break;
- }
- }
-#if 0
- memcpy(rp, ap, sizeof(*rp) * (max - i));
-#else
- if (rp != ap) {
- for (;;) {
- if (!dif--)
- break;
- rp[0] = ap[0];
- if (!dif--)
- break;
- rp[1] = ap[1];
- if (!dif--)
- break;
- rp[2] = ap[2];
- if (!dif--)
- break;
- rp[3] = ap[3];
- rp += 4;
- ap += 4;
- }
+
+ while (dif) {
+ dif--;
+ t1 = *(ap++);
+ t2 = (t1 - borrow) & BN_MASK2;
+ *(rp++) = t2;
+ borrow &= (t1 == 0);
}
-#endif
+
+ while (max && *--rp == 0)
+ max--;
r->top = max;
r->neg = 0;
- bn_correct_top(r);
- return (1);
+ bn_pollute(r);
+
+ return 1;
}
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
{
int max;
int add = 0, neg = 0;
- const BIGNUM *tmp;
bn_check_top(a);
bn_check_top(b);
@@ -273,6 +167,8 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
*/
if (a->neg) {
if (b->neg) {
+ const BIGNUM *tmp;
+
tmp = a;
a = b;
b = tmp;
@@ -289,25 +185,25 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
if (add) {
if (!BN_uadd(r, a, b))
- return (0);
+ return 0;
r->neg = neg;
- return (1);
+ return 1;
}
/* We are actually doing a - b :-) */
max = (a->top > b->top) ? a->top : b->top;
if (bn_wexpand(r, max) == NULL)
- return (0);
+ return 0;
if (BN_ucmp(a, b) < 0) {
if (!BN_usub(r, b, a))
- return (0);
+ return 0;
r->neg = 1;
} else {
if (!BN_usub(r, a, b))
- return (0);
+ return 0;
r->neg = 0;
}
bn_check_top(r);
- return (1);
+ return 1;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_asm.c b/deps/openssl/openssl/crypto/bn/bn_asm.c
index 03a33cffe5..39c6c2134b 100644
--- a/deps/openssl/openssl/crypto/bn/bn_asm.c
+++ b/deps/openssl/openssl/crypto/bn/bn_asm.c
@@ -1,69 +1,15 @@
-/* crypto/bn/bn_asm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
#include <assert.h>
-#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
@@ -1005,13 +951,13 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
/* hmm... is it faster just to do a multiply? */
# undef bn_sqr_comba4
+# undef bn_sqr_comba8
void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t[8];
bn_sqr_normal(r, a, 4, t);
}
-# undef bn_sqr_comba8
void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t[16];
diff --git a/deps/openssl/openssl/crypto/bn/bn_blind.c b/deps/openssl/openssl/crypto/bn/bn_blind.c
index d448daa3c7..24d138309d 100644
--- a/deps/openssl/openssl/crypto/bn/bn_blind.c
+++ b/deps/openssl/openssl/crypto/bn/bn_blind.c
@@ -1,116 +1,14 @@
-/* crypto/bn/bn_blind.c */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+/*
+ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include <openssl/opensslconf.h>
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#define BN_BLINDING_COUNTER 32
@@ -120,16 +18,13 @@ struct bn_blinding_st {
BIGNUM *Ai;
BIGNUM *e;
BIGNUM *mod; /* just a reference */
-#ifndef OPENSSL_NO_DEPRECATED
- unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; used
- * only by crypto/rsa/rsa_eay.c, rsa_lib.c */
-#endif
- CRYPTO_THREADID tid;
+ CRYPTO_THREAD_ID tid;
int counter;
unsigned long flags;
BN_MONT_CTX *m_ctx;
int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ CRYPTO_RWLOCK *lock;
};
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
@@ -138,15 +33,25 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
bn_check_top(mod);
- if ((ret = (BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) {
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ return NULL;
}
- memset(ret, 0, sizeof(BN_BLINDING));
+
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+
+ BN_BLINDING_set_current_thread(ret);
+
if (A != NULL) {
if ((ret->A = BN_dup(A)) == NULL)
goto err;
}
+
if (Ai != NULL) {
if ((ret->Ai = BN_dup(Ai)) == NULL)
goto err;
@@ -155,6 +60,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
/* save a copy of mod in the BN_BLINDING structure */
if ((ret->mod = BN_dup(mod)) == NULL)
goto err;
+
if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
@@ -164,12 +70,12 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
* use.
*/
ret->counter = -1;
- CRYPTO_THREADID_current(&ret->tid);
- return (ret);
+
+ return ret;
+
err:
- if (ret != NULL)
- BN_BLINDING_free(ret);
- return (NULL);
+ BN_BLINDING_free(ret);
+ return NULL;
}
void BN_BLINDING_free(BN_BLINDING *r)
@@ -177,14 +83,11 @@ void BN_BLINDING_free(BN_BLINDING *r)
if (r == NULL)
return;
- if (r->A != NULL)
- BN_free(r->A);
- if (r->Ai != NULL)
- BN_free(r->Ai);
- if (r->e != NULL)
- BN_free(r->e);
- if (r->mod != NULL)
- BN_free(r->mod);
+ BN_free(r->A);
+ BN_free(r->Ai);
+ BN_free(r->e);
+ BN_free(r->mod);
+ CRYPTO_THREAD_lock_free(r->lock);
OPENSSL_free(r);
}
@@ -278,21 +181,24 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
return (ret);
}
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
+int BN_BLINDING_is_current_thread(BN_BLINDING *b)
+{
+ return CRYPTO_THREAD_compare_id(CRYPTO_THREAD_get_current_id(), b->tid);
+}
+
+void BN_BLINDING_set_current_thread(BN_BLINDING *b)
{
- return b->thread_id;
+ b->tid = CRYPTO_THREAD_get_current_id();
}
-void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
+int BN_BLINDING_lock(BN_BLINDING *b)
{
- b->thread_id = n;
+ return CRYPTO_THREAD_write_lock(b->lock);
}
-#endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
+int BN_BLINDING_unlock(BN_BLINDING *b)
{
- return &b->tid;
+ return CRYPTO_THREAD_unlock(b->lock);
}
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
@@ -332,8 +238,7 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
goto err;
if (e != NULL) {
- if (ret->e != NULL)
- BN_free(ret->e);
+ BN_free(ret->e);
ret->e = BN_dup(e);
}
if (ret->e == NULL)
@@ -345,20 +250,19 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
ret->m_ctx = m_ctx;
do {
+ int rv;
if (!BN_rand_range(ret->A, ret->mod))
goto err;
- if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) {
+ if (!int_bn_mod_inverse(ret->Ai, ret->A, ret->mod, ctx, &rv)) {
/*
* this should almost never happen for good RSA keys
*/
- unsigned long error = ERR_peek_last_error();
- if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+ if (rv) {
if (retry_counter-- == 0) {
BNerr(BN_F_BN_BLINDING_CREATE_PARAM,
BN_R_TOO_MANY_ITERATIONS);
goto err;
}
- ERR_clear_error();
} else
goto err;
} else
@@ -376,7 +280,7 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
return ret;
err:
- if (b == NULL && ret != NULL) {
+ if (b == NULL) {
BN_BLINDING_free(ret);
ret = NULL;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_const.c b/deps/openssl/openssl/crypto/bn/bn_const.c
index 12c3208c24..39dd61202a 100644
--- a/deps/openssl/openssl/crypto/bn/bn_const.c
+++ b/deps/openssl/openssl/crypto/bn/bn_const.c
@@ -1,7 +1,13 @@
-/* crypto/bn/knownprimes.c */
-/* Insert boilerplate */
+/*
+ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
-#include "bn.h"
+#include <openssl/bn.h>
/*-
* "First Oakley Default Group" from RFC2409, section 6.1.
@@ -12,7 +18,7 @@
* RFC2412 specifies a generator of of 22.
*/
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
+BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_768[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -40,7 +46,7 @@ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
* RFC2412 specifies a generator of 22.
*/
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
+BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_1024[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -72,7 +78,7 @@ BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
* RFC2312 specifies a generator of 22.
*/
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_1536[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -111,7 +117,7 @@ BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
* RFC3526 specifies a generator of 2.
*/
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_2048[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -158,7 +164,7 @@ BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
* RFC3526 specifies a generator of 2.
*/
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_3072[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -221,7 +227,7 @@ BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
* RFC3526 specifies a generator of 2.
*/
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_4096[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -300,7 +306,7 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
* RFC3526 specifies a generator of 2.
*/
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_6144[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -411,7 +417,7 @@ BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
* RFC3526 specifies a generator of 2.
*/
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn)
+BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)
{
static const unsigned char RFC3526_PRIME_8192[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
diff --git a/deps/openssl/openssl/crypto/bn/bn_ctx.c b/deps/openssl/openssl/crypto/bn/bn_ctx.c
index 526c6a046d..68c0468743 100644
--- a/deps/openssl/openssl/crypto/bn/bn_ctx.c
+++ b/deps/openssl/openssl/crypto/bn/bn_ctx.c
@@ -1,69 +1,13 @@
-/* crypto/bn/bn_ctx.c */
-/* Written by Ulf Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
/*-
@@ -104,10 +48,7 @@ typedef struct bignum_pool {
} BN_POOL;
static void BN_POOL_init(BN_POOL *);
static void BN_POOL_finish(BN_POOL *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_POOL_reset(BN_POOL *);
-#endif
-static BIGNUM *BN_POOL_get(BN_POOL *);
+static BIGNUM *BN_POOL_get(BN_POOL *, int);
static void BN_POOL_release(BN_POOL *, unsigned int);
/************/
@@ -123,9 +64,6 @@ typedef struct bignum_ctx_stack {
} BN_STACK;
static void BN_STACK_init(BN_STACK *);
static void BN_STACK_finish(BN_STACK *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_STACK_reset(BN_STACK *);
-#endif
static int BN_STACK_push(BN_STACK *, unsigned int);
static unsigned int BN_STACK_pop(BN_STACK *);
@@ -145,6 +83,8 @@ struct bignum_ctx {
int err_stack;
/* Block "gets" until an "end" (compatibility behaviour) */
int too_many;
+ /* Flags. */
+ int flags;
};
/* Enable this to find BN_CTX bugs */
@@ -190,40 +130,27 @@ static void ctxdbg(BN_CTX *ctx)
# define CTXDBG_RET(ctx,ret)
#endif
-/*
- * This function is an evil legacy and should not be used. This
- * implementation is WYSIWYG, though I've done my best.
- */
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *ctx)
-{
- /*
- * Assume the caller obtained the context via BN_CTX_new() and so is
- * trying to reset it for use. Nothing else makes sense, least of all
- * binary compatibility from a time when they could declare a static
- * variable.
- */
- BN_POOL_reset(&ctx->pool);
- BN_STACK_reset(&ctx->stack);
- ctx->used = 0;
- ctx->err_stack = 0;
- ctx->too_many = 0;
-}
-#endif
BN_CTX *BN_CTX_new(void)
{
- BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX));
- if (!ret) {
+ BN_CTX *ret;
+
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
/* Initialise the structure */
BN_POOL_init(&ret->pool);
BN_STACK_init(&ret->stack);
- ret->used = 0;
- ret->err_stack = 0;
- ret->too_many = 0;
+ return ret;
+}
+
+BN_CTX *BN_CTX_secure_new(void)
+{
+ BN_CTX *ret = BN_CTX_new();
+
+ if (ret != NULL)
+ ret->flags = BN_FLG_SECURE;
return ret;
}
@@ -285,10 +212,11 @@ void BN_CTX_end(BN_CTX *ctx)
BIGNUM *BN_CTX_get(BN_CTX *ctx)
{
BIGNUM *ret;
+
CTXDBG_ENTRY("BN_CTX_get", ctx);
if (ctx->err_stack || ctx->too_many)
return NULL;
- if ((ret = BN_POOL_get(&ctx->pool)) == NULL) {
+ if ((ret = BN_POOL_get(&ctx->pool, ctx->flags)) == NULL) {
/*
* Setting too_many prevents repeated "get" attempts from cluttering
* the error stack.
@@ -316,32 +244,23 @@ static void BN_STACK_init(BN_STACK *st)
static void BN_STACK_finish(BN_STACK *st)
{
- if (st->size)
- OPENSSL_free(st->indexes);
+ OPENSSL_free(st->indexes);
+ st->indexes = NULL;
}
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_STACK_reset(BN_STACK *st)
-{
- st->depth = 0;
-}
-#endif
static int BN_STACK_push(BN_STACK *st, unsigned int idx)
{
- if (st->depth == st->size)
+ if (st->depth == st->size) {
/* Need to expand */
- {
- unsigned int newsize = (st->size ?
- (st->size * 3 / 2) : BN_CTX_START_FRAMES);
- unsigned int *newitems = OPENSSL_malloc(newsize *
- sizeof(unsigned int));
- if (!newitems)
+ unsigned int newsize =
+ st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES;
+ unsigned int *newitems = OPENSSL_malloc(sizeof(*newitems) * newsize);
+ if (newitems == NULL)
return 0;
if (st->depth)
- memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
- if (st->size)
- OPENSSL_free(st->indexes);
+ memcpy(newitems, st->indexes, sizeof(*newitems) * st->depth);
+ OPENSSL_free(st->indexes);
st->indexes = newitems;
st->size = newsize;
}
@@ -366,55 +285,39 @@ static void BN_POOL_init(BN_POOL *p)
static void BN_POOL_finish(BN_POOL *p)
{
+ unsigned int loop;
+ BIGNUM *bn;
+
while (p->head) {
- unsigned int loop = 0;
- BIGNUM *bn = p->head->vals;
- while (loop++ < BN_CTX_POOL_SIZE) {
+ for (loop = 0, bn = p->head->vals; loop++ < BN_CTX_POOL_SIZE; bn++)
if (bn->d)
BN_clear_free(bn);
- bn++;
- }
p->current = p->head->next;
OPENSSL_free(p->head);
p->head = p->current;
}
}
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_POOL_reset(BN_POOL *p)
-{
- BN_POOL_ITEM *item = p->head;
- while (item) {
- unsigned int loop = 0;
- BIGNUM *bn = item->vals;
- while (loop++ < BN_CTX_POOL_SIZE) {
- if (bn->d)
- BN_clear(bn);
- bn++;
- }
- item = item->next;
- }
- p->current = p->head;
- p->used = 0;
-}
-#endif
-static BIGNUM *BN_POOL_get(BN_POOL *p)
+static BIGNUM *BN_POOL_get(BN_POOL *p, int flag)
{
+ BIGNUM *bn;
+ unsigned int loop;
+
+ /* Full; allocate a new pool item and link it in. */
if (p->used == p->size) {
- BIGNUM *bn;
- unsigned int loop = 0;
- BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM));
- if (!item)
+ BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(*item));
+ if (item == NULL)
return NULL;
- /* Initialise the structure */
- bn = item->vals;
- while (loop++ < BN_CTX_POOL_SIZE)
- BN_init(bn++);
+ for (loop = 0, bn = item->vals; loop++ < BN_CTX_POOL_SIZE; bn++) {
+ bn_init(bn);
+ if ((flag & BN_FLG_SECURE) != 0)
+ BN_set_flags(bn, BN_FLG_SECURE);
+ }
item->prev = p->tail;
item->next = NULL;
- /* Link it in */
- if (!p->head)
+
+ if (p->head == NULL)
p->head = p->current = p->tail = item;
else {
p->tail->next = item;
@@ -426,6 +329,7 @@ static BIGNUM *BN_POOL_get(BN_POOL *p)
/* Return the first bignum from the new pool */
return item->vals;
}
+
if (!p->used)
p->current = p->head;
else if ((p->used % BN_CTX_POOL_SIZE) == 0)
@@ -436,10 +340,11 @@ static BIGNUM *BN_POOL_get(BN_POOL *p)
static void BN_POOL_release(BN_POOL *p, unsigned int num)
{
unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE;
+
p->used -= num;
while (num--) {
bn_check_top(p->current->vals + offset);
- if (!offset) {
+ if (offset == 0) {
offset = BN_CTX_POOL_SIZE - 1;
p->current = p->current->prev;
} else
diff --git a/deps/openssl/openssl/crypto/bn/bn_depr.c b/deps/openssl/openssl/crypto/bn/bn_depr.c
index 34895f5982..7d89214b1c 100644
--- a/deps/openssl/openssl/crypto/bn/bn_depr.c
+++ b/deps/openssl/openssl/crypto/bn/bn_depr.c
@@ -1,56 +1,10 @@
-/* crypto/bn/bn_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
/*
@@ -58,22 +12,22 @@
* slurp this code if applications are using them directly.
*/
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
+#include <openssl/opensslconf.h>
+#if OPENSSL_API_COMPAT >= 0x00908000L
+NON_EMPTY_TRANSLATION_UNIT
+#else
-static void *dummy = &dummy;
+# include <stdio.h>
+# include <time.h>
+# include "internal/cryptlib.h"
+# include "bn_lcl.h"
-#ifndef OPENSSL_NO_DEPRECATED
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem,
void (*callback) (int, int, void *), void *cb_arg)
{
BN_GENCB cb;
BIGNUM *rnd = NULL;
- int found = 0;
BN_GENCB_set_old(&cb, callback, cb_arg);
@@ -86,11 +40,10 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
goto err;
/* we have a prime :-) */
- found = 1;
+ return ret;
err:
- if (!found && (ret == NULL) && (rnd != NULL))
- BN_free(rnd);
- return (found ? rnd : NULL);
+ BN_free(rnd);
+ return NULL;
}
int BN_is_prime(const BIGNUM *a, int checks,
diff --git a/deps/openssl/openssl/crypto/bn/bn_dh.c b/deps/openssl/openssl/crypto/bn/bn_dh.c
new file mode 100644
index 0000000000..17d05597b3
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/bn_dh.c
@@ -0,0 +1,220 @@
+/*
+ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "bn_lcl.h"
+#include "e_os.h"
+
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#include "internal/bn_dh.h"
+/* DH parameters from RFC5114 */
+
+# if BN_BITS2 == 64
+static const BN_ULONG dh1024_160_p[] = {
+ 0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL,
+ 0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL,
+ 0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL,
+ 0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL,
+ 0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL,
+ 0xB10B8F96A080E01DULL
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+ 0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL,
+ 0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL,
+ 0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL,
+ 0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL,
+ 0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL,
+ 0xA4D1CBD5C3FD3412ULL
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+ 0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+ 0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL,
+ 0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL,
+ 0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL,
+ 0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL,
+ 0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL,
+ 0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL,
+ 0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL,
+ 0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL,
+ 0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL,
+ 0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL,
+ 0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+ 0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL,
+ 0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL,
+ 0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL,
+ 0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL,
+ 0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL,
+ 0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL,
+ 0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL,
+ 0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL,
+ 0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL,
+ 0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL,
+ 0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+ 0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL,
+ 0x00000000801C0D34ULL
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+ 0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL,
+ 0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL,
+ 0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL,
+ 0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL,
+ 0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL,
+ 0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL,
+ 0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL,
+ 0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL,
+ 0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL,
+ 0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL,
+ 0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+ 0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL,
+ 0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL,
+ 0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL,
+ 0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL,
+ 0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL,
+ 0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL,
+ 0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL,
+ 0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL,
+ 0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL,
+ 0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL,
+ 0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+ 0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL,
+ 0x8CF83642A709A097ULL
+};
+
+# elif BN_BITS2 == 32
+
+static const BN_ULONG dh1024_160_p[] = {
+ 0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF,
+ 0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA,
+ 0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C,
+ 0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286,
+ 0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E,
+ 0xA080E01D, 0xB10B8F96
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+ 0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59,
+ 0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08,
+ 0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F,
+ 0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E,
+ 0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442,
+ 0xC3FD3412, 0xA4D1CBD5
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+ 0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+ 0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2,
+ 0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E,
+ 0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1,
+ 0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A,
+ 0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714,
+ 0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0,
+ 0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0,
+ 0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152,
+ 0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40,
+ 0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5,
+ 0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+ 0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1,
+ 0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE,
+ 0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F,
+ 0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137,
+ 0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3,
+ 0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2,
+ 0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0,
+ 0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001,
+ 0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01,
+ 0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B,
+ 0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+ 0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE,
+ 0x801C0D34
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+ 0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227,
+ 0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A,
+ 0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79,
+ 0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5,
+ 0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267,
+ 0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF,
+ 0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF,
+ 0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64,
+ 0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45,
+ 0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608,
+ 0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+ 0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148,
+ 0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428,
+ 0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15,
+ 0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73,
+ 0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1,
+ 0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982,
+ 0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5,
+ 0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8,
+ 0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A,
+ 0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F,
+ 0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+ 0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976,
+ 0xA709A097, 0x8CF83642
+};
+
+# else
+# error "unsupported BN_BITS2"
+# endif
+
+/* Macro to make a BIGNUM from static data */
+
+# define make_dh_bn(x) extern const BIGNUM _bignum_##x; \
+ const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
+ OSSL_NELEM(x),\
+ OSSL_NELEM(x),\
+ 0, BN_FLG_STATIC_DATA };
+
+
+make_dh_bn(dh1024_160_p)
+make_dh_bn(dh1024_160_g)
+make_dh_bn(dh1024_160_q)
+make_dh_bn(dh2048_224_p)
+make_dh_bn(dh2048_224_g)
+make_dh_bn(dh2048_224_q)
+make_dh_bn(dh2048_256_p)
+make_dh_bn(dh2048_256_g)
+make_dh_bn(dh2048_256_q)
+
+#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn_div.c b/deps/openssl/openssl/crypto/bn/bn_div.c
index bc37671cf1..5e620b2096 100644
--- a/deps/openssl/openssl/crypto/bn/bn_div.c
+++ b/deps/openssl/openssl/crypto/bn/bn_div.c
@@ -1,64 +1,14 @@
-/* crypto/bn/bn_div.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
#include <openssl/bn.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
/* The old slow way */
@@ -180,7 +130,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
# endif /* OPENSSL_NO_ASM */
/*-
- * BN_div computes dv := num / divisor, rounding towards
+ * BN_div computes dv := num / divisor, rounding towards
* zero, and sets up rm such that dv*divisor + rm = num holds.
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
@@ -304,9 +254,9 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
wnump = &(snum->d[num_n - 1]);
/* Setup to 'res' */
- res->neg = (num->neg ^ divisor->neg);
if (!bn_wexpand(res, (loop + 1)))
goto err;
+ res->neg = (num->neg ^ divisor->neg);
res->top = loop - no_branch;
resp = &(res->d[loop - 1]);
@@ -328,6 +278,9 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
res->top--;
}
+ /* Increase the resp pointer so that we never create an invalid pointer. */
+ resp++;
+
/*
* if res->top == 0 then clear the neg value otherwise decrease the resp
* pointer
@@ -337,7 +290,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
else
resp--;
- for (i = 0; i < loop - 1; i++, wnump--, resp--) {
+ for (i = 0; i < loop - 1; i++, wnump--) {
BN_ULONG q, l0;
/*
* the first part of the loop uses the top two words of snum and sdiv
@@ -362,10 +315,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0);
# else
q = bn_div_words(n0, n1, d0);
-# ifdef BN_DEBUG_LEVITTE
- fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-# endif
# endif
# ifndef REMAINDER_IS_ALREADY_CALCULATED
@@ -390,10 +339,6 @@ X) -> 0x%08X\n", n0, n1, d0, q);
BN_ULONG t2l, t2h;
q = bn_div_words(n0, n1, d0);
-# ifdef BN_DEBUG_LEVITTE
- fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-# endif
# ifndef REMAINDER_IS_ALREADY_CALCULATED
rem = (n1 - q * d0) & BN_MASK2;
# endif
@@ -451,6 +396,7 @@ X) -> 0x%08X\n", n0, n1, d0, q);
(*wnump)++;
}
/* store part of the result */
+ resp--;
*resp = q;
}
bn_correct_top(snum);
diff --git a/deps/openssl/openssl/crypto/bn/bn_err.c b/deps/openssl/openssl/crypto/bn/bn_err.c
index e7a703826e..5fe9db9ede 100644
--- a/deps/openssl/openssl/crypto/bn/bn_err.c
+++ b/deps/openssl/openssl/crypto/bn/bn_err.c
@@ -1,62 +1,11 @@
-/* crypto/bn/bn_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
@@ -70,7 +19,7 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
static ERR_STRING_DATA BN_str_functs[] = {
- {ERR_FUNC(BN_F_BNRAND), "BNRAND"},
+ {ERR_FUNC(BN_F_BNRAND), "bnrand"},
{ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"},
{ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"},
{ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"},
@@ -78,15 +27,17 @@ static ERR_STRING_DATA BN_str_functs[] = {
{ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
{ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
{ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
+ {ERR_FUNC(BN_F_BN_COMPUTE_WNAF), "bn_compute_wNAF"},
{ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
{ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
{ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
{ERR_FUNC(BN_F_BN_DIV), "BN_div"},
- {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
{ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
{ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
- {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
- {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
+ {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "bn_expand_internal"},
+ {ERR_FUNC(BN_F_BN_GENCB_NEW), "BN_GENCB_new"},
+ {ERR_FUNC(BN_F_BN_GENERATE_DSA_NONCE), "BN_generate_dsa_nonce"},
+ {ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX), "BN_generate_prime_ex"},
{ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
{ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
{ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
@@ -104,13 +55,13 @@ static ERR_STRING_DATA BN_str_functs[] = {
{ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
{ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
- {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
{ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
{ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
{ERR_FUNC(BN_F_BN_NEW), "BN_new"},
{ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
{ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
{ERR_FUNC(BN_F_BN_RSHIFT), "BN_rshift"},
+ {ERR_FUNC(BN_F_BN_SET_WORDS), "bn_set_words"},
{ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
{0, NULL}
};
@@ -133,6 +84,7 @@ static ERR_STRING_DATA BN_str_reasons[] = {
{ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"},
{ERR_REASON(BN_R_NO_INVERSE), "no inverse"},
{ERR_REASON(BN_R_NO_SOLUTION), "no solution"},
+ {ERR_REASON(BN_R_PRIVATE_KEY_TOO_LARGE), "private key too large"},
{ERR_REASON(BN_R_P_IS_NOT_PRIME), "p is not prime"},
{ERR_REASON(BN_R_TOO_MANY_ITERATIONS), "too many iterations"},
{ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),
@@ -142,7 +94,7 @@ static ERR_STRING_DATA BN_str_reasons[] = {
#endif
-void ERR_load_BN_strings(void)
+int ERR_load_BN_strings(void)
{
#ifndef OPENSSL_NO_ERR
@@ -151,4 +103,5 @@ void ERR_load_BN_strings(void)
ERR_load_strings(0, BN_str_reasons);
}
#endif
+ return 1;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_exp.c b/deps/openssl/openssl/crypto/bn/bn_exp.c
index 40115fc720..0d2d1eca6b 100644
--- a/deps/openssl/openssl/crypto/bn/bn_exp.c
+++ b/deps/openssl/openssl/crypto/bn/bn_exp.c
@@ -1,116 +1,14 @@
-/* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
-#include "constant_time_locl.h"
+#include "internal/cryptlib.h"
+#include "internal/constant_time_locl.h"
#include "bn_lcl.h"
#include <stdlib.h>
@@ -201,7 +99,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
bn_check_top(m);
/*-
- * For even modulus m = 2^k*m_odd, it might make sense to compute
+ * For even modulus m = 2^k*m_odd, it might make sense to compute
* a^p mod m_odd and a^p mod 2^k separately (with Montgomery
* exponentiation for the odd part), using appropriate exponent
* reductions, and combine the results using the CRT.
@@ -578,7 +476,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
goto err;
ret = 1;
err:
- if ((in_mont == NULL) && (mont != NULL))
+ if (in_mont == NULL)
BN_MONT_CTX_free(mont);
BN_CTX_end(ctx);
bn_check_top(rr);
@@ -637,6 +535,14 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
{
int i, j;
int width = 1 << window;
+ /*
+ * We declare table 'volatile' in order to discourage compiler
+ * from reordering loads from the table. Concern is that if
+ * reordered in specific manner loads might give away the
+ * information we are trying to conceal. Some would argue that
+ * compiler can reorder them anyway, but it can as well be
+ * argued that doing so would be violation of standard...
+ */
volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
if (bn_wexpand(b, top) == NULL)
@@ -821,8 +727,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
else
#endif
if ((powerbufFree =
- (unsigned char *)OPENSSL_malloc(powerbufLen +
- MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
+ OPENSSL_malloc(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
== NULL)
goto err;
@@ -1191,12 +1096,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
goto err;
ret = 1;
err:
- if ((in_mont == NULL) && (mont != NULL))
+ if (in_mont == NULL)
BN_MONT_CTX_free(mont);
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
- if (powerbufFree)
- OPENSSL_free(powerbufFree);
+ OPENSSL_free(powerbufFree);
}
BN_CTX_end(ctx);
return (ret);
@@ -1343,7 +1247,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
}
ret = 1;
err:
- if ((in_mont == NULL) && (mont != NULL))
+ if (in_mont == NULL)
BN_MONT_CTX_free(mont);
BN_CTX_end(ctx);
bn_check_top(rr);
diff --git a/deps/openssl/openssl/crypto/bn/bn_exp2.c b/deps/openssl/openssl/crypto/bn/bn_exp2.c
index 43fd2044c0..5141c21f6d 100644
--- a/deps/openssl/openssl/crypto/bn/bn_exp2.c
+++ b/deps/openssl/openssl/crypto/bn/bn_exp2.c
@@ -1,116 +1,14 @@
-/* crypto/bn/bn_exp2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#define TABLE_SIZE 32
@@ -295,7 +193,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
goto err;
ret = 1;
err:
- if ((in_mont == NULL) && (mont != NULL))
+ if (in_mont == NULL)
BN_MONT_CTX_free(mont);
BN_CTX_end(ctx);
bn_check_top(rr);
diff --git a/deps/openssl/openssl/crypto/bn/bn_gcd.c b/deps/openssl/openssl/crypto/bn/bn_gcd.c
index ce59fe701f..067642644e 100644
--- a/deps/openssl/openssl/crypto/bn/bn_gcd.c
+++ b/deps/openssl/openssl/crypto/bn/bn_gcd.c
@@ -1,115 +1,13 @@
-/* crypto/bn/bn_gcd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
@@ -226,10 +124,25 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{
+ BIGNUM *rv;
+ int noinv;
+ rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
+ if (noinv)
+ BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
+ return rv;
+}
+
+BIGNUM *int_bn_mod_inverse(BIGNUM *in,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx,
+ int *pnoinv)
+{
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
int sign;
+ if (pnoinv)
+ *pnoinv = 0;
+
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
|| (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
return BN_mod_inverse_no_branch(in, a, n, ctx);
@@ -276,11 +189,11 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
* sign*Y*a == A (mod |n|).
*/
- if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) {
+ if (BN_is_odd(n) && (BN_num_bits(n) <= 2048)) {
/*
* Binary inversion algorithm; requires odd modulus. This is faster
* than the general algorithm if the modulus is sufficiently small
- * (about 400 .. 500 bits on 32-bit sytems, but much more on 64-bit
+ * (about 400 .. 500 bits on 32-bit systems, but much more on 64-bit
* systems)
*/
int shift;
@@ -364,8 +277,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
if (!BN_uadd(Y, Y, X))
goto err;
/*
- * as above, BN_mod_add_quick(Y, Y, X, n) would slow things
- * down
+ * as above, BN_mod_add_quick(Y, Y, X, n) would slow things down
*/
if (!BN_usub(A, A, B))
goto err;
@@ -435,8 +347,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
* (**) sign*Y*a == D*B + M (mod |n|).
*/
- tmp = A; /* keep the BIGNUM object, the value does not
- * matter */
+ tmp = A; /* keep the BIGNUM object, the value does not matter */
/* (A, B) := (B, A mod B) ... */
A = B;
@@ -457,15 +368,14 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
- * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
+ * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
*/
/*
- * most of the time D is very small, so we can optimize tmp :=
- * D*X+Y
+ * most of the time D is very small, so we can optimize tmp := D*X+Y
*/
if (BN_is_one(D)) {
if (!BN_add(tmp, X, Y))
@@ -490,8 +400,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
goto err;
}
- M = Y; /* keep the BIGNUM object, the value does not
- * matter */
+ M = Y; /* keep the BIGNUM object, the value does not matter */
Y = X;
X = tmp;
sign = -sign;
@@ -522,7 +431,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
goto err;
}
} else {
- BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
+ if (pnoinv)
+ *pnoinv = 1;
goto err;
}
ret = R;
@@ -543,8 +453,6 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
BN_CTX *ctx)
{
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
- BIGNUM local_A, local_B;
- BIGNUM *pA, *pB;
BIGNUM *ret = NULL;
int sign;
@@ -582,11 +490,14 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
- pB = &local_B;
- local_B.flags = 0;
- BN_with_flags(pB, B, BN_FLG_CONSTTIME);
- if (!BN_nnmod(B, pB, A, ctx))
- goto err;
+ {
+ BIGNUM local_B;
+ bn_init(&local_B);
+ BN_with_flags(&local_B, B, BN_FLG_CONSTTIME);
+ if (!BN_nnmod(B, &local_B, A, ctx))
+ goto err;
+ /* Ensure local_B goes out of scope before any further use of B */
+ }
}
sign = -1;
/*-
@@ -610,13 +521,16 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
- pA = &local_A;
- local_A.flags = 0;
- BN_with_flags(pA, A, BN_FLG_CONSTTIME);
+ {
+ BIGNUM local_A;
+ bn_init(&local_A);
+ BN_with_flags(&local_A, A, BN_FLG_CONSTTIME);
- /* (D, M) := (A/B, A%B) ... */
- if (!BN_div(D, M, pA, B, ctx))
- goto err;
+ /* (D, M) := (A/B, A%B) ... */
+ if (!BN_div(D, M, &local_A, B, ctx))
+ goto err;
+ /* Ensure local_A goes out of scope before any further use of A */
+ }
/*-
* Now
@@ -647,7 +561,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
- * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
+ * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
diff --git a/deps/openssl/openssl/crypto/bn/bn_gf2m.c b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
index 2c61da1109..b1987f55dd 100644
--- a/deps/openssl/openssl/crypto/bn/bn_gf2m.c
+++ b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
@@ -1,4 +1,12 @@
-/* crypto/bn/bn_gf2m.c */
+/*
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
@@ -8,91 +16,12 @@
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
- *
- * In addition, Sun covenants to all licensees who provide a reciprocal
- * covenant with respect to their own patents if any, not to sue under
- * current and future patent claims necessarily infringed by the making,
- * using, practicing, selling, offering for sale and/or otherwise
- * disposing of the ECC Code as delivered hereunder (or portions thereof),
- * provided that such covenant shall not apply:
- * 1) for code that a licensee deletes from the ECC Code;
- * 2) separates from the ECC Code; or
- * 3) for infringements caused by:
- * i) the modification of the ECC Code or
- * ii) the combination of the ECC Code with other software or
- * devices where such combination causes the infringement.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-/*
- * NOTE: This file is licensed pursuant to the OpenSSL license below and may
- * be modified; but after modifications, the above covenant may no longer
- * apply! In such cases, the corresponding paragraph ["In addition, Sun
- * covenants ... causes the infringement."] and this note can be edited out;
- * but please keep the Sun copyright notice and attribution.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
*/
#include <assert.h>
#include <limits.h>
#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#ifndef OPENSSL_NO_EC2M
@@ -472,8 +401,8 @@ int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
int arr[6];
bn_check_top(a);
bn_check_top(p);
- ret = BN_GF2m_poly2arr(p, arr, sizeof(arr) / sizeof(arr[0]));
- if (!ret || ret > (int)(sizeof(arr) / sizeof(arr[0]))) {
+ ret = BN_GF2m_poly2arr(p, arr, OSSL_NELEM(arr));
+ if (!ret || ret > (int)OSSL_NELEM(arr)) {
BNerr(BN_F_BN_GF2M_MOD, BN_R_INVALID_LENGTH);
return 0;
}
@@ -550,7 +479,7 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+ if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -560,8 +489,7 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
bn_check_top(r);
err:
- if (arr)
- OPENSSL_free(arr);
+ OPENSSL_free(arr);
return ret;
}
@@ -609,7 +537,7 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
bn_check_top(a);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+ if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -619,8 +547,7 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
bn_check_top(r);
err:
- if (arr)
- OPENSSL_free(arr);
+ OPENSSL_free(arr);
return ret;
}
@@ -1034,7 +961,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+ if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1044,8 +971,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
bn_check_top(r);
err:
- if (arr)
- OPENSSL_free(arr);
+ OPENSSL_free(arr);
return ret;
}
@@ -1094,7 +1020,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
int *arr = NULL;
bn_check_top(a);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+ if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1104,8 +1030,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
bn_check_top(r);
err:
- if (arr)
- OPENSSL_free(arr);
+ OPENSSL_free(arr);
return ret;
}
@@ -1164,7 +1089,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
if (tmp == NULL)
goto err;
do {
- if (!BN_rand(rho, p[0], 0, 0))
+ if (!BN_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto err;
if (!BN_GF2m_mod_arr(rho, rho, p))
goto err;
@@ -1225,7 +1150,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
int *arr = NULL;
bn_check_top(a);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+ if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1235,8 +1160,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
bn_check_top(r);
err:
- if (arr)
- OPENSSL_free(arr);
+ OPENSSL_free(arr);
return ret;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_intern.c b/deps/openssl/openssl/crypto/bn/bn_intern.c
new file mode 100644
index 0000000000..2c970647de
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/bn_intern.c
@@ -0,0 +1,210 @@
+/*
+ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/cryptlib.h"
+#include "bn_lcl.h"
+
+/*
+ * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+ * This is an array r[] of values that are either zero or odd with an
+ * absolute value less than 2^w satisfying
+ * scalar = \sum_j r[j]*2^j
+ * where at most one of any w+1 consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
+ */
+signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
+{
+ int window_val;
+ signed char *r = NULL;
+ int sign = 1;
+ int bit, next_bit, mask;
+ size_t len = 0, j;
+
+ if (BN_is_zero(scalar)) {
+ r = OPENSSL_malloc(1);
+ if (r == NULL) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ r[0] = 0;
+ *ret_len = 1;
+ return r;
+ }
+
+ if (w <= 0 || w > 7) { /* 'signed char' can represent integers with
+ * absolute values less than 2^7 */
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ bit = 1 << w; /* at most 128 */
+ next_bit = bit << 1; /* at most 256 */
+ mask = next_bit - 1; /* at most 255 */
+
+ if (BN_is_negative(scalar)) {
+ sign = -1;
+ }
+
+ if (scalar->d == NULL || scalar->top == 0) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ len = BN_num_bits(scalar);
+ r = OPENSSL_malloc(len + 1); /*
+ * Modified wNAF may be one digit longer than binary representation
+ * (*ret_len will be set to the actual length, i.e. at most
+ * BN_num_bits(scalar) + 1)
+ */
+ if (r == NULL) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ window_val = scalar->d[0] & mask;
+ j = 0;
+ while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len,
+ * window_val will not
+ * increase */
+ int digit = 0;
+
+ /* 0 <= window_val <= 2^(w+1) */
+
+ if (window_val & 1) {
+ /* 0 < window_val < 2^(w+1) */
+
+ if (window_val & bit) {
+ digit = window_val - next_bit; /* -2^w < digit < 0 */
+
+#if 1 /* modified wNAF */
+ if (j + w + 1 >= len) {
+ /*
+ * Special case for generating modified wNAFs:
+ * no new bits will be added into window_val,
+ * so using a positive digit here will decrease
+ * the total length of the representation
+ */
+
+ digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
+ }
+#endif
+ } else {
+ digit = window_val; /* 0 < digit < 2^w */
+ }
+
+ if (digit <= -bit || digit >= bit || !(digit & 1)) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ window_val -= digit;
+
+ /*
+ * now window_val is 0 or 2^(w+1) in standard wNAF generation;
+ * for modified window NAFs, it may also be 2^w
+ */
+ if (window_val != 0 && window_val != next_bit
+ && window_val != bit) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ r[j++] = sign * digit;
+
+ window_val >>= 1;
+ window_val += bit * BN_is_bit_set(scalar, j + w);
+
+ if (window_val > next_bit) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ if (j > len + 1) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ *ret_len = j;
+ return r;
+
+ err:
+ OPENSSL_free(r);
+ return NULL;
+}
+
+int bn_get_top(const BIGNUM *a)
+{
+ return a->top;
+}
+
+void bn_set_top(BIGNUM *a, int top)
+{
+ a->top = top;
+}
+
+int bn_get_dmax(const BIGNUM *a)
+{
+ return a->dmax;
+}
+
+void bn_set_all_zero(BIGNUM *a)
+{
+ int i;
+
+ for (i = a->top; i < a->dmax; i++)
+ a->d[i] = 0;
+}
+
+int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size)
+{
+ if (in->top > size)
+ return 0;
+
+ memset(out, 0, sizeof(*out) * size);
+ if (in->d != NULL)
+ memcpy(out, in->d, sizeof(*out) * in->top);
+ return 1;
+}
+
+BN_ULONG *bn_get_words(const BIGNUM *a)
+{
+ return a->d;
+}
+
+void bn_set_static_words(BIGNUM *a, BN_ULONG *words, int size)
+{
+ a->d = words;
+ a->dmax = a->top = size;
+ a->neg = 0;
+ a->flags |= BN_FLG_STATIC_DATA;
+ bn_correct_top(a);
+}
+
+int bn_set_words(BIGNUM *a, BN_ULONG *words, int num_words)
+{
+ if (bn_wexpand(a, num_words) == NULL) {
+ BNerr(BN_F_BN_SET_WORDS, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ memcpy(a->d, words, sizeof(BN_ULONG) * num_words);
+ a->top = num_words;
+ bn_correct_top(a);
+ return 1;
+}
+
+size_t bn_sizeof_BIGNUM(void)
+{
+ return sizeof(BIGNUM);
+}
+
+BIGNUM *bn_array_el(BIGNUM *base, int el)
+{
+ return &base[el];
+}
diff --git a/deps/openssl/openssl/crypto/bn/bn_kron.c b/deps/openssl/openssl/crypto/bn/bn_kron.c
index 88d731ac75..b9bc6cca27 100644
--- a/deps/openssl/openssl/crypto/bn/bn_kron.c
+++ b/deps/openssl/openssl/crypto/bn/bn_kron.c
@@ -1,59 +1,13 @@
-/* crypto/bn/bn_kron.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
/* least significant word */
@@ -92,7 +46,7 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
goto end;
/*
- * Kronecker symbol, imlemented according to Henri Cohen,
+ * Kronecker symbol, implemented according to Henri Cohen,
* "A Course in Computational Algebraic Number Theory"
* (algorithm 1.4.10).
*/
diff --git a/deps/openssl/openssl/crypto/bn/bn_lcl.h b/deps/openssl/openssl/crypto/bn/bn_lcl.h
index 00f4f09945..5fb3814554 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lcl.h
+++ b/deps/openssl/openssl/crypto/bn/bn_lcl.h
@@ -1,123 +1,267 @@
-/* crypto/bn/bn_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#ifndef HEADER_BN_LCL_H
# define HEADER_BN_LCL_H
-# include <openssl/bn.h>
+/*
+ * The EDK2 build doesn't use bn_conf.h; it sets THIRTY_TWO_BIT or
+ * SIXTY_FOUR_BIT in its own environment since it doesn't re-run our
+ * Configure script and needs to support both 32-bit and 64-bit.
+ */
+# include <openssl/opensslconf.h>
+
+# if !defined(OPENSSL_SYS_UEFI)
+# include "internal/bn_conf.h"
+# endif
+
+# include "internal/bn_int.h"
#ifdef __cplusplus
extern "C" {
#endif
+/*
+ * These preprocessor symbols control various aspects of the bignum headers
+ * and library code. They're not defined by any "normal" configuration, as
+ * they are intended for development and testing purposes. NB: defining all
+ * three can be useful for debugging application code as well as openssl
+ * itself. BN_DEBUG - turn on various debugging alterations to the bignum
+ * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+ * mismanagement of bignum internals. You must also define BN_DEBUG.
+ */
+/* #define BN_DEBUG */
+/* #define BN_DEBUG_RAND */
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+# define BN_MUL_COMBA
+# define BN_SQR_COMBA
+# define BN_RECURSION
+# endif
+
+/*
+ * This next option uses the C libraries (2 word)/(1 word) function. If it is
+ * not defined, I use my C version (which is slower). The reason for this
+ * flag is that when the particular C compiler library routine is used, and
+ * the library is linked with a different compiler, the library is missing.
+ * This mostly happens when the library is built with gcc and then linked
+ * using normal cc. This would be a common occurrence because gcc normally
+ * produces code that is 2 times faster than system compilers for the big
+ * number stuff. For machines with only one compiler (or shared libraries),
+ * this should be on. Again this in only really a problem on machines using
+ * "long long's", are 32bit, and are not using my assembler code.
+ */
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
+ defined(OPENSSL_SYS_WIN32) || defined(linux)
+# define BN_DIV2W
+# endif
+
+/*
+ * 64-bit processor with LP64 ABI
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+# define BN_ULLONG unsigned long long
+# define BN_BITS4 32
+# define BN_MASK2 (0xffffffffffffffffL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000L)
+# define BN_MASK2h1 (0xffffffff80000000L)
+# define BN_DEC_CONV (10000000000000000000UL)
+# define BN_DEC_NUM 19
+# define BN_DEC_FMT1 "%lu"
+# define BN_DEC_FMT2 "%019lu"
+# endif
+
+/*
+ * 64-bit processor other than LP64 ABI
+ */
+# ifdef SIXTY_FOUR_BIT
+# undef BN_LLONG
+# undef BN_ULLONG
+# define BN_BITS4 32
+# define BN_MASK2 (0xffffffffffffffffLL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000LL)
+# define BN_MASK2h1 (0xffffffff80000000LL)
+# define BN_DEC_CONV (10000000000000000000ULL)
+# define BN_DEC_NUM 19
+# define BN_DEC_FMT1 "%llu"
+# define BN_DEC_FMT2 "%019llu"
+# endif
+
+# ifdef THIRTY_TWO_BIT
+# ifdef BN_LLONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define BN_ULLONG unsigned __int64
+# else
+# define BN_ULLONG unsigned long long
+# endif
+# endif
+# define BN_BITS4 16
+# define BN_MASK2 (0xffffffffL)
+# define BN_MASK2l (0xffff)
+# define BN_MASK2h1 (0xffff8000L)
+# define BN_MASK2h (0xffff0000L)
+# define BN_DEC_CONV (1000000000L)
+# define BN_DEC_NUM 9
+# define BN_DEC_FMT1 "%u"
+# define BN_DEC_FMT2 "%09u"
+# endif
+
+
+/*-
+ * Bignum consistency macros
+ * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
+ * bignum data after direct manipulations on the data. There is also an
+ * "internal" macro, bn_check_top(), for verifying that there are no leading
+ * zeroes. Unfortunately, some auditing is required due to the fact that
+ * bn_fix_top() has become an overabused duct-tape because bignum data is
+ * occasionally passed around in an inconsistent state. So the following
+ * changes have been made to sort this out;
+ * - bn_fix_top()s implementation has been moved to bn_correct_top()
+ * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
+ * bn_check_top() is as before.
+ * - if BN_DEBUG *is* defined;
+ * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
+ * consistent. (ed: only if BN_DEBUG_RAND is defined)
+ * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
+ * The idea is to have debug builds flag up inconsistent bignums when they
+ * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
+ * the use of bn_fix_top() was appropriate (ie. it follows directly after code
+ * that manipulates the bignum) it is converted to bn_correct_top(), and if it
+ * was not appropriate, we convert it permanently to bn_check_top() and track
+ * down the cause of the bug. Eventually, no internal code should be using the
+ * bn_fix_top() macro. External applications and libraries should try this with
+ * their own code too, both in terms of building against the openssl headers
+ * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
+ * defined. This not only improves external code, it provides more test
+ * coverage for openssl's own code.
+ */
+
+# ifdef BN_DEBUG
+
+# ifdef BN_DEBUG_RAND
+/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
+# ifndef RAND_bytes
+int RAND_bytes(unsigned char *buf, int num);
+# define BN_DEBUG_TRIX
+# endif
+# define bn_pollute(a) \
+ do { \
+ const BIGNUM *_bnum1 = (a); \
+ if (_bnum1->top < _bnum1->dmax) { \
+ unsigned char _tmp_char; \
+ /* We cast away const without the compiler knowing, any \
+ * *genuinely* constant variables that aren't mutable \
+ * wouldn't be constructed with top!=dmax. */ \
+ BN_ULONG *_not_const; \
+ memcpy(&_not_const, &_bnum1->d, sizeof(_not_const)); \
+ RAND_bytes(&_tmp_char, 1); /* Debug only - safe to ignore error return */\
+ memset(_not_const + _bnum1->top, _tmp_char, \
+ sizeof(*_not_const) * (_bnum1->dmax - _bnum1->top)); \
+ } \
+ } while(0)
+# ifdef BN_DEBUG_TRIX
+# undef RAND_bytes
+# endif
+# else
+# define bn_pollute(a)
+# endif
+# define bn_check_top(a) \
+ do { \
+ const BIGNUM *_bnum2 = (a); \
+ if (_bnum2 != NULL) { \
+ OPENSSL_assert(((_bnum2->top == 0) && !_bnum2->neg) || \
+ (_bnum2->top && (_bnum2->d[_bnum2->top - 1] != 0))); \
+ bn_pollute(_bnum2); \
+ } \
+ } while(0)
+
+# define bn_fix_top(a) bn_check_top(a)
+
+# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+# define bn_wcheck_size(bn, words) \
+ do { \
+ const BIGNUM *_bnum2 = (bn); \
+ OPENSSL_assert((words) <= (_bnum2)->dmax && \
+ (words) >= (_bnum2)->top); \
+ /* avoid unused variable warning with NDEBUG */ \
+ (void)(_bnum2); \
+ } while(0)
+
+# else /* !BN_DEBUG */
+
+# define bn_pollute(a)
+# define bn_check_top(a)
+# define bn_fix_top(a) bn_correct_top(a)
+# define bn_check_size(bn, bits)
+# define bn_wcheck_size(bn, words)
+
+# endif
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+ BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
+
+struct bignum_st {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
+ * chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+};
+
+/* Used for montgomery multiplication */
+struct bn_mont_ctx_st {
+ int ri; /* number of bits in R */
+ BIGNUM RR; /* used to convert to montgomery form */
+ BIGNUM N; /* The modulus */
+ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
+ * stored for bignum algorithm) */
+ BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
+ * changed with 0.9.9, was "BN_ULONG n0;"
+ * before) */
+ int flags;
+};
+
+/*
+ * Used for reciprocal division/mod functions It cannot be shared between
+ * threads
+ */
+struct bn_recp_ctx_st {
+ BIGNUM N; /* the divisor */
+ BIGNUM Nr; /* the reciprocal */
+ int num_bits;
+ int shift;
+ int flags;
+};
+
+/* Used for slow "generation" functions. */
+struct bn_gencb_st {
+ unsigned int ver; /* To handle binary (in)compatibility */
+ void *arg; /* callback-specific data */
+ union {
+ /* if (ver==1) - handles old style callbacks */
+ void (*cb_1) (int, int, void *);
+ /* if (ver==2) - new callback style */
+ int (*cb_2) (int, int, BN_GENCB *);
+ } cb;
+};
+
/*-
* BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
*
@@ -143,23 +287,11 @@ extern "C" {
* (with draws in between). Very small exponents are often selected
* with low Hamming weight, so we use w = 1 for b <= 23.
*/
-# if 1
-# define BN_window_bits_for_exponent_size(b) \
+# define BN_window_bits_for_exponent_size(b) \
((b) > 671 ? 6 : \
(b) > 239 ? 5 : \
(b) > 79 ? 4 : \
(b) > 23 ? 3 : 1)
-# else
-/*
- * Old SSLeay/OpenSSL table. Maximum window size was 5, so this table differs
- * for b==1024; but it coincides for other interesting values (b==160,
- * b==512).
- */
-# define BN_window_bits_for_exponent_size(b) \
- ((b) > 255 ? 5 : \
- (b) > 127 ? 4 : \
- (b) > 17 ? 3 : 1)
-# endif
/*
* BN_mod_exp_mont_conttime is based on the assumption that the L1 data cache
@@ -294,8 +426,8 @@ unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
# endif
# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
# if defined(__GNUC__) && __GNUC__>=2
-# if __GNUC__>4 || (__GNUC__>=4 && __GNUC_MINOR__>=4)
- /* "h" constraint is no more since 4.4 */
+# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
+ /* "h" constraint is not an option on R6 and was removed in 4.4 */
# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
# define BN_UMULT_LOHI(low,high,a,b) ({ \
__uint128_t ret=(__uint128_t)(a)*(b); \
@@ -501,10 +633,10 @@ unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
}
# endif /* !BN_LLONG */
-# if defined(OPENSSL_DOING_MAKEDEPEND) && defined(OPENSSL_FIPS)
-# undef bn_div_words
-# endif
+void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+void bn_init(BIGNUM *a);
void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
@@ -530,6 +662,26 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
const BN_ULONG *np, const BN_ULONG *n0, int num);
+BIGNUM *int_bn_mod_inverse(BIGNUM *in,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx,
+ int *noinv);
+
+int bn_probable_prime_dh(BIGNUM *rnd, int bits,
+ const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
+int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx);
+int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx);
+
+static ossl_inline BIGNUM *bn_expand(BIGNUM *a, int bits)
+{
+ if (bits > (INT_MAX - BN_BITS2 + 1))
+ return NULL;
+
+ if (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax)
+ return a;
+
+ return bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2);
+}
+
#ifdef __cplusplus
}
#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn_lib.c b/deps/openssl/openssl/crypto/bn/bn_lib.c
index 27b9bdbc3c..7058494092 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lib.c
+++ b/deps/openssl/openssl/crypto/bn/bn_lib.c
@@ -1,76 +1,20 @@
-/* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+/*
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
#include <assert.h>
#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
-
-const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
+#include <openssl/opensslconf.h>
/* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
/*-
* For a 32 bit machine
* 2 - 4 == 128
@@ -197,6 +141,15 @@ int BN_num_bits(const BIGNUM *a)
return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
}
+static void bn_free_d(BIGNUM *a)
+{
+ if (BN_get_flags(a, BN_FLG_SECURE))
+ OPENSSL_secure_free(a->d);
+ else
+ OPENSSL_free(a->d);
+}
+
+
void BN_clear_free(BIGNUM *a)
{
int i;
@@ -206,11 +159,11 @@ void BN_clear_free(BIGNUM *a)
bn_check_top(a);
if (a->d != NULL) {
OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
- if (!(BN_get_flags(a, BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
+ if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
+ bn_free_d(a);
}
i = BN_get_flags(a, BN_FLG_MALLOCED);
- OPENSSL_cleanse(a, sizeof(BIGNUM));
+ OPENSSL_cleanse(a, sizeof(*a));
if (i)
OPENSSL_free(a);
}
@@ -220,21 +173,23 @@ void BN_free(BIGNUM *a)
if (a == NULL)
return;
bn_check_top(a);
- if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
+ if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
+ bn_free_d(a);
if (a->flags & BN_FLG_MALLOCED)
OPENSSL_free(a);
else {
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
a->flags |= BN_FLG_FREE;
#endif
a->d = NULL;
}
}
-void BN_init(BIGNUM *a)
+void bn_init(BIGNUM *a)
{
- memset(a, 0, sizeof(BIGNUM));
+ static BIGNUM nilbn;
+
+ *a = nilbn;
bn_check_top(a);
}
@@ -242,20 +197,24 @@ BIGNUM *BN_new(void)
{
BIGNUM *ret;
- if ((ret = (BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->flags = BN_FLG_MALLOCED;
- ret->top = 0;
- ret->neg = 0;
- ret->dmax = 0;
- ret->d = NULL;
bn_check_top(ret);
return (ret);
}
-/* This is used both by bn_expand2() and bn_dup_expand() */
+ BIGNUM *BN_secure_new(void)
+ {
+ BIGNUM *ret = BN_new();
+ if (ret != NULL)
+ ret->flags |= BN_FLG_SECURE;
+ return (ret);
+ }
+
+/* This is used by bn_expand2() */
/* The caller MUST check that words > b->dmax before calling this */
static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
{
@@ -273,20 +232,14 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
return (NULL);
}
- a = A = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words);
+ if (BN_get_flags(b, BN_FLG_SECURE))
+ a = A = OPENSSL_secure_zalloc(words * sizeof(*a));
+ else
+ a = A = OPENSSL_zalloc(words * sizeof(*a));
if (A == NULL) {
BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
return (NULL);
}
-#ifdef PURIFY
- /*
- * Valgrind complains in BN_consttime_swap because we process the whole
- * array even if it's not initialised yet. This doesn't matter in that
- * function - what's important is constant time operation (we're not
- * actually going to use the data)
- */
- memset(a, 0, sizeof(BN_ULONG) * words);
-#endif
#if 1
B = b->d;
@@ -297,7 +250,7 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
* The fact that the loop is unrolled
* 4-wise is a tribute to Intel. It's
* the one that doesn't have enough
- * registers to accomodate more data.
+ * registers to accommodate more data.
* I'd unroll it 8-wise otherwise:-)
*
* <appro@fy.chalmers.se>
@@ -312,24 +265,23 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
A[2] = a2;
A[3] = a3;
}
- /*
- * workaround for ultrix cc: without 'case 0', the optimizer does
- * the switch table by doing a=top&3; a--; goto jump_table[a];
- * which fails for top== 0
- */
switch (b->top & 3) {
case 3:
A[2] = B[2];
+ /* fall thru */
case 2:
A[1] = B[1];
+ /* fall thru */
case 1:
A[0] = B[0];
+ /* fall thru */
case 0:
+ /* Without the "case 0" some old optimizers got this wrong. */
;
}
}
#else
- memset(A, 0, sizeof(BN_ULONG) * words);
+ memset(A, 0, sizeof(*A) * words);
memcpy(A, b->d, sizeof(b->d[0]) * b->top);
#endif
@@ -337,58 +289,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
}
/*
- * This is an internal function that can be used instead of bn_expand2() when
- * there is a need to copy BIGNUMs instead of only expanding the data part,
- * while still expanding them. Especially useful when needing to expand
- * BIGNUMs that are declared 'const' and should therefore not be changed. The
- * reason to use this instead of a BN_dup() followed by a bn_expand2() is
- * memory allocation overhead. A BN_dup() followed by a bn_expand2() will
- * allocate new memory for the BIGNUM data twice, and free it once, while
- * bn_dup_expand() makes sure allocation is made only once.
- */
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
-{
- BIGNUM *r = NULL;
-
- bn_check_top(b);
-
- /*
- * This function does not work if words <= b->dmax && top < words because
- * BN_dup() does not preserve 'dmax'! (But bn_dup_expand() is not used
- * anywhere yet.)
- */
-
- if (words > b->dmax) {
- BN_ULONG *a = bn_expand_internal(b, words);
-
- if (a) {
- r = BN_new();
- if (r) {
- r->top = b->top;
- r->dmax = words;
- r->neg = b->neg;
- r->d = a;
- } else {
- /* r == NULL, BN_new failure */
- OPENSSL_free(a);
- }
- }
- /*
- * If a == NULL, there was an error in allocation in
- * bn_expand_internal(), and NULL should be returned
- */
- } else {
- r = BN_dup(b);
- }
-
- bn_check_top(r);
- return r;
-}
-#endif
-
-/*
* This is an internal function that should not be used in applications. It
* ensures that 'b' has enough room for a 'words' word number and initialises
* any unused part of b->d with leading zeros. It is mostly used by the
@@ -404,35 +304,14 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
BN_ULONG *a = bn_expand_internal(b, words);
if (!a)
return NULL;
- if (b->d)
- OPENSSL_free(b->d);
+ if (b->d) {
+ OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
+ bn_free_d(b);
+ }
b->d = a;
b->dmax = words;
}
-/* None of this should be necessary because of what b->top means! */
-#if 0
- /*
- * NB: bn_wexpand() calls this only if the BIGNUM really has to grow
- */
- if (b->top < b->dmax) {
- int i;
- BN_ULONG *A = &(b->d[b->top]);
- for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
- A[0] = 0;
- A[1] = 0;
- A[2] = 0;
- A[3] = 0;
- A[4] = 0;
- A[5] = 0;
- A[6] = 0;
- A[7] = 0;
- }
- for (i = (b->dmax - b->top) & 7; i > 0; i--, A++)
- A[0] = 0;
- assert(A == &(b->d[b->dmax]));
- }
-#endif
bn_check_top(b);
return b;
}
@@ -445,7 +324,7 @@ BIGNUM *BN_dup(const BIGNUM *a)
return NULL;
bn_check_top(a);
- t = BN_new();
+ t = BN_get_flags(a, BN_FLG_SECURE) ? BN_secure_new() : BN_new();
if (t == NULL)
return NULL;
if (!BN_copy(t, a)) {
@@ -487,10 +366,13 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
switch (b->top & 3) {
case 3:
A[2] = B[2];
+ /* fall thru */
case 2:
A[1] = B[1];
+ /* fall thru */
case 1:
A[0] = B[0];
+ /* fall thru */
case 0:;
}
#else
@@ -542,7 +424,7 @@ void BN_clear(BIGNUM *a)
{
bn_check_top(a);
if (a->d != NULL)
- OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
+ OPENSSL_cleanse(a->d, sizeof(*a->d) * a->dmax);
a->top = 0;
a->neg = 0;
}
@@ -581,7 +463,9 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
if (ret == NULL)
return (NULL);
bn_check_top(ret);
- l = 0;
+ /* Skip leading zero's. */
+ for ( ; len > 0 && *s == 0; s++, len--)
+ continue;
n = len;
if (n == 0) {
ret->top = 0;
@@ -590,12 +474,12 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
i = ((n - 1) / BN_BYTES) + 1;
m = ((n - 1) % (BN_BYTES));
if (bn_wexpand(ret, (int)i) == NULL) {
- if (bn)
- BN_free(bn);
+ BN_free(bn);
return NULL;
}
ret->top = i;
ret->neg = 0;
+ l = 0;
while (n--) {
l = (l << 8L) | *(s++);
if (m-- == 0) {
@@ -613,18 +497,106 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
}
/* ignore negative */
-int BN_bn2bin(const BIGNUM *a, unsigned char *to)
+static int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
{
- int n, i;
+ int i;
BN_ULONG l;
bn_check_top(a);
- n = i = BN_num_bytes(a);
+ i = BN_num_bytes(a);
+ if (tolen == -1)
+ tolen = i;
+ else if (tolen < i)
+ return -1;
+ /* Add leading zeroes if necessary */
+ if (tolen > i) {
+ memset(to, 0, tolen - i);
+ to += tolen - i;
+ }
while (i--) {
l = a->d[i / BN_BYTES];
*(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
}
- return (n);
+ return tolen;
+}
+
+int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
+{
+ if (tolen < 0)
+ return -1;
+ return bn2binpad(a, to, tolen);
+}
+
+int BN_bn2bin(const BIGNUM *a, unsigned char *to)
+{
+ return bn2binpad(a, to, -1);
+}
+
+BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret)
+{
+ unsigned int i, m;
+ unsigned int n;
+ BN_ULONG l;
+ BIGNUM *bn = NULL;
+
+ if (ret == NULL)
+ ret = bn = BN_new();
+ if (ret == NULL)
+ return (NULL);
+ bn_check_top(ret);
+ s += len;
+ /* Skip trailing zeroes. */
+ for ( ; len > 0 && s[-1] == 0; s--, len--)
+ continue;
+ n = len;
+ if (n == 0) {
+ ret->top = 0;
+ return ret;
+ }
+ i = ((n - 1) / BN_BYTES) + 1;
+ m = ((n - 1) % (BN_BYTES));
+ if (bn_wexpand(ret, (int)i) == NULL) {
+ BN_free(bn);
+ return NULL;
+ }
+ ret->top = i;
+ ret->neg = 0;
+ l = 0;
+ while (n--) {
+ s--;
+ l = (l << 8L) | *s;
+ if (m-- == 0) {
+ ret->d[--i] = l;
+ l = 0;
+ m = BN_BYTES - 1;
+ }
+ }
+ /*
+ * need to call this due to clear byte at top if avoiding having the top
+ * bit set (-ve number)
+ */
+ bn_correct_top(ret);
+ return ret;
+}
+
+int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen)
+{
+ int i;
+ BN_ULONG l;
+ bn_check_top(a);
+ i = BN_num_bytes(a);
+ if (tolen < i)
+ return -1;
+ /* Add trailing zeroes if necessary */
+ if (tolen > i)
+ memset(to + i, 0, tolen - i);
+ to += i;
+ while (i--) {
+ l = a->d[i / BN_BYTES];
+ to--;
+ *to = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
+ }
+ return tolen;
}
int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
@@ -800,9 +772,9 @@ int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
/*
* Here follows a specialised variants of bn_cmp_words(). It has the
- * property of performing the operation on arrays of different sizes. The
+ * capability of performing the operation on arrays of different sizes. The
* sizes of those arrays is expressed through cl, which is the common length
- * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
+ * ( basically, min(len(a),len(b)) ), and dl, which is the delta between the
* two lengths, calculated as len(a)-len(b). All lengths are the number of
* BN_ULONGs...
*/
@@ -887,3 +859,158 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
}
#undef BN_CONSTTIME_SWAP
}
+
+/* Bits of security, see SP800-57 */
+
+int BN_security_bits(int L, int N)
+{
+ int secbits, bits;
+ if (L >= 15360)
+ secbits = 256;
+ else if (L >= 7680)
+ secbits = 192;
+ else if (L >= 3072)
+ secbits = 128;
+ else if (L >= 2048)
+ secbits = 112;
+ else if (L >= 1024)
+ secbits = 80;
+ else
+ return 0;
+ if (N == -1)
+ return secbits;
+ bits = N / 2;
+ if (bits < 80)
+ return 0;
+ return bits >= secbits ? secbits : bits;
+}
+
+void BN_zero_ex(BIGNUM *a)
+{
+ a->top = 0;
+ a->neg = 0;
+}
+
+int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w)
+{
+ return ((a->top == 1) && (a->d[0] == w)) || ((w == 0) && (a->top == 0));
+}
+
+int BN_is_zero(const BIGNUM *a)
+{
+ return a->top == 0;
+}
+
+int BN_is_one(const BIGNUM *a)
+{
+ return BN_abs_is_word(a, 1) && !a->neg;
+}
+
+int BN_is_word(const BIGNUM *a, const BN_ULONG w)
+{
+ return BN_abs_is_word(a, w) && (!w || !a->neg);
+}
+
+int BN_is_odd(const BIGNUM *a)
+{
+ return (a->top > 0) && (a->d[0] & 1);
+}
+
+int BN_is_negative(const BIGNUM *a)
+{
+ return (a->neg != 0);
+}
+
+int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx)
+{
+ return BN_mod_mul_montgomery(r, a, &(mont->RR), mont, ctx);
+}
+
+void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags)
+{
+ dest->d = b->d;
+ dest->top = b->top;
+ dest->dmax = b->dmax;
+ dest->neg = b->neg;
+ dest->flags = ((dest->flags & BN_FLG_MALLOCED)
+ | (b->flags & ~BN_FLG_MALLOCED)
+ | BN_FLG_STATIC_DATA | flags);
+}
+
+BN_GENCB *BN_GENCB_new(void)
+{
+ BN_GENCB *ret;
+
+ if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
+ BNerr(BN_F_BN_GENCB_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
+ }
+
+ return ret;
+}
+
+void BN_GENCB_free(BN_GENCB *cb)
+{
+ if (cb == NULL)
+ return;
+ OPENSSL_free(cb);
+}
+
+void BN_set_flags(BIGNUM *b, int n)
+{
+ b->flags |= n;
+}
+
+int BN_get_flags(const BIGNUM *b, int n)
+{
+ return b->flags & n;
+}
+
+/* Populate a BN_GENCB structure with an "old"-style callback */
+void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback) (int, int, void *),
+ void *cb_arg)
+{
+ BN_GENCB *tmp_gencb = gencb;
+ tmp_gencb->ver = 1;
+ tmp_gencb->arg = cb_arg;
+ tmp_gencb->cb.cb_1 = callback;
+}
+
+/* Populate a BN_GENCB structure with a "new"-style callback */
+void BN_GENCB_set(BN_GENCB *gencb, int (*callback) (int, int, BN_GENCB *),
+ void *cb_arg)
+{
+ BN_GENCB *tmp_gencb = gencb;
+ tmp_gencb->ver = 2;
+ tmp_gencb->arg = cb_arg;
+ tmp_gencb->cb.cb_2 = callback;
+}
+
+void *BN_GENCB_get_arg(BN_GENCB *cb)
+{
+ return cb->arg;
+}
+
+BIGNUM *bn_wexpand(BIGNUM *a, int words)
+{
+ return (words <= a->dmax) ? a : bn_expand2(a, words);
+}
+
+void bn_correct_top(BIGNUM *a)
+{
+ BN_ULONG *ftl;
+ int tmp_top = a->top;
+
+ if (tmp_top > 0) {
+ for (ftl = &(a->d[tmp_top]); tmp_top > 0; tmp_top--) {
+ ftl--;
+ if (*ftl != 0)
+ break;
+ }
+ a->top = tmp_top;
+ }
+ if (a->top == 0)
+ a->neg = 0;
+ bn_pollute(a);
+}
diff --git a/deps/openssl/openssl/crypto/bn/bn_mod.c b/deps/openssl/openssl/crypto/bn/bn_mod.c
index ffbce890cf..13b583f76c 100644
--- a/deps/openssl/openssl/crypto/bn/bn_mod.c
+++ b/deps/openssl/openssl/crypto/bn/bn_mod.c
@@ -1,129 +1,15 @@
-/* crypto/bn/bn_mod.c */
/*
- * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
-#if 0 /* now just a #define */
-int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-{
- return (BN_div(NULL, rem, m, d, ctx));
- /* note that rem->neg == m->neg (unless the remainder is zero) */
-}
-#endif
-
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
{
/*
@@ -262,8 +148,7 @@ int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
bn_check_top(r);
- if (abs_m)
- BN_free(abs_m);
+ BN_free(abs_m);
return ret;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_mont.c b/deps/openssl/openssl/crypto/bn/bn_mont.c
index c1703650ef..faef581571 100644
--- a/deps/openssl/openssl/crypto/bn/bn_mont.c
+++ b/deps/openssl/openssl/crypto/bn/bn_mont.c
@@ -1,112 +1,10 @@
-/* crypto/bn/bn_mont.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
/*
@@ -116,8 +14,7 @@
* sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#define MONT_WORD /* use the faster word-based algorithm */
@@ -197,12 +94,9 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
rp = r->d;
/* clear the top words of T */
-# if 1
- for (i = r->top; i < max; i++) /* memset? XXX */
- rp[i] = 0;
-# else
- memset(&(rp[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
-# endif
+ i = max - r->top;
+ if (i)
+ memset(&rp[r->top], 0, sizeof(*rp) * i);
r->top = max;
n0 = mont->n0[0];
@@ -303,7 +197,7 @@ BN_MONT_CTX *BN_MONT_CTX_new(void)
{
BN_MONT_CTX *ret;
- if ((ret = (BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
+ if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
return (NULL);
BN_MONT_CTX_init(ret);
@@ -314,9 +208,9 @@ BN_MONT_CTX *BN_MONT_CTX_new(void)
void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
{
ctx->ri = 0;
- BN_init(&(ctx->RR));
- BN_init(&(ctx->N));
- BN_init(&(ctx->Ni));
+ bn_init(&(ctx->RR));
+ bn_init(&(ctx->N));
+ bn_init(&(ctx->Ni));
ctx->n0[0] = ctx->n0[1] = 0;
ctx->flags = 0;
}
@@ -356,7 +250,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
BIGNUM tmod;
BN_ULONG buf[2];
- BN_init(&tmod);
+ bn_init(&tmod);
tmod.d = buf;
tmod.dmax = 2;
tmod.neg = 0;
@@ -489,14 +383,14 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
return (to);
}
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_RWLOCK *lock,
const BIGNUM *mod, BN_CTX *ctx)
{
BN_MONT_CTX *ret;
- CRYPTO_r_lock(lock);
+ CRYPTO_THREAD_read_lock(lock);
ret = *pmont;
- CRYPTO_r_unlock(lock);
+ CRYPTO_THREAD_unlock(lock);
if (ret)
return ret;
@@ -509,7 +403,7 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
* (the losers throw away the work they've done).
*/
ret = BN_MONT_CTX_new();
- if (!ret)
+ if (ret == NULL)
return NULL;
if (!BN_MONT_CTX_set(ret, mod, ctx)) {
BN_MONT_CTX_free(ret);
@@ -517,12 +411,12 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
}
/* The locked compare-and-set, after the local work is done. */
- CRYPTO_w_lock(lock);
+ CRYPTO_THREAD_write_lock(lock);
if (*pmont) {
BN_MONT_CTX_free(ret);
ret = *pmont;
} else
*pmont = ret;
- CRYPTO_w_unlock(lock);
+ CRYPTO_THREAD_unlock(lock);
return ret;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_mpi.c b/deps/openssl/openssl/crypto/bn/bn_mpi.c
index 3bd40bbd2b..043e21d26a 100644
--- a/deps/openssl/openssl/crypto/bn/bn_mpi.c
+++ b/deps/openssl/openssl/crypto/bn/bn_mpi.c
@@ -1,63 +1,14 @@
-/* crypto/bn/bn_mpi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
@@ -88,41 +39,48 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
return (num + 4 + ext);
}
-BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
+BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
{
long len;
int neg = 0;
+ BIGNUM *a = NULL;
if (n < 4) {
BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
- return (NULL);
+ return NULL;
}
len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) | (int)
d[3];
if ((len + 4) != n) {
BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
- return (NULL);
+ return NULL;
}
- if (a == NULL)
+ if (ain == NULL)
a = BN_new();
+ else
+ a = ain;
+
if (a == NULL)
- return (NULL);
+ return NULL;
if (len == 0) {
a->neg = 0;
a->top = 0;
- return (a);
+ return a;
}
d += 4;
if ((*d) & 0x80)
neg = 1;
- if (BN_bin2bn(d, (int)len, a) == NULL)
- return (NULL);
+ if (BN_bin2bn(d, (int)len, a) == NULL) {
+ if (ain == NULL)
+ BN_free(a);
+ return NULL;
+ }
a->neg = neg;
if (neg) {
BN_clear_bit(a, BN_num_bits(a) - 1);
}
bn_check_top(a);
- return (a);
+ return a;
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_mul.c b/deps/openssl/openssl/crypto/bn/bn_mul.c
index 6b455a755f..a1abc5b05a 100644
--- a/deps/openssl/openssl/crypto/bn/bn_mul.c
+++ b/deps/openssl/openssl/crypto/bn/bn_mul.c
@@ -1,69 +1,14 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
#include <assert.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
@@ -71,7 +16,7 @@
* Here follows specialised variants of bn_add_words() and bn_sub_words().
* They have the property performing operations on arrays of different sizes.
* The sizes of those arrays is expressed through cl, which is the common
- * length ( basicall, min(len(a),len(b)) ), and dl, which is the delta
+ * length ( basically, min(len(a),len(b)) ), and dl, which is the delta
* between the two lengths, calculated as len(a)-len(b). All lengths are the
* number of BN_ULONGs... For the operations that require a result array as
* parameter, it must have the length cl+abs(dl). These functions should
@@ -96,10 +41,6 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r,
b += cl;
if (dl < 0) {
-# ifdef BN_COUNT
- fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl,
- dl, c);
-# endif
for (;;) {
t = b[0];
r[0] = (0 - t - c) & BN_MASK2;
@@ -134,10 +75,6 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r,
}
} else {
int save_dl = dl;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl,
- dl, c);
-# endif
while (c) {
t = a[0];
r[0] = (t - c) & BN_MASK2;
@@ -172,20 +109,18 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r,
r += 4;
}
if (dl > 0) {
-# ifdef BN_COUNT
- fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n",
- cl, dl);
-# endif
if (save_dl > dl) {
switch (save_dl - dl) {
case 1:
r[1] = a[1];
if (--dl <= 0)
break;
+ /* fall thru */
case 2:
r[2] = a[2];
if (--dl <= 0)
break;
+ /* fall thru */
case 3:
r[3] = a[3];
if (--dl <= 0)
@@ -196,10 +131,6 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r,
}
}
if (dl > 0) {
-# ifdef BN_COUNT
- fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n",
- cl, dl);
-# endif
for (;;) {
r[0] = a[0];
if (--dl <= 0)
@@ -241,10 +172,6 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
if (dl < 0) {
int save_dl = dl;
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl,
- dl, c);
-#endif
while (c) {
l = (c + b[0]) & BN_MASK2;
c = (l < c);
@@ -275,20 +202,18 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
r += 4;
}
if (dl < 0) {
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n",
- cl, dl);
-#endif
if (save_dl < dl) {
switch (dl - save_dl) {
case 1:
r[1] = b[1];
if (++dl >= 0)
break;
+ /* fall thru */
case 2:
r[2] = b[2];
if (++dl >= 0)
break;
+ /* fall thru */
case 3:
r[3] = b[3];
if (++dl >= 0)
@@ -299,10 +224,6 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
}
}
if (dl < 0) {
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n",
- cl, dl);
-#endif
for (;;) {
r[0] = b[0];
if (++dl >= 0)
@@ -323,9 +244,6 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
}
} else {
int save_dl = dl;
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl);
-#endif
while (c) {
t = (a[0] + c) & BN_MASK2;
c = (t < c);
@@ -355,10 +273,6 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
a += 4;
r += 4;
}
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl,
- dl);
-#endif
if (dl > 0) {
if (save_dl > dl) {
switch (save_dl - dl) {
@@ -366,10 +280,12 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
r[1] = a[1];
if (--dl <= 0)
break;
+ /* fall thru */
case 2:
r[2] = a[2];
if (--dl <= 0)
break;
+ /* fall thru */
case 3:
r[3] = a[3];
if (--dl <= 0)
@@ -380,10 +296,6 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
}
}
if (dl > 0) {
-#ifdef BN_COUNT
- fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n",
- cl, dl);
-#endif
for (;;) {
r[0] = a[0];
if (--dl <= 0)
@@ -432,9 +344,6 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
unsigned int neg, zero;
BN_ULONG ln, lo, *p;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_mul_recursive %d%+d * %d%+d\n", n2, dna, n2, dnb);
-# endif
# ifdef BN_MUL_COMBA
# if 0
if (n2 == 4) {
@@ -501,7 +410,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
if (!zero)
bn_mul_comba4(&(t[n2]), t, &(t[n]));
else
- memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
+ memset(&t[n2], 0, sizeof(*t) * 8);
bn_mul_comba4(r, a, b);
bn_mul_comba4(&(r[n2]), &(a[n]), &(b[n]));
@@ -511,7 +420,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
if (!zero)
bn_mul_comba8(&(t[n2]), t, &(t[n]));
else
- memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
+ memset(&t[n2], 0, sizeof(*t) * 16);
bn_mul_comba8(r, a, b);
bn_mul_comba8(&(r[n2]), &(a[n]), &(b[n]));
@@ -522,7 +431,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
if (!zero)
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
else
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ memset(&t[n2], 0, sizeof(*t) * n2);
bn_mul_recursive(r, a, b, n, 0, 0, p);
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
}
@@ -581,10 +490,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
int c1, c2, neg;
BN_ULONG ln, lo, *p;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
- n, tna, n, tnb);
-# endif
if (n < 8) {
bn_mul_normal(r, a, n + tna, b, n + tnb);
return;
@@ -631,14 +536,14 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
bn_mul_comba4(&(t[n2]), t, &(t[n]));
bn_mul_comba4(r, a, b);
bn_mul_normal(&(r[n2]), &(a[n]), tn, &(b[n]), tn);
- memset(&(r[n2 + tn * 2]), 0, sizeof(BN_ULONG) * (n2 - tn * 2));
+ memset(&r[n2 + tn * 2], 0, sizeof(*r) * (n2 - tn * 2));
} else
# endif
if (n == 8) {
bn_mul_comba8(&(t[n2]), t, &(t[n]));
bn_mul_comba8(r, a, b);
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ memset(&r[n2 + tna + tnb], 0, sizeof(*r) * (n2 - tna - tnb));
} else {
p = &(t[n2 * 2]);
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
@@ -654,7 +559,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
if (j == 0) {
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]),
i, tna - i, tnb - i, p);
- memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
+ memset(&r[n2 + i * 2], 0, sizeof(*r) * (n2 - i * 2));
} else if (j > 0) { /* eg, n == 16, i == 8 and tn == 11 */
bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]),
i, tna - i, tnb - i, p);
@@ -662,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
sizeof(BN_ULONG) * (n2 - tna - tnb));
} else { /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
- memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
+ memset(&r[n2], 0, sizeof(*r) * n2);
if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL
&& tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
@@ -741,10 +646,6 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
{
int n = n2 / 2;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_mul_low_recursive %d * %d\n", n2, n2);
-# endif
-
bn_mul_recursive(r, a, b, n, 0, 0, &(t[0]));
if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) {
bn_mul_low_recursive(&(t[0]), &(a[0]), &(b[n]), n, &(t[n2]));
@@ -773,9 +674,6 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
int neg, oneg, zero;
BN_ULONG ll, lc, *lp, *mp;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_mul_high %d * %d\n", n2, n2);
-# endif
n = n2 / 2;
/* Calculate (al-ah)*(bh-bl) */
@@ -837,9 +735,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
*/
if (l != NULL) {
lp = &(t[n2 + n]);
- c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n));
+ bn_add_words(lp, &(r[0]), &(l[0]), n);
} else {
- c1 = 0;
lp = &(r[0]);
}
@@ -947,10 +844,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
int j = 0, k;
#endif
-#ifdef BN_COUNT
- fprintf(stderr, "BN_mul %d * %d\n", a->top, b->top);
-#endif
-
bn_check_top(a);
bn_check_top(b);
bn_check_top(r);
@@ -970,7 +863,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
goto err;
} else
rr = r;
- rr->neg = a->neg ^ b->neg;
#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
i = al - bl;
@@ -1042,6 +934,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
end:
#endif
+ rr->neg = a->neg ^ b->neg;
bn_correct_top(rr);
if (r != rr && BN_copy(r, rr) == NULL)
goto err;
@@ -1057,10 +950,6 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
{
BN_ULONG *rr;
-#ifdef BN_COUNT
- fprintf(stderr, " bn_mul_normal %d * %d\n", na, nb);
-#endif
-
if (na < nb) {
int itmp;
BN_ULONG *ltmp;
@@ -1101,9 +990,6 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
{
-#ifdef BN_COUNT
- fprintf(stderr, " bn_mul_low_normal %d * %d\n", n, n);
-#endif
bn_mul_words(r, a, n, b[0]);
for (;;) {
diff --git a/deps/openssl/openssl/crypto/bn/bn_nist.c b/deps/openssl/openssl/crypto/bn/bn_nist.c
index 4a45404c6f..53598f97ef 100644
--- a/deps/openssl/openssl/crypto/bn/bn_nist.c
+++ b/deps/openssl/openssl/crypto/bn/bn_nist.c
@@ -1,63 +1,14 @@
-/* crypto/bn/bn_nist.c */
/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include "bn_lcl.h"
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#define BN_NIST_192_TOP (192+BN_BITS2-1)/BN_BITS2
#define BN_NIST_224_TOP (224+BN_BITS2-1)/BN_BITS2
@@ -379,8 +330,8 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
PTR_SIZE_INT mask;
static const BIGNUM _bignum_nist_p_192_sqr = {
(BN_ULONG *)_nist_p_192_sqr,
- sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
- sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
+ OSSL_NELEM(_nist_p_192_sqr),
+ OSSL_NELEM(_nist_p_192_sqr),
0, BN_FLG_STATIC_DATA
};
@@ -524,8 +475,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
} u;
static const BIGNUM _bignum_nist_p_224_sqr = {
(BN_ULONG *)_nist_p_224_sqr,
- sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
- sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
+ OSSL_NELEM(_nist_p_224_sqr),
+ OSSL_NELEM(_nist_p_224_sqr),
0, BN_FLG_STATIC_DATA
};
@@ -645,7 +596,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
#endif
} else if (carry < 0) {
/*
- * it's a bit more comlicated logic in this case. if bn_add_words
+ * it's a bit more complicated logic in this case. if bn_add_words
* yields no carry, then result has to be adjusted by unconditionally
* *adding* the modulus. but if it does, then result has to be
* compared to the modulus and conditionally adjusted by
@@ -705,8 +656,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
} u;
static const BIGNUM _bignum_nist_p_256_sqr = {
(BN_ULONG *)_nist_p_256_sqr,
- sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
- sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
+ OSSL_NELEM(_nist_p_256_sqr),
+ OSSL_NELEM(_nist_p_256_sqr),
0, BN_FLG_STATIC_DATA
};
@@ -951,8 +902,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
} u;
static const BIGNUM _bignum_nist_p_384_sqr = {
(BN_ULONG *)_nist_p_384_sqr,
- sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
- sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
+ OSSL_NELEM(_nist_p_384_sqr),
+ OSSL_NELEM(_nist_p_384_sqr),
0, BN_FLG_STATIC_DATA
};
@@ -1209,8 +1160,8 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
PTR_SIZE_INT mask;
static const BIGNUM _bignum_nist_p_521_sqr = {
(BN_ULONG *)_nist_p_521_sqr,
- sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
- sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
+ OSSL_NELEM(_nist_p_521_sqr),
+ OSSL_NELEM(_nist_p_521_sqr),
0, BN_FLG_STATIC_DATA
};
@@ -1239,9 +1190,20 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
top - (BN_NIST_521_TOP - 1), BN_NIST_521_TOP);
/* ... and right shift */
for (val = t_d[0], i = 0; i < BN_NIST_521_TOP - 1; i++) {
+#if 0
+ /*
+ * MSC ARM compiler [version 2013, presumably even earlier,
+ * much earlier] miscompiles this code, but not one in
+ * #else section. See RT#3541.
+ */
+ tmp = val >> BN_NIST_521_RSHIFT;
+ val = t_d[i + 1];
+ t_d[i] = (tmp | val << BN_NIST_521_LSHIFT) & BN_MASK2;
+#else
t_d[i] = (val >> BN_NIST_521_RSHIFT |
(tmp = t_d[i + 1]) << BN_NIST_521_LSHIFT) & BN_MASK2;
val = tmp;
+#endif
}
t_d[i] = val >> BN_NIST_521_RSHIFT;
/* lower 521 bits */
@@ -1260,3 +1222,18 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
return 1;
}
+
+int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *field, BN_CTX *ctx) {
+ if (BN_ucmp(&_bignum_nist_p_192, p) == 0)
+ return BN_nist_mod_192;
+ if (BN_ucmp(&_bignum_nist_p_224, p) == 0)
+ return BN_nist_mod_224;
+ if (BN_ucmp(&_bignum_nist_p_256, p) == 0)
+ return BN_nist_mod_256;
+ if (BN_ucmp(&_bignum_nist_p_384, p) == 0)
+ return BN_nist_mod_384;
+ if (BN_ucmp(&_bignum_nist_p_521, p) == 0)
+ return BN_nist_mod_521;
+ return 0;
+}
diff --git a/deps/openssl/openssl/crypto/bn/bn_prime.c b/deps/openssl/openssl/crypto/bn/bn_prime.c
index e911e15785..616389cfa6 100644
--- a/deps/openssl/openssl/crypto/bn/bn_prime.c
+++ b/deps/openssl/openssl/crypto/bn/bn_prime.c
@@ -1,125 +1,18 @@
-/* crypto/bn/bn_prime.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * WARNING: do not edit!
+ * Generated by crypto/bn/bn_prime.pl
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <time.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-/*
- * NB: these functions have been "upgraded", the deprecated versions (which
- * are compatibility wrappers using these functions) are in bn_depr.c. -
- * Geoff
- */
/*
* The quick sieve algorithm approach to weeding out primes is Philip
@@ -131,12 +24,57 @@
static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
const BIGNUM *a1_odd, int k, BN_CTX *ctx,
BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits);
-static int probable_prime_dh(BIGNUM *rnd, int bits,
- const BIGNUM *add, const BIGNUM *rem,
- BN_CTX *ctx);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add,
- const BIGNUM *rem, BN_CTX *ctx);
+static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods);
+static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
+ const BIGNUM *add, const BIGNUM *rem,
+ BN_CTX *ctx);
+
+static const int prime_offsets[480] = {
+ 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83,
+ 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163,
+ 167, 169, 173, 179, 181, 191, 193, 197, 199, 211, 221, 223, 227, 229,
+ 233, 239, 241, 247, 251, 257, 263, 269, 271, 277, 281, 283, 289, 293,
+ 299, 307, 311, 313, 317, 323, 331, 337, 347, 349, 353, 359, 361, 367,
+ 373, 377, 379, 383, 389, 391, 397, 401, 403, 409, 419, 421, 431, 433,
+ 437, 439, 443, 449, 457, 461, 463, 467, 479, 481, 487, 491, 493, 499,
+ 503, 509, 521, 523, 527, 529, 533, 541, 547, 551, 557, 559, 563, 569,
+ 571, 577, 587, 589, 593, 599, 601, 607, 611, 613, 617, 619, 629, 631,
+ 641, 643, 647, 653, 659, 661, 667, 673, 677, 683, 689, 691, 697, 701,
+ 703, 709, 713, 719, 727, 731, 733, 739, 743, 751, 757, 761, 767, 769,
+ 773, 779, 787, 793, 797, 799, 809, 811, 817, 821, 823, 827, 829, 839,
+ 841, 851, 853, 857, 859, 863, 871, 877, 881, 883, 887, 893, 899, 901,
+ 907, 911, 919, 923, 929, 937, 941, 943, 947, 949, 953, 961, 967, 971,
+ 977, 983, 989, 991, 997, 1003, 1007, 1009, 1013, 1019, 1021, 1027, 1031,
+ 1033, 1037, 1039, 1049, 1051, 1061, 1063, 1069, 1073, 1079, 1081, 1087,
+ 1091, 1093, 1097, 1103, 1109, 1117, 1121, 1123, 1129, 1139, 1147, 1151,
+ 1153, 1157, 1159, 1163, 1171, 1181, 1187, 1189, 1193, 1201, 1207, 1213,
+ 1217, 1219, 1223, 1229, 1231, 1237, 1241, 1247, 1249, 1259, 1261, 1271,
+ 1273, 1277, 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1313, 1319,
+ 1321, 1327, 1333, 1339, 1343, 1349, 1357, 1361, 1363, 1367, 1369, 1373,
+ 1381, 1387, 1391, 1399, 1403, 1409, 1411, 1417, 1423, 1427, 1429, 1433,
+ 1439, 1447, 1451, 1453, 1457, 1459, 1469, 1471, 1481, 1483, 1487, 1489,
+ 1493, 1499, 1501, 1511, 1513, 1517, 1523, 1531, 1537, 1541, 1543, 1549,
+ 1553, 1559, 1567, 1571, 1577, 1579, 1583, 1591, 1597, 1601, 1607, 1609,
+ 1613, 1619, 1621, 1627, 1633, 1637, 1643, 1649, 1651, 1657, 1663, 1667,
+ 1669, 1679, 1681, 1691, 1693, 1697, 1699, 1703, 1709, 1711, 1717, 1721,
+ 1723, 1733, 1739, 1741, 1747, 1751, 1753, 1759, 1763, 1769, 1777, 1781,
+ 1783, 1787, 1789, 1801, 1807, 1811, 1817, 1819, 1823, 1829, 1831, 1843,
+ 1847, 1849, 1853, 1861, 1867, 1871, 1873, 1877, 1879, 1889, 1891, 1901,
+ 1907, 1909, 1913, 1919, 1921, 1927, 1931, 1933, 1937, 1943, 1949, 1951,
+ 1957, 1961, 1963, 1973, 1979, 1987, 1993, 1997, 1999, 2003, 2011, 2017,
+ 2021, 2027, 2029, 2033, 2039, 2041, 2047, 2053, 2059, 2063, 2069, 2071,
+ 2077, 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2117, 2119, 2129, 2131,
+ 2137, 2141, 2143, 2147, 2153, 2159, 2161, 2171, 2173, 2179, 2183, 2197,
+ 2201, 2203, 2207, 2209, 2213, 2221, 2227, 2231, 2237, 2239, 2243, 2249,
+ 2251, 2257, 2263, 2267, 2269, 2273, 2279, 2281, 2287, 2291, 2293, 2297,
+ 2309, 2311
+};
+
+static const int prime_offset_count = 480;
+static const int prime_multiplier = 2310;
+static const int prime_multiplier_bits = 11; /* 2^|prime_multiplier_bits| <=
+ * |prime_multiplier| */
+static const int first_prime_index = 5;
int BN_GENCB_call(BN_GENCB *cb, int a, int b)
{
@@ -166,9 +104,24 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
BIGNUM *t;
int found = 0;
int i, j, c1 = 0;
- BN_CTX *ctx;
+ BN_CTX *ctx = NULL;
+ prime_t *mods = NULL;
int checks = BN_prime_checks_for_size(bits);
+ if (bits < 2) {
+ /* There are no prime numbers this small. */
+ BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
+ return 0;
+ } else if (bits == 2 && safe) {
+ /* The smallest safe prime (7) is three bits. */
+ BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
+ return 0;
+ }
+
+ mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES);
+ if (mods == NULL)
+ goto err;
+
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
@@ -179,18 +132,18 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
loop:
/* make a random number and set the top and bottom bits */
if (add == NULL) {
- if (!probable_prime(ret, bits))
+ if (!probable_prime(ret, bits, mods))
goto err;
} else {
if (safe) {
if (!probable_prime_dh_safe(ret, bits, add, rem, ctx))
goto err;
} else {
- if (!probable_prime_dh(ret, bits, add, rem, ctx))
+ if (!bn_probable_prime_dh(ret, bits, add, rem, ctx))
goto err;
}
}
- /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */
+
if (!BN_GENCB_call(cb, 0, c1++))
/* aborted */
goto err;
@@ -230,10 +183,10 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
/* we have a prime :-) */
found = 1;
err:
- if (ctx != NULL) {
+ OPENSSL_free(mods);
+ if (ctx != NULL)
BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
+ BN_CTX_free(ctx);
bn_check_top(ret);
return found;
}
@@ -264,9 +217,13 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
/* a is even => a is prime if and only if a == 2 */
return BN_is_word(a, 2);
if (do_trial_division) {
- for (i = 1; i < NUMPRIMES; i++)
- if (BN_mod_word(a, primes[i]) == 0)
+ for (i = 1; i < NUMPRIMES; i++) {
+ BN_ULONG mod = BN_mod_word(a, primes[i]);
+ if (mod == (BN_ULONG)-1)
+ goto err;
+ if (mod == 0)
return 0;
+ }
if (!BN_GENCB_call(cb, 1, -1))
goto err;
}
@@ -331,12 +288,88 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
if (ctx_passed == NULL)
BN_CTX_free(ctx);
}
- if (mont != NULL)
- BN_MONT_CTX_free(mont);
+ BN_MONT_CTX_free(mont);
return (ret);
}
+int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx)
+{
+ int i;
+ int ret = 0;
+
+ loop:
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+ goto err;
+
+ /* we now have a random number 'rand' to test. */
+
+ for (i = 1; i < NUMPRIMES; i++) {
+ /* check that rnd is a prime */
+ BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
+ if (mod == (BN_ULONG)-1)
+ goto err;
+ if (mod <= 1) {
+ goto loop;
+ }
+ }
+ ret = 1;
+
+ err:
+ bn_check_top(rnd);
+ return (ret);
+}
+
+int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx)
+{
+ int i;
+ BIGNUM *offset_index;
+ BIGNUM *offset_count;
+ int ret = 0;
+
+ OPENSSL_assert(bits > prime_multiplier_bits);
+
+ BN_CTX_start(ctx);
+ if ((offset_index = BN_CTX_get(ctx)) == NULL)
+ goto err;
+ if ((offset_count = BN_CTX_get(ctx)) == NULL)
+ goto err;
+
+ if (!BN_add_word(offset_count, prime_offset_count))
+ goto err;
+
+ loop:
+ if (!BN_rand(rnd, bits - prime_multiplier_bits,
+ BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+ goto err;
+ if (BN_is_bit_set(rnd, bits))
+ goto loop;
+ if (!BN_rand_range(offset_index, offset_count))
+ goto err;
+
+ if (!BN_mul_word(rnd, prime_multiplier)
+ || !BN_add_word(rnd, prime_offsets[BN_get_word(offset_index)]))
+ goto err;
+
+ /* we now have a random number 'rand' to test. */
+
+ /* skip coprimes */
+ for (i = first_prime_index; i < NUMPRIMES; i++) {
+ /* check that rnd is a prime */
+ BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
+ if (mod == (BN_ULONG)-1)
+ goto err;
+ if (mod <= 1)
+ goto loop;
+ }
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(rnd);
+ return ret;
+}
+
static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
const BIGNUM *a1_odd, int k, BN_CTX *ctx,
BN_MONT_CTX *mont)
@@ -364,41 +397,90 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
return 1;
}
-static int probable_prime(BIGNUM *rnd, int bits)
+static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
{
int i;
- prime_t mods[NUMPRIMES];
- BN_ULONG delta, maxdelta;
+ BN_ULONG delta;
+ BN_ULONG maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
+ char is_single_word = bits <= BN_BITS2;
again:
- if (!BN_rand(rnd, bits, 1, 1))
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
return (0);
- /* we now have a random number 'rand' to test. */
- for (i = 1; i < NUMPRIMES; i++)
- mods[i] = (prime_t) BN_mod_word(rnd, (BN_ULONG)primes[i]);
- maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
+ /* we now have a random number 'rnd' to test. */
+ for (i = 1; i < NUMPRIMES; i++) {
+ BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
+ if (mod == (BN_ULONG)-1)
+ return 0;
+ mods[i] = (prime_t) mod;
+ }
+ /*
+ * If bits is so small that it fits into a single word then we
+ * additionally don't want to exceed that many bits.
+ */
+ if (is_single_word) {
+ BN_ULONG size_limit;
+
+ if (bits == BN_BITS2) {
+ /*
+ * Shifting by this much has undefined behaviour so we do it a
+ * different way
+ */
+ size_limit = ~((BN_ULONG)0) - BN_get_word(rnd);
+ } else {
+ size_limit = (((BN_ULONG)1) << bits) - BN_get_word(rnd) - 1;
+ }
+ if (size_limit < maxdelta)
+ maxdelta = size_limit;
+ }
delta = 0;
- loop:for (i = 1; i < NUMPRIMES; i++) {
- /*
- * check that rnd is not a prime and also that gcd(rnd-1,primes) == 1
- * (except for 2)
+ loop:
+ if (is_single_word) {
+ BN_ULONG rnd_word = BN_get_word(rnd);
+
+ /*-
+ * In the case that the candidate prime is a single word then
+ * we check that:
+ * 1) It's greater than primes[i] because we shouldn't reject
+ * 3 as being a prime number because it's a multiple of
+ * three.
+ * 2) That it's not a multiple of a known prime. We don't
+ * check that rnd-1 is also coprime to all the known
+ * primes because there aren't many small primes where
+ * that's true.
*/
- if (((mods[i] + delta) % primes[i]) <= 1) {
- delta += 2;
- if (delta > maxdelta)
- goto again;
- goto loop;
+ for (i = 1; i < NUMPRIMES && primes[i] < rnd_word; i++) {
+ if ((mods[i] + delta) % primes[i] == 0) {
+ delta += 2;
+ if (delta > maxdelta)
+ goto again;
+ goto loop;
+ }
+ }
+ } else {
+ for (i = 1; i < NUMPRIMES; i++) {
+ /*
+ * check that rnd is not a prime and also that gcd(rnd-1,primes)
+ * == 1 (except for 2)
+ */
+ if (((mods[i] + delta) % primes[i]) <= 1) {
+ delta += 2;
+ if (delta > maxdelta)
+ goto again;
+ goto loop;
+ }
}
}
if (!BN_add_word(rnd, delta))
return (0);
+ if (BN_num_bits(rnd) != bits)
+ goto again;
bn_check_top(rnd);
return (1);
}
-static int probable_prime_dh(BIGNUM *rnd, int bits,
- const BIGNUM *add, const BIGNUM *rem,
- BN_CTX *ctx)
+int bn_probable_prime_dh(BIGNUM *rnd, int bits,
+ const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx)
{
int i, ret = 0;
BIGNUM *t1;
@@ -407,7 +489,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
if ((t1 = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_rand(rnd, bits, 0, 1))
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
/* we need ((rnd-rem) % add) == 0 */
@@ -426,15 +508,20 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
/* we now have a random number 'rand' to test. */
- loop:for (i = 1; i < NUMPRIMES; i++) {
+ loop:
+ for (i = 1; i < NUMPRIMES; i++) {
/* check that rnd is a prime */
- if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1) {
+ BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
+ if (mod == (BN_ULONG)-1)
+ goto err;
+ if (mod <= 1) {
if (!BN_add(rnd, rnd, add))
goto err;
goto loop;
}
}
ret = 1;
+
err:
BN_CTX_end(ctx);
bn_check_top(rnd);
@@ -458,7 +545,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
if (!BN_rshift1(qadd, padd))
goto err;
- if (!BN_rand(q, bits, 0, 1))
+ if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
/* we need ((rnd-rem) % add) == 0 */
@@ -482,13 +569,17 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
if (!BN_add_word(p, 1))
goto err;
- loop:for (i = 1; i < NUMPRIMES; i++) {
+ loop:
+ for (i = 1; i < NUMPRIMES; i++) {
/* check that p and q are prime */
/*
* check that for p and q gcd(p-1,primes) == 1 (except for 2)
*/
- if ((BN_mod_word(p, (BN_ULONG)primes[i]) == 0) ||
- (BN_mod_word(q, (BN_ULONG)primes[i]) == 0)) {
+ BN_ULONG pmod = BN_mod_word(p, (BN_ULONG)primes[i]);
+ BN_ULONG qmod = BN_mod_word(q, (BN_ULONG)primes[i]);
+ if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1)
+ goto err;
+ if (pmod == 0 || qmod == 0) {
if (!BN_add(p, p, padd))
goto err;
if (!BN_add(q, q, qadd))
@@ -497,6 +588,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
}
}
ret = 1;
+
err:
BN_CTX_end(ctx);
bn_check_top(p);
diff --git a/deps/openssl/openssl/crypto/bn/bn_prime.h b/deps/openssl/openssl/crypto/bn/bn_prime.h
index 489af8b424..5f5cc4f580 100644
--- a/deps/openssl/openssl/crypto/bn/bn_prime.h
+++ b/deps/openssl/openssl/crypto/bn/bn_prime.h
@@ -1,326 +1,274 @@
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * WARNING: do not edit!
+ * Generated by crypto/bn/bn_prime.pl
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
+ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#ifndef EIGHT_BIT
-# define NUMPRIMES 2048
typedef unsigned short prime_t;
-#else
-# define NUMPRIMES 54
-typedef unsigned char prime_t;
-#endif
-static const prime_t primes[NUMPRIMES] = {
- 2, 3, 5, 7, 11, 13, 17, 19,
- 23, 29, 31, 37, 41, 43, 47, 53,
- 59, 61, 67, 71, 73, 79, 83, 89,
- 97, 101, 103, 107, 109, 113, 127, 131,
- 137, 139, 149, 151, 157, 163, 167, 173,
- 179, 181, 191, 193, 197, 199, 211, 223,
- 227, 229, 233, 239, 241, 251,
-#ifndef EIGHT_BIT
- 257, 263,
- 269, 271, 277, 281, 283, 293, 307, 311,
- 313, 317, 331, 337, 347, 349, 353, 359,
- 367, 373, 379, 383, 389, 397, 401, 409,
- 419, 421, 431, 433, 439, 443, 449, 457,
- 461, 463, 467, 479, 487, 491, 499, 503,
- 509, 521, 523, 541, 547, 557, 563, 569,
- 571, 577, 587, 593, 599, 601, 607, 613,
- 617, 619, 631, 641, 643, 647, 653, 659,
- 661, 673, 677, 683, 691, 701, 709, 719,
- 727, 733, 739, 743, 751, 757, 761, 769,
- 773, 787, 797, 809, 811, 821, 823, 827,
- 829, 839, 853, 857, 859, 863, 877, 881,
- 883, 887, 907, 911, 919, 929, 937, 941,
- 947, 953, 967, 971, 977, 983, 991, 997,
- 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049,
- 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097,
- 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163,
- 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223,
- 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283,
- 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321,
- 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423,
- 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459,
- 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511,
- 1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571,
- 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619,
- 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693,
- 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747,
- 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811,
- 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877,
- 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949,
- 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003,
- 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069,
- 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129,
- 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203,
- 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267,
- 2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311,
- 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377,
- 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423,
- 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503,
- 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579,
- 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657,
- 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693,
- 2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741,
- 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801,
- 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861,
- 2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939,
- 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011,
- 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079,
- 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167,
- 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
- 3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301,
- 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347,
- 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413,
- 3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491,
- 3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541,
- 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607,
- 3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671,
- 3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727,
- 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797,
- 3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863,
- 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923,
- 3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003,
- 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057,
- 4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129,
- 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211,
- 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259,
- 4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337,
- 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409,
- 4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481,
- 4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547,
- 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621,
- 4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673,
- 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751,
- 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813,
- 4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909,
- 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967,
- 4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011,
- 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087,
- 5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167,
- 5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233,
- 5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309,
- 5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399,
- 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443,
- 5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507,
- 5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573,
- 5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653,
- 5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711,
- 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
- 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849,
- 5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897,
- 5903, 5923, 5927, 5939, 5953, 5981, 5987, 6007,
- 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073,
- 6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133,
- 6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211,
- 6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271,
- 6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329,
- 6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379,
- 6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473,
- 6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563,
- 6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637,
- 6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701,
- 6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779,
- 6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
- 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907,
- 6911, 6917, 6947, 6949, 6959, 6961, 6967, 6971,
- 6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027,
- 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121,
- 7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207,
- 7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253,
- 7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349,
- 7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457,
- 7459, 7477, 7481, 7487, 7489, 7499, 7507, 7517,
- 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561,
- 7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621,
- 7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691,
- 7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757,
- 7759, 7789, 7793, 7817, 7823, 7829, 7841, 7853,
- 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919,
- 7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009,
- 8011, 8017, 8039, 8053, 8059, 8069, 8081, 8087,
- 8089, 8093, 8101, 8111, 8117, 8123, 8147, 8161,
- 8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231,
- 8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291,
- 8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369,
- 8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443,
- 8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537,
- 8539, 8543, 8563, 8573, 8581, 8597, 8599, 8609,
- 8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677,
- 8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731,
- 8737, 8741, 8747, 8753, 8761, 8779, 8783, 8803,
- 8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861,
- 8863, 8867, 8887, 8893, 8923, 8929, 8933, 8941,
- 8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011,
- 9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091,
- 9103, 9109, 9127, 9133, 9137, 9151, 9157, 9161,
- 9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227,
- 9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311,
- 9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377,
- 9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433,
- 9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491,
- 9497, 9511, 9521, 9533, 9539, 9547, 9551, 9587,
- 9601, 9613, 9619, 9623, 9629, 9631, 9643, 9649,
- 9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733,
- 9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791,
- 9803, 9811, 9817, 9829, 9833, 9839, 9851, 9857,
- 9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929,
- 9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037,
- 10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
- 10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
- 10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
- 10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
- 10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
- 10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
- 10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
- 10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
- 10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
- 10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
- 10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
- 10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
- 10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
- 11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
- 11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
- 11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
- 11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
- 11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
- 11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
- 11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
- 11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
- 11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
- 11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
- 11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
- 11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
- 11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
- 12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
- 12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
- 12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
- 12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
- 12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
- 12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
- 12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
- 12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
- 12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
- 12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
- 12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
- 12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
- 12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
- 12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
- 13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
- 13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
- 13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
- 13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
- 13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
- 13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
- 13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
- 13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
- 13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
- 13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
- 13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
- 13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
- 13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
- 14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
- 14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
- 14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
- 14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
- 14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
- 14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
- 14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
- 14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
- 14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
- 14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
- 14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
- 14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
- 14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
- 15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
- 15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
- 15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
- 15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
- 15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
- 15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
- 15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
- 15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
- 15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
- 15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
- 15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
- 15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
- 15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
- 16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
- 16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
- 16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
- 16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
- 16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
- 16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
- 16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
- 16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
- 16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
- 16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
- 16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
- 16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
- 17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
- 17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
- 17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
- 17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
- 17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
- 17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
- 17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
- 17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
- 17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
- 17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
- 17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
-#endif
+# define NUMPRIMES 2048
+
+static const prime_t primes[2048] = {
+
+ 2, 3, 5, 7, 11, 13, 17, 19,
+ 23, 29, 31, 37, 41, 43, 47, 53,
+ 59, 61, 67, 71, 73, 79, 83, 89,
+ 97, 101, 103, 107, 109, 113, 127, 131,
+ 137, 139, 149, 151, 157, 163, 167, 173,
+ 179, 181, 191, 193, 197, 199, 211, 223,
+ 227, 229, 233, 239, 241, 251, 257, 263,
+ 269, 271, 277, 281, 283, 293, 307, 311,
+ 313, 317, 331, 337, 347, 349, 353, 359,
+ 367, 373, 379, 383, 389, 397, 401, 409,
+ 419, 421, 431, 433, 439, 443, 449, 457,
+ 461, 463, 467, 479, 487, 491, 499, 503,
+ 509, 521, 523, 541, 547, 557, 563, 569,
+ 571, 577, 587, 593, 599, 601, 607, 613,
+ 617, 619, 631, 641, 643, 647, 653, 659,
+ 661, 673, 677, 683, 691, 701, 709, 719,
+ 727, 733, 739, 743, 751, 757, 761, 769,
+ 773, 787, 797, 809, 811, 821, 823, 827,
+ 829, 839, 853, 857, 859, 863, 877, 881,
+ 883, 887, 907, 911, 919, 929, 937, 941,
+ 947, 953, 967, 971, 977, 983, 991, 997,
+ 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049,
+ 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097,
+ 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163,
+ 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223,
+ 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283,
+ 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321,
+ 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423,
+ 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459,
+ 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511,
+ 1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571,
+ 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619,
+ 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693,
+ 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747,
+ 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811,
+ 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877,
+ 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949,
+ 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003,
+ 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069,
+ 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129,
+ 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203,
+ 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267,
+ 2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311,
+ 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377,
+ 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423,
+ 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503,
+ 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579,
+ 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657,
+ 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693,
+ 2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741,
+ 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801,
+ 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861,
+ 2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939,
+ 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011,
+ 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079,
+ 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167,
+ 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
+ 3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301,
+ 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347,
+ 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413,
+ 3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491,
+ 3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541,
+ 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607,
+ 3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671,
+ 3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727,
+ 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797,
+ 3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863,
+ 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923,
+ 3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003,
+ 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057,
+ 4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129,
+ 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211,
+ 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259,
+ 4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337,
+ 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409,
+ 4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481,
+ 4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547,
+ 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621,
+ 4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673,
+ 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751,
+ 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813,
+ 4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909,
+ 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967,
+ 4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011,
+ 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087,
+ 5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167,
+ 5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233,
+ 5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309,
+ 5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399,
+ 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443,
+ 5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507,
+ 5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573,
+ 5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653,
+ 5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711,
+ 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
+ 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849,
+ 5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897,
+ 5903, 5923, 5927, 5939, 5953, 5981, 5987, 6007,
+ 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073,
+ 6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133,
+ 6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211,
+ 6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271,
+ 6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329,
+ 6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379,
+ 6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473,
+ 6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563,
+ 6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637,
+ 6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701,
+ 6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779,
+ 6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
+ 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907,
+ 6911, 6917, 6947, 6949, 6959, 6961, 6967, 6971,
+ 6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027,
+ 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121,
+ 7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207,
+ 7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253,
+ 7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349,
+ 7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457,
+ 7459, 7477, 7481, 7487, 7489, 7499, 7507, 7517,
+ 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561,
+ 7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621,
+ 7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691,
+ 7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757,
+ 7759, 7789, 7793, 7817, 7823, 7829, 7841, 7853,
+ 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919,
+ 7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009,
+ 8011, 8017, 8039, 8053, 8059, 8069, 8081, 8087,
+ 8089, 8093, 8101, 8111, 8117, 8123, 8147, 8161,
+ 8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231,
+ 8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291,
+ 8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369,
+ 8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443,
+ 8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537,
+ 8539, 8543, 8563, 8573, 8581, 8597, 8599, 8609,
+ 8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677,
+ 8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731,
+ 8737, 8741, 8747, 8753, 8761, 8779, 8783, 8803,
+ 8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861,
+ 8863, 8867, 8887, 8893, 8923, 8929, 8933, 8941,
+ 8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011,
+ 9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091,
+ 9103, 9109, 9127, 9133, 9137, 9151, 9157, 9161,
+ 9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227,
+ 9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311,
+ 9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377,
+ 9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433,
+ 9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491,
+ 9497, 9511, 9521, 9533, 9539, 9547, 9551, 9587,
+ 9601, 9613, 9619, 9623, 9629, 9631, 9643, 9649,
+ 9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733,
+ 9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791,
+ 9803, 9811, 9817, 9829, 9833, 9839, 9851, 9857,
+ 9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929,
+ 9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037,
+ 10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
+ 10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
+ 10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
+ 10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
+ 10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
+ 10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
+ 10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
+ 10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
+ 10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
+ 10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
+ 10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
+ 10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
+ 10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
+ 11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
+ 11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
+ 11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
+ 11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
+ 11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
+ 11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
+ 11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
+ 11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
+ 11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
+ 11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
+ 11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
+ 11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
+ 11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
+ 12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
+ 12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
+ 12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
+ 12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
+ 12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
+ 12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
+ 12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
+ 12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
+ 12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
+ 12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
+ 12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
+ 12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
+ 12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
+ 12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
+ 13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
+ 13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
+ 13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
+ 13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
+ 13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
+ 13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
+ 13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
+ 13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
+ 13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
+ 13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
+ 13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
+ 13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
+ 13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
+ 14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
+ 14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
+ 14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
+ 14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
+ 14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
+ 14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
+ 14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
+ 14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
+ 14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
+ 14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
+ 14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
+ 14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
+ 14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
+ 15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
+ 15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
+ 15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
+ 15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
+ 15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
+ 15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
+ 15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
+ 15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
+ 15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
+ 15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
+ 15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
+ 15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
+ 15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
+ 16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
+ 16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
+ 16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
+ 16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
+ 16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
+ 16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
+ 16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
+ 16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
+ 16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
+ 16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
+ 16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
+ 16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
+ 17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
+ 17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
+ 17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
+ 17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
+ 17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
+ 17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
+ 17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
+ 17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
+ 17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
+ 17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
+ 17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
};
diff --git a/deps/openssl/openssl/crypto/bn/bn_prime.pl b/deps/openssl/openssl/crypto/bn/bn_prime.pl
index 6bede65e1d..163d4a9d30 100644
--- a/deps/openssl/openssl/crypto/bn/bn_prime.pl
+++ b/deps/openssl/openssl/crypto/bn/bn_prime.pl
@@ -1,119 +1,46 @@
-#!/usr/local/bin/perl
-# bn_prime.pl
-
-$num=2048;
-$num=$ARGV[0] if ($#ARGV >= 0);
-
-push(@primes,2);
-$p=1;
-loop: while ($#primes < $num-1)
- {
- $p+=2;
- $s=int(sqrt($p));
-
- for ($i=0; defined($primes[$i]) && $primes[$i]<=$s; $i++)
- {
- next loop if (($p%$primes[$i]) == 0);
- }
- push(@primes,$p);
- }
-
-# print <<"EOF";
-# /* Auto generated by bn_prime.pl */
-# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
-# * All rights reserved.
-# * Copyright remains Eric Young's, and as such any Copyright notices in
-# * the code are not to be removed.
-# * See the COPYRIGHT file in the SSLeay distribution for more details.
-# */
+#! /usr/bin/env perl
+# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
#
-# EOF
-
-print <<\EOF;
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+print <<"EOF";
+/*
+ * WARNING: do not edit!
+ * Generated by crypto/bn/bn_prime.pl
*
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
EOF
-for ($i=0; $i <= $#primes; $i++)
- {
- if ($primes[$i] > 256)
- {
- $eight=$i;
- last;
- }
- }
-
-printf "#ifndef EIGHT_BIT\n";
-printf "# define NUMPRIMES %d\n",$num;
-printf "typedef unsigned short prime_t;\n";
-printf "#else\n";
-printf "# define NUMPRIMES %d\n",$eight;
-printf "typedef unsigned char prime_t;\n";
-printf "#endif\n";
-print "static const prime_t primes[NUMPRIMES] = {";
-$init=0;
-for ($i=0; $i <= $#primes; $i++)
- {
- printf "\n#ifndef EIGHT_BIT\n " if ($primes[$i] > 256) && !($init++);
- printf("\n ") if ($i%8) == 0;
- printf(" %5d,",$primes[$i]);
- }
-print "\n#endif\n};\n";
-
+my $num = shift || 2048;
+my @primes = ( 2 );
+my $p = 1;
+loop: while ($#primes < $num-1) {
+ $p += 2;
+ my $s = int(sqrt($p));
+
+ for (my $i = 0; defined($primes[$i]) && $primes[$i] <= $s; $i++) {
+ next loop if ($p % $primes[$i]) == 0;
+ }
+ push(@primes, $p);
+}
+
+print "typedef unsigned short prime_t;\n";
+printf "# define NUMPRIMES %d\n\n", $num;
+
+printf "static const prime_t primes[%d] = {\n", $num;
+for (my $i = 0; $i <= $#primes; $i++) {
+ printf "\n " if ($i % 8) == 0;
+ printf "%4d, ", $primes[$i];
+}
+print "\n};\n";
diff --git a/deps/openssl/openssl/crypto/bn/bn_print.c b/deps/openssl/openssl/crypto/bn/bn_print.c
index c0b029dad6..5ffe2fc9ba 100644
--- a/deps/openssl/openssl/crypto/bn/bn_print.c
+++ b/deps/openssl/openssl/crypto/bn/bn_print.c
@@ -1,65 +1,16 @@
-/* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <ctype.h>
#include <limits.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include "bn_lcl.h"
@@ -111,8 +62,8 @@ char *BN_bn2dec(const BIGNUM *a)
/*-
* get an upper bound for the length of the decimal integer
* num <= (BN_num_bits(a) + 1) * log(2)
- * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error)
- * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
+ * <= 3 * BN_num_bits(a) * 0.101 + log(2) + 1 (rounding error)
+ * <= 3 * BN_num_bits(a) / 10 + 3 * BN_num_bits / 1000 + 1 + 1
*/
i = BN_num_bits(a) * 3;
num = (i / 10 + i / 1000 + 1) + 1;
@@ -162,16 +113,12 @@ char *BN_bn2dec(const BIGNUM *a)
}
ok = 1;
err:
- if (bn_data != NULL)
- OPENSSL_free(bn_data);
- if (t != NULL)
- BN_free(t);
- if (!ok && buf) {
- OPENSSL_free(buf);
- buf = NULL;
- }
-
- return (buf);
+ OPENSSL_free(bn_data);
+ BN_free(t);
+ if (ok)
+ return buf;
+ OPENSSL_free(buf);
+ return NULL;
}
int BN_hex2bn(BIGNUM **bn, const char *a)
@@ -192,7 +139,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
continue;
- if (i > INT_MAX/4)
+ if (i == 0 || i > INT_MAX/4)
goto err;
num = i + neg;
@@ -220,13 +167,8 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
l = 0;
for (;;) {
c = a[j - m];
- if ((c >= '0') && (c <= '9'))
- k = c - '0';
- else if ((c >= 'a') && (c <= 'f'))
- k = c - 'a' + 10;
- else if ((c >= 'A') && (c <= 'F'))
- k = c - 'A' + 10;
- else
+ k = OPENSSL_hexchar2int(c);
+ if (k < 0)
k = 0; /* paranoia */
l = (l << 4) | k;
@@ -269,7 +211,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
for (i = 0; i <= (INT_MAX/4) && isdigit((unsigned char)a[i]); i++)
continue;
- if (i > INT_MAX/4)
+ if (i == 0 || i > INT_MAX/4)
goto err;
num = i + neg;
@@ -301,8 +243,9 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
l += *a - '0';
a++;
if (++j == BN_DEC_NUM) {
- BN_mul_word(ret, BN_DEC_CONV);
- BN_add_word(ret, l);
+ if (!BN_mul_word(ret, BN_DEC_CONV)
+ || !BN_add_word(ret, l))
+ goto err;
l = 0;
j = 0;
}
@@ -341,8 +284,7 @@ int BN_asc2bn(BIGNUM **bn, const char *a)
return 1;
}
-#ifndef OPENSSL_NO_BIO
-# ifndef OPENSSL_NO_FP_API
+# ifndef OPENSSL_NO_STDIO
int BN_print_fp(FILE *fp, const BIGNUM *a)
{
BIO *b;
@@ -381,7 +323,6 @@ int BN_print(BIO *bp, const BIGNUM *a)
end:
return (ret);
}
-#endif
char *BN_options(void)
{
diff --git a/deps/openssl/openssl/crypto/bn/bn_rand.c b/deps/openssl/openssl/crypto/bn/bn_rand.c
index 60d3f2260b..9ce4c5f606 100644
--- a/deps/openssl/openssl/crypto/bn/bn_rand.c
+++ b/deps/openssl/openssl/crypto/bn/bn_rand.c
@@ -1,119 +1,18 @@
-/* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <time.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#include <openssl/rand.h>
+#include <openssl/sha.h>
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
{
@@ -122,7 +21,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
time_t tim;
if (bits == 0) {
- if (top != -1 || bottom != 0)
+ if (top != BN_RAND_TOP_ANY || bottom != BN_RAND_BOTTOM_ANY)
goto toosmall;
BN_zero(rnd);
return 1;
@@ -134,7 +33,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
bit = (bits - 1) % 8;
mask = 0xff << (bit + 1);
- buf = (unsigned char *)OPENSSL_malloc(bytes);
+ buf = OPENSSL_malloc(bytes);
if (buf == NULL) {
BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
goto err;
@@ -144,11 +43,9 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
time(&tim);
RAND_add(&tim, sizeof(tim), 0.0);
- /* We ignore the value of pseudorand and always call RAND_bytes */
if (RAND_bytes(buf, bytes) <= 0)
goto err;
-#if 1
if (pseudorand == 2) {
/*
* generate patterns that are more likely to trigger BN library bugs
@@ -157,7 +54,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
unsigned char c;
for (i = 0; i < bytes; i++) {
- if (RAND_pseudo_bytes(&c, 1) < 0)
+ if (RAND_bytes(&c, 1) <= 0)
goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
@@ -167,7 +64,6 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
buf[i] = 255;
}
}
-#endif
if (top >= 0) {
if (top) {
@@ -188,10 +84,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
goto err;
ret = 1;
err:
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bytes);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, bytes);
bn_check_top(rnd);
return (ret);
@@ -210,12 +103,10 @@ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
return bnrand(1, rnd, bits, top, bottom);
}
-#if 1
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
{
return bnrand(2, rnd, bits, top, bottom);
}
-#endif
/* random number r: 0 <= r < range */
static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
@@ -242,7 +133,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
* than range
*/
do {
- if (!bn_rand(r, n + 1, -1, 0))
+ if (!bn_rand(r, n + 1, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
return 0;
/*
* If r < 3*range, use r := r MOD range (which is either r, r -
@@ -268,7 +159,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
} else {
do {
/* range = 11..._2 or range = 101..._2 */
- if (!bn_rand(r, n, -1, 0))
+ if (!bn_rand(r, n, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
return 0;
if (!--count) {
@@ -292,3 +183,76 @@ int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
{
return bn_rand_range(1, r, range);
}
+
+/*
+ * BN_generate_dsa_nonce generates a random number 0 <= out < range. Unlike
+ * BN_rand_range, it also includes the contents of |priv| and |message| in
+ * the generation so that an RNG failure isn't fatal as long as |priv|
+ * remains secret. This is intended for use in DSA and ECDSA where an RNG
+ * weakness leads directly to private key exposure unless this function is
+ * used.
+ */
+int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
+ const BIGNUM *priv, const unsigned char *message,
+ size_t message_len, BN_CTX *ctx)
+{
+ SHA512_CTX sha;
+ /*
+ * We use 512 bits of random data per iteration to ensure that we have at
+ * least |range| bits of randomness.
+ */
+ unsigned char random_bytes[64];
+ unsigned char digest[SHA512_DIGEST_LENGTH];
+ unsigned done, todo;
+ /* We generate |range|+8 bytes of random output. */
+ const unsigned num_k_bytes = BN_num_bytes(range) + 8;
+ unsigned char private_bytes[96];
+ unsigned char *k_bytes;
+ int ret = 0;
+
+ k_bytes = OPENSSL_malloc(num_k_bytes);
+ if (k_bytes == NULL)
+ goto err;
+
+ /* We copy |priv| into a local buffer to avoid exposing its length. */
+ todo = sizeof(priv->d[0]) * priv->top;
+ if (todo > sizeof(private_bytes)) {
+ /*
+ * No reasonable DSA or ECDSA key should have a private key this
+ * large and we don't handle this case in order to avoid leaking the
+ * length of the private key.
+ */
+ BNerr(BN_F_BN_GENERATE_DSA_NONCE, BN_R_PRIVATE_KEY_TOO_LARGE);
+ goto err;
+ }
+ memcpy(private_bytes, priv->d, todo);
+ memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
+
+ for (done = 0; done < num_k_bytes;) {
+ if (RAND_bytes(random_bytes, sizeof(random_bytes)) != 1)
+ goto err;
+ SHA512_Init(&sha);
+ SHA512_Update(&sha, &done, sizeof(done));
+ SHA512_Update(&sha, private_bytes, sizeof(private_bytes));
+ SHA512_Update(&sha, message, message_len);
+ SHA512_Update(&sha, random_bytes, sizeof(random_bytes));
+ SHA512_Final(digest, &sha);
+
+ todo = num_k_bytes - done;
+ if (todo > SHA512_DIGEST_LENGTH)
+ todo = SHA512_DIGEST_LENGTH;
+ memcpy(k_bytes + done, digest, todo);
+ done += todo;
+ }
+
+ if (!BN_bin2bn(k_bytes, num_k_bytes, out))
+ goto err;
+ if (BN_mod(out, out, range, ctx) != 1)
+ goto err;
+ ret = 1;
+
+ err:
+ OPENSSL_free(k_bytes);
+ OPENSSL_cleanse(private_bytes, sizeof(private_bytes));
+ return ret;
+}
diff --git a/deps/openssl/openssl/crypto/bn/bn_recp.c b/deps/openssl/openssl/crypto/bn/bn_recp.c
index f047040efe..20585b9d4b 100644
--- a/deps/openssl/openssl/crypto/bn/bn_recp.c
+++ b/deps/openssl/openssl/crypto/bn/bn_recp.c
@@ -1,82 +1,31 @@
-/* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
void BN_RECP_CTX_init(BN_RECP_CTX *recp)
{
- BN_init(&(recp->N));
- BN_init(&(recp->Nr));
- recp->num_bits = 0;
- recp->shift = 0;
- recp->flags = 0;
+ memset(recp, 0, sizeof(*recp));
+ bn_init(&(recp->N));
+ bn_init(&(recp->Nr));
}
BN_RECP_CTX *BN_RECP_CTX_new(void)
{
BN_RECP_CTX *ret;
- if ((ret = (BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
return (NULL);
- BN_RECP_CTX_init(ret);
+ bn_init(&(ret->N));
+ bn_init(&(ret->Nr));
ret->flags = BN_FLG_MALLOCED;
return (ret);
}
@@ -199,7 +148,6 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
goto err;
r->neg = 0;
-#if 1
j = 0;
while (BN_ucmp(r, &(recp->N)) >= 0) {
if (j++ > 2) {
@@ -211,7 +159,6 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
if (!BN_add_word(d, 1))
goto err;
}
-#endif
r->neg = BN_is_zero(r) ? 0 : m->neg;
d->neg = m->neg ^ recp->N.neg;
diff --git a/deps/openssl/openssl/crypto/bn/bn_shift.c b/deps/openssl/openssl/crypto/bn/bn_shift.c
index 9673d9a306..6a1eec80af 100644
--- a/deps/openssl/openssl/crypto/bn/bn_shift.c
+++ b/deps/openssl/openssl/crypto/bn/bn_shift.c
@@ -1,63 +1,13 @@
-/* crypto/bn/bn_shift.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
int BN_lshift1(BIGNUM *r, const BIGNUM *a)
@@ -124,6 +74,8 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a)
c = (t & 1) ? BN_TBIT : 0;
}
r->top = j;
+ if (!r->top)
+ r->neg = 0; /* don't allow negative zero */
bn_check_top(r);
return (1);
}
@@ -142,10 +94,10 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
return 0;
}
- r->neg = a->neg;
nw = n / BN_BITS2;
if (bn_wexpand(r, a->top + nw + 1) == NULL)
return (0);
+ r->neg = a->neg;
lb = n % BN_BITS2;
rb = BN_BITS2 - lb;
f = a->d;
@@ -160,10 +112,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
t[nw + i + 1] |= (l >> rb) & BN_MASK2;
t[nw + i] = (l << lb) & BN_MASK2;
}
- memset(t, 0, nw * sizeof(t[0]));
- /*
- * for (i=0; i<nw; i++) t[i]=0;
- */
+ memset(t, 0, sizeof(*t) * nw);
r->top = a->top + nw + 1;
bn_correct_top(r);
bn_check_top(r);
@@ -193,9 +142,9 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
}
i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
if (r != a) {
- r->neg = a->neg;
if (bn_wexpand(r, i) == NULL)
return (0);
+ r->neg = a->neg;
} else {
if (n == 0)
return 1; /* or the copying loop will go berserk */
@@ -219,6 +168,8 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
if ((l = (l >> rb) & BN_MASK2))
*(t) = l;
}
+ if (!r->top)
+ r->neg = 0; /* don't allow negative zero */
bn_check_top(r);
return (1);
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_sqr.c b/deps/openssl/openssl/crypto/bn/bn_sqr.c
index 256d26e8db..44e7332acf 100644
--- a/deps/openssl/openssl/crypto/bn/bn_sqr.c
+++ b/deps/openssl/openssl/crypto/bn/bn_sqr.c
@@ -1,63 +1,13 @@
-/* crypto/bn/bn_sqr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
/* r must not be a */
@@ -70,9 +20,6 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
int ret = 0;
BIGNUM *tmp, *rr;
-#ifdef BN_COUNT
- fprintf(stderr, "BN_sqr %d * %d\n", a->top, a->top);
-#endif
bn_check_top(a);
al = a->top;
@@ -208,9 +155,6 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
int zero, c1;
BN_ULONG ln, lo, *p;
-# ifdef BN_COUNT
- fprintf(stderr, " bn_sqr_recursive %d * %d\n", n2, n2);
-# endif
if (n2 == 4) {
# ifndef BN_SQR_COMBA
bn_sqr_normal(r, a, 4, t);
@@ -246,7 +190,7 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
if (!zero)
bn_sqr_recursive(&(t[n2]), t, n, p);
else
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ memset(&t[n2], 0, sizeof(*t) * n2);
bn_sqr_recursive(r, a, n, p);
bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
diff --git a/deps/openssl/openssl/crypto/bn/bn_sqrt.c b/deps/openssl/openssl/crypto/bn/bn_sqrt.c
index 232af99a21..84376c78e5 100644
--- a/deps/openssl/openssl/crypto/bn/bn_sqrt.c
+++ b/deps/openssl/openssl/crypto/bn/bn_sqrt.c
@@ -1,63 +1,13 @@
-/* crypto/bn/bn_sqrt.c */
/*
- * Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> and Bodo
- * Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
@@ -398,9 +348,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
end:
if (err) {
- if (ret != NULL && ret != in) {
+ if (ret != in)
BN_clear_free(ret);
- }
ret = NULL;
}
BN_CTX_end(ctx);
diff --git a/deps/openssl/openssl/crypto/bn/bn_srp.c b/deps/openssl/openssl/crypto/bn/bn_srp.c
new file mode 100644
index 0000000000..58b1691eee
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/bn_srp.c
@@ -0,0 +1,545 @@
+/*
+ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "bn_lcl.h"
+#include "e_os.h"
+
+#ifndef OPENSSL_NO_SRP
+
+#include <openssl/srp.h>
+#include <internal/bn_srp.h>
+
+# if (BN_BYTES == 8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+# elif defined(__arch64__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+# else
+# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+# endif
+# elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+# else
+# error "unsupported BN_BYTES"
+# endif
+
+static const BN_ULONG bn_group_1024_value[] = {
+ bn_pack4(0x9FC6, 0x1D2F, 0xC0EB, 0x06E3),
+ bn_pack4(0xFD51, 0x38FE, 0x8376, 0x435B),
+ bn_pack4(0x2FD4, 0xCBF4, 0x976E, 0xAA9A),
+ bn_pack4(0x68ED, 0xBC3C, 0x0572, 0x6CC0),
+ bn_pack4(0xC529, 0xF566, 0x660E, 0x57EC),
+ bn_pack4(0x8255, 0x9B29, 0x7BCF, 0x1885),
+ bn_pack4(0xCE8E, 0xF4AD, 0x69B1, 0x5D49),
+ bn_pack4(0x5DC7, 0xD7B4, 0x6154, 0xD6B6),
+ bn_pack4(0x8E49, 0x5C1D, 0x6089, 0xDAD1),
+ bn_pack4(0xE0D5, 0xD8E2, 0x50B9, 0x8BE4),
+ bn_pack4(0x383B, 0x4813, 0xD692, 0xC6E0),
+ bn_pack4(0xD674, 0xDF74, 0x96EA, 0x81D3),
+ bn_pack4(0x9EA2, 0x314C, 0x9C25, 0x6576),
+ bn_pack4(0x6072, 0x6187, 0x75FF, 0x3C0B),
+ bn_pack4(0x9C33, 0xF80A, 0xFA8F, 0xC5E8),
+ bn_pack4(0xEEAF, 0x0AB9, 0xADB3, 0x8DD6)
+};
+
+const BIGNUM bn_group_1024 = {
+ (BN_ULONG *)bn_group_1024_value,
+ OSSL_NELEM(bn_group_1024_value),
+ OSSL_NELEM(bn_group_1024_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_1536_value[] = {
+ bn_pack4(0xCF76, 0xE3FE, 0xD135, 0xF9BB),
+ bn_pack4(0x1518, 0x0F93, 0x499A, 0x234D),
+ bn_pack4(0x8CE7, 0xA28C, 0x2442, 0xC6F3),
+ bn_pack4(0x5A02, 0x1FFF, 0x5E91, 0x479E),
+ bn_pack4(0x7F8A, 0x2FE9, 0xB8B5, 0x292E),
+ bn_pack4(0x837C, 0x264A, 0xE3A9, 0xBEB8),
+ bn_pack4(0xE442, 0x734A, 0xF7CC, 0xB7AE),
+ bn_pack4(0x6577, 0x2E43, 0x7D6C, 0x7F8C),
+ bn_pack4(0xDB2F, 0xD53D, 0x24B7, 0xC486),
+ bn_pack4(0x6EDF, 0x0195, 0x3934, 0x9627),
+ bn_pack4(0x158B, 0xFD3E, 0x2B9C, 0x8CF5),
+ bn_pack4(0x764E, 0x3F4B, 0x53DD, 0x9DA1),
+ bn_pack4(0x4754, 0x8381, 0xDBC5, 0xB1FC),
+ bn_pack4(0x9B60, 0x9E0B, 0xE3BA, 0xB63D),
+ bn_pack4(0x8134, 0xB1C8, 0xB979, 0x8914),
+ bn_pack4(0xDF02, 0x8A7C, 0xEC67, 0xF0D0),
+ bn_pack4(0x80B6, 0x55BB, 0x9A22, 0xE8DC),
+ bn_pack4(0x1558, 0x903B, 0xA0D0, 0xF843),
+ bn_pack4(0x51C6, 0xA94B, 0xE460, 0x7A29),
+ bn_pack4(0x5F4F, 0x5F55, 0x6E27, 0xCBDE),
+ bn_pack4(0xBEEE, 0xA961, 0x4B19, 0xCC4D),
+ bn_pack4(0xDBA5, 0x1DF4, 0x99AC, 0x4C80),
+ bn_pack4(0xB1F1, 0x2A86, 0x17A4, 0x7BBB),
+ bn_pack4(0x9DEF, 0x3CAF, 0xB939, 0x277A)
+};
+
+const BIGNUM bn_group_1536 = {
+ (BN_ULONG *)bn_group_1536_value,
+ OSSL_NELEM(bn_group_1536_value),
+ OSSL_NELEM(bn_group_1536_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_2048_value[] = {
+ bn_pack4(0x0FA7, 0x111F, 0x9E4A, 0xFF73),
+ bn_pack4(0x9B65, 0xE372, 0xFCD6, 0x8EF2),
+ bn_pack4(0x35DE, 0x236D, 0x525F, 0x5475),
+ bn_pack4(0x94B5, 0xC803, 0xD89F, 0x7AE4),
+ bn_pack4(0x71AE, 0x35F8, 0xE9DB, 0xFBB6),
+ bn_pack4(0x2A56, 0x98F3, 0xA8D0, 0xC382),
+ bn_pack4(0x9CCC, 0x041C, 0x7BC3, 0x08D8),
+ bn_pack4(0xAF87, 0x4E73, 0x03CE, 0x5329),
+ bn_pack4(0x6160, 0x2790, 0x04E5, 0x7AE6),
+ bn_pack4(0x032C, 0xFBDB, 0xF52F, 0xB378),
+ bn_pack4(0x5EA7, 0x7A27, 0x75D2, 0xECFA),
+ bn_pack4(0x5445, 0x23B5, 0x24B0, 0xD57D),
+ bn_pack4(0x5B9D, 0x32E6, 0x88F8, 0x7748),
+ bn_pack4(0xF1D2, 0xB907, 0x8717, 0x461A),
+ bn_pack4(0x76BD, 0x207A, 0x436C, 0x6481),
+ bn_pack4(0xCA97, 0xB43A, 0x23FB, 0x8016),
+ bn_pack4(0x1D28, 0x1E44, 0x6B14, 0x773B),
+ bn_pack4(0x7359, 0xD041, 0xD5C3, 0x3EA7),
+ bn_pack4(0xA80D, 0x740A, 0xDBF4, 0xFF74),
+ bn_pack4(0x55F9, 0x7993, 0xEC97, 0x5EEA),
+ bn_pack4(0x2918, 0xA996, 0x2F0B, 0x93B8),
+ bn_pack4(0x661A, 0x05FB, 0xD5FA, 0xAAE8),
+ bn_pack4(0xCF60, 0x9517, 0x9A16, 0x3AB3),
+ bn_pack4(0xE808, 0x3969, 0xEDB7, 0x67B0),
+ bn_pack4(0xCD7F, 0x48A9, 0xDA04, 0xFD50),
+ bn_pack4(0xD523, 0x12AB, 0x4B03, 0x310D),
+ bn_pack4(0x8193, 0xE075, 0x7767, 0xA13D),
+ bn_pack4(0xA373, 0x29CB, 0xB4A0, 0x99ED),
+ bn_pack4(0xFC31, 0x9294, 0x3DB5, 0x6050),
+ bn_pack4(0xAF72, 0xB665, 0x1987, 0xEE07),
+ bn_pack4(0xF166, 0xDE5E, 0x1389, 0x582F),
+ bn_pack4(0xAC6B, 0xDB41, 0x324A, 0x9A9B)
+};
+
+const BIGNUM bn_group_2048 = {
+ (BN_ULONG *)bn_group_2048_value,
+ OSSL_NELEM(bn_group_2048_value),
+ OSSL_NELEM(bn_group_2048_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_3072_value[] = {
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+ bn_pack4(0x4B82, 0xD120, 0xA93A, 0xD2CA),
+ bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+ bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+ bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+ bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+ bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+ bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+ bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+ bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+ bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+ bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+ bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+ bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+ bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+ bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+ bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+ bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+ bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+ bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+ bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+ bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+ bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+ bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+ bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+ bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+ bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+ bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+ bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+ bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+ bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+ bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+ bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+ bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+ bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+ bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+ bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+ bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+ bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+ bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+ bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+ bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+ bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+ bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+ bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+ bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+ bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+const BIGNUM bn_group_3072 = {
+ (BN_ULONG *)bn_group_3072_value,
+ OSSL_NELEM(bn_group_3072_value),
+ OSSL_NELEM(bn_group_3072_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_4096_value[] = {
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+ bn_pack4(0x4DF4, 0x35C9, 0x3406, 0x3199),
+ bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+ bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+ bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+ bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+ bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+ bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+ bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+ bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+ bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+ bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+ bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+ bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+ bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+ bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+ bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+ bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+ bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+ bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+ bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+ bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+ bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+ bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+ bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+ bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+ bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+ bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+ bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+ bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+ bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+ bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+ bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+ bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+ bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+ bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+ bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+ bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+ bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+ bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+ bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+ bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+ bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+ bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+ bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+ bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+ bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+ bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+ bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+ bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+ bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+ bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+ bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+ bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+ bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+ bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+ bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+ bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+ bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+ bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+ bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+ bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+ bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+const BIGNUM bn_group_4096 = {
+ (BN_ULONG *)bn_group_4096_value,
+ OSSL_NELEM(bn_group_4096_value),
+ OSSL_NELEM(bn_group_4096_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_6144_value[] = {
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+ bn_pack4(0xE694, 0xF91E, 0x6DCC, 0x4024),
+ bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
+ bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
+ bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
+ bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
+ bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
+ bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
+ bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
+ bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
+ bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
+ bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
+ bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
+ bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
+ bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
+ bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
+ bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
+ bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
+ bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
+ bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
+ bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
+ bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
+ bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
+ bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
+ bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
+ bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
+ bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
+ bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
+ bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
+ bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
+ bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
+ bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
+ bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
+ bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
+ bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+ bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+ bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+ bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+ bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+ bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+ bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+ bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+ bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+ bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+ bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+ bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+ bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+ bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+ bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+ bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+ bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+ bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+ bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+ bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+ bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+ bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+ bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+ bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+ bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+ bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+ bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+ bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+ bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+ bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+ bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+ bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+ bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+ bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+ bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+ bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+ bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+ bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+ bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+ bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+ bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+ bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+ bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+ bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+ bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+ bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+ bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+ bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+ bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+ bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+ bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+ bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+ bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+ bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+ bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+ bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+ bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+ bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+ bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+ bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+ bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+const BIGNUM bn_group_6144 = {
+ (BN_ULONG *)bn_group_6144_value,
+ OSSL_NELEM(bn_group_6144_value),
+ OSSL_NELEM(bn_group_6144_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_group_8192_value[] = {
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+ bn_pack4(0x60C9, 0x80DD, 0x98ED, 0xD3DF),
+ bn_pack4(0xC81F, 0x56E8, 0x80B9, 0x6E71),
+ bn_pack4(0x9E30, 0x50E2, 0x7656, 0x94DF),
+ bn_pack4(0x9558, 0xE447, 0x5677, 0xE9AA),
+ bn_pack4(0xC919, 0x0DA6, 0xFC02, 0x6E47),
+ bn_pack4(0x889A, 0x002E, 0xD5EE, 0x382B),
+ bn_pack4(0x4009, 0x438B, 0x481C, 0x6CD7),
+ bn_pack4(0x3590, 0x46F4, 0xEB87, 0x9F92),
+ bn_pack4(0xFAF3, 0x6BC3, 0x1ECF, 0xA268),
+ bn_pack4(0xB1D5, 0x10BD, 0x7EE7, 0x4D73),
+ bn_pack4(0xF9AB, 0x4819, 0x5DED, 0x7EA1),
+ bn_pack4(0x64F3, 0x1CC5, 0x0846, 0x851D),
+ bn_pack4(0x4597, 0xE899, 0xA025, 0x5DC1),
+ bn_pack4(0xDF31, 0x0EE0, 0x74AB, 0x6A36),
+ bn_pack4(0x6D2A, 0x13F8, 0x3F44, 0xF82D),
+ bn_pack4(0x062B, 0x3CF5, 0xB3A2, 0x78A6),
+ bn_pack4(0x7968, 0x3303, 0xED5B, 0xDD3A),
+ bn_pack4(0xFA9D, 0x4B7F, 0xA2C0, 0x87E8),
+ bn_pack4(0x4BCB, 0xC886, 0x2F83, 0x85DD),
+ bn_pack4(0x3473, 0xFC64, 0x6CEA, 0x306B),
+ bn_pack4(0x13EB, 0x57A8, 0x1A23, 0xF0C7),
+ bn_pack4(0x2222, 0x2E04, 0xA403, 0x7C07),
+ bn_pack4(0xE3FD, 0xB8BE, 0xFC84, 0x8AD9),
+ bn_pack4(0x238F, 0x16CB, 0xE39D, 0x652D),
+ bn_pack4(0x3423, 0xB474, 0x2BF1, 0xC978),
+ bn_pack4(0x3AAB, 0x639C, 0x5AE4, 0xF568),
+ bn_pack4(0x2576, 0xF693, 0x6BA4, 0x2466),
+ bn_pack4(0x741F, 0xA7BF, 0x8AFC, 0x47ED),
+ bn_pack4(0x3BC8, 0x32B6, 0x8D9D, 0xD300),
+ bn_pack4(0xD8BE, 0xC4D0, 0x73B9, 0x31BA),
+ bn_pack4(0x3877, 0x7CB6, 0xA932, 0xDF8C),
+ bn_pack4(0x74A3, 0x926F, 0x12FE, 0xE5E4),
+ bn_pack4(0xE694, 0xF91E, 0x6DBE, 0x1159),
+ bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
+ bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
+ bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
+ bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
+ bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
+ bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
+ bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
+ bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
+ bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
+ bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
+ bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
+ bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
+ bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
+ bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
+ bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
+ bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
+ bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
+ bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
+ bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
+ bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
+ bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
+ bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
+ bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
+ bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
+ bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
+ bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
+ bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
+ bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
+ bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
+ bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
+ bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
+ bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
+ bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+ bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+ bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+ bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+ bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+ bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+ bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+ bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+ bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+ bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+ bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+ bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+ bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+ bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+ bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+ bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+ bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+ bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+ bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+ bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+ bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+ bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+ bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+ bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+ bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+ bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+ bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+ bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+ bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+ bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+ bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+ bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+ bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+ bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+ bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+ bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+ bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+ bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+ bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+ bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+ bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+ bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+ bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+ bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+ bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+ bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+ bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+ bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+ bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+ bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+ bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+ bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+ bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+ bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+ bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+ bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+ bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+ bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+ bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+ bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+ bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+ bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+const BIGNUM bn_group_8192 = {
+ (BN_ULONG *)bn_group_8192_value,
+ OSSL_NELEM(bn_group_8192_value),
+ OSSL_NELEM(bn_group_8192_value),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static const BN_ULONG bn_generator_19_value[] = { 19 };
+
+const BIGNUM bn_generator_19 = {
+ (BN_ULONG *)bn_generator_19_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+static const BN_ULONG bn_generator_5_value[] = { 5 };
+
+const BIGNUM bn_generator_5 = {
+ (BN_ULONG *)bn_generator_5_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+static const BN_ULONG bn_generator_2_value[] = { 2 };
+
+const BIGNUM bn_generator_2 = {
+ (BN_ULONG *)bn_generator_2_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn_word.c b/deps/openssl/openssl/crypto/bn/bn_word.c
index 9b5f9cb98c..1af13a53fb 100644
--- a/deps/openssl/openssl/crypto/bn/bn_word.c
+++ b/deps/openssl/openssl/crypto/bn/bn_word.c
@@ -1,63 +1,13 @@
-/* crypto/bn/bn_word.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
@@ -139,6 +89,8 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
if ((a->top > 0) && (a->d[a->top - 1] == 0))
a->top--;
ret >>= j;
+ if (!a->top)
+ a->neg = 0; /* don't allow negative zero */
bn_check_top(a);
return (ret);
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_x931p.c b/deps/openssl/openssl/crypto/bn/bn_x931p.c
index f444af3fea..8bfbcac6a4 100644
--- a/deps/openssl/openssl/crypto/bn/bn_x931p.c
+++ b/deps/openssl/openssl/crypto/bn/bn_x931p.c
@@ -1,64 +1,15 @@
-/* bn_x931p.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/bn.h>
+#include "bn_lcl.h"
/* X9.31 routines for prime derivation */
@@ -70,7 +21,7 @@
static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
BN_GENCB *cb)
{
- int i = 0;
+ int i = 0, is_prime;
if (!BN_copy(pi, Xpi))
return 0;
if (!BN_is_odd(pi) && !BN_add_word(pi, 1))
@@ -78,8 +29,11 @@ static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
for (;;) {
i++;
BN_GENCB_call(cb, 0, i);
- /* NB 27 MR is specificed in X9.31 */
- if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb))
+ /* NB 27 MR is specified in X9.31 */
+ is_prime = BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb);
+ if (is_prime < 0)
+ return 0;
+ if (is_prime)
break;
if (!BN_add_word(pi, 2))
return 0;
@@ -120,6 +74,9 @@ int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
pm1 = BN_CTX_get(ctx);
+ if (pm1 == NULL)
+ goto err;
+
if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
goto err;
@@ -168,14 +125,18 @@ int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
goto err;
if (!BN_gcd(t, pm1, e, ctx))
goto err;
- if (BN_is_one(t)
+ if (BN_is_one(t)) {
/*
* X9.31 specifies 8 MR and 1 Lucas test or any prime test
* offering similar or better guarantees 50 MR is considerably
* better.
*/
- && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb))
- break;
+ int r = BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb);
+ if (r < 0)
+ goto err;
+ if (r)
+ break;
+ }
if (!BN_add(p, p, p1p2))
goto err;
}
@@ -192,8 +153,8 @@ int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
}
/*
- * Generate pair of paramters Xp, Xq for X9.31 prime generation. Note: nbits
- * paramter is sum of number of bits in both.
+ * Generate pair of parameters Xp, Xq for X9.31 prime generation. Note: nbits
+ * parameter is sum of number of bits in both.
*/
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
@@ -212,7 +173,7 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
* - 1. By setting the top two bits we ensure that the lower bound is
* exceeded.
*/
- if (!BN_rand(Xp, nbits, 1, 0))
+ if (!BN_rand(Xp, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
goto err;
BN_CTX_start(ctx);
@@ -221,7 +182,7 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
goto err;
for (i = 0; i < 1000; i++) {
- if (!BN_rand(Xq, nbits, 1, 0))
+ if (!BN_rand(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
goto err;
/* Check that |Xp - Xq| > 2^(nbits - 100) */
BN_sub(t, Xp, Xq);
@@ -264,9 +225,9 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
if (Xp1 == NULL || Xp2 == NULL)
goto error;
- if (!BN_rand(Xp1, 101, 0, 0))
+ if (!BN_rand(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto error;
- if (!BN_rand(Xp2, 101, 0, 0))
+ if (!BN_rand(Xp2, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto error;
if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
goto error;
diff --git a/deps/openssl/openssl/crypto/bn/bnspeed.c b/deps/openssl/openssl/crypto/bn/bnspeed.c
deleted file mode 100644
index e387fdfbc2..0000000000
--- a/deps/openssl/openssl/crypto/bn/bnspeed.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* unused */
-
-/* crypto/bn/bnspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM 1000000
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was. If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled. -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page. It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-# define HZ 100.0
-# else /* _BSD_CLK_TCK_ */
-# define HZ ((double)_BSD_CLK_TCK_)
-# endif
-# else /* CLK_TCK */
-# define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE ((long)1024*8)
-int run = 0;
-
-static double Time_F(int s);
-#define START 0
-#define STOP 1
-
-static double Time_F(int s)
-{
- double ret;
-#ifdef TIMES
- static struct tms tstart, tend;
-
- if (s == START) {
- times(&tstart);
- return (0);
- } else {
- times(&tend);
- ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
- return ((ret < 1e-3) ? 1e-3 : ret);
- }
-#else /* !times() */
- static struct timeb tstart, tend;
- long i;
-
- if (s == START) {
- ftime(&tstart);
- return (0);
- } else {
- ftime(&tend);
- i = (long)tend.millitm - (long)tstart.millitm;
- ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
- return ((ret < 0.001) ? 0.001 : ret);
- }
-#endif
-}
-
-#define NUM_SIZES 5
-static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048 };
-
-/*
- * static int sizes[NUM_SIZES]={59,179,299,419,539};
- */
-
-void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
-int main(int argc, char **argv)
-{
- BN_CTX *ctx;
- BIGNUM a, b, c;
-
- ctx = BN_CTX_new();
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
-
- do_mul(&a, &b, &c, ctx);
-}
-
-void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-{
- int i, j, k;
- double tm;
- long num;
-
- for (i = 0; i < NUM_SIZES; i++) {
- num = BASENUM;
- if (i)
- num /= (i * 3);
- BN_rand(a, sizes[i], 1, 0);
- for (j = i; j < NUM_SIZES; j++) {
- BN_rand(b, sizes[j], 1, 0);
- Time_F(START);
- for (k = 0; k < num; k++)
- BN_mul(r, b, a, ctx);
- tm = Time_F(STOP);
- printf("mul %4d x %4d -> %8.3fms\n", sizes[i], sizes[j],
- tm * 1000.0 / num);
- }
- }
-
- for (i = 0; i < NUM_SIZES; i++) {
- num = BASENUM;
- if (i)
- num /= (i * 3);
- BN_rand(a, sizes[i], 1, 0);
- Time_F(START);
- for (k = 0; k < num; k++)
- BN_sqr(r, a, ctx);
- tm = Time_F(STOP);
- printf("sqr %4d x %4d -> %8.3fms\n", sizes[i], sizes[i],
- tm * 1000.0 / num);
- }
-
- for (i = 0; i < NUM_SIZES; i++) {
- num = BASENUM / 10;
- if (i)
- num /= (i * 3);
- BN_rand(a, sizes[i] - 1, 1, 0);
- for (j = i; j < NUM_SIZES; j++) {
- BN_rand(b, sizes[j], 1, 0);
- Time_F(START);
- for (k = 0; k < 100000; k++)
- BN_div(r, NULL, b, a, ctx);
- tm = Time_F(STOP);
- printf("div %4d / %4d -> %8.3fms\n", sizes[j], sizes[i] - 1,
- tm * 1000.0 / num);
- }
- }
-}
diff --git a/deps/openssl/openssl/crypto/bn/bntest.c b/deps/openssl/openssl/crypto/bn/bntest.c
deleted file mode 100644
index abe5dbe0b0..0000000000
--- a/deps/openssl/openssl/crypto/bn/bntest.c
+++ /dev/null
@@ -1,2160 +0,0 @@
-/* crypto/bn/bntest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-/*
- * Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code
- */
-#ifdef OPENSSL_NO_DEPRECATED
-# undef OPENSSL_NO_DEPRECATED
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-const int num0 = 100; /* number of tests */
-const int num1 = 50; /* additional tests for some functions */
-const int num2 = 5; /* number of tests for slow functions */
-
-int test_add(BIO *bp);
-int test_sub(BIO *bp);
-int test_lshift1(BIO *bp);
-int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_);
-int test_rshift1(BIO *bp);
-int test_rshift(BIO *bp, BN_CTX *ctx);
-int test_div(BIO *bp, BN_CTX *ctx);
-int test_div_word(BIO *bp);
-int test_div_recp(BIO *bp, BN_CTX *ctx);
-int test_mul(BIO *bp);
-int test_sqr(BIO *bp, BN_CTX *ctx);
-int test_mont(BIO *bp, BN_CTX *ctx);
-int test_mod(BIO *bp, BN_CTX *ctx);
-int test_mod_mul(BIO *bp, BN_CTX *ctx);
-int test_mod_exp(BIO *bp, BN_CTX *ctx);
-int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
-int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
-int test_exp(BIO *bp, BN_CTX *ctx);
-int test_gf2m_add(BIO *bp);
-int test_gf2m_mod(BIO *bp);
-int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx);
-int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx);
-int test_kron(BIO *bp, BN_CTX *ctx);
-int test_sqrt(BIO *bp, BN_CTX *ctx);
-int rand_neg(void);
-static int results = 0;
-
-static unsigned char lst[] =
- "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
- "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-static void message(BIO *out, char *m)
-{
- fprintf(stderr, "test %s\n", m);
- BIO_puts(out, "print \"test ");
- BIO_puts(out, m);
- BIO_puts(out, "\\n\"\n");
-}
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx;
- BIO *out;
- char *outfile = NULL;
-
- results = 0;
-
- RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
-
- argc--;
- argv++;
- while (argc >= 1) {
- if (strcmp(*argv, "-results") == 0)
- results = 1;
- else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- break;
- outfile = *(++argv);
- }
- argc--;
- argv++;
- }
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
-
- out = BIO_new(BIO_s_file());
- if (out == NULL)
- EXIT(1);
- if (outfile == NULL) {
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
- } else {
- if (!BIO_write_filename(out, outfile)) {
- perror(outfile);
- EXIT(1);
- }
- }
-
- if (!results)
- BIO_puts(out, "obase=16\nibase=16\n");
-
- message(out, "BN_add");
- if (!test_add(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_sub");
- if (!test_sub(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift1");
- if (!test_lshift1(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift (fixed)");
- if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL)))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_lshift");
- if (!test_lshift(out, ctx, NULL))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_rshift1");
- if (!test_rshift1(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_rshift");
- if (!test_rshift(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_sqr");
- if (!test_sqr(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mul");
- if (!test_mul(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div");
- if (!test_div(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div_word");
- if (!test_div_word(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_div_recp");
- if (!test_div_recp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod");
- if (!test_mod(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_mul");
- if (!test_mod_mul(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mont");
- if (!test_mont(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_exp");
- if (!test_mod_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_exp_mont_consttime");
- if (!test_mod_exp_mont_consttime(out, ctx))
- goto err;
- if (!test_mod_exp_mont5(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_exp");
- if (!test_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_kronecker");
- if (!test_kron(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_mod_sqrt");
- if (!test_sqrt(out, ctx))
- goto err;
- (void)BIO_flush(out);
-#ifndef OPENSSL_NO_EC2M
- message(out, "BN_GF2m_add");
- if (!test_gf2m_add(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod");
- if (!test_gf2m_mod(out))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_mul");
- if (!test_gf2m_mod_mul(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_sqr");
- if (!test_gf2m_mod_sqr(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_inv");
- if (!test_gf2m_mod_inv(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_div");
- if (!test_gf2m_mod_div(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_exp");
- if (!test_gf2m_mod_exp(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_sqrt");
- if (!test_gf2m_mod_sqrt(out, ctx))
- goto err;
- (void)BIO_flush(out);
-
- message(out, "BN_GF2m_mod_solve_quad");
- if (!test_gf2m_mod_solve_quad(out, ctx))
- goto err;
- (void)BIO_flush(out);
-#endif
- BN_CTX_free(ctx);
- BIO_free(out);
-
- EXIT(0);
- err:
- BIO_puts(out, "1\n"); /* make sure the Perl script fed by bc
- * notices the failure, see test_bn in
- * test/Makefile.ssl */
- (void)BIO_flush(out);
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stderr);
- EXIT(1);
- return (1);
-}
-
-int test_add(BIO *bp)
-{
- BIGNUM a, b, c;
- int i;
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
-
- BN_bntest_rand(&a, 512, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(&b, 450 + i, 0, 0);
- a.neg = rand_neg();
- b.neg = rand_neg();
- BN_add(&c, &a, &b);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " + ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
- a.neg = !a.neg;
- b.neg = !b.neg;
- BN_add(&c, &c, &b);
- BN_add(&c, &c, &a);
- if (!BN_is_zero(&c)) {
- fprintf(stderr, "Add test failed!\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- return (1);
-}
-
-int test_sub(BIO *bp)
-{
- BIGNUM a, b, c;
- int i;
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(&a, 512, 0, 0);
- BN_copy(&b, &a);
- if (BN_set_bit(&a, i) == 0)
- return (0);
- BN_add_word(&b, i);
- } else {
- BN_bntest_rand(&b, 400 + i - num1, 0, 0);
- a.neg = rand_neg();
- b.neg = rand_neg();
- }
- BN_sub(&c, &a, &b);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " - ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
- BN_add(&c, &c, &b);
- BN_sub(&c, &c, &a);
- if (!BN_is_zero(&c)) {
- fprintf(stderr, "Subtract test failed!\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- return (1);
-}
-
-int test_div(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM a, b, c, d, e;
- int i;
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
- BN_init(&d);
- BN_init(&e);
-
- BN_one(&a);
- BN_zero(&b);
-
- if (BN_div(&d, &c, &a, &b, ctx)) {
- fprintf(stderr, "Division by zero succeeded!\n");
- return 0;
- }
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(&a, 400, 0, 0);
- BN_copy(&b, &a);
- BN_lshift(&a, &a, i);
- BN_add_word(&a, i);
- } else
- BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0);
- a.neg = rand_neg();
- b.neg = rand_neg();
- BN_div(&d, &c, &a, &b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " / ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &d);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " % ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
- BN_mul(&e, &d, &b, ctx);
- BN_add(&d, &e, &c);
- BN_sub(&d, &d, &a);
- if (!BN_is_zero(&d)) {
- fprintf(stderr, "Division test failed!\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- BN_free(&d);
- BN_free(&e);
- return (1);
-}
-
-static void print_word(BIO *bp, BN_ULONG w)
-{
-#ifdef SIXTY_FOUR_BIT
- if (sizeof(w) > sizeof(unsigned long)) {
- unsigned long h = (unsigned long)(w >> 32), l = (unsigned long)(w);
-
- if (h)
- BIO_printf(bp, "%lX%08lX", h, l);
- else
- BIO_printf(bp, "%lX", l);
- return;
- }
-#endif
- BIO_printf(bp, BN_HEX_FMT1, w);
-}
-
-int test_div_word(BIO *bp)
-{
- BIGNUM a, b;
- BN_ULONG r, rmod, s;
- int i;
-
- BN_init(&a);
- BN_init(&b);
-
- for (i = 0; i < num0; i++) {
- do {
- BN_bntest_rand(&a, 512, -1, 0);
- BN_bntest_rand(&b, BN_BITS2, -1, 0);
- } while (BN_is_zero(&b));
-
- s = b.d[0];
- BN_copy(&b, &a);
- rmod = BN_mod_word(&b, s);
- r = BN_div_word(&b, s);
-
- if (rmod != r) {
- fprintf(stderr, "Mod (word) test failed!\n");
- return 0;
- }
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " / ");
- print_word(bp, s);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &b);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " % ");
- print_word(bp, s);
- BIO_puts(bp, " - ");
- }
- print_word(bp, r);
- BIO_puts(bp, "\n");
- }
- BN_mul_word(&b, s);
- BN_add_word(&b, r);
- BN_sub(&b, &a, &b);
- if (!BN_is_zero(&b)) {
- fprintf(stderr, "Division (word) test failed!\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- return (1);
-}
-
-int test_div_recp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM a, b, c, d, e;
- BN_RECP_CTX recp;
- int i;
-
- BN_RECP_CTX_init(&recp);
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
- BN_init(&d);
- BN_init(&e);
-
- for (i = 0; i < num0 + num1; i++) {
- if (i < num1) {
- BN_bntest_rand(&a, 400, 0, 0);
- BN_copy(&b, &a);
- BN_lshift(&a, &a, i);
- BN_add_word(&a, i);
- } else
- BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0);
- a.neg = rand_neg();
- b.neg = rand_neg();
- BN_RECP_CTX_set(&recp, &b, ctx);
- BN_div_recp(&d, &c, &a, &recp, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " / ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &d);
- BIO_puts(bp, "\n");
-
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " % ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
- BN_mul(&e, &d, &b, ctx);
- BN_add(&d, &e, &c);
- BN_sub(&d, &d, &a);
- if (!BN_is_zero(&d)) {
- fprintf(stderr, "Reciprocal division test failed!\n");
- fprintf(stderr, "a=");
- BN_print_fp(stderr, &a);
- fprintf(stderr, "\nb=");
- BN_print_fp(stderr, &b);
- fprintf(stderr, "\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- BN_free(&d);
- BN_free(&e);
- BN_RECP_CTX_free(&recp);
- return (1);
-}
-
-int test_mul(BIO *bp)
-{
- BIGNUM a, b, c, d, e;
- int i;
- BN_CTX *ctx;
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
- BN_init(&d);
- BN_init(&e);
-
- for (i = 0; i < num0 + num1; i++) {
- if (i <= num1) {
- BN_bntest_rand(&a, 100, 0, 0);
- BN_bntest_rand(&b, 100, 0, 0);
- } else
- BN_bntest_rand(&b, i - num1, 0, 0);
- a.neg = rand_neg();
- b.neg = rand_neg();
- BN_mul(&c, &a, &b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " * ");
- BN_print(bp, &b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
- BN_div(&d, &e, &c, &a, ctx);
- BN_sub(&d, &d, &b);
- if (!BN_is_zero(&d) || !BN_is_zero(&e)) {
- fprintf(stderr, "Multiplication test failed!\n");
- return 0;
- }
- }
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- BN_free(&d);
- BN_free(&e);
- BN_CTX_free(ctx);
- return (1);
-}
-
-int test_sqr(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *c, *d, *e;
- int i, ret = 0;
-
- a = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- if (a == NULL || c == NULL || d == NULL || e == NULL) {
- goto err;
- }
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 40 + i * 10, 0, 0);
- a->neg = rand_neg();
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, c, a, ctx);
- BN_sub(d, d, a);
- if (!BN_is_zero(d) || !BN_is_zero(e)) {
- fprintf(stderr, "Square test failed!\n");
- goto err;
- }
- }
-
- /* Regression test for a BN_sqr overflow bug. */
- BN_hex2bn(&a,
- "80000000000000008000000000000001"
- "FFFFFFFFFFFFFFFE0000000000000000");
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, a, ctx);
- if (BN_cmp(c, d)) {
- fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
- "different results!\n");
- goto err;
- }
-
- /* Regression test for a BN_sqr overflow bug. */
- BN_hex2bn(&a,
- "80000000000000000000000080000001"
- "FFFFFFFE000000000000000000000000");
- BN_sqr(c, a, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, a);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, a, ctx);
- if (BN_cmp(c, d)) {
- fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
- "different results!\n");
- goto err;
- }
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (c != NULL)
- BN_free(c);
- if (d != NULL)
- BN_free(d);
- if (e != NULL)
- BN_free(e);
- return ret;
-}
-
-int test_mont(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM a, b, c, d, A, B;
- BIGNUM n;
- int i;
- BN_MONT_CTX *mont;
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
- BN_init(&d);
- BN_init(&A);
- BN_init(&B);
- BN_init(&n);
-
- mont = BN_MONT_CTX_new();
- if (mont == NULL)
- return 0;
-
- BN_zero(&n);
- if (BN_MONT_CTX_set(mont, &n, ctx)) {
- fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n");
- return 0;
- }
-
- BN_set_word(&n, 16);
- if (BN_MONT_CTX_set(mont, &n, ctx)) {
- fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n");
- return 0;
- }
-
- BN_bntest_rand(&a, 100, 0, 0);
- BN_bntest_rand(&b, 100, 0, 0);
- for (i = 0; i < num2; i++) {
- int bits = (200 * (i + 1)) / num2;
-
- if (bits == 0)
- continue;
- BN_bntest_rand(&n, bits, 0, 1);
- BN_MONT_CTX_set(mont, &n, ctx);
-
- BN_nnmod(&a, &a, &n, ctx);
- BN_nnmod(&b, &b, &n, ctx);
-
- BN_to_montgomery(&A, &a, mont, ctx);
- BN_to_montgomery(&B, &b, mont, ctx);
-
- BN_mod_mul_montgomery(&c, &A, &B, mont, ctx);
- BN_from_montgomery(&A, &c, mont, ctx);
- if (bp != NULL) {
- if (!results) {
-#ifdef undef
- fprintf(stderr, "%d * %d %% %d\n",
- BN_num_bits(&a),
- BN_num_bits(&b), BN_num_bits(mont->N));
-#endif
- BN_print(bp, &a);
- BIO_puts(bp, " * ");
- BN_print(bp, &b);
- BIO_puts(bp, " % ");
- BN_print(bp, &(mont->N));
- BIO_puts(bp, " - ");
- }
- BN_print(bp, &A);
- BIO_puts(bp, "\n");
- }
- BN_mod_mul(&d, &a, &b, &n, ctx);
- BN_sub(&d, &d, &A);
- if (!BN_is_zero(&d)) {
- fprintf(stderr, "Montgomery multiplication test failed!\n");
- return 0;
- }
- }
- BN_MONT_CTX_free(mont);
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- BN_free(&d);
- BN_free(&A);
- BN_free(&B);
- BN_free(&n);
- return (1);
-}
-
-int test_mod(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_bntest_rand(a, 1024, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(b, 450 + i * 10, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- BN_mod(c, a, b, ctx);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, a, b, ctx);
- BN_sub(e, e, c);
- if (!BN_is_zero(e)) {
- fprintf(stderr, "Modulo test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_mul(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i, j;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_one(a);
- BN_one(b);
- BN_zero(c);
- if (BN_mod_mul(e, a, b, c, ctx)) {
- fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n");
- return 0;
- }
-
- for (j = 0; j < 3; j++) {
- BN_bntest_rand(c, 1024, 0, 0);
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 475 + i * 10, 0, 0);
- BN_bntest_rand(b, 425 + i * 11, 0, 0);
- a->neg = rand_neg();
- b->neg = rand_neg();
- if (!BN_mod_mul(e, a, b, c, ctx)) {
- unsigned long l;
-
- while ((l = ERR_get_error()))
- fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL));
- EXIT(1);
- }
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- if ((a->neg ^ b->neg) && !BN_is_zero(e)) {
- /*
- * If (a*b) % c is negative, c must be added in order
- * to obtain the normalized remainder (new with
- * OpenSSL 0.9.7, previous versions of BN_mod_mul
- * could generate negative results)
- */
- BIO_puts(bp, " + ");
- BN_print(bp, c);
- }
- BIO_puts(bp, " - ");
- }
- BN_print(bp, e);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, b, ctx);
- BN_sub(d, d, e);
- BN_div(a, b, d, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo multiply test failed!\n");
- ERR_print_errors_fp(stderr);
- return 0;
- }
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_one(a);
- BN_one(b);
- BN_zero(c);
- if (BN_mod_exp(d, a, b, c, ctx)) {
- fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n");
- return 0;
- }
-
- BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (!BN_mod_exp(d, a, b, c, ctx))
- return (0);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_exp(e, a, b, ctx);
- BN_sub(e, e, d);
- BN_div(a, b, e, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo exponentiation test failed!\n");
- return 0;
- }
- }
-
- /* Regression test for carry propagation bug in sqr8x_reduction */
- BN_hex2bn(&a, "050505050505");
- BN_hex2bn(&b, "02");
- BN_hex2bn(&c,
- "4141414141414141414141274141414141414141414141414141414141414141"
- "4141414141414141414141414141414141414141414141414141414141414141"
- "4141414141414141414141800000000000000000000000000000000000000000"
- "0000000000000000000000000000000000000000000000000000000000000000"
- "0000000000000000000000000000000000000000000000000000000000000000"
- "0000000000000000000000000000000000000000000000000000000001");
- BN_mod_exp(d, a, b, c, ctx);
- BN_mul(e, a, a, ctx);
- if (BN_cmp(d, e)) {
- fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n");
- return 0;
- }
-
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_one(a);
- BN_one(b);
- BN_zero(c);
- if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
- fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus "
- "succeeded\n");
- return 0;
- }
-
- BN_set_word(c, 16);
- if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
- fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus "
- "succeeded\n");
- return 0;
- }
-
- BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL))
- return (00);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " % ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_exp(e, a, b, ctx);
- BN_sub(e, e, d);
- BN_div(a, b, e, c, ctx);
- if (!BN_is_zero(b)) {
- fprintf(stderr, "Modulo exponentiation test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-/*
- * Test constant-time modular exponentiation with 1024-bit inputs, which on
- * x86_64 cause a different code branch to be taken.
- */
-int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *p, *m, *d, *e;
- BN_MONT_CTX *mont;
-
- a = BN_new();
- p = BN_new();
- m = BN_new();
- d = BN_new();
- e = BN_new();
- mont = BN_MONT_CTX_new();
-
- BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */
- /* Zero exponent */
- BN_bntest_rand(a, 1024, 0, 0);
- BN_zero(p);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
- return 0;
- if (!BN_is_one(d)) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /* Zero input */
- BN_bntest_rand(p, 1024, 0, 0);
- BN_zero(a);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
- return 0;
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /*
- * Craft an input whose Montgomery representation is 1, i.e., shorter
- * than the modulus m, in order to test the const time precomputation
- * scattering/gathering.
- */
- BN_one(a);
- BN_MONT_CTX_set(mont, m, ctx);
- if (!BN_from_montgomery(e, a, mont, ctx))
- return 0;
- if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
- return 0;
- if (!BN_mod_exp_simple(a, e, p, m, ctx))
- return 0;
- if (BN_cmp(a, d) != 0) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- /* Finally, some regular test vectors. */
- BN_bntest_rand(e, 1024, 0, 0);
- if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
- return 0;
- if (!BN_mod_exp_simple(a, e, p, m, ctx))
- return 0;
- if (BN_cmp(a, d) != 0) {
- fprintf(stderr, "Modular exponentiation test failed!\n");
- return 0;
- }
- BN_MONT_CTX_free(mont);
- BN_free(a);
- BN_free(p);
- BN_free(m);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *d, *e, *one;
- int i;
-
- a = BN_new();
- b = BN_new();
- d = BN_new();
- e = BN_new();
- one = BN_new();
- BN_one(one);
-
- for (i = 0; i < num2; i++) {
- BN_bntest_rand(a, 20 + i * 5, 0, 0);
- BN_bntest_rand(b, 2 + i, 0, 0);
-
- if (BN_exp(d, a, b, ctx) <= 0)
- return (0);
-
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, b);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- BN_one(e);
- for (; !BN_is_zero(b); BN_sub(b, b, one))
- BN_mul(e, e, a, ctx);
- BN_sub(e, e, d);
- if (!BN_is_zero(e)) {
- fprintf(stderr, "Exponentiation test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(d);
- BN_free(e);
- BN_free(one);
- return (1);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int test_gf2m_add(BIO *bp)
-{
- BIGNUM a, b, c;
- int i, ret = 0;
-
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
-
- for (i = 0; i < num0; i++) {
- BN_rand(&a, 512, 0, 0);
- BN_copy(&b, BN_value_one());
- a.neg = rand_neg();
- b.neg = rand_neg();
- BN_GF2m_add(&c, &a, &b);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, &a);
- BIO_puts(bp, " ^ ");
- BN_print(bp, &b);
- BIO_puts(bp, " = ");
- }
- BN_print(bp, &c);
- BIO_puts(bp, "\n");
- }
-# endif
- /* Test that two added values have the correct parity. */
- if ((BN_is_odd(&a) && BN_is_odd(&c))
- || (!BN_is_odd(&a) && !BN_is_odd(&c))) {
- fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
- goto err;
- }
- BN_GF2m_add(&c, &c, &c);
- /* Test that c + c = 0. */
- if (!BN_is_zero(&c)) {
- fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
- goto err;
- }
- }
- ret = 1;
- err:
- BN_free(&a);
- BN_free(&b);
- BN_free(&c);
- return ret;
-}
-
-int test_gf2m_mod(BIO *bp)
-{
- BIGNUM *a, *b[2], *c, *d, *e;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod(c, a, b[j]);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, " - ");
- BN_print(bp, c);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(d, a, c);
- BN_GF2m_mod(e, d, b[j]);
- /* Test that a + (a mod p) mod p == 0. */
- if (!BN_is_zero(e)) {
- fprintf(stderr, "GF(2^m) modulo test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return ret;
-}
-
-int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
- g = BN_new();
- h = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- BN_bntest_rand(c, 1024, 0, 0);
- BN_bntest_rand(d, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_mul(e, a, c, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, c);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, " - ");
- BN_print(bp, e);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(f, a, d);
- BN_GF2m_mod_mul(g, f, c, b[j], ctx);
- BN_GF2m_mod_mul(h, d, c, b[j], ctx);
- BN_GF2m_add(f, e, g);
- BN_GF2m_add(f, f, h);
- /* Test that (a+d)*c = a*c + d*c. */
- if (!BN_is_zero(f)) {
- fprintf(stderr,
- "GF(2^m) modular multiplication test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- BN_free(g);
- BN_free(h);
- return ret;
-}
-
-int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 1024, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_sqr(c, a, b[j], ctx);
- BN_copy(d, a);
- BN_GF2m_mod_mul(d, a, d, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ 2 % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, " = ");
- BN_print(bp, c);
- BIO_puts(bp, "; a * a = ");
- BN_print(bp, d);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(d, c, d);
- /* Test that a*a = a^2. */
- if (!BN_is_zero(d)) {
- fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- return ret;
-}
-
-int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_inv(c, a, b[j], ctx);
- BN_GF2m_mod_mul(d, a, c, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, c);
- BIO_puts(bp, " - 1 % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- /* Test that ((1/a)*a) = 1. */
- if (!BN_is_one(d)) {
- fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- return ret;
-}
-
-int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- BN_bntest_rand(c, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_div(d, a, c, b[j], ctx);
- BN_GF2m_mod_mul(e, d, c, b[j], ctx);
- BN_GF2m_mod_div(f, a, e, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " = ");
- BN_print(bp, c);
- BIO_puts(bp, " * ");
- BN_print(bp, d);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- /* Test that ((a/c)*c)/a = 1. */
- if (!BN_is_one(f)) {
- fprintf(stderr, "GF(2^m) modular division test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- BN_bntest_rand(c, 512, 0, 0);
- BN_bntest_rand(d, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod_exp(e, a, c, b[j], ctx);
- BN_GF2m_mod_exp(f, a, d, b[j], ctx);
- BN_GF2m_mod_mul(e, e, f, b[j], ctx);
- BN_add(f, c, d);
- BN_GF2m_mod_exp(f, a, f, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " ^ (");
- BN_print(bp, c);
- BIO_puts(bp, " + ");
- BN_print(bp, d);
- BIO_puts(bp, ") = ");
- BN_print(bp, e);
- BIO_puts(bp, "; - ");
- BN_print(bp, f);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(f, e, f);
- /* Test that a^(c+d)=a^c*a^d. */
- if (!BN_is_zero(f)) {
- fprintf(stderr,
- "GF(2^m) modular exponentiation test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e, *f;
- int i, j, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- f = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- BN_GF2m_mod(c, a, b[j]);
- BN_GF2m_mod_sqrt(d, a, b[j], ctx);
- BN_GF2m_mod_sqr(e, d, b[j], ctx);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, d);
- BIO_puts(bp, " ^ 2 - ");
- BN_print(bp, a);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(f, c, e);
- /* Test that d^2 = a, where d = sqrt(a). */
- if (!BN_is_zero(f)) {
- fprintf(stderr, "GF(2^m) modular square root test failed!\n");
- goto err;
- }
- }
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- BN_free(f);
- return ret;
-}
-
-int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b[2], *c, *d, *e;
- int i, j, s = 0, t, ret = 0;
- int p0[] = { 163, 7, 6, 3, 0, -1 };
- int p1[] = { 193, 15, 0, -1 };
-
- a = BN_new();
- b[0] = BN_new();
- b[1] = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
-
- BN_GF2m_arr2poly(p0, b[0]);
- BN_GF2m_arr2poly(p1, b[1]);
-
- for (i = 0; i < num0; i++) {
- BN_bntest_rand(a, 512, 0, 0);
- for (j = 0; j < 2; j++) {
- t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
- if (t) {
- s++;
- BN_GF2m_mod_sqr(d, c, b[j], ctx);
- BN_GF2m_add(d, c, d);
- BN_GF2m_mod(e, a, b[j]);
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, c);
- BIO_puts(bp, " is root of z^2 + z = ");
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- BN_GF2m_add(e, e, d);
- /*
- * Test that solution of quadratic c satisfies c^2 + c = a.
- */
- if (!BN_is_zero(e)) {
- fprintf(stderr,
- "GF(2^m) modular solve quadratic test failed!\n");
- goto err;
- }
-
- } else {
-# if 0 /* make test uses ouput in bc but bc can't
- * handle GF(2^m) arithmetic */
- if (bp != NULL) {
- if (!results) {
- BIO_puts(bp, "There are no roots of z^2 + z = ");
- BN_print(bp, a);
- BIO_puts(bp, " % ");
- BN_print(bp, b[j]);
- BIO_puts(bp, "\n");
- }
- }
-# endif
- }
- }
- }
- if (s == 0) {
- fprintf(stderr,
- "All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n",
- num0);
- fprintf(stderr,
- "this is very unlikely and probably indicates an error.\n");
- goto err;
- }
- ret = 1;
- err:
- BN_free(a);
- BN_free(b[0]);
- BN_free(b[1]);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return ret;
-}
-#endif
-static int genprime_cb(int p, int n, BN_GENCB *arg)
-{
- char c = '*';
-
- if (p == 0)
- c = '.';
- if (p == 1)
- c = '+';
- if (p == 2)
- c = '*';
- if (p == 3)
- c = '\n';
- putc(c, stderr);
- fflush(stderr);
- return 1;
-}
-
-int test_kron(BIO *bp, BN_CTX *ctx)
-{
- BN_GENCB cb;
- BIGNUM *a, *b, *r, *t;
- int i;
- int legendre, kronecker;
- int ret = 0;
-
- a = BN_new();
- b = BN_new();
- r = BN_new();
- t = BN_new();
- if (a == NULL || b == NULL || r == NULL || t == NULL)
- goto err;
-
- BN_GENCB_set(&cb, genprime_cb, NULL);
-
- /*
- * We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). In
- * this case we know that if b is prime, then BN_kronecker(a, b, ctx) is
- * congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). So we
- * generate a random prime b and compare these values for a number of
- * random a's. (That is, we run the Solovay-Strassen primality test to
- * confirm that b is prime, except that we don't want to test whether b
- * is prime but whether BN_kronecker works.)
- */
-
- if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb))
- goto err;
- b->neg = rand_neg();
- putc('\n', stderr);
-
- for (i = 0; i < num0; i++) {
- if (!BN_bntest_rand(a, 512, 0, 0))
- goto err;
- a->neg = rand_neg();
-
- /* t := (|b|-1)/2 (note that b is odd) */
- if (!BN_copy(t, b))
- goto err;
- t->neg = 0;
- if (!BN_sub_word(t, 1))
- goto err;
- if (!BN_rshift1(t, t))
- goto err;
- /* r := a^t mod b */
- b->neg = 0;
-
- if (!BN_mod_exp_recp(r, a, t, b, ctx))
- goto err;
- b->neg = 1;
-
- if (BN_is_word(r, 1))
- legendre = 1;
- else if (BN_is_zero(r))
- legendre = 0;
- else {
- if (!BN_add_word(r, 1))
- goto err;
- if (0 != BN_ucmp(r, b)) {
- fprintf(stderr, "Legendre symbol computation failed\n");
- goto err;
- }
- legendre = -1;
- }
-
- kronecker = BN_kronecker(a, b, ctx);
- if (kronecker < -1)
- goto err;
- /* we actually need BN_kronecker(a, |b|) */
- if (a->neg && b->neg)
- kronecker = -kronecker;
-
- if (legendre != kronecker) {
- fprintf(stderr, "legendre != kronecker; a = ");
- BN_print_fp(stderr, a);
- fprintf(stderr, ", b = ");
- BN_print_fp(stderr, b);
- fprintf(stderr, "\n");
- goto err;
- }
-
- putc('.', stderr);
- fflush(stderr);
- }
-
- putc('\n', stderr);
- fflush(stderr);
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (b != NULL)
- BN_free(b);
- if (r != NULL)
- BN_free(r);
- if (t != NULL)
- BN_free(t);
- return ret;
-}
-
-int test_sqrt(BIO *bp, BN_CTX *ctx)
-{
- BN_GENCB cb;
- BIGNUM *a, *p, *r;
- int i, j;
- int ret = 0;
-
- a = BN_new();
- p = BN_new();
- r = BN_new();
- if (a == NULL || p == NULL || r == NULL)
- goto err;
-
- BN_GENCB_set(&cb, genprime_cb, NULL);
-
- for (i = 0; i < 16; i++) {
- if (i < 8) {
- unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
-
- if (!BN_set_word(p, primes[i]))
- goto err;
- } else {
- if (!BN_set_word(a, 32))
- goto err;
- if (!BN_set_word(r, 2 * i + 1))
- goto err;
-
- if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb))
- goto err;
- putc('\n', stderr);
- }
- p->neg = rand_neg();
-
- for (j = 0; j < num2; j++) {
- /*
- * construct 'a' such that it is a square modulo p, but in
- * general not a proper square and not reduced modulo p
- */
- if (!BN_bntest_rand(r, 256, 0, 3))
- goto err;
- if (!BN_nnmod(r, r, p, ctx))
- goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
- if (!BN_bntest_rand(a, 256, 0, 3))
- goto err;
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
- if (!BN_mod_sqr(a, a, p, ctx))
- goto err;
- if (!BN_mul(a, a, r, ctx))
- goto err;
- if (rand_neg())
- if (!BN_sub(a, a, p))
- goto err;
-
- if (!BN_mod_sqrt(r, a, p, ctx))
- goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
-
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
-
- if (BN_cmp(a, r) != 0) {
- fprintf(stderr, "BN_mod_sqrt failed: a = ");
- BN_print_fp(stderr, a);
- fprintf(stderr, ", r = ");
- BN_print_fp(stderr, r);
- fprintf(stderr, ", p = ");
- BN_print_fp(stderr, p);
- fprintf(stderr, "\n");
- goto err;
- }
-
- putc('.', stderr);
- fflush(stderr);
- }
-
- putc('\n', stderr);
- fflush(stderr);
- }
- ret = 1;
- err:
- if (a != NULL)
- BN_free(a);
- if (p != NULL)
- BN_free(p);
- if (r != NULL)
- BN_free(r);
- return ret;
-}
-
-int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_)
-{
- BIGNUM *a, *b, *c, *d;
- int i;
-
- b = BN_new();
- c = BN_new();
- d = BN_new();
- BN_one(c);
-
- if (a_)
- a = a_;
- else {
- a = BN_new();
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- }
- for (i = 0; i < num0; i++) {
- BN_lshift(b, a, i + 1);
- BN_add(c, c, c);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_mul(d, a, c, ctx);
- BN_sub(d, d, b);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Left shift test failed!\n");
- fprintf(stderr, "a=");
- BN_print_fp(stderr, a);
- fprintf(stderr, "\nb=");
- BN_print_fp(stderr, b);
- fprintf(stderr, "\nc=");
- BN_print_fp(stderr, c);
- fprintf(stderr, "\nd=");
- BN_print_fp(stderr, d);
- fprintf(stderr, "\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- return (1);
-}
-
-int test_lshift1(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_lshift1(b, a);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " * 2");
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_add(c, a, a);
- BN_sub(a, b, c);
- if (!BN_is_zero(a)) {
- fprintf(stderr, "Left shift one test failed!\n");
- return 0;
- }
-
- BN_copy(a, b);
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int test_rshift(BIO *bp, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *c, *d, *e;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
- d = BN_new();
- e = BN_new();
- BN_one(c);
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_rshift(b, a, i + 1);
- BN_add(c, c, c);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / ");
- BN_print(bp, c);
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_div(d, e, a, c, ctx);
- BN_sub(d, d, b);
- if (!BN_is_zero(d)) {
- fprintf(stderr, "Right shift test failed!\n");
- return 0;
- }
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- BN_free(d);
- BN_free(e);
- return (1);
-}
-
-int test_rshift1(BIO *bp)
-{
- BIGNUM *a, *b, *c;
- int i;
-
- a = BN_new();
- b = BN_new();
- c = BN_new();
-
- BN_bntest_rand(a, 200, 0, 0);
- a->neg = rand_neg();
- for (i = 0; i < num0; i++) {
- BN_rshift1(b, a);
- if (bp != NULL) {
- if (!results) {
- BN_print(bp, a);
- BIO_puts(bp, " / 2");
- BIO_puts(bp, " - ");
- }
- BN_print(bp, b);
- BIO_puts(bp, "\n");
- }
- BN_sub(c, a, b);
- BN_sub(c, c, b);
- if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) {
- fprintf(stderr, "Right shift one test failed!\n");
- return 0;
- }
- BN_copy(a, b);
- }
- BN_free(a);
- BN_free(b);
- BN_free(c);
- return (1);
-}
-
-int rand_neg(void)
-{
- static unsigned int neg = 0;
- static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 };
-
- return (sign[(neg++) % 8]);
-}
diff --git a/deps/openssl/openssl/crypto/bn/build.info b/deps/openssl/openssl/crypto/bn/build.info
new file mode 100644
index 0000000000..c608ecce82
--- /dev/null
+++ b/deps/openssl/openssl/crypto/bn/build.info
@@ -0,0 +1,84 @@
+LIBS=../../libcrypto
+SOURCE[../../libcrypto]=\
+ bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c \
+ {- $target{bn_asm_src} -} \
+ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+ bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
+INCLUDE[../../libcrypto]=../../crypto/include
+
+INCLUDE[bn_exp.o]=..
+
+GENERATE[bn-586.s]=asm/bn-586.pl \
+ $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+DEPEND[bn-586.s]=../perlasm/x86asm.pl
+GENERATE[co-586.s]=asm/co-586.pl \
+ $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+DEPEND[co-586.s]=../perlasm/x86asm.pl
+GENERATE[x86-mont.s]=asm/x86-mont.pl \
+ $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+DEPEND[x86-mont.s]=../perlasm/x86asm.pl
+GENERATE[x86-gf2m.s]=asm/x86-gf2m.pl \
+ $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+DEPEND[x86-gf2m.s]=../perlasm/x86asm.pl
+
+GENERATE[sparcv9a-mont.S]=asm/sparcv9a-mont.pl $(PERLASM_SCHEME)
+INCLUDE[sparcv9a-mont.o]=..
+GENERATE[sparcv9-mont.S]=asm/sparcv9-mont.pl $(PERLASM_SCHEME)
+INCLUDE[sparcv9-mont.o]=..
+GENERATE[vis3-mont.S]=asm/vis3-mont.pl $(PERLASM_SCHEME)
+INCLUDE[vis3-mont.o]=..
+GENERATE[sparct4-mont.S]=asm/sparct4-mont.pl $(PERLASM_SCHEME)
+INCLUDE[sparct4-mont.o]=..
+GENERATE[sparcv9-gf2m.S]=asm/sparcv9-gf2m.pl $(PERLASM_SCHEME)
+INCLUDE[sparcv9-gf2m.o]=..
+
+GENERATE[bn-mips.s]=asm/mips.pl $(PERLASM_SCHEME)
+GENERATE[mips-mont.s]=asm/mips-mont.pl $(PERLASM_SCHEME)
+
+GENERATE[s390x-mont.S]=asm/s390x-mont.pl $(PERLASM_SCHEME)
+GENERATE[s390x-gf2m.s]=asm/s390x-gf2m.pl $(PERLASM_SCHEME)
+
+GENERATE[x86_64-mont.s]=asm/x86_64-mont.pl $(PERLASM_SCHEME)
+GENERATE[x86_64-mont5.s]=asm/x86_64-mont5.pl $(PERLASM_SCHEME)
+GENERATE[x86_64-gf2m.s]=asm/x86_64-gf2m.pl $(PERLASM_SCHEME)
+GENERATE[rsaz-x86_64.s]=asm/rsaz-x86_64.pl $(PERLASM_SCHEME)
+GENERATE[rsaz-avx2.s]=asm/rsaz-avx2.pl $(PERLASM_SCHEME)
+
+GENERATE[bn-ia64.s]=asm/ia64.S
+GENERATE[ia64-mont.s]=asm/ia64-mont.pl $(CFLAGS) $(LIB_CFLAGS)
+
+GENERATE[parisc-mont.s]=asm/parisc-mont.pl $(PERLASM_SCHEME)
+
+# ppc - AIX, Linux, MacOS X...
+GENERATE[bn-ppc.s]=asm/ppc.pl $(PERLASM_SCHEME)
+GENERATE[ppc-mont.s]=asm/ppc-mont.pl $(PERLASM_SCHEME)
+GENERATE[ppc64-mont.s]=asm/ppc64-mont.pl $(PERLASM_SCHEME)
+
+GENERATE[alpha-mont.S]=asm/alpha-mont.pl $(PERLASM_SCHEME)
+
+GENERATE[armv4-mont.S]=asm/armv4-mont.pl $(PERLASM_SCHEME)
+INCLUDE[armv4-mont.o]=..
+GENERATE[armv4-gf2m.S]=asm/armv4-gf2m.pl $(PERLASM_SCHEME)
+INCLUDE[armv4-gf2m.o]=..
+GENERATE[armv8-mont.S]=asm/armv8-mont.pl $(PERLASM_SCHEME)
+
+OVERRIDES=bn-mips3.o pa-risc2W.o pa-risc2.c
+BEGINRAW[Makefile]
+##### BN assembler implementations
+
+{- $builddir -}/bn-mips3.o: {- $sourcedir -}/asm/mips3.s
+ @if [ "$(CC)" = "gcc" ]; then \
+ ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
+ as -$$ABI -O -o $@ {- $sourcedir -}/asm/mips3.s; \
+ else $(CC) -c $(CFLAGS) $(LIB_CFLAGS) -o $@ {- $sourcedir -}/asm/mips3.s; fi
+
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+{- $builddir -}/pa-risc2W.o: {- $sourcedir -}/asm/pa-risc2W.s
+ CC="$(CC)" $(PERL) $(SRCDIR)/util/fipsas.pl $(SRCDIR) $< /usr/ccs/bin/as -o pa-risc2W.o {- $sourcedir -}/asm/pa-risc2W.s
+{- $builddir -}/pa-risc2.o: {- $sourcedir -}/asm/pa-risc2.s
+ CC="$(CC)" $(PERL) $(SRCDIR)/util/fipsas.pl $(SRCDIR) $< /usr/ccs/bin/as -o pa-risc2.o {- $sourcedir -}/asm/pa-risc2.s
+
+ENDRAW[Makefile]
diff --git a/deps/openssl/openssl/crypto/bn/divtest.c b/deps/openssl/openssl/crypto/bn/divtest.c
deleted file mode 100644
index 2590b4581b..0000000000
--- a/deps/openssl/openssl/crypto/bn/divtest.c
+++ /dev/null
@@ -1,42 +0,0 @@
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-
-static int Rand(n)
-{
- unsigned char x[2];
- RAND_pseudo_bytes(x, 2);
- return (x[0] + 2 * x[1]);
-}
-
-static void bug(char *m, BIGNUM *a, BIGNUM *b)
-{
- printf("%s!\na=", m);
- BN_print_fp(stdout, a);
- printf("\nb=");
- BN_print_fp(stdout, b);
- printf("\n");
- fflush(stdout);
-}
-
-main()
-{
- BIGNUM *a = BN_new(), *b = BN_new(), *c = BN_new(), *d = BN_new(),
- *C = BN_new(), *D = BN_new();
- BN_RECP_CTX *recp = BN_RECP_CTX_new();
- BN_CTX *ctx = BN_CTX_new();
-
- for (;;) {
- BN_pseudo_rand(a, Rand(), 0, 0);
- BN_pseudo_rand(b, Rand(), 0, 0);
- if (BN_is_zero(b))
- continue;
-
- BN_RECP_CTX_set(recp, b, ctx);
- if (BN_div(C, D, a, b, ctx) != 1)
- bug("BN_div failed", a, b);
- if (BN_div_recp(c, d, a, recp, ctx) != 1)
- bug("BN_div_recp failed", a, b);
- else if (BN_cmp(c, C) != 0 || BN_cmp(c, C) != 0)
- bug("mismatch", a, b);
- }
-}
diff --git a/deps/openssl/openssl/crypto/bn/exp.c b/deps/openssl/openssl/crypto/bn/exp.c
deleted file mode 100644
index fbce28c5be..0000000000
--- a/deps/openssl/openssl/crypto/bn/exp.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* unused */
-
-#include <stdio.h>
-#include <openssl/tmdiff.h>
-#include "bn_lcl.h"
-
-#define SIZE 256
-#define NUM (8*8*8)
-#define MOD (8*8*8*8*8)
-
-main(argc, argv)
-int argc;
-char *argv[];
-{
- BN_CTX ctx;
- BIGNUM a, b, c, r, rr, t, l;
- int j, i, size = SIZE, num = NUM, mod = MOD;
- char *start, *end;
- BN_MONT_CTX mont;
- double d, md;
-
- BN_MONT_CTX_init(&mont);
- BN_CTX_init(&ctx);
- BN_init(&a);
- BN_init(&b);
- BN_init(&c);
- BN_init(&r);
-
- start = ms_time_new();
- end = ms_time_new();
- while (size <= 1024 * 8) {
- BN_rand(&a, size, 0, 0);
- BN_rand(&b, size, 1, 0);
- BN_rand(&c, size, 0, 1);
-
- BN_mod(&a, &a, &c, &ctx);
-
- ms_time_get(start);
- for (i = 0; i < 10; i++)
- BN_MONT_CTX_set(&mont, &c, &ctx);
- ms_time_get(end);
- md = ms_time_diff(start, end);
-
- ms_time_get(start);
- for (i = 0; i < num; i++) {
- /* bn_mull(&r,&a,&b,&ctx); */
- /* BN_sqr(&r,&a,&ctx); */
- BN_mod_exp_mont(&r, &a, &b, &c, &ctx, &mont);
- }
- ms_time_get(end);
- d = ms_time_diff(start, end) /* *50/33 */ ;
- printf("%5d bit:%6.2f %6d %6.4f %4d m_set(%5.4f)\n", size,
- d, num, d / num, (int)((d / num) * mod), md / 10.0);
- num /= 8;
- mod /= 8;
- if (num <= 0)
- num = 1;
- size *= 2;
- }
-
-}
diff --git a/deps/openssl/openssl/crypto/bn/expspeed.c b/deps/openssl/openssl/crypto/bn/expspeed.c
deleted file mode 100644
index 8ea980cdd2..0000000000
--- a/deps/openssl/openssl/crypto/bn/expspeed.c
+++ /dev/null
@@ -1,381 +0,0 @@
-/* unused */
-
-/* crypto/bn/expspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM 5000
-#define NUM_START 0
-
-/*
- * determine timings for modexp, modmul, modsqr, gcd, Kronecker symbol,
- * modular inverse, or modular square roots
- */
-#define TEST_EXP
-#undef TEST_MUL
-#undef TEST_SQR
-#undef TEST_GCD
-#undef TEST_KRON
-#undef TEST_INV
-#undef TEST_SQRT
-#define P_MOD_64 9 /* least significant 6 bits for prime to be
- * used for BN_sqrt timings */
-
-#if defined(TEST_EXP) + defined(TEST_MUL) + defined(TEST_SQR) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1
-# error "choose one test"
-#endif
-
-#if defined(TEST_INV) || defined(TEST_SQRT)
-# define C_PRIME
-static void genprime_cb(int p, int n, void *arg);
-#endif
-
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was. If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled. -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page. It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-# define HZ 100.0
-# else /* _BSD_CLK_TCK_ */
-# define HZ ((double)_BSD_CLK_TCK_)
-# endif
-# else /* CLK_TCK */
-# define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE ((long)1024*8)
-int run = 0;
-
-static double Time_F(int s);
-#define START 0
-#define STOP 1
-
-static double Time_F(int s)
-{
- double ret;
-#ifdef TIMES
- static struct tms tstart, tend;
-
- if (s == START) {
- times(&tstart);
- return (0);
- } else {
- times(&tend);
- ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
- return ((ret < 1e-3) ? 1e-3 : ret);
- }
-#else /* !times() */
- static struct timeb tstart, tend;
- long i;
-
- if (s == START) {
- ftime(&tstart);
- return (0);
- } else {
- ftime(&tend);
- i = (long)tend.millitm - (long)tstart.millitm;
- ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
- return ((ret < 0.001) ? 0.001 : ret);
- }
-#endif
-}
-
-#define NUM_SIZES 7
-#if NUM_START > NUM_SIZES
-# error "NUM_START > NUM_SIZES"
-#endif
-static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048, 4096, 8192 };
-
-static int mul_c[NUM_SIZES] =
- { 8 * 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8, 8 * 8 * 8,
- 8 * 8, 8, 1
-};
-
-/*
- * static int sizes[NUM_SIZES]={59,179,299,419,539};
- */
-
-#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
-
-void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
-
-int main(int argc, char **argv)
-{
- BN_CTX *ctx;
- BIGNUM *a, *b, *c, *r;
-
-#if 1
- if (!CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0))
- abort();
-#endif
-
- ctx = BN_CTX_new();
- a = BN_new();
- b = BN_new();
- c = BN_new();
- r = BN_new();
-
- while (!RAND_status())
- /* not enough bits */
- RAND_SEED("I demand a manual recount!");
-
- do_mul_exp(r, a, b, c, ctx);
- return 0;
-}
-
-void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
-{
- int i, k;
- double tm;
- long num;
-
- num = BASENUM;
- for (i = NUM_START; i < NUM_SIZES; i++) {
-#ifdef C_PRIME
-# ifdef TEST_SQRT
- if (!BN_set_word(a, 64))
- goto err;
- if (!BN_set_word(b, P_MOD_64))
- goto err;
-# define ADD a
-# define REM b
-# else
-# define ADD NULL
-# define REM NULL
-# endif
- if (!BN_generate_prime(c, sizes[i], 0, ADD, REM, genprime_cb, NULL))
- goto err;
- putc('\n', stderr);
- fflush(stderr);
-#endif
-
- for (k = 0; k < num; k++) {
- if (k % 50 == 0) { /* Average over num/50 different choices of
- * random numbers. */
- if (!BN_pseudo_rand(a, sizes[i], 1, 0))
- goto err;
-
- if (!BN_pseudo_rand(b, sizes[i], 1, 0))
- goto err;
-
-#ifndef C_PRIME
- if (!BN_pseudo_rand(c, sizes[i], 1, 1))
- goto err;
-#endif
-
-#ifdef TEST_SQRT
- if (!BN_mod_sqr(a, a, c, ctx))
- goto err;
- if (!BN_mod_sqr(b, b, c, ctx))
- goto err;
-#else
- if (!BN_nnmod(a, a, c, ctx))
- goto err;
- if (!BN_nnmod(b, b, c, ctx))
- goto err;
-#endif
-
- if (k == 0)
- Time_F(START);
- }
-#if defined(TEST_EXP)
- if (!BN_mod_exp(r, a, b, c, ctx))
- goto err;
-#elif defined(TEST_MUL)
- {
- int i = 0;
- for (i = 0; i < 50; i++)
- if (!BN_mod_mul(r, a, b, c, ctx))
- goto err;
- }
-#elif defined(TEST_SQR)
- {
- int i = 0;
- for (i = 0; i < 50; i++) {
- if (!BN_mod_sqr(r, a, c, ctx))
- goto err;
- if (!BN_mod_sqr(r, b, c, ctx))
- goto err;
- }
- }
-#elif defined(TEST_GCD)
- if (!BN_gcd(r, a, b, ctx))
- goto err;
- if (!BN_gcd(r, b, c, ctx))
- goto err;
- if (!BN_gcd(r, c, a, ctx))
- goto err;
-#elif defined(TEST_KRON)
- if (-2 == BN_kronecker(a, b, ctx))
- goto err;
- if (-2 == BN_kronecker(b, c, ctx))
- goto err;
- if (-2 == BN_kronecker(c, a, ctx))
- goto err;
-#elif defined(TEST_INV)
- if (!BN_mod_inverse(r, a, c, ctx))
- goto err;
- if (!BN_mod_inverse(r, b, c, ctx))
- goto err;
-#else /* TEST_SQRT */
- if (!BN_mod_sqrt(r, a, c, ctx))
- goto err;
- if (!BN_mod_sqrt(r, b, c, ctx))
- goto err;
-#endif
- }
- tm = Time_F(STOP);
- printf(
-#if defined(TEST_EXP)
- "modexp %4d ^ %4d %% %4d"
-#elif defined(TEST_MUL)
- "50*modmul %4d %4d %4d"
-#elif defined(TEST_SQR)
- "100*modsqr %4d %4d %4d"
-#elif defined(TEST_GCD)
- "3*gcd %4d %4d %4d"
-#elif defined(TEST_KRON)
- "3*kronecker %4d %4d %4d"
-#elif defined(TEST_INV)
- "2*inv %4d %4d mod %4d"
-#else /* TEST_SQRT */
- "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
-#endif
- " -> %8.6fms %5.1f (%ld)\n",
-#ifdef TEST_SQRT
- P_MOD_64,
-#endif
- sizes[i], sizes[i], sizes[i], tm * 1000.0 / num,
- tm * mul_c[i] / num, num);
- num /= 7;
- if (num <= 0)
- num = 1;
- }
- return;
-
- err:
- ERR_print_errors_fp(stderr);
-}
-
-#ifdef C_PRIME
-static void genprime_cb(int p, int n, void *arg)
-{
- char c = '*';
-
- if (p == 0)
- c = '.';
- if (p == 1)
- c = '+';
- if (p == 2)
- c = '*';
- if (p == 3)
- c = '\n';
- putc(c, stderr);
- fflush(stderr);
- (void)n;
- (void)arg;
-}
-#endif
diff --git a/deps/openssl/openssl/crypto/bn/exptest.c b/deps/openssl/openssl/crypto/bn/exptest.c
deleted file mode 100644
index 779ee90203..0000000000
--- a/deps/openssl/openssl/crypto/bn/exptest.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* crypto/bn/exptest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "../e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#define NUM_BITS (BN_BITS*2)
-
-static const char rnd_seed[] =
- "string to make the random number generator think it has entropy";
-
-/*
- * Test that r == 0 in test_exp_mod_zero(). Returns one on success,
- * returns zero and prints debug output otherwise.
- */
-static int a_is_zero_mod_one(const char *method, const BIGNUM *r,
- const BIGNUM *a) {
- if (!BN_is_zero(r)) {
- fprintf(stderr, "%s failed:\n", method);
- fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n");
- fprintf(stderr, "a = ");
- BN_print_fp(stderr, a);
- fprintf(stderr, "\nr = ");
- BN_print_fp(stderr, r);
- fprintf(stderr, "\n");
- return 0;
- }
- return 1;
-}
-
-/*
- * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
- */
-static int test_exp_mod_zero()
-{
- BIGNUM a, p, m;
- BIGNUM r;
- BN_ULONG one_word = 1;
- BN_CTX *ctx = BN_CTX_new();
- int ret = 1, failed = 0;
-
- BN_init(&m);
- BN_one(&m);
-
- BN_init(&a);
- BN_one(&a);
-
- BN_init(&p);
- BN_zero(&p);
-
- BN_init(&r);
-
- if (!BN_rand(&a, 1024, 0, 0))
- goto err;
-
- if (!BN_mod_exp(&r, &a, &p, &m, ctx))
- goto err;
-
- if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))
- failed = 1;
-
- if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))
- goto err;
-
- if (!a_is_zero_mod_one("BN_mod_exp_recp", &r, &a))
- failed = 1;
-
- if (!BN_mod_exp_simple(&r, &a, &p, &m, ctx))
- goto err;
-
- if (!a_is_zero_mod_one("BN_mod_exp_simple", &r, &a))
- failed = 1;
-
- if (!BN_mod_exp_mont(&r, &a, &p, &m, ctx, NULL))
- goto err;
-
- if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))
- failed = 1;
-
- if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {
- goto err;
- }
-
- if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", &r, &a))
- failed = 1;
-
- /*
- * A different codepath exists for single word multiplication
- * in non-constant-time only.
- */
- if (!BN_mod_exp_mont_word(&r, one_word, &p, &m, ctx, NULL))
- goto err;
-
- if (!BN_is_zero(&r)) {
- fprintf(stderr, "BN_mod_exp_mont_word failed:\n");
- fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n");
- fprintf(stderr, "r = ");
- BN_print_fp(stderr, &r);
- fprintf(stderr, "\n");
- return 0;
- }
-
- ret = failed;
-
- err:
- BN_free(&r);
- BN_free(&a);
- BN_free(&p);
- BN_free(&m);
- BN_CTX_free(ctx);
-
- return ret;
-}
-
-int main(int argc, char *argv[])
-{
- BN_CTX *ctx;
- BIO *out = NULL;
- int i, ret;
- unsigned char c;
- BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
-
- /*
- * Seed or BN_rand may fail, and we don't even check its return
- * value (which we should)
- */
- RAND_seed(rnd_seed, sizeof(rnd_seed));
-
- ERR_load_BN_strings();
-
- ctx = BN_CTX_new();
- if (ctx == NULL)
- EXIT(1);
- r_mont = BN_new();
- r_mont_const = BN_new();
- r_recp = BN_new();
- r_simple = BN_new();
- a = BN_new();
- b = BN_new();
- m = BN_new();
- if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
- goto err;
-
- out = BIO_new(BIO_s_file());
-
- if (out == NULL)
- EXIT(1);
- BIO_set_fp(out, stdout, BIO_NOCLOSE);
-
- for (i = 0; i < 200; i++) {
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(a, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(b, NUM_BITS + c, 0, 0);
-
- RAND_bytes(&c, 1);
- c = (c % BN_BITS) - BN_BITS2;
- BN_rand(m, NUM_BITS + c, 0, 1);
-
- BN_mod(a, a, m, ctx);
- BN_mod(b, b, m, ctx);
-
- ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_recp() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
- if (ret <= 0) {
- printf("BN_mod_exp_simple() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
- if (ret <= 0) {
- printf("BN_mod_exp_mont_consttime() problems\n");
- ERR_print_errors(out);
- EXIT(1);
- }
-
- if (BN_cmp(r_simple, r_mont) == 0
- && BN_cmp(r_simple, r_recp) == 0
- && BN_cmp(r_simple, r_mont_const) == 0) {
- printf(".");
- fflush(stdout);
- } else {
- if (BN_cmp(r_simple, r_mont) != 0)
- printf("\nsimple and mont results differ\n");
- if (BN_cmp(r_simple, r_mont_const) != 0)
- printf("\nsimple and mont const time results differ\n");
- if (BN_cmp(r_simple, r_recp) != 0)
- printf("\nsimple and recp results differ\n");
-
- printf("a (%3d) = ", BN_num_bits(a));
- BN_print(out, a);
- printf("\nb (%3d) = ", BN_num_bits(b));
- BN_print(out, b);
- printf("\nm (%3d) = ", BN_num_bits(m));
- BN_print(out, m);
- printf("\nsimple =");
- BN_print(out, r_simple);
- printf("\nrecp =");
- BN_print(out, r_recp);
- printf("\nmont =");
- BN_print(out, r_mont);
- printf("\nmont_ct =");
- BN_print(out, r_mont_const);
- printf("\n");
- EXIT(1);
- }
- }
- BN_free(r_mont);
- BN_free(r_mont_const);
- BN_free(r_recp);
- BN_free(r_simple);
- BN_free(a);
- BN_free(b);
- BN_free(m);
- BN_CTX_free(ctx);
- ERR_remove_thread_state(NULL);
- CRYPTO_mem_leaks(out);
- BIO_free(out);
- printf("\n");
-
- if (test_exp_mod_zero() != 0)
- goto err;
-
- printf("done\n");
-
- EXIT(0);
- err:
- ERR_load_crypto_strings();
- ERR_print_errors(out);
-#ifdef OPENSSL_SYS_NETWARE
- printf("ERROR\n");
-#endif
- EXIT(1);
- return (1);
-}
diff --git a/deps/openssl/openssl/crypto/bn/rsaz_exp.c b/deps/openssl/openssl/crypto/bn/rsaz_exp.c
index c54c6feb51..1a70f6cade 100644
--- a/deps/openssl/openssl/crypto/bn/rsaz_exp.c
+++ b/deps/openssl/openssl/crypto/bn/rsaz_exp.c
@@ -1,3 +1,12 @@
+/*
+ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
/*****************************************************************************
* *
* Copyright (c) 2012, Intel Corporation *
@@ -40,9 +49,12 @@
* (2) University of Haifa, Israel *
*****************************************************************************/
+#include <openssl/opensslconf.h>
#include "rsaz_exp.h"
-#ifdef RSAZ_ENABLED
+#ifndef RSAZ_ENABLED
+NON_EMPTY_TRANSLATION_UNIT
+#else
/*
* See crypto/bn/asm/rsaz-avx2.pl for further details.
@@ -241,7 +253,7 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
rsaz_1024_sqr_avx2(result, result, m, k0, 5);
- wvalue = *((unsigned short *)&p_str[index / 8]);
+ wvalue = (p_str[(index / 8) + 1] << 8) | p_str[index / 8];
wvalue = (wvalue >> (index % 8)) & 31;
index -= 5;
@@ -337,10 +349,4 @@ void RSAZ_512_mod_exp(BN_ULONG result[8],
OPENSSL_cleanse(storage, sizeof(storage));
}
-#else
-
-# if defined(PEDANTIC) || defined(__DECC) || defined(__clang__)
-static void *dummy = &dummy;
-# endif
-
#endif
diff --git a/deps/openssl/openssl/crypto/bn/rsaz_exp.h b/deps/openssl/openssl/crypto/bn/rsaz_exp.h
index 229e181f67..9501cc8089 100644
--- a/deps/openssl/openssl/crypto/bn/rsaz_exp.h
+++ b/deps/openssl/openssl/crypto/bn/rsaz_exp.h
@@ -1,3 +1,12 @@
+/*
+ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
/*****************************************************************************
* *
* Copyright (c) 2012, Intel Corporation *
diff --git a/deps/openssl/openssl/crypto/bn/todo b/deps/openssl/openssl/crypto/bn/todo
deleted file mode 100644
index e47e381aea..0000000000
--- a/deps/openssl/openssl/crypto/bn/todo
+++ /dev/null
@@ -1,3 +0,0 @@
-Cache RECP_CTX values
-make the result argument independant of the inputs.
-split up the _exp_ functions
diff --git a/deps/openssl/openssl/crypto/bn/vms-helper.c b/deps/openssl/openssl/crypto/bn/vms-helper.c
deleted file mode 100644
index f342e90cbf..0000000000
--- a/deps/openssl/openssl/crypto/bn/vms-helper.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* vms-helper.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-bn_div_words_abort(int i)
-{
-#ifdef BN_DEBUG
-# if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
- fprintf(stderr, "Division would overflow (%d)\n", i);
-# endif
- abort();
-#endif
-}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-20 13:04:02 +0000