OpenCoverage

bn_nist.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/bn/bn_nist.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3static const unsigned long _nist_p_192[][(192+64 -1)/64] = {-
4 {0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL},-
5 {0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL},-
6 {0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL}-
7};-
8static const unsigned long _nist_p_192_sqr[] = {-
9 0x0000000000000001ULL, 0x0000000000000002ULL, 0x0000000000000001ULL,-
10 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL-
11};-
12static const unsigned long _nist_p_224[][(224+64 -1)/64] = {-
13 {-
14 0x0000000000000001ULL, 0xFFFFFFFF00000000ULL,-
15 0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL-
16 },-
17 {-
18 0x0000000000000002ULL, 0xFFFFFFFE00000000ULL,-
19 0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFFULL-
20 }-
21};-
22static const unsigned long _nist_p_224_sqr[] = {-
23 0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,-
24 0xFFFFFFFFFFFFFFFFULL, 0x0000000200000000ULL,-
25 0x0000000000000000ULL, 0xFFFFFFFFFFFFFFFEULL,-
26 0xFFFFFFFFFFFFFFFFULL-
27};-
28static const unsigned long _nist_p_256[][(256+64 -1)/64] = {-
29 {-
30 0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL,-
31 0x0000000000000000ULL, 0xFFFFFFFF00000001ULL-
32 },-
33 {-
34 0xFFFFFFFFFFFFFFFEULL, 0x00000001FFFFFFFFULL,-
35 0x0000000000000000ULL, 0xFFFFFFFE00000002ULL-
36 },-
37 {-
38 0xFFFFFFFFFFFFFFFDULL, 0x00000002FFFFFFFFULL,-
39 0x0000000000000000ULL, 0xFFFFFFFD00000003ULL-
40 },-
41 {-
42 0xFFFFFFFFFFFFFFFCULL, 0x00000003FFFFFFFFULL,-
43 0x0000000000000000ULL, 0xFFFFFFFC00000004ULL-
44 },-
45 {-
46 0xFFFFFFFFFFFFFFFBULL, 0x00000004FFFFFFFFULL,-
47 0x0000000000000000ULL, 0xFFFFFFFB00000005ULL-
48 },-
49};-
50static const unsigned long _nist_p_256_sqr[] = {-
51 0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,-
52 0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFEULL,-
53 0x00000001FFFFFFFEULL, 0x00000001FFFFFFFEULL,-
54 0xFFFFFFFE00000001ULL, 0xFFFFFFFE00000002ULL-
55};-
56static const unsigned long _nist_p_384[][(384+64 -1)/64] = {-
57 {-
58 0x00000000FFFFFFFFULL, 0xFFFFFFFF00000000ULL,-
59 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL,-
60 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
61 },-
62 {-
63 0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL,-
64 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL,-
65 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
66 },-
67 {-
68 0x00000002FFFFFFFDULL, 0xFFFFFFFD00000000ULL,-
69 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL,-
70 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
71 },-
72 {-
73 0x00000003FFFFFFFCULL, 0xFFFFFFFC00000000ULL,-
74 0xFFFFFFFFFFFFFFFBULL, 0xFFFFFFFFFFFFFFFFULL,-
75 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
76 },-
77 {-
78 0x00000004FFFFFFFBULL, 0xFFFFFFFB00000000ULL,-
79 0xFFFFFFFFFFFFFFFAULL, 0xFFFFFFFFFFFFFFFFULL,-
80 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
81 },-
82};-
83static const unsigned long _nist_p_384_sqr[] = {-
84 0xFFFFFFFE00000001ULL, 0x0000000200000000ULL, 0xFFFFFFFE00000000ULL,-
85 0x0000000200000000ULL, 0x0000000000000001ULL, 0x0000000000000000ULL,-
86 0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,-
87 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
88};-
89static const unsigned long _nist_p_521[] = {-
90 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
91 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
92 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0x00000000000001FFULL-
93};-
94static const unsigned long _nist_p_521_sqr[] = {-
95 0x0000000000000001ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,-
96 0x0000000000000000ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,-
97 0x0000000000000000ULL, 0x0000000000000000ULL, 0xFFFFFFFFFFFFFC00ULL,-
98 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
99 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
100 0xFFFFFFFFFFFFFFFFULL, 0x000000000003FFFFULL-
101};-
102static const BIGNUM _bignum_nist_p_192 = {-
103 (unsigned long *)_nist_p_192[0],-
104 (192+64 -1)/64,-
105 (192+64 -1)/64,-
106 0,-
107 0x02-
108};-
109-
110static const BIGNUM _bignum_nist_p_224 = {-
111 (unsigned long *)_nist_p_224[0],-
112 (224+64 -1)/64,-
113 (224+64 -1)/64,-
114 0,-
115 0x02-
116};-
117-
118static const BIGNUM _bignum_nist_p_256 = {-
119 (unsigned long *)_nist_p_256[0],-
120 (256+64 -1)/64,-
121 (256+64 -1)/64,-
122 0,-
123 0x02-
124};-
125-
126static const BIGNUM _bignum_nist_p_384 = {-
127 (unsigned long *)_nist_p_384[0],-
128 (384+64 -1)/64,-
129 (384+64 -1)/64,-
130 0,-
131 0x02-
132};-
133-
134static const BIGNUM _bignum_nist_p_521 = {-
135 (unsigned long *)_nist_p_521,-
136 (521+64 -1)/64,-
137 (521+64 -1)/64,-
138 0,-
139 0x02-
140};-
141-
142-
143const BIGNUM *-
144BN_get0_nist_prime_192(void)-
145{-
146 return
never executed: return &_bignum_nist_p_192;
 &_bignum_nist_p_192;
never executed: return &_bignum_nist_p_192;
0
147}-
148-
149const BIGNUM *-
150BN_get0_nist_prime_224(void)-
151{-
152 return
never executed: return &_bignum_nist_p_224;
 &_bignum_nist_p_224;
never executed: return &_bignum_nist_p_224;
0
153}-
154-
155const BIGNUM *-
156BN_get0_nist_prime_256(void)-
157{-
158 return
never executed: return &_bignum_nist_p_256;
 &_bignum_nist_p_256;
never executed: return &_bignum_nist_p_256;
0
159}-
160-
161const BIGNUM *-
162BN_get0_nist_prime_384(void)-
163{-
164 return
never executed: return &_bignum_nist_p_384;
 &_bignum_nist_p_384;
never executed: return &_bignum_nist_p_384;
0
165}-
166-
167const BIGNUM *-
168BN_get0_nist_prime_521(void)-
169{-
170 return
never executed: return &_bignum_nist_p_521;
 &_bignum_nist_p_521;
never executed: return &_bignum_nist_p_521;
0
171}-
172-
173static void-
174nist_cp_bn_0(unsigned long *dst, const unsigned long *src, int top, int max)-
175{-
176 int i;-
177-
178-
179-
180-
181 for (i = 0; i < top
i < topDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
182 dst[i] = src[i];
never executed: dst[i] = src[i];
0
183 for (; i < max
i < maxDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
184 dst[i] = 0;
never executed: dst[i] = 0;
0
185}
never executed: end of block
0
186-
187static void nist_cp_bn(unsigned long *dst, const unsigned long *src, int top)-
188{-
189 int i;-
190-
191 for (i = 0; i < top
i < topDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
192 dst[i] = src[i];
never executed: dst[i] = src[i];
0
193}
never executed: end of block
0
194int-
195BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)-
196{-
197 int top = a->top, i;-
198 int carry;-
199 unsigned long *r_d, *a_d = a->d;-
200 union {-
201 unsigned long bn[(192+64 -1)/64];-
202 unsigned int ui[(192+64 -1)/64 *-
203 sizeof(unsigned long) / sizeof(unsigned int)];-
204 } buf;-
205 unsigned long c_d[(192+64 -1)/64], *res;-
206 uintptr_t mask;-
207 static const BIGNUM _bignum_nist_p_192_sqr = {-
208 (unsigned long *)_nist_p_192_sqr,-
209 sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),-
210 sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),-
211 0,-
212 0x02-
213 };-
214-
215 field = &_bignum_nist_p_192;-
216-
217 if (((
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
a)->neg != 0)
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_192_sqr) >= 0
BN_ucmp(a, &_b..._192_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
218 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
219-
220 i = BN_ucmp(field, a);-
221 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
222 (BN_set_word((r),0));-
223 return
never executed: return 1;
 1;
never executed: return 1;
0
224 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
225 return
never executed: return (r == a) ? 1 : (BN_copy(r , a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r , a) !=
never executed: return (r == a) ? 1 : (BN_copy(r , a) != ((void *)0) );
0
226 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r , a) != ((void *)0) );
0
227 );
never executed: return (r == a) ? 1 : (BN_copy(r , a) != ((void *)0) );
0
228-
229 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
230 if (!((((
(((192+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
192+64 -1)/64) <= (r)->dmax)
(((192+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
?(r):bn_expand2((r),((192+64 -1)/64)))
!((((192+64 -1...2+64 -1)/64)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
231 return
never executed: return 0;
 0;
never executed: return 0;
0
232 r_d = r->d;-
233 nist_cp_bn(r_d, a_d, (192+64 -1)/64);-
234 }
never executed: end of block
 else		0
235 r_d = a_d;
never executed: r_d = a_d;
0
236-
237 nist_cp_bn_0(buf.bn, a_d + (192+64 -1)/64, top - (192+64 -1)/64,-
238 (192+64 -1)/64);-
239-
240-
241 {-
242 long acc;-
243 unsigned int *rp = (unsigned int *)r_d;-
244 const unsigned int *bp = (const unsigned int *)buf.ui;-
245-
246 acc = rp[0];-
247 acc += bp[3 * 2 - 6];-
248 acc += bp[5 * 2 - 6];-
249 rp[0] = (unsigned int)acc;-
250 acc >>= 32;-
251-
252 acc += rp[1];-
253 acc += bp[3 * 2 - 5];-
254 acc += bp[5 * 2 - 5];-
255 rp[1] = (unsigned int)acc;-
256 acc >>= 32;-
257-
258 acc += rp[2];-
259 acc += bp[3 * 2 - 6];-
260 acc += bp[4 * 2 - 6];-
261 acc += bp[5 * 2 - 6];-
262 rp[2] = (unsigned int)acc;-
263 acc >>= 32;-
264-
265 acc += rp[3];-
266 acc += bp[3 * 2 - 5];-
267 acc += bp[4 * 2 - 5];-
268 acc += bp[5 * 2 - 5];-
269 rp[3] = (unsigned int)acc;-
270 acc >>= 32;-
271-
272 acc += rp[4];-
273 acc += bp[4 * 2 - 6];-
274 acc += bp[5 * 2 - 6];-
275 rp[4] = (unsigned int)acc;-
276 acc >>= 32;-
277-
278 acc += rp[5];-
279 acc += bp[4 * 2 - 5];-
280 acc += bp[5 * 2 - 5];-
281 rp[5] = (unsigned int)acc;-
282-
283 carry = (int)(acc >> 32);-
284 }-
285 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
286 carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1], (192+64 -1)/64);
0
287 (192+64 -1)/64);
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1], (192+64 -1)/64);
0
288 else-
289 carry = 1;
never executed: carry = 1;
0
290-
291-
292-
293-
294-
295-
296-
297 mask = 0 - (uintptr_t)bn_sub_words(c_d, r_d, _nist_p_192[0],-
298 (192+64 -1)/64);-
299 mask &= 0 - (uintptr_t)carry;-
300 res = c_d;-
301 res = (unsigned long *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));-
302 nist_cp_bn(r_d, res, (192+64 -1)/64);-
303 r->top = (192+64 -1)/64;-
304 { unsigned long *ftl; int tmp_top = (r)->top; if (tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
) { for (ftl= &((r)->d[tmp_top-1]); tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
; tmp_top--) if (*(
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
ftl--)
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
) break;
never executed: break;
 (r)->top = tmp_top; }
never executed: end of block
 ; };		0
305-
306 return
never executed: return 1;
 1;
never executed: return 1;
0
307}-
308-
309typedef unsigned long (*bn_addsub_f)(unsigned long *, const unsigned long *,-
310 const unsigned long *, int);-
311int-
312BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)-
313{-
314 int top = a->top, i;-
315 int carry;-
316 unsigned long *r_d, *a_d = a->d;-
317 union {-
318 unsigned long bn[(224+64 -1)/64];-
319 unsigned int ui[(224+64 -1)/64 *-
320 sizeof(unsigned long) / sizeof(unsigned int)];-
321 } buf;-
322 unsigned long c_d[(224+64 -1)/64], *res;-
323 uintptr_t mask;-
324 union {-
325 bn_addsub_f f;-
326 uintptr_t p;-
327 } u;-
328 static const BIGNUM _bignum_nist_p_224_sqr = {-
329 (unsigned long *)_nist_p_224_sqr,-
330 sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),-
331 sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),-
332 0,-
333 0x02-
334 };-
335-
336 field = &_bignum_nist_p_224;-
337-
338 if (((
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
a)->neg != 0)
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_224_sqr) >= 0
BN_ucmp(a, &_b..._224_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
339 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
340-
341 i = BN_ucmp(field, a);-
342 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
343 (BN_set_word((r),0));-
344 return
never executed: return 1;
 1;
never executed: return 1;
0
345 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
346 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
347 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
348 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
349-
350 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
351 if (!((((
(((224+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
224+64 -1)/64) <= (r)->dmax)
(((224+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
?(r):bn_expand2((r),((224+64 -1)/64)))
!((((224+64 -1...4+64 -1)/64)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
352 return
never executed: return 0;
 0;
never executed: return 0;
0
353 r_d = r->d;-
354 nist_cp_bn(r_d, a_d, (224+64 -1)/64);-
355 }
never executed: end of block
 else		0
356 r_d = a_d;
never executed: r_d = a_d;
0
357-
358 memset(&buf, 0, sizeof(buf));-
359-
360-
361-
362 nist_cp_bn_0(c_d, a_d + ((224+64 -1)/64 - 1),-
363 top - ((224+64 -1)/64 - 1), (224+64 -1)/64);-
364-
365 { (((8) - 7)>=0)?(((0)&1)?(buf.bn[(0)/2]|=(((8) - 7)&1)?(c_d[((8) - 7)/2]&(0xffffffff00000000L)):(c_d[((8) - 7)/2]<<32)) :(buf.bn[(0)/2] =(((8) - 7)&1)?(c_d[((8) - 7)/2]>>32):(c_d[((8) - 7)/2]&(0xffffffffL)))):(((0)&1)?(buf.bn[(0)/2]&=(0xffffffffL)):(buf.bn[(0)/2]=0)); (((9) - 7)>=0)?(((1)&1)?(buf.bn[(1)/2]|=(((9) - 7)&1)?(c_d[((9) - 7)/2]&(0xffffffff00000000L)):(c_d[((9) - 7)/2]<<32)) :(buf.bn[(1)/2] =(((9) - 7)&1)?(c_d[((9) - 7)/2]>>32):(c_d[((9) - 7)/2]&(0xffffffffL)))):(((1)&1)?(buf.bn[(1)/2]&=(0xffffffffL)):(buf.bn[(1)/2]=0)); (((10) - 7)>=0)?(((2)&1)?(buf.bn[(2)/2]|=(((10) - 7)&1)?(c_d[((10) - 7)/2]&(0xffffffff00000000L)):(c_d[((10) - 7)/2]<<32)) :(buf.bn[(2)/2] =(((10) - 7)&1)?(c_d[((10) - 7)/2]>>32):(c_d[((10) - 7)/2]&(0xffffffffL)))):(((2)&1)?(buf.bn[(2)/2]&=(0xffffffffL)):(buf.bn[(2)/2]=0)); (((11) - 7)>=0)?(((3)&1)?(buf.bn[(3)/2]|=(((11) - 7)&1)?(c_d[((11) - 7)/2]&(0xffffffff00000000L)):(c_d[((11) - 7)/2]<<32)) :(buf.bn[(3)/2] =(((11) - 7)&1)?(c_d[((11) - 7)/2]>>32):(c_d[((11) - 7)/2]&(0xffffffffL)))):(((3)&1)?(buf.bn[(3)/2]&=(0xffffffffL)):(buf.bn[(3)/2]=0)); (((12) - 7)>=0)?(((4)&1)?(buf.bn[(4)/2]|=(((12) - 7)&1)?(c_d[((12) - 7)/2]&(0xffffffff00000000L)):(c_d[((12) - 7)/2]<<32)) :(buf.bn[(4)/2] =(((12) - 7)&1)?(c_d[((12) - 7)/2]>>32):(c_d[((12) - 7)/2]&(0xffffffffL)))):(((4)&1)?(buf.bn[(4)/2]&=(0xffffffffL)):(buf.bn[(4)/2]=0)); (((13) - 7)>=0)?(((5)&1)?(buf.bn[(5)/2]|=(((13) - 7)&1)?(c_d[((13) - 7)/2]&(0xffffffff00000000L)):(c_d[((13) - 7)/2]<<32)) :(buf.bn[(5)/2] =(((13) - 7)&1)?(c_d[((13) - 7)/2]>>32):(c_d[((13) - 7)/2]&(0xffffffffL)))):(((5)&1)?(buf.bn[(5)/2]&=(0xffffffffL)):(buf.bn[(5)/2]=0)); (((14) - 7)>=0)?(((6)&1)?(buf.bn[(6)/2]|=(((14) - 7)&1)?(c_d[((14) - 7)/2]&(0xffffffff00000000L)):(c_d[((14) - 7)/2]<<32)) :(buf.bn[(6)/2] =(((14) - 7)&1)?(c_d[((14) - 7)/2]>>32):(c_d[((14) - 7)/2]&(0xffffffffL)))):(((6)&1)?(buf.bn[(6)/2]&=(0xffffffffL)):(buf.bn[(6)/2]=0)); };-
366-
367 r_d[(224+64 -1)/64 - 1] &= (0xffffffffL);-
368 {-
369 unsigned long t_d[(224+64 -1)/64] = {0};-
370-
371 { (((0) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(0)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((0) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(1)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((0) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(2)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((7) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((7) - 7)&1)?(buf.bn[((7) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((7) - 7)/2]<<32)) :(t_d[(3)/2] =(((7) - 7)&1)?(buf.bn[((7) - 7)/2]>>32):(buf.bn[((7) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((8) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((8) - 7)&1)?(buf.bn[((8) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((8) - 7)/2]<<32)) :(t_d[(4)/2] =(((8) - 7)&1)?(buf.bn[((8) - 7)/2]>>32):(buf.bn[((8) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((9) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((9) - 7)&1)?(buf.bn[((9) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((9) - 7)/2]<<32)) :(t_d[(5)/2] =(((9) - 7)&1)?(buf.bn[((9) - 7)/2]>>32):(buf.bn[((9) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((10) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((10) - 7)&1)?(buf.bn[((10) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((10) - 7)/2]<<32)) :(t_d[(6)/2] =(((10) - 7)&1)?(buf.bn[((10) - 7)/2]>>32):(buf.bn[((10) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
372 carry = (int)bn_add_words(r_d, r_d, t_d, (224+64 -1)/64);-
373 { (((0) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(0)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((0) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(1)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((0) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(2)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((11) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(3)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((12) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(4)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((13) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(5)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((0) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(6)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
374 carry += (int)bn_add_words(r_d, r_d, t_d, (224+64 -1)/64);-
375 { (((7) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((7) - 7)&1)?(buf.bn[((7) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((7) - 7)/2]<<32)) :(t_d[(0)/2] =(((7) - 7)&1)?(buf.bn[((7) - 7)/2]>>32):(buf.bn[((7) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((8) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((8) - 7)&1)?(buf.bn[((8) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((8) - 7)/2]<<32)) :(t_d[(1)/2] =(((8) - 7)&1)?(buf.bn[((8) - 7)/2]>>32):(buf.bn[((8) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((9) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((9) - 7)&1)?(buf.bn[((9) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((9) - 7)/2]<<32)) :(t_d[(2)/2] =(((9) - 7)&1)?(buf.bn[((9) - 7)/2]>>32):(buf.bn[((9) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((10) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((10) - 7)&1)?(buf.bn[((10) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((10) - 7)/2]<<32)) :(t_d[(3)/2] =(((10) - 7)&1)?(buf.bn[((10) - 7)/2]>>32):(buf.bn[((10) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((11) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(4)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((12) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(5)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((13) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(6)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
376 carry -= (int)bn_sub_words(r_d, r_d, t_d, (224+64 -1)/64);-
377 { (((11) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(0)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((12) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(1)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((13) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(2)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((0) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(3)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((0) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(4)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((0) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(5)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((0) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(6)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
378 carry -= (int)bn_sub_words(r_d, r_d, t_d, (224+64 -1)/64);-
379-
380-
381 carry = (int)(r_d[(224+64 -1)/64 - 1] >> 32);-
382-
383 }-
384-
385 u.f = bn_sub_words;-
386 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
387 carry = (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],-
388 (224+64 -1)/64);-
389-
390 carry = (int)(~(r_d[(224+64 -1)/64 - 1] >> 32)) & 1;-
391-
392 }
never executed: end of block
 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
393-
394-
395-
396-
397-
398-
399 carry = (int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],-
400 (224+64 -1)/64);-
401 mask = 0 - (uintptr_t)carry;-
402 u.p = ((uintptr_t)bn_sub_words & mask) |-
403 ((uintptr_t)bn_add_words & ~mask);-
404 }
never executed: end of block
 else		0
405 carry = 1;
never executed: carry = 1;
0
406-
407-
408 mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_224[0], (224+64 -1)/64);-
409 mask &= 0 - (uintptr_t)carry;-
410 res = c_d;-
411 res = (unsigned long *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));-
412 nist_cp_bn(r_d, res, (224+64 -1)/64);-
413 r->top = (224+64 -1)/64;-
414 { unsigned long *ftl; int tmp_top = (r)->top; if (tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
) { for (ftl= &((r)->d[tmp_top-1]); tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
; tmp_top--) if (*(
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
ftl--)
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
) break;
never executed: break;
 (r)->top = tmp_top; }
never executed: end of block
 ; };		0
415-
416 return
never executed: return 1;
 1;
never executed: return 1;
0
417}-
418int-
419BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)-
420{-
421 int i, top = a->top;-
422 int carry = 0;-
423 unsigned long *a_d = a->d, *r_d;-
424 union {-
425 unsigned long bn[(256+64 -1)/64];-
426 unsigned int ui[(256+64 -1)/64 *-
427 sizeof(unsigned long) / sizeof(unsigned int)];-
428 } buf;-
429 unsigned long c_d[(256+64 -1)/64] = {0}, *res;-
430 uintptr_t mask;-
431 union {-
432 bn_addsub_f f;-
433 uintptr_t p;-
434 } u;-
435 static const BIGNUM _bignum_nist_p_256_sqr = {-
436 (unsigned long *)_nist_p_256_sqr,-
437 sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),-
438 sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),-
439 0,-
440 0x02-
441 };-
442-
443 field = &_bignum_nist_p_256;-
444-
445 if (((
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
a)->neg != 0)
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_256_sqr) >= 0
BN_ucmp(a, &_b..._256_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
446 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
447-
448 i = BN_ucmp(field, a);-
449 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
450 (BN_set_word((r),0));-
451 return
never executed: return 1;
 1;
never executed: return 1;
0
452 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
453 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
454 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
455 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
456-
457 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
458 if (!((((
(((256+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
256+64 -1)/64) <= (r)->dmax)
(((256+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
?(r):bn_expand2((r),((256+64 -1)/64)))
!((((256+64 -1...6+64 -1)/64)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
459 return
never executed: return 0;
 0;
never executed: return 0;
0
460 r_d = r->d;-
461 nist_cp_bn(r_d, a_d, (256+64 -1)/64);-
462 }
never executed: end of block
 else		0
463 r_d = a_d;
never executed: r_d = a_d;
0
464-
465 nist_cp_bn_0(buf.bn, a_d + (256+64 -1)/64,-
466 top - (256+64 -1)/64, (256+64 -1)/64);-
467-
468-
469 {-
470 long acc;-
471 unsigned int *rp = (unsigned int *)r_d;-
472 const unsigned int *bp = (const unsigned int *)buf.ui;-
473-
474 acc = rp[0];-
475 acc += bp[8 - 8];-
476 acc += bp[9 - 8];-
477 acc -= bp[11 - 8];-
478 acc -= bp[12 - 8];-
479 acc -= bp[13 - 8];-
480 acc -= bp[14 - 8];-
481 rp[0] = (unsigned int)acc;-
482 acc >>= 32;-
483-
484 acc += rp[1];-
485 acc += bp[9 - 8];-
486 acc += bp[10 - 8];-
487 acc -= bp[12 - 8];-
488 acc -= bp[13 - 8];-
489 acc -= bp[14 - 8];-
490 acc -= bp[15 - 8];-
491 rp[1] = (unsigned int)acc;-
492 acc >>= 32;-
493-
494 acc += rp[2];-
495 acc += bp[10 - 8];-
496 acc += bp[11 - 8];-
497 acc -= bp[13 - 8];-
498 acc -= bp[14 - 8];-
499 acc -= bp[15 - 8];-
500 rp[2] = (unsigned int)acc;-
501 acc >>= 32;-
502-
503 acc += rp[3];-
504 acc += bp[11 - 8];-
505 acc += bp[11 - 8];-
506 acc += bp[12 - 8];-
507 acc += bp[12 - 8];-
508 acc += bp[13 - 8];-
509 acc -= bp[15 - 8];-
510 acc -= bp[8 - 8];-
511 acc -= bp[9 - 8];-
512 rp[3] = (unsigned int)acc;-
513 acc >>= 32;-
514-
515 acc += rp[4];-
516 acc += bp[12 - 8];-
517 acc += bp[12 - 8];-
518 acc += bp[13 - 8];-
519 acc += bp[13 - 8];-
520 acc += bp[14 - 8];-
521 acc -= bp[9 - 8];-
522 acc -= bp[10 - 8];-
523 rp[4] = (unsigned int)acc;-
524 acc >>= 32;-
525-
526 acc += rp[5];-
527 acc += bp[13 - 8];-
528 acc += bp[13 - 8];-
529 acc += bp[14 - 8];-
530 acc += bp[14 - 8];-
531 acc += bp[15 - 8];-
532 acc -= bp[10 - 8];-
533 acc -= bp[11 - 8];-
534 rp[5] = (unsigned int)acc;-
535 acc >>= 32;-
536-
537 acc += rp[6];-
538 acc += bp[14 - 8];-
539 acc += bp[14 - 8];-
540 acc += bp[15 - 8];-
541 acc += bp[15 - 8];-
542 acc += bp[14 - 8];-
543 acc += bp[13 - 8];-
544 acc -= bp[8 - 8];-
545 acc -= bp[9 - 8];-
546 rp[6] = (unsigned int)acc;-
547 acc >>= 32;-
548-
549 acc += rp[7];-
550 acc += bp[15 - 8];-
551 acc += bp[15 - 8];-
552 acc += bp[15 - 8];-
553 acc += bp[8 - 8];-
554 acc -= bp[10 - 8];-
555 acc -= bp[11 - 8];-
556 acc -= bp[12 - 8];-
557 acc -= bp[13 - 8];-
558 rp[7] = (unsigned int)acc;-
559-
560 carry = (int)(acc >> 32);-
561 }-
562 u.f = bn_sub_words;-
563 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
564 carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1], (256+64 -1)/64);
0
565 (256+64 -1)/64);
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1], (256+64 -1)/64);
0
566 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
567 carry = (int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],-
568 (256+64 -1)/64);-
569 mask = 0 - (uintptr_t)carry;-
570 u.p = ((uintptr_t)bn_sub_words & mask) |-
571 ((uintptr_t)bn_add_words & ~mask);-
572 }
never executed: end of block
 else		0
573 carry = 1;
never executed: carry = 1;
0
574-
575 mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_256[0], (256+64 -1)/64);-
576 mask &= 0 - (uintptr_t)carry;-
577 res = c_d;-
578 res = (unsigned long *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));-
579 nist_cp_bn(r_d, res, (256+64 -1)/64);-
580 r->top = (256+64 -1)/64;-
581 { unsigned long *ftl; int tmp_top = (r)->top; if (tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
) { for (ftl= &((r)->d[tmp_top-1]); tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
; tmp_top--) if (*(
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
ftl--)
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
) break;
never executed: break;
 (r)->top = tmp_top; }
never executed: end of block
 ; };		0
582-
583 return
never executed: return 1;
 1;
never executed: return 1;
0
584}-
585int-
586BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)-
587{-
588 int i, top = a->top;-
589 int carry = 0;-
590 unsigned long *r_d, *a_d = a->d;-
591 union {-
592 unsigned long bn[(384+64 -1)/64];-
593 unsigned int ui[(384+64 -1)/64 *-
594 sizeof(unsigned long) / sizeof(unsigned int)];-
595 } buf;-
596 unsigned long c_d[(384+64 -1)/64], *res;-
597 uintptr_t mask;-
598 union {-
599 bn_addsub_f f;-
600 uintptr_t p;-
601 } u;-
602 static const BIGNUM _bignum_nist_p_384_sqr = {-
603 (unsigned long *)_nist_p_384_sqr,-
604 sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),-
605 sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),-
606 0,-
607 0x02-
608 };-
609-
610 field = &_bignum_nist_p_384;-
611-
612 if (((
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
a)->neg != 0)
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_384_sqr) >= 0
BN_ucmp(a, &_b..._384_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
613 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
614-
615 i = BN_ucmp(field, a);-
616 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
617 (BN_set_word((r),0));-
618 return
never executed: return 1;
 1;
never executed: return 1;
0
619 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
620 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
621 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
622 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
623-
624 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
625 if (!((((
(((384+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
384+64 -1)/64) <= (r)->dmax)
(((384+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
?(r):bn_expand2((r),((384+64 -1)/64)))
!((((384+64 -1...4+64 -1)/64)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
626 return
never executed: return 0;
 0;
never executed: return 0;
0
627 r_d = r->d;-
628 nist_cp_bn(r_d, a_d, (384+64 -1)/64);-
629 }
never executed: end of block
 else		0
630 r_d = a_d;
never executed: r_d = a_d;
0
631-
632 nist_cp_bn_0(buf.bn, a_d + (384+64 -1)/64,-
633 top - (384+64 -1)/64, (384+64 -1)/64);-
634-
635-
636 {-
637 long acc;-
638 unsigned int *rp = (unsigned int *)r_d;-
639 const unsigned int *bp = (const unsigned int *)buf.ui;-
640-
641 acc = rp[0];-
642 acc += bp[12 - 12];-
643 acc += bp[21 - 12];-
644 acc += bp[20 - 12];-
645 acc -= bp[23 - 12];-
646 rp[0] = (unsigned int)acc;-
647 acc >>= 32;-
648-
649 acc += rp[1];-
650 acc += bp[13 - 12];-
651 acc += bp[22 - 12];-
652 acc += bp[23 - 12];-
653 acc -= bp[12 - 12];-
654 acc -= bp[20 - 12];-
655 rp[1] = (unsigned int)acc;-
656 acc >>= 32;-
657-
658 acc += rp[2];-
659 acc += bp[14 - 12];-
660 acc += bp[23 - 12];-
661 acc -= bp[13 - 12];-
662 acc -= bp[21 - 12];-
663 rp[2] = (unsigned int)acc;-
664 acc >>= 32;-
665-
666 acc += rp[3];-
667 acc += bp[15 - 12];-
668 acc += bp[12 - 12];-
669 acc += bp[20 - 12];-
670 acc += bp[21 - 12];-
671 acc -= bp[14 - 12];-
672 acc -= bp[22 - 12];-
673 acc -= bp[23 - 12];-
674 rp[3] = (unsigned int)acc;-
675 acc >>= 32;-
676-
677 acc += rp[4];-
678 acc += bp[21 - 12];-
679 acc += bp[21 - 12];-
680 acc += bp[16 - 12];-
681 acc += bp[13 - 12];-
682 acc += bp[12 - 12];-
683 acc += bp[20 - 12];-
684 acc += bp[22 - 12];-
685 acc -= bp[15 - 12];-
686 acc -= bp[23 - 12];-
687 acc -= bp[23 - 12];-
688 rp[4] = (unsigned int)acc;-
689 acc >>= 32;-
690-
691 acc += rp[5];-
692 acc += bp[22 - 12];-
693 acc += bp[22 - 12];-
694 acc += bp[17 - 12];-
695 acc += bp[14 - 12];-
696 acc += bp[13 - 12];-
697 acc += bp[21 - 12];-
698 acc += bp[23 - 12];-
699 acc -= bp[16 - 12];-
700 rp[5] = (unsigned int)acc;-
701 acc >>= 32;-
702-
703 acc += rp[6];-
704 acc += bp[23 - 12];-
705 acc += bp[23 - 12];-
706 acc += bp[18 - 12];-
707 acc += bp[15 - 12];-
708 acc += bp[14 - 12];-
709 acc += bp[22 - 12];-
710 acc -= bp[17 - 12];-
711 rp[6] = (unsigned int)acc;-
712 acc >>= 32;-
713-
714 acc += rp[7];-
715 acc += bp[19 - 12];-
716 acc += bp[16 - 12];-
717 acc += bp[15 - 12];-
718 acc += bp[23 - 12];-
719 acc -= bp[18 - 12];-
720 rp[7] = (unsigned int)acc;-
721 acc >>= 32;-
722-
723 acc += rp[8];-
724 acc += bp[20 - 12];-
725 acc += bp[17 - 12];-
726 acc += bp[16 - 12];-
727 acc -= bp[19 - 12];-
728 rp[8] = (unsigned int)acc;-
729 acc >>= 32;-
730-
731 acc += rp[9];-
732 acc += bp[21 - 12];-
733 acc += bp[18 - 12];-
734 acc += bp[17 - 12];-
735 acc -= bp[20 - 12];-
736 rp[9] = (unsigned int)acc;-
737 acc >>= 32;-
738-
739 acc += rp[10];-
740 acc += bp[22 - 12];-
741 acc += bp[19 - 12];-
742 acc += bp[18 - 12];-
743 acc -= bp[21 - 12];-
744 rp[10] = (unsigned int)acc;-
745 acc >>= 32;-
746-
747 acc += rp[11];-
748 acc += bp[23 - 12];-
749 acc += bp[20 - 12];-
750 acc += bp[19 - 12];-
751 acc -= bp[22 - 12];-
752 rp[11] = (unsigned int)acc;-
753-
754 carry = (int)(acc >> 32);-
755 }-
756 u.f = bn_sub_words;-
757 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
758 carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1], (384+64 -1)/64);
0
759 (384+64 -1)/64);
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1], (384+64 -1)/64);
0
760 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
761 carry = (int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],-
762 (384+64 -1)/64);-
763 mask = 0 - (uintptr_t)carry;-
764 u.p = ((uintptr_t)bn_sub_words & mask) |-
765 ((uintptr_t)bn_add_words & ~mask);-
766 }
never executed: end of block
 else		0
767 carry = 1;
never executed: carry = 1;
0
768-
769 mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_384[0], (384+64 -1)/64);-
770 mask &= 0 - (uintptr_t)carry;-
771 res = c_d;-
772 res = (unsigned long *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));-
773 nist_cp_bn(r_d, res, (384+64 -1)/64);-
774 r->top = (384+64 -1)/64;-
775 { unsigned long *ftl; int tmp_top = (r)->top; if (tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
) { for (ftl= &((r)->d[tmp_top-1]); tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
; tmp_top--) if (*(
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
ftl--)
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
) break;
never executed: break;
 (r)->top = tmp_top; }
never executed: end of block
 ; };		0
776-
777 return
never executed: return 1;
 1;
never executed: return 1;
0
778}-
779-
780-
781-
782-
783-
784int-
785BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)-
786{-
787 int top = a->top, i;-
788 unsigned long *r_d, *a_d = a->d, t_d[(521+64 -1)/64], val, tmp, *res;-
789 uintptr_t mask;-
790 static const BIGNUM _bignum_nist_p_521_sqr = {-
791 (unsigned long *)_nist_p_521_sqr,-
792 sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),-
793 sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),-
794 0,-
795 0x02-
796 };-
797-
798 field = &_bignum_nist_p_521;-
799-
800 if (((
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
a)->neg != 0)
((a)->neg != 0)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_521_sqr) >= 0
BN_ucmp(a, &_b..._521_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
801 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
802-
803 i = BN_ucmp(field, a);-
804 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
805 (BN_set_word((r),0));-
806 return
never executed: return 1;
 1;
never executed: return 1;
0
807 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
808 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
809 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
810 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
811-
812 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
813 if (!((((
(((521+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
521+64 -1)/64) <= (r)->dmax)
(((521+64 -1)/... <= (r)->dmax)Description
TRUEnever evaluated
FALSEnever evaluated
?(r):bn_expand2((r),((521+64 -1)/64)))
!((((521+64 -1...1+64 -1)/64)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
814 return
never executed: return 0;
 0;
never executed: return 0;
0
815 r_d = r->d;-
816 nist_cp_bn(r_d, a_d, (521+64 -1)/64);-
817 }
never executed: end of block
 else		0
818 r_d = a_d;
never executed: r_d = a_d;
0
819-
820-
821 nist_cp_bn_0(t_d, a_d + ((521+64 -1)/64 - 1),-
822 top - ((521+64 -1)/64 - 1), (521+64 -1)/64);-
823-
824 for (val = t_d[0], i = 0; i < (521+64 -1)/64 - 1
i < (521+64 -1)/64 - 1Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
825 tmp = val >> (521%64);-
826 val = t_d[i + 1];-
827 t_d[i] = (tmp | val << (64 -(521%64))) & (0xffffffffffffffffL);-
828 }
never executed: end of block
0
829 t_d[i] = val >> (521%64);-
830-
831 r_d[i] &= ((unsigned long)(0xffffffffffffffffL)>>(64 -(521%64)));-
832-
833 bn_add_words(r_d, r_d, t_d, (521+64 -1)/64);-
834 mask = 0 - (uintptr_t)bn_sub_words(t_d, r_d, _nist_p_521,-
835 (521+64 -1)/64);-
836 res = t_d;-
837 res = (unsigned long *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));-
838 nist_cp_bn(r_d, res, (521+64 -1)/64);-
839 r->top = (521+64 -1)/64;-
840 { unsigned long *ftl; int tmp_top = (r)->top; if (tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
) { for (ftl= &((r)->d[tmp_top-1]); tmp_top > 0
tmp_top > 0Description
TRUEnever evaluated
FALSEnever evaluated
; tmp_top--) if (*(
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
ftl--)
*(ftl--)Description
TRUEnever evaluated
FALSEnever evaluated
) break;
never executed: break;
 (r)->top = tmp_top; }
never executed: end of block
 ; };		0
841-
842 return
never executed: return 1;
 1;
never executed: return 1;
0
843}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2