OpenCoverage

bn_nist.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/bn/bn_nist.c
Switch to Source codePreprocessed file
LineSourceCount
1static const unsigned long _nist_p_192[][(192+(8 * 8)-1)/(8 * 8)] = {-
2 {0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL},-
3 {0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL},-
4 {0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL}-
5};-
6-
7static const unsigned long _nist_p_192_sqr[] = {-
8 0x0000000000000001ULL, 0x0000000000000002ULL, 0x0000000000000001ULL,-
9 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL-
10};-
11-
12static const unsigned long _nist_p_224[][(224+(8 * 8)-1)/(8 * 8)] = {-
13 {0x0000000000000001ULL, 0xFFFFFFFF00000000ULL,-
14 0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL},-
15 {0x0000000000000002ULL, 0xFFFFFFFE00000000ULL,-
16 0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFFULL}-
17-
18};-
19-
20static const unsigned long _nist_p_224_sqr[] = {-
21 0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,-
22 0xFFFFFFFFFFFFFFFFULL, 0x0000000200000000ULL,-
23 0x0000000000000000ULL, 0xFFFFFFFFFFFFFFFEULL,-
24 0xFFFFFFFFFFFFFFFFULL-
25};-
26-
27static const unsigned long _nist_p_256[][(256+(8 * 8)-1)/(8 * 8)] = {-
28 {0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL,-
29 0x0000000000000000ULL, 0xFFFFFFFF00000001ULL},-
30 {0xFFFFFFFFFFFFFFFEULL, 0x00000001FFFFFFFFULL,-
31 0x0000000000000000ULL, 0xFFFFFFFE00000002ULL},-
32 {0xFFFFFFFFFFFFFFFDULL, 0x00000002FFFFFFFFULL,-
33 0x0000000000000000ULL, 0xFFFFFFFD00000003ULL},-
34 {0xFFFFFFFFFFFFFFFCULL, 0x00000003FFFFFFFFULL,-
35 0x0000000000000000ULL, 0xFFFFFFFC00000004ULL},-
36 {0xFFFFFFFFFFFFFFFBULL, 0x00000004FFFFFFFFULL,-
37 0x0000000000000000ULL, 0xFFFFFFFB00000005ULL},-
38};-
39-
40static const unsigned long _nist_p_256_sqr[] = {-
41 0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,-
42 0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFEULL,-
43 0x00000001FFFFFFFEULL, 0x00000001FFFFFFFEULL,-
44 0xFFFFFFFE00000001ULL, 0xFFFFFFFE00000002ULL-
45};-
46-
47static const unsigned long _nist_p_384[][(384+(8 * 8)-1)/(8 * 8)] = {-
48 {0x00000000FFFFFFFFULL, 0xFFFFFFFF00000000ULL, 0xFFFFFFFFFFFFFFFEULL,-
49 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},-
50 {0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,-
51 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},-
52 {0x00000002FFFFFFFDULL, 0xFFFFFFFD00000000ULL, 0xFFFFFFFFFFFFFFFCULL,-
53 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},-
54 {0x00000003FFFFFFFCULL, 0xFFFFFFFC00000000ULL, 0xFFFFFFFFFFFFFFFBULL,-
55 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},-
56 {0x00000004FFFFFFFBULL, 0xFFFFFFFB00000000ULL, 0xFFFFFFFFFFFFFFFAULL,-
57 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},-
58};-
59-
60static const unsigned long _nist_p_384_sqr[] = {-
61 0xFFFFFFFE00000001ULL, 0x0000000200000000ULL, 0xFFFFFFFE00000000ULL,-
62 0x0000000200000000ULL, 0x0000000000000001ULL, 0x0000000000000000ULL,-
63 0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,-
64 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL-
65};-
66-
67static const unsigned long _nist_p_521[] =-
68 { 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
69 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
70 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
71 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
72 0x00000000000001FFULL-
73};-
74-
75static const unsigned long _nist_p_521_sqr[] = {-
76 0x0000000000000001ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,-
77 0x0000000000000000ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,-
78 0x0000000000000000ULL, 0x0000000000000000ULL, 0xFFFFFFFFFFFFFC00ULL,-
79 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
80 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,-
81 0xFFFFFFFFFFFFFFFFULL, 0x000000000003FFFFULL-
82};-
83static const BIGNUM _bignum_nist_p_192 = {-
84 (unsigned long *)_nist_p_192[0],-
85 (192+(8 * 8)-1)/(8 * 8),-
86 (192+(8 * 8)-1)/(8 * 8),-
87 0,-
88 0x02-
89};-
90-
91static const BIGNUM _bignum_nist_p_224 = {-
92 (unsigned long *)_nist_p_224[0],-
93 (224+(8 * 8)-1)/(8 * 8),-
94 (224+(8 * 8)-1)/(8 * 8),-
95 0,-
96 0x02-
97};-
98-
99static const BIGNUM _bignum_nist_p_256 = {-
100 (unsigned long *)_nist_p_256[0],-
101 (256+(8 * 8)-1)/(8 * 8),-
102 (256+(8 * 8)-1)/(8 * 8),-
103 0,-
104 0x02-
105};-
106-
107static const BIGNUM _bignum_nist_p_384 = {-
108 (unsigned long *)_nist_p_384[0],-
109 (384+(8 * 8)-1)/(8 * 8),-
110 (384+(8 * 8)-1)/(8 * 8),-
111 0,-
112 0x02-
113};-
114-
115static const BIGNUM _bignum_nist_p_521 = {-
116 (unsigned long *)_nist_p_521,-
117 (521+(8 * 8)-1)/(8 * 8),-
118 (521+(8 * 8)-1)/(8 * 8),-
119 0,-
120 0x02-
121};-
122-
123const BIGNUM *BN_get0_nist_prime_192(void)-
124{-
125 return
never executed: return &_bignum_nist_p_192;
 &_bignum_nist_p_192;
never executed: return &_bignum_nist_p_192;
0
126}-
127-
128const BIGNUM *BN_get0_nist_prime_224(void)-
129{-
130 return
never executed: return &_bignum_nist_p_224;
 &_bignum_nist_p_224;
never executed: return &_bignum_nist_p_224;
0
131}-
132-
133const BIGNUM *BN_get0_nist_prime_256(void)-
134{-
135 return
never executed: return &_bignum_nist_p_256;
 &_bignum_nist_p_256;
never executed: return &_bignum_nist_p_256;
0
136}-
137-
138const BIGNUM *BN_get0_nist_prime_384(void)-
139{-
140 return
never executed: return &_bignum_nist_p_384;
 &_bignum_nist_p_384;
never executed: return &_bignum_nist_p_384;
0
141}-
142-
143const BIGNUM *BN_get0_nist_prime_521(void)-
144{-
145 return
never executed: return &_bignum_nist_p_521;
 &_bignum_nist_p_521;
never executed: return &_bignum_nist_p_521;
0
146}-
147-
148static void nist_cp_bn_0(unsigned long *dst, const unsigned long *src, int top, int max)-
149{-
150 int i;-
151-
152-
153-
154-
155 for (i = 0; i < top
i < topDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
156 dst[i] = src[i];
never executed: dst[i] = src[i];
0
157 for (; i < max
i < maxDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
158 dst[i] = 0;
never executed: dst[i] = 0;
0
159}
never executed: end of block
0
160-
161static void nist_cp_bn(unsigned long *dst, const unsigned long *src, int top)-
162{-
163 int i;-
164-
165 for (i = 0; i < top
i < topDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
166 dst[i] = src[i];
never executed: dst[i] = src[i];
0
167}
never executed: end of block
0
168int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,-
169 BN_CTX *ctx)-
170{-
171 int top = a->top, i;-
172 int carry;-
173 register unsigned long *r_d, *a_d = a->d;-
174 union {-
175 unsigned long bn[(192+(8 * 8)-1)/(8 * 8)];-
176 unsigned int ui[(192+(8 * 8)-1)/(8 * 8) * sizeof(unsigned long) /-
177 sizeof(unsigned int)];-
178 } buf;-
179 unsigned long c_d[(192+(8 * 8)-1)/(8 * 8)], *res;-
180 size_t mask;-
181 static const BIGNUM _bignum_nist_p_192_sqr = {-
182 (unsigned long *)_nist_p_192_sqr,-
183 (sizeof(_nist_p_192_sqr)/sizeof((_nist_p_192_sqr)[0])),-
184 (sizeof(_nist_p_192_sqr)/sizeof((_nist_p_192_sqr)[0])),-
185 0, 0x02-
186 };-
187-
188 field = &_bignum_nist_p_192;-
189-
190 if (BN_is_negative(a)
BN_is_negative(a)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_192_sqr) >= 0
BN_ucmp(a, &_b..._192_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
191 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
192-
193 i = BN_ucmp(field, a);-
194 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
195 (BN_set_word((r),0));-
196 return
never executed: return 1;
 1;
never executed: return 1;
0
197 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
198 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
199 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
200 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
201-
202 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
203 if (!bn_wexpand(r, (192+(8 * 8)-1)/(8 * 8))
!bn_wexpand(r,...8)-1)/(8 * 8))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
204 return
never executed: return 0;
 0;
never executed: return 0;
0
205 r_d = r->d;-
206 nist_cp_bn(r_d, a_d, (192+(8 * 8)-1)/(8 * 8));-
207 }
never executed: end of block
 else		0
208 r_d = a_d;
never executed: r_d = a_d;
0
209-
210 nist_cp_bn_0(buf.bn, a_d + (192+(8 * 8)-1)/(8 * 8), top - (192+(8 * 8)-1)/(8 * 8),-
211 (192+(8 * 8)-1)/(8 * 8));-
212-
213-
214 {-
215 long long acc;-
216 unsigned int *rp = (unsigned int *)r_d;-
217 const unsigned int *bp = (const unsigned int *)buf.ui;-
218-
219 acc = rp[0];-
220 acc += bp[3 * 2 - 6];-
221 acc += bp[5 * 2 - 6];-
222 rp[0] = (unsigned int)acc;-
223 acc >>= 32;-
224-
225 acc += rp[1];-
226 acc += bp[3 * 2 - 5];-
227 acc += bp[5 * 2 - 5];-
228 rp[1] = (unsigned int)acc;-
229 acc >>= 32;-
230-
231 acc += rp[2];-
232 acc += bp[3 * 2 - 6];-
233 acc += bp[4 * 2 - 6];-
234 acc += bp[5 * 2 - 6];-
235 rp[2] = (unsigned int)acc;-
236 acc >>= 32;-
237-
238 acc += rp[3];-
239 acc += bp[3 * 2 - 5];-
240 acc += bp[4 * 2 - 5];-
241 acc += bp[5 * 2 - 5];-
242 rp[3] = (unsigned int)acc;-
243 acc >>= 32;-
244-
245 acc += rp[4];-
246 acc += bp[4 * 2 - 6];-
247 acc += bp[5 * 2 - 6];-
248 rp[4] = (unsigned int)acc;-
249 acc >>= 32;-
250-
251 acc += rp[5];-
252 acc += bp[4 * 2 - 5];-
253 acc += bp[5 * 2 - 5];-
254 rp[5] = (unsigned int)acc;-
255-
256 carry = (int)(acc >> 32);-
257 }-
258 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
259 carry =
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1], (192+(8 * 8)-1)/(8 * 8));
0
260 (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1], (192+(8 * 8)-1)/(8 * 8));
0
261 (192+(8 * 8)-1)/(8 * 8));
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1], (192+(8 * 8)-1)/(8 * 8));
0
262 else-
263 carry = 1;
never executed: carry = 1;
0
264-
265-
266-
267-
268-
269-
270-
271 mask =-
272 0 - (size_t) bn_sub_words(c_d, r_d, _nist_p_192[0],-
273 (192+(8 * 8)-1)/(8 * 8));-
274 mask &= 0 - (size_t) carry;-
275 res = c_d;-
276 res = (unsigned long *)-
277 (((size_t) res & ~mask) | ((size_t) r_d & mask));-
278 nist_cp_bn(r_d, res, (192+(8 * 8)-1)/(8 * 8));-
279 r->top = (192+(8 * 8)-1)/(8 * 8);-
280 bn_correct_top(r);-
281-
282 return
never executed: return 1;
 1;
never executed: return 1;
0
283}-
284-
285typedef unsigned long (*bn_addsub_f) (unsigned long *, const unsigned long *,-
286 const unsigned long *, int);-
287int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,-
288 BN_CTX *ctx)-
289{-
290 int top = a->top, i;-
291 int carry;-
292 unsigned long *r_d, *a_d = a->d;-
293 union {-
294 unsigned long bn[(224+(8 * 8)-1)/(8 * 8)];-
295 unsigned int ui[(224+(8 * 8)-1)/(8 * 8) * sizeof(unsigned long) /-
296 sizeof(unsigned int)];-
297 } buf;-
298 unsigned long c_d[(224+(8 * 8)-1)/(8 * 8)], *res;-
299 size_t mask;-
300 union {-
301 bn_addsub_f f;-
302 size_t p;-
303 } u;-
304 static const BIGNUM _bignum_nist_p_224_sqr = {-
305 (unsigned long *)_nist_p_224_sqr,-
306 (sizeof(_nist_p_224_sqr)/sizeof((_nist_p_224_sqr)[0])),-
307 (sizeof(_nist_p_224_sqr)/sizeof((_nist_p_224_sqr)[0])),-
308 0, 0x02-
309 };-
310-
311 field = &_bignum_nist_p_224;-
312-
313 if (BN_is_negative(a)
BN_is_negative(a)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_224_sqr) >= 0
BN_ucmp(a, &_b..._224_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
314 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
315-
316 i = BN_ucmp(field, a);-
317 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
318 (BN_set_word((r),0));-
319 return
never executed: return 1;
 1;
never executed: return 1;
0
320 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
321 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
322 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
323 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
324-
325 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
326 if (!bn_wexpand(r, (224+(8 * 8)-1)/(8 * 8))
!bn_wexpand(r,...8)-1)/(8 * 8))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
327 return
never executed: return 0;
 0;
never executed: return 0;
0
328 r_d = r->d;-
329 nist_cp_bn(r_d, a_d, (224+(8 * 8)-1)/(8 * 8));-
330 }
never executed: end of block
 else		0
331 r_d = a_d;
never executed: r_d = a_d;
0
332-
333-
334-
335 nist_cp_bn_0(c_d, a_d + ((224+(8 * 8)-1)/(8 * 8) - 1),-
336 top - ((224+(8 * 8)-1)/(8 * 8) - 1), (224+(8 * 8)-1)/(8 * 8));-
337-
338 { (((8) - 7)>=0)?(((0)&1)?(buf.bn[(0)/2]|=(((8) - 7)&1)?(c_d[((8) - 7)/2]&(0xffffffff00000000L)):(c_d[((8) - 7)/2]<<32)) :(buf.bn[(0)/2] =(((8) - 7)&1)?(c_d[((8) - 7)/2]>>32):(c_d[((8) - 7)/2]&(0xffffffffL)))):(((0)&1)?(buf.bn[(0)/2]&=(0xffffffffL)):(buf.bn[(0)/2]=0)); (((9) - 7)>=0)?(((1)&1)?(buf.bn[(1)/2]|=(((9) - 7)&1)?(c_d[((9) - 7)/2]&(0xffffffff00000000L)):(c_d[((9) - 7)/2]<<32)) :(buf.bn[(1)/2] =(((9) - 7)&1)?(c_d[((9) - 7)/2]>>32):(c_d[((9) - 7)/2]&(0xffffffffL)))):(((1)&1)?(buf.bn[(1)/2]&=(0xffffffffL)):(buf.bn[(1)/2]=0)); (((10) - 7)>=0)?(((2)&1)?(buf.bn[(2)/2]|=(((10) - 7)&1)?(c_d[((10) - 7)/2]&(0xffffffff00000000L)):(c_d[((10) - 7)/2]<<32)) :(buf.bn[(2)/2] =(((10) - 7)&1)?(c_d[((10) - 7)/2]>>32):(c_d[((10) - 7)/2]&(0xffffffffL)))):(((2)&1)?(buf.bn[(2)/2]&=(0xffffffffL)):(buf.bn[(2)/2]=0)); (((11) - 7)>=0)?(((3)&1)?(buf.bn[(3)/2]|=(((11) - 7)&1)?(c_d[((11) - 7)/2]&(0xffffffff00000000L)):(c_d[((11) - 7)/2]<<32)) :(buf.bn[(3)/2] =(((11) - 7)&1)?(c_d[((11) - 7)/2]>>32):(c_d[((11) - 7)/2]&(0xffffffffL)))):(((3)&1)?(buf.bn[(3)/2]&=(0xffffffffL)):(buf.bn[(3)/2]=0)); (((12) - 7)>=0)?(((4)&1)?(buf.bn[(4)/2]|=(((12) - 7)&1)?(c_d[((12) - 7)/2]&(0xffffffff00000000L)):(c_d[((12) - 7)/2]<<32)) :(buf.bn[(4)/2] =(((12) - 7)&1)?(c_d[((12) - 7)/2]>>32):(c_d[((12) - 7)/2]&(0xffffffffL)))):(((4)&1)?(buf.bn[(4)/2]&=(0xffffffffL)):(buf.bn[(4)/2]=0)); (((13) - 7)>=0)?(((5)&1)?(buf.bn[(5)/2]|=(((13) - 7)&1)?(c_d[((13) - 7)/2]&(0xffffffff00000000L)):(c_d[((13) - 7)/2]<<32)) :(buf.bn[(5)/2] =(((13) - 7)&1)?(c_d[((13) - 7)/2]>>32):(c_d[((13) - 7)/2]&(0xffffffffL)))):(((5)&1)?(buf.bn[(5)/2]&=(0xffffffffL)):(buf.bn[(5)/2]=0)); (((14) - 7)>=0)?(((6)&1)?(buf.bn[(6)/2]|=(((14) - 7)&1)?(c_d[((14) - 7)/2]&(0xffffffff00000000L)):(c_d[((14) - 7)/2]<<32)) :(buf.bn[(6)/2] =(((14) - 7)&1)?(c_d[((14) - 7)/2]>>32):(c_d[((14) - 7)/2]&(0xffffffffL)))):(((6)&1)?(buf.bn[(6)/2]&=(0xffffffffL)):(buf.bn[(6)/2]=0)); };-
339-
340 r_d[(224+(8 * 8)-1)/(8 * 8) - 1] &= (0xffffffffL);-
341 {-
342 unsigned long t_d[(224+(8 * 8)-1)/(8 * 8)];-
343-
344 { (((0) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(0)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((0) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(1)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((0) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(2)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((7) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((7) - 7)&1)?(buf.bn[((7) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((7) - 7)/2]<<32)) :(t_d[(3)/2] =(((7) - 7)&1)?(buf.bn[((7) - 7)/2]>>32):(buf.bn[((7) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((8) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((8) - 7)&1)?(buf.bn[((8) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((8) - 7)/2]<<32)) :(t_d[(4)/2] =(((8) - 7)&1)?(buf.bn[((8) - 7)/2]>>32):(buf.bn[((8) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((9) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((9) - 7)&1)?(buf.bn[((9) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((9) - 7)/2]<<32)) :(t_d[(5)/2] =(((9) - 7)&1)?(buf.bn[((9) - 7)/2]>>32):(buf.bn[((9) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((10) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((10) - 7)&1)?(buf.bn[((10) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((10) - 7)/2]<<32)) :(t_d[(6)/2] =(((10) - 7)&1)?(buf.bn[((10) - 7)/2]>>32):(buf.bn[((10) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
345 carry = (int)bn_add_words(r_d, r_d, t_d, (224+(8 * 8)-1)/(8 * 8));-
346 { (((0) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(0)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((0) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(1)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((0) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(2)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((11) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(3)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((12) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(4)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((13) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(5)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((0) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(6)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
347 carry += (int)bn_add_words(r_d, r_d, t_d, (224+(8 * 8)-1)/(8 * 8));-
348 { (((7) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((7) - 7)&1)?(buf.bn[((7) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((7) - 7)/2]<<32)) :(t_d[(0)/2] =(((7) - 7)&1)?(buf.bn[((7) - 7)/2]>>32):(buf.bn[((7) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((8) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((8) - 7)&1)?(buf.bn[((8) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((8) - 7)/2]<<32)) :(t_d[(1)/2] =(((8) - 7)&1)?(buf.bn[((8) - 7)/2]>>32):(buf.bn[((8) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((9) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((9) - 7)&1)?(buf.bn[((9) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((9) - 7)/2]<<32)) :(t_d[(2)/2] =(((9) - 7)&1)?(buf.bn[((9) - 7)/2]>>32):(buf.bn[((9) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((10) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((10) - 7)&1)?(buf.bn[((10) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((10) - 7)/2]<<32)) :(t_d[(3)/2] =(((10) - 7)&1)?(buf.bn[((10) - 7)/2]>>32):(buf.bn[((10) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((11) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(4)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((12) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(5)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((13) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(6)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
349 carry -= (int)bn_sub_words(r_d, r_d, t_d, (224+(8 * 8)-1)/(8 * 8));-
350 { (((11) - 7)>=0)?(((0)&1)?(t_d[(0)/2]|=(((11) - 7)&1)?(buf.bn[((11) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((11) - 7)/2]<<32)) :(t_d[(0)/2] =(((11) - 7)&1)?(buf.bn[((11) - 7)/2]>>32):(buf.bn[((11) - 7)/2]&(0xffffffffL)))):(((0)&1)?(t_d[(0)/2]&=(0xffffffffL)):(t_d[(0)/2]=0)); (((12) - 7)>=0)?(((1)&1)?(t_d[(1)/2]|=(((12) - 7)&1)?(buf.bn[((12) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((12) - 7)/2]<<32)) :(t_d[(1)/2] =(((12) - 7)&1)?(buf.bn[((12) - 7)/2]>>32):(buf.bn[((12) - 7)/2]&(0xffffffffL)))):(((1)&1)?(t_d[(1)/2]&=(0xffffffffL)):(t_d[(1)/2]=0)); (((13) - 7)>=0)?(((2)&1)?(t_d[(2)/2]|=(((13) - 7)&1)?(buf.bn[((13) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((13) - 7)/2]<<32)) :(t_d[(2)/2] =(((13) - 7)&1)?(buf.bn[((13) - 7)/2]>>32):(buf.bn[((13) - 7)/2]&(0xffffffffL)))):(((2)&1)?(t_d[(2)/2]&=(0xffffffffL)):(t_d[(2)/2]=0)); (((0) - 7)>=0)?(((3)&1)?(t_d[(3)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(3)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((3)&1)?(t_d[(3)/2]&=(0xffffffffL)):(t_d[(3)/2]=0)); (((0) - 7)>=0)?(((4)&1)?(t_d[(4)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(4)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((4)&1)?(t_d[(4)/2]&=(0xffffffffL)):(t_d[(4)/2]=0)); (((0) - 7)>=0)?(((5)&1)?(t_d[(5)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(5)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((5)&1)?(t_d[(5)/2]&=(0xffffffffL)):(t_d[(5)/2]=0)); (((0) - 7)>=0)?(((6)&1)?(t_d[(6)/2]|=(((0) - 7)&1)?(buf.bn[((0) - 7)/2]&(0xffffffff00000000L)):(buf.bn[((0) - 7)/2]<<32)) :(t_d[(6)/2] =(((0) - 7)&1)?(buf.bn[((0) - 7)/2]>>32):(buf.bn[((0) - 7)/2]&(0xffffffffL)))):(((6)&1)?(t_d[(6)/2]&=(0xffffffffL)):(t_d[(6)/2]=0)); };-
351 carry -= (int)bn_sub_words(r_d, r_d, t_d, (224+(8 * 8)-1)/(8 * 8));-
352-
353-
354 carry = (int)(r_d[(224+(8 * 8)-1)/(8 * 8) - 1] >> 32);-
355-
356 }-
357-
358 u.f = bn_sub_words;-
359 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
360 carry =-
361 (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],-
362 (224+(8 * 8)-1)/(8 * 8));-
363-
364 carry = (int)(~(r_d[(224+(8 * 8)-1)/(8 * 8) - 1] >> 32)) & 1;-
365-
366 }
never executed: end of block
 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
367-
368-
369-
370-
371-
372-
373-
374 carry =-
375 (int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],-
376 (224+(8 * 8)-1)/(8 * 8));-
377 mask = 0 - (size_t) carry;-
378 u.p = ((size_t) bn_sub_words & mask) |-
379 ((size_t) bn_add_words & ~mask);-
380 }
never executed: end of block
 else		0
381 carry = 1;
never executed: carry = 1;
0
382-
383-
384 mask =-
385 0 - (size_t) (*u.f) (c_d, r_d, _nist_p_224[0], (224+(8 * 8)-1)/(8 * 8));-
386 mask &= 0 - (size_t) carry;-
387 res = c_d;-
388 res = (unsigned long *)(((size_t) res & ~mask) |-
389 ((size_t) r_d & mask));-
390 nist_cp_bn(r_d, res, (224+(8 * 8)-1)/(8 * 8));-
391 r->top = (224+(8 * 8)-1)/(8 * 8);-
392 bn_correct_top(r);-
393-
394 return
never executed: return 1;
 1;
never executed: return 1;
0
395}-
396int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,-
397 BN_CTX *ctx)-
398{-
399 int i, top = a->top;-
400 int carry = 0;-
401 register unsigned long *a_d = a->d, *r_d;-
402 union {-
403 unsigned long bn[(256+(8 * 8)-1)/(8 * 8)];-
404 unsigned int ui[(256+(8 * 8)-1)/(8 * 8) * sizeof(unsigned long) /-
405 sizeof(unsigned int)];-
406 } buf;-
407 unsigned long c_d[(256+(8 * 8)-1)/(8 * 8)], *res;-
408 size_t mask;-
409 union {-
410 bn_addsub_f f;-
411 size_t p;-
412 } u;-
413 static const BIGNUM _bignum_nist_p_256_sqr = {-
414 (unsigned long *)_nist_p_256_sqr,-
415 (sizeof(_nist_p_256_sqr)/sizeof((_nist_p_256_sqr)[0])),-
416 (sizeof(_nist_p_256_sqr)/sizeof((_nist_p_256_sqr)[0])),-
417 0, 0x02-
418 };-
419-
420 field = &_bignum_nist_p_256;-
421-
422 if (BN_is_negative(a)
BN_is_negative(a)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_256_sqr) >= 0
BN_ucmp(a, &_b..._256_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
423 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
424-
425 i = BN_ucmp(field, a);-
426 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
427 (BN_set_word((r),0));-
428 return
never executed: return 1;
 1;
never executed: return 1;
0
429 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
430 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
431 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
432 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
433-
434 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
435 if (!bn_wexpand(r, (256+(8 * 8)-1)/(8 * 8))
!bn_wexpand(r,...8)-1)/(8 * 8))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
436 return
never executed: return 0;
 0;
never executed: return 0;
0
437 r_d = r->d;-
438 nist_cp_bn(r_d, a_d, (256+(8 * 8)-1)/(8 * 8));-
439 }
never executed: end of block
 else		0
440 r_d = a_d;
never executed: r_d = a_d;
0
441-
442 nist_cp_bn_0(buf.bn, a_d + (256+(8 * 8)-1)/(8 * 8), top - (256+(8 * 8)-1)/(8 * 8),-
443 (256+(8 * 8)-1)/(8 * 8));-
444-
445-
446 {-
447 long long acc;-
448 unsigned int *rp = (unsigned int *)r_d;-
449 const unsigned int *bp = (const unsigned int *)buf.ui;-
450-
451 acc = rp[0];-
452 acc += bp[8 - 8];-
453 acc += bp[9 - 8];-
454 acc -= bp[11 - 8];-
455 acc -= bp[12 - 8];-
456 acc -= bp[13 - 8];-
457 acc -= bp[14 - 8];-
458 rp[0] = (unsigned int)acc;-
459 acc >>= 32;-
460-
461 acc += rp[1];-
462 acc += bp[9 - 8];-
463 acc += bp[10 - 8];-
464 acc -= bp[12 - 8];-
465 acc -= bp[13 - 8];-
466 acc -= bp[14 - 8];-
467 acc -= bp[15 - 8];-
468 rp[1] = (unsigned int)acc;-
469 acc >>= 32;-
470-
471 acc += rp[2];-
472 acc += bp[10 - 8];-
473 acc += bp[11 - 8];-
474 acc -= bp[13 - 8];-
475 acc -= bp[14 - 8];-
476 acc -= bp[15 - 8];-
477 rp[2] = (unsigned int)acc;-
478 acc >>= 32;-
479-
480 acc += rp[3];-
481 acc += bp[11 - 8];-
482 acc += bp[11 - 8];-
483 acc += bp[12 - 8];-
484 acc += bp[12 - 8];-
485 acc += bp[13 - 8];-
486 acc -= bp[15 - 8];-
487 acc -= bp[8 - 8];-
488 acc -= bp[9 - 8];-
489 rp[3] = (unsigned int)acc;-
490 acc >>= 32;-
491-
492 acc += rp[4];-
493 acc += bp[12 - 8];-
494 acc += bp[12 - 8];-
495 acc += bp[13 - 8];-
496 acc += bp[13 - 8];-
497 acc += bp[14 - 8];-
498 acc -= bp[9 - 8];-
499 acc -= bp[10 - 8];-
500 rp[4] = (unsigned int)acc;-
501 acc >>= 32;-
502-
503 acc += rp[5];-
504 acc += bp[13 - 8];-
505 acc += bp[13 - 8];-
506 acc += bp[14 - 8];-
507 acc += bp[14 - 8];-
508 acc += bp[15 - 8];-
509 acc -= bp[10 - 8];-
510 acc -= bp[11 - 8];-
511 rp[5] = (unsigned int)acc;-
512 acc >>= 32;-
513-
514 acc += rp[6];-
515 acc += bp[14 - 8];-
516 acc += bp[14 - 8];-
517 acc += bp[15 - 8];-
518 acc += bp[15 - 8];-
519 acc += bp[14 - 8];-
520 acc += bp[13 - 8];-
521 acc -= bp[8 - 8];-
522 acc -= bp[9 - 8];-
523 rp[6] = (unsigned int)acc;-
524 acc >>= 32;-
525-
526 acc += rp[7];-
527 acc += bp[15 - 8];-
528 acc += bp[15 - 8];-
529 acc += bp[15 - 8];-
530 acc += bp[8 - 8];-
531 acc -= bp[10 - 8];-
532 acc -= bp[11 - 8];-
533 acc -= bp[12 - 8];-
534 acc -= bp[13 - 8];-
535 rp[7] = (unsigned int)acc;-
536-
537 carry = (int)(acc >> 32);-
538 }-
539 u.f = bn_sub_words;-
540 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
541 carry =
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1], (256+(8 * 8)-1)/(8 * 8));
0
542 (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1], (256+(8 * 8)-1)/(8 * 8));
0
543 (256+(8 * 8)-1)/(8 * 8));
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1], (256+(8 * 8)-1)/(8 * 8));
0
544 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
545 carry =-
546 (int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],-
547 (256+(8 * 8)-1)/(8 * 8));-
548 mask = 0 - (size_t) carry;-
549 u.p = ((size_t) bn_sub_words & mask) |-
550 ((size_t) bn_add_words & ~mask);-
551 }
never executed: end of block
 else		0
552 carry = 1;
never executed: carry = 1;
0
553-
554 mask =-
555 0 - (size_t) (*u.f) (c_d, r_d, _nist_p_256[0], (256+(8 * 8)-1)/(8 * 8));-
556 mask &= 0 - (size_t) carry;-
557 res = c_d;-
558 res = (unsigned long *)(((size_t) res & ~mask) |-
559 ((size_t) r_d & mask));-
560 nist_cp_bn(r_d, res, (256+(8 * 8)-1)/(8 * 8));-
561 r->top = (256+(8 * 8)-1)/(8 * 8);-
562 bn_correct_top(r);-
563-
564 return
never executed: return 1;
 1;
never executed: return 1;
0
565}-
566int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,-
567 BN_CTX *ctx)-
568{-
569 int i, top = a->top;-
570 int carry = 0;-
571 register unsigned long *r_d, *a_d = a->d;-
572 union {-
573 unsigned long bn[(384+(8 * 8)-1)/(8 * 8)];-
574 unsigned int ui[(384+(8 * 8)-1)/(8 * 8) * sizeof(unsigned long) /-
575 sizeof(unsigned int)];-
576 } buf;-
577 unsigned long c_d[(384+(8 * 8)-1)/(8 * 8)], *res;-
578 size_t mask;-
579 union {-
580 bn_addsub_f f;-
581 size_t p;-
582 } u;-
583 static const BIGNUM _bignum_nist_p_384_sqr = {-
584 (unsigned long *)_nist_p_384_sqr,-
585 (sizeof(_nist_p_384_sqr)/sizeof((_nist_p_384_sqr)[0])),-
586 (sizeof(_nist_p_384_sqr)/sizeof((_nist_p_384_sqr)[0])),-
587 0, 0x02-
588 };-
589-
590 field = &_bignum_nist_p_384;-
591-
592 if (BN_is_negative(a)
BN_is_negative(a)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_384_sqr) >= 0
BN_ucmp(a, &_b..._384_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
593 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
594-
595 i = BN_ucmp(field, a);-
596 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
597 (BN_set_word((r),0));-
598 return
never executed: return 1;
 1;
never executed: return 1;
0
599 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
600 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
601 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
602 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
603-
604 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
605 if (!bn_wexpand(r, (384+(8 * 8)-1)/(8 * 8))
!bn_wexpand(r,...8)-1)/(8 * 8))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
606 return
never executed: return 0;
 0;
never executed: return 0;
0
607 r_d = r->d;-
608 nist_cp_bn(r_d, a_d, (384+(8 * 8)-1)/(8 * 8));-
609 }
never executed: end of block
 else		0
610 r_d = a_d;
never executed: r_d = a_d;
0
611-
612 nist_cp_bn_0(buf.bn, a_d + (384+(8 * 8)-1)/(8 * 8), top - (384+(8 * 8)-1)/(8 * 8),-
613 (384+(8 * 8)-1)/(8 * 8));-
614-
615-
616 {-
617 long long acc;-
618 unsigned int *rp = (unsigned int *)r_d;-
619 const unsigned int *bp = (const unsigned int *)buf.ui;-
620-
621 acc = rp[0];-
622 acc += bp[12 - 12];-
623 acc += bp[21 - 12];-
624 acc += bp[20 - 12];-
625 acc -= bp[23 - 12];-
626 rp[0] = (unsigned int)acc;-
627 acc >>= 32;-
628-
629 acc += rp[1];-
630 acc += bp[13 - 12];-
631 acc += bp[22 - 12];-
632 acc += bp[23 - 12];-
633 acc -= bp[12 - 12];-
634 acc -= bp[20 - 12];-
635 rp[1] = (unsigned int)acc;-
636 acc >>= 32;-
637-
638 acc += rp[2];-
639 acc += bp[14 - 12];-
640 acc += bp[23 - 12];-
641 acc -= bp[13 - 12];-
642 acc -= bp[21 - 12];-
643 rp[2] = (unsigned int)acc;-
644 acc >>= 32;-
645-
646 acc += rp[3];-
647 acc += bp[15 - 12];-
648 acc += bp[12 - 12];-
649 acc += bp[20 - 12];-
650 acc += bp[21 - 12];-
651 acc -= bp[14 - 12];-
652 acc -= bp[22 - 12];-
653 acc -= bp[23 - 12];-
654 rp[3] = (unsigned int)acc;-
655 acc >>= 32;-
656-
657 acc += rp[4];-
658 acc += bp[21 - 12];-
659 acc += bp[21 - 12];-
660 acc += bp[16 - 12];-
661 acc += bp[13 - 12];-
662 acc += bp[12 - 12];-
663 acc += bp[20 - 12];-
664 acc += bp[22 - 12];-
665 acc -= bp[15 - 12];-
666 acc -= bp[23 - 12];-
667 acc -= bp[23 - 12];-
668 rp[4] = (unsigned int)acc;-
669 acc >>= 32;-
670-
671 acc += rp[5];-
672 acc += bp[22 - 12];-
673 acc += bp[22 - 12];-
674 acc += bp[17 - 12];-
675 acc += bp[14 - 12];-
676 acc += bp[13 - 12];-
677 acc += bp[21 - 12];-
678 acc += bp[23 - 12];-
679 acc -= bp[16 - 12];-
680 rp[5] = (unsigned int)acc;-
681 acc >>= 32;-
682-
683 acc += rp[6];-
684 acc += bp[23 - 12];-
685 acc += bp[23 - 12];-
686 acc += bp[18 - 12];-
687 acc += bp[15 - 12];-
688 acc += bp[14 - 12];-
689 acc += bp[22 - 12];-
690 acc -= bp[17 - 12];-
691 rp[6] = (unsigned int)acc;-
692 acc >>= 32;-
693-
694 acc += rp[7];-
695 acc += bp[19 - 12];-
696 acc += bp[16 - 12];-
697 acc += bp[15 - 12];-
698 acc += bp[23 - 12];-
699 acc -= bp[18 - 12];-
700 rp[7] = (unsigned int)acc;-
701 acc >>= 32;-
702-
703 acc += rp[8];-
704 acc += bp[20 - 12];-
705 acc += bp[17 - 12];-
706 acc += bp[16 - 12];-
707 acc -= bp[19 - 12];-
708 rp[8] = (unsigned int)acc;-
709 acc >>= 32;-
710-
711 acc += rp[9];-
712 acc += bp[21 - 12];-
713 acc += bp[18 - 12];-
714 acc += bp[17 - 12];-
715 acc -= bp[20 - 12];-
716 rp[9] = (unsigned int)acc;-
717 acc >>= 32;-
718-
719 acc += rp[10];-
720 acc += bp[22 - 12];-
721 acc += bp[19 - 12];-
722 acc += bp[18 - 12];-
723 acc -= bp[21 - 12];-
724 rp[10] = (unsigned int)acc;-
725 acc >>= 32;-
726-
727 acc += rp[11];-
728 acc += bp[23 - 12];-
729 acc += bp[20 - 12];-
730 acc += bp[19 - 12];-
731 acc -= bp[22 - 12];-
732 rp[11] = (unsigned int)acc;-
733-
734 carry = (int)(acc >> 32);-
735 }-
736 u.f = bn_sub_words;-
737 if (carry > 0
carry > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
738 carry =
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1], (384+(8 * 8)-1)/(8 * 8));
0
739 (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1],
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1], (384+(8 * 8)-1)/(8 * 8));
0
740 (384+(8 * 8)-1)/(8 * 8));
never executed: carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1], (384+(8 * 8)-1)/(8 * 8));
0
741 else if (carry < 0
carry < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
742 carry =-
743 (int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],-
744 (384+(8 * 8)-1)/(8 * 8));-
745 mask = 0 - (size_t) carry;-
746 u.p = ((size_t) bn_sub_words & mask) |-
747 ((size_t) bn_add_words & ~mask);-
748 }
never executed: end of block
 else		0
749 carry = 1;
never executed: carry = 1;
0
750-
751 mask =-
752 0 - (size_t) (*u.f) (c_d, r_d, _nist_p_384[0], (384+(8 * 8)-1)/(8 * 8));-
753 mask &= 0 - (size_t) carry;-
754 res = c_d;-
755 res = (unsigned long *)(((size_t) res & ~mask) |-
756 ((size_t) r_d & mask));-
757 nist_cp_bn(r_d, res, (384+(8 * 8)-1)/(8 * 8));-
758 r->top = (384+(8 * 8)-1)/(8 * 8);-
759 bn_correct_top(r);-
760-
761 return
never executed: return 1;
 1;
never executed: return 1;
0
762}-
763-
764-
765-
766-
767-
768int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,-
769 BN_CTX *ctx)-
770{-
771 int top = a->top, i;-
772 unsigned long *r_d, *a_d = a->d, t_d[(521+(8 * 8)-1)/(8 * 8)], val, tmp, *res;-
773 size_t mask;-
774 static const BIGNUM _bignum_nist_p_521_sqr = {-
775 (unsigned long *)_nist_p_521_sqr,-
776 (sizeof(_nist_p_521_sqr)/sizeof((_nist_p_521_sqr)[0])),-
777 (sizeof(_nist_p_521_sqr)/sizeof((_nist_p_521_sqr)[0])),-
778 0, 0x02-
779 };-
780-
781 field = &_bignum_nist_p_521;-
782-
783 if (BN_is_negative(a)
BN_is_negative(a)Description
TRUEnever evaluated
FALSEnever evaluated
 || BN_ucmp(a, &_bignum_nist_p_521_sqr) >= 0
BN_ucmp(a, &_b..._521_sqr) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
784 return
never executed: return BN_nnmod(r, a, field, ctx);
 BN_nnmod(r, a, field, ctx);
never executed: return BN_nnmod(r, a, field, ctx);
0
785-
786 i = BN_ucmp(field, a);-
787 if (i == 0
i == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
788 (BN_set_word((r),0));-
789 return
never executed: return 1;
 1;
never executed: return 1;
0
790 } else if (i > 0
i > 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
791 return
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
 (
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
r == a)
(r == a)Description
TRUEnever evaluated
FALSEnever evaluated
 ? 1 : (BN_copy(r, a) !=
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
792 ((void *)0)
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
793 );
never executed: return (r == a) ? 1 : (BN_copy(r, a) != ((void *)0) );
0
794-
795 if (r != a
r != aDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
796 if (!bn_wexpand(r, (521+(8 * 8)-1)/(8 * 8))
!bn_wexpand(r,...8)-1)/(8 * 8))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
797 return
never executed: return 0;
 0;
never executed: return 0;
0
798 r_d = r->d;-
799 nist_cp_bn(r_d, a_d, (521+(8 * 8)-1)/(8 * 8));-
800 }
never executed: end of block
 else		0
801 r_d = a_d;
never executed: r_d = a_d;
0
802-
803-
804 nist_cp_bn_0(t_d, a_d + ((521+(8 * 8)-1)/(8 * 8) - 1),-
805 top - ((521+(8 * 8)-1)/(8 * 8) - 1), (521+(8 * 8)-1)/(8 * 8));-
806-
807 for (val = t_d[0], i = 0; i < (521+(8 * 8)-1)/(8 * 8) - 1
i < (521+(8 * ...1)/(8 * 8) - 1Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
808 t_d[i] = (val >> (521%(8 * 8)) |-
809 (tmp = t_d[i + 1]) << ((8 * 8)-(521%(8 * 8)))) & (0xffffffffffffffffL);-
810 val = tmp;-
811-
812 }
never executed: end of block
0
813 t_d[i] = val >> (521%(8 * 8));-
814-
815 r_d[i] &= ((unsigned long)(0xffffffffffffffffL)>>((8 * 8)-(521%(8 * 8))));-
816-
817 bn_add_words(r_d, r_d, t_d, (521+(8 * 8)-1)/(8 * 8));-
818 mask =-
819 0 - (size_t) bn_sub_words(t_d, r_d, _nist_p_521,-
820 (521+(8 * 8)-1)/(8 * 8));-
821 res = t_d;-
822 res = (unsigned long *)(((size_t) res & ~mask) |-
823 ((size_t) r_d & mask));-
824 nist_cp_bn(r_d, res, (521+(8 * 8)-1)/(8 * 8));-
825 r->top = (521+(8 * 8)-1)/(8 * 8);-
826 bn_correct_top(r);-
827-
828 return
never executed: return 1;
 1;
never executed: return 1;
0
829}-
830-
831int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,-
832 const BIGNUM *field, BN_CTX *ctx) {-
833 if (BN_ucmp(&_bignum_nist_p_192, p) == 0
BN_ucmp(&_bign...p_192, p) == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
834 return
never executed: return BN_nist_mod_192;
 BN_nist_mod_192;
never executed: return BN_nist_mod_192;
0
835 if (BN_ucmp(&_bignum_nist_p_224, p) == 0
BN_ucmp(&_bign...p_224, p) == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
836 return
never executed: return BN_nist_mod_224;
 BN_nist_mod_224;
never executed: return BN_nist_mod_224;
0
837 if (BN_ucmp(&_bignum_nist_p_256, p) == 0
BN_ucmp(&_bign...p_256, p) == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
838 return
never executed: return BN_nist_mod_256;
 BN_nist_mod_256;
never executed: return BN_nist_mod_256;
0
839 if (BN_ucmp(&_bignum_nist_p_384, p) == 0
BN_ucmp(&_bign...p_384, p) == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
840 return
never executed: return BN_nist_mod_384;
 BN_nist_mod_384;
never executed: return BN_nist_mod_384;
0
841 if (BN_ucmp(&_bignum_nist_p_521, p) == 0
BN_ucmp(&_bign...p_521, p) == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
842 return
never executed: return BN_nist_mod_521;
 BN_nist_mod_521;
never executed: return BN_nist_mod_521;
0
843 return
never executed: return 0;
 0;
never executed: return 0;
0
844}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2