diff options
author | wtc%netscape.com <devnull@localhost> | 2002-03-23 15:43:34 +0000 |
---|---|---|
committer | wtc%netscape.com <devnull@localhost> | 2002-03-23 15:43:34 +0000 |
commit | a75192a4b828b8a83994a16349e0a7446f45061a (patch) | |
tree | dcab78fa1c0ad0c9475bfce023ed0c886274100c /security/nss/lib/freebl | |
parent | 2b82c56c5f9859cc5dd481a858c7643f18e37bb0 (diff) | |
parent | f085c7e5bba3e4198cade3778a90e4fdcf490581 (diff) | |
download | nss-hg-a75192a4b828b8a83994a16349e0a7446f45061a.tar.gz |
Bugzilla bug 131427: added softkver.c to softoken Mac build. Set
MWFTP_Post_password to null value to reduce the noise in diffs.
Diffstat (limited to 'security/nss/lib/freebl')
155 files changed, 59783 insertions, 0 deletions
diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile new file mode 100644 index 000000000..eaaff9658 --- /dev/null +++ b/security/nss/lib/freebl/Makefile @@ -0,0 +1,313 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +-include config.mk + +ifdef USE_64 + DEFINES += -DNSS_USE_64 +endif + +ifdef USE_HYBRID + DEFINES += -DNSS_USE_HYBRID +endif + +# des.c wants _X86_ defined for intel CPUs. +# coreconf does this for windows, but not for Linux, FreeBSD, etc. +ifeq ($(CPU_ARCH),x86) +ifneq (,$(filter-out WIN%,$(OS_TARGET))) + OS_REL_CFLAGS += -D_X86_ +endif +endif + +ifeq ($(OS_TARGET),OSF1) + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD + MPI_SRCS += mpvalpha.c +endif + +ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) #omits WIN16 and WINCE + ASFILES = mpi_x86.asm + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +endif + +ifeq ($(OS_TARGET),WINCE) + DEFINES += -DMP_ARGCHK=0 # no assert in WinCE +endif + +ifdef XP_OS2_VACPP + ASFILES = mpi_x86.asm + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD +endif + +ifeq ($(OS_TARGET),IRIX) +ifeq ($(USE_N32),1) + ASFILES = mpi_mips.s +ifeq ($(NS_USE_GCC),1) + ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3 +else + ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 +endif + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE + DEFINES += -DMP_USE_UINT_DIGIT +else +endif +endif + +ifeq ($(OS_TARGET),Linux) +ifeq ($(CPU_ARCH),x86) + ASFILES = mpi_x86.s + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +endif +endif + +ifeq ($(OS_TARGET),AIX) +DEFINES += -DMP_USE_UINT_DIGIT +ifndef USE_64 +DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD +endif +endif + +ifeq ($(OS_TARGET), HP-UX) +MKSHLIB += +k +vshlibunsats -u FREEBL_GetVector +e FREEBL_GetVector +ifndef FREEBL_EXTENDED_BUILD +ifdef USE_PURE_32 +# build for DA1.1 (HP PA 1.1) pure 32 bit model + DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD +else +ifdef USE_64 +# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 32-bit digits + MPI_SRCS += mpi_hp.c + ASFILES += hpma512.s hppa20.s + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE +else +# this builds for DA2.0 (HP PA 2.0 Narrow) hybrid model +# (the 32-bit ABI with 64-bit registers) using 32-bit digits + MPI_SRCS += mpi_hp.c + ASFILES += hpma512.s hppa20.s + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE +# This is done in coreconf by defining USE_LONG_LONGS +# OS_CFLAGS += -Aa +e +DA2.0 +DS2.0 +endif +endif +endif +endif + +# Note: -xarch=v8 or v9 is now done in coreconf +ifeq ($(OS_TARGET),SunOS) +ifeq ($(CPU_ARCH),sparc) +ifndef NS_USE_GCC +ifdef USE_HYBRID + OS_CFLAGS += -xchip=ultra2 +endif +endif +ifeq (5.5.1,$(firstword $(sort 5.5.1 $(OS_RELEASE)))) + SYSV_SPARC = 1 +endif +ifeq ($(SYSV_SPARC),1) +SOLARIS_AS = /usr/ccs/bin/as +ifdef NS_USE_GCC +LD = gcc +DSO_LDOPTS += -shared -Wl,-B,symbolic,-z,defs,-z,now,-z,text,-M,mapfile.Solaris +else +MKSHLIB += -B symbolic -z defs -z now -z text -M mapfile.Solaris +endif +ifdef USE_PURE_32 +# this builds for Sparc v8 pure 32-bit architecture + DEFINES += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD +else +ifdef USE_64 +# this builds for Sparc v9a pure 64-bit architecture + MPI_SRCS += mpi_sparc.c + ASFILES = mpv_sparcv9.s montmulfv9.s + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF + DEFINES += -DMP_USE_UINT_DIGIT +# MPI_SRCS += mpv_sparc.c +# removed -xdepend from the following line + SOLARIS_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt + SOLARIS_AS_FLAGS = -xarch=v9a -K PIC +else +# this builds for Sparc v8+a hybrid architecture, 64-bit registers, 32-bit ABI + MPI_SRCS += mpi_sparc.c + ASFILES = mpv_sparcv8.s montmulfv8.s + DEFINES += -DMP_NO_MP_WORD -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF + DEFINES += -DMP_USE_UINT_DIGIT + SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC +# ASM_SUFFIX = .S +endif +endif +endif +else +# Solaris x86 + DEFINES += -DMP_USE_UINT_DIGIT + DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D + ASFILES = mpi_i86pc.s +ifdef NS_USE_GCC + LD = gcc + AS = gcc + ASFLAGS = +endif + +endif +endif + + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +export:: private_export + +rijndael_tables: + $(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \ + $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a + $(OBJDIR)/make_rijndael_tab + +ifdef MOZILLA_BSAFE_BUILD + +private_export:: +ifeq (,$(filter-out WIN%,$(OS_TARGET))) + rm -f $(DIST)/lib/bsafe$(BSAFEVER).lib +endif + $(NSINSTALL) -R $(BSAFEPATH) $(DIST)/lib +endif + +ifdef USE_PURE_32 +vpath %.h $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT) +vpath %.c $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT) +vpath %.S $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT) +vpath %.s $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT) +vpath %.asm $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT) +INCLUDES += -I$(FREEBL_PARENT) -I$(FREEBL_PARENT)/mpi +else +vpath %.h mpi +vpath %.c mpi +vpath %.S mpi +vpath %.s mpi +vpath %.asm mpi +INCLUDES += -Impi +endif + + +DEFINES += -DMP_API_COMPATIBLE + +MPI_USERS = dh.c pqg.c dsa.c rsa.c + +MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX))) +MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX))) + +$(MPI_OBJS): $(MPI_HDRS) + +$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c + +$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h + +ifeq ($(SYSV_SPARC),1) + +$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s + @$(MAKE_OBJDIR) + $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< + +$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s + @$(MAKE_OBJDIR) + $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< + +$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h + +endif + +ifdef FREEBL_EXTENDED_BUILD + +PURE32DIR = $(OBJDIR)/$(OS_TARGET)pure32 +ALL_TRASH += $(PURE32DIR) + +FILES2LN = \ + $(wildcard *.tab) \ + $(wildcard mapfile.*) \ + Makefile manifest.mn config.mk + +LINKEDFILES = $(addprefix $(PURE32DIR)/, $(FILES2LN)) + +CDDIR := $(shell pwd) + +$(PURE32DIR): + -mkdir $(PURE32DIR) + -ln -s $(CDDIR)/mpi $(PURE32DIR) + +$(LINKEDFILES) : $(PURE32DIR)/% : % + ln -s $(CDDIR)/$* $(PURE32DIR) + +libs:: + $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 libs + +libs:: $(PURE32DIR) $(LINKEDFILES) + cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) libs + +release_md:: + $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 $@ + cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) $@ + +endif diff --git a/security/nss/lib/freebl/alg2268.c b/security/nss/lib/freebl/alg2268.c new file mode 100644 index 000000000..af720f733 --- /dev/null +++ b/security/nss/lib/freebl/alg2268.c @@ -0,0 +1,493 @@ +/* + * alg2268.c - implementation of the algorithm in RFC 2268 + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + + +#include "blapi.h" +#include "secerr.h" +#ifdef XP_UNIX_XXX +#include <stddef.h> /* for ptrdiff_t */ +#endif + +/* +** RC2 symmetric block cypher +*/ + +typedef SECStatus (rc2Func)(RC2Context *cx, unsigned char *output, + const unsigned char *input, unsigned int inputLen); + +/* forward declarations */ +static rc2Func rc2_EncryptECB; +static rc2Func rc2_DecryptECB; +static rc2Func rc2_EncryptCBC; +static rc2Func rc2_DecryptCBC; + +typedef union { + PRUint32 l[2]; + PRUint16 s[4]; + PRUint8 b[8]; +} RC2Block; + +struct RC2ContextStr { + union { + PRUint8 Kb[128]; + PRUint16 Kw[64]; + } u; + RC2Block iv; + rc2Func *enc; + rc2Func *dec; +}; + +#define B u.Kb +#define K u.Kw +#define BYTESWAP(x) ((x) << 8 | (x) >> 8) +#define SWAPK(i) cx->K[i] = (tmpS = cx->K[i], BYTESWAP(tmpS)) +#define RC2_BLOCK_SIZE 8 + +#define LOAD_HARD(R) \ + R[0] = (PRUint16)input[1] << 8 | input[0]; \ + R[1] = (PRUint16)input[3] << 8 | input[2]; \ + R[2] = (PRUint16)input[5] << 8 | input[4]; \ + R[3] = (PRUint16)input[7] << 8 | input[6]; +#define LOAD_EASY(R) \ + R[0] = ((PRUint16 *)input)[0]; \ + R[1] = ((PRUint16 *)input)[1]; \ + R[2] = ((PRUint16 *)input)[2]; \ + R[3] = ((PRUint16 *)input)[3]; +#define STORE_HARD(R) \ + output[0] = (PRUint8)(R[0]); output[1] = (PRUint8)(R[0] >> 8); \ + output[2] = (PRUint8)(R[1]); output[3] = (PRUint8)(R[1] >> 8); \ + output[4] = (PRUint8)(R[2]); output[5] = (PRUint8)(R[2] >> 8); \ + output[6] = (PRUint8)(R[3]); output[7] = (PRUint8)(R[3] >> 8); +#define STORE_EASY(R) \ + ((PRUint16 *)output)[0] = R[0]; \ + ((PRUint16 *)output)[1] = R[1]; \ + ((PRUint16 *)output)[2] = R[2]; \ + ((PRUint16 *)output)[3] = R[3]; + +#if defined (_X86_) +#define LOAD(R) LOAD_EASY(R) +#define STORE(R) STORE_EASY(R) +#elif !defined(IS_LITTLE_ENDIAN) +#define LOAD(R) LOAD_HARD(R) +#define STORE(R) STORE_HARD(R) +#else +#define LOAD(R) if ((ptrdiff_t)input & 1) { LOAD_HARD(R) } else { LOAD_EASY(R) } +#define STORE(R) if ((ptrdiff_t)input & 1) { STORE_HARD(R) } else { STORE_EASY(R) } +#endif + +static const PRUint8 S[256] = { +0331,0170,0371,0304,0031,0335,0265,0355,0050,0351,0375,0171,0112,0240,0330,0235, +0306,0176,0067,0203,0053,0166,0123,0216,0142,0114,0144,0210,0104,0213,0373,0242, +0027,0232,0131,0365,0207,0263,0117,0023,0141,0105,0155,0215,0011,0201,0175,0062, +0275,0217,0100,0353,0206,0267,0173,0013,0360,0225,0041,0042,0134,0153,0116,0202, +0124,0326,0145,0223,0316,0140,0262,0034,0163,0126,0300,0024,0247,0214,0361,0334, +0022,0165,0312,0037,0073,0276,0344,0321,0102,0075,0324,0060,0243,0074,0266,0046, +0157,0277,0016,0332,0106,0151,0007,0127,0047,0362,0035,0233,0274,0224,0103,0003, +0370,0021,0307,0366,0220,0357,0076,0347,0006,0303,0325,0057,0310,0146,0036,0327, +0010,0350,0352,0336,0200,0122,0356,0367,0204,0252,0162,0254,0065,0115,0152,0052, +0226,0032,0322,0161,0132,0025,0111,0164,0113,0237,0320,0136,0004,0030,0244,0354, +0302,0340,0101,0156,0017,0121,0313,0314,0044,0221,0257,0120,0241,0364,0160,0071, +0231,0174,0072,0205,0043,0270,0264,0172,0374,0002,0066,0133,0045,0125,0227,0061, +0055,0135,0372,0230,0343,0212,0222,0256,0005,0337,0051,0020,0147,0154,0272,0311, +0323,0000,0346,0317,0341,0236,0250,0054,0143,0026,0001,0077,0130,0342,0211,0251, +0015,0070,0064,0033,0253,0063,0377,0260,0273,0110,0014,0137,0271,0261,0315,0056, +0305,0363,0333,0107,0345,0245,0234,0167,0012,0246,0040,0150,0376,0177,0301,0255 +}; + +/* +** Create a new RC2 context suitable for RC2 encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC) +** "mode" one of NSS_RC2 or NSS_RC2_CBC +** "effectiveKeyLen" in bytes, not bits. +** +** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block +** chaining" mode. +*/ +RC2Context * +RC2_CreateContext(unsigned char *key, unsigned int len, + unsigned char *input, int mode, unsigned efLen8) +{ + RC2Context *cx; + PRUint8 *L,*L2; + int i; +#if !defined(IS_LITTLE_ENDIAN) + PRUint16 tmpS; +#endif + PRUint8 tmpB; + + if (!key || len == 0 || len > (sizeof cx->B) || efLen8 > (sizeof cx->B)) { + return NULL; + } + if (mode == NSS_RC2) { + /* groovy */ + } else if (mode == NSS_RC2_CBC) { + if (!input) { + return NULL; /* not groovy */ + } + } else { + return NULL; + } + + cx = PORT_ZNew(RC2Context); + if (!cx) + return cx; + + if (mode == NSS_RC2_CBC) { + cx->enc = & rc2_EncryptCBC; + cx->dec = & rc2_DecryptCBC; + LOAD(cx->iv.s); + } else { + cx->enc = & rc2_EncryptECB; + cx->dec = & rc2_DecryptECB; + } + + /* Step 0. Copy key into table. */ + memcpy(cx->B, key, len); + + /* Step 1. Compute all values to the right of the key. */ + L2 = cx->B; + L = L2 + len; + tmpB = L[-1]; + for (i = (sizeof cx->B) - len; i > 0; --i) { + *L++ = tmpB = S[ (PRUint8)(tmpB + *L2++) ]; + } + + /* step 2. Adjust left most byte of effective key. */ + i = (sizeof cx->B) - efLen8; + L = cx->B + i; + *L = tmpB = S[*L]; /* mask is always 0xff */ + + /* step 3. Recompute all values to the left of effective key. */ + L2 = --L + efLen8; + while(L >= cx->B) { + *L-- = tmpB = S[ tmpB ^ *L2-- ]; + } + +#if !defined(IS_LITTLE_ENDIAN) + for (i = 63; i >= 0; --i) { + SWAPK(i); /* candidate for unrolling */ + } +#endif + return cx; +} + +/* +** Destroy an RC2 encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +void +RC2_DestroyContext(RC2Context *cx, PRBool freeit) +{ + if (cx) { + memset(cx, 0, sizeof *cx); + if (freeit) { + PORT_Free(cx); + } + } +} + +#define ROL(x,k) (x << k | x >> (16-k)) +#define MIX(j) \ + R0 = R0 + cx->K[ 4*j+0] + (R3 & R2) + (~R3 & R1); R0 = ROL(R0,1);\ + R1 = R1 + cx->K[ 4*j+1] + (R0 & R3) + (~R0 & R2); R1 = ROL(R1,2);\ + R2 = R2 + cx->K[ 4*j+2] + (R1 & R0) + (~R1 & R3); R2 = ROL(R2,3);\ + R3 = R3 + cx->K[ 4*j+3] + (R2 & R1) + (~R2 & R0); R3 = ROL(R3,5) +#define MASH \ + R0 = R0 + cx->K[R3 & 63];\ + R1 = R1 + cx->K[R0 & 63];\ + R2 = R2 + cx->K[R1 & 63];\ + R3 = R3 + cx->K[R2 & 63] + +/* Encrypt one block */ +static void +rc2_Encrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input) +{ + register PRUint16 R0, R1, R2, R3; + + /* step 1. Initialize input. */ + R0 = input->s[0]; + R1 = input->s[1]; + R2 = input->s[2]; + R3 = input->s[3]; + + /* step 2. Expand Key (already done, in context) */ + /* step 3. j = 0 */ + /* step 4. Perform 5 mixing rounds. */ + + MIX(0); + MIX(1); + MIX(2); + MIX(3); + MIX(4); + + /* step 5. Perform 1 mashing round. */ + MASH; + + /* step 6. Perform 6 mixing rounds. */ + + MIX(5); + MIX(6); + MIX(7); + MIX(8); + MIX(9); + MIX(10); + + /* step 7. Perform 1 mashing round. */ + MASH; + + /* step 8. Perform 5 mixing rounds. */ + + MIX(11); + MIX(12); + MIX(13); + MIX(14); + MIX(15); + + /* output results */ + output->s[0] = R0; + output->s[1] = R1; + output->s[2] = R2; + output->s[3] = R3; +} + +#define ROR(x,k) (x >> k | x << (16-k)) +#define R_MIX(j) \ + R3 = ROR(R3,5); R3 = R3 - cx->K[ 4*j+3] - (R2 & R1) - (~R2 & R0); \ + R2 = ROR(R2,3); R2 = R2 - cx->K[ 4*j+2] - (R1 & R0) - (~R1 & R3); \ + R1 = ROR(R1,2); R1 = R1 - cx->K[ 4*j+1] - (R0 & R3) - (~R0 & R2); \ + R0 = ROR(R0,1); R0 = R0 - cx->K[ 4*j+0] - (R3 & R2) - (~R3 & R1) +#define R_MASH \ + R3 = R3 - cx->K[R2 & 63];\ + R2 = R2 - cx->K[R1 & 63];\ + R1 = R1 - cx->K[R0 & 63];\ + R0 = R0 - cx->K[R3 & 63] + +/* Encrypt one block */ +static void +rc2_Decrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input) +{ + register PRUint16 R0, R1, R2, R3; + + /* step 1. Initialize input. */ + R0 = input->s[0]; + R1 = input->s[1]; + R2 = input->s[2]; + R3 = input->s[3]; + + /* step 2. Expand Key (already done, in context) */ + /* step 3. j = 63 */ + /* step 4. Perform 5 r_mixing rounds. */ + R_MIX(15); + R_MIX(14); + R_MIX(13); + R_MIX(12); + R_MIX(11); + + /* step 5. Perform 1 r_mashing round. */ + R_MASH; + + /* step 6. Perform 6 r_mixing rounds. */ + R_MIX(10); + R_MIX(9); + R_MIX(8); + R_MIX(7); + R_MIX(6); + R_MIX(5); + + /* step 7. Perform 1 r_mashing round. */ + R_MASH; + + /* step 8. Perform 5 r_mixing rounds. */ + R_MIX(4); + R_MIX(3); + R_MIX(2); + R_MIX(1); + R_MIX(0); + + /* output results */ + output->s[0] = R0; + output->s[1] = R1; + output->s[2] = R2; + output->s[3] = R3; +} + +static SECStatus +rc2_EncryptECB(RC2Context *cx, unsigned char *output, + const unsigned char *input, unsigned int inputLen) +{ + RC2Block iBlock; + + while (inputLen > 0) { + LOAD(iBlock.s) + rc2_Encrypt1Block(cx, &iBlock, &iBlock); + STORE(iBlock.s) + output += RC2_BLOCK_SIZE; + input += RC2_BLOCK_SIZE; + inputLen -= RC2_BLOCK_SIZE; + } + return SECSuccess; +} + +static SECStatus +rc2_DecryptECB(RC2Context *cx, unsigned char *output, + const unsigned char *input, unsigned int inputLen) +{ + RC2Block iBlock; + + while (inputLen > 0) { + LOAD(iBlock.s) + rc2_Decrypt1Block(cx, &iBlock, &iBlock); + STORE(iBlock.s) + output += RC2_BLOCK_SIZE; + input += RC2_BLOCK_SIZE; + inputLen -= RC2_BLOCK_SIZE; + } + return SECSuccess; +} + +static SECStatus +rc2_EncryptCBC(RC2Context *cx, unsigned char *output, + const unsigned char *input, unsigned int inputLen) +{ + RC2Block iBlock; + + while (inputLen > 0) { + + LOAD(iBlock.s) + iBlock.l[0] ^= cx->iv.l[0]; + iBlock.l[1] ^= cx->iv.l[1]; + rc2_Encrypt1Block(cx, &iBlock, &iBlock); + cx->iv = iBlock; + STORE(iBlock.s) + output += RC2_BLOCK_SIZE; + input += RC2_BLOCK_SIZE; + inputLen -= RC2_BLOCK_SIZE; + } + return SECSuccess; +} + +static SECStatus +rc2_DecryptCBC(RC2Context *cx, unsigned char *output, + const unsigned char *input, unsigned int inputLen) +{ + RC2Block iBlock; + RC2Block oBlock; + + while (inputLen > 0) { + LOAD(iBlock.s) + rc2_Decrypt1Block(cx, &oBlock, &iBlock); + oBlock.l[0] ^= cx->iv.l[0]; + oBlock.l[1] ^= cx->iv.l[1]; + cx->iv = iBlock; + STORE(oBlock.s) + output += RC2_BLOCK_SIZE; + input += RC2_BLOCK_SIZE; + inputLen -= RC2_BLOCK_SIZE; + } + return SECSuccess; +} + + +/* +** Perform RC2 encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + SECStatus rv = SECSuccess; + if (inputLen) { + if (inputLen % RC2_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } + rv = (*cx->enc)(cx, output, input, inputLen); + } + if (rv == SECSuccess) { + *outputLen = inputLen; + } + return rv; +} + +/* +** Perform RC2 decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + SECStatus rv = SECSuccess; + if (inputLen) { + if (inputLen % RC2_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } + rv = (*cx->dec)(cx, output, input, inputLen); + } + if (rv == SECSuccess) { + *outputLen = inputLen; + } + return rv; +} + diff --git a/security/nss/lib/freebl/arcfive.c b/security/nss/lib/freebl/arcfive.c new file mode 100644 index 000000000..2ee3f5447 --- /dev/null +++ b/security/nss/lib/freebl/arcfive.c @@ -0,0 +1,114 @@ +/* + * arcfive.c - stubs for RC5 - NOT a working implementation! + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "blapi.h" +#include "prerror.h" + +/******************************************/ +/* +** RC5 symmetric block cypher -- 64-bit block size +*/ + +/* +** Create a new RC5 context suitable for RC5 encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC) +** "mode" one of NSS_RC5 or NSS_RC5_CBC +** +** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block +** chaining" mode. +*/ +RC5Context * +RC5_CreateContext(SECItem *key, unsigned int rounds, + unsigned int wordSize, unsigned char *iv, int mode) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return NULL; +} + +/* +** Destroy an RC5 encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +void +RC5_DestroyContext(RC5Context *cx, PRBool freeit) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); +} + +/* +** Perform RC5 encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +SECStatus +RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +/* +** Perform RC5 decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +SECStatus +RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + diff --git a/security/nss/lib/freebl/arcfour.c b/security/nss/lib/freebl/arcfour.c new file mode 100644 index 000000000..71de64b2d --- /dev/null +++ b/security/nss/lib/freebl/arcfour.c @@ -0,0 +1,562 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" +#include "blapi.h" + +/* Architecture-dependent defines */ + +#if defined(SOLARIS) || defined(HPUX) || defined(i386) || defined(IRIX) +/* Convert the byte-stream to a word-stream */ +#define CONVERT_TO_WORDS +#endif + +#if defined(AIX) || defined(OSF1) +/* Treat array variables as longs, not bytes */ +#define USE_LONG +#endif + +#if defined(NSS_USE_HYBRID) && !defined(SOLARIS) && !defined(NSS_USE_64) +typedef unsigned long long WORD; +#else +typedef unsigned long WORD; +#endif +#define WORDSIZE sizeof(WORD) + +#ifdef USE_LONG +typedef unsigned long Stype; +#else +typedef PRUint8 Stype; +#endif + +#define ARCFOUR_STATE_SIZE 256 + +#define MASK1BYTE (WORD)(0xff) + +#define SWAP(a, b) \ + tmp = a; \ + a = b; \ + b = tmp; + +/* + * State information for stream cipher. + */ +struct RC4ContextStr +{ + Stype S[ARCFOUR_STATE_SIZE]; + PRUint8 i; + PRUint8 j; +}; + +/* + * array indices [0..255] to initialize cx->S array (faster than loop). + */ +static const Stype Kinit[256] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, + 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, + 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, + 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, + 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, + 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, + 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +/* + * Initialize a new generator. + */ +RC4Context * +RC4_CreateContext(unsigned char *key, int len) +{ + int i; + PRUint8 j, tmp; + RC4Context *cx; + PRUint8 K[256]; + PRUint8 *L; + /* verify the key length. */ + PORT_Assert(len > 0 && len < ARCFOUR_STATE_SIZE); + if (len < 0 || len >= ARCFOUR_STATE_SIZE) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + /* Create space for the context. */ + cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + /* Initialize the state using array indices. */ + memcpy(cx->S, Kinit, sizeof cx->S); + /* Fill in K repeatedly with values from key. */ + L = K; + for (i = sizeof K; i > len; i-= len) { + memcpy(L, key, len); + L += len; + } + memcpy(L, key, i); + /* Stir the state of the generator. At this point it is assumed + * that the key is the size of the state buffer. If this is not + * the case, the key bytes are repeated to fill the buffer. + */ + j = 0; +#define ARCFOUR_STATE_STIR(ii) \ + j = j + cx->S[ii] + K[ii]; \ + SWAP(cx->S[ii], cx->S[j]); + for (i=0; i<ARCFOUR_STATE_SIZE; i++) { + ARCFOUR_STATE_STIR(i); + } + cx->i = 0; + cx->j = 0; + return cx; +} + +void +RC4_DestroyContext(RC4Context *cx, PRBool freeit) +{ + if (freeit) + PORT_ZFree(cx, sizeof(*cx)); +} + +/* + * Generate the next byte in the stream. + */ +#define ARCFOUR_NEXT_BYTE() \ + tmpSi = cx->S[++tmpi]; \ + tmpj += tmpSi; \ + tmpSj = cx->S[tmpj]; \ + cx->S[tmpi] = tmpSj; \ + cx->S[tmpj] = tmpSi; \ + t = tmpSi + tmpSj; + +#ifdef CONVERT_TO_WORDS +/* + * Straight RC4 op. No optimization. + */ +static SECStatus +rc4_no_opt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PRUint8 t; + Stype tmpSi, tmpSj; + register PRUint8 tmpi = cx->i; + register PRUint8 tmpj = cx->j; + unsigned int index; + PORT_Assert(maxOutputLen >= inputLen); + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + for (index=0; index < inputLen; index++) { + /* Generate next byte from stream. */ + ARCFOUR_NEXT_BYTE(); + /* output = next stream byte XOR next input byte */ + output[index] = cx->S[t] ^ input[index]; + } + *outputLen = inputLen; + cx->i = tmpi; + cx->j = tmpj; + return SECSuccess; +} +#endif + +#ifndef CONVERT_TO_WORDS +/* + * Byte-at-a-time RC4, unrolling the loop into 8 pieces. + */ +static SECStatus +rc4_unrolled(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PRUint8 t; + Stype tmpSi, tmpSj; + register PRUint8 tmpi = cx->i; + register PRUint8 tmpj = cx->j; + int index; + PORT_Assert(maxOutputLen >= inputLen); + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + for (index = inputLen / 8; index-- > 0; input += 8, output += 8) { + ARCFOUR_NEXT_BYTE(); + output[0] = cx->S[t] ^ input[0]; + ARCFOUR_NEXT_BYTE(); + output[1] = cx->S[t] ^ input[1]; + ARCFOUR_NEXT_BYTE(); + output[2] = cx->S[t] ^ input[2]; + ARCFOUR_NEXT_BYTE(); + output[3] = cx->S[t] ^ input[3]; + ARCFOUR_NEXT_BYTE(); + output[4] = cx->S[t] ^ input[4]; + ARCFOUR_NEXT_BYTE(); + output[5] = cx->S[t] ^ input[5]; + ARCFOUR_NEXT_BYTE(); + output[6] = cx->S[t] ^ input[6]; + ARCFOUR_NEXT_BYTE(); + output[7] = cx->S[t] ^ input[7]; + } + index = inputLen % 8; + if (index) { + input += index; + output += index; + switch (index) { + case 7: + ARCFOUR_NEXT_BYTE(); + output[-7] = cx->S[t] ^ input[-7]; /* FALLTHRU */ + case 6: + ARCFOUR_NEXT_BYTE(); + output[-6] = cx->S[t] ^ input[-6]; /* FALLTHRU */ + case 5: + ARCFOUR_NEXT_BYTE(); + output[-5] = cx->S[t] ^ input[-5]; /* FALLTHRU */ + case 4: + ARCFOUR_NEXT_BYTE(); + output[-4] = cx->S[t] ^ input[-4]; /* FALLTHRU */ + case 3: + ARCFOUR_NEXT_BYTE(); + output[-3] = cx->S[t] ^ input[-3]; /* FALLTHRU */ + case 2: + ARCFOUR_NEXT_BYTE(); + output[-2] = cx->S[t] ^ input[-2]; /* FALLTHRU */ + case 1: + ARCFOUR_NEXT_BYTE(); + output[-1] = cx->S[t] ^ input[-1]; /* FALLTHRU */ + default: + /* FALLTHRU */ + ; /* hp-ux build breaks without this */ + } + } + cx->i = tmpi; + cx->j = tmpj; + *outputLen = inputLen; + return SECSuccess; +} +#endif + +#ifdef IS_LITTLE_ENDIAN +#define ARCFOUR_NEXT4BYTES_L(n) \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n ); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 8); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24); +#else +#define ARCFOUR_NEXT4BYTES_B(n) \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 8); \ + ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n ); +#endif + +#if (defined(NSS_USE_HYBRID) && !defined(SOLARIS)) || defined(NSS_USE_64) +/* 64-bit wordsize */ +#ifdef IS_LITTLE_ENDIAN +#define ARCFOUR_NEXT_WORD() \ + { streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); ARCFOUR_NEXT4BYTES_L(32); } +#else +#define ARCFOUR_NEXT_WORD() \ + { streamWord = 0; ARCFOUR_NEXT4BYTES_B(32); ARCFOUR_NEXT4BYTES_B(0); } +#endif +#else +/* 32-bit wordsize */ +#ifdef IS_LITTLE_ENDIAN +#define ARCFOUR_NEXT_WORD() \ + { streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); } +#else +#define ARCFOUR_NEXT_WORD() \ + { streamWord = 0; ARCFOUR_NEXT4BYTES_B(0); } +#endif +#endif + +#ifdef IS_LITTLE_ENDIAN +#define RSH << +#define LSH >> +#else +#define RSH >> +#define LSH << +#endif + +#ifdef CONVERT_TO_WORDS +/* + * Convert input and output buffers to words before performing + * RC4 operations. + */ +static SECStatus +rc4_wordconv(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + ptrdiff_t inOffset = (ptrdiff_t)input % WORDSIZE; + ptrdiff_t outOffset = (ptrdiff_t)output % WORDSIZE; + register WORD streamWord, mask; + register WORD *pInWord, *pOutWord; + register WORD inWord, nextInWord; + PRUint8 t; + register Stype tmpSi, tmpSj; + register PRUint8 tmpi = cx->i; + register PRUint8 tmpj = cx->j; + unsigned int byteCount; + unsigned int bufShift, invBufShift; + int i; + + PORT_Assert(maxOutputLen >= inputLen); + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (inputLen < 2*WORDSIZE) { + /* Ignore word conversion, do byte-at-a-time */ + return rc4_no_opt(cx, output, outputLen, maxOutputLen, input, inputLen); + } + *outputLen = inputLen; + pInWord = (WORD *)(input - inOffset); + if (inOffset < outOffset) { + bufShift = 8*(outOffset - inOffset); + invBufShift = 8*WORDSIZE - bufShift; + } else { + invBufShift = 8*(inOffset - outOffset); + bufShift = 8*WORDSIZE - invBufShift; + } + /*****************************************************************/ + /* Step 1: */ + /* If the first output word is partial, consume the bytes in the */ + /* first partial output word by loading one or two words of */ + /* input and shifting them accordingly. Otherwise, just load */ + /* in the first word of input. At the end of this block, at */ + /* least one partial word of input should ALWAYS be loaded. */ + /*****************************************************************/ + if (outOffset) { + /* Generate input and stream words aligned relative to the + * partial output buffer. + */ + byteCount = WORDSIZE - outOffset; + pOutWord = (WORD *)(output - outOffset); + mask = streamWord = 0; +#ifdef IS_LITTLE_ENDIAN + for (i = WORDSIZE - byteCount; i < WORDSIZE; i++) { +#else + for (i = byteCount - 1; i >= 0; --i) { +#endif + ARCFOUR_NEXT_BYTE(); + streamWord |= (WORD)(cx->S[t]) << 8*i; + mask |= MASK1BYTE << 8*i; + } /* } */ + inWord = *pInWord++; + /* If buffers are relatively misaligned, shift the bytes in inWord + * to be aligned to the output buffer. + */ + nextInWord = 0; + if (inOffset < outOffset) { + /* Have more bytes than needed, shift remainder into nextInWord */ + nextInWord = inWord LSH 8*(inOffset + byteCount); + inWord = inWord RSH bufShift; + } else if (inOffset > outOffset) { + /* Didn't get enough bytes from current input word, load another + * word and then shift remainder into nextInWord. + */ + nextInWord = *pInWord++; + inWord = (inWord LSH invBufShift) | + (nextInWord RSH bufShift); + nextInWord = nextInWord LSH invBufShift; + } + /* Store output of first partial word */ + *pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask); + /* Consumed byteCount bytes of input */ + inputLen -= byteCount; + /* move to next word of output */ + pOutWord++; + /* inWord has been consumed, but there may be bytes in nextInWord */ + inWord = nextInWord; + } else { + /* output is word-aligned */ + pOutWord = (WORD *)output; + if (inOffset) { + /* Input is not word-aligned. The first word load of input + * will not produce a full word of input bytes, so one word + * must be pre-loaded. The main loop below will load in the + * next input word and shift some of its bytes into inWord + * in order to create a full input word. Note that the main + * loop must execute at least once because the input must + * be at least two words. + */ + inWord = *pInWord++; + inWord = inWord LSH invBufShift; + } else { + /* Input is word-aligned. The first word load of input + * will produce a full word of input bytes, so nothing + * needs to be loaded here. + */ + inWord = 0; + } + } + /* Output buffer is aligned, inOffset is now measured relative to + * outOffset (and not a word boundary). + */ + inOffset = (inOffset + WORDSIZE - outOffset) % WORDSIZE; + /*****************************************************************/ + /* Step 2: main loop */ + /* At this point the output buffer is word-aligned. Any unused */ + /* bytes from above will be in inWord (shifted correctly). If */ + /* the input buffer is unaligned relative to the output buffer, */ + /* shifting has to be done. */ + /*****************************************************************/ + if (inOffset) { + for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) { + nextInWord = *pInWord++; + inWord |= nextInWord RSH bufShift; + nextInWord = nextInWord LSH invBufShift; + ARCFOUR_NEXT_WORD(); + *pOutWord++ = inWord ^ streamWord; + inWord = nextInWord; + } + if (inputLen == 0) { + /* Nothing left to do. */ + cx->i = tmpi; + cx->j = tmpj; + return SECSuccess; + } + /* If the amount of remaining input is greater than the amount + * bytes pulled from the current input word, need to do another + * word load. What's left in inWord will be consumed in step 3. + */ + if (inputLen > WORDSIZE - inOffset) + inWord |= *pInWord RSH bufShift; + } else { + for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) { + inWord = *pInWord++; + ARCFOUR_NEXT_WORD(); + *pOutWord++ = inWord ^ streamWord; + } + if (inputLen == 0) { + /* Nothing left to do. */ + cx->i = tmpi; + cx->j = tmpj; + return SECSuccess; + } else { + /* A partial input word remains at the tail. Load it. The + * relevant bytes will be consumed in step 3. + */ + inWord = *pInWord; + } + } + /*****************************************************************/ + /* Step 3: */ + /* A partial word of input remains, and it is already loaded */ + /* into nextInWord. Shift appropriately and consume the bytes */ + /* used in the partial word. */ + /*****************************************************************/ + mask = streamWord = 0; +#ifdef IS_LITTLE_ENDIAN + for (i = 0; i < inputLen; ++i) { +#else + for (i = WORDSIZE - 1; i >= WORDSIZE - inputLen; --i) { +#endif + ARCFOUR_NEXT_BYTE(); + streamWord |= (WORD)(cx->S[t]) << 8*i; + mask |= MASK1BYTE << 8*i; + } /* } */ + *pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask); + cx->i = tmpi; + cx->j = tmpj; + return SECSuccess; +} +#endif + +SECStatus +RC4_Encrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PORT_Assert(maxOutputLen >= inputLen); + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } +#ifdef CONVERT_TO_WORDS + /* Convert the byte-stream to a word-stream */ + return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen); +#else + /* Operate on bytes, but unroll the main loop */ + return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen); +#endif +} + +SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + PORT_Assert(maxOutputLen >= inputLen); + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* decrypt and encrypt are same operation. */ +#ifdef CONVERT_TO_WORDS + /* Convert the byte-stream to a word-stream */ + return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen); +#else + /* Operate on bytes, but unroll the main loop */ + return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen); +#endif +} + +#undef CONVERT_TO_WORDS +#undef USE_LONG diff --git a/security/nss/lib/freebl/blapi.h b/security/nss/lib/freebl/blapi.h new file mode 100644 index 000000000..c41691e5b --- /dev/null +++ b/security/nss/lib/freebl/blapi.h @@ -0,0 +1,814 @@ +/* + * crypto.h - public data structures and prototypes for the crypto library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _BLAPI_H_ +#define _BLAPI_H_ + +#include "blapit.h" + + +SEC_BEGIN_PROTOS + +/* +** RSA encryption/decryption. When encrypting/decrypting the output +** buffer must be at least the size of the public key modulus. +*/ + +/* +** Generate and return a new RSA public and private key. +** Both keys are encoded in a single RSAPrivateKey structure. +** "cx" is the random number generator context +** "keySizeInBits" is the size of the key to be generated, in bits. +** 512, 1024, etc. +** "publicExponent" when not NULL is a pointer to some data that +** represents the public exponent to use. The data is a byte +** encoded integer, in "big endian" order. +*/ +extern RSAPrivateKey *RSA_NewKey(int keySizeInBits, + SECItem * publicExponent); + +/* +** Perform a raw public-key operation +** Length of input and output buffers are equal to key's modulus len. +*/ +extern SECStatus RSA_PublicKeyOp(RSAPublicKey * key, + unsigned char * output, + const unsigned char * input); + +/* +** Perform a raw private-key operation +** Length of input and output buffers are equal to key's modulus len. +*/ +extern SECStatus RSA_PrivateKeyOp(RSAPrivateKey * key, + unsigned char * output, + const unsigned char * input); + +/* +** Perform a raw private-key operation, and check the parameters used in +** the operation for validity by performing a test operation first. +** Length of input and output buffers are equal to key's modulus len. +*/ +extern SECStatus RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey * key, + unsigned char * output, + const unsigned char * input); + +/* +** Perform a check of private key parameters for consistency. +*/ +extern SECStatus RSA_PrivateKeyCheck(RSAPrivateKey *key); + + +/******************************************************************** +** DSA signing algorithm +*/ + +/* +** Generate and return a new DSA public and private key pair, +** both of which are encoded into a single DSAPrivateKey struct. +** "params" is a pointer to the PQG parameters for the domain +** Uses a random seed. +*/ +extern SECStatus DSA_NewKey(const PQGParams * params, + DSAPrivateKey ** privKey); + +/* signature is caller-supplied buffer of at least 20 bytes. +** On input, signature->len == size of buffer to hold signature. +** digest->len == size of digest. +** On output, signature->len == size of signature in buffer. +** Uses a random seed. +*/ +extern SECStatus DSA_SignDigest(DSAPrivateKey * key, + SECItem * signature, + const SECItem * digest); + +/* signature is caller-supplied buffer of at least 20 bytes. +** On input, signature->len == size of buffer to hold signature. +** digest->len == size of digest. +*/ +extern SECStatus DSA_VerifyDigest(DSAPublicKey * key, + const SECItem * signature, + const SECItem * digest); + +/* For FIPS compliance testing. Seed must be exactly 20 bytes long */ +extern SECStatus DSA_NewKeyFromSeed(const PQGParams *params, + const unsigned char * seed, + DSAPrivateKey **privKey); + +/* For FIPS compliance testing. Seed must be exactly 20 bytes. */ +extern SECStatus DSA_SignDigestWithSeed(DSAPrivateKey * key, + SECItem * signature, + const SECItem * digest, + const unsigned char * seed); + +/****************************************************** +** Diffie Helman key exchange algorithm +*/ + +/* Generates parameters for Diffie-Helman key generation. +** primeLen is the length in bytes of prime P to be generated. +*/ +extern SECStatus DH_GenParam(int primeLen, DHParams ** params); + +/* Generates a public and private key, both of which are encoded in a single +** DHPrivateKey struct. Params is input, privKey are output. +** This is Phase 1 of Diffie Hellman. +*/ +extern SECStatus DH_NewKey(DHParams * params, + DHPrivateKey ** privKey); + +/* +** DH_Derive does the Diffie-Hellman phase 2 calculation, using the +** other party's publicValue, and the prime and our privateValue. +** maxOutBytes is the requested length of the generated secret in bytes. +** A zero value means produce a value of any length up to the size of +** the prime. If successful, derivedSecret->data is set +** to the address of the newly allocated buffer containing the derived +** secret, and derivedSecret->len is the size of the secret produced. +** The size of the secret produced will never be larger than the length +** of the prime, and it may be smaller than maxOutBytes. +** It is the caller's responsibility to free the allocated buffer +** containing the derived secret. +*/ +extern SECStatus DH_Derive(SECItem * publicValue, + SECItem * prime, + SECItem * privateValue, + SECItem * derivedSecret, + unsigned int maxOutBytes); + +/* +** KEA_CalcKey returns octet string with the private key for a dual +** Diffie-Helman key generation as specified for government key exchange. +*/ +extern SECStatus KEA_Derive(SECItem *prime, + SECItem *public1, + SECItem *public2, + SECItem *private1, + SECItem *private2, + SECItem *derivedSecret); + +/* + * verify that a KEA or DSA public key is a valid key for this prime and + * subprime domain. + */ +extern PRBool KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime); + + +/******************************************/ +/* +** RC4 symmetric stream cypher +*/ + +/* +** Create a new RC4 context suitable for RC4 encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +*/ +extern RC4Context *RC4_CreateContext(unsigned char *key, int len); + +/* +** Destroy an RC4 encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void RC4_DestroyContext(RC4Context *cx, PRBool freeit); + +/* +** Perform RC4 encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus RC4_Encrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/* +** Perform RC4 decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/******************************************/ +/* +** RC2 symmetric block cypher +*/ + +/* +** Create a new RC2 context suitable for RC2 encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC) +** "mode" one of NSS_RC2 or NSS_RC2_CBC +** "effectiveKeyLen" is the effective key length (as specified in +** RFC 2268) in bytes (not bits). +** +** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block +** chaining" mode. +*/ +extern RC2Context *RC2_CreateContext(unsigned char *key, unsigned int len, + unsigned char *iv, int mode, unsigned effectiveKeyLen); + +/* +** Destroy an RC2 encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void RC2_DestroyContext(RC2Context *cx, PRBool freeit); + +/* +** Perform RC2 encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/* +** Perform RC2 decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/******************************************/ +/* +** RC5 symmetric block cypher -- 64-bit block size +*/ + +/* +** Create a new RC5 context suitable for RC5 encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC) +** "mode" one of NSS_RC5 or NSS_RC5_CBC +** +** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block +** chaining" mode. +*/ +extern RC5Context *RC5_CreateContext(SECItem *key, unsigned int rounds, + unsigned int wordSize, unsigned char *iv, int mode); + +/* +** Destroy an RC5 encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void RC5_DestroyContext(RC5Context *cx, PRBool freeit); + +/* +** Perform RC5 encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus RC5_Encrypt(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/* +** Perform RC5 decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ + +extern SECStatus RC5_Decrypt(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + + +/******************************************/ +/* +** DES symmetric block cypher +*/ + +/* +** Create a new DES context suitable for DES encryption/decryption. +** "key" raw key data +** "len" the number of bytes of key data +** "iv" is the CBC initialization vector (if mode is NSS_DES_CBC or +** mode is DES_EDE3_CBC) +** "mode" one of NSS_DES, NSS_DES_CBC, NSS_DES_EDE3 or NSS_DES_EDE3_CBC +** "encrypt" is PR_TRUE if the context will be used for encryption +** +** When mode is set to NSS_DES_CBC or NSS_DES_EDE3_CBC then the DES +** cipher is run in "cipher block chaining" mode. +*/ +extern DESContext *DES_CreateContext(unsigned char *key, unsigned char *iv, + int mode, PRBool encrypt); + +/* +** Destroy an DES encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void DES_DestroyContext(DESContext *cx, PRBool freeit); + +/* +** Perform DES encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +** +** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH +*/ +extern SECStatus DES_Encrypt(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/* +** Perform DES decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +** +** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH +*/ +extern SECStatus DES_Decrypt(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/******************************************/ +/* +** AES symmetric block cypher (Rijndael) +*/ + +/* +** Create a new AES context suitable for AES encryption/decryption. +** "key" raw key data +** "keylen" the number of bytes of key data (16, 24, or 32) +** "blocklen" is the blocksize to use (16, 24, or 32) +** XXX currently only blocksize==16 has been tested! +*/ +extern AESContext * +AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt, + unsigned int keylen, unsigned int blocklen); + +/* +** Destroy a AES encryption/decryption context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void +AES_DestroyContext(AESContext *cx, PRBool freeit); + +/* +** Perform AES encryption. +** "cx" the context +** "output" the output buffer to store the encrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus +AES_Encrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + +/* +** Perform AES decryption. +** "cx" the context +** "output" the output buffer to store the decrypted data. +** "outputLen" how much data is stored in "output". Set by the routine +** after some data is stored in output. +** "maxOutputLen" the maximum amount of data that can ever be +** stored in "output" +** "input" the input data +** "inputLen" the amount of input data +*/ +extern SECStatus +AES_Decrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + +/******************************************/ +/* +** MD5 secure hash function +*/ + +/* +** Hash a null terminated string "src" into "dest" using MD5 +*/ +extern SECStatus MD5_Hash(unsigned char *dest, const char *src); + +/* +** Hash a non-null terminated string "src" into "dest" using MD5 +*/ +extern SECStatus MD5_HashBuf(unsigned char *dest, const unsigned char *src, + uint32 src_length); + +/* +** Create a new MD5 context +*/ +extern MD5Context *MD5_NewContext(void); + + +/* +** Destroy an MD5 secure hash context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void MD5_DestroyContext(MD5Context *cx, PRBool freeit); + +/* +** Reset an MD5 context, preparing it for a fresh round of hashing +*/ +extern void MD5_Begin(MD5Context *cx); + +/* +** Update the MD5 hash function with more data. +** "cx" the context +** "input" the data to hash +** "inputLen" the amount of data to hash +*/ +extern void MD5_Update(MD5Context *cx, + const unsigned char *input, unsigned int inputLen); + +/* +** Finish the MD5 hash function. Produce the digested results in "digest" +** "cx" the context +** "digest" where the 16 bytes of digest data are stored +** "digestLen" where the digest length (16) is stored +** "maxDigestLen" the maximum amount of data that can ever be +** stored in "digest" +*/ +extern void MD5_End(MD5Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); +/* + * Return the the size of a buffer needed to flatten the MD5 Context into + * "cx" the context + * returns size; + */ +extern unsigned int MD5_FlattenSize(MD5Context *cx); + +/* + * Flatten the MD5 Context into a buffer: + * "cx" the context + * "space" the buffer to flatten to + * returns status; + */ +extern SECStatus MD5_Flatten(MD5Context *cx,unsigned char *space); + +/* + * Resurrect a flattened context into a MD5 Context + * "space" the buffer of the flattend buffer + * "arg" ptr to void used by cryptographic resurrect + * returns resurected context; + */ +extern MD5Context * MD5_Resurrect(unsigned char *space, void *arg); + +/* +** trace the intermediate state info of the MD5 hash. +*/ +extern void MD5_TraceState(MD5Context *cx); + + +/******************************************/ +/* +** MD2 secure hash function +*/ + +/* +** Hash a null terminated string "src" into "dest" using MD2 +*/ +extern SECStatus MD2_Hash(unsigned char *dest, const char *src); + +/* +** Create a new MD2 context +*/ +extern MD2Context *MD2_NewContext(void); + + +/* +** Destroy an MD2 secure hash context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void MD2_DestroyContext(MD2Context *cx, PRBool freeit); + +/* +** Reset an MD2 context, preparing it for a fresh round of hashing +*/ +extern void MD2_Begin(MD2Context *cx); + +/* +** Update the MD2 hash function with more data. +** "cx" the context +** "input" the data to hash +** "inputLen" the amount of data to hash +*/ +extern void MD2_Update(MD2Context *cx, + const unsigned char *input, unsigned int inputLen); + +/* +** Finish the MD2 hash function. Produce the digested results in "digest" +** "cx" the context +** "digest" where the 16 bytes of digest data are stored +** "digestLen" where the digest length (16) is stored +** "maxDigestLen" the maximum amount of data that can ever be +** stored in "digest" +*/ +extern void MD2_End(MD2Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); + +/* + * Return the the size of a buffer needed to flatten the MD2 Context into + * "cx" the context + * returns size; + */ +extern unsigned int MD2_FlattenSize(MD2Context *cx); + +/* + * Flatten the MD2 Context into a buffer: + * "cx" the context + * "space" the buffer to flatten to + * returns status; + */ +extern SECStatus MD2_Flatten(MD2Context *cx,unsigned char *space); + +/* + * Resurrect a flattened context into a MD2 Context + * "space" the buffer of the flattend buffer + * "arg" ptr to void used by cryptographic resurrect + * returns resurected context; + */ +extern MD2Context * MD2_Resurrect(unsigned char *space, void *arg); + +/******************************************/ +/* +** SHA-1 secure hash function +*/ + +/* +** Hash a null terminated string "src" into "dest" using SHA-1 +*/ +extern SECStatus SHA1_Hash(unsigned char *dest, const char *src); + +/* +** Hash a non-null terminated string "src" into "dest" using SHA-1 +*/ +extern SECStatus SHA1_HashBuf(unsigned char *dest, const unsigned char *src, + uint32 src_length); + +/* +** Create a new SHA-1 context +*/ +extern SHA1Context *SHA1_NewContext(void); + + +/* +** Destroy a SHA-1 secure hash context. +** "cx" the context +** "freeit" if PR_TRUE then free the object as well as its sub-objects +*/ +extern void SHA1_DestroyContext(SHA1Context *cx, PRBool freeit); + +/* +** Reset a SHA-1 context, preparing it for a fresh round of hashing +*/ +extern void SHA1_Begin(SHA1Context *cx); + +/* +** Update the SHA-1 hash function with more data. +** "cx" the context +** "input" the data to hash +** "inputLen" the amount of data to hash +*/ +extern void SHA1_Update(SHA1Context *cx, const unsigned char *input, + unsigned int inputLen); + +/* +** Finish the SHA-1 hash function. Produce the digested results in "digest" +** "cx" the context +** "digest" where the 16 bytes of digest data are stored +** "digestLen" where the digest length (20) is stored +** "maxDigestLen" the maximum amount of data that can ever be +** stored in "digest" +*/ +extern void SHA1_End(SHA1Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); + +/* +** trace the intermediate state info of the SHA1 hash. +*/ +extern void SHA1_TraceState(SHA1Context *cx); + +/* + * Return the the size of a buffer needed to flatten the SHA-1 Context into + * "cx" the context + * returns size; + */ +extern unsigned int SHA1_FlattenSize(SHA1Context *cx); + +/* + * Flatten the SHA-1 Context into a buffer: + * "cx" the context + * "space" the buffer to flatten to + * returns status; + */ +extern SECStatus SHA1_Flatten(SHA1Context *cx,unsigned char *space); + +/* + * Resurrect a flattened context into a SHA-1 Context + * "space" the buffer of the flattend buffer + * "arg" ptr to void used by cryptographic resurrect + * returns resurected context; + */ +extern SHA1Context * SHA1_Resurrect(unsigned char *space, void *arg); + + +/******************************************/ +/* +** Pseudo Random Number Generation. FIPS compliance desirable. +*/ + +/* +** Initialize the global RNG context and give it some seed input taken +** from the system. This function is thread-safe and will only allow +** the global context to be initialized once. The seed input is likely +** small, so it is imperative that RNG_RandomUpdate() be called with +** additional seed data before the generator is used. A good way to +** provide the generator with additional entropy is to call +** RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that. +*/ +extern SECStatus RNG_RNGInit(void); + +/* +** Update the global random number generator with more seeding +** material +*/ +extern SECStatus RNG_RandomUpdate(const void *data, size_t bytes); + +/* +** Generate some random bytes, using the global random number generator +** object. +*/ +extern SECStatus RNG_GenerateGlobalRandomBytes(void *dest, size_t len); + +/* Destroy the global RNG context. After a call to RNG_RNGShutdown() +** a call to RNG_RNGInit() is required in order to use the generator again, +** along with seed data (see the comment above RNG_RNGInit()). +*/ +extern void RNG_RNGShutdown(void); + + +/* Generate PQGParams and PQGVerify structs. + * Length of seed and length of h both equal length of P. + * All lengths are specified by "j", according to the table above. + */ +extern SECStatus +PQG_ParamGen(unsigned int j, /* input : determines length of P. */ + PQGParams **pParams, /* output: P Q and G returned here */ + PQGVerify **pVfy); /* output: counter and seed. */ + +/* Generate PQGParams and PQGVerify structs. + * Length of P specified by j. Length of h will match length of P. + * Length of SEED in bytes specified in seedBytes. + * seedBbytes must be in the range [20..255] or an error will result. + */ +extern SECStatus +PQG_ParamGenSeedLen( + unsigned int j, /* input : determines length of P. */ + unsigned int seedBytes, /* input : length of seed in bytes.*/ + PQGParams **pParams, /* output: P Q and G returned here */ + PQGVerify **pVfy); /* output: counter and seed. */ + + +/* Test PQGParams for validity as DSS PQG values. + * If vfy is non-NULL, test PQGParams to make sure they were generated + * using the specified seed, counter, and h values. + * + * Return value indicates whether Verification operation ran succesfully + * to completion, but does not indicate if PQGParams are valid or not. + * If return value is SECSuccess, then *pResult has these meanings: + * SECSuccess: PQGParams are valid. + * SECFailure: PQGParams are invalid. + * + * Verify the following 12 facts about PQG counter SEED g and h + * 1. Q is 160 bits long. + * 2. P is one of the 9 valid lengths. + * 3. G < P + * 4. P % Q == 1 + * 5. Q is prime + * 6. P is prime + * Steps 7-12 are done only if the optional PQGVerify is supplied. + * 7. counter < 4096 + * 8. g >= 160 and g < 2048 (g is length of seed in bits) + * 9. Q generated from SEED matches Q in PQGParams. + * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams. + * 11. 1 < h < P-1 + * 12. G generated from h matches G in PQGParams. + */ + +extern SECStatus PQG_VerifyParams(const PQGParams *params, + const PQGVerify *vfy, SECStatus *result); + + +/* + * clean-up any global tables freebl may have allocated after it starts up. + * This function is not thread safe and should be called only after the + * library has been quiessed. + */ +extern void BL_Cleanup(void); + +/************************************************************************** + * Free the PQGParams struct and the things it points to. * + **************************************************************************/ +extern void PQG_DestroyParams(PQGParams *params); + +/************************************************************************** + * Free the PQGVerify struct and the things it points to. * + **************************************************************************/ +extern void PQG_DestroyVerify(PQGVerify *vfy); + +SEC_END_PROTOS + +#endif /* _BLAPI_H_ */ diff --git a/security/nss/lib/freebl/blapi_bsf.c b/security/nss/lib/freebl/blapi_bsf.c new file mode 100644 index 000000000..1204306d9 --- /dev/null +++ b/security/nss/lib/freebl/blapi_bsf.c @@ -0,0 +1,2114 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +/***************************************************************************** +** +** Implementation of BLAPI using RSA BSAFE Crypto-C 4.1 +** +******************************************************************************/ + +/* +** Notes: +** +** 1. SHA1, MD2, and MD5 are not implemented here. This is because +** BSAFE Crypto-C 4.1 does not provide a mechanism for saving and +** restoring intermediate hash values. BLAPI uses the functions +** <hash>_Flatten and <hash>_Resurrect to accomplish this, so the +** hashes are implemented elsewhere. +** +** 2. The DSA and PQG functions which use seeds are not consistent across +** implementations. In this BSAFE-dependent implementation of BLAPI, +** the seed is understood to be an initial value sent to a random number +** generator used during the key/param generation. In the implementation +** used by Netscape-branded products, the seed is understood to be actual +** bytes used for the creation of a key or parameters. This means that +** while the BSAFE-dependent implementation may be self-consistent (using +** the same seed will produce the same key/parameters), it is not +** consistent with the Netscape-branded implementation. +** Also, according to the BSAFE Crypto-C 4.0 Library Reference Manual, the +** SHA1 Random Number Generator is implemented according to the X9.62 +** Draft Standard. Random number generation in the Netscape-branded +** implementation of BLAPI is compliant with FIPS-186, thus random +** numbers generated using the same seed will differ across +** implementations. +** +** 3. PQG_VerifyParams is not implemented here. BSAFE Crypto-C 4.1 +** allows access to the seed and counter values used in generating +** p and q, but does not provide a mechanism for verifying that +** p, q, and g were generated from that seed and counter. At this +** time, this implementation will set a PR_NOT_IMPLEMENTED_ERROR +** in a call to PQG_VerifyParams. +** +*/ + +#include "prerr.h" +#include "secerr.h" + +/* BSAFE headers */ +#include "aglobal.h" +#include "bsafe.h" + +/* BLAPI definition */ +#include "blapi.h" + +/* default block sizes for algorithms */ +#define DES_BLOCK_SIZE 8 +#define RC2_BLOCK_SIZE 8 +#define RC5_BLOCK_SIZE 8 + +#define MAX_RC5_KEY_BYTES 255 +#define MAX_RC5_ROUNDS 255 +#define RC5_VERSION_NUMBER 0x10 + +#define SECITEMFROMITEM(arena, to, from) \ + tmp.data = from.data; tmp.len = from.len; to.type = siBuffer; \ + if (SECITEM_CopyItem(arena, &to, &tmp) != SECSuccess) goto loser; + +#define ITEMFROMSECITEM(to, from) \ + to.data = from.data; to.len = from.len; + +static const B_ALGORITHM_METHOD *rand_chooser[] = { + &AM_SHA_RANDOM, + (B_ALGORITHM_METHOD *)NULL_PTR +}; + +static B_ALGORITHM_OBJ +generateRandomAlgorithm(int numBytes, unsigned char *seedData) +{ + SECItem seed = { siBuffer, 0, 0 }; + B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR; + int status; + + /* Allocate space for random seed. */ + if (seedData) { + seed.len = numBytes; + seed.data = seedData; + } else { + if (SECITEM_AllocItem(NULL, &seed, numBytes) == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + if ((status = RNG_GenerateGlobalRandomBytes(seed.data, seed.len)) + != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + } + + /* Generate the random seed. */ + if ((status = B_CreateAlgorithmObject(&randomAlgorithm)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(randomAlgorithm, AI_SHA1Random, + NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_RandomInit(randomAlgorithm, rand_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_RandomUpdate(randomAlgorithm, seed.data, seed.len, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + + if (seedData == NULL) + SECITEM_FreeItem(&seed, PR_FALSE); + + return randomAlgorithm; + +loser: + if (randomAlgorithm != NULL_PTR) + B_DestroyAlgorithmObject(&randomAlgorithm); + if (seedData == NULL) + SECITEM_FreeItem(&seed, PR_FALSE); + return NULL_PTR; +} + +/***************************************************************************** +** BLAPI implementation of DES +******************************************************************************/ + +struct DESContextStr { + B_ALGORITHM_OBJ algobj; + B_ALGORITHM_METHOD *alg_chooser[3]; + B_KEY_OBJ keyobj; +}; + +DESContext * +DES_CreateContext(unsigned char *key, unsigned char *iv, + int mode, PRBool encrypt) +{ + /* BLAPI */ + DESContext *cx; + /* BSAFE */ + B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams; + ITEM ivItem; + unsigned int blockLength = DES_BLOCK_SIZE; + int status; + + cx = (DESContext *)PORT_ZAlloc(sizeof(DESContext)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + + /* Create an encryption object. */ + cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR; + if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + /* Set the IV. */ + ivItem.data = iv; + ivItem.len = DES_BLOCK_SIZE; + + /* Create the key. */ + cx->keyobj = (B_KEY_OBJ)NULL_PTR; + if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + /* Set fields common to all DES modes. */ + fbParams.encryptionParams = NULL_PTR; + fbParams.paddingMethodName = (unsigned char *)"nopad"; + fbParams.paddingParams = NULL_PTR; + + /* Set mode-specific fields. */ + switch (mode) { + case NSS_DES: + fbParams.encryptionMethodName = (unsigned char *)"des"; + fbParams.feedbackMethodName = (unsigned char *)"ecb"; + fbParams.feedbackParams = (POINTER)&blockLength; + if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key)) + != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if (encrypt) { + cx->alg_chooser[0] = &AM_DES_ENCRYPT; + cx->alg_chooser[1] = &AM_ECB_ENCRYPT; + } else { + cx->alg_chooser[0] = &AM_DES_DECRYPT; + cx->alg_chooser[1] = &AM_ECB_DECRYPT; + } + cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR; + break; + + case NSS_DES_CBC: + fbParams.encryptionMethodName = (unsigned char *)"des"; + fbParams.feedbackMethodName = (unsigned char *)"cbc"; + fbParams.feedbackParams = (POINTER)&ivItem; + if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key)) + != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if (encrypt) { + cx->alg_chooser[0] = &AM_DES_ENCRYPT; + cx->alg_chooser[1] = &AM_CBC_ENCRYPT; + } else { + cx->alg_chooser[0] = &AM_DES_DECRYPT; + cx->alg_chooser[1] = &AM_CBC_DECRYPT; + } + cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR; + break; + + case NSS_DES_EDE3: + fbParams.encryptionMethodName = (unsigned char *)"des_ede"; + fbParams.feedbackMethodName = (unsigned char *)"ecb"; + fbParams.feedbackParams = (POINTER)&blockLength; + if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key)) + != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if (encrypt) { + cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT; + cx->alg_chooser[1] = &AM_ECB_ENCRYPT; + } else { + cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT; + cx->alg_chooser[1] = &AM_ECB_DECRYPT; + } + cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR; + break; + + case NSS_DES_EDE3_CBC: + fbParams.encryptionMethodName = (unsigned char *)"des_ede"; + fbParams.feedbackMethodName = (unsigned char *)"cbc"; + fbParams.feedbackParams = (POINTER)&ivItem; + if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key)) + != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if (encrypt) { + cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT; + cx->alg_chooser[1] = &AM_CBC_ENCRYPT; + } else { + cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT; + cx->alg_chooser[1] = &AM_CBC_DECRYPT; + } + cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR; + break; + + default: + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher, + (POINTER)&fbParams)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + return cx; + +loser: + DES_DestroyContext(cx, PR_TRUE); + return NULL; +} + +void +DES_DestroyContext(DESContext *cx, PRBool freeit) +{ + if (freeit) { + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + if (cx->keyobj != NULL_PTR) + B_DestroyKeyObject(&cx->keyobj); + if (cx->algobj != NULL_PTR) + B_DestroyAlgorithmObject(&cx->algobj); + PORT_ZFree(cx, sizeof(DESContext)); + } +} + +SECStatus +DES_Encrypt(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + unsigned int outputLenUpdate, outputLenFinal; + int status; + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert((inputLen & (DES_BLOCK_SIZE -1 )) == 0); + if (inputLen & (DES_BLOCK_SIZE -1 )) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_EncryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_EncryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + +SECStatus +DES_Decrypt(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + unsigned int outputLenUpdate, outputLenFinal; + int status; + ptrdiff_t inpptr; + unsigned char *inp = NULL; + PRBool cpybuffer = PR_FALSE; + + /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun + * UltraSparc crashed when the input to an DES CBC decryption operation + * was not 4-byte aligned. + * So, we work around this problem by aligning unaligned input in a + * temporary buffer. + */ + inpptr = (ptrdiff_t)input; + if (inpptr & 0x03) { + inp = PORT_ZAlloc(inputLen); + if (inp == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + PORT_Memcpy(inp, input, inputLen); + cpybuffer = PR_TRUE; + } else { + inp = input; + } + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + PORT_Assert((inputLen & (DES_BLOCK_SIZE - 1)) == 0); + if (inputLen & (DES_BLOCK_SIZE - 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + if ((status = B_DecryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + if ((status = B_DecryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + *outputLen = outputLenUpdate + outputLenFinal; + + if (cpybuffer) + PORT_ZFree(inp, inputLen); + return SECSuccess; + +loser: + if (cpybuffer) + PORT_ZFree(inp, inputLen); + return SECFailure; +} +} + +/***************************************************************************** +** BLAPI implementation of RC2 +******************************************************************************/ + +struct RC2ContextStr +{ + B_ALGORITHM_OBJ algobj; + B_ALGORITHM_METHOD *alg_chooser[6]; + B_KEY_OBJ keyobj; +}; + +RC2Context * +RC2_CreateContext(unsigned char *key, unsigned int len, + unsigned char *iv, int mode, unsigned effectiveKeyLen) +{ + /* BLAPI */ + RC2Context *cx; + /* BSAFE */ + B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams; + A_RC2_PARAMS rc2Params; + ITEM ivItem; + ITEM keyItem; + unsigned int blockLength = RC2_BLOCK_SIZE; + int status; + + if (mode == NSS_RC2_CBC && iv == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + + cx = (RC2Context *)PORT_ZAlloc(sizeof(RC2Context)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR; + if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + cx->keyobj = (B_KEY_OBJ)NULL_PTR; + if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + rc2Params.effectiveKeyBits = effectiveKeyLen * BITS_PER_BYTE; + ivItem.data = iv; + ivItem.len = RC2_BLOCK_SIZE; + + fbParams.encryptionMethodName = (unsigned char *)"rc2"; + fbParams.encryptionParams = (POINTER)&rc2Params; + fbParams.paddingMethodName = (unsigned char *)"nopad"; + fbParams.paddingParams = NULL_PTR; + cx->alg_chooser[0] = &AM_RC2_ENCRYPT; + cx->alg_chooser[1] = &AM_RC2_DECRYPT; + cx->alg_chooser[4] = &AM_SHA_RANDOM; + cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL; + + switch (mode) { + case NSS_RC2: + fbParams.feedbackMethodName = (unsigned char *)"ecb"; + fbParams.feedbackParams = (POINTER)&blockLength; + cx->alg_chooser[2] = &AM_ECB_ENCRYPT; + cx->alg_chooser[3] = &AM_ECB_DECRYPT; + break; + case NSS_RC2_CBC: + fbParams.feedbackMethodName = (unsigned char *)"cbc"; + fbParams.feedbackParams = (POINTER)&ivItem; + cx->alg_chooser[2] = &AM_CBC_ENCRYPT; + cx->alg_chooser[3] = &AM_CBC_DECRYPT; + break; + default: + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher, + (POINTER)&fbParams)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + keyItem.len = len; + keyItem.data = key; + if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + return cx; + +loser: + RC2_DestroyContext(cx, PR_TRUE); + return NULL; +} + +void +RC2_DestroyContext(RC2Context *cx, PRBool freeit) +{ + if (freeit) { + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + if (cx->keyobj != NULL_PTR) + B_DestroyKeyObject(&cx->keyobj); + if (cx->algobj != NULL_PTR) + B_DestroyAlgorithmObject(&cx->algobj); + PORT_ZFree(cx, sizeof(RC2Context)); + } +} + +SECStatus +RC2_Encrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0); + if (inputLen & (RC2_BLOCK_SIZE - 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_EncryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_EncryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + +SECStatus +RC2_Decrypt(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + ptrdiff_t inpptr; + unsigned char *inp = NULL; + PRBool cpybuffer = PR_FALSE; + + /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun + * UltraSparc crashed when the input to an RC2 CBC decryption operation + * was not 4-byte aligned. + * So, we work around this problem by aligning unaligned input in a + * temporary buffer. + */ + inpptr = (ptrdiff_t)input; + if (inpptr & 0x03) { + inp = PORT_ZAlloc(inputLen); + if (inp == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + PORT_Memcpy(inp, input, inputLen); + cpybuffer = PR_TRUE; + } else { + inp = input; + } + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0); + if (inputLen & (RC2_BLOCK_SIZE - 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + if ((status = B_DecryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + inp, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + if ((status = B_DecryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + *outputLen = outputLenUpdate + outputLenFinal; + + if (cpybuffer) + PORT_ZFree(inp, inputLen); + return SECSuccess; + +loser: + if (cpybuffer) + PORT_ZFree(inp, inputLen); + return SECFailure; +} + +/***************************************************************************** +** BLAPI implementation of RC4 +******************************************************************************/ + +struct RC4ContextStr +{ + B_ALGORITHM_OBJ algobj; + B_ALGORITHM_METHOD *alg_chooser[3]; + B_KEY_OBJ keyobj; +}; + +RC4Context * +RC4_CreateContext(unsigned char *key, int len) +{ + /* BLAPI */ + RC4Context *cx; + /* BSAFE */ + ITEM keyItem; + int status; + + cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context)); + if (cx == NULL) { + /* set out of memory error */ + return NULL; + } + + cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR; + if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + cx->keyobj = (B_KEY_OBJ)NULL_PTR; + if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(cx->algobj, AI_RC4, NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + cx->alg_chooser[0] = &AM_RC4_ENCRYPT; + cx->alg_chooser[1] = &AM_RC4_DECRYPT; + cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL; + + keyItem.len = len; + keyItem.data = key; + if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + return cx; + +loser: + RC4_DestroyContext(cx, PR_TRUE); + return NULL; +} + +void +RC4_DestroyContext(RC4Context *cx, PRBool freeit) +{ + if (freeit) { + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + if (cx->keyobj != NULL_PTR) + B_DestroyKeyObject(&cx->keyobj); + if (cx->algobj != NULL_PTR) + B_DestroyAlgorithmObject(&cx->algobj); + PORT_ZFree(cx, sizeof(RC4Context)); + } +} + +SECStatus +RC4_Encrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_EncryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_EncryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + +SECStatus +RC4_Decrypt(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_DecryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_DecryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + + +/***************************************************************************** +** BLAPI implementation of RC5 +******************************************************************************/ + +struct RC5ContextStr +{ + B_ALGORITHM_OBJ algobj; + B_ALGORITHM_METHOD *alg_chooser[6]; + B_KEY_OBJ keyobj; + unsigned int blocksize; +}; + +RC5Context * +RC5_CreateContext(SECItem *key, unsigned int rounds, + unsigned int wordSize, unsigned char *iv, int mode) +{ + /* BLAPI */ + RC5Context *cx; + /* BSAFE */ + B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams; + A_RC5_PARAMS rc5Params; + ITEM keyItem; + ITEM ivItem; + unsigned int blocksize; + int status; + + if (rounds > MAX_RC5_ROUNDS) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + if (key->len > MAX_RC5_KEY_BYTES) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + if (mode == NSS_RC5_CBC && (iv == NULL)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + + cx = (RC5Context *)PORT_ZAlloc(sizeof(RC5Context)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR; + if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + cx->keyobj = (B_KEY_OBJ)NULL_PTR; + if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + rc5Params.version = RC5_VERSION_NUMBER; + rc5Params.rounds = rounds; + rc5Params.wordSizeInBits = wordSize * BITS_PER_BYTE; + if (rc5Params.wordSizeInBits == 64) { + fbParams.encryptionMethodName = (unsigned char *)"rc5_64"; + cx->alg_chooser[0] = &AM_RC5_64ENCRYPT; + cx->alg_chooser[1] = &AM_RC5_64DECRYPT; + } else { + fbParams.encryptionMethodName = (unsigned char *)"rc5"; + cx->alg_chooser[0] = &AM_RC5_ENCRYPT; + cx->alg_chooser[1] = &AM_RC5_DECRYPT; + } + fbParams.encryptionParams = (POINTER)&rc5Params; + fbParams.paddingMethodName = (unsigned char *)"nopad"; + fbParams.paddingParams = NULL_PTR; + cx->alg_chooser[4] = &AM_SHA_RANDOM; + cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL; + switch (mode) { + case NSS_RC5: + blocksize = 2 * wordSize; + cx->blocksize = blocksize; + fbParams.feedbackMethodName = (unsigned char *)"ecb"; + fbParams.feedbackParams = (POINTER)&blocksize; + cx->alg_chooser[2] = &AM_ECB_ENCRYPT; + cx->alg_chooser[3] = &AM_ECB_DECRYPT; + break; + case NSS_RC5_CBC: + ivItem.len = 2 * wordSize; + ivItem.data = iv; + cx->blocksize = RC5_BLOCK_SIZE; + fbParams.feedbackMethodName = (unsigned char *)"cbc"; + fbParams.feedbackParams = (POINTER)&ivItem; + cx->alg_chooser[2] = &AM_CBC_ENCRYPT; + cx->alg_chooser[3] = &AM_CBC_DECRYPT; + break; + default: + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher, + (POINTER)&fbParams)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + keyItem.len = key->len; + keyItem.data = key->data; + if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + return cx; + +loser: + RC5_DestroyContext(cx, PR_TRUE); + return NULL; +} + +void RC5_DestroyContext(RC5Context *cx, PRBool freeit) +{ + if (freeit) { + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + if (cx->keyobj != NULL_PTR) + B_DestroyKeyObject(&cx->keyobj); + if (cx->algobj != NULL_PTR) + B_DestroyAlgorithmObject(&cx->algobj); + PORT_ZFree(cx, sizeof(RC5Context)); + } +} + +SECStatus +RC5_Encrypt(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert((inputLen & (RC5_BLOCK_SIZE - 1)) == 0); + if (inputLen & (RC5_BLOCK_SIZE - 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_EncryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_EncryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + +SECStatus +RC5_Decrypt(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + unsigned char *input, unsigned int inputLen) +{ + int status; + unsigned int outputLenUpdate, outputLenFinal; + ptrdiff_t inpptr; + unsigned char *inp = NULL; + PRBool cpybuffer = PR_FALSE; + + /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun + * UltraSparc crashed when the input to an RC5 CBC decryption operation + * was not 4-byte aligned. + * So, we work around this problem by aligning unaligned input in a + * temporary buffer. + */ + inpptr = (ptrdiff_t)input; + if (inpptr & 0x03) { + inp = PORT_ZAlloc(inputLen); + if (inp == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + PORT_Memcpy(inp, input, inputLen); + cpybuffer = PR_TRUE; + } else { + inp = input; + } + + PORT_Assert(cx != NULL); + if (cx == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert((inputLen & (cx->blocksize - 1)) == 0); + if (inputLen & (cx->blocksize - 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */ + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if ((status = B_DecryptUpdate(cx->algobj, + output, + &outputLenUpdate, + maxOutputLen, + input, + inputLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + if ((status = B_DecryptFinal(cx->algobj, + output + outputLenUpdate, + &outputLenFinal, + maxOutputLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + *outputLen = outputLenUpdate + outputLenFinal; + return SECSuccess; +} + +/***************************************************************************** +** BLAPI implementation of RSA +******************************************************************************/ + +static const SECItem defaultPublicExponent = +{ + siBuffer, + (unsigned char *)"\001\000\001", + 3 +}; + +static const B_ALGORITHM_METHOD *rsa_alg_chooser[] = { + &AM_SHA_RANDOM, + &AM_RSA_KEY_GEN, + &AM_RSA_ENCRYPT, + &AM_RSA_DECRYPT, + &AM_RSA_CRT_ENCRYPT, + &AM_RSA_CRT_DECRYPT, + (B_ALGORITHM_METHOD *)NULL_PTR +}; + +static SECStatus +rsaZFreePrivateKeyInfo(A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo) +{ + PORT_ZFree(privateKeyInfo->modulus.data, privateKeyInfo->modulus.len); + PORT_ZFree(privateKeyInfo->publicExponent.data, + privateKeyInfo->publicExponent.len); + PORT_ZFree(privateKeyInfo->privateExponent.data, + privateKeyInfo->privateExponent.len); + PORT_ZFree(privateKeyInfo->prime[0].data, privateKeyInfo->prime[0].len); + PORT_ZFree(privateKeyInfo->prime[1].data, privateKeyInfo->prime[1].len); + PORT_ZFree(privateKeyInfo->primeExponent[0].data, + privateKeyInfo->primeExponent[0].len); + PORT_ZFree(privateKeyInfo->primeExponent[1].data, + privateKeyInfo->primeExponent[1].len); + PORT_ZFree(privateKeyInfo->coefficient.data, + privateKeyInfo->coefficient.len); + return SECSuccess; +} + +static SECStatus +rsaConvertKeyInfoToBLKey(A_PKCS_RSA_PRIVATE_KEY *keyInfo, RSAPrivateKey *key) +{ + PRArenaPool *arena = key->arena; + SECItem tmp; + + SECITEMFROMITEM(arena, key->modulus, keyInfo->modulus); + SECITEMFROMITEM(arena, key->publicExponent, keyInfo->publicExponent); + SECITEMFROMITEM(arena, key->privateExponent, keyInfo->privateExponent); + SECITEMFROMITEM(arena, key->prime1, keyInfo->prime[0]); + SECITEMFROMITEM(arena, key->prime2, keyInfo->prime[1]); + SECITEMFROMITEM(arena, key->exponent1, keyInfo->primeExponent[0]); + SECITEMFROMITEM(arena, key->exponent2, keyInfo->primeExponent[1]); + SECITEMFROMITEM(arena, key->coefficient, keyInfo->coefficient); + /* Version field is to be handled at a higher level. */ + key->version.data = NULL; + key->version.len = 0; + return SECSuccess; + +loser: + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; +} + +static SECStatus +rsaConvertBLKeyToKeyInfo(RSAPrivateKey *key, A_PKCS_RSA_PRIVATE_KEY *keyInfo) +{ + ITEMFROMSECITEM(keyInfo->modulus, key->modulus); + ITEMFROMSECITEM(keyInfo->publicExponent, key->publicExponent); + ITEMFROMSECITEM(keyInfo->privateExponent, key->privateExponent); + ITEMFROMSECITEM(keyInfo->prime[0], key->prime1); + ITEMFROMSECITEM(keyInfo->prime[1], key->prime2); + ITEMFROMSECITEM(keyInfo->primeExponent[0], key->exponent1); + ITEMFROMSECITEM(keyInfo->primeExponent[1], key->exponent2); + ITEMFROMSECITEM(keyInfo->coefficient, key->coefficient); + return SECSuccess; +} + +RSAPrivateKey * +RSA_NewKey(int keySizeInBits, + SECItem * publicExponent) +{ + /* BLAPI */ + RSAPrivateKey *privateKey; + /* BSAFE */ + A_RSA_KEY_GEN_PARAMS keygenParams; + A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo = (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR; + B_ALGORITHM_OBJ keypairGenerator = (B_ALGORITHM_OBJ)NULL_PTR; + B_ALGORITHM_OBJ randomAlgorithm = NULL; + B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR; + B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR; + PRArenaPool *arena; + int status; + + /* Allocate space for key structure. */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (arena == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + privateKey = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, + sizeof(RSAPrivateKey)); + if (privateKey == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + privateKey->arena = arena; + + randomAlgorithm = generateRandomAlgorithm(keySizeInBits / BITS_PER_BYTE, 0); + if (randomAlgorithm == NULL_PTR) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateAlgorithmObject(&keypairGenerator)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if (publicExponent == NULL) publicExponent = &defaultPublicExponent; + keygenParams.modulusBits = keySizeInBits; + keygenParams.publicExponent.data = publicExponent->data; + keygenParams.publicExponent.len = publicExponent->len; + + if ((status = B_SetAlgorithmInfo(keypairGenerator, AI_RSAKeyGen, + (POINTER)&keygenParams)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_GenerateInit(keypairGenerator, rsa_alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GenerateKeypair(keypairGenerator, publicKeyObj, + privateKeyObj, randomAlgorithm, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj, + KI_PKCS_RSAPrivate)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + /* Convert the BSAFE key info to an RSAPrivateKey. */ + if ((status = rsaConvertKeyInfoToBLKey(privateKeyInfo, privateKey)) != 0) { + goto loser; + } + + B_DestroyAlgorithmObject(&publicKeyObj); + B_DestroyKeyObject(&publicKeyObj); + B_DestroyKeyObject(&privateKeyObj); + rsaZFreePrivateKeyInfo(privateKeyInfo); + B_DestroyAlgorithmObject(&randomAlgorithm); + return privateKey; + +loser: + if (keypairGenerator != NULL_PTR) + B_DestroyAlgorithmObject(&keypairGenerator); + if (publicKeyObj != NULL_PTR) + B_DestroyKeyObject(&publicKeyObj); + if (privateKeyObj != NULL_PTR) + B_DestroyKeyObject(&privateKeyObj); + if (privateKeyInfo != (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR) + rsaZFreePrivateKeyInfo(privateKeyInfo); + if (randomAlgorithm != NULL_PTR) + B_DestroyAlgorithmObject(&randomAlgorithm); + PORT_FreeArena(arena, PR_TRUE); + return NULL; +} + +static unsigned int +rsa_modulusLen(SECItem *modulus) +{ + unsigned char byteZero = modulus->data[0]; + unsigned int modLen = modulus->len - !byteZero; + return modLen; +} + +SECStatus +RSA_PublicKeyOp(RSAPublicKey * key, + unsigned char * output, + unsigned char * input) +{ + B_ALGORITHM_OBJ rsaPubKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR; + B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR; + A_RSA_KEY pubKeyInfo; + unsigned int outputLenUpdate; + unsigned int modulusLen; + int status; + + PORT_Assert(key != NULL); + if (key == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + if ((status = B_CreateAlgorithmObject(&rsaPubKeyAlg)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(rsaPubKeyAlg, AI_RSAPublic, + NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + modulusLen = rsa_modulusLen(&key->modulus); + pubKeyInfo.modulus.len = key->modulus.len; + pubKeyInfo.modulus.data = key->modulus.data; + pubKeyInfo.exponent.len = key->publicExponent.len; + pubKeyInfo.exponent.data = key->publicExponent.data; + + if ((status = B_SetKeyInfo(publicKeyObj, KI_RSAPublic, + (POINTER)&pubKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_EncryptInit(rsaPubKeyAlg, publicKeyObj, rsa_alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if ((status = B_EncryptUpdate(rsaPubKeyAlg, + output, + &outputLenUpdate, + modulusLen, + input, + modulusLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + if ((status = B_EncryptFinal(rsaPubKeyAlg, + output + outputLenUpdate, + &outputLenUpdate, + modulusLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + + B_DestroyAlgorithmObject(&rsaPubKeyAlg); + B_DestroyAlgorithmObject(&publicKeyObj); + /* Don't delete pubKeyInfo data -- it was a shallow copy. */ + return SECSuccess; + +loser: + if (rsaPubKeyAlg != NULL_PTR) + B_DestroyAlgorithmObject(&rsaPubKeyAlg); + if (publicKeyObj != NULL_PTR) + B_DestroyAlgorithmObject(&publicKeyObj); + return SECFailure; +} + +SECStatus +RSA_PrivateKeyOp(RSAPrivateKey * key, + unsigned char * output, + unsigned char * input) +{ + A_PKCS_RSA_PRIVATE_KEY privKeyInfo; + B_ALGORITHM_OBJ rsaPrivKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR; + B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR; + unsigned int outputLenUpdate; + unsigned int modulusLen; + int status; + + if ((status = B_CreateAlgorithmObject(&rsaPrivKeyAlg)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(rsaPrivKeyAlg, AI_RSAPrivate, + NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = rsaConvertBLKeyToKeyInfo(key, &privKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetKeyInfo(privateKeyObj, KI_PKCS_RSAPrivate, + (POINTER)&privKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + modulusLen = rsa_modulusLen(&key->modulus); + + if ((status = B_DecryptInit(rsaPrivKeyAlg, privateKeyObj, rsa_alg_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + if ((status = B_DecryptUpdate(rsaPrivKeyAlg, + output, + &outputLenUpdate, + modulusLen, + input, + modulusLen, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + if ((status = B_DecryptFinal(rsaPrivKeyAlg, + output + outputLenUpdate, + &outputLenUpdate, + modulusLen - outputLenUpdate, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + + B_DestroyAlgorithmObject(&rsaPrivKeyAlg); + B_DestroyAlgorithmObject(&privateKeyObj); + /* Don't delete privKeyInfo data -- it was a shallow copy. */ + return SECSuccess; + +loser: + if (rsaPrivKeyAlg != NULL_PTR) + B_DestroyAlgorithmObject(&rsaPrivKeyAlg); + if (privateKeyObj != NULL_PTR) + B_DestroyAlgorithmObject(&privateKeyObj); + return SECFailure; +} + +/* + * this should check the operation!!!! + */ +SECStatus +RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input) +{ + return RSA_PrivateKeyOp(key, output, input); +} + +/* + * this should check the key!!! + */ +SECStatus +RSA_PrivateKeyCheck(RSAPrivateKey *key) +{ + return SECSuccess; +} + +/***************************************************************************** +** BLAPI implementation of DSA +******************************************************************************/ + +static const B_ALGORITHM_METHOD *dsa_pk_gen_chooser[] = { + &AM_SHA_RANDOM, + &AM_DSA_PARAM_GEN, + &AM_DSA_KEY_GEN, + (B_ALGORITHM_METHOD *)NULL_PTR +}; + +static SECStatus +dsaConvertKeyInfoToBLKey(A_DSA_PRIVATE_KEY *privateKeyInfo, + A_DSA_PUBLIC_KEY *publicKeyInfo, + DSAPrivateKey *privateKey) +{ + PRArenaPool *arena; + SECItem tmp; + + arena = privateKey->params.arena; + SECITEMFROMITEM(arena, privateKey->params.prime, + privateKeyInfo->params.prime); + SECITEMFROMITEM(arena, privateKey->params.subPrime, + privateKeyInfo->params.subPrime); + SECITEMFROMITEM(arena, privateKey->params.base, + privateKeyInfo->params.base); + SECITEMFROMITEM(arena, privateKey->privateValue, + privateKeyInfo->x); + SECITEMFROMITEM(arena, privateKey->publicValue, + publicKeyInfo->y); + + return SECSuccess; + +loser: + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; +} + +static SECStatus +dsaConvertBLKeyToPrKeyInfo(DSAPrivateKey *privateKey, + A_DSA_PRIVATE_KEY *privateKeyInfo) +{ + ITEMFROMSECITEM(privateKeyInfo->params.prime, privateKey->params.prime) + ITEMFROMSECITEM(privateKeyInfo->params.subPrime, + privateKey->params.subPrime); + ITEMFROMSECITEM(privateKeyInfo->params.base, privateKey->params.base); + ITEMFROMSECITEM(privateKeyInfo->x, privateKey->privateValue); + return SECSuccess; +} + +static SECStatus +dsaConvertBLKeyToPubKeyInfo(DSAPublicKey *publicKey, + A_DSA_PUBLIC_KEY *publicKeyInfo) +{ + ITEMFROMSECITEM(publicKeyInfo->params.prime, publicKey->params.prime) + ITEMFROMSECITEM(publicKeyInfo->params.subPrime, + publicKey->params.subPrime); + ITEMFROMSECITEM(publicKeyInfo->params.base, publicKey->params.base); + ITEMFROMSECITEM(publicKeyInfo->y, publicKey->publicValue); + return SECSuccess; +} + +static SECStatus +dsaZFreeKeyInfoParams(A_DSA_PARAMS *params) +{ + PORT_ZFree(params->prime.data, + params->prime.len); + PORT_ZFree(params->subPrime.data, + params->subPrime.len); + PORT_ZFree(params->base.data, + params->base.len); + return SECSuccess; +} + +static SECStatus +dsaZFreePrivateKeyInfo(A_DSA_PRIVATE_KEY *privateKeyInfo) +{ + dsaZFreeKeyInfoParams(&privateKeyInfo->params); + PORT_ZFree(privateKeyInfo->x.data, + privateKeyInfo->x.len); + return SECSuccess; +} + +static SECStatus +dsaZFreePublicKeyInfo(A_DSA_PUBLIC_KEY *publicKeyInfo) +{ + dsaZFreeKeyInfoParams(&publicKeyInfo->params); + PORT_ZFree(publicKeyInfo->y.data, + publicKeyInfo->y.len); + return SECSuccess; +} + +SECStatus +DSA_NewKey(PQGParams * params, + DSAPrivateKey ** privKey) +{ + return DSA_NewKeyFromSeed(params, NULL, privKey); +} + +SECStatus +DSA_SignDigest(DSAPrivateKey * key, + SECItem * signature, + SECItem * digest) +{ + return DSA_SignDigestWithSeed(key, signature, digest, NULL); +} + +SECStatus +DSA_VerifyDigest(DSAPublicKey * key, + SECItem * signature, + SECItem * digest) +{ + B_ALGORITHM_OBJ dsaVerifier = (B_ALGORITHM_OBJ)NULL_PTR; + B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR; + A_DSA_PUBLIC_KEY publicKeyInfo; + const B_ALGORITHM_METHOD *dsa_verify_chooser[] = { + &AM_DSA_VERIFY, + (B_ALGORITHM_METHOD *)NULL_PTR + }; + int status; + + if ((status = B_CreateAlgorithmObject(&dsaVerifier)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = dsaConvertBLKeyToPubKeyInfo(key, &publicKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetKeyInfo(publicKeyObj, KI_DSAPublic, + (POINTER)&publicKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(dsaVerifier, AI_DSA, NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_VerifyInit(dsaVerifier, publicKeyObj, dsa_verify_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_VerifyUpdate(dsaVerifier, digest->data, digest->len, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + + if ((status = B_VerifyFinal(dsaVerifier, signature->data, signature->len, + (B_ALGORITHM_OBJ)NULL_PTR, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + if (status == BE_SIGNATURE) { + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + } else { + PORT_SetError(SEC_ERROR_BAD_DATA); + goto loser; + } + } + + B_DestroyAlgorithmObject(&dsaVerifier); + B_DestroyKeyObject(&publicKeyObj); + /* publicKeyInfo data is shallow copy */ + return (status == BE_SIGNATURE) ? SECFailure : SECSuccess; + +loser: + if (dsaVerifier != NULL_PTR) + B_DestroyAlgorithmObject(&dsaVerifier); + if (publicKeyObj != NULL_PTR) + B_DestroyKeyObject(&publicKeyObj); + return SECFailure; +} + +SECStatus +DSA_NewKeyFromSeed(PQGParams *params, unsigned char * seed, + DSAPrivateKey **privKey) +{ + PRArenaPool *arena; + DSAPrivateKey *privateKey; + /* BSAFE */ + B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR; + B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR; + A_DSA_PRIVATE_KEY *privateKeyInfo = (A_DSA_PRIVATE_KEY *)NULL_PTR; + A_DSA_PUBLIC_KEY *publicKeyInfo = (A_DSA_PUBLIC_KEY *)NULL_PTR; + A_DSA_PARAMS dsaParamInfo; + B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR; + B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR; + int status; + + /* Allocate space for key structure. */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (arena == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + privateKey = (DSAPrivateKey *) + PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); + if (privateKey == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + privateKey->params.arena = arena; + + if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed); + if (randomAlgorithm == NULL_PTR) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + ITEMFROMSECITEM(dsaParamInfo.prime, params->prime); + ITEMFROMSECITEM(dsaParamInfo.subPrime, params->subPrime); + ITEMFROMSECITEM(dsaParamInfo.base, params->base); + + if ((status = B_SetAlgorithmInfo(dsaKeyGenObj, AI_DSAKeyGen, + (POINTER)&dsaParamInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_GenerateInit(dsaKeyGenObj, dsa_pk_gen_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GenerateKeypair(dsaKeyGenObj, publicKeyObj, privateKeyObj, + randomAlgorithm, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj, + KI_DSAPrivate)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GetKeyInfo((POINTER *)&publicKeyInfo, publicKeyObj, + KI_DSAPublic)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = dsaConvertKeyInfoToBLKey(privateKeyInfo, publicKeyInfo, + privateKey)) != 0) { + goto loser; + } + + B_DestroyAlgorithmObject(&dsaKeyGenObj); + B_DestroyAlgorithmObject(&randomAlgorithm); + B_DestroyKeyObject(&publicKeyObj); + B_DestroyKeyObject(&privateKeyObj); + dsaZFreePrivateKeyInfo(privateKeyInfo); + dsaZFreePublicKeyInfo(publicKeyInfo); + /* dsaParamInfo contains only public info, no need to ZFree */ + + *privKey = privateKey; + return SECSuccess; + +loser: + if (dsaKeyGenObj != NULL_PTR) + B_DestroyAlgorithmObject(&dsaKeyGenObj); + if (randomAlgorithm != NULL_PTR) + B_DestroyAlgorithmObject(&randomAlgorithm); + if (privateKeyObj != NULL_PTR) + B_DestroyKeyObject(&privateKeyObj); + if (publicKeyObj != NULL_PTR) + B_DestroyKeyObject(&publicKeyObj); + if (privateKeyInfo != (A_DSA_PRIVATE_KEY *)NULL_PTR) + dsaZFreePrivateKeyInfo(privateKeyInfo); + if (publicKeyInfo != (A_DSA_PUBLIC_KEY *)NULL_PTR) + dsaZFreePublicKeyInfo(publicKeyInfo); + if (arena != NULL) + PORT_FreeArena(arena, PR_TRUE); + *privKey = NULL; + return SECFailure; +} + +SECStatus +DSA_SignDigestWithSeed(DSAPrivateKey * key, + SECItem * signature, + SECItem * digest, + unsigned char * seed) +{ + B_ALGORITHM_OBJ dsaSigner = (B_ALGORITHM_OBJ)NULL_PTR; + B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR; + B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR; + A_DSA_PRIVATE_KEY privateKeyInfo; + const B_ALGORITHM_METHOD *dsa_sign_chooser[] = { + &AM_DSA_SIGN, + (B_ALGORITHM_METHOD *)NULL_PTR + }; + int status; + unsigned int siglen; + + randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed); + + if ((status = B_CreateAlgorithmObject(&dsaSigner)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = dsaConvertBLKeyToPrKeyInfo(key, &privateKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetKeyInfo(privateKeyObj, KI_DSAPrivate, + (POINTER)&privateKeyInfo)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SetAlgorithmInfo(dsaSigner, AI_DSA, NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SignInit(dsaSigner, privateKeyObj, dsa_sign_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SignUpdate(dsaSigner, digest->data, digest->len, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_SignFinal(dsaSigner, signature->data, &siglen, + signature->len, randomAlgorithm, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + SECITEM_ReallocItem(NULL, signature, signature->len, siglen); + signature->len = siglen; /* shouldn't realloc do this? */ + + B_DestroyAlgorithmObject(&dsaSigner); + B_DestroyKeyObject(&privateKeyObj); + B_DestroyAlgorithmObject(&randomAlgorithm); + /* privateKeyInfo is shallow copy */ + return SECSuccess; + +loser: + if (dsaSigner != NULL_PTR) + B_DestroyAlgorithmObject(&dsaSigner); + if (privateKeyObj != NULL_PTR) + B_DestroyKeyObject(&privateKeyObj); + if (randomAlgorithm != NULL_PTR) + B_DestroyAlgorithmObject(&randomAlgorithm); + return SECFailure; +} + +SECStatus +PQG_ParamGen(unsigned int j, /* input : determines length of P. */ + PQGParams **pParams, /* output: P Q and G returned here */ + PQGVerify **pVfy) /* output: counter and seed. */ +{ + return PQG_ParamGenSeedLen(j, DSA_SUBPRIME_LEN, pParams, pVfy); +} + +SECStatus +PQG_ParamGenSeedLen( + unsigned int j, /* input : determines length of P. */ + unsigned int seedBytes, /* input : length of seed in bytes.*/ + PQGParams **pParams, /* output: P Q and G returned here */ + PQGVerify **pVfy) /* output: counter and seed. */ +{ + B_DSA_PARAM_GEN_PARAMS dsaParams; + B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR; + B_ALGORITHM_OBJ dsaParamGenerator = (B_ALGORITHM_OBJ)NULL_PTR; + B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR; + A_DSA_PARAMS *dsaParamInfo; + SECItem tmp; + PQGParams *params; + PRArenaPool *arena; + int status; + + if (!pParams || j > 8) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + /* Allocate space for key structure. */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (arena == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams)); + if (params == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + params->arena = arena; + + if ((status = B_CreateAlgorithmObject(&dsaParamGenerator)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + goto loser; + } + + randomAlgorithm = generateRandomAlgorithm(seedBytes, NULL); + + dsaParams.primeBits = 512 + (j * 64); + if ((status = B_SetAlgorithmInfo(dsaParamGenerator, AI_DSAParamGen, + (POINTER)&dsaParams)) != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + goto loser; + } + + if ((status = B_GenerateInit(dsaParamGenerator, dsa_pk_gen_chooser, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GenerateParameters(dsaParamGenerator, dsaKeyGenObj, + randomAlgorithm, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + if ((status = B_GetAlgorithmInfo((POINTER *)&dsaParamInfo, dsaKeyGenObj, + AI_DSAKeyGen)) != 0) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + goto loser; + } + + SECITEMFROMITEM(arena, params->prime, dsaParamInfo->prime); + SECITEMFROMITEM(arena, params->subPrime, dsaParamInfo->subPrime); + SECITEMFROMITEM(arena, params->base, dsaParamInfo->base); + + B_DestroyAlgorithmObject(&dsaKeyGenObj); + B_DestroyAlgorithmObject(&dsaParamGenerator); + B_DestroyAlgorithmObject(&randomAlgorithm); + dsaZFreeKeyInfoParams(dsaParamInfo); + + *pParams = params; + return SECSuccess; + +loser: + if (dsaParamGenerator != NULL_PTR) + B_DestroyAlgorithmObject(&dsaParamGenerator); + if (dsaKeyGenObj != NULL_PTR) + B_DestroyAlgorithmObject(&dsaKeyGenObj); + if (randomAlgorithm != NULL_PTR) + B_DestroyAlgorithmObject(&randomAlgorithm); + if (dsaParamInfo != NULL) + dsaZFreeKeyInfoParams(dsaParamInfo); + if (arena != NULL) + PORT_FreeArena(arena, PR_TRUE); + *pParams = NULL; + return SECFailure; +} + +SECStatus +PQG_VerifyParams(const PQGParams *params, + const PQGVerify *vfy, SECStatus *result) +{ + /* BSAFE does not provide access to h. + * Verification is thus skipped. + */ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +/* Destroy functions are implemented in util/pqgutil.c */ + +/***************************************************************************** +** BLAPI implementation of RNG +******************************************************************************/ + +static SECItem globalseed; +static B_ALGORITHM_OBJ globalrng = NULL_PTR; + +SECStatus +RNG_RNGInit(void) +{ + int status; + PRInt32 nBytes; + if (globalrng == NULL) { + globalseed.len = 20; + globalseed.data = (unsigned char *)PORT_Alloc(globalseed.len); + } else { + B_DestroyAlgorithmObject(&globalrng); + } + nBytes = RNG_GetNoise(globalseed.data, globalseed.len); + globalrng = generateRandomAlgorithm(globalseed.len, globalseed.data); + if (globalrng == NULL_PTR) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + return SECSuccess; +} + +SECStatus +RNG_RandomUpdate(const void *data, size_t bytes) +{ + int status; + if (data == NULL || bytes <= 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (globalrng == NULL_PTR) { + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); + return SECFailure; + } + if ((status = B_RandomUpdate(globalrng, data, bytes, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + return SECSuccess; +} + +SECStatus +RNG_GenerateGlobalRandomBytes(void *dest, size_t len) +{ + int status; + if (dest == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (globalrng == NULL_PTR) { + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); + return SECFailure; + } + if ((status = B_GenerateRandomBytes(globalrng, dest, len, + (A_SURRENDER_CTX *)NULL_PTR)) != 0) { + PORT_SetError(SEC_ERROR_BAD_DATA); + return SECFailure; + } + return SECSuccess; +} + +void +RNG_RNGShutdown(void) +{ + if (globalrng == NULL_PTR) + /* no-op */ + return; + B_DestroyAlgorithmObject(&globalrng); + SECITEM_ZfreeItem(&globalseed, PR_FALSE); + globalrng = NULL_PTR; +} diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h new file mode 100644 index 000000000..0e1b2b0e2 --- /dev/null +++ b/security/nss/lib/freebl/blapit.h @@ -0,0 +1,230 @@ +/* + * blapit.h - public data structures for the crypto library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _BLAPIT_H_ +#define _BLAPIT_H_ + +#include "seccomon.h" +#include "plarena.h" + +/* RC2 operation modes */ +#define NSS_RC2 0 +#define NSS_RC2_CBC 1 + +/* RC5 operation modes */ +#define NSS_RC5 0 +#define NSS_RC5_CBC 1 + +/* DES operation modes */ +#define NSS_DES 0 +#define NSS_DES_CBC 1 +#define NSS_DES_EDE3 2 +#define NSS_DES_EDE3_CBC 3 + +#define DES_KEY_LENGTH 8 /* Bytes */ + +/* AES operation modes */ +#define NSS_AES 0 +#define NSS_AES_CBC 1 + +#define DSA_SIGNATURE_LEN 40 /* Bytes */ +#define DSA_SUBPRIME_LEN 20 /* Bytes */ + +/* + * Number of bytes each hash algorithm produces + */ +#define MD2_LENGTH 16 /* Bytes */ +#define MD5_LENGTH 16 /* Bytes */ +#define SHA1_LENGTH 20 /* Bytes */ + +#define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048 + +/* + * The FIPS 186 algorithm for generating primes P and Q allows only 9 + * distinct values for the length of P, and only one value for the + * length of Q. + * The algorithm uses a variable j to indicate which of the 9 lengths + * of P is to be used. + * The following table relates j to the lengths of P and Q in bits. + * + * j bits in P bits in Q + * _ _________ _________ + * 0 512 160 + * 1 576 160 + * 2 640 160 + * 3 704 160 + * 4 768 160 + * 5 832 160 + * 6 896 160 + * 7 960 160 + * 8 1024 160 + * + * The FIPS-186 compliant PQG generator takes j as an input parameter. + */ + +#define DSA_Q_BITS 160 +#define DSA_MAX_P_BITS 1024 +#define DSA_MIN_P_BITS 512 + +/* + * function takes desired number of bits in P, + * returns index (0..8) or -1 if number of bits is invalid. + */ +#define PQG_PBITS_TO_INDEX(bits) ((((bits)-512) % 64) ? -1 : (int)((bits)-512)/64) + +/* + * function takes index (0-8) + * returns number of bits in P for that index, or -1 if index is invalid. + */ +#define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j))) + + +/*************************************************************************** +** Opaque objects +*/ + +struct DESContextStr ; +struct RC2ContextStr ; +struct RC4ContextStr ; +struct RC5ContextStr ; +struct AESContextStr ; +struct MD2ContextStr ; +struct MD5ContextStr ; +struct SHA1ContextStr ; + +typedef struct DESContextStr DESContext; +typedef struct RC2ContextStr RC2Context; +typedef struct RC4ContextStr RC4Context; +typedef struct RC5ContextStr RC5Context; +typedef struct AESContextStr AESContext; +typedef struct MD2ContextStr MD2Context; +typedef struct MD5ContextStr MD5Context; +typedef struct SHA1ContextStr SHA1Context; + +/*************************************************************************** +** RSA Public and Private Key structures +*/ + +/* member names from PKCS#1, section 7.1 */ +struct RSAPublicKeyStr { + PRArenaPool * arena; + SECItem modulus; + SECItem publicExponent; +}; +typedef struct RSAPublicKeyStr RSAPublicKey; + +/* member names from PKCS#1, section 7.2 */ +struct RSAPrivateKeyStr { + PRArenaPool * arena; + SECItem version; + SECItem modulus; + SECItem publicExponent; + SECItem privateExponent; + SECItem prime1; + SECItem prime2; + SECItem exponent1; + SECItem exponent2; + SECItem coefficient; +}; +typedef struct RSAPrivateKeyStr RSAPrivateKey; + + +/*************************************************************************** +** DSA Public and Private Key and related structures +*/ + +struct PQGParamsStr { + PRArenaPool *arena; + SECItem prime; /* p */ + SECItem subPrime; /* q */ + SECItem base; /* g */ + /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */ +}; +typedef struct PQGParamsStr PQGParams; + +struct PQGVerifyStr { + PRArenaPool * arena; /* includes this struct, seed, & h. */ + unsigned int counter; + SECItem seed; + SECItem h; +}; +typedef struct PQGVerifyStr PQGVerify; + +struct DSAPublicKeyStr { + PQGParams params; + SECItem publicValue; +}; +typedef struct DSAPublicKeyStr DSAPublicKey; + +struct DSAPrivateKeyStr { + PQGParams params; + SECItem publicValue; + SECItem privateValue; +}; +typedef struct DSAPrivateKeyStr DSAPrivateKey; + +/*************************************************************************** +** Diffie-Hellman Public and Private Key and related structures +** Structure member names suggested by PKCS#3. +*/ + +struct DHParamsStr { + PRArenaPool * arena; + SECItem prime; /* p */ + SECItem base; /* g */ +}; +typedef struct DHParamsStr DHParams; + +struct DHPublicKeyStr { + PRArenaPool * arena; + SECItem prime; + SECItem base; + SECItem publicValue; +}; +typedef struct DHPublicKeyStr DHPublicKey; + +struct DHPrivateKeyStr { + PRArenaPool * arena; + SECItem prime; + SECItem base; + SECItem publicValue; + SECItem privateValue; +}; +typedef struct DHPrivateKeyStr DHPrivateKey; + + +#endif /* _BLAPIT_H_ */ diff --git a/security/nss/lib/freebl/config.mk b/security/nss/lib/freebl/config.mk new file mode 100644 index 000000000..476e7743f --- /dev/null +++ b/security/nss/lib/freebl/config.mk @@ -0,0 +1,101 @@ +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +# only do this in the outermost freebl build. +ifndef FREEBL_RECURSIVE_BUILD +# we only do this stuff for some of the 32-bit builds, no 64-bit builds +ifndef USE_64 + +ifeq ($(OS_TARGET), HP-UX) + FREEBL_EXTENDED_BUILD = 1 +endif + +ifeq ($(OS_TARGET),SunOS) + ifeq ($(CPU_ARCH),sparc) + FREEBL_EXTENDED_BUILD = 1 + endif +endif + +ifdef FREEBL_EXTENDED_BUILD +# We're going to change this build so that it builds libfreebl.a with +# just loader.c. Then we have to build this directory twice again to +# build the two DSOs. +# To build libfreebl.a with just loader.c, we must now override many +# of the make variables setup by the prior inclusion of CORECONF's config.mk + +CSRCS = loader.c sysrand.c +SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX)) +OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS)) +ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \ + $(NOSUCHFILE) so_locations +endif + +#end of 32-bit only stuff. +endif + +# Override the values defined in coreconf's ruleset.mk. +# +# - (1) LIBRARY: a static (archival) library +# - (2) SHARED_LIBRARY: a shared (dynamic link) library +# - (3) IMPORT_LIBRARY: an import library, used only on Windows +# - (4) PROGRAM: an executable binary +# +# override these variables to prevent building a DSO/DLL. + TARGETS = $(LIBRARY) + SHARED_LIBRARY = + IMPORT_LIBRARY = + PROGRAM = + +else +# This is a recursive build. + +TARGETS = $(SHARED_LIBRARY) +LIBRARY = +PROGRAM = + +#ifeq ($(OS_TARGET), HP-UX) + EXTRA_LIBS += \ + $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \ + $(NULL) + +# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS) +# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX. + EXTRA_SHARED_LIBS += \ + -L$(DIST)/lib/ \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + -lc +#endif + +endif diff --git a/security/nss/lib/freebl/des.c b/security/nss/lib/freebl/des.c new file mode 100644 index 000000000..9b44f8c35 --- /dev/null +++ b/security/nss/lib/freebl/des.c @@ -0,0 +1,683 @@ +/* + * des.c + * + * core source file for DES-150 library + * Make key schedule from DES key. + * Encrypt/Decrypt one 8-byte block. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the DES-150 library. + * + * The Initial Developer of the Original Code is Nelson B. Bolyard, + * nelsonb@iname.com. Portions created by Nelson B. Bolyard are + * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include "des.h" +#include <stddef.h> /* for ptrdiff_t */ +/* #define USE_INDEXING 1 */ + +/* + * The tables below are the 8 sbox functions, with the 6-bit input permutation + * and the 32-bit output permutation pre-computed. + * They are shifted circularly to the left 3 bits, which removes 2 shifts + * and an or from each round by reducing the number of sboxes whose + * indices cross word broundaries from 2 to 1. + */ + +static const HALF SP[8][64] = { +/* Box S1 */ { + 0x04041000, 0x00000000, 0x00040000, 0x04041010, + 0x04040010, 0x00041010, 0x00000010, 0x00040000, + 0x00001000, 0x04041000, 0x04041010, 0x00001000, + 0x04001010, 0x04040010, 0x04000000, 0x00000010, + 0x00001010, 0x04001000, 0x04001000, 0x00041000, + 0x00041000, 0x04040000, 0x04040000, 0x04001010, + 0x00040010, 0x04000010, 0x04000010, 0x00040010, + 0x00000000, 0x00001010, 0x00041010, 0x04000000, + 0x00040000, 0x04041010, 0x00000010, 0x04040000, + 0x04041000, 0x04000000, 0x04000000, 0x00001000, + 0x04040010, 0x00040000, 0x00041000, 0x04000010, + 0x00001000, 0x00000010, 0x04001010, 0x00041010, + 0x04041010, 0x00040010, 0x04040000, 0x04001010, + 0x04000010, 0x00001010, 0x00041010, 0x04041000, + 0x00001010, 0x04001000, 0x04001000, 0x00000000, + 0x00040010, 0x00041000, 0x00000000, 0x04040010 + }, +/* Box S2 */ { + 0x00420082, 0x00020002, 0x00020000, 0x00420080, + 0x00400000, 0x00000080, 0x00400082, 0x00020082, + 0x00000082, 0x00420082, 0x00420002, 0x00000002, + 0x00020002, 0x00400000, 0x00000080, 0x00400082, + 0x00420000, 0x00400080, 0x00020082, 0x00000000, + 0x00000002, 0x00020000, 0x00420080, 0x00400002, + 0x00400080, 0x00000082, 0x00000000, 0x00420000, + 0x00020080, 0x00420002, 0x00400002, 0x00020080, + 0x00000000, 0x00420080, 0x00400082, 0x00400000, + 0x00020082, 0x00400002, 0x00420002, 0x00020000, + 0x00400002, 0x00020002, 0x00000080, 0x00420082, + 0x00420080, 0x00000080, 0x00020000, 0x00000002, + 0x00020080, 0x00420002, 0x00400000, 0x00000082, + 0x00400080, 0x00020082, 0x00000082, 0x00400080, + 0x00420000, 0x00000000, 0x00020002, 0x00020080, + 0x00000002, 0x00400082, 0x00420082, 0x00420000 + }, +/* Box S3 */ { + 0x00000820, 0x20080800, 0x00000000, 0x20080020, + 0x20000800, 0x00000000, 0x00080820, 0x20000800, + 0x00080020, 0x20000020, 0x20000020, 0x00080000, + 0x20080820, 0x00080020, 0x20080000, 0x00000820, + 0x20000000, 0x00000020, 0x20080800, 0x00000800, + 0x00080800, 0x20080000, 0x20080020, 0x00080820, + 0x20000820, 0x00080800, 0x00080000, 0x20000820, + 0x00000020, 0x20080820, 0x00000800, 0x20000000, + 0x20080800, 0x20000000, 0x00080020, 0x00000820, + 0x00080000, 0x20080800, 0x20000800, 0x00000000, + 0x00000800, 0x00080020, 0x20080820, 0x20000800, + 0x20000020, 0x00000800, 0x00000000, 0x20080020, + 0x20000820, 0x00080000, 0x20000000, 0x20080820, + 0x00000020, 0x00080820, 0x00080800, 0x20000020, + 0x20080000, 0x20000820, 0x00000820, 0x20080000, + 0x00080820, 0x00000020, 0x20080020, 0x00080800 + }, +/* Box S4 */ { + 0x02008004, 0x00008204, 0x00008204, 0x00000200, + 0x02008200, 0x02000204, 0x02000004, 0x00008004, + 0x00000000, 0x02008000, 0x02008000, 0x02008204, + 0x00000204, 0x00000000, 0x02000200, 0x02000004, + 0x00000004, 0x00008000, 0x02000000, 0x02008004, + 0x00000200, 0x02000000, 0x00008004, 0x00008200, + 0x02000204, 0x00000004, 0x00008200, 0x02000200, + 0x00008000, 0x02008200, 0x02008204, 0x00000204, + 0x02000200, 0x02000004, 0x02008000, 0x02008204, + 0x00000204, 0x00000000, 0x00000000, 0x02008000, + 0x00008200, 0x02000200, 0x02000204, 0x00000004, + 0x02008004, 0x00008204, 0x00008204, 0x00000200, + 0x02008204, 0x00000204, 0x00000004, 0x00008000, + 0x02000004, 0x00008004, 0x02008200, 0x02000204, + 0x00008004, 0x00008200, 0x02000000, 0x02008004, + 0x00000200, 0x02000000, 0x00008000, 0x02008200 + }, +/* Box S5 */ { + 0x00000400, 0x08200400, 0x08200000, 0x08000401, + 0x00200000, 0x00000400, 0x00000001, 0x08200000, + 0x00200401, 0x00200000, 0x08000400, 0x00200401, + 0x08000401, 0x08200001, 0x00200400, 0x00000001, + 0x08000000, 0x00200001, 0x00200001, 0x00000000, + 0x00000401, 0x08200401, 0x08200401, 0x08000400, + 0x08200001, 0x00000401, 0x00000000, 0x08000001, + 0x08200400, 0x08000000, 0x08000001, 0x00200400, + 0x00200000, 0x08000401, 0x00000400, 0x08000000, + 0x00000001, 0x08200000, 0x08000401, 0x00200401, + 0x08000400, 0x00000001, 0x08200001, 0x08200400, + 0x00200401, 0x00000400, 0x08000000, 0x08200001, + 0x08200401, 0x00200400, 0x08000001, 0x08200401, + 0x08200000, 0x00000000, 0x00200001, 0x08000001, + 0x00200400, 0x08000400, 0x00000401, 0x00200000, + 0x00000000, 0x00200001, 0x08200400, 0x00000401 + }, +/* Box S6 */ { + 0x80000040, 0x81000000, 0x00010000, 0x81010040, + 0x81000000, 0x00000040, 0x81010040, 0x01000000, + 0x80010000, 0x01010040, 0x01000000, 0x80000040, + 0x01000040, 0x80010000, 0x80000000, 0x00010040, + 0x00000000, 0x01000040, 0x80010040, 0x00010000, + 0x01010000, 0x80010040, 0x00000040, 0x81000040, + 0x81000040, 0x00000000, 0x01010040, 0x81010000, + 0x00010040, 0x01010000, 0x81010000, 0x80000000, + 0x80010000, 0x00000040, 0x81000040, 0x01010000, + 0x81010040, 0x01000000, 0x00010040, 0x80000040, + 0x01000000, 0x80010000, 0x80000000, 0x00010040, + 0x80000040, 0x81010040, 0x01010000, 0x81000000, + 0x01010040, 0x81010000, 0x00000000, 0x81000040, + 0x00000040, 0x00010000, 0x81000000, 0x01010040, + 0x00010000, 0x01000040, 0x80010040, 0x00000000, + 0x81010000, 0x80000000, 0x01000040, 0x80010040 + }, +/* Box S7 */ { + 0x00800000, 0x10800008, 0x10002008, 0x00000000, + 0x00002000, 0x10002008, 0x00802008, 0x10802000, + 0x10802008, 0x00800000, 0x00000000, 0x10000008, + 0x00000008, 0x10000000, 0x10800008, 0x00002008, + 0x10002000, 0x00802008, 0x00800008, 0x10002000, + 0x10000008, 0x10800000, 0x10802000, 0x00800008, + 0x10800000, 0x00002000, 0x00002008, 0x10802008, + 0x00802000, 0x00000008, 0x10000000, 0x00802000, + 0x10000000, 0x00802000, 0x00800000, 0x10002008, + 0x10002008, 0x10800008, 0x10800008, 0x00000008, + 0x00800008, 0x10000000, 0x10002000, 0x00800000, + 0x10802000, 0x00002008, 0x00802008, 0x10802000, + 0x00002008, 0x10000008, 0x10802008, 0x10800000, + 0x00802000, 0x00000000, 0x00000008, 0x10802008, + 0x00000000, 0x00802008, 0x10800000, 0x00002000, + 0x10000008, 0x10002000, 0x00002000, 0x00800008 + }, +/* Box S8 */ { + 0x40004100, 0x00004000, 0x00100000, 0x40104100, + 0x40000000, 0x40004100, 0x00000100, 0x40000000, + 0x00100100, 0x40100000, 0x40104100, 0x00104000, + 0x40104000, 0x00104100, 0x00004000, 0x00000100, + 0x40100000, 0x40000100, 0x40004000, 0x00004100, + 0x00104000, 0x00100100, 0x40100100, 0x40104000, + 0x00004100, 0x00000000, 0x00000000, 0x40100100, + 0x40000100, 0x40004000, 0x00104100, 0x00100000, + 0x00104100, 0x00100000, 0x40104000, 0x00004000, + 0x00000100, 0x40100100, 0x00004000, 0x00104100, + 0x40004000, 0x00000100, 0x40000100, 0x40100000, + 0x40100100, 0x40000000, 0x00100000, 0x40004100, + 0x00000000, 0x40104100, 0x00100100, 0x40000100, + 0x40100000, 0x40004000, 0x40004100, 0x00000000, + 0x40104100, 0x00104000, 0x00104000, 0x00004100, + 0x00004100, 0x00100100, 0x40000000, 0x40104000 + } +}; + +static const HALF PC2[8][64] = { +/* table 0 */ { + 0x00000000, 0x00001000, 0x04000000, 0x04001000, + 0x00100000, 0x00101000, 0x04100000, 0x04101000, + 0x00008000, 0x00009000, 0x04008000, 0x04009000, + 0x00108000, 0x00109000, 0x04108000, 0x04109000, + 0x00000004, 0x00001004, 0x04000004, 0x04001004, + 0x00100004, 0x00101004, 0x04100004, 0x04101004, + 0x00008004, 0x00009004, 0x04008004, 0x04009004, + 0x00108004, 0x00109004, 0x04108004, 0x04109004, + 0x08000000, 0x08001000, 0x0c000000, 0x0c001000, + 0x08100000, 0x08101000, 0x0c100000, 0x0c101000, + 0x08008000, 0x08009000, 0x0c008000, 0x0c009000, + 0x08108000, 0x08109000, 0x0c108000, 0x0c109000, + 0x08000004, 0x08001004, 0x0c000004, 0x0c001004, + 0x08100004, 0x08101004, 0x0c100004, 0x0c101004, + 0x08008004, 0x08009004, 0x0c008004, 0x0c009004, + 0x08108004, 0x08109004, 0x0c108004, 0x0c109004 + }, +/* table 1 */ { + 0x00000000, 0x00002000, 0x80000000, 0x80002000, + 0x00000008, 0x00002008, 0x80000008, 0x80002008, + 0x00200000, 0x00202000, 0x80200000, 0x80202000, + 0x00200008, 0x00202008, 0x80200008, 0x80202008, + 0x20000000, 0x20002000, 0xa0000000, 0xa0002000, + 0x20000008, 0x20002008, 0xa0000008, 0xa0002008, + 0x20200000, 0x20202000, 0xa0200000, 0xa0202000, + 0x20200008, 0x20202008, 0xa0200008, 0xa0202008, + 0x00000400, 0x00002400, 0x80000400, 0x80002400, + 0x00000408, 0x00002408, 0x80000408, 0x80002408, + 0x00200400, 0x00202400, 0x80200400, 0x80202400, + 0x00200408, 0x00202408, 0x80200408, 0x80202408, + 0x20000400, 0x20002400, 0xa0000400, 0xa0002400, + 0x20000408, 0x20002408, 0xa0000408, 0xa0002408, + 0x20200400, 0x20202400, 0xa0200400, 0xa0202400, + 0x20200408, 0x20202408, 0xa0200408, 0xa0202408 + }, +/* table 2 */ { + 0x00000000, 0x00004000, 0x00000020, 0x00004020, + 0x00080000, 0x00084000, 0x00080020, 0x00084020, + 0x00000800, 0x00004800, 0x00000820, 0x00004820, + 0x00080800, 0x00084800, 0x00080820, 0x00084820, + 0x00000010, 0x00004010, 0x00000030, 0x00004030, + 0x00080010, 0x00084010, 0x00080030, 0x00084030, + 0x00000810, 0x00004810, 0x00000830, 0x00004830, + 0x00080810, 0x00084810, 0x00080830, 0x00084830, + 0x00400000, 0x00404000, 0x00400020, 0x00404020, + 0x00480000, 0x00484000, 0x00480020, 0x00484020, + 0x00400800, 0x00404800, 0x00400820, 0x00404820, + 0x00480800, 0x00484800, 0x00480820, 0x00484820, + 0x00400010, 0x00404010, 0x00400030, 0x00404030, + 0x00480010, 0x00484010, 0x00480030, 0x00484030, + 0x00400810, 0x00404810, 0x00400830, 0x00404830, + 0x00480810, 0x00484810, 0x00480830, 0x00484830 + }, +/* table 3 */ { + 0x00000000, 0x40000000, 0x00000080, 0x40000080, + 0x00040000, 0x40040000, 0x00040080, 0x40040080, + 0x00000040, 0x40000040, 0x000000c0, 0x400000c0, + 0x00040040, 0x40040040, 0x000400c0, 0x400400c0, + 0x10000000, 0x50000000, 0x10000080, 0x50000080, + 0x10040000, 0x50040000, 0x10040080, 0x50040080, + 0x10000040, 0x50000040, 0x100000c0, 0x500000c0, + 0x10040040, 0x50040040, 0x100400c0, 0x500400c0, + 0x00800000, 0x40800000, 0x00800080, 0x40800080, + 0x00840000, 0x40840000, 0x00840080, 0x40840080, + 0x00800040, 0x40800040, 0x008000c0, 0x408000c0, + 0x00840040, 0x40840040, 0x008400c0, 0x408400c0, + 0x10800000, 0x50800000, 0x10800080, 0x50800080, + 0x10840000, 0x50840000, 0x10840080, 0x50840080, + 0x10800040, 0x50800040, 0x108000c0, 0x508000c0, + 0x10840040, 0x50840040, 0x108400c0, 0x508400c0 + }, +/* table 4 */ { + 0x00000000, 0x00000008, 0x08000000, 0x08000008, + 0x00040000, 0x00040008, 0x08040000, 0x08040008, + 0x00002000, 0x00002008, 0x08002000, 0x08002008, + 0x00042000, 0x00042008, 0x08042000, 0x08042008, + 0x80000000, 0x80000008, 0x88000000, 0x88000008, + 0x80040000, 0x80040008, 0x88040000, 0x88040008, + 0x80002000, 0x80002008, 0x88002000, 0x88002008, + 0x80042000, 0x80042008, 0x88042000, 0x88042008, + 0x00080000, 0x00080008, 0x08080000, 0x08080008, + 0x000c0000, 0x000c0008, 0x080c0000, 0x080c0008, + 0x00082000, 0x00082008, 0x08082000, 0x08082008, + 0x000c2000, 0x000c2008, 0x080c2000, 0x080c2008, + 0x80080000, 0x80080008, 0x88080000, 0x88080008, + 0x800c0000, 0x800c0008, 0x880c0000, 0x880c0008, + 0x80082000, 0x80082008, 0x88082000, 0x88082008, + 0x800c2000, 0x800c2008, 0x880c2000, 0x880c2008 + }, +/* table 5 */ { + 0x00000000, 0x00400000, 0x00008000, 0x00408000, + 0x40000000, 0x40400000, 0x40008000, 0x40408000, + 0x00000020, 0x00400020, 0x00008020, 0x00408020, + 0x40000020, 0x40400020, 0x40008020, 0x40408020, + 0x00001000, 0x00401000, 0x00009000, 0x00409000, + 0x40001000, 0x40401000, 0x40009000, 0x40409000, + 0x00001020, 0x00401020, 0x00009020, 0x00409020, + 0x40001020, 0x40401020, 0x40009020, 0x40409020, + 0x00100000, 0x00500000, 0x00108000, 0x00508000, + 0x40100000, 0x40500000, 0x40108000, 0x40508000, + 0x00100020, 0x00500020, 0x00108020, 0x00508020, + 0x40100020, 0x40500020, 0x40108020, 0x40508020, + 0x00101000, 0x00501000, 0x00109000, 0x00509000, + 0x40101000, 0x40501000, 0x40109000, 0x40509000, + 0x00101020, 0x00501020, 0x00109020, 0x00509020, + 0x40101020, 0x40501020, 0x40109020, 0x40509020 + }, +/* table 6 */ { + 0x00000000, 0x00000040, 0x04000000, 0x04000040, + 0x00000800, 0x00000840, 0x04000800, 0x04000840, + 0x00800000, 0x00800040, 0x04800000, 0x04800040, + 0x00800800, 0x00800840, 0x04800800, 0x04800840, + 0x10000000, 0x10000040, 0x14000000, 0x14000040, + 0x10000800, 0x10000840, 0x14000800, 0x14000840, + 0x10800000, 0x10800040, 0x14800000, 0x14800040, + 0x10800800, 0x10800840, 0x14800800, 0x14800840, + 0x00000080, 0x000000c0, 0x04000080, 0x040000c0, + 0x00000880, 0x000008c0, 0x04000880, 0x040008c0, + 0x00800080, 0x008000c0, 0x04800080, 0x048000c0, + 0x00800880, 0x008008c0, 0x04800880, 0x048008c0, + 0x10000080, 0x100000c0, 0x14000080, 0x140000c0, + 0x10000880, 0x100008c0, 0x14000880, 0x140008c0, + 0x10800080, 0x108000c0, 0x14800080, 0x148000c0, + 0x10800880, 0x108008c0, 0x14800880, 0x148008c0 + }, +/* table 7 */ { + 0x00000000, 0x00000010, 0x00000400, 0x00000410, + 0x00000004, 0x00000014, 0x00000404, 0x00000414, + 0x00004000, 0x00004010, 0x00004400, 0x00004410, + 0x00004004, 0x00004014, 0x00004404, 0x00004414, + 0x20000000, 0x20000010, 0x20000400, 0x20000410, + 0x20000004, 0x20000014, 0x20000404, 0x20000414, + 0x20004000, 0x20004010, 0x20004400, 0x20004410, + 0x20004004, 0x20004014, 0x20004404, 0x20004414, + 0x00200000, 0x00200010, 0x00200400, 0x00200410, + 0x00200004, 0x00200014, 0x00200404, 0x00200414, + 0x00204000, 0x00204010, 0x00204400, 0x00204410, + 0x00204004, 0x00204014, 0x00204404, 0x00204414, + 0x20200000, 0x20200010, 0x20200400, 0x20200410, + 0x20200004, 0x20200014, 0x20200404, 0x20200414, + 0x20204000, 0x20204010, 0x20204400, 0x20204410, + 0x20204004, 0x20204014, 0x20204404, 0x20204414 + } +}; + +/* + * The PC-1 Permutation + * If we number the bits of the 8 bytes of key input like this (in octal): + * 00 01 02 03 04 05 06 07 + * 10 11 12 13 14 15 16 17 + * 20 21 22 23 24 25 26 27 + * 30 31 32 33 34 35 36 37 + * 40 41 42 43 44 45 46 47 + * 50 51 52 53 54 55 56 57 + * 60 61 62 63 64 65 66 67 + * 70 71 72 73 74 75 76 77 + * then after the PC-1 permutation, + * C0 is + * 70 60 50 40 30 20 10 00 + * 71 61 51 41 31 21 11 01 + * 72 62 52 42 32 22 12 02 + * 73 63 53 43 + * D0 is + * 76 66 56 46 36 26 16 06 + * 75 65 55 45 35 25 15 05 + * 74 64 54 44 34 24 14 04 + * 33 23 13 03 + * and these parity bits have been discarded: + * 77 67 57 47 37 27 17 07 + * + * We achieve this by flipping the input matrix about the diagonal from 70-07, + * getting left = + * 77 67 57 47 37 27 17 07 (these are the parity bits) + * 76 66 56 46 36 26 16 06 + * 75 65 55 45 35 25 15 05 + * 74 64 54 44 34 24 14 04 + * right = + * 73 63 53 43 33 23 13 03 + * 72 62 52 42 32 22 12 02 + * 71 61 51 41 31 21 11 01 + * 70 60 50 40 30 20 10 00 + * then byte swap right, ala htonl() on a little endian machine. + * right = + * 70 60 50 40 30 20 10 00 + * 71 67 57 47 37 27 11 07 + * 72 62 52 42 32 22 12 02 + * 73 63 53 43 33 23 13 03 + * then + * c0 = right >> 4; + * d0 = ((left & 0x00ffffff) << 4) | (right & 0xf); +*/ + +#define FLIP_RIGHT_DIAGONAL(word, temp) \ + temp = (word ^ (word >> 18)) & 0x00003333; \ + word ^= temp | (temp << 18); \ + temp = (word ^ (word >> 9)) & 0x00550055; \ + word ^= temp | (temp << 9); + +#define BYTESWAP(word, temp) \ + word = (word >> 16) | (word << 16); \ + temp = 0x00ff00ff; \ + word = ((word & temp) << 8) | ((word >> 8) & temp); + +#define PC1(left, right, c0, d0, temp) \ + right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \ + left ^= temp << 4; \ + FLIP_RIGHT_DIAGONAL(left, temp); \ + FLIP_RIGHT_DIAGONAL(right, temp); \ + BYTESWAP(right, temp); \ + c0 = right >> 4; \ + d0 = ((left & 0x00ffffff) << 4) | (right & 0xf); + +#define LEFT_SHIFT_1( reg ) (((reg << 1) | (reg >> 27)) & 0x0FFFFFFF) +#define LEFT_SHIFT_2( reg ) (((reg << 2) | (reg >> 26)) & 0x0FFFFFFF) + +/* + * setup key schedules from key + */ + +void +DES_MakeSchedule( HALF * ks, BYTE * key, DESDirection direction) +{ + register HALF left, right; + register HALF c0, d0; + register HALF temp; + int delta; + unsigned int ls; + +#if defined(_X86_) + left = HALFPTR(key)[0]; + right = HALFPTR(key)[1]; + BYTESWAP(left, temp); + BYTESWAP(right, temp); +#else + if (((ptrdiff_t)key & 0x03) == 0) { + left = HALFPTR(key)[0]; + right = HALFPTR(key)[1]; +#if defined(IS_LITTLE_ENDIAN) + BYTESWAP(left, temp); + BYTESWAP(right, temp); +#endif + } else { + left = ((HALF)key[0] << 24) | ((HALF)key[1] << 16) | + ((HALF)key[2] << 8) | key[3]; + right = ((HALF)key[4] << 24) | ((HALF)key[5] << 16) | + ((HALF)key[6] << 8) | key[7]; + } +#endif + + PC1(left, right, c0, d0, temp); + + if (direction == DES_ENCRYPT) { + delta = 2 * (int)sizeof(HALF); + } else { + ks += 30; + delta = (-2) * (int)sizeof(HALF); + } + + for (ls = 0x8103; ls; ls >>= 1) { + if ( ls & 1 ) { + c0 = LEFT_SHIFT_1( c0 ); + d0 = LEFT_SHIFT_1( d0 ); + } else { + c0 = LEFT_SHIFT_2( c0 ); + d0 = LEFT_SHIFT_2( d0 ); + } + +#ifdef USE_INDEXING +#define PC2LOOKUP(b,c) PC2[b][c] + + left = PC2LOOKUP(0, ((c0 >> 22) & 0x3F) ); + left |= PC2LOOKUP(1, ((c0 >> 13) & 0x3F) ); + left |= PC2LOOKUP(2, ((c0 >> 4) & 0x38) | (c0 & 0x7) ); + left |= PC2LOOKUP(3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30)); + + right = PC2LOOKUP(4, ((d0 >> 22) & 0x3F) ); + right |= PC2LOOKUP(5, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) ); + right |= PC2LOOKUP(6, ((d0 >> 7) & 0x3F) ); + right |= PC2LOOKUP(7, ((d0 >> 1) & 0x3C) | (d0 & 0x3)); +#else +#define PC2LOOKUP(b,c) *(HALF *)((BYTE *)&PC2[b][0]+(c)) + + left = PC2LOOKUP(0, ((c0 >> 20) & 0xFC) ); + left |= PC2LOOKUP(1, ((c0 >> 11) & 0xFC) ); + left |= PC2LOOKUP(2, ((c0 >> 2) & 0xE0) | ((c0 << 2) & 0x1C) ); + left |= PC2LOOKUP(3, ((c0>>16)&0x30)|((c0>>9)&0xC)|((c0<<2)&0xC0)); + + right = PC2LOOKUP(4, ((d0 >> 20) & 0xFC) ); + right |= PC2LOOKUP(5, ((d0 >> 13) & 0xC0) | ((d0 >> 12) & 0x3C) ); + right |= PC2LOOKUP(6, ((d0 >> 5) & 0xFC) ); + right |= PC2LOOKUP(7, ((d0 << 1) & 0xF0) | ((d0 << 2) & 0x0C)); +#endif + /* left contains key bits for S1 S3 S2 S4 */ + /* right contains key bits for S6 S8 S5 S7 */ + temp = (left << 16) /* S2 S4 XX XX */ + | (right >> 16); /* XX XX S6 S8 */ + ks[0] = temp; + + temp = (left & 0xffff0000) /* S1 S3 XX XX */ + | (right & 0x0000ffff);/* XX XX S5 S7 */ + ks[1] = temp; + + ks = (HALF*)((BYTE *)ks + delta); + } +} + +/* + * The DES Initial Permutation + * if we number the bits of the 8 bytes of input like this (in octal): + * 00 01 02 03 04 05 06 07 + * 10 11 12 13 14 15 16 17 + * 20 21 22 23 24 25 26 27 + * 30 31 32 33 34 35 36 37 + * 40 41 42 43 44 45 46 47 + * 50 51 52 53 54 55 56 57 + * 60 61 62 63 64 65 66 67 + * 70 71 72 73 74 75 76 77 + * then after the initial permutation, they will be in this order. + * 71 61 51 41 31 21 11 01 + * 73 63 53 43 33 23 13 03 + * 75 65 55 45 35 25 15 05 + * 77 67 57 47 37 27 17 07 + * 70 60 50 40 30 20 10 00 + * 72 62 52 42 32 22 12 02 + * 74 64 54 44 34 24 14 04 + * 76 66 56 46 36 26 16 06 + * + * One way to do this is in two steps: + * 1. Flip this matrix about the diagonal from 70-07 as done for PC1. + * 2. Rearrange the bytes (rows in the matrix above) with the following code. + * + * #define swapHiLo(word, temp) \ + * temp = (word ^ (word >> 24)) & 0x000000ff; \ + * word ^= temp | (temp << 24); + * + * right ^= temp = ((left << 8) ^ right) & 0xff00ff00; + * left ^= temp >> 8; + * swapHiLo(left, temp); + * swapHiLo(right,temp); + * + * However, the two steps can be combined, so that the rows are rearranged + * while the matrix is being flipped, reducing the number of bit exchange + * operations from 8 ot 5. + * + * Initial Permutation */ +#define IP(left, right, temp) \ + right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \ + left ^= temp << 4; \ + right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \ + left ^= temp << 16; \ + right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \ + left ^= temp >> 2; \ + right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \ + left ^= temp >> 8; \ + right ^= temp = ((left >> 1) ^ right) & 0x55555555; \ + left ^= temp << 1; + +/* The Final (Inverse Initial) permutation is done by reversing the +** steps of the Initital Permutation +*/ + +#define FP(left, right, temp) \ + right ^= temp = ((left >> 1) ^ right) & 0x55555555; \ + left ^= temp << 1; \ + right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \ + left ^= temp >> 8; \ + right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \ + left ^= temp >> 2; \ + right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \ + left ^= temp << 16; \ + right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \ + left ^= temp << 4; + +void +DES_Do1Block(HALF * ks, const BYTE * inbuf, BYTE * outbuf) +{ + register HALF left, right; + register HALF temp; + +#if defined(_X86_) + left = HALFPTR(inbuf)[0]; + right = HALFPTR(inbuf)[1]; + BYTESWAP(left, temp); + BYTESWAP(right, temp); +#else + if (((ptrdiff_t)inbuf & 0x03) == 0) { + left = HALFPTR(inbuf)[0]; + right = HALFPTR(inbuf)[1]; +#if defined(IS_LITTLE_ENDIAN) + BYTESWAP(left, temp); + BYTESWAP(right, temp); +#endif + } else { + left = ((HALF)inbuf[0] << 24) | ((HALF)inbuf[1] << 16) | + ((HALF)inbuf[2] << 8) | inbuf[3]; + right = ((HALF)inbuf[4] << 24) | ((HALF)inbuf[5] << 16) | + ((HALF)inbuf[6] << 8) | inbuf[7]; + } +#endif + + IP(left, right, temp); + + /* shift the values left circularly 3 bits. */ + left = (left << 3) | (left >> 29); + right = (right << 3) | (right >> 29); + +#ifdef USE_INDEXING +#define KSLOOKUP(s,b) SP[s][((temp >> (b+2)) & 0x3f)] +#else +#define KSLOOKUP(s,b) *(HALF*)((BYTE*)&SP[s][0]+((temp >> b) & 0xFC)) +#endif +#define ROUND(out, in, r) \ + temp = in ^ ks[2*r]; \ + out ^= KSLOOKUP( 1, 24 ); \ + out ^= KSLOOKUP( 3, 16 ); \ + out ^= KSLOOKUP( 5, 8 ); \ + out ^= KSLOOKUP( 7, 0 ); \ + temp = ((in >> 4) | (in << 28)) ^ ks[2*r+1]; \ + out ^= KSLOOKUP( 0, 24 ); \ + out ^= KSLOOKUP( 2, 16 ); \ + out ^= KSLOOKUP( 4, 8 ); \ + out ^= KSLOOKUP( 6, 0 ); + + /* Do the 16 Feistel rounds */ + ROUND(left, right, 0) + ROUND(right, left, 1) + ROUND(left, right, 2) + ROUND(right, left, 3) + ROUND(left, right, 4) + ROUND(right, left, 5) + ROUND(left, right, 6) + ROUND(right, left, 7) + ROUND(left, right, 8) + ROUND(right, left, 9) + ROUND(left, right, 10) + ROUND(right, left, 11) + ROUND(left, right, 12) + ROUND(right, left, 13) + ROUND(left, right, 14) + ROUND(right, left, 15) + + /* now shift circularly right 3 bits to undo the shifting done + ** above. switch left and right here. + */ + temp = (left >> 3) | (left << 29); + left = (right >> 3) | (right << 29); + right = temp; + + FP(left, right, temp); + +#if defined(_X86_) + BYTESWAP(left, temp); + BYTESWAP(right, temp); + HALFPTR(outbuf)[0] = left; + HALFPTR(outbuf)[1] = right; +#else + if (((ptrdiff_t)inbuf & 0x03) == 0) { +#if defined(IS_LITTLE_ENDIAN) + BYTESWAP(left, temp); + BYTESWAP(right, temp); +#endif + HALFPTR(outbuf)[0] = left; + HALFPTR(outbuf)[1] = right; + } else { + outbuf[0] = (BYTE)(left >> 24); + outbuf[1] = (BYTE)(left >> 16); + outbuf[2] = (BYTE)(left >> 8); + outbuf[3] = (BYTE)(left ); + + outbuf[4] = (BYTE)(right >> 24); + outbuf[5] = (BYTE)(right >> 16); + outbuf[6] = (BYTE)(right >> 8); + outbuf[7] = (BYTE)(right ); + } +#endif + +} + +/* Ackowledgements: +** Two ideas used in this implementation were shown to me by Dennis Ferguson +** in 1990. He credits them to Richard Outerbridge and Dan Hoey. They were: +** 1. The method of computing the Initial and Final permutations. +** 2. Circularly rotating the SP tables and the initial values of left and +** right to reduce the number of shifts required during the 16 rounds. +*/ diff --git a/security/nss/lib/freebl/des.h b/security/nss/lib/freebl/des.h new file mode 100644 index 000000000..472896ef1 --- /dev/null +++ b/security/nss/lib/freebl/des.h @@ -0,0 +1,69 @@ +/* + * des.h + * + * header file for DES-150 library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the DES-150 library. + * + * The Initial Developer of the Original Code is Nelson B. Bolyard, + * nelsonb@iname.com. Portions created by Nelson B. Bolyard are + * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#ifndef _DES_H_ +#define _DES_H_ 1 + +#include "blapi.h" + +typedef unsigned char BYTE; +typedef unsigned int HALF; + +#define HALFPTR(x) ((HALF *)(x)) +#define SHORTPTR(x) ((unsigned short *)(x)) +#define BYTEPTR(x) ((BYTE *)(x)) + +typedef enum { + DES_ENCRYPT = 0x5555, + DES_DECRYPT = 0xAAAA +} DESDirection; + +typedef void DESFunc(struct DESContextStr *cx, BYTE *out, const BYTE *in, + unsigned int len); + +struct DESContextStr { + /* key schedule, 16 internal keys, each with 8 6-bit parts */ + HALF ks0 [32]; + HALF ks1 [32]; + HALF ks2 [32]; + HALF iv [2]; + DESDirection direction; + DESFunc *worker; +}; + +void DES_MakeSchedule( HALF * ks, BYTE * key, DESDirection direction); +void DES_Do1Block( HALF * ks, const BYTE * inbuf, BYTE * outbuf); + +#endif diff --git a/security/nss/lib/freebl/desblapi.c b/security/nss/lib/freebl/desblapi.c new file mode 100644 index 000000000..af7e9ca2d --- /dev/null +++ b/security/nss/lib/freebl/desblapi.c @@ -0,0 +1,275 @@ +/* + * desblapi.c + * + * core source file for DES-150 library + * Implement DES Modes of Operation and Triple-DES. + * Adapt DES-150 to blapi API. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the DES-150 library. + * + * The Initial Developer of the Original Code is Nelson B. Bolyard, + * nelsonb@iname.com. Portions created by Nelson B. Bolyard are + * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include "des.h" +#include <stddef.h> +#include "secerr.h" + +#if defined(_X86_) +/* Intel X86 CPUs do unaligned loads and stores without complaint. */ +#define COPY8B(to, from, ptr) \ + HALFPTR(to)[0] = HALFPTR(from)[0]; \ + HALFPTR(to)[1] = HALFPTR(from)[1]; +#elif defined(USE_MEMCPY) +#define COPY8B(to, from, ptr) memcpy(to, from, 8) +#else +#define COPY8B(to, from, ptr) \ + if (((ptrdiff_t)(ptr) & 0x3) == 0) { \ + HALFPTR(to)[0] = HALFPTR(from)[0]; \ + HALFPTR(to)[1] = HALFPTR(from)[1]; \ + } else if (((ptrdiff_t)(ptr) & 0x1) == 0) { \ + SHORTPTR(to)[0] = SHORTPTR(from)[0]; \ + SHORTPTR(to)[1] = SHORTPTR(from)[1]; \ + SHORTPTR(to)[2] = SHORTPTR(from)[2]; \ + SHORTPTR(to)[3] = SHORTPTR(from)[3]; \ + } else { \ + BYTEPTR(to)[0] = BYTEPTR(from)[0]; \ + BYTEPTR(to)[1] = BYTEPTR(from)[1]; \ + BYTEPTR(to)[2] = BYTEPTR(from)[2]; \ + BYTEPTR(to)[3] = BYTEPTR(from)[3]; \ + BYTEPTR(to)[4] = BYTEPTR(from)[4]; \ + BYTEPTR(to)[5] = BYTEPTR(from)[5]; \ + BYTEPTR(to)[6] = BYTEPTR(from)[6]; \ + BYTEPTR(to)[7] = BYTEPTR(from)[7]; \ + } +#endif +#define COPY8BTOHALF(to, from) COPY8B(to, from, from) +#define COPY8BFROMHALF(to, from) COPY8B(to, from, to) + +static void +DES_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + while (len) { + DES_Do1Block(cx->ks0, in, out); + len -= 8; + in += 8; + out += 8; + } +} + +static void +DES_EDE3_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + while (len) { + DES_Do1Block(cx->ks0, in, out); + len -= 8; + in += 8; + DES_Do1Block(cx->ks1, out, out); + DES_Do1Block(cx->ks2, out, out); + out += 8; + } +} + +static void +DES_CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + const BYTE * bufend = in + len; + HALF vec[2]; + + while (in != bufend) { + COPY8BTOHALF(vec, in); + in += 8; + vec[0] ^= cx->iv[0]; + vec[1] ^= cx->iv[1]; + DES_Do1Block( cx->ks0, (BYTE *)vec, (BYTE *)cx->iv); + COPY8BFROMHALF(out, cx->iv); + out += 8; + } +} + +static void +DES_CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + const BYTE * bufend; + HALF oldciphertext[2]; + HALF plaintext [2]; + + for (bufend = in + len; in != bufend; ) { + oldciphertext[0] = cx->iv[0]; + oldciphertext[1] = cx->iv[1]; + COPY8BTOHALF(cx->iv, in); + in += 8; + DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext); + plaintext[0] ^= oldciphertext[0]; + plaintext[1] ^= oldciphertext[1]; + COPY8BFROMHALF(out, plaintext); + out += 8; + } +} + +static void +DES_EDE3CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + const BYTE * bufend = in + len; + HALF vec[2]; + + while (in != bufend) { + COPY8BTOHALF(vec, in); + in += 8; + vec[0] ^= cx->iv[0]; + vec[1] ^= cx->iv[1]; + DES_Do1Block( cx->ks0, (BYTE *)vec, (BYTE *)cx->iv); + DES_Do1Block( cx->ks1, (BYTE *)cx->iv, (BYTE *)cx->iv); + DES_Do1Block( cx->ks2, (BYTE *)cx->iv, (BYTE *)cx->iv); + COPY8BFROMHALF(out, cx->iv); + out += 8; + } +} + +static void +DES_EDE3CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len) +{ + const BYTE * bufend; + HALF oldciphertext[2]; + HALF plaintext [2]; + + for (bufend = in + len; in != bufend; ) { + oldciphertext[0] = cx->iv[0]; + oldciphertext[1] = cx->iv[1]; + COPY8BTOHALF(cx->iv, in); + in += 8; + DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext); + DES_Do1Block(cx->ks1, (BYTE *)plaintext, (BYTE *)plaintext); + DES_Do1Block(cx->ks2, (BYTE *)plaintext, (BYTE *)plaintext); + plaintext[0] ^= oldciphertext[0]; + plaintext[1] ^= oldciphertext[1]; + COPY8BFROMHALF(out, plaintext); + out += 8; + } +} + +DESContext * +DES_CreateContext(BYTE * key, BYTE *iv, int mode, PRBool encrypt) +{ + DESContext *cx = PORT_ZNew(DESContext); + DESDirection opposite; + if (!cx) + return 0; + cx->direction = encrypt ? DES_ENCRYPT : DES_DECRYPT; + opposite = encrypt ? DES_DECRYPT : DES_ENCRYPT; + switch (mode) { + case NSS_DES: /* DES ECB */ + DES_MakeSchedule( cx->ks0, key, cx->direction); + cx->worker = &DES_ECB; + break; + + case NSS_DES_EDE3: /* DES EDE ECB */ + cx->worker = &DES_EDE3_ECB; + if (encrypt) { + DES_MakeSchedule(cx->ks0, key, cx->direction); + DES_MakeSchedule(cx->ks1, key + 8, opposite); + DES_MakeSchedule(cx->ks2, key + 16, cx->direction); + } else { + DES_MakeSchedule(cx->ks2, key, cx->direction); + DES_MakeSchedule(cx->ks1, key + 8, opposite); + DES_MakeSchedule(cx->ks0, key + 16, cx->direction); + } + break; + + case NSS_DES_CBC: /* DES CBC */ + COPY8BTOHALF(cx->iv, iv); + cx->worker = encrypt ? &DES_CBCEn : &DES_CBCDe; + DES_MakeSchedule(cx->ks0, key, cx->direction); + break; + + case NSS_DES_EDE3_CBC: /* DES EDE CBC */ + COPY8BTOHALF(cx->iv, iv); + if (encrypt) { + cx->worker = &DES_EDE3CBCEn; + DES_MakeSchedule(cx->ks0, key, cx->direction); + DES_MakeSchedule(cx->ks1, key + 8, opposite); + DES_MakeSchedule(cx->ks2, key + 16, cx->direction); + } else { + cx->worker = &DES_EDE3CBCDe; + DES_MakeSchedule(cx->ks2, key, cx->direction); + DES_MakeSchedule(cx->ks1, key + 8, opposite); + DES_MakeSchedule(cx->ks0, key + 16, cx->direction); + } + break; + + default: + PORT_Free(cx); + cx = 0; + PORT_SetError(SEC_ERROR_INVALID_ARGS); + break; + } + return cx; +} + +void +DES_DestroyContext(DESContext *cx, PRBool freeit) +{ + if (cx) { + memset(cx, 0, sizeof *cx); + if (freeit) + PORT_Free(cx); + } +} + +SECStatus +DES_Encrypt(DESContext *cx, BYTE *out, unsigned int *outLen, + unsigned int maxOutLen, const BYTE *in, unsigned int inLen) +{ + + if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx || + cx->direction != DES_ENCRYPT) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + cx->worker(cx, out, in, inLen); + if (outLen) + *outLen = inLen; + return SECSuccess; +} + +SECStatus +DES_Decrypt(DESContext *cx, BYTE *out, unsigned int *outLen, + unsigned int maxOutLen, const BYTE *in, unsigned int inLen) +{ + + if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx || + cx->direction != DES_DECRYPT) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + cx->worker(cx, out, in, inLen); + if (outLen) + *outLen = inLen; + return SECSuccess; +} diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c new file mode 100644 index 000000000..6c369b6dd --- /dev/null +++ b/security/nss/lib/freebl/dh.c @@ -0,0 +1,385 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +/* + * Diffie-Hellman parameter generation, key generation, and secret derivation. + * KEA secret generation and verification. + * + * $Id$ + */ + +#include "prerr.h" +#include "secerr.h" + +#include "blapi.h" +#include "secitem.h" +#include "mpi.h" +#include "mpprime.h" +#include "secmpi.h" + +#define DH_SECRET_KEY_LEN 20 +#define KEA_DERIVED_SECRET_LEN 128 + +SECStatus +DH_GenParam(int primeLen, DHParams **params) +{ + PRArenaPool *arena; + DHParams *dhparams; + unsigned char *pb = NULL; + unsigned char *ab = NULL; + unsigned long counter = 0; + mp_int p, q, a, h, psub1, test; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + if (!params || primeLen < 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return SECFailure; + } + dhparams = (DHParams *)PORT_ArenaZAlloc(arena, sizeof(DHParams)); + if (!dhparams) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + return SECFailure; + } + dhparams->arena = arena; + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&a) = 0; + MP_DIGITS(&h) = 0; + MP_DIGITS(&psub1) = 0; + MP_DIGITS(&test) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&q) ); + CHECK_MPI_OK( mp_init(&a) ); + CHECK_MPI_OK( mp_init(&h) ); + CHECK_MPI_OK( mp_init(&psub1) ); + CHECK_MPI_OK( mp_init(&test) ); + /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */ + pb = PORT_Alloc(primeLen); + CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) ); + pb[0] |= 0x80; /* set high-order bit */ + pb[primeLen-1] |= 0x01; /* set low-order bit */ + CHECK_MPI_OK( mp_read_unsigned_octets(&p, pb, primeLen) ); + CHECK_MPI_OK( mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter) ); + /* construct Sophie-Germain prime q = (p-1)/2. */ + CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) ); + CHECK_MPI_OK( mp_div_2(&psub1, &q) ); + /* construct a generator from the prime. */ + ab = PORT_Alloc(primeLen); + /* generate a candidate number a in p's field */ + CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(ab, primeLen) ); + CHECK_MPI_OK( mp_read_unsigned_octets(&a, ab, primeLen) ); + /* force a < p (note that quot(a/p) <= 1) */ + if ( mp_cmp(&a, &p) > 0 ) + CHECK_MPI_OK( mp_sub(&a, &p, &a) ); + do { + /* check that a is in the range [2..p-1] */ + if ( mp_cmp_d(&a, 2) < 0 || mp_cmp(&a, &psub1) >= 0) { + /* a is outside of the allowed range. Set a=3 and keep going. */ + mp_set(&a, 3); + } + /* if a**q mod p != 1 then a is a generator */ + CHECK_MPI_OK( mp_exptmod(&a, &q, &p, &test) ); + if ( mp_cmp_d(&test, 1) != 0 ) + break; + /* increment the candidate and try again. */ + CHECK_MPI_OK( mp_add_d(&a, 1, &a) ); + } while (PR_TRUE); + MPINT_TO_SECITEM(&p, &dhparams->prime, arena); + MPINT_TO_SECITEM(&a, &dhparams->base, arena); + *params = dhparams; +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&a); + mp_clear(&h); + mp_clear(&psub1); + mp_clear(&test); + if (pb) PORT_ZFree(pb, primeLen); + if (ab) PORT_ZFree(ab, primeLen); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + if (rv) + PORT_FreeArena(arena, PR_TRUE); + return rv; +} + +SECStatus +DH_NewKey(DHParams *params, DHPrivateKey **privKey) +{ + PRArenaPool *arena; + DHPrivateKey *key; + mp_int g, xa, p, Ya; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + if (!params || !privKey) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return SECFailure; + } + key = (DHPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DHPrivateKey)); + if (!key) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + return SECFailure; + } + key->arena = arena; + MP_DIGITS(&g) = 0; + MP_DIGITS(&xa) = 0; + MP_DIGITS(&p) = 0; + MP_DIGITS(&Ya) = 0; + CHECK_MPI_OK( mp_init(&g) ); + CHECK_MPI_OK( mp_init(&xa) ); + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&Ya) ); + /* Set private key's p */ + CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, ¶ms->prime) ); + SECITEM_TO_MPINT(key->prime, &p); + /* Set private key's g */ + CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, ¶ms->base) ); + SECITEM_TO_MPINT(key->base, &g); + /* Generate private key xa */ + SECITEM_AllocItem(arena, &key->privateValue, DH_SECRET_KEY_LEN); + RNG_GenerateGlobalRandomBytes(key->privateValue.data, + key->privateValue.len); + SECITEM_TO_MPINT( key->privateValue, &xa ); + /* xa < p */ + CHECK_MPI_OK( mp_mod(&xa, &p, &xa) ); + /* Compute public key Ya = g ** xa mod p */ + CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) ); + MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena); + *privKey = key; +cleanup: + mp_clear(&g); + mp_clear(&xa); + mp_clear(&p); + mp_clear(&Ya); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + if (rv) + PORT_FreeArena(arena, PR_TRUE); + return rv; +} + +SECStatus +DH_Derive(SECItem *publicValue, + SECItem *prime, + SECItem *privateValue, + SECItem *derivedSecret, + unsigned int maxOutBytes) +{ + mp_int p, Xa, Yb, ZZ; + mp_err err = MP_OKAY; + unsigned int len = 0, nb; + unsigned char *secret = NULL; + if (!publicValue || !prime || !privateValue || !derivedSecret) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + memset(derivedSecret, 0, sizeof *derivedSecret); + MP_DIGITS(&p) = 0; + MP_DIGITS(&Xa) = 0; + MP_DIGITS(&Yb) = 0; + MP_DIGITS(&ZZ) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&Xa) ); + CHECK_MPI_OK( mp_init(&Yb) ); + CHECK_MPI_OK( mp_init(&ZZ) ); + SECITEM_TO_MPINT(*publicValue, &Yb); + SECITEM_TO_MPINT(*privateValue, &Xa); + SECITEM_TO_MPINT(*prime, &p); + /* ZZ = (Yb)**Xa mod p */ + CHECK_MPI_OK( mp_exptmod(&Yb, &Xa, &p, &ZZ) ); + /* number of bytes in the derived secret */ + len = mp_unsigned_octet_size(&ZZ); + /* allocate a buffer which can hold the entire derived secret. */ + secret = PORT_Alloc(len); + /* grab the derived secret */ + err = mp_to_unsigned_octets(&ZZ, secret, len); + if (err >= 0) err = MP_OKAY; + /* Take minimum of bytes requested and bytes in derived secret, + ** if maxOutBytes is 0 take all of the bytes from the derived secret. + */ + if (maxOutBytes > 0) + nb = PR_MIN(len, maxOutBytes); + else + nb = len; + SECITEM_AllocItem(NULL, derivedSecret, nb); + memcpy(derivedSecret->data, secret, nb); +cleanup: + mp_clear(&p); + mp_clear(&Xa); + mp_clear(&Yb); + mp_clear(&ZZ); + if (secret) { + /* free the buffer allocated for the full secret. */ + PORT_ZFree(secret, len); + } + if (err) { + MP_TO_SEC_ERROR(err); + if (derivedSecret->data) + PORT_ZFree(derivedSecret->data, derivedSecret->len); + return SECFailure; + } + return SECSuccess; +} + +SECStatus +KEA_Derive(SECItem *prime, + SECItem *public1, + SECItem *public2, + SECItem *private1, + SECItem *private2, + SECItem *derivedSecret) +{ + mp_int p, Y, R, r, x, t, u, w; + mp_err err; + unsigned char *secret = NULL; + unsigned int len = 0, offset; + if (!prime || !public1 || !public2 || !private1 || !private2 || + !derivedSecret) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + memset(derivedSecret, 0, sizeof *derivedSecret); + MP_DIGITS(&p) = 0; + MP_DIGITS(&Y) = 0; + MP_DIGITS(&R) = 0; + MP_DIGITS(&r) = 0; + MP_DIGITS(&x) = 0; + MP_DIGITS(&t) = 0; + MP_DIGITS(&u) = 0; + MP_DIGITS(&w) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&Y) ); + CHECK_MPI_OK( mp_init(&R) ); + CHECK_MPI_OK( mp_init(&r) ); + CHECK_MPI_OK( mp_init(&x) ); + CHECK_MPI_OK( mp_init(&t) ); + CHECK_MPI_OK( mp_init(&u) ); + CHECK_MPI_OK( mp_init(&w) ); + SECITEM_TO_MPINT(*prime, &p); + SECITEM_TO_MPINT(*public1, &Y); + SECITEM_TO_MPINT(*public2, &R); + SECITEM_TO_MPINT(*private1, &r); + SECITEM_TO_MPINT(*private2, &x); + /* t = DH(Y, r, p) = Y ** r mod p */ + CHECK_MPI_OK( mp_exptmod(&Y, &r, &p, &t) ); + /* u = DH(R, x, p) = R ** x mod p */ + CHECK_MPI_OK( mp_exptmod(&R, &x, &p, &u) ); + /* w = (t + u) mod p */ + CHECK_MPI_OK( mp_addmod(&t, &u, &p, &w) ); + /* allocate a buffer for the full derived secret */ + len = mp_unsigned_octet_size(&w); + secret = PORT_Alloc(len); + /* grab the secret */ + err = mp_to_unsigned_octets(&w, secret, len); + if (err > 0) err = MP_OKAY; + /* allocate output buffer */ + SECITEM_AllocItem(NULL, derivedSecret, KEA_DERIVED_SECRET_LEN); + memset(derivedSecret->data, 0, derivedSecret->len); + /* copy in the 128 lsb of the secret */ + if (len >= KEA_DERIVED_SECRET_LEN) { + memcpy(derivedSecret->data, secret + (len - KEA_DERIVED_SECRET_LEN), + KEA_DERIVED_SECRET_LEN); + } else { + offset = KEA_DERIVED_SECRET_LEN - len; + memcpy(derivedSecret->data + offset, secret, len); + } +cleanup: + mp_clear(&p); + mp_clear(&Y); + mp_clear(&R); + mp_clear(&r); + mp_clear(&x); + mp_clear(&t); + mp_clear(&u); + mp_clear(&w); + if (secret) + PORT_ZFree(secret, len); + if (err) { + MP_TO_SEC_ERROR(err); + return SECFailure; + } + return SECSuccess; +} + +PRBool +KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime) +{ + mp_int p, q, y, r; + mp_err err; + int cmp = 1; /* default is false */ + if (!Y || !prime || !subPrime) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&y) = 0; + MP_DIGITS(&r) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&q) ); + CHECK_MPI_OK( mp_init(&y) ); + CHECK_MPI_OK( mp_init(&r) ); + SECITEM_TO_MPINT(*prime, &p); + SECITEM_TO_MPINT(*subPrime, &q); + SECITEM_TO_MPINT(*Y, &y); + /* compute r = y**q mod p */ + CHECK_MPI_OK( mp_exptmod(&y, &q, &p, &r) ); + /* compare to 1 */ + cmp = mp_cmp_d(&r, 1); +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&y); + mp_clear(&r); + if (err) { + MP_TO_SEC_ERROR(err); + return PR_FALSE; + } + return (cmp == 0) ? PR_TRUE : PR_FALSE; +} diff --git a/security/nss/lib/freebl/dh_bsf.c b/security/nss/lib/freebl/dh_bsf.c new file mode 100644 index 000000000..f366363bf --- /dev/null +++ b/security/nss/lib/freebl/dh_bsf.c @@ -0,0 +1,82 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "prerr.h" +#include "secerr.h" + +#include "blapi.h" + +SECStatus +DH_GenParam(int primeLen, DHParams ** params) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +SECStatus +DH_NewKey(DHParams * params, + DHPrivateKey ** privKey) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +SECStatus +DH_Derive(SECItem * publicValue, + SECItem * prime, + SECItem * privateValue, + SECItem * derivedSecret, + unsigned int maxOutBytes) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +SECStatus +KEA_Derive(SECItem *prime, + SECItem *public1, + SECItem *public2, + SECItem *private1, + SECItem *private2, + SECItem *derivedSecret) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return SECFailure; +} + +PRBool +KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); + return PR_FALSE; +} diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c new file mode 100644 index 000000000..63a5e08b3 --- /dev/null +++ b/security/nss/lib/freebl/dsa.c @@ -0,0 +1,415 @@ +/* + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "secerr.h" + +#include "prtypes.h" +#include "prinit.h" +#include "blapi.h" +#include "nssilock.h" +#include "secitem.h" +#include "blapi.h" +#include "mpi.h" + + /* XXX to be replaced by define in blapit.h */ +#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048 + +#define CHECKOK(func) if (MP_OKAY > (err = func)) goto cleanup + +#define SECITEM_TO_MPINT(it, mp) \ + CHECKOK(mp_read_unsigned_octets((mp), (it).data, (it).len)) + +/* DSA-specific random number functions defined in prng_fips1861.c. */ +extern SECStatus +DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q); + +extern SECStatus +DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q); + +static void translate_mpi_error(mp_err err) +{ + switch (err) { + case MP_MEM: PORT_SetError(SEC_ERROR_NO_MEMORY); break; + case MP_RANGE: PORT_SetError(SEC_ERROR_BAD_DATA); break; + case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS); break; + default: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break; + } +} + +SECStatus +dsa_NewKey(const PQGParams *params, DSAPrivateKey **privKey, + const unsigned char *xb) +{ + unsigned int y_len; + mp_int p, g; + mp_int x, y; + mp_err err; + PRArenaPool *arena; + DSAPrivateKey *key; + /* Check args. */ + if (!params || !privKey) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* Initialize an arena for the DSA key. */ + arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return SECFailure; + } + key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); + if (!key) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + return SECFailure; + } + key->params.arena = arena; + /* Initialize MPI integers. */ + MP_DIGITS(&p) = 0; + MP_DIGITS(&g) = 0; + MP_DIGITS(&x) = 0; + MP_DIGITS(&y) = 0; + CHECKOK( mp_init(&p) ); + CHECKOK( mp_init(&g) ); + CHECKOK( mp_init(&x) ); + CHECKOK( mp_init(&y) ); + /* Copy over the PQG params */ + CHECKOK( SECITEM_CopyItem(arena, &key->params.prime, ¶ms->prime) ); + CHECKOK( SECITEM_CopyItem(arena, &key->params.subPrime, ¶ms->subPrime)); + CHECKOK( SECITEM_CopyItem(arena, &key->params.base, ¶ms->base) ); + /* Convert stored p, g, and received x into MPI integers. */ + SECITEM_TO_MPINT(params->prime, &p); + SECITEM_TO_MPINT(params->base, &g); + CHECKOK( mp_read_unsigned_octets(&x, xb, DSA_SUBPRIME_LEN) ); + /* Store x in private key */ + SECITEM_AllocItem(arena, &key->privateValue, DSA_SUBPRIME_LEN); + memcpy(key->privateValue.data, xb, DSA_SUBPRIME_LEN); + /* Compute public key y = g**x mod p */ + CHECKOK( mp_exptmod(&g, &x, &p, &y) ); + /* Store y in public key */ + y_len = mp_unsigned_octet_size(&y); + SECITEM_AllocItem(arena, &key->publicValue, y_len); + err = mp_to_unsigned_octets(&y, key->publicValue.data, y_len); + /* mp_to_unsigned_octets returns bytes written (y_len) if okay */ + if (err < 0) goto cleanup; else err = MP_OKAY; + *privKey = key; + key = NULL; +cleanup: + mp_clear(&p); + mp_clear(&g); + mp_clear(&x); + mp_clear(&y); + if (key) + PORT_FreeArena(key->params.arena, PR_TRUE); + if (err) { + translate_mpi_error(err); + return SECFailure; + } + return SECSuccess; +} + +/* +** Generate and return a new DSA public and private key pair, +** both of which are encoded into a single DSAPrivateKey struct. +** "params" is a pointer to the PQG parameters for the domain +** Uses a random seed. +*/ +SECStatus +DSA_NewKey(const PQGParams *params, DSAPrivateKey **privKey) +{ + SECStatus rv; + unsigned char seed[DSA_SUBPRIME_LEN]; + /* Generate seed bytes for x according to FIPS 186-1 appendix 3 */ + if (DSA_GenerateGlobalRandomBytes(seed, DSA_SUBPRIME_LEN, + params->subPrime.data)) + return SECFailure; + /* Generate a new DSA key using random seed. */ + rv = dsa_NewKey(params, privKey, seed); + return rv; +} + +/* For FIPS compliance testing. Seed must be exactly 20 bytes long */ +SECStatus +DSA_NewKeyFromSeed(const PQGParams *params, + const unsigned char *seed, + DSAPrivateKey **privKey) +{ + SECStatus rv; + rv = dsa_NewKey(params, privKey, seed); + return rv; +} + +SECStatus +dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, + const unsigned char *kb) +{ + mp_int p, q, g; /* PQG parameters */ + mp_int x, k; /* private key & pseudo-random integer */ + mp_int r, s; /* tuple (r, s) is signature) */ + mp_err err; + + /* FIPS-compliance dictates that digest is a SHA1 hash. */ + /* Check args. */ + if (!key || !signature || !digest || + (signature->len != DSA_SIGNATURE_LEN) || + (digest->len != SHA1_LENGTH)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* Initialize MPI integers. */ + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&g) = 0; + MP_DIGITS(&x) = 0; + MP_DIGITS(&k) = 0; + MP_DIGITS(&r) = 0; + MP_DIGITS(&s) = 0; + CHECKOK( mp_init(&p) ); + CHECKOK( mp_init(&q) ); + CHECKOK( mp_init(&g) ); + CHECKOK( mp_init(&x) ); + CHECKOK( mp_init(&k) ); + CHECKOK( mp_init(&r) ); + CHECKOK( mp_init(&s) ); + /* + ** Convert stored PQG and private key into MPI integers. + */ + SECITEM_TO_MPINT(key->params.prime, &p); + SECITEM_TO_MPINT(key->params.subPrime, &q); + SECITEM_TO_MPINT(key->params.base, &g); + SECITEM_TO_MPINT(key->privateValue, &x); + CHECKOK( mp_read_unsigned_octets(&k, kb, DSA_SUBPRIME_LEN) ); + /* + ** FIPS 186-1, Section 5, Step 1 + ** + ** r = (g**k mod p) mod q + */ + CHECKOK( mp_exptmod(&g, &k, &p, &r) ); /* r = g**k mod p */ + CHECKOK( mp_mod(&r, &q, &r) ); /* r = r mod q */ + /* + ** FIPS 186-1, Section 5, Step 2 + ** + ** s = (k**-1 * (SHA1(M) + x*r)) mod q + */ + SECITEM_TO_MPINT(*digest, &s); /* s = SHA1(M) */ + CHECKOK( mp_invmod(&k, &q, &k) ); /* k = k**-1 mod q */ + CHECKOK( mp_mulmod(&x, &r, &q, &x) ); /* x = x * r mod q */ + CHECKOK( mp_addmod(&s, &x, &q, &s) ); /* s = s + x mod q */ + CHECKOK( mp_mulmod(&s, &k, &q, &s) ); /* s = s * k mod q */ + /* + ** verify r != 0 and s != 0 + ** mentioned as optional in FIPS 186-1. + */ + if (mp_cmp_z(&r) == 0 || mp_cmp_z(&s) == 0) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + err = MP_UNDEF; + goto cleanup; + } + /* + ** Step 4 + ** + ** Signature is tuple (r, s) + */ + err = mp_to_fixlen_octets(&r, signature->data, DSA_SUBPRIME_LEN); + if (err < 0) goto cleanup; else err = MP_OKAY; + err = mp_to_fixlen_octets(&s, signature->data + DSA_SUBPRIME_LEN, + DSA_SUBPRIME_LEN); + if (err < 0) goto cleanup; else err = MP_OKAY; +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&g); + mp_clear(&x); + mp_clear(&k); + mp_clear(&r); + mp_clear(&s); + if (err) { + translate_mpi_error(err); + return SECFailure; + } + return SECSuccess; +} + +/* signature is caller-supplied buffer of at least 20 bytes. +** On input, signature->len == size of buffer to hold signature. +** digest->len == size of digest. +** On output, signature->len == size of signature in buffer. +** Uses a random seed. +*/ +SECStatus +DSA_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest) +{ + SECStatus rv; + int prerr = 0; + unsigned char KSEED[DSA_SUBPRIME_LEN]; + rv = DSA_GenerateGlobalRandomBytes(KSEED, DSA_SUBPRIME_LEN, + key->params.subPrime.data); + if (rv) return rv; + do { + rv = dsa_SignDigest(key, signature, digest, KSEED); + if (rv) prerr = PORT_GetError(); + } while (prerr == SEC_ERROR_NEED_RANDOM); + return rv; +} + +/* For FIPS compliance testing. Seed must be exactly 20 bytes. */ +SECStatus +DSA_SignDigestWithSeed(DSAPrivateKey * key, + SECItem * signature, + const SECItem * digest, + const unsigned char * seed) +{ + SECStatus rv; + rv = dsa_SignDigest(key, signature, digest, seed); + return rv; +} + +/* signature is caller-supplied buffer of at least 20 bytes. +** On input, signature->len == size of buffer to hold signature. +** digest->len == size of digest. +*/ +SECStatus +DSA_VerifyDigest(DSAPublicKey *key, const SECItem *signature, + const SECItem *digest) +{ + /* FIPS-compliance dictates that digest is a SHA1 hash. */ + mp_int p, q, g; /* PQG parameters */ + mp_int r_, s_; /* tuple (r', s') is received signature) */ + mp_int u1, u2, v, w; /* intermediate values used in verification */ + mp_int y; /* public key */ + mp_err err; + SECStatus verified = SECFailure; + + /* Check args. */ + if (!key || !signature || !digest || + (signature->len != DSA_SIGNATURE_LEN) || + (digest->len != SHA1_LENGTH)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* Initialize MPI integers. */ + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&g) = 0; + MP_DIGITS(&y) = 0; + MP_DIGITS(&r_) = 0; + MP_DIGITS(&s_) = 0; + MP_DIGITS(&u1) = 0; + MP_DIGITS(&u2) = 0; + MP_DIGITS(&v) = 0; + MP_DIGITS(&w) = 0; + CHECKOK( mp_init(&p) ); + CHECKOK( mp_init(&q) ); + CHECKOK( mp_init(&g) ); + CHECKOK( mp_init(&y) ); + CHECKOK( mp_init(&r_) ); + CHECKOK( mp_init(&s_) ); + CHECKOK( mp_init(&u1) ); + CHECKOK( mp_init(&u2) ); + CHECKOK( mp_init(&v) ); + CHECKOK( mp_init(&w) ); + /* + ** Convert stored PQG and public key into MPI integers. + */ + SECITEM_TO_MPINT(key->params.prime, &p); + SECITEM_TO_MPINT(key->params.subPrime, &q); + SECITEM_TO_MPINT(key->params.base, &g); + SECITEM_TO_MPINT(key->publicValue, &y); + /* + ** Convert received signature (r', s') into MPI integers. + */ + CHECKOK( mp_read_unsigned_octets(&r_, signature->data, DSA_SUBPRIME_LEN) ); + CHECKOK( mp_read_unsigned_octets(&s_, signature->data + DSA_SUBPRIME_LEN, + DSA_SUBPRIME_LEN) ); + /* + ** Verify that 0 < r' < q and 0 < s' < q + */ + if (mp_cmp_z(&r_) <= 0 || mp_cmp_z(&s_) <= 0 || + mp_cmp(&r_, &q) >= 0 || mp_cmp(&s_, &q) >= 0) + goto cleanup; /* will return verified == SECFailure */ + /* + ** FIPS 186-1, Section 6, Step 1 + ** + ** w = (s')**-1 mod q + */ + CHECKOK( mp_invmod(&s_, &q, &w) ); /* w = (s')**-1 mod q */ + /* + ** FIPS 186-1, Section 6, Step 2 + ** + ** u1 = ((SHA1(M')) * w) mod q + */ + SECITEM_TO_MPINT(*digest, &u1); /* u1 = SHA1(M') */ + CHECKOK( mp_mulmod(&u1, &w, &q, &u1) ); /* u1 = u1 * w mod q */ + /* + ** FIPS 186-1, Section 6, Step 3 + ** + ** u2 = ((r') * w) mod q + */ + CHECKOK( mp_mulmod(&r_, &w, &q, &u2) ); + /* + ** FIPS 186-1, Section 6, Step 4 + ** + ** v = ((g**u1 * y**u2) mod p) mod q + */ + CHECKOK( mp_exptmod(&g, &u1, &p, &g) ); /* g = g**u1 mod p */ + CHECKOK( mp_exptmod(&y, &u2, &p, &y) ); /* y = y**u2 mod p */ + CHECKOK( mp_mulmod(&g, &y, &p, &v) ); /* v = g * y mod p */ + CHECKOK( mp_mod(&v, &q, &v) ); /* v = v mod q */ + /* + ** Verification: v == r' + */ + if (mp_cmp(&v, &r_)) { + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + verified = SECFailure; /* Signature failed to verify. */ + } else { + verified = SECSuccess; /* Signature verified. */ + } +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&g); + mp_clear(&y); + mp_clear(&r_); + mp_clear(&s_); + mp_clear(&u1); + mp_clear(&u2); + mp_clear(&v); + mp_clear(&w); + if (err) { + translate_mpi_error(err); + } + return verified; +} diff --git a/security/nss/lib/freebl/fblstdlib.c b/security/nss/lib/freebl/fblstdlib.c new file mode 100755 index 000000000..7aeb8efef --- /dev/null +++ b/security/nss/lib/freebl/fblstdlib.c @@ -0,0 +1,120 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <plstr.h> +#include "aglobal.h" +#include "bsafe.h" +#include "secport.h" + +void CALL_CONV T_memset (p, c, count) +POINTER p; +int c; +unsigned int count; +{ + if (count >= 0) + memset(p, c, count); +} + +void CALL_CONV T_memcpy (d, s, count) +POINTER d, s; +unsigned int count; +{ + if (count >= 0) + memcpy(d, s, count); +} + +void CALL_CONV T_memmove (d, s, count) +POINTER d, s; +unsigned int count; +{ + if (count >= 0) + PORT_Memmove(d, s, count); +} + +int CALL_CONV T_memcmp (s1, s2, count) +POINTER s1, s2; +unsigned int count; +{ + if (count == 0) + return (0); + else + return(memcmp(s1, s2, count)); +} + +POINTER CALL_CONV T_malloc (size) +unsigned int size; +{ + return((POINTER)PORT_Alloc(size == 0 ? 1 : size)); +} + +POINTER CALL_CONV T_realloc (p, size) +POINTER p; +unsigned int size; +{ + POINTER result; + + if (p == NULL_PTR) + return (T_malloc(size)); + + if ((result = (POINTER)PORT_Realloc(p, size == 0 ? 1 : size)) == NULL_PTR) + PORT_Free(p); + return (result); +} + +void CALL_CONV T_free (p) +POINTER p; +{ + if (p != NULL_PTR) + PORT_Free(p); +} + +unsigned int CALL_CONV T_strlen(p) +char *p; +{ + return PL_strlen(p); +} + +void CALL_CONV T_strcpy(dest, src) +char *dest; +char *src; +{ + PL_strcpy(dest, src); +} + +int CALL_CONV T_strcmp (a, b) +char *a, *b; +{ + return (PL_strcmp (a, b)); +} diff --git a/security/nss/lib/freebl/ldvector.c b/security/nss/lib/freebl/ldvector.c new file mode 100644 index 000000000..ef97116e3 --- /dev/null +++ b/security/nss/lib/freebl/ldvector.c @@ -0,0 +1,127 @@ +/* + * ldvector.c - platform dependent DSO containing freebl implementation. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "loader.h" + +static const struct FREEBLVectorStr vector = { + + sizeof vector, + FREEBL_VERSION, + + RSA_NewKey, + RSA_PublicKeyOp, + RSA_PrivateKeyOp, + DSA_NewKey, + DSA_SignDigest, + DSA_VerifyDigest, + DSA_NewKeyFromSeed, + DSA_SignDigestWithSeed, + DH_GenParam, + DH_NewKey, + DH_Derive, + KEA_Derive, + KEA_Verify, + RC4_CreateContext, + RC4_DestroyContext, + RC4_Encrypt, + RC4_Decrypt, + RC2_CreateContext, + RC2_DestroyContext, + RC2_Encrypt, + RC2_Decrypt, + RC5_CreateContext, + RC5_DestroyContext, + RC5_Encrypt, + RC5_Decrypt, + DES_CreateContext, + DES_DestroyContext, + DES_Encrypt, + DES_Decrypt, + AES_CreateContext, + AES_DestroyContext, + AES_Encrypt, + AES_Decrypt, + MD5_Hash, + MD5_HashBuf, + MD5_NewContext, + MD5_DestroyContext, + MD5_Begin, + MD5_Update, + MD5_End, + MD5_FlattenSize, + MD5_Flatten, + MD5_Resurrect, + MD5_TraceState, + MD2_Hash, + MD2_NewContext, + MD2_DestroyContext, + MD2_Begin, + MD2_Update, + MD2_End, + MD2_FlattenSize, + MD2_Flatten, + MD2_Resurrect, + SHA1_Hash, + SHA1_HashBuf, + SHA1_NewContext, + SHA1_DestroyContext, + SHA1_Begin, + SHA1_Update, + SHA1_End, + SHA1_TraceState, + SHA1_FlattenSize, + SHA1_Flatten, + SHA1_Resurrect, + RNG_RNGInit, + RNG_RandomUpdate, + RNG_GenerateGlobalRandomBytes, + RNG_RNGShutdown, + PQG_ParamGen, + PQG_ParamGenSeedLen, + PQG_VerifyParams, + RSA_PrivateKeyOpDoubleChecked, + RSA_PrivateKeyCheck, + BL_Cleanup, +}; + + +const FREEBLVector * +FREEBL_GetVector(void) +{ + return &vector; +} + diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c new file mode 100644 index 000000000..c1045faef --- /dev/null +++ b/security/nss/lib/freebl/loader.c @@ -0,0 +1,959 @@ +/* + * loader.c - load platform dependent DSO containing freebl implementation. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "loader.h" +#include "prmem.h" +#include "prerror.h" +#include "prinit.h" + +#if defined(SOLARIS) +#include <stddef.h> +#include <strings.h> +#include <sys/systeminfo.h> +#if defined(SOLARIS2_5) +static int +isHybrid(void) +{ + long buflen; + int rv = 0; /* false */ + char buf[256]; + buflen = sysinfo(SI_MACHINE, buf, sizeof buf); + if (buflen > 0) { + rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1")); + } + return rv; +} +#else /* SunOS2.6or higher has SI_ISALIST */ + +static int +isHybrid(void) +{ + long buflen; + int rv = 0; /* false */ + char buf[256]; + buflen = sysinfo(SI_ISALIST, buf, sizeof buf); + if (buflen > 0) { +#if defined(NSS_USE_64) + char * found = strstr(buf, "sparcv9+vis"); +#else + char * found = strstr(buf, "sparcv8plus+vis"); +#endif + rv = (found != 0); + } + return rv; +} +#endif +#elif defined(HPUX) +/* This code tests to see if we're running on a PA2.x CPU. +** It returns true (1) if so, and false (0) otherwise. +*/ +static int +isHybrid(void) +{ + long cpu = sysconf(_SC_CPU_VERSION); + return (cpu == CPU_PA_RISC2_0); +} + +#else +#error "code for this platform is missing." +#endif + +/* + * On Solaris, if an application using libnss3.so is linked + * with the -R linker option, the -R search patch is only used + * to search for the direct dependencies of the application + * (such as libnss3.so) and is not used to search for the + * dependencies of libnss3.so. So we build libnss3.so with + * the -R '$ORIGIN' linker option to instruct it to search for + * its dependencies (libfreebl_*.so) in the same directory + * where it resides. This requires that libnss3.so, not + * libnspr4.so, be the shared library that calls dlopen(). + * Therefore we have to duplicate the relevant code in the PR + * load library functions here. + */ + +#if defined(SOLARIS) + +#include <dlfcn.h> + +typedef struct { + void *dlh; +} BLLibrary; + +static BLLibrary * +bl_LoadLibrary(const char *name) +{ + BLLibrary *lib; + const char *error; + + lib = PR_NEWZAP(BLLibrary); + if (NULL == lib) { + PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0); + return NULL; + } + lib->dlh = dlopen(name, RTLD_NOW | RTLD_LOCAL); + if (NULL == lib->dlh) { + PR_SetError(PR_LOAD_LIBRARY_ERROR, 0); + error = dlerror(); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + PR_Free(lib); + return NULL; + } + return lib; +} + +static void * +bl_FindSymbol(BLLibrary *lib, const char *name) +{ + void *f; + const char *error; + + f = dlsym(lib->dlh, name); + if (NULL == f) { + PR_SetError(PR_FIND_SYMBOL_ERROR, 0); + error = dlerror(); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + } + return f; +} + +static PRStatus +bl_UnloadLibrary(BLLibrary *lib) +{ + const char *error; + + if (dlclose(lib->dlh) == -1) { + PR_SetError(PR_UNLOAD_LIBRARY_ERROR, 0); + error = dlerror(); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + return PR_FAILURE; + } + PR_Free(lib); + return PR_SUCCESS; +} + +#elif defined(HPUX) + +#include <dl.h> +#include <string.h> +#include <errno.h> + +typedef struct { + shl_t dlh; +} BLLibrary; + +static BLLibrary * +bl_LoadLibrary(const char *name) +{ + BLLibrary *lib; + const char *error; + + lib = PR_NEWZAP(BLLibrary); + if (NULL == lib) { + PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0); + return NULL; + } + lib->dlh = shl_load(name, DYNAMIC_PATH | BIND_IMMEDIATE, 0L); + if (NULL == lib->dlh) { + PR_SetError(PR_LOAD_LIBRARY_ERROR, errno); + error = strerror(errno); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + PR_Free(lib); + return NULL; + } + return lib; +} + +static void * +bl_FindSymbol(BLLibrary *lib, const char *name) +{ + void *f; + const char *error; + + if (shl_findsym(&lib->dlh, name, TYPE_PROCEDURE, &f) == -1) { + f = NULL; + PR_SetError(PR_FIND_SYMBOL_ERROR, errno); + error = strerror(errno); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + } + return f; +} + +static PRStatus +bl_UnloadLibrary(BLLibrary *lib) +{ + const char *error; + + if (shl_unload(lib->dlh) == -1) { + PR_SetError(PR_UNLOAD_LIBRARY_ERROR, errno); + error = strerror(errno); + if (NULL != error) + PR_SetErrorText(strlen(error), error); + return PR_FAILURE; + } + PR_Free(lib); + return PR_SUCCESS; +} + +#else +#error "code for this platform is missing." +#endif + +#define LSB(x) ((x)&0xff) +#define MSB(x) ((x)>>8) + +static const FREEBLVector *vector; + +/* This function must be run only once. */ +/* determine if hybrid platform, then actually load the DSO. */ +static PRStatus +freebl_LoadDSO( void ) +{ + int hybrid = isHybrid(); + BLLibrary * handle; + const char * name; + + name = hybrid ? +#if defined( AIX ) + "libfreebl_hybrid_3_shr.a" : "libfreebl_pure32_3_shr.a"; +#elif defined( HPUX ) + "libfreebl_hybrid_3.sl" : "libfreebl_pure32_3.sl"; +#else + "libfreebl_hybrid_3.so" : "libfreebl_pure32_3.so"; +#endif + + handle = bl_LoadLibrary(name); + if (handle) { + void * address = bl_FindSymbol(handle, "FREEBL_GetVector"); + if (address) { + FREEBLGetVectorFn * getVector = (FREEBLGetVectorFn *)address; + const FREEBLVector * dsoVector = getVector(); + if (dsoVector) { + unsigned short dsoVersion = dsoVector->version; + unsigned short myVersion = FREEBL_VERSION; + if (MSB(dsoVersion) == MSB(myVersion) && + LSB(dsoVersion) >= LSB(myVersion) && + dsoVector->length >= sizeof(FREEBLVector)) { + vector = dsoVector; + return PR_SUCCESS; + } + } + } + bl_UnloadLibrary(handle); + } + return PR_FAILURE; +} + +static PRStatus +freebl_RunLoaderOnce( void ) +{ + PRStatus status; + static PRCallOnceType once; + + status = PR_CallOnce(&once, &freebl_LoadDSO); + return status; +} + + +RSAPrivateKey * +RSA_NewKey(int keySizeInBits, SECItem * publicExponent) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_RSA_NewKey)(keySizeInBits, publicExponent); +} + +SECStatus +RSA_PublicKeyOp(RSAPublicKey * key, + unsigned char * output, + const unsigned char * input) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RSA_PublicKeyOp)(key, output, input); +} + +SECStatus +RSA_PrivateKeyOp(RSAPrivateKey * key, + unsigned char * output, + const unsigned char * input) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RSA_PrivateKeyOp)(key, output, input); +} + +SECStatus +RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RSA_PrivateKeyOpDoubleChecked)(key, output, input); +} + +SECStatus +RSA_PrivateKeyCheck(RSAPrivateKey *key) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RSA_PrivateKeyCheck)(key); +} + +SECStatus +DSA_NewKey(const PQGParams * params, DSAPrivateKey ** privKey) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DSA_NewKey)(params, privKey); +} + +SECStatus +DSA_SignDigest(DSAPrivateKey * key, SECItem * signature, const SECItem * digest) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DSA_SignDigest)( key, signature, digest); +} + +SECStatus +DSA_VerifyDigest(DSAPublicKey * key, const SECItem * signature, + const SECItem * digest) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DSA_VerifyDigest)( key, signature, digest); +} + +SECStatus +DSA_NewKeyFromSeed(const PQGParams *params, const unsigned char * seed, + DSAPrivateKey **privKey) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DSA_NewKeyFromSeed)(params, seed, privKey); +} + +SECStatus +DSA_SignDigestWithSeed(DSAPrivateKey * key, SECItem * signature, + const SECItem * digest, const unsigned char * seed) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DSA_SignDigestWithSeed)( key, signature, digest, seed); +} + +SECStatus +DH_GenParam(int primeLen, DHParams ** params) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DH_GenParam)(primeLen, params); +} + +SECStatus +DH_NewKey(DHParams * params, DHPrivateKey ** privKey) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DH_NewKey)( params, privKey); +} + +SECStatus +DH_Derive(SECItem * publicValue, SECItem * prime, SECItem * privateValue, + SECItem * derivedSecret, unsigned int maxOutBytes) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DH_Derive)( publicValue, prime, privateValue, + derivedSecret, maxOutBytes); +} + +SECStatus +KEA_Derive(SECItem *prime, SECItem *public1, SECItem *public2, + SECItem *private1, SECItem *private2, SECItem *derivedSecret) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_KEA_Derive)(prime, public1, public2, + private1, private2, derivedSecret); +} + +PRBool +KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return PR_FALSE; + return (vector->p_KEA_Verify)(Y, prime, subPrime); +} + +RC4Context * +RC4_CreateContext(unsigned char *key, int len) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_RC4_CreateContext)(key, len); +} + +void +RC4_DestroyContext(RC4Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_RC4_DestroyContext)(cx, freeit); +} + +SECStatus +RC4_Encrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC4_Encrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +SECStatus +RC4_Decrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC4_Decrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +RC2Context * +RC2_CreateContext(unsigned char *key, unsigned int len, + unsigned char *iv, int mode, unsigned effectiveKeyLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_RC2_CreateContext)(key, len, iv, mode, effectiveKeyLen); +} + +void +RC2_DestroyContext(RC2Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_RC2_DestroyContext)(cx, freeit); +} + +SECStatus +RC2_Encrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC2_Encrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +SECStatus +RC2_Decrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC2_Decrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +RC5Context * +RC5_CreateContext(SECItem *key, unsigned int rounds, + unsigned int wordSize, unsigned char *iv, int mode) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_RC5_CreateContext)(key, rounds, wordSize, iv, mode); +} + +void +RC5_DestroyContext(RC5Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_RC5_DestroyContext)(cx, freeit); +} + +SECStatus +RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC5_Encrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +SECStatus +RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RC5_Decrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +DESContext * +DES_CreateContext(unsigned char *key, unsigned char *iv, + int mode, PRBool encrypt) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_DES_CreateContext)(key, iv, mode, encrypt); +} + +void +DES_DestroyContext(DESContext *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_DES_DestroyContext)(cx, freeit); +} + +SECStatus +DES_Encrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DES_Encrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +SECStatus +DES_Decrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen, + unsigned int maxOutputLen, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_DES_Decrypt)(cx, output, outputLen, maxOutputLen, input, + inputLen); +} + +AESContext * +AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt, + unsigned int keylen, unsigned int blocklen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_AES_CreateContext)(key, iv, mode, encrypt, keylen, + blocklen); +} + +void +AES_DestroyContext(AESContext *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_AES_DestroyContext)(cx, freeit); +} + +SECStatus +AES_Encrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_AES_Encrypt)(cx, output, outputLen, maxOutputLen, + input, inputLen); +} + +SECStatus +AES_Decrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_AES_Decrypt)(cx, output, outputLen, maxOutputLen, + input, inputLen); +} + +SECStatus +MD5_Hash(unsigned char *dest, const char *src) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_MD5_Hash)(dest, src); +} + +SECStatus +MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_MD5_HashBuf)(dest, src, src_length); +} + +MD5Context * +MD5_NewContext(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_MD5_NewContext)(); +} + +void +MD5_DestroyContext(MD5Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_MD5_DestroyContext)(cx, freeit); +} + +void +MD5_Begin(MD5Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_MD5_Begin)(cx); +} + +void +MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_MD5_Update)(cx, input, inputLen); +} + +void +MD5_End(MD5Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_MD5_End)(cx, digest, digestLen, maxDigestLen); +} + +unsigned int +MD5_FlattenSize(MD5Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return 0; + return (vector->p_MD5_FlattenSize)(cx); +} + +SECStatus +MD5_Flatten(MD5Context *cx,unsigned char *space) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_MD5_Flatten)(cx, space); +} + +MD5Context * +MD5_Resurrect(unsigned char *space, void *arg) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_MD5_Resurrect)(space, arg); +} + +void +MD5_TraceState(MD5Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_MD5_TraceState)(cx); +} + +SECStatus +MD2_Hash(unsigned char *dest, const char *src) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_MD2_Hash)(dest, src); +} + +MD2Context * +MD2_NewContext(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_MD2_NewContext)(); +} + +void +MD2_DestroyContext(MD2Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_MD2_DestroyContext)(cx, freeit); +} + +void +MD2_Begin(MD2Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_MD2_Begin)(cx); +} + +void +MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_MD2_Update)(cx, input, inputLen); +} + +void +MD2_End(MD2Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_MD2_End)(cx, digest, digestLen, maxDigestLen); +} + +unsigned int +MD2_FlattenSize(MD2Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return 0; + return (vector->p_MD2_FlattenSize)(cx); +} + +SECStatus +MD2_Flatten(MD2Context *cx,unsigned char *space) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_MD2_Flatten)(cx, space); +} + +MD2Context * +MD2_Resurrect(unsigned char *space, void *arg) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_MD2_Resurrect)(space, arg); +} + + +SECStatus +SHA1_Hash(unsigned char *dest, const char *src) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_SHA1_Hash)(dest, src); +} + +SECStatus +SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_SHA1_HashBuf)(dest, src, src_length); +} + +SHA1Context * +SHA1_NewContext(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_SHA1_NewContext)(); +} + +void +SHA1_DestroyContext(SHA1Context *cx, PRBool freeit) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_SHA1_DestroyContext)(cx, freeit); +} + +void +SHA1_Begin(SHA1Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_SHA1_Begin)(cx); +} + +void +SHA1_Update(SHA1Context *cx, const unsigned char *input, + unsigned int inputLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_SHA1_Update)(cx, input, inputLen); +} + +void +SHA1_End(SHA1Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_SHA1_End)(cx, digest, digestLen, maxDigestLen); +} + +void +SHA1_TraceState(SHA1Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_SHA1_TraceState)(cx); +} + +unsigned int +SHA1_FlattenSize(SHA1Context *cx) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return 0; + return (vector->p_SHA1_FlattenSize)(cx); +} + +SECStatus +SHA1_Flatten(SHA1Context *cx,unsigned char *space) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_SHA1_Flatten)(cx, space); +} + +SHA1Context * +SHA1_Resurrect(unsigned char *space, void *arg) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return NULL; + return (vector->p_SHA1_Resurrect)(space, arg); +} + +SECStatus +RNG_RNGInit(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RNG_RNGInit)(); +} + +SECStatus +RNG_RandomUpdate(const void *data, size_t bytes) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RNG_RandomUpdate)(data, bytes); +} + +SECStatus +RNG_GenerateGlobalRandomBytes(void *dest, size_t len) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_RNG_GenerateGlobalRandomBytes)(dest, len); +} + +void +RNG_RNGShutdown(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return ; + (vector->p_RNG_RNGShutdown)(); +} + +SECStatus +PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_PQG_ParamGen)(j, pParams, pVfy); +} + +SECStatus +PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes, + PQGParams **pParams, PQGVerify **pVfy) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_PQG_ParamGenSeedLen)(j, seedBytes, pParams, pVfy); +} + +SECStatus +PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy, + SECStatus *result) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return SECFailure; + return (vector->p_PQG_VerifyParams)(params, vfy, result); +} +#if 0 +void +PQG_DestroyParams(PQGParams *params) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_PQG_DestroyParams)( params); +} + +void +PQG_DestroyVerify(PQGVerify *vfy) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_PQG_DestroyVerify)( vfy); +} +#endif + +void +BL_Cleanup(void) +{ + if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) + return; + (vector->p_BL_Cleanup)(); +} diff --git a/security/nss/lib/freebl/loader.h b/security/nss/lib/freebl/loader.h new file mode 100644 index 000000000..33a4d1bdf --- /dev/null +++ b/security/nss/lib/freebl/loader.h @@ -0,0 +1,273 @@ +/* + * loader.h - load platform dependent DSO containing freebl implementation. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _LOADER_H_ +#define _LOADER_H_ 1 + +#include "blapi.h" + +#define FREEBL_VERSION 0x0302 + +struct FREEBLVectorStr { + + unsigned short length; /* of this struct in bytes */ + unsigned short version; /* of this struct. */ + + RSAPrivateKey * (* p_RSA_NewKey)(int keySizeInBits, + SECItem * publicExponent); + + SECStatus (* p_RSA_PublicKeyOp) (RSAPublicKey * key, + unsigned char * output, + const unsigned char * input); + + SECStatus (* p_RSA_PrivateKeyOp)(RSAPrivateKey * key, + unsigned char * output, + const unsigned char * input); + + SECStatus (* p_DSA_NewKey)(const PQGParams * params, + DSAPrivateKey ** privKey); + + SECStatus (* p_DSA_SignDigest)(DSAPrivateKey * key, + SECItem * signature, + const SECItem * digest); + + SECStatus (* p_DSA_VerifyDigest)(DSAPublicKey * key, + const SECItem * signature, + const SECItem * digest); + + SECStatus (* p_DSA_NewKeyFromSeed)(const PQGParams *params, + const unsigned char * seed, + DSAPrivateKey **privKey); + + SECStatus (* p_DSA_SignDigestWithSeed)(DSAPrivateKey * key, + SECItem * signature, + const SECItem * digest, + const unsigned char * seed); + + SECStatus (* p_DH_GenParam)(int primeLen, DHParams ** params); + + SECStatus (* p_DH_NewKey)(DHParams * params, + DHPrivateKey ** privKey); + + SECStatus (* p_DH_Derive)(SECItem * publicValue, + SECItem * prime, + SECItem * privateValue, + SECItem * derivedSecret, + unsigned int maxOutBytes); + + SECStatus (* p_KEA_Derive)(SECItem *prime, + SECItem *public1, + SECItem *public2, + SECItem *private1, + SECItem *private2, + SECItem *derivedSecret); + + PRBool (* p_KEA_Verify)(SECItem *Y, SECItem *prime, SECItem *subPrime); + + RC4Context * (* p_RC4_CreateContext)(unsigned char *key, int len); + + void (* p_RC4_DestroyContext)(RC4Context *cx, PRBool freeit); + + SECStatus (* p_RC4_Encrypt)(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_RC4_Decrypt)(RC4Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + RC2Context * (* p_RC2_CreateContext)(unsigned char *key, unsigned int len, + unsigned char *iv, int mode, unsigned effectiveKeyLen); + + void (* p_RC2_DestroyContext)(RC2Context *cx, PRBool freeit); + + SECStatus (* p_RC2_Encrypt)(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_RC2_Decrypt)(RC2Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + RC5Context *(* p_RC5_CreateContext)(SECItem *key, unsigned int rounds, + unsigned int wordSize, unsigned char *iv, int mode); + + void (* p_RC5_DestroyContext)(RC5Context *cx, PRBool freeit); + + SECStatus (* p_RC5_Encrypt)(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_RC5_Decrypt)(RC5Context *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + DESContext *(* p_DES_CreateContext)(unsigned char *key, unsigned char *iv, + int mode, PRBool encrypt); + + void (* p_DES_DestroyContext)(DESContext *cx, PRBool freeit); + + SECStatus (* p_DES_Encrypt)(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_DES_Decrypt)(DESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + AESContext * (* p_AES_CreateContext)(unsigned char *key, unsigned char *iv, + int mode, int encrypt, unsigned int keylen, + unsigned int blocklen); + + void (* p_AES_DestroyContext)(AESContext *cx, PRBool freeit); + + SECStatus (* p_AES_Encrypt)(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_AES_Decrypt)(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen); + + SECStatus (* p_MD5_Hash)(unsigned char *dest, const char *src); + + SECStatus (* p_MD5_HashBuf)(unsigned char *dest, const unsigned char *src, + uint32 src_length); + + MD5Context *(* p_MD5_NewContext)(void); + + void (* p_MD5_DestroyContext)(MD5Context *cx, PRBool freeit); + + void (* p_MD5_Begin)(MD5Context *cx); + + void (* p_MD5_Update)(MD5Context *cx, + const unsigned char *input, unsigned int inputLen); + + void (* p_MD5_End)(MD5Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); + + unsigned int (* p_MD5_FlattenSize)(MD5Context *cx); + + SECStatus (* p_MD5_Flatten)(MD5Context *cx,unsigned char *space); + + MD5Context * (* p_MD5_Resurrect)(unsigned char *space, void *arg); + + void (* p_MD5_TraceState)(MD5Context *cx); + + SECStatus (* p_MD2_Hash)(unsigned char *dest, const char *src); + + MD2Context *(* p_MD2_NewContext)(void); + + void (* p_MD2_DestroyContext)(MD2Context *cx, PRBool freeit); + + void (* p_MD2_Begin)(MD2Context *cx); + + void (* p_MD2_Update)(MD2Context *cx, + const unsigned char *input, unsigned int inputLen); + + void (* p_MD2_End)(MD2Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); + + unsigned int (* p_MD2_FlattenSize)(MD2Context *cx); + + SECStatus (* p_MD2_Flatten)(MD2Context *cx,unsigned char *space); + + MD2Context * (* p_MD2_Resurrect)(unsigned char *space, void *arg); + + SECStatus (* p_SHA1_Hash)(unsigned char *dest, const char *src); + + SECStatus (* p_SHA1_HashBuf)(unsigned char *dest, const unsigned char *src, + uint32 src_length); + + SHA1Context *(* p_SHA1_NewContext)(void); + + void (* p_SHA1_DestroyContext)(SHA1Context *cx, PRBool freeit); + + void (* p_SHA1_Begin)(SHA1Context *cx); + + void (* p_SHA1_Update)(SHA1Context *cx, const unsigned char *input, + unsigned int inputLen); + + void (* p_SHA1_End)(SHA1Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen); + + void (* p_SHA1_TraceState)(SHA1Context *cx); + + unsigned int (* p_SHA1_FlattenSize)(SHA1Context *cx); + + SECStatus (* p_SHA1_Flatten)(SHA1Context *cx,unsigned char *space); + + SHA1Context * (* p_SHA1_Resurrect)(unsigned char *space, void *arg); + + SECStatus (* p_RNG_RNGInit)(void); + + SECStatus (* p_RNG_RandomUpdate)(const void *data, size_t bytes); + + SECStatus (* p_RNG_GenerateGlobalRandomBytes)(void *dest, size_t len); + + void (* p_RNG_RNGShutdown)(void); + + SECStatus (* p_PQG_ParamGen)(unsigned int j, PQGParams **pParams, + PQGVerify **pVfy); + + SECStatus (* p_PQG_ParamGenSeedLen)( unsigned int j, unsigned int seedBytes, + PQGParams **pParams, PQGVerify **pVfy); + + SECStatus (* p_PQG_VerifyParams)(const PQGParams *params, + const PQGVerify *vfy, SECStatus *result); + + SECStatus (* p_RSA_PrivateKeyOpDoubleChecked)(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input); + + SECStatus (* p_RSA_PrivateKeyCheck)(RSAPrivateKey *key); + + void (* p_BL_Cleanup)(void); + +}; + +typedef struct FREEBLVectorStr FREEBLVector; + +SEC_BEGIN_PROTOS + +typedef const FREEBLVector * FREEBLGetVectorFn(void); + +extern FREEBLGetVectorFn FREEBL_GetVector; + +SEC_END_PROTOS + +#endif diff --git a/security/nss/lib/freebl/mac_rand.c b/security/nss/lib/freebl/mac_rand.c new file mode 100644 index 000000000..8578dfa08 --- /dev/null +++ b/security/nss/lib/freebl/mac_rand.c @@ -0,0 +1,315 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifdef notdef +#include "xp_core.h" +#include "xp_file.h" +#endif +#include "secrng.h" +#include "mcom_db.h" +#ifdef XP_MAC +#include <Events.h> +#include <OSUtils.h> +#include <QDOffscreen.h> +#include <PPCToolbox.h> +#include <Processes.h> +#include <LowMem.h> +#include <Scrap.h> + +/* Static prototypes */ +static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen); +void FE_ReadScreen(); + +static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen) +{ + union endianness { + int32 i; + char c[4]; + } u; + + if (srclen <= dstlen) { + memcpy(dst, src, srclen); + return srclen; + } + u.i = 0x01020304; + if (u.c[0] == 0x01) { + /* big-endian case */ + memcpy(dst, (char*)src + (srclen - dstlen), dstlen); + } else { + /* little-endian case */ + memcpy(dst, src, dstlen); + } + return dstlen; +} + +size_t RNG_GetNoise(void *buf, size_t maxbytes) +{ + UnsignedWide microTickCount; + Microseconds(µTickCount); + return CopyLowBits(buf, maxbytes, µTickCount, sizeof(microTickCount)); +} + +void RNG_FileForRNG(const char *filename) +{ + unsigned char buffer[BUFSIZ]; + size_t bytes; +#ifdef notdef /*sigh*/ + XP_File file; + unsigned long totalFileBytes = 0; + + if (filename == NULL) /* For now, read in global history if filename is null */ + file = XP_FileOpen(NULL, xpGlobalHistory,XP_FILE_READ_BIN); + else + file = XP_FileOpen(NULL, xpURL,XP_FILE_READ_BIN); + if (file != NULL) { + for (;;) { + bytes = XP_FileRead(buffer, sizeof(buffer), file); + if (bytes == 0) break; + RNG_RandomUpdate( buffer, bytes); + totalFileBytes += bytes; + if (totalFileBytes > 100*1024) break; /* No more than 100 K */ + } + XP_FileClose(file); + } +#endif + /* + * Pass yet another snapshot of our highest resolution clock into + * the hash function. + */ + bytes = RNG_GetNoise(buffer, sizeof(buffer)); + RNG_RandomUpdate(buffer, sizeof(buffer)); +} + +void RNG_SystemInfoForRNG() +{ +/* Time */ + { + unsigned long sec; + size_t bytes; + GetDateTime(&sec); /* Current time since 1970 */ + RNG_RandomUpdate( &sec, sizeof(sec)); + bytes = RNG_GetNoise(&sec, sizeof(sec)); + RNG_RandomUpdate(&sec, bytes); + } +/* User specific variables */ + { + MachineLocation loc; + ReadLocation(&loc); + RNG_RandomUpdate( &loc, sizeof(loc)); + } +#if !TARGET_CARBON +/* User name */ + { + unsigned long userRef; + Str32 userName; + GetDefaultUser(&userRef, userName); + RNG_RandomUpdate( &userRef, sizeof(userRef)); + RNG_RandomUpdate( userName, sizeof(userName)); + } +#endif +/* Mouse location */ + { + Point mouseLoc; + GetMouse(&mouseLoc); + RNG_RandomUpdate( &mouseLoc, sizeof(mouseLoc)); + } +/* Keyboard time threshold */ + { + SInt16 keyTresh = LMGetKeyThresh(); + RNG_RandomUpdate( &keyTresh, sizeof(keyTresh)); + } +/* Last key pressed */ + { + SInt8 keyLast; + keyLast = LMGetKbdLast(); + RNG_RandomUpdate( &keyLast, sizeof(keyLast)); + } +/* Volume */ + { + UInt8 volume = LMGetSdVolume(); + RNG_RandomUpdate( &volume, sizeof(volume)); + } +#if !TARGET_CARBON +/* Current directory */ + { + SInt32 dir = LMGetCurDirStore(); + RNG_RandomUpdate( &dir, sizeof(dir)); + } +#endif +/* Process information about all the processes in the machine */ + { + ProcessSerialNumber process; + ProcessInfoRec pi; + + process.highLongOfPSN = process.lowLongOfPSN = kNoProcess; + + while (GetNextProcess(&process) == noErr) + { + FSSpec fileSpec; + pi.processInfoLength = sizeof(ProcessInfoRec); + pi.processName = NULL; + pi.processAppSpec = &fileSpec; + GetProcessInformation(&process, &pi); + RNG_RandomUpdate( &pi, sizeof(pi)); + RNG_RandomUpdate( &fileSpec, sizeof(fileSpec)); + } + } + +#if !TARGET_CARBON +/* Heap */ + { + THz zone = LMGetTheZone(); + RNG_RandomUpdate( &zone, sizeof(zone)); + } +#endif + +/* Screen */ + { + GDHandle h = GetMainDevice(); /* GDHandle is **GDevice */ + RNG_RandomUpdate( *h, sizeof(GDevice)); + } + +#if !TARGET_CARBON +/* Scrap size */ + { + SInt32 scrapSize = LMGetScrapSize(); + RNG_RandomUpdate( &scrapSize, sizeof(scrapSize)); + } +/* Scrap count */ + { + SInt16 scrapCount = LMGetScrapCount(); + RNG_RandomUpdate( &scrapCount, sizeof(scrapCount)); + } +#else + { + ScrapRef scrap; + if (GetCurrentScrap(&scrap) == noErr) { + UInt32 flavorCount; + if (GetScrapFlavorCount(scrap, &flavorCount) == noErr) { + ScrapFlavorInfo* flavorInfo = (ScrapFlavorInfo*) malloc(flavorCount * sizeof(ScrapFlavorInfo)); + if (flavorInfo != NULL) { + if (GetScrapFlavorInfoList(scrap, &flavorCount, flavorInfo) == noErr) { + UInt32 i; + RNG_RandomUpdate(&flavorCount, sizeof(flavorCount)); + for (i = 0; i < flavorCount; ++i) { + Size flavorSize; + if (GetScrapFlavorSize(scrap, flavorInfo[i].flavorType, &flavorSize) == noErr) + RNG_RandomUpdate(&flavorSize, sizeof(flavorSize)); + } + } + free(flavorInfo); + } + } + } + } +#endif +/* File stuff, last modified, etc. */ + { + HParamBlockRec pb; + GetVolParmsInfoBuffer volInfo; + pb.ioParam.ioVRefNum = 0; + pb.ioParam.ioNamePtr = nil; + pb.ioParam.ioBuffer = (Ptr) &volInfo; + pb.ioParam.ioReqCount = sizeof(volInfo); + PBHGetVolParmsSync(&pb); + RNG_RandomUpdate( &volInfo, sizeof(volInfo)); + } +#if !TARGET_CARBON +/* Event queue */ + { + EvQElPtr eventQ; + for (eventQ = (EvQElPtr) LMGetEventQueue()->qHead; + eventQ; + eventQ = (EvQElPtr)eventQ->qLink) + RNG_RandomUpdate( &eventQ->evtQWhat, sizeof(EventRecord)); + } +#endif + FE_ReadScreen(); + RNG_FileForRNG(NULL); +} + +void FE_ReadScreen() +{ + UInt16 coords[4]; + PixMapHandle pmap; + GDHandle gh; + UInt16 screenHeight; + UInt16 screenWidth; /* just what they say */ + UInt32 bytesToRead; /* number of bytes we're giving */ + UInt32 offset; /* offset into the graphics buffer */ + UInt16 rowBytes; + UInt32 rowsToRead; + float bytesPerPixel; /* dependent on buffer depth */ + Ptr p; /* temporary */ + UInt16 x, y, w, h; + + gh = LMGetMainDevice(); + if ( !gh ) + return; + pmap = (**gh).gdPMap; + if ( !pmap ) + return; + + RNG_GenerateGlobalRandomBytes( coords, sizeof( coords ) ); + + /* make x and y inside the screen rect */ + screenHeight = (**pmap).bounds.bottom - (**pmap).bounds.top; + screenWidth = (**pmap).bounds.right - (**pmap).bounds.left; + x = coords[0] % screenWidth; + y = coords[1] % screenHeight; + w = ( coords[2] & 0x7F ) | 0x40; /* Make sure that w is in the range 64..128 */ + h = ( coords[3] & 0x7F ) | 0x40; /* same for h */ + + bytesPerPixel = (**pmap).pixelSize / 8; + rowBytes = (**pmap).rowBytes & 0x7FFF; + + /* starting address */ + offset = ( rowBytes * y ) + (UInt32)( (float)x * bytesPerPixel ); + + /* don't read past the end of the pixmap's rowbytes */ + bytesToRead = MIN( (UInt32)( w * bytesPerPixel ), + (UInt32)( rowBytes - ( x * bytesPerPixel ) ) ); + + /* don't read past the end of the graphics device pixmap */ + rowsToRead = MIN( h, + ( screenHeight - y ) ); + + p = GetPixBaseAddr( pmap ) + offset; + + while ( rowsToRead-- ) + { + RNG_RandomUpdate( p, bytesToRead ); + p += rowBytes; + } +} +#endif diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn new file mode 100644 index 000000000..0a102e6ed --- /dev/null +++ b/security/nss/lib/freebl/manifest.mn @@ -0,0 +1,128 @@ +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# +CORE_DEPTH = ../../.. + +MODULE = security + +ifndef FREEBL_RECURSIVE_BUILD + LIBRARY_NAME = freebl +else + ifdef USE_PURE_32 + CORE_DEPTH = ../../../.. + LIBRARY_NAME = freebl_pure32 + else + LIBRARY_NAME = freebl_hybrid + endif +endif + +# same version as rest of freebl +LIBRARY_VERSION = _3 + +REQUIRES = + +EXPORTS = \ + blapi.h \ + blapit.h \ + secrng.h \ + $(NULL) + +PRIVATE_EXPORTS = \ + secmpi.h \ + $(NULL) + +MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h +MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c + +ifdef MOZILLA_BSAFE_BUILD +CSRCS = \ + fblstdlib.c \ + sha_fast.c \ + md2.c \ + md5.c \ + blapi_bsf.c \ + $(MPI_SRCS) \ + dh.c \ + $(NULL) +else +CSRCS = \ + ldvector.c \ + prng_fips1861.c \ + sysrand.c \ + sha_fast.c \ + md2.c \ + md5.c \ + alg2268.c \ + arcfour.c \ + arcfive.c \ + desblapi.c \ + des.c \ + rijndael.c \ + dh.c \ + pqg.c \ + dsa.c \ + rsa.c \ + $(MPI_SRCS) \ + $(NULL) +endif + +ALL_CSRCS := $(CSRCS) + +ALL_HDRS = \ + blapi.h \ + blapit.h \ + des.h \ + loader.h \ + rijndael.h \ + secmpi.h \ + sha.h \ + sha_fast.h \ + vis_proto.h \ + $(NULL) + +ifdef AES_GEN_TBL +DEFINES += -DRIJNDAEL_GENERATE_TABLES +else +ifdef AES_GEN_TBL_M +DEFINES += -DRIJNDAEL_GENERATE_TABLES_MACRO +else +ifdef AES_GEN_VAL +DEFINES += -DRIJNDAEL_GENERATE_VALUES +else +ifdef AES_GEN_VAL_M +DEFINES += -DRIJNDAEL_GENERATE_VALUES_MACRO +else +DEFINES += -DRIJNDAEL_INCLUDE_TABLES +endif +endif +endif +endif diff --git a/security/nss/lib/freebl/mapfile.Solaris b/security/nss/lib/freebl/mapfile.Solaris new file mode 100644 index 000000000..8a39ceceb --- /dev/null +++ b/security/nss/lib/freebl/mapfile.Solaris @@ -0,0 +1,39 @@ +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +libfreebl_3.so { + global: + FREEBL_GetVector; + local: + *; +}; diff --git a/security/nss/lib/freebl/md2.c b/security/nss/lib/freebl/md2.c new file mode 100644 index 000000000..3f7427c14 --- /dev/null +++ b/security/nss/lib/freebl/md2.c @@ -0,0 +1,288 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" + +#include "blapi.h" + +#define MD2_DIGEST_LEN 16 +#define MD2_BUFSIZE 16 +#define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */ +#define MD2_CV 0 /* index into X for chaining variables */ +#define MD2_INPUT 16 /* index into X for input */ +#define MD2_TMPVARS 32 /* index into X for temporary variables */ +#define MD2_CHECKSUM_SIZE 16 + +struct MD2ContextStr { + unsigned char checksum[MD2_BUFSIZE]; + unsigned char X[MD2_X_SIZE]; + PRUint8 unusedBuffer; +}; + +static const PRUint8 MD2S[256] = { + 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001, + 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023, + 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214, + 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312, + 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026, + 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022, + 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111, + 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172, + 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077, + 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041, + 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047, + 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003, + 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321, + 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306, + 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266, + 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361, + 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040, + 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002, + 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366, + 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017, + 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072, + 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046, + 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011, + 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122, + 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372, + 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112, + 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155, + 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071, + 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344, + 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012, + 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032, + 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024 +}; + +SECStatus +MD2_Hash(unsigned char *dest, const char *src) +{ + unsigned int len; + MD2Context *cx = MD2_NewContext(); + if (!cx) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + MD2_Begin(cx); + MD2_Update(cx, (unsigned char *)src, PL_strlen(src)); + MD2_End(cx, dest, &len, MD2_DIGEST_LEN); + MD2_DestroyContext(cx, PR_TRUE); + return SECSuccess; +} + +MD2Context * +MD2_NewContext(void) +{ + MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + return cx; +} + +void +MD2_DestroyContext(MD2Context *cx, PRBool freeit) +{ + if (freeit) + PORT_ZFree(cx, sizeof(*cx)); +} + +void +MD2_Begin(MD2Context *cx) +{ + memset(cx, 0, sizeof(*cx)); + cx->unusedBuffer = MD2_BUFSIZE; +} + +static void +md2_compress(MD2Context *cx) +{ + int j; + unsigned char P; + P = cx->checksum[MD2_CHECKSUM_SIZE-1]; + /* Compute the running checksum, and set the tmp variables to be + * CV[i] XOR input[i] + */ +#define CKSUMFN(n) \ + P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT+n] ^ P]; \ + cx->checksum[n] = P; \ + cx->X[MD2_TMPVARS+n] = cx->X[n] ^ cx->X[MD2_INPUT+n]; + CKSUMFN(0); + CKSUMFN(1); + CKSUMFN(2); + CKSUMFN(3); + CKSUMFN(4); + CKSUMFN(5); + CKSUMFN(6); + CKSUMFN(7); + CKSUMFN(8); + CKSUMFN(9); + CKSUMFN(10); + CKSUMFN(11); + CKSUMFN(12); + CKSUMFN(13); + CKSUMFN(14); + CKSUMFN(15); + /* The compression function. */ +#define COMPRESS(n) \ + P = cx->X[n] ^ MD2S[P]; \ + cx->X[n] = P; + P = 0x00; + for (j=0; j<18; j++) { + COMPRESS(0); + COMPRESS(1); + COMPRESS(2); + COMPRESS(3); + COMPRESS(4); + COMPRESS(5); + COMPRESS(6); + COMPRESS(7); + COMPRESS(8); + COMPRESS(9); + COMPRESS(10); + COMPRESS(11); + COMPRESS(12); + COMPRESS(13); + COMPRESS(14); + COMPRESS(15); + COMPRESS(16); + COMPRESS(17); + COMPRESS(18); + COMPRESS(19); + COMPRESS(20); + COMPRESS(21); + COMPRESS(22); + COMPRESS(23); + COMPRESS(24); + COMPRESS(25); + COMPRESS(26); + COMPRESS(27); + COMPRESS(28); + COMPRESS(29); + COMPRESS(30); + COMPRESS(31); + COMPRESS(32); + COMPRESS(33); + COMPRESS(34); + COMPRESS(35); + COMPRESS(36); + COMPRESS(37); + COMPRESS(38); + COMPRESS(39); + COMPRESS(40); + COMPRESS(41); + COMPRESS(42); + COMPRESS(43); + COMPRESS(44); + COMPRESS(45); + COMPRESS(46); + COMPRESS(47); + P = (P + j) % 256; + } + cx->unusedBuffer = MD2_BUFSIZE; +} + +void +MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen) +{ + PRUint32 bytesToConsume; + + /* Fill the remaining input buffer. */ + if (cx->unusedBuffer != MD2_BUFSIZE) { + bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer); + memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)], + input, bytesToConsume); + if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE) + md2_compress(cx); + inputLen -= bytesToConsume; + input += bytesToConsume; + } + + /* Iterate over 16-byte chunks of the input. */ + while (inputLen >= MD2_BUFSIZE) { + memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE); + md2_compress(cx); + inputLen -= MD2_BUFSIZE; + input += MD2_BUFSIZE; + } + + /* Copy any input that remains into the buffer. */ + if (inputLen) + memcpy(&cx->X[MD2_INPUT], input, inputLen); + cx->unusedBuffer = MD2_BUFSIZE - inputLen; +} + +void +MD2_End(MD2Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen) +{ + PRUint8 padStart; + if (maxDigestLen < MD2_BUFSIZE) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + padStart = MD2_BUFSIZE - cx->unusedBuffer; + memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer, + cx->unusedBuffer); + md2_compress(cx); + memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE); + md2_compress(cx); + *digestLen = MD2_DIGEST_LEN; + memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN); +} + +unsigned int +MD2_FlattenSize(MD2Context *cx) +{ + return sizeof(*cx); +} + +SECStatus +MD2_Flatten(MD2Context *cx, unsigned char *space) +{ + memcpy(space, cx, sizeof(*cx)); + return SECSuccess; +} + +MD2Context * +MD2_Resurrect(unsigned char *space, void *arg) +{ + MD2Context *cx = MD2_NewContext(); + if (cx) + memcpy(cx, space, sizeof(*cx)); + return cx; +} diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c new file mode 100644 index 000000000..c1e55902c --- /dev/null +++ b/security/nss/lib/freebl/md5.c @@ -0,0 +1,531 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" +#include "prlong.h" + +#include "blapi.h" + +#define MD5_HASH_LEN 16 +#define MD5_BUFFER_SIZE 64 +#define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8) + +#define CV0_1 0x67452301 +#define CV0_2 0xefcdab89 +#define CV0_3 0x98badcfe +#define CV0_4 0x10325476 + +#define T1_0 0xd76aa478 +#define T1_1 0xe8c7b756 +#define T1_2 0x242070db +#define T1_3 0xc1bdceee +#define T1_4 0xf57c0faf +#define T1_5 0x4787c62a +#define T1_6 0xa8304613 +#define T1_7 0xfd469501 +#define T1_8 0x698098d8 +#define T1_9 0x8b44f7af +#define T1_10 0xffff5bb1 +#define T1_11 0x895cd7be +#define T1_12 0x6b901122 +#define T1_13 0xfd987193 +#define T1_14 0xa679438e +#define T1_15 0x49b40821 + +#define T2_0 0xf61e2562 +#define T2_1 0xc040b340 +#define T2_2 0x265e5a51 +#define T2_3 0xe9b6c7aa +#define T2_4 0xd62f105d +#define T2_5 0x02441453 +#define T2_6 0xd8a1e681 +#define T2_7 0xe7d3fbc8 +#define T2_8 0x21e1cde6 +#define T2_9 0xc33707d6 +#define T2_10 0xf4d50d87 +#define T2_11 0x455a14ed +#define T2_12 0xa9e3e905 +#define T2_13 0xfcefa3f8 +#define T2_14 0x676f02d9 +#define T2_15 0x8d2a4c8a + +#define T3_0 0xfffa3942 +#define T3_1 0x8771f681 +#define T3_2 0x6d9d6122 +#define T3_3 0xfde5380c +#define T3_4 0xa4beea44 +#define T3_5 0x4bdecfa9 +#define T3_6 0xf6bb4b60 +#define T3_7 0xbebfbc70 +#define T3_8 0x289b7ec6 +#define T3_9 0xeaa127fa +#define T3_10 0xd4ef3085 +#define T3_11 0x04881d05 +#define T3_12 0xd9d4d039 +#define T3_13 0xe6db99e5 +#define T3_14 0x1fa27cf8 +#define T3_15 0xc4ac5665 + +#define T4_0 0xf4292244 +#define T4_1 0x432aff97 +#define T4_2 0xab9423a7 +#define T4_3 0xfc93a039 +#define T4_4 0x655b59c3 +#define T4_5 0x8f0ccc92 +#define T4_6 0xffeff47d +#define T4_7 0x85845dd1 +#define T4_8 0x6fa87e4f +#define T4_9 0xfe2ce6e0 +#define T4_10 0xa3014314 +#define T4_11 0x4e0811a1 +#define T4_12 0xf7537e82 +#define T4_13 0xbd3af235 +#define T4_14 0x2ad7d2bb +#define T4_15 0xeb86d391 + +#define R1B0 0 +#define R1B1 1 +#define R1B2 2 +#define R1B3 3 +#define R1B4 4 +#define R1B5 5 +#define R1B6 6 +#define R1B7 7 +#define R1B8 8 +#define R1B9 9 +#define R1B10 10 +#define R1B11 11 +#define R1B12 12 +#define R1B13 13 +#define R1B14 14 +#define R1B15 15 + +#define R2B0 1 +#define R2B1 6 +#define R2B2 11 +#define R2B3 0 +#define R2B4 5 +#define R2B5 10 +#define R2B6 15 +#define R2B7 4 +#define R2B8 9 +#define R2B9 14 +#define R2B10 3 +#define R2B11 8 +#define R2B12 13 +#define R2B13 2 +#define R2B14 7 +#define R2B15 12 + +#define R3B0 5 +#define R3B1 8 +#define R3B2 11 +#define R3B3 14 +#define R3B4 1 +#define R3B5 4 +#define R3B6 7 +#define R3B7 10 +#define R3B8 13 +#define R3B9 0 +#define R3B10 3 +#define R3B11 6 +#define R3B12 9 +#define R3B13 12 +#define R3B14 15 +#define R3B15 2 + +#define R4B0 0 +#define R4B1 7 +#define R4B2 14 +#define R4B3 5 +#define R4B4 12 +#define R4B5 3 +#define R4B6 10 +#define R4B7 1 +#define R4B8 8 +#define R4B9 15 +#define R4B10 6 +#define R4B11 13 +#define R4B12 4 +#define R4B13 11 +#define R4B14 2 +#define R4B15 9 + +#define S1_0 7 +#define S1_1 12 +#define S1_2 17 +#define S1_3 22 + +#define S2_0 5 +#define S2_1 9 +#define S2_2 14 +#define S2_3 20 + +#define S3_0 4 +#define S3_1 11 +#define S3_2 16 +#define S3_3 23 + +#define S4_0 6 +#define S4_1 10 +#define S4_2 15 +#define S4_3 21 + +struct MD5ContextStr { + PRUint32 lsbInput; + PRUint32 msbInput; + PRUint32 cv[4]; + union { + PRUint8 b[64]; + PRUint32 w[16]; + } u; +}; + +#define inBuf u.b + +SECStatus +MD5_Hash(unsigned char *dest, const char *src) +{ + return MD5_HashBuf(dest, (unsigned char *)src, PL_strlen(src)); +} + +SECStatus +MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) +{ + unsigned int len; + MD5Context *cx = MD5_NewContext(); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return SECFailure; + } + MD5_Begin(cx); + MD5_Update(cx, src, src_length); + MD5_End(cx, dest, &len, MD5_HASH_LEN); + MD5_DestroyContext(cx, PR_TRUE); + return SECSuccess; +} + +MD5Context * +MD5_NewContext(void) +{ + MD5Context *cx = (MD5Context *)PORT_ZAlloc(sizeof(MD5Context)); + if (cx == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return NULL; + } + return cx; +} + +void +MD5_DestroyContext(MD5Context *cx, PRBool freeit) +{ + if (freeit) { + PORT_ZFree(cx, sizeof(MD5Context)); + } +} + +void +MD5_Begin(MD5Context *cx) +{ + cx->lsbInput = 0; + cx->msbInput = 0; + memset(cx->inBuf, 0, sizeof(cx->inBuf)); + cx->cv[0] = CV0_1; + cx->cv[1] = CV0_2; + cx->cv[2] = CV0_3; + cx->cv[3] = CV0_4; +} + +#define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s)) + +#define MASK 0x00ff00ff +#ifdef IS_LITTLE_ENDIAN +#define lendian(i32) \ + (i32) +#else +#define lendian(i32) \ + (tmp = i32 >> 16 | i32 << 16, (tmp & MASK) << 8 | tmp >> 8 & MASK) +#endif + +#if defined(SOLARIS) || defined(HPUX) +#define addto64(sumhigh, sumlow, addend) \ + sumlow += addend; sumhigh += (sumlow < addend); +#else +#define addto64(sumhigh, sumlow, addend) \ + sumlow += addend; if (sumlow < addend) ++sumhigh; +#endif + +#define F(X, Y, Z) \ + ((X & Y) | ((~X) & Z)) + +#define G(X, Y, Z) \ + ((X & Z) | (Y & (~Z))) + +#define H(X, Y, Z) \ + (X ^ Y ^ Z) + +#define I(X, Y, Z) \ + (Y ^ (X | (~Z))) + +#define FF(a, b, c, d, bufint, s, ti) \ + a = b + cls(a + F(b, c, d) + bufint + ti, s) + +#define GG(a, b, c, d, bufint, s, ti) \ + a = b + cls(a + G(b, c, d) + bufint + ti, s) + +#define HH(a, b, c, d, bufint, s, ti) \ + a = b + cls(a + H(b, c, d) + bufint + ti, s) + +#define II(a, b, c, d, bufint, s, ti) \ + a = b + cls(a + I(b, c, d) + bufint + ti, s) + +static void +md5_compress(MD5Context *cx) +{ + PRUint32 a, b, c, d; + PRUint32 tmp; + a = cx->cv[0]; + b = cx->cv[1]; + c = cx->cv[2]; + d = cx->cv[3]; +#ifndef IS_LITTLE_ENDIAN + cx->u.w[0] = lendian(cx->u.w[0]); + cx->u.w[1] = lendian(cx->u.w[1]); + cx->u.w[2] = lendian(cx->u.w[2]); + cx->u.w[3] = lendian(cx->u.w[3]); + cx->u.w[4] = lendian(cx->u.w[4]); + cx->u.w[5] = lendian(cx->u.w[5]); + cx->u.w[6] = lendian(cx->u.w[6]); + cx->u.w[7] = lendian(cx->u.w[7]); + cx->u.w[8] = lendian(cx->u.w[8]); + cx->u.w[9] = lendian(cx->u.w[9]); + cx->u.w[10] = lendian(cx->u.w[10]); + cx->u.w[11] = lendian(cx->u.w[11]); + cx->u.w[12] = lendian(cx->u.w[12]); + cx->u.w[13] = lendian(cx->u.w[13]); + cx->u.w[14] = lendian(cx->u.w[14]); + cx->u.w[15] = lendian(cx->u.w[15]); +#endif + FF(a, b, c, d, cx->u.w[R1B0 ], S1_0, T1_0); + FF(d, a, b, c, cx->u.w[R1B1 ], S1_1, T1_1); + FF(c, d, a, b, cx->u.w[R1B2 ], S1_2, T1_2); + FF(b, c, d, a, cx->u.w[R1B3 ], S1_3, T1_3); + FF(a, b, c, d, cx->u.w[R1B4 ], S1_0, T1_4); + FF(d, a, b, c, cx->u.w[R1B5 ], S1_1, T1_5); + FF(c, d, a, b, cx->u.w[R1B6 ], S1_2, T1_6); + FF(b, c, d, a, cx->u.w[R1B7 ], S1_3, T1_7); + FF(a, b, c, d, cx->u.w[R1B8 ], S1_0, T1_8); + FF(d, a, b, c, cx->u.w[R1B9 ], S1_1, T1_9); + FF(c, d, a, b, cx->u.w[R1B10], S1_2, T1_10); + FF(b, c, d, a, cx->u.w[R1B11], S1_3, T1_11); + FF(a, b, c, d, cx->u.w[R1B12], S1_0, T1_12); + FF(d, a, b, c, cx->u.w[R1B13], S1_1, T1_13); + FF(c, d, a, b, cx->u.w[R1B14], S1_2, T1_14); + FF(b, c, d, a, cx->u.w[R1B15], S1_3, T1_15); + GG(a, b, c, d, cx->u.w[R2B0 ], S2_0, T2_0); + GG(d, a, b, c, cx->u.w[R2B1 ], S2_1, T2_1); + GG(c, d, a, b, cx->u.w[R2B2 ], S2_2, T2_2); + GG(b, c, d, a, cx->u.w[R2B3 ], S2_3, T2_3); + GG(a, b, c, d, cx->u.w[R2B4 ], S2_0, T2_4); + GG(d, a, b, c, cx->u.w[R2B5 ], S2_1, T2_5); + GG(c, d, a, b, cx->u.w[R2B6 ], S2_2, T2_6); + GG(b, c, d, a, cx->u.w[R2B7 ], S2_3, T2_7); + GG(a, b, c, d, cx->u.w[R2B8 ], S2_0, T2_8); + GG(d, a, b, c, cx->u.w[R2B9 ], S2_1, T2_9); + GG(c, d, a, b, cx->u.w[R2B10], S2_2, T2_10); + GG(b, c, d, a, cx->u.w[R2B11], S2_3, T2_11); + GG(a, b, c, d, cx->u.w[R2B12], S2_0, T2_12); + GG(d, a, b, c, cx->u.w[R2B13], S2_1, T2_13); + GG(c, d, a, b, cx->u.w[R2B14], S2_2, T2_14); + GG(b, c, d, a, cx->u.w[R2B15], S2_3, T2_15); + HH(a, b, c, d, cx->u.w[R3B0 ], S3_0, T3_0); + HH(d, a, b, c, cx->u.w[R3B1 ], S3_1, T3_1); + HH(c, d, a, b, cx->u.w[R3B2 ], S3_2, T3_2); + HH(b, c, d, a, cx->u.w[R3B3 ], S3_3, T3_3); + HH(a, b, c, d, cx->u.w[R3B4 ], S3_0, T3_4); + HH(d, a, b, c, cx->u.w[R3B5 ], S3_1, T3_5); + HH(c, d, a, b, cx->u.w[R3B6 ], S3_2, T3_6); + HH(b, c, d, a, cx->u.w[R3B7 ], S3_3, T3_7); + HH(a, b, c, d, cx->u.w[R3B8 ], S3_0, T3_8); + HH(d, a, b, c, cx->u.w[R3B9 ], S3_1, T3_9); + HH(c, d, a, b, cx->u.w[R3B10], S3_2, T3_10); + HH(b, c, d, a, cx->u.w[R3B11], S3_3, T3_11); + HH(a, b, c, d, cx->u.w[R3B12], S3_0, T3_12); + HH(d, a, b, c, cx->u.w[R3B13], S3_1, T3_13); + HH(c, d, a, b, cx->u.w[R3B14], S3_2, T3_14); + HH(b, c, d, a, cx->u.w[R3B15], S3_3, T3_15); + II(a, b, c, d, cx->u.w[R4B0 ], S4_0, T4_0); + II(d, a, b, c, cx->u.w[R4B1 ], S4_1, T4_1); + II(c, d, a, b, cx->u.w[R4B2 ], S4_2, T4_2); + II(b, c, d, a, cx->u.w[R4B3 ], S4_3, T4_3); + II(a, b, c, d, cx->u.w[R4B4 ], S4_0, T4_4); + II(d, a, b, c, cx->u.w[R4B5 ], S4_1, T4_5); + II(c, d, a, b, cx->u.w[R4B6 ], S4_2, T4_6); + II(b, c, d, a, cx->u.w[R4B7 ], S4_3, T4_7); + II(a, b, c, d, cx->u.w[R4B8 ], S4_0, T4_8); + II(d, a, b, c, cx->u.w[R4B9 ], S4_1, T4_9); + II(c, d, a, b, cx->u.w[R4B10], S4_2, T4_10); + II(b, c, d, a, cx->u.w[R4B11], S4_3, T4_11); + II(a, b, c, d, cx->u.w[R4B12], S4_0, T4_12); + II(d, a, b, c, cx->u.w[R4B13], S4_1, T4_13); + II(c, d, a, b, cx->u.w[R4B14], S4_2, T4_14); + II(b, c, d, a, cx->u.w[R4B15], S4_3, T4_15); + cx->cv[0] += a; + cx->cv[1] += b; + cx->cv[2] += c; + cx->cv[3] += d; +} + +void +MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen) +{ + PRUint32 bytesToConsume; + PRUint32 inBufIndex = cx->lsbInput & 63; + + /* Add the number of input bytes to the 64-bit input counter. */ + addto64(cx->msbInput, cx->lsbInput, inputLen); + if (inBufIndex) { + /* There is already data in the buffer. Fill with input. */ + bytesToConsume = PR_MIN(inputLen, MD5_BUFFER_SIZE - inBufIndex); + memcpy(&cx->inBuf[inBufIndex], input, bytesToConsume); + if (inBufIndex + bytesToConsume >= MD5_BUFFER_SIZE) + /* The buffer is filled. Run the compression function. */ + md5_compress(cx); + /* Remaining input. */ + inputLen -= bytesToConsume; + input += bytesToConsume; + } + + /* Iterate over 64-byte chunks of the message. */ + while (inputLen >= MD5_BUFFER_SIZE) { + memcpy(cx->inBuf, input, MD5_BUFFER_SIZE); + md5_compress(cx); + inputLen -= MD5_BUFFER_SIZE; + input += MD5_BUFFER_SIZE; + } + + /* Tail of message (message bytes mod 64). */ + if (inputLen) + memcpy(cx->inBuf, input, inputLen); +} + +static const unsigned char padbytes[] = { + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +void +MD5_End(MD5Context *cx, unsigned char *digest, + unsigned int *digestLen, unsigned int maxDigestLen) +{ +#ifndef IS_LITTLE_ENDIAN + PRUint32 tmp; +#endif + PRUint32 lowInput, highInput; + PRUint32 inBufIndex = cx->lsbInput & 63; + + if (maxDigestLen < MD5_HASH_LEN) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + + /* Copy out the length of bits input before padding. */ + lowInput = cx->lsbInput; + highInput = (cx->msbInput << 3) | (lowInput >> 29); + lowInput <<= 3; + + if (inBufIndex < MD5_END_BUFFER) { + MD5_Update(cx, padbytes, MD5_END_BUFFER - inBufIndex); + } else { + MD5_Update(cx, padbytes, + MD5_END_BUFFER + MD5_BUFFER_SIZE - inBufIndex); + } + + /* Store the number of bytes input (before padding) in final 64 bits. */ + cx->u.w[14] = lendian(lowInput); + cx->u.w[15] = lendian(highInput); + + /* Final call to compress. */ + md5_compress(cx); + + /* Copy the resulting values out of the chain variables into return buf. */ + *digestLen = MD5_HASH_LEN; +#ifndef IS_LITTLE_ENDIAN + cx->cv[0] = lendian(cx->cv[0]); + cx->cv[1] = lendian(cx->cv[1]); + cx->cv[2] = lendian(cx->cv[2]); + cx->cv[3] = lendian(cx->cv[3]); +#endif + memcpy(digest, cx->cv, MD5_HASH_LEN); +} + +unsigned int +MD5_FlattenSize(MD5Context *cx) +{ + return sizeof(*cx); +} + +SECStatus +MD5_Flatten(MD5Context *cx, unsigned char *space) +{ + memcpy(space, cx, sizeof(*cx)); + return SECSuccess; +} + +MD5Context * +MD5_Resurrect(unsigned char *space, void *arg) +{ + MD5Context *cx = MD5_NewContext(); + if (cx) + memcpy(cx, space, sizeof(*cx)); + return cx; +} + +void +MD5_TraceState(MD5Context *cx) +{ + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); +} diff --git a/security/nss/lib/freebl/mknewpc2.c b/security/nss/lib/freebl/mknewpc2.c new file mode 100644 index 000000000..3bd3f0cf0 --- /dev/null +++ b/security/nss/lib/freebl/mknewpc2.c @@ -0,0 +1,236 @@ +/* + * mknewpc2.c + * + * Generate PC-2 tables for DES-150 library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the DES-150 library. + * + * The Initial Developer of the Original Code is Nelson B. Bolyard, + * nelsonb@iname.com. Portions created by Nelson B. Bolyard are + * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +typedef unsigned char BYTE; +typedef unsigned int HALF; + +#define DES_ENCRYPT 0 +#define DES_DECRYPT 1 + +/* two 28-bit registers defined in key schedule production process */ +static HALF C0, D0; + +static HALF L0, R0; + +/* key schedule, 16 internal keys, each with 8 6-bit parts */ +static BYTE KS [8] [16]; + + +/* + * This table takes the 56 bits in C0 and D0 and shows show they are + * permuted into the 8 6-bit parts of the key in the key schedule. + * The bits of C0 are numbered left to right, 1-28. + * The bits of D0 are numbered left to right, 29-56. + * Zeros in this table represent bits that are always zero. + * Note that all the bits in the first 4 rows come from C0, + * and all the bits in the second 4 rows come from D0. + */ +static const BYTE PC2[64] = { + 14, 17, 11, 24, 1, 5, 0, 0, /* S1 */ + 3, 28, 15, 6, 21, 10, 0, 0, /* S2 */ + 23, 19, 12, 4, 26, 8, 0, 0, /* S3 */ + 16, 7, 27, 20, 13, 2, 0, 0, /* S4 */ + + 41, 52, 31, 37, 47, 55, 0, 0, /* S5 */ + 30, 40, 51, 45, 33, 48, 0, 0, /* S6 */ + 44, 49, 39, 56, 34, 53, 0, 0, /* S7 */ + 46, 42, 50, 36, 29, 32, 0, 0 /* S8 */ +}; + +/* This table represents the same info as PC2, except that + * The bits of C0 and D0 are each numbered right to left, 0-27. + * -1 values indicate bits that are always zero. + * As before all the bits in the first 4 rows come from C0, + * and all the bits in the second 4 rows come from D0. + */ +static signed char PC2a[64] = { +/* bits of C0 */ + 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */ + 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */ + 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */ + 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */ +/* bits of D0 */ + 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */ + 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */ + 12, 7, 17, 0, 22, 3, -1, -1, /* S7 */ + 10, 14, 6, 20, 27, 24, -1, -1 /* S8 */ +}; + +/* This table represents the same info as PC2a, except that + * The order of of the rows has been changed to increase the efficiency + * with which the key sechedule is created. + * Fewer shifts and ANDs are required to make the KS from these. + */ +static const signed char PC2b[64] = { +/* bits of C0 */ + 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */ + 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */ + 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */ + 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */ +/* bits of D0 */ + 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */ + 10, 14, 6, 20, 27, 24, -1, -1, /* S8 */ + 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */ + 12, 7, 17, 0, 22, 3, -1, -1 /* S7 */ +}; + +/* Only 24 of the 28 bits in C0 and D0 are used in PC2. + * The used bits of C0 and D0 are grouped into 4 groups of 6, + * so that the PC2 permutation can be accomplished with 4 lookups + * in tables of 64 entries. + * The following table shows how the bits of C0 and D0 are grouped + * into indexes for the respective table lookups. + * Bits are numbered right-to-left, 0-27, as in PC2b. + */ +static BYTE NDX[48] = { +/* Bits of C0 */ + 27, 26, 25, 24, 23, 22, /* C0 table 0 */ + 18, 17, 16, 15, 14, 13, /* C0 table 1 */ + 9, 8, 7, 2, 1, 0, /* C0 table 2 */ + 5, 4, 21, 20, 12, 11, /* C0 table 3 */ +/* bits of D0 */ + 27, 26, 25, 24, 23, 22, /* D0 table 0 */ + 20, 19, 17, 16, 15, 14, /* D0 table 1 */ + 12, 11, 10, 9, 8, 7, /* D0 table 2 */ + 6, 5, 4, 3, 1, 0 /* D0 table 3 */ +}; + +/* Here's the code that does that grouping. + left = PC2LOOKUP(0, 0, ((c0 >> 22) & 0x3F) ); + left |= PC2LOOKUP(0, 1, ((c0 >> 13) & 0x3F) ); + left |= PC2LOOKUP(0, 2, ((c0 >> 4) & 0x38) | (c0 & 0x7) ); + left |= PC2LOOKUP(0, 3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30)); + + right = PC2LOOKUP(1, 0, ((d0 >> 22) & 0x3F) ); + right |= PC2LOOKUP(1, 1, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) ); + right |= PC2LOOKUP(1, 2, ((d0 >> 7) & 0x3F) ); + right |= PC2LOOKUP(1, 3, ((d0 >> 1) & 0x3C) | (d0 & 0x3)); +*/ + +void +make_pc2a( void ) +{ + + int i, j; + + for ( i = 0; i < 64; ++i ) { + j = PC2[i]; + if (j == 0) + j = -1; + else if ( j < 29 ) + j = 28 - j ; + else + j = 56 - j; + PC2a[i] = j; + } + for ( i = 0; i < 64; i += 8 ) { + printf("%3d,%3d,%3d,%3d,%3d,%3d,%3d,%3d,\n", + PC2a[i+0],PC2a[i+1],PC2a[i+2],PC2a[i+3], + PC2a[i+4],PC2a[i+5],PC2a[i+6],PC2a[i+7] ); + } +} + +HALF PC2cd0[64]; + +HALF PC_2H[8][64]; + +void +mktable( ) +{ + int i; + int table; + const BYTE * ndx = NDX; + HALF mask; + + mask = 0x80000000; + for (i = 0; i < 32; ++i, mask >>= 1) { + int bit = PC2b[i]; + if (bit < 0) + continue; + PC2cd0[bit + 32] = mask; + } + + mask = 0x80000000; + for (i = 32; i < 64; ++i, mask >>= 1) { + int bit = PC2b[i]; + if (bit < 0) + continue; + PC2cd0[bit] = mask; + } + +#if DEBUG + for (i = 0; i < 64; ++i) { + printf("0x%08x,\n", PC2cd0[i]); + } +#endif + for (i = 0; i < 24; ++i) { + NDX[i] += 32; /* because c0 is the upper half */ + } + + for (table = 0; table < 8; ++table) { + HALF bitvals[6]; + for (i = 0; i < 6; ++i) { + bitvals[5-i] = PC2cd0[*ndx++]; + } + for (i = 0; i < 64; ++i) { + int j; + int k = 0; + HALF value = 0; + + for (j = i; j; j >>= 1, ++k) { + if (j & 1) { + value |= bitvals[k]; + } + } + PC_2H[table][i] = value; + } + printf("/* table %d */ {\n", table ); + for (i = 0; i < 64; i += 4) { + printf(" 0x%08x, 0x%08x, 0x%08x, 0x%08x, \n", + PC_2H[table][i], PC_2H[table][i+1], + PC_2H[table][i+2], PC_2H[table][i+3]); + } + printf(" },\n"); + } +} + + +int +main(void) +{ +/* make_pc2a(); */ + mktable(); + return 0; +} diff --git a/security/nss/lib/freebl/mksp.c b/security/nss/lib/freebl/mksp.c new file mode 100644 index 000000000..17ce7bc2a --- /dev/null +++ b/security/nss/lib/freebl/mksp.c @@ -0,0 +1,153 @@ +/* + * mksp.c + * + * Generate SP tables for DES-150 library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the DES-150 library. + * + * The Initial Developer of the Original Code is Nelson B. Bolyard, + * nelsonb@iname.com. Portions created by Nelson B. Bolyard are + * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include <stdio.h> + +/* + * sboxes - the tables for the s-box functions + * from FIPS 46, pages 15-16. + */ +unsigned char S[8][64] = { +/* Func S1 = */ { + 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1, + 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8, + 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7, + 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13 + }, +/* Func S2 = */ { + 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14, + 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5, + 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2, + 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9 + }, +/* Func S3 = */ { + 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10, + 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1, + 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7, + 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12 + }, +/* Func S4 = */ { + 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3, + 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9, + 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8, + 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14 + }, +/* Func S5 = */ { + 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1, + 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6, + 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13, + 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3 + }, +/* Func S6 = */ { + 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5, + 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8, + 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10, + 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13 + }, +/* Func S7 = */ { + 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10, + 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6, + 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7, + 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12 + }, +/* Func S8 = */ { + 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4, + 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2, + 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13, + 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11 + } +}; + +/* + * Permutation function for results from s-boxes + * from FIPS 46 pages 12 and 16. + * P = + */ +unsigned char P[32] = { + 16, 7, 20, 21, 29, 12, 28, 17, + 1, 15, 23, 26, 5, 18, 31, 10, + 2, 8, 24, 14, 32, 27, 3, 9, + 19, 13, 30, 6, 22, 11, 4, 25 +}; + +unsigned int Pinv[32]; +unsigned int SP[8][64]; + +void +makePinv(void) +{ + int i; + unsigned int Pi = 0x80000000; + for (i = 0; i < 32; ++i) { + int j = 32 - P[i]; + Pinv[j] = Pi; + Pi >>= 1; + } +} + +void +makeSP(void) +{ + int box; + for (box = 0; box < 8; ++box) { + int item; + printf("/* box S%d */ {\n", box + 1); + for (item = 0; item < 64; ++item ) { + unsigned int s = S[box][item]; + unsigned int val = 0; + unsigned int bitnum = (7-box) * 4; + for (; s; s >>= 1, ++bitnum) { + if (s & 1) { + val |= Pinv[bitnum]; + } + } + val = (val << 3) | (val >> 29); + SP[box][item] = val; + } + for (item = 0; item < 64; item += 4) { + printf("\t0x%08x, 0x%08x, 0x%08x, 0x%08x,\n", + SP[box][item], SP[box][item+1], SP[box][item+2], SP[box][item+3]); + } + printf(" },\n"); + } +} + +int +main() +{ + makePinv(); + makeSP(); + return 0; +} diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile new file mode 100644 index 000000000..a4724af90 --- /dev/null +++ b/security/nss/lib/freebl/mpi/Makefile @@ -0,0 +1,424 @@ +## +## Makefile for MPI library +## +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. +## +## Contributor(s): +## Netscape Communications Corporation +## Richard C. Swift (swift@netscape.com) +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +## +## +## $Id$ +## + +## Define CC to be the C compiler you wish to use. The GNU cc +## compiler (gcc) should work, at the very least +#CC=cc +#CC=gcc + +## +## Define PERL to point to your local Perl interpreter. It +## should be Perl 5.x, although it's conceivable that Perl 4 +## might work ... I haven't tested it. +## +#PERL=/usr/bin/perl +PERL=perl + +## +## Define CFLAGS to contain any local options your compiler +## setup requires. +## +## Conditional compilation options are no longer here; see +## the file 'mpi-config.h' instead. +## +MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC +CFLAGS= -O $(MPICMN) +#CFLAGS=-ansi -fullwarn -woff 1521 -O3 $(MPICMN) +#CFLAGS=-ansi -pedantic -Wall -O3 $(MPICMN) +#CFLAGS=-ansi -pedantic -Wall -g -O2 -DMP_DEBUG=1 $(MPICMN) + +ifeq ($(TARGET),mipsIRIX) +#IRIX +#MPICMN += -DMP_MONT_USE_MP_MUL +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE +MPICMN += -DMP_USE_UINT_DIGIT +#MPICMN += -DMP_NO_MP_WORD +AS_OBJS = mpi_mips.o +#ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 -exceptions +ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 +#CFLAGS=-ansi -n32 -O3 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN) +CFLAGS=-ansi -n32 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN) +#CFLAGS=-ansi -n32 -g -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN) +#CFLAGS=-ansi -64 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE -DMP_NO_MP_WORD \ + $(MPICMN) +endif + +ifeq ($(TARGET),alphaOSF1) +#Alpha/OSF1 +MPICMN += -DMP_ASSEMBLY_MULTIPLY +AS_OBJS+= mpvalpha.o +#CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT $(MPICMN) +CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT \ + -DMP_NO_MP_WORD $(MPICMN) +endif + +ifeq ($(TARGET),v9SOLARIS) +#Solaris 64 +SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt +#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt +SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v9a -KPIC -mt +AS_OBJS += montmulfv9.o +AS_OBJS += mpi_sparc.o mpv_sparcv9.o +MPICMN += -DMP_USE_UINT_DIGIT +#MPICMN += -DMP_NO_MP_WORD +MPICMN += -DMP_ASSEMBLY_MULTIPLY +MPICMN += -DMP_USING_MONT_MULF +CFLAGS= -O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \ + -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN) +#CFLAGS= -g -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \ + -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN) +endif + +ifeq ($(TARGET),v8plusSOLARIS) +#Solaris 32 +SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8plusa -KPIC -mt +SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt +AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o +#AS_OBJS = montmulf.o +MPICMN += -DMP_ASSEMBLY_MULTIPLY +MPICMN += -DMP_USING_MONT_MULF -DMP_USE_UINT_DIGIT +MPICMN += -DMP_NO_MP_WORD +CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \ + -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8plus -DXP_UNIX $(MPICMN) +endif + +ifeq ($(TARGET),v8SOLARIS) +#Solaris 32 +#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8 -KPIC -mt +#SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt +#AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o +#AS_OBJS = montmulf.o +#MPICMN += -DMP_USING_MONT_MULF +#MPICMN += -DMP_ASSEMBLY_MULTIPLY +MPICMN += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT +MPICMN += -DMP_NO_MP_WORD +CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \ + -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8 -DXP_UNIX $(MPICMN) +endif + +ifeq ($(TARGET),PA2.0WHPUX) +#HPUX64 (HP PA 2.0 Wide) using MAXPY and 64-bit digits +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE +AS_OBJS = mpi_hp.o hpma512.o hppa20.o +CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \ + -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \ + $(MPICMN) +AS = $(CC) $(CFLAGS) -c +endif + +ifeq ($(TARGET),PA2.0NHPUX) +#HPUX32 (HP PA 2.0 Narrow) hybrid model, using 32-bit digits +# This one is for DA2.0 (N) which is the 32-bit ABI with 64-bit registers. +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE +AS_OBJS = mpi_hp.o hpma512.o hppa20.o +CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \ + -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \ + -Wl,+k $(MPICMN) +#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \ + -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \ + -Wl,+k $(MPICMN) +AS = $(CC) $(CFLAGS) -c +endif + +ifeq ($(TARGET),PA1.1HPUX) +#HPUX32 (HP PA 1.1) Pure 32 bit +MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD +#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY +CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \ + -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN) +##CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \ +# -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN) +endif + +ifeq ($(TARGET),32AIX) +# +CC = xlC_r +MPICMN += -DMP_USE_UINT_DIGIT +MPICMN += -DMP_NO_DIV_WORD +#MPICMN += -DMP_NO_MUL_WORD +MPICMN += -DMP_NO_ADD_WORD +MPICMN += -DMP_NO_SUB_WORD +#MPICMN += -DMP_NO_MP_WORD +#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY +CFLAGS = -O -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN) +#CFLAGS = -g -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN) +#CFLAGS += -pg +endif + +ifeq ($(TARGET),64AIX) +# +CC = xlC_r +MPICMN += -DMP_USE_UINT_DIGIT +CFLAGS = -O -O2 -DAIX -DSYSV -qarch=com -DAIX_64BIT -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN) +OBJECT_MODE=64 +export OBJECT_MODE +endif + +ifeq ($(TARGET),x86LINUX) +#Linux +AS_OBJS = mpi_x86.o +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +MPICMN += -DMP_MONT_USE_MP_MUL +CFLAGS= -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \ + -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \ + -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN) +#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \ + -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \ + -DXP_UNIX -DDEBUG -UNDEBUG -D_REENTRANT $(MPICMN) +#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \ + -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \ + -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN) +endif + +## +## Define LIBS to include any libraries you need to link against. +## If NO_TABLE is define, LIBS should include '-lm' or whatever is +## necessary to bring in the math library. Otherwise, it can be +## left alone, unless your system has other peculiar requirements. +## +LIBS=#-lmalloc#-lefence#-lm + +## +## Define RANLIB to be the library header randomizer; you might not +## need this on some systems (just set it to 'echo' on these systems, +## such as IRIX) +## +RANLIB=echo + +## +## This is the version string used for the documentation and +## building the distribution tarball. Don't mess with it unless +## you are releasing a new version +VERS=1.7p6 + +## ---------------------------------------------------------------------- +## You probably don't need to change anything below this line... +## + +## +## This is the list of source files that need to be packed into +## the distribution file +SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \ + utils/gcd.c utils/invmod.c utils/lap.c \ + utils/ptab.pl utils/sieve.c utils/isprime.c\ + utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \ + utils/bbsrand.c utils/prng.c utils/primegen.c \ + utils/basecvt.c utils/makeprime.c\ + utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \ + utils/mpi.h utils/mpprime.h mulsqr.c \ + make-test-arrays test-arrays.txt all-tests make-logtab \ + types.pl stats timetest multest + +## These are the header files that go into the distribution file +HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \ + utils/bbs_rand.h tests/mpi.h tests/mpprime.h + +## These are the documentation files that go into the distribution file +DOCS=README doc utils/README utils/PRIMES + +## This is the list of tools built by 'make tools' +TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \ + basecvt fact exptmod pi makeprime identest + +LIBOBJS = mpprime.o mpmontg.o mplogic.o mpi.o $(AS_OBJS) +LIBHDRS = mpi-config.h mpi-priv.h mpi.h +APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h + +help: + @ echo "" + @ echo "The following targets can be built with this Makefile:" + @ echo "" + @ echo "libmpi.a - arithmetic and prime testing library" + @ echo "mpi-test - test driver (requires MP_IOFUNC)" + @ echo "tools - command line tools" + @ echo "doc - manual pages for tools" + @ echo "clean - clean up objects and such" + @ echo "distclean - get ready for distribution" + @ echo "dist - distribution tarball" + @ echo "" + +.SUFFIXES: .c .o .i + +.c.i: + $(CC) $(CFLAGS) -E $< > $@ + +#.c.o: $*.h $*.c +# $(CC) $(CFLAGS) -c $< + +#--------------------------------------- + +$(LIBOBJS): $(LIBHDRS) + +logtab.h: make-logtab + $(PERL) make-logtab > logtab.h + +mpi.o: mpi.c logtab.h $(LIBHDRS) + +mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS) + +mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS) + +mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS) + +mpi_mips.o: mpi_mips.s + $(CC) -o $@ $(ASFLAGS) -c mpi_mips.s + +mpi_sparc.o : montmulf.h + +mpv_sparcv9.s: vis_64.il mpv_sparc.c + $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_64.il mpv_sparc.c + +mpv_sparcv8.s: vis_64.il mpv_sparc.c + $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_32.il mpv_sparc.c + +montmulfv8.o montmulfv9.o mpv_sparcv8.o mpv_sparcv9.o : %.o : %.s + $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -c $< + +# This rule is used to build the .s sources, which are then hand optimized. +#montmulfv8.s montmulfv9.s : montmulf%.s : montmulf%.il montmulf.c montmulf.h +# $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -S montmulf$*.il montmulf.c + + +libmpi.a: $(LIBOBJS) + ar -cvr libmpi.a $(LIBOBJS) + $(RANLIB) libmpi.a + +lib libs: libmpi.a + +mpi.i: mpi.h + +#--------------------------------------- + +MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \ + mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o +MPTESTS = $(MPTESTOBJS:.o=) + +$(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS) + $(CC) $(CFLAGS) -o $@ -c $< + +$(MPTESTS): mptest%: mptest%.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \ + bbsrand + +utests: mptest7 mptest8 mptest9 + +#--------------------------------------- + +EXTRAOBJS = bbsrand.o bbs_rand.o prng.o +UTILOBJS = primegen.o metime.o identest.o basecvt.o fact.o exptmod.o pi.o \ + makeprime.o gcd.o invmod.o lap.o isprime.o \ + dec2hex.o hex2dec.o +UTILS = $(UTILOBJS:.o=) + +$(UTILS): % : %.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +$(UTILOBJS) $(EXTRAOBJS): %.o : utils/%.c $(LIBHDRS) + $(CC) $(CFLAGS) -o $@ -c $< + +prng: prng.o bbs_rand.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +bbsrand: bbsrand.o bbs_rand.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +utils: $(UTILS) prng bbsrand + +#--------------------------------------- + +test-info.c: test-arrays.txt + $(PERL) make-test-arrays test-arrays.txt > test-info.c + +mpi-test.o: mpi-test.c test-info.c $(LIBHDRS) + $(CC) $(CFLAGS) -o $@ -c $< + +mpi-test: mpi-test.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +mdxptest.o: mdxptest.c $(LIBHDRS) mpi-priv.h + +mdxptest: mdxptest.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +mulsqr.o: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h + $(CC) $(CFLAGS) -DMP_SQUARE=1 -o $@ -c mulsqr.c + +mulsqr: mulsqr.o libmpi.a + $(CC) $(CFLAGS) -o $@ $^ $(LIBS) + +#--------------------------------------- + +alltests: tests utests mpi-test + +tools: $(TOOLS) + +doc: + (cd doc; ./build) + +clean: + rm -f *.o *.a *.i + rm -f core + rm -f *~ .*~ + rm -f utils/*.o + rm -f utils/core + rm -f utils/*~ utils/.*~ + +clobber: clean + rm -f $(TOOLS) $(UTILS) + +distclean: clean + rm -f mptest? mpi-test metime mulsqr karatsuba + rm -f mptest?a mptest?b + rm -f utils/mptest? + rm -f test-info.c logtab.h + rm -f libmpi.a + rm -f $(TOOLS) + +dist: Makefile $(HDRS) $(SRCS) $(DOCS) + tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS) + pgps -ab mpi-$(VERS).tar + chmod +r mpi-$(VERS).tar.asc + gzip -9 mpi-$(VERS).tar + +# END diff --git a/security/nss/lib/freebl/mpi/Makefile.os2 b/security/nss/lib/freebl/mpi/Makefile.os2 new file mode 100644 index 000000000..e81b64649 --- /dev/null +++ b/security/nss/lib/freebl/mpi/Makefile.os2 @@ -0,0 +1,277 @@ +## +## Makefile.win - gmake Makefile for building MPI with VACPP on OS/2 +## +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. +## +## Contributor(s): +## Netscape Communications Corporation +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +## +## +## $Id$ +## + +## Define CC to be the C compiler you wish to use. The GNU cc +## compiler (gcc) should work, at the very least +#CC=cc +#CC=gcc +CC=icc.exe +AS=alp.exe + +## +## Define PERL to point to your local Perl interpreter. It +## should be Perl 5.x, although it's conceivable that Perl 4 +## might work ... I haven't tested it. +## +#PERL=/usr/bin/perl +PERL=perl + +## +## Define CFLAGS to contain any local options your compiler +## setup requires. +## +## Conditional compilation options are no longer here; see +## the file 'mpi-config.h' instead. +## +MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD + +#OS/2 +AS_SRCS = mpi_x86.asm +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \ + -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +CFLAGS = /Ti+ -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + $(MPICMN) +ASFLAGS = + +## +## Define LIBS to include any libraries you need to link against. +## If NO_TABLE is define, LIBS should include '-lm' or whatever is +## necessary to bring in the math library. Otherwise, it can be +## left alone, unless your system has other peculiar requirements. +## +LIBS=#-lmalloc#-lefence#-lm + +## +## Define RANLIB to be the library header randomizer; you might not +## need this on some systems (just set it to 'echo' on these systems, +## such as IRIX) +## +RANLIB=echo + +## +## This is the version string used for the documentation and +## building the distribution tarball. Don't mess with it unless +## you are releasing a new version +VERS=1.7p6 + +## ---------------------------------------------------------------------- +## You probably don't need to change anything below this line... +## + +## +## This is the list of source files that need to be packed into +## the distribution file +SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \ + utils/gcd.c utils/invmod.c utils/lap.c \ + utils/ptab.pl utils/sieve.c utils/isprime.c\ + utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \ + utils/bbsrand.c utils/prng.c utils/primegen.c \ + utils/basecvt.c utils/makeprime.c\ + utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \ + utils/mpi.h utils/mpprime.h mulsqr.c \ + make-test-arrays test-arrays.txt all-tests make-logtab \ + types.pl stats timetest multest + +## These are the header files that go into the distribution file +HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \ + utils/bbs_rand.h tests/mpi.h tests/mpprime.h + +## These are the documentation files that go into the distribution file +DOCS=README doc utils/README utils/PRIMES + +## This is the list of tools built by 'make tools' +TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \ + primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe + +AS_OBJS = $(AS_SRCS:.asm=.obj) +LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS) +LIBHDRS = mpi-config.h mpi-priv.h mpi.h +APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h + + +help: + @ echo "" + @ echo "The following targets can be built with this Makefile:" + @ echo "" + @ echo "mpi.lib - arithmetic and prime testing library" + @ echo "mpi-test.exe - test driver (requires MP_IOFUNC)" + @ echo "tools - command line tools" + @ echo "doc - manual pages for tools" + @ echo "clean - clean up objects and such" + @ echo "distclean - get ready for distribution" + @ echo "dist - distribution tarball" + @ echo "" + +.SUFFIXES: .c .obj .i .lib .exe .asm + +.c.i: + $(CC) $(CFLAGS) -E $< > $@ + +.c.obj: + $(CC) $(CFLAGS) -c $< + +.asm.obj: + $(AS) $(ASFLAGS) $< + +.obj.exe: + $(CC) $(CFLAGS) -Fo$@ $< + +#--------------------------------------- + +$(LIBOBJS): $(LIBHDRS) + +logtab.h: make-logtab + $(PERL) make-logtab > logtab.h + +mpi.obj: mpi.c logtab.h $(LIBHDRS) + +mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS) + +mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS) + +mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS) + +mpi_mips.obj: mpi_mips.s + $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s + +mpi.lib: $(LIBOBJS) + ilib /out:mpi.lib $(LIBOBJS) + $(RANLIB) mpi.lib + +lib libs: mpi.lib + +#--------------------------------------- + +MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \ + mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj +MPTESTS = $(MPTESTOBJS:.obj=.exe) + +$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \ + mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe + +utests: mptest7.exe mptest8.exe mptest9.exe + +#--------------------------------------- + +EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj +UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \ + exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \ + isprime.obj dec2hex.obj hex2dec.obj +UTILS = $(UTILOBJS:.obj=.exe) + +$(UTILS): %.exe : %.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +utils: $(UTILS) prng.exe bbsrand.exe + +#--------------------------------------- + +test-info.c: test-arrays.txt + $(PERL) make-test-arrays test-arrays.txt > test-info.c + +mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +mpi-test.exe: mpi-test.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h + +mdxptest.exe: mdxptest.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h + $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c + +mulsqr.exe: mulsqr.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +#--------------------------------------- + +alltests: tests utests mpi-test.exe + +tools: $(TOOLS) + +doc: + (cd doc; ./build) + +clean: + rm -f *.obj *.lib *.pdb *.ilk + cd utils; rm -f *.obj *.lib *.pdb *.ilk + +distclean: clean + rm -f mptest? mpi-test metime mulsqr karatsuba + rm -f mptest?a mptest?b + rm -f utils/mptest? + rm -f test-info.c logtab.h + rm -f mpi.lib + rm -f $(TOOLS) + +dist: Makefile $(HDRS) $(SRCS) $(DOCS) + tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS) + pgps -ab mpi-$(VERS).tar + chmod +r mpi-$(VERS).tar.asc + gzip -9 mpi-$(VERS).tar + + +print: + @echo LIBOBJS = $(LIBOBJS) +# END diff --git a/security/nss/lib/freebl/mpi/Makefile.win b/security/nss/lib/freebl/mpi/Makefile.win new file mode 100644 index 000000000..1c403f4d3 --- /dev/null +++ b/security/nss/lib/freebl/mpi/Makefile.win @@ -0,0 +1,277 @@ +## +## Makefile.win - gmake Makefile for building MPI with MSVC on NT +## +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. +## +## Contributor(s): +## Netscape Communications Corporation +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +## +## +## $Id$ +## + +## Define CC to be the C compiler you wish to use. The GNU cc +## compiler (gcc) should work, at the very least +#CC=cc +#CC=gcc +CC=cl.exe +AS=ml.exe + +## +## Define PERL to point to your local Perl interpreter. It +## should be Perl 5.x, although it's conceivable that Perl 4 +## might work ... I haven't tested it. +## +#PERL=/usr/bin/perl +PERL=perl + +## +## Define CFLAGS to contain any local options your compiler +## setup requires. +## +## Conditional compilation options are no longer here; see +## the file 'mpi-config.h' instead. +## +MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC + +#NT +AS_SRCS = mpi_x86.asm +MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \ + -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +CFLAGS = -O2 -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \ + -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN) +ASFLAGS = -Cp -Sn -Zi -coff -I. + +## +## Define LIBS to include any libraries you need to link against. +## If NO_TABLE is define, LIBS should include '-lm' or whatever is +## necessary to bring in the math library. Otherwise, it can be +## left alone, unless your system has other peculiar requirements. +## +LIBS=#-lmalloc#-lefence#-lm + +## +## Define RANLIB to be the library header randomizer; you might not +## need this on some systems (just set it to 'echo' on these systems, +## such as IRIX) +## +RANLIB=echo + +## +## This is the version string used for the documentation and +## building the distribution tarball. Don't mess with it unless +## you are releasing a new version +VERS=1.7p6 + +## ---------------------------------------------------------------------- +## You probably don't need to change anything below this line... +## + +## +## This is the list of source files that need to be packed into +## the distribution file +SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \ + utils/gcd.c utils/invmod.c utils/lap.c \ + utils/ptab.pl utils/sieve.c utils/isprime.c\ + utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \ + utils/bbsrand.c utils/prng.c utils/primegen.c \ + utils/basecvt.c utils/makeprime.c\ + utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \ + utils/mpi.h utils/mpprime.h mulsqr.c \ + make-test-arrays test-arrays.txt all-tests make-logtab \ + types.pl stats timetest multest + +## These are the header files that go into the distribution file +HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \ + utils/bbs_rand.h tests/mpi.h tests/mpprime.h + +## These are the documentation files that go into the distribution file +DOCS=README doc utils/README utils/PRIMES + +## This is the list of tools built by 'make tools' +TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \ + primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe + +AS_OBJS = $(AS_SRCS:.asm=.obj) +LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS) +LIBHDRS = mpi-config.h mpi-priv.h mpi.h +APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h + + +help: + @ echo "" + @ echo "The following targets can be built with this Makefile:" + @ echo "" + @ echo "mpi.lib - arithmetic and prime testing library" + @ echo "mpi-test - test driver (requires MP_IOFUNC)" + @ echo "tools - command line tools" + @ echo "doc - manual pages for tools" + @ echo "clean - clean up objects and such" + @ echo "distclean - get ready for distribution" + @ echo "dist - distribution tarball" + @ echo "" + +.SUFFIXES: .c .obj .i .lib .exe .asm + +.c.i: + $(CC) $(CFLAGS) -E $< > $@ + +.c.obj: + $(CC) $(CFLAGS) -c $< + +.asm.obj: + $(AS) $(ASFLAGS) -c $< + +.obj.exe: + $(CC) $(CFLAGS) -Fo$@ $< + +#--------------------------------------- + +$(LIBOBJS): $(LIBHDRS) + +logtab.h: make-logtab + $(PERL) make-logtab > logtab.h + +mpi.obj: mpi.c logtab.h $(LIBHDRS) + +mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS) + +mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS) + +mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS) + +mpi_mips.obj: mpi_mips.s + $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s + +mpi.lib: $(LIBOBJS) + ar -cvr mpi.lib $(LIBOBJS) + $(RANLIB) mpi.lib + +lib libs: mpi.lib + +#--------------------------------------- + +MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \ + mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj +MPTESTS = $(MPTESTOBJS:.obj=.exe) + +$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \ + mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe + +utests: mptest7.exe mptest8.exe mptest9.exe + +#--------------------------------------- + +EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj +UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \ + exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \ + isprime.obj dec2hex.obj hex2dec.obj +UTILS = $(UTILOBJS:.obj=.exe) + +$(UTILS): %.exe : %.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +utils: $(UTILS) prng.exe bbsrand.exe + +#--------------------------------------- + +test-info.c: test-arrays.txt + $(PERL) make-test-arrays test-arrays.txt > test-info.c + +mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS) + $(CC) $(CFLAGS) -Fo$@ -c $< + +mpi-test.exe: mpi-test.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h + +mdxptest.exe: mdxptest.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h + $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c + +mulsqr.exe: mulsqr.obj mpi.lib $(LIBS) + $(CC) $(CFLAGS) -Fo$@ $^ + +#--------------------------------------- + +alltests: tests utests mpi-test.exe + +tools: $(TOOLS) + +doc: + (cd doc; ./build) + +clean: + rm -f *.obj *.lib *.pdb *.ilk + cd utils; rm -f *.obj *.lib *.pdb *.ilk + +distclean: clean + rm -f mptest? mpi-test metime mulsqr karatsuba + rm -f mptest?a mptest?b + rm -f utils/mptest? + rm -f test-info.c logtab.h + rm -f mpi.lib + rm -f $(TOOLS) + +dist: Makefile $(HDRS) $(SRCS) $(DOCS) + tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS) + pgps -ab mpi-$(VERS).tar + chmod +r mpi-$(VERS).tar.asc + gzip -9 mpi-$(VERS).tar + + +print: + @echo LIBOBJS = $(LIBOBJS) +# END diff --git a/security/nss/lib/freebl/mpi/README b/security/nss/lib/freebl/mpi/README new file mode 100644 index 000000000..3c5cbdaa6 --- /dev/null +++ b/security/nss/lib/freebl/mpi/README @@ -0,0 +1,795 @@ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. +All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +About the MPI Library +--------------------- + +The files 'mpi.h' and 'mpi.c' define a simple, arbitrary precision +signed integer arithmetic package. The implementation is not the most +efficient possible, but the code is small and should be fairly easily +portable to just about any machine that supports an ANSI C compiler, +as long as it is capable of at least 16-bit arithmetic (but also see +below for more on this). + +This library was written with an eye to cryptographic applications; +thus, some care is taken to make sure that temporary values are not +left lying around in memory when they are no longer in use. This adds +some overhead for zeroing buffers before they are released back into +the free pool; however, it gives you the assurance that there is only +one copy of your important values residing in your process's address +space at a time. Obviously, it is difficult to guarantee anything, in +a pre-emptive multitasking environment, but this at least helps you +keep a lid on the more obvious ways your data can get spread around in +memory. + + +Using the Library +----------------- + +To use the MPI library in your program, you must include the header: + +#include "mpi.h" + +This header provides all the type and function declarations you'll +need to use the library. Almost all the names defined by the library +begin with the prefix 'mp_', so it should be easy to keep them from +clashing with your program's namespace (he says, glibly, knowing full +well there are always pathological cases). + +There are a few things you may want to configure about the library. +By default, the MPI library uses an unsigned short for its digit type, +and an unsigned int for its word type. The word type must be big +enough to contain at least two digits, for the primitive arithmetic to +work out. On my machine, a short is 2 bytes and an int is 4 bytes -- +but if you have 64-bit ints, you might want to use a 4-byte digit and +an 8-byte word. I have tested the library using 1-byte digits and +2-byte words, as well. Whatever you choose to do, the things you need +to change are: + +(1) The type definitions for mp_digit and mp_word. + +(2) The macro DIGIT_FMT which tells mp_print() how to display a + single digit. This is just a printf() format string, so you + can adjust it appropriately. + +(3) The macros DIGIT_MAX and MP_WORD_MAX, which specify the + largest value expressible in an mp_digit and an mp_word, + respectively. + +Both the mp_digit and mp_word should be UNSIGNED integer types. The +code relies on having the full positive precision of the type used for +digits and words. + +The remaining type definitions should be left alone, for the most +part. The code in the library does not make any significant +assumptions about the sizes of things, but there is little if any +reason to change the other parameters, so I would recommend you leave +them as you found them. + +The library comes with a Perl script, 'types.pl', which will scan your +current Makefile settings, and attempt to find good definitions for +these types. It relies on a Unix sort of build environment, so it +probably won't work under MacOS or Windows, but it can be convenient +if you're porting to a new flavour of Unix. Just run 'types.pl' at +the command line, and it will spit out its results to the standard +output. + + +Conventions +----------- + +Most functions in the library return a value of type mp_err. This +permits the library to communicate success or various kinds of failure +to the calling program. The return values currently defined are: + + MP_OKAY - okay, operation succeeded, all's well + MP_YES - okay, the answer is yes (same as MP_OKAY) + MP_NO - okay, but answer is no (not MP_OKAY) + MP_MEM - operation ran out of memory + MP_RANGE - input parameter was out of range + MP_BADARG - an invalid input parameter was provided + MP_UNDEF - no output value is defined for this input + +The only function which currently uses MP_UNDEF is mp_invmod(). +Division by zero is undefined, but the division functions will return +MP_RANGE for a zero divisor. MP_BADARG usually means you passed a +bogus mp_int structure to the function. MP_YES and MP_NO are not used +by the library itself; they're defined so you can use them in your own +extensions. + +If you need a readable interpretation of these error codes in your +program, you may also use the mp_strerror() function. This function +takes an mp_err as input, and returns a pointer to a human-readable +string describing the meaning of the error. These strings are stored +as constants within the library, so the caller should not attempt to +modify or free the memory associated with these strings. + +The library represents values in signed-magnitude format. Values +strictly less than zero are negative, all others are considered +positive (zero is positive by fiat). You can access the 'sign' member +of the mp_int structure directly, but better is to use the mp_cmp_z() +function, to find out which side of zero the value lies on. + +Most arithmetic functions have a single-digit variant, as well as the +full arbitrary-precision. An mp_digit is an unsigned value between 0 +and DIGIT_MAX inclusive. The radix is available as RADIX. The number +of bits in a given digit is given as DIGIT_BIT. + +Generally, input parameters are given before output parameters. +Unless otherwise specified, any input parameter can be re-used as an +output parameter, without confusing anything. + +The basic numeric type defined by the library is an mp_int. Virtually +all the functions in the library take a pointer to an mp_int as one of +their parameters. An explanation of how to create and use these +<HR> +<A NAME="p23"> +<H3>Problem 23:</H3> + +structures follows. And so, without further ado... + + +Initialization and Cleanup +-------------------------- + +The basic numeric type defined by the library is an 'mp_int'. +However, it is not sufficient to simply declare a variable of type +mp_int in your program. These variables also need to be initialized +before they can be used, to allocate the internal storage they require +for computation. + +This is done using one of the following functions: + + mp_init(mp_int *mp); + mp_init_copy(mp_int *mp, mp_int *from); + mp_init_size(mp_int *mp, mp_size p); + +Each of these requires a pointer to a structure of type mp_int. The +basic mp_init() simply initializes the mp_int to a default size, and +sets its value to zero. If you would like to initialize a copy of an +existing mp_int, use mp_init_copy(), where the 'from' parameter is the +mp_int you'd like to make a copy of. The third function, +mp_init_size(), permits you to specify how many digits of precision +should be preallocated for your mp_int. This can help the library +avoid unnecessary re-allocations later on. + +The default precision used by mp_init() can be retrieved using: + + precision = mp_get_prec(); + +This returns the number of digits that will be allocated. You can +change this value by using: + + mp_set_prec(unsigned int prec); + +Any positive value is acceptable -- if you pass zero, the default +precision will be re-set to the compiled-in library default (this is +specified in the header file 'mpi-config.h', and typically defaults to +8 or 16). + +Just as you must allocate an mp_int before you can use it, you must +clean up the structure when you are done with it. This is performed +using the mp_clear() function. Remember that any mp_int that you +create as a local variable in a function must be mp_clear()'d before +that function exits, or else the memory allocated to that mp_int will +be orphaned and unrecoverable. + +To set an mp_int to a given value, the following functions are given: + + mp_set(mp_int *mp, mp_digit d); + mp_set_int(mp_int *mp, long z); + +The mp_set() function sets the mp_int to a single digit value, while +mp_set_int() sets the mp_int to a signed long integer value. + +To set an mp_int to zero, use: + + mp_zero(mp_int *mp); + + +Copying and Moving +------------------ + +If you have two initialized mp_int's, and you want to copy the value +of one into the other, use: + + mp_copy(from, to) + +This takes care of clearing the old value of 'to', and copies the new +value into it. If 'to' is not yet initialized, use mp_init_copy() +instead (see above). + +Note: The library tries, whenever possible, to avoid allocating +---- new memory. Thus, mp_copy() tries first to satisfy the needs + of the copy by re-using the memory already allocated to 'to'. + Only if this proves insufficient will mp_copy() actually + allocate new memory. + + For this reason, if you know a priori that 'to' has enough + available space to hold 'from', you don't need to check the + return value of mp_copy() for memory failure. The USED() + macro tells you how many digits are used by an mp_int, and + the ALLOC() macro tells you how many are allocated. + +If you have two initialized mp_int's, and you want to exchange their +values, use: + + mp_exch(a, b) + +This is better than using mp_copy() with a temporary, since it will +not (ever) touch the memory allocator -- it just swaps the exact +contents of the two structures. The mp_exch() function cannot fail; +if you pass it an invalid structure, it just ignores it, and does +nothing. + + +Basic Arithmetic +---------------- + +Once you have initialized your integers, you can operate on them. The +basic arithmetic functions on full mp_int values are: + +mp_add(a, b, c) - computes c = a + b +mp_sub(a, b, c) - computes c = a - b +mp_mul(a, b, c) - computes c = a * b +mp_sqr(a, b) - computes b = a * a +mp_div(a, b, q, r) - computes q, r such that a = bq + r +mp_div_2d(a, d, q, r) - computes q = a / 2^d, r = a % 2^d +mp_expt(a, b, c) - computes c = a ** b +mp_2expt(a, k) - computes a = 2^k +mp_sqrt(a, c) - computes c = floor(sqrt(a)) + +The mp_div_2d() function efficiently computes division by powers of +two. Either the q or r parameter may be NULL, in which case that +portion of the computation will be discarded. + +The algorithms used for some of the computations here are described in +the following files which are included with this distribution: + +mul.txt Describes the multiplication algorithm +div.txt Describes the division algorithm +expt.txt Describes the exponentiation algorithm +sqrt.txt Describes the square-root algorithm +square.txt Describes the squaring algorithm + +There are single-digit versions of most of these routines, as well. +In the following prototypes, 'd' is a single mp_digit: + +mp_add_d(a, d, c) - computes c = a + d +mp_sub_d(a, d, c) - computes c = a - d +mp_mul_d(a, d, c) - computes c = a * d +mp_mul_2(a, c) - computes c = a * 2 +mp_div_d(a, d, q, r) - computes q, r such that a = bq + r +mp_div_2(a, c) - computes c = a / 2 +mp_expt_d(a, d, c) - computes c = a ** d + +The mp_mul_2() and mp_div_2() functions take advantage of the internal +representation of an mp_int to do multiplication by two more quickly +than mp_mul_d() would. Other basic functions of an arithmetic variety +include: + +mp_zero(a) - assign 0 to a +mp_neg(a, c) - negate a: c = -a +mp_abs(a, c) - absolute value: c = |a| + + +Comparisons +----------- + +Several comparison functions are provided. Each of these, unless +otherwise specified, returns zero if the comparands are equal, < 0 if +the first is less than the second, and > 0 if the first is greater +than the second: + +mp_cmp_z(a) - compare a <=> 0 +mp_cmp_d(a, d) - compare a <=> d, d is a single digit +mp_cmp(a, b) - compare a <=> b +mp_cmp_mag(a, b) - compare |a| <=> |b| +mp_cmp_int(a, z) - compare a <=> z, z is a signed long integer +mp_isodd(a) - return nonzero if odd, zero otherwise +mp_iseven(a) - return nonzero if even, zero otherwise + + +Modular Arithmetic +------------------ + +Modular variations of the basic arithmetic functions are also +supported. These are available if the MP_MODARITH parameter in +mpi-config.h is turned on (it is by default). The modular arithmetic +functions are: + +mp_mod(a, m, c) - compute c = a (mod m), 0 <= c < m +mp_mod_d(a, d, c) - compute c = a (mod d), 0 <= c < d (see below) +mp_addmod(a, b, m, c) - compute c = (a + b) mod m +mp_submod(a, b, m, c) - compute c = (a - b) mod m +mp_mulmod(a, b, m, c) - compute c = (a * b) mod m +mp_sqrmod(a, m, c) - compute c = (a * a) mod m +mp_exptmod(a, b, m, c) - compute c = (a ** b) mod m +mp_exptmod_d(a, d, m, c)- compute c = (a ** d) mod m + +The mp_sqr() function squares its input argument. A call to mp_sqr(a, +c) is identical in meaning to mp_mul(a, a, c); however, if the +MP_SQUARE variable is set true in mpi-config.h (see below), then it +will be implemented with a different algorithm, that is supposed to +take advantage of the redundant computation that takes place during +squaring. Unfortunately, some compilers result in worse performance +on this code, so you can change the behaviour at will. There is a +utility program "mulsqr.c" that lets you test which does better on +your system. + +The mp_sqrmod() function is analogous to the mp_sqr() function; it +uses the mp_sqr() function rather than mp_mul(), and then performs the +modular reduction. This probably won't help much unless you are doing +a lot of them. + +See the file 'square.txt' for a synopsis of the algorithm used. + +Note: The mp_mod_d() function computes a modular reduction around +---- a single digit d. The result is a single digit c. + +Because an inverse is defined for a (mod m) if and only if (a, m) = 1 +(that is, if a and m are relatively prime), mp_invmod() may not be +able to compute an inverse for the arguments. In this case, it +returns the value MP_UNDEF, and does not modify c. If an inverse is +defined, however, it returns MP_OKAY, and sets c to the value of the +inverse (mod m). + +See the file 'redux.txt' for a description of the modular reduction +algorithm used by mp_exptmod(). + + +Greatest Common Divisor +----------------------- + +If The greates common divisor of two values can be found using one of the +following functions: + +mp_gcd(a, b, c) - compute c = (a, b) using binary algorithm +mp_lcm(a, b, c) - compute c = [a, b] = ab / (a, b) +mp_xgcd(a, b, g, x, y) - compute g, x, y so that ax + by = g = (a, b) + +Also provided is a function to compute modular inverses, if they +exist: + +mp_invmod(a, m, c) - compute c = a^-1 (mod m), if it exists + +The function mp_xgcd() computes the greatest common divisor, and also +returns values of x and y satisfying Bezout's identity. This is used +by mp_invmod() to find modular inverses. However, if you do not need +these values, you will find that mp_gcd() is MUCH more efficient, +since it doesn't need all the intermediate values that mp_xgcd() +requires in order to compute x and y. + +The mp_gcd() (and mp_xgcd()) functions use the binary (extended) GCD +algorithm due to Josef Stein. + + +Input & Output Functions +------------------------ + +The following basic I/O routines are provided. These are present at +all times: + +mp_read_radix(mp, str, r) - convert a string in radix r to an mp_int +mp_read_raw(mp, s, len) - convert a string of bytes to an mp_int +mp_radix_size(mp, r) - return length of buffer needed by mp_toradix() +mp_raw_size(mp) - return length of buffer needed by mp_toraw() +mp_toradix(mp, str, r) - convert an mp_int to a string of radix r + digits +mp_toraw(mp, str) - convert an mp_int to a string of bytes +mp_tovalue(ch, r) - convert ch to its value when taken as + a radix r digit, or -1 if invalid +mp_strerror(err) - get a string describing mp_err value 'err' + +If you compile the MPI library with MP_IOFUNC defined, you will also +have access to the following additional I/O function: + +mp_print(mp, ofp) - print an mp_int as text to output stream ofp + +Note that mp_radix_size() returns a size in bytes guaranteed to be AT +LEAST big enough for the digits output by mp_toradix(). Because it +uses an approximation technique to figure out how many digits will be +needed, it may return a figure which is larger than necessary. Thus, +the caller should not rely on the value to determine how many bytes +will actually be written by mp_toradix(). The string mp_toradix() +creates will be NUL terminated, so the standard C library function +strlen() should be able to ascertain this for you, if you need it. + +The mp_read_radix() and mp_toradix() functions support bases from 2 to +64 inclusive. If you require more general radix conversion facilities +than this, you will need to write them yourself (that's why mp_div_d() +is provided, after all). + +Note: mp_read_radix() will accept as digits either capital or +---- lower-case letters. However, the current implementation of + mp_toradix() only outputs upper-case letters, when writing + bases betwee 10 and 36. The underlying code supports using + lower-case letters, but the interface stub does not have a + selector for it. You can add one yourself if you think it + is worthwhile -- I do not. Bases from 36 to 64 use lower- + case letters as distinct from upper-case. Bases 63 and + 64 use the characters '+' and '/' as digits. + + Note also that compiling with MP_IOFUNC defined will cause + inclusion of <stdio.h>, so if you are trying to write code + which does not depend on the standard C library, you will + probably want to avoid this option. This is needed because + the mp_print() function takes a standard library FILE * as + one of its parameters, and uses the fprintf() function. + +The mp_toraw() function converts the integer to a sequence of bytes, +in big-endian ordering (most-significant byte first). Assuming your +bytes are 8 bits wide, this corresponds to base 256. The sign is +encoded as a single leading byte, whose value is 0 for zero or +positive values, or 1 for negative values. The mp_read_raw() function +reverses this process -- it takes a buffer of bytes, interprets the +first as a sign indicator (0 = zero/positive, nonzero = negative), and +the rest as a sequence of 1-byte digits in big-endian ordering. + +The mp_raw_size() function returns the exact number of bytes required +to store the given integer in "raw" format (as described in the +previous paragraph). Zero is returned in case of error; a valid +integer will require at least three bytes of storage. + +In previous versions of the MPI library, an "external representation +format" was supported. This was removed, however, because I found I +was never using it, it was not as portable as I would have liked, and +I decided it was a waste of space. + + +Other Functions +--------------- + +The files 'mpprime.h' and 'mpprime.c' define some routines which are +useful for divisibility testing and probabilistic primality testing. +The routines defined are: + +mpp_divis(a, b) - is a divisible by b? +mpp_divis_d(a, d) - is a divisible by digit d? +mpp_random(a) - set a to random value at current precision +mpp_random_size(a, prec) - set a to random value at given precision + +Note: The mpp_random() and mpp_random_size() functions use the C +---- library's rand() function to generate random values. It is + up to the caller to seed this generator before it is called. + These functions are not suitable for generating quantities + requiring cryptographic-quality randomness; they are intended + primarily for use in primality testing. + + Note too that the MPI library does not call srand(), so your + application should do this, if you ever want the sequence + to change. + +mpp_divis_vector(a, v, s, w) - is a divisible by any of the s digits + in v? If so, let w be the index of + that digit + +mpp_divis_primes(a, np) - is a divisible by any of the first np + primes? If so, set np to the prime + which divided a. + +mpp_fermat(a, d) - test if w^a = w (mod a). If so, + returns MP_YES, otherwise MP_NO. + +mpp_pprime(a, nt) - perform nt iterations of the Rabin- + Miller probabilistic primality test + on a. Returns MP_YES if all tests + passed, or MP_NO if any test fails. + +The mpp_fermat() function works based on Fermat's little theorem, a +consequence of which is that if p is a prime, and (w, p) = 1, then: + + w^p = w (mod p) + +Put another way, if w^p != w (mod p), then p is not prime. The test +is expensive to compute, but it helps to quickly eliminate an enormous +class of composite numbers prior to Rabin-Miller testing. + +Building the Library +-------------------- + +The MPI library is designed to be as self-contained as possible. You +should be able to compile it with your favourite ANSI C compiler, and +link it into your program directly. If you are on a Unix system using +the GNU C compiler (gcc), the following should work: + +% gcc -ansi -pedantic -Wall -O2 -c mpi.c + +The file 'mpi-config.h' defines several configurable parameters for +the library, which you can adjust to suit your application. At the +time of this writing, the available options are: + +MP_IOFUNC - Define true to include the mp_print() function, + which is moderately useful for debugging. This + implicitly includes <stdio.h>. + +MP_MODARITH - Define true to include the modular arithmetic + functions. If you don't need modular arithmetic + in your application, you can set this to zero to + leave out all the modular routines. + +MP_NUMTH - Define true to include number theoretic functions + such as mp_gcd(), mp_lcm(), and mp_invmod(). + +MP_LOGTAB - If true, the file "logtab.h" is included, which + is basically a static table of base 2 logarithms. + These are used to compute how big the buffers for + radix conversion need to be. If you set this false, + the library includes <math.h> and uses log(). This + typically forces you to link against math libraries. + +MP_MEMSET - If true, use memset() to zero buffers. If you run + into weird alignment related bugs, set this to zero + and an explicit loop will be used. + +MP_MEMCPY - If true, use memcpy() to copy buffers. If you run + into weird alignment bugs, set this to zero and an + explicit loop will be used. + +MP_CRYPTO - If true, whenever arrays of digits are free'd, they + are zeroed first. This is useful if you're using + the library in a cryptographic environment; however, + it does add overhead to each free operation. For + performance, if you don't care about zeroing your + buffers, set this to false. + +MP_ARGCHK - Set to 0, 1, or 2. This defines how the argument + checking macro, ARGCHK(), gets expanded. If this + is set to zero, ARGCHK() expands to nothing; no + argument checks are performed. If this is 1, the + ARGCHK() macro expands to code that returns MP_BADARG + or similar at runtime. If it is 2, ARGCHK() expands + to an assert() call that aborts the program on a + bad input. + +MP_DEBUG - Turns on debugging output. This is probably not at + all useful unless you are debugging the library. It + tends to spit out a LOT of output. + +MP_DEFPREC - The default precision of a newly-created mp_int, in + digits. The precision can be changed at runtime by + the mp_set_prec() function, but this is its initial + value. + +MP_SQUARE - If this is set to a nonzero value, the mp_sqr() + function will use an alternate algorithm that takes + advantage of the redundant inner product computation + when both multiplicands are identical. Unfortunately, + with some compilers this is actually SLOWER than just + calling mp_mul() with the same argument twice. So + if you set MP_SQUARE to zero, mp_sqr() will be expan- + ded into a call to mp_mul(). This applies to all + the uses of mp_sqr(), including mp_sqrmod() and the + internal calls to s_mp_sqr() inside mpi.c + + The program 'mulsqr' (mulsqr.c) can be used to test + which works best for your configuration. Set up the + CC and CFLAGS variables in the Makefile, then type: + + make mulsqr + + Invoke it with arguments similar to the following: + + mulsqr 25000 1024 + + That is, 25000 products computed on 1024-bit values. + The output will compare the two timings, and recommend + a setting for MP_SQUARE. It is off by default. + +If you would like to use the mp_print() function (see above), be sure +to define MP_IOFUNC in mpi-config.h. Many of the test drivers in the +'tests' subdirectory expect this to be defined (although the test +driver 'mpi-test' doesn't need it) + +The Makefile which comes with the library should take care of building +the library for you, if you have set the CC and CFLAGS variables at +the top of the file appropriately. By default, they are set up to +use the GNU C compiler: + +CC=gcc +CFLAGS=-ansi -pedantic -Wall -O2 + +If all goes well, the library should compile without warnings using +this combination. You should, of course, make whatever adjustments +you find necessary. + +The MPI library distribution comes with several additional programs +which are intended to demonstrate the use of the library, and provide +a framework for testing it. There are a handful of test driver +programs, in the files named 'mptest-X.c', where X is a digit. Also, +there are some simple command-line utilities (in the 'utils' +directory) for manipulating large numbers. These include: + +basecvt.c A radix-conversion program, supporting bases from + 2 to 64 inclusive. + +bbsrand.c A BBS (quadratic residue) pseudo-random number + generator. The file 'bbsrand.c' is just the driver + for the program; the real code lives in the files + 'bbs_rand.h' and 'bbs_rand.c' + +dec2hex.c Converts decimal to hexadecimal + +gcd.c Computes the greatest common divisor of two values. + If invoked as 'xgcd', also computes constants x and + y such that (a, b) = ax + by, in accordance with + Bezout's identity. + +hex2dec.c Converts hexadecimal to decimal + +invmod.c Computes modular inverses + +isprime.c Performs the Rabin-Miller probabilistic primality + test on a number. Values which fail this test are + definitely composite, and those which pass are very + likely to be prime (although there are no guarantees) + +lap.c Computes the order (least annihilating power) of + a value v modulo m. Very dumb algorithm. + +primegen.c Generates large (probable) primes. + +prng.c A pseudo-random number generator based on the + BBS generator code in 'bbs_rand.c' + +sieve.c Implements the Sieve of Eratosthenes, using a big + bitmap, to generate a list of prime numbers. + +fact.c Computes the factorial of an arbitrary precision + integer (iterative). + +exptmod.c Computes arbitrary precision modular exponentiation + from the command line (exptmod a b m -> a^b (mod m)) + +Most of these can be built from the Makefile that comes with the +library. Try 'make tools', if your environment supports it. (If you +are compiling on a Macintosh, I'm afraid you'll have to build them by +hand -- fortunately, this is not difficult -- the library itself +should compile just fine under Metrowerks CodeWarrior). + + +Testing the Library +------------------- + +Automatic test vectors are included, in the form of a program called +'mpi-test'. To build this program and run all the tests, simply +invoke the shell script 'all-tests'. If all the tests pass, you +should see a message: + + All tests passed + +If something went wrong, you'll get: + + One or more tests failed. + +If this happens, scan back through the preceding lines, to see which +test failed. Any failure indicates a bug in the library, which needs +to be fixed before it will give accurate results. If you get any such +thing, please let me know, and I'll try to fix it. Please let me know +what platform and compiler you were using, as well as which test +failed. If a reason for failure was given, please send me that text +as well. + +If you're on a system such as the Macintosh, where the standard Unix +build tools don't work, you can build the 'mpi-test' program manually, +and run it by hand. This is tedious and obnoxious, sorry. + +Further manual testing can be performed by building the manual testing +programs, whose source is found in the 'tests' subdirectory. Each +test is in a source file called 'mptest-X.c'. The Makefile contains a +target to build all of them at once: + + make tests + +Read the comments at the top of each source file to see what the +driver is supposed to test. You probably don't need to do this; these +programs were only written to help me as I was developing the library. + +The relevant files are: + +mpi-test.c The source for the test driver + +make-test-arrays A Perl script to generate some of the internal + data structures used by mpi-test.c + +test-arrays.txt The source file for make-test-arrays + +all-tests A Bourne shell script which runs all the + tests in the mpi-test suite + +Running 'make mpi-test' should build the mpi-test program. If you +cannot use make, here is what needs to be done: + +(1) Use 'make-test-arrays' to generate the file 'test-info.c' from + the 'test-arrays.txt' file. Since Perl can be found everywhere, + even on the Macintosh, this should be no trouble. Under Unix, + this looks like: + + make-test-arrays test-arrays.txt > test-info.c + +(2) Build the MPI library: + + gcc -ansi -pedantic -Wall -c mpi.c + +(3) Build the mpi-test program: + + gcc -ansi -pedantic -Wall -o mpi-test mpi.o mpi-test.c + +When you've got mpi-test, you can use 'all-tests' to run all the tests +made available by mpi-test. If any of them fail, there should be a +diagnostic indicating what went wrong. These are fairly high-level +diagnostics, and won't really help you debug the problem; they're +simply intended to help you isolate which function caused the problem. +If you encounter a problem of this sort, feel free to e-mail me, and I +will certainly attempt to help you debug it. + +Note: Several of the tests hard-wired into 'mpi-test' operate under +---- the assumption that you are using at least a 16-bit mp_digit + type. If that is not true, several tests might fail, because + of range problems with the maximum digit value. + + If you are using an 8-bit digit, you will also need to + modify the code for mp_read_raw(), which assumes that + multiplication by 256 can be done with mp_mul_d(), a + fact that fails when DIGIT_MAX is 255. You can replace + the call with s_mp_lshd(), which will give you the same + effect, and without doing as much work. :) + +Acknowledgements: +---------------- + +The algorithms used in this library were drawn primarily from Volume +2 of Donald Knuth's magnum opus, _The Art of Computer Programming_, +"Semi-Numerical Methods". Barrett's algorithm for modular reduction +came from Menezes, Oorschot, and Vanstone's _Handbook of Applied +Cryptography_, Chapter 14. + +Thanks are due to Tom St. Denis, for finding an obnoxious sign-related +bug in mp_read_raw() that made things break on platforms which use +signed chars. + +About the Author +---------------- + +This software was written by Michael J. Fromberger. You can contact +the author as follows: + +E-mail: <sting@linguist.dartmouth.edu> + +Postal: 8000 Cummings Hall, Thayer School of Engineering + Dartmouth College, Hanover, New Hampshire, USA + +PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html + 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907 + +Last updated: 16-Jan-2000 diff --git a/security/nss/lib/freebl/mpi/all-tests b/security/nss/lib/freebl/mpi/all-tests new file mode 100755 index 000000000..fa60e95ed --- /dev/null +++ b/security/nss/lib/freebl/mpi/all-tests @@ -0,0 +1,112 @@ +#!/bin/sh +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. +## All Rights Reserved. +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. + +ECHO=/bin/echo +MAKE=gmake + +$ECHO "\n** Running unit tests for MPI library\n" + +# Build the mpi-test program, which comprises all the unit tests for +# the MPI library... + +$ECHO "Bringing mpi-test up to date ... " +if $MAKE mpi-test ; then + : +else + $ECHO " " + $ECHO "Make failed to build mpi-test." + $ECHO " " + exit 1 +fi + +if [ ! -x mpi-test ] ; then + $ECHO " " + $ECHO "Cannot find 'mpi-test' program, testing cannot continue." + $ECHO " " + exit 1 +fi + +# Get the list of available test suites... +tests=`mpi-test list | awk '{print $1}'` +errs=0 + +# Run each test suite and check the result code of mpi-test +for test in $tests ; do + $ECHO "$test ... \c" + if mpi-test $test ; then + $ECHO "passed" + else + $ECHO "FAILED" + errs=1 + fi +done + +# If any tests failed, we'll stop at this point +if [ "$errs" = "0" ] ; then + $ECHO "All unit tests passed" +else + $ECHO "One or more tests failed" + exit 1 +fi + +# Now try to build the 'pi' program, and see if it can compute the +# first thousand digits of pi correctly +$ECHO "\n** Running other tests\n" + +$ECHO "Bringing 'pi' up to date ... " +if $MAKE pi ; then + : +else + $ECHO "\nMake failed to build pi.\n" + exit 1 +fi + +if [ ! -x pi ] ; then + $ECHO "\nCannot find 'pi' program; testing cannot continue.\n" + exit 1 +fi + +./pi 2000 > /tmp/pi.tmp.$$ +if cmp tests/pi2k.txt /tmp/pi.tmp.$$ ; then + $ECHO "Okay! The pi test passes." +else + $ECHO "Oops! The pi test failed. :(" + exit 1 +fi + +rm -f /tmp/pi.tmp.$$ + +exit 0 + +# Here there be dragons diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE b/security/nss/lib/freebl/mpi/doc/LICENSE new file mode 100644 index 000000000..35cca68ce --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/LICENSE @@ -0,0 +1,11 @@ +Within this directory, each of the file listed below is licensed under +the terms given in the file LICENSE-MPL, also in this directory. + +basecvt.pod +gcd.pod +invmod.pod +isprime.pod +lap.pod +mpi-test.pod +prime.txt +prng.pod diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL new file mode 100644 index 000000000..9ff410e4b --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL @@ -0,0 +1,32 @@ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the Netscape security libraries. + +The Initial Developer of the Original Code is Netscape +Communications Corporation. Portions created by Netscape are +Copyright (C) 1994-2000 Netscape Communications Corporation. All +Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the +GPL. + + diff --git a/security/nss/lib/freebl/mpi/doc/basecvt.pod b/security/nss/lib/freebl/mpi/doc/basecvt.pod new file mode 100644 index 000000000..5c072ccd6 --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/basecvt.pod @@ -0,0 +1,63 @@ +=head1 NAME + + basecvt - radix conversion for arbitrary precision integers + +=head1 SYNOPSIS + + basecvt <ibase> <obase> [values] + +=head1 DESCRIPTION + +The B<basecvt> program is a command-line tool for converting integers +of arbitrary precision from one radix to another. The current version +supports radix values from 2 (binary) to 64, inclusive. The first two +command line arguments specify the input and output radix, in base 10. +Any further arguments are taken to be integers notated in the input +radix, and these are converted to the output radix. The output is +written, one integer per line, to standard output. + +When reading integers, only digits considered "valid" for the input +radix are considered. Processing of an integer terminates when an +invalid input digit is encountered. So, for example, if you set the +input radix to 10 and enter '10ACF', B<basecvt> would assume that you +had entered '10' and ignore the rest of the string. + +If no values are provided, no output is written, but the program +simply terminates with a zero exit status. Error diagnostics are +written to standard error in the event of out-of-range radix +specifications. Regardless of the actual values of the input and +output radix, the radix arguments are taken to be in base 10 (decimal) +notation. + +=head1 DIGITS + +For radices from 2-10, standard ASCII decimal digits 0-9 are used for +both input and output. For radices from 11-36, the ASCII letters A-Z +are also included, following the convention used in hexadecimal. In +this range, input is accepted in either upper or lower case, although +on output only lower-case letters are used. + +For radices from 37-62, the output includes both upper- and lower-case +ASCII letters, and case matters. In this range, case is distinguished +both for input and for output values. + +For radices 63 and 64, the characters '+' (plus) and '/' (forward +solidus) are also used. These are derived from the MIME base64 +encoding scheme. The overall encoding is not the same as base64, +because the ASCII digits are used for the bottom of the range, and the +letters are shifted upward; however, the output will consist of the +same character set. + +This input and output behaviour is inherited from the MPI library used +by B<basecvt>, and so is not configurable at runtime. + +=head1 SEE ALSO + + dec2hex(1), hex2dec(1) + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ diff --git a/security/nss/lib/freebl/mpi/doc/build b/security/nss/lib/freebl/mpi/doc/build new file mode 100755 index 000000000..5b6f921fc --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/build @@ -0,0 +1,63 @@ +#!/bin/sh +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. +## +## Contributor(s): +## Netscape Communications Corporation +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +## +## $Id$ +## + +VERS="1.7p6" +SECT="1" +NAME="MPI Tools" + +echo "Building manual pages ..." +case $# in + 0) + files=`ls *.pod` + ;; + *) + files=$* + ;; +esac + +for name in $files +do + echo -n "$name ... " +# sname=`noext $name` + sname=`basename $name .pod` + pod2man --section="$SECT" --center="$NAME" --release="$VERS" $name > $sname.$SECT + echo "(done)" +done + +echo "Finished building." + diff --git a/security/nss/lib/freebl/mpi/doc/div.txt b/security/nss/lib/freebl/mpi/doc/div.txt new file mode 100644 index 000000000..b1ca744e1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/div.txt @@ -0,0 +1,96 @@ +Division + +This describes the division algorithm used by the MPI library. + +Input: a, b; a > b +Compute: Q, R; a = Qb + R + +The input numbers are normalized so that the high-order digit of b is +at least half the radix. This guarantees that we have a reasonable +way to guess at the digits of the quotient (this method was taken from +Knuth, vol. 2, with adaptations). + +To normalize, test the high-order digit of b. If it is less than half +the radix, multiply both a and b by d, where: + + radix - 1 + d = ----------- + bmax + 1 + +...where bmax is the high-order digit of b. Otherwise, set d = 1. + +Given normalize values for a and b, let the notation a[n] denote the +nth digit of a. Let #a be the number of significant figures of a (not +including any leading zeroes). + + Let R = 0 + Let p = #a - 1 + + while(p >= 0) + do + R = (R * radix) + a[p] + p = p - 1 + while(R < b and p >= 0) + + if(R < b) + break + + q = (R[#R - 1] * radix) + R[#R - 2] + q = q / b[#b - 1] + + T = b * q + + while(T > L) + q = q - 1 + T = T - b + endwhile + + L = L - T + + Q = (Q * radix) + q + + endwhile + +At this point, Q is the quotient, and R is the normalized remainder. +To denormalize R, compute: + + R = (R / d) + +At this point, you are finished. + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/expt.txt b/security/nss/lib/freebl/mpi/doc/expt.txt new file mode 100644 index 000000000..4c12eb2af --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/expt.txt @@ -0,0 +1,127 @@ +Exponentiation + +For exponentiation, the MPI library uses a simple and fairly standard +square-and-multiply method. The algorithm is this: + +Input: a, b +Output: a ** b + + s = 1 + + while(b != 0) + if(b is odd) + s = s * a + endif + + b = b / 2 + + x = x * x + endwhile + + return s + +The modular exponentiation is done the same way, except replacing: + + s = s * a + +with + s = (s * a) mod m + +and replacing + + x = x * x + +with + + x = (x * x) mod m + +Here is a sample exponentiation using the MPI library, as compared to +the same problem solved by the Unix 'bc' program on my system: + +Computation of 2,381,283 ** 235 + +'bc' says: + +4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\ +4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\ +6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\ +4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\ +6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\ +FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\ +CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\ +5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\ +CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\ +49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\ +5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\ +A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\ +D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\ +92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\ +A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\ +AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\ +E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\ +1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\ +CFFF2E1AC93F3CA264A1B + +MPI says: + +4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\ +4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\ +6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\ +4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\ +6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\ +FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\ +CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\ +5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\ +CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\ +49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\ +5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\ +A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\ +D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\ +92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\ +A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\ +AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\ +E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\ +1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\ +CFFF2E1AC93F3CA264A1B + +Diff says: +% diff bc.txt mp.txt +% + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + + diff --git a/security/nss/lib/freebl/mpi/doc/gcd.pod b/security/nss/lib/freebl/mpi/doc/gcd.pod new file mode 100644 index 000000000..53b955f7e --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/gcd.pod @@ -0,0 +1,27 @@ +=head1 NAME + + gcd - compute greatest common divisor of two integers + +=head1 SYNOPSIS + + gcd <a> <b> + +=head1 DESCRIPTION + +The B<gcd> program computes the greatest common divisor of two +arbitrary-precision integers I<a> and I<b>. The result is written in +standard decimal notation to the standard output. + +If I<b> is zero, B<gcd> will print an error message and exit. + +=head1 SEE ALSO + +invmod(1), isprime(1), lap(1) + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ + diff --git a/security/nss/lib/freebl/mpi/doc/invmod.pod b/security/nss/lib/freebl/mpi/doc/invmod.pod new file mode 100644 index 000000000..faa8f9d0c --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/invmod.pod @@ -0,0 +1,33 @@ +=head1 NAME + + invmod - compute modular inverse of an integer + +=head1 SYNOPSIS + + invmod <a> <m> + +=head1 DESCRIPTION + +The B<invmod> program computes the inverse of I<a>, modulo I<m>, if +that inverse exists. Both I<a> and I<m> are arbitrary-precision +integers in decimal notation. The result is written in standard +decimal notation to the standard output. + +If there is no inverse, the message: + + No inverse + +...will be printed to the standard output (an inverse exists if and +only if the greatest common divisor of I<a> and I<m> is 1). + +=head1 SEE ALSO + +gcd(1), isprime(1), lap(1) + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ + diff --git a/security/nss/lib/freebl/mpi/doc/isprime.pod b/security/nss/lib/freebl/mpi/doc/isprime.pod new file mode 100644 index 000000000..a17c1c1bd --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/isprime.pod @@ -0,0 +1,62 @@ +=head1 NAME + + isprime - probabilistic primality testing + +=head1 SYNOPSIS + + isprime <a> + +=head1 DESCRIPTION + +The B<isprime> program attempts to determine whether the arbitrary +precision integer I<a> is prime. It first tests I<a> for divisibility +by the first 170 or so small primes, and assuming I<a> is not +divisible by any of these, applies 15 iterations of the Rabin-Miller +probabilistic primality test. + +If the program discovers that the number is composite, it will print: + + Not prime (reason) + +Where I<reason> is either: + + divisible by small prime x + +Or: + + failed nth pseudoprime test + +In the first case, I<x> indicates the first small prime factor that +was found. In the second case, I<n> indicates which of the +pseudoprime tests failed (numbered from 1) + +If this happens, the number is definitely not prime. However, if the +number succeeds, this message results: + + Probably prime, 1 in 4^15 chance of false positive + +If this happens, the number is prime with very high probability, but +its primality has not been absolutely proven, only demonstrated to a +very convincing degree. + +The value I<a> can be input in standard decimal notation, or, if it is +prefixed with I<Ox>, it will be read as hexadecimal. + +=head1 ENVIRONMENT + +You can control how many iterations of Rabin-Miller are performed on +the candidate number by setting the I<RM_TESTS> environment variable +to an integer value before starting up B<isprime>. This will change +the output slightly if the number passes all the tests. + +=head1 SEE ALSO + +gcd(1), invmod(1), lap(1) + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ + diff --git a/security/nss/lib/freebl/mpi/doc/lap.pod b/security/nss/lib/freebl/mpi/doc/lap.pod new file mode 100644 index 000000000..ac100639b --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/lap.pod @@ -0,0 +1,35 @@ +=head1 NAME + + lap - compute least annihilating power of a number + +=head1 SYNOPSIS + + lap <a> <m> + +=head1 DESCRIPTION + +The B<lap> program computes the order of I<a> modulo I<m>, for +arbitrary precision integers I<a> and I<m>. The B<order> of I<a> +modulo I<m> is defined as the smallest positive value I<n> for which +I<a> raised to the I<n>th power, modulo I<m>, is equal to 1. The +order may not exist, if I<m> is composite. + +=head1 RESTRICTIONS + +This program is very slow, especially for large moduli. It is +intended as a way to help find primitive elements in a modular field, +but it does not do so in a particularly inefficient manner. It was +written simply to help verify that a particular candidate does not +have an obviously short cycle mod I<m>. + +=head1 SEE ALSO + +gcd(1), invmod(1), isprime(1) + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ + diff --git a/security/nss/lib/freebl/mpi/doc/mpi-test.pod b/security/nss/lib/freebl/mpi/doc/mpi-test.pod new file mode 100644 index 000000000..16050f09f --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/mpi-test.pod @@ -0,0 +1,49 @@ +=head1 NAME + + mpi-test - automated test program for MPI library + +=head1 SYNOPSIS + + mpi-test <suite-name> [quiet] + mpi-test list + mpi-test help + +=head1 DESCRIPTION + +The B<mpi-test> program is a general unit test driver for the MPI +library. It is used to verify that the library works as it is +supposed to on your architecture. As with most such things, passing +all the tests in B<mpi-test> does not guarantee the code is correct, +but if any of them fail, there are certainly problems. + +Each major function of the library can be tested individually. For a +list of the test suites understood by B<mpi-test>, run it with the +I<list> command line option: + + mpi-test list + +This will display a list of the available test suites and a brief +synopsis of what each one does. For a brief overview of this +document, run B<mpi-test> I<help>. + +B<mpi-test> exits with a zero status if the selected test succeeds, or +a nonzero status if it fails. If a I<suite-name> which is not +understood by B<mpi-test> is given, a diagnostic is printed to the +standard error, and the program exits with a result code of 2. If a +test fails, the result code will be 1, and a diagnostic is ordinarily +printed to the standard error. However, if the I<quiet> option is +provided, these diagnostics will be suppressed. + +=head1 RESTRICTIONS + +Only a few canned test cases are provided. The solutions have been +verified using the GNU bc(1) program, so bugs there may cause problems +here; however, this is very unlikely, so if a test fails, it is almost +certainly my fault, not bc(1)'s. + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Thayer School of Engineering, Hanover, New Hampshire, USA + + $Date$ diff --git a/security/nss/lib/freebl/mpi/doc/mul.txt b/security/nss/lib/freebl/mpi/doc/mul.txt new file mode 100644 index 000000000..436d01bf7 --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/mul.txt @@ -0,0 +1,109 @@ +Multiplication + +This describes the multiplication algorithm used by the MPI library. + +This is basically a standard "schoolbook" algorithm. It is slow -- +O(mn) for m = #a, n = #b -- but easy to implement and verify. +Basically, we run two nested loops, as illustrated here (R is the +radix): + +k = 0 +for j <- 0 to (#b - 1) + for i <- 0 to (#a - 1) + w = (a[j] * b[i]) + k + c[i+j] + c[i+j] = w mod R + k = w div R + endfor + c[i+j] = k; + k = 0; +endfor + +It is necessary that 'w' have room for at least two radix R digits. +The product of any two digits in radix R is at most: + + (R - 1)(R - 1) = R^2 - 2R + 1 + +Since a two-digit radix-R number can hold R^2 - 1 distinct values, +this insures that the product will fit into the two-digit register. + +To insure that two digits is enough for w, we must also show that +there is room for the carry-in from the previous multiplication, and +the current value of the product digit that is being recomputed. +Assuming each of these may be as big as R - 1 (and no larger, +certainly), two digits will be enough if and only if: + + (R^2 - 2R + 1) + 2(R - 1) <= R^2 - 1 + +Solving this equation shows that, indeed, this is the case: + + R^2 - 2R + 1 + 2R - 2 <= R^2 - 1 + + R^2 - 1 <= R^2 - 1 + +This suggests that a good radix would be one more than the largest +value that can be held in half a machine word -- so, for example, as +in this implementation, where we used a radix of 65536 on a machine +with 4-byte words. Another advantage of a radix of this sort is that +binary-level operations are easy on numbers in this representation. + +Here's an example multiplication worked out longhand in radix-10, +using the above algorithm: + + a = 999 + b = x 999 + ------------- + p = 98001 + +w = (a[jx] * b[ix]) + kin + c[ix + jx] +c[ix+jx] = w % RADIX +k = w / RADIX + product +ix jx a[jx] b[ix] kin w c[i+j] kout 000000 +0 0 9 9 0 81+0+0 1 8 000001 +0 1 9 9 8 81+8+0 9 8 000091 +0 2 9 9 8 81+8+0 9 8 000991 + 8 0 008991 +1 0 9 9 0 81+0+9 0 9 008901 +1 1 9 9 9 81+9+9 9 9 008901 +1 2 9 9 9 81+9+8 8 9 008901 + 9 0 098901 +2 0 9 9 0 81+0+9 0 9 098001 +2 1 9 9 9 81+9+8 8 9 098001 +2 2 9 9 9 81+9+9 9 9 098001 + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/pi.txt b/security/nss/lib/freebl/mpi/doc/pi.txt new file mode 100644 index 000000000..5edfdb4cb --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/pi.txt @@ -0,0 +1,85 @@ +This file describes how pi is computed by the program in 'pi.c' (see +the utils subdirectory). + +Basically, we use Machin's formula, which is what everyone in the +world uses as a simple method for computing approximations to pi. +This works for up to a few thousand digits without too much effort. +Beyond that, though, it gets too slow. + +Machin's formula states: + + pi := 16 * arctan(1/5) - 4 * arctan(1/239) + +We compute this in integer arithmetic by first multiplying everything +through by 10^d, where 'd' is the number of digits of pi we wanted to +compute. It turns out, the last few digits will be wrong, but the +number that are wrong is usually very small (ordinarly only 2-3). +Having done this, we compute the arctan() function using the formula: + + 1 1 1 1 1 + arctan(1/x) := --- - ----- + ----- - ----- + ----- - ... + x 3 x^3 5 x^5 7 x^7 9 x^9 + +This is done iteratively by computing the first term manually, and +then iteratively dividing x^2 and k, where k = 3, 5, 7, ... out of the +current figure. This is then added to (or subtracted from) a running +sum, as appropriate. The iteration continues until we overflow our +available precision and the current figure goes to zero under integer +division. At that point, we're finished. + +Actually, we get a couple extra bits of precision out of the fact that +we know we're computing y * arctan(1/x), by setting up the multiplier +as: + + y * 10^d + +... instead of just 10^d. There is also a bit of cleverness in how +the loop is constructed, to avoid special-casing the first term. +Check out the code for arctan() in 'pi.c', if you are interested in +seeing how it is set up. + +Thanks to Jason P. for this algorithm, which I assembled from notes +and programs found on his cool "Pile of Pi Programs" page, at: + + http://www.isr.umd.edu/~jasonp/pipage.html + +Thanks also to Henrik Johansson <Henrik.Johansson@Nexus.Comm.SE>, from +whose pi program I borrowed the clever idea of pre-multiplying by x in +order to avoid a special case on the loop iteration. + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/prime.txt b/security/nss/lib/freebl/mpi/doc/prime.txt new file mode 100644 index 000000000..694797d5f --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/prime.txt @@ -0,0 +1,6542 @@ +2 +3 +5 +7 +11 +13 +17 +19 +23 +29 +31 +37 +41 +43 +47 +53 +59 +61 +67 +71 +73 +79 +83 +89 +97 +101 +103 +107 +109 +113 +127 +131 +137 +139 +149 +151 +157 +163 +167 +173 +179 +181 +191 +193 +197 +199 +211 +223 +227 +229 +233 +239 +241 +251 +257 +263 +269 +271 +277 +281 +283 +293 +307 +311 +313 +317 +331 +337 +347 +349 +353 +359 +367 +373 +379 +383 +389 +397 +401 +409 +419 +421 +431 +433 +439 +443 +449 +457 +461 +463 +467 +479 +487 +491 +499 +503 +509 +521 +523 +541 +547 +557 +563 +569 +571 +577 +587 +593 +599 +601 +607 +613 +617 +619 +631 +641 +643 +647 +653 +659 +661 +673 +677 +683 +691 +701 +709 +719 +727 +733 +739 +743 +751 +757 +761 +769 +773 +787 +797 +809 +811 +821 +823 +827 +829 +839 +853 +857 +859 +863 +877 +881 +883 +887 +907 +911 +919 +929 +937 +941 +947 +953 +967 +971 +977 +983 +991 +997 +1009 +1013 +1019 +1021 +1031 +1033 +1039 +1049 +1051 +1061 +1063 +1069 +1087 +1091 +1093 +1097 +1103 +1109 +1117 +1123 +1129 +1151 +1153 +1163 +1171 +1181 +1187 +1193 +1201 +1213 +1217 +1223 +1229 +1231 +1237 +1249 +1259 +1277 +1279 +1283 +1289 +1291 +1297 +1301 +1303 +1307 +1319 +1321 +1327 +1361 +1367 +1373 +1381 +1399 +1409 +1423 +1427 +1429 +1433 +1439 +1447 +1451 +1453 +1459 +1471 +1481 +1483 +1487 +1489 +1493 +1499 +1511 +1523 +1531 +1543 +1549 +1553 +1559 +1567 +1571 +1579 +1583 +1597 +1601 +1607 +1609 +1613 +1619 +1621 +1627 +1637 +1657 +1663 +1667 +1669 +1693 +1697 +1699 +1709 +1721 +1723 +1733 +1741 +1747 +1753 +1759 +1777 +1783 +1787 +1789 +1801 +1811 +1823 +1831 +1847 +1861 +1867 +1871 +1873 +1877 +1879 +1889 +1901 +1907 +1913 +1931 +1933 +1949 +1951 +1973 +1979 +1987 +1993 +1997 +1999 +2003 +2011 +2017 +2027 +2029 +2039 +2053 +2063 +2069 +2081 +2083 +2087 +2089 +2099 +2111 +2113 +2129 +2131 +2137 +2141 +2143 +2153 +2161 +2179 +2203 +2207 +2213 +2221 +2237 +2239 +2243 +2251 +2267 +2269 +2273 +2281 +2287 +2293 +2297 +2309 +2311 +2333 +2339 +2341 +2347 +2351 +2357 +2371 +2377 +2381 +2383 +2389 +2393 +2399 +2411 +2417 +2423 +2437 +2441 +2447 +2459 +2467 +2473 +2477 +2503 +2521 +2531 +2539 +2543 +2549 +2551 +2557 +2579 +2591 +2593 +2609 +2617 +2621 +2633 +2647 +2657 +2659 +2663 +2671 +2677 +2683 +2687 +2689 +2693 +2699 +2707 +2711 +2713 +2719 +2729 +2731 +2741 +2749 +2753 +2767 +2777 +2789 +2791 +2797 +2801 +2803 +2819 +2833 +2837 +2843 +2851 +2857 +2861 +2879 +2887 +2897 +2903 +2909 +2917 +2927 +2939 +2953 +2957 +2963 +2969 +2971 +2999 +3001 +3011 +3019 +3023 +3037 +3041 +3049 +3061 +3067 +3079 +3083 +3089 +3109 +3119 +3121 +3137 +3163 +3167 +3169 +3181 +3187 +3191 +3203 +3209 +3217 +3221 +3229 +3251 +3253 +3257 +3259 +3271 +3299 +3301 +3307 +3313 +3319 +3323 +3329 +3331 +3343 +3347 +3359 +3361 +3371 +3373 +3389 +3391 +3407 +3413 +3433 +3449 +3457 +3461 +3463 +3467 +3469 +3491 +3499 +3511 +3517 +3527 +3529 +3533 +3539 +3541 +3547 +3557 +3559 +3571 +3581 +3583 +3593 +3607 +3613 +3617 +3623 +3631 +3637 +3643 +3659 +3671 +3673 +3677 +3691 +3697 +3701 +3709 +3719 +3727 +3733 +3739 +3761 +3767 +3769 +3779 +3793 +3797 +3803 +3821 +3823 +3833 +3847 +3851 +3853 +3863 +3877 +3881 +3889 +3907 +3911 +3917 +3919 +3923 +3929 +3931 +3943 +3947 +3967 +3989 +4001 +4003 +4007 +4013 +4019 +4021 +4027 +4049 +4051 +4057 +4073 +4079 +4091 +4093 +4099 +4111 +4127 +4129 +4133 +4139 +4153 +4157 +4159 +4177 +4201 +4211 +4217 +4219 +4229 +4231 +4241 +4243 +4253 +4259 +4261 +4271 +4273 +4283 +4289 +4297 +4327 +4337 +4339 +4349 +4357 +4363 +4373 +4391 +4397 +4409 +4421 +4423 +4441 +4447 +4451 +4457 +4463 +4481 +4483 +4493 +4507 +4513 +4517 +4519 +4523 +4547 +4549 +4561 +4567 +4583 +4591 +4597 +4603 +4621 +4637 +4639 +4643 +4649 +4651 +4657 +4663 +4673 +4679 +4691 +4703 +4721 +4723 +4729 +4733 +4751 +4759 +4783 +4787 +4789 +4793 +4799 +4801 +4813 +4817 +4831 +4861 +4871 +4877 +4889 +4903 +4909 +4919 +4931 +4933 +4937 +4943 +4951 +4957 +4967 +4969 +4973 +4987 +4993 +4999 +5003 +5009 +5011 +5021 +5023 +5039 +5051 +5059 +5077 +5081 +5087 +5099 +5101 +5107 +5113 +5119 +5147 +5153 +5167 +5171 +5179 +5189 +5197 +5209 +5227 +5231 +5233 +5237 +5261 +5273 +5279 +5281 +5297 +5303 +5309 +5323 +5333 +5347 +5351 +5381 +5387 +5393 +5399 +5407 +5413 +5417 +5419 +5431 +5437 +5441 +5443 +5449 +5471 +5477 +5479 +5483 +5501 +5503 +5507 +5519 +5521 +5527 +5531 +5557 +5563 +5569 +5573 +5581 +5591 +5623 +5639 +5641 +5647 +5651 +5653 +5657 +5659 +5669 +5683 +5689 +5693 +5701 +5711 +5717 +5737 +5741 +5743 +5749 +5779 +5783 +5791 +5801 +5807 +5813 +5821 +5827 +5839 +5843 +5849 +5851 +5857 +5861 +5867 +5869 +5879 +5881 +5897 +5903 +5923 +5927 +5939 +5953 +5981 +5987 +6007 +6011 +6029 +6037 +6043 +6047 +6053 +6067 +6073 +6079 +6089 +6091 +6101 +6113 +6121 +6131 +6133 +6143 +6151 +6163 +6173 +6197 +6199 +6203 +6211 +6217 +6221 +6229 +6247 +6257 +6263 +6269 +6271 +6277 +6287 +6299 +6301 +6311 +6317 +6323 +6329 +6337 +6343 +6353 +6359 +6361 +6367 +6373 +6379 +6389 +6397 +6421 +6427 +6449 +6451 +6469 +6473 +6481 +6491 +6521 +6529 +6547 +6551 +6553 +6563 +6569 +6571 +6577 +6581 +6599 +6607 +6619 +6637 +6653 +6659 +6661 +6673 +6679 +6689 +6691 +6701 +6703 +6709 +6719 +6733 +6737 +6761 +6763 +6779 +6781 +6791 +6793 +6803 +6823 +6827 +6829 +6833 +6841 +6857 +6863 +6869 +6871 +6883 +6899 +6907 +6911 +6917 +6947 +6949 +6959 +6961 +6967 +6971 +6977 +6983 +6991 +6997 +7001 +7013 +7019 +7027 +7039 +7043 +7057 +7069 +7079 +7103 +7109 +7121 +7127 +7129 +7151 +7159 +7177 +7187 +7193 +7207 +7211 +7213 +7219 +7229 +7237 +7243 +7247 +7253 +7283 +7297 +7307 +7309 +7321 +7331 +7333 +7349 +7351 +7369 +7393 +7411 +7417 +7433 +7451 +7457 +7459 +7477 +7481 +7487 +7489 +7499 +7507 +7517 +7523 +7529 +7537 +7541 +7547 +7549 +7559 +7561 +7573 +7577 +7583 +7589 +7591 +7603 +7607 +7621 +7639 +7643 +7649 +7669 +7673 +7681 +7687 +7691 +7699 +7703 +7717 +7723 +7727 +7741 +7753 +7757 +7759 +7789 +7793 +7817 +7823 +7829 +7841 +7853 +7867 +7873 +7877 +7879 +7883 +7901 +7907 +7919 +7927 +7933 +7937 +7949 +7951 +7963 +7993 +8009 +8011 +8017 +8039 +8053 +8059 +8069 +8081 +8087 +8089 +8093 +8101 +8111 +8117 +8123 +8147 +8161 +8167 +8171 +8179 +8191 +8209 +8219 +8221 +8231 +8233 +8237 +8243 +8263 +8269 +8273 +8287 +8291 +8293 +8297 +8311 +8317 +8329 +8353 +8363 +8369 +8377 +8387 +8389 +8419 +8423 +8429 +8431 +8443 +8447 +8461 +8467 +8501 +8513 +8521 +8527 +8537 +8539 +8543 +8563 +8573 +8581 +8597 +8599 +8609 +8623 +8627 +8629 +8641 +8647 +8663 +8669 +8677 +8681 +8689 +8693 +8699 +8707 +8713 +8719 +8731 +8737 +8741 +8747 +8753 +8761 +8779 +8783 +8803 +8807 +8819 +8821 +8831 +8837 +8839 +8849 +8861 +8863 +8867 +8887 +8893 +8923 +8929 +8933 +8941 +8951 +8963 +8969 +8971 +8999 +9001 +9007 +9011 +9013 +9029 +9041 +9043 +9049 +9059 +9067 +9091 +9103 +9109 +9127 +9133 +9137 +9151 +9157 +9161 +9173 +9181 +9187 +9199 +9203 +9209 +9221 +9227 +9239 +9241 +9257 +9277 +9281 +9283 +9293 +9311 +9319 +9323 +9337 +9341 +9343 +9349 +9371 +9377 +9391 +9397 +9403 +9413 +9419 +9421 +9431 +9433 +9437 +9439 +9461 +9463 +9467 +9473 +9479 +9491 +9497 +9511 +9521 +9533 +9539 +9547 +9551 +9587 +9601 +9613 +9619 +9623 +9629 +9631 +9643 +9649 +9661 +9677 +9679 +9689 +9697 +9719 +9721 +9733 +9739 +9743 +9749 +9767 +9769 +9781 +9787 +9791 +9803 +9811 +9817 +9829 +9833 +9839 +9851 +9857 +9859 +9871 +9883 +9887 +9901 +9907 +9923 +9929 +9931 +9941 +9949 +9967 +9973 +10007 +10009 +10037 +10039 +10061 +10067 +10069 +10079 +10091 +10093 +10099 +10103 +10111 +10133 +10139 +10141 +10151 +10159 +10163 +10169 +10177 +10181 +10193 +10211 +10223 +10243 +10247 +10253 +10259 +10267 +10271 +10273 +10289 +10301 +10303 +10313 +10321 +10331 +10333 +10337 +10343 +10357 +10369 +10391 +10399 +10427 +10429 +10433 +10453 +10457 +10459 +10463 +10477 +10487 +10499 +10501 +10513 +10529 +10531 +10559 +10567 +10589 +10597 +10601 +10607 +10613 +10627 +10631 +10639 +10651 +10657 +10663 +10667 +10687 +10691 +10709 +10711 +10723 +10729 +10733 +10739 +10753 +10771 +10781 +10789 +10799 +10831 +10837 +10847 +10853 +10859 +10861 +10867 +10883 +10889 +10891 +10903 +10909 +10937 +10939 +10949 +10957 +10973 +10979 +10987 +10993 +11003 +11027 +11047 +11057 +11059 +11069 +11071 +11083 +11087 +11093 +11113 +11117 +11119 +11131 +11149 +11159 +11161 +11171 +11173 +11177 +11197 +11213 +11239 +11243 +11251 +11257 +11261 +11273 +11279 +11287 +11299 +11311 +11317 +11321 +11329 +11351 +11353 +11369 +11383 +11393 +11399 +11411 +11423 +11437 +11443 +11447 +11467 +11471 +11483 +11489 +11491 +11497 +11503 +11519 +11527 +11549 +11551 +11579 +11587 +11593 +11597 +11617 +11621 +11633 +11657 +11677 +11681 +11689 +11699 +11701 +11717 +11719 +11731 +11743 +11777 +11779 +11783 +11789 +11801 +11807 +11813 +11821 +11827 +11831 +11833 +11839 +11863 +11867 +11887 +11897 +11903 +11909 +11923 +11927 +11933 +11939 +11941 +11953 +11959 +11969 +11971 +11981 +11987 +12007 +12011 +12037 +12041 +12043 +12049 +12071 +12073 +12097 +12101 +12107 +12109 +12113 +12119 +12143 +12149 +12157 +12161 +12163 +12197 +12203 +12211 +12227 +12239 +12241 +12251 +12253 +12263 +12269 +12277 +12281 +12289 +12301 +12323 +12329 +12343 +12347 +12373 +12377 +12379 +12391 +12401 +12409 +12413 +12421 +12433 +12437 +12451 +12457 +12473 +12479 +12487 +12491 +12497 +12503 +12511 +12517 +12527 +12539 +12541 +12547 +12553 +12569 +12577 +12583 +12589 +12601 +12611 +12613 +12619 +12637 +12641 +12647 +12653 +12659 +12671 +12689 +12697 +12703 +12713 +12721 +12739 +12743 +12757 +12763 +12781 +12791 +12799 +12809 +12821 +12823 +12829 +12841 +12853 +12889 +12893 +12899 +12907 +12911 +12917 +12919 +12923 +12941 +12953 +12959 +12967 +12973 +12979 +12983 +13001 +13003 +13007 +13009 +13033 +13037 +13043 +13049 +13063 +13093 +13099 +13103 +13109 +13121 +13127 +13147 +13151 +13159 +13163 +13171 +13177 +13183 +13187 +13217 +13219 +13229 +13241 +13249 +13259 +13267 +13291 +13297 +13309 +13313 +13327 +13331 +13337 +13339 +13367 +13381 +13397 +13399 +13411 +13417 +13421 +13441 +13451 +13457 +13463 +13469 +13477 +13487 +13499 +13513 +13523 +13537 +13553 +13567 +13577 +13591 +13597 +13613 +13619 +13627 +13633 +13649 +13669 +13679 +13681 +13687 +13691 +13693 +13697 +13709 +13711 +13721 +13723 +13729 +13751 +13757 +13759 +13763 +13781 +13789 +13799 +13807 +13829 +13831 +13841 +13859 +13873 +13877 +13879 +13883 +13901 +13903 +13907 +13913 +13921 +13931 +13933 +13963 +13967 +13997 +13999 +14009 +14011 +14029 +14033 +14051 +14057 +14071 +14081 +14083 +14087 +14107 +14143 +14149 +14153 +14159 +14173 +14177 +14197 +14207 +14221 +14243 +14249 +14251 +14281 +14293 +14303 +14321 +14323 +14327 +14341 +14347 +14369 +14387 +14389 +14401 +14407 +14411 +14419 +14423 +14431 +14437 +14447 +14449 +14461 +14479 +14489 +14503 +14519 +14533 +14537 +14543 +14549 +14551 +14557 +14561 +14563 +14591 +14593 +14621 +14627 +14629 +14633 +14639 +14653 +14657 +14669 +14683 +14699 +14713 +14717 +14723 +14731 +14737 +14741 +14747 +14753 +14759 +14767 +14771 +14779 +14783 +14797 +14813 +14821 +14827 +14831 +14843 +14851 +14867 +14869 +14879 +14887 +14891 +14897 +14923 +14929 +14939 +14947 +14951 +14957 +14969 +14983 +15013 +15017 +15031 +15053 +15061 +15073 +15077 +15083 +15091 +15101 +15107 +15121 +15131 +15137 +15139 +15149 +15161 +15173 +15187 +15193 +15199 +15217 +15227 +15233 +15241 +15259 +15263 +15269 +15271 +15277 +15287 +15289 +15299 +15307 +15313 +15319 +15329 +15331 +15349 +15359 +15361 +15373 +15377 +15383 +15391 +15401 +15413 +15427 +15439 +15443 +15451 +15461 +15467 +15473 +15493 +15497 +15511 +15527 +15541 +15551 +15559 +15569 +15581 +15583 +15601 +15607 +15619 +15629 +15641 +15643 +15647 +15649 +15661 +15667 +15671 +15679 +15683 +15727 +15731 +15733 +15737 +15739 +15749 +15761 +15767 +15773 +15787 +15791 +15797 +15803 +15809 +15817 +15823 +15859 +15877 +15881 +15887 +15889 +15901 +15907 +15913 +15919 +15923 +15937 +15959 +15971 +15973 +15991 +16001 +16007 +16033 +16057 +16061 +16063 +16067 +16069 +16073 +16087 +16091 +16097 +16103 +16111 +16127 +16139 +16141 +16183 +16187 +16189 +16193 +16217 +16223 +16229 +16231 +16249 +16253 +16267 +16273 +16301 +16319 +16333 +16339 +16349 +16361 +16363 +16369 +16381 +16411 +16417 +16421 +16427 +16433 +16447 +16451 +16453 +16477 +16481 +16487 +16493 +16519 +16529 +16547 +16553 +16561 +16567 +16573 +16603 +16607 +16619 +16631 +16633 +16649 +16651 +16657 +16661 +16673 +16691 +16693 +16699 +16703 +16729 +16741 +16747 +16759 +16763 +16787 +16811 +16823 +16829 +16831 +16843 +16871 +16879 +16883 +16889 +16901 +16903 +16921 +16927 +16931 +16937 +16943 +16963 +16979 +16981 +16987 +16993 +17011 +17021 +17027 +17029 +17033 +17041 +17047 +17053 +17077 +17093 +17099 +17107 +17117 +17123 +17137 +17159 +17167 +17183 +17189 +17191 +17203 +17207 +17209 +17231 +17239 +17257 +17291 +17293 +17299 +17317 +17321 +17327 +17333 +17341 +17351 +17359 +17377 +17383 +17387 +17389 +17393 +17401 +17417 +17419 +17431 +17443 +17449 +17467 +17471 +17477 +17483 +17489 +17491 +17497 +17509 +17519 +17539 +17551 +17569 +17573 +17579 +17581 +17597 +17599 +17609 +17623 +17627 +17657 +17659 +17669 +17681 +17683 +17707 +17713 +17729 +17737 +17747 +17749 +17761 +17783 +17789 +17791 +17807 +17827 +17837 +17839 +17851 +17863 +17881 +17891 +17903 +17909 +17911 +17921 +17923 +17929 +17939 +17957 +17959 +17971 +17977 +17981 +17987 +17989 +18013 +18041 +18043 +18047 +18049 +18059 +18061 +18077 +18089 +18097 +18119 +18121 +18127 +18131 +18133 +18143 +18149 +18169 +18181 +18191 +18199 +18211 +18217 +18223 +18229 +18233 +18251 +18253 +18257 +18269 +18287 +18289 +18301 +18307 +18311 +18313 +18329 +18341 +18353 +18367 +18371 +18379 +18397 +18401 +18413 +18427 +18433 +18439 +18443 +18451 +18457 +18461 +18481 +18493 +18503 +18517 +18521 +18523 +18539 +18541 +18553 +18583 +18587 +18593 +18617 +18637 +18661 +18671 +18679 +18691 +18701 +18713 +18719 +18731 +18743 +18749 +18757 +18773 +18787 +18793 +18797 +18803 +18839 +18859 +18869 +18899 +18911 +18913 +18917 +18919 +18947 +18959 +18973 +18979 +19001 +19009 +19013 +19031 +19037 +19051 +19069 +19073 +19079 +19081 +19087 +19121 +19139 +19141 +19157 +19163 +19181 +19183 +19207 +19211 +19213 +19219 +19231 +19237 +19249 +19259 +19267 +19273 +19289 +19301 +19309 +19319 +19333 +19373 +19379 +19381 +19387 +19391 +19403 +19417 +19421 +19423 +19427 +19429 +19433 +19441 +19447 +19457 +19463 +19469 +19471 +19477 +19483 +19489 +19501 +19507 +19531 +19541 +19543 +19553 +19559 +19571 +19577 +19583 +19597 +19603 +19609 +19661 +19681 +19687 +19697 +19699 +19709 +19717 +19727 +19739 +19751 +19753 +19759 +19763 +19777 +19793 +19801 +19813 +19819 +19841 +19843 +19853 +19861 +19867 +19889 +19891 +19913 +19919 +19927 +19937 +19949 +19961 +19963 +19973 +19979 +19991 +19993 +19997 +20011 +20021 +20023 +20029 +20047 +20051 +20063 +20071 +20089 +20101 +20107 +20113 +20117 +20123 +20129 +20143 +20147 +20149 +20161 +20173 +20177 +20183 +20201 +20219 +20231 +20233 +20249 +20261 +20269 +20287 +20297 +20323 +20327 +20333 +20341 +20347 +20353 +20357 +20359 +20369 +20389 +20393 +20399 +20407 +20411 +20431 +20441 +20443 +20477 +20479 +20483 +20507 +20509 +20521 +20533 +20543 +20549 +20551 +20563 +20593 +20599 +20611 +20627 +20639 +20641 +20663 +20681 +20693 +20707 +20717 +20719 +20731 +20743 +20747 +20749 +20753 +20759 +20771 +20773 +20789 +20807 +20809 +20849 +20857 +20873 +20879 +20887 +20897 +20899 +20903 +20921 +20929 +20939 +20947 +20959 +20963 +20981 +20983 +21001 +21011 +21013 +21017 +21019 +21023 +21031 +21059 +21061 +21067 +21089 +21101 +21107 +21121 +21139 +21143 +21149 +21157 +21163 +21169 +21179 +21187 +21191 +21193 +21211 +21221 +21227 +21247 +21269 +21277 +21283 +21313 +21317 +21319 +21323 +21341 +21347 +21377 +21379 +21383 +21391 +21397 +21401 +21407 +21419 +21433 +21467 +21481 +21487 +21491 +21493 +21499 +21503 +21517 +21521 +21523 +21529 +21557 +21559 +21563 +21569 +21577 +21587 +21589 +21599 +21601 +21611 +21613 +21617 +21647 +21649 +21661 +21673 +21683 +21701 +21713 +21727 +21737 +21739 +21751 +21757 +21767 +21773 +21787 +21799 +21803 +21817 +21821 +21839 +21841 +21851 +21859 +21863 +21871 +21881 +21893 +21911 +21929 +21937 +21943 +21961 +21977 +21991 +21997 +22003 +22013 +22027 +22031 +22037 +22039 +22051 +22063 +22067 +22073 +22079 +22091 +22093 +22109 +22111 +22123 +22129 +22133 +22147 +22153 +22157 +22159 +22171 +22189 +22193 +22229 +22247 +22259 +22271 +22273 +22277 +22279 +22283 +22291 +22303 +22307 +22343 +22349 +22367 +22369 +22381 +22391 +22397 +22409 +22433 +22441 +22447 +22453 +22469 +22481 +22483 +22501 +22511 +22531 +22541 +22543 +22549 +22567 +22571 +22573 +22613 +22619 +22621 +22637 +22639 +22643 +22651 +22669 +22679 +22691 +22697 +22699 +22709 +22717 +22721 +22727 +22739 +22741 +22751 +22769 +22777 +22783 +22787 +22807 +22811 +22817 +22853 +22859 +22861 +22871 +22877 +22901 +22907 +22921 +22937 +22943 +22961 +22963 +22973 +22993 +23003 +23011 +23017 +23021 +23027 +23029 +23039 +23041 +23053 +23057 +23059 +23063 +23071 +23081 +23087 +23099 +23117 +23131 +23143 +23159 +23167 +23173 +23189 +23197 +23201 +23203 +23209 +23227 +23251 +23269 +23279 +23291 +23293 +23297 +23311 +23321 +23327 +23333 +23339 +23357 +23369 +23371 +23399 +23417 +23431 +23447 +23459 +23473 +23497 +23509 +23531 +23537 +23539 +23549 +23557 +23561 +23563 +23567 +23581 +23593 +23599 +23603 +23609 +23623 +23627 +23629 +23633 +23663 +23669 +23671 +23677 +23687 +23689 +23719 +23741 +23743 +23747 +23753 +23761 +23767 +23773 +23789 +23801 +23813 +23819 +23827 +23831 +23833 +23857 +23869 +23873 +23879 +23887 +23893 +23899 +23909 +23911 +23917 +23929 +23957 +23971 +23977 +23981 +23993 +24001 +24007 +24019 +24023 +24029 +24043 +24049 +24061 +24071 +24077 +24083 +24091 +24097 +24103 +24107 +24109 +24113 +24121 +24133 +24137 +24151 +24169 +24179 +24181 +24197 +24203 +24223 +24229 +24239 +24247 +24251 +24281 +24317 +24329 +24337 +24359 +24371 +24373 +24379 +24391 +24407 +24413 +24419 +24421 +24439 +24443 +24469 +24473 +24481 +24499 +24509 +24517 +24527 +24533 +24547 +24551 +24571 +24593 +24611 +24623 +24631 +24659 +24671 +24677 +24683 +24691 +24697 +24709 +24733 +24749 +24763 +24767 +24781 +24793 +24799 +24809 +24821 +24841 +24847 +24851 +24859 +24877 +24889 +24907 +24917 +24919 +24923 +24943 +24953 +24967 +24971 +24977 +24979 +24989 +25013 +25031 +25033 +25037 +25057 +25073 +25087 +25097 +25111 +25117 +25121 +25127 +25147 +25153 +25163 +25169 +25171 +25183 +25189 +25219 +25229 +25237 +25243 +25247 +25253 +25261 +25301 +25303 +25307 +25309 +25321 +25339 +25343 +25349 +25357 +25367 +25373 +25391 +25409 +25411 +25423 +25439 +25447 +25453 +25457 +25463 +25469 +25471 +25523 +25537 +25541 +25561 +25577 +25579 +25583 +25589 +25601 +25603 +25609 +25621 +25633 +25639 +25643 +25657 +25667 +25673 +25679 +25693 +25703 +25717 +25733 +25741 +25747 +25759 +25763 +25771 +25793 +25799 +25801 +25819 +25841 +25847 +25849 +25867 +25873 +25889 +25903 +25913 +25919 +25931 +25933 +25939 +25943 +25951 +25969 +25981 +25997 +25999 +26003 +26017 +26021 +26029 +26041 +26053 +26083 +26099 +26107 +26111 +26113 +26119 +26141 +26153 +26161 +26171 +26177 +26183 +26189 +26203 +26209 +26227 +26237 +26249 +26251 +26261 +26263 +26267 +26293 +26297 +26309 +26317 +26321 +26339 +26347 +26357 +26371 +26387 +26393 +26399 +26407 +26417 +26423 +26431 +26437 +26449 +26459 +26479 +26489 +26497 +26501 +26513 +26539 +26557 +26561 +26573 +26591 +26597 +26627 +26633 +26641 +26647 +26669 +26681 +26683 +26687 +26693 +26699 +26701 +26711 +26713 +26717 +26723 +26729 +26731 +26737 +26759 +26777 +26783 +26801 +26813 +26821 +26833 +26839 +26849 +26861 +26863 +26879 +26881 +26891 +26893 +26903 +26921 +26927 +26947 +26951 +26953 +26959 +26981 +26987 +26993 +27011 +27017 +27031 +27043 +27059 +27061 +27067 +27073 +27077 +27091 +27103 +27107 +27109 +27127 +27143 +27179 +27191 +27197 +27211 +27239 +27241 +27253 +27259 +27271 +27277 +27281 +27283 +27299 +27329 +27337 +27361 +27367 +27397 +27407 +27409 +27427 +27431 +27437 +27449 +27457 +27479 +27481 +27487 +27509 +27527 +27529 +27539 +27541 +27551 +27581 +27583 +27611 +27617 +27631 +27647 +27653 +27673 +27689 +27691 +27697 +27701 +27733 +27737 +27739 +27743 +27749 +27751 +27763 +27767 +27773 +27779 +27791 +27793 +27799 +27803 +27809 +27817 +27823 +27827 +27847 +27851 +27883 +27893 +27901 +27917 +27919 +27941 +27943 +27947 +27953 +27961 +27967 +27983 +27997 +28001 +28019 +28027 +28031 +28051 +28057 +28069 +28081 +28087 +28097 +28099 +28109 +28111 +28123 +28151 +28163 +28181 +28183 +28201 +28211 +28219 +28229 +28277 +28279 +28283 +28289 +28297 +28307 +28309 +28319 +28349 +28351 +28387 +28393 +28403 +28409 +28411 +28429 +28433 +28439 +28447 +28463 +28477 +28493 +28499 +28513 +28517 +28537 +28541 +28547 +28549 +28559 +28571 +28573 +28579 +28591 +28597 +28603 +28607 +28619 +28621 +28627 +28631 +28643 +28649 +28657 +28661 +28663 +28669 +28687 +28697 +28703 +28711 +28723 +28729 +28751 +28753 +28759 +28771 +28789 +28793 +28807 +28813 +28817 +28837 +28843 +28859 +28867 +28871 +28879 +28901 +28909 +28921 +28927 +28933 +28949 +28961 +28979 +29009 +29017 +29021 +29023 +29027 +29033 +29059 +29063 +29077 +29101 +29123 +29129 +29131 +29137 +29147 +29153 +29167 +29173 +29179 +29191 +29201 +29207 +29209 +29221 +29231 +29243 +29251 +29269 +29287 +29297 +29303 +29311 +29327 +29333 +29339 +29347 +29363 +29383 +29387 +29389 +29399 +29401 +29411 +29423 +29429 +29437 +29443 +29453 +29473 +29483 +29501 +29527 +29531 +29537 +29567 +29569 +29573 +29581 +29587 +29599 +29611 +29629 +29633 +29641 +29663 +29669 +29671 +29683 +29717 +29723 +29741 +29753 +29759 +29761 +29789 +29803 +29819 +29833 +29837 +29851 +29863 +29867 +29873 +29879 +29881 +29917 +29921 +29927 +29947 +29959 +29983 +29989 +30011 +30013 +30029 +30047 +30059 +30071 +30089 +30091 +30097 +30103 +30109 +30113 +30119 +30133 +30137 +30139 +30161 +30169 +30181 +30187 +30197 +30203 +30211 +30223 +30241 +30253 +30259 +30269 +30271 +30293 +30307 +30313 +30319 +30323 +30341 +30347 +30367 +30389 +30391 +30403 +30427 +30431 +30449 +30467 +30469 +30491 +30493 +30497 +30509 +30517 +30529 +30539 +30553 +30557 +30559 +30577 +30593 +30631 +30637 +30643 +30649 +30661 +30671 +30677 +30689 +30697 +30703 +30707 +30713 +30727 +30757 +30763 +30773 +30781 +30803 +30809 +30817 +30829 +30839 +30841 +30851 +30853 +30859 +30869 +30871 +30881 +30893 +30911 +30931 +30937 +30941 +30949 +30971 +30977 +30983 +31013 +31019 +31033 +31039 +31051 +31063 +31069 +31079 +31081 +31091 +31121 +31123 +31139 +31147 +31151 +31153 +31159 +31177 +31181 +31183 +31189 +31193 +31219 +31223 +31231 +31237 +31247 +31249 +31253 +31259 +31267 +31271 +31277 +31307 +31319 +31321 +31327 +31333 +31337 +31357 +31379 +31387 +31391 +31393 +31397 +31469 +31477 +31481 +31489 +31511 +31513 +31517 +31531 +31541 +31543 +31547 +31567 +31573 +31583 +31601 +31607 +31627 +31643 +31649 +31657 +31663 +31667 +31687 +31699 +31721 +31723 +31727 +31729 +31741 +31751 +31769 +31771 +31793 +31799 +31817 +31847 +31849 +31859 +31873 +31883 +31891 +31907 +31957 +31963 +31973 +31981 +31991 +32003 +32009 +32027 +32029 +32051 +32057 +32059 +32063 +32069 +32077 +32083 +32089 +32099 +32117 +32119 +32141 +32143 +32159 +32173 +32183 +32189 +32191 +32203 +32213 +32233 +32237 +32251 +32257 +32261 +32297 +32299 +32303 +32309 +32321 +32323 +32327 +32341 +32353 +32359 +32363 +32369 +32371 +32377 +32381 +32401 +32411 +32413 +32423 +32429 +32441 +32443 +32467 +32479 +32491 +32497 +32503 +32507 +32531 +32533 +32537 +32561 +32563 +32569 +32573 +32579 +32587 +32603 +32609 +32611 +32621 +32633 +32647 +32653 +32687 +32693 +32707 +32713 +32717 +32719 +32749 +32771 +32779 +32783 +32789 +32797 +32801 +32803 +32831 +32833 +32839 +32843 +32869 +32887 +32909 +32911 +32917 +32933 +32939 +32941 +32957 +32969 +32971 +32983 +32987 +32993 +32999 +33013 +33023 +33029 +33037 +33049 +33053 +33071 +33073 +33083 +33091 +33107 +33113 +33119 +33149 +33151 +33161 +33179 +33181 +33191 +33199 +33203 +33211 +33223 +33247 +33287 +33289 +33301 +33311 +33317 +33329 +33331 +33343 +33347 +33349 +33353 +33359 +33377 +33391 +33403 +33409 +33413 +33427 +33457 +33461 +33469 +33479 +33487 +33493 +33503 +33521 +33529 +33533 +33547 +33563 +33569 +33577 +33581 +33587 +33589 +33599 +33601 +33613 +33617 +33619 +33623 +33629 +33637 +33641 +33647 +33679 +33703 +33713 +33721 +33739 +33749 +33751 +33757 +33767 +33769 +33773 +33791 +33797 +33809 +33811 +33827 +33829 +33851 +33857 +33863 +33871 +33889 +33893 +33911 +33923 +33931 +33937 +33941 +33961 +33967 +33997 +34019 +34031 +34033 +34039 +34057 +34061 +34123 +34127 +34129 +34141 +34147 +34157 +34159 +34171 +34183 +34211 +34213 +34217 +34231 +34253 +34259 +34261 +34267 +34273 +34283 +34297 +34301 +34303 +34313 +34319 +34327 +34337 +34351 +34361 +34367 +34369 +34381 +34403 +34421 +34429 +34439 +34457 +34469 +34471 +34483 +34487 +34499 +34501 +34511 +34513 +34519 +34537 +34543 +34549 +34583 +34589 +34591 +34603 +34607 +34613 +34631 +34649 +34651 +34667 +34673 +34679 +34687 +34693 +34703 +34721 +34729 +34739 +34747 +34757 +34759 +34763 +34781 +34807 +34819 +34841 +34843 +34847 +34849 +34871 +34877 +34883 +34897 +34913 +34919 +34939 +34949 +34961 +34963 +34981 +35023 +35027 +35051 +35053 +35059 +35069 +35081 +35083 +35089 +35099 +35107 +35111 +35117 +35129 +35141 +35149 +35153 +35159 +35171 +35201 +35221 +35227 +35251 +35257 +35267 +35279 +35281 +35291 +35311 +35317 +35323 +35327 +35339 +35353 +35363 +35381 +35393 +35401 +35407 +35419 +35423 +35437 +35447 +35449 +35461 +35491 +35507 +35509 +35521 +35527 +35531 +35533 +35537 +35543 +35569 +35573 +35591 +35593 +35597 +35603 +35617 +35671 +35677 +35729 +35731 +35747 +35753 +35759 +35771 +35797 +35801 +35803 +35809 +35831 +35837 +35839 +35851 +35863 +35869 +35879 +35897 +35899 +35911 +35923 +35933 +35951 +35963 +35969 +35977 +35983 +35993 +35999 +36007 +36011 +36013 +36017 +36037 +36061 +36067 +36073 +36083 +36097 +36107 +36109 +36131 +36137 +36151 +36161 +36187 +36191 +36209 +36217 +36229 +36241 +36251 +36263 +36269 +36277 +36293 +36299 +36307 +36313 +36319 +36341 +36343 +36353 +36373 +36383 +36389 +36433 +36451 +36457 +36467 +36469 +36473 +36479 +36493 +36497 +36523 +36527 +36529 +36541 +36551 +36559 +36563 +36571 +36583 +36587 +36599 +36607 +36629 +36637 +36643 +36653 +36671 +36677 +36683 +36691 +36697 +36709 +36713 +36721 +36739 +36749 +36761 +36767 +36779 +36781 +36787 +36791 +36793 +36809 +36821 +36833 +36847 +36857 +36871 +36877 +36887 +36899 +36901 +36913 +36919 +36923 +36929 +36931 +36943 +36947 +36973 +36979 +36997 +37003 +37013 +37019 +37021 +37039 +37049 +37057 +37061 +37087 +37097 +37117 +37123 +37139 +37159 +37171 +37181 +37189 +37199 +37201 +37217 +37223 +37243 +37253 +37273 +37277 +37307 +37309 +37313 +37321 +37337 +37339 +37357 +37361 +37363 +37369 +37379 +37397 +37409 +37423 +37441 +37447 +37463 +37483 +37489 +37493 +37501 +37507 +37511 +37517 +37529 +37537 +37547 +37549 +37561 +37567 +37571 +37573 +37579 +37589 +37591 +37607 +37619 +37633 +37643 +37649 +37657 +37663 +37691 +37693 +37699 +37717 +37747 +37781 +37783 +37799 +37811 +37813 +37831 +37847 +37853 +37861 +37871 +37879 +37889 +37897 +37907 +37951 +37957 +37963 +37967 +37987 +37991 +37993 +37997 +38011 +38039 +38047 +38053 +38069 +38083 +38113 +38119 +38149 +38153 +38167 +38177 +38183 +38189 +38197 +38201 +38219 +38231 +38237 +38239 +38261 +38273 +38281 +38287 +38299 +38303 +38317 +38321 +38327 +38329 +38333 +38351 +38371 +38377 +38393 +38431 +38447 +38449 +38453 +38459 +38461 +38501 +38543 +38557 +38561 +38567 +38569 +38593 +38603 +38609 +38611 +38629 +38639 +38651 +38653 +38669 +38671 +38677 +38693 +38699 +38707 +38711 +38713 +38723 +38729 +38737 +38747 +38749 +38767 +38783 +38791 +38803 +38821 +38833 +38839 +38851 +38861 +38867 +38873 +38891 +38903 +38917 +38921 +38923 +38933 +38953 +38959 +38971 +38977 +38993 +39019 +39023 +39041 +39043 +39047 +39079 +39089 +39097 +39103 +39107 +39113 +39119 +39133 +39139 +39157 +39161 +39163 +39181 +39191 +39199 +39209 +39217 +39227 +39229 +39233 +39239 +39241 +39251 +39293 +39301 +39313 +39317 +39323 +39341 +39343 +39359 +39367 +39371 +39373 +39383 +39397 +39409 +39419 +39439 +39443 +39451 +39461 +39499 +39503 +39509 +39511 +39521 +39541 +39551 +39563 +39569 +39581 +39607 +39619 +39623 +39631 +39659 +39667 +39671 +39679 +39703 +39709 +39719 +39727 +39733 +39749 +39761 +39769 +39779 +39791 +39799 +39821 +39827 +39829 +39839 +39841 +39847 +39857 +39863 +39869 +39877 +39883 +39887 +39901 +39929 +39937 +39953 +39971 +39979 +39983 +39989 +40009 +40013 +40031 +40037 +40039 +40063 +40087 +40093 +40099 +40111 +40123 +40127 +40129 +40151 +40153 +40163 +40169 +40177 +40189 +40193 +40213 +40231 +40237 +40241 +40253 +40277 +40283 +40289 +40343 +40351 +40357 +40361 +40387 +40423 +40427 +40429 +40433 +40459 +40471 +40483 +40487 +40493 +40499 +40507 +40519 +40529 +40531 +40543 +40559 +40577 +40583 +40591 +40597 +40609 +40627 +40637 +40639 +40693 +40697 +40699 +40709 +40739 +40751 +40759 +40763 +40771 +40787 +40801 +40813 +40819 +40823 +40829 +40841 +40847 +40849 +40853 +40867 +40879 +40883 +40897 +40903 +40927 +40933 +40939 +40949 +40961 +40973 +40993 +41011 +41017 +41023 +41039 +41047 +41051 +41057 +41077 +41081 +41113 +41117 +41131 +41141 +41143 +41149 +41161 +41177 +41179 +41183 +41189 +41201 +41203 +41213 +41221 +41227 +41231 +41233 +41243 +41257 +41263 +41269 +41281 +41299 +41333 +41341 +41351 +41357 +41381 +41387 +41389 +41399 +41411 +41413 +41443 +41453 +41467 +41479 +41491 +41507 +41513 +41519 +41521 +41539 +41543 +41549 +41579 +41593 +41597 +41603 +41609 +41611 +41617 +41621 +41627 +41641 +41647 +41651 +41659 +41669 +41681 +41687 +41719 +41729 +41737 +41759 +41761 +41771 +41777 +41801 +41809 +41813 +41843 +41849 +41851 +41863 +41879 +41887 +41893 +41897 +41903 +41911 +41927 +41941 +41947 +41953 +41957 +41959 +41969 +41981 +41983 +41999 +42013 +42017 +42019 +42023 +42043 +42061 +42071 +42073 +42083 +42089 +42101 +42131 +42139 +42157 +42169 +42179 +42181 +42187 +42193 +42197 +42209 +42221 +42223 +42227 +42239 +42257 +42281 +42283 +42293 +42299 +42307 +42323 +42331 +42337 +42349 +42359 +42373 +42379 +42391 +42397 +42403 +42407 +42409 +42433 +42437 +42443 +42451 +42457 +42461 +42463 +42467 +42473 +42487 +42491 +42499 +42509 +42533 +42557 +42569 +42571 +42577 +42589 +42611 +42641 +42643 +42649 +42667 +42677 +42683 +42689 +42697 +42701 +42703 +42709 +42719 +42727 +42737 +42743 +42751 +42767 +42773 +42787 +42793 +42797 +42821 +42829 +42839 +42841 +42853 +42859 +42863 +42899 +42901 +42923 +42929 +42937 +42943 +42953 +42961 +42967 +42979 +42989 +43003 +43013 +43019 +43037 +43049 +43051 +43063 +43067 +43093 +43103 +43117 +43133 +43151 +43159 +43177 +43189 +43201 +43207 +43223 +43237 +43261 +43271 +43283 +43291 +43313 +43319 +43321 +43331 +43391 +43397 +43399 +43403 +43411 +43427 +43441 +43451 +43457 +43481 +43487 +43499 +43517 +43541 +43543 +43573 +43577 +43579 +43591 +43597 +43607 +43609 +43613 +43627 +43633 +43649 +43651 +43661 +43669 +43691 +43711 +43717 +43721 +43753 +43759 +43777 +43781 +43783 +43787 +43789 +43793 +43801 +43853 +43867 +43889 +43891 +43913 +43933 +43943 +43951 +43961 +43963 +43969 +43973 +43987 +43991 +43997 +44017 +44021 +44027 +44029 +44041 +44053 +44059 +44071 +44087 +44089 +44101 +44111 +44119 +44123 +44129 +44131 +44159 +44171 +44179 +44189 +44201 +44203 +44207 +44221 +44249 +44257 +44263 +44267 +44269 +44273 +44279 +44281 +44293 +44351 +44357 +44371 +44381 +44383 +44389 +44417 +44449 +44453 +44483 +44491 +44497 +44501 +44507 +44519 +44531 +44533 +44537 +44543 +44549 +44563 +44579 +44587 +44617 +44621 +44623 +44633 +44641 +44647 +44651 +44657 +44683 +44687 +44699 +44701 +44711 +44729 +44741 +44753 +44771 +44773 +44777 +44789 +44797 +44809 +44819 +44839 +44843 +44851 +44867 +44879 +44887 +44893 +44909 +44917 +44927 +44939 +44953 +44959 +44963 +44971 +44983 +44987 +45007 +45013 +45053 +45061 +45077 +45083 +45119 +45121 +45127 +45131 +45137 +45139 +45161 +45179 +45181 +45191 +45197 +45233 +45247 +45259 +45263 +45281 +45289 +45293 +45307 +45317 +45319 +45329 +45337 +45341 +45343 +45361 +45377 +45389 +45403 +45413 +45427 +45433 +45439 +45481 +45491 +45497 +45503 +45523 +45533 +45541 +45553 +45557 +45569 +45587 +45589 +45599 +45613 +45631 +45641 +45659 +45667 +45673 +45677 +45691 +45697 +45707 +45737 +45751 +45757 +45763 +45767 +45779 +45817 +45821 +45823 +45827 +45833 +45841 +45853 +45863 +45869 +45887 +45893 +45943 +45949 +45953 +45959 +45971 +45979 +45989 +46021 +46027 +46049 +46051 +46061 +46073 +46091 +46093 +46099 +46103 +46133 +46141 +46147 +46153 +46171 +46181 +46183 +46187 +46199 +46219 +46229 +46237 +46261 +46271 +46273 +46279 +46301 +46307 +46309 +46327 +46337 +46349 +46351 +46381 +46399 +46411 +46439 +46441 +46447 +46451 +46457 +46471 +46477 +46489 +46499 +46507 +46511 +46523 +46549 +46559 +46567 +46573 +46589 +46591 +46601 +46619 +46633 +46639 +46643 +46649 +46663 +46679 +46681 +46687 +46691 +46703 +46723 +46727 +46747 +46751 +46757 +46769 +46771 +46807 +46811 +46817 +46819 +46829 +46831 +46853 +46861 +46867 +46877 +46889 +46901 +46919 +46933 +46957 +46993 +46997 +47017 +47041 +47051 +47057 +47059 +47087 +47093 +47111 +47119 +47123 +47129 +47137 +47143 +47147 +47149 +47161 +47189 +47207 +47221 +47237 +47251 +47269 +47279 +47287 +47293 +47297 +47303 +47309 +47317 +47339 +47351 +47353 +47363 +47381 +47387 +47389 +47407 +47417 +47419 +47431 +47441 +47459 +47491 +47497 +47501 +47507 +47513 +47521 +47527 +47533 +47543 +47563 +47569 +47581 +47591 +47599 +47609 +47623 +47629 +47639 +47653 +47657 +47659 +47681 +47699 +47701 +47711 +47713 +47717 +47737 +47741 +47743 +47777 +47779 +47791 +47797 +47807 +47809 +47819 +47837 +47843 +47857 +47869 +47881 +47903 +47911 +47917 +47933 +47939 +47947 +47951 +47963 +47969 +47977 +47981 +48017 +48023 +48029 +48049 +48073 +48079 +48091 +48109 +48119 +48121 +48131 +48157 +48163 +48179 +48187 +48193 +48197 +48221 +48239 +48247 +48259 +48271 +48281 +48299 +48311 +48313 +48337 +48341 +48353 +48371 +48383 +48397 +48407 +48409 +48413 +48437 +48449 +48463 +48473 +48479 +48481 +48487 +48491 +48497 +48523 +48527 +48533 +48539 +48541 +48563 +48571 +48589 +48593 +48611 +48619 +48623 +48647 +48649 +48661 +48673 +48677 +48679 +48731 +48733 +48751 +48757 +48761 +48767 +48779 +48781 +48787 +48799 +48809 +48817 +48821 +48823 +48847 +48857 +48859 +48869 +48871 +48883 +48889 +48907 +48947 +48953 +48973 +48989 +48991 +49003 +49009 +49019 +49031 +49033 +49037 +49043 +49057 +49069 +49081 +49103 +49109 +49117 +49121 +49123 +49139 +49157 +49169 +49171 +49177 +49193 +49199 +49201 +49207 +49211 +49223 +49253 +49261 +49277 +49279 +49297 +49307 +49331 +49333 +49339 +49363 +49367 +49369 +49391 +49393 +49409 +49411 +49417 +49429 +49433 +49451 +49459 +49463 +49477 +49481 +49499 +49523 +49529 +49531 +49537 +49547 +49549 +49559 +49597 +49603 +49613 +49627 +49633 +49639 +49663 +49667 +49669 +49681 +49697 +49711 +49727 +49739 +49741 +49747 +49757 +49783 +49787 +49789 +49801 +49807 +49811 +49823 +49831 +49843 +49853 +49871 +49877 +49891 +49919 +49921 +49927 +49937 +49939 +49943 +49957 +49991 +49993 +49999 +50021 +50023 +50033 +50047 +50051 +50053 +50069 +50077 +50087 +50093 +50101 +50111 +50119 +50123 +50129 +50131 +50147 +50153 +50159 +50177 +50207 +50221 +50227 +50231 +50261 +50263 +50273 +50287 +50291 +50311 +50321 +50329 +50333 +50341 +50359 +50363 +50377 +50383 +50387 +50411 +50417 +50423 +50441 +50459 +50461 +50497 +50503 +50513 +50527 +50539 +50543 +50549 +50551 +50581 +50587 +50591 +50593 +50599 +50627 +50647 +50651 +50671 +50683 +50707 +50723 +50741 +50753 +50767 +50773 +50777 +50789 +50821 +50833 +50839 +50849 +50857 +50867 +50873 +50891 +50893 +50909 +50923 +50929 +50951 +50957 +50969 +50971 +50989 +50993 +51001 +51031 +51043 +51047 +51059 +51061 +51071 +51109 +51131 +51133 +51137 +51151 +51157 +51169 +51193 +51197 +51199 +51203 +51217 +51229 +51239 +51241 +51257 +51263 +51283 +51287 +51307 +51329 +51341 +51343 +51347 +51349 +51361 +51383 +51407 +51413 +51419 +51421 +51427 +51431 +51437 +51439 +51449 +51461 +51473 +51479 +51481 +51487 +51503 +51511 +51517 +51521 +51539 +51551 +51563 +51577 +51581 +51593 +51599 +51607 +51613 +51631 +51637 +51647 +51659 +51673 +51679 +51683 +51691 +51713 +51719 +51721 +51749 +51767 +51769 +51787 +51797 +51803 +51817 +51827 +51829 +51839 +51853 +51859 +51869 +51871 +51893 +51899 +51907 +51913 +51929 +51941 +51949 +51971 +51973 +51977 +51991 +52009 +52021 +52027 +52051 +52057 +52067 +52069 +52081 +52103 +52121 +52127 +52147 +52153 +52163 +52177 +52181 +52183 +52189 +52201 +52223 +52237 +52249 +52253 +52259 +52267 +52289 +52291 +52301 +52313 +52321 +52361 +52363 +52369 +52379 +52387 +52391 +52433 +52453 +52457 +52489 +52501 +52511 +52517 +52529 +52541 +52543 +52553 +52561 +52567 +52571 +52579 +52583 +52609 +52627 +52631 +52639 +52667 +52673 +52691 +52697 +52709 +52711 +52721 +52727 +52733 +52747 +52757 +52769 +52783 +52807 +52813 +52817 +52837 +52859 +52861 +52879 +52883 +52889 +52901 +52903 +52919 +52937 +52951 +52957 +52963 +52967 +52973 +52981 +52999 +53003 +53017 +53047 +53051 +53069 +53077 +53087 +53089 +53093 +53101 +53113 +53117 +53129 +53147 +53149 +53161 +53171 +53173 +53189 +53197 +53201 +53231 +53233 +53239 +53267 +53269 +53279 +53281 +53299 +53309 +53323 +53327 +53353 +53359 +53377 +53381 +53401 +53407 +53411 +53419 +53437 +53441 +53453 +53479 +53503 +53507 +53527 +53549 +53551 +53569 +53591 +53593 +53597 +53609 +53611 +53617 +53623 +53629 +53633 +53639 +53653 +53657 +53681 +53693 +53699 +53717 +53719 +53731 +53759 +53773 +53777 +53783 +53791 +53813 +53819 +53831 +53849 +53857 +53861 +53881 +53887 +53891 +53897 +53899 +53917 +53923 +53927 +53939 +53951 +53959 +53987 +53993 +54001 +54011 +54013 +54037 +54049 +54059 +54083 +54091 +54101 +54121 +54133 +54139 +54151 +54163 +54167 +54181 +54193 +54217 +54251 +54269 +54277 +54287 +54293 +54311 +54319 +54323 +54331 +54347 +54361 +54367 +54371 +54377 +54401 +54403 +54409 +54413 +54419 +54421 +54437 +54443 +54449 +54469 +54493 +54497 +54499 +54503 +54517 +54521 +54539 +54541 +54547 +54559 +54563 +54577 +54581 +54583 +54601 +54617 +54623 +54629 +54631 +54647 +54667 +54673 +54679 +54709 +54713 +54721 +54727 +54751 +54767 +54773 +54779 +54787 +54799 +54829 +54833 +54851 +54869 +54877 +54881 +54907 +54917 +54919 +54941 +54949 +54959 +54973 +54979 +54983 +55001 +55009 +55021 +55049 +55051 +55057 +55061 +55073 +55079 +55103 +55109 +55117 +55127 +55147 +55163 +55171 +55201 +55207 +55213 +55217 +55219 +55229 +55243 +55249 +55259 +55291 +55313 +55331 +55333 +55337 +55339 +55343 +55351 +55373 +55381 +55399 +55411 +55439 +55441 +55457 +55469 +55487 +55501 +55511 +55529 +55541 +55547 +55579 +55589 +55603 +55609 +55619 +55621 +55631 +55633 +55639 +55661 +55663 +55667 +55673 +55681 +55691 +55697 +55711 +55717 +55721 +55733 +55763 +55787 +55793 +55799 +55807 +55813 +55817 +55819 +55823 +55829 +55837 +55843 +55849 +55871 +55889 +55897 +55901 +55903 +55921 +55927 +55931 +55933 +55949 +55967 +55987 +55997 +56003 +56009 +56039 +56041 +56053 +56081 +56087 +56093 +56099 +56101 +56113 +56123 +56131 +56149 +56167 +56171 +56179 +56197 +56207 +56209 +56237 +56239 +56249 +56263 +56267 +56269 +56299 +56311 +56333 +56359 +56369 +56377 +56383 +56393 +56401 +56417 +56431 +56437 +56443 +56453 +56467 +56473 +56477 +56479 +56489 +56501 +56503 +56509 +56519 +56527 +56531 +56533 +56543 +56569 +56591 +56597 +56599 +56611 +56629 +56633 +56659 +56663 +56671 +56681 +56687 +56701 +56711 +56713 +56731 +56737 +56747 +56767 +56773 +56779 +56783 +56807 +56809 +56813 +56821 +56827 +56843 +56857 +56873 +56891 +56893 +56897 +56909 +56911 +56921 +56923 +56929 +56941 +56951 +56957 +56963 +56983 +56989 +56993 +56999 +57037 +57041 +57047 +57059 +57073 +57077 +57089 +57097 +57107 +57119 +57131 +57139 +57143 +57149 +57163 +57173 +57179 +57191 +57193 +57203 +57221 +57223 +57241 +57251 +57259 +57269 +57271 +57283 +57287 +57301 +57329 +57331 +57347 +57349 +57367 +57373 +57383 +57389 +57397 +57413 +57427 +57457 +57467 +57487 +57493 +57503 +57527 +57529 +57557 +57559 +57571 +57587 +57593 +57601 +57637 +57641 +57649 +57653 +57667 +57679 +57689 +57697 +57709 +57713 +57719 +57727 +57731 +57737 +57751 +57773 +57781 +57787 +57791 +57793 +57803 +57809 +57829 +57839 +57847 +57853 +57859 +57881 +57899 +57901 +57917 +57923 +57943 +57947 +57973 +57977 +57991 +58013 +58027 +58031 +58043 +58049 +58057 +58061 +58067 +58073 +58099 +58109 +58111 +58129 +58147 +58151 +58153 +58169 +58171 +58189 +58193 +58199 +58207 +58211 +58217 +58229 +58231 +58237 +58243 +58271 +58309 +58313 +58321 +58337 +58363 +58367 +58369 +58379 +58391 +58393 +58403 +58411 +58417 +58427 +58439 +58441 +58451 +58453 +58477 +58481 +58511 +58537 +58543 +58549 +58567 +58573 +58579 +58601 +58603 +58613 +58631 +58657 +58661 +58679 +58687 +58693 +58699 +58711 +58727 +58733 +58741 +58757 +58763 +58771 +58787 +58789 +58831 +58889 +58897 +58901 +58907 +58909 +58913 +58921 +58937 +58943 +58963 +58967 +58979 +58991 +58997 +59009 +59011 +59021 +59023 +59029 +59051 +59053 +59063 +59069 +59077 +59083 +59093 +59107 +59113 +59119 +59123 +59141 +59149 +59159 +59167 +59183 +59197 +59207 +59209 +59219 +59221 +59233 +59239 +59243 +59263 +59273 +59281 +59333 +59341 +59351 +59357 +59359 +59369 +59377 +59387 +59393 +59399 +59407 +59417 +59419 +59441 +59443 +59447 +59453 +59467 +59471 +59473 +59497 +59509 +59513 +59539 +59557 +59561 +59567 +59581 +59611 +59617 +59621 +59627 +59629 +59651 +59659 +59663 +59669 +59671 +59693 +59699 +59707 +59723 +59729 +59743 +59747 +59753 +59771 +59779 +59791 +59797 +59809 +59833 +59863 +59879 +59887 +59921 +59929 +59951 +59957 +59971 +59981 +59999 +60013 +60017 +60029 +60037 +60041 +60077 +60083 +60089 +60091 +60101 +60103 +60107 +60127 +60133 +60139 +60149 +60161 +60167 +60169 +60209 +60217 +60223 +60251 +60257 +60259 +60271 +60289 +60293 +60317 +60331 +60337 +60343 +60353 +60373 +60383 +60397 +60413 +60427 +60443 +60449 +60457 +60493 +60497 +60509 +60521 +60527 +60539 +60589 +60601 +60607 +60611 +60617 +60623 +60631 +60637 +60647 +60649 +60659 +60661 +60679 +60689 +60703 +60719 +60727 +60733 +60737 +60757 +60761 +60763 +60773 +60779 +60793 +60811 +60821 +60859 +60869 +60887 +60889 +60899 +60901 +60913 +60917 +60919 +60923 +60937 +60943 +60953 +60961 +61001 +61007 +61027 +61031 +61043 +61051 +61057 +61091 +61099 +61121 +61129 +61141 +61151 +61153 +61169 +61211 +61223 +61231 +61253 +61261 +61283 +61291 +61297 +61331 +61333 +61339 +61343 +61357 +61363 +61379 +61381 +61403 +61409 +61417 +61441 +61463 +61469 +61471 +61483 +61487 +61493 +61507 +61511 +61519 +61543 +61547 +61553 +61559 +61561 +61583 +61603 +61609 +61613 +61627 +61631 +61637 +61643 +61651 +61657 +61667 +61673 +61681 +61687 +61703 +61717 +61723 +61729 +61751 +61757 +61781 +61813 +61819 +61837 +61843 +61861 +61871 +61879 +61909 +61927 +61933 +61949 +61961 +61967 +61979 +61981 +61987 +61991 +62003 +62011 +62017 +62039 +62047 +62053 +62057 +62071 +62081 +62099 +62119 +62129 +62131 +62137 +62141 +62143 +62171 +62189 +62191 +62201 +62207 +62213 +62219 +62233 +62273 +62297 +62299 +62303 +62311 +62323 +62327 +62347 +62351 +62383 +62401 +62417 +62423 +62459 +62467 +62473 +62477 +62483 +62497 +62501 +62507 +62533 +62539 +62549 +62563 +62581 +62591 +62597 +62603 +62617 +62627 +62633 +62639 +62653 +62659 +62683 +62687 +62701 +62723 +62731 +62743 +62753 +62761 +62773 +62791 +62801 +62819 +62827 +62851 +62861 +62869 +62873 +62897 +62903 +62921 +62927 +62929 +62939 +62969 +62971 +62981 +62983 +62987 +62989 +63029 +63031 +63059 +63067 +63073 +63079 +63097 +63103 +63113 +63127 +63131 +63149 +63179 +63197 +63199 +63211 +63241 +63247 +63277 +63281 +63299 +63311 +63313 +63317 +63331 +63337 +63347 +63353 +63361 +63367 +63377 +63389 +63391 +63397 +63409 +63419 +63421 +63439 +63443 +63463 +63467 +63473 +63487 +63493 +63499 +63521 +63527 +63533 +63541 +63559 +63577 +63587 +63589 +63599 +63601 +63607 +63611 +63617 +63629 +63647 +63649 +63659 +63667 +63671 +63689 +63691 +63697 +63703 +63709 +63719 +63727 +63737 +63743 +63761 +63773 +63781 +63793 +63799 +63803 +63809 +63823 +63839 +63841 +63853 +63857 +63863 +63901 +63907 +63913 +63929 +63949 +63977 +63997 +64007 +64013 +64019 +64033 +64037 +64063 +64067 +64081 +64091 +64109 +64123 +64151 +64153 +64157 +64171 +64187 +64189 +64217 +64223 +64231 +64237 +64271 +64279 +64283 +64301 +64303 +64319 +64327 +64333 +64373 +64381 +64399 +64403 +64433 +64439 +64451 +64453 +64483 +64489 +64499 +64513 +64553 +64567 +64577 +64579 +64591 +64601 +64609 +64613 +64621 +64627 +64633 +64661 +64663 +64667 +64679 +64693 +64709 +64717 +64747 +64763 +64781 +64783 +64793 +64811 +64817 +64849 +64853 +64871 +64877 +64879 +64891 +64901 +64919 +64921 +64927 +64937 +64951 +64969 +64997 +65003 +65011 +65027 +65029 +65033 +65053 +65063 +65071 +65089 +65099 +65101 +65111 +65119 +65123 +65129 +65141 +65147 +65167 +65171 +65173 +65179 +65183 +65203 +65213 +65239 +65257 +65267 +65269 +65287 +65293 +65309 +65323 +65327 +65353 +65357 +65371 +65381 +65393 +65407 +65413 +65419 +65423 +65437 +65447 +65449 +65479 +65497 +65519 +65521 diff --git a/security/nss/lib/freebl/mpi/doc/prng.pod b/security/nss/lib/freebl/mpi/doc/prng.pod new file mode 100644 index 000000000..1ae75da82 --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/prng.pod @@ -0,0 +1,41 @@ +=head1 NAME + + prng - pseudo-random number generator + +=head1 SYNOPSIS + + prng [count] + +=head1 DESCRIPTION + +B<Prng> generates 32-bit pseudo-random integers using the +Blum-Blum-Shub (BBS) quadratic residue generator. It is seeded using +the standard C library's rand() function, which itself seeded from the +system clock and the process ID number. Thus, the values generated +are not particularly useful for cryptographic applications, but they +are in general much better than the typical output of the usual +multiplicative congruency generator used by most runtime libraries. + +You may optionally specify how many random values should be generated +by giving a I<count> argument on the command line. If you do not +specify a count, only one random value will be generated. The results +are output to the standard output in decimal notation, one value per +line. + +=head1 RESTRICTIONS + +As stated above, B<prng> uses the C library's rand() function to seed +the generator, so it is not terribly suitable for cryptographic +applications. Also note that each time you run the program, a new +seed is generated, so it is better to run it once with a I<count> +parameter than it is to run it multiple times to generate several +values. + +=head1 AUTHOR + + Michael J. Fromberger <sting@linguist.dartmouth.edu> + Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved + Thayer School of Engineering, Dartmouth College, Hanover, NH USA + + $Date$ + diff --git a/security/nss/lib/freebl/mpi/doc/redux.txt b/security/nss/lib/freebl/mpi/doc/redux.txt new file mode 100644 index 000000000..f6f8b6ad4 --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/redux.txt @@ -0,0 +1,118 @@ +Modular Reduction + +Usually, modular reduction is accomplished by long division, using the +mp_div() or mp_mod() functions. However, when performing modular +exponentiation, you spend a lot of time reducing by the same modulus +again and again. For this purpose, doing a full division for each +multiplication is quite inefficient. + +For this reason, the mp_exptmod() function does not perform modular +reductions in the usual way, but instead takes advantage of an +algorithm due to Barrett, as described by Menezes, Oorschot and +VanStone in their book _Handbook of Applied Cryptography_, published +by the CRC Press (see Chapter 14 for details). This method reduces +most of the computation of reduction to efficient shifting and masking +operations, and avoids the multiple-precision division entirely. + +Here is a brief synopsis of Barrett reduction, as it is implemented in +this library. + +Let b denote the radix of the computation (one more than the maximum +value that can be denoted by an mp_digit). Let m be the modulus, and +let k be the number of significant digits of m. Let x be the value to +be reduced modulo m. By the Division Theorem, there exist unique +integers Q and R such that: + + x = Qm + R, 0 <= R < m + +Barrett reduction takes advantage of the fact that you can easily +approximate Q to within two, given a value M such that: + + 2k + b + M = floor( ----- ) + m + +Computation of M requires a full-precision division step, so if you +are only doing a single reduction by m, you gain no advantage. +However, when multiple reductions by the same m are required, this +division need only be done once, beforehand. Using this, we can use +the following equation to compute Q', an approximation of Q: + + x + floor( ------ ) M + k-1 + b +Q' = floor( ----------------- ) + k+1 + b + +The divisions by b^(k-1) and b^(k+1) and the floor() functions can be +efficiently implemented with shifts and masks, leaving only a single +multiplication to be performed to get this approximation. It can be +shown that Q - 2 <= Q' <= Q, so in the worst case, we can get out with +two additional subtractions to bring the value into line with the +actual value of Q. + +Once we've got Q', we basically multiply that by m and subtract from +x, yielding: + + x - Q'm = Qm + R - Q'm + +Since we know the constraint on Q', this is one of: + + R + m + R + 2m + R + +Since R < m by the Division Theorem, we can simply subtract off m +until we get a value in the correct range, which will happen with no +more than 2 subtractions: + + v = x - Q'm + + while(v >= m) + v = v - m + endwhile + + +In random performance trials, modular exponentiation using this method +of reduction gave around a 40% speedup over using the division for +reduction. + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/sqrt.txt b/security/nss/lib/freebl/mpi/doc/sqrt.txt new file mode 100644 index 000000000..e14157caa --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/sqrt.txt @@ -0,0 +1,82 @@ +Square Root + +A simple iterative algorithm is used to compute the greatest integer +less than or equal to the square root. Essentially, this is Newton's +linear approximation, computed by finding successive values of the +equation: + + x[k]^2 - V +x[k+1] = x[k] - ------------ + 2 x[k] + +...where V is the value for which the square root is being sought. In +essence, what is happening here is that we guess a value for the +square root, then figure out how far off we were by squaring our guess +and subtracting the target. Using this value, we compute a linear +approximation for the error, and adjust the "guess". We keep doing +this until the precision gets low enough that the above equation +yields a quotient of zero. At this point, our last guess is one +greater than the square root we're seeking. + +The initial guess is computed by dividing V by 4, which is a heuristic +I have found to be fairly good on average. This also has the +advantage of being very easy to compute efficiently, even for large +values. + +So, the resulting algorithm works as follows: + + x = V / 4 /* compute initial guess */ + + loop + t = (x * x) - V /* Compute absolute error */ + u = 2 * x /* Adjust by tangent slope */ + t = t / u + + /* Loop is done if error is zero */ + if(t == 0) + break + + /* Adjust guess by error term */ + x = x - t + end + + x = x - 1 + +The result of the computation is the value of x. + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/square.txt b/security/nss/lib/freebl/mpi/doc/square.txt new file mode 100644 index 000000000..e0d28798a --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/square.txt @@ -0,0 +1,104 @@ +Squaring Algorithm + +When you are squaring a value, you can take advantage of the fact that +half the multiplications performed by the more general multiplication +algorithm (see 'mul.txt' for a description) are redundant when the +multiplicand equals the multiplier. + +In particular, the modified algorithm is: + +k = 0 +for j <- 0 to (#a - 1) + w = c[2*j] + (a[j] ^ 2); + k = w div R + + for i <- j+1 to (#a - 1) + w = (2 * a[j] * a[i]) + k + c[i+j] + c[i+j] = w mod R + k = w div R + endfor + c[i+j] = k; + k = 0; +endfor + +On the surface, this looks identical to the multiplication algorithm; +however, note the following differences: + + - precomputation of the leading term in the outer loop + + - i runs from j+1 instead of from zero + + - doubling of a[i] * a[j] in the inner product + +Unfortunately, the construction of the inner product is such that we +need more than two digits to represent the inner product, in some +cases. In a C implementation, this means that some gymnastics must be +performed in order to handle overflow, for which C has no direct +abstraction. We do this by observing the following: + +If we have multiplied a[i] and a[j], and the product is more than half +the maximum value expressible in two digits, then doubling this result +will overflow into a third digit. If this occurs, we take note of the +overflow, and double it anyway -- C integer arithmetic ignores +overflow, so the two digits we get back should still be valid, modulo +the overflow. + +Having doubled this value, we now have to add in the remainders and +the digits already computed by earlier steps. If we did not overflow +in the previous step, we might still cause an overflow here. That +will happen whenever the maximum value expressible in two digits, less +the amount we have to add, is greater than the result of the previous +step. Thus, the overflow computation is: + + + u = 0 + w = a[i] * a[j] + + if(w > (R - 1)/ 2) + u = 1; + + w = w * 2 + v = c[i + j] + k + + if(u == 0 && (R - 1 - v) < w) + u = 1 + +If there is an overflow, u will be 1, otherwise u will be 0. The rest +of the parameters are the same as they are in the above description. + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/doc/timing.txt b/security/nss/lib/freebl/mpi/doc/timing.txt new file mode 100644 index 000000000..c1701063a --- /dev/null +++ b/security/nss/lib/freebl/mpi/doc/timing.txt @@ -0,0 +1,245 @@ +MPI Library Timing Tests + +Hardware/OS +(A) SGI O2 1 x MIPS R10000 250MHz IRIX 6.5.3 +(B) IBM RS/6000 43P-240 1 x PowerPC 603e 223MHz AIX 4.3 +(C) Dell GX1/L+ 1 x Pentium III 550MHz Linux 2.2.12-20 +(D) PowerBook G3 1 x PowerPC 750 266MHz LinuxPPC 2.2.6-15apmac +(E) PowerBook G3 1 x PowerPC 750 266MHz MacOS 8.5.1 +(F) PowerBook G3 1 x PowerPC 750 400MHz MacOS 9.0.2 + +Compiler +(1) MIPSpro C 7.2.1 -O3 optimizations +(2) GCC 2.95.1 -O3 optimizations +(3) IBM AIX xlc -O3 optimizations (version unknown) +(4) EGCS 2.91.66 -O3 optimizations +(5) Metrowerks CodeWarrior 5.0 C, all optimizations +(6) MIPSpro C 7.30 -O3 optimizations +(7) same as (6), with optimized libmalloc.so + +Timings are given in seconds, computed using the C library's clock() +function. The first column gives the hardware and compiler +configuration used for the test. The second column indicates the +number of tests that were aggregated to get the statistics for that +size. These were compiled using 16 bit digits. + +Source data were generated randomly using a fixed seed, so they should +be internally consistent, but may vary on different systems depending +on the C library. Also, since the resolution of the timer accessed by +clock() varies, there may be some variance in the precision of these +measurements. + +Prime Generation (primegen) + +128 bits: +A1 200 min=0.03, avg=0.19, max=0.72, sum=38.46 +A2 200 min=0.02, avg=0.16, max=0.62, sum=32.55 +B3 200 min=0.01, avg=0.07, max=0.22, sum=13.29 +C4 200 min=0.00, avg=0.03, max=0.20, sum=6.14 +D4 200 min=0.00, avg=0.05, max=0.33, sum=9.70 +A6 200 min=0.01, avg=0.09, max=0.36, sum=17.48 +A7 200 min=0.00, avg=0.05, max=0.24, sum=10.07 + +192 bits: +A1 200 min=0.05, avg=0.45, max=3.13, sum=89.96 +A2 200 min=0.04, avg=0.39, max=2.61, sum=77.55 +B3 200 min=0.02, avg=0.18, max=1.25, sum=36.97 +C4 200 min=0.01, avg=0.09, max=0.33, sum=18.24 +D4 200 min=0.02, avg=0.15, max=0.54, sum=29.63 +A6 200 min=0.02, avg=0.24, max=1.70, sum=47.84 +A7 200 min=0.01, avg=0.15, max=1.05, sum=30.88 + +256 bits: +A1 200 min=0.08, avg=0.92, max=6.13, sum=184.79 +A2 200 min=0.06, avg=0.76, max=5.03, sum=151.11 +B3 200 min=0.04, avg=0.41, max=2.68, sum=82.35 +C4 200 min=0.02, avg=0.19, max=0.69, sum=37.91 +D4 200 min=0.03, avg=0.31, max=1.15, sum=63.00 +A6 200 min=0.04, avg=0.48, max=3.13, sum=95.46 +A7 200 min=0.03, avg=0.37, max=2.36, sum=73.60 + +320 bits: +A1 200 min=0.11, avg=1.59, max=6.14, sum=318.81 +A2 200 min=0.09, avg=1.27, max=4.93, sum=254.03 +B3 200 min=0.07, avg=0.82, max=3.13, sum=163.80 +C4 200 min=0.04, avg=0.44, max=1.91, sum=87.59 +D4 200 min=0.06, avg=0.73, max=3.22, sum=146.73 +A6 200 min=0.07, avg=0.93, max=3.50, sum=185.01 +A7 200 min=0.05, avg=0.76, max=2.94, sum=151.78 + +384 bits: +A1 200 min=0.16, avg=2.69, max=11.41, sum=537.89 +A2 200 min=0.13, avg=2.15, max=9.03, sum=429.14 +B3 200 min=0.11, avg=1.54, max=6.49, sum=307.78 +C4 200 min=0.06, avg=0.81, max=4.84, sum=161.13 +D4 200 min=0.10, avg=1.38, max=8.31, sum=276.81 +A6 200 min=0.11, avg=1.73, max=7.36, sum=345.55 +A7 200 min=0.09, avg=1.46, max=6.12, sum=292.02 + +448 bits: +A1 200 min=0.23, avg=3.36, max=15.92, sum=672.63 +A2 200 min=0.17, avg=2.61, max=12.25, sum=522.86 +B3 200 min=0.16, avg=2.10, max=9.83, sum=420.86 +C4 200 min=0.09, avg=1.44, max=7.64, sum=288.36 +D4 200 min=0.16, avg=2.50, max=13.29, sum=500.17 +A6 200 min=0.15, avg=2.31, max=10.81, sum=461.58 +A7 200 min=0.14, avg=2.03, max=9.53, sum=405.16 + +512 bits: +A1 200 min=0.30, avg=6.12, max=22.18, sum=1223.35 +A2 200 min=0.25, avg=4.67, max=16.90, sum=933.18 +B3 200 min=0.23, avg=4.13, max=14.94, sum=825.45 +C4 200 min=0.13, avg=2.08, max=9.75, sum=415.22 +D4 200 min=0.24, avg=4.04, max=20.18, sum=808.11 +A6 200 min=0.22, avg=4.47, max=16.19, sum=893.83 +A7 200 min=0.20, avg=4.03, max=14.65, sum=806.02 + +Modular Exponentation (metime) + +The following results are aggregated from 200 pseudo-randomly +generated tests, based on a fixed seed. + + base, exponent, and modulus size (bits) +P/C 128 192 256 320 384 448 512 640 768 896 1024 +------- ----------------------------------------------------------------- +A1 0.015 0.027 0.047 0.069 0.098 0.133 0.176 0.294 0.458 0.680 1.040 +A2 0.013 0.024 0.037 0.053 0.077 0.102 0.133 0.214 0.326 0.476 0.668 +B3 0.005 0.011 0.021 0.036 0.056 0.084 0.121 0.222 0.370 0.573 0.840 +C4 0.002 0.006 0.011 0.020 0.032 0.048 0.069 0.129 0.223 0.344 0.507 +D4 0.004 0.010 0.019 0.034 0.056 0.085 0.123 0.232 0.390 0.609 0.899 +E5 0.007 0.015 0.031 0.055 0.088 0.133 0.183 0.342 0.574 0.893 1.317 +A6 0.008 0.016 0.038 0.042 0.064 0.093 0.133 0.239 0.393 0.604 0.880 +A7 0.005 0.011 0.020 0.036 0.056 0.083 0.121 0.223 0.374 0.583 0.855 + +Multiplication and Squaring tests, (mulsqr) + +The following results are aggregated from 500000 pseudo-randomly +generated tests, based on a per-run wall-clock seed. Times are given +in seconds, except where indicated in microseconds (us). + +(A1) + +bits multiply square ad percent time/mult time/square +64 9.33 9.15 > 1.9 18.7us 18.3us +128 10.88 10.44 > 4.0 21.8us 20.9us +192 13.30 11.89 > 10.6 26.7us 23.8us +256 14.88 12.64 > 15.1 29.8us 25.3us +320 18.64 15.01 > 19.5 37.3us 30.0us +384 23.11 17.70 > 23.4 46.2us 35.4us +448 28.28 20.88 > 26.2 56.6us 41.8us +512 34.09 24.51 > 28.1 68.2us 49.0us +640 47.86 33.25 > 30.5 95.7us 66.5us +768 64.91 43.54 > 32.9 129.8us 87.1us +896 84.49 55.48 > 34.3 169.0us 111.0us +1024 107.25 69.21 > 35.5 214.5us 138.4us +1536 227.97 141.91 > 37.8 456.0us 283.8us +2048 394.05 242.15 > 38.5 788.1us 484.3us + +(A2) + +bits multiply square ad percent time/mult time/square +64 7.87 7.95 < 1.0 15.7us 15.9us +128 9.40 9.19 > 2.2 18.8us 18.4us +192 11.15 10.59 > 5.0 22.3us 21.2us +256 12.02 11.16 > 7.2 24.0us 22.3us +320 14.62 13.43 > 8.1 29.2us 26.9us +384 17.72 15.80 > 10.8 35.4us 31.6us +448 21.24 18.51 > 12.9 42.5us 37.0us +512 25.36 21.78 > 14.1 50.7us 43.6us +640 34.57 29.00 > 16.1 69.1us 58.0us +768 46.10 37.60 > 18.4 92.2us 75.2us +896 58.94 47.72 > 19.0 117.9us 95.4us +1024 73.76 59.12 > 19.8 147.5us 118.2us +1536 152.00 118.80 > 21.8 304.0us 237.6us +2048 259.41 199.57 > 23.1 518.8us 399.1us + +(B3) + +bits multiply square ad percent time/mult time/square +64 2.60 2.47 > 5.0 5.20us 4.94us +128 4.43 4.06 > 8.4 8.86us 8.12us +192 7.03 6.10 > 13.2 14.1us 12.2us +256 10.44 8.59 > 17.7 20.9us 17.2us +320 14.44 11.64 > 19.4 28.9us 23.3us +384 19.12 15.08 > 21.1 38.2us 30.2us +448 24.55 19.09 > 22.2 49.1us 38.2us +512 31.03 23.53 > 24.2 62.1us 47.1us +640 45.05 33.80 > 25.0 90.1us 67.6us +768 63.02 46.05 > 26.9 126.0us 92.1us +896 83.74 60.29 > 28.0 167.5us 120.6us +1024 106.73 76.65 > 28.2 213.5us 153.3us +1536 228.94 160.98 > 29.7 457.9us 322.0us +2048 398.08 275.93 > 30.7 796.2us 551.9us + +(C4) + +bits multiply square ad percent time/mult time/square +64 1.34 1.28 > 4.5 2.68us 2.56us +128 2.76 2.59 > 6.2 5.52us 5.18us +192 4.52 4.16 > 8.0 9.04us 8.32us +256 6.64 5.99 > 9.8 13.3us 12.0us +320 9.20 8.13 > 11.6 18.4us 16.3us +384 12.01 10.58 > 11.9 24.0us 21.2us +448 15.24 13.33 > 12.5 30.5us 26.7us +512 19.02 16.46 > 13.5 38.0us 32.9us +640 27.56 23.54 > 14.6 55.1us 47.1us +768 37.89 31.78 > 16.1 75.8us 63.6us +896 49.24 41.42 > 15.9 98.5us 82.8us +1024 62.59 52.18 > 16.6 125.2us 104.3us +1536 131.66 107.72 > 18.2 263.3us 215.4us +2048 226.45 182.95 > 19.2 453.0us 365.9us + +(A7) + +bits multiply square ad percent time/mult time/square +64 1.74 1.71 > 1.7 3.48us 3.42us +128 3.48 2.96 > 14.9 6.96us 5.92us +192 5.74 4.60 > 19.9 11.5us 9.20us +256 8.75 6.61 > 24.5 17.5us 13.2us +320 12.5 8.99 > 28.1 25.0us 18.0us +384 16.9 11.9 > 29.6 33.8us 23.8us +448 22.2 15.2 > 31.7 44.4us 30.4us +512 28.3 19.0 > 32.7 56.6us 38.0us +640 42.4 28.0 > 34.0 84.8us 56.0us +768 59.4 38.5 > 35.2 118.8us 77.0us +896 79.5 51.2 > 35.6 159.0us 102.4us +1024 102.6 65.5 > 36.2 205.2us 131.0us +1536 224.3 140.6 > 37.3 448.6us 281.2us +2048 393.4 244.3 > 37.9 786.8us 488.6us + +------------------------------------------------------------------ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the GPL. + +$Id$ + + diff --git a/security/nss/lib/freebl/mpi/hpma512.s b/security/nss/lib/freebl/mpi/hpma512.s new file mode 100644 index 000000000..f8241ac3e --- /dev/null +++ b/security/nss/lib/freebl/mpi/hpma512.s @@ -0,0 +1,640 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is multacc512 multiple-precision integer arithmetic. + * + * The Initial Developer of the Original Code is Hewlett-Packard Company. + * Portions created by Hewlett-Packard Company are + * Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved. + * + * Contributor(s): + * coded by: Bill Worley, Hewlett-Packard labs + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * This PA-RISC 2.0 function computes the product of two unsigned integers, + * and adds the result to a previously computed integer. The multiplicand + * is a 512-bit (64-byte, eight doubleword) unsigned integer, stored in + * memory in little-double-wordian order. The multiplier is an unsigned + * 64-bit integer. The previously computed integer to which the product is + * added is located in the result ("res") area, and is assumed to be a + * 576-bit (72-byte, nine doubleword) unsigned integer, stored in memory + * in little-double-wordian order. This value normally will be the result + * of a previously computed nine doubleword result. It is not necessary + * to pad the multiplicand with an additional 64-bit zero doubleword. + * + * Multiplicand, multiplier, and addend ideally should be aligned at + * 16-byte boundaries for best performance. The code will function + * correctly for alignment at eight-byte boundaries which are not 16-byte + * boundaries, but the execution may be slightly slower due to even/odd + * bank conflicts on PA-RISC 8000 processors. + * + * This function is designed to accept the same calling sequence as Bill + * Ackerman's "maxpy_little" function. The carry from the ninth doubleword + * of the result is written to the tenth word of the result, as is done by + * Bill Ackerman's function. The final carry also is returned as an + * integer, which may be ignored. The function prototype may be either + * of the following: + * + * void multacc512( int l, chunk* m, const chunk* a, chunk* res ); + * or + * int multacc512( int l, chunk* m, const chunk* a, chunk* res ); + * + * where: "l" originally denoted vector lengths. This parameter is + * ignored. This function always assumes a multiplicand length of + * 512 bits (eight doublewords), and addend and result lengths of + * 576 bits (nine doublewords). + * + * "m" is a pointer to the doubleword multiplier, ideally aligned + * on a 16-byte boundary. + * + * "a" is a pointer to the eight-doubleword multiplicand, stored + * in little-double-wordian order, and ideally aligned on a 16-byte + * boundary. + * + * "res" is a pointer to the nine doubleword addend, and to the + * nine-doubleword product computed by this function. The result + * also is stored in little-double-wordian order, and ideally is + * aligned on a 16-byte boundary. It is expected that the alignment + * of the "res" area may alternate between even/odd doubleword + * boundaries for successive calls for 512-bit x 512-bit + * multiplications. + * + * The code for this function has been scheduled to use the parallelism + * of the PA-RISC 8000 series microprocessors as well as the author was + * able. Comments and/or suggestions for improvement are welcomed. + * + * The code is "64-bit safe". This means it may be called in either + * the 32ILP context or the 64LP context. All 64-bits of registers are + * saved and restored. + * + * This code is self-contained. It requires no other header files in order + * to compile and to be linkable on a PA-RISC 2.0 machine. Symbolic + * definitions for registers and stack offsets are included within this + * one source file. + * + * This is a leaf routine. As such, minimal use is made of the stack area. + * Of the 192 bytes allocated, 64 bytes are used for saving/restoring eight + * general registers, and 128 bytes are used to move intermediate products + * from the floating-point registers to the general registers. Stack + * protocols assure proper alignment of these areas. + * + */ + + +/* ====================================================================*/ +/* symbolic definitions for PA-RISC registers */ +/* in the MIPS style, avoids lots of case shifts */ +/* assigments (except t4) preserve register number parity */ +/* ====================================================================*/ + +#define zero %r0 /* permanent zero */ +#define t5 %r1 /* temp register, altered by addil */ + +#define rp %r2 /* return pointer */ + +#define s1 %r3 /* callee saves register*/ +#define s0 %r4 /* callee saves register*/ +#define s3 %r5 /* callee saves register*/ +#define s2 %r6 /* callee saves register*/ +#define s5 %r7 /* callee saves register*/ +#define s4 %r8 /* callee saves register*/ +#define s7 %r9 /* callee saves register*/ +#define s6 %r10 /* callee saves register*/ + +#define t1 %r19 /* caller saves register*/ +#define t0 %r20 /* caller saves register*/ +#define t3 %r21 /* caller saves register*/ +#define t2 %r22 /* caller saves register*/ + +#define a3 %r23 /* fourth argument register, high word */ +#define a2 %r24 /* third argument register, low word*/ +#define a1 %r25 /* second argument register, high word*/ +#define a0 %r26 /* first argument register, low word*/ + +#define v0 %r28 /* high order return value*/ +#define v1 %r29 /* low order return value*/ + +#define sp %r30 /* stack pointer*/ +#define t4 %r31 /* temporary register */ + +#define fa0 %fr4 /* first argument register*/ +#define fa1 %fr5 /* second argument register*/ +#define fa2 %fr6 /* third argument register*/ +#define fa3 %fr7 /* fourth argument register*/ + +#define fa0r %fr4R /* first argument register*/ +#define fa1r %fr5R /* second argument register*/ +#define fa2r %fr6R /* third argument register*/ +#define fa3r %fr7R /* fourth argument register*/ + +#define ft0 %fr8 /* caller saves register*/ +#define ft1 %fr9 /* caller saves register*/ +#define ft2 %fr10 /* caller saves register*/ +#define ft3 %fr11 /* caller saves register*/ + +#define ft0r %fr8R /* caller saves register*/ +#define ft1r %fr9R /* caller saves register*/ +#define ft2r %fr10R /* caller saves register*/ +#define ft3r %fr11R /* caller saves register*/ + +#define ft4 %fr22 /* caller saves register*/ +#define ft5 %fr23 /* caller saves register*/ +#define ft6 %fr24 /* caller saves register*/ +#define ft7 %fr25 /* caller saves register*/ +#define ft8 %fr26 /* caller saves register*/ +#define ft9 %fr27 /* caller saves register*/ +#define ft10 %fr28 /* caller saves register*/ +#define ft11 %fr29 /* caller saves register*/ +#define ft12 %fr30 /* caller saves register*/ +#define ft13 %fr31 /* caller saves register*/ + +#define ft4r %fr22R /* caller saves register*/ +#define ft5r %fr23R /* caller saves register*/ +#define ft6r %fr24R /* caller saves register*/ +#define ft7r %fr25R /* caller saves register*/ +#define ft8r %fr26R /* caller saves register*/ +#define ft9r %fr27R /* caller saves register*/ +#define ft10r %fr28R /* caller saves register*/ +#define ft11r %fr29R /* caller saves register*/ +#define ft12r %fr30R /* caller saves register*/ +#define ft13r %fr31R /* caller saves register*/ + + + +/* ================================================================== */ +/* functional definitions for PA-RISC registers */ +/* ================================================================== */ + +/* general registers */ + +#define T1 a0 /* temp, (length parameter ignored) */ + +#define pM a1 /* -> 64-bit multiplier */ +#define T2 a1 /* temp, (after fetching multiplier) */ + +#define pA a2 /* -> multiplicand vector (8 64-bit words) */ +#define T3 a2 /* temp, (after fetching multiplicand) */ + +#define pR a3 /* -> addend vector (8 64-bit doublewords, + result vector (9 64-bit words) */ + +#define S0 s0 /* callee saves summand registers */ +#define S1 s1 +#define S2 s2 +#define S3 s3 +#define S4 s4 +#define S5 s5 +#define S6 s6 +#define S7 s7 + +#define S8 v0 /* caller saves summand registers */ +#define S9 v1 +#define S10 t0 +#define S11 t1 +#define S12 t2 +#define S13 t3 +#define S14 t4 +#define S15 t5 + + + +/* floating-point registers */ + +#define M fa0 /* multiplier double word */ +#define MR fa0r /* low order half of multiplier double word */ +#define ML fa0 /* high order half of multiplier double word */ + +#define A0 fa2 /* multiplicand double word 0 */ +#define A0R fa2r /* low order half of multiplicand double word */ +#define A0L fa2 /* high order half of multiplicand double word */ + +#define A1 fa3 /* multiplicand double word 1 */ +#define A1R fa3r /* low order half of multiplicand double word */ +#define A1L fa3 /* high order half of multiplicand double word */ + +#define A2 ft0 /* multiplicand double word 2 */ +#define A2R ft0r /* low order half of multiplicand double word */ +#define A2L ft0 /* high order half of multiplicand double word */ + +#define A3 ft1 /* multiplicand double word 3 */ +#define A3R ft1r /* low order half of multiplicand double word */ +#define A3L ft1 /* high order half of multiplicand double word */ + +#define A4 ft2 /* multiplicand double word 4 */ +#define A4R ft2r /* low order half of multiplicand double word */ +#define A4L ft2 /* high order half of multiplicand double word */ + +#define A5 ft3 /* multiplicand double word 5 */ +#define A5R ft3r /* low order half of multiplicand double word */ +#define A5L ft3 /* high order half of multiplicand double word */ + +#define A6 ft4 /* multiplicand double word 6 */ +#define A6R ft4r /* low order half of multiplicand double word */ +#define A6L ft4 /* high order half of multiplicand double word */ + +#define A7 ft5 /* multiplicand double word 7 */ +#define A7R ft5r /* low order half of multiplicand double word */ +#define A7L ft5 /* high order half of multiplicand double word */ + +#define P0 ft6 /* product word 0 */ +#define P1 ft7 /* product word 0 */ +#define P2 ft8 /* product word 0 */ +#define P3 ft9 /* product word 0 */ +#define P4 ft10 /* product word 0 */ +#define P5 ft11 /* product word 0 */ +#define P6 ft12 /* product word 0 */ +#define P7 ft13 /* product word 0 */ + + + + +/* ====================================================================== */ +/* symbolic definitions for HP-UX stack offsets */ +/* symbolic definitions for memory NOPs */ +/* ====================================================================== */ + +#define ST_SZ 192 /* stack area total size */ + +#define SV0 -192(sp) /* general register save area */ +#define SV1 -184(sp) +#define SV2 -176(sp) +#define SV3 -168(sp) +#define SV4 -160(sp) +#define SV5 -152(sp) +#define SV6 -144(sp) +#define SV7 -136(sp) + +#define XF0 -128(sp) /* data transfer area */ +#define XF1 -120(sp) /* for floating-pt to integer regs */ +#define XF2 -112(sp) +#define XF3 -104(sp) +#define XF4 -96(sp) +#define XF5 -88(sp) +#define XF6 -80(sp) +#define XF7 -72(sp) +#define XF8 -64(sp) +#define XF9 -56(sp) +#define XF10 -48(sp) +#define XF11 -40(sp) +#define XF12 -32(sp) +#define XF13 -24(sp) +#define XF14 -16(sp) +#define XF15 -8(sp) + +#define mnop proberi (sp),3,zero /* memory NOP */ + + + + +/* ====================================================================== */ +/* assembler formalities */ +/* ====================================================================== */ + +#ifdef __LP64__ + .level 2.0W +#else + .level 2.0 +#endif + .space $TEXT$ + .subspa $CODE$ + .align 16 + +/* ====================================================================== */ +/* here to compute 64-bit x 512-bit product + 512-bit addend */ +/* ====================================================================== */ + +multacc512 + .PROC + .CALLINFO + .ENTER + fldd 0(pM),M ; multiplier double word + ldo ST_SZ(sp),sp ; push stack + + fldd 0(pA),A0 ; multiplicand double word 0 + std S1,SV1 ; save s1 + + fldd 16(pA),A2 ; multiplicand double word 2 + std S3,SV3 ; save s3 + + fldd 32(pA),A4 ; multiplicand double word 4 + std S5,SV5 ; save s5 + + fldd 48(pA),A6 ; multiplicand double word 6 + std S7,SV7 ; save s7 + + + std S0,SV0 ; save s0 + fldd 8(pA),A1 ; multiplicand double word 1 + xmpyu MR,A0L,P0 ; A0 cross 32-bit word products + xmpyu ML,A0R,P2 + + std S2,SV2 ; save s2 + fldd 24(pA),A3 ; multiplicand double word 3 + xmpyu MR,A2L,P4 ; A2 cross 32-bit word products + xmpyu ML,A2R,P6 + + std S4,SV4 ; save s4 + fldd 40(pA),A5 ; multiplicand double word 5 + + std S6,SV6 ; save s6 + fldd 56(pA),A7 ; multiplicand double word 7 + + + fstd P0,XF0 ; MR * A0L + xmpyu MR,A0R,P0 ; A0 right 32-bit word product + xmpyu MR,A1L,P1 ; A1 cross 32-bit word product + + fstd P2,XF2 ; ML * A0R + xmpyu ML,A0L,P2 ; A0 left 32-bit word product + xmpyu ML,A1R,P3 ; A1 cross 32-bit word product + + fstd P4,XF4 ; MR * A2L + xmpyu MR,A2R,P4 ; A2 right 32-bit word product + xmpyu MR,A3L,P5 ; A3 cross 32-bit word product + + fstd P6,XF6 ; ML * A2R + xmpyu ML,A2L,P6 ; A2 parallel 32-bit word product + xmpyu ML,A3R,P7 ; A3 cross 32-bit word product + + + ldd XF0,S0 ; MR * A0L + fstd P1,XF1 ; MR * A1L + + ldd XF2,S2 ; ML * A0R + fstd P3,XF3 ; ML * A1R + + ldd XF4,S4 ; MR * A2L + fstd P5,XF5 ; MR * A3L + xmpyu MR,A1R,P1 ; A1 parallel 32-bit word products + xmpyu ML,A1L,P3 + + ldd XF6,S6 ; ML * A2R + fstd P7,XF7 ; ML * A3R + xmpyu MR,A3R,P5 ; A3 parallel 32-bit word products + xmpyu ML,A3L,P7 + + + fstd P0,XF0 ; MR * A0R + ldd XF1,S1 ; MR * A1L + nop + add S0,S2,T1 ; A0 cross product sum + + fstd P2,XF2 ; ML * A0L + ldd XF3,S3 ; ML * A1R + add,dc zero,zero,S0 ; A0 cross product sum carry + depd,z T1,31,32,S2 ; A0 cross product sum << 32 + + fstd P4,XF4 ; MR * A2R + ldd XF5,S5 ; MR * A3L + shrpd S0,T1,32,S0 ; A0 carry | cross product sum >> 32 + add S4,S6,T3 ; A2 cross product sum + + fstd P6,XF6 ; ML * A2L + ldd XF7,S7 ; ML * A3R + add,dc zero,zero,S4 ; A2 cross product sum carry + depd,z T3,31,32,S6 ; A2 cross product sum << 32 + + + ldd XF0,S8 ; MR * A0R + fstd P1,XF1 ; MR * A1R + xmpyu MR,A4L,P0 ; A4 cross 32-bit word product + xmpyu MR,A5L,P1 ; A5 cross 32-bit word product + + ldd XF2,S10 ; ML * A0L + fstd P3,XF3 ; ML * A1L + xmpyu ML,A4R,P2 ; A4 cross 32-bit word product + xmpyu ML,A5R,P3 ; A5 cross 32-bit word product + + ldd XF4,S12 ; MR * A2R + fstd P5,XF5 ; MR * A3L + xmpyu MR,A6L,P4 ; A6 cross 32-bit word product + xmpyu MR,A7L,P5 ; A7 cross 32-bit word product + + ldd XF6,S14 ; ML * A2L + fstd P7,XF7 ; ML * A3L + xmpyu ML,A6R,P6 ; A6 cross 32-bit word product + xmpyu ML,A7R,P7 ; A7 cross 32-bit word product + + + fstd P0,XF0 ; MR * A4L + ldd XF1,S9 ; MR * A1R + shrpd S4,T3,32,S4 ; A2 carry | cross product sum >> 32 + add S1,S3,T1 ; A1 cross product sum + + fstd P2,XF2 ; ML * A4R + ldd XF3,S11 ; ML * A1L + add,dc zero,zero,S1 ; A1 cross product sum carry + depd,z T1,31,32,S3 ; A1 cross product sum << 32 + + fstd P4,XF4 ; MR * A6L + ldd XF5,S13 ; MR * A3R + shrpd S1,T1,32,S1 ; A1 carry | cross product sum >> 32 + add S5,S7,T3 ; A3 cross product sum + + fstd P6,XF6 ; ML * A6R + ldd XF7,S15 ; ML * A3L + add,dc zero,zero,S5 ; A3 cross product sum carry + depd,z T3,31,32,S7 ; A3 cross product sum << 32 + + + shrpd S5,T3,32,S5 ; A3 carry | cross product sum >> 32 + add S2,S8,S8 ; M * A0 right doubleword, P0 doubleword + + add,dc S0,S10,S10 ; M * A0 left doubleword + add S3,S9,S9 ; M * A1 right doubleword + + add,dc S1,S11,S11 ; M * A1 left doubleword + add S6,S12,S12 ; M * A2 right doubleword + + + ldd 24(pR),S3 ; Addend word 3 + fstd P1,XF1 ; MR * A5L + add,dc S4,S14,S14 ; M * A2 left doubleword + xmpyu MR,A5R,P1 ; A5 right 32-bit word product + + ldd 8(pR),S1 ; Addend word 1 + fstd P3,XF3 ; ML * A5R + add S7,S13,S13 ; M * A3 right doubleword + xmpyu ML,A5L,P3 ; A5 left 32-bit word product + + ldd 0(pR),S7 ; Addend word 0 + fstd P5,XF5 ; MR * A7L + add,dc S5,S15,S15 ; M * A3 left doubleword + xmpyu MR,A7R,P5 ; A7 right 32-bit word product + + ldd 16(pR),S5 ; Addend word 2 + fstd P7,XF7 ; ML * A7R + add S10,S9,S9 ; P1 doubleword + xmpyu ML,A7L,P7 ; A7 left 32-bit word products + + + ldd XF0,S0 ; MR * A4L + fstd P1,XF9 ; MR * A5R + add,dc S11,S12,S12 ; P2 doubleword + xmpyu MR,A4R,P0 ; A4 right 32-bit word product + + ldd XF2,S2 ; ML * A4R + fstd P3,XF11 ; ML * A5L + add,dc S14,S13,S13 ; P3 doubleword + xmpyu ML,A4L,P2 ; A4 left 32-bit word product + + ldd XF6,S6 ; ML * A6R + fstd P5,XF13 ; MR * A7R + add,dc zero,S15,T2 ; P4 partial doubleword + xmpyu MR,A6R,P4 ; A6 right 32-bit word product + + ldd XF4,S4 ; MR * A6L + fstd P7,XF15 ; ML * A7L + add S7,S8,S8 ; R0 + P0, new R0 doubleword + xmpyu ML,A6L,P6 ; A6 left 32-bit word product + + + fstd P0,XF0 ; MR * A4R + ldd XF7,S7 ; ML * A7R + add,dc S1,S9,S9 ; c + R1 + P1, new R1 doubleword + + fstd P2,XF2 ; ML * A4L + ldd XF1,S1 ; MR * A5L + add,dc S5,S12,S12 ; c + R2 + P2, new R2 doubleword + + fstd P4,XF4 ; MR * A6R + ldd XF5,S5 ; MR * A7L + add,dc S3,S13,S13 ; c + R3 + P3, new R3 doubleword + + fstd P6,XF6 ; ML * A6L + ldd XF3,S3 ; ML * A5R + add,dc zero,T2,T2 ; c + partial P4 + add S0,S2,T1 ; A4 cross product sum + + + std S8,0(pR) ; save R0 + add,dc zero,zero,S0 ; A4 cross product sum carry + depd,z T1,31,32,S2 ; A4 cross product sum << 32 + + std S9,8(pR) ; save R1 + shrpd S0,T1,32,S0 ; A4 carry | cross product sum >> 32 + add S4,S6,T3 ; A6 cross product sum + + std S12,16(pR) ; save R2 + add,dc zero,zero,S4 ; A6 cross product sum carry + depd,z T3,31,32,S6 ; A6 cross product sum << 32 + + + std S13,24(pR) ; save R3 + shrpd S4,T3,32,S4 ; A6 carry | cross product sum >> 32 + add S1,S3,T1 ; A5 cross product sum + + ldd XF0,S8 ; MR * A4R + add,dc zero,zero,S1 ; A5 cross product sum carry + depd,z T1,31,32,S3 ; A5 cross product sum << 32 + + ldd XF2,S10 ; ML * A4L + ldd XF9,S9 ; MR * A5R + shrpd S1,T1,32,S1 ; A5 carry | cross product sum >> 32 + add S5,S7,T3 ; A7 cross product sum + + ldd XF4,S12 ; MR * A6R + ldd XF11,S11 ; ML * A5L + add,dc zero,zero,S5 ; A7 cross product sum carry + depd,z T3,31,32,S7 ; A7 cross product sum << 32 + + ldd XF6,S14 ; ML * A6L + ldd XF13,S13 ; MR * A7R + shrpd S5,T3,32,S5 ; A7 carry | cross product sum >> 32 + add S2,S8,S8 ; M * A4 right doubleword + + + ldd XF15,S15 ; ML * A7L + add,dc S0,S10,S10 ; M * A4 left doubleword + add S3,S9,S9 ; M * A5 right doubleword + + add,dc S1,S11,S11 ; M * A5 left doubleword + add S6,S12,S12 ; M * A6 right doubleword + + ldd 32(pR),S0 ; Addend word 4 + ldd 40(pR),S1 ; Addend word 5 + add,dc S4,S14,S14 ; M * A6 left doubleword + add S7,S13,S13 ; M * A7 right doubleword + + ldd 48(pR),S2 ; Addend word 6 + ldd 56(pR),S3 ; Addend word 7 + add,dc S5,S15,S15 ; M * A7 left doubleword + add S8,T2,S8 ; P4 doubleword + + ldd 64(pR),S4 ; Addend word 8 + ldd SV5,s5 ; restore s5 + add,dc S10,S9,S9 ; P5 doubleword + add,dc S11,S12,S12 ; P6 doubleword + + + ldd SV6,s6 ; restore s6 + ldd SV7,s7 ; restore s7 + add,dc S14,S13,S13 ; P7 doubleword + add,dc zero,S15,S15 ; P8 doubleword + + add S0,S8,S8 ; new R4 doubleword + + ldd SV0,s0 ; restore s0 + std S8,32(pR) ; save R4 + add,dc S1,S9,S9 ; new R5 doubleword + + ldd SV1,s1 ; restore s1 + std S9,40(pR) ; save R5 + add,dc S2,S12,S12 ; new R6 doubleword + + ldd SV2,s2 ; restore s2 + std S12,48(pR) ; save R6 + add,dc S3,S13,S13 ; new R7 doubleword + + ldd SV3,s3 ; restore s3 + std S13,56(pR) ; save R7 + add,dc S4,S15,S15 ; new R8 doubleword + + ldd SV4,s4 ; restore s4 + std S15,64(pR) ; save result[8] + add,dc zero,zero,v0 ; return carry from R8 + + CMPIB,*= 0,v0,$L0 ; if no overflow, exit + LDO 8(pR),pR + +$FINAL1 ; Final carry propagation + LDD 64(pR),v0 + LDO 8(pR),pR + ADDI 1,v0,v0 + CMPIB,*= 0,v0,$FINAL1 ; Keep looping if there is a carry. + STD v0,56(pR) +$L0 + bv zero(rp) ; -> caller + ldo -ST_SZ(sp),sp ; pop stack + +/* ====================================================================== */ +/* end of module */ +/* ====================================================================== */ + + .LEAVE + + .PROCEND + .SPACE $TEXT$ + .SUBSPA $CODE$ + .EXPORT multacc512,ENTRY + + .end diff --git a/security/nss/lib/freebl/mpi/hppa20.s b/security/nss/lib/freebl/mpi/hppa20.s new file mode 100644 index 000000000..f7579b805 --- /dev/null +++ b/security/nss/lib/freebl/mpi/hppa20.s @@ -0,0 +1,929 @@ +; The contents of this file are subject to the Mozilla Public +; License Version 1.1 (the "License"); you may not use this file +; except in compliance with the License. You may obtain a copy of +; the License at http://www.mozilla.org/MPL/ +; +; Software distributed under the License is distributed on an "AS +; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +; implied. See the License for the specific language governing +; rights and limitations under the License. +; +; The Original Code is MAXPY multiple-precision integer arithmetic. +; +; The Initial Developer of the Original Code is the Hewlett-Packard Company. +; Portions created by Hewlett-Packard Company are +; Copyright (C) 1997 Hewlett-Packard Company. All Rights Reserved. +; +; Contributor(s): +; coded by: William B. Ackerman +; +; Alternatively, the contents of this file may be used under the +; terms of the GNU General Public License Version 2 or later (the +; "GPL"), in which case the provisions of the GPL are applicable +; instead of those above. If you wish to allow use of your +; version of this file only under the terms of the GPL and not to +; allow others to use your version of this file under the MPL, +; indicate your decision by deleting the provisions above and +; replace them with the notice and other provisions required by +; the GPL. If you do not delete the provisions above, a recipient +; may use your version of this file under either the MPL or the +; GPL. + +#ifdef __LP64__ + .LEVEL 2.0W +#else +; .LEVEL 1.1 +; .ALLOW 2.0N + .LEVEL 2.0N +#endif + .SPACE $TEXT$,SORT=8 + .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24 + +; *************************************************************** +; +; maxpy_[little/big] +; +; *************************************************************** + +; There is no default -- you must specify one or the other. +#define LITTLE_WORDIAN 1 + +#ifdef LITTLE_WORDIAN +#define EIGHT 8 +#define SIXTEEN 16 +#define THIRTY_TWO 32 +#define UN_EIGHT -8 +#define UN_SIXTEEN -16 +#define UN_TWENTY_FOUR -24 +#endif + +#ifdef BIG_WORDIAN +#define EIGHT -8 +#define SIXTEEN -16 +#define THIRTY_TWO -32 +#define UN_EIGHT 8 +#define UN_SIXTEEN 16 +#define UN_TWENTY_FOUR 24 +#endif + +; This performs a multiple-precision integer version of "daxpy", +; Using the selected addressing direction. "Little-wordian" means that +; the least significant word of a number is stored at the lowest address. +; "Big-wordian" means that the most significant word is at the lowest +; address. Either way, the incoming address of the vector is that +; of the least significant word. That means that, for little-wordian +; addressing, we move the address upward as we propagate carries +; from the least significant word to the most significant. For +; big-wordian we move the address downward. + +; We use the following registers: +; +; r2 return PC, of course +; r26 = arg1 = length +; r25 = arg2 = address of scalar +; r24 = arg3 = multiplicand vector +; r23 = arg4 = result vector +; +; fr9 = scalar loaded once only from r25 + +; The cycle counts shown in the bodies below are simply the result of a +; scheduling by hand. The actual PCX-U hardware does it differently. +; The intention is that the overall speed is the same. + +; The pipeline startup and shutdown code is constructed in the usual way, +; by taking the loop bodies and removing unnecessary instructions. +; We have left the comments describing cycle numbers in the code. +; These are intended for reference when comparing with the main loop, +; and have no particular relationship to actual cycle numbers. + +#ifdef LITTLE_WORDIAN +maxpy_little +#else +maxpy_big +#endif + .PROC + .CALLINFO FRAME=120,ENTRY_GR=%r4 + .ENTER + +; Of course, real men don't use the sissy "enter" and "leave" commands. +; They write their own stack manipulation stuff. Unfortunately, +; that doesn't generate complete unwind info, whereas "enter" and +; "leave" (if the documentation is to be believed) do so. Therefore, +; we use the sissy commands. We have verified (by real-man methods) +; that the above command generates what we want: +; STW,MA %r3,128(%sp) +; STW %r4,-124(%sp) + + ADDIB,< -1,%r26,$L0 ; If N = 0, exit immediately. + FLDD 0(%r25),%fr9 ; fr9 = scalar + +; First startup + + FLDD 0(%r24),%fr24 ; Cycle 1 + XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3 + XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4 + XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5 + CMPIB,> 3,%r26,$N_IS_SMALL ; Pick out cases N = 1, 2, or 3 + XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6 + FLDD EIGHT(%r24),%fr28 ; Cycle 8 + XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10 + FSTD %fr24,-96(%sp) + XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11 + FSTD %fr25,-80(%sp) + LDO SIXTEEN(%r24),%r24 ; Cycle 12 + FSTD %fr31,-64(%sp) + XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13 + FSTD %fr27,-48(%sp) + +; Second startup + + XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1 + FSTD %fr30,-56(%sp) + FLDD 0(%r24),%fr24 + + FSTD %fr26,-88(%sp) ; Cycle 2 + + XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3 + FSTD %fr28,-104(%sp) + + XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4 + LDD -96(%sp),%r3 + FSTD %fr29,-72(%sp) + + XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5 + LDD -64(%sp),%r19 + LDD -80(%sp),%r21 + + XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6 + LDD -56(%sp),%r20 + ADD %r21,%r3,%r3 + + ADD,DC %r20,%r19,%r19 ; Cycle 7 + LDD -88(%sp),%r4 + SHRPD %r3,%r0,32,%r21 + LDD -48(%sp),%r1 + + FLDD EIGHT(%r24),%fr28 ; Cycle 8 + LDD -104(%sp),%r31 + ADD,DC %r0,%r0,%r20 + SHRPD %r19,%r3,32,%r3 + + LDD -72(%sp),%r29 ; Cycle 9 + SHRPD %r20,%r19,32,%r20 + ADD %r21,%r1,%r1 + + XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10 + ADD,DC %r3,%r4,%r4 + FSTD %fr24,-96(%sp) + + XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11 + ADD,DC %r0,%r20,%r20 + LDD 0(%r23),%r3 + FSTD %fr25,-80(%sp) + + LDO SIXTEEN(%r24),%r24 ; Cycle 12 + FSTD %fr31,-64(%sp) + + XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13 + ADD %r0,%r0,%r0 ; clear the carry bit + ADDIB,<= -4,%r26,$ENDLOOP ; actually happens in cycle 12 + FSTD %fr27,-48(%sp) +; MFCTL %cr16,%r21 ; for timing +; STD %r21,-112(%sp) + +; Here is the loop. + +$LOOP XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1 + ADD,DC %r29,%r4,%r4 + FSTD %fr30,-56(%sp) + FLDD 0(%r24),%fr24 + + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + ADD,DC %r0,%r20,%r20 + FSTD %fr26,-88(%sp) + + XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3 + ADD %r3,%r1,%r1 + FSTD %fr28,-104(%sp) + LDD UN_EIGHT(%r23),%r21 + + XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4 + ADD,DC %r21,%r4,%r28 + FSTD %fr29,-72(%sp) + LDD -96(%sp),%r3 + + XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5 + ADD,DC %r20,%r31,%r22 + LDD -64(%sp),%r19 + LDD -80(%sp),%r21 + + XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6 + ADD %r21,%r3,%r3 + LDD -56(%sp),%r20 + STD %r1,UN_SIXTEEN(%r23) + + ADD,DC %r20,%r19,%r19 ; Cycle 7 + SHRPD %r3,%r0,32,%r21 + LDD -88(%sp),%r4 + LDD -48(%sp),%r1 + + ADD,DC %r0,%r0,%r20 ; Cycle 8 + SHRPD %r19,%r3,32,%r3 + FLDD EIGHT(%r24),%fr28 + LDD -104(%sp),%r31 + + SHRPD %r20,%r19,32,%r20 ; Cycle 9 + ADD %r21,%r1,%r1 + STD %r28,UN_EIGHT(%r23) + LDD -72(%sp),%r29 + + XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10 + ADD,DC %r3,%r4,%r4 + FSTD %fr24,-96(%sp) + + XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11 + ADD,DC %r0,%r20,%r20 + FSTD %fr25,-80(%sp) + LDD 0(%r23),%r3 + + LDO SIXTEEN(%r24),%r24 ; Cycle 12 + FSTD %fr31,-64(%sp) + + XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13 + ADD %r22,%r1,%r1 + ADDIB,> -2,%r26,$LOOP ; actually happens in cycle 12 + FSTD %fr27,-48(%sp) + +$ENDLOOP + +; Shutdown code, first stage. + +; MFCTL %cr16,%r21 ; for timing +; STD %r21,UN_SIXTEEN(%r23) +; LDD -112(%sp),%r21 +; STD %r21,UN_EIGHT(%r23) + + XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1 + ADD,DC %r29,%r4,%r4 + CMPIB,= 0,%r26,$ONEMORE + FSTD %fr30,-56(%sp) + + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + ADD,DC %r0,%r20,%r20 + FSTD %fr26,-88(%sp) + + ADD %r3,%r1,%r1 ; Cycle 3 + FSTD %fr28,-104(%sp) + LDD UN_EIGHT(%r23),%r21 + + ADD,DC %r21,%r4,%r28 ; Cycle 4 + FSTD %fr29,-72(%sp) + STD %r28,UN_EIGHT(%r23) ; moved up from cycle 9 + LDD -96(%sp),%r3 + + ADD,DC %r20,%r31,%r22 ; Cycle 5 + STD %r1,UN_SIXTEEN(%r23) +$JOIN4 + LDD -64(%sp),%r19 + LDD -80(%sp),%r21 + + ADD %r21,%r3,%r3 ; Cycle 6 + LDD -56(%sp),%r20 + + ADD,DC %r20,%r19,%r19 ; Cycle 7 + SHRPD %r3,%r0,32,%r21 + LDD -88(%sp),%r4 + LDD -48(%sp),%r1 + + ADD,DC %r0,%r0,%r20 ; Cycle 8 + SHRPD %r19,%r3,32,%r3 + LDD -104(%sp),%r31 + + SHRPD %r20,%r19,32,%r20 ; Cycle 9 + ADD %r21,%r1,%r1 + LDD -72(%sp),%r29 + + ADD,DC %r3,%r4,%r4 ; Cycle 10 + + ADD,DC %r0,%r20,%r20 ; Cycle 11 + LDD 0(%r23),%r3 + + ADD %r22,%r1,%r1 ; Cycle 13 + +; Shutdown code, second stage. + + ADD,DC %r29,%r4,%r4 ; Cycle 1 + + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + ADD,DC %r0,%r20,%r20 + + LDD UN_EIGHT(%r23),%r21 ; Cycle 3 + ADD %r3,%r1,%r1 + + ADD,DC %r21,%r4,%r28 ; Cycle 4 + + ADD,DC %r20,%r31,%r22 ; Cycle 5 + + STD %r1,UN_SIXTEEN(%r23); Cycle 6 + + STD %r28,UN_EIGHT(%r23) ; Cycle 9 + + LDD 0(%r23),%r3 ; Cycle 11 + +; Shutdown code, third stage. + + LDO SIXTEEN(%r23),%r23 + ADD %r3,%r22,%r1 +$JOIN1 ADD,DC %r0,%r0,%r21 + CMPIB,*= 0,%r21,$L0 ; if no overflow, exit + STD %r1,UN_SIXTEEN(%r23) + +; Final carry propagation + +$FINAL1 LDO EIGHT(%r23),%r23 + LDD UN_SIXTEEN(%r23),%r21 + ADDI 1,%r21,%r21 + CMPIB,*= 0,%r21,$FINAL1 ; Keep looping if there is a carry. + STD %r21,UN_SIXTEEN(%r23) + B $L0 + NOP + +; Here is the code that handles the difficult cases N=1, N=2, and N=3. +; We do the usual trick -- branch out of the startup code at appropriate +; points, and branch into the shutdown code. + +$N_IS_SMALL + CMPIB,= 0,%r26,$N_IS_ONE + FSTD %fr24,-96(%sp) ; Cycle 10 + FLDD EIGHT(%r24),%fr28 ; Cycle 8 + XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10 + XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11 + FSTD %fr25,-80(%sp) + FSTD %fr31,-64(%sp) ; Cycle 12 + XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13 + FSTD %fr27,-48(%sp) + XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1 + CMPIB,= 2,%r26,$N_IS_THREE + FSTD %fr30,-56(%sp) + +; N = 2 + FSTD %fr26,-88(%sp) ; Cycle 2 + FSTD %fr28,-104(%sp) ; Cycle 3 + LDD -96(%sp),%r3 ; Cycle 4 + FSTD %fr29,-72(%sp) + B $JOIN4 + ADD %r0,%r0,%r22 + +$N_IS_THREE + FLDD SIXTEEN(%r24),%fr24 + FSTD %fr26,-88(%sp) ; Cycle 2 + XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3 + FSTD %fr28,-104(%sp) + XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4 + LDD -96(%sp),%r3 + FSTD %fr29,-72(%sp) + XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5 + LDD -64(%sp),%r19 + LDD -80(%sp),%r21 + B $JOIN3 + ADD %r0,%r0,%r22 + +$N_IS_ONE + FSTD %fr25,-80(%sp) + FSTD %fr27,-48(%sp) + FSTD %fr26,-88(%sp) ; Cycle 2 + B $JOIN5 + ADD %r0,%r0,%r22 + +; We came out of the unrolled loop with wrong parity. Do one more +; single cycle. This is quite tricky, because of the way the +; carry chains and SHRPD chains have been chopped up. + +$ONEMORE + + FLDD 0(%r24),%fr24 + + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + ADD,DC %r0,%r20,%r20 + FSTD %fr26,-88(%sp) + + XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3 + FSTD %fr28,-104(%sp) + LDD UN_EIGHT(%r23),%r21 + ADD %r3,%r1,%r1 + + XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4 + ADD,DC %r21,%r4,%r28 + STD %r28,UN_EIGHT(%r23) ; moved from cycle 9 + LDD -96(%sp),%r3 + FSTD %fr29,-72(%sp) + + XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5 + ADD,DC %r20,%r31,%r22 + LDD -64(%sp),%r19 + LDD -80(%sp),%r21 + + STD %r1,UN_SIXTEEN(%r23); Cycle 6 +$JOIN3 + XMPYU %fr9L,%fr24R,%fr24 + LDD -56(%sp),%r20 + ADD %r21,%r3,%r3 + + ADD,DC %r20,%r19,%r19 ; Cycle 7 + LDD -88(%sp),%r4 + SHRPD %r3,%r0,32,%r21 + LDD -48(%sp),%r1 + + LDD -104(%sp),%r31 ; Cycle 8 + ADD,DC %r0,%r0,%r20 + SHRPD %r19,%r3,32,%r3 + + LDD -72(%sp),%r29 ; Cycle 9 + SHRPD %r20,%r19,32,%r20 + ADD %r21,%r1,%r1 + + ADD,DC %r3,%r4,%r4 ; Cycle 10 + FSTD %fr24,-96(%sp) + + ADD,DC %r0,%r20,%r20 ; Cycle 11 + LDD 0(%r23),%r3 + FSTD %fr25,-80(%sp) + + ADD %r22,%r1,%r1 ; Cycle 13 + FSTD %fr27,-48(%sp) + +; Shutdown code, stage 1-1/2. + + ADD,DC %r29,%r4,%r4 ; Cycle 1 + + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + ADD,DC %r0,%r20,%r20 + FSTD %fr26,-88(%sp) + + LDD UN_EIGHT(%r23),%r21 ; Cycle 3 + ADD %r3,%r1,%r1 + + ADD,DC %r21,%r4,%r28 ; Cycle 4 + STD %r28,UN_EIGHT(%r23) ; moved from cycle 9 + + ADD,DC %r20,%r31,%r22 ; Cycle 5 + STD %r1,UN_SIXTEEN(%r23) +$JOIN5 + LDD -96(%sp),%r3 ; moved from cycle 4 + LDD -80(%sp),%r21 + ADD %r21,%r3,%r3 ; Cycle 6 + ADD,DC %r0,%r0,%r19 ; Cycle 7 + LDD -88(%sp),%r4 + SHRPD %r3,%r0,32,%r21 + LDD -48(%sp),%r1 + SHRPD %r19,%r3,32,%r3 ; Cycle 8 + ADD %r21,%r1,%r1 ; Cycle 9 + ADD,DC %r3,%r4,%r4 ; Cycle 10 + LDD 0(%r23),%r3 ; Cycle 11 + ADD %r22,%r1,%r1 ; Cycle 13 + +; Shutdown code, stage 2-1/2. + + ADD,DC %r0,%r4,%r4 ; Cycle 1 + LDO SIXTEEN(%r23),%r23 ; Cycle 2 + LDD UN_EIGHT(%r23),%r21 ; Cycle 3 + ADD %r3,%r1,%r1 + STD %r1,UN_SIXTEEN(%r23) + ADD,DC %r21,%r4,%r1 + B $JOIN1 + LDO EIGHT(%r23),%r23 + +; exit + +$L0 + .LEAVE + +; We have verified that the above command generates what we want: +; LDW -124(%sp),%r4 +; BVE (%r2) +; LDW,MB -128(%sp),%r3 + + .PROCEND + +; *************************************************************** +; +; add_diag_[little/big] +; +; *************************************************************** + +; The arguments are as follows: +; r2 return PC, of course +; r26 = arg1 = length +; r25 = arg2 = vector to square +; r24 = arg3 = result vector + +#ifdef LITTLE_WORDIAN +add_diag_little +#else +add_diag_big +#endif + .PROC + .CALLINFO FRAME=120,ENTRY_GR=%r4 + .ENTER + + ADDIB,< -1,%r26,$Z0 ; If N=0, exit immediately. + NOP + +; Startup code + + FLDD 0(%r25),%fr7 ; Cycle 2 (alternate body) + XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4 + XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5 + XMPYU %fr7L,%fr7L,%fr30 + LDO SIXTEEN(%r25),%r25 ; Cycle 6 + FSTD %fr29,-88(%sp) + FSTD %fr27,-72(%sp) ; Cycle 7 + CMPIB,= 0,%r26,$DIAG_N_IS_ONE ; Cycle 1 (main body) + FSTD %fr30,-96(%sp) + FLDD UN_EIGHT(%r25),%fr7 ; Cycle 2 + LDD -88(%sp),%r22 ; Cycle 3 + LDD -72(%sp),%r31 ; Cycle 4 + XMPYU %fr7R,%fr7R,%fr28 + XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5 + XMPYU %fr7L,%fr7L,%fr31 + LDD -96(%sp),%r20 ; Cycle 6 + FSTD %fr28,-80(%sp) + ADD %r0,%r0,%r0 ; clear the carry bit + ADDIB,<= -2,%r26,$ENDDIAGLOOP ; Cycle 7 + FSTD %fr24,-64(%sp) + +; Here is the loop. It is unrolled twice, modelled after the "alternate body" and then the "main body". + +$DIAGLOOP + SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body) + LDO SIXTEEN(%r25),%r25 + LDD 0(%r24),%r1 + FSTD %fr31,-104(%sp) + SHRPD %r0,%r31,31,%r4 ; Cycle 2 + ADD,DC %r22,%r3,%r3 + FLDD UN_SIXTEEN(%r25),%fr7 + ADD,DC %r0,%r20,%r20 ; Cycle 3 + ADD %r1,%r3,%r3 + XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4 + LDD -80(%sp),%r21 + STD %r3,0(%r24) + XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5 + XMPYU %fr7L,%fr7L,%fr30 + LDD -64(%sp),%r29 + LDD EIGHT(%r24),%r1 + ADD,DC %r4,%r20,%r20 ; Cycle 6 + LDD -104(%sp),%r19 + FSTD %fr29,-88(%sp) + ADD %r20,%r1,%r1 ; Cycle 7 + FSTD %fr27,-72(%sp) + SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body) + LDO THIRTY_TWO(%r24),%r24 + LDD UN_SIXTEEN(%r24),%r28 + FSTD %fr30,-96(%sp) + SHRPD %r0,%r29,31,%r3 ; Cycle 2 + ADD,DC %r21,%r4,%r4 + FLDD UN_EIGHT(%r25),%fr7 + STD %r1,UN_TWENTY_FOUR(%r24) + ADD,DC %r0,%r19,%r19 ; Cycle 3 + ADD %r28,%r4,%r4 + XMPYU %fr7R,%fr7R,%fr28 ; Cycle 4 + LDD -88(%sp),%r22 + STD %r4,UN_SIXTEEN(%r24) + XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5 + XMPYU %fr7L,%fr7L,%fr31 + LDD -72(%sp),%r31 + LDD UN_EIGHT(%r24),%r28 + ADD,DC %r3,%r19,%r19 ; Cycle 6 + LDD -96(%sp),%r20 + FSTD %fr28,-80(%sp) + ADD %r19,%r28,%r28 ; Cycle 7 + FSTD %fr24,-64(%sp) + ADDIB,> -2,%r26,$DIAGLOOP ; Cycle 8 + STD %r28,UN_EIGHT(%r24) + +$ENDDIAGLOOP + + ADD,DC %r0,%r22,%r22 + CMPIB,= 0,%r26,$ONEMOREDIAG + SHRPD %r31,%r0,31,%r3 + +; Shutdown code, first stage. + + FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body) + LDD 0(%r24),%r28 + SHRPD %r0,%r31,31,%r4 ; Cycle 2 + ADD %r3,%r22,%r3 + ADD,DC %r0,%r20,%r20 ; Cycle 3 + LDD -80(%sp),%r21 + ADD %r3,%r28,%r3 + LDD -64(%sp),%r29 ; Cycle 4 + STD %r3,0(%r24) + LDD EIGHT(%r24),%r1 ; Cycle 5 + LDO SIXTEEN(%r25),%r25 ; Cycle 6 + LDD -104(%sp),%r19 + ADD,DC %r4,%r20,%r20 + ADD %r20,%r1,%r1 ; Cycle 7 + ADD,DC %r0,%r21,%r21 ; Cycle 8 + STD %r1,EIGHT(%r24) + +; Shutdown code, second stage. + + SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body) + LDO THIRTY_TWO(%r24),%r24 + LDD UN_SIXTEEN(%r24),%r1 + SHRPD %r0,%r29,31,%r3 ; Cycle 2 + ADD %r4,%r21,%r4 + ADD,DC %r0,%r19,%r19 ; Cycle 3 + ADD %r4,%r1,%r4 + STD %r4,UN_SIXTEEN(%r24); Cycle 4 + LDD UN_EIGHT(%r24),%r28 ; Cycle 5 + ADD,DC %r3,%r19,%r19 ; Cycle 6 + ADD %r19,%r28,%r28 ; Cycle 7 + ADD,DC %r0,%r0,%r22 ; Cycle 8 + CMPIB,*= 0,%r22,$Z0 ; if no overflow, exit + STD %r28,UN_EIGHT(%r24) + +; Final carry propagation + +$FDIAG2 + LDO EIGHT(%r24),%r24 + LDD UN_EIGHT(%r24),%r26 + ADDI 1,%r26,%r26 + CMPIB,*= 0,%r26,$FDIAG2 ; Keep looping if there is a carry. + STD %r26,UN_EIGHT(%r24) + + B $Z0 + NOP + +; Here is the code that handles the difficult case N=1. +; We do the usual trick -- branch out of the startup code at appropriate +; points, and branch into the shutdown code. + +$DIAG_N_IS_ONE + + LDD -88(%sp),%r22 + LDD -72(%sp),%r31 + B $JOINDIAG + LDD -96(%sp),%r20 + +; We came out of the unrolled loop with wrong parity. Do one more +; single cycle. This is the "alternate body". It will, of course, +; give us opposite registers from the other case, so we need +; completely different shutdown code. + +$ONEMOREDIAG + FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body) + LDD 0(%r24),%r28 + FLDD 0(%r25),%fr7 ; Cycle 2 + SHRPD %r0,%r31,31,%r4 + ADD %r3,%r22,%r3 + ADD,DC %r0,%r20,%r20 ; Cycle 3 + LDD -80(%sp),%r21 + ADD %r3,%r28,%r3 + LDD -64(%sp),%r29 ; Cycle 4 + STD %r3,0(%r24) + XMPYU %fr7R,%fr7R,%fr29 + LDD EIGHT(%r24),%r1 ; Cycle 5 + XMPYU %fr7L,%fr7R,%fr27 + XMPYU %fr7L,%fr7L,%fr30 + LDD -104(%sp),%r19 ; Cycle 6 + FSTD %fr29,-88(%sp) + ADD,DC %r4,%r20,%r20 + FSTD %fr27,-72(%sp) ; Cycle 7 + ADD %r20,%r1,%r1 + ADD,DC %r0,%r21,%r21 ; Cycle 8 + STD %r1,EIGHT(%r24) + +; Shutdown code, first stage. + + SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body) + LDO THIRTY_TWO(%r24),%r24 + FSTD %fr30,-96(%sp) + LDD UN_SIXTEEN(%r24),%r1 + SHRPD %r0,%r29,31,%r3 ; Cycle 2 + ADD %r4,%r21,%r4 + ADD,DC %r0,%r19,%r19 ; Cycle 3 + LDD -88(%sp),%r22 + ADD %r4,%r1,%r4 + LDD -72(%sp),%r31 ; Cycle 4 + STD %r4,UN_SIXTEEN(%r24) + LDD UN_EIGHT(%r24),%r28 ; Cycle 5 + LDD -96(%sp),%r20 ; Cycle 6 + ADD,DC %r3,%r19,%r19 + ADD %r19,%r28,%r28 ; Cycle 7 + ADD,DC %r0,%r22,%r22 ; Cycle 8 + STD %r28,UN_EIGHT(%r24) + +; Shutdown code, second stage. + +$JOINDIAG + SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body) + LDD 0(%r24),%r28 + SHRPD %r0,%r31,31,%r4 ; Cycle 2 + ADD %r3,%r22,%r3 + ADD,DC %r0,%r20,%r20 ; Cycle 3 + ADD %r3,%r28,%r3 + STD %r3,0(%r24) ; Cycle 4 + LDD EIGHT(%r24),%r1 ; Cycle 5 + ADD,DC %r4,%r20,%r20 + ADD %r20,%r1,%r1 ; Cycle 7 + ADD,DC %r0,%r0,%r21 ; Cycle 8 + CMPIB,*= 0,%r21,$Z0 ; if no overflow, exit + STD %r1,EIGHT(%r24) + +; Final carry propagation + +$FDIAG1 + LDO EIGHT(%r24),%r24 + LDD EIGHT(%r24),%r26 + ADDI 1,%r26,%r26 + CMPIB,*= 0,%r26,$FDIAG1 ; Keep looping if there is a carry. + STD %r26,EIGHT(%r24) + +$Z0 + .LEAVE + .PROCEND +; .ALLOW + + .SPACE $TEXT$ + .SUBSPA $CODE$ +#ifdef LITTLE_WORDIAN + .EXPORT maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN + .EXPORT add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN +#else + .EXPORT maxpy_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN + .EXPORT add_diag_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN +#endif + .END + + +; How to use "maxpy_PA20_little" and "maxpy_PA20_big" +; +; The routine "maxpy_PA20_little" or "maxpy_PA20_big" +; performs a 64-bit x any-size multiply, and adds the +; result to an area of memory. That is, it performs +; something like +; +; A B C D +; * Z +; __________ +; P Q R S T +; +; and then adds the "PQRST" vector into an area of memory, +; handling all carries. +; +; Digression on nomenclature and endian-ness: +; +; Each of the capital letters in the above represents a 64-bit +; quantity. That is, you could think of the discussion as +; being in terms of radix-16-quintillion arithmetic. The data +; type being manipulated is "unsigned long long int". This +; requires the 64-bit extension of the HP-UX C compiler, +; available at release 10. You need these compiler flags to +; enable these extensions: +; +; -Aa +e +DA2.0 +DS2.0 +; +; (The first specifies ANSI C, the second enables the +; extensions, which are beyond ANSI C, and the third and +; fourth tell the compiler to use whatever features of the +; PA2.0 architecture it wishes, in order to made the code more +; efficient. Since the presence of the assembly code will +; make the program unable to run on anything less than PA2.0, +; you might as well gain the performance enhancements in the C +; code as well.) +; +; Questions of "endian-ness" often come up, usually in the +; context of byte ordering in a word. These routines have a +; similar issue, that could be called "wordian-ness". +; Independent of byte ordering (PA is always big-endian), one +; can make two choices when representing extremely large +; numbers as arrays of 64-bit doublewords in memory. +; +; "Little-wordian" layout means that the least significant +; word of a number is stored at the lowest address. +; +; MSW LSW +; | | +; V V +; +; A B C D E +; +; ^ ^ ^ +; | | |____ address 0 +; | | +; | |_______address 8 +; | +; address 32 +; +; "Big-wordian" means that the most significant word is at the +; lowest address. +; +; MSW LSW +; | | +; V V +; +; A B C D E +; +; ^ ^ ^ +; | | |____ address 32 +; | | +; | |_______address 24 +; | +; address 0 +; +; When you compile the file, you must specify one or the other, with +; a switch "-DLITTLE_WORDIAN" or "-DBIG_WORDIAN". +; +; Incidentally, you assemble this file as part of your +; project with the same C compiler as the rest of the program. +; My "makefile" for a superprecision arithmetic package has +; the following stuff: +; +; # definitions: +; CC = cc -Aa +e -z +DA2.0 +DS2.0 +w1 +; CFLAGS = +O3 +; LDFLAGS = -L /usr/lib -Wl,-aarchive +; +; # general build rule for ".s" files: +; .s.o: +; $(CC) $(CFLAGS) -c $< -DBIG_WORDIAN +; +; # Now any bind step that calls for pa20.o will assemble pa20.s +; +; End of digression, back to arithmetic: +; +; The way we multiply two huge numbers is, of course, to multiply +; the "ABCD" vector by each of the "WXYZ" doublewords, adding +; the result vectors with increasing offsets, the way we learned +; in school, back before we all used calculators: +; +; A B C D +; * W X Y Z +; __________ +; P Q R S T +; E F G H I +; M N O P Q +; + R S T U V +; _______________ +; F I N A L S U M +; +; So we call maxpy_PA20_big (in my case; my package is +; big-wordian) repeatedly, giving the W, X, Y, and Z arguments +; in turn as the "scalar", and giving the "ABCD" vector each +; time. We direct it to add its result into an area of memory +; that we have cleared at the start. We skew the exact +; location into that area with each call. +; +; The prototype for the function is +; +; extern void maxpy_PA20_big( +; int length, /* Number of doublewords in the multiplicand vector. */ +; const long long int *scalaraddr, /* Address to fetch the scalar. */ +; const long long int *multiplicand, /* The multiplicand vector. */ +; long long int *result); /* Where to accumulate the result. */ +; +; (You should place a copy of this prototype in an include file +; or in your C file.) +; +; Now, IN ALL CASES, the given address for the multiplicand or +; the result is that of the LEAST SIGNIFICANT DOUBLEWORD. +; That word is, of course, the word at which the routine +; starts processing. "maxpy_PA20_little" then increases the +; addresses as it computes. "maxpy_PA20_big" decreases them. +; +; In our example above, "length" would be 4 in each case. +; "multiplicand" would be the "ABCD" vector. Specifically, +; the address of the element "D". "scalaraddr" would be the +; address of "W", "X", "Y", or "Z" on the four calls that we +; would make. (The order doesn't matter, of course.) +; "result" would be the appropriate address in the result +; area. When multiplying by "Z", that would be the least +; significant word. When multiplying by "Y", it would be the +; next higher word (8 bytes higher if little-wordian; 8 bytes +; lower if big-wordian), and so on. The size of the result +; area must be the the sum of the sizes of the multiplicand +; and multiplier vectors, and must be initialized to zero +; before we start. +; +; Whenever the routine adds its partial product into the result +; vector, it follows carry chains as far as they need to go. +; +; Here is the super-precision multiply routine that I use for +; my package. The package is big-wordian. I have taken out +; handling of exponents (it's a floating point package): +; +; static void mul_PA20( +; int size, +; const long long int *arg1, +; const long long int *arg2, +; long long int *result) +; { +; int i; +; +; for (i=0 ; i<2*size ; i++) result[i] = 0ULL; +; +; for (i=0 ; i<size ; i++) { +; maxpy_PA20_big(size, &arg2[i], &arg1[size-1], &result[size+i]); +; } +; } diff --git a/security/nss/lib/freebl/mpi/hppatch.adb b/security/nss/lib/freebl/mpi/hppatch.adb new file mode 100644 index 000000000..7b7aaef76 --- /dev/null +++ b/security/nss/lib/freebl/mpi/hppatch.adb @@ -0,0 +1,49 @@ +#/bin/sh +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is script to change the system id in an object file +# from PA-RISC 2.0 to 1.1. +# +# The Initial Developer of the Original Code is Hewlett-Packard Company. +# Portions created by Hewlett-Packard Company are +# Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved. +# +# Contributor(s): +# wrapped by Dennis Handly on Tue Mar 23 15:23:43 1999 +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. + +# script to change the system id in an object file from PA-RISC 2.0 to 1.1 + +adb -w $1 << EOF +?m 0 -1 0 +0x0?X +0x0?W (@0x0&~0x40000)|(~@0x0&0x40000) + +0?"change checksum" +0x7c?X +0x7c?W (@0x7c&~0x40000)|(~@0x7c&0x40000) +$q +EOF + +exit 0 + diff --git a/security/nss/lib/freebl/mpi/logtab.h b/security/nss/lib/freebl/mpi/logtab.h new file mode 100644 index 000000000..6f28be96f --- /dev/null +++ b/security/nss/lib/freebl/mpi/logtab.h @@ -0,0 +1,59 @@ +/* + * logtab.h + * + * Arbitrary precision integer arithmetic library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +const float s_logv_2[] = { + 0.000000000f, 0.000000000f, 1.000000000f, 0.630929754f, /* 0 1 2 3 */ + 0.500000000f, 0.430676558f, 0.386852807f, 0.356207187f, /* 4 5 6 7 */ + 0.333333333f, 0.315464877f, 0.301029996f, 0.289064826f, /* 8 9 10 11 */ + 0.278942946f, 0.270238154f, 0.262649535f, 0.255958025f, /* 12 13 14 15 */ + 0.250000000f, 0.244650542f, 0.239812467f, 0.235408913f, /* 16 17 18 19 */ + 0.231378213f, 0.227670249f, 0.224243824f, 0.221064729f, /* 20 21 22 23 */ + 0.218104292f, 0.215338279f, 0.212746054f, 0.210309918f, /* 24 25 26 27 */ + 0.208014598f, 0.205846832f, 0.203795047f, 0.201849087f, /* 28 29 30 31 */ + 0.200000000f, 0.198239863f, 0.196561632f, 0.194959022f, /* 32 33 34 35 */ + 0.193426404f, 0.191958720f, 0.190551412f, 0.189200360f, /* 36 37 38 39 */ + 0.187901825f, 0.186652411f, 0.185449023f, 0.184288833f, /* 40 41 42 43 */ + 0.183169251f, 0.182087900f, 0.181042597f, 0.180031327f, /* 44 45 46 47 */ + 0.179052232f, 0.178103594f, 0.177183820f, 0.176291434f, /* 48 49 50 51 */ + 0.175425064f, 0.174583430f, 0.173765343f, 0.172969690f, /* 52 53 54 55 */ + 0.172195434f, 0.171441601f, 0.170707280f, 0.169991616f, /* 56 57 58 59 */ + 0.169293808f, 0.168613099f, 0.167948779f, 0.167300179f, /* 60 61 62 63 */ + 0.166666667f +}; + diff --git a/security/nss/lib/freebl/mpi/make-logtab b/security/nss/lib/freebl/mpi/make-logtab new file mode 100755 index 000000000..0ed950c70 --- /dev/null +++ b/security/nss/lib/freebl/mpi/make-logtab @@ -0,0 +1,60 @@ +#!/usr/linguist/bin/perl + +# +# make-logtab +# +# Generate a table of logarithms of 2 in various bases, for use in +# estimating the output sizes of various bases. +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +# +# $Id$ + +$ARRAYNAME = $ENV{'ARRAYNAME'} || "s_logv_2"; +$ARRAYTYPE = $ENV{'ARRAYTYPE'} || "float"; + +printf("const %s %s[] = {\n %0.9ff, %0.9ff, ", + $ARRAYTYPE, $ARRAYNAME, 0, 0); +$brk = 2; +for($ix = 2; $ix < 64; $ix++) { + printf("%0.9ff, ", (log(2)/log($ix))); + $brk = ($brk + 1) & 3; + if(!$brk) { + printf(" /* %2d %2d %2d %2d */\n ", + $ix - 3, $ix - 2, $ix - 1, $ix); + } +} +printf("%0.9ff\n};\n\n", (log(2)/log($ix))); + +exit 0; diff --git a/security/nss/lib/freebl/mpi/make-test-arrays b/security/nss/lib/freebl/mpi/make-test-arrays new file mode 100755 index 000000000..a55bf3a1e --- /dev/null +++ b/security/nss/lib/freebl/mpi/make-test-arrays @@ -0,0 +1,129 @@ +#!/usr/linguist/bin/perl + +# +# make-test-arrays +# +# Given a test-arrays file, which specifies the test suite names, the +# names of the functions which perform those test suites, and +# descriptive comments, this script generates C structures for the +# mpi-test program. The input consists of lines of the form: +# +# suite-name:function-name:comment +# +# The output is written to the standard output. Blank lines are +# ignored, and comments beginning with '#' are stripped. +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# + +# Read parameters from the environment, if available +$NAMEVAR = $ENV{'NAMEVAR'} || "g_names"; +$COUNTVAR = $ENV{'COUNTVAR'} || "g_count"; +$FUNCVAR = $ENV{'FUNCVAR'} || "g_tests"; +$DESCVAR = $ENV{'DESCVAR'} || "g_descs"; +$FUNCLEN = 13; +$NAMELEN = 18; +$DESCLEN = 45; + +#------------------------------------------------------------------------ +# Suck in input from the files on the command line, or standard input +while(<>) { + chomp; + s/\#.*$//; + next if /^\s*$/; + + ($suite, $func, $desc) = split(/:/, $_); + + $tmp = { "suite" => $suite, + "func" => $func, + "desc" => $desc }; + + push(@item, $tmp); +} +$count = scalar(@item); +$last = pop(@item); + +#------------------------------------------------------------------------ +# Output the table of names +print "/* Table mapping test suite names to index numbers */\n"; +printf("const int %s = %d;\n", $COUNTVAR, $count); +printf("const char *%s[] = {\n", $NAMEVAR); + +foreach $elt (@item) { + printf(" \"%s\",%s/* %s%s */\n", $elt->{"suite"}, + " " x ($NAMELEN - length($elt->{"suite"})), + $elt->{"desc"}, + " " x ($DESCLEN - length($elt->{"desc"}))); +} +printf(" \"%s\" %s/* %s%s */\n", $last->{"suite"}, + " " x ($NAMELEN - length($last->{"suite"})), + $last->{"desc"}, + " " x ($DESCLEN - length($last->{"desc"}))); +print "};\n\n"; + +#------------------------------------------------------------------------ +# Output the driver function prototypes +print "/* Test function prototypes */\n"; +foreach $elt (@item, $last) { + printf("int %s(void);\n", $elt->{"func"}); +} +print "\n"; + +#------------------------------------------------------------------------ +# Output the table of functions +print "/* Table mapping index numbers to functions */\n"; +printf("int (*%s[])(void) = {\n ", $FUNCVAR); +$brk = 0; + +foreach $elt (@item) { + print($elt->{"func"}, ", ", + " " x ($FUNCLEN - length($elt->{"func"}))); + $brk = ($brk + 1) & 3; + print "\n " unless($brk); +} +print $last->{"func"}, "\n};\n\n"; + +#------------------------------------------------------------------------ +# Output the table of descriptions +print "/* Table mapping index numbers to descriptions */\n"; +printf("const char *%s[] = {\n", $DESCVAR); + +foreach $elt (@item) { + printf(" \"%s\",\n", $elt->{"desc"}); +} +printf(" \"%s\"\n};\n\n", $last->{"desc"}); + +exit 0; + diff --git a/security/nss/lib/freebl/mpi/mdxptest.c b/security/nss/lib/freebl/mpi/mdxptest.c new file mode 100644 index 000000000..61d02e9a9 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mdxptest.c @@ -0,0 +1,339 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <malloc.h> +#include <time.h> +#include "mpi.h" +#include "mpi-priv.h" + +/* #define OLD_WAY 1 */ + +/* This key is the 1024-bit test key used for speed testing of RSA private +** key ops. +*/ + +#define CONST const + +static CONST unsigned char default_n[128] = { +0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1, +0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39, +0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae, +0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8, +0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62, +0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8, +0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b, +0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17 +}; + +static CONST unsigned char default_d[128] = { +0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80, +0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e, +0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94, +0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d, +0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0, +0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20, +0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee, +0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01 +}; + + +#define DEFAULT_ITERS 50 + +typedef clock_t timetype; +#define gettime(x) *(x) = clock() +#define subtime(a, b) a -= b +#define msec(x) ((clock_t)((double)x * 1000.0 / CLOCKS_PER_SEC)) +#define sec(x) (x / CLOCKS_PER_SEC) + +struct TimingContextStr { + timetype start; + timetype end; + timetype interval; + + int minutes; + int seconds; + int millisecs; +}; + +typedef struct TimingContextStr TimingContext; + +TimingContext *CreateTimingContext(void) +{ + return (TimingContext *)malloc(sizeof(TimingContext)); +} + +void DestroyTimingContext(TimingContext *ctx) +{ + free(ctx); +} + +void TimingBegin(TimingContext *ctx) +{ + gettime(&ctx->start); +} + +static void timingUpdate(TimingContext *ctx) +{ + + ctx->millisecs = msec(ctx->interval) % 1000; + ctx->seconds = sec(ctx->interval); + ctx->minutes = ctx->seconds / 60; + ctx->seconds %= 60; + +} + +void TimingEnd(TimingContext *ctx) +{ + gettime(&ctx->end); + ctx->interval = ctx->end; + subtime(ctx->interval, ctx->start); + timingUpdate(ctx); +} + +char *TimingGenerateString(TimingContext *ctx) +{ + static char sBuf[4096]; + + sprintf(sBuf, "%d minutes, %d.%03d seconds", ctx->minutes, + ctx->seconds, ctx->millisecs); + return sBuf; +} + +static void +dumpBytes( unsigned char * b, int l) +{ + int i; + if (l <= 0) + return; + for (i = 0; i < l; ++i) { + if (i % 16 == 0) + printf("\t"); + printf(" %02x", b[i]); + if (i % 16 == 15) + printf("\n"); + } + if ((i % 16) != 0) + printf("\n"); + printf("\n"); +} + +static mp_err +testNewFuncs(const unsigned char * modulusBytes, int modulus_len) +{ + mp_err mperr = MP_OKAY; + mp_int modulus; + unsigned char buf[512]; + + mperr = mp_init(&modulus); + mperr = mp_read_unsigned_octets(&modulus, modulusBytes, modulus_len ); + mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len); + mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+1); + mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+4); + mperr = mp_to_unsigned_octets(&modulus, buf, modulus_len); + mperr = mp_to_signed_octets(&modulus, buf, modulus_len + 1); + mp_clear(&modulus); + return mperr; +} + +int +testModExp( const unsigned char * modulusBytes, + const unsigned int expo, + const unsigned char * input, + unsigned char * output, + int modulus_len) +{ + mp_err mperr = MP_OKAY; + mp_int modulus; + mp_int base; + mp_int exponent; + mp_int result; + + mperr = mp_init(&modulus); + mperr += mp_init(&base); + mperr += mp_init(&exponent); + mperr += mp_init(&result); + /* we initialize all mp_ints unconditionally, even if some fail. + ** This guarantees that the DIGITS pointer is valid (even if null). + ** So, mp_clear will do the right thing below. + */ + if (mperr == MP_OKAY) { + mperr = mp_read_unsigned_octets(&modulus, + modulusBytes + (sizeof default_n - modulus_len), modulus_len ); + mperr += mp_read_unsigned_octets(&base, input, modulus_len ); + mp_set(&exponent, expo); + if (mperr == MP_OKAY) { +#if OLD_WAY + mperr = s_mp_exptmod(&base, &exponent, &modulus, &result); +#else + mperr = mp_exptmod(&base, &exponent, &modulus, &result); +#endif + if (mperr == MP_OKAY) { + mperr = mp_to_fixlen_octets(&result, output, modulus_len); + } + } + } + mp_clear(&base); + mp_clear(&result); + + mp_clear(&modulus); + mp_clear(&exponent); + + return (int)mperr; +} + +int +doModExp( const unsigned char * modulusBytes, + const unsigned char * exponentBytes, + const unsigned char * input, + unsigned char * output, + int modulus_len) +{ + mp_err mperr = MP_OKAY; + mp_int modulus; + mp_int base; + mp_int exponent; + mp_int result; + + mperr = mp_init(&modulus); + mperr += mp_init(&base); + mperr += mp_init(&exponent); + mperr += mp_init(&result); + /* we initialize all mp_ints unconditionally, even if some fail. + ** This guarantees that the DIGITS pointer is valid (even if null). + ** So, mp_clear will do the right thing below. + */ + if (mperr == MP_OKAY) { + mperr = mp_read_unsigned_octets(&modulus, + modulusBytes + (sizeof default_n - modulus_len), modulus_len ); + mperr += mp_read_unsigned_octets(&exponent, exponentBytes, modulus_len ); + mperr += mp_read_unsigned_octets(&base, input, modulus_len ); + if (mperr == MP_OKAY) { +#if OLD_WAY + mperr = s_mp_exptmod(&base, &exponent, &modulus, &result); +#else + mperr = mp_exptmod(&base, &exponent, &modulus, &result); +#endif + if (mperr == MP_OKAY) { + mperr = mp_to_fixlen_octets(&result, output, modulus_len); + } + } + } + mp_clear(&base); + mp_clear(&result); + + mp_clear(&modulus); + mp_clear(&exponent); + + return (int)mperr; +} + +int +main(int argc, char **argv) +{ + TimingContext * timeCtx; + char * progName; + long iters = DEFAULT_ITERS; + unsigned int modulus_len; + int i; + int rv; + unsigned char buf [1024]; + unsigned char buf2[1024]; + + progName = strrchr(argv[0], '/'); + if (!progName) + progName = strrchr(argv[0], '\\'); + progName = progName ? progName+1 : argv[0]; + + if (argc >= 2) { + iters = atol(argv[1]); + } + + if (argc >= 3) { + modulus_len = atol(argv[2]); + } else + modulus_len = sizeof default_n; + + /* no library init function !? */ + + memset(buf, 0x41, sizeof buf); + + if (iters < 2) { + testNewFuncs( default_n, modulus_len); + testNewFuncs( default_n+1, modulus_len - 1); + testNewFuncs( default_n+2, modulus_len - 2); + testNewFuncs( default_n+3, modulus_len - 3); + + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + rv = testModExp(default_n, 0, buf, buf2, modulus_len); + dumpBytes((unsigned char *)buf2, modulus_len); + + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + rv = testModExp(default_n, 1, buf, buf2, modulus_len); + dumpBytes((unsigned char *)buf2, modulus_len); + + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + rv = testModExp(default_n, 2, buf, buf2, modulus_len); + dumpBytes((unsigned char *)buf2, modulus_len); + + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + rv = testModExp(default_n, 3, buf, buf2, modulus_len); + dumpBytes((unsigned char *)buf2, modulus_len); + } + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + rv = doModExp(default_n, default_d, buf, buf2, modulus_len); + if (rv != 0) { + fprintf(stderr, "Error in modexp operation:\n"); + exit(1); + } + dumpBytes((unsigned char *)buf2, modulus_len); + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + + timeCtx = CreateTimingContext(); + TimingBegin(timeCtx); + i = iters; + while (i--) { + rv = doModExp(default_n, default_d, buf, buf2, modulus_len); + if (rv != 0) { + fprintf(stderr, "Error in modexp operation\n"); + exit(1); + } + } + TimingEnd(timeCtx); + printf("%ld iterations in %s\n", iters, TimingGenerateString(timeCtx)); + printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/montmulf.c b/security/nss/lib/freebl/mpi/montmulf.c new file mode 100644 index 000000000..2cf0825f8 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulf.c @@ -0,0 +1,326 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is SPARC optimized Montgomery multiply functions. + * + * The Initial Developer of the Original Code is Sun Microsystems Inc. + * Portions created by Sun Microsystems Inc. are + * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifdef SOLARIS +#define RF_INLINE_MACROS 1 +#endif + +static const double TwoTo16=65536.0; +static const double TwoToMinus16=1.0/65536.0; +static const double Zero=0.0; +static const double TwoTo32=65536.0*65536.0; +static const double TwoToMinus32=1.0/(65536.0*65536.0); + +#ifdef RF_INLINE_MACROS + +double upper32(double); +double lower32(double, double); +double mod(double, double, double); + +void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, + const double * /* 2^16*/, + const double * /* 0 */, + double * /*result16*/, + double * /* result32 */, + float * /*source - should be unsigned int* + converted to float* */); + +#else +#ifdef MP_USE_FLOOR +#include <math.h> +#else +#define floor(d) ((double)((unsigned long long)(d))) +#endif + +static double upper32(double x) +{ + return floor(x*TwoToMinus32); +} + +static double lower32(double x, double y) +{ + return x-TwoTo32*floor(x*TwoToMinus32); +} + +static double mod(double x, double oneoverm, double m) +{ + return x-m*floor(x*oneoverm); +} + +#endif + + +static void cleanup(double *dt, int from, int tlen) +{ + int i; + double tmp,tmp1,x,x1; + + tmp=tmp1=Zero; + /* original code ** + for(i=2*from;i<2*tlen-2;i++) + { + x=dt[i]; + dt[i]=lower32(x,Zero)+tmp1; + tmp1=tmp; + tmp=upper32(x); + } + dt[tlen-2]+=tmp1; + dt[tlen-1]+=tmp; + **end original code ***/ + /* new code ***/ + for(i=2*from;i<2*tlen;i+=2) + { + x=dt[i]; + x1=dt[i+1]; + dt[i]=lower32(x,Zero)+tmp; + dt[i+1]=lower32(x1,Zero)+tmp1; + tmp=upper32(x); + tmp1=upper32(x1); + } + /** end new code **/ +} + + +void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen) +{ +int i; +long long t, t1, a, b, c, d; + + t1=0; + a=(long long)d16[0]; + b=(long long)d16[1]; + for(i=0; i<ilen-1; i++) + { + c=(long long)d16[2*i+2]; + t1+=(unsigned int)a; + t=(a>>32); + d=(long long)d16[2*i+3]; + t1+=(b&0xffff)<<16; + t+=(b>>16)+(t1>>32); + i32[i]=(unsigned int)t1; + t1=t; + a=c; + b=d; + } + t1+=(unsigned int)a; + t=(a>>32); + t1+=(b&0xffff)<<16; + i32[i]=(unsigned int)t1; +} + +void conv_i32_to_d32(double *d32, unsigned int *i32, int len) +{ +int i; + +#pragma pipeloop(0) + for(i=0;i<len;i++) d32[i]=(double)(i32[i]); +} + + +void conv_i32_to_d16(double *d16, unsigned int *i32, int len) +{ +int i; +unsigned int a; + +#pragma pipeloop(0) + for(i=0;i<len;i++) + { + a=i32[i]; + d16[2*i]=(double)(a&0xffff); + d16[2*i+1]=(double)(a>>16); + } +} + + +void conv_i32_to_d32_and_d16(double *d32, double *d16, + unsigned int *i32, int len) +{ +int i = 0; +unsigned int a; + +#pragma pipeloop(0) +#ifdef RF_INLINE_MACROS + for(;i<len-3;i+=4) + { + i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero, + &(d16[2*i]), &(d32[i]), (float *)(&(i32[i]))); + } +#endif + for(;i<len;i++) + { + a=i32[i]; + d32[i]=(double)(i32[i]); + d16[2*i]=(double)(a&0xffff); + d16[2*i+1]=(double)(a>>16); + } +} + + +void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len) +{ +long long acc; +int i; + + if(i32[len]>0) i=-1; + else + { + for(i=len-1; i>=0; i--) + { + if(i32[i]!=nint[i]) break; + } + } + if((i<0)||(i32[i]>nint[i])) + { + acc=0; + for(i=0;i<len;i++) + { + acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]); + i32[i]=(unsigned int)acc; + acc=acc>>32; + } + } +} + + + + +/* +** the lengths of the input arrays should be at least the following: +** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen] +** all of them should be different from one another +** +*/ +void mont_mulf_noconv(unsigned int *result, + double *dm1, double *dm2, double *dt, + double *dn, unsigned int *nint, + int nlen, double dn0) +{ + int i, j, jj; + int tmp; + double digit, m2j, nextm2j, a, b; + double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0; + + pdm1=&(dm1[0]); + pdm2=&(dm2[0]); + pdn=&(dn[0]); + pdm2[2*nlen]=Zero; + + if (nlen!=16) + { + for(i=0;i<4*nlen+2;i++) dt[i]=Zero; + + a=dt[0]=pdm1[0]*pdm2[0]; + digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); + + pdtj=&(dt[0]); + for(j=jj=0;j<2*nlen;j++,jj++,pdtj++) + { + m2j=pdm2[j]; + a=pdtj[0]+pdn[0]*digit; + b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16; + pdtj[1]=b; + +#pragma pipeloop(0) + for(i=1;i<nlen;i++) + { + pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; + } + if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;} + + digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); + } + } + else + { + a=dt[0]=pdm1[0]*pdm2[0]; + + dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]= + dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]= + dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]= + dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]= + dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]= + dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]= + dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]= + dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]= + dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]= + dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]= + dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero; + + pdn_0=pdn[0]; + pdm1_0=pdm1[0]; + + digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); + pdtj=&(dt[0]); + + for(j=0;j<32;j++,pdtj++) + { + + m2j=pdm2[j]; + a=pdtj[0]+pdn_0*digit; + b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16; + pdtj[1]=b; + + /**** this loop will be fully unrolled: + for(i=1;i<16;i++) + { + pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; + } + *************************************/ + pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit; + pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit; + pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit; + pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit; + pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit; + pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit; + pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit; + pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit; + pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit; + pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit; + pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit; + pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit; + pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit; + pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit; + pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit; + /* no need for cleenup, cannot overflow */ + digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); + } + } + + conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1); + + adjust_montf_result(result,nint,nlen); + +} + diff --git a/security/nss/lib/freebl/mpi/montmulf.h b/security/nss/lib/freebl/mpi/montmulf.h new file mode 100644 index 000000000..5fd5dd4e3 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulf.h @@ -0,0 +1,100 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is interface file for SPARC Montgomery multiply functions. + * + * The Initial Developer of the Original Code is Sun Microsystems Inc. + * Portions created by Sun Microsystems Inc. are + * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +/* The functions that are to be called from outside of the .s file have the + * following interfaces and array size requirements: + */ + + +void conv_i32_to_d32(double *d32, unsigned int *i32, int len); + +/* Converts an array of int's to an array of doubles, so that each double + * corresponds to an int. len is the number of items converted. + * Does not allocate the output array. + * The pointers d32 and i32 should point to arrays of size at least len + * (doubles and unsigned ints, respectively) + */ + + +void conv_i32_to_d16(double *d16, unsigned int *i32, int len); + +/* Converts an array of int's to an array of doubles so that each element + * of the int array is converted to a pair of doubles, the first one + * corresponding to the lower (least significant) 16 bits of the int and + * the second one corresponding to the upper (most significant) 16 bits of + * the 32-bit int. len is the number of ints converted. + * Does not allocate the output array. + * The pointer d16 should point to an array of doubles of size at least + * 2*len and i32 should point an array of ints of size at least len + */ + + +void conv_i32_to_d32_and_d16(double *d32, double *d16, + unsigned int *i32, int len); + +/* Does the above two conversions together, it is much faster than doing + * both of those in succession + */ + + +void mont_mulf_noconv(unsigned int *result, + double *dm1, double *dm2, double *dt, + double *dn, unsigned int *nint, + int nlen, double dn0); + +/* Does the Montgomery multiplication of the numbers stored in the arrays + * pointed to by dm1 and dm2, writing the result to the array pointed to by + * result. It uses the array pointed to by dt as a temporary work area. + * nint should point to the modulus in the array-of-integers representation, + * dn should point to its array-of-doubles as obtained as a result of the + * function call conv_i32_to_d32(dn, nint, nlen); + * nlen is the length of the array containing the modulus. + * The representation used for dm1 is the one that is a result of the function + * call conv_i32_to_d32(dm1, m1, nlen), the representation for dm2 is the + * result of the function call conv_i32_to_d16(dm2, m2, nlen). + * Note that m1 and m2 should both be of length nlen, so they should be + * padded with 0's if necessary before the conversion. The result comes in + * this form (int representation, padded with 0's). + * dn0 is the value of the 16 least significant bits of n0'. + * The function does not allocate memory for any of the arrays, so the + * pointers should point to arrays with the following minimal sizes: + * result - nlen+1 + * dm1 - nlen + * dm2 - 2*nlen+1 ( the +1 is necessary for technical reasons ) + * dt - 4*nlen+2 + * dn - nlen + * nint - nlen + * No two arrays should point to overlapping areas of memory. + */ diff --git a/security/nss/lib/freebl/mpi/montmulf.il b/security/nss/lib/freebl/mpi/montmulf.il new file mode 100644 index 000000000..b3dd734b6 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulf.il @@ -0,0 +1,137 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is inline macros for SPARC Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + +! +! double upper32(double /*frs1*/); +! + .inline upper32,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f10 + + fdtox %f10,%f10 + fitod %f10,%f0 + .end + +! +! double lower32(double /*frs1*/, double /* Zero */); +! + .inline lower32,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f10 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f12 + + fdtox %f10,%f10 + fmovs %f12,%f10 + fxtod %f10,%f0 + .end + +! +! double mod(double /*x*/, double /*1/m*/, double /*m*/); +! + .inline mod,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f2 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o4,[%sp+0x48] + ldd [%sp+0x48],%f6 + + fmuld %f2,%f4,%f4 + fdtox %f4,%f4 + fxtod %f4,%f4 + fmuld %f4,%f6,%f4 + fsubd %f2,%f4,%f0 + .end + + +! +! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/, +! double * /* 0 */, +! double * /*result16*/, double * /* result32 */ +! float * /*source - should be unsigned int* +! converted to float* */); +! + .inline i16_to_d16_and_d32x4,24 + ldd [%o0],%f2 ! 1/(2^16) + ldd [%o1],%f4 ! 2^16 + ldd [%o2],%f22 + + fmovd %f22,%f6 + ld [%o5],%f7 + fmovd %f22,%f10 + ld [%o5+4],%f11 + fmovd %f22,%f14 + ld [%o5+8],%f15 + fmovd %f22,%f18 + ld [%o5+12],%f19 + fxtod %f6,%f6 + std %f6,[%o4] + fxtod %f10,%f10 + std %f10,[%o4+8] + fxtod %f14,%f14 + std %f14,[%o4+16] + fxtod %f18,%f18 + std %f18,[%o4+24] + fmuld %f2,%f6,%f8 + fmuld %f2,%f10,%f12 + fmuld %f2,%f14,%f16 + fmuld %f2,%f18,%f20 + fdtox %f8,%f8 + fdtox %f12,%f12 + fdtox %f16,%f16 + fdtox %f20,%f20 + fxtod %f8,%f8 + std %f8,[%o3+8] + fxtod %f12,%f12 + std %f12,[%o3+24] + fxtod %f16,%f16 + std %f16,[%o3+40] + fxtod %f20,%f20 + std %f20,[%o3+56] + fmuld %f8,%f4,%f8 + fmuld %f12,%f4,%f12 + fmuld %f16,%f4,%f16 + fmuld %f20,%f4,%f20 + fsubd %f6,%f8,%f8 + std %f8,[%o3] + fsubd %f10,%f12,%f12 + std %f12,[%o3+16] + fsubd %f14,%f16,%f16 + std %f16,[%o3+32] + fsubd %f18,%f20,%f20 + std %f20,[%o3+48] + .end + + diff --git a/security/nss/lib/freebl/mpi/montmulf.s b/security/nss/lib/freebl/mpi/montmulf.s new file mode 100644 index 000000000..cdb5d376e --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulf.s @@ -0,0 +1,1967 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is SPARC hand-optimized Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + + .section ".text",#alloc,#execinstr + .file "montmulf.c" + + .section ".data",#alloc,#write + .align 8 +TwoTo16: /* frequency 1.0 confidence 0.0 */ + .word 1089470464 + .word 0 + .type TwoTo16,#object + .size TwoTo16,8 +TwoToMinus16: /* frequency 1.0 confidence 0.0 */ + .word 1055916032 + .word 0 + .type TwoToMinus16,#object + .size TwoToMinus16,8 +Zero: /* frequency 1.0 confidence 0.0 */ + .word 0 + .word 0 + .type Zero,#object + .size Zero,8 +TwoTo32: /* frequency 1.0 confidence 0.0 */ + .word 1106247680 + .word 0 + .type TwoTo32,#object + .size TwoTo32,8 +TwoToMinus32: /* frequency 1.0 confidence 0.0 */ + .word 1039138816 + .word 0 + .type TwoToMinus32,#object + .size TwoToMinus32,8 + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 4 +! +! SUBROUTINE cleanup +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global cleanup + cleanup: /* frequency 1.0 confidence 0.0 */ +! FILE montmulf.c + +! 1 !#define RF_INLINE_MACROS +! 3 !static double TwoTo16=65536.0; +! 4 !static double TwoToMinus16=1.0/65536.0; +! 5 !static double Zero=0.0; +! 6 !static double TwoTo32=65536.0*65536.0; +! 7 !static double TwoToMinus32=1.0/(65536.0*65536.0); +! 9 !#ifdef RF_INLINE_MACROS +! 11 !double upper32(double); +! 12 !double lower32(double, double); +! 13 !double mod(double, double, double); +! 15 !#else +! 17 !static double upper32(double x) +! 18 !{ +! 19 ! return floor(x*TwoToMinus32); +! 20 !} +! 22 !static double lower32(double x, double y) +! 23 !{ +! 24 ! return x-TwoTo32*floor(x*TwoToMinus32); +! 25 !} +! 27 !static double mod(double x, double oneoverm, double m) +! 28 !{ +! 29 ! return x-m*floor(x*oneoverm); +! 30 !} +! 32 !#endif +! 35 !void cleanup(double *dt, int from, int tlen) +! 36 !{ +! 37 ! int i; +! 38 ! double tmp,tmp1,x,x1; +! 40 ! tmp=tmp1=Zero; + +/* 000000 40 ( 0 1) */ sethi %hi(Zero),%g2 + +! 41 ! /* original code ** +! 42 ! for(i=2*from;i<2*tlen-2;i++) +! 43 ! { +! 44 ! x=dt[i]; +! 45 ! dt[i]=lower32(x,Zero)+tmp1; +! 46 ! tmp1=tmp; +! 47 ! tmp=upper32(x); +! 48 ! } +! 49 ! dt[tlen-2]+=tmp1; +! 50 ! dt[tlen-1]+=tmp; +! 51 ! **end original code ***/ +! 52 ! /* new code ***/ +! 53 ! for(i=2*from;i<2*tlen;i+=2) + +/* 0x0004 53 ( 1 2) */ sll %o2,1,%g3 +/* 0x0008 40 ( 1 4) */ ldd [%g2+%lo(Zero)],%f0 +/* 0x000c ( 1 2) */ add %g2,%lo(Zero),%g2 +/* 0x0010 53 ( 2 3) */ sll %o1,1,%g4 +/* 0x0014 36 ( 3 4) */ sll %o1,4,%g1 +/* 0x0018 40 ( 3 4) */ fmovd %f0,%f4 +/* 0x001c 53 ( 3 4) */ cmp %g4,%g3 +/* 0x0020 ( 3 4) */ bge,pt %icc,.L77000116 ! tprob=0.56 +/* 0x0024 ( 4 5) */ fmovd %f0,%f2 +/* 0x0028 36 ( 4 5) */ add %o0,%g1,%g1 +/* 0x002c ( 4 5) */ sub %g3,1,%g3 + +! 54 ! { +! 55 ! x=dt[i]; + +/* 0x0030 55 ( 5 8) */ ldd [%g1],%f8 + .L900000114: /* frequency 6.4 confidence 0.0 */ +/* 0x0034 ( 0 3) */ fdtox %f8,%f6 + +! 56 ! x1=dt[i+1]; + +/* 0x0038 56 ( 0 3) */ ldd [%g1+8],%f10 + +! 57 ! dt[i]=lower32(x,Zero)+tmp; +! 58 ! dt[i+1]=lower32(x1,Zero)+tmp1; +! 59 ! tmp=upper32(x); +! 60 ! tmp1=upper32(x1); + +/* 0x003c 60 ( 0 1) */ add %g4,2,%g4 +/* 0x0040 ( 1 4) */ fdtox %f8,%f8 +/* 0x0044 ( 1 2) */ cmp %g4,%g3 +/* 0x0048 ( 5 6) */ fmovs %f0,%f6 +/* 0x004c ( 7 10) */ fxtod %f6,%f6 +/* 0x0050 ( 8 11) */ fdtox %f10,%f0 +/* 0x0054 57 (10 13) */ faddd %f6,%f2,%f2 +/* 0x0058 (10 11) */ std %f2,[%g1] +/* 0x005c (12 15) */ ldd [%g2],%f2 +/* 0x0060 (14 15) */ fmovs %f2,%f0 +/* 0x0064 (16 19) */ fxtod %f0,%f6 +/* 0x0068 (17 20) */ fdtox %f10,%f0 +/* 0x006c (18 21) */ fitod %f8,%f2 +/* 0x0070 58 (19 22) */ faddd %f6,%f4,%f4 +/* 0x0074 (19 20) */ std %f4,[%g1+8] +/* 0x0078 60 (19 20) */ add %g1,16,%g1 +/* 0x007c (20 23) */ fitod %f0,%f4 +/* 0x0080 (20 23) */ ldd [%g2],%f0 +/* 0x0084 (20 21) */ ble,a,pt %icc,.L900000114 ! tprob=0.86 +/* 0x0088 (21 24) */ ldd [%g1],%f8 + .L77000116: /* frequency 1.0 confidence 0.0 */ +/* 0x008c ( 0 2) */ retl ! Result = +/* 0x0090 ( 1 2) */ nop +/* 0x0094 0 ( 0 0) */ .type cleanup,2 +/* 0x0094 ( 0 0) */ .size cleanup,(.-cleanup) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 4 +! +! SUBROUTINE conv_d16_to_i32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global conv_d16_to_i32 + conv_d16_to_i32: /* frequency 1.0 confidence 0.0 */ +/* 000000 ( 0 1) */ save %sp,-136,%sp + +! 61 ! } +! 62 ! /** end new code **/ +! 63 !} +! 66 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen) +! 67 !{ +! 68 !int i; +! 69 !long long t, t1, a, b, c, d; +! 71 ! t1=0; +! 72 ! a=(long long)d16[0]; + +/* 0x0004 72 ( 1 4) */ ldd [%i1],%f0 + +! 73 ! b=(long long)d16[1]; +! 74 ! for(i=0; i<ilen-1; i++) + +/* 0x0008 74 ( 1 2) */ sub %i3,1,%g2 +/* 0x000c 67 ( 1 2) */ or %g0,%i0,%g5 +/* 0x0010 74 ( 2 3) */ cmp %g2,0 +/* 0x0014 71 ( 2 3) */ or %g0,0,%o4 +/* 0x0018 72 ( 3 6) */ fdtox %f0,%f0 +/* 0x001c ( 3 4) */ std %f0,[%sp+120] +/* 0x0020 74 ( 3 4) */ or %g0,0,%o7 +/* 0x0024 67 ( 4 5) */ or %g0,%i3,%o0 +/* 0x0028 ( 4 5) */ sub %i3,2,%o2 +/* 0x002c 73 ( 5 8) */ ldd [%i1+8],%f0 +/* 0x0030 67 ( 5 6) */ sethi %hi(0xfc00),%o0 +/* 0x0034 ( 5 6) */ add %o2,1,%g3 +/* 0x0038 ( 6 7) */ add %o0,1023,%o1 +/* 0x003c ( 6 7) */ or %g0,%g5,%o5 +/* 0x0040 73 ( 7 10) */ fdtox %f0,%f0 +/* 0x0044 ( 7 8) */ std %f0,[%sp+112] +/* 0x0048 72 (11 13) */ ldx [%sp+120],%g4 +/* 0x004c 73 (12 14) */ ldx [%sp+112],%g1 +/* 0x0050 74 (12 13) */ ble,pt %icc,.L900000214 ! tprob=0.56 +/* 0x0054 (12 13) */ sethi %hi(0xfc00),%g2 +/* 0x0058 67 (13 14) */ or %g0,-1,%g2 +/* 0x005c 74 (13 14) */ cmp %g3,3 +/* 0x0060 67 (14 15) */ srl %g2,0,%o3 +/* 0x0064 (14 15) */ or %g0,%i1,%g2 +/* 0x0068 74 (14 15) */ bl,pn %icc,.L77000134 ! tprob=0.44 +/* 0x006c (15 18) */ ldd [%g2+16],%f0 + +! 75 ! { +! 76 ! c=(long long)d16[2*i+2]; +! 77 ! t1+=a&0xffffffff; +! 78 ! t=(a>>32); +! 79 ! d=(long long)d16[2*i+3]; +! 80 ! t1+=(b&0xffff)<<16; + +/* 0x0070 80 (15 16) */ and %g1,%o1,%o0 + +! 81 ! t+=(b>>16)+(t1>>32); +! 82 ! i32[i]=t1&0xffffffff; +! 83 ! t1=t; +! 84 ! a=c; +! 85 ! b=d; + +/* 0x0074 85 (15 16) */ add %g2,16,%g2 +/* 0x0078 80 (16 17) */ sllx %o0,16,%g3 +/* 0x007c 77 (16 17) */ and %g4,%o3,%o0 +/* 0x0080 76 (17 20) */ fdtox %f0,%f0 +/* 0x0084 (17 18) */ std %f0,[%sp+104] +/* 0x0088 74 (17 18) */ add %o0,%g3,%o4 +/* 0x008c 79 (18 21) */ ldd [%g2+8],%f2 +/* 0x0090 81 (18 19) */ srax %g1,16,%o0 +/* 0x0094 82 (18 19) */ and %o4,%o3,%o7 +/* 0x0098 81 (19 20) */ stx %o0,[%sp+112] +/* 0x009c (19 20) */ srax %o4,32,%o0 +/* 0x00a0 85 (19 20) */ add %g5,4,%o5 +/* 0x00a4 81 (20 21) */ stx %o0,[%sp+120] +/* 0x00a8 78 (20 21) */ srax %g4,32,%o4 +/* 0x00ac 79 (20 23) */ fdtox %f2,%f0 +/* 0x00b0 (21 22) */ std %f0,[%sp+96] +/* 0x00b4 81 (22 24) */ ldx [%sp+112],%o0 +/* 0x00b8 (23 25) */ ldx [%sp+120],%g4 +/* 0x00bc 76 (25 27) */ ldx [%sp+104],%g3 +/* 0x00c0 81 (25 26) */ add %o0,%g4,%g4 +/* 0x00c4 79 (26 28) */ ldx [%sp+96],%g1 +/* 0x00c8 81 (26 27) */ add %o4,%g4,%o4 +/* 0x00cc 82 (27 28) */ st %o7,[%g5] +/* 0x00d0 (27 28) */ or %g0,1,%o7 +/* 0x00d4 84 (27 28) */ or %g0,%g3,%g4 + .L900000209: /* frequency 64.0 confidence 0.0 */ +/* 0x00d8 76 (17 19) */ ldd [%g2+16],%f0 +/* 0x00dc 85 (17 18) */ add %o7,1,%o7 +/* 0x00e0 (17 18) */ add %o5,4,%o5 +/* 0x00e4 (18 18) */ cmp %o7,%o2 +/* 0x00e8 (18 19) */ add %g2,16,%g2 +/* 0x00ec 76 (19 22) */ fdtox %f0,%f0 +/* 0x00f0 (20 21) */ std %f0,[%sp+104] +/* 0x00f4 79 (21 23) */ ldd [%g2+8],%f0 +/* 0x00f8 (23 26) */ fdtox %f0,%f0 +/* 0x00fc (24 25) */ std %f0,[%sp+96] +/* 0x0100 80 (25 26) */ and %g1,%o1,%g3 +/* 0x0104 (26 27) */ sllx %g3,16,%g3 +/* 0x0108 ( 0 0) */ stx %g3,[%sp+120] +/* 0x010c 77 (26 27) */ and %g4,%o3,%g3 +/* 0x0110 74 ( 0 0) */ stx %o7,[%sp+128] +/* 0x0114 ( 0 0) */ ldx [%sp+120],%o7 +/* 0x0118 (27 27) */ add %g3,%o7,%g3 +/* 0x011c ( 0 0) */ ldx [%sp+128],%o7 +/* 0x0120 81 (28 29) */ srax %g1,16,%g1 +/* 0x0124 74 (28 28) */ add %g3,%o4,%g3 +/* 0x0128 81 (29 30) */ srax %g3,32,%o4 +/* 0x012c ( 0 0) */ stx %o4,[%sp+112] +/* 0x0130 78 (30 31) */ srax %g4,32,%o4 +/* 0x0134 81 ( 0 0) */ ldx [%sp+112],%g4 +/* 0x0138 (30 31) */ add %g1,%g4,%g4 +/* 0x013c 79 (31 33) */ ldx [%sp+96],%g1 +/* 0x0140 81 (31 32) */ add %o4,%g4,%o4 +/* 0x0144 82 (32 33) */ and %g3,%o3,%g3 +/* 0x0148 84 ( 0 0) */ ldx [%sp+104],%g4 +/* 0x014c 85 (33 34) */ ble,pt %icc,.L900000209 ! tprob=0.50 +/* 0x0150 (33 34) */ st %g3,[%o5-4] + .L900000212: /* frequency 8.0 confidence 0.0 */ +/* 0x0154 85 ( 0 1) */ ba .L900000214 ! tprob=1.00 +/* 0x0158 ( 0 1) */ sethi %hi(0xfc00),%g2 + .L77000134: /* frequency 0.7 confidence 0.0 */ + .L900000213: /* frequency 6.4 confidence 0.0 */ +/* 0x015c 77 ( 0 1) */ and %g4,%o3,%o0 +/* 0x0160 80 ( 0 1) */ and %g1,%o1,%g3 +/* 0x0164 76 ( 0 3) */ fdtox %f0,%f0 +/* 0x0168 77 ( 1 2) */ add %o4,%o0,%o0 +/* 0x016c 76 ( 1 2) */ std %f0,[%sp+104] +/* 0x0170 85 ( 1 2) */ add %o7,1,%o7 +/* 0x0174 80 ( 2 3) */ sllx %g3,16,%o4 +/* 0x0178 79 ( 2 5) */ ldd [%g2+24],%f2 +/* 0x017c 85 ( 2 3) */ add %g2,16,%g2 +/* 0x0180 80 ( 3 4) */ add %o0,%o4,%o4 +/* 0x0184 81 ( 3 4) */ stx %o7,[%sp+128] +/* 0x0188 ( 4 5) */ srax %g1,16,%o0 +/* 0x018c ( 4 5) */ stx %o0,[%sp+112] +/* 0x0190 82 ( 4 5) */ and %o4,%o3,%g3 +/* 0x0194 81 ( 5 6) */ srax %o4,32,%o0 +/* 0x0198 ( 5 6) */ stx %o0,[%sp+120] +/* 0x019c 79 ( 5 8) */ fdtox %f2,%f0 +/* 0x01a0 ( 6 7) */ std %f0,[%sp+96] +/* 0x01a4 78 ( 6 7) */ srax %g4,32,%o4 +/* 0x01a8 81 ( 7 9) */ ldx [%sp+120],%o7 +/* 0x01ac ( 8 10) */ ldx [%sp+112],%g4 +/* 0x01b0 76 (10 12) */ ldx [%sp+104],%g1 +/* 0x01b4 81 (10 11) */ add %g4,%o7,%g4 +/* 0x01b8 (11 13) */ ldx [%sp+128],%o7 +/* 0x01bc (11 12) */ add %o4,%g4,%o4 +/* 0x01c0 79 (12 14) */ ldx [%sp+96],%o0 +/* 0x01c4 84 (12 13) */ or %g0,%g1,%g4 +/* 0x01c8 82 (13 14) */ st %g3,[%o5] +/* 0x01cc 85 (13 14) */ add %o5,4,%o5 +/* 0x01d0 (13 14) */ cmp %o7,%o2 +/* 0x01d4 (14 15) */ or %g0,%o0,%g1 +/* 0x01d8 (14 15) */ ble,a,pt %icc,.L900000213 ! tprob=0.86 +/* 0x01dc (14 17) */ ldd [%g2+16],%f0 + .L77000127: /* frequency 1.0 confidence 0.0 */ + +! 86 ! } +! 87 ! t1+=a&0xffffffff; +! 88 ! t=(a>>32); +! 89 ! t1+=(b&0xffff)<<16; +! 90 ! i32[i]=t1&0xffffffff; + +/* 0x01e0 90 ( 0 1) */ sethi %hi(0xfc00),%g2 + .L900000214: /* frequency 1.0 confidence 0.0 */ +/* 0x01e4 90 ( 0 1) */ or %g0,-1,%g3 +/* 0x01e8 ( 0 1) */ add %g2,1023,%g2 +/* 0x01ec ( 1 2) */ srl %g3,0,%g3 +/* 0x01f0 ( 1 2) */ and %g1,%g2,%g2 +/* 0x01f4 ( 2 3) */ and %g4,%g3,%g4 +/* 0x01f8 ( 3 4) */ sllx %g2,16,%g2 +/* 0x01fc ( 3 4) */ add %o4,%g4,%g4 +/* 0x0200 ( 4 5) */ add %g4,%g2,%g2 +/* 0x0204 ( 5 6) */ sll %o7,2,%g4 +/* 0x0208 ( 5 6) */ and %g2,%g3,%g2 +/* 0x020c ( 6 7) */ st %g2,[%g5+%g4] +/* 0x0210 ( 7 9) */ ret ! Result = +/* 0x0214 ( 9 10) */ restore %g0,%g0,%g0 +/* 0x0218 0 ( 0 0) */ .type conv_d16_to_i32,2 +/* 0x0218 ( 0 0) */ .size conv_d16_to_i32,(.-conv_d16_to_i32) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000301: /* frequency 1.0 confidence 0.0 */ +/* 000000 0 ( 0 0) */ .word 1127219200,0 +/* 0x0008 0 ( 0 0) */ .align 4 +! +! SUBROUTINE conv_i32_to_d32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global conv_i32_to_d32 + conv_i32_to_d32: /* frequency 1.0 confidence 0.0 */ +/* 000000 ( 0 1) */ orcc %g0,%o2,%g1 + +! 92 !} +! 94 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len) +! 95 !{ +! 96 !int i; +! 98 !#pragma pipeloop(0) +! 99 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]); + +/* 0x0004 99 ( 0 1) */ ble,pt %icc,.L77000140 ! tprob=0.56 +/* 0x0008 ( 0 1) */ nop +/* 0x000c ( 1 2) */ sethi %hi(.L_const_seg_900000301),%g2 +/* 0x0010 95 ( 1 2) */ or %g0,%o1,%g4 +/* 0x0014 99 ( 2 3) */ add %g2,%lo(.L_const_seg_900000301),%g2 +/* 0x0018 ( 2 3) */ or %g0,0,%o5 +/* 0x001c 95 ( 3 4) */ or %g0,%o0,%g5 +/* 0x0020 99 ( 3 4) */ sub %o2,1,%g3 +/* 0x0024 ( 4 5) */ cmp %o2,9 +/* 0x0028 ( 4 5) */ bl,pn %icc,.L77000144 ! tprob=0.44 +/* 0x002c ( 4 7) */ ldd [%g2],%f8 +/* 0x0030 ( 5 8) */ ld [%o1],%f7 +/* 0x0034 ( 5 6) */ add %o1,16,%g4 +/* 0x0038 ( 5 6) */ sub %o2,5,%g1 +/* 0x003c ( 6 9) */ ld [%o1+4],%f5 +/* 0x0040 ( 6 7) */ or %g0,4,%o5 +/* 0x0044 ( 7 10) */ ld [%o1+8],%f3 +/* 0x0048 ( 7 8) */ fmovs %f8,%f6 +/* 0x004c ( 8 11) */ ld [%o1+12],%f1 + .L900000305: /* frequency 64.0 confidence 0.0 */ +/* 0x0050 ( 8 16) */ ld [%g4],%f11 +/* 0x0054 ( 8 9) */ add %o5,5,%o5 +/* 0x0058 ( 8 9) */ add %g4,20,%g4 +/* 0x005c ( 8 11) */ fsubd %f6,%f8,%f6 +/* 0x0060 ( 9 10) */ std %f6,[%g5] +/* 0x0064 ( 9 9) */ cmp %o5,%g1 +/* 0x0068 ( 9 10) */ add %g5,40,%g5 +/* 0x006c ( 0 0) */ fmovs %f8,%f4 +/* 0x0070 (10 18) */ ld [%g4-16],%f7 +/* 0x0074 (10 13) */ fsubd %f4,%f8,%f12 +/* 0x0078 ( 0 0) */ fmovs %f8,%f2 +/* 0x007c (11 12) */ std %f12,[%g5-32] +/* 0x0080 (12 20) */ ld [%g4-12],%f5 +/* 0x0084 (12 15) */ fsubd %f2,%f8,%f12 +/* 0x0088 ( 0 0) */ fmovs %f8,%f0 +/* 0x008c (13 14) */ std %f12,[%g5-24] +/* 0x0090 (14 22) */ ld [%g4-8],%f3 +/* 0x0094 (14 17) */ fsubd %f0,%f8,%f12 +/* 0x0098 ( 0 0) */ fmovs %f8,%f10 +/* 0x009c (15 16) */ std %f12,[%g5-16] +/* 0x00a0 (16 24) */ ld [%g4-4],%f1 +/* 0x00a4 (16 19) */ fsubd %f10,%f8,%f10 +/* 0x00a8 ( 0 0) */ fmovs %f8,%f6 +/* 0x00ac (17 18) */ ble,pt %icc,.L900000305 ! tprob=0.50 +/* 0x00b0 (17 18) */ std %f10,[%g5-8] + .L900000308: /* frequency 8.0 confidence 0.0 */ +/* 0x00b4 ( 0 1) */ fmovs %f8,%f4 +/* 0x00b8 ( 0 1) */ add %g5,32,%g5 +/* 0x00bc ( 0 1) */ cmp %o5,%g3 +/* 0x00c0 ( 1 2) */ fmovs %f8,%f2 +/* 0x00c4 ( 2 3) */ fmovs %f8,%f0 +/* 0x00c8 ( 4 7) */ fsubd %f6,%f8,%f6 +/* 0x00cc ( 4 5) */ std %f6,[%g5-32] +/* 0x00d0 ( 5 8) */ fsubd %f4,%f8,%f4 +/* 0x00d4 ( 5 6) */ std %f4,[%g5-24] +/* 0x00d8 ( 6 9) */ fsubd %f2,%f8,%f2 +/* 0x00dc ( 6 7) */ std %f2,[%g5-16] +/* 0x00e0 ( 7 10) */ fsubd %f0,%f8,%f0 +/* 0x00e4 ( 7 8) */ bg,pn %icc,.L77000140 ! tprob=0.14 +/* 0x00e8 ( 7 8) */ std %f0,[%g5-8] + .L77000144: /* frequency 0.7 confidence 0.0 */ +/* 0x00ec ( 0 3) */ ld [%g4],%f1 + .L900000309: /* frequency 6.4 confidence 0.0 */ +/* 0x00f0 ( 0 3) */ ldd [%g2],%f8 +/* 0x00f4 ( 0 1) */ add %o5,1,%o5 +/* 0x00f8 ( 0 1) */ add %g4,4,%g4 +/* 0x00fc ( 1 2) */ cmp %o5,%g3 +/* 0x0100 ( 2 3) */ fmovs %f8,%f0 +/* 0x0104 ( 4 7) */ fsubd %f0,%f8,%f0 +/* 0x0108 ( 4 5) */ std %f0,[%g5] +/* 0x010c ( 4 5) */ add %g5,8,%g5 +/* 0x0110 ( 4 5) */ ble,a,pt %icc,.L900000309 ! tprob=0.86 +/* 0x0114 ( 6 9) */ ld [%g4],%f1 + .L77000140: /* frequency 1.0 confidence 0.0 */ +/* 0x0118 ( 0 2) */ retl ! Result = +/* 0x011c ( 1 2) */ nop +/* 0x0120 0 ( 0 0) */ .type conv_i32_to_d32,2 +/* 0x0120 ( 0 0) */ .size conv_i32_to_d32,(.-conv_i32_to_d32) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000401: /* frequency 1.0 confidence 0.0 */ +/* 000000 0 ( 0 0) */ .word 1127219200,0 +/* 0x0008 0 ( 0 0) */ .align 4 +! +! SUBROUTINE conv_i32_to_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global conv_i32_to_d16 + conv_i32_to_d16: /* frequency 1.0 confidence 0.0 */ +/* 000000 ( 0 1) */ save %sp,-104,%sp +/* 0x0004 ( 1 2) */ orcc %g0,%i2,%o0 + +! 100 !} +! 103 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len) +! 104 !{ +! 105 !int i; +! 106 !unsigned int a; +! 108 !#pragma pipeloop(0) +! 109 ! for(i=0;i<len;i++) + +/* 0x0008 109 ( 1 2) */ ble,pt %icc,.L77000150 ! tprob=0.56 +/* 0x000c ( 1 2) */ nop +/* 0x0010 ( 2 3) */ sub %o0,1,%o5 +/* 0x0014 ( 2 3) */ sethi %hi(0xfc00),%g2 + +! 110 ! { +! 111 ! a=i32[i]; +! 112 ! d16[2*i]=(double)(a&0xffff); +! 113 ! d16[2*i+1]=(double)(a>>16); + +/* 0x0018 113 ( 3 4) */ sethi %hi(.L_const_seg_900000401),%o0 +/* 0x001c ( 3 4) */ add %o5,1,%g3 +/* 0x0020 ( 4 5) */ add %g2,1023,%o4 +/* 0x0024 109 ( 4 5) */ or %g0,0,%g1 +/* 0x0028 ( 5 6) */ cmp %g3,3 +/* 0x002c ( 5 6) */ or %g0,%i1,%o7 +/* 0x0030 ( 6 7) */ add %o0,%lo(.L_const_seg_900000401),%o3 +/* 0x0034 ( 6 7) */ or %g0,%i0,%g2 +/* 0x0038 ( 6 7) */ bl,pn %icc,.L77000154 ! tprob=0.44 +/* 0x003c ( 7 8) */ add %o7,4,%o0 +/* 0x0040 112 ( 7 10) */ ldd [%o3],%f0 +/* 0x0044 113 ( 7 8) */ or %g0,1,%g1 +/* 0x0048 111 ( 8 11) */ ld [%o0-4],%o1 +/* 0x004c 0 ( 8 9) */ or %g0,%o0,%o7 +/* 0x0050 112 (10 11) */ and %o1,%o4,%o0 + .L900000406: /* frequency 64.0 confidence 0.0 */ +/* 0x0054 112 (22 23) */ st %o0,[%sp+96] +/* 0x0058 113 (22 23) */ add %g1,1,%g1 +/* 0x005c (22 23) */ add %g2,16,%g2 +/* 0x0060 (23 23) */ cmp %g1,%o5 +/* 0x0064 (23 24) */ add %o7,4,%o7 +/* 0x0068 112 (29 31) */ ld [%sp+96],%f3 +/* 0x006c ( 0 0) */ fmovs %f0,%f2 +/* 0x0070 (31 34) */ fsubd %f2,%f0,%f2 +/* 0x0074 113 (32 33) */ srl %o1,16,%o0 +/* 0x0078 112 (32 33) */ std %f2,[%g2-16] +/* 0x007c 113 (33 34) */ st %o0,[%sp+92] +/* 0x0080 (40 42) */ ld [%sp+92],%f3 +/* 0x0084 111 (41 43) */ ld [%o7-4],%o1 +/* 0x0088 113 ( 0 0) */ fmovs %f0,%f2 +/* 0x008c (42 45) */ fsubd %f2,%f0,%f2 +/* 0x0090 112 (43 44) */ and %o1,%o4,%o0 +/* 0x0094 113 (43 44) */ ble,pt %icc,.L900000406 ! tprob=0.50 +/* 0x0098 (43 44) */ std %f2,[%g2-8] + .L900000409: /* frequency 8.0 confidence 0.0 */ +/* 0x009c 112 ( 0 1) */ st %o0,[%sp+96] +/* 0x00a0 ( 0 1) */ fmovs %f0,%f2 +/* 0x00a4 113 ( 0 1) */ add %g2,16,%g2 +/* 0x00a8 ( 1 2) */ srl %o1,16,%o0 +/* 0x00ac 112 ( 4 7) */ ld [%sp+96],%f3 +/* 0x00b0 ( 6 9) */ fsubd %f2,%f0,%f2 +/* 0x00b4 ( 6 7) */ std %f2,[%g2-16] +/* 0x00b8 113 ( 7 8) */ st %o0,[%sp+92] +/* 0x00bc (10 11) */ fmovs %f0,%f2 +/* 0x00c0 (11 14) */ ld [%sp+92],%f3 +/* 0x00c4 (13 16) */ fsubd %f2,%f0,%f0 +/* 0x00c8 (13 14) */ std %f0,[%g2-8] +/* 0x00cc (14 16) */ ret ! Result = +/* 0x00d0 (16 17) */ restore %g0,%g0,%g0 + .L77000154: /* frequency 0.7 confidence 0.0 */ +/* 0x00d4 111 ( 0 3) */ ld [%o7],%o0 + .L900000410: /* frequency 6.4 confidence 0.0 */ +/* 0x00d8 112 ( 0 1) */ and %o0,%o4,%o1 +/* 0x00dc ( 0 1) */ st %o1,[%sp+96] +/* 0x00e0 113 ( 0 1) */ add %g1,1,%g1 +/* 0x00e4 112 ( 1 4) */ ldd [%o3],%f0 +/* 0x00e8 113 ( 1 2) */ srl %o0,16,%o0 +/* 0x00ec ( 1 2) */ add %o7,4,%o7 +/* 0x00f0 ( 2 3) */ cmp %g1,%o5 +/* 0x00f4 112 ( 3 4) */ fmovs %f0,%f2 +/* 0x00f8 ( 4 7) */ ld [%sp+96],%f3 +/* 0x00fc ( 6 9) */ fsubd %f2,%f0,%f2 +/* 0x0100 ( 6 7) */ std %f2,[%g2] +/* 0x0104 113 ( 7 8) */ st %o0,[%sp+92] +/* 0x0108 (10 11) */ fmovs %f0,%f2 +/* 0x010c (11 14) */ ld [%sp+92],%f3 +/* 0x0110 (13 16) */ fsubd %f2,%f0,%f0 +/* 0x0114 (13 14) */ std %f0,[%g2+8] +/* 0x0118 (13 14) */ add %g2,16,%g2 +/* 0x011c (13 14) */ ble,a,pt %icc,.L900000410 ! tprob=0.86 +/* 0x0120 (14 17) */ ld [%o7],%o0 + .L77000150: /* frequency 1.0 confidence 0.0 */ +/* 0x0124 ( 0 2) */ ret ! Result = +/* 0x0128 ( 2 3) */ restore %g0,%g0,%g0 +/* 0x012c 0 ( 0 0) */ .type conv_i32_to_d16,2 +/* 0x012c ( 0 0) */ .size conv_i32_to_d16,(.-conv_i32_to_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000501: /* frequency 1.0 confidence 0.0 */ +/* 000000 0 ( 0 0) */ .word 1127219200,0 +/* 0x0008 0 ( 0 0) */ .align 4 +! +! SUBROUTINE conv_i32_to_d32_and_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global conv_i32_to_d32_and_d16 + conv_i32_to_d32_and_d16: /* frequency 1.0 confidence 0.0 */ +/* 000000 ( 0 1) */ save %sp,-104,%sp +/* 0x0004 ( 1 2) */ or %g0,%i3,%i4 +/* 0x0008 ( 1 2) */ or %g0,%i2,%g1 + +! 114 ! } +! 115 !} +! 118 !void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/, +! 119 ! double * /* 0 */, +! 120 ! double * /*result16*/, double * /* result32 */, +! 121 ! float * /*source - should be unsigned int* +! 122 ! converted to float* */); +! 126 !void conv_i32_to_d32_and_d16(double *d32, double *d16, +! 127 ! unsigned int *i32, int len) +! 128 !{ +! 129 !int i; +! 130 !unsigned int a; +! 132 !#pragma pipeloop(0) +! 133 ! for(i=0;i<len-3;i+=4) + +/* 0x000c 133 ( 2 3) */ sub %i4,3,%g2 +/* 0x0010 ( 2 3) */ or %g0,0,%o7 +/* 0x0014 ( 3 4) */ cmp %g2,0 +/* 0x0018 128 ( 3 4) */ or %g0,%i0,%i3 +/* 0x001c 133 ( 3 4) */ ble,pt %icc,.L900000515 ! tprob=0.56 +/* 0x0020 ( 4 5) */ cmp %o7,%i4 + +! 134 ! { +! 135 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero, +! 136 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i]))); + +/* 0x0024 136 ( 4 5) */ sethi %hi(Zero),%g2 +/* 0x0028 133 ( 5 6) */ or %g0,%g1,%o3 +/* 0x002c ( 5 6) */ sub %i4,4,%o2 +/* 0x0030 136 ( 6 7) */ add %g2,%lo(Zero),%o1 +/* 0x0034 133 ( 6 7) */ or %g0,0,%o5 +/* 0x0038 ( 7 8) */ or %g0,0,%o4 +/* 0x003c 136 ( 7 8) */ or %g0,%o3,%g4 + .L900000514: /* frequency 6.4 confidence 0.0 */ +/* 0x0040 ( 0 3) */ ldd [%o1],%f2 +/* 0x0044 136 ( 0 1) */ add %i3,%o5,%g2 +/* 0x0048 ( 0 1) */ add %i1,%o4,%g3 +/* 0x004c ( 1 4) */ ldd [%o1-8],%f0 +/* 0x0050 ( 1 2) */ add %o7,4,%o7 +/* 0x0054 ( 1 2) */ add %o3,16,%o3 +/* 0x0058 ( 2 3) */ fmovd %f2,%f14 +/* 0x005c ( 2 5) */ ld [%g4],%f15 +/* 0x0060 ( 2 3) */ cmp %o7,%o2 +/* 0x0064 ( 3 4) */ fmovd %f2,%f10 +/* 0x0068 ( 3 6) */ ld [%g4+4],%f11 +/* 0x006c ( 4 5) */ fmovd %f2,%f6 +/* 0x0070 ( 4 7) */ ld [%g4+8],%f7 +/* 0x0074 ( 5 8) */ ld [%g4+12],%f3 +/* 0x0078 ( 5 8) */ fxtod %f14,%f14 +/* 0x007c ( 6 9) */ fxtod %f10,%f10 +/* 0x0080 ( 6 9) */ ldd [%o1-16],%f16 +/* 0x0084 ( 7 10) */ fxtod %f6,%f6 +/* 0x0088 ( 7 8) */ std %f14,[%i3+%o5] +/* 0x008c ( 7 8) */ add %o5,32,%o5 +/* 0x0090 ( 8 11) */ fxtod %f2,%f2 +/* 0x0094 ( 8 11) */ fmuld %f0,%f14,%f12 +/* 0x0098 ( 8 9) */ std %f10,[%g2+8] +/* 0x009c ( 9 12) */ fmuld %f0,%f10,%f8 +/* 0x00a0 ( 9 10) */ std %f6,[%g2+16] +/* 0x00a4 (10 13) */ fmuld %f0,%f6,%f4 +/* 0x00a8 (10 11) */ std %f2,[%g2+24] +/* 0x00ac (11 14) */ fmuld %f0,%f2,%f0 +/* 0x00b0 (11 14) */ fdtox %f12,%f12 +/* 0x00b4 (12 15) */ fdtox %f8,%f8 +/* 0x00b8 (13 16) */ fdtox %f4,%f4 +/* 0x00bc (14 17) */ fdtox %f0,%f0 +/* 0x00c0 (15 18) */ fxtod %f12,%f12 +/* 0x00c4 (15 16) */ std %f12,[%g3+8] +/* 0x00c8 (16 19) */ fxtod %f8,%f8 +/* 0x00cc (16 17) */ std %f8,[%g3+24] +/* 0x00d0 (17 20) */ fxtod %f4,%f4 +/* 0x00d4 (17 18) */ std %f4,[%g3+40] +/* 0x00d8 (18 21) */ fxtod %f0,%f0 +/* 0x00dc (18 21) */ fmuld %f12,%f16,%f12 +/* 0x00e0 (18 19) */ std %f0,[%g3+56] +/* 0x00e4 (19 22) */ fmuld %f8,%f16,%f8 +/* 0x00e8 (20 23) */ fmuld %f4,%f16,%f4 +/* 0x00ec (21 24) */ fmuld %f0,%f16,%f0 +/* 0x00f0 (21 24) */ fsubd %f14,%f12,%f12 +/* 0x00f4 (21 22) */ std %f12,[%i1+%o4] +/* 0x00f8 (22 25) */ fsubd %f10,%f8,%f8 +/* 0x00fc (22 23) */ std %f8,[%g3+16] +/* 0x0100 (22 23) */ add %o4,64,%o4 +/* 0x0104 (23 26) */ fsubd %f6,%f4,%f4 +/* 0x0108 (23 24) */ std %f4,[%g3+32] +/* 0x010c (24 27) */ fsubd %f2,%f0,%f0 +/* 0x0110 (24 25) */ std %f0,[%g3+48] +/* 0x0114 (24 25) */ ble,pt %icc,.L900000514 ! tprob=0.86 +/* 0x0118 (25 26) */ or %g0,%o3,%g4 + .L77000159: /* frequency 1.0 confidence 0.0 */ + +! 137 ! } +! 138 ! for(;i<len;i++) + +/* 0x011c 138 ( 0 1) */ cmp %o7,%i4 + .L900000515: /* frequency 1.0 confidence 0.0 */ +/* 0x0120 138 ( 0 1) */ bge,pt %icc,.L77000164 ! tprob=0.56 +/* 0x0124 ( 0 1) */ nop + +! 139 ! { +! 140 ! a=i32[i]; +! 141 ! d32[i]=(double)(i32[i]); +! 142 ! d16[2*i]=(double)(a&0xffff); +! 143 ! d16[2*i+1]=(double)(a>>16); + +/* 0x0128 143 ( 0 1) */ sethi %hi(.L_const_seg_900000501),%o1 +/* 0x012c 138 ( 1 2) */ sethi %hi(0xfc00),%o0 +/* 0x0130 141 ( 1 4) */ ldd [%o1+%lo(.L_const_seg_900000501)],%f0 +/* 0x0134 138 ( 1 2) */ sub %i4,%o7,%g3 +/* 0x0138 ( 2 3) */ sll %o7,2,%g2 +/* 0x013c ( 2 3) */ add %o0,1023,%o3 +/* 0x0140 ( 3 4) */ sll %o7,3,%g4 +/* 0x0144 ( 3 4) */ cmp %g3,3 +/* 0x0148 ( 4 5) */ add %g1,%g2,%o0 +/* 0x014c ( 4 5) */ add %o1,%lo(.L_const_seg_900000501),%o2 +/* 0x0150 ( 5 6) */ add %i3,%g4,%o4 +/* 0x0154 ( 5 6) */ sub %i4,1,%o1 +/* 0x0158 ( 6 7) */ sll %o7,4,%g5 +/* 0x015c ( 6 7) */ bl,pn %icc,.L77000161 ! tprob=0.44 +/* 0x0160 ( 7 8) */ add %i1,%g5,%o5 +/* 0x0164 141 ( 7 10) */ ld [%g1+%g2],%f3 +/* 0x0168 143 ( 7 8) */ add %o4,8,%o4 +/* 0x016c 140 ( 8 11) */ ld [%g1+%g2],%g1 +/* 0x0170 143 ( 8 9) */ add %o5,16,%o5 +/* 0x0174 ( 8 9) */ add %o7,1,%o7 +/* 0x0178 141 ( 9 10) */ fmovs %f0,%f2 +/* 0x017c 143 ( 9 10) */ add %o0,4,%o0 +/* 0x0180 142 (10 11) */ and %g1,%o3,%g2 +/* 0x0184 141 (11 14) */ fsubd %f2,%f0,%f2 +/* 0x0188 (11 12) */ std %f2,[%o4-8] +/* 0x018c 143 (11 12) */ srl %g1,16,%g1 +/* 0x0190 142 (12 13) */ st %g2,[%sp+96] +/* 0x0194 (15 16) */ fmovs %f0,%f2 +/* 0x0198 (16 19) */ ld [%sp+96],%f3 +/* 0x019c (18 21) */ fsubd %f2,%f0,%f2 +/* 0x01a0 (18 19) */ std %f2,[%o5-16] +/* 0x01a4 143 (19 20) */ st %g1,[%sp+92] +/* 0x01a8 (22 23) */ fmovs %f0,%f2 +/* 0x01ac (23 26) */ ld [%sp+92],%f3 +/* 0x01b0 (25 28) */ fsubd %f2,%f0,%f2 +/* 0x01b4 (25 26) */ std %f2,[%o5-8] + .L900000509: /* frequency 64.0 confidence 0.0 */ +/* 0x01b8 141 (26 28) */ ld [%o0],%f3 +/* 0x01bc 143 (26 27) */ add %o7,2,%o7 +/* 0x01c0 (26 27) */ add %o5,32,%o5 +/* 0x01c4 140 (27 29) */ ld [%o0],%g1 +/* 0x01c8 143 (27 27) */ cmp %o7,%o1 +/* 0x01cc (27 28) */ add %o4,16,%o4 +/* 0x01d0 141 ( 0 0) */ fmovs %f0,%f2 +/* 0x01d4 (28 31) */ fsubd %f2,%f0,%f2 +/* 0x01d8 (29 30) */ std %f2,[%o4-16] +/* 0x01dc 142 (29 30) */ and %g1,%o3,%g2 +/* 0x01e0 (30 31) */ st %g2,[%sp+96] +/* 0x01e4 (37 39) */ ld [%sp+96],%f3 +/* 0x01e8 ( 0 0) */ fmovs %f0,%f2 +/* 0x01ec (39 42) */ fsubd %f2,%f0,%f2 +/* 0x01f0 143 (40 41) */ srl %g1,16,%g1 +/* 0x01f4 142 (40 41) */ std %f2,[%o5-32] +/* 0x01f8 143 (41 42) */ st %g1,[%sp+92] +/* 0x01fc (48 50) */ ld [%sp+92],%f3 +/* 0x0200 ( 0 0) */ fmovs %f0,%f2 +/* 0x0204 (50 53) */ fsubd %f2,%f0,%f2 +/* 0x0208 (51 52) */ std %f2,[%o5-24] +/* 0x020c (51 52) */ add %o0,4,%o0 +/* 0x0210 141 (52 54) */ ld [%o0],%f3 +/* 0x0214 140 (53 55) */ ld [%o0],%g1 +/* 0x0218 141 ( 0 0) */ fmovs %f0,%f2 +/* 0x021c (54 57) */ fsubd %f2,%f0,%f2 +/* 0x0220 (55 56) */ std %f2,[%o4-8] +/* 0x0224 142 (55 56) */ and %g1,%o3,%g2 +/* 0x0228 (56 57) */ st %g2,[%sp+96] +/* 0x022c (63 65) */ ld [%sp+96],%f3 +/* 0x0230 ( 0 0) */ fmovs %f0,%f2 +/* 0x0234 (65 68) */ fsubd %f2,%f0,%f2 +/* 0x0238 143 (66 67) */ srl %g1,16,%g1 +/* 0x023c 142 (66 67) */ std %f2,[%o5-16] +/* 0x0240 143 (67 68) */ st %g1,[%sp+92] +/* 0x0244 (74 76) */ ld [%sp+92],%f3 +/* 0x0248 ( 0 0) */ fmovs %f0,%f2 +/* 0x024c (76 79) */ fsubd %f2,%f0,%f2 +/* 0x0250 (77 78) */ std %f2,[%o5-8] +/* 0x0254 (77 78) */ bl,pt %icc,.L900000509 ! tprob=0.50 +/* 0x0258 (77 78) */ add %o0,4,%o0 + .L900000512: /* frequency 8.0 confidence 0.0 */ +/* 0x025c 143 ( 0 1) */ cmp %o7,%i4 +/* 0x0260 ( 0 1) */ bge,pn %icc,.L77000164 ! tprob=0.14 +/* 0x0264 ( 0 1) */ nop + .L77000161: /* frequency 0.7 confidence 0.0 */ +/* 0x0268 141 ( 0 3) */ ld [%o0],%f3 + .L900000513: /* frequency 6.4 confidence 0.0 */ +/* 0x026c 141 ( 0 3) */ ldd [%o2],%f0 +/* 0x0270 143 ( 0 1) */ add %o7,1,%o7 +/* 0x0274 140 ( 1 4) */ ld [%o0],%o1 +/* 0x0278 143 ( 1 2) */ add %o0,4,%o0 +/* 0x027c ( 1 2) */ cmp %o7,%i4 +/* 0x0280 141 ( 2 3) */ fmovs %f0,%f2 +/* 0x0284 142 ( 3 4) */ and %o1,%o3,%g1 +/* 0x0288 141 ( 4 7) */ fsubd %f2,%f0,%f2 +/* 0x028c ( 4 5) */ std %f2,[%o4] +/* 0x0290 143 ( 4 5) */ srl %o1,16,%o1 +/* 0x0294 142 ( 5 6) */ st %g1,[%sp+96] +/* 0x0298 143 ( 5 6) */ add %o4,8,%o4 +/* 0x029c 142 ( 8 9) */ fmovs %f0,%f2 +/* 0x02a0 ( 9 12) */ ld [%sp+96],%f3 +/* 0x02a4 (11 14) */ fsubd %f2,%f0,%f2 +/* 0x02a8 (11 12) */ std %f2,[%o5] +/* 0x02ac 143 (12 13) */ st %o1,[%sp+92] +/* 0x02b0 (15 16) */ fmovs %f0,%f2 +/* 0x02b4 (16 19) */ ld [%sp+92],%f3 +/* 0x02b8 (18 21) */ fsubd %f2,%f0,%f0 +/* 0x02bc (18 19) */ std %f0,[%o5+8] +/* 0x02c0 (18 19) */ add %o5,16,%o5 +/* 0x02c4 (18 19) */ bl,a,pt %icc,.L900000513 ! tprob=0.86 +/* 0x02c8 (19 22) */ ld [%o0],%f3 + .L77000164: /* frequency 1.0 confidence 0.0 */ +/* 0x02cc ( 0 2) */ ret ! Result = +/* 0x02d0 ( 2 3) */ restore %g0,%g0,%g0 +/* 0x02d4 0 ( 0 0) */ .type conv_i32_to_d32_and_d16,2 +/* 0x02d4 ( 0 0) */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 4 +! +! SUBROUTINE adjust_montf_result +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global adjust_montf_result + adjust_montf_result: /* frequency 1.0 confidence 0.0 */ + +! 144 ! } +! 145 !} +! 148 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len) +! 149 !{ +! 150 !long long acc; +! 151 !int i; +! 153 ! if(i32[len]>0) i=-1; + +/* 000000 153 ( 0 1) */ sll %o2,2,%g1 +/* 0x0004 ( 0 1) */ or %g0,-1,%g3 +/* 0x0008 ( 1 4) */ ld [%o0+%g1],%g1 +/* 0x000c ( 3 4) */ cmp %g1,0 +/* 0x0010 ( 3 4) */ bleu,pn %icc,.L77000175 ! tprob=0.50 +/* 0x0014 ( 3 4) */ or %g0,%o1,%o3 +/* 0x0018 ( 4 5) */ ba .L900000611 ! tprob=1.00 +/* 0x001c ( 4 5) */ cmp %g3,0 + .L77000175: /* frequency 0.8 confidence 0.0 */ + +! 154 ! else +! 155 ! { +! 156 ! for(i=len-1; i>=0; i++) + +/* 0x0020 156 ( 0 1) */ subcc %o2,1,%g3 +/* 0x0024 ( 0 1) */ bneg,pt %icc,.L900000611 ! tprob=0.60 +/* 0x0028 ( 1 2) */ cmp %g3,0 +/* 0x002c ( 1 2) */ sll %g3,2,%g1 +/* 0x0030 ( 2 3) */ add %o0,%g1,%g2 +/* 0x0034 ( 2 3) */ add %o1,%g1,%g1 + +! 157 ! { +! 158 ! if(i32[i]!=nint[i]) break; + +/* 0x0038 158 ( 3 6) */ ld [%g1],%g5 + .L900000610: /* frequency 5.3 confidence 0.0 */ +/* 0x003c 158 ( 0 3) */ ld [%g2],%o5 +/* 0x0040 ( 0 1) */ add %g1,4,%g1 +/* 0x0044 ( 0 1) */ add %g2,4,%g2 +/* 0x0048 ( 2 3) */ cmp %o5,%g5 +/* 0x004c ( 2 3) */ bne,pn %icc,.L77000182 ! tprob=0.16 +/* 0x0050 ( 2 3) */ nop +/* 0x0054 ( 3 4) */ addcc %g3,1,%g3 +/* 0x0058 ( 3 4) */ bpos,a,pt %icc,.L900000610 ! tprob=0.84 +/* 0x005c ( 3 6) */ ld [%g1],%g5 + .L77000182: /* frequency 1.0 confidence 0.0 */ + +! 159 ! } +! 160 ! } +! 161 ! if((i<0)||(i32[i]>nint[i])) + +/* 0x0060 161 ( 0 1) */ cmp %g3,0 + .L900000611: /* frequency 1.0 confidence 0.0 */ +/* 0x0064 161 ( 0 1) */ bl,pn %icc,.L77000198 ! tprob=0.50 +/* 0x0068 ( 0 1) */ sll %g3,2,%g2 +/* 0x006c ( 1 4) */ ld [%o1+%g2],%g1 +/* 0x0070 ( 2 5) */ ld [%o0+%g2],%g2 +/* 0x0074 ( 4 5) */ cmp %g2,%g1 +/* 0x0078 ( 4 5) */ bleu,pt %icc,.L77000191 ! tprob=0.56 +/* 0x007c ( 4 5) */ nop + .L77000198: /* frequency 0.8 confidence 0.0 */ + +! 162 ! { +! 163 ! acc=0; +! 164 ! for(i=0;i<len;i++) + +/* 0x0080 164 ( 0 1) */ cmp %o2,0 +/* 0x0084 ( 0 1) */ ble,pt %icc,.L77000191 ! tprob=0.60 +/* 0x0088 ( 0 1) */ nop +/* 0x008c 161 ( 1 2) */ or %g0,-1,%g2 +/* 0x0090 ( 1 2) */ sub %o2,1,%g4 +/* 0x0094 ( 2 3) */ srl %g2,0,%g3 +/* 0x0098 163 ( 2 3) */ or %g0,0,%g5 +/* 0x009c 164 ( 3 4) */ or %g0,0,%o5 +/* 0x00a0 161 ( 3 4) */ or %g0,%o0,%o4 +/* 0x00a4 ( 4 5) */ cmp %o2,3 +/* 0x00a8 ( 4 5) */ add %o1,4,%g2 +/* 0x00ac 164 ( 4 5) */ bl,pn %icc,.L77000199 ! tprob=0.40 +/* 0x00b0 ( 5 6) */ add %o0,8,%g1 + +! 165 ! { +! 166 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]); + +/* 0x00b4 166 ( 5 8) */ ld [%o0],%o2 +/* 0x00b8 0 ( 5 6) */ or %g0,%g2,%o3 +/* 0x00bc 166 ( 6 9) */ ld [%o1],%o1 +/* 0x00c0 0 ( 6 7) */ or %g0,%g1,%o4 + +! 167 ! i32[i]=acc&0xffffffff; +! 168 ! acc=acc>>32; + +/* 0x00c4 168 ( 6 7) */ or %g0,2,%o5 +/* 0x00c8 166 ( 7 10) */ ld [%o0+4],%g1 +/* 0x00cc 164 ( 8 9) */ sub %o2,%o1,%o2 +/* 0x00d0 ( 9 10) */ or %g0,%o2,%g5 +/* 0x00d4 167 ( 9 10) */ and %o2,%g3,%o2 +/* 0x00d8 ( 9 10) */ st %o2,[%o0] +/* 0x00dc 168 (10 11) */ srax %g5,32,%g5 + .L900000605: /* frequency 64.0 confidence 0.0 */ +/* 0x00e0 166 (12 20) */ ld [%o3],%o2 +/* 0x00e4 168 (12 13) */ add %o5,1,%o5 +/* 0x00e8 (12 13) */ add %o3,4,%o3 +/* 0x00ec (13 13) */ cmp %o5,%g4 +/* 0x00f0 (13 14) */ add %o4,4,%o4 +/* 0x00f4 164 (14 14) */ sub %g1,%o2,%g1 +/* 0x00f8 (15 15) */ add %g1,%g5,%g5 +/* 0x00fc 167 (16 17) */ and %g5,%g3,%o2 +/* 0x0100 166 (16 24) */ ld [%o4-4],%g1 +/* 0x0104 167 (17 18) */ st %o2,[%o4-8] +/* 0x0108 168 (17 18) */ ble,pt %icc,.L900000605 ! tprob=0.50 +/* 0x010c (17 18) */ srax %g5,32,%g5 + .L900000608: /* frequency 8.0 confidence 0.0 */ +/* 0x0110 166 ( 0 3) */ ld [%o3],%g2 +/* 0x0114 164 ( 2 3) */ sub %g1,%g2,%g1 +/* 0x0118 ( 3 4) */ add %g1,%g5,%g1 +/* 0x011c 167 ( 4 5) */ and %g1,%g3,%g2 +/* 0x0120 ( 5 7) */ retl ! Result = +/* 0x0124 ( 6 7) */ st %g2,[%o4-4] + .L77000199: /* frequency 0.6 confidence 0.0 */ +/* 0x0128 166 ( 0 3) */ ld [%o4],%g1 + .L900000609: /* frequency 5.3 confidence 0.0 */ +/* 0x012c 166 ( 0 3) */ ld [%o3],%g2 +/* 0x0130 ( 0 1) */ add %g5,%g1,%g1 +/* 0x0134 168 ( 0 1) */ add %o5,1,%o5 +/* 0x0138 ( 1 2) */ add %o3,4,%o3 +/* 0x013c ( 1 2) */ cmp %o5,%g4 +/* 0x0140 166 ( 2 3) */ sub %g1,%g2,%g1 +/* 0x0144 167 ( 3 4) */ and %g1,%g3,%g2 +/* 0x0148 ( 3 4) */ st %g2,[%o4] +/* 0x014c 168 ( 3 4) */ add %o4,4,%o4 +/* 0x0150 ( 4 5) */ srax %g1,32,%g5 +/* 0x0154 ( 4 5) */ ble,a,pt %icc,.L900000609 ! tprob=0.84 +/* 0x0158 ( 4 7) */ ld [%o4],%g1 + .L77000191: /* frequency 1.0 confidence 0.0 */ +/* 0x015c ( 0 2) */ retl ! Result = +/* 0x0160 ( 1 2) */ nop +/* 0x0164 0 ( 0 0) */ .type adjust_montf_result,2 +/* 0x0164 ( 0 0) */ .size adjust_montf_result,(.-adjust_montf_result) + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .align 32 +! +! SUBROUTINE mont_mulf_noconv +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .global mont_mulf_noconv + mont_mulf_noconv: /* frequency 1.0 confidence 0.0 */ +/* 000000 ( 0 1) */ save %sp,-144,%sp +/* 0x0004 ( 1 2) */ st %i0,[%fp+68] + +! 169 ! } +! 170 ! } +! 171 !} +! 175 !void cleanup(double *dt, int from, int tlen); +! 177 !/* +! 178 !** the lengths of the input arrays should be at least the following: +! 179 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen] +! 180 !** all of them should be different from one another +! 181 !** +! 182 !*/ +! 183 !void mont_mulf_noconv(unsigned int *result, +! 184 ! double *dm1, double *dm2, double *dt, +! 185 ! double *dn, unsigned int *nint, +! 186 ! int nlen, double dn0) +! 187 !{ +! 188 ! int i, j, jj; +! 189 ! int tmp; +! 190 ! double digit, m2j, nextm2j, a, b; +! 191 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0; +! 193 ! pdm1=&(dm1[0]); +! 194 ! pdm2=&(dm2[0]); +! 195 ! pdn=&(dn[0]); +! 196 ! pdm2[2*nlen]=Zero; + +/* 0x0008 196 ( 1 2) */ sethi %hi(Zero),%g2 +/* 0x000c 187 ( 1 2) */ or %g0,%i2,%o1 +/* 0x0010 ( 2 3) */ st %i5,[%fp+88] +/* 0x0014 ( 2 3) */ or %g0,%i3,%o2 +/* 0x0018 196 ( 2 3) */ add %g2,%lo(Zero),%g4 +/* 0x001c ( 3 6) */ ldd [%g2+%lo(Zero)],%f2 +/* 0x0020 187 ( 3 4) */ or %g0,%o2,%g5 +/* 0x0024 196 ( 3 4) */ or %g0,%o1,%i0 +/* 0x0028 187 ( 4 5) */ or %g0,%i4,%i2 + +! 198 ! if (nlen!=16) +! 199 ! { +! 200 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero; +! 202 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 203 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); +! 205 ! pdtj=&(dt[0]); +! 206 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++) +! 207 ! { +! 208 ! m2j=pdm2[j]; +! 209 ! a=pdtj[0]+pdn[0]*digit; +! 210 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16; +! 211 ! pdtj[1]=b; +! 213 !#pragma pipeloop(0) +! 214 ! for(i=1;i<nlen;i++) +! 215 ! { +! 216 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 217 ! } +! 218 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;} +! 219 ! +! 220 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); +! 221 ! } +! 222 ! } +! 223 ! else +! 224 ! { +! 225 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 227 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]= +! 228 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]= +! 229 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]= +! 230 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]= +! 231 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]= +! 232 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]= +! 233 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]= +! 234 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]= +! 235 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]= +! 236 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]= +! 237 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero; +! 239 ! pdn_0=pdn[0]; +! 240 ! pdm1_0=pdm1[0]; +! 242 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); +! 243 ! pdtj=&(dt[0]); +! 245 ! for(j=0;j<32;j++,pdtj++) +! 246 ! { +! 248 ! m2j=pdm2[j]; +! 249 ! a=pdtj[0]+pdn_0*digit; +! 250 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16; +! 251 ! pdtj[1]=b; +! 253 ! /**** this loop will be fully unrolled: +! 254 ! for(i=1;i<16;i++) +! 255 ! { +! 256 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 257 ! } +! 258 ! *************************************/ +! 259 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit; +! 260 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit; +! 261 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit; +! 262 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit; +! 263 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit; +! 264 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit; +! 265 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit; +! 266 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit; +! 267 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit; +! 268 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit; +! 269 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit; +! 270 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit; +! 271 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit; +! 272 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit; +! 273 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit; +! 274 ! /* no need for cleenup, cannot overflow */ +! 275 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); +! 276 ! } +! 277 ! } +! 279 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1); +! 281 ! adjust_montf_result(result,nint,nlen); + +/* 0x002c 281 ( 4 5) */ or %g0,1,%o4 +/* 0x0030 187 ( 6 9) */ ldd [%fp+96],%f0 +/* 0x0034 196 ( 7 10) */ ld [%fp+92],%o0 +/* 0x0038 187 ( 8 9) */ fmovd %f0,%f16 +/* 0x003c 196 ( 9 10) */ sll %o0,4,%g2 +/* 0x0040 ( 9 10) */ or %g0,%o0,%g1 +/* 0x0044 198 (10 11) */ cmp %o0,16 +/* 0x0048 (10 11) */ be,pn %icc,.L77000289 ! tprob=0.50 +/* 0x004c (10 11) */ std %f2,[%o1+%g2] +/* 0x0050 200 (11 12) */ sll %o0,2,%g2 +/* 0x0054 (11 14) */ ldd [%g4],%f2 +/* 0x0058 (12 13) */ add %g2,2,%o1 +/* 0x005c (12 13) */ add %g2,1,%o3 +/* 0x0060 196 (13 14) */ sll %o0,1,%o7 +/* 0x0064 200 (13 14) */ cmp %o1,0 +/* 0x0068 (13 14) */ ble,a,pt %icc,.L900000755 ! tprob=0.55 +/* 0x006c (14 17) */ ldd [%i1],%f0 +/* 0x0070 (14 15) */ cmp %o1,3 +/* 0x0074 281 (14 15) */ or %g0,1,%o1 +/* 0x0078 (14 15) */ bl,pn %icc,.L77000279 ! tprob=0.40 +/* 0x007c (15 16) */ add %o2,8,%o0 +/* 0x0080 (15 16) */ std %f2,[%g5] +/* 0x0084 0 (16 17) */ or %g0,%o0,%o2 + .L900000726: /* frequency 64.0 confidence 0.0 */ +/* 0x0088 ( 3 5) */ ldd [%g4],%f0 +/* 0x008c ( 3 4) */ add %o4,1,%o4 +/* 0x0090 ( 3 4) */ add %o2,8,%o2 +/* 0x0094 ( 4 4) */ cmp %o4,%o3 +/* 0x0098 ( 5 6) */ ble,pt %icc,.L900000726 ! tprob=0.50 +/* 0x009c ( 5 6) */ std %f0,[%o2-8] + .L900000729: /* frequency 8.0 confidence 0.0 */ +/* 0x00a0 ( 0 1) */ ba .L900000755 ! tprob=1.00 +/* 0x00a4 ( 0 3) */ ldd [%i1],%f0 + .L77000279: /* frequency 0.6 confidence 0.0 */ +/* 0x00a8 ( 0 1) */ std %f2,[%o2] + .L900000754: /* frequency 5.3 confidence 0.0 */ +/* 0x00ac ( 0 3) */ ldd [%g4],%f2 +/* 0x00b0 ( 0 1) */ cmp %o1,%o3 +/* 0x00b4 ( 0 1) */ add %o2,8,%o2 +/* 0x00b8 ( 1 2) */ add %o1,1,%o1 +/* 0x00bc ( 1 2) */ ble,a,pt %icc,.L900000754 ! tprob=0.87 +/* 0x00c0 ( 3 4) */ std %f2,[%o2] + .L77000284: /* frequency 0.8 confidence 0.0 */ +/* 0x00c4 202 ( 0 3) */ ldd [%i1],%f0 + .L900000755: /* frequency 0.8 confidence 0.0 */ +/* 0x00c8 202 ( 0 3) */ ldd [%i0],%f2 +/* 0x00cc ( 0 1) */ add %o7,1,%o2 +/* 0x00d0 206 ( 0 1) */ cmp %o7,0 +/* 0x00d4 ( 1 2) */ sll %o2,1,%o0 +/* 0x00d8 ( 1 2) */ sub %o7,1,%o1 +/* 0x00dc 202 ( 2 5) */ fmuld %f0,%f2,%f0 +/* 0x00e0 ( 2 3) */ std %f0,[%g5] +/* 0x00e4 ( 2 3) */ sub %g1,1,%o7 +/* 0x00e8 ( 3 6) */ ldd [%g4],%f6 +/* 0x00ec 0 ( 3 4) */ or %g0,%o7,%g3 +/* 0x00f0 ( 3 4) */ or %g0,0,%l0 +/* 0x00f4 ( 4 7) */ ldd [%g4-8],%f2 +/* 0x00f8 ( 4 5) */ or %g0,0,%i5 +/* 0x00fc ( 4 5) */ or %g0,%o1,%o5 +/* 0x0100 ( 5 8) */ fdtox %f0,%f0 +/* 0x0104 ( 5 8) */ ldd [%g4-16],%f4 +/* 0x0108 ( 5 6) */ or %g0,%o0,%o3 +/* 0x010c 210 ( 6 7) */ add %i0,8,%o4 +/* 0x0110 ( 6 7) */ or %g0,0,%i4 +/* 0x0114 ( 9 10) */ fmovs %f6,%f0 +/* 0x0118 (11 14) */ fxtod %f0,%f0 +/* 0x011c 203 (14 17) */ fmuld %f0,%f16,%f0 +/* 0x0120 (17 20) */ fmuld %f0,%f2,%f2 +/* 0x0124 (20 23) */ fdtox %f2,%f2 +/* 0x0128 (23 26) */ fxtod %f2,%f2 +/* 0x012c (26 29) */ fmuld %f2,%f4,%f2 +/* 0x0130 (29 32) */ fsubd %f0,%f2,%f22 +/* 0x0134 206 (29 30) */ ble,pt %icc,.L900000748 ! tprob=0.60 +/* 0x0138 (29 30) */ sll %g1,4,%g2 +/* 0x013c 210 (30 33) */ ldd [%i2],%f0 + .L900000749: /* frequency 5.3 confidence 0.0 */ +/* 0x0140 210 ( 0 3) */ fmuld %f0,%f22,%f8 +/* 0x0144 ( 0 3) */ ldd [%i1],%f0 +/* 0x0148 214 ( 0 1) */ cmp %g1,1 +/* 0x014c 210 ( 1 4) */ ldd [%o4+%i4],%f6 +/* 0x0150 ( 1 2) */ add %i1,8,%o0 +/* 0x0154 214 ( 1 2) */ or %g0,1,%o1 +/* 0x0158 210 ( 2 5) */ ldd [%i3],%f2 +/* 0x015c ( 2 3) */ add %i3,16,%l1 +/* 0x0160 ( 3 6) */ fmuld %f0,%f6,%f6 +/* 0x0164 ( 3 6) */ ldd [%g4-8],%f4 +/* 0x0168 ( 4 7) */ faddd %f2,%f8,%f2 +/* 0x016c ( 4 7) */ ldd [%i3+8],%f0 +/* 0x0170 208 ( 5 8) */ ldd [%i0+%i4],%f20 +/* 0x0174 210 ( 6 9) */ faddd %f0,%f6,%f0 +/* 0x0178 ( 7 10) */ fmuld %f2,%f4,%f2 +/* 0x017c (10 13) */ faddd %f0,%f2,%f18 +/* 0x0180 211 (10 11) */ std %f18,[%i3+8] +/* 0x0184 214 (10 11) */ ble,pt %icc,.L900000753 ! tprob=0.54 +/* 0x0188 (11 12) */ srl %i5,31,%g2 +/* 0x018c (11 12) */ cmp %g3,7 +/* 0x0190 210 (12 13) */ add %i2,8,%g2 +/* 0x0194 214 (12 13) */ bl,pn %icc,.L77000281 ! tprob=0.36 +/* 0x0198 (13 14) */ add %g2,24,%o2 +/* 0x019c 216 (13 16) */ ldd [%o0+16],%f14 +/* 0x01a0 (13 14) */ add %i3,48,%l1 +/* 0x01a4 (14 17) */ ldd [%o0+24],%f12 +/* 0x01a8 0 (14 15) */ or %g0,%o2,%g2 +/* 0x01ac 214 (14 15) */ sub %g1,3,%o2 +/* 0x01b0 216 (15 18) */ ldd [%o0],%f2 +/* 0x01b4 (15 16) */ or %g0,5,%o1 +/* 0x01b8 (16 19) */ ldd [%g2-24],%f0 +/* 0x01bc (17 20) */ ldd [%o0+8],%f6 +/* 0x01c0 (17 20) */ fmuld %f2,%f20,%f2 +/* 0x01c4 (17 18) */ add %o0,32,%o0 +/* 0x01c8 (18 21) */ ldd [%g2-16],%f8 +/* 0x01cc (18 21) */ fmuld %f0,%f22,%f4 +/* 0x01d0 (19 22) */ ldd [%i3+16],%f0 +/* 0x01d4 (19 22) */ fmuld %f6,%f20,%f10 +/* 0x01d8 (20 23) */ ldd [%g2-8],%f6 +/* 0x01dc (21 24) */ faddd %f2,%f4,%f4 +/* 0x01e0 (21 24) */ ldd [%i3+32],%f2 + .L900000738: /* frequency 512.0 confidence 0.0 */ +/* 0x01e4 216 (16 24) */ ldd [%g2],%f24 +/* 0x01e8 (16 17) */ add %o1,3,%o1 +/* 0x01ec (16 17) */ add %g2,24,%g2 +/* 0x01f0 (16 19) */ fmuld %f8,%f22,%f8 +/* 0x01f4 (17 25) */ ldd [%l1],%f28 +/* 0x01f8 (17 17) */ cmp %o1,%o2 +/* 0x01fc (17 18) */ add %o0,24,%o0 +/* 0x0200 (18 26) */ ldd [%o0-24],%f26 +/* 0x0204 (18 21) */ faddd %f0,%f4,%f0 +/* 0x0208 (18 19) */ add %l1,48,%l1 +/* 0x020c (19 22) */ faddd %f10,%f8,%f10 +/* 0x0210 (19 22) */ fmuld %f14,%f20,%f4 +/* 0x0214 (19 20) */ std %f0,[%l1-80] +/* 0x0218 (20 28) */ ldd [%g2-16],%f8 +/* 0x021c (20 23) */ fmuld %f6,%f22,%f6 +/* 0x0220 (21 29) */ ldd [%l1-32],%f0 +/* 0x0224 (22 30) */ ldd [%o0-16],%f14 +/* 0x0228 (22 25) */ faddd %f2,%f10,%f2 +/* 0x022c (23 26) */ faddd %f4,%f6,%f10 +/* 0x0230 (23 26) */ fmuld %f12,%f20,%f4 +/* 0x0234 (23 24) */ std %f2,[%l1-64] +/* 0x0238 (24 32) */ ldd [%g2-8],%f6 +/* 0x023c (24 27) */ fmuld %f24,%f22,%f24 +/* 0x0240 (25 33) */ ldd [%l1-16],%f2 +/* 0x0244 (26 34) */ ldd [%o0-8],%f12 +/* 0x0248 (26 29) */ faddd %f28,%f10,%f10 +/* 0x024c (27 28) */ std %f10,[%l1-48] +/* 0x0250 (27 30) */ fmuld %f26,%f20,%f10 +/* 0x0254 (27 28) */ ble,pt %icc,.L900000738 ! tprob=0.50 +/* 0x0258 (27 30) */ faddd %f4,%f24,%f4 + .L900000741: /* frequency 64.0 confidence 0.0 */ +/* 0x025c 216 ( 0 3) */ fmuld %f8,%f22,%f28 +/* 0x0260 ( 0 3) */ ldd [%g2],%f24 +/* 0x0264 ( 0 3) */ faddd %f0,%f4,%f26 +/* 0x0268 ( 1 4) */ fmuld %f12,%f20,%f8 +/* 0x026c ( 1 2) */ add %l1,32,%l1 +/* 0x0270 ( 1 2) */ cmp %o1,%g3 +/* 0x0274 ( 2 5) */ fmuld %f14,%f20,%f14 +/* 0x0278 ( 2 5) */ ldd [%l1-32],%f4 +/* 0x027c ( 2 3) */ add %g2,8,%g2 +/* 0x0280 ( 3 6) */ faddd %f10,%f28,%f12 +/* 0x0284 ( 3 6) */ fmuld %f6,%f22,%f6 +/* 0x0288 ( 3 6) */ ldd [%l1-16],%f0 +/* 0x028c ( 4 7) */ fmuld %f24,%f22,%f10 +/* 0x0290 ( 4 5) */ std %f26,[%l1-64] +/* 0x0294 ( 6 9) */ faddd %f2,%f12,%f2 +/* 0x0298 ( 6 7) */ std %f2,[%l1-48] +/* 0x029c ( 7 10) */ faddd %f14,%f6,%f6 +/* 0x02a0 ( 8 11) */ faddd %f8,%f10,%f2 +/* 0x02a4 (10 13) */ faddd %f4,%f6,%f4 +/* 0x02a8 (10 11) */ std %f4,[%l1-32] +/* 0x02ac (11 14) */ faddd %f0,%f2,%f0 +/* 0x02b0 (11 12) */ bg,pn %icc,.L77000213 ! tprob=0.13 +/* 0x02b4 (11 12) */ std %f0,[%l1-16] + .L77000281: /* frequency 4.0 confidence 0.0 */ +/* 0x02b8 216 ( 0 3) */ ldd [%o0],%f0 + .L900000752: /* frequency 36.6 confidence 0.0 */ +/* 0x02bc 216 ( 0 3) */ ldd [%g2],%f4 +/* 0x02c0 ( 0 3) */ fmuld %f0,%f20,%f2 +/* 0x02c4 ( 0 1) */ add %o1,1,%o1 +/* 0x02c8 ( 1 4) */ ldd [%l1],%f0 +/* 0x02cc ( 1 2) */ add %o0,8,%o0 +/* 0x02d0 ( 1 2) */ add %g2,8,%g2 +/* 0x02d4 ( 2 5) */ fmuld %f4,%f22,%f4 +/* 0x02d8 ( 2 3) */ cmp %o1,%g3 +/* 0x02dc ( 5 8) */ faddd %f2,%f4,%f2 +/* 0x02e0 ( 8 11) */ faddd %f0,%f2,%f0 +/* 0x02e4 ( 8 9) */ std %f0,[%l1] +/* 0x02e8 ( 8 9) */ add %l1,16,%l1 +/* 0x02ec ( 8 9) */ ble,a,pt %icc,.L900000752 ! tprob=0.87 +/* 0x02f0 (10 13) */ ldd [%o0],%f0 + .L77000213: /* frequency 5.3 confidence 0.0 */ +/* 0x02f4 ( 0 1) */ srl %i5,31,%g2 + .L900000753: /* frequency 5.3 confidence 0.0 */ +/* 0x02f8 218 ( 0 1) */ cmp %l0,30 +/* 0x02fc ( 0 1) */ bne,a,pt %icc,.L900000751 ! tprob=0.54 +/* 0x0300 ( 0 3) */ fdtox %f18,%f0 +/* 0x0304 ( 1 2) */ add %i5,%g2,%g2 +/* 0x0308 ( 1 2) */ sub %o3,1,%o2 +/* 0x030c ( 2 3) */ sra %g2,1,%o0 +/* 0x0310 216 ( 2 5) */ ldd [%g4],%f0 +/* 0x0314 ( 3 4) */ add %o0,1,%g2 +/* 0x0318 ( 4 5) */ sll %g2,1,%o0 +/* 0x031c ( 4 5) */ fmovd %f0,%f2 +/* 0x0320 ( 5 6) */ sll %g2,4,%o1 +/* 0x0324 ( 5 6) */ cmp %o0,%o3 +/* 0x0328 ( 5 6) */ bge,pt %icc,.L77000215 ! tprob=0.53 +/* 0x032c ( 6 7) */ or %g0,0,%l0 +/* 0x0330 218 ( 6 7) */ add %g5,%o1,%o1 +/* 0x0334 216 ( 7 10) */ ldd [%o1],%f8 + .L900000750: /* frequency 32.0 confidence 0.0 */ +/* 0x0338 ( 0 3) */ fdtox %f8,%f6 +/* 0x033c ( 0 3) */ ldd [%g4],%f10 +/* 0x0340 ( 0 1) */ add %o0,2,%o0 +/* 0x0344 ( 1 4) */ ldd [%o1+8],%f4 +/* 0x0348 ( 1 4) */ fdtox %f8,%f8 +/* 0x034c ( 1 2) */ cmp %o0,%o2 +/* 0x0350 ( 5 6) */ fmovs %f10,%f6 +/* 0x0354 ( 7 10) */ fxtod %f6,%f10 +/* 0x0358 ( 8 11) */ fdtox %f4,%f6 +/* 0x035c ( 9 12) */ fdtox %f4,%f4 +/* 0x0360 (10 13) */ faddd %f10,%f2,%f2 +/* 0x0364 (10 11) */ std %f2,[%o1] +/* 0x0368 (12 15) */ ldd [%g4],%f2 +/* 0x036c (14 15) */ fmovs %f2,%f6 +/* 0x0370 (16 19) */ fxtod %f6,%f6 +/* 0x0374 (17 20) */ fitod %f8,%f2 +/* 0x0378 (19 22) */ faddd %f6,%f0,%f0 +/* 0x037c (19 20) */ std %f0,[%o1+8] +/* 0x0380 (19 20) */ add %o1,16,%o1 +/* 0x0384 (20 23) */ fitod %f4,%f0 +/* 0x0388 (20 21) */ ble,a,pt %icc,.L900000750 ! tprob=0.87 +/* 0x038c (20 23) */ ldd [%o1],%f8 + .L77000233: /* frequency 4.6 confidence 0.0 */ +/* 0x0390 ( 0 0) */ or %g0,0,%l0 + .L77000215: /* frequency 5.3 confidence 0.0 */ +/* 0x0394 ( 0 3) */ fdtox %f18,%f0 + .L900000751: /* frequency 5.3 confidence 0.0 */ +/* 0x0398 ( 0 3) */ ldd [%g4],%f6 +/* 0x039c 220 ( 0 1) */ add %i5,1,%i5 +/* 0x03a0 ( 0 1) */ add %i4,8,%i4 +/* 0x03a4 ( 1 4) */ ldd [%g4-8],%f2 +/* 0x03a8 ( 1 2) */ add %l0,1,%l0 +/* 0x03ac ( 1 2) */ add %i3,8,%i3 +/* 0x03b0 ( 2 3) */ fmovs %f6,%f0 +/* 0x03b4 ( 2 5) */ ldd [%g4-16],%f4 +/* 0x03b8 ( 2 3) */ cmp %i5,%o5 +/* 0x03bc ( 4 7) */ fxtod %f0,%f0 +/* 0x03c0 ( 7 10) */ fmuld %f0,%f16,%f0 +/* 0x03c4 (10 13) */ fmuld %f0,%f2,%f2 +/* 0x03c8 (13 16) */ fdtox %f2,%f2 +/* 0x03cc (16 19) */ fxtod %f2,%f2 +/* 0x03d0 (19 22) */ fmuld %f2,%f4,%f2 +/* 0x03d4 (22 25) */ fsubd %f0,%f2,%f22 +/* 0x03d8 (22 23) */ ble,a,pt %icc,.L900000749 ! tprob=0.89 +/* 0x03dc (22 25) */ ldd [%i2],%f0 + .L900000725: /* frequency 0.7 confidence 0.0 */ +/* 0x03e0 220 ( 0 1) */ ba .L900000748 ! tprob=1.00 +/* 0x03e4 ( 0 1) */ sll %g1,4,%g2 + + + .L77000289: /* frequency 0.8 confidence 0.0 */ +/* 0x03e8 225 ( 0 3) */ ldd [%o1],%f6 +/* 0x03ec 242 ( 0 1) */ add %g4,-8,%g2 +/* 0x03f0 ( 0 1) */ add %g4,-16,%g3 +/* 0x03f4 225 ( 1 4) */ ldd [%i1],%f2 +/* 0x03f8 245 ( 1 2) */ or %g0,0,%o3 +/* 0x03fc ( 1 2) */ or %g0,0,%o0 +/* 0x0400 225 ( 3 6) */ fmuld %f2,%f6,%f2 +/* 0x0404 ( 3 4) */ std %f2,[%o2] +/* 0x0408 ( 4 7) */ ldd [%g4],%f6 +/* 0x040c 237 ( 7 8) */ std %f6,[%o2+8] +/* 0x0410 ( 8 9) */ std %f6,[%o2+16] +/* 0x0414 ( 9 10) */ std %f6,[%o2+24] +/* 0x0418 (10 11) */ std %f6,[%o2+32] +/* 0x041c (11 12) */ std %f6,[%o2+40] +/* 0x0420 (12 13) */ std %f6,[%o2+48] +/* 0x0424 (13 14) */ std %f6,[%o2+56] +/* 0x0428 (14 15) */ std %f6,[%o2+64] +/* 0x042c (15 16) */ std %f6,[%o2+72] +! prefetch [%i4],0 +! prefetch [%i4+32],0 +! prefetch [%i4+64],0 +! prefetch [%i4+96],0 +! prefetch [%i4+120],0 +! prefetch [%i1],0 +! prefetch [%i1+32],0 +! prefetch [%i1+64],0 +! prefetch [%i1+96],0 +! prefetch [%i1+120],0 +/* 0x0430 (16 17) */ std %f6,[%o2+80] +/* 0x0434 (17 18) */ std %f6,[%o2+88] +/* 0x0438 (18 19) */ std %f6,[%o2+96] +/* 0x043c (19 20) */ std %f6,[%o2+104] +/* 0x0440 (20 21) */ std %f6,[%o2+112] +/* 0x0444 (21 22) */ std %f6,[%o2+120] +/* 0x0448 (22 23) */ std %f6,[%o2+128] +/* 0x044c (23 24) */ std %f6,[%o2+136] +/* 0x0450 (24 25) */ std %f6,[%o2+144] +/* 0x0454 (25 26) */ std %f6,[%o2+152] +/* 0x0458 (26 27) */ std %f6,[%o2+160] +/* 0x045c (27 28) */ std %f6,[%o2+168] +/* 0x0460 (27 30) */ fdtox %f2,%f2 +/* 0x0464 (28 29) */ std %f6,[%o2+176] +/* 0x0468 (29 30) */ std %f6,[%o2+184] +/* 0x046c (30 31) */ std %f6,[%o2+192] +/* 0x0470 (31 32) */ std %f6,[%o2+200] +/* 0x0474 (32 33) */ std %f6,[%o2+208] +/* 0x0478 (33 34) */ std %f6,[%o2+216] +/* 0x047c (34 35) */ std %f6,[%o2+224] +/* 0x0480 (35 36) */ std %f6,[%o2+232] +/* 0x0484 (36 37) */ std %f6,[%o2+240] +/* 0x0488 (37 38) */ std %f6,[%o2+248] +/* 0x048c (38 39) */ std %f6,[%o2+256] +/* 0x0490 (39 40) */ std %f6,[%o2+264] +/* 0x0494 (40 41) */ std %f6,[%o2+272] +/* 0x0498 (41 42) */ std %f6,[%o2+280] +/* 0x049c (42 43) */ std %f6,[%o2+288] +/* 0x04a0 (43 44) */ std %f6,[%o2+296] +/* 0x04a4 (44 45) */ std %f6,[%o2+304] +/* 0x04a8 (45 46) */ std %f6,[%o2+312] +/* 0x04ac (46 47) */ std %f6,[%o2+320] +/* 0x04b0 (47 48) */ std %f6,[%o2+328] +/* 0x04b4 (48 49) */ std %f6,[%o2+336] +/* 0x04b8 (49 50) */ std %f6,[%o2+344] +/* 0x04bc (50 51) */ std %f6,[%o2+352] +/* 0x04c0 (51 52) */ std %f6,[%o2+360] +/* 0x04c4 (52 53) */ std %f6,[%o2+368] +/* 0x04c8 (53 54) */ std %f6,[%o2+376] +/* 0x04cc (54 55) */ std %f6,[%o2+384] +/* 0x04d0 (55 56) */ std %f6,[%o2+392] +/* 0x04d4 (56 57) */ std %f6,[%o2+400] +/* 0x04d8 (57 58) */ std %f6,[%o2+408] +/* 0x04dc (58 59) */ std %f6,[%o2+416] +/* 0x04e0 (59 60) */ std %f6,[%o2+424] +/* 0x04e4 (60 61) */ std %f6,[%o2+432] +/* 0x04e8 (61 62) */ std %f6,[%o2+440] +/* 0x04ec (62 63) */ std %f6,[%o2+448] +/* 0x04f0 (63 64) */ std %f6,[%o2+456] +/* 0x04f4 (64 65) */ std %f6,[%o2+464] +/* 0x04f8 (65 66) */ std %f6,[%o2+472] +/* 0x04fc (66 67) */ std %f6,[%o2+480] +/* 0x0500 (67 68) */ std %f6,[%o2+488] +/* 0x0504 (68 69) */ std %f6,[%o2+496] +/* 0x0508 (69 70) */ std %f6,[%o2+504] +/* 0x050c (70 71) */ std %f6,[%o2+512] +/* 0x0510 (71 72) */ std %f6,[%o2+520] +/* 0x0514 242 (72 75) */ ld [%g4],%f2 ! dalign +/* 0x0518 (73 76) */ ld [%g2],%f6 ! dalign +/* 0x051c (74 77) */ fxtod %f2,%f10 +/* 0x0520 (74 77) */ ld [%g2+4],%f7 +/* 0x0524 (75 78) */ ld [%g3],%f8 ! dalign +/* 0x0528 (76 79) */ ld [%g3+4],%f9 +/* 0x052c (77 80) */ fmuld %f10,%f0,%f0 +/* 0x0530 239 (77 80) */ ldd [%i4],%f4 +/* 0x0534 240 (78 81) */ ldd [%i1],%f2 +/* 0x0538 (80 83) */ fmuld %f0,%f6,%f6 +/* 0x053c (83 86) */ fdtox %f6,%f6 +/* 0x0540 (86 89) */ fxtod %f6,%f6 +/* 0x0544 (89 92) */ fmuld %f6,%f8,%f6 +/* 0x0548 (92 95) */ fsubd %f0,%f6,%f0 +/* 0x054c 250 (95 98) */ fmuld %f4,%f0,%f10 + .L900000747: /* frequency 6.4 confidence 0.0 */ + + + fmovd %f0,%f0 + fmovd %f16,%f18 + ldd [%i4],%f2 + ldd [%o2],%f8 + ldd [%i1],%f10 + ldd [%g4-8],%f14 + ldd [%g4-16],%f16 + ldd [%o1],%f24 + + ldd [%i1+8],%f26 + ldd [%i1+16],%f40 + ldd [%i1+48],%f46 + ldd [%i1+56],%f30 + ldd [%i1+64],%f54 + ldd [%i1+104],%f34 + ldd [%i1+112],%f58 + + ldd [%i4+112],%f60 + ldd [%i4+8],%f28 + ldd [%i4+104],%f38 + + nop + nop +! + .L99999999: +!1 +!!! + ldd [%i1+24],%f32 + fmuld %f0,%f2,%f4 +!2 +!!! + ldd [%i4+24],%f36 + fmuld %f26,%f24,%f20 +!3 +!!! + ldd [%i1+40],%f42 + fmuld %f28,%f0,%f22 +!4 +!!! + ldd [%i4+40],%f44 + fmuld %f32,%f24,%f32 +!5 +!!! + ldd [%o1+8],%f6 + faddd %f4,%f8,%f4 + fmuld %f36,%f0,%f36 +!6 +!!! + add %o1,8,%o1 + ldd [%i4+56],%f50 + fmuld %f42,%f24,%f42 +!7 +!!! + ldd [%i1+72],%f52 + faddd %f20,%f22,%f20 + fmuld %f44,%f0,%f44 +!8 +!!! + ldd [%o2+16],%f22 + fmuld %f10,%f6,%f12 +!9 +!!! + ldd [%i4+72],%f56 + faddd %f32,%f36,%f32 + fmuld %f14,%f4,%f4 +!10 +!!! + ldd [%o2+48],%f36 + fmuld %f30,%f24,%f48 +!11 +!!! + ldd [%o2+8],%f8 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 +!12 +!!! + std %f20,[%o2+16] + faddd %f42,%f44,%f42 + fmuld %f52,%f24,%f52 +!13 +!!! + ldd [%o2+80],%f44 + faddd %f4,%f12,%f4 + fmuld %f56,%f0,%f56 +!14 +!!! + ldd [%i1+88],%f20 + faddd %f32,%f36,%f32 +!15 +!!! + ldd [%i4+88],%f22 + faddd %f48,%f50,%f48 +!16 +!!! + ldd [%o2+112],%f50 + faddd %f52,%f56,%f52 +!17 +!!! + ldd [%o2+144],%f56 + faddd %f4,%f8,%f8 + fmuld %f20,%f24,%f20 +!18 +!!! + std %f32,[%o2+48] + faddd %f42,%f44,%f42 + fmuld %f22,%f0,%f22 +!19 +!!! + std %f42,[%o2+80] + faddd %f48,%f50,%f48 + fmuld %f34,%f24,%f32 +!20 +!!! + std %f48,[%o2+112] + faddd %f52,%f56,%f52 + fmuld %f38,%f0,%f36 +!21 +!!! + ldd [%i1+120],%f42 + fdtox %f8,%f4 +!22 +!!! + std %f52,[%o2+144] + faddd %f20,%f22,%f20 +!23 +!!! + ldd [%i4+120],%f44 +!24 +!!! + ldd [%o2+176],%f22 + faddd %f32,%f36,%f32 + fmuld %f42,%f24,%f42 +!25 +!!! + ldd [%i4+16],%f50 + fmovs %f17,%f4 +!26 +!!! + ldd [%i1+32],%f52 + fmuld %f44,%f0,%f44 +!27 +!!! + ldd [%i4+32],%f56 + fmuld %f40,%f24,%f48 +!28 +!!! + ldd [%o2+208],%f36 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 +!29 +!!! + std %f20,[%o2+176] + fxtod %f4,%f4 + fmuld %f52,%f24,%f52 +!30 +!!! + ldd [%i4+48],%f22 + faddd %f42,%f44,%f42 + fmuld %f56,%f0,%f56 +!31 +!!! + ldd [%o2+240],%f44 + faddd %f32,%f36,%f32 +!32 +!!! + std %f32,[%o2+208] + faddd %f48,%f50,%f48 + fmuld %f46,%f24,%f20 +!33 +!!! + ldd [%o2+32],%f50 + fmuld %f4,%f18,%f12 +!34 +!!! + ldd [%i4+64],%f36 + faddd %f52,%f56,%f52 + fmuld %f22,%f0,%f22 +!35 +!!! + ldd [%o2+64],%f56 + faddd %f42,%f44,%f42 +!36 +!!! + std %f42,[%o2+240] + faddd %f48,%f50,%f48 + fmuld %f54,%f24,%f32 +!37 +!!! + std %f48,[%o2+32] + fmuld %f12,%f14,%f4 +!38 +!!! + ldd [%i1+80],%f42 + faddd %f52,%f56,%f56 ! yes, tmp52! + fmuld %f36,%f0,%f36 +!39 +!!! + ldd [%i4+80],%f44 + faddd %f20,%f22,%f20 +!40 +!!! + ldd [%i1+96],%f48 + fmuld %f58,%f24,%f52 +!41 +!!! + ldd [%i4+96],%f50 + fdtox %f4,%f4 + fmuld %f42,%f24,%f42 +!42 +!!! + std %f56,[%o2+64] ! yes, tmp52! + faddd %f32,%f36,%f32 + fmuld %f44,%f0,%f44 +!43 +!!! + ldd [%o2+96],%f22 + fmuld %f48,%f24,%f48 +!44 +!!! + ldd [%o2+128],%f36 + fmovd %f6,%f24 + fmuld %f50,%f0,%f50 +!45 +!!! + fxtod %f4,%f4 + fmuld %f60,%f0,%f56 +!46 +!!! + add %o2,8,%o2 + faddd %f42,%f44,%f42 +!47 +!!! + ldd [%o2+160-8],%f44 + faddd %f20,%f22,%f20 +!48 +!!! + std %f20,[%o2+96-8] + faddd %f48,%f50,%f48 +!49 +!!! + ldd [%o2+192-8],%f50 + faddd %f52,%f56,%f52 + fmuld %f4,%f16,%f4 +!50 +!!! + ldd [%o2+224-8],%f56 + faddd %f32,%f36,%f32 +!51 +!!! + std %f32,[%o2+128-8] + faddd %f42,%f44,%f42 +!52 + add %o3,1,%o3 + std %f42,[%o2+160-8] + faddd %f48,%f50,%f48 +!53 +!!! + cmp %o3,31 + std %f48,[%o2+192-8] + faddd %f52,%f56,%f52 +!54 + std %f52,[%o2+224-8] + ble,pt %icc,.L99999999 + fsubd %f12,%f4,%f0 + + + +!55 + std %f8,[%o2] + + + + + + + .L77000285: /* frequency 1.0 confidence 0.0 */ +/* 0x07a8 279 ( 0 1) */ sll %g1,4,%g2 + .L900000748: /* frequency 1.0 confidence 0.0 */ +/* 0x07ac 279 ( 0 3) */ ldd [%g5+%g2],%f0 +/* 0x07b0 ( 0 1) */ add %g5,%g2,%i1 +/* 0x07b4 ( 0 1) */ or %g0,0,%o4 +/* 0x07b8 206 ( 1 4) */ ld [%fp+68],%o0 +/* 0x07bc 279 ( 1 2) */ or %g0,0,%i0 +/* 0x07c0 ( 1 2) */ cmp %g1,0 +/* 0x07c4 ( 2 5) */ fdtox %f0,%f0 +/* 0x07c8 ( 2 3) */ std %f0,[%sp+120] +/* 0x07cc 275 ( 2 3) */ sethi %hi(0xfc00),%o1 +/* 0x07d0 206 ( 3 4) */ or %g0,%o0,%o3 +/* 0x07d4 275 ( 3 4) */ sub %g1,1,%g4 +/* 0x07d8 279 ( 4 7) */ ldd [%i1+8],%f0 +/* 0x07dc ( 4 5) */ or %g0,%o0,%g5 +/* 0x07e0 ( 4 5) */ add %o1,1023,%o1 +/* 0x07e4 ( 6 9) */ fdtox %f0,%f0 +/* 0x07e8 ( 6 7) */ std %f0,[%sp+112] +/* 0x07ec (10 12) */ ldx [%sp+112],%o5 +/* 0x07f0 (11 13) */ ldx [%sp+120],%o7 +/* 0x07f4 (11 12) */ ble,pt %icc,.L900000746 ! tprob=0.56 +/* 0x07f8 (11 12) */ sethi %hi(0xfc00),%g2 +/* 0x07fc 275 (12 13) */ or %g0,-1,%g2 +/* 0x0800 279 (12 13) */ cmp %g1,3 +/* 0x0804 275 (13 14) */ srl %g2,0,%o2 +/* 0x0808 279 (13 14) */ bl,pn %icc,.L77000286 ! tprob=0.44 +/* 0x080c (13 14) */ or %g0,%i1,%g2 +/* 0x0810 (14 17) */ ldd [%i1+16],%f0 +/* 0x0814 (14 15) */ and %o5,%o1,%o0 +/* 0x0818 (14 15) */ add %i1,16,%g2 +/* 0x081c (15 16) */ sllx %o0,16,%g3 +/* 0x0820 (15 16) */ and %o7,%o2,%o0 +/* 0x0824 (16 19) */ fdtox %f0,%f0 +/* 0x0828 (16 17) */ std %f0,[%sp+104] +/* 0x082c (16 17) */ add %o0,%g3,%o4 +/* 0x0830 (17 20) */ ldd [%i1+24],%f2 +/* 0x0834 (17 18) */ srax %o5,16,%o0 +/* 0x0838 (17 18) */ add %o3,4,%g5 +/* 0x083c (18 19) */ stx %o0,[%sp+128] +/* 0x0840 (18 19) */ and %o4,%o2,%o0 +/* 0x0844 (18 19) */ or %g0,1,%i0 +/* 0x0848 (19 20) */ stx %o0,[%sp+112] +/* 0x084c (19 20) */ srax %o4,32,%o0 +/* 0x0850 (19 22) */ fdtox %f2,%f0 +/* 0x0854 (20 21) */ stx %o0,[%sp+136] +/* 0x0858 (20 21) */ srax %o7,32,%o4 +/* 0x085c (21 22) */ std %f0,[%sp+96] +/* 0x0860 (22 24) */ ldx [%sp+136],%o7 +/* 0x0864 (23 25) */ ldx [%sp+128],%o0 +/* 0x0868 (25 27) */ ldx [%sp+104],%g3 +/* 0x086c (25 26) */ add %o0,%o7,%o0 +/* 0x0870 (26 28) */ ldx [%sp+112],%o7 +/* 0x0874 (26 27) */ add %o4,%o0,%o4 +/* 0x0878 (27 29) */ ldx [%sp+96],%o5 +/* 0x087c (28 29) */ st %o7,[%o3] +/* 0x0880 (28 29) */ or %g0,%g3,%o7 + .L900000730: /* frequency 64.0 confidence 0.0 */ +/* 0x0884 (17 19) */ ldd [%g2+16],%f0 +/* 0x0888 (17 18) */ add %i0,1,%i0 +/* 0x088c (17 18) */ add %g5,4,%g5 +/* 0x0890 (18 18) */ cmp %i0,%g4 +/* 0x0894 (18 19) */ add %g2,16,%g2 +/* 0x0898 (19 22) */ fdtox %f0,%f0 +/* 0x089c (20 21) */ std %f0,[%sp+104] +/* 0x08a0 (21 23) */ ldd [%g2+8],%f0 +/* 0x08a4 (23 26) */ fdtox %f0,%f0 +/* 0x08a8 (24 25) */ std %f0,[%sp+96] +/* 0x08ac (25 26) */ and %o5,%o1,%g3 +/* 0x08b0 (26 27) */ sllx %g3,16,%g3 +/* 0x08b4 ( 0 0) */ stx %g3,[%sp+120] +/* 0x08b8 (26 27) */ and %o7,%o2,%g3 +/* 0x08bc ( 0 0) */ stx %o7,[%sp+128] +/* 0x08c0 ( 0 0) */ ldx [%sp+120],%o7 +/* 0x08c4 (27 27) */ add %g3,%o7,%g3 +/* 0x08c8 ( 0 0) */ ldx [%sp+128],%o7 +/* 0x08cc (28 29) */ srax %o5,16,%o5 +/* 0x08d0 (28 28) */ add %g3,%o4,%g3 +/* 0x08d4 (29 30) */ srax %g3,32,%o4 +/* 0x08d8 ( 0 0) */ stx %o4,[%sp+112] +/* 0x08dc (30 31) */ srax %o7,32,%o4 +/* 0x08e0 ( 0 0) */ ldx [%sp+112],%o7 +/* 0x08e4 (30 31) */ add %o5,%o7,%o7 +/* 0x08e8 (31 33) */ ldx [%sp+96],%o5 +/* 0x08ec (31 32) */ add %o4,%o7,%o4 +/* 0x08f0 (32 33) */ and %g3,%o2,%g3 +/* 0x08f4 ( 0 0) */ ldx [%sp+104],%o7 +/* 0x08f8 (33 34) */ ble,pt %icc,.L900000730 ! tprob=0.50 +/* 0x08fc (33 34) */ st %g3,[%g5-4] + .L900000733: /* frequency 8.0 confidence 0.0 */ +/* 0x0900 ( 0 1) */ ba .L900000746 ! tprob=1.00 +/* 0x0904 ( 0 1) */ sethi %hi(0xfc00),%g2 + .L77000286: /* frequency 0.7 confidence 0.0 */ +/* 0x0908 ( 0 3) */ ldd [%g2+16],%f0 + .L900000745: /* frequency 6.4 confidence 0.0 */ +/* 0x090c ( 0 1) */ and %o7,%o2,%o0 +/* 0x0910 ( 0 1) */ and %o5,%o1,%g3 +/* 0x0914 ( 0 3) */ fdtox %f0,%f0 +/* 0x0918 ( 1 2) */ add %o4,%o0,%o0 +/* 0x091c ( 1 2) */ std %f0,[%sp+104] +/* 0x0920 ( 1 2) */ add %i0,1,%i0 +/* 0x0924 ( 2 3) */ sllx %g3,16,%o4 +/* 0x0928 ( 2 5) */ ldd [%g2+24],%f2 +/* 0x092c ( 2 3) */ add %g2,16,%g2 +/* 0x0930 ( 3 4) */ add %o0,%o4,%o4 +/* 0x0934 ( 3 4) */ cmp %i0,%g4 +/* 0x0938 ( 4 5) */ srax %o5,16,%o0 +/* 0x093c ( 4 5) */ stx %o0,[%sp+112] +/* 0x0940 ( 4 5) */ and %o4,%o2,%g3 +/* 0x0944 ( 5 6) */ srax %o4,32,%o5 +/* 0x0948 ( 5 8) */ fdtox %f2,%f0 +/* 0x094c ( 5 6) */ std %f0,[%sp+96] +/* 0x0950 ( 6 7) */ srax %o7,32,%o4 +/* 0x0954 ( 6 8) */ ldx [%sp+112],%o7 +/* 0x0958 ( 8 9) */ add %o7,%o5,%o7 +/* 0x095c ( 9 11) */ ldx [%sp+104],%o5 +/* 0x0960 ( 9 10) */ add %o4,%o7,%o4 +/* 0x0964 (10 12) */ ldx [%sp+96],%o0 +/* 0x0968 (11 12) */ st %g3,[%g5] +/* 0x096c (11 12) */ or %g0,%o5,%o7 +/* 0x0970 (11 12) */ add %g5,4,%g5 +/* 0x0974 (12 13) */ or %g0,%o0,%o5 +/* 0x0978 (12 13) */ ble,a,pt %icc,.L900000745 ! tprob=0.86 +/* 0x097c (12 15) */ ldd [%g2+16],%f0 + .L77000236: /* frequency 1.0 confidence 0.0 */ +/* 0x0980 ( 0 1) */ sethi %hi(0xfc00),%g2 + .L900000746: /* frequency 1.0 confidence 0.0 */ +/* 0x0984 ( 0 1) */ or %g0,-1,%o0 +/* 0x0988 ( 0 1) */ add %g2,1023,%g2 +/* 0x098c ( 0 3) */ ld [%fp+88],%o1 +/* 0x0990 ( 1 2) */ srl %o0,0,%g3 +/* 0x0994 ( 1 2) */ and %o5,%g2,%g2 +/* 0x0998 ( 2 3) */ and %o7,%g3,%g4 +/* 0x099c 281 ( 2 3) */ or %g0,-1,%o5 +/* 0x09a0 275 ( 3 4) */ sllx %g2,16,%g2 +/* 0x09a4 ( 3 4) */ add %o4,%g4,%g4 +/* 0x09a8 ( 4 5) */ add %g4,%g2,%g2 +/* 0x09ac ( 5 6) */ sll %i0,2,%g4 +/* 0x09b0 ( 5 6) */ and %g2,%g3,%g2 +/* 0x09b4 ( 6 7) */ st %g2,[%o3+%g4] +/* 0x09b8 281 ( 6 7) */ sll %g1,2,%g2 +/* 0x09bc ( 7 10) */ ld [%o3+%g2],%g2 +/* 0x09c0 ( 9 10) */ cmp %g2,0 +/* 0x09c4 ( 9 10) */ bleu,pn %icc,.L77000241 ! tprob=0.50 +/* 0x09c8 ( 9 10) */ or %g0,%o1,%o2 +/* 0x09cc (10 11) */ ba .L900000744 ! tprob=1.00 +/* 0x09d0 (10 11) */ cmp %o5,0 + .L77000241: /* frequency 0.8 confidence 0.0 */ +/* 0x09d4 ( 0 1) */ subcc %g1,1,%o5 +/* 0x09d8 ( 0 1) */ bneg,pt %icc,.L900000744 ! tprob=0.60 +/* 0x09dc ( 1 2) */ cmp %o5,0 +/* 0x09e0 ( 1 2) */ sll %o5,2,%g2 +/* 0x09e4 ( 2 3) */ add %o1,%g2,%o0 +/* 0x09e8 ( 2 3) */ add %o3,%g2,%o4 +/* 0x09ec ( 3 6) */ ld [%o0],%g2 + .L900000743: /* frequency 5.3 confidence 0.0 */ +/* 0x09f0 ( 0 3) */ ld [%o4],%g3 +/* 0x09f4 ( 0 1) */ add %o0,4,%o0 +/* 0x09f8 ( 0 1) */ add %o4,4,%o4 +/* 0x09fc ( 2 3) */ cmp %g3,%g2 +/* 0x0a00 ( 2 3) */ bne,pn %icc,.L77000244 ! tprob=0.16 +/* 0x0a04 ( 2 3) */ nop +/* 0x0a08 ( 3 4) */ addcc %o5,1,%o5 +/* 0x0a0c ( 3 4) */ bpos,a,pt %icc,.L900000743 ! tprob=0.84 +/* 0x0a10 ( 3 6) */ ld [%o0],%g2 + .L77000244: /* frequency 1.0 confidence 0.0 */ +/* 0x0a14 ( 0 1) */ cmp %o5,0 + .L900000744: /* frequency 1.0 confidence 0.0 */ +/* 0x0a18 ( 0 1) */ bl,pn %icc,.L77000287 ! tprob=0.50 +/* 0x0a1c ( 0 1) */ sll %o5,2,%g2 +/* 0x0a20 ( 1 4) */ ld [%o2+%g2],%g3 +/* 0x0a24 ( 2 5) */ ld [%o3+%g2],%g2 +/* 0x0a28 ( 4 5) */ cmp %g2,%g3 +/* 0x0a2c ( 4 5) */ bleu,pt %icc,.L77000224 ! tprob=0.56 +/* 0x0a30 ( 4 5) */ nop + .L77000287: /* frequency 0.8 confidence 0.0 */ +/* 0x0a34 ( 0 1) */ cmp %g1,0 +/* 0x0a38 ( 0 1) */ ble,pt %icc,.L77000224 ! tprob=0.60 +/* 0x0a3c ( 0 1) */ nop +/* 0x0a40 281 ( 1 2) */ sub %g1,1,%o7 +/* 0x0a44 ( 1 2) */ or %g0,-1,%g2 +/* 0x0a48 ( 2 3) */ srl %g2,0,%o4 +/* 0x0a4c ( 2 3) */ add %o7,1,%o0 +/* 0x0a50 279 ( 3 4) */ or %g0,0,%o5 +/* 0x0a54 ( 3 4) */ or %g0,0,%g1 +/* 0x0a58 ( 4 5) */ cmp %o0,3 +/* 0x0a5c ( 4 5) */ bl,pn %icc,.L77000288 ! tprob=0.40 +/* 0x0a60 ( 4 5) */ add %o3,8,%o1 +/* 0x0a64 ( 5 6) */ add %o2,4,%o0 +/* 0x0a68 ( 5 8) */ ld [%o1-8],%g2 +/* 0x0a6c 0 ( 5 6) */ or %g0,%o1,%o3 +/* 0x0a70 279 ( 6 9) */ ld [%o0-4],%g3 +/* 0x0a74 0 ( 6 7) */ or %g0,%o0,%o2 +/* 0x0a78 279 ( 6 7) */ or %g0,2,%g1 +/* 0x0a7c ( 7 10) */ ld [%o3-4],%o0 +/* 0x0a80 ( 8 9) */ sub %g2,%g3,%g2 +/* 0x0a84 ( 9 10) */ or %g0,%g2,%o5 +/* 0x0a88 ( 9 10) */ and %g2,%o4,%g2 +/* 0x0a8c ( 9 10) */ st %g2,[%o3-8] +/* 0x0a90 (10 11) */ srax %o5,32,%o5 + .L900000734: /* frequency 64.0 confidence 0.0 */ +/* 0x0a94 (12 20) */ ld [%o2],%g2 +/* 0x0a98 (12 13) */ add %g1,1,%g1 +/* 0x0a9c (12 13) */ add %o2,4,%o2 +/* 0x0aa0 (13 13) */ cmp %g1,%o7 +/* 0x0aa4 (13 14) */ add %o3,4,%o3 +/* 0x0aa8 (14 14) */ sub %o0,%g2,%o0 +/* 0x0aac (15 15) */ add %o0,%o5,%o5 +/* 0x0ab0 (16 17) */ and %o5,%o4,%g2 +/* 0x0ab4 (16 24) */ ld [%o3-4],%o0 +/* 0x0ab8 (17 18) */ st %g2,[%o3-8] +/* 0x0abc (17 18) */ ble,pt %icc,.L900000734 ! tprob=0.50 +/* 0x0ac0 (17 18) */ srax %o5,32,%o5 + .L900000737: /* frequency 8.0 confidence 0.0 */ +/* 0x0ac4 ( 0 3) */ ld [%o2],%o1 +/* 0x0ac8 ( 2 3) */ sub %o0,%o1,%o0 +/* 0x0acc ( 3 4) */ add %o0,%o5,%o0 +/* 0x0ad0 ( 4 5) */ and %o0,%o4,%o1 +/* 0x0ad4 ( 4 5) */ st %o1,[%o3-4] +/* 0x0ad8 ( 5 7) */ ret ! Result = +/* 0x0adc ( 7 8) */ restore %g0,%g0,%g0 + .L77000288: /* frequency 0.6 confidence 0.0 */ +/* 0x0ae0 ( 0 3) */ ld [%o3],%o0 + .L900000742: /* frequency 5.3 confidence 0.0 */ +/* 0x0ae4 ( 0 3) */ ld [%o2],%o1 +/* 0x0ae8 ( 0 1) */ add %o5,%o0,%o0 +/* 0x0aec ( 0 1) */ add %g1,1,%g1 +/* 0x0af0 ( 1 2) */ add %o2,4,%o2 +/* 0x0af4 ( 1 2) */ cmp %g1,%o7 +/* 0x0af8 ( 2 3) */ sub %o0,%o1,%o0 +/* 0x0afc ( 3 4) */ and %o0,%o4,%o1 +/* 0x0b00 ( 3 4) */ st %o1,[%o3] +/* 0x0b04 ( 3 4) */ add %o3,4,%o3 +/* 0x0b08 ( 4 5) */ srax %o0,32,%o5 +/* 0x0b0c ( 4 5) */ ble,a,pt %icc,.L900000742 ! tprob=0.84 +/* 0x0b10 ( 4 7) */ ld [%o3],%o0 + .L77000224: /* frequency 1.0 confidence 0.0 */ +/* 0x0b14 ( 0 2) */ ret ! Result = +/* 0x0b18 ( 2 3) */ restore %g0,%g0,%g0 +/* 0x0b1c 0 ( 0 0) */ .type mont_mulf_noconv,2 +/* 0x0b1c ( 0 0) */ .size mont_mulf_noconv,(.-mont_mulf_noconv) + diff --git a/security/nss/lib/freebl/mpi/montmulfv8.il b/security/nss/lib/freebl/mpi/montmulfv8.il new file mode 100644 index 000000000..b3dd734b6 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulfv8.il @@ -0,0 +1,137 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is inline macros for SPARC Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + +! +! double upper32(double /*frs1*/); +! + .inline upper32,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f10 + + fdtox %f10,%f10 + fitod %f10,%f0 + .end + +! +! double lower32(double /*frs1*/, double /* Zero */); +! + .inline lower32,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f10 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f12 + + fdtox %f10,%f10 + fmovs %f12,%f10 + fxtod %f10,%f0 + .end + +! +! double mod(double /*x*/, double /*1/m*/, double /*m*/); +! + .inline mod,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f2 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o4,[%sp+0x48] + ldd [%sp+0x48],%f6 + + fmuld %f2,%f4,%f4 + fdtox %f4,%f4 + fxtod %f4,%f4 + fmuld %f4,%f6,%f4 + fsubd %f2,%f4,%f0 + .end + + +! +! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/, +! double * /* 0 */, +! double * /*result16*/, double * /* result32 */ +! float * /*source - should be unsigned int* +! converted to float* */); +! + .inline i16_to_d16_and_d32x4,24 + ldd [%o0],%f2 ! 1/(2^16) + ldd [%o1],%f4 ! 2^16 + ldd [%o2],%f22 + + fmovd %f22,%f6 + ld [%o5],%f7 + fmovd %f22,%f10 + ld [%o5+4],%f11 + fmovd %f22,%f14 + ld [%o5+8],%f15 + fmovd %f22,%f18 + ld [%o5+12],%f19 + fxtod %f6,%f6 + std %f6,[%o4] + fxtod %f10,%f10 + std %f10,[%o4+8] + fxtod %f14,%f14 + std %f14,[%o4+16] + fxtod %f18,%f18 + std %f18,[%o4+24] + fmuld %f2,%f6,%f8 + fmuld %f2,%f10,%f12 + fmuld %f2,%f14,%f16 + fmuld %f2,%f18,%f20 + fdtox %f8,%f8 + fdtox %f12,%f12 + fdtox %f16,%f16 + fdtox %f20,%f20 + fxtod %f8,%f8 + std %f8,[%o3+8] + fxtod %f12,%f12 + std %f12,[%o3+24] + fxtod %f16,%f16 + std %f16,[%o3+40] + fxtod %f20,%f20 + std %f20,[%o3+56] + fmuld %f8,%f4,%f8 + fmuld %f12,%f4,%f12 + fmuld %f16,%f4,%f16 + fmuld %f20,%f4,%f20 + fsubd %f6,%f8,%f8 + std %f8,[%o3] + fsubd %f10,%f12,%f12 + std %f12,[%o3+16] + fsubd %f14,%f16,%f16 + std %f16,[%o3+32] + fsubd %f18,%f20,%f20 + std %f20,[%o3+48] + .end + + diff --git a/security/nss/lib/freebl/mpi/montmulfv8.s b/security/nss/lib/freebl/mpi/montmulfv8.s new file mode 100644 index 000000000..ac74a530d --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulfv8.s @@ -0,0 +1,1847 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is SPARC hand-optimized Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + + .section ".text",#alloc,#execinstr + .file "montmulf.c" + + .section ".rodata",#alloc + .global TwoTo16 + .align 8 +! +! CONSTANT POOL +! + .global TwoTo16 +TwoTo16: + .word 1089470464 + .word 0 + .type TwoTo16,#object + .size TwoTo16,8 + .global TwoToMinus16 +! +! CONSTANT POOL +! + .global TwoToMinus16 +TwoToMinus16: + .word 1055916032 + .word 0 + .type TwoToMinus16,#object + .size TwoToMinus16,8 + .global Zero +! +! CONSTANT POOL +! + .global Zero +Zero: + .word 0 + .word 0 + .type Zero,#object + .size Zero,8 + .global TwoTo32 +! +! CONSTANT POOL +! + .global TwoTo32 +TwoTo32: + .word 1106247680 + .word 0 + .type TwoTo32,#object + .size TwoTo32,8 + .global TwoToMinus32 +! +! CONSTANT POOL +! + .global TwoToMinus32 +TwoToMinus32: + .word 1039138816 + .word 0 + .type TwoToMinus32,#object + .size TwoToMinus32,8 + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 4 +! +! SUBROUTINE conv_d16_to_i32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_d16_to_i32 + conv_d16_to_i32: +/* 000000 */ save %sp,-128,%sp +! FILE montmulf.c + +! 36 !#define RF_INLINE_MACROS +! 38 !static const double TwoTo16=65536.0; +! 39 !static const double TwoToMinus16=1.0/65536.0; +! 40 !static const double Zero=0.0; +! 41 !static const double TwoTo32=65536.0*65536.0; +! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0); +! 44 !#ifdef RF_INLINE_MACROS +! 46 !double upper32(double); +! 47 !double lower32(double, double); +! 48 !double mod(double, double, double); +! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, +! 51 ! const double * /* 2^16*/, +! 52 ! const double * /* 0 */, +! 53 ! double * /*result16*/, +! 54 ! double * /* result32 */, +! 55 ! float * /*source - should be unsigned int* +! 56 ! converted to float* */); +! 58 !#else +! 60 !static double upper32(double x) +! 61 !{ +! 62 ! return floor(x*TwoToMinus32); +! 63 !} +! 65 !static double lower32(double x, double y) +! 66 !{ +! 67 ! return x-TwoTo32*floor(x*TwoToMinus32); +! 68 !} +! 70 !static double mod(double x, double oneoverm, double m) +! 71 !{ +! 72 ! return x-m*floor(x*oneoverm); +! 73 !} +! 75 !#endif +! 78 !static void cleanup(double *dt, int from, int tlen) +! 79 !{ +! 80 ! int i; +! 81 ! double tmp,tmp1,x,x1; +! 83 ! tmp=tmp1=Zero; +! 84 ! /* original code ** +! 85 ! for(i=2*from;i<2*tlen-2;i++) +! 86 ! { +! 87 ! x=dt[i]; +! 88 ! dt[i]=lower32(x,Zero)+tmp1; +! 89 ! tmp1=tmp; +! 90 ! tmp=upper32(x); +! 91 ! } +! 92 ! dt[tlen-2]+=tmp1; +! 93 ! dt[tlen-1]+=tmp; +! 94 ! **end original code ***/ +! 95 ! /* new code ***/ +! 96 ! for(i=2*from;i<2*tlen;i+=2) +! 97 ! { +! 98 ! x=dt[i]; +! 99 ! x1=dt[i+1]; +! 100 ! dt[i]=lower32(x,Zero)+tmp; +! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1; +! 102 ! tmp=upper32(x); +! 103 ! tmp1=upper32(x1); +! 104 ! } +! 105 ! /** end new code **/ +! 106 !} +! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen) +! 110 !{ +! 111 !int i; +! 112 !long long t, t1, a, b, c, d; +! 114 ! t1=0; +! 115 ! a=(long long)d16[0]; + +/* 0x0004 115 */ ldd [%i1],%f0 +/* 0x0008 110 */ or %g0,%i1,%o0 + +! 116 ! b=(long long)d16[1]; +! 117 ! for(i=0; i<ilen-1; i++) + +/* 0x000c 117 */ sub %i3,1,%g2 +/* 0x0010 */ cmp %g2,0 +/* 0x0014 114 */ or %g0,0,%o4 +/* 0x0018 115 */ fdtox %f0,%f0 +/* 0x001c */ std %f0,[%sp+120] +/* 0x0020 117 */ or %g0,0,%o7 +/* 0x0024 110 */ or %g0,%i3,%o1 +/* 0x0028 */ sub %i3,2,%o2 +/* 0x002c 116 */ ldd [%o0+8],%f0 +/* 0x0030 110 */ sethi %hi(0xfc00),%o1 +/* 0x0034 */ add %o2,1,%g3 +/* 0x0038 */ add %o1,1023,%o1 +/* 0x003c */ or %g0,%i0,%o5 +/* 0x0040 116 */ fdtox %f0,%f0 +/* 0x0044 */ std %f0,[%sp+112] +/* 0x0048 */ ldx [%sp+112],%g1 +/* 0x004c 115 */ ldx [%sp+120],%g4 +/* 0x0050 117 */ ble,pt %icc,.L900000117 +/* 0x0054 */ sethi %hi(0xfc00),%g2 +/* 0x0058 110 */ or %g0,-1,%g2 +/* 0x005c 117 */ cmp %g3,3 +/* 0x0060 110 */ srl %g2,0,%o3 +/* 0x0064 117 */ bl,pn %icc,.L77000134 +/* 0x0068 */ or %g0,%o0,%g2 + +! 118 ! { +! 119 ! c=(long long)d16[2*i+2]; + +/* 0x006c 119 */ ldd [%o0+16],%f0 + +! 120 ! t1+=a&0xffffffff; +! 121 ! t=(a>>32); +! 122 ! d=(long long)d16[2*i+3]; +! 123 ! t1+=(b&0xffff)<<16; +! 124 ! t+=(b>>16)+(t1>>32); +! 125 ! i32[i]=t1&0xffffffff; +! 126 ! t1=t; +! 127 ! a=c; +! 128 ! b=d; + +/* 0x0070 128 */ add %o0,16,%g2 +/* 0x0074 123 */ and %g1,%o1,%o0 +/* 0x0078 */ sllx %o0,16,%g3 +/* 0x007c 120 */ and %g4,%o3,%o0 +/* 0x0080 117 */ add %o0,%g3,%o4 +/* 0x0084 119 */ fdtox %f0,%f0 +/* 0x0088 */ std %f0,[%sp+104] +/* 0x008c 125 */ and %o4,%o3,%g5 +/* 0x0090 122 */ ldd [%g2+8],%f2 +/* 0x0094 128 */ add %o5,4,%o5 +/* 0x0098 124 */ srax %o4,32,%o4 +/* 0x009c */ stx %o4,[%sp+112] +/* 0x00a0 122 */ fdtox %f2,%f0 +/* 0x00a4 */ std %f0,[%sp+96] +/* 0x00a8 124 */ srax %g1,16,%o0 +/* 0x00ac */ ldx [%sp+112],%o7 +/* 0x00b0 121 */ srax %g4,32,%o4 +/* 0x00b4 124 */ add %o0,%o7,%g4 +/* 0x00b8 128 */ or %g0,1,%o7 +/* 0x00bc 119 */ ldx [%sp+104],%g3 +/* 0x00c0 124 */ add %o4,%g4,%o4 +/* 0x00c4 122 */ ldx [%sp+96],%g1 +/* 0x00c8 125 */ st %g5,[%o5-4] +/* 0x00cc 127 */ or %g0,%g3,%g4 + .L900000112: +/* 0x00d0 119 */ ldd [%g2+16],%f0 +/* 0x00d4 128 */ add %o7,1,%o7 +/* 0x00d8 */ add %o5,4,%o5 +/* 0x00dc */ cmp %o7,%o2 +/* 0x00e0 */ add %g2,16,%g2 +/* 0x00e4 119 */ fdtox %f0,%f0 +/* 0x00e8 */ std %f0,[%sp+104] +/* 0x00ec 122 */ ldd [%g2+8],%f0 +/* 0x00f0 */ fdtox %f0,%f0 +/* 0x00f4 */ std %f0,[%sp+96] +/* 0x00f8 123 */ and %g1,%o1,%g3 +/* 0x00fc */ sllx %g3,16,%g5 +/* 0x0100 120 */ and %g4,%o3,%g3 +/* 0x0104 117 */ add %g3,%g5,%g3 +/* 0x0108 124 */ srax %g1,16,%g1 +/* 0x010c 117 */ add %g3,%o4,%g3 +/* 0x0110 124 */ srax %g3,32,%o4 +/* 0x0114 */ stx %o4,[%sp+112] +/* 0x0118 119 */ ldx [%sp+104],%g5 +/* 0x011c 121 */ srax %g4,32,%o4 +/* 0x0120 124 */ ldx [%sp+112],%g4 +/* 0x0124 */ add %g1,%g4,%g4 +/* 0x0128 122 */ ldx [%sp+96],%g1 +/* 0x012c 124 */ add %o4,%g4,%o4 +/* 0x0130 125 */ and %g3,%o3,%g3 +/* 0x0134 127 */ or %g0,%g5,%g4 +/* 0x0138 128 */ ble,pt %icc,.L900000112 +/* 0x013c */ st %g3,[%o5-4] + .L900000115: +/* 0x0140 128 */ ba .L900000117 +/* 0x0144 */ sethi %hi(0xfc00),%g2 + .L77000134: +/* 0x0148 119 */ ldd [%g2+16],%f0 + .L900000116: +/* 0x014c 120 */ and %g4,%o3,%o0 +/* 0x0150 123 */ and %g1,%o1,%g3 +/* 0x0154 119 */ fdtox %f0,%f0 +/* 0x0158 120 */ add %o4,%o0,%o0 +/* 0x015c 119 */ std %f0,[%sp+104] +/* 0x0160 128 */ add %o7,1,%o7 +/* 0x0164 123 */ sllx %g3,16,%o4 +/* 0x0168 122 */ ldd [%g2+24],%f2 +/* 0x016c 128 */ add %g2,16,%g2 +/* 0x0170 123 */ add %o0,%o4,%o0 +/* 0x0174 128 */ cmp %o7,%o2 +/* 0x0178 125 */ and %o0,%o3,%g3 +/* 0x017c 122 */ fdtox %f2,%f0 +/* 0x0180 */ std %f0,[%sp+96] +/* 0x0184 124 */ srax %o0,32,%o0 +/* 0x0188 */ stx %o0,[%sp+112] +/* 0x018c 121 */ srax %g4,32,%o4 +/* 0x0190 122 */ ldx [%sp+96],%o0 +/* 0x0194 124 */ srax %g1,16,%g5 +/* 0x0198 */ ldx [%sp+112],%g4 +/* 0x019c 119 */ ldx [%sp+104],%g1 +/* 0x01a0 125 */ st %g3,[%o5] +/* 0x01a4 124 */ add %g5,%g4,%g4 +/* 0x01a8 128 */ add %o5,4,%o5 +/* 0x01ac 124 */ add %o4,%g4,%o4 +/* 0x01b0 127 */ or %g0,%g1,%g4 +/* 0x01b4 128 */ or %g0,%o0,%g1 +/* 0x01b8 */ ble,a,pt %icc,.L900000116 +/* 0x01bc */ ldd [%g2+16],%f0 + .L77000127: + +! 129 ! } +! 130 ! t1+=a&0xffffffff; +! 131 ! t=(a>>32); +! 132 ! t1+=(b&0xffff)<<16; +! 133 ! i32[i]=t1&0xffffffff; + +/* 0x01c0 133 */ sethi %hi(0xfc00),%g2 + .L900000117: +/* 0x01c4 133 */ or %g0,-1,%g3 +/* 0x01c8 */ add %g2,1023,%g2 +/* 0x01cc */ srl %g3,0,%g3 +/* 0x01d0 */ and %g1,%g2,%g2 +/* 0x01d4 */ and %g4,%g3,%g4 +/* 0x01d8 */ sllx %g2,16,%g2 +/* 0x01dc */ add %o4,%g4,%g4 +/* 0x01e0 */ add %g4,%g2,%g2 +/* 0x01e4 */ sll %o7,2,%g4 +/* 0x01e8 */ and %g2,%g3,%g2 +/* 0x01ec */ st %g2,[%i0+%g4] +/* 0x01f0 */ ret ! Result = +/* 0x01f4 */ restore %g0,%g0,%g0 +/* 0x01f8 0 */ .type conv_d16_to_i32,2 +/* 0x01f8 */ .size conv_d16_to_i32,(.-conv_d16_to_i32) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000201: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 4 +/* 0x0008 */ .skip 16 +! +! SUBROUTINE conv_i32_to_d32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d32 + conv_i32_to_d32: +/* 000000 */ or %g0,%o7,%g2 + +! 135 !} +! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len) +! 138 !{ +! 139 !int i; +! 141 !#pragma pipeloop(0) +! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]); + +/* 0x0004 142 */ cmp %o2,0 + .L900000210: +/* 0x0008 */ call .+8 +/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4 +/* 0x0010 142 */ or %g0,0,%o5 +/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4 +/* 0x0018 */ or %g0,%o0,%g5 +/* 0x001c */ add %g4,%o7,%g1 +/* 0x0020 142 */ ble,pt %icc,.L77000140 +/* 0x0024 */ or %g0,%g2,%o7 +/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g2 +/* 0x002c 138 */ or %g0,%o1,%g4 +/* 0x0030 142 */ add %g2,%lo(.L_const_seg_900000201),%g2 +/* 0x0034 */ sub %o2,1,%g3 +/* 0x0038 */ ld [%g1+%g2],%g2 +/* 0x003c */ cmp %o2,9 +/* 0x0040 */ bl,pn %icc,.L77000144 +/* 0x0044 */ ldd [%g2],%f8 +/* 0x0048 */ add %o1,16,%g4 +/* 0x004c */ sub %o2,5,%g1 +/* 0x0050 */ ld [%o1],%f7 +/* 0x0054 */ or %g0,4,%o5 +/* 0x0058 */ ld [%o1+4],%f5 +/* 0x005c */ ld [%o1+8],%f3 +/* 0x0060 */ fmovs %f8,%f6 +/* 0x0064 */ ld [%o1+12],%f1 + .L900000205: +/* 0x0068 */ ld [%g4],%f11 +/* 0x006c */ add %o5,5,%o5 +/* 0x0070 */ add %g4,20,%g4 +/* 0x0074 */ fsubd %f6,%f8,%f6 +/* 0x0078 */ std %f6,[%g5] +/* 0x007c */ cmp %o5,%g1 +/* 0x0080 */ add %g5,40,%g5 +/* 0x0084 */ fmovs %f8,%f4 +/* 0x0088 */ ld [%g4-16],%f7 +/* 0x008c */ fsubd %f4,%f8,%f12 +/* 0x0090 */ fmovs %f8,%f2 +/* 0x0094 */ std %f12,[%g5-32] +/* 0x0098 */ ld [%g4-12],%f5 +/* 0x009c */ fsubd %f2,%f8,%f12 +/* 0x00a0 */ fmovs %f8,%f0 +/* 0x00a4 */ std %f12,[%g5-24] +/* 0x00a8 */ ld [%g4-8],%f3 +/* 0x00ac */ fsubd %f0,%f8,%f12 +/* 0x00b0 */ fmovs %f8,%f10 +/* 0x00b4 */ std %f12,[%g5-16] +/* 0x00b8 */ ld [%g4-4],%f1 +/* 0x00bc */ fsubd %f10,%f8,%f10 +/* 0x00c0 */ fmovs %f8,%f6 +/* 0x00c4 */ ble,pt %icc,.L900000205 +/* 0x00c8 */ std %f10,[%g5-8] + .L900000208: +/* 0x00cc */ fmovs %f8,%f4 +/* 0x00d0 */ add %g5,32,%g5 +/* 0x00d4 */ cmp %o5,%g3 +/* 0x00d8 */ fmovs %f8,%f2 +/* 0x00dc */ fmovs %f8,%f0 +/* 0x00e0 */ fsubd %f6,%f8,%f6 +/* 0x00e4 */ std %f6,[%g5-32] +/* 0x00e8 */ fsubd %f4,%f8,%f4 +/* 0x00ec */ std %f4,[%g5-24] +/* 0x00f0 */ fsubd %f2,%f8,%f2 +/* 0x00f4 */ std %f2,[%g5-16] +/* 0x00f8 */ fsubd %f0,%f8,%f0 +/* 0x00fc */ bg,pn %icc,.L77000140 +/* 0x0100 */ std %f0,[%g5-8] + .L77000144: +/* 0x0104 */ ld [%g4],%f1 + .L900000211: +/* 0x0108 */ ldd [%g2],%f8 +/* 0x010c */ add %o5,1,%o5 +/* 0x0110 */ add %g4,4,%g4 +/* 0x0114 */ cmp %o5,%g3 +/* 0x0118 */ fmovs %f8,%f0 +/* 0x011c */ fsubd %f0,%f8,%f0 +/* 0x0120 */ std %f0,[%g5] +/* 0x0124 */ add %g5,8,%g5 +/* 0x0128 */ ble,a,pt %icc,.L900000211 +/* 0x012c */ ld [%g4],%f1 + .L77000140: +/* 0x0130 */ retl ! Result = +/* 0x0134 */ nop +/* 0x0138 0 */ .type conv_i32_to_d32,2 +/* 0x0138 */ .size conv_i32_to_d32,(.-conv_i32_to_d32) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000301: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 4 +! +! SUBROUTINE conv_i32_to_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d16 + conv_i32_to_d16: +/* 000000 */ save %sp,-104,%sp +/* 0x0004 */ or %g0,%i2,%o0 + +! 143 !} +! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len) +! 147 !{ +! 148 !int i; +! 149 !unsigned int a; +! 151 !#pragma pipeloop(0) +! 152 ! for(i=0;i<len;i++) +! 153 ! { +! 154 ! a=i32[i]; +! 155 ! d16[2*i]=(double)(a&0xffff); +! 156 ! d16[2*i+1]=(double)(a>>16); + +/* 0x0008 156 */ sethi %hi(.L_const_seg_900000301),%g2 + .L900000310: +/* 0x000c */ call .+8 +/* 0x0010 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3 +/* 0x0014 152 */ cmp %o0,0 +/* 0x0018 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3 +/* 0x001c 152 */ ble,pt %icc,.L77000150 +/* 0x0020 */ add %g3,%o7,%o2 +/* 0x0024 */ sub %i2,1,%o5 +/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%o1 +/* 0x002c 152 */ sethi %hi(0xfc00),%o0 +/* 0x0030 */ ld [%o2+%o1],%o3 +/* 0x0034 */ add %o5,1,%g2 +/* 0x0038 */ or %g0,0,%g1 +/* 0x003c */ cmp %g2,3 +/* 0x0040 */ or %g0,%i1,%o7 +/* 0x0044 */ add %o0,1023,%o4 +/* 0x0048 */ or %g0,%i0,%g3 +/* 0x004c */ bl,pn %icc,.L77000154 +/* 0x0050 */ add %o7,4,%o0 +/* 0x0054 155 */ ldd [%o3],%f0 +/* 0x0058 156 */ or %g0,1,%g1 +/* 0x005c 154 */ ld [%o0-4],%o1 +/* 0x0060 0 */ or %g0,%o0,%o7 +/* 0x0064 155 */ and %o1,%o4,%o0 + .L900000306: +/* 0x0068 155 */ st %o0,[%sp+96] +/* 0x006c 156 */ add %g1,1,%g1 +/* 0x0070 */ add %g3,16,%g3 +/* 0x0074 */ cmp %g1,%o5 +/* 0x0078 */ add %o7,4,%o7 +/* 0x007c 155 */ ld [%sp+96],%f3 +/* 0x0080 */ fmovs %f0,%f2 +/* 0x0084 */ fsubd %f2,%f0,%f2 +/* 0x0088 156 */ srl %o1,16,%o0 +/* 0x008c 155 */ std %f2,[%g3-16] +/* 0x0090 156 */ st %o0,[%sp+92] +/* 0x0094 */ ld [%sp+92],%f3 +/* 0x0098 154 */ ld [%o7-4],%o1 +/* 0x009c 156 */ fmovs %f0,%f2 +/* 0x00a0 */ fsubd %f2,%f0,%f2 +/* 0x00a4 155 */ and %o1,%o4,%o0 +/* 0x00a8 156 */ ble,pt %icc,.L900000306 +/* 0x00ac */ std %f2,[%g3-8] + .L900000309: +/* 0x00b0 155 */ st %o0,[%sp+96] +/* 0x00b4 */ fmovs %f0,%f2 +/* 0x00b8 156 */ add %g3,16,%g3 +/* 0x00bc */ srl %o1,16,%o0 +/* 0x00c0 155 */ ld [%sp+96],%f3 +/* 0x00c4 */ fsubd %f2,%f0,%f2 +/* 0x00c8 */ std %f2,[%g3-16] +/* 0x00cc 156 */ st %o0,[%sp+92] +/* 0x00d0 */ fmovs %f0,%f2 +/* 0x00d4 */ ld [%sp+92],%f3 +/* 0x00d8 */ fsubd %f2,%f0,%f0 +/* 0x00dc */ std %f0,[%g3-8] +/* 0x00e0 */ ret ! Result = +/* 0x00e4 */ restore %g0,%g0,%g0 + .L77000154: +/* 0x00e8 154 */ ld [%o7],%o0 + .L900000311: +/* 0x00ec 155 */ and %o0,%o4,%o1 +/* 0x00f0 */ st %o1,[%sp+96] +/* 0x00f4 156 */ add %g1,1,%g1 +/* 0x00f8 155 */ ldd [%o3],%f0 +/* 0x00fc 156 */ srl %o0,16,%o0 +/* 0x0100 */ add %o7,4,%o7 +/* 0x0104 */ cmp %g1,%o5 +/* 0x0108 155 */ fmovs %f0,%f2 +/* 0x010c */ ld [%sp+96],%f3 +/* 0x0110 */ fsubd %f2,%f0,%f2 +/* 0x0114 */ std %f2,[%g3] +/* 0x0118 156 */ st %o0,[%sp+92] +/* 0x011c */ fmovs %f0,%f2 +/* 0x0120 */ ld [%sp+92],%f3 +/* 0x0124 */ fsubd %f2,%f0,%f0 +/* 0x0128 */ std %f0,[%g3+8] +/* 0x012c */ add %g3,16,%g3 +/* 0x0130 */ ble,a,pt %icc,.L900000311 +/* 0x0134 */ ld [%o7],%o0 + .L77000150: +/* 0x0138 */ ret ! Result = +/* 0x013c */ restore %g0,%g0,%g0 +/* 0x0140 0 */ .type conv_i32_to_d16,2 +/* 0x0140 */ .size conv_i32_to_d16,(.-conv_i32_to_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000401: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 4 +/* 0x0008 */ .skip 16 +! +! SUBROUTINE conv_i32_to_d32_and_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d32_and_d16 + conv_i32_to_d32_and_d16: +/* 000000 */ save %sp,-120,%sp + .L900000415: +/* 0x0004 */ call .+8 +/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4 + +! 157 ! } +! 158 !} +! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16, +! 162 ! unsigned int *i32, int len) +! 163 !{ +! 164 !int i = 0; +! 165 !unsigned int a; +! 167 !#pragma pipeloop(0) +! 168 !#ifdef RF_INLINE_MACROS +! 169 ! for(;i<len-3;i+=4) + +/* 0x000c 169 */ sub %i3,3,%g2 +/* 0x0010 */ cmp %g2,0 +/* 0x0014 163 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4 + +! 170 ! { +! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero, +! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i]))); + +/* 0x0018 172 */ sethi %hi(Zero),%g2 +/* 0x001c 163 */ add %g4,%o7,%o4 +/* 0x0020 172 */ add %g2,%lo(Zero),%g2 +/* 0x0024 */ sethi %hi(TwoToMinus16),%g3 +/* 0x0028 */ ld [%o4+%g2],%o1 +/* 0x002c */ sethi %hi(TwoTo16),%g4 +/* 0x0030 */ add %g3,%lo(TwoToMinus16),%g2 +/* 0x0034 */ ld [%o4+%g2],%o3 +/* 0x0038 164 */ or %g0,0,%g5 +/* 0x003c 172 */ add %g4,%lo(TwoTo16),%g3 +/* 0x0040 */ ld [%o4+%g3],%o2 +/* 0x0044 163 */ or %g0,%i0,%i4 +/* 0x0048 169 */ or %g0,%i2,%o7 +/* 0x004c */ ble,pt %icc,.L900000418 +/* 0x0050 */ cmp %g5,%i3 +/* 0x0054 172 */ stx %o7,[%sp+104] +/* 0x0058 169 */ sub %i3,4,%o5 +/* 0x005c */ or %g0,0,%g4 +/* 0x0060 */ or %g0,0,%g1 + .L900000417: +/* 0x0064 */ ldd [%o1],%f2 +/* 0x0068 172 */ add %i4,%g4,%g2 +/* 0x006c */ add %i1,%g1,%g3 +/* 0x0070 */ ldd [%o3],%f0 +/* 0x0074 */ add %g5,4,%g5 +/* 0x0078 */ fmovd %f2,%f14 +/* 0x007c */ ld [%o7],%f15 +/* 0x0080 */ cmp %g5,%o5 +/* 0x0084 */ fmovd %f2,%f10 +/* 0x0088 */ ld [%o7+4],%f11 +/* 0x008c */ add %o7,16,%o7 +/* 0x0090 */ ldx [%sp+104],%o0 +/* 0x0094 */ fmovd %f2,%f6 +/* 0x0098 */ stx %o7,[%sp+112] +/* 0x009c */ fxtod %f14,%f14 +/* 0x00a0 */ ld [%o0+8],%f7 +/* 0x00a4 */ fxtod %f10,%f10 +/* 0x00a8 */ ld [%o0+12],%f3 +/* 0x00ac */ fxtod %f6,%f6 +/* 0x00b0 */ ldd [%o2],%f16 +/* 0x00b4 */ fmuld %f0,%f14,%f12 +/* 0x00b8 */ fxtod %f2,%f2 +/* 0x00bc */ fmuld %f0,%f10,%f8 +/* 0x00c0 */ std %f14,[%i4+%g4] +/* 0x00c4 */ ldx [%sp+112],%o7 +/* 0x00c8 */ add %g4,32,%g4 +/* 0x00cc */ fmuld %f0,%f6,%f4 +/* 0x00d0 */ fdtox %f12,%f12 +/* 0x00d4 */ std %f10,[%g2+8] +/* 0x00d8 */ fmuld %f0,%f2,%f0 +/* 0x00dc */ fdtox %f8,%f8 +/* 0x00e0 */ std %f6,[%g2+16] +/* 0x00e4 */ std %f2,[%g2+24] +/* 0x00e8 */ fdtox %f4,%f4 +/* 0x00ec */ fdtox %f0,%f0 +/* 0x00f0 */ fxtod %f12,%f12 +/* 0x00f4 */ std %f12,[%g3+8] +/* 0x00f8 */ fxtod %f8,%f8 +/* 0x00fc */ std %f8,[%g3+24] +/* 0x0100 */ fxtod %f4,%f4 +/* 0x0104 */ std %f4,[%g3+40] +/* 0x0108 */ fxtod %f0,%f0 +/* 0x010c */ std %f0,[%g3+56] +/* 0x0110 */ fmuld %f12,%f16,%f12 +/* 0x0114 */ fmuld %f8,%f16,%f8 +/* 0x0118 */ fmuld %f4,%f16,%f4 +/* 0x011c */ fsubd %f14,%f12,%f12 +/* 0x0120 */ std %f12,[%i1+%g1] +/* 0x0124 */ fmuld %f0,%f16,%f0 +/* 0x0128 */ fsubd %f10,%f8,%f8 +/* 0x012c */ std %f8,[%g3+16] +/* 0x0130 */ add %g1,64,%g1 +/* 0x0134 */ fsubd %f6,%f4,%f4 +/* 0x0138 */ std %f4,[%g3+32] +/* 0x013c */ fsubd %f2,%f0,%f0 +/* 0x0140 */ std %f0,[%g3+48] +/* 0x0144 */ ble,a,pt %icc,.L900000417 +/* 0x0148 */ stx %o7,[%sp+104] + .L77000159: + +! 173 ! } +! 174 !#endif +! 175 ! for(;i<len;i++) + +/* 0x014c 175 */ cmp %g5,%i3 + .L900000418: +/* 0x0150 175 */ bge,pt %icc,.L77000164 +/* 0x0154 */ nop + +! 176 ! { +! 177 ! a=i32[i]; +! 178 ! d32[i]=(double)(i32[i]); +! 179 ! d16[2*i]=(double)(a&0xffff); +! 180 ! d16[2*i+1]=(double)(a>>16); + +/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2 +/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%o1 +/* 0x0160 175 */ sethi %hi(0xfc00),%o0 +/* 0x0164 */ ld [%o4+%o1],%o2 +/* 0x0168 */ sll %g5,2,%o3 +/* 0x016c */ sub %i3,%g5,%g3 +/* 0x0170 */ sll %g5,3,%g2 +/* 0x0174 */ add %o0,1023,%o4 +/* 0x0178 178 */ ldd [%o2],%f0 +/* 0x017c */ add %i2,%o3,%o0 +/* 0x0180 175 */ cmp %g3,3 +/* 0x0184 */ add %i4,%g2,%o3 +/* 0x0188 */ sub %i3,1,%o1 +/* 0x018c */ sll %g5,4,%g4 +/* 0x0190 */ bl,pn %icc,.L77000161 +/* 0x0194 */ add %i1,%g4,%o5 +/* 0x0198 178 */ ld [%o0],%f3 +/* 0x019c 180 */ add %o3,8,%o3 +/* 0x01a0 177 */ ld [%o0],%o7 +/* 0x01a4 180 */ add %o5,16,%o5 +/* 0x01a8 */ add %g5,1,%g5 +/* 0x01ac 178 */ fmovs %f0,%f2 +/* 0x01b0 180 */ add %o0,4,%o0 +/* 0x01b4 179 */ and %o7,%o4,%g1 +/* 0x01b8 178 */ fsubd %f2,%f0,%f2 +/* 0x01bc */ std %f2,[%o3-8] +/* 0x01c0 180 */ srl %o7,16,%o7 +/* 0x01c4 179 */ st %g1,[%sp+96] +/* 0x01c8 */ fmovs %f0,%f2 +/* 0x01cc */ ld [%sp+96],%f3 +/* 0x01d0 */ fsubd %f2,%f0,%f2 +/* 0x01d4 */ std %f2,[%o5-16] +/* 0x01d8 180 */ st %o7,[%sp+92] +/* 0x01dc */ fmovs %f0,%f2 +/* 0x01e0 */ ld [%sp+92],%f3 +/* 0x01e4 */ fsubd %f2,%f0,%f2 +/* 0x01e8 */ std %f2,[%o5-8] + .L900000411: +/* 0x01ec 178 */ ld [%o0],%f3 +/* 0x01f0 180 */ add %g5,2,%g5 +/* 0x01f4 */ add %o5,32,%o5 +/* 0x01f8 177 */ ld [%o0],%o7 +/* 0x01fc 180 */ cmp %g5,%o1 +/* 0x0200 */ add %o3,16,%o3 +/* 0x0204 178 */ fmovs %f0,%f2 +/* 0x0208 */ fsubd %f2,%f0,%f2 +/* 0x020c */ std %f2,[%o3-16] +/* 0x0210 179 */ and %o7,%o4,%g1 +/* 0x0214 */ st %g1,[%sp+96] +/* 0x0218 */ ld [%sp+96],%f3 +/* 0x021c */ fmovs %f0,%f2 +/* 0x0220 */ fsubd %f2,%f0,%f2 +/* 0x0224 180 */ srl %o7,16,%o7 +/* 0x0228 179 */ std %f2,[%o5-32] +/* 0x022c 180 */ st %o7,[%sp+92] +/* 0x0230 */ ld [%sp+92],%f3 +/* 0x0234 */ fmovs %f0,%f2 +/* 0x0238 */ fsubd %f2,%f0,%f2 +/* 0x023c */ std %f2,[%o5-24] +/* 0x0240 */ add %o0,4,%o0 +/* 0x0244 178 */ ld [%o0],%f3 +/* 0x0248 177 */ ld [%o0],%o7 +/* 0x024c 178 */ fmovs %f0,%f2 +/* 0x0250 */ fsubd %f2,%f0,%f2 +/* 0x0254 */ std %f2,[%o3-8] +/* 0x0258 179 */ and %o7,%o4,%g1 +/* 0x025c */ st %g1,[%sp+96] +/* 0x0260 */ ld [%sp+96],%f3 +/* 0x0264 */ fmovs %f0,%f2 +/* 0x0268 */ fsubd %f2,%f0,%f2 +/* 0x026c 180 */ srl %o7,16,%o7 +/* 0x0270 179 */ std %f2,[%o5-16] +/* 0x0274 180 */ st %o7,[%sp+92] +/* 0x0278 */ ld [%sp+92],%f3 +/* 0x027c */ fmovs %f0,%f2 +/* 0x0280 */ fsubd %f2,%f0,%f2 +/* 0x0284 */ std %f2,[%o5-8] +/* 0x0288 */ bl,pt %icc,.L900000411 +/* 0x028c */ add %o0,4,%o0 + .L900000414: +/* 0x0290 180 */ cmp %g5,%i3 +/* 0x0294 */ bge,pn %icc,.L77000164 +/* 0x0298 */ nop + .L77000161: +/* 0x029c 178 */ ld [%o0],%f3 + .L900000416: +/* 0x02a0 178 */ ldd [%o2],%f0 +/* 0x02a4 180 */ add %g5,1,%g5 +/* 0x02a8 177 */ ld [%o0],%o1 +/* 0x02ac 180 */ add %o0,4,%o0 +/* 0x02b0 */ cmp %g5,%i3 +/* 0x02b4 178 */ fmovs %f0,%f2 +/* 0x02b8 179 */ and %o1,%o4,%o7 +/* 0x02bc 178 */ fsubd %f2,%f0,%f2 +/* 0x02c0 */ std %f2,[%o3] +/* 0x02c4 180 */ srl %o1,16,%o1 +/* 0x02c8 179 */ st %o7,[%sp+96] +/* 0x02cc 180 */ add %o3,8,%o3 +/* 0x02d0 179 */ fmovs %f0,%f2 +/* 0x02d4 */ ld [%sp+96],%f3 +/* 0x02d8 */ fsubd %f2,%f0,%f2 +/* 0x02dc */ std %f2,[%o5] +/* 0x02e0 180 */ st %o1,[%sp+92] +/* 0x02e4 */ fmovs %f0,%f2 +/* 0x02e8 */ ld [%sp+92],%f3 +/* 0x02ec */ fsubd %f2,%f0,%f0 +/* 0x02f0 */ std %f0,[%o5+8] +/* 0x02f4 */ add %o5,16,%o5 +/* 0x02f8 */ bl,a,pt %icc,.L900000416 +/* 0x02fc */ ld [%o0],%f3 + .L77000164: +/* 0x0300 */ ret ! Result = +/* 0x0304 */ restore %g0,%g0,%g0 +/* 0x0308 0 */ .type conv_i32_to_d32_and_d16,2 +/* 0x0308 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 4 +! +! SUBROUTINE adjust_montf_result +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global adjust_montf_result + adjust_montf_result: +/* 000000 */ or %g0,%o2,%g5 + +! 181 ! } +! 182 !} +! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len) +! 186 !{ +! 187 !long long acc; +! 188 !int i; +! 190 ! if(i32[len]>0) i=-1; + +/* 0x0004 190 */ or %g0,-1,%g4 +/* 0x0008 */ sll %o2,2,%g1 +/* 0x000c */ ld [%o0+%g1],%g1 +/* 0x0010 */ cmp %g1,0 +/* 0x0014 */ bleu,pn %icc,.L77000175 +/* 0x0018 */ or %g0,%o1,%o3 +/* 0x001c */ ba .L900000511 +/* 0x0020 */ cmp %g4,0 + .L77000175: + +! 191 ! else +! 192 ! { +! 193 ! for(i=len-1; i>=0; i--) + +/* 0x0024 193 */ sub %o2,1,%g4 +/* 0x0028 */ sll %g4,2,%g1 +/* 0x002c */ cmp %g4,0 +/* 0x0030 */ bl,pt %icc,.L900000511 +/* 0x0034 */ cmp %g4,0 +/* 0x0038 */ add %o1,%g1,%g2 + +! 194 ! { +! 195 ! if(i32[i]!=nint[i]) break; + +/* 0x003c 195 */ ld [%g2],%o5 +/* 0x0040 193 */ add %o0,%g1,%g3 + .L900000510: +/* 0x0044 195 */ ld [%g3],%o2 +/* 0x0048 */ sub %g4,1,%g1 +/* 0x004c */ sub %g2,4,%g2 +/* 0x0050 */ sub %g3,4,%g3 +/* 0x0054 */ cmp %o2,%o5 +/* 0x0058 */ bne,pn %icc,.L77000182 +/* 0x005c */ nop +/* 0x0060 0 */ or %g0,%g1,%g4 +/* 0x0064 195 */ cmp %g1,0 +/* 0x0068 */ bge,a,pt %icc,.L900000510 +/* 0x006c */ ld [%g2],%o5 + .L77000182: + +! 196 ! } +! 197 ! } +! 198 ! if((i<0)||(i32[i]>nint[i])) + +/* 0x0070 198 */ cmp %g4,0 + .L900000511: +/* 0x0074 198 */ bl,pn %icc,.L77000198 +/* 0x0078 */ sll %g4,2,%g2 +/* 0x007c */ ld [%o1+%g2],%g1 +/* 0x0080 */ ld [%o0+%g2],%g2 +/* 0x0084 */ cmp %g2,%g1 +/* 0x0088 */ bleu,pt %icc,.L77000191 +/* 0x008c */ nop + .L77000198: + +! 199 ! { +! 200 ! acc=0; +! 201 ! for(i=0;i<len;i++) + +/* 0x0090 201 */ cmp %g5,0 +/* 0x0094 */ ble,pt %icc,.L77000191 +/* 0x0098 */ nop +/* 0x009c */ or %g0,%g5,%g1 +/* 0x00a0 198 */ or %g0,-1,%g2 +/* 0x00a4 */ srl %g2,0,%g3 +/* 0x00a8 */ sub %g5,1,%g4 +/* 0x00ac 200 */ or %g0,0,%g5 +/* 0x00b0 201 */ or %g0,0,%o5 +/* 0x00b4 198 */ or %g0,%o0,%o4 +/* 0x00b8 */ cmp %g1,3 +/* 0x00bc 201 */ bl,pn %icc,.L77000199 +/* 0x00c0 */ add %o0,8,%g1 +/* 0x00c4 */ add %o1,4,%g2 + +! 202 ! { +! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]); + +/* 0x00c8 203 */ ld [%o0],%o2 +/* 0x00cc */ ld [%o1],%o1 +/* 0x00d0 0 */ or %g0,%g1,%o4 +/* 0x00d4 */ or %g0,%g2,%o3 +/* 0x00d8 203 */ ld [%o0+4],%g1 + +! 204 ! i32[i]=acc&0xffffffff; +! 205 ! acc=acc>>32; + +/* 0x00dc 205 */ or %g0,2,%o5 +/* 0x00e0 201 */ sub %o2,%o1,%o2 +/* 0x00e4 */ or %g0,%o2,%g5 +/* 0x00e8 204 */ and %o2,%g3,%o2 +/* 0x00ec */ st %o2,[%o0] +/* 0x00f0 205 */ srax %g5,32,%g5 + .L900000505: +/* 0x00f4 203 */ ld [%o3],%o2 +/* 0x00f8 205 */ add %o5,1,%o5 +/* 0x00fc */ add %o3,4,%o3 +/* 0x0100 */ cmp %o5,%g4 +/* 0x0104 */ add %o4,4,%o4 +/* 0x0108 201 */ sub %g1,%o2,%g1 +/* 0x010c */ add %g1,%g5,%g5 +/* 0x0110 204 */ and %g5,%g3,%o2 +/* 0x0114 203 */ ld [%o4-4],%g1 +/* 0x0118 204 */ st %o2,[%o4-8] +/* 0x011c 205 */ ble,pt %icc,.L900000505 +/* 0x0120 */ srax %g5,32,%g5 + .L900000508: +/* 0x0124 203 */ ld [%o3],%g2 +/* 0x0128 201 */ sub %g1,%g2,%g1 +/* 0x012c */ add %g1,%g5,%g1 +/* 0x0130 204 */ and %g1,%g3,%g2 +/* 0x0134 */ retl ! Result = +/* 0x0138 */ st %g2,[%o4-4] + .L77000199: +/* 0x013c 203 */ ld [%o4],%g1 + .L900000509: +/* 0x0140 203 */ ld [%o3],%g2 +/* 0x0144 */ add %g5,%g1,%g1 +/* 0x0148 205 */ add %o5,1,%o5 +/* 0x014c */ add %o3,4,%o3 +/* 0x0150 */ cmp %o5,%g4 +/* 0x0154 203 */ sub %g1,%g2,%g1 +/* 0x0158 204 */ and %g1,%g3,%g2 +/* 0x015c */ st %g2,[%o4] +/* 0x0160 205 */ add %o4,4,%o4 +/* 0x0164 */ srax %g1,32,%g5 +/* 0x0168 */ ble,a,pt %icc,.L900000509 +/* 0x016c */ ld [%o4],%g1 + .L77000191: +/* 0x0170 */ retl ! Result = +/* 0x0174 */ nop +/* 0x0178 0 */ .type adjust_montf_result,2 +/* 0x0178 */ .size adjust_montf_result,(.-adjust_montf_result) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 4 +/* 000000 */ .skip 16 +! +! SUBROUTINE mont_mulf_noconv +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global mont_mulf_noconv + mont_mulf_noconv: +/* 000000 */ save %sp,-144,%sp + .L900000646: +/* 0x0004 */ call .+8 +/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5 + +! 206 ! } +! 207 ! } +! 208 !} +! 213 !/* +! 214 !** the lengths of the input arrays should be at least the following: +! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen] +! 216 !** all of them should be different from one another +! 217 !** +! 218 !*/ +! 219 !void mont_mulf_noconv(unsigned int *result, +! 220 ! double *dm1, double *dm2, double *dt, +! 221 ! double *dn, unsigned int *nint, +! 222 ! int nlen, double dn0) +! 223 !{ +! 224 ! int i, j, jj; +! 225 ! int tmp; +! 226 ! double digit, m2j, nextm2j, a, b; +! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0; +! 229 ! pdm1=&(dm1[0]); +! 230 ! pdm2=&(dm2[0]); +! 231 ! pdn=&(dn[0]); +! 232 ! pdm2[2*nlen]=Zero; + +/* 0x000c 232 */ ld [%fp+92],%o1 +/* 0x0010 */ sethi %hi(Zero),%g2 +/* 0x0014 223 */ ldd [%fp+96],%f2 +/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5 +/* 0x001c 232 */ add %g2,%lo(Zero),%g2 +/* 0x0020 223 */ st %i0,[%fp+68] +/* 0x0024 */ add %g5,%o7,%o3 + +! 234 ! if (nlen!=16) +! 235 ! { +! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero; +! 238 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); + +/* 0x0028 239 */ sethi %hi(TwoToMinus16),%g3 +/* 0x002c 232 */ ld [%o3+%g2],%l0 +/* 0x0030 239 */ sethi %hi(TwoTo16),%g4 +/* 0x0034 223 */ or %g0,%i2,%o2 +/* 0x0038 */ fmovd %f2,%f16 +/* 0x003c */ st %i5,[%fp+88] +/* 0x0040 239 */ add %g3,%lo(TwoToMinus16),%g2 +/* 0x0044 223 */ or %g0,%i1,%i2 +/* 0x0048 232 */ ldd [%l0],%f0 +/* 0x004c 239 */ add %g4,%lo(TwoTo16),%g3 +/* 0x0050 223 */ or %g0,%i3,%o0 +/* 0x0054 232 */ sll %o1,4,%g4 +/* 0x0058 239 */ ld [%o3+%g2],%g5 +/* 0x005c 223 */ or %g0,%i3,%i1 +/* 0x0060 239 */ ld [%o3+%g3],%g1 +/* 0x0064 232 */ or %g0,%o1,%i0 +/* 0x0068 */ or %g0,%o2,%i3 +/* 0x006c 234 */ cmp %o1,16 +/* 0x0070 */ be,pn %icc,.L77000279 +/* 0x0074 */ std %f0,[%o2+%g4] +/* 0x0078 236 */ sll %o1,2,%g2 +/* 0x007c */ or %g0,%o0,%o3 +/* 0x0080 232 */ sll %o1,1,%o1 +/* 0x0084 236 */ add %g2,2,%o2 +/* 0x0088 */ cmp %o2,0 +/* 0x008c */ ble,a,pt %icc,.L900000660 +/* 0x0090 */ ldd [%i2],%f0 + +! 241 ! pdtj=&(dt[0]); +! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++) +! 243 ! { +! 244 ! m2j=pdm2[j]; +! 245 ! a=pdtj[0]+pdn[0]*digit; +! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16; +! 247 ! pdtj[1]=b; +! 249 !#pragma pipeloop(0) +! 250 ! for(i=1;i<nlen;i++) +! 251 ! { +! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 253 ! } +! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;} +! 255 ! +! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); +! 257 ! } +! 258 ! } +! 259 ! else +! 260 ! { +! 261 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]= +! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]= +! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]= +! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]= +! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]= +! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]= +! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]= +! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]= +! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]= +! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]= +! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero; +! 275 ! pdn_0=pdn[0]; +! 276 ! pdm1_0=pdm1[0]; +! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); +! 279 ! pdtj=&(dt[0]); +! 281 ! for(j=0;j<32;j++,pdtj++) + +/* 0x0094 281 */ add %g2,2,%o0 +/* 0x0098 236 */ add %g2,1,%o2 +/* 0x009c 281 */ cmp %o0,3 +/* 0x00a0 */ bl,pn %icc,.L77000280 +/* 0x00a4 */ or %g0,1,%o0 +/* 0x00a8 */ add %o3,8,%o3 +/* 0x00ac */ or %g0,1,%o4 +/* 0x00b0 */ std %f0,[%o3-8] + .L900000630: +/* 0x00b4 */ std %f0,[%o3] +/* 0x00b8 */ add %o4,2,%o4 +/* 0x00bc */ add %o3,16,%o3 +/* 0x00c0 */ cmp %o4,%g2 +/* 0x00c4 */ ble,pt %icc,.L900000630 +/* 0x00c8 */ std %f0,[%o3-8] + .L900000633: +/* 0x00cc */ cmp %o4,%o2 +/* 0x00d0 */ bg,pn %icc,.L77000285 +/* 0x00d4 */ add %o4,1,%o0 + .L77000280: +/* 0x00d8 */ std %f0,[%o3] + .L900000659: +/* 0x00dc */ ldd [%l0],%f0 +/* 0x00e0 */ cmp %o0,%o2 +/* 0x00e4 */ add %o3,8,%o3 +/* 0x00e8 */ add %o0,1,%o0 +/* 0x00ec */ ble,a,pt %icc,.L900000659 +/* 0x00f0 */ std %f0,[%o3] + .L77000285: +/* 0x00f4 238 */ ldd [%i2],%f0 + .L900000660: +/* 0x00f8 238 */ ldd [%i3],%f2 +/* 0x00fc */ add %o1,1,%o2 +/* 0x0100 242 */ cmp %o1,0 +/* 0x0104 */ sll %o2,1,%o0 +/* 0x0108 */ sub %o1,1,%o1 +/* 0x010c 238 */ fmuld %f0,%f2,%f0 +/* 0x0110 */ std %f0,[%i1] +/* 0x0114 0 */ or %g0,0,%l1 +/* 0x0118 */ ldd [%l0],%f6 +/* 0x011c */ or %g0,0,%g4 +/* 0x0120 */ or %g0,%o2,%i5 +/* 0x0124 */ ldd [%g5],%f2 +/* 0x0128 */ or %g0,%o1,%g3 +/* 0x012c */ or %g0,%o0,%o3 +/* 0x0130 */ fdtox %f0,%f0 +/* 0x0134 */ ldd [%g1],%f4 +/* 0x0138 246 */ add %i3,8,%o4 +/* 0x013c */ or %g0,0,%l2 +/* 0x0140 */ or %g0,%i1,%o5 +/* 0x0144 */ sub %i0,1,%o7 +/* 0x0148 */ fmovs %f6,%f0 +/* 0x014c */ fxtod %f0,%f0 +/* 0x0150 239 */ fmuld %f0,%f16,%f0 +/* 0x0154 */ fmuld %f0,%f2,%f2 +/* 0x0158 */ fdtox %f2,%f2 +/* 0x015c */ fxtod %f2,%f2 +/* 0x0160 */ fmuld %f2,%f4,%f2 +/* 0x0164 */ fsubd %f0,%f2,%f22 +/* 0x0168 242 */ ble,pt %icc,.L900000653 +/* 0x016c */ sll %i0,4,%g2 +/* 0x0170 246 */ ldd [%i4],%f0 + .L900000654: +/* 0x0174 246 */ fmuld %f0,%f22,%f8 +/* 0x0178 */ ldd [%i2],%f0 +/* 0x017c 250 */ cmp %i0,1 +/* 0x0180 246 */ ldd [%o4+%l2],%f6 +/* 0x0184 */ add %i2,8,%o0 +/* 0x0188 250 */ or %g0,1,%o1 +/* 0x018c 246 */ ldd [%o5],%f2 +/* 0x0190 */ add %o5,16,%l3 +/* 0x0194 */ fmuld %f0,%f6,%f6 +/* 0x0198 */ ldd [%g5],%f4 +/* 0x019c */ faddd %f2,%f8,%f2 +/* 0x01a0 */ ldd [%o5+8],%f0 +/* 0x01a4 244 */ ldd [%i3+%l2],%f20 +/* 0x01a8 246 */ faddd %f0,%f6,%f0 +/* 0x01ac */ fmuld %f2,%f4,%f2 +/* 0x01b0 */ faddd %f0,%f2,%f18 +/* 0x01b4 247 */ std %f18,[%o5+8] +/* 0x01b8 250 */ ble,pt %icc,.L900000658 +/* 0x01bc */ srl %g4,31,%g2 +/* 0x01c0 */ cmp %o7,7 +/* 0x01c4 246 */ add %i4,8,%g2 +/* 0x01c8 250 */ bl,pn %icc,.L77000284 +/* 0x01cc */ add %g2,24,%o2 +/* 0x01d0 252 */ ldd [%o0+24],%f12 +/* 0x01d4 */ add %o5,48,%l3 +/* 0x01d8 */ ldd [%o0],%f2 +/* 0x01dc 0 */ or %g0,%o2,%g2 +/* 0x01e0 250 */ sub %o7,2,%o2 +/* 0x01e4 252 */ ldd [%g2-24],%f0 +/* 0x01e8 */ or %g0,5,%o1 +/* 0x01ec */ ldd [%o0+8],%f6 +/* 0x01f0 */ fmuld %f2,%f20,%f2 +/* 0x01f4 */ ldd [%o0+16],%f14 +/* 0x01f8 */ fmuld %f0,%f22,%f4 +/* 0x01fc */ add %o0,32,%o0 +/* 0x0200 */ ldd [%g2-16],%f8 +/* 0x0204 */ fmuld %f6,%f20,%f10 +/* 0x0208 */ ldd [%o5+16],%f0 +/* 0x020c */ ldd [%g2-8],%f6 +/* 0x0210 */ faddd %f2,%f4,%f4 +/* 0x0214 */ ldd [%o5+32],%f2 + .L900000642: +/* 0x0218 252 */ ldd [%g2],%f24 +/* 0x021c */ add %o1,3,%o1 +/* 0x0220 */ add %g2,24,%g2 +/* 0x0224 */ fmuld %f8,%f22,%f8 +/* 0x0228 */ ldd [%l3],%f28 +/* 0x022c */ cmp %o1,%o2 +/* 0x0230 */ add %o0,24,%o0 +/* 0x0234 */ ldd [%o0-24],%f26 +/* 0x0238 */ faddd %f0,%f4,%f0 +/* 0x023c */ add %l3,48,%l3 +/* 0x0240 */ faddd %f10,%f8,%f10 +/* 0x0244 */ fmuld %f14,%f20,%f4 +/* 0x0248 */ std %f0,[%l3-80] +/* 0x024c */ ldd [%g2-16],%f8 +/* 0x0250 */ fmuld %f6,%f22,%f6 +/* 0x0254 */ ldd [%l3-32],%f0 +/* 0x0258 */ ldd [%o0-16],%f14 +/* 0x025c */ faddd %f2,%f10,%f2 +/* 0x0260 */ faddd %f4,%f6,%f10 +/* 0x0264 */ fmuld %f12,%f20,%f4 +/* 0x0268 */ std %f2,[%l3-64] +/* 0x026c */ ldd [%g2-8],%f6 +/* 0x0270 */ fmuld %f24,%f22,%f24 +/* 0x0274 */ ldd [%l3-16],%f2 +/* 0x0278 */ ldd [%o0-8],%f12 +/* 0x027c */ faddd %f28,%f10,%f10 +/* 0x0280 */ std %f10,[%l3-48] +/* 0x0284 */ fmuld %f26,%f20,%f10 +/* 0x0288 */ ble,pt %icc,.L900000642 +/* 0x028c */ faddd %f4,%f24,%f4 + .L900000645: +/* 0x0290 252 */ fmuld %f8,%f22,%f28 +/* 0x0294 */ ldd [%g2],%f24 +/* 0x0298 */ faddd %f0,%f4,%f26 +/* 0x029c */ fmuld %f12,%f20,%f8 +/* 0x02a0 */ add %l3,32,%l3 +/* 0x02a4 */ cmp %o1,%o7 +/* 0x02a8 */ fmuld %f14,%f20,%f14 +/* 0x02ac */ ldd [%l3-32],%f4 +/* 0x02b0 */ add %g2,8,%g2 +/* 0x02b4 */ faddd %f10,%f28,%f12 +/* 0x02b8 */ fmuld %f6,%f22,%f6 +/* 0x02bc */ ldd [%l3-16],%f0 +/* 0x02c0 */ fmuld %f24,%f22,%f10 +/* 0x02c4 */ std %f26,[%l3-64] +/* 0x02c8 */ faddd %f2,%f12,%f2 +/* 0x02cc */ std %f2,[%l3-48] +/* 0x02d0 */ faddd %f14,%f6,%f6 +/* 0x02d4 */ faddd %f8,%f10,%f2 +/* 0x02d8 */ faddd %f4,%f6,%f4 +/* 0x02dc */ std %f4,[%l3-32] +/* 0x02e0 */ faddd %f0,%f2,%f0 +/* 0x02e4 */ bg,pn %icc,.L77000213 +/* 0x02e8 */ std %f0,[%l3-16] + .L77000284: +/* 0x02ec 252 */ ldd [%o0],%f0 + .L900000657: +/* 0x02f0 252 */ ldd [%g2],%f4 +/* 0x02f4 */ fmuld %f0,%f20,%f2 +/* 0x02f8 */ add %o1,1,%o1 +/* 0x02fc */ ldd [%l3],%f0 +/* 0x0300 */ add %o0,8,%o0 +/* 0x0304 */ add %g2,8,%g2 +/* 0x0308 */ fmuld %f4,%f22,%f4 +/* 0x030c */ cmp %o1,%o7 +/* 0x0310 */ faddd %f2,%f4,%f2 +/* 0x0314 */ faddd %f0,%f2,%f0 +/* 0x0318 */ std %f0,[%l3] +/* 0x031c */ add %l3,16,%l3 +/* 0x0320 */ ble,a,pt %icc,.L900000657 +/* 0x0324 */ ldd [%o0],%f0 + .L77000213: +/* 0x0328 */ srl %g4,31,%g2 + .L900000658: +/* 0x032c 254 */ cmp %l1,30 +/* 0x0330 */ bne,a,pt %icc,.L900000656 +/* 0x0334 */ fdtox %f18,%f0 +/* 0x0338 */ add %g4,%g2,%g2 +/* 0x033c */ sra %g2,1,%o0 +/* 0x0340 281 */ ldd [%l0],%f0 +/* 0x0344 */ sll %i5,1,%o2 +/* 0x0348 */ add %o0,1,%g2 +/* 0x034c */ sll %g2,1,%o0 +/* 0x0350 254 */ sub %o2,1,%o2 +/* 0x0354 281 */ fmovd %f0,%f2 +/* 0x0358 */ sll %g2,4,%o1 +/* 0x035c */ cmp %o0,%o3 +/* 0x0360 */ bge,pt %icc,.L77000215 +/* 0x0364 */ or %g0,0,%l1 +/* 0x0368 254 */ add %i1,%o1,%o1 +/* 0x036c 281 */ ldd [%o1],%f6 + .L900000655: +/* 0x0370 */ fdtox %f6,%f10 +/* 0x0374 */ ldd [%o1+8],%f4 +/* 0x0378 */ add %o0,2,%o0 +/* 0x037c */ ldd [%l0],%f12 +/* 0x0380 */ fdtox %f6,%f6 +/* 0x0384 */ cmp %o0,%o2 +/* 0x0388 */ fdtox %f4,%f8 +/* 0x038c */ fdtox %f4,%f4 +/* 0x0390 */ fmovs %f12,%f10 +/* 0x0394 */ fmovs %f12,%f8 +/* 0x0398 */ fxtod %f10,%f10 +/* 0x039c */ fxtod %f8,%f8 +/* 0x03a0 */ faddd %f10,%f2,%f2 +/* 0x03a4 */ std %f2,[%o1] +/* 0x03a8 */ faddd %f8,%f0,%f0 +/* 0x03ac */ std %f0,[%o1+8] +/* 0x03b0 */ add %o1,16,%o1 +/* 0x03b4 */ fitod %f6,%f2 +/* 0x03b8 */ fitod %f4,%f0 +/* 0x03bc */ ble,a,pt %icc,.L900000655 +/* 0x03c0 */ ldd [%o1],%f6 + .L77000233: +/* 0x03c4 */ or %g0,0,%l1 + .L77000215: +/* 0x03c8 */ fdtox %f18,%f0 + .L900000656: +/* 0x03cc */ ldd [%l0],%f6 +/* 0x03d0 256 */ add %g4,1,%g4 +/* 0x03d4 */ add %l2,8,%l2 +/* 0x03d8 */ ldd [%g5],%f2 +/* 0x03dc */ add %l1,1,%l1 +/* 0x03e0 */ add %o5,8,%o5 +/* 0x03e4 */ fmovs %f6,%f0 +/* 0x03e8 */ ldd [%g1],%f4 +/* 0x03ec */ cmp %g4,%g3 +/* 0x03f0 */ fxtod %f0,%f0 +/* 0x03f4 */ fmuld %f0,%f16,%f0 +/* 0x03f8 */ fmuld %f0,%f2,%f2 +/* 0x03fc */ fdtox %f2,%f2 +/* 0x0400 */ fxtod %f2,%f2 +/* 0x0404 */ fmuld %f2,%f4,%f2 +/* 0x0408 */ fsubd %f0,%f2,%f22 +/* 0x040c */ ble,a,pt %icc,.L900000654 +/* 0x0410 */ ldd [%i4],%f0 + .L900000629: +/* 0x0414 256 */ ba .L900000653 +/* 0x0418 */ sll %i0,4,%g2 + .L77000279: +/* 0x041c 261 */ ldd [%o2],%f6 +/* 0x0420 279 */ or %g0,%o0,%o4 +/* 0x0424 281 */ or %g0,0,%o3 +/* 0x0428 261 */ ldd [%i2],%f4 +/* 0x042c 273 */ std %f0,[%o0+8] +/* 0x0430 */ std %f0,[%o0+16] +/* 0x0434 261 */ fmuld %f4,%f6,%f4 +/* 0x0438 */ std %f4,[%o0] +/* 0x043c 273 */ std %f0,[%o0+24] +/* 0x0440 */ std %f0,[%o0+32] +/* 0x0444 */ fdtox %f4,%f4 +/* 0x0448 */ std %f0,[%o0+40] +/* 0x044c */ std %f0,[%o0+48] +/* 0x0450 */ std %f0,[%o0+56] +/* 0x0454 */ std %f0,[%o0+64] +/* 0x0458 */ std %f0,[%o0+72] +/* 0x045c */ std %f0,[%o0+80] +/* 0x0460 */ std %f0,[%o0+88] +/* 0x0464 */ std %f0,[%o0+96] +/* 0x0468 */ std %f0,[%o0+104] +/* 0x046c */ std %f0,[%o0+112] +/* 0x0470 */ std %f0,[%o0+120] +/* 0x0474 */ std %f0,[%o0+128] +/* 0x0478 */ std %f0,[%o0+136] +/* 0x047c */ std %f0,[%o0+144] +/* 0x0480 */ std %f0,[%o0+152] +/* 0x0484 */ std %f0,[%o0+160] +/* 0x0488 */ std %f0,[%o0+168] +/* 0x048c */ fmovs %f0,%f4 +/* 0x0490 */ std %f0,[%o0+176] +/* 0x0494 281 */ or %g0,0,%o1 +/* 0x0498 273 */ std %f0,[%o0+184] +/* 0x049c */ fxtod %f4,%f4 +/* 0x04a0 */ std %f0,[%o0+192] +/* 0x04a4 */ std %f0,[%o0+200] +/* 0x04a8 */ std %f0,[%o0+208] +/* 0x04ac 278 */ fmuld %f4,%f2,%f2 +/* 0x04b0 273 */ std %f0,[%o0+216] +/* 0x04b4 */ std %f0,[%o0+224] +/* 0x04b8 */ std %f0,[%o0+232] +/* 0x04bc */ std %f0,[%o0+240] +/* 0x04c0 */ std %f0,[%o0+248] +/* 0x04c4 */ std %f0,[%o0+256] +/* 0x04c8 */ std %f0,[%o0+264] +/* 0x04cc */ std %f0,[%o0+272] +/* 0x04d0 */ std %f0,[%o0+280] +/* 0x04d4 */ std %f0,[%o0+288] +/* 0x04d8 */ std %f0,[%o0+296] +/* 0x04dc */ std %f0,[%o0+304] +/* 0x04e0 */ std %f0,[%o0+312] +/* 0x04e4 */ std %f0,[%o0+320] +/* 0x04e8 */ std %f0,[%o0+328] +/* 0x04ec */ std %f0,[%o0+336] +/* 0x04f0 */ std %f0,[%o0+344] +/* 0x04f4 */ std %f0,[%o0+352] +/* 0x04f8 */ std %f0,[%o0+360] +/* 0x04fc */ std %f0,[%o0+368] +/* 0x0500 */ std %f0,[%o0+376] +/* 0x0504 */ std %f0,[%o0+384] +/* 0x0508 */ std %f0,[%o0+392] +/* 0x050c */ std %f0,[%o0+400] +/* 0x0510 */ std %f0,[%o0+408] +/* 0x0514 */ std %f0,[%o0+416] +/* 0x0518 */ std %f0,[%o0+424] +/* 0x051c */ std %f0,[%o0+432] +/* 0x0520 */ std %f0,[%o0+440] +/* 0x0524 */ std %f0,[%o0+448] +/* 0x0528 */ std %f0,[%o0+456] +/* 0x052c */ std %f0,[%o0+464] +/* 0x0530 */ std %f0,[%o0+472] +/* 0x0534 */ std %f0,[%o0+480] +/* 0x0538 */ std %f0,[%o0+488] +/* 0x053c */ std %f0,[%o0+496] +/* 0x0540 */ std %f0,[%o0+504] +/* 0x0544 */ std %f0,[%o0+512] +/* 0x0548 */ std %f0,[%o0+520] +/* 0x054c */ ldd [%g5],%f0 +/* 0x0550 */ ldd [%g1],%f8 +/* 0x0554 */ fmuld %f2,%f0,%f6 +/* 0x0558 275 */ ldd [%i4],%f4 +/* 0x055c 276 */ ldd [%i2],%f0 +/* 0x0560 */ fdtox %f6,%f6 +/* 0x0564 */ fxtod %f6,%f6 +/* 0x0568 */ fmuld %f6,%f8,%f6 +/* 0x056c */ fsubd %f2,%f6,%f2 +/* 0x0570 286 */ fmuld %f4,%f2,%f12 + +! 282 ! { +! 284 ! m2j=pdm2[j]; +! 285 ! a=pdtj[0]+pdn_0*digit; +! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16; + +! 287 ! pdtj[1]=b; +! 289 ! /**** this loop will be fully unrolled: +! 290 ! for(i=1;i<16;i++) +! 291 ! { +! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 293 ! } +! 294 ! *************************************/ +! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit; +! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit; +! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit; +! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit; +! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit; +! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit; +! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit; +! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit; +! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit; +! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit; +! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit; +! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit; +! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit; +! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit; +! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit; +! 310 ! /* no need for cleenup, cannot overflow */ +! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); + + fmovd %f2,%f0 ! hand modified + fmovd %f16,%f18 ! hand modified + ldd [%i4],%f2 + ldd [%o4],%f8 + ldd [%i2],%f10 + ldd [%g5],%f14 ! hand modified + ldd [%g1],%f16 ! hand modified + ldd [%i3],%f24 + + ldd [%i2+8],%f26 + ldd [%i2+16],%f40 + ldd [%i2+48],%f46 + ldd [%i2+56],%f30 + ldd [%i2+64],%f54 + ldd [%i2+104],%f34 + ldd [%i2+112],%f58 + + ldd [%i4+8],%f28 + ldd [%i4+104],%f38 + ldd [%i4+112],%f60 + + .L99999999: !1 + ldd [%i2+24],%f32 + fmuld %f0,%f2,%f4 !2 + ldd [%i4+24],%f36 + fmuld %f26,%f24,%f20 !3 + ldd [%i2+40],%f42 + fmuld %f28,%f0,%f22 !4 + ldd [%i4+40],%f44 + fmuld %f32,%f24,%f32 !5 + ldd [%i3+8],%f6 + faddd %f4,%f8,%f4 + fmuld %f36,%f0,%f36 !6 + add %i3,8,%i3 + ldd [%i4+56],%f50 + fmuld %f42,%f24,%f42 !7 + ldd [%i2+72],%f52 + faddd %f20,%f22,%f20 + fmuld %f44,%f0,%f44 !8 + ldd [%o4+16],%f22 + fmuld %f10,%f6,%f12 !9 + ldd [%i4+72],%f56 + faddd %f32,%f36,%f32 + fmuld %f14,%f4,%f4 !10 + ldd [%o4+48],%f36 + fmuld %f30,%f24,%f48 !11 + ldd [%o4+8],%f8 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 !12 + std %f20,[%o4+16] + faddd %f42,%f44,%f42 + fmuld %f52,%f24,%f52 !13 + ldd [%o4+80],%f44 + faddd %f4,%f12,%f4 + fmuld %f56,%f0,%f56 !14 + ldd [%i2+88],%f20 + faddd %f32,%f36,%f32 !15 + ldd [%i4+88],%f22 + faddd %f48,%f50,%f48 !16 + ldd [%o4+112],%f50 + faddd %f52,%f56,%f52 !17 + ldd [%o4+144],%f56 + faddd %f4,%f8,%f8 + fmuld %f20,%f24,%f20 !18 + std %f32,[%o4+48] + faddd %f42,%f44,%f42 + fmuld %f22,%f0,%f22 !19 + std %f42,[%o4+80] + faddd %f48,%f50,%f48 + fmuld %f34,%f24,%f32 !20 + std %f48,[%o4+112] + faddd %f52,%f56,%f52 + fmuld %f38,%f0,%f36 !21 + ldd [%i2+120],%f42 + fdtox %f8,%f4 !22 + std %f52,[%o4+144] + faddd %f20,%f22,%f20 !23 + ldd [%i4+120],%f44 !24 + ldd [%o4+176],%f22 + faddd %f32,%f36,%f32 + fmuld %f42,%f24,%f42 !25 + ldd [%i4+16],%f50 + fmovs %f17,%f4 !26 + ldd [%i2+32],%f52 + fmuld %f44,%f0,%f44 !27 + ldd [%i4+32],%f56 + fmuld %f40,%f24,%f48 !28 + ldd [%o4+208],%f36 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 !29 + std %f20,[%o4+176] + fxtod %f4,%f4 + fmuld %f52,%f24,%f52 !30 + ldd [%i4+48],%f22 + faddd %f42,%f44,%f42 + fmuld %f56,%f0,%f56 !31 + ldd [%o4+240],%f44 + faddd %f32,%f36,%f32 !32 + std %f32,[%o4+208] + faddd %f48,%f50,%f48 + fmuld %f46,%f24,%f20 !33 + ldd [%o4+32],%f50 + fmuld %f4,%f18,%f12 !34 + ldd [%i4+64],%f36 + faddd %f52,%f56,%f52 + fmuld %f22,%f0,%f22 !35 + ldd [%o4+64],%f56 + faddd %f42,%f44,%f42 !36 + std %f42,[%o4+240] + faddd %f48,%f50,%f48 + fmuld %f54,%f24,%f32 !37 + std %f48,[%o4+32] + fmuld %f12,%f14,%f4 !38 + ldd [%i2+80],%f42 + faddd %f52,%f56,%f56 ! yes, tmp52! + fmuld %f36,%f0,%f36 !39 + ldd [%i4+80],%f44 + faddd %f20,%f22,%f20 !40 + ldd [%i2+96],%f48 + fmuld %f58,%f24,%f52 !41 + ldd [%i4+96],%f50 + fdtox %f4,%f4 + fmuld %f42,%f24,%f42 !42 + std %f56,[%o4+64] ! yes, tmp52! + faddd %f32,%f36,%f32 + fmuld %f44,%f0,%f44 !43 + ldd [%o4+96],%f22 + fmuld %f48,%f24,%f48 !44 + ldd [%o4+128],%f36 + fmovd %f6,%f24 + fmuld %f50,%f0,%f50 !45 + fxtod %f4,%f4 + fmuld %f60,%f0,%f56 !46 + add %o4,8,%o4 + faddd %f42,%f44,%f42 !47 + ldd [%o4+160-8],%f44 + faddd %f20,%f22,%f20 !48 + std %f20,[%o4+96-8] + faddd %f48,%f50,%f48 !49 + ldd [%o4+192-8],%f50 + faddd %f52,%f56,%f52 + fmuld %f4,%f16,%f4 !50 + ldd [%o4+224-8],%f56 + faddd %f32,%f36,%f32 !51 + std %f32,[%o4+128-8] + faddd %f42,%f44,%f42 !52 + add %o3,1,%o3 + std %f42,[%o4+160-8] + faddd %f48,%f50,%f48 !53 + cmp %o3,31 + std %f48,[%o4+192-8] + fsubd %f12,%f4,%f0 !54 + faddd %f52,%f56,%f52 + ble,pt %icc,.L99999999 + std %f52,[%o4+224-8] !55 + std %f8,[%o4] + +! 312 ! } +! 313 ! } +! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1); + +/* 0x07c8 315 */ sll %i0,4,%g2 + .L900000653: +/* 0x07cc 315 */ add %i1,%g2,%i1 +/* 0x07d0 242 */ ld [%fp+68],%o0 +/* 0x07d4 315 */ or %g0,0,%o4 +/* 0x07d8 */ ldd [%i1],%f0 +/* 0x07dc */ or %g0,0,%g5 +/* 0x07e0 */ cmp %i0,0 +/* 0x07e4 242 */ or %g0,%o0,%o3 +/* 0x07e8 311 */ sub %i0,1,%g1 +/* 0x07ec 315 */ fdtox %f0,%f0 +/* 0x07f0 */ std %f0,[%sp+120] +/* 0x07f4 311 */ sethi %hi(0xfc00),%o1 +/* 0x07f8 */ add %g1,1,%g3 +/* 0x07fc */ or %g0,%o0,%g4 +/* 0x0800 315 */ ldd [%i1+8],%f0 +/* 0x0804 */ add %o1,1023,%o1 +/* 0x0808 */ fdtox %f0,%f0 +/* 0x080c */ std %f0,[%sp+112] +/* 0x0810 */ ldx [%sp+112],%o5 +/* 0x0814 */ ldx [%sp+120],%o7 +/* 0x0818 */ ble,pt %icc,.L900000651 +/* 0x081c */ sethi %hi(0xfc00),%g2 +/* 0x0820 311 */ or %g0,-1,%g2 +/* 0x0824 315 */ cmp %g3,3 +/* 0x0828 311 */ srl %g2,0,%o2 +/* 0x082c 315 */ bl,pn %icc,.L77000287 +/* 0x0830 */ or %g0,%i1,%g2 +/* 0x0834 */ ldd [%i1+16],%f0 +/* 0x0838 */ and %o5,%o1,%o0 +/* 0x083c */ add %i1,16,%g2 +/* 0x0840 */ sllx %o0,16,%g3 +/* 0x0844 */ and %o7,%o2,%o0 +/* 0x0848 */ fdtox %f0,%f0 +/* 0x084c */ std %f0,[%sp+104] +/* 0x0850 */ add %o0,%g3,%o4 +/* 0x0854 */ ldd [%i1+24],%f2 +/* 0x0858 */ srax %o5,16,%o0 +/* 0x085c */ add %o3,4,%g4 +/* 0x0860 */ stx %o0,[%sp+128] +/* 0x0864 */ and %o4,%o2,%o0 +/* 0x0868 */ stx %o0,[%sp+112] +/* 0x086c */ srax %o4,32,%o0 +/* 0x0870 */ fdtox %f2,%f0 +/* 0x0874 */ stx %o0,[%sp+136] +/* 0x0878 */ srax %o7,32,%o4 +/* 0x087c */ std %f0,[%sp+96] +/* 0x0880 */ ldx [%sp+128],%g5 +/* 0x0884 */ ldx [%sp+136],%o7 +/* 0x0888 */ ldx [%sp+104],%g3 +/* 0x088c */ add %g5,%o7,%o0 +/* 0x0890 */ or %g0,1,%g5 +/* 0x0894 */ ldx [%sp+112],%o7 +/* 0x0898 */ add %o4,%o0,%o4 +/* 0x089c */ ldx [%sp+96],%o5 +/* 0x08a0 */ st %o7,[%o3] +/* 0x08a4 */ or %g0,%g3,%o7 + .L900000634: +/* 0x08a8 */ ldd [%g2+16],%f0 +/* 0x08ac */ add %g5,1,%g5 +/* 0x08b0 */ add %g4,4,%g4 +/* 0x08b4 */ cmp %g5,%g1 +/* 0x08b8 */ add %g2,16,%g2 +/* 0x08bc */ fdtox %f0,%f0 +/* 0x08c0 */ std %f0,[%sp+104] +/* 0x08c4 */ ldd [%g2+8],%f0 +/* 0x08c8 */ fdtox %f0,%f0 +/* 0x08cc */ std %f0,[%sp+96] +/* 0x08d0 */ and %o5,%o1,%g3 +/* 0x08d4 */ sllx %g3,16,%g3 +/* 0x08d8 */ stx %g3,[%sp+120] +/* 0x08dc */ and %o7,%o2,%g3 +/* 0x08e0 */ stx %o7,[%sp+128] +/* 0x08e4 */ ldx [%sp+120],%o7 +/* 0x08e8 */ add %g3,%o7,%g3 +/* 0x08ec */ ldx [%sp+128],%o7 +/* 0x08f0 */ srax %o5,16,%o5 +/* 0x08f4 */ add %g3,%o4,%g3 +/* 0x08f8 */ srax %g3,32,%o4 +/* 0x08fc */ stx %o4,[%sp+112] +/* 0x0900 */ srax %o7,32,%o4 +/* 0x0904 */ ldx [%sp+112],%o7 +/* 0x0908 */ add %o5,%o7,%o7 +/* 0x090c */ ldx [%sp+96],%o5 +/* 0x0910 */ add %o4,%o7,%o4 +/* 0x0914 */ and %g3,%o2,%g3 +/* 0x0918 */ ldx [%sp+104],%o7 +/* 0x091c */ ble,pt %icc,.L900000634 +/* 0x0920 */ st %g3,[%g4-4] + .L900000637: +/* 0x0924 */ ba .L900000651 +/* 0x0928 */ sethi %hi(0xfc00),%g2 + .L77000287: +/* 0x092c */ ldd [%g2+16],%f0 + .L900000650: +/* 0x0930 */ and %o7,%o2,%o0 +/* 0x0934 */ and %o5,%o1,%g3 +/* 0x0938 */ fdtox %f0,%f0 +/* 0x093c */ add %o4,%o0,%o0 +/* 0x0940 */ std %f0,[%sp+104] +/* 0x0944 */ add %g5,1,%g5 +/* 0x0948 */ sllx %g3,16,%o4 +/* 0x094c */ ldd [%g2+24],%f2 +/* 0x0950 */ add %g2,16,%g2 +/* 0x0954 */ add %o0,%o4,%o4 +/* 0x0958 */ cmp %g5,%g1 +/* 0x095c */ srax %o5,16,%o0 +/* 0x0960 */ stx %o0,[%sp+112] +/* 0x0964 */ and %o4,%o2,%g3 +/* 0x0968 */ srax %o4,32,%o5 +/* 0x096c */ fdtox %f2,%f0 +/* 0x0970 */ std %f0,[%sp+96] +/* 0x0974 */ srax %o7,32,%o4 +/* 0x0978 */ ldx [%sp+112],%o7 +/* 0x097c */ add %o7,%o5,%o7 +/* 0x0980 */ ldx [%sp+104],%o5 +/* 0x0984 */ add %o4,%o7,%o4 +/* 0x0988 */ ldx [%sp+96],%o0 +/* 0x098c */ st %g3,[%g4] +/* 0x0990 */ or %g0,%o5,%o7 +/* 0x0994 */ add %g4,4,%g4 +/* 0x0998 */ or %g0,%o0,%o5 +/* 0x099c */ ble,a,pt %icc,.L900000650 +/* 0x09a0 */ ldd [%g2+16],%f0 + .L77000236: +/* 0x09a4 */ sethi %hi(0xfc00),%g2 + .L900000651: +/* 0x09a8 */ or %g0,-1,%o0 +/* 0x09ac */ add %g2,1023,%g2 +/* 0x09b0 */ ld [%fp+88],%o1 +/* 0x09b4 */ srl %o0,0,%g3 +/* 0x09b8 */ and %o5,%g2,%g2 +/* 0x09bc */ and %o7,%g3,%g4 + +! 317 ! adjust_montf_result(result,nint,nlen); + +/* 0x09c0 317 */ or %g0,-1,%o5 +/* 0x09c4 311 */ sllx %g2,16,%g2 +/* 0x09c8 */ add %o4,%g4,%g4 +/* 0x09cc */ add %g4,%g2,%g2 +/* 0x09d0 */ sll %g5,2,%g4 +/* 0x09d4 */ and %g2,%g3,%g2 +/* 0x09d8 */ st %g2,[%o3+%g4] +/* 0x09dc 317 */ sll %i0,2,%g2 +/* 0x09e0 */ ld [%o3+%g2],%g2 +/* 0x09e4 */ cmp %g2,0 +/* 0x09e8 */ bleu,pn %icc,.L77000241 +/* 0x09ec */ or %g0,%o1,%o2 +/* 0x09f0 */ ba .L900000649 +/* 0x09f4 */ cmp %o5,0 + .L77000241: +/* 0x09f8 */ sub %i0,1,%o5 +/* 0x09fc */ sll %o5,2,%g2 +/* 0x0a00 */ cmp %o5,0 +/* 0x0a04 */ bl,pt %icc,.L900000649 +/* 0x0a08 */ cmp %o5,0 +/* 0x0a0c */ add %o1,%g2,%o1 +/* 0x0a10 */ add %o3,%g2,%o4 +/* 0x0a14 */ ld [%o1],%g2 + .L900000648: +/* 0x0a18 */ ld [%o4],%g3 +/* 0x0a1c */ sub %o5,1,%o0 +/* 0x0a20 */ sub %o1,4,%o1 +/* 0x0a24 */ sub %o4,4,%o4 +/* 0x0a28 */ cmp %g3,%g2 +/* 0x0a2c */ bne,pn %icc,.L77000244 +/* 0x0a30 */ nop +/* 0x0a34 0 */ or %g0,%o0,%o5 +/* 0x0a38 317 */ cmp %o0,0 +/* 0x0a3c */ bge,a,pt %icc,.L900000648 +/* 0x0a40 */ ld [%o1],%g2 + .L77000244: +/* 0x0a44 */ cmp %o5,0 + .L900000649: +/* 0x0a48 */ bl,pn %icc,.L77000288 +/* 0x0a4c */ sll %o5,2,%g2 +/* 0x0a50 */ ld [%o2+%g2],%g3 +/* 0x0a54 */ ld [%o3+%g2],%g2 +/* 0x0a58 */ cmp %g2,%g3 +/* 0x0a5c */ bleu,pt %icc,.L77000224 +/* 0x0a60 */ nop + .L77000288: +/* 0x0a64 */ cmp %i0,0 +/* 0x0a68 */ ble,pt %icc,.L77000224 +/* 0x0a6c */ nop +/* 0x0a70 317 */ sub %i0,1,%o7 +/* 0x0a74 */ or %g0,-1,%g2 +/* 0x0a78 */ srl %g2,0,%o4 +/* 0x0a7c */ add %o7,1,%o0 +/* 0x0a80 315 */ or %g0,0,%o5 +/* 0x0a84 */ or %g0,0,%g1 +/* 0x0a88 */ cmp %o0,3 +/* 0x0a8c */ bl,pn %icc,.L77000289 +/* 0x0a90 */ add %o3,8,%o1 +/* 0x0a94 */ add %o2,4,%o0 +/* 0x0a98 */ ld [%o1-8],%g2 +/* 0x0a9c 0 */ or %g0,%o1,%o3 +/* 0x0aa0 315 */ ld [%o0-4],%g3 +/* 0x0aa4 0 */ or %g0,%o0,%o2 +/* 0x0aa8 315 */ or %g0,2,%g1 +/* 0x0aac */ ld [%o3-4],%o0 +/* 0x0ab0 */ sub %g2,%g3,%g2 +/* 0x0ab4 */ or %g0,%g2,%o5 +/* 0x0ab8 */ and %g2,%o4,%g2 +/* 0x0abc */ st %g2,[%o3-8] +/* 0x0ac0 */ srax %o5,32,%o5 + .L900000638: +/* 0x0ac4 */ ld [%o2],%g2 +/* 0x0ac8 */ add %g1,1,%g1 +/* 0x0acc */ add %o2,4,%o2 +/* 0x0ad0 */ cmp %g1,%o7 +/* 0x0ad4 */ add %o3,4,%o3 +/* 0x0ad8 */ sub %o0,%g2,%o0 +/* 0x0adc */ add %o0,%o5,%o5 +/* 0x0ae0 */ and %o5,%o4,%g2 +/* 0x0ae4 */ ld [%o3-4],%o0 +/* 0x0ae8 */ st %g2,[%o3-8] +/* 0x0aec */ ble,pt %icc,.L900000638 +/* 0x0af0 */ srax %o5,32,%o5 + .L900000641: +/* 0x0af4 */ ld [%o2],%o1 +/* 0x0af8 */ sub %o0,%o1,%o0 +/* 0x0afc */ add %o0,%o5,%o0 +/* 0x0b00 */ and %o0,%o4,%o1 +/* 0x0b04 */ st %o1,[%o3-4] +/* 0x0b08 */ ret ! Result = +/* 0x0b0c */ restore %g0,%g0,%g0 + .L77000289: +/* 0x0b10 */ ld [%o3],%o0 + .L900000647: +/* 0x0b14 */ ld [%o2],%o1 +/* 0x0b18 */ add %o5,%o0,%o0 +/* 0x0b1c */ add %g1,1,%g1 +/* 0x0b20 */ add %o2,4,%o2 +/* 0x0b24 */ cmp %g1,%o7 +/* 0x0b28 */ sub %o0,%o1,%o0 +/* 0x0b2c */ and %o0,%o4,%o1 +/* 0x0b30 */ st %o1,[%o3] +/* 0x0b34 */ add %o3,4,%o3 +/* 0x0b38 */ srax %o0,32,%o5 +/* 0x0b3c */ ble,a,pt %icc,.L900000647 +/* 0x0b40 */ ld [%o3],%o0 + .L77000224: +/* 0x0b44 */ ret ! Result = +/* 0x0b48 */ restore %g0,%g0,%g0 +/* 0x0b4c 0 */ .type mont_mulf_noconv,2 +/* 0x0b4c */ .size mont_mulf_noconv,(.-mont_mulf_noconv) + diff --git a/security/nss/lib/freebl/mpi/montmulfv9.il b/security/nss/lib/freebl/mpi/montmulfv9.il new file mode 100644 index 000000000..047785161 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulfv9.il @@ -0,0 +1,122 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is inline macros for SPARC Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + +! +! double upper32(double /*frs1*/); +! + .inline upper32,8 + fdtox %f0,%f10 + fitod %f10,%f0 + .end + +! +! double lower32(double /*frs1*/, double /* Zero */); +! + .inline lower32,8 + fdtox %f0,%f10 + fmovs %f2,%f10 + fxtod %f10,%f0 + .end + +! +! double mod(double /*x*/, double /*1/m*/, double /*m*/); +! + .inline mod,12 + fmuld %f0,%f2,%f2 + fdtox %f2,%f2 + fxtod %f2,%f2 + fmuld %f2,%f4,%f2 + fsubd %f0,%f2,%f0 + .end + + +! +! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/, +! double * /* 0 */, +! double * /*result16*/, double * /* result32 */ +! float * /*source - should be unsigned int* +! converted to float* */); +! + .inline i16_to_d16_and_d32x4,24 + ldd [%o0],%f2 ! 1/(2^16) + ldd [%o1],%f4 ! 2^16 + ldd [%o2],%f22 + + fmovd %f22,%f6 + ld [%o5],%f7 + fmovd %f22,%f10 + ld [%o5+4],%f11 + fmovd %f22,%f14 + ld [%o5+8],%f15 + fmovd %f22,%f18 + ld [%o5+12],%f19 + fxtod %f6,%f6 + std %f6,[%o4] + fxtod %f10,%f10 + std %f10,[%o4+8] + fxtod %f14,%f14 + std %f14,[%o4+16] + fxtod %f18,%f18 + std %f18,[%o4+24] + fmuld %f2,%f6,%f8 + fmuld %f2,%f10,%f12 + fmuld %f2,%f14,%f16 + fmuld %f2,%f18,%f20 + fdtox %f8,%f8 + fdtox %f12,%f12 + fdtox %f16,%f16 + fdtox %f20,%f20 + fxtod %f8,%f8 + std %f8,[%o3+8] + fxtod %f12,%f12 + std %f12,[%o3+24] + fxtod %f16,%f16 + std %f16,[%o3+40] + fxtod %f20,%f20 + std %f20,[%o3+56] + fmuld %f8,%f4,%f8 + fmuld %f12,%f4,%f12 + fmuld %f16,%f4,%f16 + fmuld %f20,%f4,%f20 + fsubd %f6,%f8,%f8 + std %f8,[%o3] + fsubd %f10,%f12,%f12 + std %f12,[%o3+16] + fsubd %f14,%f16,%f16 + std %f16,[%o3+32] + fsubd %f18,%f20,%f20 + std %f20,[%o3+48] + .end + + diff --git a/security/nss/lib/freebl/mpi/montmulfv9.s b/security/nss/lib/freebl/mpi/montmulfv9.s new file mode 100644 index 000000000..30fc4f645 --- /dev/null +++ b/security/nss/lib/freebl/mpi/montmulfv9.s @@ -0,0 +1,2377 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is SPARC hand-optimized Montgomery multiply functions. +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! +! $Id$ +! + + .section ".text",#alloc,#execinstr + .file "montmulf.c" + + .section ".rodata",#alloc + .global TwoTo16 + .align 8 +! +! CONSTANT POOL +! + .global TwoTo16 +TwoTo16: + .word 1089470464 + .word 0 + .type TwoTo16,#object + .size TwoTo16,8 + .global TwoToMinus16 +! +! CONSTANT POOL +! + .global TwoToMinus16 +TwoToMinus16: + .word 1055916032 + .word 0 + .type TwoToMinus16,#object + .size TwoToMinus16,8 + .global Zero +! +! CONSTANT POOL +! + .global Zero +Zero: + .word 0 + .word 0 + .type Zero,#object + .size Zero,8 + .global TwoTo32 +! +! CONSTANT POOL +! + .global TwoTo32 +TwoTo32: + .word 1106247680 + .word 0 + .type TwoTo32,#object + .size TwoTo32,8 + .global TwoToMinus32 +! +! CONSTANT POOL +! + .global TwoToMinus32 +TwoToMinus32: + .word 1039138816 + .word 0 + .type TwoToMinus32,#object + .size TwoToMinus32,8 + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .register %g3,#scratch +/* 000000 */ .register %g2,#scratch +/* 000000 0 */ .align 8 +! +! SUBROUTINE conv_d16_to_i32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_d16_to_i32 + conv_d16_to_i32: +/* 000000 */ save %sp,-208,%sp +! FILE montmulf.c + +! 1 !/* +! 2 ! * The contents of this file are subject to the Mozilla Public +! 3 ! * License Version 1.1 (the "License"); you may not use this file +! 4 ! * except in compliance with the License. You may obtain a copy of +! 5 ! * the License at http://www.mozilla.org/MPL/ +! 6 ! * +! 7 ! * Software distributed under the License is distributed on an "AS +! 8 ! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! 9 ! * implied. See the License for the specific language governing +! 10 ! * rights and limitations under the License. +! 11 ! * +! 12 ! * The Original Code is SPARC optimized Montgomery multiply functions. +! 13 ! * +! 14 ! * The Initial Developer of the Original Code is Sun Microsystems Inc. +! 15 ! * Portions created by Sun Microsystems Inc. are +! 16 ! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! 17 ! * +! 18 ! * Contributor(s): +! 19 ! * Netscape Communications Corporation +! 20 ! * +! 21 ! * Alternatively, the contents of this file may be used under the +! 22 ! * terms of the GNU General Public License Version 2 or later (the +! 23 ! * "GPL"), in which case the provisions of the GPL are applicable +! 24 ! * instead of those above. If you wish to allow use of your +! 25 ! * version of this file only under the terms of the GPL and not to +! 26 ! * allow others to use your version of this file under the MPL, +! 27 ! * indicate your decision by deleting the provisions above and +! 28 ! * replace them with the notice and other provisions required by +! 29 ! * the GPL. If you do not delete the provisions above, a recipient +! 30 ! * may use your version of this file under either the MPL or the +! 31 ! * GPL. +! 32 ! * +! 33 ! * $Id$ +! 34 ! */ +! 36 !#define RF_INLINE_MACROS +! 38 !static const double TwoTo16=65536.0; +! 39 !static const double TwoToMinus16=1.0/65536.0; +! 40 !static const double Zero=0.0; +! 41 !static const double TwoTo32=65536.0*65536.0; +! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0); +! 44 !#ifdef RF_INLINE_MACROS +! 46 !double upper32(double); +! 47 !double lower32(double, double); +! 48 !double mod(double, double, double); +! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, +! 51 ! const double * /* 2^16*/, +! 52 ! const double * /* 0 */, +! 53 ! double * /*result16*/, +! 54 ! double * /* result32 */, +! 55 ! float * /*source - should be unsigned int* +! 56 ! converted to float* */); +! 58 !#else +! 60 !static double upper32(double x) +! 61 !{ +! 62 ! return floor(x*TwoToMinus32); +! 63 !} +! 65 !static double lower32(double x, double y) +! 66 !{ +! 67 ! return x-TwoTo32*floor(x*TwoToMinus32); +! 68 !} +! 70 !static double mod(double x, double oneoverm, double m) +! 71 !{ +! 72 ! return x-m*floor(x*oneoverm); +! 73 !} +! 75 !#endif +! 78 !static void cleanup(double *dt, int from, int tlen) +! 79 !{ +! 80 ! int i; +! 81 ! double tmp,tmp1,x,x1; +! 83 ! tmp=tmp1=Zero; +! 84 ! /* original code ** +! 85 ! for(i=2*from;i<2*tlen-2;i++) +! 86 ! { +! 87 ! x=dt[i]; +! 88 ! dt[i]=lower32(x,Zero)+tmp1; +! 89 ! tmp1=tmp; +! 90 ! tmp=upper32(x); +! 91 ! } +! 92 ! dt[tlen-2]+=tmp1; +! 93 ! dt[tlen-1]+=tmp; +! 94 ! **end original code ***/ +! 95 ! /* new code ***/ +! 96 ! for(i=2*from;i<2*tlen;i+=2) +! 97 ! { +! 98 ! x=dt[i]; +! 99 ! x1=dt[i+1]; +! 100 ! dt[i]=lower32(x,Zero)+tmp; +! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1; +! 102 ! tmp=upper32(x); +! 103 ! tmp1=upper32(x1); +! 104 ! } +! 105 ! /** end new code **/ +! 106 !} +! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen) +! 110 !{ +! 111 !int i; +! 112 !long long t, t1, a, b, c, d; +! 114 ! t1=0; +! 115 ! a=(long long)d16[0]; + +/* 0x0004 115 */ ldd [%i1],%f2 + +! 116 ! b=(long long)d16[1]; +! 117 ! for(i=0; i<ilen-1; i++) + +/* 0x0008 117 */ sub %i3,1,%o1 +/* 0x000c 110 */ or %g0,%i0,%g1 +/* 0x0010 116 */ ldd [%i1+8],%f4 +/* 0x0014 117 */ cmp %o1,0 +/* 0x0018 114 */ or %g0,0,%g5 +/* 0x001c 115 */ fdtox %f2,%f2 +/* 0x0020 */ std %f2,[%sp+2247] +/* 0x0024 117 */ or %g0,0,%o0 +/* 0x0028 116 */ fdtox %f4,%f2 +/* 0x002c */ std %f2,[%sp+2239] +/* 0x0030 110 */ sub %o1,1,%o7 +/* 0x0034 */ or %g0,%i1,%o4 +/* 0x0038 */ sethi %hi(0xfc00),%o3 +/* 0x003c */ or %g0,-1,%o1 +/* 0x0040 */ or %g0,2,%i1 +/* 0x0044 */ srl %o1,0,%g3 +/* 0x0048 */ or %g0,%o4,%g4 +/* 0x004c 116 */ ldx [%sp+2239],%i2 +/* 0x0050 */ add %o3,1023,%o5 +/* 0x0054 117 */ sub %o7,1,%o2 +/* 0x0058 115 */ ldx [%sp+2247],%i3 +/* 0x005c 117 */ ble,pt %icc,.L900000113 +/* 0x0060 */ sethi %hi(0xfc00),%g2 +/* 0x0064 */ add %o7,1,%g2 + +! 118 ! { +! 119 ! c=(long long)d16[2*i+2]; +! 120 ! t1+=a&0xffffffff; +! 121 ! t=(a>>32); +! 122 ! d=(long long)d16[2*i+3]; +! 123 ! t1+=(b&0xffff)<<16; + +/* 0x0068 123 */ and %i2,%o5,%i4 +/* 0x006c */ sllx %i4,16,%o1 +/* 0x0070 117 */ cmp %g2,6 +/* 0x0074 */ bl,pn %icc,.L77000134 +/* 0x0078 */ or %g0,3,%i0 +/* 0x007c 119 */ ldd [%o4+16],%f0 +/* 0x0080 120 */ and %i3,%g3,%o3 + +! 124 ! t+=(b>>16)+(t1>>32); + +/* 0x0084 124 */ srax %i2,16,%i5 +/* 0x0088 117 */ add %o3,%o1,%i4 +/* 0x008c 121 */ srax %i3,32,%i3 +/* 0x0090 119 */ fdtox %f0,%f0 +/* 0x0094 */ std %f0,[%sp+2231] + +! 125 ! i32[i]=t1&0xffffffff; + +/* 0x0098 125 */ and %i4,%g3,%l0 +/* 0x009c 117 */ or %g0,72,%o3 +/* 0x00a0 122 */ ldd [%g4+24],%f0 +/* 0x00a4 117 */ or %g0,64,%o4 +/* 0x00a8 */ or %g0,4,%o1 + +! 126 ! t1=t; +! 127 ! a=c; +! 128 ! b=d; + +/* 0x00ac 128 */ or %g0,5,%i0 +/* 0x00b0 */ or %g0,4,%i1 +/* 0x00b4 119 */ ldx [%sp+2231],%g2 +/* 0x00b8 122 */ fdtox %f0,%f0 +/* 0x00bc 128 */ or %g0,4,%o0 +/* 0x00c0 122 */ std %f0,[%sp+2223] +/* 0x00c4 */ ldd [%g4+40],%f2 +/* 0x00c8 120 */ and %g2,%g3,%i2 +/* 0x00cc 119 */ ldd [%g4+32],%f0 +/* 0x00d0 121 */ srax %g2,32,%g2 +/* 0x00d4 122 */ ldd [%g4+56],%f4 +/* 0x00d8 */ fdtox %f2,%f2 +/* 0x00dc */ ldx [%sp+2223],%g5 +/* 0x00e0 119 */ fdtox %f0,%f0 +/* 0x00e4 125 */ st %l0,[%g1] +/* 0x00e8 124 */ srax %i4,32,%l0 +/* 0x00ec 122 */ fdtox %f4,%f4 +/* 0x00f0 */ std %f2,[%sp+2223] +/* 0x00f4 123 */ and %g5,%o5,%i4 +/* 0x00f8 124 */ add %i5,%l0,%i5 +/* 0x00fc 119 */ std %f0,[%sp+2231] +/* 0x0100 123 */ sllx %i4,16,%i4 +/* 0x0104 124 */ add %i3,%i5,%i3 +/* 0x0108 119 */ ldd [%g4+48],%f2 +/* 0x010c 124 */ srax %g5,16,%g5 +/* 0x0110 117 */ add %i2,%i4,%i2 +/* 0x0114 122 */ ldd [%g4+72],%f0 +/* 0x0118 117 */ add %i2,%i3,%i4 +/* 0x011c 124 */ srax %i4,32,%i5 +/* 0x0120 119 */ fdtox %f2,%f2 +/* 0x0124 125 */ and %i4,%g3,%i4 +/* 0x0128 122 */ ldx [%sp+2223],%i2 +/* 0x012c 124 */ add %g5,%i5,%g5 +/* 0x0130 119 */ ldx [%sp+2231],%i3 +/* 0x0134 124 */ add %g2,%g5,%g5 +/* 0x0138 119 */ std %f2,[%sp+2231] +/* 0x013c 122 */ std %f4,[%sp+2223] +/* 0x0140 119 */ ldd [%g4+64],%f2 +/* 0x0144 125 */ st %i4,[%g1+4] + .L900000108: +/* 0x0148 122 */ ldx [%sp+2223],%i4 +/* 0x014c 128 */ add %o0,2,%o0 +/* 0x0150 */ add %i0,4,%i0 +/* 0x0154 119 */ ldx [%sp+2231],%l0 +/* 0x0158 117 */ add %o3,16,%o3 +/* 0x015c 123 */ and %i2,%o5,%g2 +/* 0x0160 */ sllx %g2,16,%i5 +/* 0x0164 120 */ and %i3,%g3,%g2 +/* 0x0168 122 */ ldd [%g4+%o3],%f4 +/* 0x016c */ fdtox %f0,%f0 +/* 0x0170 */ std %f0,[%sp+2223] +/* 0x0174 124 */ srax %i2,16,%i2 +/* 0x0178 117 */ add %g2,%i5,%g2 +/* 0x017c 119 */ fdtox %f2,%f0 +/* 0x0180 117 */ add %o4,16,%o4 +/* 0x0184 119 */ std %f0,[%sp+2231] +/* 0x0188 117 */ add %g2,%g5,%g2 +/* 0x018c 119 */ ldd [%g4+%o4],%f2 +/* 0x0190 124 */ srax %g2,32,%i5 +/* 0x0194 128 */ cmp %o0,%o2 +/* 0x0198 121 */ srax %i3,32,%g5 +/* 0x019c 124 */ add %i2,%i5,%i2 +/* 0x01a0 */ add %g5,%i2,%i5 +/* 0x01a4 117 */ add %o1,4,%o1 +/* 0x01a8 125 */ and %g2,%g3,%g2 +/* 0x01ac 127 */ or %g0,%l0,%g5 +/* 0x01b0 125 */ st %g2,[%g1+%o1] +/* 0x01b4 128 */ add %i1,4,%i1 +/* 0x01b8 122 */ ldx [%sp+2223],%i2 +/* 0x01bc 119 */ ldx [%sp+2231],%i3 +/* 0x01c0 117 */ add %o3,16,%o3 +/* 0x01c4 123 */ and %i4,%o5,%g2 +/* 0x01c8 */ sllx %g2,16,%l0 +/* 0x01cc 120 */ and %g5,%g3,%g2 +/* 0x01d0 122 */ ldd [%g4+%o3],%f0 +/* 0x01d4 */ fdtox %f4,%f4 +/* 0x01d8 */ std %f4,[%sp+2223] +/* 0x01dc 124 */ srax %i4,16,%i4 +/* 0x01e0 117 */ add %g2,%l0,%g2 +/* 0x01e4 119 */ fdtox %f2,%f2 +/* 0x01e8 117 */ add %o4,16,%o4 +/* 0x01ec 119 */ std %f2,[%sp+2231] +/* 0x01f0 117 */ add %g2,%i5,%g2 +/* 0x01f4 119 */ ldd [%g4+%o4],%f2 +/* 0x01f8 124 */ srax %g2,32,%i5 +/* 0x01fc 121 */ srax %g5,32,%g5 +/* 0x0200 124 */ add %i4,%i5,%i4 +/* 0x0204 */ add %g5,%i4,%g5 +/* 0x0208 117 */ add %o1,4,%o1 +/* 0x020c 125 */ and %g2,%g3,%g2 +/* 0x0210 128 */ ble,pt %icc,.L900000108 +/* 0x0214 */ st %g2,[%g1+%o1] + .L900000111: +/* 0x0218 122 */ ldx [%sp+2223],%o2 +/* 0x021c 123 */ and %i2,%o5,%i4 +/* 0x0220 120 */ and %i3,%g3,%g2 +/* 0x0224 123 */ sllx %i4,16,%i4 +/* 0x0228 119 */ ldx [%sp+2231],%i5 +/* 0x022c 128 */ cmp %o0,%o7 +/* 0x0230 124 */ srax %i2,16,%i2 +/* 0x0234 117 */ add %g2,%i4,%g2 +/* 0x0238 122 */ fdtox %f0,%f4 +/* 0x023c */ std %f4,[%sp+2223] +/* 0x0240 117 */ add %g2,%g5,%g5 +/* 0x0244 123 */ and %o2,%o5,%l0 +/* 0x0248 124 */ srax %g5,32,%l1 +/* 0x024c 120 */ and %i5,%g3,%i4 +/* 0x0250 119 */ fdtox %f2,%f0 +/* 0x0254 121 */ srax %i3,32,%g2 +/* 0x0258 119 */ std %f0,[%sp+2231] +/* 0x025c 124 */ add %i2,%l1,%i2 +/* 0x0260 123 */ sllx %l0,16,%i3 +/* 0x0264 124 */ add %g2,%i2,%i2 +/* 0x0268 */ srax %o2,16,%o2 +/* 0x026c 117 */ add %o1,4,%g2 +/* 0x0270 */ add %i4,%i3,%o1 +/* 0x0274 125 */ and %g5,%g3,%g5 +/* 0x0278 */ st %g5,[%g1+%g2] +/* 0x027c 119 */ ldx [%sp+2231],%i3 +/* 0x0280 117 */ add %o1,%i2,%o1 +/* 0x0284 */ add %g2,4,%g2 +/* 0x0288 124 */ srax %o1,32,%i4 +/* 0x028c 122 */ ldx [%sp+2223],%i2 +/* 0x0290 125 */ and %o1,%g3,%g5 +/* 0x0294 121 */ srax %i5,32,%o1 +/* 0x0298 124 */ add %o2,%i4,%o2 +/* 0x029c 125 */ st %g5,[%g1+%g2] +/* 0x02a0 128 */ bg,pn %icc,.L77000127 +/* 0x02a4 */ add %o1,%o2,%g5 +/* 0x02a8 */ add %i0,6,%i0 +/* 0x02ac */ add %i1,6,%i1 + .L77000134: +/* 0x02b0 119 */ sra %i1,0,%o2 + .L900000112: +/* 0x02b4 119 */ sllx %o2,3,%o3 +/* 0x02b8 120 */ and %i3,%g3,%o1 +/* 0x02bc 119 */ ldd [%g4+%o3],%f0 +/* 0x02c0 122 */ sra %i0,0,%o3 +/* 0x02c4 123 */ and %i2,%o5,%o2 +/* 0x02c8 122 */ sllx %o3,3,%o3 +/* 0x02cc 120 */ add %g5,%o1,%o1 +/* 0x02d0 119 */ fdtox %f0,%f0 +/* 0x02d4 */ std %f0,[%sp+2231] +/* 0x02d8 123 */ sllx %o2,16,%o2 +/* 0x02dc */ add %o1,%o2,%o2 +/* 0x02e0 128 */ add %i1,2,%i1 +/* 0x02e4 122 */ ldd [%g4+%o3],%f0 +/* 0x02e8 124 */ srax %o2,32,%g2 +/* 0x02ec 125 */ and %o2,%g3,%o3 +/* 0x02f0 124 */ srax %i2,16,%o1 +/* 0x02f4 128 */ add %i0,2,%i0 +/* 0x02f8 122 */ fdtox %f0,%f0 +/* 0x02fc */ std %f0,[%sp+2223] +/* 0x0300 125 */ sra %o0,0,%o2 +/* 0x0304 */ sllx %o2,2,%o2 +/* 0x0308 124 */ add %o1,%g2,%g5 +/* 0x030c 121 */ srax %i3,32,%g2 +/* 0x0310 128 */ add %o0,1,%o0 +/* 0x0314 124 */ add %g2,%g5,%g5 +/* 0x0318 128 */ cmp %o0,%o7 +/* 0x031c 119 */ ldx [%sp+2231],%o4 +/* 0x0320 122 */ ldx [%sp+2223],%i2 +/* 0x0324 125 */ st %o3,[%g1+%o2] +/* 0x0328 127 */ or %g0,%o4,%i3 +/* 0x032c 128 */ ble,pt %icc,.L900000112 +/* 0x0330 */ sra %i1,0,%o2 + .L77000127: + +! 129 ! } +! 130 ! t1+=a&0xffffffff; +! 131 ! t=(a>>32); +! 132 ! t1+=(b&0xffff)<<16; +! 133 ! i32[i]=t1&0xffffffff; + +/* 0x0334 133 */ sethi %hi(0xfc00),%g2 + .L900000113: +/* 0x0338 133 */ or %g0,-1,%g3 +/* 0x033c */ add %g2,1023,%g2 +/* 0x0340 */ srl %g3,0,%g3 +/* 0x0344 */ and %i2,%g2,%g2 +/* 0x0348 */ and %i3,%g3,%g4 +/* 0x034c */ sllx %g2,16,%g2 +/* 0x0350 */ add %g5,%g4,%g4 +/* 0x0354 */ sra %o0,0,%g5 +/* 0x0358 */ add %g4,%g2,%g4 +/* 0x035c */ sllx %g5,2,%g2 +/* 0x0360 */ and %g4,%g3,%g3 +/* 0x0364 */ st %g3,[%g1+%g2] +/* 0x0368 */ ret ! Result = +/* 0x036c */ restore %g0,%g0,%g0 +/* 0x0370 0 */ .type conv_d16_to_i32,2 +/* 0x0370 */ .size conv_d16_to_i32,(.-conv_d16_to_i32) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000201: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 8 +/* 0x0008 */ .skip 24 +! +! SUBROUTINE conv_i32_to_d32 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d32 + conv_i32_to_d32: +/* 000000 */ or %g0,%o7,%g3 + +! 135 !} +! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len) +! 138 !{ +! 139 !int i; +! 141 !#pragma pipeloop(0) +! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]); + +/* 0x0004 142 */ cmp %o2,0 + .L900000210: +/* 0x0008 */ call .+8 +/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4 +/* 0x0010 142 */ or %g0,0,%o3 +/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4 +/* 0x0018 142 */ sub %o2,1,%o4 +/* 0x001c 138 */ add %g4,%o7,%g1 +/* 0x0020 142 */ ble,pt %icc,.L77000140 +/* 0x0024 */ or %g0,%g3,%o7 +/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g3 +/* 0x002c */ cmp %o2,12 +/* 0x0030 */ add %g3,%lo(.L_const_seg_900000201),%g2 +/* 0x0034 */ or %g0,%o1,%g5 +/* 0x0038 */ ldx [%g1+%g2],%g4 +/* 0x003c */ or %g0,0,%g1 +/* 0x0040 */ or %g0,24,%g2 +/* 0x0044 */ bl,pn %icc,.L77000144 +/* 0x0048 */ or %g0,0,%g3 +/* 0x004c */ ld [%o1],%f13 +/* 0x0050 */ or %g0,7,%o3 +/* 0x0054 */ ldd [%g4],%f8 +/* 0x0058 */ sub %o2,5,%g3 +/* 0x005c */ or %g0,8,%g1 +/* 0x0060 */ ld [%o1+4],%f11 +/* 0x0064 */ ld [%o1+8],%f7 +/* 0x0068 */ fmovs %f8,%f12 +/* 0x006c */ ld [%o1+12],%f5 +/* 0x0070 */ fmovs %f8,%f10 +/* 0x0074 */ ld [%o1+16],%f3 +/* 0x0078 */ fmovs %f8,%f6 +/* 0x007c */ ld [%o1+20],%f1 +/* 0x0080 */ fsubd %f12,%f8,%f12 +/* 0x0084 */ std %f12,[%o0] +/* 0x0088 */ fsubd %f10,%f8,%f10 +/* 0x008c */ std %f10,[%o0+8] + .L900000205: +/* 0x0090 */ ld [%o1+%g2],%f11 +/* 0x0094 */ add %g1,8,%g1 +/* 0x0098 */ add %o3,5,%o3 +/* 0x009c */ fsubd %f6,%f8,%f6 +/* 0x00a0 */ add %g2,4,%g2 +/* 0x00a4 */ std %f6,[%o0+%g1] +/* 0x00a8 */ cmp %o3,%g3 +/* 0x00ac */ fmovs %f8,%f4 +/* 0x00b0 */ ld [%o1+%g2],%f7 +/* 0x00b4 */ fsubd %f4,%f8,%f12 +/* 0x00b8 */ add %g1,8,%g1 +/* 0x00bc */ add %g2,4,%g2 +/* 0x00c0 */ fmovs %f8,%f2 +/* 0x00c4 */ std %f12,[%o0+%g1] +/* 0x00c8 */ ld [%o1+%g2],%f5 +/* 0x00cc */ fsubd %f2,%f8,%f12 +/* 0x00d0 */ add %g1,8,%g1 +/* 0x00d4 */ add %g2,4,%g2 +/* 0x00d8 */ fmovs %f8,%f0 +/* 0x00dc */ std %f12,[%o0+%g1] +/* 0x00e0 */ ld [%o1+%g2],%f3 +/* 0x00e4 */ fsubd %f0,%f8,%f12 +/* 0x00e8 */ add %g1,8,%g1 +/* 0x00ec */ add %g2,4,%g2 +/* 0x00f0 */ fmovs %f8,%f10 +/* 0x00f4 */ std %f12,[%o0+%g1] +/* 0x00f8 */ ld [%o1+%g2],%f1 +/* 0x00fc */ fsubd %f10,%f8,%f10 +/* 0x0100 */ add %g1,8,%g1 +/* 0x0104 */ add %g2,4,%g2 +/* 0x0108 */ std %f10,[%o0+%g1] +/* 0x010c */ ble,pt %icc,.L900000205 +/* 0x0110 */ fmovs %f8,%f6 + .L900000208: +/* 0x0114 */ fmovs %f8,%f4 +/* 0x0118 */ ld [%o1+%g2],%f11 +/* 0x011c */ add %g1,8,%g3 +/* 0x0120 */ fmovs %f8,%f2 +/* 0x0124 */ add %g1,16,%g1 +/* 0x0128 */ cmp %o3,%o4 +/* 0x012c */ fmovs %f8,%f0 +/* 0x0130 */ add %g1,8,%o1 +/* 0x0134 */ add %g1,16,%o2 +/* 0x0138 */ fmovs %f8,%f10 +/* 0x013c */ add %g1,24,%g2 +/* 0x0140 */ fsubd %f6,%f8,%f6 +/* 0x0144 */ std %f6,[%o0+%g3] +/* 0x0148 */ fsubd %f4,%f8,%f4 +/* 0x014c */ std %f4,[%o0+%g1] +/* 0x0150 */ sra %o3,0,%g1 +/* 0x0154 */ fsubd %f2,%f8,%f2 +/* 0x0158 */ std %f2,[%o0+%o1] +/* 0x015c */ sllx %g1,2,%g3 +/* 0x0160 */ fsubd %f0,%f8,%f0 +/* 0x0164 */ std %f0,[%o0+%o2] +/* 0x0168 */ fsubd %f10,%f8,%f0 +/* 0x016c */ bg,pn %icc,.L77000140 +/* 0x0170 */ std %f0,[%o0+%g2] + .L77000144: +/* 0x0174 */ ldd [%g4],%f8 + .L900000211: +/* 0x0178 */ ld [%g5+%g3],%f13 +/* 0x017c */ sllx %g1,3,%g2 +/* 0x0180 */ add %o3,1,%o3 +/* 0x0184 */ sra %o3,0,%g1 +/* 0x0188 */ cmp %o3,%o4 +/* 0x018c */ fmovs %f8,%f12 +/* 0x0190 */ sllx %g1,2,%g3 +/* 0x0194 */ fsubd %f12,%f8,%f0 +/* 0x0198 */ std %f0,[%o0+%g2] +/* 0x019c */ ble,a,pt %icc,.L900000211 +/* 0x01a0 */ ldd [%g4],%f8 + .L77000140: +/* 0x01a4 */ retl ! Result = +/* 0x01a8 */ nop +/* 0x01ac 0 */ .type conv_i32_to_d32,2 +/* 0x01ac */ .size conv_i32_to_d32,(.-conv_i32_to_d32) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000301: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 8 +/* 0x0008 */ .skip 24 +! +! SUBROUTINE conv_i32_to_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d16 + conv_i32_to_d16: +/* 000000 */ save %sp,-192,%sp + .L900000310: +/* 0x0004 */ call .+8 +/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3 + +! 143 !} +! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len) +! 147 !{ +! 148 !int i; +! 149 !unsigned int a; +! 151 !#pragma pipeloop(0) +! 152 ! for(i=0;i<len;i++) + +/* 0x000c 152 */ cmp %i2,0 +/* 0x0010 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3 +/* 0x0014 152 */ ble,pt %icc,.L77000150 +/* 0x0018 */ add %g3,%o7,%o0 + +! 153 ! { +! 154 ! a=i32[i]; +! 155 ! d16[2*i]=(double)(a&0xffff); +! 156 ! d16[2*i+1]=(double)(a>>16); + +/* 0x001c 156 */ sethi %hi(.L_const_seg_900000301),%g2 +/* 0x0020 147 */ or %g0,%i2,%o1 +/* 0x0024 152 */ sethi %hi(0xfc00),%g3 +/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%g2 +/* 0x002c 152 */ or %g0,%o1,%g4 +/* 0x0030 156 */ ldx [%o0+%g2],%o5 +/* 0x0034 152 */ add %g3,1023,%g1 +/* 0x0038 147 */ or %g0,%i1,%o7 +/* 0x003c 152 */ or %g0,0,%i2 +/* 0x0040 */ sub %o1,1,%g5 +/* 0x0044 */ or %g0,0,%g3 +/* 0x0048 */ or %g0,1,%g2 +/* 0x004c 154 */ or %g0,0,%o2 +/* 0x0050 */ cmp %g4,6 +/* 0x0054 152 */ bl,pn %icc,.L77000154 +/* 0x0058 */ ldd [%o5],%f0 +/* 0x005c */ sub %o1,2,%o3 +/* 0x0060 */ or %g0,16,%o2 +/* 0x0064 154 */ ld [%i1],%o4 +/* 0x0068 156 */ or %g0,3,%g2 +/* 0x006c */ or %g0,2,%g3 +/* 0x0070 155 */ fmovs %f0,%f2 +/* 0x0074 156 */ or %g0,4,%i2 +/* 0x0078 155 */ and %o4,%g1,%o0 +/* 0x007c */ st %o0,[%sp+2227] +/* 0x0080 */ fmovs %f0,%f4 +/* 0x0084 156 */ srl %o4,16,%i4 +/* 0x0088 152 */ or %g0,12,%o4 +/* 0x008c */ or %g0,24,%o0 +/* 0x0090 155 */ ld [%sp+2227],%f3 +/* 0x0094 */ fsubd %f2,%f0,%f2 +/* 0x0098 */ std %f2,[%i0] +/* 0x009c 156 */ st %i4,[%sp+2223] +/* 0x00a0 154 */ ld [%o7+4],%o1 +/* 0x00a4 156 */ fmovs %f0,%f2 +/* 0x00a8 155 */ and %o1,%g1,%i1 +/* 0x00ac 156 */ ld [%sp+2223],%f3 +/* 0x00b0 */ srl %o1,16,%o1 +/* 0x00b4 */ fsubd %f2,%f0,%f2 +/* 0x00b8 */ std %f2,[%i0+8] +/* 0x00bc */ st %o1,[%sp+2223] +/* 0x00c0 155 */ st %i1,[%sp+2227] +/* 0x00c4 154 */ ld [%o7+8],%o1 +/* 0x00c8 156 */ fmovs %f0,%f2 +/* 0x00cc 155 */ and %o1,%g1,%g4 +/* 0x00d0 */ ld [%sp+2227],%f5 +/* 0x00d4 156 */ srl %o1,16,%o1 +/* 0x00d8 */ ld [%sp+2223],%f3 +/* 0x00dc */ st %o1,[%sp+2223] +/* 0x00e0 155 */ fsubd %f4,%f0,%f4 +/* 0x00e4 */ st %g4,[%sp+2227] +/* 0x00e8 156 */ fsubd %f2,%f0,%f2 +/* 0x00ec 154 */ ld [%o7+12],%o1 +/* 0x00f0 155 */ std %f4,[%i0+16] +/* 0x00f4 156 */ std %f2,[%i0+24] + .L900000306: +/* 0x00f8 155 */ ld [%sp+2227],%f5 +/* 0x00fc 156 */ add %i2,2,%i2 +/* 0x0100 */ add %g2,4,%g2 +/* 0x0104 */ ld [%sp+2223],%f3 +/* 0x0108 */ cmp %i2,%o3 +/* 0x010c */ add %g3,4,%g3 +/* 0x0110 155 */ and %o1,%g1,%g4 +/* 0x0114 156 */ srl %o1,16,%o1 +/* 0x0118 155 */ st %g4,[%sp+2227] +/* 0x011c 156 */ st %o1,[%sp+2223] +/* 0x0120 152 */ add %o4,4,%o1 +/* 0x0124 154 */ ld [%o7+%o1],%o4 +/* 0x0128 156 */ fmovs %f0,%f2 +/* 0x012c 155 */ fmovs %f0,%f4 +/* 0x0130 */ fsubd %f4,%f0,%f4 +/* 0x0134 152 */ add %o2,16,%o2 +/* 0x0138 156 */ fsubd %f2,%f0,%f2 +/* 0x013c 155 */ std %f4,[%i0+%o2] +/* 0x0140 152 */ add %o0,16,%o0 +/* 0x0144 156 */ std %f2,[%i0+%o0] +/* 0x0148 155 */ ld [%sp+2227],%f5 +/* 0x014c 156 */ ld [%sp+2223],%f3 +/* 0x0150 155 */ and %o4,%g1,%g4 +/* 0x0154 156 */ srl %o4,16,%o4 +/* 0x0158 155 */ st %g4,[%sp+2227] +/* 0x015c 156 */ st %o4,[%sp+2223] +/* 0x0160 152 */ add %o1,4,%o4 +/* 0x0164 154 */ ld [%o7+%o4],%o1 +/* 0x0168 156 */ fmovs %f0,%f2 +/* 0x016c 155 */ fmovs %f0,%f4 +/* 0x0170 */ fsubd %f4,%f0,%f4 +/* 0x0174 152 */ add %o2,16,%o2 +/* 0x0178 156 */ fsubd %f2,%f0,%f2 +/* 0x017c 155 */ std %f4,[%i0+%o2] +/* 0x0180 152 */ add %o0,16,%o0 +/* 0x0184 156 */ ble,pt %icc,.L900000306 +/* 0x0188 */ std %f2,[%i0+%o0] + .L900000309: +/* 0x018c 155 */ ld [%sp+2227],%f5 +/* 0x0190 156 */ fmovs %f0,%f2 +/* 0x0194 */ srl %o1,16,%o3 +/* 0x0198 */ ld [%sp+2223],%f3 +/* 0x019c 155 */ and %o1,%g1,%i1 +/* 0x01a0 152 */ add %o2,16,%g4 +/* 0x01a4 155 */ fmovs %f0,%f4 +/* 0x01a8 */ st %i1,[%sp+2227] +/* 0x01ac 152 */ add %o0,16,%o2 +/* 0x01b0 156 */ st %o3,[%sp+2223] +/* 0x01b4 154 */ sra %i2,0,%o3 +/* 0x01b8 152 */ add %g4,16,%o1 +/* 0x01bc 155 */ fsubd %f4,%f0,%f4 +/* 0x01c0 */ std %f4,[%i0+%g4] +/* 0x01c4 152 */ add %o0,32,%o0 +/* 0x01c8 156 */ fsubd %f2,%f0,%f2 +/* 0x01cc */ std %f2,[%i0+%o2] +/* 0x01d0 */ sllx %o3,2,%o2 +/* 0x01d4 155 */ ld [%sp+2227],%f5 +/* 0x01d8 156 */ cmp %i2,%g5 +/* 0x01dc */ add %g2,6,%g2 +/* 0x01e0 */ ld [%sp+2223],%f3 +/* 0x01e4 */ add %g3,6,%g3 +/* 0x01e8 155 */ fmovs %f0,%f4 +/* 0x01ec 156 */ fmovs %f0,%f2 +/* 0x01f0 155 */ fsubd %f4,%f0,%f4 +/* 0x01f4 */ std %f4,[%i0+%o1] +/* 0x01f8 156 */ fsubd %f2,%f0,%f0 +/* 0x01fc */ bg,pn %icc,.L77000150 +/* 0x0200 */ std %f0,[%i0+%o0] + .L77000154: +/* 0x0204 155 */ ldd [%o5],%f0 + .L900000311: +/* 0x0208 154 */ ld [%o7+%o2],%o0 +/* 0x020c 155 */ sra %g3,0,%o1 +/* 0x0210 */ fmovs %f0,%f2 +/* 0x0214 */ sllx %o1,3,%o2 +/* 0x0218 156 */ add %i2,1,%i2 +/* 0x021c 155 */ and %o0,%g1,%o1 +/* 0x0220 */ st %o1,[%sp+2227] +/* 0x0224 156 */ add %g3,2,%g3 +/* 0x0228 */ srl %o0,16,%o1 +/* 0x022c */ cmp %i2,%g5 +/* 0x0230 */ sra %g2,0,%o0 +/* 0x0234 */ add %g2,2,%g2 +/* 0x0238 */ sllx %o0,3,%o0 +/* 0x023c 155 */ ld [%sp+2227],%f3 +/* 0x0240 154 */ sra %i2,0,%o3 +/* 0x0244 155 */ fsubd %f2,%f0,%f2 +/* 0x0248 */ std %f2,[%i0+%o2] +/* 0x024c */ sllx %o3,2,%o2 +/* 0x0250 156 */ st %o1,[%sp+2223] +/* 0x0254 */ fmovs %f0,%f2 +/* 0x0258 */ ld [%sp+2223],%f3 +/* 0x025c */ fsubd %f2,%f0,%f0 +/* 0x0260 */ std %f0,[%i0+%o0] +/* 0x0264 */ ble,a,pt %icc,.L900000311 +/* 0x0268 */ ldd [%o5],%f0 + .L77000150: +/* 0x026c */ ret ! Result = +/* 0x0270 */ restore %g0,%g0,%g0 +/* 0x0274 0 */ .type conv_i32_to_d16,2 +/* 0x0274 */ .size conv_i32_to_d16,(.-conv_i32_to_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! CONSTANT POOL +! + .L_const_seg_900000401: +/* 000000 0 */ .word 1127219200,0 +/* 0x0008 0 */ .align 8 +/* 0x0008 */ .skip 24 +! +! SUBROUTINE conv_i32_to_d32_and_d16 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global conv_i32_to_d32_and_d16 + conv_i32_to_d32_and_d16: +/* 000000 */ save %sp,-192,%sp + .L900000415: +/* 0x0004 */ call .+8 +/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3 + +! 157 ! } +! 158 !} +! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16, +! 162 ! unsigned int *i32, int len) +! 163 !{ +! 164 !int i = 0; +! 165 !unsigned int a; +! 167 !#pragma pipeloop(0) +! 168 !#ifdef RF_INLINE_MACROS +! 169 ! for(;i<len-3;i+=4) +! 170 ! { +! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero, +! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i]))); + +/* 0x000c 172 */ sethi %hi(Zero),%g2 +/* 0x0010 163 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3 +/* 0x0014 */ or %g0,%i3,%g5 +/* 0x0018 */ add %g3,%o7,%o3 +/* 0x001c 172 */ add %g2,%lo(Zero),%g2 +/* 0x0020 */ ldx [%o3+%g2],%o0 +/* 0x0024 */ sethi %hi(TwoToMinus16),%g3 +/* 0x0028 163 */ or %g0,%i0,%i3 +/* 0x002c 169 */ sub %g5,3,%o1 +/* 0x0030 172 */ sethi %hi(TwoTo16),%g4 +/* 0x0034 163 */ or %g0,%i2,%i0 +/* 0x0038 172 */ add %g3,%lo(TwoToMinus16),%g2 +/* 0x003c */ ldx [%o3+%g2],%o2 +/* 0x0040 169 */ cmp %o1,0 +/* 0x0044 164 */ or %g0,0,%i2 +/* 0x0048 169 */ ble,pt %icc,.L900000418 +/* 0x004c */ cmp %i2,%g5 +/* 0x0050 */ ldd [%o0],%f2 +/* 0x0054 172 */ add %g4,%lo(TwoTo16),%g3 +/* 0x0058 */ ldx [%o3+%g3],%o1 +/* 0x005c 169 */ sub %g5,4,%o4 +/* 0x0060 */ or %g0,0,%o5 + .L900000417: +/* 0x0064 172 */ sra %i2,0,%g2 +/* 0x0068 */ fmovd %f2,%f14 +/* 0x006c */ ldd [%o2],%f0 +/* 0x0070 */ sllx %g2,2,%g3 +/* 0x0074 */ fmovd %f2,%f10 +/* 0x0078 */ ldd [%o1],%f16 +/* 0x007c */ ld [%g3+%i0],%f15 +/* 0x0080 */ add %i0,%g3,%g3 +/* 0x0084 */ fmovd %f2,%f6 +/* 0x0088 */ ld [%g3+4],%f11 +/* 0x008c */ sra %o5,0,%g4 +/* 0x0090 */ add %i2,4,%i2 +/* 0x0094 */ ld [%g3+8],%f7 +/* 0x0098 */ fxtod %f14,%f14 +/* 0x009c */ sllx %g2,3,%g2 +/* 0x00a0 */ ld [%g3+12],%f3 +/* 0x00a4 */ fxtod %f10,%f10 +/* 0x00a8 */ sllx %g4,3,%g3 +/* 0x00ac */ fxtod %f6,%f6 +/* 0x00b0 */ std %f14,[%g2+%i3] +/* 0x00b4 */ add %i3,%g2,%g4 +/* 0x00b8 */ fxtod %f2,%f2 +/* 0x00bc */ fmuld %f0,%f14,%f12 +/* 0x00c0 */ std %f2,[%g4+24] +/* 0x00c4 */ fmuld %f0,%f10,%f8 +/* 0x00c8 */ std %f10,[%g4+8] +/* 0x00cc */ add %i1,%g3,%g2 +/* 0x00d0 */ fmuld %f0,%f6,%f4 +/* 0x00d4 */ std %f6,[%g4+16] +/* 0x00d8 */ cmp %i2,%o4 +/* 0x00dc */ fmuld %f0,%f2,%f0 +/* 0x00e0 */ fdtox %f12,%f12 +/* 0x00e4 */ add %o5,8,%o5 +/* 0x00e8 */ fdtox %f8,%f8 +/* 0x00ec */ fdtox %f4,%f4 +/* 0x00f0 */ fdtox %f0,%f0 +/* 0x00f4 */ fxtod %f12,%f12 +/* 0x00f8 */ std %f12,[%g2+8] +/* 0x00fc */ fxtod %f8,%f8 +/* 0x0100 */ std %f8,[%g2+24] +/* 0x0104 */ fxtod %f4,%f4 +/* 0x0108 */ std %f4,[%g2+40] +/* 0x010c */ fxtod %f0,%f0 +/* 0x0110 */ std %f0,[%g2+56] +/* 0x0114 */ fmuld %f12,%f16,%f12 +/* 0x0118 */ fmuld %f8,%f16,%f8 +/* 0x011c */ fmuld %f4,%f16,%f4 +/* 0x0120 */ fsubd %f14,%f12,%f12 +/* 0x0124 */ std %f12,[%g3+%i1] +/* 0x0128 */ fmuld %f0,%f16,%f0 +/* 0x012c */ fsubd %f10,%f8,%f8 +/* 0x0130 */ std %f8,[%g2+16] +/* 0x0134 */ fsubd %f6,%f4,%f4 +/* 0x0138 */ std %f4,[%g2+32] +/* 0x013c */ fsubd %f2,%f0,%f0 +/* 0x0140 */ std %f0,[%g2+48] +/* 0x0144 */ ble,a,pt %icc,.L900000417 +/* 0x0148 */ ldd [%o0],%f2 + .L77000159: + +! 173 ! } +! 174 !#endif +! 175 ! for(;i<len;i++) + +/* 0x014c 175 */ cmp %i2,%g5 + .L900000418: +/* 0x0150 175 */ bge,pt %icc,.L77000164 +/* 0x0154 */ nop + +! 176 ! { +! 177 ! a=i32[i]; +! 178 ! d32[i]=(double)(i32[i]); +! 179 ! d16[2*i]=(double)(a&0xffff); +! 180 ! d16[2*i+1]=(double)(a>>16); + +/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2 +/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%g2 +/* 0x0160 175 */ sethi %hi(0xfc00),%g3 +/* 0x0164 180 */ ldx [%o3+%g2],%g1 +/* 0x0168 175 */ sll %i2,1,%i4 +/* 0x016c */ sub %g5,%i2,%g4 +/* 0x0170 177 */ sra %i2,0,%o3 +/* 0x0174 175 */ add %g3,1023,%g3 +/* 0x0178 178 */ ldd [%g1],%f2 +/* 0x017c */ sllx %o3,2,%o2 +/* 0x0180 175 */ add %i4,1,%g2 +/* 0x0184 177 */ or %g0,%o3,%o1 +/* 0x0188 */ cmp %g4,6 +/* 0x018c 175 */ bl,pn %icc,.L77000161 +/* 0x0190 */ sra %i2,0,%o3 +/* 0x0194 177 */ or %g0,%o2,%o0 +/* 0x0198 178 */ ld [%i0+%o2],%f5 +/* 0x019c 179 */ fmovs %f2,%f8 +/* 0x01a0 175 */ add %o0,4,%o3 +/* 0x01a4 177 */ ld [%i0+%o0],%o7 +/* 0x01a8 180 */ fmovs %f2,%f6 +/* 0x01ac 178 */ fmovs %f2,%f4 +/* 0x01b0 */ sllx %o1,3,%o2 +/* 0x01b4 175 */ add %o3,4,%o5 +/* 0x01b8 179 */ sra %i4,0,%o0 +/* 0x01bc 175 */ add %o3,8,%o4 +/* 0x01c0 178 */ fsubd %f4,%f2,%f4 +/* 0x01c4 */ std %f4,[%i3+%o2] +/* 0x01c8 179 */ sllx %o0,3,%i5 +/* 0x01cc */ and %o7,%g3,%o0 +/* 0x01d0 */ st %o0,[%sp+2227] +/* 0x01d4 175 */ add %i5,16,%o1 +/* 0x01d8 180 */ srl %o7,16,%g4 +/* 0x01dc */ add %i2,1,%i2 +/* 0x01e0 */ sra %g2,0,%o0 +/* 0x01e4 175 */ add %o2,8,%o2 +/* 0x01e8 179 */ fmovs %f2,%f4 +/* 0x01ec 180 */ sllx %o0,3,%l0 +/* 0x01f0 */ add %i4,3,%g2 +/* 0x01f4 179 */ ld [%sp+2227],%f5 +/* 0x01f8 175 */ add %l0,16,%o0 +/* 0x01fc 180 */ add %i4,2,%i4 +/* 0x0200 175 */ sub %g5,1,%o7 +/* 0x0204 180 */ add %i2,3,%i2 +/* 0x0208 179 */ fsubd %f4,%f2,%f4 +/* 0x020c */ std %f4,[%i1+%i5] +/* 0x0210 180 */ st %g4,[%sp+2223] +/* 0x0214 177 */ ld [%i0+%o3],%i5 +/* 0x0218 180 */ fmovs %f2,%f4 +/* 0x021c */ srl %i5,16,%g4 +/* 0x0220 179 */ and %i5,%g3,%i5 +/* 0x0224 180 */ ld [%sp+2223],%f5 +/* 0x0228 */ fsubd %f4,%f2,%f4 +/* 0x022c */ std %f4,[%i1+%l0] +/* 0x0230 */ st %g4,[%sp+2223] +/* 0x0234 177 */ ld [%i0+%o5],%g4 +/* 0x0238 179 */ st %i5,[%sp+2227] +/* 0x023c 178 */ fmovs %f2,%f4 +/* 0x0240 180 */ srl %g4,16,%i5 +/* 0x0244 179 */ and %g4,%g3,%g4 +/* 0x0248 180 */ ld [%sp+2223],%f7 +/* 0x024c */ st %i5,[%sp+2223] +/* 0x0250 178 */ ld [%i0+%o3],%f5 +/* 0x0254 180 */ fsubd %f6,%f2,%f6 +/* 0x0258 177 */ ld [%i0+%o4],%o3 +/* 0x025c 178 */ fsubd %f4,%f2,%f4 +/* 0x0260 179 */ ld [%sp+2227],%f9 +/* 0x0264 180 */ ld [%sp+2223],%f1 +/* 0x0268 179 */ st %g4,[%sp+2227] +/* 0x026c */ fsubd %f8,%f2,%f8 +/* 0x0270 */ std %f8,[%i1+%o1] +/* 0x0274 180 */ std %f6,[%i1+%o0] +/* 0x0278 178 */ std %f4,[%i3+%o2] + .L900000411: +/* 0x027c 179 */ ld [%sp+2227],%f13 +/* 0x0280 180 */ srl %o3,16,%g4 +/* 0x0284 */ add %i2,2,%i2 +/* 0x0288 */ st %g4,[%sp+2223] +/* 0x028c */ cmp %i2,%o7 +/* 0x0290 */ add %g2,4,%g2 +/* 0x0294 178 */ ld [%i0+%o5],%f11 +/* 0x0298 180 */ add %i4,4,%i4 +/* 0x029c 175 */ add %o4,4,%o5 +/* 0x02a0 177 */ ld [%i0+%o5],%g4 +/* 0x02a4 179 */ and %o3,%g3,%o3 +/* 0x02a8 */ st %o3,[%sp+2227] +/* 0x02ac 180 */ fmovs %f2,%f0 +/* 0x02b0 179 */ fmovs %f2,%f12 +/* 0x02b4 180 */ fsubd %f0,%f2,%f8 +/* 0x02b8 179 */ fsubd %f12,%f2,%f4 +/* 0x02bc 175 */ add %o1,16,%o1 +/* 0x02c0 180 */ ld [%sp+2223],%f7 +/* 0x02c4 178 */ fmovs %f2,%f10 +/* 0x02c8 179 */ std %f4,[%i1+%o1] +/* 0x02cc 175 */ add %o0,16,%o0 +/* 0x02d0 178 */ fsubd %f10,%f2,%f4 +/* 0x02d4 175 */ add %o2,8,%o2 +/* 0x02d8 180 */ std %f8,[%i1+%o0] +/* 0x02dc 178 */ std %f4,[%i3+%o2] +/* 0x02e0 179 */ ld [%sp+2227],%f9 +/* 0x02e4 180 */ srl %g4,16,%o3 +/* 0x02e8 */ st %o3,[%sp+2223] +/* 0x02ec 178 */ ld [%i0+%o4],%f5 +/* 0x02f0 175 */ add %o4,8,%o4 +/* 0x02f4 177 */ ld [%i0+%o4],%o3 +/* 0x02f8 179 */ and %g4,%g3,%g4 +/* 0x02fc */ st %g4,[%sp+2227] +/* 0x0300 180 */ fmovs %f2,%f6 +/* 0x0304 179 */ fmovs %f2,%f8 +/* 0x0308 180 */ fsubd %f6,%f2,%f6 +/* 0x030c 179 */ fsubd %f8,%f2,%f8 +/* 0x0310 175 */ add %o1,16,%o1 +/* 0x0314 180 */ ld [%sp+2223],%f1 +/* 0x0318 178 */ fmovs %f2,%f4 +/* 0x031c 179 */ std %f8,[%i1+%o1] +/* 0x0320 175 */ add %o0,16,%o0 +/* 0x0324 178 */ fsubd %f4,%f2,%f4 +/* 0x0328 175 */ add %o2,8,%o2 +/* 0x032c 180 */ std %f6,[%i1+%o0] +/* 0x0330 */ bl,pt %icc,.L900000411 +/* 0x0334 */ std %f4,[%i3+%o2] + .L900000414: +/* 0x0338 180 */ srl %o3,16,%o7 +/* 0x033c */ st %o7,[%sp+2223] +/* 0x0340 179 */ fmovs %f2,%f12 +/* 0x0344 178 */ ld [%i0+%o5],%f11 +/* 0x0348 180 */ fmovs %f2,%f0 +/* 0x034c 179 */ and %o3,%g3,%g4 +/* 0x0350 180 */ fmovs %f2,%f6 +/* 0x0354 175 */ add %o1,16,%o3 +/* 0x0358 */ add %o0,16,%o7 +/* 0x035c 178 */ fmovs %f2,%f10 +/* 0x0360 175 */ add %o2,8,%o2 +/* 0x0364 */ add %o1,32,%o5 +/* 0x0368 179 */ ld [%sp+2227],%f13 +/* 0x036c 178 */ fmovs %f2,%f4 +/* 0x0370 175 */ add %o0,32,%o1 +/* 0x0374 180 */ ld [%sp+2223],%f7 +/* 0x0378 175 */ add %o2,8,%o0 +/* 0x037c 180 */ cmp %i2,%g5 +/* 0x0380 179 */ st %g4,[%sp+2227] +/* 0x0384 */ fsubd %f12,%f2,%f8 +/* 0x0388 180 */ add %g2,6,%g2 +/* 0x038c 179 */ std %f8,[%i1+%o3] +/* 0x0390 180 */ fsubd %f0,%f2,%f0 +/* 0x0394 177 */ sra %i2,0,%o3 +/* 0x0398 180 */ std %f0,[%i1+%o7] +/* 0x039c 178 */ fsubd %f10,%f2,%f0 +/* 0x03a0 180 */ add %i4,6,%i4 +/* 0x03a4 178 */ std %f0,[%i3+%o2] +/* 0x03a8 */ sllx %o3,2,%o2 +/* 0x03ac 179 */ ld [%sp+2227],%f9 +/* 0x03b0 178 */ ld [%i0+%o4],%f5 +/* 0x03b4 179 */ fmovs %f2,%f8 +/* 0x03b8 */ fsubd %f8,%f2,%f0 +/* 0x03bc */ std %f0,[%i1+%o5] +/* 0x03c0 180 */ fsubd %f6,%f2,%f0 +/* 0x03c4 */ std %f0,[%i1+%o1] +/* 0x03c8 178 */ fsubd %f4,%f2,%f0 +/* 0x03cc 180 */ bge,pn %icc,.L77000164 +/* 0x03d0 */ std %f0,[%i3+%o0] + .L77000161: +/* 0x03d4 178 */ ldd [%g1],%f2 + .L900000416: +/* 0x03d8 178 */ ld [%i0+%o2],%f5 +/* 0x03dc 179 */ sra %i4,0,%o0 +/* 0x03e0 180 */ add %i2,1,%i2 +/* 0x03e4 177 */ ld [%i0+%o2],%o1 +/* 0x03e8 178 */ sllx %o3,3,%o3 +/* 0x03ec 180 */ add %i4,2,%i4 +/* 0x03f0 178 */ fmovs %f2,%f4 +/* 0x03f4 179 */ sllx %o0,3,%o4 +/* 0x03f8 180 */ cmp %i2,%g5 +/* 0x03fc 179 */ and %o1,%g3,%o0 +/* 0x0400 178 */ fsubd %f4,%f2,%f0 +/* 0x0404 */ std %f0,[%i3+%o3] +/* 0x0408 180 */ srl %o1,16,%o1 +/* 0x040c 179 */ st %o0,[%sp+2227] +/* 0x0410 180 */ sra %g2,0,%o0 +/* 0x0414 */ add %g2,2,%g2 +/* 0x0418 177 */ sra %i2,0,%o3 +/* 0x041c 180 */ sllx %o0,3,%o0 +/* 0x0420 179 */ fmovs %f2,%f4 +/* 0x0424 */ sllx %o3,2,%o2 +/* 0x0428 */ ld [%sp+2227],%f5 +/* 0x042c */ fsubd %f4,%f2,%f0 +/* 0x0430 */ std %f0,[%i1+%o4] +/* 0x0434 180 */ st %o1,[%sp+2223] +/* 0x0438 */ fmovs %f2,%f4 +/* 0x043c */ ld [%sp+2223],%f5 +/* 0x0440 */ fsubd %f4,%f2,%f0 +/* 0x0444 */ std %f0,[%i1+%o0] +/* 0x0448 */ bl,a,pt %icc,.L900000416 +/* 0x044c */ ldd [%g1],%f2 + .L77000164: +/* 0x0450 */ ret ! Result = +/* 0x0454 */ restore %g0,%g0,%g0 +/* 0x0458 0 */ .type conv_i32_to_d32_and_d16,2 +/* 0x0458 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +! +! SUBROUTINE adjust_montf_result +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global adjust_montf_result + adjust_montf_result: +/* 000000 */ save %sp,-176,%sp +/* 0x0004 */ or %g0,%i2,%o1 +/* 0x0008 */ or %g0,%i0,%i2 + +! 181 ! } +! 182 !} +! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len) +! 186 !{ +! 187 !long long acc; +! 188 !int i; +! 190 ! if(i32[len]>0) i=-1; + +/* 0x000c 190 */ sra %o1,0,%g2 +/* 0x0010 */ or %g0,-1,%o2 +/* 0x0014 */ sllx %g2,2,%g2 +/* 0x0018 */ ld [%i2+%g2],%g2 +/* 0x001c */ cmp %g2,0 +/* 0x0020 */ bleu,pn %icc,.L77000175 +/* 0x0024 */ or %g0,%i1,%i0 +/* 0x0028 */ ba .L900000511 +/* 0x002c */ cmp %o2,0 + .L77000175: + +! 191 ! else +! 192 ! { +! 193 ! for(i=len-1; i>=0; i--) + +/* 0x0030 193 */ sub %o1,1,%o2 +/* 0x0034 */ cmp %o2,0 +/* 0x0038 */ bl,pn %icc,.L77000182 +/* 0x003c */ sra %o2,0,%g2 + .L900000510: + +! 194 ! { +! 195 ! if(i32[i]!=nint[i]) break; + +/* 0x0040 195 */ sllx %g2,2,%g2 +/* 0x0044 */ sub %o2,1,%o0 +/* 0x0048 */ ld [%i1+%g2],%g3 +/* 0x004c */ ld [%i2+%g2],%g2 +/* 0x0050 */ cmp %g2,%g3 +/* 0x0054 */ bne,pn %icc,.L77000182 +/* 0x0058 */ nop +/* 0x005c 0 */ or %g0,%o0,%o2 +/* 0x0060 195 */ cmp %o0,0 +/* 0x0064 */ bge,pt %icc,.L900000510 +/* 0x0068 */ sra %o2,0,%g2 + .L77000182: + +! 196 ! } +! 197 ! } +! 198 ! if((i<0)||(i32[i]>nint[i])) + +/* 0x006c 198 */ cmp %o2,0 + .L900000511: +/* 0x0070 198 */ bl,pn %icc,.L77000198 +/* 0x0074 */ sra %o2,0,%g2 +/* 0x0078 */ sllx %g2,2,%g2 +/* 0x007c */ ld [%i1+%g2],%g3 +/* 0x0080 */ ld [%i2+%g2],%g2 +/* 0x0084 */ cmp %g2,%g3 +/* 0x0088 */ bleu,pt %icc,.L77000191 +/* 0x008c */ nop + .L77000198: + +! 199 ! { +! 200 ! acc=0; +! 201 ! for(i=0;i<len;i++) + +/* 0x0090 201 */ cmp %o1,0 +/* 0x0094 */ ble,pt %icc,.L77000191 +/* 0x0098 */ nop +/* 0x009c 198 */ or %g0,-1,%g2 +/* 0x00a0 201 */ or %g0,%o1,%g3 +/* 0x00a4 198 */ srl %g2,0,%g2 +/* 0x00a8 */ sub %o1,1,%g4 +/* 0x00ac */ cmp %o1,9 +/* 0x00b0 201 */ or %g0,0,%i1 +/* 0x00b4 200 */ or %g0,0,%g5 + +! 202 ! { +! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]); + +/* 0x00b8 203 */ or %g0,0,%o1 +/* 0x00bc 201 */ bl,pn %icc,.L77000199 +/* 0x00c0 */ sub %g3,4,%o7 +/* 0x00c4 203 */ ld [%i2],%o1 + +! 204 ! i32[i]=acc&0xffffffff; +! 205 ! acc=acc>>32; + +/* 0x00c8 205 */ or %g0,5,%i1 +/* 0x00cc 203 */ ld [%i0],%o2 +/* 0x00d0 201 */ or %g0,8,%o5 +/* 0x00d4 */ or %g0,12,%o4 +/* 0x00d8 203 */ ld [%i0+4],%o3 +/* 0x00dc 201 */ or %g0,16,%g1 +/* 0x00e0 203 */ ld [%i2+4],%o0 +/* 0x00e4 201 */ sub %o1,%o2,%o1 +/* 0x00e8 203 */ ld [%i0+8],%i3 +/* 0x00ec 204 */ and %o1,%g2,%g5 +/* 0x00f0 */ st %g5,[%i2] +/* 0x00f4 205 */ srax %o1,32,%g5 +/* 0x00f8 201 */ sub %o0,%o3,%o0 +/* 0x00fc 203 */ ld [%i0+12],%o2 +/* 0x0100 201 */ add %o0,%g5,%o0 +/* 0x0104 204 */ and %o0,%g2,%g5 +/* 0x0108 */ st %g5,[%i2+4] +/* 0x010c 205 */ srax %o0,32,%o0 +/* 0x0110 203 */ ld [%i2+8],%o1 +/* 0x0114 */ ld [%i2+12],%o3 +/* 0x0118 201 */ sub %o1,%i3,%o1 + .L900000505: +/* 0x011c */ add %g1,4,%g3 +/* 0x0120 203 */ ld [%g1+%i2],%g5 +/* 0x0124 201 */ add %o1,%o0,%o0 +/* 0x0128 203 */ ld [%i0+%g1],%i3 +/* 0x012c 201 */ sub %o3,%o2,%o1 +/* 0x0130 204 */ and %o0,%g2,%o2 +/* 0x0134 */ st %o2,[%o5+%i2] +/* 0x0138 205 */ srax %o0,32,%o2 +/* 0x013c */ add %i1,4,%i1 +/* 0x0140 201 */ add %g1,8,%o5 +/* 0x0144 203 */ ld [%g3+%i2],%o0 +/* 0x0148 201 */ add %o1,%o2,%o1 +/* 0x014c 203 */ ld [%i0+%g3],%o3 +/* 0x0150 201 */ sub %g5,%i3,%o2 +/* 0x0154 204 */ and %o1,%g2,%g5 +/* 0x0158 */ st %g5,[%o4+%i2] +/* 0x015c 205 */ srax %o1,32,%g5 +/* 0x0160 */ cmp %i1,%o7 +/* 0x0164 201 */ add %g1,12,%o4 +/* 0x0168 203 */ ld [%o5+%i2],%o1 +/* 0x016c 201 */ add %o2,%g5,%o2 +/* 0x0170 203 */ ld [%i0+%o5],%i3 +/* 0x0174 201 */ sub %o0,%o3,%o0 +/* 0x0178 204 */ and %o2,%g2,%o3 +/* 0x017c */ st %o3,[%g1+%i2] +/* 0x0180 205 */ srax %o2,32,%g5 +/* 0x0184 203 */ ld [%o4+%i2],%o3 +/* 0x0188 201 */ add %g1,16,%g1 +/* 0x018c */ add %o0,%g5,%o0 +/* 0x0190 203 */ ld [%i0+%o4],%o2 +/* 0x0194 201 */ sub %o1,%i3,%o1 +/* 0x0198 204 */ and %o0,%g2,%g5 +/* 0x019c */ st %g5,[%g3+%i2] +/* 0x01a0 205 */ ble,pt %icc,.L900000505 +/* 0x01a4 */ srax %o0,32,%o0 + .L900000508: +/* 0x01a8 */ add %o1,%o0,%g3 +/* 0x01ac */ sub %o3,%o2,%o1 +/* 0x01b0 203 */ ld [%g1+%i2],%o0 +/* 0x01b4 */ ld [%i0+%g1],%o2 +/* 0x01b8 205 */ srax %g3,32,%o7 +/* 0x01bc 204 */ and %g3,%g2,%o3 +/* 0x01c0 201 */ add %o1,%o7,%o1 +/* 0x01c4 204 */ st %o3,[%o5+%i2] +/* 0x01c8 205 */ cmp %i1,%g4 +/* 0x01cc 201 */ sub %o0,%o2,%o0 +/* 0x01d0 204 */ and %o1,%g2,%o2 +/* 0x01d4 */ st %o2,[%o4+%i2] +/* 0x01d8 205 */ srax %o1,32,%o1 +/* 0x01dc 203 */ sra %i1,0,%o2 +/* 0x01e0 201 */ add %o0,%o1,%o0 +/* 0x01e4 205 */ srax %o0,32,%g5 +/* 0x01e8 204 */ and %o0,%g2,%o1 +/* 0x01ec */ st %o1,[%g1+%i2] +/* 0x01f0 205 */ bg,pn %icc,.L77000191 +/* 0x01f4 */ sllx %o2,2,%o1 + .L77000199: +/* 0x01f8 0 */ or %g0,%o1,%g1 + .L900000509: +/* 0x01fc 203 */ ld [%o1+%i2],%o0 +/* 0x0200 205 */ add %i1,1,%i1 +/* 0x0204 203 */ ld [%i0+%o1],%o1 +/* 0x0208 */ sra %i1,0,%o2 +/* 0x020c 205 */ cmp %i1,%g4 +/* 0x0210 203 */ add %g5,%o0,%o0 +/* 0x0214 */ sub %o0,%o1,%o0 +/* 0x0218 205 */ srax %o0,32,%g5 +/* 0x021c 204 */ and %o0,%g2,%o1 +/* 0x0220 */ st %o1,[%g1+%i2] +/* 0x0224 */ sllx %o2,2,%o1 +/* 0x0228 205 */ ble,pt %icc,.L900000509 +/* 0x022c */ or %g0,%o1,%g1 + .L77000191: +/* 0x0230 */ ret ! Result = +/* 0x0234 */ restore %g0,%g0,%g0 +/* 0x0238 0 */ .type adjust_montf_result,2 +/* 0x0238 */ .size adjust_montf_result,(.-adjust_montf_result) + + .section ".text",#alloc,#execinstr +/* 000000 0 */ .align 8 +/* 000000 */ .skip 24 +! +! SUBROUTINE mont_mulf_noconv +! +! OFFSET SOURCE LINE LABEL INSTRUCTION + + .global mont_mulf_noconv + mont_mulf_noconv: +/* 000000 */ save %sp,-224,%sp + .L900000643: +/* 0x0004 */ call .+8 +/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5 +/* 0x000c */ ldx [%fp+2223],%l0 + +! 206 ! } +! 207 ! } +! 208 !} +! 213 !/* +! 214 !** the lengths of the input arrays should be at least the following: +! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen] +! 216 !** all of them should be different from one another +! 217 !** +! 218 !*/ +! 219 !void mont_mulf_noconv(unsigned int *result, +! 220 ! double *dm1, double *dm2, double *dt, +! 221 ! double *dn, unsigned int *nint, +! 222 ! int nlen, double dn0) +! 223 !{ +! 224 ! int i, j, jj; +! 225 ! int tmp; +! 226 ! double digit, m2j, nextm2j, a, b; +! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0; +! 229 ! pdm1=&(dm1[0]); +! 230 ! pdm2=&(dm2[0]); +! 231 ! pdn=&(dn[0]); +! 232 ! pdm2[2*nlen]=Zero; + +/* 0x0010 232 */ sethi %hi(Zero),%g2 +/* 0x0014 223 */ fmovd %f14,%f30 +/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5 +/* 0x001c 232 */ add %g2,%lo(Zero),%g2 +/* 0x0020 */ sll %l0,1,%o3 +/* 0x0024 223 */ add %g5,%o7,%o4 +/* 0x0028 232 */ sra %o3,0,%g5 +/* 0x002c */ ldx [%o4+%g2],%o7 + +! 234 ! if (nlen!=16) +! 235 ! { +! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero; +! 238 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); + +/* 0x0030 239 */ sethi %hi(TwoToMinus16),%g3 +/* 0x0034 */ sethi %hi(TwoTo16),%g4 +/* 0x0038 */ add %g3,%lo(TwoToMinus16),%g2 +/* 0x003c 232 */ ldd [%o7],%f0 +/* 0x0040 239 */ add %g4,%lo(TwoTo16),%g3 +/* 0x0044 223 */ or %g0,%i4,%o0 +/* 0x0048 232 */ sllx %g5,3,%g4 +/* 0x004c 239 */ ldx [%o4+%g2],%o5 +/* 0x0050 223 */ or %g0,%i5,%l3 +/* 0x0054 */ or %g0,%i0,%l2 +/* 0x0058 239 */ ldx [%o4+%g3],%o4 +/* 0x005c 234 */ cmp %l0,16 +/* 0x0060 232 */ std %f0,[%i2+%g4] +/* 0x0064 234 */ be,pn %icc,.L77000279 +/* 0x0068 */ or %g0,%i3,%l4 +/* 0x006c 236 */ sll %l0,2,%g2 +/* 0x0070 223 */ or %g0,%o0,%i5 +/* 0x0074 236 */ add %g2,2,%o0 +/* 0x0078 223 */ or %g0,%i1,%i4 +/* 0x007c 236 */ cmp %o0,0 +/* 0x0080 223 */ or %g0,%i2,%l1 +/* 0x0084 236 */ ble,a,pt %icc,.L900000657 +/* 0x0088 */ ldd [%i1],%f6 + +! 241 ! pdtj=&(dt[0]); +! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++) +! 243 ! { +! 244 ! m2j=pdm2[j]; +! 245 ! a=pdtj[0]+pdn[0]*digit; +! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16; +! 247 ! pdtj[1]=b; +! 249 !#pragma pipeloop(0) +! 250 ! for(i=1;i<nlen;i++) +! 251 ! { +! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 253 ! } +! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;} +! 255 ! +! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); +! 257 ! } +! 258 ! } +! 259 ! else +! 260 ! { +! 261 ! a=dt[0]=pdm1[0]*pdm2[0]; +! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]= +! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]= +! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]= +! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]= +! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]= +! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]= +! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]= +! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]= +! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]= +! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]= +! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero; +! 275 ! pdn_0=pdn[0]; +! 276 ! pdm1_0=pdm1[0]; +! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16); +! 279 ! pdtj=&(dt[0]); +! 281 ! for(j=0;j<32;j++,pdtj++) + +/* 0x008c 281 */ or %g0,%o0,%o1 +/* 0x0090 236 */ sub %o0,1,%g1 +/* 0x0094 */ or %g0,0,%g2 +/* 0x0098 281 */ cmp %o1,5 +/* 0x009c */ bl,pn %icc,.L77000280 +/* 0x00a0 */ or %g0,8,%o0 +/* 0x00a4 */ std %f0,[%i3] +/* 0x00a8 */ or %g0,2,%g2 +/* 0x00ac */ sub %g1,2,%o1 + .L900000627: +/* 0x00b0 */ add %o0,8,%g3 +/* 0x00b4 */ std %f0,[%i3+%o0] +/* 0x00b8 */ add %g2,3,%g2 +/* 0x00bc */ add %o0,16,%o2 +/* 0x00c0 */ std %f0,[%i3+%g3] +/* 0x00c4 */ cmp %g2,%o1 +/* 0x00c8 */ add %o0,24,%o0 +/* 0x00cc */ ble,pt %icc,.L900000627 +/* 0x00d0 */ std %f0,[%i3+%o2] + .L900000630: +/* 0x00d4 */ cmp %g2,%g1 +/* 0x00d8 */ bg,pn %icc,.L77000285 +/* 0x00dc */ std %f0,[%i3+%o0] + .L77000280: +/* 0x00e0 */ ldd [%o7],%f0 + .L900000656: +/* 0x00e4 */ sra %g2,0,%o0 +/* 0x00e8 */ add %g2,1,%g2 +/* 0x00ec */ sllx %o0,3,%o0 +/* 0x00f0 */ cmp %g2,%g1 +/* 0x00f4 */ std %f0,[%i3+%o0] +/* 0x00f8 */ ble,a,pt %icc,.L900000656 +/* 0x00fc */ ldd [%o7],%f0 + .L77000285: +/* 0x0100 238 */ ldd [%i1],%f6 + .L900000657: +/* 0x0104 238 */ ldd [%i2],%f8 +/* 0x0108 242 */ cmp %o3,0 +/* 0x010c */ sub %o3,1,%o1 +/* 0x0110 239 */ ldd [%o7],%f10 +/* 0x0114 */ add %o3,1,%o2 +/* 0x0118 0 */ or %g0,0,%i2 +/* 0x011c 238 */ fmuld %f6,%f8,%f6 +/* 0x0120 */ std %f6,[%i3] +/* 0x0124 0 */ or %g0,0,%g3 +/* 0x0128 239 */ ldd [%o5],%f8 +/* 0x012c 0 */ or %g0,%o2,%g1 +/* 0x0130 236 */ sub %l0,1,%i1 +/* 0x0134 239 */ ldd [%o4],%f12 +/* 0x0138 236 */ or %g0,1,%g4 +/* 0x013c */ fdtox %f6,%f0 +/* 0x0140 */ fmovs %f10,%f0 +/* 0x0144 */ fxtod %f0,%f6 +/* 0x0148 239 */ fmuld %f6,%f14,%f6 +/* 0x014c */ fmuld %f6,%f8,%f8 +/* 0x0150 */ fdtox %f8,%f8 +/* 0x0154 */ fxtod %f8,%f8 +/* 0x0158 */ fmuld %f8,%f12,%f8 +/* 0x015c */ fsubd %f6,%f8,%f20 +/* 0x0160 242 */ ble,pt %icc,.L900000650 +/* 0x0164 */ sllx %g5,3,%g2 +/* 0x0168 0 */ st %o1,[%sp+2223] +/* 0x016c 246 */ ldd [%i5],%f6 + .L900000651: +/* 0x0170 246 */ sra %g4,0,%g2 +/* 0x0174 */ fmuld %f6,%f20,%f6 +/* 0x0178 */ ldd [%i3],%f12 +/* 0x017c */ sllx %g2,3,%g2 +/* 0x0180 */ ldd [%i4],%f8 +/* 0x0184 250 */ cmp %l0,1 +/* 0x0188 246 */ ldd [%l1+%g2],%f10 +/* 0x018c 244 */ sra %i2,0,%g2 +/* 0x0190 */ add %i2,1,%i0 +/* 0x0194 246 */ faddd %f12,%f6,%f6 +/* 0x0198 */ ldd [%o5],%f12 +/* 0x019c 244 */ sllx %g2,3,%g2 +/* 0x01a0 246 */ fmuld %f8,%f10,%f8 +/* 0x01a4 */ ldd [%i3+8],%f10 +/* 0x01a8 */ srl %i2,31,%o3 +/* 0x01ac 244 */ ldd [%l1+%g2],%f18 +/* 0x01b0 0 */ or %g0,1,%l5 +/* 0x01b4 236 */ or %g0,2,%g2 +/* 0x01b8 246 */ fmuld %f6,%f12,%f6 +/* 0x01bc 250 */ or %g0,32,%o1 +/* 0x01c0 */ or %g0,48,%o2 +/* 0x01c4 246 */ faddd %f10,%f8,%f8 +/* 0x01c8 */ faddd %f8,%f6,%f16 +/* 0x01cc 250 */ ble,pn %icc,.L77000213 +/* 0x01d0 */ std %f16,[%i3+8] +/* 0x01d4 */ cmp %i1,8 +/* 0x01d8 */ sub %l0,3,%o3 +/* 0x01dc */ bl,pn %icc,.L77000284 +/* 0x01e0 */ or %g0,8,%o0 +/* 0x01e4 252 */ ldd [%i5+8],%f0 +/* 0x01e8 */ or %g0,6,%l5 +/* 0x01ec */ ldd [%i4+8],%f2 +/* 0x01f0 */ or %g0,4,%g2 +/* 0x01f4 250 */ or %g0,40,%o0 +/* 0x01f8 252 */ ldd [%i5+16],%f8 +/* 0x01fc */ fmuld %f0,%f20,%f10 +/* 0x0200 */ ldd [%i4+16],%f4 +/* 0x0204 */ fmuld %f2,%f18,%f2 +/* 0x0208 */ ldd [%i3+16],%f0 +/* 0x020c */ fmuld %f8,%f20,%f12 +/* 0x0210 */ ldd [%i4+24],%f6 +/* 0x0214 */ fmuld %f4,%f18,%f4 +/* 0x0218 */ ldd [%i5+24],%f8 +/* 0x021c */ faddd %f2,%f10,%f2 +/* 0x0220 */ ldd [%i4+32],%f14 +/* 0x0224 */ fmuld %f6,%f18,%f10 +/* 0x0228 */ ldd [%i5+32],%f6 +/* 0x022c */ faddd %f4,%f12,%f4 +/* 0x0230 */ ldd [%i4+40],%f12 +/* 0x0234 */ faddd %f0,%f2,%f0 +/* 0x0238 */ std %f0,[%i3+16] +/* 0x023c */ ldd [%i3+32],%f0 +/* 0x0240 */ ldd [%i3+48],%f2 + .L900000639: +/* 0x0244 */ add %o2,16,%l6 +/* 0x0248 252 */ ldd [%i5+%o0],%f22 +/* 0x024c */ add %l5,3,%l5 +/* 0x0250 */ fmuld %f8,%f20,%f8 +/* 0x0254 250 */ add %o0,8,%o0 +/* 0x0258 252 */ ldd [%l6+%i3],%f26 +/* 0x025c */ cmp %l5,%o3 +/* 0x0260 */ ldd [%i4+%o0],%f24 +/* 0x0264 */ faddd %f0,%f4,%f0 +/* 0x0268 */ add %g2,6,%g2 +/* 0x026c */ faddd %f10,%f8,%f10 +/* 0x0270 */ fmuld %f14,%f18,%f4 +/* 0x0274 */ std %f0,[%o1+%i3] +/* 0x0278 250 */ add %o2,32,%o1 +/* 0x027c 252 */ ldd [%i5+%o0],%f8 +/* 0x0280 */ fmuld %f6,%f20,%f6 +/* 0x0284 250 */ add %o0,8,%o0 +/* 0x0288 252 */ ldd [%o1+%i3],%f0 +/* 0x028c */ ldd [%i4+%o0],%f14 +/* 0x0290 */ faddd %f2,%f10,%f2 +/* 0x0294 */ faddd %f4,%f6,%f10 +/* 0x0298 */ fmuld %f12,%f18,%f4 +/* 0x029c */ std %f2,[%o2+%i3] +/* 0x02a0 250 */ add %o2,48,%o2 +/* 0x02a4 252 */ ldd [%i5+%o0],%f6 +/* 0x02a8 */ fmuld %f22,%f20,%f22 +/* 0x02ac 250 */ add %o0,8,%o0 +/* 0x02b0 252 */ ldd [%o2+%i3],%f2 +/* 0x02b4 */ ldd [%i4+%o0],%f12 +/* 0x02b8 */ faddd %f26,%f10,%f10 +/* 0x02bc */ std %f10,[%l6+%i3] +/* 0x02c0 */ fmuld %f24,%f18,%f10 +/* 0x02c4 */ ble,pt %icc,.L900000639 +/* 0x02c8 */ faddd %f4,%f22,%f4 + .L900000642: +/* 0x02cc 252 */ fmuld %f8,%f20,%f24 +/* 0x02d0 */ faddd %f0,%f4,%f8 +/* 0x02d4 250 */ add %o2,16,%o3 +/* 0x02d8 252 */ ldd [%o3+%i3],%f4 +/* 0x02dc */ fmuld %f14,%f18,%f0 +/* 0x02e0 */ cmp %l5,%i1 +/* 0x02e4 */ std %f8,[%o1+%i3] +/* 0x02e8 */ fmuld %f12,%f18,%f8 +/* 0x02ec 250 */ add %o2,32,%o1 +/* 0x02f0 252 */ faddd %f10,%f24,%f12 +/* 0x02f4 */ ldd [%i5+%o0],%f22 +/* 0x02f8 */ fmuld %f6,%f20,%f6 +/* 0x02fc */ add %g2,8,%g2 +/* 0x0300 */ fmuld %f22,%f20,%f10 +/* 0x0304 */ faddd %f2,%f12,%f2 +/* 0x0308 */ faddd %f0,%f6,%f6 +/* 0x030c */ ldd [%o1+%i3],%f0 +/* 0x0310 */ std %f2,[%o2+%i3] +/* 0x0314 */ faddd %f8,%f10,%f2 +/* 0x0318 */ sra %l5,0,%o2 +/* 0x031c */ sllx %o2,3,%o0 +/* 0x0320 */ faddd %f4,%f6,%f4 +/* 0x0324 */ std %f4,[%o3+%i3] +/* 0x0328 */ faddd %f0,%f2,%f0 +/* 0x032c */ std %f0,[%o1+%i3] +/* 0x0330 */ bg,a,pn %icc,.L77000213 +/* 0x0334 */ srl %i2,31,%o3 + .L77000284: +/* 0x0338 252 */ ldd [%i4+%o0],%f2 + .L900000655: +/* 0x033c 252 */ ldd [%i5+%o0],%f0 +/* 0x0340 */ fmuld %f2,%f18,%f2 +/* 0x0344 */ sra %g2,0,%o0 +/* 0x0348 */ sllx %o0,3,%o1 +/* 0x034c */ add %l5,1,%l5 +/* 0x0350 */ fmuld %f0,%f20,%f4 +/* 0x0354 */ ldd [%o1+%i3],%f0 +/* 0x0358 */ sra %l5,0,%o2 +/* 0x035c */ sllx %o2,3,%o0 +/* 0x0360 */ add %g2,2,%g2 +/* 0x0364 */ cmp %l5,%i1 +/* 0x0368 */ faddd %f2,%f4,%f2 +/* 0x036c */ faddd %f0,%f2,%f0 +/* 0x0370 */ std %f0,[%o1+%i3] +/* 0x0374 */ ble,a,pt %icc,.L900000655 +/* 0x0378 */ ldd [%i4+%o0],%f2 + .L900000626: +/* 0x037c */ srl %i2,31,%o3 +/* 0x0380 252 */ ba .L900000654 +/* 0x0384 */ cmp %g3,30 + .L77000213: +/* 0x0388 254 */ cmp %g3,30 + .L900000654: +/* 0x038c */ add %i2,%o3,%o0 +/* 0x0390 254 */ bne,a,pt %icc,.L900000653 +/* 0x0394 */ fdtox %f16,%f0 +/* 0x0398 281 */ sra %o0,1,%g2 +/* 0x039c */ add %g2,1,%g2 +/* 0x03a0 */ ldd [%o7],%f0 +/* 0x03a4 */ sll %g2,1,%o1 +/* 0x03a8 */ sll %g1,1,%g2 +/* 0x03ac */ or %g0,%o1,%o2 +/* 0x03b0 */ fmovd %f0,%f2 +/* 0x03b4 */ or %g0,%g2,%o0 +/* 0x03b8 */ cmp %o1,%o0 +/* 0x03bc */ sub %g2,1,%o0 +/* 0x03c0 */ bge,pt %icc,.L77000215 +/* 0x03c4 */ or %g0,0,%g3 +/* 0x03c8 254 */ add %o1,1,%o1 +/* 0x03cc 281 */ sra %o2,0,%g2 + .L900000652: +/* 0x03d0 */ sllx %g2,3,%g2 +/* 0x03d4 */ ldd [%o7],%f6 +/* 0x03d8 */ add %o2,2,%o2 +/* 0x03dc */ sra %o1,0,%g3 +/* 0x03e0 */ ldd [%g2+%l4],%f8 +/* 0x03e4 */ cmp %o2,%o0 +/* 0x03e8 */ sllx %g3,3,%g3 +/* 0x03ec */ add %o1,2,%o1 +/* 0x03f0 */ ldd [%l4+%g3],%f10 +/* 0x03f4 */ fdtox %f8,%f12 +/* 0x03f8 */ fdtox %f10,%f4 +/* 0x03fc */ fmovd %f12,%f8 +/* 0x0400 */ fmovs %f6,%f12 +/* 0x0404 */ fmovs %f6,%f4 +/* 0x0408 */ fxtod %f12,%f6 +/* 0x040c */ fxtod %f4,%f12 +/* 0x0410 */ fdtox %f10,%f4 +/* 0x0414 */ faddd %f6,%f2,%f6 +/* 0x0418 */ std %f6,[%g2+%l4] +/* 0x041c */ faddd %f12,%f0,%f6 +/* 0x0420 */ std %f6,[%l4+%g3] +/* 0x0424 */ fitod %f8,%f2 +/* 0x0428 */ fitod %f4,%f0 +/* 0x042c */ ble,pt %icc,.L900000652 +/* 0x0430 */ sra %o2,0,%g2 + .L77000233: +/* 0x0434 */ or %g0,0,%g3 + .L77000215: +/* 0x0438 */ fdtox %f16,%f0 + .L900000653: +/* 0x043c 256 */ ldd [%o7],%f6 +/* 0x0440 */ add %g4,1,%g4 +/* 0x0444 */ or %g0,%i0,%i2 +/* 0x0448 */ ldd [%o5],%f8 +/* 0x044c */ add %g3,1,%g3 +/* 0x0450 */ add %i3,8,%i3 +/* 0x0454 */ fmovs %f6,%f0 +/* 0x0458 */ ldd [%o4],%f10 +/* 0x045c */ ld [%sp+2223],%o0 +/* 0x0460 */ fxtod %f0,%f6 +/* 0x0464 */ cmp %i0,%o0 +/* 0x0468 */ fmuld %f6,%f30,%f6 +/* 0x046c */ fmuld %f6,%f8,%f8 +/* 0x0470 */ fdtox %f8,%f8 +/* 0x0474 */ fxtod %f8,%f8 +/* 0x0478 */ fmuld %f8,%f10,%f8 +/* 0x047c */ fsubd %f6,%f8,%f20 +/* 0x0480 */ ble,a,pt %icc,.L900000651 +/* 0x0484 */ ldd [%i5],%f6 + .L900000625: +/* 0x0488 256 */ ba .L900000650 +/* 0x048c */ sllx %g5,3,%g2 + .L77000279: +/* 0x0490 261 */ ldd [%i1],%f4 +/* 0x0494 */ ldd [%i2],%f6 +/* 0x0498 273 */ std %f0,[%i3+8] +/* 0x049c */ std %f0,[%i3+16] +/* 0x04a0 261 */ fmuld %f4,%f6,%f6 +/* 0x04a4 */ std %f6,[%i3] +/* 0x04a8 273 */ std %f0,[%i3+24] +/* 0x04ac */ std %f0,[%i3+32] +/* 0x04b0 */ fdtox %f6,%f2 +/* 0x04b4 */ std %f0,[%i3+40] +/* 0x04b8 */ std %f0,[%i3+48] +/* 0x04bc */ std %f0,[%i3+56] +/* 0x04c0 */ std %f0,[%i3+64] +/* 0x04c4 */ fmovs %f0,%f2 +/* 0x04c8 */ std %f0,[%i3+72] +/* 0x04cc */ std %f0,[%i3+80] +/* 0x04d0 */ std %f0,[%i3+88] +/* 0x04d4 */ std %f0,[%i3+96] +/* 0x04d8 */ std %f0,[%i3+104] +/* 0x04dc */ std %f0,[%i3+112] +/* 0x04e0 */ std %f0,[%i3+120] +/* 0x04e4 */ std %f0,[%i3+128] +/* 0x04e8 */ std %f0,[%i3+136] +/* 0x04ec */ std %f0,[%i3+144] +/* 0x04f0 */ std %f0,[%i3+152] +/* 0x04f4 */ std %f0,[%i3+160] +/* 0x04f8 */ std %f0,[%i3+168] +/* 0x04fc */ fxtod %f2,%f6 +/* 0x0500 */ std %f0,[%i3+176] +/* 0x0504 281 */ or %g0,1,%o2 +/* 0x0508 273 */ std %f0,[%i3+184] + +! 282 ! { +! 284 ! m2j=pdm2[j]; +! 285 ! a=pdtj[0]+pdn_0*digit; +! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16; + +/* 0x050c 286 */ sra %o2,0,%g2 +/* 0x0510 279 */ or %g0,%i3,%o3 +/* 0x0514 273 */ std %f0,[%i3+192] +/* 0x0518 278 */ fmuld %f6,%f14,%f6 +/* 0x051c 281 */ or %g0,0,%g1 +/* 0x0520 273 */ std %f0,[%i3+200] +/* 0x0524 */ std %f0,[%i3+208] +/* 0x0528 */ std %f0,[%i3+216] +/* 0x052c */ std %f0,[%i3+224] +/* 0x0530 */ std %f0,[%i3+232] +/* 0x0534 */ std %f0,[%i3+240] +/* 0x0538 */ std %f0,[%i3+248] +/* 0x053c */ std %f0,[%i3+256] +/* 0x0540 */ std %f0,[%i3+264] +/* 0x0544 */ std %f0,[%i3+272] +/* 0x0548 */ std %f0,[%i3+280] +/* 0x054c */ std %f0,[%i3+288] +/* 0x0550 */ std %f0,[%i3+296] +/* 0x0554 */ std %f0,[%i3+304] +/* 0x0558 */ std %f0,[%i3+312] +/* 0x055c */ std %f0,[%i3+320] +/* 0x0560 */ std %f0,[%i3+328] +/* 0x0564 */ std %f0,[%i3+336] +/* 0x0568 */ std %f0,[%i3+344] +/* 0x056c */ std %f0,[%i3+352] +/* 0x0570 */ std %f0,[%i3+360] +/* 0x0574 */ std %f0,[%i3+368] +/* 0x0578 */ std %f0,[%i3+376] +/* 0x057c */ std %f0,[%i3+384] +/* 0x0580 */ std %f0,[%i3+392] +/* 0x0584 */ std %f0,[%i3+400] +/* 0x0588 */ std %f0,[%i3+408] +/* 0x058c */ std %f0,[%i3+416] +/* 0x0590 */ std %f0,[%i3+424] +/* 0x0594 */ std %f0,[%i3+432] +/* 0x0598 */ std %f0,[%i3+440] +/* 0x059c */ std %f0,[%i3+448] +/* 0x05a0 */ std %f0,[%i3+456] +/* 0x05a4 */ std %f0,[%i3+464] +/* 0x05a8 */ std %f0,[%i3+472] +/* 0x05ac */ std %f0,[%i3+480] +/* 0x05b0 */ std %f0,[%i3+488] +/* 0x05b4 */ std %f0,[%i3+496] +/* 0x05b8 278 */ ldd [%o5],%f8 +/* 0x05bc */ ldd [%o4],%f10 +/* 0x05c0 */ fmuld %f6,%f8,%f8 +/* 0x05c4 273 */ std %f0,[%i3+504] +/* 0x05c8 */ std %f0,[%i3+512] +/* 0x05cc */ std %f0,[%i3+520] +/* 0x05d0 */ fdtox %f8,%f8 +/* 0x05d4 275 */ ldd [%o0],%f0 +/* 0x05d8 */ fxtod %f8,%f8 +/* 0x05dc */ fmuld %f8,%f10,%f8 +/* 0x05e0 */ fsubd %f6,%f8,%f2 + +! 287 ! pdtj[1]=b; +! 289 ! /**** this loop will be fully unrolled: +! 290 ! for(i=1;i<16;i++) +! 291 ! { +! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit; +! 293 ! } +! 294 ! *************************************/ +! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit; +! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit; +! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit; +! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit; +! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit; +! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit; +! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit; +! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit; +! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit; +! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit; +! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit; +! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit; +! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit; +! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit; +! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit; +! 310 ! /* no need for cleenup, cannot overflow */ +! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16); + + + fmovd %f2,%f0 ! hand modified + fmovd %f30,%f18 ! hand modified + ldd [%o0],%f2 + ldd [%o3],%f8 + ldd [%i1],%f10 + ldd [%o5],%f14 ! hand modified + ldd [%o4],%f16 ! hand modified + ldd [%i2],%f24 + + ldd [%i1+8],%f26 + ldd [%i1+16],%f40 + ldd [%i1+48],%f46 + ldd [%i1+56],%f30 + ldd [%i1+64],%f54 + ldd [%i1+104],%f34 + ldd [%i1+112],%f58 + + ldd [%o0+8],%f28 + ldd [%o0+104],%f38 + ldd [%o0+112],%f60 + + .L99999999: !1 + ldd [%i1+24],%f32 + fmuld %f0,%f2,%f4 !2 + ldd [%o0+24],%f36 + fmuld %f26,%f24,%f20 !3 + ldd [%i1+40],%f42 + fmuld %f28,%f0,%f22 !4 + ldd [%o0+40],%f44 + fmuld %f32,%f24,%f32 !5 + ldd [%i2+8],%f6 + faddd %f4,%f8,%f4 + fmuld %f36,%f0,%f36 !6 + add %i2,8,%i2 + ldd [%o0+56],%f50 + fmuld %f42,%f24,%f42 !7 + ldd [%i1+72],%f52 + faddd %f20,%f22,%f20 + fmuld %f44,%f0,%f44 !8 + ldd [%o3+16],%f22 + fmuld %f10,%f6,%f12 !9 + ldd [%o0+72],%f56 + faddd %f32,%f36,%f32 + fmuld %f14,%f4,%f4 !10 + ldd [%o3+48],%f36 + fmuld %f30,%f24,%f48 !11 + ldd [%o3+8],%f8 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 !12 + std %f20,[%o3+16] + faddd %f42,%f44,%f42 + fmuld %f52,%f24,%f52 !13 + ldd [%o3+80],%f44 + faddd %f4,%f12,%f4 + fmuld %f56,%f0,%f56 !14 + ldd [%i1+88],%f20 + faddd %f32,%f36,%f32 !15 + ldd [%o0+88],%f22 + faddd %f48,%f50,%f48 !16 + ldd [%o3+112],%f50 + faddd %f52,%f56,%f52 !17 + ldd [%o3+144],%f56 + faddd %f4,%f8,%f8 + fmuld %f20,%f24,%f20 !18 + std %f32,[%o3+48] + faddd %f42,%f44,%f42 + fmuld %f22,%f0,%f22 !19 + std %f42,[%o3+80] + faddd %f48,%f50,%f48 + fmuld %f34,%f24,%f32 !20 + std %f48,[%o3+112] + faddd %f52,%f56,%f52 + fmuld %f38,%f0,%f36 !21 + ldd [%i1+120],%f42 + fdtox %f8,%f4 !22 + std %f52,[%o3+144] + faddd %f20,%f22,%f20 !23 + ldd [%o0+120],%f44 !24 + ldd [%o3+176],%f22 + faddd %f32,%f36,%f32 + fmuld %f42,%f24,%f42 !25 + ldd [%o0+16],%f50 + fmovs %f17,%f4 !26 + ldd [%i1+32],%f52 + fmuld %f44,%f0,%f44 !27 + ldd [%o0+32],%f56 + fmuld %f40,%f24,%f48 !28 + ldd [%o3+208],%f36 + faddd %f20,%f22,%f20 + fmuld %f50,%f0,%f50 !29 + std %f20,[%o3+176] + fxtod %f4,%f4 + fmuld %f52,%f24,%f52 !30 + ldd [%o0+48],%f22 + faddd %f42,%f44,%f42 + fmuld %f56,%f0,%f56 !31 + ldd [%o3+240],%f44 + faddd %f32,%f36,%f32 !32 + std %f32,[%o3+208] + faddd %f48,%f50,%f48 + fmuld %f46,%f24,%f20 !33 + ldd [%o3+32],%f50 + fmuld %f4,%f18,%f12 !34 + ldd [%o0+64],%f36 + faddd %f52,%f56,%f52 + fmuld %f22,%f0,%f22 !35 + ldd [%o3+64],%f56 + faddd %f42,%f44,%f42 !36 + std %f42,[%o3+240] + faddd %f48,%f50,%f48 + fmuld %f54,%f24,%f32 !37 + std %f48,[%o3+32] + fmuld %f12,%f14,%f4 !38 + ldd [%i1+80],%f42 + faddd %f52,%f56,%f56 ! yes, tmp52! + fmuld %f36,%f0,%f36 !39 + ldd [%o0+80],%f44 + faddd %f20,%f22,%f20 !40 + ldd [%i1+96],%f48 + fmuld %f58,%f24,%f52 !41 + ldd [%o0+96],%f50 + fdtox %f4,%f4 + fmuld %f42,%f24,%f42 !42 + std %f56,[%o3+64] ! yes, tmp52! + faddd %f32,%f36,%f32 + fmuld %f44,%f0,%f44 !43 + ldd [%o3+96],%f22 + fmuld %f48,%f24,%f48 !44 + ldd [%o3+128],%f36 + fmovd %f6,%f24 + fmuld %f50,%f0,%f50 !45 + fxtod %f4,%f4 + fmuld %f60,%f0,%f56 !46 + add %o3,8,%o3 + faddd %f42,%f44,%f42 !47 + ldd [%o3+160-8],%f44 + faddd %f20,%f22,%f20 !48 + std %f20,[%o3+96-8] + faddd %f48,%f50,%f48 !49 + ldd [%o3+192-8],%f50 + faddd %f52,%f56,%f52 + fmuld %f4,%f16,%f4 !50 + ldd [%o3+224-8],%f56 + faddd %f32,%f36,%f32 !51 + std %f32,[%o3+128-8] + faddd %f42,%f44,%f42 !52 + add %g1,1,%g1 + std %f42,[%o3+160-8] + faddd %f48,%f50,%f48 !53 + cmp %g1,31 + std %f48,[%o3+192-8] + fsubd %f12,%f4,%f0 !54 + faddd %f52,%f56,%f52 + ble,pt %icc,.L99999999 + std %f52,[%o3+224-8] !55 + std %f8,[%o3] +! 312 ! } +! 313 ! } +! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1); + +/* 0x0844 315 */ sllx %g5,3,%g2 + .L900000650: +/* 0x0848 315 */ ldd [%g2+%l4],%f2 +/* 0x084c */ add %l4,%g2,%o0 +/* 0x0850 */ or %g0,0,%g1 +/* 0x0854 */ ldd [%o0+8],%f4 +/* 0x0858 */ or %g0,0,%i2 +/* 0x085c */ cmp %l0,0 +/* 0x0860 */ fdtox %f2,%f2 +/* 0x0864 */ std %f2,[%sp+2255] +/* 0x0868 311 */ sethi %hi(0xfc00),%o3 +/* 0x086c 315 */ fdtox %f4,%f2 +/* 0x0870 */ std %f2,[%sp+2247] +/* 0x0874 311 */ or %g0,-1,%o2 +/* 0x0878 */ srl %o2,0,%o5 +/* 0x087c */ or %g0,2,%g5 +/* 0x0880 */ sub %l0,1,%g3 +/* 0x0884 */ or %g0,%o0,%o7 +/* 0x0888 */ add %o3,1023,%o4 +/* 0x088c 315 */ or %g0,64,%o3 +/* 0x0890 */ ldx [%sp+2255],%i0 +/* 0x0894 */ sub %l0,2,%o1 +/* 0x0898 */ ldx [%sp+2247],%i1 +/* 0x089c */ ble,pt %icc,.L900000648 +/* 0x08a0 */ sethi %hi(0xfc00),%g2 +/* 0x08a4 */ cmp %l0,6 +/* 0x08a8 */ and %i0,%o5,%o2 +/* 0x08ac */ bl,pn %icc,.L77000287 +/* 0x08b0 */ or %g0,3,%g4 +/* 0x08b4 */ ldd [%o7+16],%f0 +/* 0x08b8 */ and %i1,%o4,%i3 +/* 0x08bc */ sllx %i3,16,%o0 +/* 0x08c0 */ or %g0,5,%g4 +/* 0x08c4 */ srax %i1,16,%i4 +/* 0x08c8 */ fdtox %f0,%f0 +/* 0x08cc */ std %f0,[%sp+2239] +/* 0x08d0 */ srax %i0,32,%i1 +/* 0x08d4 */ add %o2,%o0,%i5 +/* 0x08d8 */ ldd [%o7+24],%f0 +/* 0x08dc */ and %i5,%o5,%l1 +/* 0x08e0 */ or %g0,72,%o2 +/* 0x08e4 */ or %g0,4,%o0 +/* 0x08e8 */ or %g0,4,%g5 +/* 0x08ec */ ldx [%sp+2239],%g1 +/* 0x08f0 */ fdtox %f0,%f0 +/* 0x08f4 */ or %g0,4,%i2 +/* 0x08f8 */ std %f0,[%sp+2231] +/* 0x08fc */ ldd [%o7+40],%f2 +/* 0x0900 */ and %g1,%o5,%i3 +/* 0x0904 */ ldd [%o7+32],%f0 +/* 0x0908 */ srax %g1,32,%g1 +/* 0x090c */ ldd [%o7+56],%f4 +/* 0x0910 */ fdtox %f2,%f2 +/* 0x0914 */ ldx [%sp+2231],%g2 +/* 0x0918 */ fdtox %f0,%f0 +/* 0x091c */ st %l1,[%l2] +/* 0x0920 */ srax %i5,32,%l1 +/* 0x0924 */ fdtox %f4,%f4 +/* 0x0928 */ std %f2,[%sp+2231] +/* 0x092c */ and %g2,%o4,%i5 +/* 0x0930 */ add %i4,%l1,%i4 +/* 0x0934 */ std %f0,[%sp+2239] +/* 0x0938 */ sllx %i5,16,%i0 +/* 0x093c */ add %i1,%i4,%i1 +/* 0x0940 */ ldd [%o7+48],%f2 +/* 0x0944 */ srax %g2,16,%g2 +/* 0x0948 */ add %i3,%i0,%i0 +/* 0x094c */ ldd [%o7+72],%f0 +/* 0x0950 */ add %i0,%i1,%i3 +/* 0x0954 */ srax %i3,32,%i4 +/* 0x0958 */ fdtox %f2,%f2 +/* 0x095c */ and %i3,%o5,%i3 +/* 0x0960 */ ldx [%sp+2231],%i1 +/* 0x0964 */ add %g2,%i4,%g2 +/* 0x0968 */ ldx [%sp+2239],%i0 +/* 0x096c */ add %g1,%g2,%g1 +/* 0x0970 */ std %f2,[%sp+2239] +/* 0x0974 */ std %f4,[%sp+2231] +/* 0x0978 */ ldd [%o7+64],%f2 +/* 0x097c */ st %i3,[%l2+4] + .L900000631: +/* 0x0980 */ ldx [%sp+2231],%i3 +/* 0x0984 */ add %i2,2,%i2 +/* 0x0988 */ add %g4,4,%g4 +/* 0x098c */ ldx [%sp+2239],%i5 +/* 0x0990 */ add %o2,16,%o2 +/* 0x0994 */ and %i1,%o4,%g2 +/* 0x0998 */ sllx %g2,16,%i4 +/* 0x099c */ and %i0,%o5,%g2 +/* 0x09a0 */ ldd [%o7+%o2],%f4 +/* 0x09a4 */ fdtox %f0,%f0 +/* 0x09a8 */ std %f0,[%sp+2231] +/* 0x09ac */ srax %i1,16,%i1 +/* 0x09b0 */ add %g2,%i4,%g2 +/* 0x09b4 */ fdtox %f2,%f0 +/* 0x09b8 */ add %o3,16,%o3 +/* 0x09bc */ std %f0,[%sp+2239] +/* 0x09c0 */ add %g2,%g1,%g1 +/* 0x09c4 */ ldd [%o7+%o3],%f2 +/* 0x09c8 */ srax %g1,32,%i4 +/* 0x09cc */ cmp %i2,%o1 +/* 0x09d0 */ srax %i0,32,%g2 +/* 0x09d4 */ add %i1,%i4,%i0 +/* 0x09d8 */ add %g2,%i0,%i4 +/* 0x09dc */ add %o0,4,%o0 +/* 0x09e0 */ and %g1,%o5,%g2 +/* 0x09e4 */ or %g0,%i5,%g1 +/* 0x09e8 */ st %g2,[%l2+%o0] +/* 0x09ec */ add %g5,4,%g5 +/* 0x09f0 */ ldx [%sp+2231],%i1 +/* 0x09f4 */ ldx [%sp+2239],%i0 +/* 0x09f8 */ add %o2,16,%o2 +/* 0x09fc */ and %i3,%o4,%g2 +/* 0x0a00 */ sllx %g2,16,%i5 +/* 0x0a04 */ and %g1,%o5,%g2 +/* 0x0a08 */ ldd [%o7+%o2],%f0 +/* 0x0a0c */ fdtox %f4,%f4 +/* 0x0a10 */ std %f4,[%sp+2231] +/* 0x0a14 */ srax %i3,16,%i3 +/* 0x0a18 */ add %g2,%i5,%g2 +/* 0x0a1c */ fdtox %f2,%f2 +/* 0x0a20 */ add %o3,16,%o3 +/* 0x0a24 */ std %f2,[%sp+2239] +/* 0x0a28 */ add %g2,%i4,%g2 +/* 0x0a2c */ ldd [%o7+%o3],%f2 +/* 0x0a30 */ srax %g2,32,%i4 +/* 0x0a34 */ srax %g1,32,%g1 +/* 0x0a38 */ add %i3,%i4,%i3 +/* 0x0a3c */ add %g1,%i3,%g1 +/* 0x0a40 */ add %o0,4,%o0 +/* 0x0a44 */ and %g2,%o5,%g2 +/* 0x0a48 */ ble,pt %icc,.L900000631 +/* 0x0a4c */ st %g2,[%l2+%o0] + .L900000634: +/* 0x0a50 */ srax %i1,16,%i5 +/* 0x0a54 */ ldx [%sp+2231],%o1 +/* 0x0a58 */ and %i1,%o4,%i3 +/* 0x0a5c */ sllx %i3,16,%i3 +/* 0x0a60 */ ldx [%sp+2239],%i4 +/* 0x0a64 */ and %i0,%o5,%g2 +/* 0x0a68 */ add %g2,%i3,%g2 +/* 0x0a6c */ and %o1,%o4,%i3 +/* 0x0a70 */ fdtox %f0,%f4 +/* 0x0a74 */ sllx %i3,16,%i3 +/* 0x0a78 */ std %f4,[%sp+2231] +/* 0x0a7c */ add %g2,%g1,%g2 +/* 0x0a80 */ srax %g2,32,%l1 +/* 0x0a84 */ and %i4,%o5,%i1 +/* 0x0a88 */ fdtox %f2,%f0 +/* 0x0a8c */ srax %i0,32,%g1 +/* 0x0a90 */ std %f0,[%sp+2239] +/* 0x0a94 */ add %i5,%l1,%i0 +/* 0x0a98 */ srax %o1,16,%o1 +/* 0x0a9c */ add %g1,%i0,%i0 +/* 0x0aa0 */ add %o0,4,%g1 +/* 0x0aa4 */ add %i1,%i3,%o0 +/* 0x0aa8 */ and %g2,%o5,%g2 +/* 0x0aac */ st %g2,[%l2+%g1] +/* 0x0ab0 */ add %o0,%i0,%o0 +/* 0x0ab4 */ srax %o0,32,%i3 +/* 0x0ab8 */ ldx [%sp+2231],%i1 +/* 0x0abc */ add %g1,4,%g1 +/* 0x0ac0 */ ldx [%sp+2239],%i0 +/* 0x0ac4 */ and %o0,%o5,%g2 +/* 0x0ac8 */ add %o1,%i3,%o1 +/* 0x0acc */ srax %i4,32,%o0 +/* 0x0ad0 */ cmp %i2,%g3 +/* 0x0ad4 */ st %g2,[%l2+%g1] +/* 0x0ad8 */ bg,pn %icc,.L77000236 +/* 0x0adc */ add %o0,%o1,%g1 +/* 0x0ae0 */ add %g4,6,%g4 +/* 0x0ae4 */ add %g5,6,%g5 + .L77000287: +/* 0x0ae8 */ sra %g5,0,%o1 + .L900000647: +/* 0x0aec */ sllx %o1,3,%o2 +/* 0x0af0 */ and %i0,%o5,%o0 +/* 0x0af4 */ ldd [%o7+%o2],%f0 +/* 0x0af8 */ sra %g4,0,%o2 +/* 0x0afc */ and %i1,%o4,%o1 +/* 0x0b00 */ sllx %o2,3,%o2 +/* 0x0b04 */ add %g1,%o0,%o0 +/* 0x0b08 */ fdtox %f0,%f0 +/* 0x0b0c */ std %f0,[%sp+2239] +/* 0x0b10 */ sllx %o1,16,%o1 +/* 0x0b14 */ add %o0,%o1,%o1 +/* 0x0b18 */ add %g5,2,%g5 +/* 0x0b1c */ ldd [%o7+%o2],%f0 +/* 0x0b20 */ srax %o1,32,%g1 +/* 0x0b24 */ and %o1,%o5,%o2 +/* 0x0b28 */ srax %i1,16,%o0 +/* 0x0b2c */ add %g4,2,%g4 +/* 0x0b30 */ fdtox %f0,%f0 +/* 0x0b34 */ std %f0,[%sp+2231] +/* 0x0b38 */ sra %i2,0,%o1 +/* 0x0b3c */ sllx %o1,2,%o1 +/* 0x0b40 */ add %o0,%g1,%g2 +/* 0x0b44 */ srax %i0,32,%g1 +/* 0x0b48 */ add %i2,1,%i2 +/* 0x0b4c */ add %g1,%g2,%g1 +/* 0x0b50 */ cmp %i2,%g3 +/* 0x0b54 */ ldx [%sp+2239],%o3 +/* 0x0b58 */ ldx [%sp+2231],%i1 +/* 0x0b5c */ st %o2,[%l2+%o1] +/* 0x0b60 */ or %g0,%o3,%i0 +/* 0x0b64 */ ble,pt %icc,.L900000647 +/* 0x0b68 */ sra %g5,0,%o1 + .L77000236: +/* 0x0b6c */ sethi %hi(0xfc00),%g2 + .L900000648: +/* 0x0b70 */ or %g0,-1,%o0 +/* 0x0b74 */ add %g2,1023,%g2 +/* 0x0b78 */ srl %o0,0,%g3 +/* 0x0b7c */ and %i1,%g2,%g2 +/* 0x0b80 */ and %i0,%g3,%g4 +/* 0x0b84 */ sllx %g2,16,%g2 +/* 0x0b88 */ add %g1,%g4,%g4 +/* 0x0b8c */ sra %i2,0,%g5 +/* 0x0b90 */ add %g4,%g2,%g4 +/* 0x0b94 */ sllx %g5,2,%g2 +/* 0x0b98 */ and %g4,%g3,%g3 +/* 0x0b9c */ st %g3,[%l2+%g2] + +! 317 ! adjust_montf_result(result,nint,nlen); + +/* 0x0ba0 317 */ sra %l0,0,%g4 +/* 0x0ba4 */ sllx %g4,2,%g2 +/* 0x0ba8 */ ld [%l2+%g2],%g2 +/* 0x0bac */ cmp %g2,0 +/* 0x0bb0 */ bleu,pn %icc,.L77000241 +/* 0x0bb4 */ or %g0,-1,%o1 +/* 0x0bb8 */ ba .L900000646 +/* 0x0bbc */ cmp %o1,0 + .L77000241: +/* 0x0bc0 */ sub %l0,1,%o1 +/* 0x0bc4 */ cmp %o1,0 +/* 0x0bc8 */ bl,pn %icc,.L77000244 +/* 0x0bcc */ sra %o1,0,%g2 + .L900000645: +/* 0x0bd0 */ sllx %g2,2,%g2 +/* 0x0bd4 */ sub %o1,1,%o0 +/* 0x0bd8 */ ld [%l3+%g2],%g3 +/* 0x0bdc */ ld [%l2+%g2],%g2 +/* 0x0be0 */ cmp %g2,%g3 +/* 0x0be4 */ bne,pn %icc,.L77000244 +/* 0x0be8 */ nop +/* 0x0bec 0 */ or %g0,%o0,%o1 +/* 0x0bf0 317 */ cmp %o0,0 +/* 0x0bf4 */ bge,pt %icc,.L900000645 +/* 0x0bf8 */ sra %o1,0,%g2 + .L77000244: +/* 0x0bfc */ cmp %o1,0 + .L900000646: +/* 0x0c00 */ bl,pn %icc,.L77000288 +/* 0x0c04 */ sra %o1,0,%g2 +/* 0x0c08 */ sllx %g2,2,%g2 +/* 0x0c0c */ ld [%l3+%g2],%g3 +/* 0x0c10 */ ld [%l2+%g2],%g2 +/* 0x0c14 */ cmp %g2,%g3 +/* 0x0c18 */ bleu,pt %icc,.L77000224 +/* 0x0c1c */ nop + .L77000288: +/* 0x0c20 */ cmp %l0,0 +/* 0x0c24 */ ble,pt %icc,.L77000224 +/* 0x0c28 */ nop +/* 0x0c2c 317 */ or %g0,-1,%g2 +/* 0x0c30 315 */ or %g0,0,%i0 +/* 0x0c34 317 */ srl %g2,0,%g2 +/* 0x0c38 315 */ or %g0,0,%g4 +/* 0x0c3c */ or %g0,0,%o1 +/* 0x0c40 317 */ sub %l0,1,%g5 +/* 0x0c44 */ cmp %l0,9 +/* 0x0c48 315 */ or %g0,8,%o5 +/* 0x0c4c */ bl,pn %icc,.L77000289 +/* 0x0c50 */ sub %l0,4,%o7 +/* 0x0c54 */ ld [%l2],%o1 +/* 0x0c58 */ or %g0,5,%i0 +/* 0x0c5c */ ld [%l3],%o2 +/* 0x0c60 */ or %g0,12,%o4 +/* 0x0c64 */ or %g0,16,%g1 +/* 0x0c68 */ ld [%l3+4],%o3 +/* 0x0c6c */ ld [%l2+4],%o0 +/* 0x0c70 */ sub %o1,%o2,%o1 +/* 0x0c74 */ ld [%l3+8],%i1 +/* 0x0c78 */ and %o1,%g2,%g4 +/* 0x0c7c */ st %g4,[%l2] +/* 0x0c80 */ srax %o1,32,%g4 +/* 0x0c84 */ sub %o0,%o3,%o0 +/* 0x0c88 */ ld [%l3+12],%o2 +/* 0x0c8c */ add %o0,%g4,%o0 +/* 0x0c90 */ and %o0,%g2,%g4 +/* 0x0c94 */ st %g4,[%l2+4] +/* 0x0c98 */ srax %o0,32,%o0 +/* 0x0c9c */ ld [%l2+8],%o1 +/* 0x0ca0 */ ld [%l2+12],%o3 +/* 0x0ca4 */ sub %o1,%i1,%o1 + .L900000635: +/* 0x0ca8 */ add %g1,4,%g3 +/* 0x0cac */ ld [%g1+%l2],%g4 +/* 0x0cb0 */ add %o1,%o0,%o0 +/* 0x0cb4 */ ld [%l3+%g1],%i1 +/* 0x0cb8 */ sub %o3,%o2,%o1 +/* 0x0cbc */ and %o0,%g2,%o2 +/* 0x0cc0 */ st %o2,[%o5+%l2] +/* 0x0cc4 */ srax %o0,32,%o2 +/* 0x0cc8 */ add %i0,4,%i0 +/* 0x0ccc */ add %g1,8,%o5 +/* 0x0cd0 */ ld [%g3+%l2],%o0 +/* 0x0cd4 */ add %o1,%o2,%o1 +/* 0x0cd8 */ ld [%l3+%g3],%o3 +/* 0x0cdc */ sub %g4,%i1,%o2 +/* 0x0ce0 */ and %o1,%g2,%g4 +/* 0x0ce4 */ st %g4,[%o4+%l2] +/* 0x0ce8 */ srax %o1,32,%g4 +/* 0x0cec */ cmp %i0,%o7 +/* 0x0cf0 */ add %g1,12,%o4 +/* 0x0cf4 */ ld [%o5+%l2],%o1 +/* 0x0cf8 */ add %o2,%g4,%o2 +/* 0x0cfc */ ld [%l3+%o5],%i1 +/* 0x0d00 */ sub %o0,%o3,%o0 +/* 0x0d04 */ and %o2,%g2,%o3 +/* 0x0d08 */ st %o3,[%g1+%l2] +/* 0x0d0c */ srax %o2,32,%g4 +/* 0x0d10 */ ld [%o4+%l2],%o3 +/* 0x0d14 */ add %g1,16,%g1 +/* 0x0d18 */ add %o0,%g4,%o0 +/* 0x0d1c */ ld [%l3+%o4],%o2 +/* 0x0d20 */ sub %o1,%i1,%o1 +/* 0x0d24 */ and %o0,%g2,%g4 +/* 0x0d28 */ st %g4,[%g3+%l2] +/* 0x0d2c */ ble,pt %icc,.L900000635 +/* 0x0d30 */ srax %o0,32,%o0 + .L900000638: +/* 0x0d34 */ add %o1,%o0,%g3 +/* 0x0d38 */ sub %o3,%o2,%o1 +/* 0x0d3c */ ld [%g1+%l2],%o0 +/* 0x0d40 */ ld [%l3+%g1],%o2 +/* 0x0d44 */ srax %g3,32,%o7 +/* 0x0d48 */ and %g3,%g2,%o3 +/* 0x0d4c */ add %o1,%o7,%o1 +/* 0x0d50 */ st %o3,[%o5+%l2] +/* 0x0d54 */ cmp %i0,%g5 +/* 0x0d58 */ sub %o0,%o2,%o0 +/* 0x0d5c */ and %o1,%g2,%o2 +/* 0x0d60 */ st %o2,[%o4+%l2] +/* 0x0d64 */ srax %o1,32,%o1 +/* 0x0d68 */ sra %i0,0,%o2 +/* 0x0d6c */ add %o0,%o1,%o0 +/* 0x0d70 */ srax %o0,32,%g4 +/* 0x0d74 */ and %o0,%g2,%o1 +/* 0x0d78 */ st %o1,[%g1+%l2] +/* 0x0d7c */ bg,pn %icc,.L77000224 +/* 0x0d80 */ sllx %o2,2,%o1 + .L77000289: +/* 0x0d84 0 */ or %g0,%o1,%g1 + .L900000644: +/* 0x0d88 */ ld [%o1+%l2],%o0 +/* 0x0d8c */ add %i0,1,%i0 +/* 0x0d90 */ ld [%l3+%o1],%o1 +/* 0x0d94 */ sra %i0,0,%o2 +/* 0x0d98 */ cmp %i0,%g5 +/* 0x0d9c */ add %g4,%o0,%o0 +/* 0x0da0 */ sub %o0,%o1,%o0 +/* 0x0da4 */ srax %o0,32,%g4 +/* 0x0da8 */ and %o0,%g2,%o1 +/* 0x0dac */ st %o1,[%g1+%l2] +/* 0x0db0 */ sllx %o2,2,%o1 +/* 0x0db4 */ ble,pt %icc,.L900000644 +/* 0x0db8 */ or %g0,%o1,%g1 + .L77000224: +/* 0x0dbc */ ret ! Result = +/* 0x0dc0 */ restore %g0,%g0,%g0 +/* 0x0dc4 0 */ .type mont_mulf_noconv,2 +/* 0x0dc4 */ .size mont_mulf_noconv,(.-mont_mulf_noconv) + diff --git a/security/nss/lib/freebl/mpi/mpi-config.h b/security/nss/lib/freebl/mpi/mpi-config.h new file mode 100644 index 000000000..bf573e254 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi-config.h @@ -0,0 +1,109 @@ +/* Default configuration for MPI library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ +/* $Id$ */ + +#ifndef MPI_CONFIG_H_ +#define MPI_CONFIG_H_ + +/* + For boolean options, + 0 = no + 1 = yes + + Other options are documented individually. + + */ + +#ifndef MP_IOFUNC +#define MP_IOFUNC 0 /* include mp_print() ? */ +#endif + +#ifndef MP_MODARITH +#define MP_MODARITH 1 /* include modular arithmetic ? */ +#endif + +#ifndef MP_NUMTH +#define MP_NUMTH 1 /* include number theoretic functions? */ +#endif + +#ifndef MP_LOGTAB +#define MP_LOGTAB 1 /* use table of logs instead of log()? */ +#endif + +#ifndef MP_MEMSET +#define MP_MEMSET 1 /* use memset() to zero buffers? */ +#endif + +#ifndef MP_MEMCPY +#define MP_MEMCPY 1 /* use memcpy() to copy buffers? */ +#endif + +#ifndef MP_CRYPTO +#define MP_CRYPTO 1 /* erase memory on free? */ +#endif + +#ifndef MP_ARGCHK +/* + 0 = no parameter checks + 1 = runtime checks, continue execution and return an error to caller + 2 = assertions; dump core on parameter errors + */ +#ifdef DEBUG +#define MP_ARGCHK 2 /* how to check input arguments */ +#else +#define MP_ARGCHK 1 /* how to check input arguments */ +#endif +#endif + +#ifndef MP_DEBUG +#define MP_DEBUG 0 /* print diagnostic output? */ +#endif + +#ifndef MP_DEFPREC +#define MP_DEFPREC 64 /* default precision, in digits */ +#endif + +#ifndef MP_MACRO +#define MP_MACRO 0 /* use macros for frequent calls? */ +#endif + +#ifndef MP_SQUARE +#define MP_SQUARE 1 /* use separate squaring code? */ +#endif + +#endif /* ifndef MPI_CONFIG_H_ */ + + diff --git a/security/nss/lib/freebl/mpi/mpi-priv.h b/security/nss/lib/freebl/mpi/mpi-priv.h new file mode 100644 index 000000000..eaa683a77 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi-priv.h @@ -0,0 +1,258 @@ +/* + * mpi-priv.h - Private header file for MPI + * Arbitrary precision integer arithmetic library + * + * NOTE WELL: the content of this header file is NOT part of the "public" + * API for the MPI library, and may change at any time. + * Application programs that use libmpi should NOT include this header file. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ +#ifndef _MPI_PRIV_H_ +#define _MPI_PRIV_H_ 1 + +#include "mpi.h" +#include <stdlib.h> +#include <string.h> +#include <ctype.h> + +#if MP_DEBUG +#include <stdio.h> + +#define DIAG(T,V) {fprintf(stderr,T);mp_print(V,stderr);fputc('\n',stderr);} +#else +#define DIAG(T,V) +#endif + +/* If we aren't using a wired-in logarithm table, we need to include + the math library to get the log() function + */ + +/* {{{ s_logv_2[] - log table for 2 in various bases */ + +#if MP_LOGTAB +/* + A table of the logs of 2 for various bases (the 0 and 1 entries of + this table are meaningless and should not be referenced). + + This table is used to compute output lengths for the mp_toradix() + function. Since a number n in radix r takes up about log_r(n) + digits, we estimate the output size by taking the least integer + greater than log_r(n), where: + + log_r(n) = log_2(n) * log_r(2) + + This table, therefore, is a table of log_r(2) for 2 <= r <= 36, + which are the output bases supported. + */ + +extern const float s_logv_2[]; +#define LOG_V_2(R) s_logv_2[(R)] + +#else + +/* + If MP_LOGTAB is not defined, use the math library to compute the + logarithms on the fly. Otherwise, use the table. + Pick which works best for your system. + */ + +#include <math.h> +#define LOG_V_2(R) (log(2.0)/log(R)) + +#endif /* if MP_LOGTAB */ + +/* }}} */ + +/* {{{ Digit arithmetic macros */ + +/* + When adding and multiplying digits, the results can be larger than + can be contained in an mp_digit. Thus, an mp_word is used. These + macros mask off the upper and lower digits of the mp_word (the + mp_word may be more than 2 mp_digits wide, but we only concern + ourselves with the low-order 2 mp_digits) + */ + +#define CARRYOUT(W) (mp_digit)((W)>>DIGIT_BIT) +#define ACCUM(W) (mp_digit)(W) + +#define MP_MIN(a,b) (((a) < (b)) ? (a) : (b)) +#define MP_MAX(a,b) (((a) > (b)) ? (a) : (b)) +#define MP_HOWMANY(a,b) (((a) + (b) - 1)/(b)) +#define MP_ROUNDUP(a,b) (MP_HOWMANY(a,b) * (b)) + +/* }}} */ + +/* {{{ Comparison constants */ + +#define MP_LT -1 +#define MP_EQ 0 +#define MP_GT 1 + +/* }}} */ + +/* {{{ private function declarations */ + +/* + If MP_MACRO is false, these will be defined as actual functions; + otherwise, suitable macro definitions will be used. This works + around the fact that ANSI C89 doesn't support an 'inline' keyword + (although I hear C9x will ... about bloody time). At present, the + macro definitions are identical to the function bodies, but they'll + expand in place, instead of generating a function call. + + I chose these particular functions to be made into macros because + some profiling showed they are called a lot on a typical workload, + and yet they are primarily housekeeping. + */ +#if MP_MACRO == 0 + void s_mp_setz(mp_digit *dp, mp_size count); /* zero digits */ + void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count); /* copy */ + void *s_mp_alloc(size_t nb, size_t ni); /* general allocator */ + void s_mp_free(void *ptr); /* general free function */ +extern unsigned long mp_allocs; +extern unsigned long mp_frees; +extern unsigned long mp_copies; +#else + + /* Even if these are defined as macros, we need to respect the settings + of the MP_MEMSET and MP_MEMCPY configuration options... + */ + #if MP_MEMSET == 0 + #define s_mp_setz(dp, count) \ + {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=0;} + #else + #define s_mp_setz(dp, count) memset(dp, 0, (count) * sizeof(mp_digit)) + #endif /* MP_MEMSET */ + + #if MP_MEMCPY == 0 + #define s_mp_copy(sp, dp, count) \ + {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=(sp)[ix];} + #else + #define s_mp_copy(sp, dp, count) memcpy(dp, sp, (count) * sizeof(mp_digit)) + #endif /* MP_MEMCPY */ + + #define s_mp_alloc(nb, ni) calloc(nb, ni) + #define s_mp_free(ptr) {if(ptr) free(ptr);} +#endif /* MP_MACRO */ + +mp_err s_mp_grow(mp_int *mp, mp_size min); /* increase allocated size */ +mp_err s_mp_pad(mp_int *mp, mp_size min); /* left pad with zeroes */ + +#if MP_MACRO == 0 + void s_mp_clamp(mp_int *mp); /* clip leading zeroes */ +#else + #define s_mp_clamp(mp)\ + { mp_size used = MP_USED(mp); \ + while (used > 1 && DIGIT(mp, used - 1) == 0) --used; \ + MP_USED(mp) = used; \ + } +#endif /* MP_MACRO */ + +void s_mp_exch(mp_int *a, mp_int *b); /* swap a and b in place */ + +mp_err s_mp_lshd(mp_int *mp, mp_size p); /* left-shift by p digits */ +void s_mp_rshd(mp_int *mp, mp_size p); /* right-shift by p digits */ +mp_err s_mp_mul_2d(mp_int *mp, mp_digit d); /* multiply by 2^d in place */ +void s_mp_div_2d(mp_int *mp, mp_digit d); /* divide by 2^d in place */ +void s_mp_mod_2d(mp_int *mp, mp_digit d); /* modulo 2^d in place */ +void s_mp_div_2(mp_int *mp); /* divide by 2 in place */ +mp_err s_mp_mul_2(mp_int *mp); /* multiply by 2 in place */ +mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd); + /* normalize for division */ +mp_err s_mp_add_d(mp_int *mp, mp_digit d); /* unsigned digit addition */ +mp_err s_mp_sub_d(mp_int *mp, mp_digit d); /* unsigned digit subtract */ +mp_err s_mp_mul_d(mp_int *mp, mp_digit d); /* unsigned digit multiply */ +mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r); + /* unsigned digit divide */ +mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu); + /* Barrett reduction */ +mp_err s_mp_add(mp_int *a, const mp_int *b); /* magnitude addition */ +mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c); +mp_err s_mp_sub(mp_int *a, const mp_int *b); /* magnitude subtract */ +mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c); +mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset); + /* a += b * RADIX^offset */ +mp_err s_mp_mul(mp_int *a, const mp_int *b); /* magnitude multiply */ +#if MP_SQUARE +mp_err s_mp_sqr(mp_int *a); /* magnitude square */ +#else +#define s_mp_sqr(a) s_mp_mul(a, a) +#endif +mp_err s_mp_div(mp_int *rem, mp_int *div, mp_int *quot); /* magnitude div */ +mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); +mp_err s_mp_2expt(mp_int *a, mp_digit k); /* a = 2^k */ +int s_mp_cmp(const mp_int *a, const mp_int *b); /* magnitude comparison */ +int s_mp_cmp_d(const mp_int *a, mp_digit d); /* magnitude digit compare */ +int s_mp_ispow2(const mp_int *v); /* is v a power of 2? */ +int s_mp_ispow2d(mp_digit d); /* is d a power of 2? */ + +int s_mp_tovalue(char ch, int r); /* convert ch to value */ +char s_mp_todigit(mp_digit val, int r, int low); /* convert val to digit */ +int s_mp_outlen(int bits, int r); /* output length in bytes */ +mp_digit s_mp_invmod_radix(mp_digit P); /* returns (P ** -1) mod RADIX */ +mp_err s_mp_invmod_odd_m( const mp_int *a, const mp_int *m, mp_int *c); +mp_err s_mp_invmod_2d( const mp_int *a, mp_size k, mp_int *c); +mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c); + +/* ------ mpv functions, operate on arrays of digits, not on mp_int's ------ */ +#if defined (__OS2__) && defined (__IBMC__) +#define MPI_ASM_DECL __cdecl +#else +#define MPI_ASM_DECL +#endif + +void MPI_ASM_DECL s_mpv_mul_d(const mp_digit *a, mp_size a_len, + mp_digit b, mp_digit *c); +void MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, + mp_digit b, mp_digit *c); +void MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a, + mp_size a_len, mp_digit b, + mp_digit *c); +void MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a, + mp_size a_len, + mp_digit *sqrs); + +mp_err MPI_ASM_DECL s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, + mp_digit divisor, mp_digit *quot, mp_digit *rem); + +/* c += a * b * (MP_RADIX ** offset); */ +#define s_mp_mul_d_add_offset(a, b, c, off) \ +(s_mpv_mul_d_add_prop(MP_DIGITS(a), MP_USED(a), b, MP_DIGITS(c) + off), MP_OKAY) + +/* }}} */ +#endif + diff --git a/security/nss/lib/freebl/mpi/mpi-test.c b/security/nss/lib/freebl/mpi/mpi-test.c new file mode 100644 index 000000000..ed3880631 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi-test.c @@ -0,0 +1,1973 @@ +/* + * mpi-test.c + * + * This is a general test suite for the MPI library, which tests + * all the functions in the library with known values. The program + * exits with a zero (successful) status if the tests pass, or a + * nonzero status if the tests fail. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <limits.h> +#include <time.h> + +#include "mpi.h" +#include "mpprime.h" + +#include "test-info.c" + +/* ZS means Zero Suppressed (no leading zeros) */ +#if MP_USE_LONG_DIGIT +#define ZS_DIGIT_FMT "%lX" +#elif MP_USE_LONG_LONG_DIGIT +#define ZS_DIGIT_FMT "%llX" +#elif MP_USE_UINT_DIGIT +#define ZS_DIGIT_FMT "%X" +#else +#error "unknown type of digit" +#endif + +/* + Test vectors + + If you intend to change any of these values, you must also recompute + the corresponding solutions below. Basically, these are just hex + strings (for the big integers) or integer values (for the digits). + + The comparison tests think they know what relationships hold between + these values. If you change that, you may have to adjust the code + for the comparison tests accordingly. Most of the other tests + should be fine as long as you re-compute the solutions, though. + */ +const char *mp1 = "639A868CDA0C569861B"; +const char *mp2 = "AAFC0A3FE45E5E09DBE2C29"; +const char *mp3 = "B55AA8DF8A7E83241F38AC7A9E479CAEF2E4D7C5"; +const char *mp4 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F"; +const char *mp5 = "F595CB42"; +const char *mp5a = "-4B597E"; +const char *mp6 = "0"; +const char *mp7 = "EBFA7121CD838CE6439CC59DDB4CBEF3"; +const char *mp8 = "5"; +const char *mp9 = "F74A2876A1432698923B0767DA19DCF3D71795EE"; +const char *mp10 = "9184E72A000"; +const char *mp11 = "54D79A3557E8"; +const char *mp12 = "10000000000000000"; +const char *mp13 = +"34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342BDAB6163963C" +"D5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45F2B050D226E6DA88"; +const char *mp14 = +"AC3FA0EABAAC45724814D798942A1E28E14C81E0DE8055CED630E7689DA648683645DB6E" +"458D9F5338CC3D4E33A5D1C9BF42780133599E60DEE0049AFA8F9489501AE5C9AA2B8C13" +"FD21285A538B2CA87A626BB56E0A654C8707535E637FF4E39174157402BDE3AA30C9F134" +"0C1307BAA864B075A9CC828B6A5E2B2BF1AE406D920CC5E7657D7C0E697DEE5375773AF9" +"E200A1B8FAD7CD141F9EE47ABB55511FEB9A4D99EBA22F3A3FF6792FA7EE9E5DC0EE94F7" +"7A631EDF3D7DD7C2DAAAFDF234D60302AB63D5234CEAE941B9AF0ADDD9E6E3A940A94EE5" +"5DB45A7C66E61EDD0477419BBEFA44C325129601C4F45671C6A0E64665DF341D17FBC71F" +"77418BD9F4375DDB3B9D56126526D8E5E0F35A121FD4F347013DA880020A752324F31DDD" +"9BCDB13A3B86E207A2DE086825E6EEB87B3A64232CFD8205B799BC018634AAE193F19531" +"D6EBC19A75F27CFFAA03EB5974898F53FD569AA5CE60F431B53B0CDE715A5F382405C9C4" +"761A8E24888328F09F7BCE4E8D80C957DF177629C8421ACCD0C268C63C0DD47C3C0D954F" +"D79F7D7297C6788DF4B3E51381759864D880ACA246DF09533739B8BB6085EAF7AE8DC2D9" +"F224E6874926C8D24D34B457FD2C9A586C6B99582DC24F787A39E3942786CF1D494B6EB4" +"A513498CDA0B217C4E80BCE7DA1C704C35E071AC21E0DA9F57C27C3533F46A8D20B04137" +"C1B1384BE4B2EB46"; +const char *mp15 = +"39849CF7FD65AF2E3C4D87FE5526221103D90BA26A6642FFE3C3ECC0887BBBC57E011BF1" +"05D822A841653509C68F79EBE51C0099B8CBB04DEF31F36F5954208A3209AC122F0E11D8" +"4AE67A494D78336A2066D394D42E27EF6B03DDAF6D69F5112C93E714D27C94F82FC7EF77" +"445768C68EAE1C4A1407BE1B303243391D325090449764AE469CC53EC8012C4C02A72F37" +"07ED7275D2CC8D0A14B5BCC6BF264941520EBA97E3E6BAE4EE8BC87EE0DDA1F5611A6ECB" +"65F8AEF4F184E10CADBDFA5A2FEF828901D18C20785E5CC63473D638762DA80625003711" +"9E984AC43E707915B133543AF9D5522C3E7180DC58E1E5381C1FB7DC6A5F4198F3E88FA6" +"CBB6DFA8B2D1C763226B253E18BCCB79A29EE82D2DE735078C8AE3C3C86D476AAA08434C" +"09C274BDD40A1D8FDE38D6536C22F44E807EB73DE4FB36C9F51E0BC835DDBE3A8EFCF2FE" +"672B525769DC39230EE624D5EEDBD837C82A52E153F37378C3AD68A81A7ADBDF3345DBCE" +"8FA18CA1DE618EF94DF72EAD928D4F45B9E51632ACF158CF8332C51891D1D12C2A7E6684" +"360C4BF177C952579A9F442CFFEC8DAE4821A8E7A31C4861D8464CA9116C60866C5E72F7" +"434ADBED36D54ACDFDFF70A4EFB46E285131FE725F1C637D1C62115EDAD01C4189716327" +"BFAA79618B1656CBFA22C2C965687D0381CC2FE0245913C4D8D96108213680BD8E93E821" +"822AD9DDBFE4BD04"; +const char *mp16 = "4A724340668DB150339A70"; +const char *mp17 = "8ADB90F58"; +const char *mp18 = "C64C230AB20E5"; +const char *mp19 = +"F1C9DACDA287F2E3C88DCE2393B8F53DAAAC1196DC36510962B6B59454CFE64B"; +const char *mp20 = +"D445662C8B6FE394107B867797750C326E0F4A967E135FC430F6CD7207913AC7"; + +const mp_digit md1 = 0; +const mp_digit md2 = 0x1; +const mp_digit md3 = 0x80; +const mp_digit md4 = 0x9C97; +const mp_digit md5 = 0xF5BF; +const mp_digit md6 = 0x14A0; +const mp_digit md7 = 0x03E8; +const mp_digit md8 = 0x0101; +const mp_digit md9 = 0xA; + +/* + Solutions of the form x_mpABC, where: + + x = (p)roduct, (s)um, (d)ifference, (q)uotient, (r)emainder, (g)cd, + (i)nverse, (e)xponent, square roo(t), (g)cd, (l)cm. A + leading 'm' indicates a modular operation, e.g. ms_mp12 is the + modular sum of operands 1 and 2 + + ABC are the operand numbers involved in the computation. If a 'd' + precedes the number, it is a digit operand; if a 'c' precedes it, + it is a constant; otherwise, it is a full integer. + */ + +const char *p_mp12 = "4286AD72E095C9FE009938750743174ADDD7FD1E53"; +const char *p_mp34 = "-46BDBD66CA108C94A8CF46C325F7B6E2F2BA82D35" + "A1BFD6934C441EE369B60CA29BADC26845E918B"; +const char *p_mp57 = "E260C265A0A27C17AD5F4E59D6E0360217A2EBA6"; +const char *p_mp22 = "7233B5C1097FFC77CCF55928FDC3A5D31B712FDE7A1E91"; +const char *p_mp1d4 = "3CECEA2331F4220BEF68DED"; +const char *p_mp8d6 = "6720"; +const char *p_mp1113 = +"11590FC3831C8C3C51813142C88E566408DB04F9E27642F6471A1822E0100B12F7F1" +"5699A127C0FA9D26DCBFF458522661F30C6ADA4A07C8C90F9116893F6DBFBF24C3A2" +"4340"; +const char *p_mp1415 = +"26B36540DE8B3586699CCEAE218A2842C7D5A01590E70C4A26E789107FBCDB06AA2C" +"6DDC39E6FA18B16FCB2E934C9A5F844DAD60EE3B1EA82199EC5E9608F67F860FB965" +"736055DF0E8F2540EB28D07F47E309B5F5D7C94FF190AB9C83A6970160CA700B1081" +"F60518132AF28C6CEE6B7C473E461ABAC52C39CED50A08DD4E7EA8BA18DAD545126D" +"A388F6983C29B6BE3F9DCBC15766E8E6D626A92C5296A9C4653CAE5788350C0E2107" +"F57E5E8B6994C4847D727FF1A63A66A6CEF42B9C9E6BD04C92550B85D5527DE8A132" +"E6BE89341A9285C7CE7FB929D871BBCBD0ED2863B6B078B0DBB30FCA66D6C64284D6" +"57F394A0271E15B6EC7A9D530EBAC6CA262EF6F97E1A29FCE7749240E4AECA591ECF" +"272122BC587370F9371B67BB696B3CDC1BC8C5B64B6280994EBA00CDEB8EB0F5D06E" +"18F401D65FDCECF23DD7B9BB5B4C5458AEF2CCC09BA7F70EACB844750ACFD027521E" +"2E047DE8388B35F8512D3DA46FF1A12D4260213602BF7BFFDB6059439B1BD0676449" +"8D98C74F48FB3F548948D5BA0C8ECFCD054465132DC43466D6BBD59FBAF8D6D4E157" +"2D612B40A956C7D3E140F3B8562EF18568B24D335707D5BAC7495014DF2444172426" +"FD099DED560D30D1F945386604AFC85C64BD1E5F531F5C7840475FC0CF0F79810012" +"4572BAF5A9910CDBD02B27FFCC3C7E5E88EF59F3AE152476E33EDA696A4F751E0AE4" +"A3D2792DEA78E25B9110E12A19EFD09EA47FF9D6594DA445478BEB6901EAF8A35B2D" +"FD59BEE9BF7AA8535B7D326EFA5AA2121B5EBE04DD85827A3D43BD04F4AA6D7B62A2" +"B6D7A3077286A511A431E1EF75FCEBA3FAE9D5843A8ED17AA02BBB1B571F904699C5" +"A6073F87DDD012E2322AB3F41F2A61F428636FE86914148E19B8EF8314ED83332F2F" +"8C2ADE95071E792C0A68B903E060DD322A75FD0C2B992059FCCBB58AFA06B50D1634" +"BBD93F187FCE0566609FCC2BABB269C66CEB097598AA17957BB4FDA3E64A1B30402E" +"851CF9208E33D52E459A92C63FBB66435BB018E155E2C7F055E0B7AB82CD58FC4889" +"372ED9EEAC2A07E8E654AB445B9298D2830D6D4DFD117B9C8ABE3968927DC24B3633" +"BAD6E6466DB45DDAE87A0AB00336AC2CCCE176704F7214FCAB55743AB76C2B6CA231" +"7984610B27B5786DE55C184DDF556EDFEA79A3652831940DAD941E243F482DC17E50" +"284BC2FB1AD712A92542C573E55678878F02DFD9E3A863C7DF863227AEDE14B47AD3" +"957190124820ADC19F5353878EDB6BF7D0C77352A6E3BDB53EEB88F5AEF6226D6E68" +"756776A8FB49B77564147A641664C2A54F7E5B680CCC6A4D22D894E464DF20537094" +"548F1732452F9E7F810C0B4B430C073C0FBCE03F0D03F82630654BCE166AA772E1EE" +"DD0C08D3E3EBDF0AF54203B43AFDFC40D8FC79C97A4B0A4E1BEB14D8FCEFDDED8758" +"6ED65B18"; + +const char *mp_mp345 = "B9B6D3A3"; +const char *mp_mp335 = "16609C2D"; + +const char *s_mp13 = "B55AA8DF8A7E83241F38B2B446B06A4FB84E5DE0"; +const char *s_mp34 = "517EE6B92EF65C965736EB6BF7C325F73504CEB6"; +const char *s_mp46 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F"; +const char *s_mp5d4 = "F59667D9"; +const char *s_mp2d5 = "AAFC0A3FE45E5E09DBF21E8"; +const char *s_mp1415 = +"E5C43DE2B811F4A084625F96E9504039E5258D8348E698CEB9F4D4292622042DB446" +"F75F4B65C1FB7A317257FA354BB5A45E789AEC254EAECE11F80A53E3B513822491DB" +"D9399DEC4807A2A3A10360129AC93F4A42388D3BF20B310DD0E9E9F4BE07FC88D53A" +"78A26091E0AB506A70813712CCBFBDD440A69A906E650EE090FDD6A42A95AC1A414D" +"317F1A9F781E6A30E9EE142ECDA45A1E3454A1417A7B9A613DA90831CF88EA1F2E82" +"41AE88CC4053220903C2E05BCDD42F02B8CF8868F84C64C5858BAD356143C5494607" +"EE22E11650148BAF65A985F6FC4CA540A55697F2B5AA95D6B8CF96EF638416DE1DD6" +"3BA9E2C09E22D03E75B60BE456C642F86B82A709253E5E087B507DE3A45F8392423F" +"4DBC284E8DC88C43CA77BC8DCEFB6129A59025F80F90FF978116DEBB9209E306FBB9" +"1B6111F8B8CFACB7C7C9BC12691C22EE88303E1713F1DFCEB622B8EA102F6365678B" +"C580ED87225467AA78E875868BD53B17574BA59305BC1AC666E4B7E9ED72FCFC200E" +"189D98FC8C5C7533739C53F52DDECDDFA5A8668BFBD40DABC9640F8FCAE58F532940" +"8162261320A25589E9FB51B50F80056471F24B7E1AEC35D1356FC2747FFC13A04B34" +"24FCECE10880BD9D97CA8CDEB2F5969BF4F30256EB5ED2BCD1DC64BDC2EE65217848" +"48A37FB13F84ED4FB7ACA18C4639EE64309BDD3D552AEB4AAF44295943DC1229A497" +"A84A"; + +const char *ms_mp345 = "1E71E292"; + +const char *d_mp12 = "-AAFBA6A55DD183FD854A60E"; +const char *d_mp34 = "119366B05E606A9B1E73A6D8944CC1366B0C4E0D4"; +const char *d_mp5d4 = "F5952EAB"; +const char *d_mp6d2 = "-1"; +const char *md_mp345 = "26596B86"; + +const char *q_mp42 = "-95825A1FFA1A155D5"; +const char *r_mp42 = "-6312E99D7700A3DCB32ADF2"; +const char *q_mp45a = "15344CDA3D841F661D2B61B6EDF7828CE36"; +const char *r_mp45a = "-47C47B"; +const char *q_mp7c2 = "75FD3890E6C1C67321CE62CEEDA65F79"; +const char *q_mp3d6 = "8CAFD53C272BD6FE8B0847BDC3B539EFAB5C3"; +const char *r_mp3d6 = "1E5"; +const char *r_mp5d5 = "1257"; +const char *r_mp47 = "B3A9018D970281A90FB729A181D95CB8"; +const char *q_mp1404 = +"-1B994D869142D3EF6123A3CBBC3C0114FA071CFCEEF4B7D231D65591D32501AD80F" +"FF49AE4EC80514CC071EF6B42521C2508F4CB2FEAD69A2D2EF3934087DCAF88CC4C4" +"659F1CA8A7F4D36817D802F778F1392337FE36302D6865BF0D4645625DF8BB044E19" +"930635BE2609FAC8D99357D3A9F81F2578DE15A300964188292107DAC980E0A08CD7" +"E938A2135FAD45D50CB1D8C2D4C4E60C27AB98B9FBD7E4DBF752C57D2674520E4BB2" +"7E42324C0EFE84FB3E38CF6950E699E86FD45FE40D428400F2F94EDF7E94FAE10B45" +"89329E1BF61E5A378C7B31C9C6A234F8254D4C24823B84D0BF8D671D8BC9154DFAC9" +"49BD8ACABD6BD32DD4DC587F22C86153CB3954BDF7C2A890D623642492C482CF3E2C" +"776FC019C3BBC61688B485E6FD35D6376089C1E33F880E84C4E51E8ABEACE1B3FB70" +"3EAD0E28D2D44E7F1C0A859C840775E94F8C1369D985A3C5E8114B21D68B3CBB75D2" +"791C586153C85B90CAA483E57A40E2D97950AAB84920A4396C950C87C7FFFE748358" +"42A0BF65445B26D40F05BE164B822CA96321F41D85A289C5F5CD5F438A78704C9683" +"422299D21899A22F853B0C93081CC9925E350132A0717A611DD932A68A0ACC6E4C7F" +"7F685EF8C1F4910AEA5DC00BB5A36FCA07FFEAA490C547F6E14A08FE87041AB803E1" +"BD9E23E4D367A2C35762F209073DFF48F3"; +const char *r_mp1404 = "12FF98621ABF63144BFFC3207AC8FC10D8D1A09"; + +const char *q_mp13c = + "34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342" + "BDAB6163963CD5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45"; +const char *r_mp13c = "F2B050D226E6DA88"; +const char *q_mp9c16 = "F74A2876A1432698923B0767DA19DCF3D71795E"; +const char *r_mp9c16 = "E"; + +const char *e_mp5d9 = "A8FD7145E727A20E52E73D22990D35D158090307A" + "13A5215AAC4E9AB1E96BD34E531209E03310400"; +const char *e_mp78 = "AA5F72C737DFFD8CCD108008BFE7C79ADC01A819B" + "32B75FB82EC0FB8CA83311DA36D4063F1E57857A2" + "1AB226563D84A15BB63CE975FF1453BD6750C58D9" + "D113175764F5D0B3C89B262D4702F4D9640A3"; +const char *me_mp817 = "E504493ACB02F7F802B327AB13BF25"; +const char *me_mp5d47 = "1D45ED0D78F2778157992C951DD2734C"; +const char *me_mp1512 = "FB5B2A28D902B9D9"; +const char *me_mp161718 = "423C6AC6DBD74"; +const char *me_mp5114 = +"64F0F72807993578BBA3C7C36FFB184028F9EB9A810C92079E1498D8A80FC848E1F0" +"25F1DE43B7F6AC063F5CC29D8A7C2D7A66269D72BF5CDC327AF88AF8EF9E601DCB0A" +"3F35BFF3525FB1B61CE3A25182F17C0A0633B4089EA15BDC47664A43FEF639748AAC" +"19CF58E83D8FA32CD10661D2D4210CC84792937E6F36CB601851356622E63ADD4BD5" +"542412C2E0C4958E51FD2524AABDC7D60CFB5DB332EEC9DC84210F10FAE0BA2018F2" +"14C9D6867C9D6E49CF28C18D06CE009FD4D04BFC8837C3FAAA773F5CCF6DED1C22DE" +"181786AFE188540586F2D74BF312E595244E6936AE52E45742109BAA76C36F2692F5" +"CEF97AD462B138BE92721194B163254CBAAEE9B9864B21CCDD5375BCAD0D24132724" +"113D3374B4BCF9AA49BA5ACBC12288C0BCF46DCE6CB4A241A91BD559B130B6E9CD3D" +"D7A2C8B280C2A278BA9BF5D93244D563015C9484B86D9FEB602501DC16EEBC3EFF19" +"53D7999682BF1A1E3B2E7B21F4BDCA3C355039FEF55B9C0885F98DC355CA7A6D8ECF" +"5F7F1A6E11A764F2343C823B879B44616B56BF6AE3FA2ACF5483660E618882018E3F" +"C8459313BACFE1F93CECC37B2576A5C0B2714BD3EEDEEC22F0E7E3E77B11396B9B99" +"D683F2447A4004BBD4A57F6A616CDDFEC595C4FC19884CC2FC21CF5BF5B0B81E0F83" +"B9DDA0CF4DFF35BB8D31245912BF4497FD0BD95F0C604E26EA5A8EA4F5EAE870A5BD" +"FE8C"; + +const char *e_mpc2d3 = "100000000000000000000000000000000"; + +const char *t_mp9 = "FB9B6E32FF0452A34746"; +const char *i_mp27 = "B6AD8DCCDAF92B6FE57D062FFEE3A99"; +const char *i_mp2019 = +"BDF3D88DC373A63EED92903115B03FC8501910AF68297B4C41870AED3EA9F839"; +/* "15E3FE09E8AE5523AABA197BD2D16318D3CA148EDF4AE1C1C52FC96AFAF5680B"; */ + + +const char *t_mp15 = +"795853094E59B0008093BCA8DECF68587C64BDCA2F3F7F8963DABC12F1CFFFA9B8C4" +"365232FD4751870A0EF6CA619287C5D8B7F1747D95076AB19645EF309773E9EACEA0" +"975FA4AE16251A8DA5865349C3A903E3B8A2C0DEA3C0720B6020C7FED69AFF62BB72" +"10FAC443F9FFA2950776F949E819260C2AF8D94E8A1431A40F8C23C1973DE5D49AA2" +"0B3FF5DA5C1D5324E712A78FF33A9B1748F83FA529905924A31DF38643B3F693EF9B" +"58D846BB1AEAE4523ECC843FF551C1B300A130B65C1677402778F98C51C10813250E" +"2496882877B069E877B59740DC1226F18A5C0F66F64A5F59A9FAFC5E9FC45AEC0E7A" +"BEE244F7DD3AC268CF512A0E52E4F5BE5B94"; + +const char *g_mp71 = "1"; +const char *g_mp25 = "7"; +const char *l_mp1011 = "C589E3D7D64A6942A000"; + +/* mp9 in radices from 5 to 64 inclusive */ +#define LOW_RADIX 5 +#define HIGH_RADIX 64 +const char *v_mp9[] = { + "404041130042310320100141302000203430214122130002340212132414134210033", + "44515230120451152500101352430105520150025145320010504454125502", + "644641136612541136016610100564613624243140151310023515322", + "173512120732412062323044435407317550316717172705712756", + "265785018434285762514442046172754680368422060744852", + "1411774500397290569709059837552310354075408897518", + "184064268501499311A17746095910428222A241708032A", + "47706011B225950B02BB45602AA039893118A85950892", + "1A188C826B982353CB58422563AC602B783101671A86", + "105957B358B89B018958908A9114BC3DDC410B77982", + "CB7B3387E23452178846C55DD9D70C7CA9AEA78E8", + "F74A2876A1432698923B0767DA19DCF3D71795EE", + "17BF7C3673B76D7G7A5GA836277296F806E7453A", + "2EBG8HH3HFA6185D6H0596AH96G24C966DD3HG2", + "6G3HGBFEG8I3F25EAF61B904EIA40CFDH2124F", + "10AHC3D29EBHDF3HD97905CG0JA8061855C3FI", + "3BA5A55J5K699B2D09C38A4B237CH51IHA132", + "EDEA90DJ0B5CB3FGG1C8587FEB99D3C143CA", + "31M26JI1BBD56K3I028MML4EEDMAJK60LGLE", + "GGG5M3142FKKG82EJ28111D70EMHC241E4E", + "4446F4D5H10982023N297BF0DKBBHLLJB0I", + "12E9DEEOBMKAKEP0IM284MIP7FO1O521M46", + "85NN0HD48NN2FDDB1F5BMMKIB8CK20MDPK", + "2D882A7A0O0JPCJ4APDRIB77IABAKDGJP2", + "MFMCI0R7S27AAA3O3L2S8K44HKA7O02CN", + "7IGQS73FFSHC50NNH44B6PTTNLC3M6H78", + "2KLUB3U9850CSN6ANIDNIF1LB29MJ43LH", + "UT52GTL18CJ9H4HR0TJTK6ESUFBHF5FE", + "BTVL87QQBMUGF8PFWU4W3VU7U922QTMW", + "4OG10HW0MSWJBIDEE2PDH24GA7RIHIAA", + "1W8W9AX2DRUX48GXOLMK0PE42H0FEUWN", + "SVWI84VBH069WR15W1U2VTK06USY8Z2", + "CPTPNPDa5TYCPPNLALENT9IMX2GL0W2", + "5QU21UJMRaUYYYYYN6GHSMPOYOXEEUY", + "2O2Q7C6RPPB1SXJ9bR4035SPaQQ3H2W", + "18d994IbT4PHbD7cGIPCRP00bbQO0bc", + "NcDUEEWRO7XT76260WGeBHPVa72RdA", + "BbX2WCF9VfSB5LPdJAdeXKV1fd6LC2", + "60QDKW67P4JSQaTdQg7JE9ISafLaVU", + "33ba9XbDbRdNF4BeDB2XYMhAVDaBdA", + "1RIPZJA8gT5L5H7fTcaRhQ39geMMTc", + "d65j70fBATjcDiidPYXUGcaBVVLME", + "LKA9jhPabDG612TXWkhfT2gMXNIP2", + "BgNaYhjfT0G8PBcYRP8khJCR3C9QE", + "6Wk8RhJTAgDh10fYAiUVB1aM0HacG", + "3dOCjaf78kd5EQNViUZWj3AfFL90I", + "290VWkL3aiJoW4MBbHk0Z0bDo22Ni", + "1DbDZ1hpPZNUDBUp6UigcJllEdC26", + "dFSOLBUM7UZX8Vnc6qokGIOiFo1h", + "NcoUYJOg0HVmKI9fR2ag0S8R2hrK", + "EOpiJ5Te7oDe2pn8ZhAUKkhFHlZh", + "8nXK8rp8neV8LWta1WDgd1QnlWsU", + "5T3d6bcSBtHgrH9bCbu84tblaa7r", + "3PlUDIYUvMqOVCir7AtquK5dWanq", + "2A70gDPX2AtiicvIGGk9poiMtgvu", + "1MjiRxjk10J6SVAxFguv9kZiUnIc", + "rpre2vIDeb4h3sp50r1YBbtEx9L", + "ZHcoip0AglDAfibrsUcJ9M1C8fm", + "NHP18+eoe6uU54W49Kc6ZK7+bT2", + "FTAA7QXGoQOaZi7PzePtFFN5vNk" +}; + +const unsigned char b_mp4[] = { + 0x01, +#if MP_DIGIT_MAX > MP_32BIT_MAX + 0x00, 0x00, 0x00, 0x00, +#endif + 0x63, 0xDB, 0xC2, 0x26, + 0x5B, 0x88, 0x26, 0x8D, + 0xC8, 0x01, 0xC1, 0x0E, + 0xA6, 0x84, 0x76, 0xB7, + 0xBD, 0xE0, 0x09, 0x0F +}; + +/* Search for a test suite name in the names table */ +int find_name(char *name); +void reason(char *fmt, ...); + +/*------------------------------------------------------------------------*/ +/*------------------------------------------------------------------------*/ + +char g_intbuf[4096]; /* buffer for integer comparison */ +char a_intbuf[4096]; /* buffer for integer comparison */ +int g_verbose = 1; /* print out reasons for failure? */ +int res; + +#define IFOK(x) { if (MP_OKAY > (res = (x))) { \ + reason("test %s failed: error %d\n", #x, res); return 1; }} + +int main(int argc, char *argv[]) +{ + int which, res; + + srand((unsigned int)time(NULL)); + + if (argc < 2) { + fprintf(stderr, "Usage: %s <test-suite> | list\n" + "Type '%s help' for assistance\n", argv[0], argv[0]); + return 2; + } else if(argc > 2) { + if(strcmp(argv[2], "quiet") == 0) + g_verbose = 0; + } + + if(strcmp(argv[1], "help") == 0) { + fprintf(stderr, "Help for mpi-test\n\n" + "This program is a test driver for the MPI library, which\n" + "tests all the various functions in the library to make sure\n" + "they are working correctly. The syntax is:\n" + " %s <suite-name>\n" + "...where <suite-name> is the name of the test you wish to\n" + "run. To get a list of the tests, use '%s list'.\n\n" + "The program exits with a status of zero if the test passes,\n" + "or non-zero if it fails. Ordinarily, failure is accompanied\n" + "by a diagnostic message to standard error. To suppress this\n" + "add the keyword 'quiet' after the suite-name on the command\n" + "line.\n\n", argv[0], argv[0]); + return 0; + } + + if ((which = find_name(argv[1])) < 0) { + fprintf(stderr, "%s: test suite '%s' is not known\n", argv[0], argv[1]); + return 2; + } + + if((res = (g_tests[which])()) < 0) { + fprintf(stderr, "%s: test suite not implemented yet\n", argv[0]); + return 2; + } else { + return res; + } + +} + +/*------------------------------------------------------------------------*/ + +int find_name(char *name) +{ + int ix = 0; + + while(ix < g_count) { + if (strcmp(name, g_names[ix]) == 0) + return ix; + + ++ix; + } + + return -1; +} + +/*------------------------------------------------------------------------*/ + +int test_list(void) +{ + int ix; + + fprintf(stderr, "There are currently %d test suites available\n", + g_count); + + for(ix = 1; ix < g_count; ix++) + fprintf(stdout, "%-20s %s\n", g_names[ix], g_descs[ix]); + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_copy(void) +{ + mp_int a, b; + int ix; + + mp_init(&a); mp_init(&b); + + mp_read_radix(&a, mp3, 16); + mp_copy(&a, &b); + + if(SIGN(&a) != SIGN(&b) || USED(&a) != USED(&b)) { + if(SIGN(&a) != SIGN(&b)) { + reason("error: sign of original is %d, sign of copy is %d\n", + SIGN(&a), SIGN(&b)); + } else { + reason("error: original precision is %d, copy precision is %d\n", + USED(&a), USED(&b)); + } + mp_clear(&a); mp_clear(&b); + return 1; + } + + for(ix = 0; ix < USED(&b); ix++) { + if(DIGIT(&a, ix) != DIGIT(&b, ix)) { + reason("error: digit %d " DIGIT_FMT " != " DIGIT_FMT "\n", + ix, DIGIT(&a, ix), DIGIT(&b, ix)); + mp_clear(&a); mp_clear(&b); + return 1; + } + } + + mp_clear(&a); mp_clear(&b); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_exch(void) +{ + mp_int a, b; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16); + + mp_exch(&a, &b); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, mp1) != 0) { + mp_clear(&b); + reason("error: exchange failed\n"); + return 1; + } + + mp_toradix(&b, g_intbuf, 16); + + mp_clear(&b); + if(strcmp(g_intbuf, mp7) != 0) { + reason("error: exchange failed\n"); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_zero(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp7, 16); + mp_zero(&a); + + if(USED(&a) != 1 || DIGIT(&a, 1) != 0) { + mp_toradix(&a, g_intbuf, 16); + reason("error: result is %s\n", g_intbuf); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_set(void) +{ + mp_int a; + + /* Test single digit set */ + mp_init(&a); mp_set(&a, 5); + if(DIGIT(&a, 0) != 5) { + mp_toradix(&a, g_intbuf, 16); + reason("error: result is %s, expected 5\n", g_intbuf); + mp_clear(&a); + return 1; + } + + /* Test integer set */ + mp_set_int(&a, -4938110); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); + if(strcmp(g_intbuf, mp5a) != 0) { + reason("error: result is %s, expected %s\n", g_intbuf, mp5a); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_abs(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp4, 16); + mp_abs(&a, &a); + + if(SIGN(&a) != ZPOS) { + reason("error: sign of result is negative\n"); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_neg(void) +{ + mp_int a; + mp_sign s; + + mp_init(&a); mp_read_radix(&a, mp4, 16); + + s = SIGN(&a); + mp_neg(&a, &a); + if(SIGN(&a) == s) { + reason("error: sign of result is same as sign of nonzero input\n"); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_add_d(void) +{ + mp_int a; + + mp_init(&a); + + mp_read_radix(&a, mp5, 16); + mp_add_d(&a, md4, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp5d4) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp5d4); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp2, 16); + mp_add_d(&a, md5, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp2d5) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp2d5); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_add(void) +{ + mp_int a, b; + int res = 0; + + mp_init(&a); mp_init(&b); + + mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp3, 16); + mp_add(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp13) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp13); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp4, 16); + mp_add(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp34) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp34); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp6, 16); + mp_add(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp46) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp46); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16); + mp_add(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, s_mp1415) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, s_mp1415); + res = 1; + } + + CLEANUP: + mp_clear(&a); mp_clear(&b); + return res; +} + +/*------------------------------------------------------------------------*/ + +int test_sub_d(void) +{ + mp_int a; + + mp_init(&a); + mp_read_radix(&a, mp5, 16); + + mp_sub_d(&a, md4, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, d_mp5d4) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, d_mp5d4); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp6, 16); + + mp_sub_d(&a, md2, &a); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, d_mp6d2) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, d_mp6d2); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_sub(void) +{ + mp_int a, b; + + mp_init(&a); mp_init(&b); + + mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16); + mp_sub(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, d_mp12) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, d_mp12); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + mp_sub(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, d_mp34) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, d_mp34); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_clear(&a); mp_clear(&b); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_mul_d(void) +{ + mp_int a; + + mp_init(&a); + mp_read_radix(&a, mp1, 16); + + IFOK( mp_mul_d(&a, md4, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp1d4) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp1d4); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp8, 16); + IFOK( mp_mul_d(&a, md6, &a) ); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, p_mp8d6) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp8d6); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_mul(void) +{ + mp_int a, b; + int res = 0; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16); + + IFOK( mp_mul(&a, &b, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp12) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp12); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + IFOK( mp_mul(&a, &b, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp34) !=0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp34); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp7, 16); + IFOK( mp_mul(&a, &b, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp57) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp57); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp11, 16); mp_read_radix(&b, mp13, 16); + IFOK( mp_mul(&a, &b, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp1113) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp1113); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16); + IFOK( mp_mul(&a, &b, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, p_mp1415) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp1415); + res = 1; + } + + CLEANUP: + mp_clear(&a); mp_clear(&b); + return res; + +} + +/*------------------------------------------------------------------------*/ + +int test_sqr(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp2, 16); + + mp_sqr(&a, &a); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, p_mp22) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, p_mp22); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_div_d(void) +{ + mp_int a, q; + mp_digit r; + int err = 0; + + mp_init(&a); mp_init(&q); + mp_read_radix(&a, mp3, 16); + + IFOK( mp_div_d(&a, md6, &q, &r) ); + mp_toradix(&q, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp3d6) != 0) { + reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp3d6); + ++err; + } + + sprintf(g_intbuf, ZS_DIGIT_FMT, r); + + if(strcmp(g_intbuf, r_mp3d6) != 0) { + reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp3d6); + ++err; + } + + mp_read_radix(&a, mp9, 16); + IFOK( mp_div_d(&a, 16, &q, &r) ); + mp_toradix(&q, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp9c16) != 0) { + reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp9c16); + ++err; + } + + sprintf(g_intbuf, ZS_DIGIT_FMT, r); + + if(strcmp(g_intbuf, r_mp9c16) != 0) { + reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp9c16); + ++err; + } + + mp_clear(&a); mp_clear(&q); + return err; +} + +/*------------------------------------------------------------------------*/ + +int test_div_2(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp7, 16); + IFOK( mp_div_2(&a, &a) ); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, q_mp7c2) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, q_mp7c2); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_div_2d(void) +{ + mp_int a, q, r; + + mp_init(&q); mp_init(&r); + mp_init(&a); mp_read_radix(&a, mp13, 16); + + IFOK( mp_div_2d(&a, 64, &q, &r) ); + mp_clear(&a); + + mp_toradix(&q, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp13c) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, q_mp13c); + mp_clear(&q); mp_clear(&r); + return 1; + } + + mp_clear(&q); + + mp_toradix(&r, g_intbuf, 16); + if(strcmp(g_intbuf, r_mp13c) != 0) { + reason("error, computed %s, expected %s\n", g_intbuf, r_mp13c); + mp_clear(&r); + return 1; + } + + mp_clear(&r); + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_div(void) +{ + mp_int a, b, r; + int err = 0; + + mp_init(&a); mp_init(&b); mp_init(&r); + + mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp2, 16); + IFOK( mp_div(&a, &b, &a, &r) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp42) != 0) { + reason("error: test 1 computed quot %s, expected %s\n", g_intbuf, q_mp42); + ++err; + } + + mp_toradix(&r, g_intbuf, 16); + + if(strcmp(g_intbuf, r_mp42) != 0) { + reason("error: test 1 computed rem %s, expected %s\n", g_intbuf, r_mp42); + ++err; + } + + mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp5a, 16); + IFOK( mp_div(&a, &b, &a, &r) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp45a) != 0) { + reason("error: test 2 computed quot %s, expected %s\n", g_intbuf, q_mp45a); + ++err; + } + + mp_toradix(&r, g_intbuf, 16); + + if(strcmp(g_intbuf, r_mp45a) != 0) { + reason("error: test 2 computed rem %s, expected %s\n", g_intbuf, r_mp45a); + ++err; + } + + mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp4, 16); + IFOK( mp_div(&a, &b, &a, &r) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, q_mp1404) != 0) { + reason("error: test 3 computed quot %s, expected %s\n", g_intbuf, q_mp1404); + ++err; + } + + mp_toradix(&r, g_intbuf, 16); + + if(strcmp(g_intbuf, r_mp1404) != 0) { + reason("error: test 3 computed rem %s, expected %s\n", g_intbuf, r_mp1404); + ++err; + } + + mp_clear(&a); mp_clear(&b); mp_clear(&r); + + return err; +} + +/*------------------------------------------------------------------------*/ + +int test_expt_d(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp5, 16); + mp_expt_d(&a, md9, &a); + mp_toradix(&a, g_intbuf, 16); + + mp_clear(&a); + if(strcmp(g_intbuf, e_mp5d9) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, e_mp5d9); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_expt(void) +{ + mp_int a, b; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp8, 16); + + mp_expt(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&b); + + if(strcmp(g_intbuf, e_mp78) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, e_mp78); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_2expt(void) +{ + mp_int a; + + mp_init(&a); + mp_2expt(&a, md3); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); + + if(strcmp(g_intbuf, e_mpc2d3) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, e_mpc2d3); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_sqrt(void) +{ + mp_int a; + int res = 0; + + mp_init(&a); mp_read_radix(&a, mp9, 16); + mp_sqrt(&a, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, t_mp9) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, t_mp9); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp15, 16); + mp_sqrt(&a, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, t_mp15) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, t_mp15); + res = 1; + } + + CLEANUP: + mp_clear(&a); + return res; +} + +/*------------------------------------------------------------------------*/ + +int test_mod_d(void) +{ + mp_int a; + mp_digit r; + + mp_init(&a); mp_read_radix(&a, mp5, 16); + IFOK( mp_mod_d(&a, md5, &r) ); + sprintf(g_intbuf, ZS_DIGIT_FMT, r); + mp_clear(&a); + + if(strcmp(g_intbuf, r_mp5d5) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, r_mp5d5); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_mod(void) +{ + mp_int a, m; + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, mp4, 16); mp_read_radix(&m, mp7, 16); + IFOK( mp_mod(&a, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&m); + + if(strcmp(g_intbuf, r_mp47) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, r_mp47); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_addmod(void) +{ + mp_int a, b, m; + + mp_init(&a); mp_init(&b); mp_init(&m); + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + mp_read_radix(&m, mp5, 16); + + IFOK( mp_addmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&b); mp_clear(&m); + + if(strcmp(g_intbuf, ms_mp345) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, ms_mp345); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_submod(void) +{ + mp_int a, b, m; + + mp_init(&a); mp_init(&b); mp_init(&m); + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + mp_read_radix(&m, mp5, 16); + + IFOK( mp_submod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&b); mp_clear(&m); + + if(strcmp(g_intbuf, md_mp345) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, md_mp345); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_mulmod(void) +{ + mp_int a, b, m; + + mp_init(&a); mp_init(&b); mp_init(&m); + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + mp_read_radix(&m, mp5, 16); + + IFOK( mp_mulmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&b); mp_clear(&m); + + if(strcmp(g_intbuf, mp_mp345) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, mp_mp345); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_sqrmod(void) +{ + mp_int a, m; + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, mp3, 16); mp_read_radix(&m, mp5, 16); + + IFOK( mp_sqrmod(&a, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&m); + + if(strcmp(g_intbuf, mp_mp335) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, mp_mp335); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_exptmod(void) +{ + mp_int a, b, m; + int res = 0; + + mp_init(&a); mp_init(&b); mp_init(&m); + mp_read_radix(&a, mp8, 16); mp_read_radix(&b, mp1, 16); + mp_read_radix(&m, mp7, 16); + + IFOK( mp_exptmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, me_mp817) != 0) { + reason("case 1: error: computed %s, expected %s\n", g_intbuf, me_mp817); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp5, 16); + mp_read_radix(&m, mp12, 16); + + IFOK( mp_exptmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, me_mp1512) != 0) { + reason("case 2: error: computed %s, expected %s\n", g_intbuf, me_mp1512); + res = 1; goto CLEANUP; + } + + mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp1, 16); + mp_read_radix(&m, mp14, 16); + + IFOK( mp_exptmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, me_mp5114) != 0) { + reason("case 3: error: computed %s, expected %s\n", g_intbuf, me_mp5114); + res = 1; + } + + mp_read_radix(&a, mp16, 16); mp_read_radix(&b, mp17, 16); + mp_read_radix(&m, mp18, 16); + + IFOK( mp_exptmod(&a, &b, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, me_mp161718) != 0) { + reason("case 4: error: computed %s, expected %s\n", g_intbuf, me_mp161718); + res = 1; + } + + CLEANUP: + mp_clear(&a); mp_clear(&b); mp_clear(&m); + return res; +} + +/*------------------------------------------------------------------------*/ + +int test_exptmod_d(void) +{ + mp_int a, m; + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, mp5, 16); mp_read_radix(&m, mp7, 16); + + IFOK( mp_exptmod_d(&a, md4, &m, &a) ); + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&m); + + if(strcmp(g_intbuf, me_mp5d47) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, me_mp5d47); + return 1; + } + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_invmod(void) +{ + mp_int a, m, c; + mp_int p1, p2, p3, p4, p5; + mp_int t1, t2, t3, t4; + mp_err res; + + /* 5 128-bit primes. */ + static const char ivp1[] = { "AAD8A5A2A2BEF644BAEE7DB0CA643719" }; + static const char ivp2[] = { "CB371AD2B79A90BCC88D0430663E40B9" }; + static const char ivp3[] = { "C6C818D4DF2618406CA09280C0400099" }; + static const char ivp4[] = { "CE949C04512E68918006B1F0D7E93F27" }; + static const char ivp5[] = { "F8EE999B6416645040687440E0B89F51" }; + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, mp2, 16); mp_read_radix(&m, mp7, 16); + + IFOK( mp_invmod(&a, &m, &a) ); + + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&m); + + if(strcmp(g_intbuf, i_mp27) != 0) { + reason("error: invmod test 1 computed %s, expected %s\n", g_intbuf, i_mp27); + return 1; + } + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, mp20, 16); mp_read_radix(&m, mp19, 16); + + IFOK( mp_invmod(&a, &m, &a) ); + + mp_toradix(&a, g_intbuf, 16); + mp_clear(&a); mp_clear(&m); + + if(strcmp(g_intbuf, i_mp2019) != 0) { + reason("error: invmod test 2 computed %s, expected %s\n", g_intbuf, i_mp2019); + return 1; + } + +/* Need the following test cases: + Odd modulus + - a is odd, relatively prime to m + - a is odd, not relatively prime to m + - a is even, relatively prime to m + - a is even, not relatively prime to m + Even modulus + - a is even (should fail) + - a is odd, not relatively prime to m + - a is odd, relatively prime to m, + m is not a power of 2 + - m has factor 2**k, k < 32 + - m has factor 2**k, k > 32 + m is a power of 2, 2**k + - k < 32 + - k > 32 +*/ + + mp_init(&a); mp_init(&m); mp_init(&c); + mp_init(&p1); mp_init(&p2); mp_init(&p3); mp_init(&p4); mp_init(&p5); + mp_init(&t1); mp_init(&t2); mp_init(&t3); mp_init(&t4); + + mp_read_radix(&p1, ivp1, 16); + mp_read_radix(&p2, ivp2, 16); + mp_read_radix(&p3, ivp3, 16); + mp_read_radix(&p4, ivp4, 16); + mp_read_radix(&p5, ivp5, 16); + + IFOK( mp_2expt(&t2, 68) ); /* t2 = 2**68 */ + IFOK( mp_2expt(&t3, 128) ); /* t3 = 2**128 */ + IFOK( mp_2expt(&t4, 31) ); /* t4 = 2**31 */ + +/* test 3: Odd modulus - a is odd, relatively prime to m */ + + IFOK( mp_mul(&p1, &p2, &a) ); + IFOK( mp_mul(&p3, &p4, &m) ); + IFOK( mp_invmod(&a, &m, &t1) ); + IFOK( mp_invmod_xgcd(&a, &m, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 3 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + mp_clear(&a); mp_clear(&t1); mp_clear(&c); + mp_init(&a); mp_init(&t1); mp_init(&c); + +/* test 4: Odd modulus - a is odd, NOT relatively prime to m */ + + IFOK( mp_mul(&p1, &p3, &a) ); + /* reuse same m as before */ + + res = mp_invmod_xgcd(&a, &m, &c); + if (res != MP_UNDEF) + goto CLEANUP4; + + res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */ + if (res != MP_UNDEF) { +CLEANUP4: + reason("error: invmod test 4 succeeded, should have failed.\n"); + return 1; + } + mp_clear(&a); mp_clear(&t1); mp_clear(&c); + mp_init(&a); mp_init(&t1); mp_init(&c); + +/* test 5: Odd modulus - a is even, relatively prime to m */ + + IFOK( mp_mul(&p1, &t2, &a) ); + /* reuse m */ + IFOK( mp_invmod(&a, &m, &t1) ); + IFOK( mp_invmod_xgcd(&a, &m, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 5 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + mp_clear(&a); mp_clear(&t1); mp_clear(&c); + mp_init(&a); mp_init(&t1); mp_init(&c); + +/* test 6: Odd modulus - a is odd, NOT relatively prime to m */ + + /* reuse t2 */ + IFOK( mp_mul(&t2, &p3, &a) ); + /* reuse same m as before */ + + res = mp_invmod_xgcd(&a, &m, &c); + if (res != MP_UNDEF) + goto CLEANUP6; + + res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */ + if (res != MP_UNDEF) { +CLEANUP6: + reason("error: invmod test 6 succeeded, should have failed.\n"); + return 1; + } + mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1); + mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1); + +/* test 7: Even modulus, even a, should fail */ + + IFOK( mp_mul(&p3, &t3, &m) ); /* even m */ + /* reuse t2 */ + IFOK( mp_mul(&p1, &t2, &a) ); /* even a */ + + res = mp_invmod_xgcd(&a, &m, &c); + if (res != MP_UNDEF) + goto CLEANUP7; + + res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */ + if (res != MP_UNDEF) { +CLEANUP7: + reason("error: invmod test 7 succeeded, should have failed.\n"); + return 1; + } + mp_clear(&a); mp_clear(&c); mp_clear(&t1); + mp_init(&a); mp_init(&c); mp_init(&t1); + +/* test 8: Even modulus - a is odd, not relatively prime to m */ + + /* reuse m */ + IFOK( mp_mul(&p3, &p1, &a) ); /* even a */ + + res = mp_invmod_xgcd(&a, &m, &c); + if (res != MP_UNDEF) + goto CLEANUP8; + + res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */ + if (res != MP_UNDEF) { +CLEANUP8: + reason("error: invmod test 8 succeeded, should have failed.\n"); + return 1; + } + mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1); + mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1); + +/* test 9: Even modulus - m has factor 2**k, k < 32 + * - a is odd, relatively prime to m, + */ + IFOK( mp_mul(&p3, &t4, &m) ); /* even m */ + IFOK( mp_mul(&p1, &p2, &a) ); + IFOK( mp_invmod(&a, &m, &t1) ); + IFOK( mp_invmod_xgcd(&a, &m, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 9 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + mp_clear(&m); mp_clear(&t1); mp_clear(&c); + mp_init(&m); mp_init(&t1); mp_init(&c); + +/* test 10: Even modulus - m has factor 2**k, k > 32 + * - a is odd, relatively prime to m, + */ + IFOK( mp_mul(&p3, &t3, &m) ); /* even m */ + /* reuse a */ + IFOK( mp_invmod(&a, &m, &t1) ); + IFOK( mp_invmod_xgcd(&a, &m, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 10 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + mp_clear(&t1); mp_clear(&c); + mp_init(&t1); mp_init(&c); + +/* test 11: Even modulus - m is a power of 2, 2**k | k < 32 + * - a is odd, relatively prime to m, + */ + IFOK( mp_invmod(&a, &t4, &t1) ); + IFOK( mp_invmod_xgcd(&a, &t4, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 11 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + mp_clear(&t1); mp_clear(&c); + mp_init(&t1); mp_init(&c); + +/* test 12: Even modulus - m is a power of 2, 2**k | k > 32 + * - a is odd, relatively prime to m, + */ + IFOK( mp_invmod(&a, &t3, &t1) ); + IFOK( mp_invmod_xgcd(&a, &t3, &c) ); + + if (mp_cmp(&t1, &c) != 0) { + mp_toradix(&t1, g_intbuf, 16); + mp_toradix(&c, a_intbuf, 16); + reason("error: invmod test 12 computed %s, expected %s\n", + g_intbuf, a_intbuf); + return 1; + } + + mp_clear(&a); mp_clear(&m); mp_clear(&c); + mp_clear(&t1); mp_clear(&t2); mp_clear(&t3); mp_clear(&t4); + mp_clear(&p1); mp_clear(&p2); mp_clear(&p3); mp_clear(&p4); mp_clear(&p5); + + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_cmp_d(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp8, 16); + + if(mp_cmp_d(&a, md8) >= 0) { + reason("error: %s >= " DIGIT_FMT "\n", mp8, md8); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp5, 16); + + if(mp_cmp_d(&a, md8) <= 0) { + reason("error: %s <= " DIGIT_FMT "\n", mp5, md8); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp6, 16); + + if(mp_cmp_d(&a, md1) != 0) { + reason("error: %s != " DIGIT_FMT "\n", mp6, md1); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; + +} + +/*------------------------------------------------------------------------*/ + +int test_cmp_z(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp6, 16); + + if(mp_cmp_z(&a) != 0) { + reason("error: someone thinks a zero value is non-zero\n"); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp1, 16); + + if(mp_cmp_z(&a) <= 0) { + reason("error: someone thinks a positive value is non-positive\n"); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp4, 16); + + if(mp_cmp_z(&a) >= 0) { + reason("error: someone thinks a negative value is non-negative\n"); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_cmp(void) +{ + mp_int a, b; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16); + + if(mp_cmp(&a, &b) <= 0) { + reason("error: %s <= %s\n", mp3, mp4); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&b, mp3, 16); + if(mp_cmp(&a, &b) != 0) { + reason("error: %s != %s\n", mp3, mp3); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&a, mp5, 16); + if(mp_cmp(&a, &b) >= 0) { + reason("error: %s >= %s\n", mp5, mp3); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&a, mp5a, 16); + if(mp_cmp_int(&a, 1000000) >= 0 || + (mp_cmp_int(&a, -5000000) <= 0) || + (mp_cmp_int(&a, -4938110) != 0)) { + reason("error: long integer comparison failed (%s)", mp5a); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_clear(&a); mp_clear(&b); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_cmp_mag(void) +{ + mp_int a, b; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp4, 16); + + if(mp_cmp_mag(&a, &b) >= 0) { + reason("error: %s >= %s\n", mp5, mp4); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&b, mp5, 16); + if(mp_cmp_mag(&a, &b) != 0) { + reason("error: %s != %s\n", mp5, mp5); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_read_radix(&a, mp1, 16); + if(mp_cmp_mag(&b, &a) >= 0) { + reason("error: %s >= %s\n", mp5, mp1); + mp_clear(&a); mp_clear(&b); + return 1; + } + + mp_clear(&a); mp_clear(&b); + return 0; + +} + +/*------------------------------------------------------------------------*/ + +int test_parity(void) +{ + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp1, 16); + + if(!mp_isodd(&a)) { + reason("error: expected operand to be odd, but it isn't\n"); + mp_clear(&a); + return 1; + } + + mp_read_radix(&a, mp6, 16); + + if(!mp_iseven(&a)) { + reason("error: expected operand to be even, but it isn't\n"); + mp_clear(&a); + return 1; + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_gcd(void) +{ + mp_int a, b; + int out = 0; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16); + + mp_gcd(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, g_mp71) != 0) { + reason("error: computed %s, expected %s\n", g_intbuf, g_mp71); + out = 1; + } + + mp_clear(&a); mp_clear(&b); + return out; + +} + +/*------------------------------------------------------------------------*/ + +int test_lcm(void) +{ + mp_int a, b; + int out = 0; + + mp_init(&a); mp_init(&b); + mp_read_radix(&a, mp10, 16); mp_read_radix(&b, mp11, 16); + + mp_lcm(&a, &b, &a); + mp_toradix(&a, g_intbuf, 16); + + if(strcmp(g_intbuf, l_mp1011) != 0) { + reason("error: computed %s, expected%s\n", g_intbuf, l_mp1011); + out = 1; + } + + mp_clear(&a); mp_clear(&b); + + return out; + +} + +/*------------------------------------------------------------------------*/ + +int test_convert(void) +{ + int ix; + mp_int a; + + mp_init(&a); mp_read_radix(&a, mp9, 16); + + for(ix = LOW_RADIX; ix <= HIGH_RADIX; ix++) { + mp_toradix(&a, g_intbuf, ix); + + if(strcmp(g_intbuf, v_mp9[ix - LOW_RADIX]) != 0) { + reason("error: radix %d, computed %s, expected %s\n", + ix, g_intbuf, v_mp9[ix - LOW_RADIX]); + mp_clear(&a); + return 1; + } + } + + mp_clear(&a); + return 0; +} + +/*------------------------------------------------------------------------*/ + +int test_raw(void) +{ + int len, out = 0; + mp_int a; + char *buf; + + mp_init(&a); mp_read_radix(&a, mp4, 16); + + len = mp_raw_size(&a); + if(len != sizeof(b_mp4)) { + reason("error: test_raw: expected length %d, computed %d\n", sizeof(b_mp4), + len); + mp_clear(&a); + return 1; + } + + buf = calloc(len, sizeof(char)); + mp_toraw(&a, buf); + + if(memcmp(buf, b_mp4, sizeof(b_mp4)) != 0) { + reason("error: test_raw: binary output does not match test vector\n"); + out = 1; + } + + free(buf); + mp_clear(&a); + + return out; + +} + +/*------------------------------------------------------------------------*/ + +int test_pprime(void) +{ + mp_int p; + int err = 0; + mp_err res; + + mp_init(&p); + mp_read_radix(&p, mp7, 16); + + if(mpp_pprime(&p, 5) != MP_YES) { + reason("error: %s failed Rabin-Miller test, but is prime\n", mp7); + err = 1; + } + + IFOK( mp_set_int(&p, 9) ); + res = mpp_pprime(&p, 50); + if (res == MP_YES) { + reason("error: 9 is composite but passed Rabin-Miller test\n"); + err = 1; + } else if (res != MP_NO) { + reason("test mpp_pprime(9, 50) failed: error %d\n", res); + err = 1; + } + + IFOK( mp_set_int(&p, 15) ); + res = mpp_pprime(&p, 50); + if (res == MP_YES) { + reason("error: 15 is composite but passed Rabin-Miller test\n"); + err = 1; + } else if (res != MP_NO) { + reason("test mpp_pprime(15, 50) failed: error %d\n", res); + err = 1; + } + + mp_clear(&p); + + return err; + +} + +/*------------------------------------------------------------------------*/ + +int test_fermat(void) +{ + mp_int p; + mp_err res; + int err = 0; + + mp_init(&p); + mp_read_radix(&p, mp7, 16); + + if((res = mpp_fermat(&p, 2)) != MP_YES) { + reason("error: %s failed Fermat test on 2: %s\n", mp7, + mp_strerror(res)); + ++err; + } + + if((res = mpp_fermat(&p, 3)) != MP_YES) { + reason("error: %s failed Fermat test on 3: %s\n", mp7, + mp_strerror(res)); + ++err; + } + + mp_clear(&p); + + return err; + +} + +/*------------------------------------------------------------------------*/ +/* Like fprintf(), but only if we are behaving in a verbose manner */ + +void reason(char *fmt, ...) +{ + va_list ap; + + if(!g_verbose) + return; + + va_start(ap, fmt); + vfprintf(stderr, fmt, ap); + va_end(ap); +} + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c new file mode 100644 index 000000000..83bd86764 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi.c @@ -0,0 +1,4795 @@ +/* + * mpi.c + * + * Arbitrary precision integer arithmetic library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include "mpi-priv.h" +#if defined(OSF1) +#include <c_asm.h> +#endif + +#if MP_LOGTAB +/* + A table of the logs of 2 for various bases (the 0 and 1 entries of + this table are meaningless and should not be referenced). + + This table is used to compute output lengths for the mp_toradix() + function. Since a number n in radix r takes up about log_r(n) + digits, we estimate the output size by taking the least integer + greater than log_r(n), where: + + log_r(n) = log_2(n) * log_r(2) + + This table, therefore, is a table of log_r(2) for 2 <= r <= 36, + which are the output bases supported. + */ +#include "logtab.h" +#endif + +/* {{{ Constant strings */ + +/* Constant strings returned by mp_strerror() */ +static const char *mp_err_string[] = { + "unknown result code", /* say what? */ + "boolean true", /* MP_OKAY, MP_YES */ + "boolean false", /* MP_NO */ + "out of memory", /* MP_MEM */ + "argument out of range", /* MP_RANGE */ + "invalid input parameter", /* MP_BADARG */ + "result is undefined" /* MP_UNDEF */ +}; + +/* Value to digit maps for radix conversion */ + +/* s_dmap_1 - standard digits and letters */ +static const char *s_dmap_1 = + "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; + +/* }}} */ + +unsigned long mp_allocs; +unsigned long mp_frees; +unsigned long mp_copies; + +/* {{{ Default precision manipulation */ + +/* Default precision for newly created mp_int's */ +static mp_size s_mp_defprec = MP_DEFPREC; + +mp_size mp_get_prec(void) +{ + return s_mp_defprec; + +} /* end mp_get_prec() */ + +void mp_set_prec(mp_size prec) +{ + if(prec == 0) + s_mp_defprec = MP_DEFPREC; + else + s_mp_defprec = prec; + +} /* end mp_set_prec() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ mp_init(mp) */ + +/* + mp_init(mp) + + Initialize a new zero-valued mp_int. Returns MP_OKAY if successful, + MP_MEM if memory could not be allocated for the structure. + */ + +mp_err mp_init(mp_int *mp) +{ + return mp_init_size(mp, s_mp_defprec); + +} /* end mp_init() */ + +/* }}} */ + +/* {{{ mp_init_size(mp, prec) */ + +/* + mp_init_size(mp, prec) + + Initialize a new zero-valued mp_int with at least the given + precision; returns MP_OKAY if successful, or MP_MEM if memory could + not be allocated for the structure. + */ + +mp_err mp_init_size(mp_int *mp, mp_size prec) +{ + ARGCHK(mp != NULL && prec > 0, MP_BADARG); + + prec = MP_ROUNDUP(prec, s_mp_defprec); + if((DIGITS(mp) = s_mp_alloc(prec, sizeof(mp_digit))) == NULL) + return MP_MEM; + + SIGN(mp) = ZPOS; + USED(mp) = 1; + ALLOC(mp) = prec; + + return MP_OKAY; + +} /* end mp_init_size() */ + +/* }}} */ + +/* {{{ mp_init_copy(mp, from) */ + +/* + mp_init_copy(mp, from) + + Initialize mp as an exact copy of from. Returns MP_OKAY if + successful, MP_MEM if memory could not be allocated for the new + structure. + */ + +mp_err mp_init_copy(mp_int *mp, const mp_int *from) +{ + ARGCHK(mp != NULL && from != NULL, MP_BADARG); + + if(mp == from) + return MP_OKAY; + + if((DIGITS(mp) = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL) + return MP_MEM; + + s_mp_copy(DIGITS(from), DIGITS(mp), USED(from)); + USED(mp) = USED(from); + ALLOC(mp) = ALLOC(from); + SIGN(mp) = SIGN(from); + + return MP_OKAY; + +} /* end mp_init_copy() */ + +/* }}} */ + +/* {{{ mp_copy(from, to) */ + +/* + mp_copy(from, to) + + Copies the mp_int 'from' to the mp_int 'to'. It is presumed that + 'to' has already been initialized (if not, use mp_init_copy() + instead). If 'from' and 'to' are identical, nothing happens. + */ + +mp_err mp_copy(const mp_int *from, mp_int *to) +{ + ARGCHK(from != NULL && to != NULL, MP_BADARG); + + if(from == to) + return MP_OKAY; + + ++mp_copies; + { /* copy */ + mp_digit *tmp; + + /* + If the allocated buffer in 'to' already has enough space to hold + all the used digits of 'from', we'll re-use it to avoid hitting + the memory allocater more than necessary; otherwise, we'd have + to grow anyway, so we just allocate a hunk and make the copy as + usual + */ + if(ALLOC(to) >= USED(from)) { + s_mp_setz(DIGITS(to) + USED(from), ALLOC(to) - USED(from)); + s_mp_copy(DIGITS(from), DIGITS(to), USED(from)); + + } else { + if((tmp = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL) + return MP_MEM; + + s_mp_copy(DIGITS(from), tmp, USED(from)); + + if(DIGITS(to) != NULL) { +#if MP_CRYPTO + s_mp_setz(DIGITS(to), ALLOC(to)); +#endif + s_mp_free(DIGITS(to)); + } + + DIGITS(to) = tmp; + ALLOC(to) = ALLOC(from); + } + + /* Copy the precision and sign from the original */ + USED(to) = USED(from); + SIGN(to) = SIGN(from); + } /* end copy */ + + return MP_OKAY; + +} /* end mp_copy() */ + +/* }}} */ + +/* {{{ mp_exch(mp1, mp2) */ + +/* + mp_exch(mp1, mp2) + + Exchange mp1 and mp2 without allocating any intermediate memory + (well, unless you count the stack space needed for this call and the + locals it creates...). This cannot fail. + */ + +void mp_exch(mp_int *mp1, mp_int *mp2) +{ +#if MP_ARGCHK == 2 + assert(mp1 != NULL && mp2 != NULL); +#else + if(mp1 == NULL || mp2 == NULL) + return; +#endif + + s_mp_exch(mp1, mp2); + +} /* end mp_exch() */ + +/* }}} */ + +/* {{{ mp_clear(mp) */ + +/* + mp_clear(mp) + + Release the storage used by an mp_int, and void its fields so that + if someone calls mp_clear() again for the same int later, we won't + get tollchocked. + */ + +void mp_clear(mp_int *mp) +{ + if(mp == NULL) + return; + + if(DIGITS(mp) != NULL) { +#if MP_CRYPTO + s_mp_setz(DIGITS(mp), ALLOC(mp)); +#endif + s_mp_free(DIGITS(mp)); + DIGITS(mp) = NULL; + } + + USED(mp) = 0; + ALLOC(mp) = 0; + +} /* end mp_clear() */ + +/* }}} */ + +/* {{{ mp_zero(mp) */ + +/* + mp_zero(mp) + + Set mp to zero. Does not change the allocated size of the structure, + and therefore cannot fail (except on a bad argument, which we ignore) + */ +void mp_zero(mp_int *mp) +{ + if(mp == NULL) + return; + + s_mp_setz(DIGITS(mp), ALLOC(mp)); + USED(mp) = 1; + SIGN(mp) = ZPOS; + +} /* end mp_zero() */ + +/* }}} */ + +/* {{{ mp_set(mp, d) */ + +void mp_set(mp_int *mp, mp_digit d) +{ + if(mp == NULL) + return; + + mp_zero(mp); + DIGIT(mp, 0) = d; + +} /* end mp_set() */ + +/* }}} */ + +/* {{{ mp_set_int(mp, z) */ + +mp_err mp_set_int(mp_int *mp, long z) +{ + int ix; + unsigned long v = labs(z); + mp_err res; + + ARGCHK(mp != NULL, MP_BADARG); + + mp_zero(mp); + if(z == 0) + return MP_OKAY; /* shortcut for zero */ + + if (sizeof v <= sizeof(mp_digit)) { + DIGIT(mp,0) = v; + } else { + for (ix = sizeof(long) - 1; ix >= 0; ix--) { + if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY) + return res; + + res = s_mp_add_d(mp, (mp_digit)((v >> (ix * CHAR_BIT)) & UCHAR_MAX)); + if (res != MP_OKAY) + return res; + } + } + if(z < 0) + SIGN(mp) = NEG; + + return MP_OKAY; + +} /* end mp_set_int() */ + +/* }}} */ + +/* {{{ mp_set_ulong(mp, z) */ + +mp_err mp_set_ulong(mp_int *mp, unsigned long z) +{ + int ix; + mp_err res; + + ARGCHK(mp != NULL, MP_BADARG); + + mp_zero(mp); + if(z == 0) + return MP_OKAY; /* shortcut for zero */ + + if (sizeof z <= sizeof(mp_digit)) { + DIGIT(mp,0) = z; + } else { + for (ix = sizeof(long) - 1; ix >= 0; ix--) { + if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY) + return res; + + res = s_mp_add_d(mp, (mp_digit)((z >> (ix * CHAR_BIT)) & UCHAR_MAX)); + if (res != MP_OKAY) + return res; + } + } + return MP_OKAY; +} /* end mp_set_ulong() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ Digit arithmetic */ + +/* {{{ mp_add_d(a, d, b) */ + +/* + mp_add_d(a, d, b) + + Compute the sum b = a + d, for a single digit d. Respects the sign of + its primary addend (single digits are unsigned anyway). + */ + +mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b) +{ + mp_int tmp; + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_init_copy(&tmp, a)) != MP_OKAY) + return res; + + if(SIGN(&tmp) == ZPOS) { + if((res = s_mp_add_d(&tmp, d)) != MP_OKAY) + goto CLEANUP; + } else if(s_mp_cmp_d(&tmp, d) >= 0) { + if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY) + goto CLEANUP; + } else { + mp_neg(&tmp, &tmp); + + DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0); + } + + if(s_mp_cmp_d(&tmp, 0) == 0) + SIGN(&tmp) = ZPOS; + + s_mp_exch(&tmp, b); + +CLEANUP: + mp_clear(&tmp); + return res; + +} /* end mp_add_d() */ + +/* }}} */ + +/* {{{ mp_sub_d(a, d, b) */ + +/* + mp_sub_d(a, d, b) + + Compute the difference b = a - d, for a single digit d. Respects the + sign of its subtrahend (single digits are unsigned anyway). + */ + +mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b) +{ + mp_int tmp; + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_init_copy(&tmp, a)) != MP_OKAY) + return res; + + if(SIGN(&tmp) == NEG) { + if((res = s_mp_add_d(&tmp, d)) != MP_OKAY) + goto CLEANUP; + } else if(s_mp_cmp_d(&tmp, d) >= 0) { + if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY) + goto CLEANUP; + } else { + mp_neg(&tmp, &tmp); + + DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0); + SIGN(&tmp) = NEG; + } + + if(s_mp_cmp_d(&tmp, 0) == 0) + SIGN(&tmp) = ZPOS; + + s_mp_exch(&tmp, b); + +CLEANUP: + mp_clear(&tmp); + return res; + +} /* end mp_sub_d() */ + +/* }}} */ + +/* {{{ mp_mul_d(a, d, b) */ + +/* + mp_mul_d(a, d, b) + + Compute the product b = a * d, for a single digit d. Respects the sign + of its multiplicand (single digits are unsigned anyway) + */ + +mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if(d == 0) { + mp_zero(b); + return MP_OKAY; + } + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + res = s_mp_mul_d(b, d); + + return res; + +} /* end mp_mul_d() */ + +/* }}} */ + +/* {{{ mp_mul_2(a, c) */ + +mp_err mp_mul_2(const mp_int *a, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && c != NULL, MP_BADARG); + + if((res = mp_copy(a, c)) != MP_OKAY) + return res; + + return s_mp_mul_2(c); + +} /* end mp_mul_2() */ + +/* }}} */ + +/* {{{ mp_div_d(a, d, q, r) */ + +/* + mp_div_d(a, d, q, r) + + Compute the quotient q = a / d and remainder r = a mod d, for a + single digit d. Respects the sign of its divisor (single digits are + unsigned anyway). + */ + +mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r) +{ + mp_err res; + mp_int qp; + mp_digit rem; + int pow; + + ARGCHK(a != NULL, MP_BADARG); + + if(d == 0) + return MP_RANGE; + + /* Shortcut for powers of two ... */ + if((pow = s_mp_ispow2d(d)) >= 0) { + mp_digit mask; + + mask = ((mp_digit)1 << pow) - 1; + rem = DIGIT(a, 0) & mask; + + if(q) { + mp_copy(a, q); + s_mp_div_2d(q, pow); + } + + if(r) + *r = rem; + + return MP_OKAY; + } + + if((res = mp_init_copy(&qp, a)) != MP_OKAY) + return res; + + res = s_mp_div_d(&qp, d, &rem); + + if(s_mp_cmp_d(&qp, 0) == 0) + SIGN(q) = ZPOS; + + if(r) + *r = rem; + + if(q) + s_mp_exch(&qp, q); + + mp_clear(&qp); + return res; + +} /* end mp_div_d() */ + +/* }}} */ + +/* {{{ mp_div_2(a, c) */ + +/* + mp_div_2(a, c) + + Compute c = a / 2, disregarding the remainder. + */ + +mp_err mp_div_2(const mp_int *a, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && c != NULL, MP_BADARG); + + if((res = mp_copy(a, c)) != MP_OKAY) + return res; + + s_mp_div_2(c); + + return MP_OKAY; + +} /* end mp_div_2() */ + +/* }}} */ + +/* {{{ mp_expt_d(a, d, b) */ + +mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c) +{ + mp_int s, x; + mp_err res; + + ARGCHK(a != NULL && c != NULL, MP_BADARG); + + if((res = mp_init(&s)) != MP_OKAY) + return res; + if((res = mp_init_copy(&x, a)) != MP_OKAY) + goto X; + + DIGIT(&s, 0) = 1; + + while(d != 0) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY) + goto CLEANUP; + } + + d /= 2; + + if((res = s_mp_sqr(&x)) != MP_OKAY) + goto CLEANUP; + } + + s_mp_exch(&s, c); + +CLEANUP: + mp_clear(&x); +X: + mp_clear(&s); + + return res; + +} /* end mp_expt_d() */ + +/* }}} */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ Full arithmetic */ + +/* {{{ mp_abs(a, b) */ + +/* + mp_abs(a, b) + + Compute b = |a|. 'a' and 'b' may be identical. + */ + +mp_err mp_abs(const mp_int *a, mp_int *b) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + SIGN(b) = ZPOS; + + return MP_OKAY; + +} /* end mp_abs() */ + +/* }}} */ + +/* {{{ mp_neg(a, b) */ + +/* + mp_neg(a, b) + + Compute b = -a. 'a' and 'b' may be identical. + */ + +mp_err mp_neg(const mp_int *a, mp_int *b) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + if(s_mp_cmp_d(b, 0) == MP_EQ) + SIGN(b) = ZPOS; + else + SIGN(b) = (SIGN(b) == NEG) ? ZPOS : NEG; + + return MP_OKAY; + +} /* end mp_neg() */ + +/* }}} */ + +/* {{{ mp_add(a, b, c) */ + +/* + mp_add(a, b, c) + + Compute c = a + b. All parameters may be identical. + */ + +mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(SIGN(a) == SIGN(b)) { /* same sign: add values, keep sign */ + MP_CHECKOK( s_mp_add_3arg(a, b, c) ); + } else if(s_mp_cmp(a, b) >= 0) { /* different sign: |a| >= |b| */ + MP_CHECKOK( s_mp_sub_3arg(a, b, c) ); + } else { /* different sign: |a| < |b| */ + MP_CHECKOK( s_mp_sub_3arg(b, a, c) ); + } + + if (s_mp_cmp_d(c, 0) == MP_EQ) + SIGN(c) = ZPOS; + +CLEANUP: + return res; + +} /* end mp_add() */ + +/* }}} */ + +/* {{{ mp_sub(a, b, c) */ + +/* + mp_sub(a, b, c) + + Compute c = a - b. All parameters may be identical. + */ + +mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_err res; + int magDiff; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if (a == b) { + mp_zero(c); + return MP_OKAY; + } + + if (MP_SIGN(a) != MP_SIGN(b)) { + MP_CHECKOK( s_mp_add_3arg(a, b, c) ); + } else if (!(magDiff = s_mp_cmp(a, b))) { + mp_zero(c); + res = MP_OKAY; + } else if (magDiff > 0) { + MP_CHECKOK( s_mp_sub_3arg(a, b, c) ); + } else { + MP_CHECKOK( s_mp_sub_3arg(b, a, c) ); + MP_SIGN(c) = !MP_SIGN(a); + } + + if (s_mp_cmp_d(c, 0) == MP_EQ) + MP_SIGN(c) = MP_ZPOS; + +CLEANUP: + return res; + +} /* end mp_sub() */ + +/* }}} */ + +/* {{{ mp_mul(a, b, c) */ + +/* + mp_mul(a, b, c) + + Compute c = a * b. All parameters may be identical. + */ +mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int * c) +{ + mp_digit *pb; + mp_int tmp; + mp_err res; + mp_size ib; + mp_size useda, usedb; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if (a == c) { + if ((res = mp_init_copy(&tmp, a)) != MP_OKAY) + return res; + if (a == b) + b = &tmp; + a = &tmp; + } else if (b == c) { + if ((res = mp_init_copy(&tmp, b)) != MP_OKAY) + return res; + b = &tmp; + } else { + MP_DIGITS(&tmp) = 0; + } + + if (MP_USED(a) < MP_USED(b)) { + const mp_int *xch = b; /* switch a and b, to do fewer outer loops */ + b = a; + a = xch; + } + + MP_USED(c) = 1; MP_DIGIT(c, 0) = 0; + if((res = s_mp_pad(c, USED(a) + USED(b))) != MP_OKAY) + goto CLEANUP; + + pb = MP_DIGITS(b); + s_mpv_mul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c)); + + /* Outer loop: Digits of b */ + useda = MP_USED(a); + usedb = MP_USED(b); + for (ib = 1; ib < usedb; ib++) { + mp_digit b_i = *pb++; + + /* Inner product: Digits of a */ + if (b_i) + s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib); + else + MP_DIGIT(c, ib + useda) = b_i; + } + + s_mp_clamp(c); + + if(SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ) + SIGN(c) = ZPOS; + else + SIGN(c) = NEG; + +CLEANUP: + mp_clear(&tmp); + return res; +} /* end mp_mul() */ + +/* }}} */ + +/* {{{ mp_sqr(a, sqr) */ + +#if MP_SQUARE +/* + Computes the square of a. This can be done more + efficiently than a general multiplication, because many of the + computation steps are redundant when squaring. The inner product + step is a bit more complicated, but we save a fair number of + iterations of the multiplication loop. + */ + +/* sqr = a^2; Caller provides both a and tmp; */ +mp_err mp_sqr(const mp_int *a, mp_int *sqr) +{ + mp_digit *pa; + mp_digit d; + mp_err res; + mp_size ix; + mp_int tmp; + int count; + + ARGCHK(a != NULL && sqr != NULL, MP_BADARG); + + if (a == sqr) { + if((res = mp_init_copy(&tmp, a)) != MP_OKAY) + return res; + a = &tmp; + } else { + DIGITS(&tmp) = 0; + res = MP_OKAY; + } + + ix = 2 * MP_USED(a); + if (ix > MP_ALLOC(sqr)) { + MP_USED(sqr) = 1; + MP_CHECKOK( s_mp_grow(sqr, ix) ); + } + MP_USED(sqr) = ix; + MP_DIGIT(sqr, 0) = 0; + + pa = MP_DIGITS(a); + count = MP_USED(a) - 1; + if (count > 0) { + d = *pa++; + s_mpv_mul_d(pa, count, d, MP_DIGITS(sqr) + 1); + for (ix = 3; --count > 0; ix += 2) { + d = *pa++; + s_mpv_mul_d_add(pa, count, d, MP_DIGITS(sqr) + ix); + } /* for(ix ...) */ + MP_DIGIT(sqr, MP_USED(sqr)-1) = 0; /* above loop stopped short of this. */ + + /* now sqr *= 2 */ + s_mp_mul_2(sqr); + } else { + MP_DIGIT(sqr, 1) = 0; + } + + /* now add the squares of the digits of a to sqr. */ + s_mpv_sqr_add_prop(MP_DIGITS(a), MP_USED(a), MP_DIGITS(sqr)); + + SIGN(sqr) = ZPOS; + s_mp_clamp(sqr); + +CLEANUP: + mp_clear(&tmp); + return res; + +} /* end mp_sqr() */ +#endif + +/* }}} */ + +/* {{{ mp_div(a, b, q, r) */ + +/* + mp_div(a, b, q, r) + + Compute q = a / b and r = a mod b. Input parameters may be re-used + as output parameters. If q or r is NULL, that portion of the + computation will be discarded (although it will still be computed) + */ +mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r) +{ + mp_err res; + mp_int *pQ, *pR; + mp_int qtmp, rtmp, btmp; + int cmp; + mp_sign signA = MP_SIGN(a); + mp_sign signB = MP_SIGN(b); + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if(mp_cmp_z(b) == MP_EQ) + return MP_RANGE; + + DIGITS(&qtmp) = 0; + DIGITS(&rtmp) = 0; + DIGITS(&btmp) = 0; + + /* Set up some temporaries... */ + if (!r || r == a || r == b) { + MP_CHECKOK( mp_init_copy(&rtmp, a) ); + pR = &rtmp; + } else { + MP_CHECKOK( mp_copy(a, r) ); + pR = r; + } + + if (!q || q == a || q == b) { + MP_CHECKOK( mp_init_size(&qtmp, MP_USED(a)) ); + pQ = &qtmp; + } else { + MP_CHECKOK( s_mp_pad(q, MP_USED(a)) ); + pQ = q; + mp_zero(pQ); + } + + /* + If |a| <= |b|, we can compute the solution without division; + otherwise, we actually do the work required. + */ + if ((cmp = s_mp_cmp(a, b)) <= 0) { + if (cmp) { + /* r was set to a above. */ + mp_zero(pQ); + } else { + mp_set(pQ, 1); + mp_zero(pR); + } + } else { + MP_CHECKOK( mp_init_copy(&btmp, b) ); + MP_CHECKOK( s_mp_div(pR, &btmp, pQ) ); + } + + /* Compute the signs for the output */ + MP_SIGN(pR) = signA; /* Sr = Sa */ + /* Sq = ZPOS if Sa == Sb */ /* Sq = NEG if Sa != Sb */ + MP_SIGN(pQ) = (signA == signB) ? ZPOS : NEG; + + if(s_mp_cmp_d(pQ, 0) == MP_EQ) + SIGN(pQ) = ZPOS; + if(s_mp_cmp_d(pR, 0) == MP_EQ) + SIGN(pR) = ZPOS; + + /* Copy output, if it is needed */ + if(q && q != pQ) + s_mp_exch(pQ, q); + + if(r && r != pR) + s_mp_exch(pR, r); + +CLEANUP: + mp_clear(&btmp); + mp_clear(&rtmp); + mp_clear(&qtmp); + + return res; + +} /* end mp_div() */ + +/* }}} */ + +/* {{{ mp_div_2d(a, d, q, r) */ + +mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r) +{ + mp_err res; + + ARGCHK(a != NULL, MP_BADARG); + + if(q) { + if((res = mp_copy(a, q)) != MP_OKAY) + return res; + } + if(r) { + if((res = mp_copy(a, r)) != MP_OKAY) + return res; + } + if(q) { + s_mp_div_2d(q, d); + } + if(r) { + s_mp_mod_2d(r, d); + } + + return MP_OKAY; + +} /* end mp_div_2d() */ + +/* }}} */ + +/* {{{ mp_expt(a, b, c) */ + +/* + mp_expt(a, b, c) + + Compute c = a ** b, that is, raise a to the b power. Uses a + standard iterative square-and-multiply technique. + */ + +mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int s, x; + mp_err res; + mp_digit d; + int dig, bit; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(mp_cmp_z(b) < 0) + return MP_RANGE; + + if((res = mp_init(&s)) != MP_OKAY) + return res; + + mp_set(&s, 1); + + if((res = mp_init_copy(&x, a)) != MP_OKAY) + goto X; + + /* Loop over low-order digits in ascending order */ + for(dig = 0; dig < (USED(b) - 1); dig++) { + d = DIGIT(b, dig); + + /* Loop over bits of each non-maximal digit */ + for(bit = 0; bit < DIGIT_BIT; bit++) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY) + goto CLEANUP; + } + + d >>= 1; + + if((res = s_mp_sqr(&x)) != MP_OKAY) + goto CLEANUP; + } + } + + /* Consider now the last digit... */ + d = DIGIT(b, dig); + + while(d) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY) + goto CLEANUP; + } + + d >>= 1; + + if((res = s_mp_sqr(&x)) != MP_OKAY) + goto CLEANUP; + } + + if(mp_iseven(b)) + SIGN(&s) = SIGN(a); + + res = mp_copy(&s, c); + +CLEANUP: + mp_clear(&x); +X: + mp_clear(&s); + + return res; + +} /* end mp_expt() */ + +/* }}} */ + +/* {{{ mp_2expt(a, k) */ + +/* Compute a = 2^k */ + +mp_err mp_2expt(mp_int *a, mp_digit k) +{ + ARGCHK(a != NULL, MP_BADARG); + + return s_mp_2expt(a, k); + +} /* end mp_2expt() */ + +/* }}} */ + +/* {{{ mp_mod(a, m, c) */ + +/* + mp_mod(a, m, c) + + Compute c = a (mod m). Result will always be 0 <= c < m. + */ + +mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c) +{ + mp_err res; + int mag; + + ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG); + + if(SIGN(m) == NEG) + return MP_RANGE; + + /* + If |a| > m, we need to divide to get the remainder and take the + absolute value. + + If |a| < m, we don't need to do any division, just copy and adjust + the sign (if a is negative). + + If |a| == m, we can simply set the result to zero. + + This order is intended to minimize the average path length of the + comparison chain on common workloads -- the most frequent cases are + that |a| != m, so we do those first. + */ + if((mag = s_mp_cmp(a, m)) > 0) { + if((res = mp_div(a, m, NULL, c)) != MP_OKAY) + return res; + + if(SIGN(c) == NEG) { + if((res = mp_add(c, m, c)) != MP_OKAY) + return res; + } + + } else if(mag < 0) { + if((res = mp_copy(a, c)) != MP_OKAY) + return res; + + if(mp_cmp_z(a) < 0) { + if((res = mp_add(c, m, c)) != MP_OKAY) + return res; + + } + + } else { + mp_zero(c); + + } + + return MP_OKAY; + +} /* end mp_mod() */ + +/* }}} */ + +/* {{{ mp_mod_d(a, d, c) */ + +/* + mp_mod_d(a, d, c) + + Compute c = a (mod d). Result will always be 0 <= c < d + */ +mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c) +{ + mp_err res; + mp_digit rem; + + ARGCHK(a != NULL && c != NULL, MP_BADARG); + + if(s_mp_cmp_d(a, d) > 0) { + if((res = mp_div_d(a, d, NULL, &rem)) != MP_OKAY) + return res; + + } else { + if(SIGN(a) == NEG) + rem = d - DIGIT(a, 0); + else + rem = DIGIT(a, 0); + } + + if(c) + *c = rem; + + return MP_OKAY; + +} /* end mp_mod_d() */ + +/* }}} */ + +/* {{{ mp_sqrt(a, b) */ + +/* + mp_sqrt(a, b) + + Compute the integer square root of a, and store the result in b. + Uses an integer-arithmetic version of Newton's iterative linear + approximation technique to determine this value; the result has the + following two properties: + + b^2 <= a + (b+1)^2 >= a + + It is a range error to pass a negative value. + */ +mp_err mp_sqrt(const mp_int *a, mp_int *b) +{ + mp_int x, t; + mp_err res; + mp_size used; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + /* Cannot take square root of a negative value */ + if(SIGN(a) == NEG) + return MP_RANGE; + + /* Special cases for zero and one, trivial */ + if(mp_cmp_d(a, 1) <= 0) + return mp_copy(a, b); + + /* Initialize the temporaries we'll use below */ + if((res = mp_init_size(&t, USED(a))) != MP_OKAY) + return res; + + /* Compute an initial guess for the iteration as a itself */ + if((res = mp_init_copy(&x, a)) != MP_OKAY) + goto X; + + used = MP_USED(&x); + if (used > 1) { + s_mp_rshd(&x, used / 2); + } + + for(;;) { + /* t = (x * x) - a */ + mp_copy(&x, &t); /* can't fail, t is big enough for original x */ + if((res = mp_sqr(&t, &t)) != MP_OKAY || + (res = mp_sub(&t, a, &t)) != MP_OKAY) + goto CLEANUP; + + /* t = t / 2x */ + s_mp_mul_2(&x); + if((res = mp_div(&t, &x, &t, NULL)) != MP_OKAY) + goto CLEANUP; + s_mp_div_2(&x); + + /* Terminate the loop, if the quotient is zero */ + if(mp_cmp_z(&t) == MP_EQ) + break; + + /* x = x - t */ + if((res = mp_sub(&x, &t, &x)) != MP_OKAY) + goto CLEANUP; + + } + + /* Copy result to output parameter */ + mp_sub_d(&x, 1, &x); + s_mp_exch(&x, b); + + CLEANUP: + mp_clear(&x); + X: + mp_clear(&t); + + return res; + +} /* end mp_sqrt() */ + +/* }}} */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ Modular arithmetic */ + +#if MP_MODARITH +/* {{{ mp_addmod(a, b, m, c) */ + +/* + mp_addmod(a, b, m, c) + + Compute c = (a + b) mod m + */ + +mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG); + + if((res = mp_add(a, b, c)) != MP_OKAY) + return res; + if((res = mp_mod(c, m, c)) != MP_OKAY) + return res; + + return MP_OKAY; + +} + +/* }}} */ + +/* {{{ mp_submod(a, b, m, c) */ + +/* + mp_submod(a, b, m, c) + + Compute c = (a - b) mod m + */ + +mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG); + + if((res = mp_sub(a, b, c)) != MP_OKAY) + return res; + if((res = mp_mod(c, m, c)) != MP_OKAY) + return res; + + return MP_OKAY; + +} + +/* }}} */ + +/* {{{ mp_mulmod(a, b, m, c) */ + +/* + mp_mulmod(a, b, m, c) + + Compute c = (a * b) mod m + */ + +mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG); + + if((res = mp_mul(a, b, c)) != MP_OKAY) + return res; + if((res = mp_mod(c, m, c)) != MP_OKAY) + return res; + + return MP_OKAY; + +} + +/* }}} */ + +/* {{{ mp_sqrmod(a, m, c) */ + +#if MP_SQUARE +mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c) +{ + mp_err res; + + ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG); + + if((res = mp_sqr(a, c)) != MP_OKAY) + return res; + if((res = mp_mod(c, m, c)) != MP_OKAY) + return res; + + return MP_OKAY; + +} /* end mp_sqrmod() */ +#endif + +/* }}} */ + +/* {{{ s_mp_exptmod(a, b, m, c) */ + +/* + s_mp_exptmod(a, b, m, c) + + Compute c = (a ** b) mod m. Uses a standard square-and-multiply + method with modular reductions at each step. (This is basically the + same code as mp_expt(), except for the addition of the reductions) + + The modular reductions are done using Barrett's algorithm (see + s_mp_reduce() below for details) + */ + +mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c) +{ + mp_int s, x, mu; + mp_err res; + mp_digit d; + int dig, bit; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0) + return MP_RANGE; + + if((res = mp_init(&s)) != MP_OKAY) + return res; + if((res = mp_init_copy(&x, a)) != MP_OKAY || + (res = mp_mod(&x, m, &x)) != MP_OKAY) + goto X; + if((res = mp_init(&mu)) != MP_OKAY) + goto MU; + + mp_set(&s, 1); + + /* mu = b^2k / m */ + s_mp_add_d(&mu, 1); + s_mp_lshd(&mu, 2 * USED(m)); + if((res = mp_div(&mu, m, &mu, NULL)) != MP_OKAY) + goto CLEANUP; + + /* Loop over digits of b in ascending order, except highest order */ + for(dig = 0; dig < (USED(b) - 1); dig++) { + d = DIGIT(b, dig); + + /* Loop over the bits of the lower-order digits */ + for(bit = 0; bit < DIGIT_BIT; bit++) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY) + goto CLEANUP; + if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY) + goto CLEANUP; + } + + d >>= 1; + + if((res = s_mp_sqr(&x)) != MP_OKAY) + goto CLEANUP; + if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY) + goto CLEANUP; + } + } + + /* Now do the last digit... */ + d = DIGIT(b, dig); + + while(d) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY) + goto CLEANUP; + if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY) + goto CLEANUP; + } + + d >>= 1; + + if((res = s_mp_sqr(&x)) != MP_OKAY) + goto CLEANUP; + if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY) + goto CLEANUP; + } + + s_mp_exch(&s, c); + + CLEANUP: + mp_clear(&mu); + MU: + mp_clear(&x); + X: + mp_clear(&s); + + return res; + +} /* end s_mp_exptmod() */ + +/* }}} */ + +/* {{{ mp_exptmod_d(a, d, m, c) */ + +mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c) +{ + mp_int s, x; + mp_err res; + + ARGCHK(a != NULL && c != NULL, MP_BADARG); + + if((res = mp_init(&s)) != MP_OKAY) + return res; + if((res = mp_init_copy(&x, a)) != MP_OKAY) + goto X; + + mp_set(&s, 1); + + while(d != 0) { + if(d & 1) { + if((res = s_mp_mul(&s, &x)) != MP_OKAY || + (res = mp_mod(&s, m, &s)) != MP_OKAY) + goto CLEANUP; + } + + d /= 2; + + if((res = s_mp_sqr(&x)) != MP_OKAY || + (res = mp_mod(&x, m, &x)) != MP_OKAY) + goto CLEANUP; + } + + s_mp_exch(&s, c); + +CLEANUP: + mp_clear(&x); +X: + mp_clear(&s); + + return res; + +} /* end mp_exptmod_d() */ + +/* }}} */ +#endif /* if MP_MODARITH */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ Comparison functions */ + +/* {{{ mp_cmp_z(a) */ + +/* + mp_cmp_z(a) + + Compare a <=> 0. Returns <0 if a<0, 0 if a=0, >0 if a>0. + */ + +int mp_cmp_z(const mp_int *a) +{ + if(SIGN(a) == NEG) + return MP_LT; + else if(USED(a) == 1 && DIGIT(a, 0) == 0) + return MP_EQ; + else + return MP_GT; + +} /* end mp_cmp_z() */ + +/* }}} */ + +/* {{{ mp_cmp_d(a, d) */ + +/* + mp_cmp_d(a, d) + + Compare a <=> d. Returns <0 if a<d, 0 if a=d, >0 if a>d + */ + +int mp_cmp_d(const mp_int *a, mp_digit d) +{ + ARGCHK(a != NULL, MP_EQ); + + if(SIGN(a) == NEG) + return MP_LT; + + return s_mp_cmp_d(a, d); + +} /* end mp_cmp_d() */ + +/* }}} */ + +/* {{{ mp_cmp(a, b) */ + +int mp_cmp(const mp_int *a, const mp_int *b) +{ + ARGCHK(a != NULL && b != NULL, MP_EQ); + + if(SIGN(a) == SIGN(b)) { + int mag; + + if((mag = s_mp_cmp(a, b)) == MP_EQ) + return MP_EQ; + + if(SIGN(a) == ZPOS) + return mag; + else + return -mag; + + } else if(SIGN(a) == ZPOS) { + return MP_GT; + } else { + return MP_LT; + } + +} /* end mp_cmp() */ + +/* }}} */ + +/* {{{ mp_cmp_mag(a, b) */ + +/* + mp_cmp_mag(a, b) + + Compares |a| <=> |b|, and returns an appropriate comparison result + */ + +int mp_cmp_mag(mp_int *a, mp_int *b) +{ + ARGCHK(a != NULL && b != NULL, MP_EQ); + + return s_mp_cmp(a, b); + +} /* end mp_cmp_mag() */ + +/* }}} */ + +/* {{{ mp_cmp_int(a, z) */ + +/* + This just converts z to an mp_int, and uses the existing comparison + routines. This is sort of inefficient, but it's not clear to me how + frequently this wil get used anyway. For small positive constants, + you can always use mp_cmp_d(), and for zero, there is mp_cmp_z(). + */ +int mp_cmp_int(const mp_int *a, long z) +{ + mp_int tmp; + int out; + + ARGCHK(a != NULL, MP_EQ); + + mp_init(&tmp); mp_set_int(&tmp, z); + out = mp_cmp(a, &tmp); + mp_clear(&tmp); + + return out; + +} /* end mp_cmp_int() */ + +/* }}} */ + +/* {{{ mp_isodd(a) */ + +/* + mp_isodd(a) + + Returns a true (non-zero) value if a is odd, false (zero) otherwise. + */ +int mp_isodd(const mp_int *a) +{ + ARGCHK(a != NULL, 0); + + return (int)(DIGIT(a, 0) & 1); + +} /* end mp_isodd() */ + +/* }}} */ + +/* {{{ mp_iseven(a) */ + +int mp_iseven(const mp_int *a) +{ + return !mp_isodd(a); + +} /* end mp_iseven() */ + +/* }}} */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ Number theoretic functions */ + +#if MP_NUMTH +/* {{{ mp_gcd(a, b, c) */ + +/* + Like the old mp_gcd() function, except computes the GCD using the + binary algorithm due to Josef Stein in 1961 (via Knuth). + */ +mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c) +{ + mp_err res; + mp_int u, v, t; + mp_size k = 0; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(mp_cmp_z(a) == MP_EQ && mp_cmp_z(b) == MP_EQ) + return MP_RANGE; + if(mp_cmp_z(a) == MP_EQ) { + return mp_copy(b, c); + } else if(mp_cmp_z(b) == MP_EQ) { + return mp_copy(a, c); + } + + if((res = mp_init(&t)) != MP_OKAY) + return res; + if((res = mp_init_copy(&u, a)) != MP_OKAY) + goto U; + if((res = mp_init_copy(&v, b)) != MP_OKAY) + goto V; + + SIGN(&u) = ZPOS; + SIGN(&v) = ZPOS; + + /* Divide out common factors of 2 until at least 1 of a, b is even */ + while(mp_iseven(&u) && mp_iseven(&v)) { + s_mp_div_2(&u); + s_mp_div_2(&v); + ++k; + } + + /* Initialize t */ + if(mp_isodd(&u)) { + if((res = mp_copy(&v, &t)) != MP_OKAY) + goto CLEANUP; + + /* t = -v */ + if(SIGN(&v) == ZPOS) + SIGN(&t) = NEG; + else + SIGN(&t) = ZPOS; + + } else { + if((res = mp_copy(&u, &t)) != MP_OKAY) + goto CLEANUP; + + } + + for(;;) { + while(mp_iseven(&t)) { + s_mp_div_2(&t); + } + + if(mp_cmp_z(&t) == MP_GT) { + if((res = mp_copy(&t, &u)) != MP_OKAY) + goto CLEANUP; + + } else { + if((res = mp_copy(&t, &v)) != MP_OKAY) + goto CLEANUP; + + /* v = -t */ + if(SIGN(&t) == ZPOS) + SIGN(&v) = NEG; + else + SIGN(&v) = ZPOS; + } + + if((res = mp_sub(&u, &v, &t)) != MP_OKAY) + goto CLEANUP; + + if(s_mp_cmp_d(&t, 0) == MP_EQ) + break; + } + + s_mp_2expt(&v, k); /* v = 2^k */ + res = mp_mul(&u, &v, c); /* c = u * v */ + + CLEANUP: + mp_clear(&v); + V: + mp_clear(&u); + U: + mp_clear(&t); + + return res; + +} /* end mp_gcd() */ + +/* }}} */ + +/* {{{ mp_lcm(a, b, c) */ + +/* We compute the least common multiple using the rule: + + ab = [a, b](a, b) + + ... by computing the product, and dividing out the gcd. + */ + +mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int gcd, prod; + mp_err res; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + /* Set up temporaries */ + if((res = mp_init(&gcd)) != MP_OKAY) + return res; + if((res = mp_init(&prod)) != MP_OKAY) + goto GCD; + + if((res = mp_mul(a, b, &prod)) != MP_OKAY) + goto CLEANUP; + if((res = mp_gcd(a, b, &gcd)) != MP_OKAY) + goto CLEANUP; + + res = mp_div(&prod, &gcd, c, NULL); + + CLEANUP: + mp_clear(&prod); + GCD: + mp_clear(&gcd); + + return res; + +} /* end mp_lcm() */ + +/* }}} */ + +/* {{{ mp_xgcd(a, b, g, x, y) */ + +/* + mp_xgcd(a, b, g, x, y) + + Compute g = (a, b) and values x and y satisfying Bezout's identity + (that is, ax + by = g). This uses the binary extended GCD algorithm + based on the Stein algorithm used for mp_gcd() + See algorithm 14.61 in Handbook of Applied Cryptogrpahy. + */ + +mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y) +{ + mp_int gx, xc, yc, u, v, A, B, C, D; + mp_int *clean[9]; + mp_err res; + int last = -1; + + if(mp_cmp_z(b) == 0) + return MP_RANGE; + + /* Initialize all these variables we need */ + MP_CHECKOK( mp_init(&u) ); + clean[++last] = &u; + MP_CHECKOK( mp_init(&v) ); + clean[++last] = &v; + MP_CHECKOK( mp_init(&gx) ); + clean[++last] = &gx; + MP_CHECKOK( mp_init(&A) ); + clean[++last] = &A; + MP_CHECKOK( mp_init(&B) ); + clean[++last] = &B; + MP_CHECKOK( mp_init(&C) ); + clean[++last] = &C; + MP_CHECKOK( mp_init(&D) ); + clean[++last] = &D; + MP_CHECKOK( mp_init_copy(&xc, a) ); + clean[++last] = &xc; + mp_abs(&xc, &xc); + MP_CHECKOK( mp_init_copy(&yc, b) ); + clean[++last] = &yc; + mp_abs(&yc, &yc); + + mp_set(&gx, 1); + + /* Divide by two until at least one of them is odd */ + while(mp_iseven(&xc) && mp_iseven(&yc)) { + mp_size nx = mp_trailing_zeros(&xc); + mp_size ny = mp_trailing_zeros(&yc); + mp_size n = MP_MIN(nx, ny); + s_mp_div_2d(&xc,n); + s_mp_div_2d(&yc,n); + MP_CHECKOK( s_mp_mul_2d(&gx,n) ); + } + + mp_copy(&xc, &u); + mp_copy(&yc, &v); + mp_set(&A, 1); mp_set(&D, 1); + + /* Loop through binary GCD algorithm */ + do { + while(mp_iseven(&u)) { + s_mp_div_2(&u); + + if(mp_iseven(&A) && mp_iseven(&B)) { + s_mp_div_2(&A); s_mp_div_2(&B); + } else { + MP_CHECKOK( mp_add(&A, &yc, &A) ); + s_mp_div_2(&A); + MP_CHECKOK( mp_sub(&B, &xc, &B) ); + s_mp_div_2(&B); + } + } + + while(mp_iseven(&v)) { + s_mp_div_2(&v); + + if(mp_iseven(&C) && mp_iseven(&D)) { + s_mp_div_2(&C); s_mp_div_2(&D); + } else { + MP_CHECKOK( mp_add(&C, &yc, &C) ); + s_mp_div_2(&C); + MP_CHECKOK( mp_sub(&D, &xc, &D) ); + s_mp_div_2(&D); + } + } + + if(mp_cmp(&u, &v) >= 0) { + MP_CHECKOK( mp_sub(&u, &v, &u) ); + MP_CHECKOK( mp_sub(&A, &C, &A) ); + MP_CHECKOK( mp_sub(&B, &D, &B) ); + } else { + MP_CHECKOK( mp_sub(&v, &u, &v) ); + MP_CHECKOK( mp_sub(&C, &A, &C) ); + MP_CHECKOK( mp_sub(&D, &B, &D) ); + } + } while (mp_cmp_z(&u) != 0); + + /* copy results to output */ + if(x) + MP_CHECKOK( mp_copy(&C, x) ); + + if(y) + MP_CHECKOK( mp_copy(&D, y) ); + + if(g) + MP_CHECKOK( mp_mul(&gx, &v, g) ); + + CLEANUP: + while(last >= 0) + mp_clear(clean[last--]); + + return res; + +} /* end mp_xgcd() */ + +/* }}} */ + +mp_size mp_trailing_zeros(const mp_int *mp) +{ + mp_digit d; + mp_size n = 0; + int ix; + + if (!mp || !MP_DIGITS(mp) || !mp_cmp_z(mp)) + return n; + + for (ix = 0; !(d = MP_DIGIT(mp,ix)) && (ix < MP_USED(mp)); ++ix) + n += MP_DIGIT_BIT; + if (!d) + return 0; /* shouldn't happen, but ... */ +#if !defined(MP_USE_UINT_DIGIT) + if (!(d & 0xffffffffU)) { + d >>= 32; + n += 32; + } +#endif + if (!(d & 0xffffU)) { + d >>= 16; + n += 16; + } + if (!(d & 0xffU)) { + d >>= 8; + n += 8; + } + if (!(d & 0xfU)) { + d >>= 4; + n += 4; + } + if (!(d & 0x3U)) { + d >>= 2; + n += 2; + } + if (!(d & 0x1U)) { + d >>= 1; + n += 1; + } +#if MP_ARGCHK == 2 + assert(0 != (d & 1)); +#endif + return n; +} + +/* Given a and prime p, computes c and k such that a*c == 2**k (mod p). +** Returns k (positive) or error (negative). +** This technique from the paper "Fast Modular Reciprocals" (unpublished) +** by Richard Schroeppel (a.k.a. Captain Nemo). +*/ +mp_err s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c) +{ + mp_err res; + mp_err k = 0; + mp_int d, f, g; + + ARGCHK(a && p && c, MP_BADARG); + + MP_DIGITS(&d) = 0; + MP_DIGITS(&f) = 0; + MP_DIGITS(&g) = 0; + MP_CHECKOK( mp_init(&d) ); + MP_CHECKOK( mp_init_copy(&f, a) ); /* f = a */ + MP_CHECKOK( mp_init_copy(&g, p) ); /* g = p */ + + mp_set(c, 1); + mp_zero(&d); + + if (mp_cmp_z(&f) == 0) { + res = MP_UNDEF; + } else + for (;;) { + int diff_sign; + while (mp_iseven(&f)) { + mp_size n = mp_trailing_zeros(&f); + if (!n) { + res = MP_UNDEF; + goto CLEANUP; + } + s_mp_div_2d(&f, n); + MP_CHECKOK( s_mp_mul_2d(&d, n) ); + k += n; + } + if (mp_cmp_d(&f, 1) == MP_EQ) { /* f == 1 */ + res = k; + break; + } + diff_sign = mp_cmp(&f, &g); + if (diff_sign < 0) { /* f < g */ + s_mp_exch(&f, &g); + s_mp_exch(c, &d); + } else if (diff_sign == 0) { /* f == g */ + res = MP_UNDEF; /* a and p are not relatively prime */ + break; + } + if ((MP_DIGIT(&f,0) % 4) == (MP_DIGIT(&g,0) % 4)) { + MP_CHECKOK( mp_sub(&f, &g, &f) ); /* f = f - g */ + MP_CHECKOK( mp_sub(c, &d, c) ); /* c = c - d */ + } else { + MP_CHECKOK( mp_add(&f, &g, &f) ); /* f = f + g */ + MP_CHECKOK( mp_add(c, &d, c) ); /* c = c + d */ + } + } + if (res >= 0) { + while (MP_SIGN(c) != MP_ZPOS) { + MP_CHECKOK( mp_add(c, p, c) ); + } + res = k; + } + +CLEANUP: + mp_clear(&d); + mp_clear(&f); + mp_clear(&g); + return res; +} + +/* Compute T = (P ** -1) mod MP_RADIX. Also works for 16-bit mp_digits. +** This technique from the paper "Fast Modular Reciprocals" (unpublished) +** by Richard Schroeppel (a.k.a. Captain Nemo). +*/ +mp_digit s_mp_invmod_radix(mp_digit P) +{ + mp_digit T = P; + T *= 2 - (P * T); + T *= 2 - (P * T); + T *= 2 - (P * T); + T *= 2 - (P * T); +#if !defined(MP_USE_UINT_DIGIT) + T *= 2 - (P * T); + T *= 2 - (P * T); +#endif + return T; +} + +/* Given c, k, and prime p, where a*c == 2**k (mod p), +** Compute x = (a ** -1) mod p. This is similar to Montgomery reduction. +** This technique from the paper "Fast Modular Reciprocals" (unpublished) +** by Richard Schroeppel (a.k.a. Captain Nemo). +*/ +mp_err s_mp_fixup_reciprocal(const mp_int *c, const mp_int *p, int k, mp_int *x) +{ + int k_orig = k; + mp_digit r; + mp_size ix; + mp_err res; + + if (mp_cmp_z(c) < 0) { /* c < 0 */ + MP_CHECKOK( mp_add(c, p, x) ); /* x = c + p */ + } else { + MP_CHECKOK( mp_copy(c, x) ); /* x = c */ + } + + /* make sure x is large enough */ + ix = MP_HOWMANY(k, MP_DIGIT_BIT) + MP_USED(p) + 1; + ix = MP_MAX(ix, MP_USED(x)); + MP_CHECKOK( s_mp_pad(x, ix) ); + + r = 0 - s_mp_invmod_radix(MP_DIGIT(p,0)); + + for (ix = 0; k > 0; ix++) { + int j = MP_MIN(k, MP_DIGIT_BIT); + mp_digit v = r * MP_DIGIT(x, ix); + if (j < MP_DIGIT_BIT) { + v &= ((mp_digit)1 << j) - 1; /* v = v mod (2 ** j) */ + } + s_mp_mul_d_add_offset(p, v, x, ix); /* x += p * v * (RADIX ** ix) */ + k -= j; + } + s_mp_clamp(x); + s_mp_div_2d(x, k_orig); + res = MP_OKAY; + +CLEANUP: + return res; +} + +/* compute mod inverse using Schroeppel's method, only if m is odd */ +mp_err s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c) +{ + int k; + mp_err res; + mp_int x; + + ARGCHK(a && m && c, MP_BADARG); + + if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0) + return MP_RANGE; + if (mp_iseven(m)) + return MP_UNDEF; + + MP_DIGITS(&x) = 0; + + if (a == c) { + if ((res = mp_init_copy(&x, a)) != MP_OKAY) + return res; + if (a == m) + m = &x; + a = &x; + } else if (m == c) { + if ((res = mp_init_copy(&x, m)) != MP_OKAY) + return res; + m = &x; + } else { + MP_DIGITS(&x) = 0; + } + + MP_CHECKOK( s_mp_almost_inverse(a, m, c) ); + k = res; + MP_CHECKOK( s_mp_fixup_reciprocal(c, m, k, c) ); +CLEANUP: + mp_clear(&x); + return res; +} + +/* Known good algorithm for computing modular inverse. But slow. */ +mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c) +{ + mp_int g, x; + mp_err res; + + ARGCHK(a && m && c, MP_BADARG); + + if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0) + return MP_RANGE; + + MP_DIGITS(&g) = 0; + MP_DIGITS(&x) = 0; + MP_CHECKOK( mp_init(&x) ); + MP_CHECKOK( mp_init(&g) ); + + MP_CHECKOK( mp_xgcd(a, m, &g, &x, NULL) ); + + if (mp_cmp_d(&g, 1) != MP_EQ) { + res = MP_UNDEF; + goto CLEANUP; + } + + res = mp_mod(&x, m, c); + SIGN(c) = SIGN(a); + +CLEANUP: + mp_clear(&x); + mp_clear(&g); + + return res; +} + +/* modular inverse where modulus is 2**k. */ +/* c = a**-1 mod 2**k */ +mp_err s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c) +{ + mp_err res; + mp_size ix = k + 4; + mp_int t0, t1, val, tmp, two2k; + + static const mp_digit d2 = 2; + static const mp_int two = { MP_ZPOS, 1, 1, (mp_digit *)&d2 }; + + if (mp_iseven(a)) + return MP_UNDEF; + if (k <= MP_DIGIT_BIT) { + mp_digit i = s_mp_invmod_radix(MP_DIGIT(a,0)); + if (k < MP_DIGIT_BIT) + i &= ((mp_digit)1 << k) - (mp_digit)1; + mp_set(c, i); + return MP_OKAY; + } + MP_DIGITS(&t0) = 0; + MP_DIGITS(&t1) = 0; + MP_DIGITS(&val) = 0; + MP_DIGITS(&tmp) = 0; + MP_DIGITS(&two2k) = 0; + MP_CHECKOK( mp_init_copy(&val, a) ); + s_mp_mod_2d(&val, k); + MP_CHECKOK( mp_init_copy(&t0, &val) ); + MP_CHECKOK( mp_init_copy(&t1, &t0) ); + MP_CHECKOK( mp_init(&tmp) ); + MP_CHECKOK( mp_init(&two2k) ); + MP_CHECKOK( s_mp_2expt(&two2k, k) ); + do { + MP_CHECKOK( mp_mul(&val, &t1, &tmp) ); + MP_CHECKOK( mp_sub(&two, &tmp, &tmp) ); + MP_CHECKOK( mp_mul(&t1, &tmp, &t1) ); + s_mp_mod_2d(&t1, k); + while (MP_SIGN(&t1) != MP_ZPOS) { + MP_CHECKOK( mp_add(&t1, &two2k, &t1) ); + } + if (mp_cmp(&t1, &t0) == MP_EQ) + break; + MP_CHECKOK( mp_copy(&t1, &t0) ); + } while (--ix > 0); + if (!ix) { + res = MP_UNDEF; + } else { + mp_exch(c, &t1); + } + +CLEANUP: + mp_clear(&t0); + mp_clear(&t1); + mp_clear(&val); + mp_clear(&tmp); + mp_clear(&two2k); + return res; +} + +mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c) +{ + mp_err res; + mp_size k; + mp_int oddFactor, evenFactor; /* factors of the modulus */ + mp_int oddPart, evenPart; /* parts to combine via CRT. */ + mp_int C2, tmp1, tmp2; + + /*static const mp_digit d1 = 1; */ + /*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */ + + if ((res = s_mp_ispow2(m)) >= 0) { + k = res; + return s_mp_invmod_2d(a, k, c); + } + MP_DIGITS(&oddFactor) = 0; + MP_DIGITS(&evenFactor) = 0; + MP_DIGITS(&oddPart) = 0; + MP_DIGITS(&evenPart) = 0; + MP_DIGITS(&C2) = 0; + MP_DIGITS(&tmp1) = 0; + MP_DIGITS(&tmp2) = 0; + + MP_CHECKOK( mp_init_copy(&oddFactor, m) ); /* oddFactor = m */ + MP_CHECKOK( mp_init(&evenFactor) ); + MP_CHECKOK( mp_init(&oddPart) ); + MP_CHECKOK( mp_init(&evenPart) ); + MP_CHECKOK( mp_init(&C2) ); + MP_CHECKOK( mp_init(&tmp1) ); + MP_CHECKOK( mp_init(&tmp2) ); + + k = mp_trailing_zeros(m); + s_mp_div_2d(&oddFactor, k); + MP_CHECKOK( s_mp_2expt(&evenFactor, k) ); + + /* compute a**-1 mod oddFactor. */ + MP_CHECKOK( s_mp_invmod_odd_m(a, &oddFactor, &oddPart) ); + /* compute a**-1 mod evenFactor, where evenFactor == 2**k. */ + MP_CHECKOK( s_mp_invmod_2d( a, k, &evenPart) ); + + /* Use Chinese Remainer theorem to compute a**-1 mod m. */ + /* let m1 = oddFactor, v1 = oddPart, + * let m2 = evenFactor, v2 = evenPart. + */ + + /* Compute C2 = m1**-1 mod m2. */ + MP_CHECKOK( s_mp_invmod_2d(&oddFactor, k, &C2) ); + + /* compute u = (v2 - v1)*C2 mod m2 */ + MP_CHECKOK( mp_sub(&evenPart, &oddPart, &tmp1) ); + MP_CHECKOK( mp_mul(&tmp1, &C2, &tmp2) ); + s_mp_mod_2d(&tmp2, k); + while (MP_SIGN(&tmp2) != MP_ZPOS) { + MP_CHECKOK( mp_add(&tmp2, &evenFactor, &tmp2) ); + } + + /* compute answer = v1 + u*m1 */ + MP_CHECKOK( mp_mul(&tmp2, &oddFactor, c) ); + MP_CHECKOK( mp_add(&oddPart, c, c) ); + /* not sure this is necessary, but it's low cost if not. */ + MP_CHECKOK( mp_mod(c, m, c) ); + +CLEANUP: + mp_clear(&oddFactor); + mp_clear(&evenFactor); + mp_clear(&oddPart); + mp_clear(&evenPart); + mp_clear(&C2); + mp_clear(&tmp1); + mp_clear(&tmp2); + return res; +} + + +/* {{{ mp_invmod(a, m, c) */ + +/* + mp_invmod(a, m, c) + + Compute c = a^-1 (mod m), if there is an inverse for a (mod m). + This is equivalent to the question of whether (a, m) = 1. If not, + MP_UNDEF is returned, and there is no inverse. + */ + +mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c) +{ + + ARGCHK(a && m && c, MP_BADARG); + + if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0) + return MP_RANGE; + + if (mp_isodd(m)) { + return s_mp_invmod_odd_m(a, m, c); + } + if (mp_iseven(a)) + return MP_UNDEF; /* not invertable */ + + return s_mp_invmod_even_m(a, m, c); + +} /* end mp_invmod() */ + +/* }}} */ +#endif /* if MP_NUMTH */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ mp_print(mp, ofp) */ + +#if MP_IOFUNC +/* + mp_print(mp, ofp) + + Print a textual representation of the given mp_int on the output + stream 'ofp'. Output is generated using the internal radix. + */ + +void mp_print(mp_int *mp, FILE *ofp) +{ + int ix; + + if(mp == NULL || ofp == NULL) + return; + + fputc((SIGN(mp) == NEG) ? '-' : '+', ofp); + + for(ix = USED(mp) - 1; ix >= 0; ix--) { + fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix)); + } + +} /* end mp_print() */ + +#endif /* if MP_IOFUNC */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* {{{ More I/O Functions */ + +/* {{{ mp_read_raw(mp, str, len) */ + +/* + mp_read_raw(mp, str, len) + + Read in a raw value (base 256) into the given mp_int + */ + +mp_err mp_read_raw(mp_int *mp, char *str, int len) +{ + int ix; + mp_err res; + unsigned char *ustr = (unsigned char *)str; + + ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG); + + mp_zero(mp); + + /* Get sign from first byte */ + if(ustr[0]) + SIGN(mp) = NEG; + else + SIGN(mp) = ZPOS; + + /* Read the rest of the digits */ + for(ix = 1; ix < len; ix++) { + if((res = mp_mul_d(mp, 256, mp)) != MP_OKAY) + return res; + if((res = mp_add_d(mp, ustr[ix], mp)) != MP_OKAY) + return res; + } + + return MP_OKAY; + +} /* end mp_read_raw() */ + +/* }}} */ + +/* {{{ mp_raw_size(mp) */ + +int mp_raw_size(mp_int *mp) +{ + ARGCHK(mp != NULL, 0); + + return (USED(mp) * sizeof(mp_digit)) + 1; + +} /* end mp_raw_size() */ + +/* }}} */ + +/* {{{ mp_toraw(mp, str) */ + +mp_err mp_toraw(mp_int *mp, char *str) +{ + int ix, jx, pos = 1; + + ARGCHK(mp != NULL && str != NULL, MP_BADARG); + + str[0] = (char)SIGN(mp); + + /* Iterate over each digit... */ + for(ix = USED(mp) - 1; ix >= 0; ix--) { + mp_digit d = DIGIT(mp, ix); + + /* Unpack digit bytes, high order first */ + for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) { + str[pos++] = (char)(d >> (jx * CHAR_BIT)); + } + } + + return MP_OKAY; + +} /* end mp_toraw() */ + +/* }}} */ + +/* {{{ mp_read_radix(mp, str, radix) */ + +/* + mp_read_radix(mp, str, radix) + + Read an integer from the given string, and set mp to the resulting + value. The input is presumed to be in base 10. Leading non-digit + characters are ignored, and the function reads until a non-digit + character or the end of the string. + */ + +mp_err mp_read_radix(mp_int *mp, const char *str, int radix) +{ + int ix = 0, val = 0; + mp_err res; + mp_sign sig = ZPOS; + + ARGCHK(mp != NULL && str != NULL && radix >= 2 && radix <= MAX_RADIX, + MP_BADARG); + + mp_zero(mp); + + /* Skip leading non-digit characters until a digit or '-' or '+' */ + while(str[ix] && + (s_mp_tovalue(str[ix], radix) < 0) && + str[ix] != '-' && + str[ix] != '+') { + ++ix; + } + + if(str[ix] == '-') { + sig = NEG; + ++ix; + } else if(str[ix] == '+') { + sig = ZPOS; /* this is the default anyway... */ + ++ix; + } + + while((val = s_mp_tovalue(str[ix], radix)) >= 0) { + if((res = s_mp_mul_d(mp, radix)) != MP_OKAY) + return res; + if((res = s_mp_add_d(mp, val)) != MP_OKAY) + return res; + ++ix; + } + + if(s_mp_cmp_d(mp, 0) == MP_EQ) + SIGN(mp) = ZPOS; + else + SIGN(mp) = sig; + + return MP_OKAY; + +} /* end mp_read_radix() */ + +mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix) +{ + int radix = default_radix; + int cx; + mp_sign sig = ZPOS; + mp_err res; + + /* Skip leading non-digit characters until a digit or '-' or '+' */ + while ((cx = *str) != 0 && + (s_mp_tovalue(cx, radix) < 0) && + cx != '-' && + cx != '+') { + ++str; + } + + if (cx == '-') { + sig = NEG; + ++str; + } else if (cx == '+') { + sig = ZPOS; /* this is the default anyway... */ + ++str; + } + + if (str[0] == '0') { + if ((str[1] | 0x20) == 'x') { + radix = 16; + str += 2; + } else { + radix = 8; + str++; + } + } + res = mp_read_radix(a, str, radix); + if (res == MP_OKAY) { + MP_SIGN(a) = (s_mp_cmp_d(a, 0) == MP_EQ) ? ZPOS : sig; + } + return res; +} + +/* }}} */ + +/* {{{ mp_radix_size(mp, radix) */ + +int mp_radix_size(mp_int *mp, int radix) +{ + int bits; + + if(!mp || radix < 2 || radix > MAX_RADIX) + return 0; + + bits = USED(mp) * DIGIT_BIT - 1; + + return s_mp_outlen(bits, radix); + +} /* end mp_radix_size() */ + +/* }}} */ + +/* {{{ mp_toradix(mp, str, radix) */ + +mp_err mp_toradix(mp_int *mp, char *str, int radix) +{ + int ix, pos = 0; + + ARGCHK(mp != NULL && str != NULL, MP_BADARG); + ARGCHK(radix > 1 && radix <= MAX_RADIX, MP_RANGE); + + if(mp_cmp_z(mp) == MP_EQ) { + str[0] = '0'; + str[1] = '\0'; + } else { + mp_err res; + mp_int tmp; + mp_sign sgn; + mp_digit rem, rdx = (mp_digit)radix; + char ch; + + if((res = mp_init_copy(&tmp, mp)) != MP_OKAY) + return res; + + /* Save sign for later, and take absolute value */ + sgn = SIGN(&tmp); SIGN(&tmp) = ZPOS; + + /* Generate output digits in reverse order */ + while(mp_cmp_z(&tmp) != 0) { + if((res = mp_div_d(&tmp, rdx, &tmp, &rem)) != MP_OKAY) { + mp_clear(&tmp); + return res; + } + + /* Generate digits, use capital letters */ + ch = s_mp_todigit(rem, radix, 0); + + str[pos++] = ch; + } + + /* Add - sign if original value was negative */ + if(sgn == NEG) + str[pos++] = '-'; + + /* Add trailing NUL to end the string */ + str[pos--] = '\0'; + + /* Reverse the digits and sign indicator */ + ix = 0; + while(ix < pos) { + char tmp = str[ix]; + + str[ix] = str[pos]; + str[pos] = tmp; + ++ix; + --pos; + } + + mp_clear(&tmp); + } + + return MP_OKAY; + +} /* end mp_toradix() */ + +/* }}} */ + +/* {{{ mp_tovalue(ch, r) */ + +int mp_tovalue(char ch, int r) +{ + return s_mp_tovalue(ch, r); + +} /* end mp_tovalue() */ + +/* }}} */ + +/* }}} */ + +/* {{{ mp_strerror(ec) */ + +/* + mp_strerror(ec) + + Return a string describing the meaning of error code 'ec'. The + string returned is allocated in static memory, so the caller should + not attempt to modify or free the memory associated with this + string. + */ +const char *mp_strerror(mp_err ec) +{ + int aec = (ec < 0) ? -ec : ec; + + /* Code values are negative, so the senses of these comparisons + are accurate */ + if(ec < MP_LAST_CODE || ec > MP_OKAY) { + return mp_err_string[0]; /* unknown error code */ + } else { + return mp_err_string[aec + 1]; + } + +} /* end mp_strerror() */ + +/* }}} */ + +/*========================================================================*/ +/*------------------------------------------------------------------------*/ +/* Static function definitions (internal use only) */ + +/* {{{ Memory management */ + +/* {{{ s_mp_grow(mp, min) */ + +/* Make sure there are at least 'min' digits allocated to mp */ +mp_err s_mp_grow(mp_int *mp, mp_size min) +{ + if(min > ALLOC(mp)) { + mp_digit *tmp; + + /* Set min to next nearest default precision block size */ + min = MP_ROUNDUP(min, s_mp_defprec); + + if((tmp = s_mp_alloc(min, sizeof(mp_digit))) == NULL) + return MP_MEM; + + s_mp_copy(DIGITS(mp), tmp, USED(mp)); + +#if MP_CRYPTO + s_mp_setz(DIGITS(mp), ALLOC(mp)); +#endif + s_mp_free(DIGITS(mp)); + DIGITS(mp) = tmp; + ALLOC(mp) = min; + } + + return MP_OKAY; + +} /* end s_mp_grow() */ + +/* }}} */ + +/* {{{ s_mp_pad(mp, min) */ + +/* Make sure the used size of mp is at least 'min', growing if needed */ +mp_err s_mp_pad(mp_int *mp, mp_size min) +{ + if(min > USED(mp)) { + mp_err res; + + /* Make sure there is room to increase precision */ + if (min > ALLOC(mp)) { + if ((res = s_mp_grow(mp, min)) != MP_OKAY) + return res; + } else { +/* s_mp_setz(DIGITS(mp) + USED(mp), min - USED(mp)); */ + } + + /* Increase precision; should already be 0-filled */ + USED(mp) = min; + } + + return MP_OKAY; + +} /* end s_mp_pad() */ + +/* }}} */ + +/* {{{ s_mp_setz(dp, count) */ + +#if MP_MACRO == 0 +/* Set 'count' digits pointed to by dp to be zeroes */ +void s_mp_setz(mp_digit *dp, mp_size count) +{ +#if MP_MEMSET == 0 + int ix; + + for(ix = 0; ix < count; ix++) + dp[ix] = 0; +#else + memset(dp, 0, count * sizeof(mp_digit)); +#endif + +} /* end s_mp_setz() */ +#endif + +/* }}} */ + +/* {{{ s_mp_copy(sp, dp, count) */ + +#if MP_MACRO == 0 +/* Copy 'count' digits from sp to dp */ +void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count) +{ +#if MP_MEMCPY == 0 + int ix; + + for(ix = 0; ix < count; ix++) + dp[ix] = sp[ix]; +#else + memcpy(dp, sp, count * sizeof(mp_digit)); +#endif + +} /* end s_mp_copy() */ +#endif + +/* }}} */ + +/* {{{ s_mp_alloc(nb, ni) */ + +#if MP_MACRO == 0 +/* Allocate ni records of nb bytes each, and return a pointer to that */ +void *s_mp_alloc(size_t nb, size_t ni) +{ + ++mp_allocs; + return calloc(nb, ni); + +} /* end s_mp_alloc() */ +#endif + +/* }}} */ + +/* {{{ s_mp_free(ptr) */ + +#if MP_MACRO == 0 +/* Free the memory pointed to by ptr */ +void s_mp_free(void *ptr) +{ + if(ptr) { + ++mp_frees; + free(ptr); + } +} /* end s_mp_free() */ +#endif + +/* }}} */ + +/* {{{ s_mp_clamp(mp) */ + +#if MP_MACRO == 0 +/* Remove leading zeroes from the given value */ +void s_mp_clamp(mp_int *mp) +{ + mp_size used = MP_USED(mp); + while (used > 1 && DIGIT(mp, used - 1) == 0) + --used; + MP_USED(mp) = used; +} /* end s_mp_clamp() */ +#endif + +/* }}} */ + +/* {{{ s_mp_exch(a, b) */ + +/* Exchange the data for a and b; (b, a) = (a, b) */ +void s_mp_exch(mp_int *a, mp_int *b) +{ + mp_int tmp; + + tmp = *a; + *a = *b; + *b = tmp; + +} /* end s_mp_exch() */ + +/* }}} */ + +/* }}} */ + +/* {{{ Arithmetic helpers */ + +/* {{{ s_mp_lshd(mp, p) */ + +/* + Shift mp leftward by p digits, growing if needed, and zero-filling + the in-shifted digits at the right end. This is a convenient + alternative to multiplication by powers of the radix + The value of USED(mp) must already have been set to the value for + the shifted result. + */ + +mp_err s_mp_lshd(mp_int *mp, mp_size p) +{ + mp_err res; + mp_size pos; + int ix; + + if(p == 0) + return MP_OKAY; + + if (MP_USED(mp) == 1 && MP_DIGIT(mp, 0) == 0) + return MP_OKAY; + + if((res = s_mp_pad(mp, USED(mp) + p)) != MP_OKAY) + return res; + + pos = USED(mp) - 1; + + /* Shift all the significant figures over as needed */ + for(ix = pos - p; ix >= 0; ix--) + DIGIT(mp, ix + p) = DIGIT(mp, ix); + + /* Fill the bottom digits with zeroes */ + for(ix = 0; ix < p; ix++) + DIGIT(mp, ix) = 0; + + return MP_OKAY; + +} /* end s_mp_lshd() */ + +/* }}} */ + +/* {{{ s_mp_mul_2d(mp, d) */ + +/* + Multiply the integer by 2^d, where d is a number of bits. This + amounts to a bitwise shift of the value. + */ +mp_err s_mp_mul_2d(mp_int *mp, mp_digit d) +{ + mp_err res; + mp_digit dshift, bshift; + mp_digit mask; + + ARGCHK(mp != NULL, MP_BADARG); + + dshift = d / MP_DIGIT_BIT; + bshift = d % MP_DIGIT_BIT; + /* bits to be shifted out of the top word */ + mask = ((mp_digit)~0 << (MP_DIGIT_BIT - bshift)); + mask &= MP_DIGIT(mp, MP_USED(mp) - 1); + + if (MP_OKAY != (res = s_mp_pad(mp, MP_USED(mp) + dshift + (mask != 0) ))) + return res; + + if (dshift && MP_OKAY != (res = s_mp_lshd(mp, dshift))) + return res; + + if (bshift) { + mp_digit *pa = MP_DIGITS(mp); + mp_digit *alim = pa + MP_USED(mp); + mp_digit prev = 0; + + for (pa += dshift; pa < alim; ) { + mp_digit x = *pa; + *pa++ = (x << bshift) | prev; + prev = x >> (DIGIT_BIT - bshift); + } + } + + s_mp_clamp(mp); + return MP_OKAY; +} /* end s_mp_mul_2d() */ + +/* {{{ s_mp_rshd(mp, p) */ + +/* + Shift mp rightward by p digits. Maintains the invariant that + digits above the precision are all zero. Digits shifted off the + end are lost. Cannot fail. + */ + +void s_mp_rshd(mp_int *mp, mp_size p) +{ + mp_size ix; + mp_digit *src, *dst; + + if(p == 0) + return; + + /* Shortcut when all digits are to be shifted off */ + if(p >= USED(mp)) { + s_mp_setz(DIGITS(mp), ALLOC(mp)); + USED(mp) = 1; + SIGN(mp) = ZPOS; + return; + } + + /* Shift all the significant figures over as needed */ + dst = MP_DIGITS(mp); + src = dst + p; + for (ix = USED(mp) - p; ix > 0; ix--) + *dst++ = *src++; + + MP_USED(mp) -= p; + /* Fill the top digits with zeroes */ + while (p-- > 0) + *dst++ = 0; + +#if 0 + /* Strip off any leading zeroes */ + s_mp_clamp(mp); +#endif + +} /* end s_mp_rshd() */ + +/* }}} */ + +/* {{{ s_mp_div_2(mp) */ + +/* Divide by two -- take advantage of radix properties to do it fast */ +void s_mp_div_2(mp_int *mp) +{ + s_mp_div_2d(mp, 1); + +} /* end s_mp_div_2() */ + +/* }}} */ + +/* {{{ s_mp_mul_2(mp) */ + +mp_err s_mp_mul_2(mp_int *mp) +{ + mp_digit *pd; + int ix, used; + mp_digit kin = 0; + + /* Shift digits leftward by 1 bit */ + used = MP_USED(mp); + pd = MP_DIGITS(mp); + for (ix = 0; ix < used; ix++) { + mp_digit d = *pd; + *pd++ = (d << 1) | kin; + kin = (d >> (DIGIT_BIT - 1)); + } + + /* Deal with rollover from last digit */ + if (kin) { + if (ix >= ALLOC(mp)) { + mp_err res; + if((res = s_mp_grow(mp, ALLOC(mp) + 1)) != MP_OKAY) + return res; + } + + DIGIT(mp, ix) = kin; + USED(mp) += 1; + } + + return MP_OKAY; + +} /* end s_mp_mul_2() */ + +/* }}} */ + +/* {{{ s_mp_mod_2d(mp, d) */ + +/* + Remainder the integer by 2^d, where d is a number of bits. This + amounts to a bitwise AND of the value, and does not require the full + division code + */ +void s_mp_mod_2d(mp_int *mp, mp_digit d) +{ + mp_size ndig = (d / DIGIT_BIT), nbit = (d % DIGIT_BIT); + mp_size ix; + mp_digit dmask; + + if(ndig >= USED(mp)) + return; + + /* Flush all the bits above 2^d in its digit */ + dmask = ((mp_digit)1 << nbit) - 1; + DIGIT(mp, ndig) &= dmask; + + /* Flush all digits above the one with 2^d in it */ + for(ix = ndig + 1; ix < USED(mp); ix++) + DIGIT(mp, ix) = 0; + + s_mp_clamp(mp); + +} /* end s_mp_mod_2d() */ + +/* }}} */ + +/* {{{ s_mp_div_2d(mp, d) */ + +/* + Divide the integer by 2^d, where d is a number of bits. This + amounts to a bitwise shift of the value, and does not require the + full division code (used in Barrett reduction, see below) + */ +void s_mp_div_2d(mp_int *mp, mp_digit d) +{ + int ix; + mp_digit save, next, mask; + + s_mp_rshd(mp, d / DIGIT_BIT); + d %= DIGIT_BIT; + if (d) { + mask = ((mp_digit)1 << d) - 1; + save = 0; + for(ix = USED(mp) - 1; ix >= 0; ix--) { + next = DIGIT(mp, ix) & mask; + DIGIT(mp, ix) = (DIGIT(mp, ix) >> d) | (save << (DIGIT_BIT - d)); + save = next; + } + } + s_mp_clamp(mp); + +} /* end s_mp_div_2d() */ + +/* }}} */ + +/* {{{ s_mp_norm(a, b, *d) */ + +/* + s_mp_norm(a, b, *d) + + Normalize a and b for division, where b is the divisor. In order + that we might make good guesses for quotient digits, we want the + leading digit of b to be at least half the radix, which we + accomplish by multiplying a and b by a power of 2. The exponent + (shift count) is placed in *pd, so that the remainder can be shifted + back at the end of the division process. + */ + +mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd) +{ + mp_digit d; + mp_digit mask; + mp_digit b_msd; + mp_err res = MP_OKAY; + + d = 0; + mask = DIGIT_MAX & ~(DIGIT_MAX >> 1); /* mask is msb of digit */ + b_msd = DIGIT(b, USED(b) - 1); + while (!(b_msd & mask)) { + b_msd <<= 1; + ++d; + } + + if (d) { + MP_CHECKOK( s_mp_mul_2d(a, d) ); + MP_CHECKOK( s_mp_mul_2d(b, d) ); + } + + *pd = d; +CLEANUP: + return res; + +} /* end s_mp_norm() */ + +/* }}} */ + +/* }}} */ + +/* {{{ Primitive digit arithmetic */ + +/* {{{ s_mp_add_d(mp, d) */ + +/* Add d to |mp| in place */ +mp_err s_mp_add_d(mp_int *mp, mp_digit d) /* unsigned digit addition */ +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + mp_word w, k = 0; + mp_size ix = 1; + + w = (mp_word)DIGIT(mp, 0) + d; + DIGIT(mp, 0) = ACCUM(w); + k = CARRYOUT(w); + + while(ix < USED(mp) && k) { + w = (mp_word)DIGIT(mp, ix) + k; + DIGIT(mp, ix) = ACCUM(w); + k = CARRYOUT(w); + ++ix; + } + + if(k != 0) { + mp_err res; + + if((res = s_mp_pad(mp, USED(mp) + 1)) != MP_OKAY) + return res; + + DIGIT(mp, ix) = (mp_digit)k; + } + + return MP_OKAY; +#else + mp_digit * pmp = MP_DIGITS(mp); + mp_digit sum, mp_i, carry = 0; + mp_err res = MP_OKAY; + int used = (int)MP_USED(mp); + + mp_i = *pmp; + *pmp++ = sum = d + mp_i; + carry = (sum < d); + while (carry && --used > 0) { + mp_i = *pmp; + *pmp++ = sum = carry + mp_i; + carry = !sum; + } + if (carry && !used) { + /* mp is growing */ + used = MP_USED(mp); + MP_CHECKOK( s_mp_pad(mp, used + 1) ); + MP_DIGIT(mp, used) = carry; + } +CLEANUP: + return res; +#endif +} /* end s_mp_add_d() */ + +/* }}} */ + +/* {{{ s_mp_sub_d(mp, d) */ + +/* Subtract d from |mp| in place, assumes |mp| > d */ +mp_err s_mp_sub_d(mp_int *mp, mp_digit d) /* unsigned digit subtract */ +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + mp_word w, b = 0; + mp_size ix = 1; + + /* Compute initial subtraction */ + w = (RADIX + (mp_word)DIGIT(mp, 0)) - d; + b = CARRYOUT(w) ? 0 : 1; + DIGIT(mp, 0) = ACCUM(w); + + /* Propagate borrows leftward */ + while(b && ix < USED(mp)) { + w = (RADIX + (mp_word)DIGIT(mp, ix)) - b; + b = CARRYOUT(w) ? 0 : 1; + DIGIT(mp, ix) = ACCUM(w); + ++ix; + } + + /* Remove leading zeroes */ + s_mp_clamp(mp); + + /* If we have a borrow out, it's a violation of the input invariant */ + if(b) + return MP_RANGE; + else + return MP_OKAY; +#else + mp_digit *pmp = MP_DIGITS(mp); + mp_digit mp_i, diff, borrow; + mp_size used = MP_USED(mp); + + mp_i = *pmp; + *pmp++ = diff = mp_i - d; + borrow = (diff > mp_i); + while (borrow && --used) { + mp_i = *pmp; + *pmp++ = diff = mp_i - borrow; + borrow = (diff > mp_i); + } + s_mp_clamp(mp); + return (borrow && !used) ? MP_RANGE : MP_OKAY; +#endif +} /* end s_mp_sub_d() */ + +/* }}} */ + +/* {{{ s_mp_mul_d(a, d) */ + +/* Compute a = a * d, single digit multiplication */ +mp_err s_mp_mul_d(mp_int *a, mp_digit d) +{ + mp_err res; + mp_size used; + int pow; + + if (!d) { + mp_zero(a); + return MP_OKAY; + } + if (d == 1) + return MP_OKAY; + if (0 <= (pow = s_mp_ispow2d(d))) { + return s_mp_mul_2d(a, (mp_digit)pow); + } + + used = MP_USED(a); + MP_CHECKOK( s_mp_pad(a, used + 1) ); + + s_mpv_mul_d(MP_DIGITS(a), used, d, MP_DIGITS(a)); + + s_mp_clamp(a); + +CLEANUP: + return res; + +} /* end s_mp_mul_d() */ + +/* }}} */ + +/* {{{ s_mp_div_d(mp, d, r) */ + +/* + s_mp_div_d(mp, d, r) + + Compute the quotient mp = mp / d and remainder r = mp mod d, for a + single digit d. If r is null, the remainder will be discarded. + */ + +mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD) + mp_word w = 0, q; +#else + mp_digit w, q; +#endif + int ix; + mp_err res; + mp_int quot; + mp_int rem; + + if(d == 0) + return MP_RANGE; + if (d == 1) { + if (r) + *r = 0; + return MP_OKAY; + } + /* could check for power of 2 here, but mp_div_d does that. */ + if (MP_USED(mp) == 1) { + mp_digit n = MP_DIGIT(mp,0); + mp_digit rem; + + q = n / d; + rem = n % d; + MP_DIGIT(mp,0) = q; + if (r) + *r = rem; + return MP_OKAY; + } + + MP_DIGITS(&rem) = 0; + MP_DIGITS(") = 0; + /* Make room for the quotient */ + MP_CHECKOK( mp_init_size(", USED(mp)) ); + +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD) + for(ix = USED(mp) - 1; ix >= 0; ix--) { + w = (w << DIGIT_BIT) | DIGIT(mp, ix); + + if(w >= d) { + q = w / d; + w = w % d; + } else { + q = 0; + } + + s_mp_lshd(", 1); + DIGIT(", 0) = (mp_digit)q; + } +#else + { + mp_digit p; +#if !defined(MP_ASSEMBLY_DIV_2DX1D) + mp_digit norm; +#endif + + MP_CHECKOK( mp_init_copy(&rem, mp) ); + +#if !defined(MP_ASSEMBLY_DIV_2DX1D) + MP_DIGIT(", 0) = d; + MP_CHECKOK( s_mp_norm(&rem, ", &norm) ); + if (norm) + d <<= norm; + MP_DIGIT(", 0) = 0; +#endif + + p = 0; + for (ix = USED(&rem) - 1; ix >= 0; ix--) { + w = DIGIT(&rem, ix); + + if (p) { + MP_CHECKOK( s_mpv_div_2dx1d(p, w, d, &q, &w) ); + } else if (w >= d) { + q = w / d; + w = w % d; + } else { + q = 0; + } + + MP_CHECKOK( s_mp_lshd(", 1) ); + DIGIT(", 0) = q; + p = w; + } +#if !defined(MP_ASSEMBLY_DIV_2DX1D) + if (norm) + w >>= norm; +#endif + } +#endif + + /* Deliver the remainder, if desired */ + if(r) + *r = (mp_digit)w; + + s_mp_clamp("); + mp_exch(", mp); +CLEANUP: + mp_clear("); + mp_clear(&rem); + + return res; +} /* end s_mp_div_d() */ + +/* }}} */ + + +/* }}} */ + +/* {{{ Primitive full arithmetic */ + +/* {{{ s_mp_add(a, b) */ + +/* Compute a = |a| + |b| */ +mp_err s_mp_add(mp_int *a, const mp_int *b) /* magnitude addition */ +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + mp_word w = 0; +#else + mp_digit d, sum, carry = 0; +#endif + mp_digit *pa, *pb; + mp_size ix; + mp_size used; + mp_err res; + + /* Make sure a has enough precision for the output value */ + if((USED(b) > USED(a)) && (res = s_mp_pad(a, USED(b))) != MP_OKAY) + return res; + + /* + Add up all digits up to the precision of b. If b had initially + the same precision as a, or greater, we took care of it by the + padding step above, so there is no problem. If b had initially + less precision, we'll have to make sure the carry out is duly + propagated upward among the higher-order digits of the sum. + */ + pa = MP_DIGITS(a); + pb = MP_DIGITS(b); + used = MP_USED(b); + for(ix = 0; ix < used; ix++) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + w = w + *pa + *pb++; + *pa++ = ACCUM(w); + w = CARRYOUT(w); +#else + d = *pa; + sum = d + *pb++; + d = (sum < d); /* detect overflow */ + *pa++ = sum += carry; + carry = d + (sum < carry); /* detect overflow */ +#endif + } + + /* If we run out of 'b' digits before we're actually done, make + sure the carries get propagated upward... + */ + used = MP_USED(a); +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + while (w && ix < used) { + w = w + *pa; + *pa++ = ACCUM(w); + w = CARRYOUT(w); + ++ix; + } +#else + while (carry && ix < used) { + sum = carry + *pa; + *pa++ = sum; + carry = !sum; + ++ix; + } +#endif + + /* If there's an overall carry out, increase precision and include + it. We could have done this initially, but why touch the memory + allocator unless we're sure we have to? + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + if (w) { + if((res = s_mp_pad(a, used + 1)) != MP_OKAY) + return res; + + DIGIT(a, ix) = (mp_digit)w; + } +#else + if (carry) { + if((res = s_mp_pad(a, used + 1)) != MP_OKAY) + return res; + + DIGIT(a, used) = carry; + } +#endif + + return MP_OKAY; +} /* end s_mp_add() */ + +/* }}} */ + +/* Compute c = |a| + |b| */ /* magnitude addition */ +mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_digit *pa, *pb, *pc; +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + mp_word w = 0; +#else + mp_digit sum, carry = 0, d; +#endif + mp_size ix; + mp_size used; + mp_err res; + + MP_SIGN(c) = MP_SIGN(a); + if (MP_USED(a) < MP_USED(b)) { + const mp_int *xch = a; + a = b; + b = xch; + } + + /* Make sure a has enough precision for the output value */ + if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a)))) + return res; + + /* + Add up all digits up to the precision of b. If b had initially + the same precision as a, or greater, we took care of it by the + exchange step above, so there is no problem. If b had initially + less precision, we'll have to make sure the carry out is duly + propagated upward among the higher-order digits of the sum. + */ + pa = MP_DIGITS(a); + pb = MP_DIGITS(b); + pc = MP_DIGITS(c); + used = MP_USED(b); + for (ix = 0; ix < used; ix++) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + w = w + *pa++ + *pb++; + *pc++ = ACCUM(w); + w = CARRYOUT(w); +#else + d = *pa++; + sum = d + *pb++; + d = (sum < d); /* detect overflow */ + *pc++ = sum += carry; + carry = d + (sum < carry); /* detect overflow */ +#endif + } + + /* If we run out of 'b' digits before we're actually done, make + sure the carries get propagated upward... + */ + for (used = MP_USED(a); ix < used; ++ix) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + w = w + *pa++; + *pc++ = ACCUM(w); + w = CARRYOUT(w); +#else + *pc++ = sum = carry + *pa++; + carry = (sum < carry); +#endif + } + + /* If there's an overall carry out, increase precision and include + it. We could have done this initially, but why touch the memory + allocator unless we're sure we have to? + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + if (w) { + if((res = s_mp_pad(c, used + 1)) != MP_OKAY) + return res; + + DIGIT(c, used) = (mp_digit)w; + ++used; + } +#else + if (carry) { + if((res = s_mp_pad(c, used + 1)) != MP_OKAY) + return res; + + DIGIT(c, used) = carry; + ++used; + } +#endif + MP_USED(c) = used; + return MP_OKAY; +} +/* {{{ s_mp_add_offset(a, b, offset) */ + +/* Compute a = |a| + ( |b| * (RADIX ** offset) ) */ +mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + mp_word w, k = 0; +#else + mp_digit d, sum, carry = 0; +#endif + mp_size ib; + mp_size ia; + mp_size lim; + mp_err res; + + /* Make sure a has enough precision for the output value */ + lim = MP_USED(b) + offset; + if((lim > USED(a)) && (res = s_mp_pad(a, lim)) != MP_OKAY) + return res; + + /* + Add up all digits up to the precision of b. If b had initially + the same precision as a, or greater, we took care of it by the + padding step above, so there is no problem. If b had initially + less precision, we'll have to make sure the carry out is duly + propagated upward among the higher-order digits of the sum. + */ + lim = USED(b); + for(ib = 0, ia = offset; ib < lim; ib++, ia++) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + w = (mp_word)DIGIT(a, ia) + DIGIT(b, ib) + k; + DIGIT(a, ia) = ACCUM(w); + k = CARRYOUT(w); +#else + d = MP_DIGIT(a, ia); + sum = d + MP_DIGIT(b, ib); + d = (sum < d); + MP_DIGIT(a,ia) = sum += carry; + carry = d + (sum < carry); +#endif + } + + /* If we run out of 'b' digits before we're actually done, make + sure the carries get propagated upward... + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + for (lim = MP_USED(a); k && (ia < lim); ++ia) { + w = (mp_word)DIGIT(a, ia) + k; + DIGIT(a, ia) = ACCUM(w); + k = CARRYOUT(w); + } +#else + for (lim = MP_USED(a); carry && (ia < lim); ++ia) { + d = MP_DIGIT(a, ia); + MP_DIGIT(a,ia) = sum = d + carry; + carry = (sum < d); + } +#endif + + /* If there's an overall carry out, increase precision and include + it. We could have done this initially, but why touch the memory + allocator unless we're sure we have to? + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD) + if(k) { + if((res = s_mp_pad(a, USED(a) + 1)) != MP_OKAY) + return res; + + DIGIT(a, ia) = (mp_digit)k; + } +#else + if (carry) { + if((res = s_mp_pad(a, lim + 1)) != MP_OKAY) + return res; + + DIGIT(a, lim) = carry; + } +#endif + s_mp_clamp(a); + + return MP_OKAY; + +} /* end s_mp_add_offset() */ + +/* }}} */ + +/* {{{ s_mp_sub(a, b) */ + +/* Compute a = |a| - |b|, assumes |a| >= |b| */ +mp_err s_mp_sub(mp_int *a, const mp_int *b) /* magnitude subtract */ +{ + mp_digit *pa, *pb, *limit; +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + mp_sword w = 0; +#else + mp_digit d, diff, borrow = 0; +#endif + + /* + Subtract and propagate borrow. Up to the precision of b, this + accounts for the digits of b; after that, we just make sure the + carries get to the right place. This saves having to pad b out to + the precision of a just to make the loops work right... + */ + pa = MP_DIGITS(a); + pb = MP_DIGITS(b); + limit = pb + MP_USED(b); + while (pb < limit) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + w = w + *pa - *pb++; + *pa++ = ACCUM(w); + w >>= MP_DIGIT_BIT; +#else + d = *pa; + diff = d - *pb++; + d = (diff > d); /* detect borrow */ + if (borrow && --diff == MP_DIGIT_MAX) + ++d; + *pa++ = diff; + borrow = d; +#endif + } + limit = MP_DIGITS(a) + MP_USED(a); +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + while (w && pa < limit) { + w = w + *pa; + *pa++ = ACCUM(w); + w >>= MP_DIGIT_BIT; + } +#else + while (borrow && pa < limit) { + d = *pa; + *pa++ = diff = d - borrow; + borrow = (diff > d); + } +#endif + + /* Clobber any leading zeroes we created */ + s_mp_clamp(a); + + /* + If there was a borrow out, then |b| > |a| in violation + of our input invariant. We've already done the work, + but we'll at least complain about it... + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + return w ? MP_RANGE : MP_OKAY; +#else + return borrow ? MP_RANGE : MP_OKAY; +#endif +} /* end s_mp_sub() */ + +/* }}} */ + +/* Compute c = |a| - |b|, assumes |a| >= |b| */ /* magnitude subtract */ +mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_digit *pa, *pb, *pc; +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + mp_sword w = 0; +#else + mp_digit d, diff, borrow = 0; +#endif + int ix, limit; + mp_err res; + + MP_SIGN(c) = MP_SIGN(a); + + /* Make sure a has enough precision for the output value */ + if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a)))) + return res; + + /* + Subtract and propagate borrow. Up to the precision of b, this + accounts for the digits of b; after that, we just make sure the + carries get to the right place. This saves having to pad b out to + the precision of a just to make the loops work right... + */ + pa = MP_DIGITS(a); + pb = MP_DIGITS(b); + pc = MP_DIGITS(c); + limit = MP_USED(b); + for (ix = 0; ix < limit; ++ix) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + w = w + *pa++ - *pb++; + *pc++ = ACCUM(w); + w >>= MP_DIGIT_BIT; +#else + d = *pa++; + diff = d - *pb++; + d = (diff > d); + if (borrow && --diff == MP_DIGIT_MAX) + ++d; + *pc++ = diff; + borrow = d; +#endif + } + for (limit = MP_USED(a); ix < limit; ++ix) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + w = w + *pa++; + *pc++ = ACCUM(w); + w >>= MP_DIGIT_BIT; +#else + d = *pa++; + *pc++ = diff = d - borrow; + borrow = (diff > d); +#endif + } + + /* Clobber any leading zeroes we created */ + MP_USED(c) = ix; + s_mp_clamp(c); + + /* + If there was a borrow out, then |b| > |a| in violation + of our input invariant. We've already done the work, + but we'll at least complain about it... + */ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD) + return w ? MP_RANGE : MP_OKAY; +#else + return borrow ? MP_RANGE : MP_OKAY; +#endif +} +/* {{{ s_mp_mul(a, b) */ + +/* Compute a = |a| * |b| */ +mp_err s_mp_mul(mp_int *a, const mp_int *b) +{ + return mp_mul(a, b, a); +} /* end s_mp_mul() */ + +/* }}} */ + +#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY) +/* This trick works on Sparc V8 CPUs with the Workshop compilers. */ +#define MP_MUL_DxD(a, b, Phi, Plo) \ + { unsigned long long product = (unsigned long long)a * b; \ + Plo = (mp_digit)product; \ + Phi = (mp_digit)(product >> MP_DIGIT_BIT); } +#elif defined(OSF1) +#define MP_MUL_DxD(a, b, Phi, Plo) \ + { Plo = asm ("mulq %a0, %a1, %v0", a, b);\ + Phi = asm ("umulh %a0, %a1, %v0", a, b); } +#else +#define MP_MUL_DxD(a, b, Phi, Plo) \ + { mp_digit a0b1, a1b0; \ + Plo = (a & MP_HALF_DIGIT_MAX) * (b & MP_HALF_DIGIT_MAX); \ + Phi = (a >> MP_HALF_DIGIT_BIT) * (b >> MP_HALF_DIGIT_BIT); \ + a0b1 = (a & MP_HALF_DIGIT_MAX) * (b >> MP_HALF_DIGIT_BIT); \ + a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \ + a1b0 += a0b1; \ + Phi += a1b0 >> MP_HALF_DIGIT_BIT; \ + if (a1b0 < a0b1) \ + Phi += MP_HALF_RADIX; \ + a1b0 <<= MP_HALF_DIGIT_BIT; \ + Plo += a1b0; \ + if (Plo < a1b0) \ + ++Phi; \ + } +#endif + +#if !defined(MP_ASSEMBLY_MULTIPLY) +/* c = a * b */ +void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + *c = d; +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + *c++ = a0b0; + carry = a1b1; + } + *c = carry; +#endif +} + +/* c += a * b */ +void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, + mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + *c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + *c = d; +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + a0b0 += a_i = *c; + if (a0b0 < a_i) + ++a1b1; + *c++ = a0b0; + carry = a1b1; + } + *c = carry; +#endif +} + +/* Presently, this is only used by the Montgomery arithmetic code. */ +/* c += a * b */ +void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + *c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + + while (d) { + mp_word w = (mp_word)*c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + + a0b0 += a_i = *c; + if (a0b0 < a_i) + ++a1b1; + + *c++ = a0b0; + carry = a1b1; + } + while (carry) { + mp_digit c_i = *c; + carry += c_i; + *c++ = carry; + carry = carry < c_i; + } +#endif +} +#endif + +#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY) +/* This trick works on Sparc V8 CPUs with the Workshop compilers. */ +#define MP_SQR_D(a, Phi, Plo) \ + { unsigned long long square = (unsigned long long)a * a; \ + Plo = (mp_digit)square; \ + Phi = (mp_digit)(square >> MP_DIGIT_BIT); } +#elif defined(OSF1) +#define MP_SQR_D(a, Phi, Plo) \ + { Plo = asm ("mulq %a0, %a0, %v0", a);\ + Phi = asm ("umulh %a0, %a0, %v0", a); } +#else +#define MP_SQR_D(a, Phi, Plo) \ + { mp_digit Pmid; \ + Plo = (a & MP_HALF_DIGIT_MAX) * (a & MP_HALF_DIGIT_MAX); \ + Phi = (a >> MP_HALF_DIGIT_BIT) * (a >> MP_HALF_DIGIT_BIT); \ + Pmid = (a & MP_HALF_DIGIT_MAX) * (a >> MP_HALF_DIGIT_BIT); \ + Phi += Pmid >> (MP_HALF_DIGIT_BIT - 1); \ + Pmid <<= (MP_HALF_DIGIT_BIT + 1); \ + Plo += Pmid; \ + if (Plo < Pmid) \ + ++Phi; \ + } +#endif + +#if !defined(MP_ASSEMBLY_SQUARE) +/* Add the squares of the digits of a to the digits of b. */ +void s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps) +{ +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD) + mp_word w; + mp_digit d; + mp_size ix; + + w = 0; +#define ADD_SQUARE(n) \ + d = pa[n]; \ + w += (d * (mp_word)d) + ps[2*n]; \ + ps[2*n] = ACCUM(w); \ + w = (w >> DIGIT_BIT) + ps[2*n+1]; \ + ps[2*n+1] = ACCUM(w); \ + w = (w >> DIGIT_BIT) + + for (ix = a_len; ix >= 4; ix -= 4) { + ADD_SQUARE(0); + ADD_SQUARE(1); + ADD_SQUARE(2); + ADD_SQUARE(3); + pa += 4; + ps += 8; + } + if (ix) { + ps += 2*ix; + pa += ix; + switch (ix) { + case 3: ADD_SQUARE(-3); /* FALLTHRU */ + case 2: ADD_SQUARE(-2); /* FALLTHRU */ + case 1: ADD_SQUARE(-1); /* FALLTHRU */ + case 0: break; + } + } + while (w) { + w += *ps; + *ps++ = ACCUM(w); + w = (w >> DIGIT_BIT); + } +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *pa++; + mp_digit a0a0, a1a1; + + MP_SQR_D(a_i, a1a1, a0a0); + + /* here a1a1 and a0a0 constitute a_i ** 2 */ + a0a0 += carry; + if (a0a0 < carry) + ++a1a1; + + /* now add to ps */ + a0a0 += a_i = *ps; + if (a0a0 < a_i) + ++a1a1; + *ps++ = a0a0; + a1a1 += a_i = *ps; + carry = (a1a1 < a_i); + *ps++ = a1a1; + } + while (carry) { + mp_digit s_i = *ps; + carry += s_i; + *ps++ = carry; + carry = carry < s_i; + } +#endif +} +#endif + +#if (defined(MP_NO_MP_WORD) || defined(MP_NO_DIV_WORD)) \ +&& !defined(MP_ASSEMBLY_DIV_2DX1D) +/* +** Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized +** so its high bit is 1. This code is from NSPR. +*/ +mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor, + mp_digit *qp, mp_digit *rp) +{ + mp_digit d1, d0, q1, q0; + mp_digit r1, r0, m; + + d1 = divisor >> MP_HALF_DIGIT_BIT; + d0 = divisor & MP_HALF_DIGIT_MAX; + r1 = Nhi % d1; + q1 = Nhi / d1; + m = q1 * d0; + r1 = (r1 << MP_HALF_DIGIT_BIT) | (Nlo >> MP_HALF_DIGIT_BIT); + if (r1 < m) { + q1--, r1 += divisor; + if (r1 >= divisor && r1 < m) { + q1--, r1 += divisor; + } + } + r1 -= m; + r0 = r1 % d1; + q0 = r1 / d1; + m = q0 * d0; + r0 = (r0 << MP_HALF_DIGIT_BIT) | (Nlo & MP_HALF_DIGIT_MAX); + if (r0 < m) { + q0--, r0 += divisor; + if (r0 >= divisor && r0 < m) { + q0--, r0 += divisor; + } + } + if (qp) + *qp = (q1 << MP_HALF_DIGIT_BIT) | q0; + if (rp) + *rp = r0 - m; + return MP_OKAY; +} +#endif + +#if MP_SQUARE +/* {{{ s_mp_sqr(a) */ + +mp_err s_mp_sqr(mp_int *a) +{ + mp_err res; + mp_int tmp; + + if((res = mp_init_size(&tmp, 2 * USED(a))) != MP_OKAY) + return res; + res = mp_sqr(a, &tmp); + if (res == MP_OKAY) { + s_mp_exch(&tmp, a); + } + mp_clear(&tmp); + return res; +} + +/* }}} */ +#endif + +/* {{{ s_mp_div(a, b) */ + +/* + s_mp_div(a, b) + + Compute a = a / b and b = a mod b. Assumes b > a. + */ + +mp_err s_mp_div(mp_int *rem, /* i: dividend, o: remainder */ + mp_int *div, /* i: divisor */ + mp_int *quot) /* i: 0; o: quotient */ +{ + mp_int part, t; +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD) + mp_word q_msd; +#else + mp_digit q_msd; +#endif + mp_err res; + mp_digit d; + mp_digit div_msd; + int ix; + + if(mp_cmp_z(div) == 0) + return MP_RANGE; + + /* Shortcut if divisor is power of two */ + if((ix = s_mp_ispow2(div)) >= 0) { + MP_CHECKOK( mp_copy(rem, quot) ); + s_mp_div_2d(quot, (mp_digit)ix); + s_mp_mod_2d(rem, (mp_digit)ix); + + return MP_OKAY; + } + + DIGITS(&t) = 0; + MP_SIGN(rem) = ZPOS; + MP_SIGN(div) = ZPOS; + + /* A working temporary for division */ + MP_CHECKOK( mp_init_size(&t, MP_ALLOC(rem))); + + /* Normalize to optimize guessing */ + MP_CHECKOK( s_mp_norm(rem, div, &d) ); + + part = *rem; + + /* Perform the division itself...woo! */ + MP_USED(quot) = MP_ALLOC(quot); + + /* Find a partial substring of rem which is at least div */ + /* If we didn't find one, we're finished dividing */ + while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) { + int i; + int unusedRem; + + unusedRem = MP_USED(rem) - MP_USED(div); + MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem; + MP_ALLOC(&part) = MP_ALLOC(rem) - unusedRem; + MP_USED(&part) = MP_USED(div); + if (s_mp_cmp(&part, div) < 0) { + -- unusedRem; +#if MP_ARGCHK == 2 + assert(unusedRem >= 0); +#endif + -- MP_DIGITS(&part); + ++ MP_USED(&part); + ++ MP_ALLOC(&part); + } + + /* Compute a guess for the next quotient digit */ + q_msd = MP_DIGIT(&part, MP_USED(&part) - 1); + div_msd = MP_DIGIT(div, MP_USED(div) - 1); + if (q_msd >= div_msd) { + q_msd = 1; + } else if (MP_USED(&part) > 1) { +#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD) + q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2); + q_msd /= div_msd; + if (q_msd == RADIX) + --q_msd; +#else + mp_digit r; + MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2), + div_msd, &q_msd, &r) ); +#endif + } else { + q_msd = 0; + } +#if MP_ARGCHK == 2 + assert(q_msd > 0); /* This case should never occur any more. */ +#endif + if (q_msd <= 0) + break; + + /* See what that multiplies out to */ + mp_copy(div, &t); + MP_CHECKOK( s_mp_mul_d(&t, (mp_digit)q_msd) ); + + /* + If it's too big, back it off. We should not have to do this + more than once, or, in rare cases, twice. Knuth describes a + method by which this could be reduced to a maximum of once, but + I didn't implement that here. + * When using s_mpv_div_2dx1d, we may have to do this 3 times. + */ + for (i = 4; s_mp_cmp(&t, &part) > 0 && i > 0; --i) { + --q_msd; + s_mp_sub(&t, div); /* t -= div */ + } + if (i < 0) { + res = MP_RANGE; + goto CLEANUP; + } + + /* At this point, q_msd should be the right next digit */ + MP_CHECKOK( s_mp_sub(&part, &t) ); /* part -= t */ + s_mp_clamp(rem); + + /* + Include the digit in the quotient. We allocated enough memory + for any quotient we could ever possibly get, so we should not + have to check for failures here + */ + MP_DIGIT(quot, unusedRem) = (mp_digit)q_msd; + } + + /* Denormalize remainder */ + if (d) { + s_mp_div_2d(rem, d); + } + + s_mp_clamp(quot); + +CLEANUP: + mp_clear(&t); + + return res; + +} /* end s_mp_div() */ + + +/* }}} */ + +/* {{{ s_mp_2expt(a, k) */ + +mp_err s_mp_2expt(mp_int *a, mp_digit k) +{ + mp_err res; + mp_size dig, bit; + + dig = k / DIGIT_BIT; + bit = k % DIGIT_BIT; + + mp_zero(a); + if((res = s_mp_pad(a, dig + 1)) != MP_OKAY) + return res; + + DIGIT(a, dig) |= ((mp_digit)1 << bit); + + return MP_OKAY; + +} /* end s_mp_2expt() */ + +/* }}} */ + +/* {{{ s_mp_reduce(x, m, mu) */ + +/* + Compute Barrett reduction, x (mod m), given a precomputed value for + mu = b^2k / m, where b = RADIX and k = #digits(m). This should be + faster than straight division, when many reductions by the same + value of m are required (such as in modular exponentiation). This + can nearly halve the time required to do modular exponentiation, + as compared to using the full integer divide to reduce. + + This algorithm was derived from the _Handbook of Applied + Cryptography_ by Menezes, Oorschot and VanStone, Ch. 14, + pp. 603-604. + */ + +mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu) +{ + mp_int q; + mp_err res; + + if((res = mp_init_copy(&q, x)) != MP_OKAY) + return res; + + s_mp_rshd(&q, USED(m) - 1); /* q1 = x / b^(k-1) */ + s_mp_mul(&q, mu); /* q2 = q1 * mu */ + s_mp_rshd(&q, USED(m) + 1); /* q3 = q2 / b^(k+1) */ + + /* x = x mod b^(k+1), quick (no division) */ + s_mp_mod_2d(x, DIGIT_BIT * (USED(m) + 1)); + + /* q = q * m mod b^(k+1), quick (no division) */ + s_mp_mul(&q, m); + s_mp_mod_2d(&q, DIGIT_BIT * (USED(m) + 1)); + + /* x = x - q */ + if((res = mp_sub(x, &q, x)) != MP_OKAY) + goto CLEANUP; + + /* If x < 0, add b^(k+1) to it */ + if(mp_cmp_z(x) < 0) { + mp_set(&q, 1); + if((res = s_mp_lshd(&q, USED(m) + 1)) != MP_OKAY) + goto CLEANUP; + if((res = mp_add(x, &q, x)) != MP_OKAY) + goto CLEANUP; + } + + /* Back off if it's too big */ + while(mp_cmp(x, m) >= 0) { + if((res = s_mp_sub(x, m)) != MP_OKAY) + break; + } + + CLEANUP: + mp_clear(&q); + + return res; + +} /* end s_mp_reduce() */ + +/* }}} */ + +/* }}} */ + +/* {{{ Primitive comparisons */ + +/* {{{ s_mp_cmp(a, b) */ + +/* Compare |a| <=> |b|, return 0 if equal, <0 if a<b, >0 if a>b */ +int s_mp_cmp(const mp_int *a, const mp_int *b) +{ + mp_size used_a = MP_USED(a); + { + mp_size used_b = MP_USED(b); + + if (used_a > used_b) + goto IS_GT; + if (used_a < used_b) + goto IS_LT; + } + { + mp_digit *pa, *pb; + mp_digit da = 0, db = 0; + +#define CMP_AB(n) if ((da = pa[n]) != (db = pb[n])) goto done + + pa = MP_DIGITS(a) + used_a; + pb = MP_DIGITS(b) + used_a; + while (used_a >= 4) { + pa -= 4; + pb -= 4; + used_a -= 4; + CMP_AB(3); + CMP_AB(2); + CMP_AB(1); + CMP_AB(0); + } + while (used_a-- > 0 && ((da = *--pa) == (db = *--pb))) + /* do nothing */; +done: + if (da > db) + goto IS_GT; + if (da < db) + goto IS_LT; + } + return MP_EQ; +IS_LT: + return MP_LT; +IS_GT: + return MP_GT; +} /* end s_mp_cmp() */ + +/* }}} */ + +/* {{{ s_mp_cmp_d(a, d) */ + +/* Compare |a| <=> d, return 0 if equal, <0 if a<d, >0 if a>d */ +int s_mp_cmp_d(const mp_int *a, mp_digit d) +{ + if(USED(a) > 1) + return MP_GT; + + if(DIGIT(a, 0) < d) + return MP_LT; + else if(DIGIT(a, 0) > d) + return MP_GT; + else + return MP_EQ; + +} /* end s_mp_cmp_d() */ + +/* }}} */ + +/* {{{ s_mp_ispow2(v) */ + +/* + Returns -1 if the value is not a power of two; otherwise, it returns + k such that v = 2^k, i.e. lg(v). + */ +int s_mp_ispow2(const mp_int *v) +{ + mp_digit d; + int extra = 0, ix; + + ix = MP_USED(v) - 1; + d = MP_DIGIT(v, ix); /* most significant digit of v */ + + extra = s_mp_ispow2d(d); + if (extra < 0 || ix == 0) + return extra; + + while (--ix >= 0) { + if (DIGIT(v, ix) != 0) + return -1; /* not a power of two */ + extra += MP_DIGIT_BIT; + } + + return extra; + +} /* end s_mp_ispow2() */ + +/* }}} */ + +/* {{{ s_mp_ispow2d(d) */ + +int s_mp_ispow2d(mp_digit d) +{ + if ((d != 0) && ((d & (d-1)) == 0)) { /* d is a power of 2 */ + int pow = 0; +#if defined (MP_USE_UINT_DIGIT) + if (d & 0xffff0000U) + pow += 16; + if (d & 0xff00ff00U) + pow += 8; + if (d & 0xf0f0f0f0U) + pow += 4; + if (d & 0xccccccccU) + pow += 2; + if (d & 0xaaaaaaaaU) + pow += 1; +#elif defined(MP_USE_LONG_LONG_DIGIT) + if (d & 0xffffffff00000000ULL) + pow += 32; + if (d & 0xffff0000ffff0000ULL) + pow += 16; + if (d & 0xff00ff00ff00ff00ULL) + pow += 8; + if (d & 0xf0f0f0f0f0f0f0f0ULL) + pow += 4; + if (d & 0xccccccccccccccccULL) + pow += 2; + if (d & 0xaaaaaaaaaaaaaaaaULL) + pow += 1; +#elif defined(MP_USE_LONG_DIGIT) + if (d & 0xffffffff00000000UL) + pow += 32; + if (d & 0xffff0000ffff0000UL) + pow += 16; + if (d & 0xff00ff00ff00ff00UL) + pow += 8; + if (d & 0xf0f0f0f0f0f0f0f0UL) + pow += 4; + if (d & 0xccccccccccccccccUL) + pow += 2; + if (d & 0xaaaaaaaaaaaaaaaaUL) + pow += 1; +#else +#error "unknown type for mp_digit" +#endif + return pow; + } + return -1; + +} /* end s_mp_ispow2d() */ + +/* }}} */ + +/* }}} */ + +/* {{{ Primitive I/O helpers */ + +/* {{{ s_mp_tovalue(ch, r) */ + +/* + Convert the given character to its digit value, in the given radix. + If the given character is not understood in the given radix, -1 is + returned. Otherwise the digit's numeric value is returned. + + The results will be odd if you use a radix < 2 or > 62, you are + expected to know what you're up to. + */ +int s_mp_tovalue(char ch, int r) +{ + int val, xch; + + if(r > 36) + xch = ch; + else + xch = toupper(ch); + + if(isdigit(xch)) + val = xch - '0'; + else if(isupper(xch)) + val = xch - 'A' + 10; + else if(islower(xch)) + val = xch - 'a' + 36; + else if(xch == '+') + val = 62; + else if(xch == '/') + val = 63; + else + return -1; + + if(val < 0 || val >= r) + return -1; + + return val; + +} /* end s_mp_tovalue() */ + +/* }}} */ + +/* {{{ s_mp_todigit(val, r, low) */ + +/* + Convert val to a radix-r digit, if possible. If val is out of range + for r, returns zero. Otherwise, returns an ASCII character denoting + the value in the given radix. + + The results may be odd if you use a radix < 2 or > 64, you are + expected to know what you're doing. + */ + +char s_mp_todigit(mp_digit val, int r, int low) +{ + char ch; + + if(val >= r) + return 0; + + ch = s_dmap_1[val]; + + if(r <= 36 && low) + ch = tolower(ch); + + return ch; + +} /* end s_mp_todigit() */ + +/* }}} */ + +/* {{{ s_mp_outlen(bits, radix) */ + +/* + Return an estimate for how long a string is needed to hold a radix + r representation of a number with 'bits' significant bits, plus an + extra for a zero terminator (assuming C style strings here) + */ +int s_mp_outlen(int bits, int r) +{ + return (int)((double)bits * LOG_V_2(r) + 1.5) + 1; + +} /* end s_mp_outlen() */ + +/* }}} */ + +/* }}} */ + +/* {{{ mp_read_unsigned_octets(mp, str, len) */ +/* mp_read_unsigned_octets(mp, str, len) + Read in a raw value (base 256) into the given mp_int + No sign bit, number is positive. Leading zeros ignored. + */ + +mp_err +mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len) +{ + int count; + mp_err res; + mp_digit d; + + ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG); + + mp_zero(mp); + + count = len % sizeof(mp_digit); + if (count) { + for (d = 0; count-- > 0; --len) { + d = (d << 8) | *str++; + } + MP_DIGIT(mp, 0) = d; + } + + /* Read the rest of the digits */ + for(; len > 0; len -= sizeof(mp_digit)) { + for (d = 0, count = sizeof(mp_digit); count > 0; --count) { + d = (d << 8) | *str++; + } + if (MP_EQ == mp_cmp_z(mp)) { + if (!d) + continue; + } else { + if((res = s_mp_lshd(mp, 1)) != MP_OKAY) + return res; + } + MP_DIGIT(mp, 0) = d; + } + return MP_OKAY; +} /* end mp_read_unsigned_octets() */ +/* }}} */ + +/* {{{ mp_unsigned_octet_size(mp) */ +int +mp_unsigned_octet_size(const mp_int *mp) +{ + int bytes; + int ix; + mp_digit d = 0; + + ARGCHK(mp != NULL, MP_BADARG); + ARGCHK(MP_ZPOS == SIGN(mp), MP_BADARG); + + bytes = (USED(mp) * sizeof(mp_digit)); + + /* subtract leading zeros. */ + /* Iterate over each digit... */ + for(ix = USED(mp) - 1; ix >= 0; ix--) { + d = DIGIT(mp, ix); + if (d) + break; + bytes -= sizeof(d); + } + if (!bytes) + return 1; + + /* Have MSD, check digit bytes, high order first */ + for(ix = sizeof(mp_digit) - 1; ix >= 0; ix--) { + unsigned char x = (unsigned char)(d >> (ix * CHAR_BIT)); + if (x) + break; + --bytes; + } + return bytes; +} /* end mp_unsigned_octet_size() */ +/* }}} */ + +/* {{{ mp_to_unsigned_octets(mp, str) */ +/* output a buffer of big endian octets no longer than specified. */ +mp_err +mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen) +{ + int ix, pos = 0; + int bytes; + + ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG); + + bytes = mp_unsigned_octet_size(mp); + ARGCHK(bytes <= maxlen, MP_BADARG); + + /* Iterate over each digit... */ + for(ix = USED(mp) - 1; ix >= 0; ix--) { + mp_digit d = DIGIT(mp, ix); + int jx; + + /* Unpack digit bytes, high order first */ + for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) { + unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT)); + if (!pos && !x) /* suppress leading zeros */ + continue; + str[pos++] = x; + } + } + return pos; +} /* end mp_to_unsigned_octets() */ +/* }}} */ + +/* {{{ mp_to_signed_octets(mp, str) */ +/* output a buffer of big endian octets no longer than specified. */ +mp_err +mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen) +{ + int ix, pos = 0; + int bytes; + + ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG); + + bytes = mp_unsigned_octet_size(mp); + ARGCHK(bytes <= maxlen, MP_BADARG); + + /* Iterate over each digit... */ + for(ix = USED(mp) - 1; ix >= 0; ix--) { + mp_digit d = DIGIT(mp, ix); + int jx; + + /* Unpack digit bytes, high order first */ + for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) { + unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT)); + if (!pos) { + if (!x) /* suppress leading zeros */ + continue; + if (x & 0x80) { /* add one leading zero to make output positive. */ + ARGCHK(bytes + 1 <= maxlen, MP_BADARG); + if (bytes + 1 > maxlen) + return MP_BADARG; + str[pos++] = 0; + } + } + str[pos++] = x; + } + } + return pos; +} /* end mp_to_signed_octets() */ +/* }}} */ + +/* {{{ mp_to_fixlen_octets(mp, str) */ +/* output a buffer of big endian octets exactly as long as requested. */ +mp_err +mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length) +{ + int ix, pos = 0; + int bytes; + + ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG); + + bytes = mp_unsigned_octet_size(mp); + ARGCHK(bytes <= length, MP_BADARG); + + /* place any needed leading zeros */ + for (;length > bytes; --length) { + *str++ = 0; + } + + /* Iterate over each digit... */ + for(ix = USED(mp) - 1; ix >= 0; ix--) { + mp_digit d = DIGIT(mp, ix); + int jx; + + /* Unpack digit bytes, high order first */ + for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) { + unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT)); + if (!pos && !x) /* suppress leading zeros */ + continue; + str[pos++] = x; + } + } + return MP_OKAY; +} /* end mp_to_fixlen_octets() */ +/* }}} */ + + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h new file mode 100644 index 000000000..c44099bdd --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi.h @@ -0,0 +1,332 @@ +/* + * mpi.h + * + * Arbitrary precision integer arithmetic library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _H_MPI_ +#define _H_MPI_ + +#include "mpi-config.h" + +#if MP_DEBUG +#undef MP_IOFUNC +#define MP_IOFUNC 1 +#endif + +#if MP_IOFUNC +#include <stdio.h> +#include <ctype.h> +#endif + +#include <limits.h> + +#if defined(BSDI) +#undef ULLONG_MAX +#endif + +#ifdef macintosh +#include <Types.h> +#else +#include <sys/types.h> +#endif + +#define MP_NEG 1 +#define MP_ZPOS 0 + +#define MP_OKAY 0 /* no error, all is well */ +#define MP_YES 0 /* yes (boolean result) */ +#define MP_NO -1 /* no (boolean result) */ +#define MP_MEM -2 /* out of memory */ +#define MP_RANGE -3 /* argument out of range */ +#define MP_BADARG -4 /* invalid parameter */ +#define MP_UNDEF -5 /* answer is undefined */ +#define MP_LAST_CODE MP_UNDEF + +typedef unsigned int mp_sign; +typedef unsigned int mp_size; +typedef int mp_err; + +#define MP_32BIT_MAX 4294967295U + +#if !defined(ULONG_MAX) +#error "ULONG_MAX not defined" +#elif !defined(UINT_MAX) +#error "UINT_MAX not defined" +#elif !defined(USHRT_MAX) +#error "USHRT_MAX not defined" +#endif + +#if defined(ULONG_LONG_MAX) /* GCC, HPUX */ +#define MP_ULONG_LONG_MAX ULONG_LONG_MAX +#elif defined(ULLONG_MAX) /* Solaris */ +#define MP_ULONG_LONG_MAX ULLONG_MAX +/* MP_ULONG_LONG_MAX was defined to be ULLONG_MAX */ +#elif defined(ULONGLONG_MAX) /* IRIX, AIX */ +#define MP_ULONG_LONG_MAX ULONGLONG_MAX +#endif + +/* We only use unsigned long for mp_digit iff long is more than 32 bits. */ +#if !defined(MP_USE_UINT_DIGIT) && ULONG_MAX > MP_32BIT_MAX +typedef unsigned long mp_digit; +#define MP_DIGIT_MAX ULONG_MAX +#define MP_DIGIT_FMT "%016lX" /* printf() format for 1 digit */ +#define MP_HALF_DIGIT_MAX UINT_MAX +#undef MP_NO_MP_WORD +#define MP_NO_MP_WORD 1 +#undef MP_USE_LONG_DIGIT +#define MP_USE_LONG_DIGIT 1 +#undef MP_USE_LONG_LONG_DIGIT + +#elif !defined(MP_USE_UINT_DIGIT) && defined(MP_ULONG_LONG_MAX) +typedef unsigned long long mp_digit; +#define MP_DIGIT_MAX MP_ULONG_LONG_MAX +#define MP_DIGIT_FMT "%016llX" /* printf() format for 1 digit */ +#define MP_HALF_DIGIT_MAX UINT_MAX +#undef MP_NO_MP_WORD +#define MP_NO_MP_WORD 1 +#undef MP_USE_LONG_LONG_DIGIT +#define MP_USE_LONG_LONG_DIGIT 1 +#undef MP_USE_LONG_DIGIT + +#else +typedef unsigned int mp_digit; +#define MP_DIGIT_MAX UINT_MAX +#define MP_DIGIT_FMT "%08X" /* printf() format for 1 digit */ +#define MP_HALF_DIGIT_MAX USHRT_MAX +#undef MP_USE_UINT_DIGIT +#define MP_USE_UINT_DIGIT 1 +#undef MP_USE_LONG_LONG_DIGIT +#undef MP_USE_LONG_DIGIT +#endif + +#if !defined(MP_NO_MP_WORD) +#if defined(MP_USE_UINT_DIGIT) && \ + (defined(MP_ULONG_LONG_MAX) || (ULONG_MAX > UINT_MAX)) + +#if (ULONG_MAX > UINT_MAX) +typedef unsigned long mp_word; +typedef long mp_sword; +#define MP_WORD_MAX ULONG_MAX + +#else +typedef unsigned long long mp_word; +typedef long long mp_sword; +#define MP_WORD_MAX MP_ULONG_LONG_MAX +#endif + +#else +#define MP_NO_MP_WORD 1 +#endif +#endif /* !defined(MP_NO_MP_WORD) */ + +#if !defined(MP_WORD_MAX) && defined(MP_DEFINE_SMALL_WORD) +typedef unsigned int mp_word; +typedef int mp_sword; +#define MP_WORD_MAX UINT_MAX +#endif + +#define MP_DIGIT_BIT (CHAR_BIT*sizeof(mp_digit)) +#define MP_WORD_BIT (CHAR_BIT*sizeof(mp_word)) +#define MP_RADIX (1+(mp_word)MP_DIGIT_MAX) + +#define MP_HALF_DIGIT_BIT (MP_DIGIT_BIT/2) +#define MP_HALF_RADIX (1+(mp_digit)MP_HALF_DIGIT_MAX) +/* MP_HALF_RADIX really ought to be called MP_SQRT_RADIX, but it's named +** MP_HALF_RADIX because it's the radix for MP_HALF_DIGITs, and it's +** consistent with the other _HALF_ names. +*/ + + +/* Macros for accessing the mp_int internals */ +#define MP_SIGN(MP) ((MP)->sign) +#define MP_USED(MP) ((MP)->used) +#define MP_ALLOC(MP) ((MP)->alloc) +#define MP_DIGITS(MP) ((MP)->dp) +#define MP_DIGIT(MP,N) (MP)->dp[(N)] + +/* This defines the maximum I/O base (minimum is 2) */ +#define MP_MAX_RADIX 64 + +typedef struct { + mp_sign sign; /* sign of this quantity */ + mp_size alloc; /* how many digits allocated */ + mp_size used; /* how many digits used */ + mp_digit *dp; /* the digits themselves */ +} mp_int; + +/* Default precision */ +mp_size mp_get_prec(void); +void mp_set_prec(mp_size prec); + +/* Memory management */ +mp_err mp_init(mp_int *mp); +mp_err mp_init_size(mp_int *mp, mp_size prec); +mp_err mp_init_copy(mp_int *mp, const mp_int *from); +mp_err mp_copy(const mp_int *from, mp_int *to); +void mp_exch(mp_int *mp1, mp_int *mp2); +void mp_clear(mp_int *mp); +void mp_zero(mp_int *mp); +void mp_set(mp_int *mp, mp_digit d); +mp_err mp_set_int(mp_int *mp, long z); +#define mp_set_long(mp,z) mp_set_int(mp,z) +mp_err mp_set_ulong(mp_int *mp, unsigned long z); + +/* Single digit arithmetic */ +mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b); +mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b); +mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b); +mp_err mp_mul_2(const mp_int *a, mp_int *c); +mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r); +mp_err mp_div_2(const mp_int *a, mp_int *c); +mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c); + +/* Sign manipulations */ +mp_err mp_abs(const mp_int *a, mp_int *b); +mp_err mp_neg(const mp_int *a, mp_int *b); + +/* Full arithmetic */ +mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c); +mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c); +mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c); +#if MP_SQUARE +mp_err mp_sqr(const mp_int *a, mp_int *b); +#else +#define mp_sqr(a, b) mp_mul(a, a, b) +#endif +mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r); +mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r); +mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c); +mp_err mp_2expt(mp_int *a, mp_digit k); +mp_err mp_sqrt(const mp_int *a, mp_int *b); + +/* Modular arithmetic */ +#if MP_MODARITH +mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c); +mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c); +mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); +mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); +mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); +#if MP_SQUARE +mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c); +#else +#define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c) +#endif +mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); +mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c); +#endif /* MP_MODARITH */ + +/* Comparisons */ +int mp_cmp_z(const mp_int *a); +int mp_cmp_d(const mp_int *a, mp_digit d); +int mp_cmp(const mp_int *a, const mp_int *b); +int mp_cmp_mag(mp_int *a, mp_int *b); +int mp_cmp_int(const mp_int *a, long z); +int mp_isodd(const mp_int *a); +int mp_iseven(const mp_int *a); + +/* Number theoretic */ +#if MP_NUMTH +mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c); +mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c); +mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y); +mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c); +mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c); +#endif /* end MP_NUMTH */ + +/* Input and output */ +#if MP_IOFUNC +void mp_print(mp_int *mp, FILE *ofp); +#endif /* end MP_IOFUNC */ + +/* Base conversion */ +mp_err mp_read_raw(mp_int *mp, char *str, int len); +int mp_raw_size(mp_int *mp); +mp_err mp_toraw(mp_int *mp, char *str); +mp_err mp_read_radix(mp_int *mp, const char *str, int radix); +mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix); +int mp_radix_size(mp_int *mp, int radix); +mp_err mp_toradix(mp_int *mp, char *str, int radix); +int mp_tovalue(char ch, int r); + +#define mp_tobinary(M, S) mp_toradix((M), (S), 2) +#define mp_tooctal(M, S) mp_toradix((M), (S), 8) +#define mp_todecimal(M, S) mp_toradix((M), (S), 10) +#define mp_tohex(M, S) mp_toradix((M), (S), 16) + +/* Error strings */ +const char *mp_strerror(mp_err ec); + +/* Octet string conversion functions */ +mp_err mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len); +int mp_unsigned_octet_size(const mp_int *mp); +mp_err mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen); +mp_err mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen); +mp_err mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size len); + +/* Miscellaneous */ +mp_size mp_trailing_zeros(const mp_int *mp); + +#define MP_CHECKOK(x) if (MP_OKAY > (res = (x))) goto CLEANUP +#define MP_CHECKERR(x) if (MP_OKAY > (res = (x))) goto CLEANUP + +#if defined(MP_API_COMPATIBLE) +#define NEG MP_NEG +#define ZPOS MP_ZPOS +#define DIGIT_MAX MP_DIGIT_MAX +#define DIGIT_BIT MP_DIGIT_BIT +#define DIGIT_FMT MP_DIGIT_FMT +#define RADIX MP_RADIX +#define MAX_RADIX MP_MAX_RADIX +#define SIGN(MP) MP_SIGN(MP) +#define USED(MP) MP_USED(MP) +#define ALLOC(MP) MP_ALLOC(MP) +#define DIGITS(MP) MP_DIGITS(MP) +#define DIGIT(MP,N) MP_DIGIT(MP,N) + +#if MP_ARGCHK == 1 +#define ARGCHK(X,Y) {if(!(X)){return (Y);}} +#elif MP_ARGCHK == 2 +#include <assert.h> +#define ARGCHK(X,Y) assert(X) +#else +#define ARGCHK(X,Y) /* */ +#endif +#endif /* defined MP_API_COMPATIBLE */ + +#endif /* end _H_MPI_ */ diff --git a/security/nss/lib/freebl/mpi/mpi_hp.c b/security/nss/lib/freebl/mpi/mpi_hp.c new file mode 100644 index 000000000..e30630c19 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_hp.c @@ -0,0 +1,112 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ + +/* This file contains routines that perform vector multiplication. */ + +#include "mpi-priv.h" +#include <unistd.h> + +#include <stddef.h> +/* #include <sys/systeminfo.h> */ +#include <strings.h> + +extern void multacc512( + int length, /* doublewords in multiplicand vector. */ + const mp_digit *scalaraddr, /* Address of scalar. */ + const mp_digit *multiplicand, /* The multiplicand vector. */ + mp_digit * result); /* Where to accumulate the result. */ + +extern void maxpy_little( + int length, /* doublewords in multiplicand vector. */ + const mp_digit *scalaraddr, /* Address of scalar. */ + const mp_digit *multiplicand, /* The multiplicand vector. */ + mp_digit * result); /* Where to accumulate the result. */ + +extern void add_diag_little( + int length, /* doublewords in input vector. */ + const mp_digit *root, /* The vector to square. */ + mp_digit * result); /* Where to accumulate the result. */ + +void +s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps) +{ + add_diag_little(a_len, pa, ps); +} + +#define MAX_STACK_DIGITS 258 +#define MULTACC512_LEN (512 / MP_DIGIT_BIT) +#define HP_MPY_ADD_FN (a_len == MULTACC512_LEN ? multacc512 : maxpy_little) + +/* c = a * b */ +void +s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + mp_digit x[MAX_STACK_DIGITS]; + mp_digit *px = x; + size_t xSize = 0; + + if (a == c) { + if (a_len > MAX_STACK_DIGITS) { + xSize = sizeof(mp_digit) * (a_len + 2); + px = malloc(xSize); + if (!px) + return; + } + memcpy(px, a, a_len * sizeof(*a)); + a = px; + } + s_mp_setz(c, a_len + 1); + HP_MPY_ADD_FN(a_len, &b, a, c); + if (px != x && px) { + memset(px, 0, xSize); + free(px); + } +} + +/* c += a * b, where a is a_len words long. */ +void +s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + c[a_len] = 0; /* so carry propagation stops here. */ + HP_MPY_ADD_FN(a_len, &b, a, c); +} + +/* c += a * b, where a is y words long. */ +void +s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, + mp_digit *c) +{ + HP_MPY_ADD_FN(a_len, &b, a, c); +} + diff --git a/security/nss/lib/freebl/mpi/mpi_i86pc.s b/security/nss/lib/freebl/mpi/mpi_i86pc.s new file mode 100644 index 000000000..f6c167b1a --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_i86pc.s @@ -0,0 +1,342 @@ + / + / The contents of this file are subject to the Mozilla Public + / License Version 1.1 (the "License"); you may not use this file + / except in compliance with the License. You may obtain a copy of + / the License at http://www.mozilla.org/MPL/ + / + / Software distributed under the License is distributed on an "AS + / IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + / implied. See the License for the specific language governing + / rights and limitations under the License. + / + / The Original Code is the Netscape security libraries. + / + / The Initial Developer of the Original Code is Netscape + / Communications Corporation. Portions created by Netscape are + / Copyright (C) 2001 Netscape Communications Corporation. All + / Rights Reserved. + / + / Contributor(s): + / + / Alternatively, the contents of this file may be used under the + / terms of the GNU General Public License Version 2 or later (the + / "GPL"), in which case the provisions of the GPL are applicable + / instead of those above. If you wish to allow use of your + / version of this file only under the terms of the GPL and not to + / allow others to use your version of this file under the MPL, + / indicate your decision by deleting the provisions above and + / replace them with the notice and other provisions required by + / the GPL. If you do not delete the provisions above, a recipient + / may use your version of this file under either the MPL or the + / GPL. + / $Id$ + / + +.text + + / ebp - 36: caller's esi + / ebp - 32: caller's edi + / ebp - 28: + / ebp - 24: + / ebp - 20: + / ebp - 16: + / ebp - 12: + / ebp - 8: + / ebp - 4: + / ebp + 0: caller's ebp + / ebp + 4: return address + / ebp + 8: a argument + / ebp + 12: a_len argument + / ebp + 16: b argument + / ebp + 20: c argument + / registers: + / eax: + / ebx: carry + / ecx: a_len + / edx: + / esi: a ptr + / edi: c ptr +.globl s_mpv_mul_d +.type s_mpv_mul_d,@function +s_mpv_mul_d: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx / carry = 0 + mov 12(%ebp),%ecx / ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je L2 / jmp if a_len == 0 + mov 8(%ebp),%esi / esi = a + cld +L1: + lodsl / eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx / edx = b + mull %edx / edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax / add carry (%ebx) to edx:eax + adc $0,%edx + mov %edx,%ebx / high half of product becomes next carry + + stosl / [es:edi] = ax; edi += 4; + dec %ecx / --a_len + jnz L1 / jmp if a_len != 0 +L2: + mov %ebx,0(%edi) / *c = carry + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + / ebp - 36: caller's esi + / ebp - 32: caller's edi + / ebp - 28: + / ebp - 24: + / ebp - 20: + / ebp - 16: + / ebp - 12: + / ebp - 8: + / ebp - 4: + / ebp + 0: caller's ebp + / ebp + 4: return address + / ebp + 8: a argument + / ebp + 12: a_len argument + / ebp + 16: b argument + / ebp + 20: c argument + / registers: + / eax: + / ebx: carry + / ecx: a_len + / edx: + / esi: a ptr + / edi: c ptr +.globl s_mpv_mul_d_add +.type s_mpv_mul_d_add,@function +s_mpv_mul_d_add: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx / carry = 0 + mov 12(%ebp),%ecx / ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je L4 / jmp if a_len == 0 + mov 8(%ebp),%esi / esi = a + cld +L3: + lodsl / eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx / edx = b + mull %edx / edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax / add carry (%ebx) to edx:eax + adc $0,%edx + mov 0(%edi),%ebx / add in current word from *c + add %ebx,%eax + adc $0,%edx + mov %edx,%ebx / high half of product becomes next carry + + stosl / [es:edi] = ax; edi += 4; + dec %ecx / --a_len + jnz L3 / jmp if a_len != 0 +L4: + mov %ebx,0(%edi) / *c = carry + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + / ebp - 36: caller's esi + / ebp - 32: caller's edi + / ebp - 28: + / ebp - 24: + / ebp - 20: + / ebp - 16: + / ebp - 12: + / ebp - 8: + / ebp - 4: + / ebp + 0: caller's ebp + / ebp + 4: return address + / ebp + 8: a argument + / ebp + 12: a_len argument + / ebp + 16: b argument + / ebp + 20: c argument + / registers: + / eax: + / ebx: carry + / ecx: a_len + / edx: + / esi: a ptr + / edi: c ptr +.globl s_mpv_mul_d_add_prop +.type s_mpv_mul_d_add_prop,@function +s_mpv_mul_d_add_prop: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx / carry = 0 + mov 12(%ebp),%ecx / ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je L6 / jmp if a_len == 0 + cld + mov 8(%ebp),%esi / esi = a +L5: + lodsl / eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx / edx = b + mull %edx / edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax / add carry (%ebx) to edx:eax + adc $0,%edx + mov 0(%edi),%ebx / add in current word from *c + add %ebx,%eax + adc $0,%edx + mov %edx,%ebx / high half of product becomes next carry + + stosl / [es:edi] = ax; edi += 4; + dec %ecx / --a_len + jnz L5 / jmp if a_len != 0 +L6: + cmp $0,%ebx / is carry zero? + jz L8 + mov 0(%edi),%eax / add in current word from *c + add %ebx,%eax + stosl / [es:edi] = ax; edi += 4; + jnc L8 +L7: + mov 0(%edi),%eax / add in current word from *c + adc $0,%eax + stosl / [es:edi] = ax; edi += 4; + jc L7 +L8: + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + / ebp - 20: caller's esi + / ebp - 16: caller's edi + / ebp - 12: + / ebp - 8: carry + / ebp - 4: a_len local + / ebp + 0: caller's ebp + / ebp + 4: return address + / ebp + 8: pa argument + / ebp + 12: a_len argument + / ebp + 16: ps argument + / ebp + 20: + / registers: + / eax: + / ebx: carry + / ecx: a_len + / edx: + / esi: a ptr + / edi: c ptr + +.globl s_mpv_sqr_add_prop +.type s_mpv_sqr_add_prop,@function +s_mpv_sqr_add_prop: + push %ebp + mov %esp,%ebp + sub $12,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx / carry = 0 + mov 12(%ebp),%ecx / a_len + mov 16(%ebp),%edi / edi = ps + cmp $0,%ecx + je L11 / jump if a_len == 0 + cld + mov 8(%ebp),%esi / esi = pa +L10: + lodsl / %eax = [ds:si]; si += 4; + mull %eax + + add %ebx,%eax / add "carry" + adc $0,%edx + mov 0(%edi),%ebx + add %ebx,%eax / add low word from result + mov 4(%edi),%ebx + stosl / [es:di] = %eax; di += 4; + adc %ebx,%edx / add high word from result + movl $0,%ebx + mov %edx,%eax + adc $0,%ebx + stosl / [es:di] = %eax; di += 4; + dec %ecx / --a_len + jnz L10 / jmp if a_len != 0 +L11: + cmp $0,%ebx / is carry zero? + jz L14 + mov 0(%edi),%eax / add in current word from *c + add %ebx,%eax + stosl / [es:edi] = ax; edi += 4; + jnc L14 +L12: + mov 0(%edi),%eax / add in current word from *c + adc $0,%eax + stosl / [es:edi] = ax; edi += 4; + jc L12 +L14: + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + / + / Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized + / so its high bit is 1. This code is from NSPR. + / + / mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor, + / mp_digit *qp, mp_digit *rp) + + / esp + 0: Caller's ebx + / esp + 4: return address + / esp + 8: Nhi argument + / esp + 12: Nlo argument + / esp + 16: divisor argument + / esp + 20: qp argument + / esp + 24: rp argument + / registers: + / eax: + / ebx: carry + / ecx: a_len + / edx: + / esi: a ptr + / edi: c ptr + / + +.globl s_mpv_div_2dx1d +.type s_mpv_div_2dx1d,@function +s_mpv_div_2dx1d: + push %ebx + mov 8(%esp),%edx + mov 12(%esp),%eax + mov 16(%esp),%ebx + div %ebx + mov 20(%esp),%ebx + mov %eax,0(%ebx) + mov 24(%esp),%ebx + mov %edx,0(%ebx) + xor %eax,%eax / return zero + pop %ebx + ret + nop + diff --git a/security/nss/lib/freebl/mpi/mpi_mips.s b/security/nss/lib/freebl/mpi/mpi_mips.s new file mode 100644 index 000000000..bb846ee57 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_mips.s @@ -0,0 +1,502 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ +#include <regdef.h> + .set noreorder + .set noat + + .section .text, 1, 0x00000006, 4, 4 +.text: + .section .text + + .ent s_mpv_mul_d_add + .globl s_mpv_mul_d_add + +s_mpv_mul_d_add: + #/* c += a * b */ + #void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, + # mp_digit *c) + #{ + # mp_digit a0, a1; regs a4, a5 + # mp_digit c0, c1; regs a6, a7 + # mp_digit cy = 0; reg t2 + # mp_word w0, w1; regs t0, t1 + # + # if (a_len) { + beq a1,zero,.L.1 + move t2,zero # cy = 0 + dsll32 a2,a2,0 # "b" is sometimes negative (?!?!) + dsrl32 a2,a2,0 # This clears the upper 32 bits. + # a0 = a[0]; + lwu a4,0(a0) + # w0 = ((mp_word)b * a0); + dmultu a2,a4 + # if (--a_len) { + addiu a1,a1,-1 + beq a1,zero,.L.2 + # while (a_len >= 2) { + sltiu t3,a1,2 + bne t3,zero,.L.3 + # a1 = a[1]; + lwu a5,4(a0) +.L.4: + # a_len -= 2; + addiu a1,a1,-2 + # c0 = c[0]; + lwu a6,0(a3) + # w0 += cy; + mflo t0 + daddu t0,t0,t2 + # w0 += c0; + daddu t0,t0,a6 + # w1 = (mp_word)b * a1; + dmultu a2,a5 # + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # a0 = a[2]; + lwu a4,8(a0) + # a += 2; + addiu a0,a0,8 + # c1 = c[1]; + lwu a7,4(a3) + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # w1 += c1; + daddu t1,t1,a7 + # w0 = (mp_word)b * a0; + dmultu a2,a4 # + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # c += 2; + addiu a3,a3,8 + sltiu t3,a1,2 + beq t3,zero,.L.4 + # a1 = a[1]; + lwu a5,4(a0) + # } +.L.3: + # c0 = c[0]; + lwu a6,0(a3) + # w0 += cy; + # if (a_len) { + mflo t0 + beq a1,zero,.L.5 + daddu t0,t0,t2 + # w1 = (mp_word)b * a1; + dmultu a2,a5 + # w0 += c0; + daddu t0,t0,a6 # + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # c1 = c[1]; + lwu a7,4(a3) + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # w1 += c1; + daddu t1,t1,a7 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # c += 1; + b .L.6 + addiu a3,a3,4 + # } else { +.L.5: + # w0 += c0; + daddu t0,t0,a6 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + b .L.6 + dsrl32 t2,t0,0 + # } + # } else { +.L.2: + # c0 = c[0]; + lwu a6,0(a3) + # w0 += c0; + mflo t0 + daddu t0,t0,a6 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # } +.L.6: + # c[1] = cy; + jr ra + sw t2,4(a3) + # } +.L.1: + jr ra + nop + #} + # + .end s_mpv_mul_d_add + + .ent s_mpv_mul_d_add_prop + .globl s_mpv_mul_d_add_prop + +s_mpv_mul_d_add_prop: + #/* c += a * b */ + #void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, + # mp_digit *c) + #{ + # mp_digit a0, a1; regs a4, a5 + # mp_digit c0, c1; regs a6, a7 + # mp_digit cy = 0; reg t2 + # mp_word w0, w1; regs t0, t1 + # + # if (a_len) { + beq a1,zero,.M.1 + move t2,zero # cy = 0 + dsll32 a2,a2,0 # "b" is sometimes negative (?!?!) + dsrl32 a2,a2,0 # This clears the upper 32 bits. + # a0 = a[0]; + lwu a4,0(a0) + # w0 = ((mp_word)b * a0); + dmultu a2,a4 + # if (--a_len) { + addiu a1,a1,-1 + beq a1,zero,.M.2 + # while (a_len >= 2) { + sltiu t3,a1,2 + bne t3,zero,.M.3 + # a1 = a[1]; + lwu a5,4(a0) +.M.4: + # a_len -= 2; + addiu a1,a1,-2 + # c0 = c[0]; + lwu a6,0(a3) + # w0 += cy; + mflo t0 + daddu t0,t0,t2 + # w0 += c0; + daddu t0,t0,a6 + # w1 = (mp_word)b * a1; + dmultu a2,a5 # + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # a0 = a[2]; + lwu a4,8(a0) + # a += 2; + addiu a0,a0,8 + # c1 = c[1]; + lwu a7,4(a3) + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # w1 += c1; + daddu t1,t1,a7 + # w0 = (mp_word)b * a0; + dmultu a2,a4 # + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # c += 2; + addiu a3,a3,8 + sltiu t3,a1,2 + beq t3,zero,.M.4 + # a1 = a[1]; + lwu a5,4(a0) + # } +.M.3: + # c0 = c[0]; + lwu a6,0(a3) + # w0 += cy; + # if (a_len) { + mflo t0 + beq a1,zero,.M.5 + daddu t0,t0,t2 + # w1 = (mp_word)b * a1; + dmultu a2,a5 + # w0 += c0; + daddu t0,t0,a6 # + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # c1 = c[1]; + lwu a7,4(a3) + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # w1 += c1; + daddu t1,t1,a7 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # c += 1; + b .M.6 + addiu a3,a3,8 + # } else { +.M.5: + # w0 += c0; + daddu t0,t0,a6 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + b .M.6 + addiu a3,a3,4 + # } + # } else { +.M.2: + # c0 = c[0]; + lwu a6,0(a3) + # w0 += c0; + mflo t0 + daddu t0,t0,a6 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + addiu a3,a3,4 + # } +.M.6: + + # while (cy) { + beq t2,zero,.M.1 + nop +.M.7: + # mp_word w = (mp_word)*c + cy; + lwu a6,0(a3) + daddu t2,t2,a6 + # *c++ = ACCUM(w); + sw t2,0(a3) + # cy = CARRYOUT(w); + dsrl32 t2,t2,0 + bne t2,zero,.M.7 + addiu a3,a3,4 + + # } +.M.1: + jr ra + nop + #} + # + .end s_mpv_mul_d_add_prop + + .ent s_mpv_mul_d + .globl s_mpv_mul_d + +s_mpv_mul_d: + #/* c = a * b */ + #void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, + # mp_digit *c) + #{ + # mp_digit a0, a1; regs a4, a5 + # mp_digit cy = 0; reg t2 + # mp_word w0, w1; regs t0, t1 + # + # if (a_len) { + beq a1,zero,.N.1 + move t2,zero # cy = 0 + dsll32 a2,a2,0 # "b" is sometimes negative (?!?!) + dsrl32 a2,a2,0 # This clears the upper 32 bits. + # a0 = a[0]; + lwu a4,0(a0) + # w0 = ((mp_word)b * a0); + dmultu a2,a4 + # if (--a_len) { + addiu a1,a1,-1 + beq a1,zero,.N.2 + # while (a_len >= 2) { + sltiu t3,a1,2 + bne t3,zero,.N.3 + # a1 = a[1]; + lwu a5,4(a0) +.N.4: + # a_len -= 2; + addiu a1,a1,-2 + # w0 += cy; + mflo t0 + daddu t0,t0,t2 + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # w1 = (mp_word)b * a1; + dmultu a2,a5 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # a0 = a[2]; + lwu a4,8(a0) + # a += 2; + addiu a0,a0,8 + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # w0 = (mp_word)b * a0; + dmultu a2,a4 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # c += 2; + addiu a3,a3,8 + sltiu t3,a1,2 + beq t3,zero,.N.4 + # a1 = a[1]; + lwu a5,4(a0) + # } +.N.3: + # w0 += cy; + # if (a_len) { + mflo t0 + beq a1,zero,.N.5 + daddu t0,t0,t2 + # w1 = (mp_word)b * a1; + dmultu a2,a5 # + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # w1 += cy; + mflo t1 + daddu t1,t1,t2 + # c[1] = ACCUM(w1); + sw t1,4(a3) + # cy = CARRYOUT(w1); + dsrl32 t2,t1,0 + # c += 1; + b .N.6 + addiu a3,a3,4 + # } else { +.N.5: + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + b .N.6 + dsrl32 t2,t0,0 + # } + # } else { +.N.2: + mflo t0 + # c[0] = ACCUM(w0); + sw t0,0(a3) + # cy = CARRYOUT(w0); + dsrl32 t2,t0,0 + # } +.N.6: + # c[1] = cy; + jr ra + sw t2,4(a3) + # } +.N.1: + jr ra + nop + #} + # + .end s_mpv_mul_d + + + .ent s_mpv_sqr_add_prop + .globl s_mpv_sqr_add_prop + #void s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs); + # registers + # a0 *a + # a1 a_len + # a2 *sqr + # a3 digit from *a, a_i + # a4 square of digit from a + # a5,a6 next 2 digits in sqr + # a7,t0 carry +s_mpv_sqr_add_prop: + move a7,zero + move t0,zero + lwu a3,0(a0) + addiu a1,a1,-1 # --a_len + dmultu a3,a3 + beq a1,zero,.P.3 # jump if we've already done the only sqr + addiu a0,a0,4 # ++a +.P.2: + lwu a5,0(a2) + lwu a6,4(a2) + addiu a2,a2,8 # sqrs += 2; + dsll32 a6,a6,0 + daddu a5,a5,a6 + lwu a3,0(a0) + addiu a0,a0,4 # ++a + mflo a4 + daddu a6,a5,a4 + sltu a7,a6,a5 # a7 = a6 < a5 detect overflow + dmultu a3,a3 + daddu a4,a6,t0 + sltu t0,a4,a6 + add t0,t0,a7 + sw a4,-8(a2) + addiu a1,a1,-1 # --a_len + dsrl32 a4,a4,0 + bne a1,zero,.P.2 # loop if a_len > 0 + sw a4,-4(a2) +.P.3: + lwu a5,0(a2) + lwu a6,4(a2) + addiu a2,a2,8 # sqrs += 2; + dsll32 a6,a6,0 + daddu a5,a5,a6 + mflo a4 + daddu a6,a5,a4 + sltu a7,a6,a5 # a7 = a6 < a5 detect overflow + daddu a4,a6,t0 + sltu t0,a4,a6 + add t0,t0,a7 + sw a4,-8(a2) + beq t0,zero,.P.9 # jump if no carry + dsrl32 a4,a4,0 +.P.8: + sw a4,-4(a2) + /* propagate final carry */ + lwu a5,0(a2) + daddu a6,a5,t0 + sltu t0,a6,a5 + bne t0,zero,.P.8 # loop if carry persists + addiu a2,a2,4 # sqrs++ +.P.9: + jr ra + sw a4,-4(a2) + + .end s_mpv_sqr_add_prop diff --git a/security/nss/lib/freebl/mpi/mpi_sparc.c b/security/nss/lib/freebl/mpi/mpi_sparc.c new file mode 100644 index 000000000..a7bf863fd --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_sparc.c @@ -0,0 +1,358 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ + +/* Multiplication performance enhancements for sparc v8+vis CPUs. */ + +#include "mpi-priv.h" +#include <stddef.h> +#include <sys/systeminfo.h> +#include <strings.h> + +/* In the functions below, */ +/* vector y must be 8-byte aligned, and n must be even */ +/* returns carry out of high order word of result */ +/* maximum n is 256 */ + +/* vector x += vector y * scaler a; where y is of length n words. */ +extern mp_digit mul_add_inp(mp_digit *x, const mp_digit *y, int n, mp_digit a); + +/* vector z = vector x + vector y * scaler a; where y is of length n words. */ +extern mp_digit mul_add(mp_digit *z, const mp_digit *x, const mp_digit *y, + int n, mp_digit a); + +/* v8 versions of these functions run on any Sparc v8 CPU. */ + +/* This trick works on Sparc V8 CPUs with the Workshop compilers. */ +#define MP_MUL_DxD(a, b, Phi, Plo) \ + { unsigned long long product = (unsigned long long)a * b; \ + Plo = (mp_digit)product; \ + Phi = (mp_digit)(product >> MP_DIGIT_BIT); } + +/* c = a * b */ +static void +v8_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + *c = d; +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + *c++ = a0b0; + carry = a1b1; + } + *c = carry; +#endif +} + +/* c += a * b */ +static void +v8_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + *c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + *c = d; +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + a0b0 += a_i = *c; + if (a0b0 < a_i) + ++a1b1; + *c++ = a0b0; + carry = a1b1; + } + *c = carry; +#endif +} + +/* Presently, this is only used by the Montgomery arithmetic code. */ +/* c += a * b */ +static void +v8_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ +#if !defined(MP_NO_MP_WORD) + mp_digit d = 0; + + /* Inner product: Digits of a */ + while (a_len--) { + mp_word w = ((mp_word)b * *a++) + *c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } + + while (d) { + mp_word w = (mp_word)*c + d; + *c++ = ACCUM(w); + d = CARRYOUT(w); + } +#else + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + + a0b0 += a_i = *c; + if (a0b0 < a_i) + ++a1b1; + + *c++ = a0b0; + carry = a1b1; + } + while (carry) { + mp_digit c_i = *c; + carry += c_i; + *c++ = carry; + carry = carry < c_i; + } +#endif +} + +/* vis versions of these functions run only on v8+vis or v9+vis CPUs. */ + +/* c = a * b */ +static void +vis_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + mp_digit d; + mp_digit x[258]; + if (a_len <= 256) { + if (a == c || ((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) { + mp_digit * px; + px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x; + memcpy(px, a, a_len * sizeof(*a)); + a = px; + if (a_len & 1) { + px[a_len] = 0; + } + } + s_mp_setz(c, a_len + 1); + d = mul_add_inp(c, a, a_len, b); + c[a_len] = d; + } else { + v8_mpv_mul_d(a, a_len, b, c); + } +} + +/* c += a * b, where a is a_len words long. */ +static void +vis_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + mp_digit d; + mp_digit x[258]; + if (a_len <= 256) { + if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) { + mp_digit * px; + px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x; + memcpy(px, a, a_len * sizeof(*a)); + a = px; + if (a_len & 1) { + px[a_len] = 0; + } + } + d = mul_add_inp(c, a, a_len, b); + c[a_len] = d; + } else { + v8_mpv_mul_d_add(a, a_len, b, c); + } +} + +/* c += a * b, where a is y words long. */ +static void +vis_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, + mp_digit *c) +{ + mp_digit d; + mp_digit x[258]; + if (a_len <= 256) { + if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) { + mp_digit * px; + px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x; + memcpy(px, a, a_len * sizeof(*a)); + a = px; + if (a_len & 1) { + px[a_len] = 0; + } + } + d = mul_add_inp(c, a, a_len, b); + if (d) { + c += a_len; + do { + mp_digit sum = d + *c; + *c++ = sum; + d = sum < d; + } while (d); + } + } else { + v8_mpv_mul_d_add_prop(a, a_len, b, c); + } +} + +#if defined(SOLARIS2_5) +static int +isSparcV8PlusVis(void) +{ + long buflen; + int rv = 0; /* false */ + char buf[256]; + buflen = sysinfo(SI_MACHINE, buf, sizeof buf); + if (buflen > 0) { + rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1")); + } + return rv; +} +#else /* SunOS2.6or higher has SI_ISALIST */ + +static int +isSparcV8PlusVis(void) +{ + long buflen; + int rv = 0; /* false */ + char buf[256]; + buflen = sysinfo(SI_ISALIST, buf, sizeof buf); + if (buflen > 0) { +#if defined(MP_USE_LONG_DIGIT) + char * found = strstr(buf, "sparcv9+vis"); +#else + char * found = strstr(buf, "sparcv8plus+vis"); +#endif + rv = (found != 0); + } + return rv; +} +#endif + +typedef void MPVmpy(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c); + +/* forward static function declarations */ +static MPVmpy sp_mpv_mul_d; +static MPVmpy sp_mpv_mul_d_add; +static MPVmpy sp_mpv_mul_d_add_prop; + +static MPVmpy *p_mpv_mul_d = &sp_mpv_mul_d; +static MPVmpy *p_mpv_mul_d_add = &sp_mpv_mul_d_add; +static MPVmpy *p_mpv_mul_d_add_prop = &sp_mpv_mul_d_add_prop; + +static void +initPtrs(void) +{ + if (isSparcV8PlusVis()) { + p_mpv_mul_d = &vis_mpv_mul_d; + p_mpv_mul_d_add = &vis_mpv_mul_d_add; + p_mpv_mul_d_add_prop = &vis_mpv_mul_d_add_prop; + } else { + p_mpv_mul_d = &v8_mpv_mul_d; + p_mpv_mul_d_add = &v8_mpv_mul_d_add; + p_mpv_mul_d_add_prop = &v8_mpv_mul_d_add_prop; + } +} + +static void +sp_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + initPtrs(); + (* p_mpv_mul_d)(a, a_len, b, c); +} + +static void +sp_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + initPtrs(); + (* p_mpv_mul_d_add)(a, a_len, b, c); +} + +static void +sp_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + initPtrs(); + (* p_mpv_mul_d_add_prop)(a, a_len, b, c); +} + + +/* This is the external interface */ + +void +s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + (* p_mpv_mul_d)(a, a_len, b, c); +} + +void +s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + (* p_mpv_mul_d_add)(a, a_len, b, c); +} + +void +s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) +{ + (* p_mpv_mul_d_add_prop)(a, a_len, b, c); +} + + diff --git a/security/nss/lib/freebl/mpi/mpi_x86.asm b/security/nss/lib/freebl/mpi/mpi_x86.asm new file mode 100644 index 000000000..ed2fc5e58 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_x86.asm @@ -0,0 +1,351 @@ +; +; mpi_x86.asm - assembly language implementation of s_mpv_ functions. +; +; The contents of this file are subject to the Mozilla Public +; License Version 1.1 (the "License"); you may not use this file +; except in compliance with the License. You may obtain a copy of +; the License at http://www.mozilla.org/MPL/ +; +; Software distributed under the License is distributed on an "AS +; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +; implied. See the License for the specific language governing +; rights and limitations under the License. +; +; The Original Code is the Netscape security libraries. +; +; The Initial Developer of the Original Code is Netscape +; Communications Corporation. Portions created by Netscape are +; Copyright (C) 2000 Netscape Communications Corporation. All +; Rights Reserved. +; +; Contributor(s): +; +; Alternatively, the contents of this file may be used under the +; terms of the GNU General Public License Version 2 or later (the +; "GPL"), in which case the provisions of the GPL are applicable +; instead of those above. If you wish to allow use of your +; version of this file only under the terms of the GPL and not to +; allow others to use your version of this file under the MPL, +; indicate your decision by deleting the provisions above and +; replace them with the notice and other provisions required by +; the GPL. If you do not delete the provisions above, a recipient +; may use your version of this file under either the MPL or the +; GPL. +; $Id$ +; + + .386p + .MODEL FLAT + ASSUME CS: FLAT, DS: FLAT, SS: FLAT +_TEXT SEGMENT + +; ebp - 36: caller's esi +; ebp - 32: caller's edi +; ebp - 28: +; ebp - 24: +; ebp - 20: +; ebp - 16: +; ebp - 12: +; ebp - 8: +; ebp - 4: +; ebp + 0: caller's ebp +; ebp + 4: return address +; ebp + 8: a argument +; ebp + 12: a_len argument +; ebp + 16: b argument +; ebp + 20: c argument +; registers: +; eax: +; ebx: carry +; ecx: a_len +; edx: +; esi: a ptr +; edi: c ptr + +public _s_mpv_mul_d +_s_mpv_mul_d PROC NEAR + push ebp + mov ebp,esp + sub esp,28 + push edi + push esi + push ebx + mov ebx,0 ; carry = 0 + mov ecx,[ebp+12] ; ecx = a_len + mov edi,[ebp+20] + cmp ecx,0 + je L_2 ; jmp if a_len == 0 + mov esi,[ebp+8] ; esi = a + cld +L_1: + lodsd ; eax = [ds:esi]; esi += 4 + mov edx,[ebp+16] ; edx = b + mul edx ; edx:eax = Phi:Plo = a_i * b + + add eax,ebx ; add carry (ebx) to edx:eax + adc edx,0 + mov ebx,edx ; high half of product becomes next carry + + stosd ; [es:edi] = ax; edi += 4; + dec ecx ; --a_len + jnz L_1 ; jmp if a_len != 0 +L_2: + mov [edi],ebx ; *c = carry + pop ebx + pop esi + pop edi + leave + ret + nop +_s_mpv_mul_d ENDP + +; ebp - 36: caller's esi +; ebp - 32: caller's edi +; ebp - 28: +; ebp - 24: +; ebp - 20: +; ebp - 16: +; ebp - 12: +; ebp - 8: +; ebp - 4: +; ebp + 0: caller's ebp +; ebp + 4: return address +; ebp + 8: a argument +; ebp + 12: a_len argument +; ebp + 16: b argument +; ebp + 20: c argument +; registers: +; eax: +; ebx: carry +; ecx: a_len +; edx: +; esi: a ptr +; edi: c ptr +public _s_mpv_mul_d_add +_s_mpv_mul_d_add PROC NEAR + push ebp + mov ebp,esp + sub esp,28 + push edi + push esi + push ebx + mov ebx,0 ; carry = 0 + mov ecx,[ebp+12] ; ecx = a_len + mov edi,[ebp+20] + cmp ecx,0 + je L_4 ; jmp if a_len == 0 + mov esi,[ebp+8] ; esi = a + cld +L_3: + lodsd ; eax = [ds:esi]; esi += 4 + mov edx,[ebp+16] ; edx = b + mul edx ; edx:eax = Phi:Plo = a_i * b + + add eax,ebx ; add carry (ebx) to edx:eax + adc edx,0 + mov ebx,[edi] ; add in current word from *c + add eax,ebx + adc edx,0 + mov ebx,edx ; high half of product becomes next carry + + stosd ; [es:edi] = ax; edi += 4; + dec ecx ; --a_len + jnz L_3 ; jmp if a_len != 0 +L_4: + mov [edi],ebx ; *c = carry + pop ebx + pop esi + pop edi + leave + ret + nop +_s_mpv_mul_d_add ENDP + +; ebp - 36: caller's esi +; ebp - 32: caller's edi +; ebp - 28: +; ebp - 24: +; ebp - 20: +; ebp - 16: +; ebp - 12: +; ebp - 8: +; ebp - 4: +; ebp + 0: caller's ebp +; ebp + 4: return address +; ebp + 8: a argument +; ebp + 12: a_len argument +; ebp + 16: b argument +; ebp + 20: c argument +; registers: +; eax: +; ebx: carry +; ecx: a_len +; edx: +; esi: a ptr +; edi: c ptr +public _s_mpv_mul_d_add_prop +_s_mpv_mul_d_add_prop PROC NEAR + push ebp + mov ebp,esp + sub esp,28 + push edi + push esi + push ebx + mov ebx,0 ; carry = 0 + mov ecx,[ebp+12] ; ecx = a_len + mov edi,[ebp+20] + cmp ecx,0 + je L_6 ; jmp if a_len == 0 + cld + mov esi,[ebp+8] ; esi = a +L_5: + lodsd ; eax = [ds:esi]; esi += 4 + mov edx,[ebp+16] ; edx = b + mul edx ; edx:eax = Phi:Plo = a_i * b + + add eax,ebx ; add carry (ebx) to edx:eax + adc edx,0 + mov ebx,[edi] ; add in current word from *c + add eax,ebx + adc edx,0 + mov ebx,edx ; high half of product becomes next carry + + stosd ; [es:edi] = ax; edi += 4; + dec ecx ; --a_len + jnz L_5 ; jmp if a_len != 0 +L_6: + cmp ebx,0 ; is carry zero? + jz L_8 + mov eax,[edi] ; add in current word from *c + add eax,ebx + stosd ; [es:edi] = ax; edi += 4; + jnc L_8 +L_7: + mov eax,[edi] ; add in current word from *c + adc eax,0 + stosd ; [es:edi] = ax; edi += 4; + jc L_7 +L_8: + pop ebx + pop esi + pop edi + leave + ret + nop +_s_mpv_mul_d_add_prop ENDP + +; ebp - 20: caller's esi +; ebp - 16: caller's edi +; ebp - 12: +; ebp - 8: carry +; ebp - 4: a_len local +; ebp + 0: caller's ebp +; ebp + 4: return address +; ebp + 8: pa argument +; ebp + 12: a_len argument +; ebp + 16: ps argument +; ebp + 20: +; registers: +; eax: +; ebx: carry +; ecx: a_len +; edx: +; esi: a ptr +; edi: c ptr + +public _s_mpv_sqr_add_prop +_s_mpv_sqr_add_prop PROC NEAR + push ebp + mov ebp,esp + sub esp,12 + push edi + push esi + push ebx + mov ebx,0 ; carry = 0 + mov ecx,[ebp+12] ; a_len + mov edi,[ebp+16] ; edi = ps + cmp ecx,0 + je L_11 ; jump if a_len == 0 + cld + mov esi,[ebp+8] ; esi = pa +L_10: + lodsd ; eax = [ds:si]; si += 4; + mul eax + + add eax,ebx ; add "carry" + adc edx,0 + mov ebx,[edi] + add eax,ebx ; add low word from result + mov ebx,[edi+4] + stosd ; [es:di] = eax; di += 4; + adc edx,ebx ; add high word from result + mov ebx,0 + mov eax,edx + adc ebx,0 + stosd ; [es:di] = eax; di += 4; + dec ecx ; --a_len + jnz L_10 ; jmp if a_len != 0 +L_11: + cmp ebx,0 ; is carry zero? + jz L_14 + mov eax,[edi] ; add in current word from *c + add eax,ebx + stosd ; [es:edi] = ax; edi += 4; + jnc L_14 +L_12: + mov eax,[edi] ; add in current word from *c + adc eax,0 + stosd ; [es:edi] = ax; edi += 4; + jc L_12 +L_14: + pop ebx + pop esi + pop edi + leave + ret + nop +_s_mpv_sqr_add_prop ENDP + +; +; Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized +; so its high bit is 1. This code is from NSPR. +; +; mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor, +; mp_digit *qp, mp_digit *rp) + +; Dump of assembler code for function s_mpv_div_2dx1d: +; +; esp + 0: Caller's ebx +; esp + 4: return address +; esp + 8: Nhi argument +; esp + 12: Nlo argument +; esp + 16: divisor argument +; esp + 20: qp argument +; esp + 24: rp argument +; registers: +; eax: +; ebx: carry +; ecx: a_len +; edx: +; esi: a ptr +; edi: c ptr +; +public _s_mpv_div_2dx1d +_s_mpv_div_2dx1d PROC NEAR + push ebx + mov edx,[esp+8] + mov eax,[esp+12] + mov ebx,[esp+16] + div ebx + mov ebx,[esp+20] + mov [ebx],eax + mov ebx,[esp+24] + mov [ebx],edx + xor eax,eax ; return zero + pop ebx + ret + nop +_s_mpv_div_2dx1d ENDP + +_TEXT ENDS +END diff --git a/security/nss/lib/freebl/mpi/mpi_x86.s b/security/nss/lib/freebl/mpi/mpi_x86.s new file mode 100644 index 000000000..427b7e61e --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpi_x86.s @@ -0,0 +1,342 @@ + # + # The contents of this file are subject to the Mozilla Public + # License Version 1.1 (the "License"); you may not use this file + # except in compliance with the License. You may obtain a copy of + # the License at http://www.mozilla.org/MPL/ + # + # Software distributed under the License is distributed on an "AS + # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + # implied. See the License for the specific language governing + # rights and limitations under the License. + # + # The Original Code is the Netscape security libraries. + # + # The Initial Developer of the Original Code is Netscape + # Communications Corporation. Portions created by Netscape are + # Copyright (C) 2000 Netscape Communications Corporation. All + # Rights Reserved. + # + # Contributor(s): + # + # Alternatively, the contents of this file may be used under the + # terms of the GNU General Public License Version 2 or later (the + # "GPL"), in which case the provisions of the GPL are applicable + # instead of those above. If you wish to allow use of your + # version of this file only under the terms of the GPL and not to + # allow others to use your version of this file under the MPL, + # indicate your decision by deleting the provisions above and + # replace them with the notice and other provisions required by + # the GPL. If you do not delete the provisions above, a recipient + # may use your version of this file under either the MPL or the + # GPL. + # $Id$ + # + +.text + + # ebp - 36: caller's esi + # ebp - 32: caller's edi + # ebp - 28: + # ebp - 24: + # ebp - 20: + # ebp - 16: + # ebp - 12: + # ebp - 8: + # ebp - 4: + # ebp + 0: caller's ebp + # ebp + 4: return address + # ebp + 8: a argument + # ebp + 12: a_len argument + # ebp + 16: b argument + # ebp + 20: c argument + # registers: + # eax: + # ebx: carry + # ecx: a_len + # edx: + # esi: a ptr + # edi: c ptr +.globl s_mpv_mul_d +.type s_mpv_mul_d,@function +s_mpv_mul_d: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx # carry = 0 + mov 12(%ebp),%ecx # ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je 2f # jmp if a_len == 0 + mov 8(%ebp),%esi # esi = a + cld +1: + lodsl # eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx # edx = b + mull %edx # edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax # add carry (%ebx) to edx:eax + adc $0,%edx + mov %edx,%ebx # high half of product becomes next carry + + stosl # [es:edi] = ax; edi += 4; + dec %ecx # --a_len + jnz 1b # jmp if a_len != 0 +2: + mov %ebx,0(%edi) # *c = carry + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + # ebp - 36: caller's esi + # ebp - 32: caller's edi + # ebp - 28: + # ebp - 24: + # ebp - 20: + # ebp - 16: + # ebp - 12: + # ebp - 8: + # ebp - 4: + # ebp + 0: caller's ebp + # ebp + 4: return address + # ebp + 8: a argument + # ebp + 12: a_len argument + # ebp + 16: b argument + # ebp + 20: c argument + # registers: + # eax: + # ebx: carry + # ecx: a_len + # edx: + # esi: a ptr + # edi: c ptr +.globl s_mpv_mul_d_add +.type s_mpv_mul_d_add,@function +s_mpv_mul_d_add: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx # carry = 0 + mov 12(%ebp),%ecx # ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je 4f # jmp if a_len == 0 + mov 8(%ebp),%esi # esi = a + cld +3: + lodsl # eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx # edx = b + mull %edx # edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax # add carry (%ebx) to edx:eax + adc $0,%edx + mov 0(%edi),%ebx # add in current word from *c + add %ebx,%eax + adc $0,%edx + mov %edx,%ebx # high half of product becomes next carry + + stosl # [es:edi] = ax; edi += 4; + dec %ecx # --a_len + jnz 3b # jmp if a_len != 0 +4: + mov %ebx,0(%edi) # *c = carry + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + # ebp - 36: caller's esi + # ebp - 32: caller's edi + # ebp - 28: + # ebp - 24: + # ebp - 20: + # ebp - 16: + # ebp - 12: + # ebp - 8: + # ebp - 4: + # ebp + 0: caller's ebp + # ebp + 4: return address + # ebp + 8: a argument + # ebp + 12: a_len argument + # ebp + 16: b argument + # ebp + 20: c argument + # registers: + # eax: + # ebx: carry + # ecx: a_len + # edx: + # esi: a ptr + # edi: c ptr +.globl s_mpv_mul_d_add_prop +.type s_mpv_mul_d_add_prop,@function +s_mpv_mul_d_add_prop: + push %ebp + mov %esp,%ebp + sub $28,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx # carry = 0 + mov 12(%ebp),%ecx # ecx = a_len + mov 20(%ebp),%edi + cmp $0,%ecx + je 6f # jmp if a_len == 0 + cld + mov 8(%ebp),%esi # esi = a +5: + lodsl # eax = [ds:esi]; esi += 4 + mov 16(%ebp),%edx # edx = b + mull %edx # edx:eax = Phi:Plo = a_i * b + + add %ebx,%eax # add carry (%ebx) to edx:eax + adc $0,%edx + mov 0(%edi),%ebx # add in current word from *c + add %ebx,%eax + adc $0,%edx + mov %edx,%ebx # high half of product becomes next carry + + stosl # [es:edi] = ax; edi += 4; + dec %ecx # --a_len + jnz 5b # jmp if a_len != 0 +6: + cmp $0,%ebx # is carry zero? + jz 8f + mov 0(%edi),%eax # add in current word from *c + add %ebx,%eax + stosl # [es:edi] = ax; edi += 4; + jnc 8f +7: + mov 0(%edi),%eax # add in current word from *c + adc $0,%eax + stosl # [es:edi] = ax; edi += 4; + jc 7b +8: + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + # ebp - 20: caller's esi + # ebp - 16: caller's edi + # ebp - 12: + # ebp - 8: carry + # ebp - 4: a_len local + # ebp + 0: caller's ebp + # ebp + 4: return address + # ebp + 8: pa argument + # ebp + 12: a_len argument + # ebp + 16: ps argument + # ebp + 20: + # registers: + # eax: + # ebx: carry + # ecx: a_len + # edx: + # esi: a ptr + # edi: c ptr + +.globl s_mpv_sqr_add_prop +.type s_mpv_sqr_add_prop,@function +s_mpv_sqr_add_prop: + push %ebp + mov %esp,%ebp + sub $12,%esp + push %edi + push %esi + push %ebx + movl $0,%ebx # carry = 0 + mov 12(%ebp),%ecx # a_len + mov 16(%ebp),%edi # edi = ps + cmp $0,%ecx + je 11f # jump if a_len == 0 + cld + mov 8(%ebp),%esi # esi = pa +10: + lodsl # %eax = [ds:si]; si += 4; + mull %eax + + add %ebx,%eax # add "carry" + adc $0,%edx + mov 0(%edi),%ebx + add %ebx,%eax # add low word from result + mov 4(%edi),%ebx + stosl # [es:di] = %eax; di += 4; + adc %ebx,%edx # add high word from result + movl $0,%ebx + mov %edx,%eax + adc $0,%ebx + stosl # [es:di] = %eax; di += 4; + dec %ecx # --a_len + jnz 10b # jmp if a_len != 0 +11: + cmp $0,%ebx # is carry zero? + jz 14f + mov 0(%edi),%eax # add in current word from *c + add %ebx,%eax + stosl # [es:edi] = ax; edi += 4; + jnc 14f +12: + mov 0(%edi),%eax # add in current word from *c + adc $0,%eax + stosl # [es:edi] = ax; edi += 4; + jc 12b +14: + pop %ebx + pop %esi + pop %edi + leave + ret + nop + + # + # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized + # so its high bit is 1. This code is from NSPR. + # + # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor, + # mp_digit *qp, mp_digit *rp) + + # esp + 0: Caller's ebx + # esp + 4: return address + # esp + 8: Nhi argument + # esp + 12: Nlo argument + # esp + 16: divisor argument + # esp + 20: qp argument + # esp + 24: rp argument + # registers: + # eax: + # ebx: carry + # ecx: a_len + # edx: + # esi: a ptr + # edi: c ptr + # + +.globl s_mpv_div_2dx1d +.type s_mpv_div_2dx1d,@function +s_mpv_div_2dx1d: + push %ebx + mov 8(%esp),%edx + mov 12(%esp),%eax + mov 16(%esp),%ebx + div %ebx + mov 20(%esp),%ebx + mov %eax,0(%ebx) + mov 24(%esp),%ebx + mov %edx,0(%ebx) + xor %eax,%eax # return zero + pop %ebx + ret + nop + diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c new file mode 100644 index 000000000..e1b6e5048 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mplogic.c @@ -0,0 +1,459 @@ +/* + * mplogic.c + * + * Bitwise logical operations on MPI values + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include "mpi-priv.h" +#include "mplogic.h" + +/* {{{ Lookup table for population count */ + +static unsigned char bitc[] = { + 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4, + 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8 +}; + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* + mpl_not(a, b) - compute b = ~a + mpl_and(a, b, c) - compute c = a & b + mpl_or(a, b, c) - compute c = a | b + mpl_xor(a, b, c) - compute c = a ^ b + */ + +/* {{{ mpl_not(a, b) */ + +mp_err mpl_not(mp_int *a, mp_int *b) +{ + mp_err res; + int ix; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + /* This relies on the fact that the digit type is unsigned */ + for(ix = 0; ix < USED(b); ix++) + DIGIT(b, ix) = ~DIGIT(b, ix); + + s_mp_clamp(b); + + return MP_OKAY; + +} /* end mpl_not() */ + +/* }}} */ + +/* {{{ mpl_and(a, b, c) */ + +mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int *which, *other; + mp_err res; + int ix; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(USED(a) <= USED(b)) { + which = a; + other = b; + } else { + which = b; + other = a; + } + + if((res = mp_copy(which, c)) != MP_OKAY) + return res; + + for(ix = 0; ix < USED(which); ix++) + DIGIT(c, ix) &= DIGIT(other, ix); + + s_mp_clamp(c); + + return MP_OKAY; + +} /* end mpl_and() */ + +/* }}} */ + +/* {{{ mpl_or(a, b, c) */ + +mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int *which, *other; + mp_err res; + int ix; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(USED(a) >= USED(b)) { + which = a; + other = b; + } else { + which = b; + other = a; + } + + if((res = mp_copy(which, c)) != MP_OKAY) + return res; + + for(ix = 0; ix < USED(which); ix++) + DIGIT(c, ix) |= DIGIT(other, ix); + + return MP_OKAY; + +} /* end mpl_or() */ + +/* }}} */ + +/* {{{ mpl_xor(a, b, c) */ + +mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int *which, *other; + mp_err res; + int ix; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if(USED(a) >= USED(b)) { + which = a; + other = b; + } else { + which = b; + other = a; + } + + if((res = mp_copy(which, c)) != MP_OKAY) + return res; + + for(ix = 0; ix < USED(which); ix++) + DIGIT(c, ix) ^= DIGIT(other, ix); + + s_mp_clamp(c); + + return MP_OKAY; + +} /* end mpl_xor() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* + mpl_rsh(a, b, d) - b = a >> d + mpl_lsh(a, b, d) - b = a << d + */ + +/* {{{ mpl_rsh(a, b, d) */ + +mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + s_mp_div_2d(b, d); + + return MP_OKAY; + +} /* end mpl_rsh() */ + +/* }}} */ + +/* {{{ mpl_lsh(a, b, d) */ + +mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d) +{ + mp_err res; + + ARGCHK(a != NULL && b != NULL, MP_BADARG); + + if((res = mp_copy(a, b)) != MP_OKAY) + return res; + + return s_mp_mul_2d(b, d); + +} /* end mpl_lsh() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* + mpl_num_set(a, num) + + Count the number of set bits in the binary representation of a. + Returns MP_OKAY and sets 'num' to be the number of such bits, if + possible. If num is NULL, the result is thrown away, but it is + not considered an error. + + mpl_num_clear() does basically the same thing for clear bits. + */ + +/* {{{ mpl_num_set(a, num) */ + +mp_err mpl_num_set(mp_int *a, int *num) +{ + int ix, db, nset = 0; + mp_digit cur; + unsigned char reg; + + ARGCHK(a != NULL, MP_BADARG); + + for(ix = 0; ix < USED(a); ix++) { + cur = DIGIT(a, ix); + + for(db = 0; db < sizeof(mp_digit); db++) { + reg = (unsigned char)(cur >> (CHAR_BIT * db)); + + nset += bitc[reg]; + } + } + + if(num) + *num = nset; + + return MP_OKAY; + +} /* end mpl_num_set() */ + +/* }}} */ + +/* {{{ mpl_num_clear(a, num) */ + +mp_err mpl_num_clear(mp_int *a, int *num) +{ + int ix, db, nset = 0; + mp_digit cur; + unsigned char reg; + + ARGCHK(a != NULL, MP_BADARG); + + for(ix = 0; ix < USED(a); ix++) { + cur = DIGIT(a, ix); + + for(db = 0; db < sizeof(mp_digit); db++) { + reg = (unsigned char)(cur >> (CHAR_BIT * db)); + + nset += bitc[UCHAR_MAX - reg]; + } + } + + if(num) + *num = nset; + + return MP_OKAY; + + +} /* end mpl_num_clear() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* + mpl_parity(a) + + Determines the bitwise parity of the value given. Returns MP_EVEN + if an even number of digits are set, MP_ODD if an odd number are + set. + */ + +/* {{{ mpl_parity(a) */ + +mp_err mpl_parity(mp_int *a) +{ + int ix, par = 0; + mp_digit cur; + + ARGCHK(a != NULL, MP_BADARG); + + for(ix = 0; ix < USED(a); ix++) { + int shft = (sizeof(mp_digit) * CHAR_BIT) / 2; + + cur = DIGIT(a, ix); + + /* Compute parity for current digit */ + while(shft != 0) { + cur ^= (cur >> shft); + shft >>= 1; + } + cur &= 1; + + /* XOR with running parity so far */ + par ^= cur; + } + + if(par) + return MP_ODD; + else + return MP_EVEN; + +} /* end mpl_parity() */ + +/* }}} */ + +/* + mpl_set_bit + + Returns MP_OKAY or some error code. + Grows a if needed to set a bit to 1. + */ +mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value) +{ + mp_size ix; + mp_err rv; + mp_digit mask; + + ARGCHK(a != NULL, MP_BADARG); + + ix = bitNum / MP_DIGIT_BIT; + if (ix + 1 > MP_USED(a)) { + rv = s_mp_pad(a, ix + 1); + if (rv != MP_OKAY) + return rv; + } + + bitNum = bitNum % MP_DIGIT_BIT; + mask = (mp_digit)1 << bitNum; + if (value) + MP_DIGIT(a,ix) |= mask; + else + MP_DIGIT(a,ix) &= ~mask; + s_mp_clamp(a); + return MP_OKAY; +} + +/* + mpl_get_bit + + returns 0 or 1 or some (negative) error code. + */ +mp_err mpl_get_bit(const mp_int *a, mp_size bitNum) +{ + mp_size bit, ix; + mp_err rv; + + ARGCHK(a != NULL, MP_BADARG); + + ix = bitNum / MP_DIGIT_BIT; + ARGCHK(ix <= MP_USED(a) - 1, MP_RANGE); + + bit = bitNum % MP_DIGIT_BIT; + rv = (mp_err)(MP_DIGIT(a, ix) >> bit) & 1; + return rv; +} + +/* + mpl_get_bits + - Extracts numBits bits from a, where the least significant extracted bit + is bit lsbNum. Returns a negative value if error occurs. + - Because sign bit is used to indicate error, maximum number of bits to + be returned is the lesser of (a) the number of bits in an mp_digit, or + (b) one less than the number of bits in an mp_err. + - lsbNum + numbits can be greater than the number of significant bits in + integer a, as long as bit lsbNum is in the high order digit of a. + */ +mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits) +{ + mp_size rshift = (lsbNum % MP_DIGIT_BIT); + mp_size lsWndx = (lsbNum / MP_DIGIT_BIT); + mp_digit * digit = MP_DIGITS(a) + lsWndx; + mp_digit mask = ((1 << numBits) - 1); + + ARGCHK(numBits < CHAR_BIT * sizeof mask, MP_BADARG); + ARGCHK(MP_HOWMANY(lsbNum, MP_DIGIT_BIT) <= MP_USED(a), MP_RANGE); + + if ((numBits + lsbNum % MP_DIGIT_BIT <= MP_DIGIT_BIT) || + (lsWndx + 1 >= MP_USED(a))) { + mask &= (digit[0] >> rshift); + } else { + mask &= ((digit[0] >> rshift) | (digit[1] << (MP_DIGIT_BIT - rshift))); + } + return (mp_err)mask; +} + +/* + mpl_significant_bits + returns number of significnant bits in abs(a). + returns 1 if value is zero. + */ +mp_err mpl_significant_bits(const mp_int *a) +{ + mp_err bits = 0; + int ix; + + ARGCHK(a != NULL, MP_BADARG); + + ix = MP_USED(a); + for (ix = MP_USED(a); ix > 0; ) { + mp_digit d; + d = MP_DIGIT(a, --ix); + if (d) { + while (d) { + ++bits; + d >>= 1; + } + break; + } + } + bits += ix * MP_DIGIT_BIT; + if (!bits) + bits = 1; + return bits; +} + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h new file mode 100644 index 000000000..8efa4327c --- /dev/null +++ b/security/nss/lib/freebl/mpi/mplogic.h @@ -0,0 +1,82 @@ +/* + * mplogic.h + * + * Bitwise logical operations on MPI values + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#ifndef _H_MPLOGIC_ +#define _H_MPLOGIC_ + +#include "mpi.h" + +/* + The logical operations treat an mp_int as if it were a bit vector, + without regard to its sign (an mp_int is represented in a signed + magnitude format). Values are treated as if they had an infinite + string of zeros left of the most-significant bit. + */ + +/* Parity results */ + +#define MP_EVEN MP_YES +#define MP_ODD MP_NO + +/* Bitwise functions */ + +mp_err mpl_not(mp_int *a, mp_int *b); /* one's complement */ +mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c); /* bitwise AND */ +mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c); /* bitwise OR */ +mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c); /* bitwise XOR */ + +/* Shift functions */ + +mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d); /* right shift */ +mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d); /* left shift */ + +/* Bit count and parity */ + +mp_err mpl_num_set(mp_int *a, int *num); /* count set bits */ +mp_err mpl_num_clear(mp_int *a, int *num); /* count clear bits */ +mp_err mpl_parity(mp_int *a); /* determine parity */ + +/* Get & Set the value of a bit */ + +mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value); +mp_err mpl_get_bit(const mp_int *a, mp_size bitNum); +mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits); +mp_err mpl_significant_bits(const mp_int *a); + +#endif /* end _H_MPLOGIC_ */ diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c new file mode 100644 index 000000000..146c8c625 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpmontg.c @@ -0,0 +1,561 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ + +/* This file implements moduluar exponentiation using Montgomery's + * method for modular reduction. This file implements the method + * described as "Improvement 1" in the paper "A Cryptogrpahic Library for + * the Motorola DSP56000" by Stephen R. Dusse' and Burton S. Kaliski Jr. + * published in "Advances in Cryptology: Proceedings of EUROCRYPT '90" + * "Lecture Notes in Computer Science" volume 473, 1991, pg 230-244, + * published by Springer Verlag. + */ + +/* #define MP_USING_MONT_MULF 1 */ +#include <string.h> +#include "mpi-priv.h" +#include "mplogic.h" +#include "mpprime.h" +#ifdef MP_USING_MONT_MULF +#include "montmulf.h" +#endif + +#define STATIC +/* #define DEBUG 1 */ + +#define MAX_WINDOW_BITS 6 +#define MAX_ODD_INTS 32 /* 2 ** (WINDOW_BITS - 1) */ + +typedef struct { + mp_int N; /* modulus N */ + mp_digit n0prime; /* n0' = - (n0 ** -1) mod MP_RADIX */ + mp_size b; /* R == 2 ** b, also b = # significant bits in N */ +} mp_mont_modulus; + +mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c, + mp_mont_modulus *mmm); + +/* computes T = REDC(T), 2^b == R */ +STATIC +mp_err s_mp_redc(mp_int *T, mp_mont_modulus *mmm) +{ + mp_err res; + mp_size i; + + i = MP_USED(T) + MP_USED(&mmm->N) + 2; + MP_CHECKOK( s_mp_pad(T, i) ); + for (i = 0; i < MP_USED(&mmm->N); ++i ) { + mp_digit m_i = MP_DIGIT(T, i) * mmm->n0prime; + /* T += N * m_i * (MP_RADIX ** i); */ + MP_CHECKOK( s_mp_mul_d_add_offset(&mmm->N, m_i, T, i) ); + } + s_mp_clamp(T); + + /* T /= R */ + s_mp_div_2d(T, mmm->b); + + if ((res = s_mp_cmp(T, &mmm->N)) >= 0) { + /* T = T - N */ + MP_CHECKOK( s_mp_sub(T, &mmm->N) ); +#ifdef DEBUG + if ((res = mp_cmp(T, &mmm->N)) >= 0) { + res = MP_UNDEF; + goto CLEANUP; + } +#endif + } + res = MP_OKAY; +CLEANUP: + return res; +} + +#if !defined(MP_ASSEMBLY_MUL_MONT) && !defined(MP_MONT_USE_MP_MUL) +mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c, + mp_mont_modulus *mmm) +{ + mp_digit *pb; + mp_digit m_i; + mp_err res; + mp_size ib; + mp_size useda, usedb; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if (MP_USED(a) < MP_USED(b)) { + const mp_int *xch = b; /* switch a and b, to do fewer outer loops */ + b = a; + a = xch; + } + + MP_USED(c) = 1; MP_DIGIT(c, 0) = 0; + ib = MP_USED(a) + MP_MAX(MP_USED(b), MP_USED(&mmm->N)) + 2; + if((res = s_mp_pad(c, ib)) != MP_OKAY) + goto CLEANUP; + + useda = MP_USED(a); + pb = MP_DIGITS(b); + s_mpv_mul_d(MP_DIGITS(a), useda, *pb++, MP_DIGITS(c)); + s_mp_setz(MP_DIGITS(c) + useda + 1, ib - (useda + 1)); + m_i = MP_DIGIT(c, 0) * mmm->n0prime; + s_mp_mul_d_add_offset(&mmm->N, m_i, c, 0); + + /* Outer loop: Digits of b */ + usedb = MP_USED(b); + for (ib = 1; ib < usedb; ib++) { + mp_digit b_i = *pb++; + + /* Inner product: Digits of a */ + if (b_i) + s_mpv_mul_d_add_prop(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib); + m_i = MP_DIGIT(c, ib) * mmm->n0prime; + s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib); + } + if (usedb < MP_USED(&mmm->N)) { + for (usedb = MP_USED(&mmm->N); ib < usedb; ++ib ) { + m_i = MP_DIGIT(c, ib) * mmm->n0prime; + s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib); + } + } + s_mp_clamp(c); + s_mp_div_2d(c, mmm->b); + if (s_mp_cmp(c, &mmm->N) >= 0) { + MP_CHECKOK( s_mp_sub(c, &mmm->N) ); + } + res = MP_OKAY; + +CLEANUP: + return res; +} +#endif + +STATIC +mp_err s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont) +{ + mp_err res; + + /* xMont = x * R mod N where N is modulus */ + MP_CHECKOK( mpl_lsh(x, xMont, mmm->b) ); /* xMont = x << b */ + MP_CHECKOK( mp_div(xMont, &mmm->N, 0, xMont) ); /* mod N */ +CLEANUP: + return res; +} + +#ifdef MP_USING_MONT_MULF + +unsigned int mp_using_mont_mulf = 1; + +/* computes montgomery square of the integer in mResult */ +#define SQR \ + conv_i32_to_d32_and_d16(dm1, d16Tmp, mResult, nLen); \ + mont_mulf_noconv(mResult, dm1, d16Tmp, \ + dTmp, dn, MP_DIGITS(modulus), nLen, dn0) + +/* computes montgomery product of x and the integer in mResult */ +#define MUL(x) \ + conv_i32_to_d32(dm1, mResult, nLen); \ + mont_mulf_noconv(mResult, dm1, oddPowers[x], \ + dTmp, dn, MP_DIGITS(modulus), nLen, dn0) + +/* Do modular exponentiation using floating point multiply code. */ +mp_err mp_exptmod_f(const mp_int * montBase, + const mp_int * exponent, + const mp_int * modulus, + mp_int * result, + mp_mont_modulus *mmm, + int nLen, + mp_size bits_in_exponent, + mp_size window_bits, + mp_size odd_ints) +{ + mp_digit *mResult; + double *dBuf = 0, *dm1, *dn, *dSqr, *d16Tmp, *dTmp; + double dn0; + mp_size i; + mp_err res; + int expOff; + int dSize = 0, oddPowSize, dTmpSize; + mp_int accum1; + double *oddPowers[MAX_ODD_INTS]; + + /* function for computing n0prime only works if n0 is odd */ + + MP_DIGITS(&accum1) = 0; + + for (i = 0; i < MAX_ODD_INTS; ++i) + oddPowers[i] = 0; + + MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) ); + + mp_set(&accum1, 1); + MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) ); + MP_CHECKOK( s_mp_pad(&accum1, nLen) ); + + oddPowSize = 2 * nLen + 1; + dTmpSize = 2 * oddPowSize; + dSize = sizeof(double) * (nLen * 4 + 1 + + ((odd_ints + 1) * oddPowSize) + dTmpSize); + dBuf = (double *)malloc(dSize); + dm1 = dBuf; /* array of d32 */ + dn = dBuf + nLen; /* array of d32 */ + dSqr = dn + nLen; /* array of d32 */ + d16Tmp = dSqr + nLen; /* array of d16 */ + dTmp = d16Tmp + oddPowSize; + + for (i = 0; i < odd_ints; ++i) { + oddPowers[i] = dTmp; + dTmp += oddPowSize; + } + mResult = (mp_digit *)(dTmp + dTmpSize); /* size is nLen + 1 */ + + /* Make dn and dn0 */ + conv_i32_to_d32(dn, MP_DIGITS(modulus), nLen); + dn0 = (double)(mmm->n0prime & 0xffff); + + /* Make dSqr */ + conv_i32_to_d32_and_d16(dm1, oddPowers[0], MP_DIGITS(montBase), nLen); + mont_mulf_noconv(mResult, dm1, oddPowers[0], + dTmp, dn, MP_DIGITS(modulus), nLen, dn0); + conv_i32_to_d32(dSqr, mResult, nLen); + + for (i = 1; i < odd_ints; ++i) { + mont_mulf_noconv(mResult, dSqr, oddPowers[i - 1], + dTmp, dn, MP_DIGITS(modulus), nLen, dn0); + conv_i32_to_d16(oddPowers[i], mResult, nLen); + } + + s_mp_copy(MP_DIGITS(&accum1), mResult, nLen); /* from, to, len */ + + for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) { + mp_size smallExp; + MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) ); + smallExp = (mp_size)res; + + if (window_bits == 4) { + if (!smallExp) { + SQR; SQR; SQR; SQR; + } else if (smallExp & 1) { + SQR; SQR; SQR; SQR; MUL(smallExp/2); + } else if (smallExp & 2) { + SQR; SQR; SQR; MUL(smallExp/4); SQR; + } else if (smallExp & 4) { + SQR; SQR; MUL(smallExp/8); SQR; SQR; + } else if (smallExp & 8) { + SQR; MUL(smallExp/16); SQR; SQR; SQR; + } else { + abort(); + } + } else if (window_bits == 5) { + if (!smallExp) { + SQR; SQR; SQR; SQR; SQR; + } else if (smallExp & 1) { + SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2); + } else if (smallExp & 2) { + SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR; + } else if (smallExp & 4) { + SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR; + } else if (smallExp & 8) { + SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR; + } else if (smallExp & 0x10) { + SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR; + } else { + abort(); + } + } else if (window_bits == 6) { + if (!smallExp) { + SQR; SQR; SQR; SQR; SQR; SQR; + } else if (smallExp & 1) { + SQR; SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2); + } else if (smallExp & 2) { + SQR; SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR; + } else if (smallExp & 4) { + SQR; SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR; + } else if (smallExp & 8) { + SQR; SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR; + } else if (smallExp & 0x10) { + SQR; SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR; + } else if (smallExp & 0x20) { + SQR; MUL(smallExp/64); SQR; SQR; SQR; SQR; SQR; + } else { + abort(); + } + } else { + abort(); + } + } + + s_mp_copy(mResult, MP_DIGITS(&accum1), nLen); /* from, to, len */ + + res = s_mp_redc(&accum1, mmm); + mp_exch(&accum1, result); + +CLEANUP: + mp_clear(&accum1); + if (dBuf) { + if (dSize) + memset(dBuf, 0, dSize); + free(dBuf); + } + + return res; +} +#undef SQR +#undef MUL +#endif + +#define SQR(a,b) \ + MP_CHECKOK( mp_sqr(a, b) );\ + MP_CHECKOK( s_mp_redc(b, mmm) ) + +#if defined(MP_MONT_USE_MP_MUL) +#define MUL(x,a,b) \ + MP_CHECKOK( mp_mul(a, oddPowers + (x), b) ); \ + MP_CHECKOK( s_mp_redc(b, mmm) ) +#else +#define MUL(x,a,b) \ + MP_CHECKOK( s_mp_mul_mont(a, oddPowers + (x), b, mmm) ) +#endif + +#define SWAPPA ptmp = pa1; pa1 = pa2; pa2 = ptmp + +/* Do modular exponentiation using integer multiply code. */ +mp_err mp_exptmod_i(const mp_int * montBase, + const mp_int * exponent, + const mp_int * modulus, + mp_int * result, + mp_mont_modulus *mmm, + int nLen, + mp_size bits_in_exponent, + mp_size window_bits, + mp_size odd_ints) +{ + mp_int *pa1, *pa2, *ptmp; + mp_size i; + mp_err res; + int expOff; + mp_int accum1, accum2, power2, oddPowers[MAX_ODD_INTS]; + + /* power2 = base ** 2; oddPowers[i] = base ** (2*i + 1); */ + /* oddPowers[i] = base ** (2*i + 1); */ + + MP_DIGITS(&accum1) = 0; + MP_DIGITS(&accum2) = 0; + MP_DIGITS(&power2) = 0; + for (i = 0; i < MAX_ODD_INTS; ++i) { + MP_DIGITS(oddPowers + i) = 0; + } + + MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) ); + MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) ); + + MP_CHECKOK( mp_init_copy(&oddPowers[0], montBase) ); + + mp_init_size(&power2, nLen + 2 * MP_USED(montBase) + 2); + MP_CHECKOK( mp_sqr(montBase, &power2) ); /* power2 = montBase ** 2 */ + MP_CHECKOK( s_mp_redc(&power2, mmm) ); + + for (i = 1; i < odd_ints; ++i) { + mp_init_size(oddPowers + i, nLen + 2 * MP_USED(&power2) + 2); + MP_CHECKOK( mp_mul(oddPowers + (i - 1), &power2, oddPowers + i) ); + MP_CHECKOK( s_mp_redc(oddPowers + i, mmm) ); + } + + /* set accumulator to montgomery residue of 1 */ + mp_set(&accum1, 1); + MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) ); + pa1 = &accum1; + pa2 = &accum2; + + for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) { + mp_size smallExp; + MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) ); + smallExp = (mp_size)res; + + if (window_bits == 4) { + if (!smallExp) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + } else if (smallExp & 1) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + MUL(smallExp/2, pa1,pa2); SWAPPA; + } else if (smallExp & 2) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); + MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 4) { + SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/8,pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 8) { + SQR(pa1,pa2); MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else { + abort(); + } + } else if (window_bits == 5) { + if (!smallExp) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 1) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); MUL(smallExp/2,pa2,pa1); + } else if (smallExp & 2) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + MUL(smallExp/4,pa1,pa2); SQR(pa2,pa1); + } else if (smallExp & 4) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); + MUL(smallExp/8,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + } else if (smallExp & 8) { + SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/16,pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + } else if (smallExp & 0x10) { + SQR(pa1,pa2); MUL(smallExp/32,pa2,pa1); SQR(pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + } else { + abort(); + } + } else if (window_bits == 6) { + if (!smallExp) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); SQR(pa2,pa1); + } else if (smallExp & 1) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/2,pa1,pa2); SWAPPA; + } else if (smallExp & 2) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 4) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + MUL(smallExp/8,pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 8) { + SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); + MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); + SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 0x10) { + SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/32,pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else if (smallExp & 0x20) { + SQR(pa1,pa2); MUL(smallExp/64,pa2,pa1); SQR(pa1,pa2); + SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA; + } else { + abort(); + } + } else { + abort(); + } + } + + res = s_mp_redc(pa1, mmm); + mp_exch(pa1, result); + +CLEANUP: + mp_clear(&accum1); + mp_clear(&accum2); + mp_clear(&power2); + for (i = 0; i < odd_ints; ++i) { + mp_clear(oddPowers + i); + } + return res; +} +#undef SQR +#undef MUL + + +mp_err mp_exptmod(const mp_int *inBase, const mp_int *exponent, + const mp_int *modulus, mp_int *result) +{ + const mp_int *base; + mp_size bits_in_exponent, i, window_bits, odd_ints; + mp_err res; + int nLen; + mp_int montBase, goodBase; + mp_mont_modulus mmm; + + /* function for computing n0prime only works if n0 is odd */ + if (!mp_isodd(modulus)) + return s_mp_exptmod(inBase, exponent, modulus, result); + + MP_DIGITS(&montBase) = 0; + MP_DIGITS(&goodBase) = 0; + + if (mp_cmp(inBase, modulus) < 0) { + base = inBase; + } else { + MP_CHECKOK( mp_init(&goodBase) ); + base = &goodBase; + MP_CHECKOK( mp_mod(inBase, modulus, &goodBase) ); + } + + nLen = MP_USED(modulus); + MP_CHECKOK( mp_init_size(&montBase, 2 * nLen + 2) ); + + mmm.N = *modulus; /* a copy of the mp_int struct */ + i = mpl_significant_bits(modulus); + i += MP_DIGIT_BIT - 1; + mmm.b = i - i % MP_DIGIT_BIT; + + /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX + ** where n0 = least significant mp_digit of N, the modulus. + */ + mmm.n0prime = 0 - s_mp_invmod_radix( MP_DIGIT(modulus, 0) ); + + MP_CHECKOK( s_mp_to_mont(base, &mmm, &montBase) ); + + bits_in_exponent = mpl_significant_bits(exponent); + if (bits_in_exponent > 480) + window_bits = 6; + else if (bits_in_exponent > 160) + window_bits = 5; + else + window_bits = 4; + odd_ints = 1 << (window_bits - 1); + i = bits_in_exponent % window_bits; + if (i != 0) { + bits_in_exponent += window_bits - i; + } + +#ifdef MP_USING_MONT_MULF + if (mp_using_mont_mulf) { + MP_CHECKOK( s_mp_pad(&montBase, nLen) ); + res = mp_exptmod_f(&montBase, exponent, modulus, result, &mmm, nLen, + bits_in_exponent, window_bits, odd_ints); + } else +#endif + res = mp_exptmod_i(&montBase, exponent, modulus, result, &mmm, nLen, + bits_in_exponent, window_bits, odd_ints); + +CLEANUP: + mp_clear(&montBase); + mp_clear(&goodBase); + /* Don't mp_clear mmm.N because it is merely a copy of modulus. + ** Just zap it. + */ + memset(&mmm, 0, sizeof mmm); + return res; +} diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c new file mode 100644 index 000000000..7317eeab1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpprime.c @@ -0,0 +1,619 @@ +/* + * mpprime.c + * + * Utilities for finding and working with prime and pseudo-prime + * integers + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include "mpi-priv.h" +#include "mpprime.h" +#include "mplogic.h" +#include <stdlib.h> +#include <string.h> + +#define SMALL_TABLE 0 /* determines size of hard-wired prime table */ + +#define RANDOM() rand() + +#include "primes.c" /* pull in the prime digit table */ + +/* + Test if any of a given vector of digits divides a. If not, MP_NO + is returned; otherwise, MP_YES is returned and 'which' is set to + the index of the integer in the vector which divided a. + */ +mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which); + +/* {{{ mpp_divis(a, b) */ + +/* + mpp_divis(a, b) + + Returns MP_YES if a is divisible by b, or MP_NO if it is not. + */ + +mp_err mpp_divis(mp_int *a, mp_int *b) +{ + mp_err res; + mp_int rem; + + if((res = mp_init(&rem)) != MP_OKAY) + return res; + + if((res = mp_mod(a, b, &rem)) != MP_OKAY) + goto CLEANUP; + + if(mp_cmp_z(&rem) == 0) + res = MP_YES; + else + res = MP_NO; + +CLEANUP: + mp_clear(&rem); + return res; + +} /* end mpp_divis() */ + +/* }}} */ + +/* {{{ mpp_divis_d(a, d) */ + +/* + mpp_divis_d(a, d) + + Return MP_YES if a is divisible by d, or MP_NO if it is not. + */ + +mp_err mpp_divis_d(mp_int *a, mp_digit d) +{ + mp_err res; + mp_digit rem; + + ARGCHK(a != NULL, MP_BADARG); + + if(d == 0) + return MP_NO; + + if((res = mp_mod_d(a, d, &rem)) != MP_OKAY) + return res; + + if(rem == 0) + return MP_YES; + else + return MP_NO; + +} /* end mpp_divis_d() */ + +/* }}} */ + +/* {{{ mpp_random(a) */ + +/* + mpp_random(a) + + Assigns a random value to a. This value is generated using the + standard C library's rand() function, so it should not be used for + cryptographic purposes, but it should be fine for primality testing, + since all we really care about there is good statistical properties. + + As many digits as a currently has are filled with random digits. + */ + +mp_err mpp_random(mp_int *a) + +{ + mp_digit next = 0; + int ix, jx; + + ARGCHK(a != NULL, MP_BADARG); + + for(ix = 0; ix < USED(a); ix++) { + for(jx = 0; jx < sizeof(mp_digit); jx++) { + next = (next << CHAR_BIT) | (RANDOM() & UCHAR_MAX); + } + DIGIT(a, ix) = next; + } + + return MP_OKAY; + +} /* end mpp_random() */ + +/* }}} */ + +/* {{{ mpp_random_size(a, prec) */ + +mp_err mpp_random_size(mp_int *a, mp_size prec) +{ + mp_err res; + + ARGCHK(a != NULL && prec > 0, MP_BADARG); + + if((res = s_mp_pad(a, prec)) != MP_OKAY) + return res; + + return mpp_random(a); + +} /* end mpp_random_size() */ + +/* }}} */ + +/* {{{ mpp_divis_vector(a, vec, size, which) */ + +/* + mpp_divis_vector(a, vec, size, which) + + Determines if a is divisible by any of the 'size' digits in vec. + Returns MP_YES and sets 'which' to the index of the offending digit, + if it is; returns MP_NO if it is not. + */ + +mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which) +{ + ARGCHK(a != NULL && vec != NULL && size > 0, MP_BADARG); + + return s_mpp_divp(a, vec, size, which); + +} /* end mpp_divis_vector() */ + +/* }}} */ + +/* {{{ mpp_divis_primes(a, np) */ + +/* + mpp_divis_primes(a, np) + + Test whether a is divisible by any of the first 'np' primes. If it + is, returns MP_YES and sets *np to the value of the digit that did + it. If not, returns MP_NO. + */ +mp_err mpp_divis_primes(mp_int *a, mp_digit *np) +{ + int size, which; + mp_err res; + + ARGCHK(a != NULL && np != NULL, MP_BADARG); + + size = (int)*np; + if(size > prime_tab_size) + size = prime_tab_size; + + res = mpp_divis_vector(a, prime_tab, size, &which); + if(res == MP_YES) + *np = prime_tab[which]; + + return res; + +} /* end mpp_divis_primes() */ + +/* }}} */ + +/* {{{ mpp_fermat(a, w) */ + +/* + Using w as a witness, try pseudo-primality testing based on Fermat's + little theorem. If a is prime, and (w, a) = 1, then w^a == w (mod + a). So, we compute z = w^a (mod a) and compare z to w; if they are + equal, the test passes and we return MP_YES. Otherwise, we return + MP_NO. + */ +mp_err mpp_fermat(mp_int *a, mp_digit w) +{ + mp_int base, test; + mp_err res; + + if((res = mp_init(&base)) != MP_OKAY) + return res; + + mp_set(&base, w); + + if((res = mp_init(&test)) != MP_OKAY) + goto TEST; + + /* Compute test = base^a (mod a) */ + if((res = mp_exptmod(&base, a, a, &test)) != MP_OKAY) + goto CLEANUP; + + + if(mp_cmp(&base, &test) == 0) + res = MP_YES; + else + res = MP_NO; + + CLEANUP: + mp_clear(&test); + TEST: + mp_clear(&base); + + return res; + +} /* end mpp_fermat() */ + +/* }}} */ + +/* + Perform the fermat test on each of the primes in a list until + a) one of them shows a is not prime, or + b) the list is exhausted. + Returns: MP_YES if it passes tests. + MP_NO if fermat test reveals it is composite + Some MP error code if some other error occurs. + */ +mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes) +{ + mp_err rv = MP_YES; + + while (nPrimes-- > 0 && rv == MP_YES) { + rv = mpp_fermat(a, *primes++); + } + return rv; +} + +/* {{{ mpp_pprime(a, nt) */ + +/* + mpp_pprime(a, nt) + + Performs nt iteration of the Miller-Rabin probabilistic primality + test on a. Returns MP_YES if the tests pass, MP_NO if one fails. + If MP_NO is returned, the number is definitely composite. If MP_YES + is returned, it is probably prime (but that is not guaranteed). + */ + +mp_err mpp_pprime(mp_int *a, int nt) +{ + mp_err res; + mp_int x, amo, m, z; /* "amo" = "a minus one" */ + int iter, jx; + mp_size b; + + ARGCHK(a != NULL, MP_BADARG); + + MP_DIGITS(&x) = 0; + MP_DIGITS(&amo) = 0; + MP_DIGITS(&m) = 0; + MP_DIGITS(&z) = 0; + + /* Initialize temporaries... */ + MP_CHECKOK( mp_init(&amo)); + /* Compute amo = a - 1 for what follows... */ + MP_CHECKOK( mp_sub_d(a, 1, &amo) ); + + b = mp_trailing_zeros(&amo); + if (!b) { /* a was even ? */ + res = MP_NO; + goto CLEANUP; + } + + MP_CHECKOK( mp_init_size(&x, MP_USED(a)) ); + MP_CHECKOK( mp_init(&z) ); + MP_CHECKOK( mp_init(&m) ); + MP_CHECKOK( mp_div_2d(&amo, b, &m, 0) ); + + /* Do the test nt times... */ + for(iter = 0; iter < nt; iter++) { + + /* Choose a random value for x < a */ + s_mp_pad(&x, USED(a)); + mpp_random(&x); + MP_CHECKOK( mp_mod(&x, a, &x) ); + + /* Compute z = (x ** m) mod a */ + MP_CHECKOK( mp_exptmod(&x, &m, a, &z) ); + + if(mp_cmp_d(&z, 1) == 0 || mp_cmp(&z, &amo) == 0) { + res = MP_YES; + continue; + } + + res = MP_NO; /* just in case the following for loop never executes. */ + for (jx = 1; jx < b; jx++) { + /* z = z^2 (mod a) */ + MP_CHECKOK( mp_sqrmod(&z, a, &z) ); + res = MP_NO; /* previous line set res to MP_YES */ + + if(mp_cmp_d(&z, 1) == 0) { + break; + } + if(mp_cmp(&z, &amo) == 0) { + res = MP_YES; + break; + } + } /* end testing loop */ + + /* If the test passes, we will continue iterating, but a failed + test means the candidate is definitely NOT prime, so we will + immediately break out of this loop + */ + if(res == MP_NO) + break; + + } /* end iterations loop */ + +CLEANUP: + mp_clear(&m); + mp_clear(&z); + mp_clear(&x); + mp_clear(&amo); + return res; + +} /* end mpp_pprime() */ + +/* }}} */ + +/* Produce table of composites from list of primes and trial value. +** trial must be odd. List of primes must not include 2. +** sieve should have dimension >= MAXPRIME/2, where MAXPRIME is largest +** prime in list of primes. After this function is finished, +** if sieve[i] is non-zero, then (trial + 2*i) is composite. +** Each prime used in the sieve costs one division of trial, and eliminates +** one or more values from the search space. (3 eliminates 1/3 of the values +** alone!) Each value left in the search space costs 1 or more modular +** exponentations. So, these divisions are a bargain! +*/ +mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes, + unsigned char *sieve, mp_size nSieve) +{ + mp_err res; + mp_digit rem; + mp_size ix; + unsigned long offset; + + memset(sieve, 0, nSieve); + + for(ix = 0; ix < nPrimes; ix++) { + mp_digit prime = primes[ix]; + mp_size i; + if((res = mp_mod_d(trial, prime, &rem)) != MP_OKAY) + return res; + + if (rem == 0) { + offset = 0; + } else { + offset = prime - (rem / 2); + } + for (i = offset; i < nSieve ; i += prime) { + sieve[i] = 1; + } + } + + return MP_OKAY; +} + +#define SIEVE_SIZE 32*1024 + +mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong, + unsigned long * nTries) +{ + mp_digit np; + mp_err res; + int i = 0; + mp_int trial; + mp_int q; + mp_size num_tests; + /* + * Always make sieve the last variabale allocated so that + * Mac builds don't break by adding an extra variable + * on the stack. -javi + */ +#if defined(macintosh) || defined (XP_OS2) + unsigned char *sieve; + + sieve = malloc(SIEVE_SIZE); + ARGCHK(sieve != NULL, MP_MEM); +#else + unsigned char sieve[SIEVE_SIZE]; +#endif + + ARGCHK(start != 0, MP_BADARG); + ARGCHK(nBits > 16, MP_RANGE); + + MP_DIGITS(&trial) = 0; + MP_DIGITS(&q) = 0; + MP_CHECKOK( mp_init(&trial) ); + MP_CHECKOK( mp_init(&q) ); + /* values taken from table 4.4, HandBook of Applied Cryptography */ + if (nBits >= 1300) { + num_tests = 2; + } else if (nBits >= 850) { + num_tests = 3; + } else if (nBits >= 650) { + num_tests = 4; + } else if (nBits >= 550) { + num_tests = 5; + } else if (nBits >= 450) { + num_tests = 6; + } else if (nBits >= 400) { + num_tests = 7; + } else if (nBits >= 350) { + num_tests = 8; + } else if (nBits >= 300) { + num_tests = 9; + } else if (nBits >= 250) { + num_tests = 12; + } else if (nBits >= 200) { + num_tests = 15; + } else if (nBits >= 150) { + num_tests = 18; + } else if (nBits >= 100) { + num_tests = 27; + } else + num_tests = 50; + + if (strong) + --nBits; + MP_CHECKOK( mpl_set_bit(start, nBits - 1, 1) ); + MP_CHECKOK( mpl_set_bit(start, 0, 1) ); + for (i = mpl_significant_bits(start) - 1; i >= nBits; --i) { + MP_CHECKOK( mpl_set_bit(start, i, 0) ); + } + /* start sieveing with prime value of 3. */ + MP_CHECKOK(mpp_sieve(start, prime_tab + 1, prime_tab_size - 1, + sieve, SIEVE_SIZE) ); + +#ifdef DEBUG_SIEVE + res = 0; + for (i = 0; i < SIEVE_SIZE; ++i) { + if (!sieve[i]) + ++res; + } + fprintf(stderr,"sieve found %d potential primes.\n", res); +#define FPUTC(x,y) fputc(x,y) +#else +#define FPUTC(x,y) +#endif + + res = MP_NO; + for(i = 0; i < SIEVE_SIZE; ++i) { + if (sieve[i]) /* this number is composite */ + continue; + MP_CHECKOK( mp_add_d(start, 2 * i, &trial) ); + FPUTC('.', stderr); + /* run a Fermat test */ + res = mpp_fermat(&trial, 2); + if (res != MP_OKAY) { + if (res == MP_NO) + continue; /* was composite */ + goto CLEANUP; + } + + FPUTC('+', stderr); + /* If that passed, run some Miller-Rabin tests */ + res = mpp_pprime(&trial, num_tests); + if (res != MP_OKAY) { + if (res == MP_NO) + continue; /* was composite */ + goto CLEANUP; + } + FPUTC('!', stderr); + + if (!strong) + break; /* success !! */ + + /* At this point, we have strong evidence that our candidate + is itself prime. If we want a strong prime, we need now + to test q = 2p + 1 for primality... + */ + MP_CHECKOK( mp_mul_2(&trial, &q) ); + MP_CHECKOK( mp_add_d(&q, 1, &q) ); + + /* Test q for small prime divisors ... */ + np = prime_tab_size; + res = mpp_divis_primes(&q, &np); + if (res == MP_YES) { /* is composite */ + mp_clear(&q); + continue; + } + if (res != MP_NO) + goto CLEANUP; + + /* And test with Fermat, as with its parent ... */ + res = mpp_fermat(&q, 2); + if (res != MP_YES) { + mp_clear(&q); + if (res == MP_NO) + continue; /* was composite */ + goto CLEANUP; + } + + /* And test with Miller-Rabin, as with its parent ... */ + res = mpp_pprime(&q, num_tests); + if (res != MP_YES) { + mp_clear(&q); + if (res == MP_NO) + continue; /* was composite */ + goto CLEANUP; + } + + /* If it passed, we've got a winner */ + mp_exch(&q, &trial); + mp_clear(&q); + break; + + } /* end of loop through sieved values */ + if (res == MP_YES) + mp_exch(&trial, start); +CLEANUP: + mp_clear(&trial); + mp_clear(&q); + if (nTries) + *nTries += i; +#if defined(macintosh) || defined(XP_OS2) + if (sieve != NULL) { + memset(sieve, 0, SIEVE_SIZE); + free (sieve); + } +#endif + return res; +} + +/*========================================================================*/ +/*------------------------------------------------------------------------*/ +/* Static functions visible only to the library internally */ + +/* {{{ s_mpp_divp(a, vec, size, which) */ + +/* + Test for divisibility by members of a vector of digits. Returns + MP_NO if a is not divisible by any of them; returns MP_YES and sets + 'which' to the index of the offender, if it is. Will stop on the + first digit against which a is divisible. + */ + +mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which) +{ + mp_err res; + mp_digit rem; + + int ix; + + for(ix = 0; ix < size; ix++) { + if((res = mp_mod_d(a, vec[ix], &rem)) != MP_OKAY) + return res; + + if(rem == 0) { + if(which) + *which = ix; + return MP_YES; + } + } + + return MP_NO; + +} /* end s_mpp_divp() */ + +/* }}} */ + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h new file mode 100644 index 000000000..1204580f6 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpprime.h @@ -0,0 +1,67 @@ +/* + * mpprime.h + * + * Utilities for finding and working with prime and pseudo-prime + * integers + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifndef _H_MP_PRIME_ +#define _H_MP_PRIME_ + +#include "mpi.h" + +extern const int prime_tab_size; /* number of primes available */ +extern const mp_digit prime_tab[]; + +/* Tests for divisibility */ +mp_err mpp_divis(mp_int *a, mp_int *b); +mp_err mpp_divis_d(mp_int *a, mp_digit d); + +/* Random selection */ +mp_err mpp_random(mp_int *a); +mp_err mpp_random_size(mp_int *a, mp_size prec); + +/* Pseudo-primality testing */ +mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which); +mp_err mpp_divis_primes(mp_int *a, mp_digit *np); +mp_err mpp_fermat(mp_int *a, mp_digit w); +mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes); +mp_err mpp_pprime(mp_int *a, int nt); +mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes, + unsigned char *sieve, mp_size nSieve); +mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong, + unsigned long * nTries); + +#endif /* end _H_MP_PRIME_ */ diff --git a/security/nss/lib/freebl/mpi/mpv_sparc.c b/security/nss/lib/freebl/mpi/mpv_sparc.c new file mode 100644 index 000000000..a0a0b78fb --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpv_sparc.c @@ -0,0 +1,249 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is a SPARC/VIS optimized multiply and add function + * + * The Initial Developer of the Original Code is Sun Microsystems Inc. + * Portions created by Sun Microsystems Inc. are + * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ + +#include "vis_proto.h" + +/***************************************************************/ + +typedef int t_s32; +typedef unsigned int t_u32; +#if defined(__sparcv9) +typedef long t_s64; +typedef unsigned long t_u64; +#else +typedef long long t_s64; +typedef unsigned long long t_u64; +#endif +typedef double t_d64; + +/***************************************************************/ + +typedef union { + t_d64 d64; + struct { + t_s32 i0; + t_s32 i1; + } i32s; +} d64_2_i32; + +/***************************************************************/ + +#define BUFF_SIZE 256 + +#define A_BITS 19 +#define A_MASK ((1 << A_BITS) - 1) + +/***************************************************************/ + +static t_u64 mask_cnst[] = { + 0x8000000080000000ull +}; + +/***************************************************************/ + +#define DEF_VARS(N) \ + t_d64 *py = (t_d64*)y; \ + t_d64 mask = *((t_d64*)mask_cnst); \ + t_d64 ca = (1u << 31) - 1; \ + t_d64 da = (t_d64)a; \ + t_s64 buff[N], s; \ + d64_2_i32 dy + +/***************************************************************/ + +#define MUL_U32_S64_2(i) \ + dy.d64 = vis_fxnor(mask, py[i]); \ + buff[2*(i) ] = (ca - (t_d64)dy.i32s.i0) * da; \ + buff[2*(i)+1] = (ca - (t_d64)dy.i32s.i1) * da + +#define MUL_U32_S64_2_D(i) \ + dy.d64 = vis_fxnor(mask, py[i]); \ + d0 = ca - (t_d64)dy.i32s.i0; \ + d1 = ca - (t_d64)dy.i32s.i1; \ + buff[4*(i) ] = (t_s64)(d0 * da); \ + buff[4*(i)+1] = (t_s64)(d0 * db); \ + buff[4*(i)+2] = (t_s64)(d1 * da); \ + buff[4*(i)+3] = (t_s64)(d1 * db) + +/***************************************************************/ + +#define ADD_S64_U32(i) \ + s = buff[i] + x[i] + c; \ + z[i] = s; \ + c = (s >> 32) + +#define ADD_S64_U32_D(i) \ + s = buff[2*(i)] +(((t_s64)(buff[2*(i)+1]))<<A_BITS) + x[i] + uc; \ + z[i] = s; \ + uc = ((t_u64)s >> 32) + +/***************************************************************/ + +#define MUL_U32_S64_8(i) \ + MUL_U32_S64_2(i); \ + MUL_U32_S64_2(i+1); \ + MUL_U32_S64_2(i+2); \ + MUL_U32_S64_2(i+3) + +#define MUL_U32_S64_D_8(i) \ + MUL_U32_S64_2_D(i); \ + MUL_U32_S64_2_D(i+1); \ + MUL_U32_S64_2_D(i+2); \ + MUL_U32_S64_2_D(i+3) + +/***************************************************************/ + +#define ADD_S64_U32_8(i) \ + ADD_S64_U32(i); \ + ADD_S64_U32(i+1); \ + ADD_S64_U32(i+2); \ + ADD_S64_U32(i+3); \ + ADD_S64_U32(i+4); \ + ADD_S64_U32(i+5); \ + ADD_S64_U32(i+6); \ + ADD_S64_U32(i+7) + +#define ADD_S64_U32_D_8(i) \ + ADD_S64_U32_D(i); \ + ADD_S64_U32_D(i+1); \ + ADD_S64_U32_D(i+2); \ + ADD_S64_U32_D(i+3); \ + ADD_S64_U32_D(i+4); \ + ADD_S64_U32_D(i+5); \ + ADD_S64_U32_D(i+6); \ + ADD_S64_U32_D(i+7) + +/***************************************************************/ + +t_u32 mul_add(t_u32 *z, t_u32 *x, t_u32 *y, int n, t_u32 a) +{ + if (a < (1 << A_BITS)) { + + if (n == 8) { + DEF_VARS(8); + t_s32 c = 0; + + MUL_U32_S64_8(0); + ADD_S64_U32_8(0); + + return c; + + } else if (n == 16) { + DEF_VARS(16); + t_s32 c = 0; + + MUL_U32_S64_8(0); + MUL_U32_S64_8(4); + ADD_S64_U32_8(0); + ADD_S64_U32_8(8); + + return c; + + } else { + DEF_VARS(BUFF_SIZE); + t_s32 i, c = 0; + +#pragma pipeloop(0) + for (i = 0; i < (n+1)/2; i ++) { + MUL_U32_S64_2(i); + } + +#pragma pipeloop(0) + for (i = 0; i < n; i ++) { + ADD_S64_U32(i); + } + + return c; + + } + } else { + + if (n == 8) { + DEF_VARS(2*8); + t_d64 d0, d1, db; + t_u32 uc = 0; + + da = (t_d64)(a & A_MASK); + db = (t_d64)(a >> A_BITS); + + MUL_U32_S64_D_8(0); + ADD_S64_U32_D_8(0); + + return uc; + + } else if (n == 16) { + DEF_VARS(2*16); + t_d64 d0, d1, db; + t_u32 uc = 0; + + da = (t_d64)(a & A_MASK); + db = (t_d64)(a >> A_BITS); + + MUL_U32_S64_D_8(0); + MUL_U32_S64_D_8(4); + ADD_S64_U32_D_8(0); + ADD_S64_U32_D_8(8); + + return uc; + + } else { + DEF_VARS(2*BUFF_SIZE); + t_d64 d0, d1, db; + t_u32 i, uc = 0; + + da = (t_d64)(a & A_MASK); + db = (t_d64)(a >> A_BITS); + +#pragma pipeloop(0) + for (i = 0; i < (n+1)/2; i ++) { + MUL_U32_S64_2_D(i); + } + +#pragma pipeloop(0) + for (i = 0; i < n; i ++) { + ADD_S64_U32_D(i); + } + + return uc; + } + } +} + +/***************************************************************/ + +t_u32 mul_add_inp(t_u32 *x, t_u32 *y, int n, t_u32 a) +{ + return mul_add(x, x, y, n, a); +} + +/***************************************************************/ diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv8.s b/security/nss/lib/freebl/mpi/mpv_sparcv8.s new file mode 100644 index 000000000..81fdd1b93 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpv_sparcv8.s @@ -0,0 +1,1641 @@ +!/* +! * The contents of this file are subject to the Mozilla Public +! * License Version 1.1 (the "License"); you may not use this file +! * except in compliance with the License. You may obtain a copy of +! * the License at http://www.mozilla.org/MPL/ +! * +! * Software distributed under the License is distributed on an "AS +! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! * implied. See the License for the specific language governing +! * rights and limitations under the License. +! * +! * The Original Code is a SPARC/VIS optimized multiply and add function +! * +! * The Initial Developer of the Original Code is Sun Microsystems Inc. +! * Portions created by Sun Microsystems Inc. are +! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! * +! * Contributor(s): +! * +! * Alternatively, the contents of this file may be used under the +! * terms of the GNU General Public License Version 2 or later (the +! * "GPL"), in which case the provisions of the GPL are applicable +! * instead of those above. If you wish to allow use of your +! * version of this file only under the terms of the GPL and not to +! * allow others to use your version of this file under the MPL, +! * indicate your decision by deleting the provisions above and +! * replace them with the notice and other provisions required by +! * the GPL. If you do not delete the provisions above, a recipient +! * may use your version of this file under either the MPL or the +! * GPL. +! * $Id$ +! */ + + + .section ".text",#alloc,#execinstr +/* 000000 3 ( 0 0) */ .file "mpv_sparc.c" +/* 000000 14 ( 0 0) */ .align 8 +! +! SUBROUTINE .L_const_seg_900000106 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .L_const_seg_900000106: /* frequency 1.0 confidence 0.0 */ +/* 000000 19 ( 0 0) */ .word 1127219200,0 +/* 0x0008 20 ( 0 0) */ .word 1105199103,-4194304 +/* 0x0010 21 ( 0 0) */ .align 16 +/* 0x0010 27 ( 0 0) */ .global mul_add + +! +! ENTRY mul_add +! + + .global mul_add + mul_add: /* frequency 1.0 confidence 0.0 */ +/* 0x0010 29 ( 0 1) */ sethi %hi(0x1800),%g1 +/* 0x0014 30 ( 0 1) */ sethi %hi(mask_cnst),%g2 +/* 0x0018 31 ( 1 2) */ xor %g1,-984,%g1 +/* 0x001c 32 ( 1 2) */ add %g2,%lo(mask_cnst),%g2 +/* 0x0020 33 ( 2 4) */ save %sp,%g1,%sp + +! +! ENTRY .L900000154 +! + + .L900000154: /* frequency 1.0 confidence 0.0 */ +/* 0x0024 35 ( 0 2) */ call (.+0x8) ! params = ! Result = +/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5 +/* 0x002c 177 ( 2 3) */ sethi %hi(.L_const_seg_900000106),%g3 +/* 0x0030 178 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5 +/* 0x0034 179 ( 3 4) */ or %g0,%i4,%o1 +/* 0x0038 180 ( 3 4) */ st %o1,[%fp+84] +/* 0x003c 181 ( 3 4) */ add %g5,%o7,%o3 +/* 0x0040 182 ( 4 5) */ add %g3,%lo(.L_const_seg_900000106),%g3 +/* 0x0044 183 ( 4 6) */ ld [%o3+%g2],%g2 +/* 0x0048 184 ( 4 5) */ or %g0,%i3,%o2 +/* 0x004c 185 ( 5 6) */ sethi %hi(0x80000),%g4 +/* 0x0050 186 ( 5 7) */ ld [%o3+%g3],%o0 +/* 0x0054 187 ( 5 6) */ or %g0,%i2,%g5 +/* 0x0058 188 ( 6 7) */ or %g0,%o2,%o3 +/* 0x005c 189 ( 6 10) */ ldd [%g2],%f0 +/* 0x0060 190 ( 6 7) */ subcc %o1,%g4,%g0 +/* 0x0064 191 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50 +/* 0x0068 ( 7 8) */ subcc %o2,8,%g0 +/* 0x006c 193 ( 7 8) */ bne,pn %icc,.L77000037 ! tprob=0.50 +/* 0x0070 ( 8 12) */ ldd [%o0],%f8 +/* 0x0074 195 ( 9 13) */ ldd [%g5],%f4 +/* 0x0078 196 (10 14) */ ldd [%g5+8],%f6 +/* 0x007c 197 (11 15) */ ldd [%g5+16],%f10 +/* 0x0080 198 (11 14) */ fmovs %f8,%f12 +/* 0x0084 199 (12 16) */ fxnor %f0,%f4,%f4 +/* 0x0088 200 (12 14) */ ld [%fp+84],%f13 +/* 0x008c 201 (13 17) */ ldd [%o0+8],%f14 +/* 0x0090 202 (13 17) */ fxnor %f0,%f6,%f6 +/* 0x0094 203 (14 18) */ ldd [%g5+24],%f16 +/* 0x0098 204 (14 18) */ fxnor %f0,%f10,%f10 +/* 0x009c 208 (15 17) */ ld [%i1],%g2 +/* 0x00a0 209 (15 20) */ fsubd %f12,%f8,%f8 +/* 0x00a4 210 (16 21) */ fitod %f4,%f18 +/* 0x00a8 211 (16 18) */ ld [%i1+4],%g3 +/* 0x00ac 212 (17 22) */ fitod %f5,%f4 +/* 0x00b0 213 (17 19) */ ld [%i1+8],%g4 +/* 0x00b4 214 (18 23) */ fitod %f6,%f20 +/* 0x00b8 215 (18 20) */ ld [%i1+12],%g5 +/* 0x00bc 216 (19 21) */ ld [%i1+16],%o0 +/* 0x00c0 217 (19 24) */ fitod %f7,%f6 +/* 0x00c4 218 (20 22) */ ld [%i1+20],%o1 +/* 0x00c8 219 (20 24) */ fxnor %f0,%f16,%f16 +/* 0x00cc 220 (21 26) */ fsubd %f14,%f18,%f12 +/* 0x00d0 221 (21 23) */ ld [%i1+24],%o2 +/* 0x00d4 222 (22 27) */ fsubd %f14,%f4,%f4 +/* 0x00d8 223 (22 24) */ ld [%i1+28],%o3 +/* 0x00dc 224 (23 28) */ fitod %f10,%f18 +/* 0x00e0 225 (24 29) */ fsubd %f14,%f20,%f20 +/* 0x00e4 226 (25 30) */ fitod %f11,%f10 +/* 0x00e8 227 (26 31) */ fsubd %f14,%f6,%f6 +/* 0x00ec 228 (26 31) */ fmuld %f12,%f8,%f12 +/* 0x00f0 229 (27 32) */ fitod %f16,%f22 +/* 0x00f4 230 (27 32) */ fmuld %f4,%f8,%f4 +/* 0x00f8 231 (28 33) */ fsubd %f14,%f18,%f18 +/* 0x00fc 232 (29 34) */ fitod %f17,%f16 +/* 0x0100 233 (29 34) */ fmuld %f20,%f8,%f20 +/* 0x0104 234 (30 35) */ fsubd %f14,%f10,%f10 +/* 0x0108 235 (31 36) */ fdtox %f12,%f12 +/* 0x010c 236 (31 32) */ std %f12,[%sp+152] +/* 0x0110 237 (31 36) */ fmuld %f6,%f8,%f6 +/* 0x0114 238 (32 37) */ fdtox %f4,%f4 +/* 0x0118 239 (32 33) */ std %f4,[%sp+144] +/* 0x011c 240 (33 38) */ fsubd %f14,%f22,%f4 +/* 0x0120 241 (33 38) */ fmuld %f18,%f8,%f12 +/* 0x0124 242 (34 39) */ fdtox %f20,%f18 +/* 0x0128 243 (34 35) */ std %f18,[%sp+136] +/* 0x012c 244 (35 37) */ ldx [%sp+152],%o4 +/* 0x0130 245 (35 40) */ fsubd %f14,%f16,%f14 +/* 0x0134 246 (35 40) */ fmuld %f10,%f8,%f10 +/* 0x0138 247 (36 41) */ fdtox %f6,%f6 +/* 0x013c 248 (36 37) */ std %f6,[%sp+128] +/* 0x0140 249 (37 39) */ ldx [%sp+144],%o5 +/* 0x0144 250 (37 38) */ add %o4,%g2,%o4 +/* 0x0148 251 (38 39) */ st %o4,[%i0] +/* 0x014c 252 (38 39) */ srax %o4,32,%g2 +/* 0x0150 253 (38 43) */ fdtox %f12,%f6 +/* 0x0154 254 (38 43) */ fmuld %f4,%f8,%f4 +/* 0x0158 255 (39 40) */ std %f6,[%sp+120] +/* 0x015c 256 (39 40) */ add %o5,%g3,%g3 +/* 0x0160 257 (40 42) */ ldx [%sp+136],%o7 +/* 0x0164 258 (40 41) */ add %g3,%g2,%g2 +/* 0x0168 259 (40 45) */ fmuld %f14,%f8,%f6 +/* 0x016c 260 (40 45) */ fdtox %f10,%f8 +/* 0x0170 261 (41 42) */ std %f8,[%sp+112] +/* 0x0174 262 (41 42) */ srax %g2,32,%o5 +/* 0x0178 263 (42 44) */ ldx [%sp+128],%g3 +/* 0x017c 264 (42 43) */ add %o7,%g4,%g4 +/* 0x0180 265 (43 44) */ st %g2,[%i0+4] +/* 0x0184 266 (43 44) */ add %g4,%o5,%g4 +/* 0x0188 267 (43 48) */ fdtox %f4,%f4 +/* 0x018c 268 (44 46) */ ldx [%sp+120],%o5 +/* 0x0190 269 (44 45) */ add %g3,%g5,%g3 +/* 0x0194 270 (44 45) */ srax %g4,32,%g5 +/* 0x0198 271 (45 46) */ std %f4,[%sp+104] +/* 0x019c 272 (45 46) */ add %g3,%g5,%g3 +/* 0x01a0 273 (45 50) */ fdtox %f6,%f4 +/* 0x01a4 274 (46 47) */ std %f4,[%sp+96] +/* 0x01a8 275 (46 47) */ add %o5,%o0,%o0 +/* 0x01ac 276 (46 47) */ srax %g3,32,%o5 +/* 0x01b0 277 (47 49) */ ldx [%sp+112],%g5 +/* 0x01b4 278 (47 48) */ add %o0,%o5,%o0 +/* 0x01b8 279 (48 49) */ st %g4,[%i0+8] +/* 0x01bc 280 (49 51) */ ldx [%sp+104],%o5 +/* 0x01c0 281 (49 50) */ add %g5,%o1,%o1 +/* 0x01c4 282 (49 50) */ srax %o0,32,%g5 +/* 0x01c8 283 (50 51) */ st %o0,[%i0+16] +/* 0x01cc 284 (50 51) */ add %o1,%g5,%o1 +/* 0x01d0 285 (51 53) */ ldx [%sp+96],%g5 +/* 0x01d4 286 (51 52) */ add %o5,%o2,%o2 +/* 0x01d8 287 (51 52) */ srax %o1,32,%o5 +/* 0x01dc 288 (52 53) */ st %o1,[%i0+20] +/* 0x01e0 289 (52 53) */ add %o2,%o5,%o2 +/* 0x01e4 290 (53 54) */ st %o2,[%i0+24] +/* 0x01e8 291 (53 54) */ srax %o2,32,%g4 +/* 0x01ec 292 (53 54) */ add %g5,%o3,%g2 +/* 0x01f0 293 (54 55) */ st %g3,[%i0+12] +/* 0x01f4 294 (54 55) */ add %g2,%g4,%g2 +/* 0x01f8 295 (55 56) */ st %g2,[%i0+28] +/* 0x01fc 299 (55 56) */ srax %g2,32,%o7 +/* 0x0200 300 (56 57) */ or %g0,%o7,%i0 +/* 0x0204 (57 64) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0208 (59 61) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000037 +! + + .L77000037: /* frequency 1.0 confidence 0.0 */ +/* 0x020c 307 ( 0 1) */ subcc %o2,16,%g0 +/* 0x0210 308 ( 0 1) */ bne,pn %icc,.L77000076 ! tprob=0.50 +/* 0x0214 ( 1 5) */ ldd [%o0],%f8 +/* 0x0218 310 ( 2 6) */ ldd [%g5],%f4 +/* 0x021c 311 ( 3 7) */ ldd [%g5+8],%f6 +/* 0x0220 317 ( 4 8) */ ldd [%o0+8],%f14 +/* 0x0224 318 ( 4 7) */ fmovs %f8,%f12 +/* 0x0228 319 ( 5 7) */ ld [%fp+84],%f13 +/* 0x022c 320 ( 5 9) */ fxnor %f0,%f4,%f4 +/* 0x0230 321 ( 6 10) */ ldd [%g5+16],%f10 +/* 0x0234 322 ( 6 10) */ fxnor %f0,%f6,%f6 +/* 0x0238 323 ( 7 11) */ ldd [%g5+24],%f16 +/* 0x023c 324 ( 8 12) */ ldd [%g5+32],%f20 +/* 0x0240 325 ( 8 13) */ fsubd %f12,%f8,%f8 +/* 0x0244 331 ( 9 11) */ ld [%i1+40],%o7 +/* 0x0248 332 ( 9 14) */ fitod %f4,%f18 +/* 0x024c 333 (10 14) */ ldd [%g5+40],%f22 +/* 0x0250 334 (10 15) */ fitod %f5,%f4 +/* 0x0254 335 (11 12) */ stx %o7,[%sp+96] +/* 0x0258 336 (11 16) */ fitod %f6,%f24 +/* 0x025c 337 (12 14) */ ld [%i1+44],%o7 +/* 0x0260 338 (12 16) */ fxnor %f0,%f10,%f10 +/* 0x0264 339 (13 17) */ ldd [%g5+48],%f26 +/* 0x0268 340 (13 18) */ fitod %f7,%f6 +/* 0x026c 341 (14 15) */ stx %o7,[%sp+104] +/* 0x0270 342 (14 19) */ fsubd %f14,%f18,%f18 +/* 0x0274 343 (15 17) */ ld [%i1+48],%o7 +/* 0x0278 344 (15 20) */ fsubd %f14,%f4,%f4 +/* 0x027c 345 (16 18) */ ld [%i1+36],%o5 +/* 0x0280 346 (16 21) */ fitod %f10,%f28 +/* 0x0284 347 (17 18) */ stx %o7,[%sp+112] +/* 0x0288 348 (17 21) */ fxnor %f0,%f16,%f16 +/* 0x028c 349 (18 20) */ ld [%i1],%g2 +/* 0x0290 350 (18 23) */ fsubd %f14,%f24,%f24 +/* 0x0294 351 (19 20) */ stx %o5,[%sp+120] +/* 0x0298 352 (19 24) */ fitod %f11,%f10 +/* 0x029c 353 (19 24) */ fmuld %f18,%f8,%f18 +/* 0x02a0 354 (20 22) */ ld [%i1+52],%o5 +/* 0x02a4 355 (20 25) */ fsubd %f14,%f6,%f6 +/* 0x02a8 356 (20 25) */ fmuld %f4,%f8,%f4 +/* 0x02ac 357 (21 26) */ fitod %f16,%f30 +/* 0x02b0 358 (22 26) */ fxnor %f0,%f20,%f20 +/* 0x02b4 359 (22 24) */ ld [%i1+4],%g3 +/* 0x02b8 360 (23 27) */ ldd [%g5+56],%f2 +/* 0x02bc 361 (23 28) */ fsubd %f14,%f28,%f28 +/* 0x02c0 362 (23 28) */ fmuld %f24,%f8,%f24 +/* 0x02c4 363 (24 25) */ stx %o5,[%sp+128] +/* 0x02c8 364 (24 29) */ fdtox %f18,%f18 +/* 0x02cc 365 (25 26) */ std %f18,[%sp+272] +/* 0x02d0 366 (25 30) */ fitod %f17,%f16 +/* 0x02d4 367 (25 30) */ fmuld %f6,%f8,%f6 +/* 0x02d8 368 (26 31) */ fsubd %f14,%f10,%f10 +/* 0x02dc 369 (27 32) */ fitod %f20,%f18 +/* 0x02e0 370 (28 33) */ fdtox %f4,%f4 +/* 0x02e4 371 (28 29) */ std %f4,[%sp+264] +/* 0x02e8 372 (28 33) */ fmuld %f28,%f8,%f28 +/* 0x02ec 373 (29 31) */ ld [%i1+8],%g4 +/* 0x02f0 374 (29 34) */ fsubd %f14,%f30,%f4 +/* 0x02f4 375 (30 34) */ fxnor %f0,%f22,%f22 +/* 0x02f8 376 (30 32) */ ld [%i1+12],%g5 +/* 0x02fc 377 (31 33) */ ld [%i1+16],%o0 +/* 0x0300 378 (31 36) */ fitod %f21,%f20 +/* 0x0304 379 (31 36) */ fmuld %f10,%f8,%f10 +/* 0x0308 380 (32 34) */ ld [%i1+20],%o1 +/* 0x030c 381 (32 37) */ fdtox %f24,%f24 +/* 0x0310 382 (33 34) */ std %f24,[%sp+256] +/* 0x0314 383 (33 38) */ fsubd %f14,%f16,%f16 +/* 0x0318 384 (34 36) */ ldx [%sp+272],%o7 +/* 0x031c 385 (34 39) */ fdtox %f6,%f6 +/* 0x0320 386 (34 39) */ fmuld %f4,%f8,%f4 +/* 0x0324 387 (35 36) */ std %f6,[%sp+248] +/* 0x0328 388 (35 40) */ fitod %f22,%f24 +/* 0x032c 389 (36 38) */ ld [%i1+32],%o4 +/* 0x0330 390 (36 41) */ fsubd %f14,%f18,%f6 +/* 0x0334 391 (36 37) */ add %o7,%g2,%g2 +/* 0x0338 392 (37 39) */ ldx [%sp+264],%o7 +/* 0x033c 393 (37 41) */ fxnor %f0,%f26,%f26 +/* 0x0340 394 (37 38) */ srax %g2,32,%o5 +/* 0x0344 395 (38 39) */ st %g2,[%i0] +/* 0x0348 396 (38 43) */ fitod %f23,%f18 +/* 0x034c 397 (38 43) */ fmuld %f16,%f8,%f16 +/* 0x0350 398 (39 41) */ ldx [%sp+248],%g2 +/* 0x0354 399 (39 44) */ fdtox %f28,%f22 +/* 0x0358 400 (39 40) */ add %o7,%g3,%g3 +/* 0x035c 401 (40 42) */ ldx [%sp+256],%o7 +/* 0x0360 402 (40 45) */ fsubd %f14,%f20,%f20 +/* 0x0364 403 (40 41) */ add %g3,%o5,%g3 +/* 0x0368 404 (41 42) */ std %f22,[%sp+240] +/* 0x036c 405 (41 46) */ fitod %f26,%f22 +/* 0x0370 406 (41 42) */ srax %g3,32,%o5 +/* 0x0374 407 (41 42) */ add %g2,%g5,%g2 +/* 0x0378 408 (42 43) */ st %g3,[%i0+4] +/* 0x037c 409 (42 47) */ fdtox %f10,%f10 +/* 0x0380 410 (42 43) */ add %o7,%g4,%g4 +/* 0x0384 411 (42 47) */ fmuld %f6,%f8,%f6 +/* 0x0388 412 (43 44) */ std %f10,[%sp+232] +/* 0x038c 413 (43 47) */ fxnor %f0,%f2,%f12 +/* 0x0390 414 (43 44) */ add %g4,%o5,%g4 +/* 0x0394 415 (44 45) */ st %g4,[%i0+8] +/* 0x0398 416 (44 45) */ srax %g4,32,%o5 +/* 0x039c 417 (44 49) */ fsubd %f14,%f24,%f10 +/* 0x03a0 418 (45 47) */ ldx [%sp+240],%o7 +/* 0x03a4 419 (45 50) */ fdtox %f4,%f4 +/* 0x03a8 420 (45 46) */ add %g2,%o5,%g2 +/* 0x03ac 421 (45 50) */ fmuld %f20,%f8,%f20 +/* 0x03b0 422 (46 47) */ std %f4,[%sp+224] +/* 0x03b4 423 (46 47) */ srax %g2,32,%g5 +/* 0x03b8 424 (46 51) */ fsubd %f14,%f18,%f4 +/* 0x03bc 425 (47 48) */ st %g2,[%i0+12] +/* 0x03c0 426 (47 52) */ fitod %f27,%f24 +/* 0x03c4 427 (47 48) */ add %o7,%o0,%g3 +/* 0x03c8 428 (48 50) */ ldx [%sp+232],%o5 +/* 0x03cc 429 (48 53) */ fdtox %f16,%f16 +/* 0x03d0 430 (48 49) */ add %g3,%g5,%g2 +/* 0x03d4 431 (49 50) */ std %f16,[%sp+216] +/* 0x03d8 432 (49 50) */ srax %g2,32,%g4 +/* 0x03dc 433 (49 54) */ fitod %f12,%f18 +/* 0x03e0 434 (49 54) */ fmuld %f10,%f8,%f10 +/* 0x03e4 435 (50 51) */ st %g2,[%i0+16] +/* 0x03e8 436 (50 55) */ fsubd %f14,%f22,%f16 +/* 0x03ec 437 (50 51) */ add %o5,%o1,%g2 +/* 0x03f0 438 (51 53) */ ld [%i1+24],%o2 +/* 0x03f4 439 (51 56) */ fitod %f13,%f12 +/* 0x03f8 440 (51 52) */ add %g2,%g4,%g2 +/* 0x03fc 441 (51 56) */ fmuld %f4,%f8,%f22 +/* 0x0400 442 (52 54) */ ldx [%sp+224],%g3 +/* 0x0404 443 (52 53) */ srax %g2,32,%g4 +/* 0x0408 444 (52 57) */ fdtox %f6,%f6 +/* 0x040c 445 (53 54) */ std %f6,[%sp+208] +/* 0x0410 446 (53 58) */ fdtox %f20,%f6 +/* 0x0414 447 (54 55) */ stx %o4,[%sp+136] +/* 0x0418 448 (54 59) */ fsubd %f14,%f24,%f4 +/* 0x041c 449 (55 56) */ std %f6,[%sp+200] +/* 0x0420 450 (55 60) */ fsubd %f14,%f18,%f6 +/* 0x0424 451 (55 60) */ fmuld %f16,%f8,%f16 +/* 0x0428 452 (56 57) */ st %g2,[%i0+20] +/* 0x042c 453 (56 57) */ add %g3,%o2,%g2 +/* 0x0430 454 (56 61) */ fdtox %f10,%f10 +/* 0x0434 455 (57 59) */ ld [%i1+28],%o3 +/* 0x0438 456 (57 58) */ add %g2,%g4,%g2 +/* 0x043c 457 (58 60) */ ldx [%sp+216],%g5 +/* 0x0440 458 (58 59) */ srax %g2,32,%g4 +/* 0x0444 459 (59 60) */ std %f10,[%sp+192] +/* 0x0448 460 (59 64) */ fsubd %f14,%f12,%f10 +/* 0x044c 461 (59 64) */ fmuld %f4,%f8,%f4 +/* 0x0450 462 (60 61) */ st %g2,[%i0+24] +/* 0x0454 463 (60 61) */ add %g5,%o3,%g2 +/* 0x0458 464 (60 65) */ fdtox %f22,%f12 +/* 0x045c 465 (60 65) */ fmuld %f6,%f8,%f6 +/* 0x0460 466 (61 63) */ ldx [%sp+136],%o0 +/* 0x0464 467 (61 62) */ add %g2,%g4,%g2 +/* 0x0468 468 (62 64) */ ldx [%sp+208],%g3 +/* 0x046c 469 (62 63) */ srax %g2,32,%g4 +/* 0x0470 470 (63 65) */ ldx [%sp+120],%o1 +/* 0x0474 471 (64 66) */ ldx [%sp+200],%g5 +/* 0x0478 472 (64 65) */ add %g3,%o0,%g3 +/* 0x047c 473 (64 69) */ fdtox %f4,%f4 +/* 0x0480 474 (64 69) */ fmuld %f10,%f8,%f8 +/* 0x0484 475 (65 66) */ std %f12,[%sp+184] +/* 0x0488 476 (65 66) */ add %g3,%g4,%g3 +/* 0x048c 477 (65 70) */ fdtox %f16,%f12 +/* 0x0490 478 (66 67) */ std %f12,[%sp+176] +/* 0x0494 479 (66 67) */ srax %g3,32,%o0 +/* 0x0498 480 (66 67) */ add %g5,%o1,%g5 +/* 0x049c 481 (67 69) */ ldx [%sp+192],%o2 +/* 0x04a0 482 (67 68) */ add %g5,%o0,%g5 +/* 0x04a4 483 (68 70) */ ldx [%sp+96],%g4 +/* 0x04a8 484 (68 69) */ srax %g5,32,%o1 +/* 0x04ac 485 (69 71) */ ld [%i1+56],%o4 +/* 0x04b0 486 (70 72) */ ldx [%sp+104],%o0 +/* 0x04b4 487 (70 71) */ add %o2,%g4,%g4 +/* 0x04b8 488 (71 72) */ std %f4,[%sp+168] +/* 0x04bc 489 (71 72) */ add %g4,%o1,%g4 +/* 0x04c0 490 (71 76) */ fdtox %f6,%f4 +/* 0x04c4 491 (72 74) */ ldx [%sp+184],%o3 +/* 0x04c8 492 (72 73) */ srax %g4,32,%o2 +/* 0x04cc 493 (73 75) */ ldx [%sp+112],%o1 +/* 0x04d0 494 (74 75) */ std %f4,[%sp+160] +/* 0x04d4 495 (74 75) */ add %o3,%o0,%o0 +/* 0x04d8 496 (74 79) */ fdtox %f8,%f4 +/* 0x04dc 497 (75 77) */ ldx [%sp+176],%o5 +/* 0x04e0 498 (75 76) */ add %o0,%o2,%o0 +/* 0x04e4 499 (76 77) */ stx %o4,[%sp+144] +/* 0x04e8 500 (77 78) */ st %g2,[%i0+28] +/* 0x04ec 501 (77 78) */ add %o5,%o1,%g2 +/* 0x04f0 502 (77 78) */ srax %o0,32,%o1 +/* 0x04f4 503 (78 79) */ std %f4,[%sp+152] +/* 0x04f8 504 (78 79) */ add %g2,%o1,%o1 +/* 0x04fc 505 (79 81) */ ldx [%sp+168],%o7 +/* 0x0500 506 (79 80) */ srax %o1,32,%o3 +/* 0x0504 507 (80 82) */ ldx [%sp+128],%o2 +/* 0x0508 508 (81 83) */ ld [%i1+60],%o4 +/* 0x050c 509 (82 83) */ add %o7,%o2,%o2 +/* 0x0510 510 (83 84) */ add %o2,%o3,%o2 +/* 0x0514 511 (83 85) */ ldx [%sp+144],%o5 +/* 0x0518 512 (84 86) */ ldx [%sp+160],%g2 +/* 0x051c 513 (85 87) */ ldx [%sp+152],%o3 +/* 0x0520 514 (86 87) */ st %g3,[%i0+32] +/* 0x0524 515 (86 87) */ add %g2,%o5,%g2 +/* 0x0528 516 (86 87) */ srax %o2,32,%o5 +/* 0x052c 517 (87 88) */ st %g5,[%i0+36] +/* 0x0530 518 (87 88) */ add %g2,%o5,%g2 +/* 0x0534 519 (87 88) */ add %o3,%o4,%g3 +/* 0x0538 520 (88 89) */ st %o0,[%i0+44] +/* 0x053c 521 (88 89) */ srax %g2,32,%g5 +/* 0x0540 522 (89 90) */ st %o1,[%i0+48] +/* 0x0544 523 (89 90) */ add %g3,%g5,%g3 +/* 0x0548 524 (90 91) */ st %o2,[%i0+52] +/* 0x054c 528 (90 91) */ srax %g3,32,%o7 +/* 0x0550 529 (91 92) */ st %g4,[%i0+40] +/* 0x0554 530 (92 93) */ st %g2,[%i0+56] +/* 0x0558 531 (93 94) */ st %g3,[%i0+60] +/* 0x055c 532 (93 94) */ or %g0,%o7,%i0 +/* 0x0560 (94 101) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0564 (96 98) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000076 +! + + .L77000076: /* frequency 1.0 confidence 0.0 */ +/* 0x0568 540 ( 0 4) */ ldd [%o0],%f6 +/* 0x056c 546 ( 0 1) */ add %o2,1,%g2 +/* 0x0570 547 ( 0 3) */ fmovd %f0,%f14 +/* 0x0574 548 ( 0 1) */ or %g0,0,%o7 +/* 0x0578 549 ( 1 3) */ ld [%fp+84],%f9 +/* 0x057c 550 ( 1 2) */ srl %g2,31,%g3 +/* 0x0580 551 ( 1 2) */ add %fp,-2264,%o5 +/* 0x0584 552 ( 2 3) */ add %g2,%g3,%g2 +/* 0x0588 553 ( 2 6) */ ldd [%o0+8],%f18 +/* 0x058c 554 ( 2 3) */ add %fp,-2256,%o4 +/* 0x0590 555 ( 3 6) */ fmovs %f6,%f8 +/* 0x0594 556 ( 3 4) */ sra %g2,1,%o1 +/* 0x0598 557 ( 3 4) */ or %g0,0,%g2 +/* 0x059c 558 ( 4 5) */ subcc %o1,0,%g0 +/* 0x05a0 559 ( 4 5) */ sub %o1,1,%o2 +/* 0x05a4 563 ( 5 6) */ add %g5,32,%o0 +/* 0x05a8 564 ( 6 11) */ fsubd %f8,%f6,%f16 +/* 0x05ac 565 ( 6 7) */ ble,pt %icc,.L900000161 ! tprob=0.50 +/* 0x05b0 ( 6 7) */ subcc %o3,0,%g0 +/* 0x05b4 567 ( 7 8) */ subcc %o1,7,%g0 +/* 0x05b8 568 ( 7 8) */ bl,pn %icc,.L77000077 ! tprob=0.50 +/* 0x05bc ( 7 8) */ sub %o1,2,%o1 +/* 0x05c0 570 ( 8 12) */ ldd [%g5],%f2 +/* 0x05c4 571 ( 9 13) */ ldd [%g5+8],%f4 +/* 0x05c8 572 ( 9 10) */ or %g0,5,%g2 +/* 0x05cc 573 (10 14) */ ldd [%g5+16],%f0 +/* 0x05d0 574 (11 15) */ fxnor %f14,%f2,%f2 +/* 0x05d4 575 (11 15) */ ldd [%g5+24],%f12 +/* 0x05d8 576 (12 16) */ fxnor %f14,%f4,%f6 +/* 0x05dc 577 (12 16) */ ldd [%g5+32],%f10 +/* 0x05e0 578 (13 17) */ fxnor %f14,%f0,%f8 +/* 0x05e4 579 (15 20) */ fitod %f3,%f0 +/* 0x05e8 580 (16 21) */ fitod %f2,%f4 +/* 0x05ec 581 (17 22) */ fitod %f7,%f2 +/* 0x05f0 582 (18 23) */ fitod %f6,%f6 +/* 0x05f4 583 (20 25) */ fsubd %f18,%f0,%f0 +/* 0x05f8 584 (21 26) */ fsubd %f18,%f4,%f4 + +! +! ENTRY .L900000149 +! + + .L900000149: /* frequency 1.0 confidence 0.0 */ +/* 0x05fc 586 ( 0 4) */ fxnor %f14,%f12,%f22 +/* 0x0600 587 ( 0 5) */ fmuld %f4,%f16,%f4 +/* 0x0604 588 ( 0 1) */ add %g2,2,%g2 +/* 0x0608 589 ( 0 1) */ add %o4,32,%o4 +/* 0x060c 590 ( 1 6) */ fitod %f9,%f24 +/* 0x0610 591 ( 1 6) */ fmuld %f0,%f16,%f20 +/* 0x0614 592 ( 1 2) */ add %o0,8,%o0 +/* 0x0618 593 ( 1 2) */ subcc %g2,%o1,%g0 +/* 0x061c 594 ( 2 6) */ ldd [%o0],%f12 +/* 0x0620 595 ( 2 7) */ fsubd %f18,%f2,%f0 +/* 0x0624 596 ( 2 3) */ add %o5,32,%o5 +/* 0x0628 597 ( 3 8) */ fsubd %f18,%f6,%f2 +/* 0x062c 598 ( 5 10) */ fdtox %f4,%f4 +/* 0x0630 599 ( 6 11) */ fdtox %f20,%f6 +/* 0x0634 600 ( 6 7) */ std %f4,[%o5-32] +/* 0x0638 601 ( 7 12) */ fitod %f8,%f4 +/* 0x063c 602 ( 7 8) */ std %f6,[%o4-32] +/* 0x0640 603 ( 8 12) */ fxnor %f14,%f10,%f8 +/* 0x0644 604 ( 8 13) */ fmuld %f2,%f16,%f6 +/* 0x0648 605 ( 9 14) */ fitod %f23,%f2 +/* 0x064c 606 ( 9 14) */ fmuld %f0,%f16,%f20 +/* 0x0650 607 ( 9 10) */ add %o0,8,%o0 +/* 0x0654 608 (10 14) */ ldd [%o0],%f10 +/* 0x0658 609 (10 15) */ fsubd %f18,%f24,%f0 +/* 0x065c 610 (12 17) */ fsubd %f18,%f4,%f4 +/* 0x0660 611 (13 18) */ fdtox %f6,%f6 +/* 0x0664 612 (14 19) */ fdtox %f20,%f20 +/* 0x0668 613 (14 15) */ std %f6,[%o5-16] +/* 0x066c 614 (15 20) */ fitod %f22,%f6 +/* 0x0670 615 (15 16) */ ble,pt %icc,.L900000149 ! tprob=0.50 +/* 0x0674 (15 16) */ std %f20,[%o4-16] + +! +! ENTRY .L900000152 +! + + .L900000152: /* frequency 1.0 confidence 0.0 */ +/* 0x0678 618 ( 0 4) */ fxnor %f14,%f12,%f12 +/* 0x067c 619 ( 0 5) */ fmuld %f0,%f16,%f22 +/* 0x0680 620 ( 0 1) */ add %o5,80,%o5 +/* 0x0684 621 ( 0 1) */ add %o4,80,%o4 +/* 0x0688 622 ( 1 5) */ fxnor %f14,%f10,%f0 +/* 0x068c 623 ( 1 6) */ fmuld %f4,%f16,%f24 +/* 0x0690 624 ( 1 2) */ subcc %g2,%o2,%g0 +/* 0x0694 625 ( 1 2) */ add %o0,8,%g5 +/* 0x0698 626 ( 2 7) */ fitod %f8,%f20 +/* 0x069c 627 ( 3 8) */ fitod %f9,%f8 +/* 0x06a0 628 ( 4 9) */ fsubd %f18,%f6,%f6 +/* 0x06a4 629 ( 5 10) */ fitod %f12,%f26 +/* 0x06a8 630 ( 6 11) */ fitod %f13,%f4 +/* 0x06ac 631 ( 7 12) */ fsubd %f18,%f2,%f12 +/* 0x06b0 632 ( 8 13) */ fitod %f0,%f2 +/* 0x06b4 633 ( 9 14) */ fitod %f1,%f0 +/* 0x06b8 634 (10 15) */ fsubd %f18,%f20,%f10 +/* 0x06bc 635 (10 15) */ fmuld %f6,%f16,%f20 +/* 0x06c0 636 (11 16) */ fsubd %f18,%f8,%f8 +/* 0x06c4 637 (12 17) */ fsubd %f18,%f26,%f6 +/* 0x06c8 638 (12 17) */ fmuld %f12,%f16,%f12 +/* 0x06cc 639 (13 18) */ fsubd %f18,%f4,%f4 +/* 0x06d0 640 (14 19) */ fsubd %f18,%f2,%f2 +/* 0x06d4 641 (15 20) */ fsubd %f18,%f0,%f0 +/* 0x06d8 642 (15 20) */ fmuld %f10,%f16,%f10 +/* 0x06dc 643 (16 21) */ fdtox %f24,%f24 +/* 0x06e0 644 (16 17) */ std %f24,[%o5-80] +/* 0x06e4 645 (16 21) */ fmuld %f8,%f16,%f8 +/* 0x06e8 646 (17 22) */ fdtox %f22,%f22 +/* 0x06ec 647 (17 18) */ std %f22,[%o4-80] +/* 0x06f0 648 (17 22) */ fmuld %f6,%f16,%f6 +/* 0x06f4 649 (18 23) */ fdtox %f20,%f20 +/* 0x06f8 650 (18 19) */ std %f20,[%o5-64] +/* 0x06fc 651 (18 23) */ fmuld %f4,%f16,%f4 +/* 0x0700 652 (19 24) */ fdtox %f12,%f12 +/* 0x0704 653 (19 20) */ std %f12,[%o4-64] +/* 0x0708 654 (19 24) */ fmuld %f2,%f16,%f2 +/* 0x070c 655 (20 25) */ fdtox %f10,%f10 +/* 0x0710 656 (20 21) */ std %f10,[%o5-48] +/* 0x0714 657 (20 25) */ fmuld %f0,%f16,%f0 +/* 0x0718 658 (21 26) */ fdtox %f8,%f8 +/* 0x071c 659 (21 22) */ std %f8,[%o4-48] +/* 0x0720 660 (22 27) */ fdtox %f6,%f6 +/* 0x0724 661 (22 23) */ std %f6,[%o5-32] +/* 0x0728 662 (23 28) */ fdtox %f4,%f4 +/* 0x072c 663 (23 24) */ std %f4,[%o4-32] +/* 0x0730 664 (24 29) */ fdtox %f2,%f2 +/* 0x0734 665 (24 25) */ std %f2,[%o5-16] +/* 0x0738 666 (25 30) */ fdtox %f0,%f0 +/* 0x073c 667 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50 +/* 0x0740 (25 26) */ std %f0,[%o4-16] + +! +! ENTRY .L77000077 +! + + .L77000077: /* frequency 1.0 confidence 0.0 */ +/* 0x0744 670 ( 0 4) */ ldd [%g5],%f0 + +! +! ENTRY .L900000160 +! + + .L900000160: /* frequency 1.0 confidence 0.0 */ +/* 0x0748 672 ( 0 4) */ fxnor %f14,%f0,%f0 +/* 0x074c 673 ( 0 1) */ add %g2,1,%g2 +/* 0x0750 674 ( 0 1) */ add %g5,8,%g5 +/* 0x0754 675 ( 1 2) */ subcc %g2,%o2,%g0 +/* 0x0758 676 ( 4 9) */ fitod %f0,%f2 +/* 0x075c 677 ( 5 10) */ fitod %f1,%f0 +/* 0x0760 678 ( 9 14) */ fsubd %f18,%f2,%f2 +/* 0x0764 679 (10 15) */ fsubd %f18,%f0,%f0 +/* 0x0768 680 (14 19) */ fmuld %f2,%f16,%f2 +/* 0x076c 681 (15 20) */ fmuld %f0,%f16,%f0 +/* 0x0770 682 (19 24) */ fdtox %f2,%f2 +/* 0x0774 683 (19 20) */ std %f2,[%o5] +/* 0x0778 684 (19 20) */ add %o5,16,%o5 +/* 0x077c 685 (20 25) */ fdtox %f0,%f0 +/* 0x0780 686 (20 21) */ std %f0,[%o4] +/* 0x0784 687 (20 21) */ add %o4,16,%o4 +/* 0x0788 688 (20 21) */ ble,a,pt %icc,.L900000160 ! tprob=0.50 +/* 0x078c (23 27) */ ldd [%g5],%f0 + +! +! ENTRY .L77000043 +! + + .L77000043: /* frequency 1.0 confidence 0.0 */ +/* 0x0790 696 ( 0 1) */ subcc %o3,0,%g0 + +! +! ENTRY .L900000161 +! + + .L900000161: /* frequency 1.0 confidence 0.0 */ +/* 0x0794 698 ( 0 1) */ ble,a,pt %icc,.L900000159 ! tprob=0.50 +/* 0x0798 ( 0 1) */ or %g0,%o7,%i0 +/* 0x079c 703 ( 0 2) */ ldx [%fp-2256],%o2 +/* 0x07a0 704 ( 0 1) */ or %g0,%i1,%g3 +/* 0x07a4 705 ( 1 2) */ sub %o3,1,%o5 +/* 0x07a8 706 ( 1 2) */ or %g0,0,%g4 +/* 0x07ac 707 ( 2 3) */ add %fp,-2264,%g5 +/* 0x07b0 708 ( 2 3) */ or %g0,%i0,%g2 +/* 0x07b4 709 ( 3 4) */ subcc %o3,6,%g0 +/* 0x07b8 710 ( 3 4) */ sub %o5,2,%o4 +/* 0x07bc 711 ( 3 4) */ bl,pn %icc,.L77000078 ! tprob=0.50 +/* 0x07c0 ( 3 5) */ ldx [%fp-2264],%o0 +/* 0x07c4 713 ( 4 6) */ ld [%g3],%o1 +/* 0x07c8 714 ( 4 5) */ add %g2,4,%g2 +/* 0x07cc 715 ( 4 5) */ or %g0,3,%g4 +/* 0x07d0 716 ( 5 7) */ ld [%g3+4],%o3 +/* 0x07d4 717 ( 5 6) */ add %g3,8,%g3 +/* 0x07d8 718 ( 5 6) */ add %fp,-2240,%g5 +/* 0x07dc 719 ( 6 7) */ add %o0,%o1,%o0 +/* 0x07e0 720 ( 6 8) */ ldx [%fp-2248],%o1 +/* 0x07e4 721 ( 7 8) */ st %o0,[%g2-4] +/* 0x07e8 722 ( 7 8) */ srax %o0,32,%o0 + +! +! ENTRY .L900000145 +! + + .L900000145: /* frequency 1.0 confidence 0.0 */ +/* 0x07ec 724 ( 0 2) */ ld [%g3],%o7 +/* 0x07f0 725 ( 0 1) */ add %o2,%o3,%o2 +/* 0x07f4 726 ( 0 1) */ sra %o0,0,%o3 +/* 0x07f8 727 ( 1 3) */ ldx [%g5],%o0 +/* 0x07fc 728 ( 1 2) */ add %o2,%o3,%o2 +/* 0x0800 729 ( 1 2) */ add %g4,3,%g4 +/* 0x0804 730 ( 2 3) */ st %o2,[%g2] +/* 0x0808 731 ( 2 3) */ srax %o2,32,%o3 +/* 0x080c 732 ( 2 3) */ subcc %g4,%o4,%g0 +/* 0x0810 733 ( 3 5) */ ld [%g3+4],%o2 +/* 0x0814 734 ( 4 5) */ stx %o2,[%sp+96] +/* 0x0818 735 ( 4 5) */ add %o1,%o7,%o1 +/* 0x081c 736 ( 5 7) */ ldx [%g5+8],%o2 +/* 0x0820 737 ( 5 6) */ add %o1,%o3,%o1 +/* 0x0824 738 ( 5 6) */ add %g2,12,%g2 +/* 0x0828 739 ( 6 7) */ st %o1,[%g2-8] +/* 0x082c 740 ( 6 7) */ srax %o1,32,%o7 +/* 0x0830 741 ( 6 7) */ add %g3,12,%g3 +/* 0x0834 742 ( 7 9) */ ld [%g3-4],%o3 +/* 0x0838 743 ( 8 10) */ ldx [%sp+96],%o1 +/* 0x083c 744 (10 11) */ add %o0,%o1,%o0 +/* 0x0840 745 (10 12) */ ldx [%g5+16],%o1 +/* 0x0844 746 (11 12) */ add %o0,%o7,%o0 +/* 0x0848 747 (11 12) */ add %g5,24,%g5 +/* 0x084c 748 (11 12) */ st %o0,[%g2-4] +/* 0x0850 749 (11 12) */ ble,pt %icc,.L900000145 ! tprob=0.50 +/* 0x0854 (12 13) */ srax %o0,32,%o0 + +! +! ENTRY .L900000148 +! + + .L900000148: /* frequency 1.0 confidence 0.0 */ +/* 0x0858 752 ( 0 1) */ add %o2,%o3,%o2 +/* 0x085c 753 ( 0 1) */ sra %o0,0,%o3 +/* 0x0860 754 ( 0 2) */ ld [%g3],%o0 +/* 0x0864 755 ( 1 2) */ add %o2,%o3,%o3 +/* 0x0868 756 ( 1 2) */ add %g2,8,%g2 +/* 0x086c 757 ( 2 3) */ srax %o3,32,%o2 +/* 0x0870 758 ( 2 3) */ st %o3,[%g2-8] +/* 0x0874 759 ( 2 3) */ add %o1,%o0,%o0 +/* 0x0878 760 ( 3 4) */ add %o0,%o2,%o0 +/* 0x087c 761 ( 3 4) */ st %o0,[%g2-4] +/* 0x0880 762 ( 3 4) */ subcc %g4,%o5,%g0 +/* 0x0884 763 ( 3 4) */ bg,pn %icc,.L77000061 ! tprob=0.50 +/* 0x0888 ( 4 5) */ srax %o0,32,%o7 +/* 0x088c 765 ( 4 5) */ add %g3,4,%g3 + +! +! ENTRY .L77000078 +! + + .L77000078: /* frequency 1.0 confidence 0.0 */ +/* 0x0890 767 ( 0 2) */ ld [%g3],%o2 + +! +! ENTRY .L900000158 +! + + .L900000158: /* frequency 1.0 confidence 0.0 */ +/* 0x0894 769 ( 0 2) */ ldx [%g5],%o0 +/* 0x0898 770 ( 0 1) */ sra %o7,0,%o1 +/* 0x089c 771 ( 0 1) */ add %g4,1,%g4 +/* 0x08a0 772 ( 1 2) */ add %g3,4,%g3 +/* 0x08a4 773 ( 1 2) */ add %g5,8,%g5 +/* 0x08a8 774 ( 2 3) */ add %o0,%o2,%o0 +/* 0x08ac 775 ( 2 3) */ subcc %g4,%o5,%g0 +/* 0x08b0 776 ( 3 4) */ add %o0,%o1,%o0 +/* 0x08b4 777 ( 3 4) */ st %o0,[%g2] +/* 0x08b8 778 ( 3 4) */ add %g2,4,%g2 +/* 0x08bc 779 ( 4 5) */ srax %o0,32,%o7 +/* 0x08c0 780 ( 4 5) */ ble,a,pt %icc,.L900000158 ! tprob=0.50 +/* 0x08c4 ( 4 6) */ ld [%g3],%o2 + +! +! ENTRY .L77000047 +! + + .L77000047: /* frequency 1.0 confidence 0.0 */ +/* 0x08c8 783 ( 0 1) */ or %g0,%o7,%i0 +/* 0x08cc ( 1 8) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x08d0 ( 3 5) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000048 +! + + .L77000048: /* frequency 1.0 confidence 0.0 */ +/* 0x08d4 794 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50 +/* 0x08d8 ( 0 1) */ sethi %hi(0xfff80000),%g2 +/* 0x08dc 796 ( 0 4) */ ldd [%g5],%f4 +/* 0x08e0 804 ( 0 1) */ srl %o1,19,%g3 +/* 0x08e4 805 ( 1 2) */ st %g3,[%sp+240] +/* 0x08e8 806 ( 1 2) */ andn %o1,%g2,%g2 +/* 0x08ec 807 ( 2 6) */ ldd [%o0],%f8 +/* 0x08f0 808 ( 3 4) */ st %g2,[%sp+244] +/* 0x08f4 809 ( 3 7) */ fxnor %f0,%f4,%f4 +/* 0x08f8 810 ( 4 8) */ ldd [%g5+8],%f6 +/* 0x08fc 814 ( 5 9) */ ldd [%o0+8],%f18 +/* 0x0900 815 ( 5 8) */ fmovs %f8,%f12 +/* 0x0904 816 ( 6 10) */ ldd [%g5+16],%f10 +/* 0x0908 817 ( 6 9) */ fmovs %f8,%f16 +/* 0x090c 818 ( 7 11) */ ldd [%g5+24],%f20 +/* 0x0910 819 ( 7 12) */ fitod %f4,%f14 +/* 0x0914 823 ( 8 10) */ ld [%i1],%g2 +/* 0x0918 824 ( 8 13) */ fitod %f5,%f4 +/* 0x091c 825 ( 9 11) */ ld [%sp+240],%f13 +/* 0x0920 826 ( 9 13) */ fxnor %f0,%f6,%f6 +/* 0x0924 827 (10 12) */ ld [%sp+244],%f17 +/* 0x0928 828 (10 14) */ fxnor %f0,%f10,%f10 +/* 0x092c 829 (11 13) */ ld [%i1+28],%o3 +/* 0x0930 830 (11 15) */ fxnor %f0,%f20,%f20 +/* 0x0934 831 (12 14) */ ld [%i1+4],%g3 +/* 0x0938 832 (12 17) */ fsubd %f12,%f8,%f12 +/* 0x093c 833 (13 14) */ stx %o3,[%sp+96] +/* 0x0940 834 (13 18) */ fsubd %f18,%f14,%f14 +/* 0x0944 835 (14 16) */ ld [%i1+8],%g4 +/* 0x0948 836 (14 19) */ fsubd %f16,%f8,%f8 +/* 0x094c 837 (15 17) */ ld [%i1+12],%g5 +/* 0x0950 838 (15 20) */ fsubd %f18,%f4,%f4 +/* 0x0954 839 (16 18) */ ld [%i1+16],%o0 +/* 0x0958 840 (16 21) */ fitod %f6,%f22 +/* 0x095c 841 (17 19) */ ld [%i1+20],%o1 +/* 0x0960 842 (17 22) */ fitod %f7,%f6 +/* 0x0964 843 (18 20) */ ld [%i1+24],%o2 +/* 0x0968 844 (18 23) */ fitod %f10,%f16 +/* 0x096c 845 (18 23) */ fmuld %f14,%f12,%f24 +/* 0x0970 846 (19 24) */ fitod %f20,%f28 +/* 0x0974 847 (19 24) */ fmuld %f14,%f8,%f14 +/* 0x0978 848 (20 25) */ fitod %f11,%f10 +/* 0x097c 849 (20 25) */ fmuld %f4,%f12,%f26 +/* 0x0980 850 (21 26) */ fsubd %f18,%f22,%f22 +/* 0x0984 851 (21 26) */ fmuld %f4,%f8,%f4 +/* 0x0988 852 (22 27) */ fsubd %f18,%f6,%f6 +/* 0x098c 853 (23 28) */ fdtox %f24,%f24 +/* 0x0990 854 (23 24) */ std %f24,[%sp+224] +/* 0x0994 855 (24 29) */ fdtox %f14,%f14 +/* 0x0998 856 (24 25) */ std %f14,[%sp+232] +/* 0x099c 857 (25 30) */ fdtox %f26,%f14 +/* 0x09a0 858 (25 26) */ std %f14,[%sp+208] +/* 0x09a4 859 (26 28) */ ldx [%sp+224],%o4 +/* 0x09a8 860 (26 31) */ fitod %f21,%f20 +/* 0x09ac 861 (26 31) */ fmuld %f22,%f12,%f30 +/* 0x09b0 862 (27 29) */ ldx [%sp+232],%o5 +/* 0x09b4 863 (27 32) */ fsubd %f18,%f16,%f16 +/* 0x09b8 864 (27 32) */ fmuld %f22,%f8,%f22 +/* 0x09bc 865 (28 29) */ sllx %o4,19,%o4 +/* 0x09c0 866 (28 33) */ fdtox %f4,%f4 +/* 0x09c4 867 (28 29) */ std %f4,[%sp+216] +/* 0x09c8 868 (28 33) */ fmuld %f6,%f12,%f24 +/* 0x09cc 869 (29 34) */ fsubd %f18,%f28,%f26 +/* 0x09d0 870 (29 30) */ add %o5,%o4,%o4 +/* 0x09d4 871 (29 34) */ fmuld %f6,%f8,%f6 +/* 0x09d8 872 (30 35) */ fsubd %f18,%f10,%f10 +/* 0x09dc 873 (30 31) */ add %o4,%g2,%g2 +/* 0x09e0 874 (30 31) */ st %g2,[%i0] +/* 0x09e4 875 (31 33) */ ldx [%sp+208],%o7 +/* 0x09e8 876 (31 32) */ srlx %g2,32,%o5 +/* 0x09ec 877 (31 36) */ fsubd %f18,%f20,%f18 +/* 0x09f0 878 (32 37) */ fdtox %f30,%f28 +/* 0x09f4 879 (32 33) */ std %f28,[%sp+192] +/* 0x09f8 880 (32 37) */ fmuld %f16,%f12,%f14 +/* 0x09fc 881 (33 34) */ sllx %o7,19,%o4 +/* 0x0a00 882 (33 35) */ ldx [%sp+216],%o7 +/* 0x0a04 883 (33 38) */ fdtox %f22,%f20 +/* 0x0a08 884 (33 38) */ fmuld %f16,%f8,%f16 +/* 0x0a0c 885 (34 35) */ std %f20,[%sp+200] +/* 0x0a10 886 (34 39) */ fdtox %f24,%f20 +/* 0x0a14 887 (34 39) */ fmuld %f26,%f12,%f22 +/* 0x0a18 888 (35 36) */ std %f20,[%sp+176] +/* 0x0a1c 889 (35 36) */ add %o7,%o4,%o4 +/* 0x0a20 890 (35 40) */ fdtox %f6,%f6 +/* 0x0a24 891 (35 40) */ fmuld %f10,%f12,%f4 +/* 0x0a28 892 (36 38) */ ldx [%sp+192],%o3 +/* 0x0a2c 893 (36 37) */ add %o4,%g3,%g3 +/* 0x0a30 894 (36 41) */ fmuld %f10,%f8,%f10 +/* 0x0a34 895 (37 38) */ std %f6,[%sp+184] +/* 0x0a38 896 (37 38) */ add %g3,%o5,%g3 +/* 0x0a3c 897 (37 42) */ fdtox %f14,%f6 +/* 0x0a40 898 (37 42) */ fmuld %f26,%f8,%f20 +/* 0x0a44 899 (38 40) */ ldx [%sp+200],%o4 +/* 0x0a48 900 (38 39) */ sllx %o3,19,%o3 +/* 0x0a4c 901 (38 39) */ srlx %g3,32,%o5 +/* 0x0a50 902 (38 43) */ fdtox %f16,%f14 +/* 0x0a54 903 (39 40) */ std %f6,[%sp+160] +/* 0x0a58 904 (39 44) */ fmuld %f18,%f12,%f12 +/* 0x0a5c 905 (40 42) */ ldx [%sp+176],%o7 +/* 0x0a60 906 (40 41) */ add %o4,%o3,%o3 +/* 0x0a64 907 (40 45) */ fdtox %f4,%f16 +/* 0x0a68 908 (40 45) */ fmuld %f18,%f8,%f18 +/* 0x0a6c 909 (41 42) */ std %f14,[%sp+168] +/* 0x0a70 910 (41 42) */ add %o3,%g4,%g4 +/* 0x0a74 911 (41 46) */ fdtox %f10,%f4 +/* 0x0a78 912 (42 44) */ ldx [%sp+184],%o3 +/* 0x0a7c 913 (42 43) */ sllx %o7,19,%o4 +/* 0x0a80 914 (42 43) */ add %g4,%o5,%g4 +/* 0x0a84 915 (42 47) */ fdtox %f22,%f14 +/* 0x0a88 916 (43 44) */ std %f16,[%sp+144] +/* 0x0a8c 917 (43 44) */ srlx %g4,32,%o5 +/* 0x0a90 918 (43 48) */ fdtox %f20,%f6 +/* 0x0a94 919 (44 46) */ ldx [%sp+160],%o7 +/* 0x0a98 920 (44 45) */ add %o3,%o4,%o3 +/* 0x0a9c 921 (44 49) */ fdtox %f12,%f16 +/* 0x0aa0 922 (45 46) */ std %f4,[%sp+152] +/* 0x0aa4 923 (45 46) */ add %o3,%g5,%g5 +/* 0x0aa8 924 (45 50) */ fdtox %f18,%f8 +/* 0x0aac 925 (46 48) */ ldx [%sp+168],%o3 +/* 0x0ab0 926 (46 47) */ sllx %o7,19,%o4 +/* 0x0ab4 927 (46 47) */ add %g5,%o5,%g5 +/* 0x0ab8 928 (47 48) */ std %f14,[%sp+128] +/* 0x0abc 929 (47 48) */ srlx %g5,32,%o5 +/* 0x0ac0 930 (48 49) */ std %f6,[%sp+136] +/* 0x0ac4 931 (48 49) */ add %o3,%o4,%o3 +/* 0x0ac8 932 (49 50) */ std %f16,[%sp+112] +/* 0x0acc 933 (49 50) */ add %o3,%o0,%o0 +/* 0x0ad0 934 (50 52) */ ldx [%sp+144],%o7 +/* 0x0ad4 935 (50 51) */ add %o0,%o5,%o0 +/* 0x0ad8 936 (51 53) */ ldx [%sp+152],%o3 +/* 0x0adc 937 (52 53) */ std %f8,[%sp+120] +/* 0x0ae0 938 (52 53) */ sllx %o7,19,%o4 +/* 0x0ae4 939 (52 53) */ srlx %o0,32,%o7 +/* 0x0ae8 940 (53 54) */ stx %o0,[%sp+104] +/* 0x0aec 941 (53 54) */ add %o3,%o4,%o3 +/* 0x0af0 942 (54 56) */ ldx [%sp+128],%o5 +/* 0x0af4 943 (54 55) */ add %o3,%o1,%o1 +/* 0x0af8 944 (55 57) */ ldx [%sp+136],%o0 +/* 0x0afc 945 (55 56) */ add %o1,%o7,%o1 +/* 0x0b00 946 (56 57) */ st %g3,[%i0+4] +/* 0x0b04 947 (56 57) */ sllx %o5,19,%o3 +/* 0x0b08 948 (57 59) */ ldx [%sp+112],%o4 +/* 0x0b0c 949 (57 58) */ add %o0,%o3,%o3 +/* 0x0b10 950 (58 60) */ ldx [%sp+120],%o0 +/* 0x0b14 951 (58 59) */ add %o3,%o2,%o2 +/* 0x0b18 952 (58 59) */ srlx %o1,32,%o3 +/* 0x0b1c 953 (59 60) */ st %o1,[%i0+20] +/* 0x0b20 954 (59 60) */ sllx %o4,19,%g2 +/* 0x0b24 955 (59 60) */ add %o2,%o3,%o2 +/* 0x0b28 956 (60 62) */ ldx [%sp+96],%o4 +/* 0x0b2c 957 (60 61) */ srlx %o2,32,%g3 +/* 0x0b30 958 (60 61) */ add %o0,%g2,%g2 +/* 0x0b34 959 (61 63) */ ldx [%sp+104],%o0 +/* 0x0b38 960 (62 63) */ st %o2,[%i0+24] +/* 0x0b3c 961 (62 63) */ add %g2,%o4,%g2 +/* 0x0b40 962 (63 64) */ st %o0,[%i0+16] +/* 0x0b44 963 (63 64) */ add %g2,%g3,%g2 +/* 0x0b48 964 (64 65) */ st %g4,[%i0+8] +/* 0x0b4c 968 (64 65) */ srlx %g2,32,%o7 +/* 0x0b50 969 (65 66) */ st %g5,[%i0+12] +/* 0x0b54 970 (66 67) */ st %g2,[%i0+28] +/* 0x0b58 971 (66 67) */ or %g0,%o7,%i0 +/* 0x0b5c (67 74) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0b60 (69 71) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000050 +! + + .L77000050: /* frequency 1.0 confidence 0.0 */ +/* 0x0b64 978 ( 0 1) */ subcc %o2,16,%g0 +/* 0x0b68 979 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50 +/* 0x0b6c ( 0 1) */ sethi %hi(0xfff80000),%g2 +/* 0x0b70 981 ( 1 5) */ ldd [%g5],%f4 +/* 0x0b74 982 ( 2 6) */ ldd [%g5+8],%f6 +/* 0x0b78 989 ( 2 3) */ andn %o1,%g2,%g2 +/* 0x0b7c 993 ( 2 3) */ srl %o1,19,%g3 +/* 0x0b80 994 ( 3 7) */ ldd [%g5+16],%f8 +/* 0x0b84 995 ( 4 8) */ fxnor %f0,%f4,%f4 +/* 0x0b88 996 ( 4 5) */ st %g2,[%sp+356] +/* 0x0b8c 997 ( 5 9) */ ldd [%o0],%f20 +/* 0x0b90 998 ( 5 9) */ fxnor %f0,%f6,%f6 +/* 0x0b94 999 ( 6 7) */ st %g3,[%sp+352] +/* 0x0b98 1000 ( 6 10) */ fxnor %f0,%f8,%f8 +/* 0x0b9c 1005 ( 7 11) */ ldd [%o0+8],%f30 +/* 0x0ba0 1006 ( 8 13) */ fitod %f4,%f22 +/* 0x0ba4 1007 ( 8 12) */ ldd [%g5+24],%f10 +/* 0x0ba8 1008 ( 9 12) */ fmovs %f20,%f24 +/* 0x0bac 1009 ( 9 13) */ ldd [%g5+32],%f12 +/* 0x0bb0 1010 (10 15) */ fitod %f5,%f4 +/* 0x0bb4 1011 (10 14) */ ldd [%g5+40],%f14 +/* 0x0bb8 1012 (11 14) */ fmovs %f20,%f26 +/* 0x0bbc 1013 (11 15) */ ldd [%g5+48],%f16 +/* 0x0bc0 1014 (12 14) */ ld [%sp+356],%f25 +/* 0x0bc4 1015 (12 17) */ fitod %f6,%f28 +/* 0x0bc8 1016 (13 15) */ ld [%sp+352],%f27 +/* 0x0bcc 1017 (13 18) */ fitod %f8,%f32 +/* 0x0bd0 1018 (14 19) */ fsubd %f30,%f22,%f22 +/* 0x0bd4 1019 (14 18) */ ldd [%g5+56],%f18 +/* 0x0bd8 1020 (15 20) */ fsubd %f24,%f20,%f24 +/* 0x0bdc 1021 (16 21) */ fsubd %f26,%f20,%f20 +/* 0x0be0 1022 (17 22) */ fsubd %f30,%f4,%f4 +/* 0x0be4 1023 (18 23) */ fsubd %f30,%f28,%f26 +/* 0x0be8 1024 (19 24) */ fitod %f7,%f6 +/* 0x0bec 1025 (20 25) */ fsubd %f30,%f32,%f28 +/* 0x0bf0 1026 (20 25) */ fmuld %f22,%f24,%f32 +/* 0x0bf4 1027 (21 26) */ fmuld %f22,%f20,%f22 +/* 0x0bf8 1028 (21 25) */ fxnor %f0,%f10,%f10 +/* 0x0bfc 1029 (22 27) */ fmuld %f4,%f24,%f44 +/* 0x0c00 1030 (22 27) */ fitod %f9,%f8 +/* 0x0c04 1031 (23 28) */ fmuld %f4,%f20,%f4 +/* 0x0c08 1032 (23 27) */ fxnor %f0,%f12,%f12 +/* 0x0c0c 1033 (24 29) */ fsubd %f30,%f6,%f6 +/* 0x0c10 1034 (24 29) */ fmuld %f26,%f24,%f46 +/* 0x0c14 1035 (25 30) */ fitod %f10,%f34 +/* 0x0c18 1036 (26 31) */ fdtox %f22,%f22 +/* 0x0c1c 1037 (26 27) */ std %f22,[%sp+336] +/* 0x0c20 1038 (27 32) */ fmuld %f26,%f20,%f22 +/* 0x0c24 1039 (27 32) */ fdtox %f44,%f26 +/* 0x0c28 1040 (27 28) */ std %f26,[%sp+328] +/* 0x0c2c 1041 (28 33) */ fdtox %f4,%f4 +/* 0x0c30 1042 (28 29) */ std %f4,[%sp+320] +/* 0x0c34 1043 (29 34) */ fmuld %f6,%f24,%f26 +/* 0x0c38 1044 (29 34) */ fsubd %f30,%f8,%f8 +/* 0x0c3c 1045 (30 35) */ fdtox %f46,%f4 +/* 0x0c40 1046 (30 31) */ std %f4,[%sp+312] +/* 0x0c44 1047 (31 36) */ fmuld %f28,%f24,%f4 +/* 0x0c48 1048 (31 36) */ fdtox %f32,%f32 +/* 0x0c4c 1049 (31 32) */ std %f32,[%sp+344] +/* 0x0c50 1050 (32 37) */ fitod %f11,%f10 +/* 0x0c54 1051 (32 37) */ fmuld %f6,%f20,%f32 +/* 0x0c58 1052 (33 38) */ fsubd %f30,%f34,%f34 +/* 0x0c5c 1053 (34 39) */ fdtox %f22,%f6 +/* 0x0c60 1054 (34 35) */ std %f6,[%sp+304] +/* 0x0c64 1058 (35 40) */ fitod %f12,%f36 +/* 0x0c68 1059 (35 40) */ fmuld %f28,%f20,%f6 +/* 0x0c6c 1060 (36 41) */ fdtox %f26,%f22 +/* 0x0c70 1061 (36 37) */ std %f22,[%sp+296] +/* 0x0c74 1062 (37 42) */ fmuld %f8,%f24,%f22 +/* 0x0c78 1063 (37 42) */ fdtox %f4,%f4 +/* 0x0c7c 1064 (37 38) */ std %f4,[%sp+280] +/* 0x0c80 1065 (38 43) */ fmuld %f8,%f20,%f8 +/* 0x0c84 1066 (38 43) */ fsubd %f30,%f10,%f10 +/* 0x0c88 1067 (39 44) */ fmuld %f34,%f24,%f4 +/* 0x0c8c 1068 (39 44) */ fitod %f13,%f12 +/* 0x0c90 1069 (40 45) */ fsubd %f30,%f36,%f36 +/* 0x0c94 1070 (41 46) */ fdtox %f6,%f6 +/* 0x0c98 1071 (41 42) */ std %f6,[%sp+272] +/* 0x0c9c 1072 (42 46) */ fxnor %f0,%f14,%f14 +/* 0x0ca0 1073 (42 47) */ fmuld %f34,%f20,%f6 +/* 0x0ca4 1074 (43 48) */ fdtox %f22,%f22 +/* 0x0ca8 1075 (43 44) */ std %f22,[%sp+264] +/* 0x0cac 1076 (44 49) */ fdtox %f8,%f8 +/* 0x0cb0 1077 (44 45) */ std %f8,[%sp+256] +/* 0x0cb4 1078 (44 49) */ fmuld %f10,%f24,%f22 +/* 0x0cb8 1079 (45 50) */ fdtox %f4,%f4 +/* 0x0cbc 1080 (45 46) */ std %f4,[%sp+248] +/* 0x0cc0 1081 (45 50) */ fmuld %f10,%f20,%f8 +/* 0x0cc4 1082 (46 51) */ fsubd %f30,%f12,%f4 +/* 0x0cc8 1083 (46 51) */ fmuld %f36,%f24,%f10 +/* 0x0ccc 1084 (47 52) */ fitod %f14,%f38 +/* 0x0cd0 1085 (48 53) */ fdtox %f6,%f6 +/* 0x0cd4 1086 (48 49) */ std %f6,[%sp+240] +/* 0x0cd8 1087 (49 54) */ fdtox %f22,%f12 +/* 0x0cdc 1088 (49 50) */ std %f12,[%sp+232] +/* 0x0ce0 1089 (49 54) */ fmuld %f36,%f20,%f6 +/* 0x0ce4 1090 (50 55) */ fdtox %f8,%f8 +/* 0x0ce8 1091 (50 51) */ std %f8,[%sp+224] +/* 0x0cec 1092 (51 56) */ fdtox %f10,%f22 +/* 0x0cf0 1093 (51 52) */ std %f22,[%sp+216] +/* 0x0cf4 1094 (51 56) */ fmuld %f4,%f24,%f8 +/* 0x0cf8 1095 (52 57) */ fitod %f15,%f14 +/* 0x0cfc 1096 (52 57) */ fmuld %f4,%f20,%f4 +/* 0x0d00 1097 (53 58) */ fsubd %f30,%f38,%f22 +/* 0x0d04 1098 (54 58) */ fxnor %f0,%f16,%f16 +/* 0x0d08 1099 (55 60) */ fdtox %f6,%f6 +/* 0x0d0c 1100 (55 56) */ std %f6,[%sp+208] +/* 0x0d10 1101 (56 61) */ fdtox %f8,%f6 +/* 0x0d14 1102 (56 57) */ std %f6,[%sp+200] +/* 0x0d18 1103 (57 62) */ fsubd %f30,%f14,%f10 +/* 0x0d1c 1104 (58 63) */ fitod %f16,%f40 +/* 0x0d20 1105 (58 63) */ fmuld %f22,%f24,%f6 +/* 0x0d24 1106 (59 64) */ fdtox %f4,%f4 +/* 0x0d28 1107 (59 60) */ std %f4,[%sp+192] +/* 0x0d2c 1108 (60 65) */ fitod %f17,%f16 +/* 0x0d30 1109 (60 65) */ fmuld %f22,%f20,%f4 +/* 0x0d34 1110 (61 65) */ fxnor %f0,%f18,%f18 +/* 0x0d38 1111 (62 67) */ fdtox %f32,%f32 +/* 0x0d3c 1112 (62 63) */ std %f32,[%sp+288] +/* 0x0d40 1113 (62 67) */ fmuld %f10,%f24,%f8 +/* 0x0d44 1114 (63 68) */ fdtox %f6,%f6 +/* 0x0d48 1115 (63 64) */ std %f6,[%sp+184] +/* 0x0d4c 1116 (63 68) */ fmuld %f10,%f20,%f22 +/* 0x0d50 1117 (64 69) */ fsubd %f30,%f40,%f6 +/* 0x0d54 1118 (65 70) */ fdtox %f4,%f4 +/* 0x0d58 1119 (65 66) */ std %f4,[%sp+176] +/* 0x0d5c 1120 (66 71) */ fsubd %f30,%f16,%f10 +/* 0x0d60 1121 (67 72) */ fdtox %f8,%f4 +/* 0x0d64 1122 (67 68) */ std %f4,[%sp+168] +/* 0x0d68 1123 (68 73) */ fdtox %f22,%f4 +/* 0x0d6c 1124 (68 69) */ std %f4,[%sp+160] +/* 0x0d70 1125 (69 74) */ fitod %f18,%f42 +/* 0x0d74 1126 (69 74) */ fmuld %f6,%f24,%f4 +/* 0x0d78 1127 (70 75) */ fmuld %f6,%f20,%f22 +/* 0x0d7c 1128 (71 76) */ fmuld %f10,%f24,%f6 +/* 0x0d80 1129 (72 77) */ fmuld %f10,%f20,%f8 +/* 0x0d84 1130 (74 79) */ fdtox %f4,%f4 +/* 0x0d88 1131 (74 75) */ std %f4,[%sp+152] +/* 0x0d8c 1132 (75 80) */ fsubd %f30,%f42,%f4 +/* 0x0d90 1133 (76 81) */ fdtox %f6,%f6 +/* 0x0d94 1134 (76 77) */ std %f6,[%sp+136] +/* 0x0d98 1135 (77 82) */ fdtox %f22,%f22 +/* 0x0d9c 1136 (77 78) */ std %f22,[%sp+144] +/* 0x0da0 1137 (78 83) */ fdtox %f8,%f22 +/* 0x0da4 1138 (78 79) */ std %f22,[%sp+128] +/* 0x0da8 1139 (79 84) */ fitod %f19,%f22 +/* 0x0dac 1140 (80 85) */ fmuld %f4,%f24,%f6 +/* 0x0db0 1141 (81 86) */ fmuld %f4,%f20,%f4 +/* 0x0db4 1142 (84 89) */ fsubd %f30,%f22,%f22 +/* 0x0db8 1143 (85 90) */ fdtox %f6,%f6 +/* 0x0dbc 1144 (85 86) */ std %f6,[%sp+120] +/* 0x0dc0 1145 (86 91) */ fdtox %f4,%f4 +/* 0x0dc4 1146 (86 87) */ std %f4,[%sp+112] +/* 0x0dc8 1150 (87 89) */ ldx [%sp+336],%g2 +/* 0x0dcc 1151 (88 90) */ ldx [%sp+344],%g3 +/* 0x0dd0 1152 (89 91) */ ld [%i1],%g4 +/* 0x0dd4 1153 (89 90) */ sllx %g2,19,%g2 +/* 0x0dd8 1154 (89 94) */ fmuld %f22,%f20,%f4 +/* 0x0ddc 1155 (90 92) */ ldx [%sp+328],%g5 +/* 0x0de0 1156 (90 91) */ add %g3,%g2,%g2 +/* 0x0de4 1157 (90 95) */ fmuld %f22,%f24,%f6 +/* 0x0de8 1158 (91 93) */ ldx [%sp+320],%g3 +/* 0x0dec 1159 (91 92) */ add %g2,%g4,%g4 +/* 0x0df0 1160 (92 94) */ ldx [%sp+304],%o0 +/* 0x0df4 1161 (93 94) */ st %g4,[%i0] +/* 0x0df8 1162 (93 94) */ sllx %g3,19,%g2 +/* 0x0dfc 1163 (93 94) */ srlx %g4,32,%g4 +/* 0x0e00 1164 (94 96) */ ld [%i1+4],%g3 +/* 0x0e04 1165 (94 95) */ add %g5,%g2,%g2 +/* 0x0e08 1166 (94 99) */ fdtox %f4,%f4 +/* 0x0e0c 1167 (95 97) */ ldx [%sp+312],%g5 +/* 0x0e10 1168 (95 100) */ fdtox %f6,%f6 +/* 0x0e14 1169 (96 98) */ ldx [%sp+288],%o1 +/* 0x0e18 1170 (96 97) */ add %g2,%g3,%g2 +/* 0x0e1c 1171 (96 97) */ sllx %o0,19,%g3 +/* 0x0e20 1172 (97 99) */ ldx [%sp+272],%o2 +/* 0x0e24 1173 (97 98) */ add %g2,%g4,%g2 +/* 0x0e28 1174 (97 98) */ add %g5,%g3,%g3 +/* 0x0e2c 1175 (98 100) */ ld [%i1+8],%g4 +/* 0x0e30 1176 (98 99) */ srlx %g2,32,%o0 +/* 0x0e34 1177 (99 101) */ ldx [%sp+296],%g5 +/* 0x0e38 1178 (100 101) */ st %g2,[%i0+4] +/* 0x0e3c 1179 (100 101) */ sllx %o2,19,%g2 +/* 0x0e40 1180 (100 101) */ add %g3,%g4,%g3 +/* 0x0e44 1181 (101 103) */ ldx [%sp+256],%o2 +/* 0x0e48 1182 (101 102) */ sllx %o1,19,%g4 +/* 0x0e4c 1183 (101 102) */ add %g3,%o0,%g3 +/* 0x0e50 1184 (102 104) */ ld [%i1+12],%o0 +/* 0x0e54 1185 (102 103) */ srlx %g3,32,%o1 +/* 0x0e58 1186 (102 103) */ add %g5,%g4,%g4 +/* 0x0e5c 1187 (103 105) */ ldx [%sp+280],%g5 +/* 0x0e60 1188 (104 105) */ st %g3,[%i0+8] +/* 0x0e64 1189 (104 105) */ sllx %o2,19,%g3 +/* 0x0e68 1190 (104 105) */ add %g4,%o0,%g4 +/* 0x0e6c 1191 (105 107) */ ld [%i1+16],%o0 +/* 0x0e70 1192 (105 106) */ add %g5,%g2,%g2 +/* 0x0e74 1193 (105 106) */ add %g4,%o1,%g4 +/* 0x0e78 1194 (106 108) */ ldx [%sp+264],%g5 +/* 0x0e7c 1195 (106 107) */ srlx %g4,32,%o1 +/* 0x0e80 1196 (107 109) */ ldx [%sp+240],%o2 +/* 0x0e84 1197 (107 108) */ add %g2,%o0,%g2 +/* 0x0e88 1198 (108 110) */ ld [%i1+20],%o0 +/* 0x0e8c 1199 (108 109) */ add %g5,%g3,%g3 +/* 0x0e90 1200 (108 109) */ add %g2,%o1,%g2 +/* 0x0e94 1201 (109 111) */ ldx [%sp+248],%g5 +/* 0x0e98 1202 (109 110) */ srlx %g2,32,%o1 +/* 0x0e9c 1203 (110 111) */ st %g4,[%i0+12] +/* 0x0ea0 1204 (110 111) */ sllx %o2,19,%g4 +/* 0x0ea4 1205 (110 111) */ add %g3,%o0,%g3 +/* 0x0ea8 1206 (111 113) */ ld [%i1+24],%o0 +/* 0x0eac 1207 (111 112) */ add %g5,%g4,%g4 +/* 0x0eb0 1208 (111 112) */ add %g3,%o1,%g3 +/* 0x0eb4 1209 (112 114) */ ldx [%sp+224],%o2 +/* 0x0eb8 1210 (112 113) */ srlx %g3,32,%o1 +/* 0x0ebc 1211 (113 115) */ ldx [%sp+232],%g5 +/* 0x0ec0 1212 (113 114) */ add %g4,%o0,%g4 +/* 0x0ec4 1213 (114 115) */ st %g2,[%i0+16] +/* 0x0ec8 1214 (114 115) */ sllx %o2,19,%g2 +/* 0x0ecc 1215 (114 115) */ add %g4,%o1,%g4 +/* 0x0ed0 1216 (115 117) */ ld [%i1+28],%o0 +/* 0x0ed4 1217 (115 116) */ srlx %g4,32,%o1 +/* 0x0ed8 1218 (115 116) */ add %g5,%g2,%g2 +/* 0x0edc 1222 (116 118) */ ldx [%sp+208],%o2 +/* 0x0ee0 1223 (117 119) */ ldx [%sp+216],%g5 +/* 0x0ee4 1224 (117 118) */ add %g2,%o0,%g2 +/* 0x0ee8 1225 (118 119) */ st %g3,[%i0+20] +/* 0x0eec 1226 (118 119) */ sllx %o2,19,%g3 +/* 0x0ef0 1227 (118 119) */ add %g2,%o1,%g2 +/* 0x0ef4 1228 (119 121) */ ld [%i1+32],%o0 +/* 0x0ef8 1229 (119 120) */ srlx %g2,32,%o1 +/* 0x0efc 1230 (119 120) */ add %g5,%g3,%g3 +/* 0x0f00 1231 (120 122) */ ldx [%sp+192],%o2 +/* 0x0f04 1232 (121 123) */ ldx [%sp+200],%g5 +/* 0x0f08 1233 (121 122) */ add %g3,%o0,%g3 +/* 0x0f0c 1234 (122 123) */ st %g4,[%i0+24] +/* 0x0f10 1235 (122 123) */ sllx %o2,19,%g4 +/* 0x0f14 1236 (122 123) */ add %g3,%o1,%g3 +/* 0x0f18 1237 (123 125) */ ld [%i1+36],%o0 +/* 0x0f1c 1238 (123 124) */ srlx %g3,32,%o1 +/* 0x0f20 1239 (123 124) */ add %g5,%g4,%g4 +/* 0x0f24 1240 (124 126) */ ldx [%sp+176],%o2 +/* 0x0f28 1241 (125 127) */ ldx [%sp+184],%g5 +/* 0x0f2c 1242 (125 126) */ add %g4,%o0,%g4 +/* 0x0f30 1243 (126 127) */ st %g2,[%i0+28] +/* 0x0f34 1244 (126 127) */ sllx %o2,19,%g2 +/* 0x0f38 1245 (126 127) */ add %g4,%o1,%g4 +/* 0x0f3c 1246 (127 129) */ ld [%i1+40],%o0 +/* 0x0f40 1247 (127 128) */ srlx %g4,32,%o1 +/* 0x0f44 1248 (127 128) */ add %g5,%g2,%g2 +/* 0x0f48 1249 (128 130) */ ldx [%sp+160],%o2 +/* 0x0f4c 1250 (129 131) */ ldx [%sp+168],%g5 +/* 0x0f50 1251 (129 130) */ add %g2,%o0,%g2 +/* 0x0f54 1252 (130 131) */ st %g3,[%i0+32] +/* 0x0f58 1253 (130 131) */ sllx %o2,19,%g3 +/* 0x0f5c 1254 (130 131) */ add %g2,%o1,%g2 +/* 0x0f60 1255 (131 133) */ ld [%i1+44],%o0 +/* 0x0f64 1256 (131 132) */ srlx %g2,32,%o1 +/* 0x0f68 1257 (131 132) */ add %g5,%g3,%g3 +/* 0x0f6c 1258 (132 134) */ ldx [%sp+144],%o2 +/* 0x0f70 1259 (133 135) */ ldx [%sp+152],%g5 +/* 0x0f74 1260 (133 134) */ add %g3,%o0,%g3 +/* 0x0f78 1261 (134 135) */ st %g4,[%i0+36] +/* 0x0f7c 1262 (134 135) */ sllx %o2,19,%g4 +/* 0x0f80 1263 (134 135) */ add %g3,%o1,%g3 +/* 0x0f84 1264 (135 137) */ ld [%i1+48],%o0 +/* 0x0f88 1265 (135 136) */ srlx %g3,32,%o1 +/* 0x0f8c 1266 (135 136) */ add %g5,%g4,%g4 +/* 0x0f90 1267 (136 138) */ ldx [%sp+128],%o2 +/* 0x0f94 1268 (137 139) */ ldx [%sp+136],%g5 +/* 0x0f98 1269 (137 138) */ add %g4,%o0,%g4 +/* 0x0f9c 1270 (138 139) */ std %f4,[%sp+96] +/* 0x0fa0 1271 (138 139) */ add %g4,%o1,%g4 +/* 0x0fa4 1272 (139 140) */ st %g2,[%i0+40] +/* 0x0fa8 1273 (139 140) */ sllx %o2,19,%g2 +/* 0x0fac 1274 (139 140) */ srlx %g4,32,%o1 +/* 0x0fb0 1275 (140 142) */ ld [%i1+52],%o0 +/* 0x0fb4 1276 (140 141) */ add %g5,%g2,%g2 +/* 0x0fb8 1277 (141 142) */ std %f6,[%sp+104] +/* 0x0fbc 1278 (142 144) */ ldx [%sp+120],%g5 +/* 0x0fc0 1279 (142 143) */ add %g2,%o0,%g2 +/* 0x0fc4 1280 (143 144) */ st %g3,[%i0+44] +/* 0x0fc8 1281 (143 144) */ add %g2,%o1,%g2 +/* 0x0fcc 1282 (144 146) */ ldx [%sp+112],%o2 +/* 0x0fd0 1283 (144 145) */ srlx %g2,32,%o1 +/* 0x0fd4 1284 (145 147) */ ld [%i1+56],%o0 +/* 0x0fd8 1285 (146 147) */ st %g4,[%i0+48] +/* 0x0fdc 1286 (146 147) */ sllx %o2,19,%g3 +/* 0x0fe0 1287 (147 149) */ ldx [%sp+96],%o2 +/* 0x0fe4 1288 (147 148) */ add %g5,%g3,%g3 +/* 0x0fe8 1289 (148 150) */ ldx [%sp+104],%g5 +/* 0x0fec 1290 (148 149) */ add %g3,%o0,%g3 +/* 0x0ff0 1291 (149 151) */ ld [%i1+60],%o0 +/* 0x0ff4 1292 (149 150) */ sllx %o2,19,%g4 +/* 0x0ff8 1293 (149 150) */ add %g3,%o1,%g3 +/* 0x0ffc 1294 (150 151) */ st %g2,[%i0+52] +/* 0x1000 1295 (150 151) */ srlx %g3,32,%o1 +/* 0x1004 1296 (150 151) */ add %g5,%g4,%g4 +/* 0x1008 1297 (151 152) */ st %g3,[%i0+56] +/* 0x100c 1298 (151 152) */ add %g4,%o0,%g2 +/* 0x1010 1299 (152 153) */ add %g2,%o1,%g2 +/* 0x1014 1300 (152 153) */ st %g2,[%i0+60] +/* 0x1018 1304 (153 154) */ srlx %g2,32,%o7 + +! +! ENTRY .L77000061 +! + + .L77000061: /* frequency 1.0 confidence 0.0 */ +/* 0x119c 1437 ( 0 1) */ or %g0,%o7,%i0 + +! +! ENTRY .L900000159 +! + + .L900000159: /* frequency 1.0 confidence 0.0 */ +/* 0x11a0 ( 0 7) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x11a4 ( 2 4) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000073 +! + + .L77000073: /* frequency 1.0 confidence 0.0 */ + + + or %g0, %i4, %o2 + or %g0, %o0, %o1 + or %g0, %i3, %o0 + +! +! ENTRY .L77000052 +! + + .L77000052: /* frequency 1.0 confidence 0.0 */ +/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2 +/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+96] +/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3 +/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14 +/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2 +/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+92] +/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5 +/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2 +/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6 +/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1800),%g1 +/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2 +/* 0x1054 1337 ( 3 4) */ xor %g1,-304,%g1 +/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20 +/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3 +/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8 +/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3 +/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10 +/* 0x106c 1343 ( 5 7) */ ld [%sp+96],%f9 +/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0 +/* 0x1074 1345 ( 6 8) */ ld [%sp+92],%f11 +/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1800),%g1 +/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1 +/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18 +/* 0x1084 1349 ( 7 8) */ xor %g1,-296,%g1 +/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4 +/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16 +/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50 +/* 0x1094 ( 8 9) */ subcc %o0,0,%g0 +/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2 +/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1800),%g1 +/* 0x10a0 1356 (10 11) */ xor %g1,-288,%g1 +/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0 +/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7 +/* 0x10ac 1359 (11 12) */ sethi %hi(0x1800),%g1 +/* 0x10b0 1360 (12 13) */ xor %g1,-280,%g1 +/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4 +/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50 +/* 0x10bc (13 14) */ sub %o3,2,%o2 +/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2 +/* 0x10c4 1365 (14 15) */ add %o1,16,%g5 +/* 0x10c8 1366 (14 15) */ or %g0,4,%g4 +/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0 +/* 0x10d0 1368 (15 16) */ add %o1,8,%o1 +/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6 +/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4 +/* 0x10dc 1371 (16 17) */ add %o1,16,%o1 +/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12 +/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0 +/* 0x10e8 1374 (17 18) */ add %o1,8,%o1 +/* 0x10ec 1375 (18 21) */ fitod %f7,%f2 +/* 0x10f0 1376 (19 22) */ fitod %f6,%f6 +/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10 +/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2 +/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8 +/* 0x1100 1380 (23 26) */ fitod %f13,%f4 +/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6 +/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0 + +! +! ENTRY .L990000154 +! + + .L990000154: /* frequency 1.0 confidence 0.0 */ +/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24 +/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4 +/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4 +/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22 +/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26 +/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0 +/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7 +/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28 +/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6 +/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2 +/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3 +/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0 +/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4 +/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2 +/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12 +/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6 +/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96] +/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96] +/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2 +/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6 +/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96] +/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1 +/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12 +/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4 +/* 0x116c 1408 (10 11) */ std %f0,[%o4-96] +/* 0x1170 1409 (11 14) */ ldd [%o1],%f0 +/* 0x1174 1410 (11 14) */ fitod %f9,%f2 +/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28 +/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24 +/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22 +/* 0x1184 1414 (13 16) */ fdtox %f4,%f4 +/* 0x1188 1415 (14 17) */ fitod %f10,%f6 +/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10 +/* 0x1190 1417 (15 18) */ fdtox %f24,%f24 +/* 0x1194 1418 (16 19) */ fdtox %f22,%f22 +/* 0x1198 1419 (16 17) */ std %f24,[%g3-64] +/* 0x119c 1420 (17 18) */ std %f22,[%g2-64] +/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10 +/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6 +/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64] +/* 0x11ac 1424 (18 19) */ add %o1,8,%o1 +/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10 +/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0 +/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64] +/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22 +/* 0x11c0 1429 (20 23) */ fitod %f13,%f4 +/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2 +/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26 +/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24 +/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0 +/* 0x11d4 1434 (23 26) */ fitod %f8,%f6 +/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8 +/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26 +/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24 +/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32] +/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32] +/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8 +/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6 +/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32] +/* 0x11f8 1443 (27 28) */ add %o1,8,%o1 +/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8 +/* 0x1200 1445 (28 29) */ std %f0,[%o4-32] +/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50 +/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0 + +! +! ENTRY .L990000157 +! + + .L990000157: /* frequency 1.0 confidence 0.0 */ +/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28 +/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24 +/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3 +/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12 +/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26 +/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2 +/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4 +/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22 +/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7 +/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6 +/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128] +/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4 +/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2 +/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0 +/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6 +/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24 +/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10 +/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128] +/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10 +/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128] +/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26 +/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10 +/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2 +/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22 +/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12 +/* 0x1270 1474 (10 13) */ fdtox %f0,%f0 +/* 0x1274 1475 (10 11) */ std %f0,[%o4-128] +/* 0x1278 1476 (11 14) */ fitod %f8,%f4 +/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6 +/* 0x1280 1478 (12 15) */ fdtox %f26,%f0 +/* 0x1284 1479 (12 13) */ std %f0,[%g3-96] +/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10 +/* 0x128c 1481 (13 16) */ fdtox %f2,%f2 +/* 0x1290 1482 (13 14) */ std %f2,[%g2-96] +/* 0x1294 1483 (14 17) */ fitod %f9,%f0 +/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2 +/* 0x129c 1485 (15 18) */ fdtox %f24,%f8 +/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96] +/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4 +/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8 +/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12 +/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96] +/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0 +/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6 +/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64] +/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10 +/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64] +/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6 +/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2 +/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64] +/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4 +/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2 +/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8 +/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64] +/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6 +/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32] +/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0 +/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4 +/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32] +/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2 +/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32] +/* 0x1300 1510 (26 29) */ fdtox %f0,%f0 +/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50 +/* 0x1308 (26 27) */ std %f0,[%o4-32] + +! +! ENTRY .L77000054 +! + + .L77000054: /* frequency 1.0 confidence 0.0 */ +/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0 + +! +! ENTRY .L990000161 +! + + .L990000161: /* frequency 1.0 confidence 0.0 */ +/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0 +/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4 +/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1 +/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0 +/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2 +/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0 +/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2 +/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0 +/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6 +/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4 +/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2 +/* 0x133c 1527 (11 14) */ fdtox %f6,%f6 +/* 0x1340 1528 (11 12) */ std %f6,[%g3] +/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0 +/* 0x1348 1530 (12 15) */ fdtox %f4,%f4 +/* 0x134c 1531 (12 13) */ std %f4,[%g2] +/* 0x1350 1532 (12 13) */ add %g2,32,%g2 +/* 0x1354 1533 (13 16) */ fdtox %f2,%f2 +/* 0x1358 1534 (13 14) */ std %f2,[%o7] +/* 0x135c 1535 (13 14) */ add %o7,32,%o7 +/* 0x1360 1536 (14 17) */ fdtox %f0,%f0 +/* 0x1364 1537 (14 15) */ std %f0,[%o4] +/* 0x1368 1538 (14 15) */ add %o4,32,%o4 +/* 0x136c 1539 (15 16) */ add %g3,32,%g3 +/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50 +/* 0x1374 (16 19) */ ldd [%o1],%f0 + +! +! ENTRY .L77000056 +! + + .L77000056: /* frequency 1.0 confidence 0.0 */ +/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0 + +! +! ENTRY .L990000162 +! + + .L990000162: /* frequency 1.0 confidence 0.0 */ +/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50 +/* 0x1380 ( 0 1) */ nop +/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1800),%g1 +/* 0x1388 1556 ( 1 2) */ xor %g1,-304,%g1 +/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4 +/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5 +/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1800),%g1 +/* 0x1398 1560 ( 3 4) */ xor %g1,-296,%g1 +/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7 +/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2 +/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2 +/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3 +/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0 +/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50 +/* 0x13b4 ( 6 7) */ sethi %hi(0x1800),%g1 +/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2 +/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3 +/* 0x13c0 1570 ( 7 8) */ xor %g1,-264,%g1 +/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4 +/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2 +/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1800),%g1 +/* 0x13d0 1574 ( 9 10) */ xor %g1,-272,%g1 +/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2 +/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5 +/* 0x13dc 1577 (10 11) */ sethi %hi(0x1800),%g1 +/* 0x13e0 1578 (11 12) */ xor %g1,-296,%g1 +/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1 +/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1 +/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0 +/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1 +/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3 +/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0 +/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1 +/* 0x1400 1586 (16 17) */ add %g4,8,%g4 +/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3 +/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0 +/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2 +/* 0x1410 1590 (18 19) */ st %o0,[%g3-4] +/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0 + +! +! ENTRY .L990000142 +! + + .L990000142: /* frequency 1.0 confidence 0.0 */ +/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2 +/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2 +/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3 +/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5 +/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1 +/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0 +/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2 +/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0 +/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1 +/* 0x143c 1602 ( 4 5) */ st %o1,[%g3] +/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5 +/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0 +/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1 +/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0 +/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3 +/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2 +/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0 +/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3 +/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1 +/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0 +/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12] +/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5 +/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4 +/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0 +/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1 +/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2 +/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3 +/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2 +/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1 +/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0 +/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2 +/* 0x1494 1624 (12 13) */ st %o2,[%g3-8] +/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5 +/* 0x149c 1626 (12 13) */ add %g5,64,%g5 +/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2 +/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0 +/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1 +/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0 +/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3 +/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2 +/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0 +/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4] +/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50 +/* 0x14c4 (16 17) */ srlx %o0,32,%o0 + +! +! ENTRY .L990000145 +! + + .L990000145: /* frequency 1.0 confidence 0.0 */ +/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3 +/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3 +/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2 +/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0 +/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0 +/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4] +/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0 +/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50 +/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5 + +! +! ENTRY .L77000058 +! + + .L77000058: /* frequency 1.0 confidence 0.0 */ +/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2 + +! +! ENTRY .L990000160 +! + + .L990000160: /* frequency 1.0 confidence 0.0 */ +/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3 +/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0 +/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2 +/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1 +/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2 +/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2 +/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0 +/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5 +/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0 +/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4 +/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0 +/* 0x151c 1661 ( 4 5) */ st %o0,[%g3] +/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0 +/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5 +/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3 +/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50 +/* 0x1530 ( 6 8) */ ldx [%g2],%o2 + +! +! ENTRY .L77770061 +! + + .L77770061: /* frequency 1.0 confidence 0.0 */ +/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0 + + + + +/* 0x11a8 1441 ( 0 0) */ .type mul_add,2 +/* 0x11a8 1442 ( 0 0) */ .size mul_add,(.-mul_add) +/* 0x11a8 1445 ( 0 0) */ .align 16 +/* 0x11b0 1451 ( 0 0) */ .global mul_add_inp + +! +! ENTRY mul_add_inp +! + + .global mul_add_inp + mul_add_inp: /* frequency 1.0 confidence 0.0 */ +/* 0x11b0 1453 ( 0 1) */ or %g0,%o2,%g1 +/* 0x11b4 1454 ( 0 1) */ or %g0,%o3,%o4 +/* 0x11b8 1455 ( 1 2) */ or %g0,%o0,%g3 +/* 0x11bc 1456 ( 1 2) */ or %g0,%o1,%g2 +/* 0x11c0 1466 ( 2 3) */ or %g0,%g1,%o3 +/* 0x11c4 1467 ( 2 3) */ or %g0,%g3,%o1 +/* 0x11c8 1468 ( 3 4) */ or %g0,%g2,%o2 +/* 0x11cc 1469 ( 3 4) */ or %g0,%o7,%g1 +/* 0x11d0 1470 ( 4 6) */ call mul_add ! params = ! Result = +/* 0x11d4 ( 5 6) */ or %g0,%g1,%o7 +/* 0x11d8 1472 ( 0 0) */ .type mul_add_inp,2 +/* 0x11d8 1473 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp) + + .section ".data",#alloc,#write +/* 0x11d8 6 ( 0 0) */ .align 8 + +! +! ENTRY mask_cnst +! + + mask_cnst: /* frequency 1.0 confidence 0.0 */ +/* 0x11d8 8 ( 0 0) */ .word -2147483648 +/* 0x11dc 9 ( 0 0) */ .word -2147483648 +/* 0x11e0 10 ( 0 0) */ .type mask_cnst,#object +/* 0x11e0 11 ( 0 0) */ .size mask_cnst,8 + diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv9.s b/security/nss/lib/freebl/mpi/mpv_sparcv9.s new file mode 100644 index 000000000..1a7997e4a --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpv_sparcv9.s @@ -0,0 +1,1673 @@ +!/* +! * The contents of this file are subject to the Mozilla Public +! * License Version 1.1 (the "License"); you may not use this file +! * except in compliance with the License. You may obtain a copy of +! * the License at http://www.mozilla.org/MPL/ +! * +! * Software distributed under the License is distributed on an "AS +! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! * implied. See the License for the specific language governing +! * rights and limitations under the License. +! * +! * The Original Code is a SPARC/VIS optimized multiply and add function +! * +! * The Initial Developer of the Original Code is Sun Microsystems Inc. +! * Portions created by Sun Microsystems Inc. are +! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. +! * +! * Contributor(s): +! * +! * Alternatively, the contents of this file may be used under the +! * terms of the GNU General Public License Version 2 or later (the +! * "GPL"), in which case the provisions of the GPL are applicable +! * instead of those above. If you wish to allow use of your +! * version of this file only under the terms of the GPL and not to +! * allow others to use your version of this file under the MPL, +! * indicate your decision by deleting the provisions above and +! * replace them with the notice and other provisions required by +! * the GPL. If you do not delete the provisions above, a recipient +! * may use your version of this file under either the MPL or the +! * GPL. +! * $Id$ +! */ + + .section ".text",#alloc,#execinstr +/* 000000 0 ( 0 0) */ .register %g2,#scratch +/* 000000 ( 0 0) */ .register %g3,#scratch +/* 000000 3 ( 0 0) */ .file "mpv_sparc.c" +/* 000000 15 ( 0 0) */ .align 8 +! +! SUBROUTINE .L_const_seg_900000101 +! +! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME) + + .L_const_seg_900000101: /* frequency 1.0 confidence 0.0 */ +/* 000000 20 ( 0 0) */ .word 1127219200,0 +/* 0x0008 21 ( 0 0) */ .word 1105199103,-4194304 +/* 0x0010 22 ( 0 0) */ .align 8 +/* 0x0010 28 ( 0 0) */ .global mul_add + +! +! ENTRY mul_add +! + + .global mul_add + mul_add: /* frequency 1.0 confidence 0.0 */ +/* 0x0010 30 ( 0 1) */ sethi %hi(0x1c00),%g1 +/* 0x0014 31 ( 0 1) */ sethi %hi(mask_cnst),%g2 +/* 0x0018 32 ( 1 2) */ xor %g1,-48,%g1 +/* 0x001c 33 ( 1 2) */ add %g2,%lo(mask_cnst),%g2 +/* 0x0020 34 ( 2 3) */ save %sp,%g1,%sp + +! +! ENTRY .L900000149 +! + + .L900000149: /* frequency 1.0 confidence 0.0 */ +/* 0x0024 36 ( 0 2) */ call (.+0x8) ! params = ! Result = +/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5 +/* 0x002c 178 ( 2 3) */ sethi %hi(.L_const_seg_900000101),%g3 +/* 0x0030 179 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5 +/* 0x0034 180 ( 3 4) */ add %g3,%lo(.L_const_seg_900000101),%g3 +/* 0x0038 181 ( 3 4) */ add %g5,%o7,%o1 +/* 0x003c 182 ( 4 5) */ sethi %hi(0x80000),%g4 +/* 0x0040 183 ( 4 6) */ ldx [%o1+%g2],%g2 +/* 0x0044 184 ( 4 5) */ or %g0,%i2,%o2 +/* 0x0048 185 ( 5 6) */ subcc %i4,%g4,%g0 +/* 0x004c 186 ( 5 7) */ ldx [%o1+%g3],%o0 +/* 0x0050 187 ( 6 7) */ or %g0,%i0,%o7 +/* 0x0054 188 ( 6 7) */ or %g0,%i1,%o5 +/* 0x0058 189 ( 6 9) */ ldd [%g2],%f0 +/* 0x005c 190 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50 +/* 0x0060 ( 7 8) */ subcc %i3,8,%g0 +/* 0x0064 192 ( 7 8) */ bne,pn %icc,.L900000158 ! tprob=0.50 +/* 0x0068 ( 8 9) */ subcc %i3,16,%g0 +/* 0x006c 194 ( 9 12) */ ldd [%o2],%f4 +/* 0x0070 195 (10 11) */ st %i4,[%sp+2287] +/* 0x0074 196 (11 14) */ ldd [%o0],%f8 +/* 0x0078 197 (11 13) */ fxnor %f0,%f4,%f4 +/* 0x007c 198 (12 15) */ ldd [%o2+8],%f10 +/* 0x0080 199 (13 16) */ fitod %f4,%f12 +/* 0x0084 200 (13 16) */ ldd [%o0+8],%f14 +/* 0x0088 201 (14 17) */ ld [%sp+2287],%f7 +/* 0x008c 202 (14 17) */ fitod %f5,%f4 +/* 0x0090 203 (15 17) */ fxnor %f0,%f10,%f10 +/* 0x0094 204 (15 18) */ ldd [%o2+16],%f16 +/* 0x0098 205 (16 19) */ ldd [%o2+24],%f18 +/* 0x009c 206 (17 20) */ fsubd %f14,%f4,%f4 +/* 0x00a0 210 (17 20) */ ld [%i1],%g2 +/* 0x00a4 211 (18 20) */ fxnor %f0,%f16,%f16 +/* 0x00a8 212 (18 21) */ ld [%i1+4],%g3 +/* 0x00ac 213 (19 22) */ ld [%i1+8],%g4 +/* 0x00b0 214 (20 23) */ fitod %f16,%f20 +/* 0x00b4 215 (20 23) */ ld [%i1+16],%o0 +/* 0x00b8 216 (21 24) */ ld [%i1+12],%g5 +/* 0x00bc 217 (22 25) */ ld [%i1+20],%o1 +/* 0x00c0 218 (23 26) */ ld [%i1+24],%o2 +/* 0x00c4 219 (24 25) */ fmovs %f8,%f6 +/* 0x00c8 220 (24 27) */ ld [%i1+28],%o3 +/* 0x00cc 221 (26 29) */ fsubd %f6,%f8,%f6 +/* 0x00d0 222 (27 30) */ fsubd %f14,%f12,%f8 +/* 0x00d4 223 (28 31) */ fitod %f10,%f12 +/* 0x00d8 224 (29 32) */ fmuld %f4,%f6,%f4 +/* 0x00dc 225 (29 32) */ fitod %f11,%f10 +/* 0x00e0 226 (30 33) */ fmuld %f8,%f6,%f8 +/* 0x00e4 227 (31 34) */ fsubd %f14,%f12,%f12 +/* 0x00e8 228 (32 35) */ fdtox %f4,%f4 +/* 0x00ec 229 (32 33) */ std %f4,[%sp+2271] +/* 0x00f0 230 (33 36) */ fdtox %f8,%f8 +/* 0x00f4 231 (33 34) */ std %f8,[%sp+2279] +/* 0x00f8 232 (34 37) */ fmuld %f12,%f6,%f12 +/* 0x00fc 233 (34 37) */ fsubd %f14,%f10,%f10 +/* 0x0100 234 (35 38) */ fsubd %f14,%f20,%f4 +/* 0x0104 235 (36 39) */ fitod %f17,%f8 +/* 0x0108 236 (37 39) */ fxnor %f0,%f18,%f16 +/* 0x010c 237 (37 39) */ ldx [%sp+2279],%o4 +/* 0x0110 238 (37 40) */ fmuld %f10,%f6,%f10 +/* 0x0114 239 (38 41) */ fdtox %f12,%f12 +/* 0x0118 240 (38 39) */ std %f12,[%sp+2263] +/* 0x011c 241 (38 41) */ fmuld %f4,%f6,%f4 +/* 0x0120 242 (39 42) */ fitod %f16,%f18 +/* 0x0124 243 (39 40) */ add %o4,%g2,%g2 +/* 0x0128 244 (39 40) */ st %g2,[%i0] +/* 0x012c 245 (40 42) */ ldx [%sp+2271],%o4 +/* 0x0130 246 (40 43) */ fsubd %f14,%f8,%f8 +/* 0x0134 247 (40 41) */ srax %g2,32,%o5 +/* 0x0138 248 (41 44) */ fdtox %f10,%f10 +/* 0x013c 249 (41 42) */ std %f10,[%sp+2255] +/* 0x0140 250 (42 45) */ fdtox %f4,%f4 +/* 0x0144 251 (42 43) */ std %f4,[%sp+2247] +/* 0x0148 252 (42 43) */ add %o4,%g3,%o4 +/* 0x014c 253 (43 46) */ fitod %f17,%f12 +/* 0x0150 254 (43 45) */ ldx [%sp+2263],%g2 +/* 0x0154 255 (43 44) */ add %o4,%o5,%g3 +/* 0x0158 256 (43 46) */ fmuld %f8,%f6,%f8 +/* 0x015c 257 (44 47) */ fsubd %f14,%f18,%f10 +/* 0x0160 258 (44 45) */ st %g3,[%i0+4] +/* 0x0164 259 (44 45) */ srax %g3,32,%g3 +/* 0x0168 260 (45 46) */ add %g2,%g4,%g4 +/* 0x016c 261 (45 47) */ ldx [%sp+2255],%g2 +/* 0x0170 262 (46 49) */ fsubd %f14,%f12,%f4 +/* 0x0174 263 (46 47) */ add %g4,%g3,%g3 +/* 0x0178 264 (46 48) */ ldx [%sp+2247],%g4 +/* 0x017c 265 (47 50) */ fmuld %f10,%f6,%f10 +/* 0x0180 266 (47 50) */ fdtox %f8,%f8 +/* 0x0184 267 (47 48) */ std %f8,[%sp+2239] +/* 0x0188 268 (48 49) */ add %g4,%o0,%g4 +/* 0x018c 269 (48 49) */ add %g2,%g5,%g2 +/* 0x0190 270 (48 49) */ st %g3,[%i0+8] +/* 0x0194 271 (49 52) */ fmuld %f4,%f6,%f4 +/* 0x0198 272 (49 50) */ srax %g3,32,%o0 +/* 0x019c 273 (49 51) */ ldx [%sp+2239],%g5 +/* 0x01a0 274 (50 53) */ fdtox %f10,%f6 +/* 0x01a4 275 (50 51) */ std %f6,[%sp+2231] +/* 0x01a8 276 (50 51) */ add %g2,%o0,%g2 +/* 0x01ac 277 (51 52) */ srax %g2,32,%g3 +/* 0x01b0 278 (51 52) */ add %g5,%o1,%o1 +/* 0x01b4 279 (51 52) */ st %g2,[%i0+12] +/* 0x01b8 280 (52 55) */ fdtox %f4,%f4 +/* 0x01bc 281 (52 53) */ std %f4,[%sp+2223] +/* 0x01c0 282 (52 53) */ add %g4,%g3,%g3 +/* 0x01c4 283 (53 54) */ srax %g3,32,%g4 +/* 0x01c8 284 (53 54) */ st %g3,[%i0+16] +/* 0x01cc 285 (54 56) */ ldx [%sp+2231],%o0 +/* 0x01d0 286 (54 55) */ add %o1,%g4,%g4 +/* 0x01d4 287 (55 56) */ srax %g4,32,%g2 +/* 0x01d8 288 (55 57) */ ldx [%sp+2223],%g5 +/* 0x01dc 289 (56 57) */ add %o0,%o2,%o2 +/* 0x01e0 290 (56 57) */ st %g4,[%i0+20] +/* 0x01e4 291 (57 58) */ add %o2,%g2,%g2 +/* 0x01e8 292 (57 58) */ add %g5,%o3,%g5 +/* 0x01ec 293 (57 58) */ st %g2,[%i0+24] +/* 0x01f0 294 (58 59) */ srax %g2,32,%g3 +/* 0x01f4 295 (59 60) */ add %g5,%g3,%g2 +/* 0x01f8 296 (59 60) */ st %g2,[%i0+28] +/* 0x01fc 300 (60 61) */ srax %g2,32,%o3 +/* 0x0200 301 (61 62) */ srl %o3,0,%i0 +/* 0x0204 (62 64) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0208 (64 65) */ restore %g0,%g0,%g0 + +! +! ENTRY .L900000158 +! + + .L900000158: /* frequency 1.0 confidence 0.0 */ +/* 0x020c 308 ( 0 1) */ bne,a,pn %icc,.L900000157 ! tprob=0.50 +/* 0x0210 ( 0 1) */ st %i4,[%sp+2223] +/* 0x0214 315 ( 1 4) */ ldd [%o2],%f4 +/* 0x0218 316 ( 2 3) */ st %i4,[%sp+2351] +/* 0x021c 317 ( 3 6) */ ldd [%o0],%f8 +/* 0x0220 318 ( 3 5) */ fxnor %f0,%f4,%f4 +/* 0x0224 319 ( 4 7) */ ldd [%o2+8],%f10 +/* 0x0228 320 ( 5 8) */ ldd [%o0+8],%f14 +/* 0x022c 321 ( 5 8) */ fitod %f4,%f12 +/* 0x0230 322 ( 6 9) */ ld [%sp+2351],%f7 +/* 0x0234 323 ( 6 8) */ fxnor %f0,%f10,%f10 +/* 0x0238 324 ( 7 10) */ ldd [%o2+16],%f16 +/* 0x023c 325 ( 7 10) */ fitod %f5,%f4 +/* 0x0240 326 ( 8 11) */ ldd [%o2+24],%f18 +/* 0x0244 330 ( 9 12) */ ldd [%o2+32],%f20 +/* 0x0248 331 ( 9 11) */ fxnor %f0,%f16,%f16 +/* 0x024c 335 (10 13) */ ld [%i1],%g2 +/* 0x0250 336 (10 13) */ fsubd %f14,%f4,%f4 +/* 0x0254 337 (11 14) */ ldd [%o2+40],%f22 +/* 0x0258 338 (11 14) */ fitod %f16,%f28 +/* 0x025c 339 (12 15) */ ld [%i1+4],%g3 +/* 0x0260 340 (13 16) */ ld [%i1+8],%g4 +/* 0x0264 341 (13 15) */ fxnor %f0,%f22,%f22 +/* 0x0268 342 (14 17) */ ld [%i1+12],%g5 +/* 0x026c 343 (15 18) */ ld [%i1+16],%o0 +/* 0x0270 344 (16 19) */ ldd [%o2+48],%f24 +/* 0x0274 345 (17 20) */ ld [%i1+20],%o1 +/* 0x0278 346 (17 18) */ fmovs %f8,%f6 +/* 0x027c 347 (18 21) */ ldd [%o2+56],%f26 +/* 0x0280 348 (19 22) */ ld [%i1+24],%o2 +/* 0x0284 349 (19 22) */ fsubd %f6,%f8,%f6 +/* 0x0288 350 (20 23) */ ld [%i1+28],%o3 +/* 0x028c 351 (20 23) */ fsubd %f14,%f12,%f8 +/* 0x0290 355 (21 24) */ ld [%i1+32],%o4 +/* 0x0294 356 (21 24) */ fitod %f10,%f12 +/* 0x0298 357 (22 25) */ ld [%i1+36],%o7 +/* 0x029c 358 (22 25) */ fitod %f11,%f10 +/* 0x02a0 359 (22 25) */ fmuld %f4,%f6,%f4 +/* 0x02a4 360 (23 26) */ ld [%i1+40],%l1 +/* 0x02a8 361 (23 26) */ fmuld %f8,%f6,%f8 +/* 0x02ac 362 (24 27) */ ld [%i1+56],%l5 +/* 0x02b0 363 (24 27) */ fsubd %f14,%f12,%f12 +/* 0x02b4 364 (25 28) */ fsubd %f14,%f10,%f10 +/* 0x02b8 365 (26 29) */ fdtox %f8,%f8 +/* 0x02bc 366 (26 27) */ std %f8,[%sp+2343] +/* 0x02c0 367 (27 30) */ fitod %f17,%f8 +/* 0x02c4 368 (27 30) */ fmuld %f12,%f6,%f12 +/* 0x02c8 369 (28 31) */ fdtox %f4,%f4 +/* 0x02cc 370 (28 29) */ std %f4,[%sp+2335] +/* 0x02d0 371 (28 31) */ fmuld %f10,%f6,%f10 +/* 0x02d4 372 (29 31) */ fxnor %f0,%f18,%f16 +/* 0x02d8 373 (30 33) */ fdtox %f12,%f12 +/* 0x02dc 374 (30 31) */ std %f12,[%sp+2327] +/* 0x02e0 375 (31 33) */ ldx [%sp+2343],%o5 +/* 0x02e4 376 (31 34) */ fsubd %f14,%f8,%f8 +/* 0x02e8 377 (32 35) */ fsubd %f14,%f28,%f4 +/* 0x02ec 378 (33 36) */ fitod %f17,%f12 +/* 0x02f0 379 (33 34) */ add %o5,%g2,%g2 +/* 0x02f4 380 (33 34) */ st %g2,[%i0] +/* 0x02f8 381 (34 36) */ ldx [%sp+2335],%o5 +/* 0x02fc 382 (34 37) */ fitod %f16,%f18 +/* 0x0300 383 (34 35) */ srax %g2,32,%l0 +/* 0x0304 384 (35 37) */ fxnor %f0,%f20,%f16 +/* 0x0308 385 (35 38) */ fmuld %f8,%f6,%f20 +/* 0x030c 386 (36 39) */ fdtox %f10,%f10 +/* 0x0310 387 (36 37) */ std %f10,[%sp+2319] +/* 0x0314 388 (36 37) */ add %o5,%g3,%g3 +/* 0x0318 389 (36 39) */ fmuld %f4,%f6,%f4 +/* 0x031c 390 (37 40) */ fitod %f16,%f8 +/* 0x0320 391 (37 38) */ add %g3,%l0,%g3 +/* 0x0324 392 (37 38) */ st %g3,[%i0+4] +/* 0x0328 393 (38 40) */ ldx [%sp+2327],%o5 +/* 0x032c 394 (38 41) */ fsubd %f14,%f18,%f18 +/* 0x0330 395 (38 39) */ srax %g3,32,%l3 +/* 0x0334 396 (39 41) */ ldx [%sp+2319],%l2 +/* 0x0338 397 (39 42) */ fdtox %f4,%f4 +/* 0x033c 398 (40 41) */ std %f4,[%sp+2311] +/* 0x0340 399 (40 43) */ fdtox %f20,%f20 +/* 0x0344 400 (40 41) */ add %o5,%g4,%g4 +/* 0x0348 401 (41 42) */ std %f20,[%sp+2303] +/* 0x034c 402 (41 44) */ fsubd %f14,%f12,%f4 +/* 0x0350 403 (41 42) */ add %g4,%l3,%g4 +/* 0x0354 404 (41 44) */ fmuld %f18,%f6,%f18 +/* 0x0358 405 (42 43) */ st %g4,[%i0+8] +/* 0x035c 406 (42 45) */ fitod %f17,%f16 +/* 0x0360 407 (42 43) */ srax %g4,32,%l4 +/* 0x0364 408 (43 46) */ ld [%i1+44],%l0 +/* 0x0368 409 (43 46) */ fsubd %f14,%f8,%f20 +/* 0x036c 410 (43 44) */ add %l2,%g5,%l2 +/* 0x0370 411 (44 46) */ ldx [%sp+2311],%g5 +/* 0x0374 412 (44 47) */ fitod %f22,%f8 +/* 0x0378 413 (44 45) */ add %l2,%l4,%l2 +/* 0x037c 414 (44 47) */ fmuld %f4,%f6,%f4 +/* 0x0380 415 (45 46) */ st %l2,[%i0+12] +/* 0x0384 416 (45 48) */ fsubd %f14,%f16,%f10 +/* 0x0388 417 (46 49) */ ld [%i1+52],%l3 +/* 0x038c 418 (46 49) */ fdtox %f18,%f18 +/* 0x0390 419 (46 47) */ add %g5,%o0,%l4 +/* 0x0394 420 (46 49) */ fmuld %f20,%f6,%f12 +/* 0x0398 421 (47 48) */ std %f18,[%sp+2295] +/* 0x039c 422 (47 48) */ srax %l2,32,%o0 +/* 0x03a0 423 (47 50) */ fitod %f23,%f16 +/* 0x03a4 424 (48 51) */ ld [%i1+48],%o5 +/* 0x03a8 425 (48 51) */ fsubd %f14,%f8,%f8 +/* 0x03ac 426 (48 49) */ add %l4,%o0,%l4 +/* 0x03b0 427 (49 50) */ st %l4,[%i0+16] +/* 0x03b4 428 (49 50) */ srax %l4,32,%o0 +/* 0x03b8 429 (49 51) */ fxnor %f0,%f24,%f18 +/* 0x03bc 430 (50 52) */ ldx [%sp+2303],%g5 +/* 0x03c0 431 (50 53) */ fdtox %f4,%f4 +/* 0x03c4 432 (51 52) */ std %f4,[%sp+2287] +/* 0x03c8 433 (51 54) */ fdtox %f12,%f12 +/* 0x03cc 434 (51 54) */ fmuld %f10,%f6,%f4 +/* 0x03d0 435 (52 53) */ std %f12,[%sp+2279] +/* 0x03d4 436 (52 55) */ fsubd %f14,%f16,%f12 +/* 0x03d8 437 (52 53) */ add %g5,%o1,%g2 +/* 0x03dc 438 (52 55) */ fmuld %f8,%f6,%f8 +/* 0x03e0 439 (53 55) */ ldx [%sp+2295],%g5 +/* 0x03e4 440 (53 56) */ fitod %f18,%f10 +/* 0x03e8 441 (53 54) */ add %g2,%o0,%g2 +/* 0x03ec 442 (54 55) */ st %g2,[%i0+20] +/* 0x03f0 443 (54 57) */ fitod %f19,%f16 +/* 0x03f4 444 (54 55) */ srax %g2,32,%o0 +/* 0x03f8 445 (55 58) */ fdtox %f8,%f8 +/* 0x03fc 446 (55 56) */ std %f8,[%sp+2263] +/* 0x0400 447 (55 56) */ add %g5,%o2,%g3 +/* 0x0404 448 (56 58) */ ldx [%sp+2287],%g5 +/* 0x0408 449 (56 59) */ fsubd %f14,%f10,%f10 +/* 0x040c 450 (56 57) */ add %g3,%o0,%g3 +/* 0x0410 451 (57 58) */ st %g3,[%i0+24] +/* 0x0414 452 (57 60) */ fsubd %f14,%f16,%f8 +/* 0x0418 453 (57 58) */ srax %g3,32,%o0 +/* 0x041c 454 (58 61) */ fdtox %f4,%f4 +/* 0x0420 455 (58 59) */ std %f4,[%sp+2271] +/* 0x0424 456 (58 59) */ add %g5,%o3,%g4 +/* 0x0428 457 (59 61) */ fxnor %f0,%f26,%f18 +/* 0x042c 458 (59 62) */ fmuld %f12,%f6,%f4 +/* 0x0430 459 (59 60) */ add %g4,%o0,%g4 +/* 0x0434 460 (60 61) */ st %g4,[%i0+28] +/* 0x0438 461 (60 63) */ fmuld %f10,%f6,%f10 +/* 0x043c 462 (60 61) */ srax %g4,32,%o0 +/* 0x0440 463 (61 63) */ ldx [%sp+2279],%g5 +/* 0x0444 464 (61 64) */ fitod %f18,%f12 +/* 0x0448 465 (61 64) */ fmuld %f8,%f6,%f8 +/* 0x044c 466 (62 65) */ fdtox %f4,%f4 +/* 0x0450 467 (62 63) */ std %f4,[%sp+2255] +/* 0x0454 468 (63 64) */ add %g5,%o4,%l2 +/* 0x0458 469 (63 65) */ ldx [%sp+2271],%g5 +/* 0x045c 470 (63 66) */ fdtox %f10,%f16 +/* 0x0460 471 (64 67) */ fsubd %f14,%f12,%f4 +/* 0x0464 472 (64 65) */ std %f16,[%sp+2247] +/* 0x0468 473 (64 65) */ add %l2,%o0,%l2 +/* 0x046c 474 (65 68) */ fdtox %f8,%f8 +/* 0x0470 475 (65 66) */ std %f8,[%sp+2239] +/* 0x0474 476 (65 66) */ add %g5,%o7,%l4 +/* 0x0478 477 (66 69) */ fitod %f19,%f10 +/* 0x047c 478 (66 68) */ ldx [%sp+2263],%g5 +/* 0x0480 479 (66 67) */ srax %l2,32,%o0 +/* 0x0484 480 (67 68) */ add %l4,%o0,%l4 +/* 0x0488 481 (67 70) */ fmuld %f4,%f6,%f4 +/* 0x048c 482 (67 69) */ ldx [%sp+2255],%o0 +/* 0x0490 483 (68 69) */ srax %l4,32,%o1 +/* 0x0494 484 (68 69) */ add %g5,%l1,%l1 +/* 0x0498 485 (68 69) */ st %l2,[%i0+32] +/* 0x049c 486 (69 72) */ fsubd %f14,%f10,%f8 +/* 0x04a0 487 (69 71) */ ldx [%sp+2239],%o3 +/* 0x04a4 488 (69 70) */ add %l1,%o1,%o1 +/* 0x04a8 489 (70 72) */ ldx [%sp+2247],%g5 +/* 0x04ac 490 (70 71) */ srax %o1,32,%o2 +/* 0x04b0 491 (70 71) */ add %o0,%l0,%o0 +/* 0x04b4 492 (71 74) */ fdtox %f4,%f4 +/* 0x04b8 493 (71 72) */ std %f4,[%sp+2231] +/* 0x04bc 494 (71 72) */ add %o0,%o2,%o2 +/* 0x04c0 495 (72 73) */ add %o3,%l3,%l3 +/* 0x04c4 496 (72 75) */ fmuld %f8,%f6,%f4 +/* 0x04c8 497 (72 73) */ add %g5,%o5,%g5 +/* 0x04cc 498 (73 74) */ srax %o2,32,%o3 +/* 0x04d0 499 (73 74) */ st %l4,[%i0+36] +/* 0x04d4 500 (74 75) */ add %g5,%o3,%g2 +/* 0x04d8 501 (74 76) */ ldx [%sp+2231],%o0 +/* 0x04dc 502 (75 76) */ srax %g2,32,%g3 +/* 0x04e0 503 (75 78) */ fdtox %f4,%f4 +/* 0x04e4 504 (75 76) */ std %f4,[%sp+2223] +/* 0x04e8 505 (76 77) */ st %o1,[%i0+40] +/* 0x04ec 506 (76 77) */ add %l3,%g3,%g3 +/* 0x04f0 507 (76 77) */ add %o0,%l5,%g5 +/* 0x04f4 508 (77 78) */ st %o2,[%i0+44] +/* 0x04f8 509 (77 78) */ srax %g3,32,%g4 +/* 0x04fc 510 (78 79) */ st %g2,[%i0+48] +/* 0x0500 511 (78 79) */ add %g5,%g4,%g4 +/* 0x0504 512 (79 80) */ st %g3,[%i0+52] +/* 0x0508 513 (79 80) */ srax %g4,32,%g5 +/* 0x050c 514 (80 83) */ ld [%i1+60],%g3 +/* 0x0510 515 (81 83) */ ldx [%sp+2223],%g2 +/* 0x0514 516 (82 83) */ st %g4,[%i0+56] +/* 0x0518 517 (83 84) */ add %g2,%g3,%g2 +/* 0x051c 518 (84 85) */ add %g2,%g5,%g2 +/* 0x0520 519 (84 85) */ st %g2,[%i0+60] +/* 0x0524 523 (85 86) */ srax %g2,32,%o3 +/* 0x0528 524 (86 87) */ srl %o3,0,%i0 +/* 0x052c (87 89) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0530 (89 90) */ restore %g0,%g0,%g0 + +! +! ENTRY .L900000157 +! + + .L900000157: /* frequency 1.0 confidence 0.0 */ +/* 0x0534 532 ( 0 1) */ fmovd %f0,%f14 +/* 0x0538 533 ( 0 3) */ ldd [%o0],%f8 +/* 0x053c 539 ( 0 1) */ add %i3,1,%g2 +/* 0x0540 540 ( 1 4) */ ld [%sp+2223],%f7 +/* 0x0544 541 ( 1 2) */ srl %g2,31,%g3 +/* 0x0548 545 ( 1 2) */ add %fp,-217,%g4 +/* 0x054c 546 ( 2 3) */ add %g2,%g3,%g2 +/* 0x0550 547 ( 2 3) */ or %g0,0,%g5 +/* 0x0554 548 ( 2 5) */ ldd [%o0+8],%f18 +/* 0x0558 549 ( 3 4) */ fmovs %f8,%f6 +/* 0x055c 550 ( 3 4) */ sra %g2,1,%o1 +/* 0x0560 551 ( 3 4) */ or %g0,0,%o0 +/* 0x0564 552 ( 4 5) */ subcc %o1,0,%g0 +/* 0x0568 553 ( 5 6) */ or %g0,%o1,%o3 +/* 0x056c 554 ( 5 8) */ fsubd %f6,%f8,%f16 +/* 0x0570 555 ( 5 6) */ ble,pt %icc,.L900000156 ! tprob=0.50 +/* 0x0574 ( 6 7) */ subcc %i3,0,%g0 +/* 0x0578 557 ( 6 7) */ sub %o1,1,%g2 +/* 0x057c 558 ( 7 8) */ or %g0,0,%i0 +/* 0x0580 559 ( 7 8) */ or %g0,1,%g3 +/* 0x0584 560 ( 8 9) */ subcc %o3,10,%g0 +/* 0x0588 561 ( 8 9) */ bl,pn %icc,.L77000077 ! tprob=0.50 +/* 0x058c ( 9 10) */ or %g0,0,%o1 +/* 0x0590 563 ( 9 12) */ ldd [%i2+8],%f0 +/* 0x0594 564 ( 9 10) */ sub %o3,3,%o3 +/* 0x0598 565 (10 13) */ ldd [%i2],%f2 +/* 0x059c 566 (10 11) */ or %g0,7,%o0 +/* 0x05a0 567 (10 11) */ or %g0,2,%i0 +/* 0x05a4 568 (11 13) */ fxnor %f14,%f0,%f8 +/* 0x05a8 569 (11 14) */ ldd [%i2+16],%f4 +/* 0x05ac 570 (11 12) */ or %g0,16,%o2 +/* 0x05b0 571 (12 14) */ fxnor %f14,%f2,%f2 +/* 0x05b4 572 (12 15) */ ldd [%i2+24],%f6 +/* 0x05b8 573 (12 13) */ or %g0,48,%o4 +/* 0x05bc 574 (13 16) */ fitod %f8,%f12 +/* 0x05c0 575 (13 14) */ or %g0,24,%o1 +/* 0x05c4 576 (13 14) */ or %g0,3,%g3 +/* 0x05c8 577 (14 17) */ fitod %f2,%f0 +/* 0x05cc 578 (15 18) */ fitod %f3,%f20 +/* 0x05d0 579 (15 18) */ ldd [%i2+32],%f2 +/* 0x05d4 580 (16 19) */ fitod %f9,%f10 +/* 0x05d8 581 (16 19) */ ldd [%i2+40],%f8 +/* 0x05dc 582 (17 20) */ fsubd %f18,%f0,%f0 +/* 0x05e0 583 (18 21) */ fsubd %f18,%f20,%f22 +/* 0x05e4 584 (19 22) */ fsubd %f18,%f12,%f20 +/* 0x05e8 585 (19 22) */ ldd [%i2+48],%f12 +/* 0x05ec 586 (20 23) */ fsubd %f18,%f10,%f10 +/* 0x05f0 587 (20 23) */ fmuld %f0,%f16,%f0 +/* 0x05f4 588 (21 23) */ fxnor %f14,%f4,%f4 +/* 0x05f8 589 (21 24) */ fmuld %f22,%f16,%f22 +/* 0x05fc 590 (22 24) */ fxnor %f14,%f6,%f6 +/* 0x0600 591 (22 25) */ fmuld %f20,%f16,%f20 +/* 0x0604 592 (23 26) */ fdtox %f0,%f0 +/* 0x0608 593 (23 24) */ std %f0,[%fp-217] +/* 0x060c 594 (23 26) */ fmuld %f10,%f16,%f10 +/* 0x0610 595 (24 27) */ fdtox %f22,%f22 +/* 0x0614 596 (24 25) */ std %f22,[%fp-209] +/* 0x0618 597 (25 28) */ fitod %f5,%f0 +/* 0x061c 598 (26 29) */ fdtox %f10,%f10 +/* 0x0620 599 (27 30) */ fdtox %f20,%f20 +/* 0x0624 600 (27 28) */ std %f20,[%fp-201] +/* 0x0628 601 (28 31) */ fitod %f4,%f4 +/* 0x062c 602 (28 29) */ std %f10,[%fp-193] +/* 0x0630 603 (29 31) */ fxnor %f14,%f2,%f10 +/* 0x0634 604 (30 33) */ fitod %f7,%f2 +/* 0x0638 605 (31 34) */ fsubd %f18,%f0,%f0 +/* 0x063c 606 (32 35) */ fsubd %f18,%f4,%f4 +/* 0x0640 607 (33 35) */ fxnor %f14,%f8,%f8 + +! +! ENTRY .L900000144 +! + + .L900000144: /* frequency 1.0 confidence 0.0 */ +/* 0x0644 609 ( 0 3) */ fitod %f11,%f22 +/* 0x0648 610 ( 0 1) */ add %o0,3,%o0 +/* 0x064c 611 ( 0 1) */ add %g3,6,%g3 +/* 0x0650 612 ( 0 3) */ fmuld %f0,%f16,%f0 +/* 0x0654 613 ( 1 4) */ fmuld %f4,%f16,%f24 +/* 0x0658 614 ( 1 2) */ subcc %o0,%o3,%g0 +/* 0x065c 615 ( 1 2) */ add %i0,6,%i0 +/* 0x0660 616 ( 1 4) */ fsubd %f18,%f2,%f2 +/* 0x0664 617 ( 2 5) */ fitod %f6,%f4 +/* 0x0668 618 ( 3 6) */ fdtox %f0,%f0 +/* 0x066c 619 ( 3 4) */ add %o4,8,%i1 +/* 0x0670 620 ( 4 7) */ ldd [%i2+%i1],%f20 +/* 0x0674 621 ( 4 7) */ fdtox %f24,%f6 +/* 0x0678 622 ( 4 5) */ add %o2,16,%o4 +/* 0x067c 623 ( 5 8) */ fsubd %f18,%f4,%f4 +/* 0x0680 624 ( 5 6) */ std %f6,[%o4+%g4] +/* 0x0684 625 ( 5 6) */ add %o1,16,%o2 +/* 0x0688 626 ( 6 8) */ fxnor %f14,%f12,%f6 +/* 0x068c 627 ( 6 7) */ std %f0,[%o2+%g4] +/* 0x0690 628 ( 7 10) */ fitod %f9,%f0 +/* 0x0694 629 ( 7 10) */ fmuld %f2,%f16,%f2 +/* 0x0698 630 ( 8 11) */ fmuld %f4,%f16,%f24 +/* 0x069c 631 ( 8 11) */ fsubd %f18,%f22,%f12 +/* 0x06a0 632 ( 9 12) */ fitod %f10,%f4 +/* 0x06a4 633 (10 13) */ fdtox %f2,%f2 +/* 0x06a8 634 (10 11) */ add %i1,8,%o1 +/* 0x06ac 635 (11 14) */ ldd [%i2+%o1],%f22 +/* 0x06b0 636 (11 14) */ fdtox %f24,%f10 +/* 0x06b4 637 (11 12) */ add %o4,16,%i4 +/* 0x06b8 638 (12 15) */ fsubd %f18,%f4,%f4 +/* 0x06bc 639 (12 13) */ std %f10,[%i4+%g4] +/* 0x06c0 640 (12 13) */ add %o2,16,%i1 +/* 0x06c4 641 (13 15) */ fxnor %f14,%f20,%f10 +/* 0x06c8 642 (13 14) */ std %f2,[%i1+%g4] +/* 0x06cc 643 (14 17) */ fitod %f7,%f2 +/* 0x06d0 644 (14 17) */ fmuld %f12,%f16,%f12 +/* 0x06d4 645 (15 18) */ fmuld %f4,%f16,%f24 +/* 0x06d8 646 (15 18) */ fsubd %f18,%f0,%f0 +/* 0x06dc 647 (16 19) */ fitod %f8,%f4 +/* 0x06e0 648 (17 20) */ fdtox %f12,%f20 +/* 0x06e4 649 (17 18) */ add %o1,8,%o4 +/* 0x06e8 650 (18 21) */ ldd [%i2+%o4],%f12 +/* 0x06ec 651 (18 21) */ fdtox %f24,%f8 +/* 0x06f0 652 (18 19) */ add %i4,16,%o2 +/* 0x06f4 653 (19 22) */ fsubd %f18,%f4,%f4 +/* 0x06f8 654 (19 20) */ std %f8,[%o2+%g4] +/* 0x06fc 655 (19 20) */ add %i1,16,%o1 +/* 0x0700 656 (20 22) */ fxnor %f14,%f22,%f8 +/* 0x0704 657 (20 21) */ ble,pt %icc,.L900000144 ! tprob=0.50 +/* 0x0708 (20 21) */ std %f20,[%o1+%g4] + +! +! ENTRY .L900000147 +! + + .L900000147: /* frequency 1.0 confidence 0.0 */ +/* 0x070c 660 ( 0 3) */ fitod %f6,%f6 +/* 0x0710 661 ( 0 3) */ fmuld %f4,%f16,%f24 +/* 0x0714 662 ( 0 1) */ add %i4,32,%l4 +/* 0x0718 663 ( 1 4) */ fsubd %f18,%f2,%f2 +/* 0x071c 664 ( 1 4) */ fmuld %f0,%f16,%f22 +/* 0x0720 665 ( 1 2) */ add %i1,32,%l3 +/* 0x0724 666 ( 2 5) */ fitod %f10,%f28 +/* 0x0728 667 ( 2 3) */ sra %o0,0,%o2 +/* 0x072c 668 ( 2 3) */ add %i4,48,%l2 +/* 0x0730 669 ( 3 6) */ fsubd %f18,%f6,%f4 +/* 0x0734 670 ( 3 4) */ add %i1,48,%l1 +/* 0x0738 671 ( 3 4) */ add %i4,64,%l0 +/* 0x073c 672 ( 4 7) */ fitod %f11,%f26 +/* 0x0740 673 ( 4 5) */ sllx %o2,3,%o1 +/* 0x0744 674 ( 4 5) */ add %i1,64,%i5 +/* 0x0748 675 ( 5 8) */ fitod %f8,%f6 +/* 0x074c 676 ( 5 6) */ add %i4,80,%i4 +/* 0x0750 677 ( 5 6) */ add %i1,80,%i1 +/* 0x0754 678 ( 6 8) */ fxnor %f14,%f12,%f0 +/* 0x0758 679 ( 6 9) */ fmuld %f4,%f16,%f20 +/* 0x075c 680 ( 6 7) */ add %i4,16,%o4 +/* 0x0760 681 ( 7 10) */ fitod %f9,%f4 +/* 0x0764 682 ( 7 10) */ fmuld %f2,%f16,%f12 +/* 0x0768 683 ( 7 8) */ add %i1,16,%o3 +/* 0x076c 684 ( 8 11) */ fsubd %f18,%f28,%f10 +/* 0x0770 685 ( 8 9) */ subcc %o0,%g2,%g0 +/* 0x0774 686 ( 8 9) */ add %g3,12,%g3 +/* 0x0778 687 ( 9 12) */ fitod %f0,%f2 +/* 0x077c 688 (10 13) */ fsubd %f18,%f26,%f8 +/* 0x0780 689 (11 14) */ fitod %f1,%f0 +/* 0x0784 690 (11 14) */ fmuld %f10,%f16,%f10 +/* 0x0788 691 (12 15) */ fdtox %f24,%f24 +/* 0x078c 692 (12 13) */ std %f24,[%l4+%g4] +/* 0x0790 693 (12 13) */ add %i0,12,%i0 +/* 0x0794 694 (13 16) */ fsubd %f18,%f6,%f6 +/* 0x0798 695 (13 16) */ fmuld %f8,%f16,%f8 +/* 0x079c 696 (14 17) */ fdtox %f22,%f22 +/* 0x07a0 697 (14 15) */ std %f22,[%l3+%g4] +/* 0x07a4 698 (15 18) */ fsubd %f18,%f4,%f4 +/* 0x07a8 699 (16 19) */ fdtox %f20,%f20 +/* 0x07ac 700 (16 17) */ std %f20,[%l2+%g4] +/* 0x07b0 701 (16 19) */ fmuld %f6,%f16,%f6 +/* 0x07b4 702 (17 20) */ fsubd %f18,%f2,%f2 +/* 0x07b8 703 (18 21) */ fsubd %f18,%f0,%f0 +/* 0x07bc 704 (18 21) */ fmuld %f4,%f16,%f4 +/* 0x07c0 705 (19 22) */ fdtox %f12,%f12 +/* 0x07c4 706 (19 20) */ std %f12,[%l1+%g4] +/* 0x07c8 707 (20 23) */ fdtox %f10,%f10 +/* 0x07cc 708 (20 21) */ std %f10,[%l0+%g4] +/* 0x07d0 709 (20 23) */ fmuld %f2,%f16,%f2 +/* 0x07d4 710 (21 24) */ fdtox %f8,%f8 +/* 0x07d8 711 (21 22) */ std %f8,[%i5+%g4] +/* 0x07dc 712 (21 24) */ fmuld %f0,%f16,%f0 +/* 0x07e0 713 (22 25) */ fdtox %f6,%f6 +/* 0x07e4 714 (22 23) */ std %f6,[%i4+%g4] +/* 0x07e8 715 (23 26) */ fdtox %f4,%f4 +/* 0x07ec 716 (23 24) */ std %f4,[%i1+%g4] +/* 0x07f0 717 (24 27) */ fdtox %f2,%f2 +/* 0x07f4 718 (24 25) */ std %f2,[%o4+%g4] +/* 0x07f8 719 (25 28) */ fdtox %f0,%f0 +/* 0x07fc 720 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50 +/* 0x0800 (25 26) */ std %f0,[%o3+%g4] + +! +! ENTRY .L77000077 +! + + .L77000077: /* frequency 1.0 confidence 0.0 */ +/* 0x0804 723 ( 0 3) */ ldd [%i2+%o1],%f0 + +! +! ENTRY .L900000155 +! + + .L900000155: /* frequency 1.0 confidence 0.0 */ +/* 0x0808 725 ( 0 2) */ fxnor %f14,%f0,%f0 +/* 0x080c 726 ( 0 1) */ sra %i0,0,%o1 +/* 0x0810 727 ( 0 1) */ add %o0,1,%o0 +/* 0x0814 728 ( 1 2) */ sllx %o1,3,%i4 +/* 0x0818 729 ( 1 2) */ add %i0,2,%i0 +/* 0x081c 730 ( 2 5) */ fitod %f0,%f2 +/* 0x0820 731 ( 2 3) */ sra %g3,0,%o1 +/* 0x0824 732 ( 2 3) */ add %g3,2,%g3 +/* 0x0828 733 ( 3 6) */ fitod %f1,%f0 +/* 0x082c 734 ( 3 4) */ sllx %o1,3,%i1 +/* 0x0830 735 ( 3 4) */ subcc %o0,%g2,%g0 +/* 0x0834 736 ( 4 5) */ sra %o0,0,%o2 +/* 0x0838 737 ( 5 8) */ fsubd %f18,%f2,%f2 +/* 0x083c 738 ( 5 6) */ sllx %o2,3,%o1 +/* 0x0840 739 ( 6 9) */ fsubd %f18,%f0,%f0 +/* 0x0844 740 ( 8 11) */ fmuld %f2,%f16,%f2 +/* 0x0848 741 ( 9 12) */ fmuld %f0,%f16,%f0 +/* 0x084c 742 (11 14) */ fdtox %f2,%f2 +/* 0x0850 743 (11 12) */ std %f2,[%i4+%g4] +/* 0x0854 744 (12 15) */ fdtox %f0,%f0 +/* 0x0858 745 (12 13) */ std %f0,[%i1+%g4] +/* 0x085c 746 (12 13) */ ble,a,pt %icc,.L900000155 ! tprob=0.50 +/* 0x0860 (14 17) */ ldd [%i2+%o1],%f0 + +! +! ENTRY .L77000043 +! + + .L77000043: /* frequency 1.0 confidence 0.0 */ +/* 0x0864 754 ( 0 1) */ subcc %i3,0,%g0 + +! +! ENTRY .L900000156 +! + + .L900000156: /* frequency 1.0 confidence 0.0 */ +/* 0x0868 756 ( 0 1) */ ble,a,pt %icc,.L77000061 ! tprob=0.50 +/* 0x086c ( 0 1) */ or %g0,%g5,%o3 +/* 0x0870 761 ( 0 2) */ ldx [%fp-209],%i1 +/* 0x0874 762 ( 1 2) */ sub %i3,1,%g3 +/* 0x0878 763 ( 1 2) */ or %g0,0,%i0 +/* 0x087c 764 ( 2 3) */ subcc %i3,5,%g0 +/* 0x0880 765 ( 2 3) */ bl,pn %icc,.L77000078 ! tprob=0.50 +/* 0x0884 ( 2 4) */ ldx [%fp-217],%i2 +/* 0x0888 767 ( 3 6) */ ld [%o5],%i3 +/* 0x088c 768 ( 3 4) */ or %g0,8,%g2 +/* 0x0890 769 ( 3 4) */ or %g0,16,%o4 +/* 0x0894 770 ( 4 5) */ sub %g3,1,%o3 +/* 0x0898 771 ( 4 5) */ or %g0,3,%i0 +/* 0x089c 772 ( 5 6) */ add %i2,%i3,%o1 +/* 0x08a0 773 ( 5 8) */ ld [%o5+4],%i2 +/* 0x08a4 774 ( 6 7) */ st %o1,[%o7] +/* 0x08a8 775 ( 6 7) */ srax %o1,32,%o1 +/* 0x08ac 776 ( 7 9) */ ldx [%fp-201],%o2 +/* 0x08b0 777 ( 7 8) */ add %i1,%i2,%o0 +/* 0x08b4 778 ( 7 8) */ or %g0,%o1,%i1 +/* 0x08b8 779 ( 8 11) */ ld [%o5+8],%o1 +/* 0x08bc 780 ( 8 9) */ add %o0,%i1,%o0 +/* 0x08c0 781 ( 9 10) */ st %o0,[%o7+4] +/* 0x08c4 782 ( 9 10) */ srax %o0,32,%o0 + +! +! ENTRY .L900000140 +! + + .L900000140: /* frequency 1.0 confidence 0.0 */ +/* 0x08c8 784 ( 0 1) */ add %g2,4,%i1 +/* 0x08cc 785 ( 0 1) */ add %o4,8,%o4 +/* 0x08d0 786 ( 1 3) */ ldx [%o4+%g4],%i2 +/* 0x08d4 787 ( 1 2) */ sra %o0,0,%g5 +/* 0x08d8 788 ( 1 2) */ add %o2,%o1,%o1 +/* 0x08dc 789 ( 2 5) */ ld [%o5+%i1],%o0 +/* 0x08e0 790 ( 2 3) */ add %o1,%g5,%o1 +/* 0x08e4 791 ( 2 3) */ add %i0,2,%i0 +/* 0x08e8 792 ( 3 4) */ st %o1,[%o7+%g2] +/* 0x08ec 793 ( 3 4) */ srax %o1,32,%g5 +/* 0x08f0 794 ( 3 4) */ subcc %i0,%o3,%g0 +/* 0x08f4 795 ( 4 5) */ add %g2,8,%g2 +/* 0x08f8 796 ( 4 5) */ add %o4,8,%o4 +/* 0x08fc 797 ( 5 7) */ ldx [%o4+%g4],%o2 +/* 0x0900 798 ( 5 6) */ add %i2,%o0,%o0 +/* 0x0904 799 ( 6 9) */ ld [%o5+%g2],%o1 +/* 0x0908 800 ( 6 7) */ add %o0,%g5,%o0 +/* 0x090c 801 ( 7 8) */ st %o0,[%o7+%i1] +/* 0x0910 802 ( 7 8) */ ble,pt %icc,.L900000140 ! tprob=0.50 +/* 0x0914 ( 7 8) */ srax %o0,32,%o0 + +! +! ENTRY .L900000143 +! + + .L900000143: /* frequency 1.0 confidence 0.0 */ +/* 0x0918 805 ( 0 1) */ sra %o0,0,%o3 +/* 0x091c 806 ( 0 1) */ add %o2,%o1,%o0 +/* 0x0920 807 ( 1 2) */ add %o0,%o3,%o0 +/* 0x0924 808 ( 1 2) */ st %o0,[%o7+%g2] +/* 0x0928 809 ( 1 2) */ subcc %i0,%g3,%g0 +/* 0x092c 810 ( 2 3) */ srax %o0,32,%g5 +/* 0x0930 811 ( 2 3) */ bg,a,pn %icc,.L77000061 ! tprob=0.50 +/* 0x0934 ( 3 4) */ or %g0,%g5,%o3 + +! +! ENTRY .L77000078 +! + + .L77000078: /* frequency 1.0 confidence 0.0 */ +/* 0x0938 814 ( 0 1) */ sra %i0,0,%o0 + +! +! ENTRY .L900000154 +! + + .L900000154: /* frequency 1.0 confidence 0.0 */ +/* 0x093c 816 ( 0 1) */ sllx %o0,2,%g2 +/* 0x0940 817 ( 0 1) */ add %i0,1,%i0 +/* 0x0944 818 ( 1 2) */ sllx %o0,3,%o4 +/* 0x0948 819 ( 1 4) */ ld [%o5+%g2],%o2 +/* 0x094c 820 ( 1 2) */ subcc %i0,%g3,%g0 +/* 0x0950 821 ( 2 4) */ ldx [%o4+%g4],%o0 +/* 0x0954 822 ( 2 3) */ sra %g5,0,%o1 +/* 0x0958 823 ( 4 5) */ add %o0,%o2,%o0 +/* 0x095c 824 ( 5 6) */ add %o0,%o1,%o0 +/* 0x0960 825 ( 5 6) */ st %o0,[%o7+%g2] +/* 0x0964 826 ( 6 7) */ srax %o0,32,%g5 +/* 0x0968 827 ( 6 7) */ ble,pt %icc,.L900000154 ! tprob=0.50 +/* 0x096c ( 7 8) */ sra %i0,0,%o0 + +! +! ENTRY .L77000047 +! + + .L77000047: /* frequency 1.0 confidence 0.0 */ +/* 0x0970 834 ( 0 1) */ or %g0,%g5,%o3 + +! +! ENTRY .L77000061 +! + + .L77000061: /* frequency 1.0 confidence 0.0 */ + +/* 0x0974 835 ( 1 2) */ srl %o3,0,%i0 +/* 0x0978 ( 2 4) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x097c ( 4 5) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000048 +! + + .L77000048: /* frequency 1.0 confidence 0.0 */ +/* 0x0980 844 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50 +/* 0x0984 ( 0 1) */ sethi %hi(0xfff80000),%g2 +/* 0x0988 854 ( 0 3) */ ldd [%o2],%f4 +/* 0x098c 855 ( 1 4) */ ldd [%o0],%f6 +/* 0x0990 856 ( 1 2) */ srl %i4,19,%g3 +/* 0x0994 857 ( 1 2) */ andn %i4,%g2,%g2 +/* 0x0998 858 ( 2 3) */ st %g3,[%sp+2351] +/* 0x099c 859 ( 2 4) */ fxnor %f0,%f4,%f4 +/* 0x09a0 860 ( 3 4) */ st %g2,[%sp+2355] +/* 0x09a4 861 ( 4 7) */ ldd [%o2+8],%f12 +/* 0x09a8 862 ( 4 7) */ fitod %f4,%f10 +/* 0x09ac 863 ( 5 8) */ ldd [%o0+8],%f16 +/* 0x09b0 864 ( 5 8) */ fitod %f5,%f4 +/* 0x09b4 865 ( 6 9) */ ldd [%o2+16],%f18 +/* 0x09b8 866 ( 6 8) */ fxnor %f0,%f12,%f12 +/* 0x09bc 867 ( 7 10) */ ld [%sp+2351],%f9 +/* 0x09c0 868 ( 7 10) */ fsubd %f16,%f10,%f10 +/* 0x09c4 869 ( 8 11) */ ld [%sp+2355],%f15 +/* 0x09c8 870 ( 8 11) */ fitod %f12,%f22 +/* 0x09cc 871 ( 9 12) */ ldd [%o2+24],%f20 +/* 0x09d0 872 ( 9 12) */ fitod %f13,%f12 +/* 0x09d4 876 (10 13) */ ld [%i1],%g2 +/* 0x09d8 877 (10 13) */ fsubd %f16,%f4,%f4 +/* 0x09dc 878 (11 14) */ ld [%i1+4],%g3 +/* 0x09e0 879 (11 14) */ fsubd %f16,%f22,%f22 +/* 0x09e4 880 (12 15) */ ld [%i1+8],%g4 +/* 0x09e8 881 (12 14) */ fxnor %f0,%f18,%f18 +/* 0x09ec 882 (13 16) */ ld [%i1+12],%g5 +/* 0x09f0 883 (13 16) */ fsubd %f16,%f12,%f12 +/* 0x09f4 884 (14 17) */ ld [%i1+16],%o0 +/* 0x09f8 885 (14 17) */ fitod %f18,%f26 +/* 0x09fc 886 (15 18) */ ld [%i1+20],%o1 +/* 0x0a00 887 (15 17) */ fxnor %f0,%f20,%f20 +/* 0x0a04 888 (16 19) */ ld [%i1+24],%o2 +/* 0x0a08 889 (17 20) */ ld [%i1+28],%o3 +/* 0x0a0c 890 (19 20) */ fmovs %f6,%f8 +/* 0x0a10 891 (20 21) */ fmovs %f6,%f14 +/* 0x0a14 892 (22 25) */ fsubd %f8,%f6,%f8 +/* 0x0a18 893 (23 26) */ fsubd %f14,%f6,%f6 +/* 0x0a1c 894 (25 28) */ fmuld %f10,%f8,%f14 +/* 0x0a20 895 (26 29) */ fmuld %f10,%f6,%f10 +/* 0x0a24 896 (27 30) */ fmuld %f4,%f8,%f24 +/* 0x0a28 897 (28 31) */ fdtox %f14,%f14 +/* 0x0a2c 898 (28 29) */ std %f14,[%sp+2335] +/* 0x0a30 899 (28 31) */ fmuld %f22,%f8,%f28 +/* 0x0a34 900 (29 32) */ fitod %f19,%f14 +/* 0x0a38 901 (29 32) */ fmuld %f22,%f6,%f18 +/* 0x0a3c 902 (30 33) */ fdtox %f10,%f10 +/* 0x0a40 903 (30 31) */ std %f10,[%sp+2343] +/* 0x0a44 904 (30 33) */ fmuld %f4,%f6,%f4 +/* 0x0a48 905 (31 34) */ fmuld %f12,%f8,%f22 +/* 0x0a4c 906 (32 35) */ fdtox %f18,%f18 +/* 0x0a50 907 (32 33) */ std %f18,[%sp+2311] +/* 0x0a54 908 (32 35) */ fmuld %f12,%f6,%f10 +/* 0x0a58 909 (33 35) */ ldx [%sp+2335],%o4 +/* 0x0a5c 910 (33 36) */ fdtox %f24,%f12 +/* 0x0a60 911 (34 35) */ std %f12,[%sp+2319] +/* 0x0a64 912 (34 37) */ fsubd %f16,%f26,%f12 +/* 0x0a68 913 (35 37) */ ldx [%sp+2343],%o5 +/* 0x0a6c 914 (35 36) */ sllx %o4,19,%o4 +/* 0x0a70 915 (35 38) */ fdtox %f4,%f4 +/* 0x0a74 916 (36 37) */ std %f4,[%sp+2327] +/* 0x0a78 917 (36 39) */ fdtox %f28,%f24 +/* 0x0a7c 918 (37 38) */ std %f24,[%sp+2303] +/* 0x0a80 919 (37 40) */ fitod %f20,%f4 +/* 0x0a84 920 (37 38) */ add %o5,%o4,%o4 +/* 0x0a88 921 (37 40) */ fmuld %f12,%f8,%f24 +/* 0x0a8c 922 (38 40) */ ldx [%sp+2319],%o7 +/* 0x0a90 923 (38 41) */ fsubd %f16,%f14,%f14 +/* 0x0a94 924 (38 39) */ add %o4,%g2,%o4 +/* 0x0a98 925 (38 41) */ fmuld %f12,%f6,%f12 +/* 0x0a9c 926 (39 41) */ ldx [%sp+2327],%o5 +/* 0x0aa0 927 (39 42) */ fitod %f21,%f18 +/* 0x0aa4 928 (40 41) */ st %o4,[%i0] +/* 0x0aa8 929 (40 41) */ sllx %o7,19,%o7 +/* 0x0aac 930 (40 43) */ fdtox %f22,%f20 +/* 0x0ab0 931 (41 42) */ std %f20,[%sp+2287] +/* 0x0ab4 932 (41 44) */ fdtox %f10,%f10 +/* 0x0ab8 933 (41 42) */ add %o5,%o7,%o5 +/* 0x0abc 934 (41 44) */ fmuld %f14,%f8,%f20 +/* 0x0ac0 935 (42 43) */ std %f10,[%sp+2295] +/* 0x0ac4 936 (42 43) */ srlx %o4,32,%o7 +/* 0x0ac8 937 (42 45) */ fsubd %f16,%f4,%f4 +/* 0x0acc 938 (42 45) */ fmuld %f14,%f6,%f14 +/* 0x0ad0 939 (43 45) */ ldx [%sp+2311],%g2 +/* 0x0ad4 940 (43 46) */ fdtox %f24,%f10 +/* 0x0ad8 941 (43 44) */ add %o5,%g3,%g3 +/* 0x0adc 942 (44 45) */ std %f10,[%sp+2271] +/* 0x0ae0 943 (44 45) */ add %g3,%o7,%g3 +/* 0x0ae4 944 (44 47) */ fdtox %f12,%f12 +/* 0x0ae8 945 (45 47) */ ldx [%sp+2303],%l0 +/* 0x0aec 946 (45 48) */ fsubd %f16,%f18,%f10 +/* 0x0af0 947 (45 48) */ fmuld %f4,%f8,%f16 +/* 0x0af4 948 (46 47) */ std %f12,[%sp+2279] +/* 0x0af8 949 (46 49) */ fdtox %f20,%f12 +/* 0x0afc 950 (46 49) */ fmuld %f4,%f6,%f4 +/* 0x0b00 951 (47 48) */ std %f12,[%sp+2255] +/* 0x0b04 952 (47 48) */ sllx %l0,19,%l0 +/* 0x0b08 953 (47 50) */ fdtox %f14,%f12 +/* 0x0b0c 954 (48 50) */ ldx [%sp+2287],%o5 +/* 0x0b10 955 (48 49) */ add %g2,%l0,%g2 +/* 0x0b14 956 (48 51) */ fmuld %f10,%f8,%f8 +/* 0x0b18 957 (49 51) */ ldx [%sp+2295],%l1 +/* 0x0b1c 958 (49 50) */ srlx %g3,32,%l0 +/* 0x0b20 959 (49 50) */ add %g2,%g4,%g4 +/* 0x0b24 960 (49 52) */ fmuld %f10,%f6,%f6 +/* 0x0b28 961 (50 51) */ std %f12,[%sp+2263] +/* 0x0b2c 962 (50 51) */ sllx %o5,19,%g2 +/* 0x0b30 963 (50 51) */ add %g4,%l0,%g4 +/* 0x0b34 964 (51 53) */ ldx [%sp+2279],%l0 +/* 0x0b38 965 (51 52) */ srlx %g4,32,%o5 +/* 0x0b3c 966 (51 52) */ add %l1,%g2,%g2 +/* 0x0b40 967 (52 53) */ st %g3,[%i0+4] +/* 0x0b44 968 (52 53) */ add %g2,%g5,%g2 +/* 0x0b48 969 (52 55) */ fdtox %f16,%f10 +/* 0x0b4c 970 (53 55) */ ldx [%sp+2271],%o7 +/* 0x0b50 971 (53 54) */ add %g2,%o5,%g2 +/* 0x0b54 972 (53 56) */ fdtox %f4,%f4 +/* 0x0b58 973 (54 55) */ std %f10,[%sp+2239] +/* 0x0b5c 974 (55 56) */ sllx %o7,19,%o7 +/* 0x0b60 975 (55 56) */ std %f4,[%sp+2247] +/* 0x0b64 976 (55 58) */ fdtox %f8,%f4 +/* 0x0b68 977 (56 57) */ add %l0,%o7,%o7 +/* 0x0b6c 978 (56 58) */ ldx [%sp+2263],%o5 +/* 0x0b70 979 (57 58) */ add %o7,%o0,%o0 +/* 0x0b74 980 (57 58) */ std %f4,[%sp+2223] +/* 0x0b78 981 (57 60) */ fdtox %f6,%f4 +/* 0x0b7c 982 (58 60) */ ldx [%sp+2255],%g5 +/* 0x0b80 983 (58 59) */ srlx %g2,32,%o7 +/* 0x0b84 984 (59 60) */ std %f4,[%sp+2231] +/* 0x0b88 985 (59 60) */ add %o0,%o7,%o0 +/* 0x0b8c 986 (60 61) */ sllx %g5,19,%g5 +/* 0x0b90 987 (60 62) */ ldx [%sp+2247],%l1 +/* 0x0b94 988 (61 62) */ add %o5,%g5,%g5 +/* 0x0b98 989 (61 62) */ st %g2,[%i0+12] +/* 0x0b9c 990 (62 64) */ ldx [%sp+2239],%l0 +/* 0x0ba0 991 (62 63) */ srlx %o0,32,%o4 +/* 0x0ba4 992 (62 63) */ add %g5,%o1,%o1 +/* 0x0ba8 993 (63 64) */ add %o1,%o4,%o1 +/* 0x0bac 994 (63 65) */ ldx [%sp+2223],%o7 +/* 0x0bb0 995 (64 65) */ sllx %l0,19,%g3 +/* 0x0bb4 996 (64 66) */ ldx [%sp+2231],%o5 +/* 0x0bb8 997 (65 66) */ add %l1,%g3,%o4 +/* 0x0bbc 998 (65 66) */ st %o0,[%i0+16] +/* 0x0bc0 999 (66 67) */ add %o4,%o2,%o2 +/* 0x0bc4 1000 (66 67) */ st %o1,[%i0+20] +/* 0x0bc8 1001 (67 68) */ srlx %o1,32,%o4 +/* 0x0bcc 1002 (67 68) */ st %g4,[%i0+8] +/* 0x0bd0 1003 (68 69) */ sllx %o7,19,%g2 +/* 0x0bd4 1004 (68 69) */ add %o2,%o4,%o4 +/* 0x0bd8 1005 (68 69) */ st %o4,[%i0+24] +/* 0x0bdc 1006 (69 70) */ add %o5,%g2,%g2 +/* 0x0be0 1007 (70 71) */ srlx %o4,32,%g3 +/* 0x0be4 1008 (70 71) */ add %g2,%o3,%g2 +/* 0x0be8 1009 (71 72) */ add %g2,%g3,%g2 +/* 0x0bec 1010 (71 72) */ st %g2,[%i0+28] +/* 0x0bf0 1014 (72 73) */ srlx %g2,32,%o3 +/* 0x0bf4 1015 (73 74) */ srl %o3,0,%i0 +/* 0x0bf8 (74 76) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x0bfc (76 77) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000050 +! + + .L77000050: /* frequency 1.0 confidence 0.0 */ +/* 0x0c00 1022 ( 0 1) */ subcc %i3,16,%g0 +/* 0x0c04 1023 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50 +/* 0x0c08 ( 0 1) */ sethi %hi(0xfff80000),%g2 +/* 0x0c0c 1034 ( 1 4) */ ldd [%o2],%f4 +/* 0x0c10 1035 ( 1 2) */ andn %i4,%g2,%g2 +/* 0x0c14 1036 ( 2 3) */ st %g2,[%sp+2483] +/* 0x0c18 1037 ( 2 3) */ srl %i4,19,%g2 +/* 0x0c1c 1038 ( 3 4) */ st %g2,[%sp+2479] +/* 0x0c20 1039 ( 3 5) */ fxnor %f0,%f4,%f4 +/* 0x0c24 1040 ( 4 7) */ ldd [%o0],%f8 +/* 0x0c28 1041 ( 5 8) */ fitod %f4,%f10 +/* 0x0c2c 1042 ( 5 8) */ ldd [%o0+8],%f16 +/* 0x0c30 1043 ( 6 9) */ ldd [%o2+8],%f14 +/* 0x0c34 1044 ( 6 9) */ fitod %f5,%f4 +/* 0x0c38 1045 ( 7 10) */ ld [%sp+2483],%f13 +/* 0x0c3c 1046 ( 8 11) */ ld [%sp+2479],%f7 +/* 0x0c40 1047 ( 8 11) */ fsubd %f16,%f10,%f10 +/* 0x0c44 1048 ( 9 11) */ fxnor %f0,%f14,%f14 +/* 0x0c48 1049 (10 13) */ fsubd %f16,%f4,%f4 +/* 0x0c4c 1050 (14 15) */ fmovs %f8,%f12 +/* 0x0c50 1051 (15 16) */ fmovs %f8,%f6 +/* 0x0c54 1052 (17 20) */ fsubd %f12,%f8,%f12 +/* 0x0c58 1053 (18 21) */ fsubd %f6,%f8,%f6 +/* 0x0c5c 1054 (19 22) */ fitod %f14,%f8 +/* 0x0c60 1055 (20 23) */ fmuld %f10,%f12,%f18 +/* 0x0c64 1056 (20 23) */ fitod %f15,%f14 +/* 0x0c68 1057 (21 24) */ fmuld %f10,%f6,%f10 +/* 0x0c6c 1058 (22 25) */ fsubd %f16,%f8,%f8 +/* 0x0c70 1059 (22 25) */ fmuld %f4,%f12,%f20 +/* 0x0c74 1060 (23 26) */ fmuld %f4,%f6,%f4 +/* 0x0c78 1061 (23 26) */ fsubd %f16,%f14,%f14 +/* 0x0c7c 1062 (24 27) */ fdtox %f10,%f10 +/* 0x0c80 1063 (24 25) */ std %f10,[%sp+2463] +/* 0x0c84 1064 (25 28) */ fmuld %f8,%f12,%f10 +/* 0x0c88 1065 (25 28) */ fdtox %f18,%f18 +/* 0x0c8c 1066 (25 26) */ std %f18,[%sp+2471] +/* 0x0c90 1067 (26 29) */ fmuld %f8,%f6,%f8 +/* 0x0c94 1068 (26 29) */ fdtox %f4,%f4 +/* 0x0c98 1069 (26 27) */ std %f4,[%sp+2447] +/* 0x0c9c 1070 (27 30) */ fmuld %f14,%f12,%f4 +/* 0x0ca0 1071 (27 30) */ fdtox %f20,%f18 +/* 0x0ca4 1072 (27 28) */ std %f18,[%sp+2455] +/* 0x0ca8 1073 (28 31) */ fdtox %f10,%f10 +/* 0x0cac 1074 (28 29) */ std %f10,[%sp+2439] +/* 0x0cb0 1075 (28 31) */ fmuld %f14,%f6,%f14 +/* 0x0cb4 1076 (29 32) */ fdtox %f8,%f8 +/* 0x0cb8 1077 (29 30) */ std %f8,[%sp+2431] +/* 0x0cbc 1078 (30 33) */ ldd [%o2+16],%f10 +/* 0x0cc0 1079 (30 33) */ fdtox %f4,%f4 +/* 0x0cc4 1080 (31 34) */ ldd [%o2+24],%f8 +/* 0x0cc8 1081 (31 34) */ fdtox %f14,%f14 +/* 0x0ccc 1082 (32 33) */ std %f4,[%sp+2423] +/* 0x0cd0 1083 (32 34) */ fxnor %f0,%f10,%f10 +/* 0x0cd4 1084 (33 35) */ fxnor %f0,%f8,%f4 +/* 0x0cd8 1085 (33 34) */ std %f14,[%sp+2415] +/* 0x0cdc 1086 (34 37) */ fitod %f10,%f8 +/* 0x0ce0 1087 (35 38) */ fitod %f11,%f10 +/* 0x0ce4 1088 (36 39) */ fitod %f4,%f14 +/* 0x0ce8 1089 (37 40) */ fsubd %f16,%f8,%f8 +/* 0x0cec 1090 (38 41) */ fsubd %f16,%f10,%f10 +/* 0x0cf0 1091 (39 42) */ fsubd %f16,%f14,%f14 +/* 0x0cf4 1092 (40 43) */ fmuld %f8,%f12,%f18 +/* 0x0cf8 1093 (40 43) */ fitod %f5,%f4 +/* 0x0cfc 1094 (41 44) */ fmuld %f8,%f6,%f8 +/* 0x0d00 1095 (42 45) */ fmuld %f10,%f12,%f20 +/* 0x0d04 1096 (43 46) */ fmuld %f10,%f6,%f10 +/* 0x0d08 1097 (43 46) */ fsubd %f16,%f4,%f4 +/* 0x0d0c 1098 (44 47) */ fdtox %f8,%f8 +/* 0x0d10 1099 (44 45) */ std %f8,[%sp+2399] +/* 0x0d14 1100 (45 48) */ fmuld %f14,%f12,%f8 +/* 0x0d18 1101 (45 48) */ fdtox %f18,%f18 +/* 0x0d1c 1102 (45 46) */ std %f18,[%sp+2407] +/* 0x0d20 1103 (46 49) */ fdtox %f10,%f10 +/* 0x0d24 1104 (46 47) */ std %f10,[%sp+2383] +/* 0x0d28 1105 (46 49) */ fmuld %f14,%f6,%f14 +/* 0x0d2c 1106 (47 50) */ fmuld %f4,%f12,%f10 +/* 0x0d30 1107 (47 50) */ fdtox %f20,%f18 +/* 0x0d34 1108 (47 48) */ std %f18,[%sp+2391] +/* 0x0d38 1109 (48 51) */ fdtox %f8,%f8 +/* 0x0d3c 1110 (48 49) */ std %f8,[%sp+2375] +/* 0x0d40 1111 (48 51) */ fmuld %f4,%f6,%f4 +/* 0x0d44 1112 (49 52) */ fdtox %f14,%f14 +/* 0x0d48 1113 (49 50) */ std %f14,[%sp+2367] +/* 0x0d4c 1117 (50 53) */ ldd [%o2+32],%f8 +/* 0x0d50 1118 (50 53) */ fdtox %f10,%f10 +/* 0x0d54 1119 (51 54) */ fdtox %f4,%f4 +/* 0x0d58 1120 (51 52) */ std %f4,[%sp+2351] +/* 0x0d5c 1121 (52 54) */ fxnor %f0,%f8,%f8 +/* 0x0d60 1122 (52 55) */ ldd [%o2+40],%f14 +/* 0x0d64 1123 (53 54) */ std %f10,[%sp+2359] +/* 0x0d68 1124 (54 57) */ fitod %f8,%f4 +/* 0x0d6c 1125 (55 57) */ fxnor %f0,%f14,%f10 +/* 0x0d70 1126 (56 59) */ fitod %f9,%f8 +/* 0x0d74 1127 (57 60) */ fsubd %f16,%f4,%f4 +/* 0x0d78 1128 (58 61) */ fitod %f10,%f14 +/* 0x0d7c 1129 (59 62) */ fsubd %f16,%f8,%f8 +/* 0x0d80 1130 (60 63) */ fmuld %f4,%f12,%f18 +/* 0x0d84 1131 (60 63) */ fitod %f11,%f10 +/* 0x0d88 1132 (61 64) */ fmuld %f4,%f6,%f4 +/* 0x0d8c 1133 (61 64) */ fsubd %f16,%f14,%f14 +/* 0x0d90 1134 (62 65) */ fmuld %f8,%f12,%f20 +/* 0x0d94 1135 (63 66) */ fmuld %f8,%f6,%f8 +/* 0x0d98 1136 (63 66) */ fsubd %f16,%f10,%f10 +/* 0x0d9c 1137 (64 67) */ fdtox %f4,%f4 +/* 0x0da0 1138 (64 65) */ std %f4,[%sp+2335] +/* 0x0da4 1139 (65 68) */ fmuld %f14,%f12,%f4 +/* 0x0da8 1140 (65 68) */ fdtox %f18,%f18 +/* 0x0dac 1141 (65 66) */ std %f18,[%sp+2343] +/* 0x0db0 1142 (66 69) */ fdtox %f8,%f8 +/* 0x0db4 1143 (66 67) */ std %f8,[%sp+2319] +/* 0x0db8 1144 (66 69) */ fmuld %f14,%f6,%f14 +/* 0x0dbc 1145 (67 70) */ fmuld %f10,%f12,%f8 +/* 0x0dc0 1146 (67 70) */ fdtox %f20,%f18 +/* 0x0dc4 1147 (67 68) */ std %f18,[%sp+2327] +/* 0x0dc8 1148 (68 71) */ fdtox %f4,%f4 +/* 0x0dcc 1149 (68 69) */ std %f4,[%sp+2311] +/* 0x0dd0 1150 (68 71) */ fmuld %f10,%f6,%f10 +/* 0x0dd4 1151 (69 72) */ fdtox %f14,%f14 +/* 0x0dd8 1152 (69 70) */ std %f14,[%sp+2303] +/* 0x0ddc 1153 (70 73) */ ldd [%o2+48],%f4 +/* 0x0de0 1154 (70 73) */ fdtox %f8,%f8 +/* 0x0de4 1155 (71 74) */ fdtox %f10,%f10 +/* 0x0de8 1156 (71 72) */ std %f10,[%sp+2287] +/* 0x0dec 1157 (72 74) */ fxnor %f0,%f4,%f4 +/* 0x0df0 1158 (72 75) */ ldd [%o2+56],%f14 +/* 0x0df4 1159 (73 74) */ std %f8,[%sp+2295] +/* 0x0df8 1160 (74 77) */ fitod %f4,%f10 +/* 0x0dfc 1161 (75 78) */ fitod %f5,%f4 +/* 0x0e00 1162 (76 78) */ fxnor %f0,%f14,%f8 +/* 0x0e04 1163 (77 80) */ fsubd %f16,%f10,%f10 +/* 0x0e08 1164 (78 81) */ fsubd %f16,%f4,%f4 +/* 0x0e0c 1165 (79 82) */ fitod %f8,%f14 +/* 0x0e10 1166 (80 83) */ fmuld %f10,%f12,%f18 +/* 0x0e14 1167 (80 83) */ fitod %f9,%f8 +/* 0x0e18 1168 (81 84) */ fmuld %f10,%f6,%f10 +/* 0x0e1c 1169 (82 85) */ fmuld %f4,%f12,%f20 +/* 0x0e20 1170 (82 85) */ fsubd %f16,%f14,%f14 +/* 0x0e24 1171 (83 86) */ fdtox %f18,%f18 +/* 0x0e28 1172 (83 84) */ std %f18,[%sp+2279] +/* 0x0e2c 1173 (83 86) */ fmuld %f4,%f6,%f4 +/* 0x0e30 1174 (84 87) */ fdtox %f10,%f10 +/* 0x0e34 1175 (84 85) */ std %f10,[%sp+2271] +/* 0x0e38 1176 (85 88) */ fdtox %f20,%f10 +/* 0x0e3c 1177 (85 86) */ std %f10,[%sp+2263] +/* 0x0e40 1178 (86 89) */ fdtox %f4,%f4 +/* 0x0e44 1179 (86 87) */ std %f4,[%sp+2255] +/* 0x0e48 1180 (86 89) */ fmuld %f14,%f12,%f10 +/* 0x0e4c 1181 (87 90) */ fmuld %f14,%f6,%f4 +/* 0x0e50 1182 (89 92) */ fdtox %f10,%f10 +/* 0x0e54 1183 (89 90) */ std %f10,[%sp+2247] +/* 0x0e58 1184 (90 93) */ fdtox %f4,%f4 +/* 0x0e5c 1185 (90 91) */ std %f4,[%sp+2239] +/* 0x0e60 1189 (91 93) */ ldx [%sp+2463],%g2 +/* 0x0e64 1190 (91 94) */ fsubd %f16,%f8,%f4 +/* 0x0e68 1191 (92 94) */ ldx [%sp+2471],%g3 +/* 0x0e6c 1192 (93 96) */ ld [%i1],%g4 +/* 0x0e70 1193 (93 94) */ sllx %g2,19,%g2 +/* 0x0e74 1194 (94 96) */ ldx [%sp+2455],%g5 +/* 0x0e78 1195 (94 95) */ add %g3,%g2,%g2 +/* 0x0e7c 1196 (94 97) */ fmuld %f4,%f6,%f6 +/* 0x0e80 1197 (95 97) */ ldx [%sp+2447],%g3 +/* 0x0e84 1198 (95 96) */ add %g2,%g4,%g4 +/* 0x0e88 1199 (95 98) */ fmuld %f4,%f12,%f4 +/* 0x0e8c 1200 (96 97) */ st %g4,[%i0] +/* 0x0e90 1201 (96 97) */ srlx %g4,32,%g4 +/* 0x0e94 1202 (97 100) */ ld [%i1+8],%o0 +/* 0x0e98 1203 (97 98) */ sllx %g3,19,%g2 +/* 0x0e9c 1204 (97 100) */ fdtox %f6,%f6 +/* 0x0ea0 1205 (98 101) */ ld [%i1+4],%g3 +/* 0x0ea4 1206 (98 99) */ add %g5,%g2,%g2 +/* 0x0ea8 1207 (98 101) */ fdtox %f4,%f4 +/* 0x0eac 1208 (99 101) */ ldx [%sp+2439],%g5 +/* 0x0eb0 1209 (100 103) */ ld [%i1+12],%o1 +/* 0x0eb4 1210 (100 101) */ add %g2,%g3,%g2 +/* 0x0eb8 1211 (101 103) */ ldx [%sp+2431],%g3 +/* 0x0ebc 1212 (101 102) */ add %g2,%g4,%g4 +/* 0x0ec0 1213 (102 103) */ st %g4,[%i0+4] +/* 0x0ec4 1214 (103 104) */ std %f6,[%sp+2223] +/* 0x0ec8 1215 (103 104) */ sllx %g3,19,%g2 +/* 0x0ecc 1216 (104 106) */ ldx [%sp+2423],%g3 +/* 0x0ed0 1217 (104 105) */ add %g5,%g2,%g2 +/* 0x0ed4 1218 (105 107) */ ldx [%sp+2415],%g5 +/* 0x0ed8 1219 (105 106) */ add %g2,%o0,%g2 +/* 0x0edc 1220 (106 107) */ std %f4,[%sp+2231] +/* 0x0ee0 1221 (106 107) */ srlx %g4,32,%o0 +/* 0x0ee4 1222 (107 109) */ ldx [%sp+2407],%g4 +/* 0x0ee8 1223 (107 108) */ sllx %g5,19,%g5 +/* 0x0eec 1224 (107 108) */ add %g2,%o0,%g2 +/* 0x0ef0 1225 (108 109) */ st %g2,[%i0+8] +/* 0x0ef4 1226 (108 109) */ srlx %g2,32,%o0 +/* 0x0ef8 1227 (108 109) */ add %g3,%g5,%g3 +/* 0x0efc 1228 (109 111) */ ldx [%sp+2399],%g5 +/* 0x0f00 1229 (109 110) */ add %g3,%o1,%g3 +/* 0x0f04 1230 (110 113) */ ld [%i1+16],%o1 +/* 0x0f08 1231 (110 111) */ add %g3,%o0,%g3 +/* 0x0f0c 1232 (111 112) */ st %g3,[%i0+12] +/* 0x0f10 1233 (111 112) */ sllx %g5,19,%g5 +/* 0x0f14 1234 (112 113) */ srlx %g3,32,%o0 +/* 0x0f18 1235 (112 113) */ add %g4,%g5,%g2 +/* 0x0f1c 1236 (112 114) */ ldx [%sp+2383],%g5 +/* 0x0f20 1237 (113 115) */ ldx [%sp+2391],%g4 +/* 0x0f24 1238 (113 114) */ add %g2,%o1,%g2 +/* 0x0f28 1239 (114 117) */ ld [%i1+20],%o1 +/* 0x0f2c 1240 (114 115) */ sllx %g5,19,%g5 +/* 0x0f30 1241 (114 115) */ add %g2,%o0,%g2 +/* 0x0f34 1242 (115 116) */ st %g2,[%i0+16] +/* 0x0f38 1243 (115 116) */ srlx %g2,32,%o0 +/* 0x0f3c 1244 (115 116) */ add %g4,%g5,%g3 +/* 0x0f40 1245 (116 118) */ ldx [%sp+2367],%g5 +/* 0x0f44 1246 (116 117) */ add %g3,%o1,%g3 +/* 0x0f48 1247 (117 119) */ ldx [%sp+2375],%g4 +/* 0x0f4c 1248 (117 118) */ add %g3,%o0,%g3 +/* 0x0f50 1249 (118 121) */ ld [%i1+24],%o1 +/* 0x0f54 1250 (118 119) */ sllx %g5,19,%g5 +/* 0x0f58 1251 (119 120) */ st %g3,[%i0+20] +/* 0x0f5c 1252 (119 120) */ add %g4,%g5,%g2 +/* 0x0f60 1253 (120 122) */ ldx [%sp+2351],%g5 +/* 0x0f64 1254 (120 121) */ srlx %g3,32,%o0 +/* 0x0f68 1255 (120 121) */ add %g2,%o1,%g2 +/* 0x0f6c 1256 (121 123) */ ldx [%sp+2359],%g4 +/* 0x0f70 1257 (121 122) */ add %g2,%o0,%g2 +/* 0x0f74 1258 (122 125) */ ld [%i1+28],%o1 +/* 0x0f78 1259 (122 123) */ sllx %g5,19,%g5 +/* 0x0f7c 1260 (123 124) */ st %g2,[%i0+24] +/* 0x0f80 1261 (123 124) */ add %g4,%g5,%g3 +/* 0x0f84 1265 (124 126) */ ldx [%sp+2335],%g5 +/* 0x0f88 1266 (124 125) */ srlx %g2,32,%o0 +/* 0x0f8c 1267 (124 125) */ add %g3,%o1,%g3 +/* 0x0f90 1268 (125 127) */ ldx [%sp+2343],%g4 +/* 0x0f94 1269 (125 126) */ add %g3,%o0,%g3 +/* 0x0f98 1270 (126 127) */ sllx %g5,19,%g5 +/* 0x0f9c 1271 (126 129) */ ld [%i1+32],%o1 +/* 0x0fa0 1272 (127 128) */ add %g4,%g5,%g2 +/* 0x0fa4 1273 (127 129) */ ldx [%sp+2319],%g5 +/* 0x0fa8 1274 (128 130) */ ldx [%sp+2327],%g4 +/* 0x0fac 1275 (128 129) */ srlx %g3,32,%o0 +/* 0x0fb0 1276 (128 129) */ add %g2,%o1,%g2 +/* 0x0fb4 1277 (129 130) */ st %g3,[%i0+28] +/* 0x0fb8 1278 (129 130) */ sllx %g5,19,%g5 +/* 0x0fbc 1279 (129 130) */ add %g2,%o0,%g2 +/* 0x0fc0 1280 (130 133) */ ld [%i1+36],%o1 +/* 0x0fc4 1281 (130 131) */ add %g4,%g5,%g3 +/* 0x0fc8 1282 (131 133) */ ldx [%sp+2303],%g5 +/* 0x0fcc 1283 (131 132) */ srlx %g2,32,%o0 +/* 0x0fd0 1284 (132 134) */ ldx [%sp+2311],%g4 +/* 0x0fd4 1285 (132 133) */ add %g3,%o1,%g3 +/* 0x0fd8 1286 (133 134) */ sllx %g5,19,%g5 +/* 0x0fdc 1287 (133 134) */ st %g2,[%i0+32] +/* 0x0fe0 1288 (133 134) */ add %g3,%o0,%g3 +/* 0x0fe4 1289 (134 135) */ add %g4,%g5,%g2 +/* 0x0fe8 1290 (134 136) */ ldx [%sp+2287],%g5 +/* 0x0fec 1291 (135 137) */ ldx [%sp+2295],%g4 +/* 0x0ff0 1292 (135 136) */ srlx %g3,32,%o0 +/* 0x0ff4 1293 (136 139) */ ld [%i1+40],%o1 +/* 0x0ff8 1294 (136 137) */ sllx %g5,19,%g5 +/* 0x0ffc 1295 (137 138) */ st %g3,[%i0+36] +/* 0x1000 1296 (137 138) */ add %g4,%g5,%g3 +/* 0x1004 1297 (138 140) */ ldx [%sp+2271],%g5 +/* 0x1008 1298 (138 139) */ add %g2,%o1,%g2 +/* 0x100c 1299 (139 141) */ ldx [%sp+2279],%g4 +/* 0x1010 1300 (139 140) */ add %g2,%o0,%g2 +/* 0x1014 1301 (140 143) */ ld [%i1+44],%o1 +/* 0x1018 1302 (140 141) */ sllx %g5,19,%g5 +/* 0x101c 1303 (141 142) */ st %g2,[%i0+40] +/* 0x1020 1304 (141 142) */ srlx %g2,32,%o0 +/* 0x1024 1305 (141 142) */ add %g4,%g5,%g2 +/* 0x1028 1306 (142 144) */ ldx [%sp+2255],%g5 +/* 0x102c 1307 (142 143) */ add %g3,%o1,%g3 +/* 0x1030 1308 (143 145) */ ldx [%sp+2263],%g4 +/* 0x1034 1309 (143 144) */ add %g3,%o0,%g3 +/* 0x1038 1310 (144 147) */ ld [%i1+48],%o1 +/* 0x103c 1311 (144 145) */ sllx %g5,19,%g5 +/* 0x1040 1312 (145 146) */ srlx %g3,32,%o0 +/* 0x1044 1313 (145 146) */ st %g3,[%i0+44] +/* 0x1048 1314 (145 146) */ add %g4,%g5,%g3 +/* 0x104c 1315 (146 148) */ ldx [%sp+2239],%g5 +/* 0x1050 1316 (146 147) */ add %g2,%o1,%g2 +/* 0x1054 1317 (147 150) */ ld [%i1+52],%o1 +/* 0x1058 1318 (147 148) */ add %g2,%o0,%g2 +/* 0x105c 1319 (148 150) */ ldx [%sp+2247],%g4 +/* 0x1060 1320 (148 149) */ sllx %g5,19,%g5 +/* 0x1064 1321 (149 150) */ srlx %g2,32,%o0 +/* 0x1068 1322 (149 150) */ st %g2,[%i0+48] +/* 0x106c 1323 (149 150) */ add %g3,%o1,%g3 +/* 0x1070 1324 (150 153) */ ld [%i1+56],%o1 +/* 0x1074 1325 (150 151) */ add %g4,%g5,%g2 +/* 0x1078 1326 (150 151) */ add %g3,%o0,%g3 +/* 0x107c 1327 (151 153) */ ldx [%sp+2223],%g5 +/* 0x1080 1328 (151 152) */ srlx %g3,32,%o0 +/* 0x1084 1329 (152 154) */ ldx [%sp+2231],%g4 +/* 0x1088 1330 (152 153) */ add %g2,%o1,%g2 +/* 0x108c 1331 (153 154) */ sllx %g5,19,%g5 +/* 0x1090 1332 (153 156) */ ld [%i1+60],%o1 +/* 0x1094 1333 (153 154) */ add %g2,%o0,%g2 +/* 0x1098 1334 (154 155) */ st %g3,[%i0+52] +/* 0x109c 1335 (154 155) */ add %g4,%g5,%g3 +/* 0x10a0 1336 (155 156) */ st %g2,[%i0+56] +/* 0x10a4 1337 (155 156) */ srlx %g2,32,%g2 +/* 0x10a8 1338 (155 156) */ add %g3,%o1,%g3 +/* 0x10ac 1339 (156 157) */ add %g3,%g2,%g2 +/* 0x10b0 1340 (156 157) */ st %g2,[%i0+60] +/* 0x10b4 1344 (157 158) */ srlx %g2,32,%o3 +/* 0x10b8 1345 (158 159) */ srl %o3,0,%i0 +/* 0x10bc (159 161) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x10c0 (161 162) */ restore %g0,%g0,%g0 + +! +! ENTRY .L77000073 +! + + .L77000073: /* frequency 1.0 confidence 0.0 */ + + + or %g0, %i4, %o2 + or %g0, %o0, %o1 + or %g0, %i3, %o0 + +! +! ENTRY .L77000052 +! + + .L77000052: /* frequency 1.0 confidence 0.0 */ +/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2 +/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+2227] +/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3 +/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14 +/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2 +/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+2223] +/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5 +/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2 +/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6 +/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1000),%g1 +/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2 +/* 0x1054 1337 ( 3 4) */ xor %g1,-625,%g1 +/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20 +/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3 +/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8 +/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3 +/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10 +/* 0x106c 1343 ( 5 7) */ ld [%sp+2227],%f9 +/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0 +/* 0x1074 1345 ( 6 8) */ ld [%sp+2223],%f11 +/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1000),%g1 +/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1 +/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18 +/* 0x1084 1349 ( 7 8) */ xor %g1,-617,%g1 +/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4 +/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16 +/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50 +/* 0x1094 ( 8 9) */ subcc %o0,0,%g0 +/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2 +/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1000),%g1 +/* 0x10a0 1356 (10 11) */ xor %g1,-609,%g1 +/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0 +/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7 +/* 0x10ac 1359 (11 12) */ sethi %hi(0x1000),%g1 +/* 0x10b0 1360 (12 13) */ xor %g1,-601,%g1 +/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4 +/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50 +/* 0x10bc (13 14) */ sub %o3,2,%o2 +/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2 +/* 0x10c4 1365 (14 15) */ add %o1,16,%g5 +/* 0x10c8 1366 (14 15) */ or %g0,4,%g4 +/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0 +/* 0x10d0 1368 (15 16) */ add %o1,8,%o1 +/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6 +/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4 +/* 0x10dc 1371 (16 17) */ add %o1,16,%o1 +/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12 +/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0 +/* 0x10e8 1374 (17 18) */ add %o1,8,%o1 +/* 0x10ec 1375 (18 21) */ fitod %f7,%f2 +/* 0x10f0 1376 (19 22) */ fitod %f6,%f6 +/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10 +/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2 +/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8 +/* 0x1100 1380 (23 26) */ fitod %f13,%f4 +/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6 +/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0 + +! +! ENTRY .L990000154 +! + + .L990000154: /* frequency 1.0 confidence 0.0 */ +/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24 +/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4 +/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4 +/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22 +/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26 +/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0 +/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7 +/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28 +/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6 +/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2 +/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3 +/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0 +/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4 +/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2 +/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12 +/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6 +/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96] +/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96] +/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2 +/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6 +/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96] +/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1 +/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12 +/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4 +/* 0x116c 1408 (10 11) */ std %f0,[%o4-96] +/* 0x1170 1409 (11 14) */ ldd [%o1],%f0 +/* 0x1174 1410 (11 14) */ fitod %f9,%f2 +/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28 +/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24 +/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22 +/* 0x1184 1414 (13 16) */ fdtox %f4,%f4 +/* 0x1188 1415 (14 17) */ fitod %f10,%f6 +/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10 +/* 0x1190 1417 (15 18) */ fdtox %f24,%f24 +/* 0x1194 1418 (16 19) */ fdtox %f22,%f22 +/* 0x1198 1419 (16 17) */ std %f24,[%g3-64] +/* 0x119c 1420 (17 18) */ std %f22,[%g2-64] +/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10 +/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6 +/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64] +/* 0x11ac 1424 (18 19) */ add %o1,8,%o1 +/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10 +/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0 +/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64] +/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22 +/* 0x11c0 1429 (20 23) */ fitod %f13,%f4 +/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2 +/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26 +/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24 +/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0 +/* 0x11d4 1434 (23 26) */ fitod %f8,%f6 +/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8 +/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26 +/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24 +/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32] +/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32] +/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8 +/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6 +/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32] +/* 0x11f8 1443 (27 28) */ add %o1,8,%o1 +/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8 +/* 0x1200 1445 (28 29) */ std %f0,[%o4-32] +/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50 +/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0 + +! +! ENTRY .L990000157 +! + + .L990000157: /* frequency 1.0 confidence 0.0 */ +/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28 +/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24 +/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3 +/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12 +/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26 +/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2 +/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4 +/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22 +/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7 +/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6 +/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128] +/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4 +/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2 +/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0 +/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6 +/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24 +/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10 +/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128] +/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10 +/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128] +/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26 +/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10 +/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2 +/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22 +/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12 +/* 0x1270 1474 (10 13) */ fdtox %f0,%f0 +/* 0x1274 1475 (10 11) */ std %f0,[%o4-128] +/* 0x1278 1476 (11 14) */ fitod %f8,%f4 +/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6 +/* 0x1280 1478 (12 15) */ fdtox %f26,%f0 +/* 0x1284 1479 (12 13) */ std %f0,[%g3-96] +/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10 +/* 0x128c 1481 (13 16) */ fdtox %f2,%f2 +/* 0x1290 1482 (13 14) */ std %f2,[%g2-96] +/* 0x1294 1483 (14 17) */ fitod %f9,%f0 +/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2 +/* 0x129c 1485 (15 18) */ fdtox %f24,%f8 +/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96] +/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4 +/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8 +/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12 +/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96] +/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0 +/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6 +/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64] +/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10 +/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64] +/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6 +/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2 +/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64] +/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4 +/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2 +/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8 +/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64] +/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6 +/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32] +/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0 +/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4 +/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32] +/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2 +/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32] +/* 0x1300 1510 (26 29) */ fdtox %f0,%f0 +/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50 +/* 0x1308 (26 27) */ std %f0,[%o4-32] + +! +! ENTRY .L77000054 +! + + .L77000054: /* frequency 1.0 confidence 0.0 */ +/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0 + +! +! ENTRY .L990000161 +! + + .L990000161: /* frequency 1.0 confidence 0.0 */ +/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0 +/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4 +/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1 +/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0 +/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2 +/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0 +/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2 +/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0 +/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6 +/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4 +/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2 +/* 0x133c 1527 (11 14) */ fdtox %f6,%f6 +/* 0x1340 1528 (11 12) */ std %f6,[%g3] +/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0 +/* 0x1348 1530 (12 15) */ fdtox %f4,%f4 +/* 0x134c 1531 (12 13) */ std %f4,[%g2] +/* 0x1350 1532 (12 13) */ add %g2,32,%g2 +/* 0x1354 1533 (13 16) */ fdtox %f2,%f2 +/* 0x1358 1534 (13 14) */ std %f2,[%o7] +/* 0x135c 1535 (13 14) */ add %o7,32,%o7 +/* 0x1360 1536 (14 17) */ fdtox %f0,%f0 +/* 0x1364 1537 (14 15) */ std %f0,[%o4] +/* 0x1368 1538 (14 15) */ add %o4,32,%o4 +/* 0x136c 1539 (15 16) */ add %g3,32,%g3 +/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50 +/* 0x1374 (16 19) */ ldd [%o1],%f0 + +! +! ENTRY .L77000056 +! + + .L77000056: /* frequency 1.0 confidence 0.0 */ +/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0 + +! +! ENTRY .L990000162 +! + + .L990000162: /* frequency 1.0 confidence 0.0 */ +/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50 +/* 0x1380 ( 0 1) */ nop +/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1000),%g1 +/* 0x1388 1556 ( 1 2) */ xor %g1,-625,%g1 +/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4 +/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5 +/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1000),%g1 +/* 0x1398 1560 ( 3 4) */ xor %g1,-617,%g1 +/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7 +/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2 +/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2 +/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3 +/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0 +/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50 +/* 0x13b4 ( 6 7) */ sethi %hi(0x1000),%g1 +/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2 +/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3 +/* 0x13c0 1570 ( 7 8) */ xor %g1,-585,%g1 +/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4 +/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2 +/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1000),%g1 +/* 0x13d0 1574 ( 9 10) */ xor %g1,-593,%g1 +/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2 +/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5 +/* 0x13dc 1577 (10 11) */ sethi %hi(0x1000),%g1 +/* 0x13e0 1578 (11 12) */ xor %g1,-617,%g1 +/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1 +/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1 +/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0 +/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1 +/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3 +/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0 +/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1 +/* 0x1400 1586 (16 17) */ add %g4,8,%g4 +/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3 +/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0 +/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2 +/* 0x1410 1590 (18 19) */ st %o0,[%g3-4] +/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0 + +! +! ENTRY .L990000142 +! + + .L990000142: /* frequency 1.0 confidence 0.0 */ +/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2 +/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2 +/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3 +/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5 +/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1 +/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0 +/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2 +/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0 +/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1 +/* 0x143c 1602 ( 4 5) */ st %o1,[%g3] +/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5 +/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0 +/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1 +/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0 +/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3 +/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2 +/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0 +/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3 +/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1 +/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0 +/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12] +/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5 +/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4 +/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0 +/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1 +/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2 +/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3 +/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2 +/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1 +/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0 +/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2 +/* 0x1494 1624 (12 13) */ st %o2,[%g3-8] +/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5 +/* 0x149c 1626 (12 13) */ add %g5,64,%g5 +/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2 +/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0 +/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1 +/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0 +/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3 +/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2 +/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0 +/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4] +/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50 +/* 0x14c4 (16 17) */ srlx %o0,32,%o0 + +! +! ENTRY .L990000145 +! + + .L990000145: /* frequency 1.0 confidence 0.0 */ +/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3 +/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3 +/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2 +/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0 +/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0 +/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4] +/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0 +/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50 +/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5 + +! +! ENTRY .L77000058 +! + + .L77000058: /* frequency 1.0 confidence 0.0 */ +/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2 + +! +! ENTRY .L990000160 +! + + .L990000160: /* frequency 1.0 confidence 0.0 */ +/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3 +/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0 +/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2 +/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1 +/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2 +/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2 +/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0 +/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5 +/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0 +/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4 +/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0 +/* 0x151c 1661 ( 4 5) */ st %o0,[%g3] +/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0 +/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5 +/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3 +/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50 +/* 0x1530 ( 6 8) */ ldx [%g2],%o2 + +! +! ENTRY .L77770061 +! + + .L77770061: /* frequency 1.0 confidence 0.0 */ +/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0 + + +/* 0x124c 1476 ( 0 0) */ .type mul_add,2 +/* 0x124c 1477 ( 0 0) */ .size mul_add,(.-mul_add) +/* 0x124c 1480 ( 0 0) */ .align 8 +/* 0x1250 1486 ( 0 0) */ .global mul_add_inp + +! +! ENTRY mul_add_inp +! + + .global mul_add_inp + mul_add_inp: /* frequency 1.0 confidence 0.0 */ +/* 0x1250 1488 ( 0 1) */ save %sp,-176,%sp +/* 0x1254 1500 ( 1 2) */ sra %i2,0,%o3 +/* 0x1258 1501 ( 1 2) */ or %g0,%i1,%o2 +/* 0x125c 1502 ( 2 3) */ or %g0,%i0,%o0 +/* 0x1260 1503 ( 2 3) */ or %g0,%i0,%o1 +/* 0x1264 1504 ( 3 5) */ call mul_add ! params = ! Result = +/* 0x1268 ( 4 5) */ srl %i3,0,%o4 +/* 0x126c 1506 ( 5 6) */ srl %o0,0,%i0 +/* 0x1270 ( 6 8) */ ret ! Result = %o1 %o0 %f0 %f1 +/* 0x1274 ( 8 9) */ restore %g0,%g0,%g0 +/* 0x1278 1509 ( 0 0) */ .type mul_add_inp,2 +/* 0x1278 1510 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp) + + .section ".data",#alloc,#write +/* 0x1278 6 ( 0 0) */ .align 8 + +! +! ENTRY mask_cnst +! + + mask_cnst: /* frequency 1.0 confidence 0.0 */ +/* 0x1278 8 ( 0 0) */ .xword -9223372034707292160 +/* 0x1280 9 ( 0 0) */ .type mask_cnst,#object +/* 0x1280 10 ( 0 0) */ .size mask_cnst,8 + diff --git a/security/nss/lib/freebl/mpi/mpvalpha.c b/security/nss/lib/freebl/mpi/mpvalpha.c new file mode 100644 index 000000000..5118e73c3 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mpvalpha.c @@ -0,0 +1,214 @@ +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is Multiple Precision Integer optimization code for + * the Compaq Alpha processor. + * + * The Initial Developer of the Original Code is + * Richard C. Swift. + * Portions created by the Initial Developer are Copyright (C) 2001 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): Richard C. Swift (swift@netscape.com) + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +#include "mpi-priv.h" +#include <c_asm.h> + + +#define MP_MUL_DxD(a, b, Phi, Plo) \ + { Plo = asm ("mulq %a0, %a1, %v0", a, b); \ + Phi = asm ("umulh %a0, %a1, %v0", a, b); } \ + +/* This is empty for the loop in s_mpv_mul_d */ +#define CARRY_ADD + +#define ONE_MUL \ + a_i = *a++; \ + MP_MUL_DxD(a_i, b, a1b1, a0b0); \ + a0b0 += carry; \ + if (a0b0 < carry) \ + ++a1b1; \ + CARRY_ADD \ + *c++ = a0b0; \ + carry = a1b1; \ + +#define FOUR_MUL \ + ONE_MUL \ + ONE_MUL \ + ONE_MUL \ + ONE_MUL \ + +#define SIXTEEN_MUL \ + FOUR_MUL \ + FOUR_MUL \ + FOUR_MUL \ + FOUR_MUL \ + +#define THIRTYTWO_MUL \ + SIXTEEN_MUL \ + SIXTEEN_MUL \ + +#define ONETWENTYEIGHT_MUL \ + THIRTYTWO_MUL \ + THIRTYTWO_MUL \ + THIRTYTWO_MUL \ + THIRTYTWO_MUL \ + + +#define EXPAND_256(CALL) \ + mp_digit carry = 0; \ + mp_digit a_i; \ + mp_digit a0b0, a1b1; \ + if (a_len &255) { \ + if (a_len &1) { \ + ONE_MUL \ + } \ + if (a_len &2) { \ + ONE_MUL \ + ONE_MUL \ + } \ + if (a_len &4) { \ + FOUR_MUL \ + } \ + if (a_len &8) { \ + FOUR_MUL \ + FOUR_MUL \ + } \ + if (a_len & 16 ) { \ + SIXTEEN_MUL \ + } \ + if (a_len & 32 ) { \ + THIRTYTWO_MUL \ + } \ + if (a_len & 64 ) { \ + THIRTYTWO_MUL \ + THIRTYTWO_MUL \ + } \ + if (a_len & 128) { \ + ONETWENTYEIGHT_MUL \ + } \ + a_len = a_len & (-256); \ + } \ + if (a_len>=256 ) { \ + carry = CALL(a, a_len, b, c, carry); \ + c += a_len; \ + } \ + +#define FUNC_NAME(NAME) \ +mp_digit NAME(const mp_digit *a, \ + mp_size a_len, \ + mp_digit b, mp_digit *c, \ + mp_digit carry) \ + +#define DECLARE_MUL_256(FNAME) \ +FUNC_NAME(FNAME) \ +{ \ + mp_digit a_i; \ + mp_digit a0b0, a1b1; \ + while (a_len) { \ + ONETWENTYEIGHT_MUL \ + ONETWENTYEIGHT_MUL \ + a_len-= 256; \ + } \ + return carry; \ +} \ + +/* Expanding the loop in s_mpv_mul_d appeared to slow down the + (admittedly) small number of tests (i.e., timetest) used to + measure performance, so this define disables that optimization. */ +#define DO_NOT_EXPAND 1 + +/* Need forward declaration so it can be instantiated after + the routine that uses it; this helps locality somewhat */ +#if !defined(DO_NOT_EXPAND) +FUNC_NAME(s_mpv_mul_d_MUL256); +#endif + +/* c = a * b */ +void s_mpv_mul_d(const mp_digit *a, mp_size a_len, + mp_digit b, mp_digit *c) +{ +#if defined(DO_NOT_EXPAND) + mp_digit carry = 0; + while (a_len--) { + mp_digit a_i = *a++; + mp_digit a0b0, a1b1; + + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; + if (a0b0 < carry) + ++a1b1; + *c++ = a0b0; + carry = a1b1; + } +#else + EXPAND_256(s_mpv_mul_d_MUL256) +#endif + *c = carry; +} + +#if !defined(DO_NOT_EXPAND) +DECLARE_MUL_256(s_mpv_mul_d_MUL256) +#endif + +#undef CARRY_ADD +/* This is redefined for the loop in s_mpv_mul_d_add */ +#define CARRY_ADD \ + a0b0 += a_i = *c; \ + if (a0b0 < a_i) \ + ++a1b1; \ + +/* Need forward declaration so it can be instantiated between the + two routines that use it; this helps locality somewhat */ +FUNC_NAME(s_mpv_mul_d_add_MUL256); + +/* c += a * b */ +void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, + mp_digit b, mp_digit *c) +{ + EXPAND_256(s_mpv_mul_d_add_MUL256) + *c = carry; +} + +/* Instantiate multiply 256 routine here */ +DECLARE_MUL_256(s_mpv_mul_d_add_MUL256) + +/* Presently, this is only used by the Montgomery arithmetic code. */ +/* c += a * b */ +void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, + mp_digit b, mp_digit *c) +{ + EXPAND_256(s_mpv_mul_d_add_MUL256) + while (carry) { + mp_digit c_i = *c; + carry += c_i; + *c++ = carry; + carry = carry < c_i; + } +} + diff --git a/security/nss/lib/freebl/mpi/mulsqr.c b/security/nss/lib/freebl/mpi/mulsqr.c new file mode 100644 index 000000000..db2b5ce8a --- /dev/null +++ b/security/nss/lib/freebl/mpi/mulsqr.c @@ -0,0 +1,111 @@ +/* + * Test whether to include squaring code given the current settings + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <limits.h> +#include <time.h> + +#define MP_SQUARE 1 /* make sure squaring code is included */ + +#include "mpi.h" +#include "mpprime.h" + +int main(int argc, char *argv[]) +{ + int ntests, prec, ix; + unsigned int seed; + clock_t start, stop; + double multime, sqrtime; + mp_int a, c; + + seed = (unsigned int)time(NULL); + + if(argc < 3) { + fprintf(stderr, "Usage: %s <ntests> <nbits>\n", argv[0]); + return 1; + } + + if((ntests = abs(atoi(argv[1]))) == 0) { + fprintf(stderr, "%s: must request at least 1 test.\n", argv[0]); + return 1; + } + if((prec = abs(atoi(argv[2]))) < CHAR_BIT) { + fprintf(stderr, "%s: must request at least %d bits.\n", argv[0], + CHAR_BIT); + return 1; + } + + prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT; + + mp_init_size(&a, prec); + mp_init_size(&c, 2 * prec); + + /* Test multiplication by self */ + srand(seed); + start = clock(); + for(ix = 0; ix < ntests; ix++) { + mpp_random_size(&a, prec); + mp_mul(&a, &a, &c); + } + stop = clock(); + + multime = (double)(stop - start) / CLOCKS_PER_SEC; + + /* Test squaring */ + srand(seed); + start = clock(); + for(ix = 0; ix < ntests; ix++) { + mpp_random_size(&a, prec); + mp_sqr(&a, &c); + } + stop = clock(); + + sqrtime = (double)(stop - start) / CLOCKS_PER_SEC; + + printf("Multiply: %.4f\n", multime); + printf("Square: %.4f\n", sqrtime); + if(multime < sqrtime) { + printf("Speedup: %.1f%%\n", 100.0 * (1.0 - multime / sqrtime)); + printf("Prefer: multiply\n"); + } else { + printf("Speedup: %.1f%%\n", 100.0 * (1.0 - sqrtime / multime)); + printf("Prefer: square\n"); + } + + mp_clear(&a); mp_clear(&c); + return 0; + +} diff --git a/security/nss/lib/freebl/mpi/multest b/security/nss/lib/freebl/mpi/multest new file mode 100755 index 000000000..08fec8388 --- /dev/null +++ b/security/nss/lib/freebl/mpi/multest @@ -0,0 +1,107 @@ +#!/bin/sh +# +# multest +# +# Run multiply and square timing tests, to compute a chart for the +# current processor and compiler combination. +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# + +ECHO=/bin/echo +MAKE=gmake + +$ECHO "\n** Running multiply and square timing tests\n" + +$ECHO "Bringing 'mulsqr' up to date ... " +if $MAKE mulsqr ; then + : +else + $ECHO "\nMake failed to build mulsqr.\n" + exit 1 +fi + +if [ ! -x ./mulsqr ] ; then + $ECHO "\nCannot find 'mulsqr' program, testing cannot continue.\n" + exit 1 +fi + +sizes='64 128 192 256 320 384 448 512 640 768 896 1024 1536 2048' +ntests=500000 + +$ECHO "Running timing tests, please wait ... " + +trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP + +touch tt$$.tmp +$ECHO $ntests tests >> tt$$.tmp +for size in $sizes ; do + $ECHO "$size bits ... \c" + set -A res `./mulsqr $ntests $size|head -3|tr -d '%'|awk '{print $2}'` + $ECHO $size"\t"${res[0]}"\t"${res[1]}"\t"${res[2]} >> tt$$.tmp + $ECHO "(done)" +done +mv tt$$.tmp mulsqr-results.txt +rm -f tt$$.tmp + +$ECHO "\n** Running Karatsuba-Ofman multiplication tests\n" + +$ECHO "Brining 'karatsuba' up to date ... " +if $MAKE karatsuba ; then + : +else + $ECHO "\nMake failed to build karatsuba.\n" + exit 1 +fi + +if [ ! -x ./karatsuba ] ; then + $ECHO "\nCannot find 'karatsuba' program, testing cannot continue.\n" + exit 1 +fi + +ntests=100000 + +trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP + +touch tt$$.tmp +for size in $sizes ; do + $ECHO "$size bits ... " + ./karatsuba $ntests $size >> tt$$.tmp + tail -2 tt$$.tmp +done +mv tt$$.tmp karatsuba-results.txt +rm -f tt$$.tmp + +exit 0 diff --git a/security/nss/lib/freebl/mpi/primes.c b/security/nss/lib/freebl/mpi/primes.c new file mode 100644 index 000000000..14f927b6c --- /dev/null +++ b/security/nss/lib/freebl/mpi/primes.c @@ -0,0 +1,871 @@ +/* + * These tables of primes wwere generated using the 'sieve' program + * (sieve.c) and converted to this format with 'ptab.pl'. + * + * The 'small' table is just the first 128 primes. The 'large' table + * is a table of all the prime values that will fit into a single + * mp_digit (given the current size of an mp_digit, which is two bytes). + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#if SMALL_TABLE +#define MP_PRIME_TAB_SIZE 128 +#else +#define MP_PRIME_TAB_SIZE 6542 +#endif + +const int prime_tab_size = MP_PRIME_TAB_SIZE; +const mp_digit prime_tab[] = { + 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, + 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, + 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, + 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083, + 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, + 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, + 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, + 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, + 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, + 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, + 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, + 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, + 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, + 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, + 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, + 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, +#if ! SMALL_TABLE + 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, + 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, + 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, + 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, + 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, + 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, + 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, + 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, + 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, + 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, + 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, + 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, + 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, + 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, + 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, + 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653, + 0x0655, 0x065B, 0x0665, 0x0679, 0x067F, 0x0683, 0x0685, 0x069D, + 0x06A1, 0x06A3, 0x06AD, 0x06B9, 0x06BB, 0x06C5, 0x06CD, 0x06D3, + 0x06D9, 0x06DF, 0x06F1, 0x06F7, 0x06FB, 0x06FD, 0x0709, 0x0713, + 0x071F, 0x0727, 0x0737, 0x0745, 0x074B, 0x074F, 0x0751, 0x0755, + 0x0757, 0x0761, 0x076D, 0x0773, 0x0779, 0x078B, 0x078D, 0x079D, + 0x079F, 0x07B5, 0x07BB, 0x07C3, 0x07C9, 0x07CD, 0x07CF, 0x07D3, + 0x07DB, 0x07E1, 0x07EB, 0x07ED, 0x07F7, 0x0805, 0x080F, 0x0815, + 0x0821, 0x0823, 0x0827, 0x0829, 0x0833, 0x083F, 0x0841, 0x0851, + 0x0853, 0x0859, 0x085D, 0x085F, 0x0869, 0x0871, 0x0883, 0x089B, + 0x089F, 0x08A5, 0x08AD, 0x08BD, 0x08BF, 0x08C3, 0x08CB, 0x08DB, + 0x08DD, 0x08E1, 0x08E9, 0x08EF, 0x08F5, 0x08F9, 0x0905, 0x0907, + 0x091D, 0x0923, 0x0925, 0x092B, 0x092F, 0x0935, 0x0943, 0x0949, + 0x094D, 0x094F, 0x0955, 0x0959, 0x095F, 0x096B, 0x0971, 0x0977, + 0x0985, 0x0989, 0x098F, 0x099B, 0x09A3, 0x09A9, 0x09AD, 0x09C7, + 0x09D9, 0x09E3, 0x09EB, 0x09EF, 0x09F5, 0x09F7, 0x09FD, 0x0A13, + 0x0A1F, 0x0A21, 0x0A31, 0x0A39, 0x0A3D, 0x0A49, 0x0A57, 0x0A61, + 0x0A63, 0x0A67, 0x0A6F, 0x0A75, 0x0A7B, 0x0A7F, 0x0A81, 0x0A85, + 0x0A8B, 0x0A93, 0x0A97, 0x0A99, 0x0A9F, 0x0AA9, 0x0AAB, 0x0AB5, + 0x0ABD, 0x0AC1, 0x0ACF, 0x0AD9, 0x0AE5, 0x0AE7, 0x0AED, 0x0AF1, + 0x0AF3, 0x0B03, 0x0B11, 0x0B15, 0x0B1B, 0x0B23, 0x0B29, 0x0B2D, + 0x0B3F, 0x0B47, 0x0B51, 0x0B57, 0x0B5D, 0x0B65, 0x0B6F, 0x0B7B, + 0x0B89, 0x0B8D, 0x0B93, 0x0B99, 0x0B9B, 0x0BB7, 0x0BB9, 0x0BC3, + 0x0BCB, 0x0BCF, 0x0BDD, 0x0BE1, 0x0BE9, 0x0BF5, 0x0BFB, 0x0C07, + 0x0C0B, 0x0C11, 0x0C25, 0x0C2F, 0x0C31, 0x0C41, 0x0C5B, 0x0C5F, + 0x0C61, 0x0C6D, 0x0C73, 0x0C77, 0x0C83, 0x0C89, 0x0C91, 0x0C95, + 0x0C9D, 0x0CB3, 0x0CB5, 0x0CB9, 0x0CBB, 0x0CC7, 0x0CE3, 0x0CE5, + 0x0CEB, 0x0CF1, 0x0CF7, 0x0CFB, 0x0D01, 0x0D03, 0x0D0F, 0x0D13, + 0x0D1F, 0x0D21, 0x0D2B, 0x0D2D, 0x0D3D, 0x0D3F, 0x0D4F, 0x0D55, + 0x0D69, 0x0D79, 0x0D81, 0x0D85, 0x0D87, 0x0D8B, 0x0D8D, 0x0DA3, + 0x0DAB, 0x0DB7, 0x0DBD, 0x0DC7, 0x0DC9, 0x0DCD, 0x0DD3, 0x0DD5, + 0x0DDB, 0x0DE5, 0x0DE7, 0x0DF3, 0x0DFD, 0x0DFF, 0x0E09, 0x0E17, + 0x0E1D, 0x0E21, 0x0E27, 0x0E2F, 0x0E35, 0x0E3B, 0x0E4B, 0x0E57, + 0x0E59, 0x0E5D, 0x0E6B, 0x0E71, 0x0E75, 0x0E7D, 0x0E87, 0x0E8F, + 0x0E95, 0x0E9B, 0x0EB1, 0x0EB7, 0x0EB9, 0x0EC3, 0x0ED1, 0x0ED5, + 0x0EDB, 0x0EED, 0x0EEF, 0x0EF9, 0x0F07, 0x0F0B, 0x0F0D, 0x0F17, + 0x0F25, 0x0F29, 0x0F31, 0x0F43, 0x0F47, 0x0F4D, 0x0F4F, 0x0F53, + 0x0F59, 0x0F5B, 0x0F67, 0x0F6B, 0x0F7F, 0x0F95, 0x0FA1, 0x0FA3, + 0x0FA7, 0x0FAD, 0x0FB3, 0x0FB5, 0x0FBB, 0x0FD1, 0x0FD3, 0x0FD9, + 0x0FE9, 0x0FEF, 0x0FFB, 0x0FFD, 0x1003, 0x100F, 0x101F, 0x1021, + 0x1025, 0x102B, 0x1039, 0x103D, 0x103F, 0x1051, 0x1069, 0x1073, + 0x1079, 0x107B, 0x1085, 0x1087, 0x1091, 0x1093, 0x109D, 0x10A3, + 0x10A5, 0x10AF, 0x10B1, 0x10BB, 0x10C1, 0x10C9, 0x10E7, 0x10F1, + 0x10F3, 0x10FD, 0x1105, 0x110B, 0x1115, 0x1127, 0x112D, 0x1139, + 0x1145, 0x1147, 0x1159, 0x115F, 0x1163, 0x1169, 0x116F, 0x1181, + 0x1183, 0x118D, 0x119B, 0x11A1, 0x11A5, 0x11A7, 0x11AB, 0x11C3, + 0x11C5, 0x11D1, 0x11D7, 0x11E7, 0x11EF, 0x11F5, 0x11FB, 0x120D, + 0x121D, 0x121F, 0x1223, 0x1229, 0x122B, 0x1231, 0x1237, 0x1241, + 0x1247, 0x1253, 0x125F, 0x1271, 0x1273, 0x1279, 0x127D, 0x128F, + 0x1297, 0x12AF, 0x12B3, 0x12B5, 0x12B9, 0x12BF, 0x12C1, 0x12CD, + 0x12D1, 0x12DF, 0x12FD, 0x1307, 0x130D, 0x1319, 0x1327, 0x132D, + 0x1337, 0x1343, 0x1345, 0x1349, 0x134F, 0x1357, 0x135D, 0x1367, + 0x1369, 0x136D, 0x137B, 0x1381, 0x1387, 0x138B, 0x1391, 0x1393, + 0x139D, 0x139F, 0x13AF, 0x13BB, 0x13C3, 0x13D5, 0x13D9, 0x13DF, + 0x13EB, 0x13ED, 0x13F3, 0x13F9, 0x13FF, 0x141B, 0x1421, 0x142F, + 0x1433, 0x143B, 0x1445, 0x144D, 0x1459, 0x146B, 0x146F, 0x1471, + 0x1475, 0x148D, 0x1499, 0x149F, 0x14A1, 0x14B1, 0x14B7, 0x14BD, + 0x14CB, 0x14D5, 0x14E3, 0x14E7, 0x1505, 0x150B, 0x1511, 0x1517, + 0x151F, 0x1525, 0x1529, 0x152B, 0x1537, 0x153D, 0x1541, 0x1543, + 0x1549, 0x155F, 0x1565, 0x1567, 0x156B, 0x157D, 0x157F, 0x1583, + 0x158F, 0x1591, 0x1597, 0x159B, 0x15B5, 0x15BB, 0x15C1, 0x15C5, + 0x15CD, 0x15D7, 0x15F7, 0x1607, 0x1609, 0x160F, 0x1613, 0x1615, + 0x1619, 0x161B, 0x1625, 0x1633, 0x1639, 0x163D, 0x1645, 0x164F, + 0x1655, 0x1669, 0x166D, 0x166F, 0x1675, 0x1693, 0x1697, 0x169F, + 0x16A9, 0x16AF, 0x16B5, 0x16BD, 0x16C3, 0x16CF, 0x16D3, 0x16D9, + 0x16DB, 0x16E1, 0x16E5, 0x16EB, 0x16ED, 0x16F7, 0x16F9, 0x1709, + 0x170F, 0x1723, 0x1727, 0x1733, 0x1741, 0x175D, 0x1763, 0x1777, + 0x177B, 0x178D, 0x1795, 0x179B, 0x179F, 0x17A5, 0x17B3, 0x17B9, + 0x17BF, 0x17C9, 0x17CB, 0x17D5, 0x17E1, 0x17E9, 0x17F3, 0x17F5, + 0x17FF, 0x1807, 0x1813, 0x181D, 0x1835, 0x1837, 0x183B, 0x1843, + 0x1849, 0x184D, 0x1855, 0x1867, 0x1871, 0x1877, 0x187D, 0x187F, + 0x1885, 0x188F, 0x189B, 0x189D, 0x18A7, 0x18AD, 0x18B3, 0x18B9, + 0x18C1, 0x18C7, 0x18D1, 0x18D7, 0x18D9, 0x18DF, 0x18E5, 0x18EB, + 0x18F5, 0x18FD, 0x1915, 0x191B, 0x1931, 0x1933, 0x1945, 0x1949, + 0x1951, 0x195B, 0x1979, 0x1981, 0x1993, 0x1997, 0x1999, 0x19A3, + 0x19A9, 0x19AB, 0x19B1, 0x19B5, 0x19C7, 0x19CF, 0x19DB, 0x19ED, + 0x19FD, 0x1A03, 0x1A05, 0x1A11, 0x1A17, 0x1A21, 0x1A23, 0x1A2D, + 0x1A2F, 0x1A35, 0x1A3F, 0x1A4D, 0x1A51, 0x1A69, 0x1A6B, 0x1A7B, + 0x1A7D, 0x1A87, 0x1A89, 0x1A93, 0x1AA7, 0x1AAB, 0x1AAD, 0x1AB1, + 0x1AB9, 0x1AC9, 0x1ACF, 0x1AD5, 0x1AD7, 0x1AE3, 0x1AF3, 0x1AFB, + 0x1AFF, 0x1B05, 0x1B23, 0x1B25, 0x1B2F, 0x1B31, 0x1B37, 0x1B3B, + 0x1B41, 0x1B47, 0x1B4F, 0x1B55, 0x1B59, 0x1B65, 0x1B6B, 0x1B73, + 0x1B7F, 0x1B83, 0x1B91, 0x1B9D, 0x1BA7, 0x1BBF, 0x1BC5, 0x1BD1, + 0x1BD7, 0x1BD9, 0x1BEF, 0x1BF7, 0x1C09, 0x1C13, 0x1C19, 0x1C27, + 0x1C2B, 0x1C2D, 0x1C33, 0x1C3D, 0x1C45, 0x1C4B, 0x1C4F, 0x1C55, + 0x1C73, 0x1C81, 0x1C8B, 0x1C8D, 0x1C99, 0x1CA3, 0x1CA5, 0x1CB5, + 0x1CB7, 0x1CC9, 0x1CE1, 0x1CF3, 0x1CF9, 0x1D09, 0x1D1B, 0x1D21, + 0x1D23, 0x1D35, 0x1D39, 0x1D3F, 0x1D41, 0x1D4B, 0x1D53, 0x1D5D, + 0x1D63, 0x1D69, 0x1D71, 0x1D75, 0x1D7B, 0x1D7D, 0x1D87, 0x1D89, + 0x1D95, 0x1D99, 0x1D9F, 0x1DA5, 0x1DA7, 0x1DB3, 0x1DB7, 0x1DC5, + 0x1DD7, 0x1DDB, 0x1DE1, 0x1DF5, 0x1DF9, 0x1E01, 0x1E07, 0x1E0B, + 0x1E13, 0x1E17, 0x1E25, 0x1E2B, 0x1E2F, 0x1E3D, 0x1E49, 0x1E4D, + 0x1E4F, 0x1E6D, 0x1E71, 0x1E89, 0x1E8F, 0x1E95, 0x1EA1, 0x1EAD, + 0x1EBB, 0x1EC1, 0x1EC5, 0x1EC7, 0x1ECB, 0x1EDD, 0x1EE3, 0x1EEF, + 0x1EF7, 0x1EFD, 0x1F01, 0x1F0D, 0x1F0F, 0x1F1B, 0x1F39, 0x1F49, + 0x1F4B, 0x1F51, 0x1F67, 0x1F75, 0x1F7B, 0x1F85, 0x1F91, 0x1F97, + 0x1F99, 0x1F9D, 0x1FA5, 0x1FAF, 0x1FB5, 0x1FBB, 0x1FD3, 0x1FE1, + 0x1FE7, 0x1FEB, 0x1FF3, 0x1FFF, 0x2011, 0x201B, 0x201D, 0x2027, + 0x2029, 0x202D, 0x2033, 0x2047, 0x204D, 0x2051, 0x205F, 0x2063, + 0x2065, 0x2069, 0x2077, 0x207D, 0x2089, 0x20A1, 0x20AB, 0x20B1, + 0x20B9, 0x20C3, 0x20C5, 0x20E3, 0x20E7, 0x20ED, 0x20EF, 0x20FB, + 0x20FF, 0x210D, 0x2113, 0x2135, 0x2141, 0x2149, 0x214F, 0x2159, + 0x215B, 0x215F, 0x2173, 0x217D, 0x2185, 0x2195, 0x2197, 0x21A1, + 0x21AF, 0x21B3, 0x21B5, 0x21C1, 0x21C7, 0x21D7, 0x21DD, 0x21E5, + 0x21E9, 0x21F1, 0x21F5, 0x21FB, 0x2203, 0x2209, 0x220F, 0x221B, + 0x2221, 0x2225, 0x222B, 0x2231, 0x2239, 0x224B, 0x224F, 0x2263, + 0x2267, 0x2273, 0x2275, 0x227F, 0x2285, 0x2287, 0x2291, 0x229D, + 0x229F, 0x22A3, 0x22B7, 0x22BD, 0x22DB, 0x22E1, 0x22E5, 0x22ED, + 0x22F7, 0x2303, 0x2309, 0x230B, 0x2327, 0x2329, 0x232F, 0x2333, + 0x2335, 0x2345, 0x2351, 0x2353, 0x2359, 0x2363, 0x236B, 0x2383, + 0x238F, 0x2395, 0x23A7, 0x23AD, 0x23B1, 0x23BF, 0x23C5, 0x23C9, + 0x23D5, 0x23DD, 0x23E3, 0x23EF, 0x23F3, 0x23F9, 0x2405, 0x240B, + 0x2417, 0x2419, 0x2429, 0x243D, 0x2441, 0x2443, 0x244D, 0x245F, + 0x2467, 0x246B, 0x2479, 0x247D, 0x247F, 0x2485, 0x249B, 0x24A1, + 0x24AF, 0x24B5, 0x24BB, 0x24C5, 0x24CB, 0x24CD, 0x24D7, 0x24D9, + 0x24DD, 0x24DF, 0x24F5, 0x24F7, 0x24FB, 0x2501, 0x2507, 0x2513, + 0x2519, 0x2527, 0x2531, 0x253D, 0x2543, 0x254B, 0x254F, 0x2573, + 0x2581, 0x258D, 0x2593, 0x2597, 0x259D, 0x259F, 0x25AB, 0x25B1, + 0x25BD, 0x25CD, 0x25CF, 0x25D9, 0x25E1, 0x25F7, 0x25F9, 0x2605, + 0x260B, 0x260F, 0x2615, 0x2627, 0x2629, 0x2635, 0x263B, 0x263F, + 0x264B, 0x2653, 0x2659, 0x2665, 0x2669, 0x266F, 0x267B, 0x2681, + 0x2683, 0x268F, 0x269B, 0x269F, 0x26AD, 0x26B3, 0x26C3, 0x26C9, + 0x26CB, 0x26D5, 0x26DD, 0x26EF, 0x26F5, 0x2717, 0x2719, 0x2735, + 0x2737, 0x274D, 0x2753, 0x2755, 0x275F, 0x276B, 0x276D, 0x2773, + 0x2777, 0x277F, 0x2795, 0x279B, 0x279D, 0x27A7, 0x27AF, 0x27B3, + 0x27B9, 0x27C1, 0x27C5, 0x27D1, 0x27E3, 0x27EF, 0x2803, 0x2807, + 0x280D, 0x2813, 0x281B, 0x281F, 0x2821, 0x2831, 0x283D, 0x283F, + 0x2849, 0x2851, 0x285B, 0x285D, 0x2861, 0x2867, 0x2875, 0x2881, + 0x2897, 0x289F, 0x28BB, 0x28BD, 0x28C1, 0x28D5, 0x28D9, 0x28DB, + 0x28DF, 0x28ED, 0x28F7, 0x2903, 0x2905, 0x2911, 0x2921, 0x2923, + 0x293F, 0x2947, 0x295D, 0x2965, 0x2969, 0x296F, 0x2975, 0x2983, + 0x2987, 0x298F, 0x299B, 0x29A1, 0x29A7, 0x29AB, 0x29BF, 0x29C3, + 0x29D5, 0x29D7, 0x29E3, 0x29E9, 0x29ED, 0x29F3, 0x2A01, 0x2A13, + 0x2A1D, 0x2A25, 0x2A2F, 0x2A4F, 0x2A55, 0x2A5F, 0x2A65, 0x2A6B, + 0x2A6D, 0x2A73, 0x2A83, 0x2A89, 0x2A8B, 0x2A97, 0x2A9D, 0x2AB9, + 0x2ABB, 0x2AC5, 0x2ACD, 0x2ADD, 0x2AE3, 0x2AEB, 0x2AF1, 0x2AFB, + 0x2B13, 0x2B27, 0x2B31, 0x2B33, 0x2B3D, 0x2B3F, 0x2B4B, 0x2B4F, + 0x2B55, 0x2B69, 0x2B6D, 0x2B6F, 0x2B7B, 0x2B8D, 0x2B97, 0x2B99, + 0x2BA3, 0x2BA5, 0x2BA9, 0x2BBD, 0x2BCD, 0x2BE7, 0x2BEB, 0x2BF3, + 0x2BF9, 0x2BFD, 0x2C09, 0x2C0F, 0x2C17, 0x2C23, 0x2C2F, 0x2C35, + 0x2C39, 0x2C41, 0x2C57, 0x2C59, 0x2C69, 0x2C77, 0x2C81, 0x2C87, + 0x2C93, 0x2C9F, 0x2CAD, 0x2CB3, 0x2CB7, 0x2CCB, 0x2CCF, 0x2CDB, + 0x2CE1, 0x2CE3, 0x2CE9, 0x2CEF, 0x2CFF, 0x2D07, 0x2D1D, 0x2D1F, + 0x2D3B, 0x2D43, 0x2D49, 0x2D4D, 0x2D61, 0x2D65, 0x2D71, 0x2D89, + 0x2D9D, 0x2DA1, 0x2DA9, 0x2DB3, 0x2DB5, 0x2DC5, 0x2DC7, 0x2DD3, + 0x2DDF, 0x2E01, 0x2E03, 0x2E07, 0x2E0D, 0x2E19, 0x2E1F, 0x2E25, + 0x2E2D, 0x2E33, 0x2E37, 0x2E39, 0x2E3F, 0x2E57, 0x2E5B, 0x2E6F, + 0x2E79, 0x2E7F, 0x2E85, 0x2E93, 0x2E97, 0x2E9D, 0x2EA3, 0x2EA5, + 0x2EB1, 0x2EB7, 0x2EC1, 0x2EC3, 0x2ECD, 0x2ED3, 0x2EE7, 0x2EEB, + 0x2F05, 0x2F09, 0x2F0B, 0x2F11, 0x2F27, 0x2F29, 0x2F41, 0x2F45, + 0x2F4B, 0x2F4D, 0x2F51, 0x2F57, 0x2F6F, 0x2F75, 0x2F7D, 0x2F81, + 0x2F83, 0x2FA5, 0x2FAB, 0x2FB3, 0x2FC3, 0x2FCF, 0x2FD1, 0x2FDB, + 0x2FDD, 0x2FE7, 0x2FED, 0x2FF5, 0x2FF9, 0x3001, 0x300D, 0x3023, + 0x3029, 0x3037, 0x303B, 0x3055, 0x3059, 0x305B, 0x3067, 0x3071, + 0x3079, 0x307D, 0x3085, 0x3091, 0x3095, 0x30A3, 0x30A9, 0x30B9, + 0x30BF, 0x30C7, 0x30CB, 0x30D1, 0x30D7, 0x30DF, 0x30E5, 0x30EF, + 0x30FB, 0x30FD, 0x3103, 0x3109, 0x3119, 0x3121, 0x3127, 0x312D, + 0x3139, 0x3143, 0x3145, 0x314B, 0x315D, 0x3161, 0x3167, 0x316D, + 0x3173, 0x317F, 0x3191, 0x3199, 0x319F, 0x31A9, 0x31B1, 0x31C3, + 0x31C7, 0x31D5, 0x31DB, 0x31ED, 0x31F7, 0x31FF, 0x3209, 0x3215, + 0x3217, 0x321D, 0x3229, 0x3235, 0x3259, 0x325D, 0x3263, 0x326B, + 0x326F, 0x3275, 0x3277, 0x327B, 0x328D, 0x3299, 0x329F, 0x32A7, + 0x32AD, 0x32B3, 0x32B7, 0x32C9, 0x32CB, 0x32CF, 0x32D1, 0x32E9, + 0x32ED, 0x32F3, 0x32F9, 0x3307, 0x3325, 0x332B, 0x332F, 0x3335, + 0x3341, 0x3347, 0x335B, 0x335F, 0x3367, 0x336B, 0x3373, 0x3379, + 0x337F, 0x3383, 0x33A1, 0x33A3, 0x33AD, 0x33B9, 0x33C1, 0x33CB, + 0x33D3, 0x33EB, 0x33F1, 0x33FD, 0x3401, 0x340F, 0x3413, 0x3419, + 0x341B, 0x3437, 0x3445, 0x3455, 0x3457, 0x3463, 0x3469, 0x346D, + 0x3481, 0x348B, 0x3491, 0x3497, 0x349D, 0x34A5, 0x34AF, 0x34BB, + 0x34C9, 0x34D3, 0x34E1, 0x34F1, 0x34FF, 0x3509, 0x3517, 0x351D, + 0x352D, 0x3533, 0x353B, 0x3541, 0x3551, 0x3565, 0x356F, 0x3571, + 0x3577, 0x357B, 0x357D, 0x3581, 0x358D, 0x358F, 0x3599, 0x359B, + 0x35A1, 0x35B7, 0x35BD, 0x35BF, 0x35C3, 0x35D5, 0x35DD, 0x35E7, + 0x35EF, 0x3605, 0x3607, 0x3611, 0x3623, 0x3631, 0x3635, 0x3637, + 0x363B, 0x364D, 0x364F, 0x3653, 0x3659, 0x3661, 0x366B, 0x366D, + 0x368B, 0x368F, 0x36AD, 0x36AF, 0x36B9, 0x36BB, 0x36CD, 0x36D1, + 0x36E3, 0x36E9, 0x36F7, 0x3701, 0x3703, 0x3707, 0x371B, 0x373F, + 0x3745, 0x3749, 0x374F, 0x375D, 0x3761, 0x3775, 0x377F, 0x378D, + 0x37A3, 0x37A9, 0x37AB, 0x37C9, 0x37D5, 0x37DF, 0x37F1, 0x37F3, + 0x37F7, 0x3805, 0x380B, 0x3821, 0x3833, 0x3835, 0x3841, 0x3847, + 0x384B, 0x3853, 0x3857, 0x385F, 0x3865, 0x386F, 0x3871, 0x387D, + 0x388F, 0x3899, 0x38A7, 0x38B7, 0x38C5, 0x38C9, 0x38CF, 0x38D5, + 0x38D7, 0x38DD, 0x38E1, 0x38E3, 0x38FF, 0x3901, 0x391D, 0x3923, + 0x3925, 0x3929, 0x392F, 0x393D, 0x3941, 0x394D, 0x395B, 0x396B, + 0x3979, 0x397D, 0x3983, 0x398B, 0x3991, 0x3995, 0x399B, 0x39A1, + 0x39A7, 0x39AF, 0x39B3, 0x39BB, 0x39BF, 0x39CD, 0x39DD, 0x39E5, + 0x39EB, 0x39EF, 0x39FB, 0x3A03, 0x3A13, 0x3A15, 0x3A1F, 0x3A27, + 0x3A2B, 0x3A31, 0x3A4B, 0x3A51, 0x3A5B, 0x3A63, 0x3A67, 0x3A6D, + 0x3A79, 0x3A87, 0x3AA5, 0x3AA9, 0x3AB7, 0x3ACD, 0x3AD5, 0x3AE1, + 0x3AE5, 0x3AEB, 0x3AF3, 0x3AFD, 0x3B03, 0x3B11, 0x3B1B, 0x3B21, + 0x3B23, 0x3B2D, 0x3B39, 0x3B45, 0x3B53, 0x3B59, 0x3B5F, 0x3B71, + 0x3B7B, 0x3B81, 0x3B89, 0x3B9B, 0x3B9F, 0x3BA5, 0x3BA7, 0x3BAD, + 0x3BB7, 0x3BB9, 0x3BC3, 0x3BCB, 0x3BD1, 0x3BD7, 0x3BE1, 0x3BE3, + 0x3BF5, 0x3BFF, 0x3C01, 0x3C0D, 0x3C11, 0x3C17, 0x3C1F, 0x3C29, + 0x3C35, 0x3C43, 0x3C4F, 0x3C53, 0x3C5B, 0x3C65, 0x3C6B, 0x3C71, + 0x3C85, 0x3C89, 0x3C97, 0x3CA7, 0x3CB5, 0x3CBF, 0x3CC7, 0x3CD1, + 0x3CDD, 0x3CDF, 0x3CF1, 0x3CF7, 0x3D03, 0x3D0D, 0x3D19, 0x3D1B, + 0x3D1F, 0x3D21, 0x3D2D, 0x3D33, 0x3D37, 0x3D3F, 0x3D43, 0x3D6F, + 0x3D73, 0x3D75, 0x3D79, 0x3D7B, 0x3D85, 0x3D91, 0x3D97, 0x3D9D, + 0x3DAB, 0x3DAF, 0x3DB5, 0x3DBB, 0x3DC1, 0x3DC9, 0x3DCF, 0x3DF3, + 0x3E05, 0x3E09, 0x3E0F, 0x3E11, 0x3E1D, 0x3E23, 0x3E29, 0x3E2F, + 0x3E33, 0x3E41, 0x3E57, 0x3E63, 0x3E65, 0x3E77, 0x3E81, 0x3E87, + 0x3EA1, 0x3EB9, 0x3EBD, 0x3EBF, 0x3EC3, 0x3EC5, 0x3EC9, 0x3ED7, + 0x3EDB, 0x3EE1, 0x3EE7, 0x3EEF, 0x3EFF, 0x3F0B, 0x3F0D, 0x3F37, + 0x3F3B, 0x3F3D, 0x3F41, 0x3F59, 0x3F5F, 0x3F65, 0x3F67, 0x3F79, + 0x3F7D, 0x3F8B, 0x3F91, 0x3FAD, 0x3FBF, 0x3FCD, 0x3FD3, 0x3FDD, + 0x3FE9, 0x3FEB, 0x3FF1, 0x3FFD, 0x401B, 0x4021, 0x4025, 0x402B, + 0x4031, 0x403F, 0x4043, 0x4045, 0x405D, 0x4061, 0x4067, 0x406D, + 0x4087, 0x4091, 0x40A3, 0x40A9, 0x40B1, 0x40B7, 0x40BD, 0x40DB, + 0x40DF, 0x40EB, 0x40F7, 0x40F9, 0x4109, 0x410B, 0x4111, 0x4115, + 0x4121, 0x4133, 0x4135, 0x413B, 0x413F, 0x4159, 0x4165, 0x416B, + 0x4177, 0x417B, 0x4193, 0x41AB, 0x41B7, 0x41BD, 0x41BF, 0x41CB, + 0x41E7, 0x41EF, 0x41F3, 0x41F9, 0x4205, 0x4207, 0x4219, 0x421F, + 0x4223, 0x4229, 0x422F, 0x4243, 0x4253, 0x4255, 0x425B, 0x4261, + 0x4273, 0x427D, 0x4283, 0x4285, 0x4289, 0x4291, 0x4297, 0x429D, + 0x42B5, 0x42C5, 0x42CB, 0x42D3, 0x42DD, 0x42E3, 0x42F1, 0x4307, + 0x430F, 0x431F, 0x4325, 0x4327, 0x4333, 0x4337, 0x4339, 0x434F, + 0x4357, 0x4369, 0x438B, 0x438D, 0x4393, 0x43A5, 0x43A9, 0x43AF, + 0x43B5, 0x43BD, 0x43C7, 0x43CF, 0x43E1, 0x43E7, 0x43EB, 0x43ED, + 0x43F1, 0x43F9, 0x4409, 0x440B, 0x4417, 0x4423, 0x4429, 0x443B, + 0x443F, 0x4445, 0x444B, 0x4451, 0x4453, 0x4459, 0x4465, 0x446F, + 0x4483, 0x448F, 0x44A1, 0x44A5, 0x44AB, 0x44AD, 0x44BD, 0x44BF, + 0x44C9, 0x44D7, 0x44DB, 0x44F9, 0x44FB, 0x4505, 0x4511, 0x4513, + 0x452B, 0x4531, 0x4541, 0x4549, 0x4553, 0x4555, 0x4561, 0x4577, + 0x457D, 0x457F, 0x458F, 0x45A3, 0x45AD, 0x45AF, 0x45BB, 0x45C7, + 0x45D9, 0x45E3, 0x45EF, 0x45F5, 0x45F7, 0x4601, 0x4603, 0x4609, + 0x4613, 0x4625, 0x4627, 0x4633, 0x4639, 0x463D, 0x4643, 0x4645, + 0x465D, 0x4679, 0x467B, 0x467F, 0x4681, 0x468B, 0x468D, 0x469D, + 0x46A9, 0x46B1, 0x46C7, 0x46C9, 0x46CF, 0x46D3, 0x46D5, 0x46DF, + 0x46E5, 0x46F9, 0x4705, 0x470F, 0x4717, 0x4723, 0x4729, 0x472F, + 0x4735, 0x4739, 0x474B, 0x474D, 0x4751, 0x475D, 0x476F, 0x4771, + 0x477D, 0x4783, 0x4787, 0x4789, 0x4799, 0x47A5, 0x47B1, 0x47BF, + 0x47C3, 0x47CB, 0x47DD, 0x47E1, 0x47ED, 0x47FB, 0x4801, 0x4807, + 0x480B, 0x4813, 0x4819, 0x481D, 0x4831, 0x483D, 0x4847, 0x4855, + 0x4859, 0x485B, 0x486B, 0x486D, 0x4879, 0x4897, 0x489B, 0x48A1, + 0x48B9, 0x48CD, 0x48E5, 0x48EF, 0x48F7, 0x4903, 0x490D, 0x4919, + 0x491F, 0x492B, 0x4937, 0x493D, 0x4945, 0x4955, 0x4963, 0x4969, + 0x496D, 0x4973, 0x4997, 0x49AB, 0x49B5, 0x49D3, 0x49DF, 0x49E1, + 0x49E5, 0x49E7, 0x4A03, 0x4A0F, 0x4A1D, 0x4A23, 0x4A39, 0x4A41, + 0x4A45, 0x4A57, 0x4A5D, 0x4A6B, 0x4A7D, 0x4A81, 0x4A87, 0x4A89, + 0x4A8F, 0x4AB1, 0x4AC3, 0x4AC5, 0x4AD5, 0x4ADB, 0x4AED, 0x4AEF, + 0x4B07, 0x4B0B, 0x4B0D, 0x4B13, 0x4B1F, 0x4B25, 0x4B31, 0x4B3B, + 0x4B43, 0x4B49, 0x4B59, 0x4B65, 0x4B6D, 0x4B77, 0x4B85, 0x4BAD, + 0x4BB3, 0x4BB5, 0x4BBB, 0x4BBF, 0x4BCB, 0x4BD9, 0x4BDD, 0x4BDF, + 0x4BE3, 0x4BE5, 0x4BE9, 0x4BF1, 0x4BF7, 0x4C01, 0x4C07, 0x4C0D, + 0x4C0F, 0x4C15, 0x4C1B, 0x4C21, 0x4C2D, 0x4C33, 0x4C4B, 0x4C55, + 0x4C57, 0x4C61, 0x4C67, 0x4C73, 0x4C79, 0x4C7F, 0x4C8D, 0x4C93, + 0x4C99, 0x4CCD, 0x4CE1, 0x4CE7, 0x4CF1, 0x4CF3, 0x4CFD, 0x4D05, + 0x4D0F, 0x4D1B, 0x4D27, 0x4D29, 0x4D2F, 0x4D33, 0x4D41, 0x4D51, + 0x4D59, 0x4D65, 0x4D6B, 0x4D81, 0x4D83, 0x4D8D, 0x4D95, 0x4D9B, + 0x4DB1, 0x4DB3, 0x4DC9, 0x4DCF, 0x4DD7, 0x4DE1, 0x4DED, 0x4DF9, + 0x4DFB, 0x4E05, 0x4E0B, 0x4E17, 0x4E19, 0x4E1D, 0x4E2B, 0x4E35, + 0x4E37, 0x4E3D, 0x4E4F, 0x4E53, 0x4E5F, 0x4E67, 0x4E79, 0x4E85, + 0x4E8B, 0x4E91, 0x4E95, 0x4E9B, 0x4EA1, 0x4EAF, 0x4EB3, 0x4EB5, + 0x4EC1, 0x4ECD, 0x4ED1, 0x4ED7, 0x4EE9, 0x4EFB, 0x4F07, 0x4F09, + 0x4F19, 0x4F25, 0x4F2D, 0x4F3F, 0x4F49, 0x4F63, 0x4F67, 0x4F6D, + 0x4F75, 0x4F7B, 0x4F81, 0x4F85, 0x4F87, 0x4F91, 0x4FA5, 0x4FA9, + 0x4FAF, 0x4FB7, 0x4FBB, 0x4FCF, 0x4FD9, 0x4FDB, 0x4FFD, 0x4FFF, + 0x5003, 0x501B, 0x501D, 0x5029, 0x5035, 0x503F, 0x5045, 0x5047, + 0x5053, 0x5071, 0x5077, 0x5083, 0x5093, 0x509F, 0x50A1, 0x50B7, + 0x50C9, 0x50D5, 0x50E3, 0x50ED, 0x50EF, 0x50FB, 0x5107, 0x510B, + 0x510D, 0x5111, 0x5117, 0x5123, 0x5125, 0x5135, 0x5147, 0x5149, + 0x5171, 0x5179, 0x5189, 0x518F, 0x5197, 0x51A1, 0x51A3, 0x51A7, + 0x51B9, 0x51C1, 0x51CB, 0x51D3, 0x51DF, 0x51E3, 0x51F5, 0x51F7, + 0x5209, 0x5213, 0x5215, 0x5219, 0x521B, 0x521F, 0x5227, 0x5243, + 0x5245, 0x524B, 0x5261, 0x526D, 0x5273, 0x5281, 0x5293, 0x5297, + 0x529D, 0x52A5, 0x52AB, 0x52B1, 0x52BB, 0x52C3, 0x52C7, 0x52C9, + 0x52DB, 0x52E5, 0x52EB, 0x52FF, 0x5315, 0x531D, 0x5323, 0x5341, + 0x5345, 0x5347, 0x534B, 0x535D, 0x5363, 0x5381, 0x5383, 0x5387, + 0x538F, 0x5395, 0x5399, 0x539F, 0x53AB, 0x53B9, 0x53DB, 0x53E9, + 0x53EF, 0x53F3, 0x53F5, 0x53FB, 0x53FF, 0x540D, 0x5411, 0x5413, + 0x5419, 0x5435, 0x5437, 0x543B, 0x5441, 0x5449, 0x5453, 0x5455, + 0x545F, 0x5461, 0x546B, 0x546D, 0x5471, 0x548F, 0x5491, 0x549D, + 0x54A9, 0x54B3, 0x54C5, 0x54D1, 0x54DF, 0x54E9, 0x54EB, 0x54F7, + 0x54FD, 0x5507, 0x550D, 0x551B, 0x5527, 0x552B, 0x5539, 0x553D, + 0x554F, 0x5551, 0x555B, 0x5563, 0x5567, 0x556F, 0x5579, 0x5585, + 0x5597, 0x55A9, 0x55B1, 0x55B7, 0x55C9, 0x55D9, 0x55E7, 0x55ED, + 0x55F3, 0x55FD, 0x560B, 0x560F, 0x5615, 0x5617, 0x5623, 0x562F, + 0x5633, 0x5639, 0x563F, 0x564B, 0x564D, 0x565D, 0x565F, 0x566B, + 0x5671, 0x5675, 0x5683, 0x5689, 0x568D, 0x568F, 0x569B, 0x56AD, + 0x56B1, 0x56D5, 0x56E7, 0x56F3, 0x56FF, 0x5701, 0x5705, 0x5707, + 0x570B, 0x5713, 0x571F, 0x5723, 0x5747, 0x574D, 0x575F, 0x5761, + 0x576D, 0x5777, 0x577D, 0x5789, 0x57A1, 0x57A9, 0x57AF, 0x57B5, + 0x57C5, 0x57D1, 0x57D3, 0x57E5, 0x57EF, 0x5803, 0x580D, 0x580F, + 0x5815, 0x5827, 0x582B, 0x582D, 0x5855, 0x585B, 0x585D, 0x586D, + 0x586F, 0x5873, 0x587B, 0x588D, 0x5897, 0x58A3, 0x58A9, 0x58AB, + 0x58B5, 0x58BD, 0x58C1, 0x58C7, 0x58D3, 0x58D5, 0x58DF, 0x58F1, + 0x58F9, 0x58FF, 0x5903, 0x5917, 0x591B, 0x5921, 0x5945, 0x594B, + 0x594D, 0x5957, 0x595D, 0x5975, 0x597B, 0x5989, 0x5999, 0x599F, + 0x59B1, 0x59B3, 0x59BD, 0x59D1, 0x59DB, 0x59E3, 0x59E9, 0x59ED, + 0x59F3, 0x59F5, 0x59FF, 0x5A01, 0x5A0D, 0x5A11, 0x5A13, 0x5A17, + 0x5A1F, 0x5A29, 0x5A2F, 0x5A3B, 0x5A4D, 0x5A5B, 0x5A67, 0x5A77, + 0x5A7F, 0x5A85, 0x5A95, 0x5A9D, 0x5AA1, 0x5AA3, 0x5AA9, 0x5ABB, + 0x5AD3, 0x5AE5, 0x5AEF, 0x5AFB, 0x5AFD, 0x5B01, 0x5B0F, 0x5B19, + 0x5B1F, 0x5B25, 0x5B2B, 0x5B3D, 0x5B49, 0x5B4B, 0x5B67, 0x5B79, + 0x5B87, 0x5B97, 0x5BA3, 0x5BB1, 0x5BC9, 0x5BD5, 0x5BEB, 0x5BF1, + 0x5BF3, 0x5BFD, 0x5C05, 0x5C09, 0x5C0B, 0x5C0F, 0x5C1D, 0x5C29, + 0x5C2F, 0x5C33, 0x5C39, 0x5C47, 0x5C4B, 0x5C4D, 0x5C51, 0x5C6F, + 0x5C75, 0x5C77, 0x5C7D, 0x5C87, 0x5C89, 0x5CA7, 0x5CBD, 0x5CBF, + 0x5CC3, 0x5CC9, 0x5CD1, 0x5CD7, 0x5CDD, 0x5CED, 0x5CF9, 0x5D05, + 0x5D0B, 0x5D13, 0x5D17, 0x5D19, 0x5D31, 0x5D3D, 0x5D41, 0x5D47, + 0x5D4F, 0x5D55, 0x5D5B, 0x5D65, 0x5D67, 0x5D6D, 0x5D79, 0x5D95, + 0x5DA3, 0x5DA9, 0x5DAD, 0x5DB9, 0x5DC1, 0x5DC7, 0x5DD3, 0x5DD7, + 0x5DDD, 0x5DEB, 0x5DF1, 0x5DFD, 0x5E07, 0x5E0D, 0x5E13, 0x5E1B, + 0x5E21, 0x5E27, 0x5E2B, 0x5E2D, 0x5E31, 0x5E39, 0x5E45, 0x5E49, + 0x5E57, 0x5E69, 0x5E73, 0x5E75, 0x5E85, 0x5E8B, 0x5E9F, 0x5EA5, + 0x5EAF, 0x5EB7, 0x5EBB, 0x5ED9, 0x5EFD, 0x5F09, 0x5F11, 0x5F27, + 0x5F33, 0x5F35, 0x5F3B, 0x5F47, 0x5F57, 0x5F5D, 0x5F63, 0x5F65, + 0x5F77, 0x5F7B, 0x5F95, 0x5F99, 0x5FA1, 0x5FB3, 0x5FBD, 0x5FC5, + 0x5FCF, 0x5FD5, 0x5FE3, 0x5FE7, 0x5FFB, 0x6011, 0x6023, 0x602F, + 0x6037, 0x6053, 0x605F, 0x6065, 0x606B, 0x6073, 0x6079, 0x6085, + 0x609D, 0x60AD, 0x60BB, 0x60BF, 0x60CD, 0x60D9, 0x60DF, 0x60E9, + 0x60F5, 0x6109, 0x610F, 0x6113, 0x611B, 0x612D, 0x6139, 0x614B, + 0x6155, 0x6157, 0x615B, 0x616F, 0x6179, 0x6187, 0x618B, 0x6191, + 0x6193, 0x619D, 0x61B5, 0x61C7, 0x61C9, 0x61CD, 0x61E1, 0x61F1, + 0x61FF, 0x6209, 0x6217, 0x621D, 0x6221, 0x6227, 0x623B, 0x6241, + 0x624B, 0x6251, 0x6253, 0x625F, 0x6265, 0x6283, 0x628D, 0x6295, + 0x629B, 0x629F, 0x62A5, 0x62AD, 0x62D5, 0x62D7, 0x62DB, 0x62DD, + 0x62E9, 0x62FB, 0x62FF, 0x6305, 0x630D, 0x6317, 0x631D, 0x632F, + 0x6341, 0x6343, 0x634F, 0x635F, 0x6367, 0x636D, 0x6371, 0x6377, + 0x637D, 0x637F, 0x63B3, 0x63C1, 0x63C5, 0x63D9, 0x63E9, 0x63EB, + 0x63EF, 0x63F5, 0x6401, 0x6403, 0x6409, 0x6415, 0x6421, 0x6427, + 0x642B, 0x6439, 0x6443, 0x6449, 0x644F, 0x645D, 0x6467, 0x6475, + 0x6485, 0x648D, 0x6493, 0x649F, 0x64A3, 0x64AB, 0x64C1, 0x64C7, + 0x64C9, 0x64DB, 0x64F1, 0x64F7, 0x64F9, 0x650B, 0x6511, 0x6521, + 0x652F, 0x6539, 0x653F, 0x654B, 0x654D, 0x6553, 0x6557, 0x655F, + 0x6571, 0x657D, 0x658D, 0x658F, 0x6593, 0x65A1, 0x65A5, 0x65AD, + 0x65B9, 0x65C5, 0x65E3, 0x65F3, 0x65FB, 0x65FF, 0x6601, 0x6607, + 0x661D, 0x6629, 0x6631, 0x663B, 0x6641, 0x6647, 0x664D, 0x665B, + 0x6661, 0x6673, 0x667D, 0x6689, 0x668B, 0x6695, 0x6697, 0x669B, + 0x66B5, 0x66B9, 0x66C5, 0x66CD, 0x66D1, 0x66E3, 0x66EB, 0x66F5, + 0x6703, 0x6713, 0x6719, 0x671F, 0x6727, 0x6731, 0x6737, 0x673F, + 0x6745, 0x6751, 0x675B, 0x676F, 0x6779, 0x6781, 0x6785, 0x6791, + 0x67AB, 0x67BD, 0x67C1, 0x67CD, 0x67DF, 0x67E5, 0x6803, 0x6809, + 0x6811, 0x6817, 0x682D, 0x6839, 0x683B, 0x683F, 0x6845, 0x684B, + 0x684D, 0x6857, 0x6859, 0x685D, 0x6863, 0x6869, 0x686B, 0x6871, + 0x6887, 0x6899, 0x689F, 0x68B1, 0x68BD, 0x68C5, 0x68D1, 0x68D7, + 0x68E1, 0x68ED, 0x68EF, 0x68FF, 0x6901, 0x690B, 0x690D, 0x6917, + 0x6929, 0x692F, 0x6943, 0x6947, 0x6949, 0x694F, 0x6965, 0x696B, + 0x6971, 0x6983, 0x6989, 0x6997, 0x69A3, 0x69B3, 0x69B5, 0x69BB, + 0x69C1, 0x69C5, 0x69D3, 0x69DF, 0x69E3, 0x69E5, 0x69F7, 0x6A07, + 0x6A2B, 0x6A37, 0x6A3D, 0x6A4B, 0x6A67, 0x6A69, 0x6A75, 0x6A7B, + 0x6A87, 0x6A8D, 0x6A91, 0x6A93, 0x6AA3, 0x6AC1, 0x6AC9, 0x6AE1, + 0x6AE7, 0x6B05, 0x6B0F, 0x6B11, 0x6B23, 0x6B27, 0x6B2D, 0x6B39, + 0x6B41, 0x6B57, 0x6B59, 0x6B5F, 0x6B75, 0x6B87, 0x6B89, 0x6B93, + 0x6B95, 0x6B9F, 0x6BBD, 0x6BBF, 0x6BDB, 0x6BE1, 0x6BEF, 0x6BFF, + 0x6C05, 0x6C19, 0x6C29, 0x6C2B, 0x6C31, 0x6C35, 0x6C55, 0x6C59, + 0x6C5B, 0x6C5F, 0x6C65, 0x6C67, 0x6C73, 0x6C77, 0x6C7D, 0x6C83, + 0x6C8F, 0x6C91, 0x6C97, 0x6C9B, 0x6CA1, 0x6CA9, 0x6CAF, 0x6CB3, + 0x6CC7, 0x6CCB, 0x6CEB, 0x6CF5, 0x6CFD, 0x6D0D, 0x6D0F, 0x6D25, + 0x6D27, 0x6D2B, 0x6D31, 0x6D39, 0x6D3F, 0x6D4F, 0x6D5D, 0x6D61, + 0x6D73, 0x6D7B, 0x6D7F, 0x6D93, 0x6D99, 0x6DA5, 0x6DB1, 0x6DB7, + 0x6DC1, 0x6DC3, 0x6DCD, 0x6DCF, 0x6DDB, 0x6DF7, 0x6E03, 0x6E15, + 0x6E17, 0x6E29, 0x6E33, 0x6E3B, 0x6E45, 0x6E75, 0x6E77, 0x6E7B, + 0x6E81, 0x6E89, 0x6E93, 0x6E95, 0x6E9F, 0x6EBD, 0x6EBF, 0x6EE3, + 0x6EE9, 0x6EF3, 0x6EF9, 0x6EFB, 0x6F0D, 0x6F11, 0x6F17, 0x6F1F, + 0x6F2F, 0x6F3D, 0x6F4D, 0x6F53, 0x6F61, 0x6F65, 0x6F79, 0x6F7D, + 0x6F83, 0x6F85, 0x6F8F, 0x6F9B, 0x6F9D, 0x6FA3, 0x6FAF, 0x6FB5, + 0x6FBB, 0x6FBF, 0x6FCB, 0x6FCD, 0x6FD3, 0x6FD7, 0x6FE3, 0x6FE9, + 0x6FF1, 0x6FF5, 0x6FF7, 0x6FFD, 0x700F, 0x7019, 0x701F, 0x7027, + 0x7033, 0x7039, 0x704F, 0x7051, 0x7057, 0x7063, 0x7075, 0x7079, + 0x7087, 0x708D, 0x7091, 0x70A5, 0x70AB, 0x70BB, 0x70C3, 0x70C7, + 0x70CF, 0x70E5, 0x70ED, 0x70F9, 0x70FF, 0x7105, 0x7115, 0x7121, + 0x7133, 0x7151, 0x7159, 0x715D, 0x715F, 0x7163, 0x7169, 0x7183, + 0x7187, 0x7195, 0x71AD, 0x71C3, 0x71C9, 0x71CB, 0x71D1, 0x71DB, + 0x71E1, 0x71EF, 0x71F5, 0x71FB, 0x7207, 0x7211, 0x7217, 0x7219, + 0x7225, 0x722F, 0x723B, 0x7243, 0x7255, 0x7267, 0x7271, 0x7277, + 0x727F, 0x728F, 0x7295, 0x729B, 0x72A3, 0x72B3, 0x72C7, 0x72CB, + 0x72CD, 0x72D7, 0x72D9, 0x72E3, 0x72EF, 0x72F5, 0x72FD, 0x7303, + 0x730D, 0x7321, 0x732B, 0x733D, 0x7357, 0x735B, 0x7361, 0x737F, + 0x7381, 0x7385, 0x738D, 0x7393, 0x739F, 0x73AB, 0x73BD, 0x73C1, + 0x73C9, 0x73DF, 0x73E5, 0x73E7, 0x73F3, 0x7415, 0x741B, 0x742D, + 0x7439, 0x743F, 0x7441, 0x745D, 0x746B, 0x747B, 0x7489, 0x748D, + 0x749B, 0x74A7, 0x74AB, 0x74B1, 0x74B7, 0x74B9, 0x74DD, 0x74E1, + 0x74E7, 0x74FB, 0x7507, 0x751F, 0x7525, 0x753B, 0x753D, 0x754D, + 0x755F, 0x756B, 0x7577, 0x7589, 0x758B, 0x7591, 0x7597, 0x759D, + 0x75A1, 0x75A7, 0x75B5, 0x75B9, 0x75BB, 0x75D1, 0x75D9, 0x75E5, + 0x75EB, 0x75F5, 0x75FB, 0x7603, 0x760F, 0x7621, 0x762D, 0x7633, + 0x763D, 0x763F, 0x7655, 0x7663, 0x7669, 0x766F, 0x7673, 0x7685, + 0x768B, 0x769F, 0x76B5, 0x76B7, 0x76C3, 0x76DB, 0x76DF, 0x76F1, + 0x7703, 0x7705, 0x771B, 0x771D, 0x7721, 0x772D, 0x7735, 0x7741, + 0x774B, 0x7759, 0x775D, 0x775F, 0x7771, 0x7781, 0x77A7, 0x77AD, + 0x77B3, 0x77B9, 0x77C5, 0x77CF, 0x77D5, 0x77E1, 0x77E9, 0x77EF, + 0x77F3, 0x77F9, 0x7807, 0x7825, 0x782B, 0x7835, 0x783D, 0x7853, + 0x7859, 0x7861, 0x786D, 0x7877, 0x7879, 0x7883, 0x7885, 0x788B, + 0x7895, 0x7897, 0x78A1, 0x78AD, 0x78BF, 0x78D3, 0x78D9, 0x78DD, + 0x78E5, 0x78FB, 0x7901, 0x7907, 0x7925, 0x792B, 0x7939, 0x793F, + 0x794B, 0x7957, 0x795D, 0x7967, 0x7969, 0x7973, 0x7991, 0x7993, + 0x79A3, 0x79AB, 0x79AF, 0x79B1, 0x79B7, 0x79C9, 0x79CD, 0x79CF, + 0x79D5, 0x79D9, 0x79F3, 0x79F7, 0x79FF, 0x7A05, 0x7A0F, 0x7A11, + 0x7A15, 0x7A1B, 0x7A23, 0x7A27, 0x7A2D, 0x7A4B, 0x7A57, 0x7A59, + 0x7A5F, 0x7A65, 0x7A69, 0x7A7D, 0x7A93, 0x7A9B, 0x7A9F, 0x7AA1, + 0x7AA5, 0x7AED, 0x7AF5, 0x7AF9, 0x7B01, 0x7B17, 0x7B19, 0x7B1D, + 0x7B2B, 0x7B35, 0x7B37, 0x7B3B, 0x7B4F, 0x7B55, 0x7B5F, 0x7B71, + 0x7B77, 0x7B8B, 0x7B9B, 0x7BA1, 0x7BA9, 0x7BAF, 0x7BB3, 0x7BC7, + 0x7BD3, 0x7BE9, 0x7BEB, 0x7BEF, 0x7BF1, 0x7BFD, 0x7C07, 0x7C19, + 0x7C1B, 0x7C31, 0x7C37, 0x7C49, 0x7C67, 0x7C69, 0x7C73, 0x7C81, + 0x7C8B, 0x7C93, 0x7CA3, 0x7CD5, 0x7CDB, 0x7CE5, 0x7CED, 0x7CF7, + 0x7D03, 0x7D09, 0x7D1B, 0x7D1D, 0x7D33, 0x7D39, 0x7D3B, 0x7D3F, + 0x7D45, 0x7D4D, 0x7D53, 0x7D59, 0x7D63, 0x7D75, 0x7D77, 0x7D8D, + 0x7D8F, 0x7D9F, 0x7DAD, 0x7DB7, 0x7DBD, 0x7DBF, 0x7DCB, 0x7DD5, + 0x7DE9, 0x7DED, 0x7DFB, 0x7E01, 0x7E05, 0x7E29, 0x7E2B, 0x7E2F, + 0x7E35, 0x7E41, 0x7E43, 0x7E47, 0x7E55, 0x7E61, 0x7E67, 0x7E6B, + 0x7E71, 0x7E73, 0x7E79, 0x7E7D, 0x7E91, 0x7E9B, 0x7E9D, 0x7EA7, + 0x7EAD, 0x7EB9, 0x7EBB, 0x7ED3, 0x7EDF, 0x7EEB, 0x7EF1, 0x7EF7, + 0x7EFB, 0x7F13, 0x7F15, 0x7F19, 0x7F31, 0x7F33, 0x7F39, 0x7F3D, + 0x7F43, 0x7F4B, 0x7F5B, 0x7F61, 0x7F63, 0x7F6D, 0x7F79, 0x7F87, + 0x7F8D, 0x7FAF, 0x7FB5, 0x7FC3, 0x7FC9, 0x7FCD, 0x7FCF, 0x7FED, + 0x8003, 0x800B, 0x800F, 0x8015, 0x801D, 0x8021, 0x8023, 0x803F, + 0x8041, 0x8047, 0x804B, 0x8065, 0x8077, 0x808D, 0x808F, 0x8095, + 0x80A5, 0x80AB, 0x80AD, 0x80BD, 0x80C9, 0x80CB, 0x80D7, 0x80DB, + 0x80E1, 0x80E7, 0x80F5, 0x80FF, 0x8105, 0x810D, 0x8119, 0x811D, + 0x812F, 0x8131, 0x813B, 0x8143, 0x8153, 0x8159, 0x815F, 0x817D, + 0x817F, 0x8189, 0x819B, 0x819D, 0x81A7, 0x81AF, 0x81B3, 0x81BB, + 0x81C7, 0x81DF, 0x8207, 0x8209, 0x8215, 0x821F, 0x8225, 0x8231, + 0x8233, 0x823F, 0x8243, 0x8245, 0x8249, 0x824F, 0x8261, 0x826F, + 0x827B, 0x8281, 0x8285, 0x8293, 0x82B1, 0x82B5, 0x82BD, 0x82C7, + 0x82CF, 0x82D5, 0x82DF, 0x82F1, 0x82F9, 0x82FD, 0x830B, 0x831B, + 0x8321, 0x8329, 0x832D, 0x8333, 0x8335, 0x833F, 0x8341, 0x834D, + 0x8351, 0x8353, 0x8357, 0x835D, 0x8365, 0x8369, 0x836F, 0x838F, + 0x83A7, 0x83B1, 0x83B9, 0x83CB, 0x83D5, 0x83D7, 0x83DD, 0x83E7, + 0x83E9, 0x83ED, 0x83FF, 0x8405, 0x8411, 0x8413, 0x8423, 0x8425, + 0x843B, 0x8441, 0x8447, 0x844F, 0x8461, 0x8465, 0x8477, 0x8483, + 0x848B, 0x8491, 0x8495, 0x84A9, 0x84AF, 0x84CD, 0x84E3, 0x84EF, + 0x84F1, 0x84F7, 0x8509, 0x850D, 0x854B, 0x854F, 0x8551, 0x855D, + 0x8563, 0x856D, 0x856F, 0x857B, 0x8587, 0x85A3, 0x85A5, 0x85A9, + 0x85B7, 0x85CD, 0x85D3, 0x85D5, 0x85DB, 0x85E1, 0x85EB, 0x85F9, + 0x85FD, 0x85FF, 0x8609, 0x860F, 0x8617, 0x8621, 0x862F, 0x8639, + 0x863F, 0x8641, 0x864D, 0x8663, 0x8675, 0x867D, 0x8687, 0x8699, + 0x86A5, 0x86A7, 0x86B3, 0x86B7, 0x86C3, 0x86C5, 0x86CF, 0x86D1, + 0x86D7, 0x86E9, 0x86EF, 0x86F5, 0x8717, 0x871D, 0x871F, 0x872B, + 0x872F, 0x8735, 0x8747, 0x8759, 0x875B, 0x876B, 0x8771, 0x8777, + 0x877F, 0x8785, 0x878F, 0x87A1, 0x87A9, 0x87B3, 0x87BB, 0x87C5, + 0x87C7, 0x87CB, 0x87DD, 0x87F7, 0x8803, 0x8819, 0x881B, 0x881F, + 0x8821, 0x8837, 0x883D, 0x8843, 0x8851, 0x8861, 0x8867, 0x887B, + 0x8885, 0x8891, 0x8893, 0x88A5, 0x88CF, 0x88D3, 0x88EB, 0x88ED, + 0x88F3, 0x88FD, 0x8909, 0x890B, 0x8911, 0x891B, 0x8923, 0x8927, + 0x892D, 0x8939, 0x8945, 0x894D, 0x8951, 0x8957, 0x8963, 0x8981, + 0x8995, 0x899B, 0x89B3, 0x89B9, 0x89C3, 0x89CF, 0x89D1, 0x89DB, + 0x89EF, 0x89F5, 0x89FB, 0x89FF, 0x8A0B, 0x8A19, 0x8A23, 0x8A35, + 0x8A41, 0x8A49, 0x8A4F, 0x8A5B, 0x8A5F, 0x8A6D, 0x8A77, 0x8A79, + 0x8A85, 0x8AA3, 0x8AB3, 0x8AB5, 0x8AC1, 0x8AC7, 0x8ACB, 0x8ACD, + 0x8AD1, 0x8AD7, 0x8AF1, 0x8AF5, 0x8B07, 0x8B09, 0x8B0D, 0x8B13, + 0x8B21, 0x8B57, 0x8B5D, 0x8B91, 0x8B93, 0x8BA3, 0x8BA9, 0x8BAF, + 0x8BBB, 0x8BD5, 0x8BD9, 0x8BDB, 0x8BE1, 0x8BF7, 0x8BFD, 0x8BFF, + 0x8C0B, 0x8C17, 0x8C1D, 0x8C27, 0x8C39, 0x8C3B, 0x8C47, 0x8C53, + 0x8C5D, 0x8C6F, 0x8C7B, 0x8C81, 0x8C89, 0x8C8F, 0x8C99, 0x8C9F, + 0x8CA7, 0x8CAB, 0x8CAD, 0x8CB1, 0x8CC5, 0x8CDD, 0x8CE3, 0x8CE9, + 0x8CF3, 0x8D01, 0x8D0B, 0x8D0D, 0x8D23, 0x8D29, 0x8D37, 0x8D41, + 0x8D5B, 0x8D5F, 0x8D71, 0x8D79, 0x8D85, 0x8D91, 0x8D9B, 0x8DA7, + 0x8DAD, 0x8DB5, 0x8DC5, 0x8DCB, 0x8DD3, 0x8DD9, 0x8DDF, 0x8DF5, + 0x8DF7, 0x8E01, 0x8E15, 0x8E1F, 0x8E25, 0x8E51, 0x8E63, 0x8E69, + 0x8E73, 0x8E75, 0x8E79, 0x8E7F, 0x8E8D, 0x8E91, 0x8EAB, 0x8EAF, + 0x8EB1, 0x8EBD, 0x8EC7, 0x8ECF, 0x8ED3, 0x8EDB, 0x8EE7, 0x8EEB, + 0x8EF7, 0x8EFF, 0x8F15, 0x8F1D, 0x8F23, 0x8F2D, 0x8F3F, 0x8F45, + 0x8F4B, 0x8F53, 0x8F59, 0x8F65, 0x8F69, 0x8F71, 0x8F83, 0x8F8D, + 0x8F99, 0x8F9F, 0x8FAB, 0x8FAD, 0x8FB3, 0x8FB7, 0x8FB9, 0x8FC9, + 0x8FD5, 0x8FE1, 0x8FEF, 0x8FF9, 0x9007, 0x900D, 0x9017, 0x9023, + 0x9025, 0x9031, 0x9037, 0x903B, 0x9041, 0x9043, 0x904F, 0x9053, + 0x906D, 0x9073, 0x9085, 0x908B, 0x9095, 0x909B, 0x909D, 0x90AF, + 0x90B9, 0x90C1, 0x90C5, 0x90DF, 0x90E9, 0x90FD, 0x9103, 0x9113, + 0x9127, 0x9133, 0x913D, 0x9145, 0x914F, 0x9151, 0x9161, 0x9167, + 0x917B, 0x9185, 0x9199, 0x919D, 0x91BB, 0x91BD, 0x91C1, 0x91C9, + 0x91D9, 0x91DB, 0x91ED, 0x91F1, 0x91F3, 0x91F9, 0x9203, 0x9215, + 0x9221, 0x922F, 0x9241, 0x9247, 0x9257, 0x926B, 0x9271, 0x9275, + 0x927D, 0x9283, 0x9287, 0x928D, 0x9299, 0x92A1, 0x92AB, 0x92AD, + 0x92B9, 0x92BF, 0x92C3, 0x92C5, 0x92CB, 0x92D5, 0x92D7, 0x92E7, + 0x92F3, 0x9301, 0x930B, 0x9311, 0x9319, 0x931F, 0x933B, 0x933D, + 0x9343, 0x9355, 0x9373, 0x9395, 0x9397, 0x93A7, 0x93B3, 0x93B5, + 0x93C7, 0x93D7, 0x93DD, 0x93E5, 0x93EF, 0x93F7, 0x9401, 0x9409, + 0x9413, 0x943F, 0x9445, 0x944B, 0x944F, 0x9463, 0x9467, 0x9469, + 0x946D, 0x947B, 0x9497, 0x949F, 0x94A5, 0x94B5, 0x94C3, 0x94E1, + 0x94E7, 0x9505, 0x9509, 0x9517, 0x9521, 0x9527, 0x952D, 0x9535, + 0x9539, 0x954B, 0x9557, 0x955D, 0x955F, 0x9575, 0x9581, 0x9589, + 0x958F, 0x959B, 0x959F, 0x95AD, 0x95B1, 0x95B7, 0x95B9, 0x95BD, + 0x95CF, 0x95E3, 0x95E9, 0x95F9, 0x961F, 0x962F, 0x9631, 0x9635, + 0x963B, 0x963D, 0x9665, 0x968F, 0x969D, 0x96A1, 0x96A7, 0x96A9, + 0x96C1, 0x96CB, 0x96D1, 0x96D3, 0x96E5, 0x96EF, 0x96FB, 0x96FD, + 0x970D, 0x970F, 0x9715, 0x9725, 0x972B, 0x9733, 0x9737, 0x9739, + 0x9743, 0x9749, 0x9751, 0x975B, 0x975D, 0x976F, 0x977F, 0x9787, + 0x9793, 0x97A5, 0x97B1, 0x97B7, 0x97C3, 0x97CD, 0x97D3, 0x97D9, + 0x97EB, 0x97F7, 0x9805, 0x9809, 0x980B, 0x9815, 0x9829, 0x982F, + 0x983B, 0x9841, 0x9851, 0x986B, 0x986F, 0x9881, 0x9883, 0x9887, + 0x98A7, 0x98B1, 0x98B9, 0x98BF, 0x98C3, 0x98C9, 0x98CF, 0x98DD, + 0x98E3, 0x98F5, 0x98F9, 0x98FB, 0x990D, 0x9917, 0x991F, 0x9929, + 0x9931, 0x993B, 0x993D, 0x9941, 0x9947, 0x9949, 0x9953, 0x997D, + 0x9985, 0x9991, 0x9995, 0x999B, 0x99AD, 0x99AF, 0x99BF, 0x99C7, + 0x99CB, 0x99CD, 0x99D7, 0x99E5, 0x99F1, 0x99FB, 0x9A0F, 0x9A13, + 0x9A1B, 0x9A25, 0x9A4B, 0x9A4F, 0x9A55, 0x9A57, 0x9A61, 0x9A75, + 0x9A7F, 0x9A8B, 0x9A91, 0x9A9D, 0x9AB7, 0x9AC3, 0x9AC7, 0x9ACF, + 0x9AEB, 0x9AF3, 0x9AF7, 0x9AFF, 0x9B17, 0x9B1D, 0x9B27, 0x9B2F, + 0x9B35, 0x9B45, 0x9B51, 0x9B59, 0x9B63, 0x9B6F, 0x9B77, 0x9B8D, + 0x9B93, 0x9B95, 0x9B9F, 0x9BA1, 0x9BA7, 0x9BB1, 0x9BB7, 0x9BBD, + 0x9BC5, 0x9BCB, 0x9BCF, 0x9BDD, 0x9BF9, 0x9C01, 0x9C11, 0x9C23, + 0x9C2B, 0x9C2F, 0x9C35, 0x9C49, 0x9C4D, 0x9C5F, 0x9C65, 0x9C67, + 0x9C7F, 0x9C97, 0x9C9D, 0x9CA3, 0x9CAF, 0x9CBB, 0x9CBF, 0x9CC1, + 0x9CD7, 0x9CD9, 0x9CE3, 0x9CE9, 0x9CF1, 0x9CFD, 0x9D01, 0x9D15, + 0x9D27, 0x9D2D, 0x9D31, 0x9D3D, 0x9D55, 0x9D5B, 0x9D61, 0x9D97, + 0x9D9F, 0x9DA5, 0x9DA9, 0x9DC3, 0x9DE7, 0x9DEB, 0x9DED, 0x9DF1, + 0x9E0B, 0x9E17, 0x9E23, 0x9E27, 0x9E2D, 0x9E33, 0x9E3B, 0x9E47, + 0x9E51, 0x9E53, 0x9E5F, 0x9E6F, 0x9E81, 0x9E87, 0x9E8F, 0x9E95, + 0x9EA1, 0x9EB3, 0x9EBD, 0x9EBF, 0x9EF5, 0x9EF9, 0x9EFB, 0x9F05, + 0x9F23, 0x9F2F, 0x9F37, 0x9F3B, 0x9F43, 0x9F53, 0x9F61, 0x9F6D, + 0x9F73, 0x9F77, 0x9F7D, 0x9F89, 0x9F8F, 0x9F91, 0x9F95, 0x9FA3, + 0x9FAF, 0x9FB3, 0x9FC1, 0x9FC7, 0x9FDF, 0x9FE5, 0x9FEB, 0x9FF5, + 0xA001, 0xA00D, 0xA021, 0xA033, 0xA039, 0xA03F, 0xA04F, 0xA057, + 0xA05B, 0xA061, 0xA075, 0xA079, 0xA099, 0xA09D, 0xA0AB, 0xA0B5, + 0xA0B7, 0xA0BD, 0xA0C9, 0xA0D9, 0xA0DB, 0xA0DF, 0xA0E5, 0xA0F1, + 0xA0F3, 0xA0FD, 0xA105, 0xA10B, 0xA10F, 0xA111, 0xA11B, 0xA129, + 0xA12F, 0xA135, 0xA141, 0xA153, 0xA175, 0xA17D, 0xA187, 0xA18D, + 0xA1A5, 0xA1AB, 0xA1AD, 0xA1B7, 0xA1C3, 0xA1C5, 0xA1E3, 0xA1ED, + 0xA1FB, 0xA207, 0xA213, 0xA223, 0xA229, 0xA22F, 0xA231, 0xA243, + 0xA247, 0xA24D, 0xA26B, 0xA279, 0xA27D, 0xA283, 0xA289, 0xA28B, + 0xA291, 0xA295, 0xA29B, 0xA2A9, 0xA2AF, 0xA2B3, 0xA2BB, 0xA2C5, + 0xA2D1, 0xA2D7, 0xA2F7, 0xA301, 0xA309, 0xA31F, 0xA321, 0xA32B, + 0xA331, 0xA349, 0xA351, 0xA355, 0xA373, 0xA379, 0xA37B, 0xA387, + 0xA397, 0xA39F, 0xA3A5, 0xA3A9, 0xA3AF, 0xA3B7, 0xA3C7, 0xA3D5, + 0xA3DB, 0xA3E1, 0xA3E5, 0xA3E7, 0xA3F1, 0xA3FD, 0xA3FF, 0xA40F, + 0xA41D, 0xA421, 0xA423, 0xA427, 0xA43B, 0xA44D, 0xA457, 0xA459, + 0xA463, 0xA469, 0xA475, 0xA493, 0xA49B, 0xA4AD, 0xA4B9, 0xA4C3, + 0xA4C5, 0xA4CB, 0xA4D1, 0xA4D5, 0xA4E1, 0xA4ED, 0xA4EF, 0xA4F3, + 0xA4FF, 0xA511, 0xA529, 0xA52B, 0xA535, 0xA53B, 0xA543, 0xA553, + 0xA55B, 0xA561, 0xA56D, 0xA577, 0xA585, 0xA58B, 0xA597, 0xA59D, + 0xA5A3, 0xA5A7, 0xA5A9, 0xA5C1, 0xA5C5, 0xA5CB, 0xA5D3, 0xA5D9, + 0xA5DD, 0xA5DF, 0xA5E3, 0xA5E9, 0xA5F7, 0xA5FB, 0xA603, 0xA60D, + 0xA625, 0xA63D, 0xA649, 0xA64B, 0xA651, 0xA65D, 0xA673, 0xA691, + 0xA693, 0xA699, 0xA6AB, 0xA6B5, 0xA6BB, 0xA6C1, 0xA6C9, 0xA6CD, + 0xA6CF, 0xA6D5, 0xA6DF, 0xA6E7, 0xA6F1, 0xA6F7, 0xA6FF, 0xA70F, + 0xA715, 0xA723, 0xA729, 0xA72D, 0xA745, 0xA74D, 0xA757, 0xA759, + 0xA765, 0xA76B, 0xA76F, 0xA793, 0xA795, 0xA7AB, 0xA7B1, 0xA7B9, + 0xA7BF, 0xA7C9, 0xA7D1, 0xA7D7, 0xA7E3, 0xA7ED, 0xA7FB, 0xA805, + 0xA80B, 0xA81D, 0xA829, 0xA82B, 0xA837, 0xA83B, 0xA855, 0xA85F, + 0xA86D, 0xA87D, 0xA88F, 0xA897, 0xA8A9, 0xA8B5, 0xA8C1, 0xA8C7, + 0xA8D7, 0xA8E5, 0xA8FD, 0xA907, 0xA913, 0xA91B, 0xA931, 0xA937, + 0xA939, 0xA943, 0xA97F, 0xA985, 0xA987, 0xA98B, 0xA993, 0xA9A3, + 0xA9B1, 0xA9BB, 0xA9C1, 0xA9D9, 0xA9DF, 0xA9EB, 0xA9FD, 0xAA15, + 0xAA17, 0xAA35, 0xAA39, 0xAA3B, 0xAA47, 0xAA4D, 0xAA57, 0xAA59, + 0xAA5D, 0xAA6B, 0xAA71, 0xAA81, 0xAA83, 0xAA8D, 0xAA95, 0xAAAB, + 0xAABF, 0xAAC5, 0xAAC9, 0xAAE9, 0xAAEF, 0xAB01, 0xAB05, 0xAB07, + 0xAB0B, 0xAB0D, 0xAB11, 0xAB19, 0xAB4D, 0xAB5B, 0xAB71, 0xAB73, + 0xAB89, 0xAB9D, 0xABA7, 0xABAF, 0xABB9, 0xABBB, 0xABC1, 0xABC5, + 0xABD3, 0xABD7, 0xABDD, 0xABF1, 0xABF5, 0xABFB, 0xABFD, 0xAC09, + 0xAC15, 0xAC1B, 0xAC27, 0xAC37, 0xAC39, 0xAC45, 0xAC4F, 0xAC57, + 0xAC5B, 0xAC61, 0xAC63, 0xAC7F, 0xAC8B, 0xAC93, 0xAC9D, 0xACA9, + 0xACAB, 0xACAF, 0xACBD, 0xACD9, 0xACE1, 0xACE7, 0xACEB, 0xACED, + 0xACF1, 0xACF7, 0xACF9, 0xAD05, 0xAD3F, 0xAD45, 0xAD53, 0xAD5D, + 0xAD5F, 0xAD65, 0xAD81, 0xADA1, 0xADA5, 0xADC3, 0xADCB, 0xADD1, + 0xADD5, 0xADDB, 0xADE7, 0xADF3, 0xADF5, 0xADF9, 0xADFF, 0xAE05, + 0xAE13, 0xAE23, 0xAE2B, 0xAE49, 0xAE4D, 0xAE4F, 0xAE59, 0xAE61, + 0xAE67, 0xAE6B, 0xAE71, 0xAE8B, 0xAE8F, 0xAE9B, 0xAE9D, 0xAEA7, + 0xAEB9, 0xAEC5, 0xAED1, 0xAEE3, 0xAEE5, 0xAEE9, 0xAEF5, 0xAEFD, + 0xAF09, 0xAF13, 0xAF27, 0xAF2B, 0xAF33, 0xAF43, 0xAF4F, 0xAF57, + 0xAF5D, 0xAF6D, 0xAF75, 0xAF7F, 0xAF8B, 0xAF99, 0xAF9F, 0xAFA3, + 0xAFAB, 0xAFB7, 0xAFBB, 0xAFCF, 0xAFD5, 0xAFFD, 0xB005, 0xB015, + 0xB01B, 0xB03F, 0xB041, 0xB047, 0xB04B, 0xB051, 0xB053, 0xB069, + 0xB07B, 0xB07D, 0xB087, 0xB08D, 0xB0B1, 0xB0BF, 0xB0CB, 0xB0CF, + 0xB0E1, 0xB0E9, 0xB0ED, 0xB0FB, 0xB105, 0xB107, 0xB111, 0xB119, + 0xB11D, 0xB11F, 0xB131, 0xB141, 0xB14D, 0xB15B, 0xB165, 0xB173, + 0xB179, 0xB17F, 0xB1A9, 0xB1B3, 0xB1B9, 0xB1BF, 0xB1D3, 0xB1DD, + 0xB1E5, 0xB1F1, 0xB1F5, 0xB201, 0xB213, 0xB215, 0xB21F, 0xB22D, + 0xB23F, 0xB249, 0xB25B, 0xB263, 0xB269, 0xB26D, 0xB27B, 0xB281, + 0xB28B, 0xB2A9, 0xB2B7, 0xB2BD, 0xB2C3, 0xB2C7, 0xB2D3, 0xB2F9, + 0xB2FD, 0xB2FF, 0xB303, 0xB309, 0xB311, 0xB31D, 0xB327, 0xB32D, + 0xB33F, 0xB345, 0xB377, 0xB37D, 0xB381, 0xB387, 0xB393, 0xB39B, + 0xB3A5, 0xB3C5, 0xB3CB, 0xB3E1, 0xB3E3, 0xB3ED, 0xB3F9, 0xB40B, + 0xB40D, 0xB413, 0xB417, 0xB435, 0xB43D, 0xB443, 0xB449, 0xB45B, + 0xB465, 0xB467, 0xB46B, 0xB477, 0xB48B, 0xB495, 0xB49D, 0xB4B5, + 0xB4BF, 0xB4C1, 0xB4C7, 0xB4DD, 0xB4E3, 0xB4E5, 0xB4F7, 0xB501, + 0xB50D, 0xB50F, 0xB52D, 0xB53F, 0xB54B, 0xB567, 0xB569, 0xB56F, + 0xB573, 0xB579, 0xB587, 0xB58D, 0xB599, 0xB5A3, 0xB5AB, 0xB5AF, + 0xB5BB, 0xB5D5, 0xB5DF, 0xB5E7, 0xB5ED, 0xB5FD, 0xB5FF, 0xB609, + 0xB61B, 0xB629, 0xB62F, 0xB633, 0xB639, 0xB647, 0xB657, 0xB659, + 0xB65F, 0xB663, 0xB66F, 0xB683, 0xB687, 0xB69B, 0xB69F, 0xB6A5, + 0xB6B1, 0xB6B3, 0xB6D7, 0xB6DB, 0xB6E1, 0xB6E3, 0xB6ED, 0xB6EF, + 0xB705, 0xB70D, 0xB713, 0xB71D, 0xB729, 0xB735, 0xB747, 0xB755, + 0xB76D, 0xB791, 0xB795, 0xB7A9, 0xB7C1, 0xB7CB, 0xB7D1, 0xB7D3, + 0xB7EF, 0xB7F5, 0xB807, 0xB80F, 0xB813, 0xB819, 0xB821, 0xB827, + 0xB82B, 0xB82D, 0xB839, 0xB855, 0xB867, 0xB875, 0xB885, 0xB893, + 0xB8A5, 0xB8AF, 0xB8B7, 0xB8BD, 0xB8C1, 0xB8C7, 0xB8CD, 0xB8D5, + 0xB8EB, 0xB8F7, 0xB8F9, 0xB903, 0xB915, 0xB91B, 0xB91D, 0xB92F, + 0xB939, 0xB93B, 0xB947, 0xB951, 0xB963, 0xB983, 0xB989, 0xB98D, + 0xB993, 0xB999, 0xB9A1, 0xB9A7, 0xB9AD, 0xB9B7, 0xB9CB, 0xB9D1, + 0xB9DD, 0xB9E7, 0xB9EF, 0xB9F9, 0xBA07, 0xBA0D, 0xBA17, 0xBA25, + 0xBA29, 0xBA2B, 0xBA41, 0xBA53, 0xBA55, 0xBA5F, 0xBA61, 0xBA65, + 0xBA79, 0xBA7D, 0xBA7F, 0xBAA1, 0xBAA3, 0xBAAF, 0xBAB5, 0xBABF, + 0xBAC1, 0xBACB, 0xBADD, 0xBAE3, 0xBAF1, 0xBAFD, 0xBB09, 0xBB1F, + 0xBB27, 0xBB2D, 0xBB3D, 0xBB43, 0xBB4B, 0xBB4F, 0xBB5B, 0xBB61, + 0xBB69, 0xBB6D, 0xBB91, 0xBB97, 0xBB9D, 0xBBB1, 0xBBC9, 0xBBCF, + 0xBBDB, 0xBBED, 0xBBF7, 0xBBF9, 0xBC03, 0xBC1D, 0xBC23, 0xBC33, + 0xBC3B, 0xBC41, 0xBC45, 0xBC5D, 0xBC6F, 0xBC77, 0xBC83, 0xBC8F, + 0xBC99, 0xBCAB, 0xBCB7, 0xBCB9, 0xBCD1, 0xBCD5, 0xBCE1, 0xBCF3, + 0xBCFF, 0xBD0D, 0xBD17, 0xBD19, 0xBD1D, 0xBD35, 0xBD41, 0xBD4F, + 0xBD59, 0xBD5F, 0xBD61, 0xBD67, 0xBD6B, 0xBD71, 0xBD8B, 0xBD8F, + 0xBD95, 0xBD9B, 0xBD9D, 0xBDB3, 0xBDBB, 0xBDCD, 0xBDD1, 0xBDE3, + 0xBDEB, 0xBDEF, 0xBE07, 0xBE09, 0xBE15, 0xBE21, 0xBE25, 0xBE27, + 0xBE5B, 0xBE5D, 0xBE6F, 0xBE75, 0xBE79, 0xBE7F, 0xBE8B, 0xBE8D, + 0xBE93, 0xBE9F, 0xBEA9, 0xBEB1, 0xBEB5, 0xBEB7, 0xBECF, 0xBED9, + 0xBEDB, 0xBEE5, 0xBEE7, 0xBEF3, 0xBEF9, 0xBF0B, 0xBF33, 0xBF39, + 0xBF4D, 0xBF5D, 0xBF5F, 0xBF6B, 0xBF71, 0xBF7B, 0xBF87, 0xBF89, + 0xBF8D, 0xBF93, 0xBFA1, 0xBFAD, 0xBFB9, 0xBFCF, 0xBFD5, 0xBFDD, + 0xBFE1, 0xBFE3, 0xBFF3, 0xC005, 0xC011, 0xC013, 0xC019, 0xC029, + 0xC02F, 0xC031, 0xC037, 0xC03B, 0xC047, 0xC065, 0xC06D, 0xC07D, + 0xC07F, 0xC091, 0xC09B, 0xC0B3, 0xC0B5, 0xC0BB, 0xC0D3, 0xC0D7, + 0xC0D9, 0xC0EF, 0xC0F1, 0xC101, 0xC103, 0xC109, 0xC115, 0xC119, + 0xC12B, 0xC133, 0xC137, 0xC145, 0xC149, 0xC15B, 0xC173, 0xC179, + 0xC17B, 0xC181, 0xC18B, 0xC18D, 0xC197, 0xC1BD, 0xC1C3, 0xC1CD, + 0xC1DB, 0xC1E1, 0xC1E7, 0xC1FF, 0xC203, 0xC205, 0xC211, 0xC221, + 0xC22F, 0xC23F, 0xC24B, 0xC24D, 0xC253, 0xC25D, 0xC277, 0xC27B, + 0xC27D, 0xC289, 0xC28F, 0xC293, 0xC29F, 0xC2A7, 0xC2B3, 0xC2BD, + 0xC2CF, 0xC2D5, 0xC2E3, 0xC2FF, 0xC301, 0xC307, 0xC311, 0xC313, + 0xC317, 0xC325, 0xC347, 0xC349, 0xC34F, 0xC365, 0xC367, 0xC371, + 0xC37F, 0xC383, 0xC385, 0xC395, 0xC39D, 0xC3A7, 0xC3AD, 0xC3B5, + 0xC3BF, 0xC3C7, 0xC3CB, 0xC3D1, 0xC3D3, 0xC3E3, 0xC3E9, 0xC3EF, + 0xC401, 0xC41F, 0xC42D, 0xC433, 0xC437, 0xC455, 0xC457, 0xC461, + 0xC46F, 0xC473, 0xC487, 0xC491, 0xC499, 0xC49D, 0xC4A5, 0xC4B7, + 0xC4BB, 0xC4C9, 0xC4CF, 0xC4D3, 0xC4EB, 0xC4F1, 0xC4F7, 0xC509, + 0xC51B, 0xC51D, 0xC541, 0xC547, 0xC551, 0xC55F, 0xC56B, 0xC56F, + 0xC575, 0xC577, 0xC595, 0xC59B, 0xC59F, 0xC5A1, 0xC5A7, 0xC5C3, + 0xC5D7, 0xC5DB, 0xC5EF, 0xC5FB, 0xC613, 0xC623, 0xC635, 0xC641, + 0xC64F, 0xC655, 0xC659, 0xC665, 0xC685, 0xC691, 0xC697, 0xC6A1, + 0xC6A9, 0xC6B3, 0xC6B9, 0xC6CB, 0xC6CD, 0xC6DD, 0xC6EB, 0xC6F1, + 0xC707, 0xC70D, 0xC719, 0xC71B, 0xC72D, 0xC731, 0xC739, 0xC757, + 0xC763, 0xC767, 0xC773, 0xC775, 0xC77F, 0xC7A5, 0xC7BB, 0xC7BD, + 0xC7C1, 0xC7CF, 0xC7D5, 0xC7E1, 0xC7F9, 0xC7FD, 0xC7FF, 0xC803, + 0xC811, 0xC81D, 0xC827, 0xC829, 0xC839, 0xC83F, 0xC853, 0xC857, + 0xC86B, 0xC881, 0xC88D, 0xC88F, 0xC893, 0xC895, 0xC8A1, 0xC8B7, + 0xC8CF, 0xC8D5, 0xC8DB, 0xC8DD, 0xC8E3, 0xC8E7, 0xC8ED, 0xC8EF, + 0xC8F9, 0xC905, 0xC911, 0xC917, 0xC919, 0xC91F, 0xC92F, 0xC937, + 0xC93D, 0xC941, 0xC953, 0xC95F, 0xC96B, 0xC979, 0xC97D, 0xC989, + 0xC98F, 0xC997, 0xC99D, 0xC9AF, 0xC9B5, 0xC9BF, 0xC9CB, 0xC9D9, + 0xC9DF, 0xC9E3, 0xC9EB, 0xCA01, 0xCA07, 0xCA09, 0xCA25, 0xCA37, + 0xCA39, 0xCA4B, 0xCA55, 0xCA5B, 0xCA69, 0xCA73, 0xCA75, 0xCA7F, + 0xCA8D, 0xCA93, 0xCA9D, 0xCA9F, 0xCAB5, 0xCABB, 0xCAC3, 0xCAC9, + 0xCAD9, 0xCAE5, 0xCAED, 0xCB03, 0xCB05, 0xCB09, 0xCB17, 0xCB29, + 0xCB35, 0xCB3B, 0xCB53, 0xCB59, 0xCB63, 0xCB65, 0xCB71, 0xCB87, + 0xCB99, 0xCB9F, 0xCBB3, 0xCBB9, 0xCBC3, 0xCBD1, 0xCBD5, 0xCBD7, + 0xCBDD, 0xCBE9, 0xCBFF, 0xCC0D, 0xCC19, 0xCC1D, 0xCC23, 0xCC2B, + 0xCC41, 0xCC43, 0xCC4D, 0xCC59, 0xCC61, 0xCC89, 0xCC8B, 0xCC91, + 0xCC9B, 0xCCA3, 0xCCA7, 0xCCD1, 0xCCE5, 0xCCE9, 0xCD09, 0xCD15, + 0xCD1F, 0xCD25, 0xCD31, 0xCD3D, 0xCD3F, 0xCD49, 0xCD51, 0xCD57, + 0xCD5B, 0xCD63, 0xCD67, 0xCD81, 0xCD93, 0xCD97, 0xCD9F, 0xCDBB, + 0xCDC1, 0xCDD3, 0xCDD9, 0xCDE5, 0xCDE7, 0xCDF1, 0xCDF7, 0xCDFD, + 0xCE0B, 0xCE15, 0xCE21, 0xCE2F, 0xCE47, 0xCE4D, 0xCE51, 0xCE65, + 0xCE7B, 0xCE7D, 0xCE8F, 0xCE93, 0xCE99, 0xCEA5, 0xCEA7, 0xCEB7, + 0xCEC9, 0xCED7, 0xCEDD, 0xCEE3, 0xCEE7, 0xCEED, 0xCEF5, 0xCF07, + 0xCF0B, 0xCF19, 0xCF37, 0xCF3B, 0xCF4D, 0xCF55, 0xCF5F, 0xCF61, + 0xCF65, 0xCF6D, 0xCF79, 0xCF7D, 0xCF89, 0xCF9B, 0xCF9D, 0xCFA9, + 0xCFB3, 0xCFB5, 0xCFC5, 0xCFCD, 0xCFD1, 0xCFEF, 0xCFF1, 0xCFF7, + 0xD013, 0xD015, 0xD01F, 0xD021, 0xD033, 0xD03D, 0xD04B, 0xD04F, + 0xD069, 0xD06F, 0xD081, 0xD085, 0xD099, 0xD09F, 0xD0A3, 0xD0AB, + 0xD0BD, 0xD0C1, 0xD0CD, 0xD0E7, 0xD0FF, 0xD103, 0xD117, 0xD12D, + 0xD12F, 0xD141, 0xD157, 0xD159, 0xD15D, 0xD169, 0xD16B, 0xD171, + 0xD177, 0xD17D, 0xD181, 0xD187, 0xD195, 0xD199, 0xD1B1, 0xD1BD, + 0xD1C3, 0xD1D5, 0xD1D7, 0xD1E3, 0xD1FF, 0xD20D, 0xD211, 0xD217, + 0xD21F, 0xD235, 0xD23B, 0xD247, 0xD259, 0xD261, 0xD265, 0xD279, + 0xD27F, 0xD283, 0xD289, 0xD28B, 0xD29D, 0xD2A3, 0xD2A7, 0xD2B3, + 0xD2BF, 0xD2C7, 0xD2E3, 0xD2E9, 0xD2F1, 0xD2FB, 0xD2FD, 0xD315, + 0xD321, 0xD32B, 0xD343, 0xD34B, 0xD355, 0xD369, 0xD375, 0xD37B, + 0xD387, 0xD393, 0xD397, 0xD3A5, 0xD3B1, 0xD3C9, 0xD3EB, 0xD3FD, + 0xD405, 0xD40F, 0xD415, 0xD427, 0xD42F, 0xD433, 0xD43B, 0xD44B, + 0xD459, 0xD45F, 0xD463, 0xD469, 0xD481, 0xD483, 0xD489, 0xD48D, + 0xD493, 0xD495, 0xD4A5, 0xD4AB, 0xD4B1, 0xD4C5, 0xD4DD, 0xD4E1, + 0xD4E3, 0xD4E7, 0xD4F5, 0xD4F9, 0xD50B, 0xD50D, 0xD513, 0xD51F, + 0xD523, 0xD531, 0xD535, 0xD537, 0xD549, 0xD559, 0xD55F, 0xD565, + 0xD567, 0xD577, 0xD58B, 0xD591, 0xD597, 0xD5B5, 0xD5B9, 0xD5C1, + 0xD5C7, 0xD5DF, 0xD5EF, 0xD5F5, 0xD5FB, 0xD603, 0xD60F, 0xD62D, + 0xD631, 0xD643, 0xD655, 0xD65D, 0xD661, 0xD67B, 0xD685, 0xD687, + 0xD69D, 0xD6A5, 0xD6AF, 0xD6BD, 0xD6C3, 0xD6C7, 0xD6D9, 0xD6E1, + 0xD6ED, 0xD709, 0xD70B, 0xD711, 0xD715, 0xD721, 0xD727, 0xD73F, + 0xD745, 0xD74D, 0xD757, 0xD76B, 0xD77B, 0xD783, 0xD7A1, 0xD7A7, + 0xD7AD, 0xD7B1, 0xD7B3, 0xD7BD, 0xD7CB, 0xD7D1, 0xD7DB, 0xD7FB, + 0xD811, 0xD823, 0xD825, 0xD829, 0xD82B, 0xD82F, 0xD837, 0xD84D, + 0xD855, 0xD867, 0xD873, 0xD88F, 0xD891, 0xD8A1, 0xD8AD, 0xD8BF, + 0xD8CD, 0xD8D7, 0xD8E9, 0xD8F5, 0xD8FB, 0xD91B, 0xD925, 0xD933, + 0xD939, 0xD943, 0xD945, 0xD94F, 0xD951, 0xD957, 0xD96D, 0xD96F, + 0xD973, 0xD979, 0xD981, 0xD98B, 0xD991, 0xD99F, 0xD9A5, 0xD9A9, + 0xD9B5, 0xD9D3, 0xD9EB, 0xD9F1, 0xD9F7, 0xD9FF, 0xDA05, 0xDA09, + 0xDA0B, 0xDA0F, 0xDA15, 0xDA1D, 0xDA23, 0xDA29, 0xDA3F, 0xDA51, + 0xDA59, 0xDA5D, 0xDA5F, 0xDA71, 0xDA77, 0xDA7B, 0xDA7D, 0xDA8D, + 0xDA9F, 0xDAB3, 0xDABD, 0xDAC3, 0xDAC9, 0xDAE7, 0xDAE9, 0xDAF5, + 0xDB11, 0xDB17, 0xDB1D, 0xDB23, 0xDB25, 0xDB31, 0xDB3B, 0xDB43, + 0xDB55, 0xDB67, 0xDB6B, 0xDB73, 0xDB85, 0xDB8F, 0xDB91, 0xDBAD, + 0xDBAF, 0xDBB9, 0xDBC7, 0xDBCB, 0xDBCD, 0xDBEB, 0xDBF7, 0xDC0D, + 0xDC27, 0xDC31, 0xDC39, 0xDC3F, 0xDC49, 0xDC51, 0xDC61, 0xDC6F, + 0xDC75, 0xDC7B, 0xDC85, 0xDC93, 0xDC99, 0xDC9D, 0xDC9F, 0xDCA9, + 0xDCB5, 0xDCB7, 0xDCBD, 0xDCC7, 0xDCCF, 0xDCD3, 0xDCD5, 0xDCDF, + 0xDCF9, 0xDD0F, 0xDD15, 0xDD17, 0xDD23, 0xDD35, 0xDD39, 0xDD53, + 0xDD57, 0xDD5F, 0xDD69, 0xDD6F, 0xDD7D, 0xDD87, 0xDD89, 0xDD9B, + 0xDDA1, 0xDDAB, 0xDDBF, 0xDDC5, 0xDDCB, 0xDDCF, 0xDDE7, 0xDDE9, + 0xDDED, 0xDDF5, 0xDDFB, 0xDE0B, 0xDE19, 0xDE29, 0xDE3B, 0xDE3D, + 0xDE41, 0xDE4D, 0xDE4F, 0xDE59, 0xDE5B, 0xDE61, 0xDE6D, 0xDE77, + 0xDE7D, 0xDE83, 0xDE97, 0xDE9D, 0xDEA1, 0xDEA7, 0xDECD, 0xDED1, + 0xDED7, 0xDEE3, 0xDEF1, 0xDEF5, 0xDF01, 0xDF09, 0xDF13, 0xDF1F, + 0xDF2B, 0xDF33, 0xDF37, 0xDF3D, 0xDF4B, 0xDF55, 0xDF5B, 0xDF67, + 0xDF69, 0xDF73, 0xDF85, 0xDF87, 0xDF99, 0xDFA3, 0xDFAB, 0xDFB5, + 0xDFB7, 0xDFC3, 0xDFC7, 0xDFD5, 0xDFF1, 0xDFF3, 0xE003, 0xE005, + 0xE017, 0xE01D, 0xE027, 0xE02D, 0xE035, 0xE045, 0xE053, 0xE071, + 0xE07B, 0xE08F, 0xE095, 0xE09F, 0xE0B7, 0xE0B9, 0xE0D5, 0xE0D7, + 0xE0E3, 0xE0F3, 0xE0F9, 0xE101, 0xE125, 0xE129, 0xE131, 0xE135, + 0xE143, 0xE14F, 0xE159, 0xE161, 0xE16D, 0xE171, 0xE177, 0xE17F, + 0xE183, 0xE189, 0xE197, 0xE1AD, 0xE1B5, 0xE1BB, 0xE1BF, 0xE1C1, + 0xE1CB, 0xE1D1, 0xE1E5, 0xE1EF, 0xE1F7, 0xE1FD, 0xE203, 0xE219, + 0xE22B, 0xE22D, 0xE23D, 0xE243, 0xE257, 0xE25B, 0xE275, 0xE279, + 0xE287, 0xE29D, 0xE2AB, 0xE2AF, 0xE2BB, 0xE2C1, 0xE2C9, 0xE2CD, + 0xE2D3, 0xE2D9, 0xE2F3, 0xE2FD, 0xE2FF, 0xE311, 0xE323, 0xE327, + 0xE329, 0xE339, 0xE33B, 0xE34D, 0xE351, 0xE357, 0xE35F, 0xE363, + 0xE369, 0xE375, 0xE377, 0xE37D, 0xE383, 0xE39F, 0xE3C5, 0xE3C9, + 0xE3D1, 0xE3E1, 0xE3FB, 0xE3FF, 0xE401, 0xE40B, 0xE417, 0xE419, + 0xE423, 0xE42B, 0xE431, 0xE43B, 0xE447, 0xE449, 0xE453, 0xE455, + 0xE46D, 0xE471, 0xE48F, 0xE4A9, 0xE4AF, 0xE4B5, 0xE4C7, 0xE4CD, + 0xE4D3, 0xE4E9, 0xE4EB, 0xE4F5, 0xE507, 0xE521, 0xE525, 0xE537, + 0xE53F, 0xE545, 0xE54B, 0xE557, 0xE567, 0xE56D, 0xE575, 0xE585, + 0xE58B, 0xE593, 0xE5A3, 0xE5A5, 0xE5CF, 0xE609, 0xE611, 0xE615, + 0xE61B, 0xE61D, 0xE621, 0xE629, 0xE639, 0xE63F, 0xE653, 0xE657, + 0xE663, 0xE66F, 0xE675, 0xE681, 0xE683, 0xE68D, 0xE68F, 0xE695, + 0xE6AB, 0xE6AD, 0xE6B7, 0xE6BD, 0xE6C5, 0xE6CB, 0xE6D5, 0xE6E3, + 0xE6E9, 0xE6EF, 0xE6F3, 0xE705, 0xE70D, 0xE717, 0xE71F, 0xE72F, + 0xE73D, 0xE747, 0xE749, 0xE753, 0xE755, 0xE761, 0xE767, 0xE76B, + 0xE77F, 0xE789, 0xE791, 0xE7C5, 0xE7CD, 0xE7D7, 0xE7DD, 0xE7DF, + 0xE7E9, 0xE7F1, 0xE7FB, 0xE801, 0xE807, 0xE80F, 0xE819, 0xE81B, + 0xE831, 0xE833, 0xE837, 0xE83D, 0xE84B, 0xE84F, 0xE851, 0xE869, + 0xE875, 0xE879, 0xE893, 0xE8A5, 0xE8A9, 0xE8AF, 0xE8BD, 0xE8DB, + 0xE8E1, 0xE8E5, 0xE8EB, 0xE8ED, 0xE903, 0xE90B, 0xE90F, 0xE915, + 0xE917, 0xE92D, 0xE933, 0xE93B, 0xE94B, 0xE951, 0xE95F, 0xE963, + 0xE969, 0xE97B, 0xE983, 0xE98F, 0xE995, 0xE9A1, 0xE9B9, 0xE9D7, + 0xE9E7, 0xE9EF, 0xEA11, 0xEA19, 0xEA2F, 0xEA35, 0xEA43, 0xEA4D, + 0xEA5F, 0xEA6D, 0xEA71, 0xEA7D, 0xEA85, 0xEA89, 0xEAAD, 0xEAB3, + 0xEAB9, 0xEABB, 0xEAC5, 0xEAC7, 0xEACB, 0xEADF, 0xEAE5, 0xEAEB, + 0xEAF5, 0xEB01, 0xEB07, 0xEB09, 0xEB31, 0xEB39, 0xEB3F, 0xEB5B, + 0xEB61, 0xEB63, 0xEB6F, 0xEB81, 0xEB85, 0xEB9D, 0xEBAB, 0xEBB1, + 0xEBB7, 0xEBC1, 0xEBD5, 0xEBDF, 0xEBED, 0xEBFD, 0xEC0B, 0xEC1B, + 0xEC21, 0xEC29, 0xEC4D, 0xEC51, 0xEC5D, 0xEC69, 0xEC6F, 0xEC7B, + 0xECAD, 0xECB9, 0xECBF, 0xECC3, 0xECC9, 0xECCF, 0xECD7, 0xECDD, + 0xECE7, 0xECE9, 0xECF3, 0xECF5, 0xED07, 0xED11, 0xED1F, 0xED2F, + 0xED37, 0xED3D, 0xED41, 0xED55, 0xED59, 0xED5B, 0xED65, 0xED6B, + 0xED79, 0xED8B, 0xED95, 0xEDBB, 0xEDC5, 0xEDD7, 0xEDD9, 0xEDE3, + 0xEDE5, 0xEDF1, 0xEDF5, 0xEDF7, 0xEDFB, 0xEE09, 0xEE0F, 0xEE19, + 0xEE21, 0xEE49, 0xEE4F, 0xEE63, 0xEE67, 0xEE73, 0xEE7B, 0xEE81, + 0xEEA3, 0xEEAB, 0xEEC1, 0xEEC9, 0xEED5, 0xEEDF, 0xEEE1, 0xEEF1, + 0xEF1B, 0xEF27, 0xEF2F, 0xEF45, 0xEF4D, 0xEF63, 0xEF6B, 0xEF71, + 0xEF93, 0xEF95, 0xEF9B, 0xEF9F, 0xEFAD, 0xEFB3, 0xEFC3, 0xEFC5, + 0xEFDB, 0xEFE1, 0xEFE9, 0xF001, 0xF017, 0xF01D, 0xF01F, 0xF02B, + 0xF02F, 0xF035, 0xF043, 0xF047, 0xF04F, 0xF067, 0xF06B, 0xF071, + 0xF077, 0xF079, 0xF08F, 0xF0A3, 0xF0A9, 0xF0AD, 0xF0BB, 0xF0BF, + 0xF0C5, 0xF0CB, 0xF0D3, 0xF0D9, 0xF0E3, 0xF0E9, 0xF0F1, 0xF0F7, + 0xF107, 0xF115, 0xF11B, 0xF121, 0xF137, 0xF13D, 0xF155, 0xF175, + 0xF17B, 0xF18D, 0xF193, 0xF1A5, 0xF1AF, 0xF1B7, 0xF1D5, 0xF1E7, + 0xF1ED, 0xF1FD, 0xF209, 0xF20F, 0xF21B, 0xF21D, 0xF223, 0xF227, + 0xF233, 0xF23B, 0xF241, 0xF257, 0xF25F, 0xF265, 0xF269, 0xF277, + 0xF281, 0xF293, 0xF2A7, 0xF2B1, 0xF2B3, 0xF2B9, 0xF2BD, 0xF2BF, + 0xF2DB, 0xF2ED, 0xF2EF, 0xF2F9, 0xF2FF, 0xF305, 0xF30B, 0xF319, + 0xF341, 0xF359, 0xF35B, 0xF35F, 0xF367, 0xF373, 0xF377, 0xF38B, + 0xF38F, 0xF3AF, 0xF3C1, 0xF3D1, 0xF3D7, 0xF3FB, 0xF403, 0xF409, + 0xF40D, 0xF413, 0xF421, 0xF425, 0xF42B, 0xF445, 0xF44B, 0xF455, + 0xF463, 0xF475, 0xF47F, 0xF485, 0xF48B, 0xF499, 0xF4A3, 0xF4A9, + 0xF4AF, 0xF4BD, 0xF4C3, 0xF4DB, 0xF4DF, 0xF4ED, 0xF503, 0xF50B, + 0xF517, 0xF521, 0xF529, 0xF535, 0xF547, 0xF551, 0xF563, 0xF56B, + 0xF583, 0xF58D, 0xF595, 0xF599, 0xF5B1, 0xF5B7, 0xF5C9, 0xF5CF, + 0xF5D1, 0xF5DB, 0xF5F9, 0xF5FB, 0xF605, 0xF607, 0xF60B, 0xF60D, + 0xF635, 0xF637, 0xF653, 0xF65B, 0xF661, 0xF667, 0xF679, 0xF67F, + 0xF689, 0xF697, 0xF69B, 0xF6AD, 0xF6CB, 0xF6DD, 0xF6DF, 0xF6EB, + 0xF709, 0xF70F, 0xF72D, 0xF731, 0xF743, 0xF74F, 0xF751, 0xF755, + 0xF763, 0xF769, 0xF773, 0xF779, 0xF781, 0xF787, 0xF791, 0xF79D, + 0xF79F, 0xF7A5, 0xF7B1, 0xF7BB, 0xF7BD, 0xF7CF, 0xF7D3, 0xF7E7, + 0xF7EB, 0xF7F1, 0xF7FF, 0xF805, 0xF80B, 0xF821, 0xF827, 0xF82D, + 0xF835, 0xF847, 0xF859, 0xF863, 0xF865, 0xF86F, 0xF871, 0xF877, + 0xF87B, 0xF881, 0xF88D, 0xF89F, 0xF8A1, 0xF8AB, 0xF8B3, 0xF8B7, + 0xF8C9, 0xF8CB, 0xF8D1, 0xF8D7, 0xF8DD, 0xF8E7, 0xF8EF, 0xF8F9, + 0xF8FF, 0xF911, 0xF91D, 0xF925, 0xF931, 0xF937, 0xF93B, 0xF941, + 0xF94F, 0xF95F, 0xF961, 0xF96D, 0xF971, 0xF977, 0xF99D, 0xF9A3, + 0xF9A9, 0xF9B9, 0xF9CD, 0xF9E9, 0xF9FD, 0xFA07, 0xFA0D, 0xFA13, + 0xFA21, 0xFA25, 0xFA3F, 0xFA43, 0xFA51, 0xFA5B, 0xFA6D, 0xFA7B, + 0xFA97, 0xFA99, 0xFA9D, 0xFAAB, 0xFABB, 0xFABD, 0xFAD9, 0xFADF, + 0xFAE7, 0xFAED, 0xFB0F, 0xFB17, 0xFB1B, 0xFB2D, 0xFB2F, 0xFB3F, + 0xFB47, 0xFB4D, 0xFB75, 0xFB7D, 0xFB8F, 0xFB93, 0xFBB1, 0xFBB7, + 0xFBC3, 0xFBC5, 0xFBE3, 0xFBE9, 0xFBF3, 0xFC01, 0xFC29, 0xFC37, + 0xFC41, 0xFC43, 0xFC4F, 0xFC59, 0xFC61, 0xFC65, 0xFC6D, 0xFC73, + 0xFC79, 0xFC95, 0xFC97, 0xFC9B, 0xFCA7, 0xFCB5, 0xFCC5, 0xFCCD, + 0xFCEB, 0xFCFB, 0xFD0D, 0xFD0F, 0xFD19, 0xFD2B, 0xFD31, 0xFD51, + 0xFD55, 0xFD67, 0xFD6D, 0xFD6F, 0xFD7B, 0xFD85, 0xFD97, 0xFD99, + 0xFD9F, 0xFDA9, 0xFDB7, 0xFDC9, 0xFDE5, 0xFDEB, 0xFDF3, 0xFE03, + 0xFE05, 0xFE09, 0xFE1D, 0xFE27, 0xFE2F, 0xFE41, 0xFE4B, 0xFE4D, + 0xFE57, 0xFE5F, 0xFE63, 0xFE69, 0xFE75, 0xFE7B, 0xFE8F, 0xFE93, + 0xFE95, 0xFE9B, 0xFE9F, 0xFEB3, 0xFEBD, 0xFED7, 0xFEE9, 0xFEF3, + 0xFEF5, 0xFF07, 0xFF0D, 0xFF1D, 0xFF2B, 0xFF2F, 0xFF49, 0xFF4D, + 0xFF5B, 0xFF65, 0xFF71, 0xFF7F, 0xFF85, 0xFF8B, 0xFF8F, 0xFF9D, + 0xFFA7, 0xFFA9, 0xFFC7, 0xFFD9, 0xFFEF, 0xFFF1, +#endif +}; + diff --git a/security/nss/lib/freebl/mpi/stats b/security/nss/lib/freebl/mpi/stats new file mode 100755 index 000000000..dd63ca0db --- /dev/null +++ b/security/nss/lib/freebl/mpi/stats @@ -0,0 +1,70 @@ +#!/usr/bin/perl + +# +# Treat each line as a sequence of comma and/or space delimited +# floating point numbers, and compute basic statistics on them. +# These are written to standard output +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# + +$min = 1.7976931348623157E+308; +$max = 2.2250738585072014E-308; +$sum = $num = 0; + +while(<>) { + chomp; + + @nums = split(/[\s,]+/, $_); + next if($#nums < 0); + + $num += scalar @nums; + foreach (@nums) { + $min = $_ if($_ < $min); + $max = $_ if($_ > $max); + $sum += $_; + } +} + +if($num) { + $avg = $sum / $num; +} else { + $min = $max = 0; +} + +printf "%d\tmin=%.2f, avg=%.2f, max=%.2f, sum=%.2f\n", + $num, $min, $avg, $max, $sum; + +# end diff --git a/security/nss/lib/freebl/mpi/test-arrays.txt b/security/nss/lib/freebl/mpi/test-arrays.txt new file mode 100644 index 000000000..d247154be --- /dev/null +++ b/security/nss/lib/freebl/mpi/test-arrays.txt @@ -0,0 +1,86 @@ +# +# Test suite table for MPI library +# +# Format of entries: +# suite-name:function-name:description +# +# suite-name The name used to identify this test in mpi-test +# function-name The function called to perform this test in mpi-test.c +# description A brief description of what the suite tests +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# +list:test_list:print out a list of the available test suites +copy:test_copy:test assignment of mp-int structures +exchange:test_exch:test exchange of mp-int structures +zero:test_zero:test zeroing of an mp-int +set:test_set:test setting an mp-int to a small constant +absolute-value:test_abs:test the absolute value function +negate:test_neg:test the arithmetic negation function +add-digit:test_add_d:test digit addition +add:test_add:test full addition +subtract-digit:test_sub_d:test digit subtraction +subtract:test_sub:test full subtraction +multiply-digit:test_mul_d:test digit multiplication +multiply:test_mul:test full multiplication +square:test_sqr:test full squaring function +divide-digit:test_div_d:test digit division +divide-2:test_div_2:test division by two +divide-2d:test_div_2d:test division & remainder by 2^d +divide:test_div:test full division +expt-digit:test_expt_d:test digit exponentiation +expt:test_expt:test full exponentiation +expt-2:test_2expt:test power-of-two exponentiation +square-root:test_sqrt:test integer square root function +modulo-digit:test_mod_d:test digit modular reduction +modulo:test_mod:test full modular reduction +mod-add:test_addmod:test modular addition +mod-subtract:test_submod:test modular subtraction +mod-multiply:test_mulmod:test modular multiplication +mod-square:test_sqrmod:test modular squaring function +mod-expt:test_exptmod:test full modular exponentiation +mod-expt-digit:test_exptmod_d:test digit modular exponentiation +mod-inverse:test_invmod:test modular inverse function +compare-digit:test_cmp_d:test digit comparison function +compare-zero:test_cmp_z:test zero comparison function +compare:test_cmp:test general signed comparison +compare-magnitude:test_cmp_mag:test general magnitude comparison +parity:test_parity:test parity comparison functions +gcd:test_gcd:test greatest common divisor functions +lcm:test_lcm:test least common multiple function +conversion:test_convert:test general radix conversion facilities +binary:test_raw:test raw output format +pprime:test_pprime:test probabilistic primality tester +fermat:test_fermat:test Fermat pseudoprimality tester diff --git a/security/nss/lib/freebl/mpi/test-info.c b/security/nss/lib/freebl/mpi/test-info.c new file mode 100644 index 000000000..f84013e2e --- /dev/null +++ b/security/nss/lib/freebl/mpi/test-info.c @@ -0,0 +1,191 @@ +/* + * test-info.c + * + * Arbitrary precision integer arithmetic library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +/* Table mapping test suite names to index numbers */ +const int g_count = 42; +const char *g_names[] = { + "list", /* print out a list of the available test suites */ + "copy", /* test assignment of mp-int structures */ + "exchange", /* test exchange of mp-int structures */ + "zero", /* test zeroing of an mp-int */ + "set", /* test setting an mp-int to a small constant */ + "absolute-value", /* test the absolute value function */ + "negate", /* test the arithmetic negation function */ + "add-digit", /* test digit addition */ + "add", /* test full addition */ + "subtract-digit", /* test digit subtraction */ + "subtract", /* test full subtraction */ + "multiply-digit", /* test digit multiplication */ + "multiply", /* test full multiplication */ + "square", /* test full squaring function */ + "divide-digit", /* test digit division */ + "divide-2", /* test division by two */ + "divide-2d", /* test division & remainder by 2^d */ + "divide", /* test full division */ + "expt-digit", /* test digit exponentiation */ + "expt", /* test full exponentiation */ + "expt-2", /* test power-of-two exponentiation */ + "square-root", /* test integer square root function */ + "modulo-digit", /* test digit modular reduction */ + "modulo", /* test full modular reduction */ + "mod-add", /* test modular addition */ + "mod-subtract", /* test modular subtraction */ + "mod-multiply", /* test modular multiplication */ + "mod-square", /* test modular squaring function */ + "mod-expt", /* test full modular exponentiation */ + "mod-expt-digit", /* test digit modular exponentiation */ + "mod-inverse", /* test modular inverse function */ + "compare-digit", /* test digit comparison function */ + "compare-zero", /* test zero comparison function */ + "compare", /* test general signed comparison */ + "compare-magnitude", /* test general magnitude comparison */ + "parity", /* test parity comparison functions */ + "gcd", /* test greatest common divisor functions */ + "lcm", /* test least common multiple function */ + "conversion", /* test general radix conversion facilities */ + "binary", /* test raw output format */ + "pprime", /* test probabilistic primality tester */ + "fermat" /* test Fermat pseudoprimality tester */ +}; + +/* Test function prototypes */ +int test_list(void); +int test_copy(void); +int test_exch(void); +int test_zero(void); +int test_set(void); +int test_abs(void); +int test_neg(void); +int test_add_d(void); +int test_add(void); +int test_sub_d(void); +int test_sub(void); +int test_mul_d(void); +int test_mul(void); +int test_sqr(void); +int test_div_d(void); +int test_div_2(void); +int test_div_2d(void); +int test_div(void); +int test_expt_d(void); +int test_expt(void); +int test_2expt(void); +int test_sqrt(void); +int test_mod_d(void); +int test_mod(void); +int test_addmod(void); +int test_submod(void); +int test_mulmod(void); +int test_sqrmod(void); +int test_exptmod(void); +int test_exptmod_d(void); +int test_invmod(void); +int test_cmp_d(void); +int test_cmp_z(void); +int test_cmp(void); +int test_cmp_mag(void); +int test_parity(void); +int test_gcd(void); +int test_lcm(void); +int test_convert(void); +int test_raw(void); +int test_pprime(void); +int test_fermat(void); + +/* Table mapping index numbers to functions */ +int (*g_tests[])(void) = { + test_list, test_copy, test_exch, test_zero, + test_set, test_abs, test_neg, test_add_d, + test_add, test_sub_d, test_sub, test_mul_d, + test_mul, test_sqr, test_div_d, test_div_2, + test_div_2d, test_div, test_expt_d, test_expt, + test_2expt, test_sqrt, test_mod_d, test_mod, + test_addmod, test_submod, test_mulmod, test_sqrmod, + test_exptmod, test_exptmod_d, test_invmod, test_cmp_d, + test_cmp_z, test_cmp, test_cmp_mag, test_parity, + test_gcd, test_lcm, test_convert, test_raw, + test_pprime, test_fermat +}; + +/* Table mapping index numbers to descriptions */ +const char *g_descs[] = { + "print out a list of the available test suites", + "test assignment of mp-int structures", + "test exchange of mp-int structures", + "test zeroing of an mp-int", + "test setting an mp-int to a small constant", + "test the absolute value function", + "test the arithmetic negation function", + "test digit addition", + "test full addition", + "test digit subtraction", + "test full subtraction", + "test digit multiplication", + "test full multiplication", + "test full squaring function", + "test digit division", + "test division by two", + "test division & remainder by 2^d", + "test full division", + "test digit exponentiation", + "test full exponentiation", + "test power-of-two exponentiation", + "test integer square root function", + "test digit modular reduction", + "test full modular reduction", + "test modular addition", + "test modular subtraction", + "test modular multiplication", + "test modular squaring function", + "test full modular exponentiation", + "test digit modular exponentiation", + "test modular inverse function", + "test digit comparison function", + "test zero comparison function", + "test general signed comparison", + "test general magnitude comparison", + "test parity comparison functions", + "test greatest common divisor functions", + "test least common multiple function", + "test general radix conversion facilities", + "test raw output format", + "test probabilistic primality tester", + "test Fermat pseudoprimality tester" +}; + diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE b/security/nss/lib/freebl/mpi/tests/LICENSE new file mode 100644 index 000000000..c2c5d0190 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/LICENSE @@ -0,0 +1,6 @@ +Within this directory, each of the file listed below is licensed under +the terms given in the file LICENSE-MPL, also in this directory. + +pi1k.txt +pi2k.txt +pi5k.txt diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL new file mode 100644 index 000000000..9ff410e4b --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL @@ -0,0 +1,32 @@ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the Netscape security libraries. + +The Initial Developer of the Original Code is Netscape +Communications Corporation. Portions created by Netscape are +Copyright (C) 1994-2000 Netscape Communications Corporation. All +Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the +GPL. + + diff --git a/security/nss/lib/freebl/mpi/tests/mptest-1.c b/security/nss/lib/freebl/mpi/tests/mptest-1.c new file mode 100644 index 000000000..6861e616e --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-1.c @@ -0,0 +1,72 @@ +/* + * Simple test driver for MPI library + * + * Test 1: Simple input test (drives single-digit multiply and add, + * as well as I/O routines) + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#ifdef MAC_CW_SIOUX +#include <console.h> +#endif + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + int ix; + mp_int mp; + +#ifdef MAC_CW_SIOUX + argc = ccommand(&argv); +#endif + + mp_init(&mp); + + for(ix = 1; ix < argc; ix++) { + mp_read_radix(&mp, argv[ix], 10); + mp_print(&mp, stdout); + fputc('\n', stdout); + } + + mp_clear(&mp); + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-2.c b/security/nss/lib/freebl/mpi/tests/mptest-2.c new file mode 100644 index 000000000..d350d1d49 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-2.c @@ -0,0 +1,83 @@ +/* + * Simple test driver for MPI library + * + * Test 2: Basic addition and subtraction test + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a, b, c; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]); + return 1; + } + + printf("Test 2: Basic addition and subtraction\n\n"); + + mp_init(&a); + mp_init(&b); + + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&b, argv[2], 10); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + mp_init(&c); + printf("c = a + b\n"); + + mp_add(&a, &b, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("c = a - b\n"); + + mp_sub(&a, &b, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + mp_clear(&c); + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3.c b/security/nss/lib/freebl/mpi/tests/mptest-3.c new file mode 100644 index 000000000..ac2dd2c6c --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-3.c @@ -0,0 +1,128 @@ +/* + * Simple test driver for MPI library + * + * Test 3: Multiplication, division, and exponentiation test + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include <time.h> + +#include "mpi.h" + +#define SQRT 1 /* define nonzero to get square-root test */ +#define EXPT 0 /* define nonzero to get exponentiate test */ + +int main(int argc, char *argv[]) +{ + int ix; + mp_int a, b, c, d; + mp_digit r; + mp_err res; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]); + return 1; + } + + printf("Test 3: Multiplication and division\n\n"); + srand(time(NULL)); + + mp_init(&a); + mp_init(&b); + + mp_read_variable_radix(&a, argv[1], 10); + mp_read_variable_radix(&b, argv[2], 10); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + mp_init(&c); + printf("\nc = a * b\n"); + + mp_mul(&a, &b, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = b * 32523\n"); + + mp_mul_d(&b, 32523, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + mp_init(&d); + printf("\nc = a / b, d = a mod b\n"); + + mp_div(&a, &b, &c, &d); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("d = "); mp_print(&d, stdout); fputc('\n', stdout); + + ix = rand() % 256; + printf("\nc = a / %d, r = a mod %d\n", ix, ix); + mp_div_d(&a, (mp_digit)ix, &c, &r); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("r = %04X\n", r); + +#if EXPT + printf("\nc = a ** b\n"); + mp_expt(&a, &b, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); +#endif + + ix = rand() % 256; + printf("\nc = 2^%d\n", ix); + mp_2expt(&c, ix); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + +#if SQRT + printf("\nc = sqrt(a)\n"); + if((res = mp_sqrt(&a, &c)) != MP_OKAY) { + printf("mp_sqrt: %s\n", mp_strerror(res)); + } else { + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + mp_sqr(&c, &c); + printf("c^2 = "); mp_print(&c, stdout); fputc('\n', stdout); + } +#endif + + mp_clear(&d); + mp_clear(&c); + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3a.c b/security/nss/lib/freebl/mpi/tests/mptest-3a.c new file mode 100644 index 000000000..014bd386c --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-3a.c @@ -0,0 +1,141 @@ +/* + * Simple test driver for MPI library + * + * Test 3a: Multiplication vs. squaring timing test + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include <time.h> + +#include "mpi.h" +#include "mpprime.h" + +int main(int argc, char *argv[]) +{ + int ix, num, prec = 8; + double d1, d2; + clock_t start, finish; + time_t seed; + mp_int a, c, d; + + seed = time(NULL); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]); + return 1; + } + + if((num = atoi(argv[1])) < 0) + num = -num; + + if(!num) { + fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]); + return 1; + } + + if(argc > 2) { + if((prec = atoi(argv[2])) <= 0) + prec = 8; + else + prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT; + } + + printf("Test 3a: Multiplication vs squaring timing test\n" + "Precision: %d digits (%u bits)\n" + "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num); + + mp_init_size(&a, prec); + + mp_init(&c); mp_init(&d); + + printf("Verifying accuracy ... \n"); + srand((unsigned int)seed); + for(ix = 0; ix < num; ix++) { + mpp_random_size(&a, prec); + mp_mul(&a, &a, &c); + mp_sqr(&a, &d); + + if(mp_cmp(&c, &d) != 0) { + printf("Error! Results not accurate:\n"); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("d = "); mp_print(&d, stdout); fputc('\n', stdout); + mp_sub(&c, &d, &d); + printf("dif "); mp_print(&d, stdout); fputc('\n', stdout); + mp_clear(&c); mp_clear(&d); + mp_clear(&a); + return 1; + } + } + printf("Accuracy is confirmed for the %d test samples\n", num); + mp_clear(&d); + + printf("Testing squaring ... \n"); + srand((unsigned int)seed); + start = clock(); + for(ix = 0; ix < num; ix++) { + mpp_random_size(&a, prec); + mp_sqr(&a, &c); + } + finish = clock(); + + d2 = (double)(finish - start) / CLOCKS_PER_SEC; + + printf("Testing multiplication ... \n"); + srand((unsigned int)seed); + start = clock(); + for(ix = 0; ix < num; ix++) { + mpp_random(&a); + mp_mul(&a, &a, &c); + } + finish = clock(); + + d1 = (double)(finish - start) / CLOCKS_PER_SEC; + + printf("Multiplication time: %.3f sec (%.3f each)\n", d1, d1 / num); + printf("Squaring time: %.3f sec (%.3f each)\n", d2, d2 / num); + printf("Improvement: %.2f%%\n", (1.0 - (d2 / d1)) * 100.0); + + mp_clear(&c); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4.c b/security/nss/lib/freebl/mpi/tests/mptest-4.c new file mode 100644 index 000000000..6a9920cd8 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-4.c @@ -0,0 +1,123 @@ +/* + * Simple test driver for MPI library + * + * Test 4: Modular arithmetic tests + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + int ix; + mp_int a, b, c, m; + mp_digit r; + + if(argc < 4) { + fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]); + return 1; + } + + printf("Test 4: Modular arithmetic\n\n"); + + mp_init(&a); + mp_init(&b); + mp_init(&m); + + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&b, argv[2], 10); + mp_read_radix(&m, argv[3], 10); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("m = "); mp_print(&m, stdout); fputc('\n', stdout); + + mp_init(&c); + printf("\nc = a (mod m)\n"); + + mp_mod(&a, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = b (mod m)\n"); + + mp_mod(&b, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = b (mod 1853)\n"); + + mp_mod_d(&b, 1853, &r); + printf("c = %04X\n", r); + + printf("\nc = (a + b) mod m\n"); + + mp_addmod(&a, &b, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = (a - b) mod m\n"); + + mp_submod(&a, &b, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = (a * b) mod m\n"); + + mp_mulmod(&a, &b, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nc = (a ** b) mod m\n"); + + mp_exptmod(&a, &b, &m, &c); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + + printf("\nIn-place modular squaring test:\n"); + for(ix = 0; ix < 5; ix++) { + printf("a = (a * a) mod m a = "); + mp_sqrmod(&a, &m, &a); + mp_print(&a, stdout); + fputc('\n', stdout); + } + + + mp_clear(&c); + mp_clear(&m); + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4a.c b/security/nss/lib/freebl/mpi/tests/mptest-4a.c new file mode 100644 index 000000000..22610b8a5 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-4a.c @@ -0,0 +1,135 @@ +/* + * mptest4a - modular exponentiation speed test + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <time.h> + +#include <sys/time.h> + +#include "mpi.h" +#include "mpprime.h" + +typedef struct { + unsigned int sec; + unsigned int usec; +} instant_t; + +instant_t now(void) +{ + struct timeval clk; + instant_t res; + + res.sec = res.usec = 0; + + if(gettimeofday(&clk, NULL) != 0) + return res; + + res.sec = clk.tv_sec; + res.usec = clk.tv_usec; + + return res; +} + +extern mp_err s_mp_pad(); + +int main(int argc, char *argv[]) +{ + int ix, num, prec = 8; + unsigned int d; + instant_t start, finish; + time_t seed; + mp_int a, m, c; + + seed = time(NULL); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]); + return 1; + } + + if((num = atoi(argv[1])) < 0) + num = -num; + + if(!num) { + fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]); + return 1; + } + + if(argc > 2) { + if((prec = atoi(argv[2])) <= 0) + prec = 8; + } + + printf("Test 3a: Modular exponentiation timing test\n" + "Precision: %d digits (%d bits)\n" + "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num); + + mp_init_size(&a, prec); + mp_init_size(&m, prec); + mp_init_size(&c, prec); + s_mp_pad(&a, prec); + s_mp_pad(&m, prec); + s_mp_pad(&c, prec); + + printf("Testing modular exponentiation ... \n"); + srand((unsigned int)seed); + + start = now(); + for(ix = 0; ix < num; ix++) { + mpp_random(&a); + mpp_random(&c); + mpp_random(&m); + mp_exptmod(&a, &c, &m, &c); + } + finish = now(); + + d = (finish.sec - start.sec) * 1000000; + d -= start.usec; d += finish.usec; + + printf("Total time elapsed: %u usec\n", d); + printf("Time per exponentiation: %u usec (%.3f sec)\n", + (d / num), (double)(d / num) / 1000000); + + mp_clear(&c); + mp_clear(&a); + mp_clear(&m); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4b.c b/security/nss/lib/freebl/mpi/tests/mptest-4b.c new file mode 100644 index 000000000..77a38eb8d --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-4b.c @@ -0,0 +1,132 @@ +/* + * mptest-4b.c + * + * Test speed of a large modular exponentiation of a primitive element + * modulo a prime. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <time.h> + +#include <sys/time.h> + +#include "mpi.h" +#include "mpprime.h" + +char *g_prime = + "34BD53C07350E817CCD49721020F1754527959C421C1533244769D4CF060A8B1C3DA" + "25094BE723FB1E2369B55FEEBBE0FAC16425161BF82684062B5EC5D7D47D1B23C117" + "0FA19745E44A55E148314E582EB813AC9EE5126295E2E380CACC2F6D206B293E5ED9" + "23B54EE961A8C69CD625CE4EC38B70C649D7F014432AEF3A1C93"; +char *g_gen = "5"; + +typedef struct { + unsigned int sec; + unsigned int usec; +} instant_t; + +instant_t now(void) +{ + struct timeval clk; + instant_t res; + + res.sec = res.usec = 0; + + if(gettimeofday(&clk, NULL) != 0) + return res; + + res.sec = clk.tv_sec; + res.usec = clk.tv_usec; + + return res; +} + +extern mp_err s_mp_pad(); + +int main(int argc, char *argv[]) +{ + instant_t start, finish; + mp_int prime, gen, expt, res; + unsigned int ix, diff; + int num; + + srand(time(NULL)); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]); + return 1; + } + + if((num = atoi(argv[1])) < 0) + num = -num; + + if(num == 0) + ++num; + + mp_init(&prime); mp_init(&gen); mp_init(&res); + mp_read_radix(&prime, g_prime, 16); + mp_read_radix(&gen, g_gen, 16); + + mp_init_size(&expt, USED(&prime) - 1); + s_mp_pad(&expt, USED(&prime) - 1); + + printf("Testing %d modular exponentations ... \n", num); + + start = now(); + for(ix = 0; ix < num; ix++) { + mpp_random(&expt); + mp_exptmod(&gen, &expt, &prime, &res); + } + finish = now(); + + diff = (finish.sec - start.sec) * 1000000; + diff += finish.usec; diff -= start.usec; + + printf("%d operations took %u usec (%.3f sec)\n", + num, diff, (double)diff / 1000000.0); + printf("That is %.3f sec per operation.\n", + ((double)diff / 1000000.0) / num); + + mp_clear(&expt); + mp_clear(&res); + mp_clear(&gen); + mp_clear(&prime); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5.c b/security/nss/lib/freebl/mpi/tests/mptest-5.c new file mode 100644 index 000000000..4b161d1b8 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-5.c @@ -0,0 +1,100 @@ +/* + * Simple test driver for MPI library + * + * Test 5: Other number theoretic functions + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a, b, c, x, y; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]); + return 1; + } + + printf("Test 5: Number theoretic functions\n\n"); + + mp_init(&a); + mp_init(&b); + + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&b, argv[2], 10); + + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + mp_init(&c); + printf("\nc = (a, b)\n"); + + mp_gcd(&a, &b, &c); + printf("Euclid: c = "); mp_print(&c, stdout); fputc('\n', stdout); +/* + mp_bgcd(&a, &b, &c); + printf("Binary: c = "); mp_print(&c, stdout); fputc('\n', stdout); +*/ + mp_init(&x); + mp_init(&y); + printf("\nc = (a, b) = ax + by\n"); + + mp_xgcd(&a, &b, &c, &x, &y); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("x = "); mp_print(&x, stdout); fputc('\n', stdout); + printf("y = "); mp_print(&y, stdout); fputc('\n', stdout); + + printf("\nc = a^-1 (mod b)\n"); + if(mp_invmod(&a, &b, &c) == MP_UNDEF) { + printf("a has no inverse mod b\n"); + } else { + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + } + + mp_clear(&y); + mp_clear(&x); + mp_clear(&c); + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5a.c b/security/nss/lib/freebl/mpi/tests/mptest-5a.c new file mode 100644 index 000000000..82552b766 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-5a.c @@ -0,0 +1,162 @@ +/* + * Simple test driver for MPI library + * + * Test 5a: Greatest common divisor speed test, binary vs. Euclid + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> +#include <time.h> + +#include <sys/time.h> + +#include "mpi.h" +#include "mpprime.h" + +typedef struct { + unsigned int sec; + unsigned int usec; +} instant_t; + +instant_t now(void) +{ + struct timeval clk; + instant_t res; + + res.sec = res.usec = 0; + + if(gettimeofday(&clk, NULL) != 0) + return res; + + res.sec = clk.tv_sec; + res.usec = clk.tv_usec; + + return res; +} + +#define PRECISION 16 + +int main(int argc, char *argv[]) +{ + int ix, num, prec = PRECISION; + mp_int a, b, c, d; + instant_t start, finish; + time_t seed; + unsigned int d1, d2; + + seed = time(NULL); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]); + return 1; + } + + if((num = atoi(argv[1])) < 0) + num = -num; + + printf("Test 5a: Euclid vs. Binary, a GCD speed test\n\n" + "Number of tests: %d\n" + "Precision: %d digits\n\n", num, prec); + + mp_init_size(&a, prec); + mp_init_size(&b, prec); + mp_init(&c); + mp_init(&d); + + printf("Verifying accuracy ... \n"); + srand((unsigned int)seed); + for(ix = 0; ix < num; ix++) { + mpp_random_size(&a, prec); + mpp_random_size(&b, prec); + + mp_gcd(&a, &b, &c); + mp_bgcd(&a, &b, &d); + + if(mp_cmp(&c, &d) != 0) { + printf("Error! Results not accurate:\n"); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("d = "); mp_print(&d, stdout); fputc('\n', stdout); + + mp_clear(&a); mp_clear(&b); mp_clear(&c); mp_clear(&d); + return 1; + } + } + mp_clear(&d); + printf("Accuracy confirmed for the %d test samples\n", num); + + printf("Testing Euclid ... \n"); + srand((unsigned int)seed); + start = now(); + for(ix = 0; ix < num; ix++) { + mpp_random_size(&a, prec); + mpp_random_size(&b, prec); + mp_gcd(&a, &b, &c); + + } + finish = now(); + + d1 = (finish.sec - start.sec) * 1000000; + d1 -= start.usec; d1 += finish.usec; + + printf("Testing binary ... \n"); + srand((unsigned int)seed); + start = now(); + for(ix = 0; ix < num; ix++) { + mpp_random_size(&a, prec); + mpp_random_size(&b, prec); + mp_bgcd(&a, &b, &c); + } + finish = now(); + + d2 = (finish.sec - start.sec) * 1000000; + d2 -= start.usec; d2 += finish.usec; + + printf("Euclidean algorithm time: %u usec\n", d1); + printf("Binary algorithm time: %u usec\n", d2); + printf("Improvement: %.2f%%\n", + (1.0 - ((double)d2 / (double)d1)) * 100.0); + + mp_clear(&c); + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-6.c b/security/nss/lib/freebl/mpi/tests/mptest-6.c new file mode 100644 index 000000000..5e91716de --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-6.c @@ -0,0 +1,108 @@ +/* + * Simple test driver for MPI library + * + * Test 6: Output functions + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include "mpi.h" + +void print_buf(FILE *ofp, char *buf, int len) +{ + int ix, brk = 0; + + for(ix = 0; ix < len; ix++) { + fprintf(ofp, "%02X ", buf[ix]); + + brk = (brk + 1) & 0xF; + if(!brk) + fputc('\n', ofp); + } + + if(brk) + fputc('\n', ofp); + +} + +int main(int argc, char *argv[]) +{ + int ix, size; + mp_int a; + char *buf; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <a>\n", argv[0]); + return 1; + } + + printf("Test 6: Output functions\n\n"); + + mp_init(&a); + + mp_read_radix(&a, argv[1], 10); + + printf("\nConverting to a string:\n"); + + printf("Rx Size Representation\n"); + for(ix = 2; ix <= MAX_RADIX; ix++) { + size = mp_radix_size(&a, ix); + + buf = calloc(size, sizeof(char)); + mp_toradix(&a, buf, ix); + printf("%2d: %3d: %s\n", ix, size, buf); + free(buf); + + } + + printf("\nRaw output:\n"); + size = mp_raw_size(&a); + buf = calloc(size, sizeof(char)); + + printf("Size: %d bytes\n", size); + + mp_toraw(&a, buf); + print_buf(stdout, buf, size); + free(buf); + + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-7.c b/security/nss/lib/freebl/mpi/tests/mptest-7.c new file mode 100644 index 000000000..4b41a1a4f --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-7.c @@ -0,0 +1,104 @@ +/* + * Simple test driver for MPI library + * + * Test 7: Random and divisibility tests + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> +#include <time.h> + +#define MP_IOFUNC +#include "mpi.h" + +#include "mpprime.h" + +int main(int argc, char *argv[]) +{ + mp_digit num; + mp_int a, b; + + srand(time(NULL)); + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]); + return 1; + } + + printf("Test 7: Random & divisibility tests\n\n"); + + mp_init(&a); + mp_init(&b); + + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&b, argv[2], 10); + + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + if(mpp_divis(&a, &b) == MP_YES) + printf("a is divisible by b\n"); + else + printf("a is not divisible by b\n"); + + if(mpp_divis(&b, &a) == MP_YES) + printf("b is divisible by a\n"); + else + printf("b is not divisible by a\n"); + + printf("\nb = mpp_random()\n"); + mpp_random(&b); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + mpp_random(&b); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + mpp_random(&b); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + printf("\nTesting a for divisibility by first 170 primes\n"); + num = 170; + if(mpp_divis_primes(&a, &num) == MP_YES) + printf("It is divisible by at least one of them\n"); + else + printf("It is not divisible by any of them\n"); + + mp_clear(&b); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-8.c b/security/nss/lib/freebl/mpi/tests/mptest-8.c new file mode 100644 index 000000000..e2ddc2c19 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-8.c @@ -0,0 +1,95 @@ +/* + * Simple test driver for MPI library + * + * Test 8: Probabilistic primality tester + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> +#include <time.h> + +#define MP_IOFUNC +#include "mpi.h" + +#include "mpprime.h" + +int main(int argc, char *argv[]) +{ + int ix; + mp_digit num; + mp_int a; + + srand(time(NULL)); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <a>\n", argv[0]); + return 1; + } + + printf("Test 8: Probabilistic primality testing\n\n"); + + mp_init(&a); + + mp_read_radix(&a, argv[1], 10); + + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + + printf("\nChecking for divisibility by small primes ... \n"); + num = 170; + if(mpp_divis_primes(&a, &num) == MP_YES) { + printf("it is not prime\n"); + goto CLEANUP; + } + printf("Passed that test (not divisible by any small primes).\n"); + + for(ix = 0; ix < 10; ix++) { + printf("\nPerforming Rabin-Miller test, iteration %d\n", ix + 1); + + if(mpp_pprime(&a, 5) == MP_NO) { + printf("it is not prime\n"); + goto CLEANUP; + } + } + printf("All tests passed; a is probably prime\n"); + +CLEANUP: + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/tests/mptest-9.c b/security/nss/lib/freebl/mpi/tests/mptest-9.c new file mode 100644 index 000000000..07d6410c7 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-9.c @@ -0,0 +1,113 @@ +/* + * mptest-9.c + * + * Test logical functions + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> +#include <time.h> + +#include "mpi.h" +#include "mplogic.h" + +int main(int argc, char *argv[]) +{ + mp_int a, b, c; + int pco; + mp_err res; + + printf("Test 9: Logical functions\n\n"); + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]); + return 1; + } + + mp_init(&a); mp_init(&b); mp_init(&c); + mp_read_radix(&a, argv[1], 16); + mp_read_radix(&b, argv[2], 16); + + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + + mpl_not(&a, &c); + printf("~a = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_and(&a, &b, &c); + printf("a & b = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_or(&a, &b, &c); + printf("a | b = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_xor(&a, &b, &c); + printf("a ^ b = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_rsh(&a, &c, 1); + printf("a >> 1 = "); mp_print(&c, stdout); fputc('\n', stdout); + mpl_rsh(&a, &c, 5); + printf("a >> 5 = "); mp_print(&c, stdout); fputc('\n', stdout); + mpl_rsh(&a, &c, 16); + printf("a >> 16 = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_lsh(&a, &c, 1); + printf("a << 1 = "); mp_print(&c, stdout); fputc('\n', stdout); + mpl_lsh(&a, &c, 5); + printf("a << 5 = "); mp_print(&c, stdout); fputc('\n', stdout); + mpl_lsh(&a, &c, 16); + printf("a << 16 = "); mp_print(&c, stdout); fputc('\n', stdout); + + mpl_num_set(&a, &pco); + printf("population(a) = %d\n", pco); + mpl_num_set(&b, &pco); + printf("population(b) = %d\n", pco); + + res = mpl_parity(&a); + if(res == MP_EVEN) + printf("a has even parity\n"); + else + printf("a has odd parity\n"); + + mp_clear(&c); + mp_clear(&b); + mp_clear(&a); + + return 0; +} + diff --git a/security/nss/lib/freebl/mpi/tests/pi1k.txt b/security/nss/lib/freebl/mpi/tests/pi1k.txt new file mode 100644 index 000000000..5ff6209ff --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/pi1k.txt @@ -0,0 +1 @@ +31415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989 diff --git a/security/nss/lib/freebl/mpi/tests/pi2k.txt b/security/nss/lib/freebl/mpi/tests/pi2k.txt new file mode 100644 index 000000000..9ce82acd1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/pi2k.txt @@ -0,0 +1 @@ +314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759010 diff --git a/security/nss/lib/freebl/mpi/tests/pi5k.txt b/security/nss/lib/freebl/mpi/tests/pi5k.txt new file mode 100644 index 000000000..901fac2ea --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/pi5k.txt @@ -0,0 +1 @@ +314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759009946576407895126946839835259570982582262052248940772671947826848260147699090264013639443745530506820349625245174939965143142980919065925093722169646151570985838741059788595977297549893016175392846813826868386894277415599185592524595395943104997252468084598727364469584865383673622262609912460805124388439045124413654976278079771569143599770012961608944169486855584840635342207222582848864815845602850601684273945226746767889525213852254995466672782398645659611635488623057745649803559363456817432411251507606947945109659609402522887971089314566913686722874894056010150330861792868092087476091782493858900971490967598526136554978189312978482168299894872265880485756401427047755513237964145152374623436454285844479526586782105114135473573952311342716610213596953623144295248493718711014576540359027993440374200731057853906219838744780847848968332144571386875194350643021845319104848100537061468067491927819119793995206141966342875444064374512371819217999839101591956181467514269123974894090718649423196156794520809514655022523160388193014209376213785595663893778708303906979207734672218256259966150142150306803844773454920260541466592520149744285073251866600213243408819071048633173464965145390579626856100550810665879699816357473638405257145910289706414011097120628043903975951567715770042033786993600723055876317635942187312514712053292819182618612586732157919841484882916447060957527069572209175671167229109816909152801735067127485832228718352093539657251210835791513698820914442100675103346711031412671113699086585163983150197016515116851714376576183515565088490998985998238734552833163550764791853589322618548963213293308985706420467525907091548141654985946163718027098199430992448895757128289059232332609729971208443357326548938239119325974636673058360414281388303203824903758985243744170291327656180937734440307074692112019130203303801976211011004492932151608424448596376698389522868478312355265821314495768572624334418930396864262434107732269780280731891544110104468232527162010526522721116603966655730925471105578537634668206531098965269186205647693125705863566201855810072936065987648611791045334885034611365768675324944166803962657978771855608455296541266540853061434443185867697514566140680070023787765913440171274947042056223053899456131407112700040785473326993908145466464588079727082668306343285878569830523580893306575740679545716377525420211495576158140025012622859413021647155097925923099079654737612551765675135751782966645477917450112996148903046399471329621073404375189573596145890193897131117904297828564750320319869151402870808599048010941214722131794764777262241425485454033215718530614228813758504306332175182979866223717215916077166925474873898665494945011465406284336639379003976926567214638530673609657120918076383271664162748888007869256029022847210403172118608204190004229661711963779213375751149595015660496318629472654736425230817703675159067350235072835405670403867435136222247715891504953098444893330963408780769325993978054193414473774418426312986080998886874132604721 diff --git a/security/nss/lib/freebl/mpi/timetest b/security/nss/lib/freebl/mpi/timetest new file mode 100755 index 000000000..d78f3c56a --- /dev/null +++ b/security/nss/lib/freebl/mpi/timetest @@ -0,0 +1,131 @@ +#!/bin/sh + +# +# Simple timing test for the MPI library. Basically, we use prime +# generation as a timing test, since it exercises most of the pathways +# of the library fairly heavily. The 'primegen' tool outputs a line +# summarizing timing results. We gather these and process them for +# statistical information, which is collected into a file. +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## Netscape Communications Corporation +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# + +# Avoid using built-in shell echoes +ECHO=/bin/echo +MAKE=gmake + +# Use a fixed seed so timings will be more consistent +# This one is the 11th-18th decimal digits of 'e' +#export SEED=45904523 +SEED=45904523; export SEED + +#------------------------------------------------------------------------ + +$ECHO "\n** Running timing tests for MPI library\n" + +$ECHO "Bringing 'metime' up to date ... " +if $MAKE metime ; then + : +else + $ECHO "\nMake failed to build metime.\n" + exit 1 +fi + +if [ ! -x ./metime ] ; then + $ECHO "\nCannot find 'metime' program, testing cannot continue.\n" + exit 1 +fi + +#------------------------------------------------------------------------ + +$ECHO "Bringing 'primegen' up to date ... " +if $MAKE primegen ; then + : +else + $ECHO "\nMake failed to build primegen.\n" + exit 1 +fi + +if [ ! -x ./primegen ] ; then + $ECHO "\nCannot find 'primegen' program, testing cannot continue.\n" + exit 1 +fi + +#------------------------------------------------------------------------ + +rm -f timing-results.txt +touch timing-results.txt + +sizes="256 512 1024 2048" +ntests=10 + +trap 'echo "oop!";rm -f tt*.tmp timing-results.txt;exit 0' INT HUP + +$ECHO "\n-- Modular exponentiation\n" +$ECHO "Modular exponentiation:" >> timing-results.txt + +$ECHO "Running $ntests modular exponentiations per test:" +for size in $sizes ; do + $ECHO "- Gathering statistics for $size bits ... " + secs=`./metime $ntests $size | tail -1 | awk '{print $2}'` + $ECHO "$size: " $secs " seconds per op" >> timing-results.txt + tail -1 timing-results.txt +done + +$ECHO "<done>"; + +sizes="256 512 1024" +ntests=1 + +$ECHO "\n-- Prime generation\n" +$ECHO "Prime generation:" >> timing-results.txt + +$ECHO "Generating $ntests prime values per test:" +for size in $sizes ; do + $ECHO "- Gathering statistics for $size bits ... " + ./primegen $size $ntests | grep ticks | awk '{print $7}' | tr -d '(' > tt$$.tmp + $ECHO "$size:" >> timing-results.txt + perl stats tt$$.tmp >> timing-results.txt + tail -1 timing-results.txt + rm -f tt$$.tmp +done + +$ECHO "<done>" + +trap 'rm -f tt*.tmp timing-results.txt' INT HUP + +exit 0 + diff --git a/security/nss/lib/freebl/mpi/types.pl b/security/nss/lib/freebl/mpi/types.pl new file mode 100755 index 000000000..5f2a2f4d1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/types.pl @@ -0,0 +1,158 @@ +#!/usr/bin/perl + +# +# types.pl - find recommended type definitions for digits and words +# +# This script scans the Makefile for the C compiler and compilation +# flags currently in use, and using this combination, attempts to +# compile a simple test program that outputs the sizes of the various +# unsigned integer types, in bytes. Armed with these, it finds all +# the "viable" type combinations for mp_digit and mp_word, where +# viability is defined by the requirement that mp_word be at least two +# times the precision of mp_digit. +# +# Of these, the one with the largest digit size is chosen, and +# appropriate typedef statements are written to standard output. +# +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the GPL. +## +# $Id$ +# + +@_=split(/\//,$0);chomp($prog=pop(@_)); + +# The array of integer types to be considered... +@TYPES = ( + "unsigned char", + "unsigned short", + "unsigned int", + "unsigned long" +); + +# Macro names for the maximum unsigned value of each type +%TMAX = ( + "unsigned char" => "UCHAR_MAX", + "unsigned short" => "USHRT_MAX", + "unsigned int" => "UINT_MAX", + "unsigned long" => "ULONG_MAX" +); + +# Read the Makefile to find out which C compiler to use +open(MFP, "<Makefile") or die "$prog: Makefile: $!\n"; +while(<MFP>) { + chomp; + if(/^CC=(.*)$/) { + $cc = $1; + last if $cflags; + } elsif(/^CFLAGS=(.*)$/) { + $cflags = $1; + last if $cc; + } +} +close(MFP); + +# If we couldn't find that, use 'cc' by default +$cc = "cc" unless $cc; + +printf STDERR "Using '%s' as the C compiler.\n", $cc; + +print STDERR "Determining type sizes ... \n"; +open(OFP, ">tc$$.c") or die "$prog: tc$$.c: $!\n"; +print OFP "#include <stdio.h>\n\nint main(void)\n{\n"; +foreach $type (@TYPES) { + printf OFP "\tprintf(\"%%d\\n\", (int)sizeof(%s));\n", $type; +} +print OFP "\n\treturn 0;\n}\n"; +close(OFP); + +system("$cc $cflags -o tc$$ tc$$.c"); + +die "$prog: unable to build test program\n" unless(-x "tc$$"); + +open(IFP, "./tc$$|") or die "$prog: can't execute test program\n"; +$ix = 0; +while(<IFP>) { + chomp; + $size{$TYPES[$ix++]} = $_; +} +close(IFP); + +unlink("tc$$"); +unlink("tc$$.c"); + +print STDERR "Selecting viable combinations ... \n"; +while(($type, $size) = each(%size)) { + push(@ts, [ $size, $type ]); +} + +# Sort them ascending by size +@ts = sort { $a->[0] <=> $b->[0] } @ts; + +# Try all possible combinations, finding pairs in which the word size +# is twice the digit size. The number of possible pairs is too small +# to bother doing this more efficiently than by brute force +for($ix = 0; $ix <= $#ts; $ix++) { + $w = $ts[$ix]; + + for($jx = 0; $jx <= $#ts; $jx++) { + $d = $ts[$jx]; + + if($w->[0] == 2 * $d->[0]) { + push(@valid, [ $d, $w ]); + } + } +} + +# Sort descending by digit size +@valid = sort { $b->[0]->[0] <=> $a->[0]->[0] } @valid; + +# Select the maximum as the recommended combination +$rec = shift(@valid); + +printf("typedef %-18s mp_sign;\n", "char"); +printf("typedef %-18s mp_digit; /* %d byte type */\n", + $rec->[0]->[1], $rec->[0]->[0]); +printf("typedef %-18s mp_word; /* %d byte type */\n", + $rec->[1]->[1], $rec->[1]->[0]); +printf("typedef %-18s mp_size;\n", "unsigned int"); +printf("typedef %-18s mp_err;\n\n", "int"); + +printf("#define %-18s (CHAR_BIT*sizeof(mp_digit))\n", "DIGIT_BIT"); +printf("#define %-18s %s\n", "DIGIT_MAX", $TMAX{$rec->[0]->[1]}); +printf("#define %-18s (CHAR_BIT*sizeof(mp_word))\n", "MP_WORD_BIT"); +printf("#define %-18s %s\n\n", "MP_WORD_MAX", $TMAX{$rec->[1]->[1]}); +printf("#define %-18s (DIGIT_MAX+1)\n\n", "RADIX"); + +printf("#define %-18s \"%%0%dX\"\n", "DIGIT_FMT", (2 * $rec->[0]->[0])); + +exit 0; diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE b/security/nss/lib/freebl/mpi/utils/LICENSE new file mode 100644 index 000000000..5f96df7ab --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/LICENSE @@ -0,0 +1,4 @@ +Within this directory, each of the file listed below is licensed under +the terms given in the file LICENSE-MPL, also in this directory. + +PRIMES diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL new file mode 100644 index 000000000..9ff410e4b --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL @@ -0,0 +1,32 @@ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the Netscape security libraries. + +The Initial Developer of the Original Code is Netscape +Communications Corporation. Portions created by Netscape are +Copyright (C) 1994-2000 Netscape Communications Corporation. All +Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the +GPL. + + diff --git a/security/nss/lib/freebl/mpi/utils/PRIMES b/security/nss/lib/freebl/mpi/utils/PRIMES new file mode 100644 index 000000000..ed65703ff --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/PRIMES @@ -0,0 +1,41 @@ +Probable primes (sorted by number of significant bits) + + 128: 81386202757205669562183851789305348631 + + 128: 180241813863264101444573802809858694397 + + 128: 245274683055224433281596312431122059021 + + 128: 187522309397665259809392608791686659539 + + 256: 83252422946206411852330647237287722547866360773229941071371588246436\ + 513990159 + + 256: 79132571131322331023736933767063051273085304521895229780914612117520\ + 058517909 + + 256: 72081815425552909748220041100909735706208853818662000557743644603407\ + 965465527 + + 256: 87504602391905701494845474079163412737334477797316409702279059573654\ + 274811271 + + 512: 12233064210800062190450937494718705259777386009095453001870729392786\ + 63450255179083524798507997690270500580265258111668148238355016411719\ + 9168737693316468563 + + 512: 12003639081420725322369909586347545220275253633035565716386136197501\ + 88208318984400479275215620499883521216480724155582768193682335576385\ + 2069481074929084063 + +1024: 16467877625718912296741904171202513097057724053648819680815842057593\ + 20371835940722471475475803725455063836431454757000451907612224427007\ + 63984592414360595161051906727075047683803534852982766542661204179549\ + 77327573530800542562611753617736693359790119074768292178493884576587\ + 0230450429880021317876149636714743053 + +1024: 16602953991090311275234291158294516471009930684624948451178742895360\ + 86073703307475884280944414508444679430090561246728195735962931545473\ + 40743240318558456247740186704660778277799687988031119436541068736925\ + 20563780233711166724859277827382391527748470939542560819625727876091\ + 5372193745283891895989104479029844957 diff --git a/security/nss/lib/freebl/mpi/utils/README b/security/nss/lib/freebl/mpi/utils/README new file mode 100644 index 000000000..86887bf81 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/README @@ -0,0 +1,239 @@ +The contents of this file are subject to the Mozilla Public +License Version 1.1 (the "License"); you may not use this file +except in compliance with the License. You may obtain a copy of +the License at http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS +IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +implied. See the License for the specific language governing +rights and limitations under the License. + +The Original Code is the MPI Arbitrary Precision Integer Arithmetic +library. + +The Initial Developer of the Original Code is +Michael J. Fromberger <sting@linguist.dartmouth.edu> + +Portions created by Michael J. Fromberger are +Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. + +Contributor(s): + +Alternatively, the contents of this file may be used under the +terms of the GNU General Public License Version 2 or later (the +"GPL"), in which case the provisions of the GPL are applicable +instead of those above. If you wish to allow use of your +version of this file only under the terms of the GPL and not to +allow others to use your version of this file under the MPL, +indicate your decision by deleting the provisions above and +replace them with the notice and other provisions required by +the GPL. If you do not delete the provisions above, a recipient +may use your version of this file under either the MPL or the +GPL. + + + +Additional MPI utilities +------------------------ + +The files 'mpprime.h' and 'mpprime.c' define some useful extensions to +the MPI library for dealing with prime numbers (in particular, testing +for divisbility, and the Rabin-Miller probabilistic primality test). + +The files 'mplogic.h' and 'mplogic.c' define extensions to the MPI +library for doing bitwise logical operations and shifting. + +This document assumes you have read the help file for the MPI library +and understand its conventions. + +Divisibility (mpprime.h) +------------ + +To test a number for divisibility by another number: + +mpp_divis(a, b) - test if b|a +mpp_divis_d(a, d) - test if d|a + +Each of these functions returns MP_YES if its initial argument is +divisible by its second, or MP_NO if it is not. Other errors may be +returned as appropriate (such as MP_RANGE if you try to test for +divisibility by zero). + +Randomness (mpprime.h) +---------- + +To generate random data: + +mpp_random(a) - fill a with random data +mpp_random_size(a, p) - fill a with p digits of random data + +The mpp_random_size() function increases the precision of a to at +least p, then fills all those digits randomly. The mp_random() +function fills a to its current precision (as determined by the number +of significant digits, USED(a)) + +Note that these functions simply use the C library's rand() function +to fill a with random digits up to its precision. This should be +adequate for primality testing, but should not be used for +cryptographic applications where truly random values are required for +security. + +You should call srand() in your driver program in order to seed the +random generator; this function doesn't call it. + +Primality Testing (mpprime.h) +----------------- + +mpp_divis_vector(a, v, s, w) - is a divisible by any of the s values + in v, and if so, w = which. +mpp_divis_primes(a, np) - is a divisible by any of the first np primes? +mpp_fermat(a, w) - is a pseudoprime with respect to witness w? +mpp_pprime(a, nt) - run nt iterations of Rabin-Miller on a. + +The mpp_divis_vector() function tests a for divisibility by each +member of an array of digits. The array is v, the size of that array +is s. Returns MP_YES if a is divisible, and stores the index of the +offending digit in w. Returns MP_NO if a is not divisible by any of +the digits in the array. + +A small table of primes is compiled into the library (typically the +first 128 primes, although you can change this by editing the file +'primes.c' before you build). The global variable prime_tab_size +contains the number of primes in the table, and the values themselves +are in the array prime_tab[], which is an array of mp_digit. + +The mpp_divis_primes() function is basically just a wrapper around +mpp_divis_vector() that uses prime_tab[] as the test vector. The np +parameter is a pointer to an mp_digit -- on input, it should specify +the number of primes to be tested against. If a is divisible by any +of the primes, MP_YES is returned and np is given the prime value that +divided a (you can use this if you're factoring, for example). +Otherwise, MP_NO is returned and np is untouched. + +The function mpp_fermat() performs Fermat's test, using w as a +witness. This test basically relies on the fact that if a is prime, +and w is relatively prime to a, then: + + w^a = w (mod a) + +That is, + + w^(a - 1) = 1 (mod a) + +The function returns MP_YES if the test passes, MP_NO if it fails. If +w is relatively prime to a, and the test fails, a is definitely +composite. If w is relatively prime to a and the test passes, then a +is either prime, or w is a false witness (the probability of this +happening depends on the choice of w and of a ... consult a number +theory textbook for more information about this). + +Note: If (w, a) != 1, the output of this test is meaningless. +---- + +The function mpp_pprime() performs the Rabin-Miller probabilistic +primality test for nt rounds. If all the tests pass, MP_YES is +returned, and a is probably prime. The probability that an answer of +MP_YES is incorrect is no greater than 1 in 4^nt, and in fact is +usually much less than that (this is a pessimistic estimate). If any +test fails, MP_NO is returned, and a is definitely composite. + +Bruce Schneier recommends at least 5 iterations of this test for most +cryptographic applications; Knuth suggests that 25 are reasonable. +Run it as many times as you feel are necessary. + +See the programs 'makeprime.c' and 'isprime.c' for reasonable examples +of how to use these functions for primality testing. + + +Bitwise Logic (mplogic.c) +------------- + +The four commonest logical operations are implemented as: + +mpl_not(a, b) - Compute bitwise (one's) complement, b = ~a + +mpl_and(a, b, c) - Compute bitwise AND, c = a & b + +mpl_or(a, b, c) - Compute bitwise OR, c = a | b + +mpl_xor(a, b, c) - Compute bitwise XOR, c = a ^ b + +Left and right shifts are available as well. These take a number to +shift, a destination, and a shift amount. The shift amount must be a +digit value between 0 and DIGIT_BIT inclusive; if it is not, MP_RANGE +will be returned and the shift will not happen. + +mpl_rsh(a, b, d) - Compute logical right shift, b = a >> d + +mpl_lsh(a, b, d) - Compute logical left shift, b = a << d + +Since these are logical shifts, they fill with zeroes (the library +uses a signed magnitude representation, so there are no sign bits to +extend anyway). + + +Command-line Utilities +---------------------- + +A handful of interesting command-line utilities are provided. These +are: + +lap.c - Find the order of a mod m. Usage is 'lap <a> <m>'. + This uses a dumb algorithm, so don't use it for + a really big modulus. + +invmod.c - Find the inverse of a mod m, if it exists. Usage + is 'invmod <a> <m>' + +sieve.c - A simple bitmap-based implementation of the Sieve + of Eratosthenes. Used to generate the table of + primes in primes.c. Usage is 'sieve <nbits>' + +prng.c - Uses the routines in bbs_rand.{h,c} to generate + one or more 32-bit pseudo-random integers. This + is mainly an example, not intended for use in a + cryptographic application (the system time is + the only source of entropy used) + +dec2hex.c - Convert decimal to hexadecimal + +hex2dec.c - Convert hexadecimal to decimal + +basecvt.c - General radix conversion tool (supports 2-64) + +isprime.c - Probabilistically test an integer for primality + using the Rabin-Miller pseudoprime test combined + with division by small primes. + +primegen.c - Generate primes at random. + +exptmod.c - Perform modular exponentiation + +ptab.pl - A Perl script to munge the output of the sieve + program into a compilable C structure. + + +Other Files +----------- + +PRIMES - Some randomly generated numbers which are prime with + extremely high probability. + +README - You're reading me already. + + +About the Author +---------------- + +This software was written by Michael J. Fromberger. You can contact +the author as follows: + +E-mail: <sting@linguist.dartmouth.edu> + +Postal: 8000 Cummings Hall, Thayer School of Engineering + Dartmouth College, Hanover, New Hampshire, USA + +PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html + 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907 + +Last updated: $Id$ diff --git a/security/nss/lib/freebl/mpi/utils/basecvt.c b/security/nss/lib/freebl/mpi/utils/basecvt.c new file mode 100644 index 000000000..90ed0f66b --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/basecvt.c @@ -0,0 +1,97 @@ +/* + * basecvt.c + * + * Convert integer values specified on the command line from one input + * base to another. Accepts input and output bases between 2 and 36 + * inclusive. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +#define IBASE 10 +#define OBASE 16 +#define USAGE "Usage: %s ibase obase [value]\n" +#define MAXBASE 64 +#define MINBASE 2 + +int main(int argc, char *argv[]) +{ + int ix, ibase = IBASE, obase = OBASE; + mp_int val; + + ix = 1; + if(ix < argc) { + ibase = atoi(argv[ix++]); + + if(ibase < MINBASE || ibase > MAXBASE) { + fprintf(stderr, "%s: input radix must be between %d and %d inclusive\n", + argv[0], MINBASE, MAXBASE); + return 1; + } + } + if(ix < argc) { + obase = atoi(argv[ix++]); + + if(obase < MINBASE || obase > MAXBASE) { + fprintf(stderr, "%s: output radix must be between %d and %d inclusive\n", + argv[0], MINBASE, MAXBASE); + return 1; + } + } + + mp_init(&val); + while(ix < argc) { + char *out; + int outlen; + + mp_read_radix(&val, argv[ix++], ibase); + + outlen = mp_radix_size(&val, obase); + out = calloc(outlen, sizeof(char)); + mp_toradix(&val, out, obase); + + printf("%s\n", out); + free(out); + } + + mp_clear(&val); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.c b/security/nss/lib/freebl/mpi/utils/bbs_rand.c new file mode 100644 index 000000000..c3e8b869b --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/bbs_rand.c @@ -0,0 +1,93 @@ +/* + * Blum, Blum & Shub PRNG using the MPI library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include "bbs_rand.h" + +#define SEED 1 +#define MODULUS 2 + +/* This modulus is the product of two randomly generated 512-bit + prime integers, each of which is congruent to 3 (mod 4). */ +static char *bbs_modulus = +"75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC" +"332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127" +"7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC" +"28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437"; + +static int bbs_init = 0; /* flag set when library is initialized */ +static mp_int bbs_state; /* the current state of the generator */ + +/* Suggested size of random seed data */ +int bbs_seed_size = (sizeof(bbs_modulus) / 2); + +void bbs_srand(unsigned char *data, int len) +{ + if((bbs_init & SEED) == 0) { + mp_init(&bbs_state); + bbs_init |= SEED; + } + + mp_read_raw(&bbs_state, (char *)data, len); + +} /* end bbs_srand() */ + +unsigned int bbs_rand(void) +{ + static mp_int modulus; + unsigned int result = 0, ix; + + if((bbs_init & MODULUS) == 0) { + mp_init(&modulus); + mp_read_radix(&modulus, bbs_modulus, 16); + bbs_init |= MODULUS; + } + + for(ix = 0; ix < sizeof(unsigned int); ix++) { + mp_digit d; + + mp_sqrmod(&bbs_state, &modulus, &bbs_state); + d = DIGIT(&bbs_state, 0); + + result = (result << CHAR_BIT) | (d & UCHAR_MAX); + } + + return result; + +} /* end bbs_rand() */ + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.h b/security/nss/lib/freebl/mpi/utils/bbs_rand.h new file mode 100644 index 000000000..de4587421 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/bbs_rand.h @@ -0,0 +1,55 @@ +/* + * bbs_rand.h + * + * Blum, Blum & Shub PRNG using the MPI library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _H_BBSRAND_ +#define _H_BBSRAND_ + +#include <limits.h> +#include "mpi.h" + +#define BBS_RAND_MAX UINT_MAX + +/* Suggested length of seed data */ +extern int bbs_seed_size; + +void bbs_srand(unsigned char *data, int len); +unsigned int bbs_rand(void); + +#endif /* end _H_BBSRAND_ */ diff --git a/security/nss/lib/freebl/mpi/utils/bbsrand.c b/security/nss/lib/freebl/mpi/utils/bbsrand.c new file mode 100644 index 000000000..28600fabe --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/bbsrand.c @@ -0,0 +1,64 @@ +/* + * bbsrand.c + * + * Test driver for routines in bbs_rand.h + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> +#include <limits.h> + +#include "bbs_rand.h" + +#define NUM_TESTS 100 + +int main(void) +{ + unsigned int seed, result, ix; + + seed = time(NULL); + bbs_srand((unsigned char *)&seed, sizeof(seed)); + + for(ix = 0; ix < NUM_TESTS; ix++) { + result = bbs_rand(); + + printf("Test %3u: %08X\n", ix + 1, result); + } + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/utils/dec2hex.c b/security/nss/lib/freebl/mpi/utils/dec2hex.c new file mode 100644 index 000000000..9bdcfa018 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/dec2hex.c @@ -0,0 +1,68 @@ +/* + * dec2hex.c + * + * Convert decimal integers into hexadecimal + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a; + char *buf; + int len; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <a>\n", argv[0]); + return 1; + } + + mp_init(&a); mp_read_radix(&a, argv[1], 10); + len = mp_radix_size(&a, 16); + buf = malloc(len); + mp_toradix(&a, buf, 16); + + printf("%s\n", buf); + + free(buf); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/utils/exptmod.c b/security/nss/lib/freebl/mpi/utils/exptmod.c new file mode 100644 index 000000000..d5e66ac37 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/exptmod.c @@ -0,0 +1,80 @@ +/* + * exptmod.c + * + * Command line tool to perform modular exponentiation on arbitrary + * precision integers. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a, b, m; + mp_err res; + char *str; + int len, rval = 0; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]); + return 1; + } + + mp_init(&a); mp_init(&b); mp_init(&m); + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&b, argv[2], 10); + mp_read_radix(&m, argv[3], 10); + + if((res = mp_exptmod(&a, &b, &m, &a)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res)); + rval = 1; + } else { + len = mp_radix_size(&a, 10); + str = calloc(len, sizeof(char)); + mp_toradix(&a, str, 10); + + printf("%s\n", str); + + free(str); + } + + mp_clear(&a); mp_clear(&b); mp_clear(&m); + + return rval; +} diff --git a/security/nss/lib/freebl/mpi/utils/fact.c b/security/nss/lib/freebl/mpi/utils/fact.c new file mode 100644 index 000000000..02b6711c9 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/fact.c @@ -0,0 +1,112 @@ +/* + * fact.c + * + * Compute factorial of input integer + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +mp_err mp_fact(mp_int *a, mp_int *b); + +int main(int argc, char *argv[]) +{ + mp_int a; + mp_err res; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <number>\n", argv[0]); + return 1; + } + + mp_init(&a); + mp_read_radix(&a, argv[1], 10); + + if((res = mp_fact(&a, &a)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", argv[0], + mp_strerror(res)); + mp_clear(&a); + return 1; + } + + { + char *buf; + int len; + + len = mp_radix_size(&a, 10); + buf = malloc(len); + mp_todecimal(&a, buf); + + puts(buf); + + free(buf); + } + + mp_clear(&a); + return 0; +} + +mp_err mp_fact(mp_int *a, mp_int *b) +{ + mp_int ix, s; + mp_err res = MP_OKAY; + + if(mp_cmp_z(a) < 0) + return MP_UNDEF; + + mp_init(&s); + mp_add_d(&s, 1, &s); /* s = 1 */ + mp_init(&ix); + mp_add_d(&ix, 1, &ix); /* ix = 1 */ + + for(/* */; mp_cmp(&ix, a) <= 0; mp_add_d(&ix, 1, &ix)) { + if((res = mp_mul(&s, &ix, &s)) != MP_OKAY) + break; + } + + mp_clear(&ix); + + /* Copy out results if we got them */ + if(res == MP_OKAY) + mp_copy(&s, b); + + mp_clear(&s); + + return res; +} diff --git a/security/nss/lib/freebl/mpi/utils/gcd.c b/security/nss/lib/freebl/mpi/utils/gcd.c new file mode 100644 index 000000000..b36c7f281 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/gcd.c @@ -0,0 +1,116 @@ +/* + * gcd.c + * + * Greatest common divisor + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +char *g_prog = NULL; + +void print_mp_int(mp_int *mp, FILE *ofp); + +int main(int argc, char *argv[]) +{ + mp_int a, b, x, y; + mp_err res; + int ext = 0; + + g_prog = argv[0]; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <b>\n", g_prog); + return 1; + } + + mp_init(&a); mp_read_radix(&a, argv[1], 10); + mp_init(&b); mp_read_radix(&b, argv[2], 10); + + /* If we were called 'xgcd', compute x, y so that g = ax + by */ + if(strcmp(g_prog, "xgcd") == 0) { + ext = 1; + mp_init(&x); mp_init(&y); + } + + if(ext) { + if((res = mp_xgcd(&a, &b, &a, &x, &y)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", g_prog, mp_strerror(res)); + mp_clear(&a); mp_clear(&b); + mp_clear(&x); mp_clear(&y); + return 1; + } + } else { + if((res = mp_gcd(&a, &b, &a)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", g_prog, + mp_strerror(res)); + mp_clear(&a); mp_clear(&b); + return 1; + } + } + + print_mp_int(&a, stdout); + if(ext) { + fputs("x = ", stdout); print_mp_int(&x, stdout); + fputs("y = ", stdout); print_mp_int(&y, stdout); + } + + mp_clear(&a); mp_clear(&b); + + if(ext) { + mp_clear(&x); + mp_clear(&y); + } + + return 0; + +} + +void print_mp_int(mp_int *mp, FILE *ofp) +{ + char *buf; + int len; + + len = mp_radix_size(mp, 10); + buf = calloc(len, sizeof(char)); + mp_todecimal(mp, buf); + fprintf(ofp, "%s\n", buf); + free(buf); + +} diff --git a/security/nss/lib/freebl/mpi/utils/hex2dec.c b/security/nss/lib/freebl/mpi/utils/hex2dec.c new file mode 100644 index 000000000..97aad55c9 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/hex2dec.c @@ -0,0 +1,68 @@ +/* + * hex2dec.c + * + * Convert decimal integers into hexadecimal + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a; + char *buf; + int len; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <a>\n", argv[0]); + return 1; + } + + mp_init(&a); mp_read_radix(&a, argv[1], 16); + len = mp_radix_size(&a, 10); + buf = malloc(len); + mp_toradix(&a, buf, 10); + + printf("%s\n", buf); + + free(buf); + mp_clear(&a); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/utils/identest.c b/security/nss/lib/freebl/mpi/utils/identest.c new file mode 100644 index 000000000..a75d2b352 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/identest.c @@ -0,0 +1,79 @@ +#include <stdio.h> +#include <stdlib.h> +#include "mpi.h" +#include "mpprime.h" +#include <sys/types.h> +#include <time.h> + +#define MAX_PREC (4096 / MP_DIGIT_BIT) + +mp_err identity_test(void) +{ + mp_size preca, precb; + mp_err res; + mp_int a, b; + mp_int t1, t2, t3, t4, t5; + + preca = (rand() % MAX_PREC) + 1; + precb = (rand() % MAX_PREC) + 1; + + MP_DIGITS(&a) = 0; + MP_DIGITS(&b) = 0; + MP_DIGITS(&t1) = 0; + MP_DIGITS(&t2) = 0; + MP_DIGITS(&t3) = 0; + MP_DIGITS(&t4) = 0; + MP_DIGITS(&t5) = 0; + + MP_CHECKOK( mp_init(&a) ); + MP_CHECKOK( mp_init(&b) ); + MP_CHECKOK( mp_init(&t1) ); + MP_CHECKOK( mp_init(&t2) ); + MP_CHECKOK( mp_init(&t3) ); + MP_CHECKOK( mp_init(&t4) ); + MP_CHECKOK( mp_init(&t5) ); + + MP_CHECKOK( mpp_random_size(&a, preca) ); + MP_CHECKOK( mpp_random_size(&b, precb) ); + + if (mp_cmp(&a, &b) < 0) + mp_exch(&a, &b); + + MP_CHECKOK( mp_mod(&a, &b, &t1) ); /* t1 = a%b */ + MP_CHECKOK( mp_div(&a, &b, &t2, NULL) ); /* t2 = a/b */ + MP_CHECKOK( mp_mul(&b, &t2, &t3) ); /* t3 = (a/b)*b */ + MP_CHECKOK( mp_add(&t1, &t3, &t4) ); /* t4 = a%b + (a/b)*b */ + MP_CHECKOK( mp_sub(&t4, &a, &t5) ); /* t5 = a%b + (a/b)*b - a */ + if (mp_cmp_z(&t5) != 0) { + res = MP_UNDEF; + goto CLEANUP; + } + +CLEANUP: + mp_clear(&t5); + mp_clear(&t4); + mp_clear(&t3); + mp_clear(&t2); + mp_clear(&t1); + mp_clear(&b); + mp_clear(&a); + return res; +} + +int +main(void) +{ + unsigned int seed = (unsigned int)time(NULL); + unsigned long count = 0; + mp_err res; + + srand(seed); + + while (MP_OKAY == (res = identity_test())) { + if ((++count % 100) == 0) + fputc('.', stderr); + } + + fprintf(stderr, "\ntest failed, err %d\n", res); + return res; +} diff --git a/security/nss/lib/freebl/mpi/utils/invmod.c b/security/nss/lib/freebl/mpi/utils/invmod.c new file mode 100644 index 000000000..df58bb6d1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/invmod.c @@ -0,0 +1,89 @@ +/* + * invmod.c + * + * Compute modular inverses + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> + +#include "mpi.h" + +int main(int argc, char *argv[]) +{ + mp_int a, m; + mp_err res; + char *buf; + int len, out = 0; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]); + return 1; + } + + mp_init(&a); mp_init(&m); + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&m, argv[2], 10); + + if(mp_cmp(&a, &m) > 0) + mp_mod(&a, &m, &a); + + switch((res = mp_invmod(&a, &m, &a))) { + case MP_OKAY: + len = mp_radix_size(&a, 10); + buf = malloc(len); + + mp_toradix(&a, buf, 10); + printf("%s\n", buf); + free(buf); + break; + + case MP_UNDEF: + printf("No inverse\n"); + out = 1; + break; + + default: + printf("error: %s (%d)\n", mp_strerror(res), res); + out = 2; + break; + } + + mp_clear(&a); + mp_clear(&m); + + return out; +} diff --git a/security/nss/lib/freebl/mpi/utils/isprime.c b/security/nss/lib/freebl/mpi/utils/isprime.c new file mode 100644 index 000000000..f9cd9707b --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/isprime.c @@ -0,0 +1,118 @@ +/* + * isprime.c + * + * Probabilistic primality tester command-line tool + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "mpi.h" +#include "mpprime.h" + +#define RM_TESTS 15 /* how many iterations of Rabin-Miller? */ +#define MINIMUM 1024 /* don't bother us with a < this */ + +int g_tests = RM_TESTS; +char *g_prog = NULL; + +int main(int argc, char *argv[]) +{ + mp_int a; + mp_digit np = prime_tab_size; /* from mpprime.h */ + int res = 0; + + g_prog = argv[0]; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <a>, where <a> is a decimal integer\n" + "Use '0x' prefix for a hexadecimal value\n", g_prog); + return 1; + } + + /* Read number of tests from environment, if present */ + { + char *tmp; + + if((tmp = getenv("RM_TESTS")) != NULL) { + if((g_tests = atoi(tmp)) <= 0) + g_tests = RM_TESTS; + } + } + + mp_init(&a); + if(argv[1][0] == '0' && argv[1][1] == 'x') + mp_read_radix(&a, argv[1] + 2, 16); + else + mp_read_radix(&a, argv[1], 10); + + if(mp_cmp_d(&a, MINIMUM) <= 0) { + fprintf(stderr, "%s: please use a value greater than %d\n", + g_prog, MINIMUM); + mp_clear(&a); + return 1; + } + + /* Test for divisibility by small primes */ + if(mpp_divis_primes(&a, &np) != MP_NO) { + printf("Not prime (divisible by small prime %d)\n", np); + res = 2; + goto CLEANUP; + } + + /* Test with Fermat's test, using 2 as a witness */ + if(mpp_fermat(&a, 2) != MP_YES) { + printf("Not prime (failed Fermat test)\n"); + res = 2; + goto CLEANUP; + } + + /* Test with Rabin-Miller probabilistic test */ + if(mpp_pprime(&a, g_tests) == MP_NO) { + printf("Not prime (failed pseudoprime test)\n"); + res = 2; + goto CLEANUP; + } + + printf("Probably prime, 1 in 4^%d chance of false positive\n", g_tests); + +CLEANUP: + mp_clear(&a); + + return res; + +} diff --git a/security/nss/lib/freebl/mpi/utils/lap.c b/security/nss/lib/freebl/mpi/utils/lap.c new file mode 100644 index 000000000..ababed7f3 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/lap.c @@ -0,0 +1,118 @@ +/* + * lap.c + * + * Find least annihilating power of a mod m + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <signal.h> + +#include "mpi.h" + +void sig_catch(int ign); + +int g_quit = 0; + +int main(int argc, char *argv[]) +{ + mp_int a, m, p, k; + + if(argc < 3) { + fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]); + return 1; + } + + mp_init(&a); + mp_init(&m); + mp_init(&p); + mp_add_d(&p, 1, &p); + + mp_read_radix(&a, argv[1], 10); + mp_read_radix(&m, argv[2], 10); + + mp_init_copy(&k, &a); + + signal(SIGINT, sig_catch); +#ifndef __OS2__ + signal(SIGHUP, sig_catch); +#endif + signal(SIGTERM, sig_catch); + + while(mp_cmp(&p, &m) < 0) { + if(g_quit) { + int len; + char *buf; + + len = mp_radix_size(&p, 10); + buf = malloc(len); + mp_toradix(&p, buf, 10); + + fprintf(stderr, "Terminated at: %s\n", buf); + free(buf); + return 1; + } + if(mp_cmp_d(&k, 1) == 0) { + int len; + char *buf; + + len = mp_radix_size(&p, 10); + buf = malloc(len); + mp_toradix(&p, buf, 10); + + printf("%s\n", buf); + + free(buf); + break; + } + + mp_mulmod(&k, &a, &m, &k); + mp_add_d(&p, 1, &p); + } + + if(mp_cmp(&p, &m) >= 0) + printf("No annihilating power.\n"); + + mp_clear(&p); + mp_clear(&m); + mp_clear(&a); + return 0; +} + +void sig_catch(int ign) +{ + g_quit = 1; +} diff --git a/security/nss/lib/freebl/mpi/utils/makeprime.c b/security/nss/lib/freebl/mpi/utils/makeprime.c new file mode 100644 index 000000000..c4deaa9f0 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/makeprime.c @@ -0,0 +1,144 @@ +/* + * makeprime.c + * + * A simple prime generator function (and test driver). Prints out the + * first prime it finds greater than or equal to the starting value. + * + * Usage: makeprime <start> + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <ctype.h> + +/* These two must be included for make_prime() to work */ + +#include "mpi.h" +#include "mpprime.h" + +/* + make_prime(p, nr) + + Find the smallest prime integer greater than or equal to p, where + primality is verified by 'nr' iterations of the Rabin-Miller + probabilistic primality test. The caller is responsible for + generating the initial value of p. + + Returns MP_OKAY if a prime has been generated, otherwise the error + code indicates some other problem. The value of p is clobbered; the + caller should keep a copy if the value is needed. + */ +mp_err make_prime(mp_int *p, int nr); + +/* The main() is not required -- it's just a test driver */ +int main(int argc, char *argv[]) +{ + mp_int start; + mp_err res; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <start-value>\n", argv[0]); + return 1; + } + + mp_init(&start); + if(argv[1][0] == '0' && tolower(argv[1][1]) == 'x') { + mp_read_radix(&start, argv[1] + 2, 16); + } else { + mp_read_radix(&start, argv[1], 10); + } + mp_abs(&start, &start); + + if((res = make_prime(&start, 5)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res)); + mp_clear(&start); + + return 1; + + } else { + char *buf = malloc(mp_radix_size(&start, 10)); + + mp_todecimal(&start, buf); + printf("%s\n", buf); + free(buf); + + mp_clear(&start); + + return 0; + } + +} /* end main() */ + +/*------------------------------------------------------------------------*/ + +mp_err make_prime(mp_int *p, int nr) +{ + mp_err res; + + if(mp_iseven(p)) { + mp_add_d(p, 1, p); + } + + do { + mp_digit which = prime_tab_size; + + /* First test for divisibility by a few small primes */ + if((res = mpp_divis_primes(p, &which)) == MP_YES) + continue; + else if(res != MP_NO) + goto CLEANUP; + + /* If that passes, try one iteration of Fermat's test */ + if((res = mpp_fermat(p, 2)) == MP_NO) + continue; + else if(res != MP_YES) + goto CLEANUP; + + /* If that passes, run Rabin-Miller as often as requested */ + if((res = mpp_pprime(p, nr)) == MP_YES) + break; + else if(res != MP_NO) + goto CLEANUP; + + } while((res = mp_add_d(p, 2, p)) == MP_OKAY); + + CLEANUP: + return res; + +} /* end make_prime() */ + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/utils/metime.c b/security/nss/lib/freebl/mpi/utils/metime.c new file mode 100644 index 000000000..3f39b23a9 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/metime.c @@ -0,0 +1,132 @@ +/* + * metime.c + * + * Modular exponentiation timing test + * + * $Id$ + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <time.h> + +#include "mpi.h" +#include "mpprime.h" + +double clk_to_sec(clock_t start, clock_t stop); + +int main(int argc, char *argv[]) +{ + int ix, num, prec = 8; + unsigned int seed; + clock_t start, stop; + double sec; + + mp_int a, m, c; + + if(getenv("SEED") != NULL) + seed = abs(atoi(getenv("SEED"))); + else + seed = (unsigned int)time(NULL); + + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-tests> [<nbits>]\n", argv[0]); + return 1; + } + + if((num = atoi(argv[1])) < 0) + num = -num; + + if(!num) { + fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]); + return 1; + } + + if(argc > 2) { + if((prec = atoi(argv[2])) <= 0) + prec = 8; + else + prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT; + + } + + printf("Modular exponentiation timing test\n" + "Precision: %d digits (%d bits)\n" + "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num); + + mp_init_size(&a, prec); + mp_init_size(&m, prec); + mp_init_size(&c, prec); + + srand(seed); + + start = clock(); + for(ix = 0; ix < num; ix++) { + + mpp_random_size(&a, prec); + mpp_random_size(&c, prec); + mpp_random_size(&m, prec); + /* set msb and lsb of m */ + DIGIT(&m,0) |= 1; + DIGIT(&m, USED(&m)-1) |= (mp_digit)1 << (DIGIT_BIT - 1); + if (mp_cmp(&a, &m) > 0) + mp_sub(&a, &m, &a); + + mp_exptmod(&a, &c, &m, &c); + } + stop = clock(); + + sec = clk_to_sec(start, stop); + + printf("Total: %.3f seconds\n", sec); + printf("Individual: %.3f seconds\n", sec / num); + + mp_clear(&c); + mp_clear(&a); + mp_clear(&m); + + return 0; +} + +double clk_to_sec(clock_t start, clock_t stop) +{ + return (double)(stop - start) / CLOCKS_PER_SEC; +} + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/utils/pi.c b/security/nss/lib/freebl/mpi/utils/pi.c new file mode 100644 index 000000000..367118586 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/pi.c @@ -0,0 +1,194 @@ +/* + * pi.c + * + * Compute pi to an arbitrary number of digits. Uses Machin's formula, + * like everyone else on the planet: + * + * pi = 16 * arctan(1/5) - 4 * arctan(1/239) + * + * This is pretty effective for up to a few thousand digits, but it + * gets pretty slow after that. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <time.h> + +#include "mpi.h" + +mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum); + +int main(int argc, char *argv[]) +{ + mp_err res; + mp_digit ndigits; + mp_int sum1, sum2; + clock_t start, stop; + int out = 0; + + /* Make the user specify precision on the command line */ + if(argc < 2) { + fprintf(stderr, "Usage: %s <num-digits>\n", argv[0]); + return 1; + } + + if((ndigits = abs(atoi(argv[1]))) == 0) { + fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]); + return 1; + } + + start = clock(); + mp_init(&sum1); mp_init(&sum2); + + /* sum1 = 16 * arctan(1/5) */ + if((res = arctan(16, 5, ndigits, &sum1)) != MP_OKAY) { + fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res)); + out = 1; goto CLEANUP; + } + + /* sum2 = 4 * arctan(1/239) */ + if((res = arctan(4, 239, ndigits, &sum2)) != MP_OKAY) { + fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res)); + out = 1; goto CLEANUP; + } + + /* pi = sum1 - sum2 */ + if((res = mp_sub(&sum1, &sum2, &sum1)) != MP_OKAY) { + fprintf(stderr, "%s: mp_sub: %s\n", argv[0], mp_strerror(res)); + out = 1; goto CLEANUP; + } + stop = clock(); + + /* Write the output in decimal */ + { + char *buf = malloc(mp_radix_size(&sum1, 10)); + + if(buf == NULL) { + fprintf(stderr, "%s: out of memory\n", argv[0]); + out = 1; goto CLEANUP; + } + mp_todecimal(&sum1, buf); + printf("%s\n", buf); + free(buf); + } + + fprintf(stderr, "Computation took %.2f sec.\n", + (double)(stop - start) / CLOCKS_PER_SEC); + + CLEANUP: + mp_clear(&sum1); + mp_clear(&sum2); + + return out; + +} + +/* Compute sum := mul * arctan(1/x), to 'prec' digits of precision */ +mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum) +{ + mp_int t, v; + mp_digit q = 1, rd; + mp_err res; + int sign = 1; + + prec += 3; /* push inaccuracies off the end */ + + mp_init(&t); mp_set(&t, 10); + mp_init(&v); + if((res = mp_expt_d(&t, prec, &t)) != MP_OKAY || /* get 10^prec */ + (res = mp_mul_d(&t, mul, &t)) != MP_OKAY || /* ... times mul */ + (res = mp_mul_d(&t, x, &t)) != MP_OKAY) /* ... times x */ + goto CLEANUP; + + /* + The extra multiplication by x in the above takes care of what + would otherwise have to be a special case for 1 / x^1 during the + first loop iteration. A little sneaky, but effective. + + We compute arctan(1/x) by the formula: + + 1 1 1 1 + - - ----- + ----- - ----- + ... + x 3 x^3 5 x^5 7 x^7 + + We multiply through by 'mul' beforehand, which gives us a couple + more iterations and more precision + */ + + x *= x; /* works as long as x < sqrt(RADIX), which it is here */ + + mp_zero(sum); + + do { + if((res = mp_div_d(&t, x, &t, &rd)) != MP_OKAY) + goto CLEANUP; + + if(sign < 0 && rd != 0) + mp_add_d(&t, 1, &t); + + if((res = mp_div_d(&t, q, &v, &rd)) != MP_OKAY) + goto CLEANUP; + + if(sign < 0 && rd != 0) + mp_add_d(&v, 1, &v); + + if(sign > 0) + res = mp_add(sum, &v, sum); + else + res = mp_sub(sum, &v, sum); + + if(res != MP_OKAY) + goto CLEANUP; + + sign *= -1; + q += 2; + + } while(mp_cmp_z(&t) != 0); + + /* Chop off inaccurate low-order digits */ + mp_div_d(sum, 1000, sum, NULL); + + CLEANUP: + mp_clear(&v); + mp_clear(&t); + + return res; +} + +/*------------------------------------------------------------------------*/ +/* HERE THERE BE DRAGONS */ diff --git a/security/nss/lib/freebl/mpi/utils/primegen.c b/security/nss/lib/freebl/mpi/utils/primegen.c new file mode 100644 index 000000000..1f7a593e1 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/primegen.c @@ -0,0 +1,198 @@ +/* + * primegen.c + * + * Generates random integers which are prime with a high degree of + * probability using the Miller-Rabin probabilistic primality testing + * algorithm. + * + * Usage: + * primegen <bits> [<num>] + * + * <bits> - number of significant bits each prime should have + * <num> - number of primes to generate + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <time.h> + +#include "mpi.h" +#include "mplogic.h" +#include "mpprime.h" + +#undef MACOS /* define if running on a Macintosh */ + +#ifdef MACOS +#include <console.h> +#endif + +#define NUM_TESTS 5 /* Number of Rabin-Miller iterations to test with */ + +#ifdef DEBUG +#define FPUTC(x,y) fputc(x,y) +#else +#define FPUTC(x,y) +#endif + +int main(int argc, char *argv[]) +{ + unsigned char *raw; + char *out; + unsigned long nTries; + int rawlen, bits, outlen, ngen, ix, jx; + int g_strong = 0; + mp_int testval; + mp_err res; + clock_t start, end; + +#ifdef MACOS + argc = ccommand(&argv); +#endif + + /* We'll just use the C library's rand() for now, although this + won't be good enough for cryptographic purposes */ + if((out = getenv("SEED")) == NULL) { + srand((unsigned int)time(NULL)); + } else { + srand((unsigned int)atoi(out)); + } + + if(argc < 2) { + fprintf(stderr, "Usage: %s <bits> [<count> [strong]]\n", argv[0]); + return 1; + } + + if((bits = abs(atoi(argv[1]))) < CHAR_BIT) { + fprintf(stderr, "%s: please request at least %d bits.\n", + argv[0], CHAR_BIT); + return 1; + } + + /* If optional third argument is given, use that as the number of + primes to generate; otherwise generate one prime only. + */ + if(argc < 3) { + ngen = 1; + } else { + ngen = abs(atoi(argv[2])); + } + + /* If fourth argument is given, and is the word "strong", we'll + generate strong (Sophie Germain) primes. + */ + if(argc > 3 && strcmp(argv[3], "strong") == 0) + g_strong = 1; + + /* testval - candidate being tested; nTries - number tried so far */ + if ((res = mp_init(&testval)) != MP_OKAY) { + fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res)); + return 1; + } + + if(g_strong) { + printf("Requested %d strong prime value(s) of %d bits.\n", + ngen, bits); + } else { + printf("Requested %d prime value(s) of %d bits.\n", ngen, bits); + } + + rawlen = (bits / CHAR_BIT) + ((bits % CHAR_BIT) ? 1 : 0) + 1; + + if((raw = calloc(rawlen, sizeof(unsigned char))) == NULL) { + fprintf(stderr, "%s: out of memory, sorry.\n", argv[0]); + return 1; + } + + /* This loop is one for each prime we need to generate */ + for(jx = 0; jx < ngen; jx++) { + + raw[0] = 0; /* sign is positive */ + + /* Pack the initializer with random bytes */ + for(ix = 1; ix < rawlen; ix++) + raw[ix] = (rand() * rand()) & UCHAR_MAX; + + raw[1] |= 0x80; /* set high-order bit of test value */ + raw[rawlen - 1] |= 1; /* set low-order bit of test value */ + + /* Make an mp_int out of the initializer */ + mp_read_raw(&testval, (char *)raw, rawlen); + + /* Initialize candidate counter */ + nTries = 0; + + start = clock(); /* time generation for this prime */ + do { + res = mpp_make_prime(&testval, bits, g_strong, &nTries); + if (res != MP_NO) + break; + /* This code works whether digits are 16 or 32 bits */ + res = mp_add_d(&testval, 32 * 1024, &testval); + res = mp_add_d(&testval, 32 * 1024, &testval); + FPUTC(',', stderr); + } while (1); + end = clock(); + + if (res != MP_YES) { + break; + } + FPUTC('\n', stderr); + puts("The following value is probably prime:"); + outlen = mp_radix_size(&testval, 10); + out = calloc(outlen, sizeof(unsigned char)); + mp_toradix(&testval, (char *)out, 10); + printf("10: %s\n", out); + mp_toradix(&testval, (char *)out, 16); + printf("16: %s\n\n", out); + free(out); + + printf("Number of candidates tried: %lu\n", nTries); + printf("This computation took %ld clock ticks (%.2f seconds)\n", + (end - start), ((double)(end - start) / CLOCKS_PER_SEC)); + + FPUTC('\n', stderr); + } /* end of loop to generate all requested primes */ + + if(res != MP_OKAY) + fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res)); + + free(raw); + mp_clear(&testval); + + return 0; +} diff --git a/security/nss/lib/freebl/mpi/utils/prng.c b/security/nss/lib/freebl/mpi/utils/prng.c new file mode 100644 index 000000000..9b8f7983a --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/prng.c @@ -0,0 +1,87 @@ +/* + * prng.c + * + * Command-line pseudo-random number generator + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <limits.h> +#include <time.h> + +#ifdef __OS2__ +#include <types.h> +#include <process.h> +#else +#include <unistd.h> +#endif + +#include "bbs_rand.h" + +int main(int argc, char *argv[]) +{ + unsigned char *seed; + unsigned int ix, num = 1; + pid_t pid; + + if(argc > 1) { + num = atoi(argv[1]); + if(num <= 0) + num = 1; + } + + pid = getpid(); + srand(time(NULL) * (unsigned int)pid); + + /* Not a perfect seed, but not bad */ + seed = malloc(bbs_seed_size); + for(ix = 0; ix < bbs_seed_size; ix++) { + seed[ix] = rand() % UCHAR_MAX; + } + + bbs_srand(seed, bbs_seed_size); + memset(seed, 0, bbs_seed_size); + free(seed); + + while(num-- > 0) { + ix = bbs_rand(); + + printf("%u\n", ix); + } + + return 0; + +} diff --git a/security/nss/lib/freebl/mpi/utils/ptab.pl b/security/nss/lib/freebl/mpi/utils/ptab.pl new file mode 100755 index 000000000..f9c56b6c3 --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/ptab.pl @@ -0,0 +1,58 @@ +#!/usr/linguist/bin/perl +## +## The contents of this file are subject to the Mozilla Public +## License Version 1.1 (the "License"); you may not use this file +## except in compliance with the License. You may obtain a copy of +## the License at http://www.mozilla.org/MPL/ +## +## Software distributed under the License is distributed on an "AS +## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +## implied. See the License for the specific language governing +## rights and limitations under the License. +## +## The Original Code is the MPI Arbitrary Precision Integer Arithmetic +## library. +## +## The Initial Developer of the Original Code is +## Michael J. Fromberger <sting@linguist.dartmouth.edu> +## +## Portions created by Michael J. Fromberger are +## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved. +## +## Contributor(s): +## +## Alternatively, the contents of this file may be used under the +## terms of the GNU General Public License Version 2 or later (the +## "GPL"), in which case the provisions of the GPL are applicable +## instead of those above. If you wish to allow use of your +## version of this file only under the terms of the GPL and not to +## allow others to use your version of this file under the MPL, +## indicate your decision by deleting the provisions above and +## replace them with the notice and other provisions required by +## the GPL. If you do not delete the provisions above, a recipient +## may use your version of this file under either the MPL or the +## GPL. +## +## $Id$ +## + +while(<>) { + chomp; + push(@primes, $_); +} + +printf("mp_size prime_tab_size = %d;\n", ($#primes + 1)); +print "mp_digit prime_tab[] = {\n"; + +print "\t"; +$last = pop(@primes); +foreach $prime (sort {$a<=>$b} @primes) { + printf("0x%04X, ", $prime); + $brk = ($brk + 1) % 8; + print "\n\t" if(!$brk); +} +printf("0x%04X", $last); +print "\n" if($brk); +print "};\n\n"; + +exit 0; diff --git a/security/nss/lib/freebl/mpi/utils/sieve.c b/security/nss/lib/freebl/mpi/utils/sieve.c new file mode 100644 index 000000000..4dd20604c --- /dev/null +++ b/security/nss/lib/freebl/mpi/utils/sieve.c @@ -0,0 +1,265 @@ +/* + * sieve.c + * + * Finds prime numbers using the Sieve of Eratosthenes + * + * This implementation uses a bitmap to represent all odd integers in a + * given range. We iterate over this bitmap, crossing off the + * multiples of each prime we find. At the end, all the remaining set + * bits correspond to prime integers. + * + * Here, we make two passes -- once we have generated a sieve-ful of + * primes, we copy them out, reset the sieve using the highest + * generated prime from the first pass as a base. Then we cross out + * all the multiples of all the primes we found the first time through, + * and re-sieve. In this way, we get double use of the memory we + * allocated for the sieve the first time though. Since we also + * implicitly ignore multiples of 2, this amounts to 4 times the + * values. + * + * This could (and probably will) be generalized to re-use the sieve a + * few more times. + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the MPI Arbitrary Precision Integer Arithmetic + * library. + * + * The Initial Developer of the Original Code is Michael J. Fromberger. + * Portions created by Michael J. Fromberger are + * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. + * All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + * + * $Id$ + */ + +#include <stdio.h> +#include <stdlib.h> +#include <limits.h> + +typedef unsigned char byte; + +typedef struct { + int size; + byte *bits; + long base; + int next; + int nbits; +} sieve; + +void sieve_init(sieve *sp, long base, int nbits); +void sieve_grow(sieve *sp, int nbits); +long sieve_next(sieve *sp); +void sieve_reset(sieve *sp, long base); +void sieve_cross(sieve *sp, long val); +void sieve_clear(sieve *sp); + +#define S_ISSET(S, B) (((S)->bits[(B)/CHAR_BIT]>>((B)%CHAR_BIT))&1) +#define S_SET(S, B) ((S)->bits[(B)/CHAR_BIT]|=(1<<((B)%CHAR_BIT))) +#define S_CLR(S, B) ((S)->bits[(B)/CHAR_BIT]&=~(1<<((B)%CHAR_BIT))) +#define S_VAL(S, B) ((S)->base+(2*(B))) +#define S_BIT(S, V) (((V)-((S)->base))/2) + +int main(int argc, char *argv[]) +{ + sieve s; + long pr, *p; + int c, ix, cur = 0; + + if(argc < 2) { + fprintf(stderr, "Usage: %s <width>\n", argv[0]); + return 1; + } + + c = atoi(argv[1]); + if(c < 0) c = -c; + + fprintf(stderr, "%s: sieving to %d positions\n", argv[0], c); + + sieve_init(&s, 3, c); + + c = 0; + while((pr = sieve_next(&s)) > 0) { + ++c; + } + + p = calloc(c, sizeof(long)); + if(!p) { + fprintf(stderr, "%s: out of memory after first half\n", argv[0]); + sieve_clear(&s); + exit(1); + } + + fprintf(stderr, "%s: half done ... \n", argv[0]); + + for(ix = 0; ix < s.nbits; ix++) { + if(S_ISSET(&s, ix)) { + p[cur] = S_VAL(&s, ix); + printf("%ld\n", p[cur]); + ++cur; + } + } + + sieve_reset(&s, p[cur - 1]); + fprintf(stderr, "%s: crossing off %d found primes ... \n", argv[0], cur); + for(ix = 0; ix < cur; ix++) { + sieve_cross(&s, p[ix]); + if(!(ix % 1000)) + fputc('.', stderr); + } + fputc('\n', stderr); + + free(p); + + fprintf(stderr, "%s: sieving again from %ld ... \n", argv[0], p[cur - 1]); + c = 0; + while((pr = sieve_next(&s)) > 0) { + ++c; + } + + fprintf(stderr, "%s: done!\n", argv[0]); + for(ix = 0; ix < s.nbits; ix++) { + if(S_ISSET(&s, ix)) { + printf("%ld\n", S_VAL(&s, ix)); + } + } + + sieve_clear(&s); + + return 0; +} + +void sieve_init(sieve *sp, long base, int nbits) +{ + sp->size = (nbits / CHAR_BIT); + + if(nbits % CHAR_BIT) + ++sp->size; + + sp->bits = calloc(sp->size, sizeof(byte)); + memset(sp->bits, UCHAR_MAX, sp->size); + if(!(base & 1)) + ++base; + sp->base = base; + + sp->next = 0; + sp->nbits = sp->size * CHAR_BIT; +} + +void sieve_grow(sieve *sp, int nbits) +{ + int ns = (nbits / CHAR_BIT); + + if(nbits % CHAR_BIT) + ++ns; + + if(ns > sp->size) { + byte *tmp; + int ix; + + tmp = calloc(ns, sizeof(byte)); + if(tmp == NULL) { + fprintf(stderr, "Error: out of memory in sieve_grow\n"); + return; + } + + memcpy(tmp, sp->bits, sp->size); + for(ix = sp->size; ix < ns; ix++) { + tmp[ix] = UCHAR_MAX; + } + + free(sp->bits); + sp->bits = tmp; + sp->size = ns; + + sp->nbits = sp->size * CHAR_BIT; + } +} + +long sieve_next(sieve *sp) +{ + long out; + int ix = 0; + long val; + + if(sp->next > sp->nbits) + return -1; + + out = S_VAL(sp, sp->next); +#ifdef DEBUG + fprintf(stderr, "Sieving %ld\n", out); +#endif + + /* Sieve out all multiples of the current prime */ + val = out; + while(ix < sp->nbits) { + val += out; + ix = S_BIT(sp, val); + if((val & 1) && ix < sp->nbits) { /* && S_ISSET(sp, ix)) { */ + S_CLR(sp, ix); +#ifdef DEBUG + fprintf(stderr, "Crossing out %ld (bit %d)\n", val, ix); +#endif + } + } + + /* Scan ahead to the next prime */ + ++sp->next; + while(sp->next < sp->nbits && !S_ISSET(sp, sp->next)) + ++sp->next; + + return out; +} + +void sieve_cross(sieve *sp, long val) +{ + int ix = 0; + long cur = val; + + while(cur < sp->base) + cur += val; + + ix = S_BIT(sp, cur); + while(ix < sp->nbits) { + if(cur & 1) + S_CLR(sp, ix); + cur += val; + ix = S_BIT(sp, cur); + } +} + +void sieve_reset(sieve *sp, long base) +{ + memset(sp->bits, UCHAR_MAX, sp->size); + sp->base = base; + sp->next = 0; +} + +void sieve_clear(sieve *sp) +{ + if(sp->bits) + free(sp->bits); + + sp->bits = NULL; +} diff --git a/security/nss/lib/freebl/mpi/vis_32.il b/security/nss/lib/freebl/mpi/vis_32.il new file mode 100644 index 000000000..443b6a00e --- /dev/null +++ b/security/nss/lib/freebl/mpi/vis_32.il @@ -0,0 +1,1320 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is vis inline macros (32 bit). (vis_32.il 3.3) +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1995-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! $Id$ +! +! @(#)vis_32.il 3.3 00/03/02 SMI + +! The interface to the VIS instructions as declared below (and in the VIS +! User's Manual) will not change, but the macro implementation might change +! in the future. + +!-------------------------------------------------------------------- +! Pure edge handling instructions +! +! int vis_edge8(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8,8 + edge8 %o0,%o1,%o0 + .end +! +! int vis_edge8l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8l,8 + edge8l %o0,%o1,%o0 + .end +! +! int vis_edge16(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16,8 + edge16 %o0,%o1,%o0 + .end +! +! int vis_edge16l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16l,8 + edge16l %o0,%o1,%o0 + .end +! +! int vis_edge32(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32,8 + edge32 %o0,%o1,%o0 + .end +! +! int vis_edge32l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32l,8 + edge32l %o0,%o1,%o0 + .end + +!-------------------------------------------------------------------- +! Edge handling instructions with negative return values if cc set +! +! int vis_edge8cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8cc,8 + edge8 %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge8lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8lcc,8 + edge8l %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge16cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16cc,8 + edge16 %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge16lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16lcc,8 + edge16l %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge32cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32cc,8 + edge32 %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge32lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32lcc,8 + edge32l %o0,%o1,%o0 + mov 0,%o1 + movgu %icc,-1024,%o1 + or %o1,%o0,%o0 + .end + +!-------------------------------------------------------------------- +! Alignment instructions +! +! void *vis_alignaddr(void */*rs1*/, int /*rs2*/); +! + .inline vis_alignaddr,8 + alignaddr %o0,%o1,%o0 + .end +! +! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/); +! + .inline vis_alignaddrl,8 + alignaddrl %o0,%o1,%o0 + .end +! +! double vis_faligndata(double /*frs1*/, double /*frs2*/); +! + .inline vis_faligndata,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + faligndata %f4,%f10,%f0 + .end + +!-------------------------------------------------------------------- +! Partitioned comparison instructions +! +! int vis_fcmple16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmple16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmple16 %f4,%f10,%o0 + .end +! +! int vis_fcmpne16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpne16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpne16 %f4,%f10,%o0 + .end +! +! int vis_fcmple32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmple32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmple32 %f4,%f10,%o0 + .end +! +! int vis_fcmpne32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpne32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpne32 %f4,%f10,%o0 + .end +! +! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpgt16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpgt16 %f4,%f10,%o0 + .end +! +! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpeq16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpeq16 %f4,%f10,%o0 + .end +! +! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpgt32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpgt32 %f4,%f10,%o0 + .end +! +! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpeq32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fcmpeq32 %f4,%f10,%o0 + .end + +!-------------------------------------------------------------------- +! Partitioned arithmetic +! +! double vis_fmul8x16(float /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8x16,12 + st %o0,[%sp+0x44] + ld [%sp+0x44],%f4 + st %o1,[%sp+0x48] + st %o2,[%sp+0x4c] + ldd [%sp+0x48],%f10 + fmul8x16 %f4,%f10,%f0 + .end +! +! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/); +! + .inline vis_fmul8x16_dummy,16 + st %o0,[%sp+0x44] + ld [%sp+0x44],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fmul8x16 %f4,%f10,%f0 + .end +! +! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmul8x16au,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fmul8x16au %f4,%f10,%f0 + .end +! +! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmul8x16al,8 + st %o0,[%sp+0x44] + ld [%sp+0x44],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fmul8x16al %f4,%f10,%f0 + .end +! +! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8sux16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fmul8sux16 %f4,%f10,%f0 + .end +! +! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8ulx16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fmul8ulx16 %f4,%f10,%f0 + .end +! +! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmuld8sux16,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fmuld8sux16 %f4,%f10,%f0 + .end +! +! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmuld8ulx16,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fmuld8ulx16 %f4,%f10,%f0 + .end +! +! double vis_fpadd16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpadd16,16 + std %o0,[%sp+0x40] + ldd [%sp+0x40],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpadd16 %f4,%f10,%f0 + .end +! +! float vis_fpadd16s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpadd16s,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fpadd16s %f4,%f10,%f0 + .end +! +! double vis_fpadd32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpadd32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpadd32 %f4,%f10,%f0 + .end +! +! float vis_fpadd32s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpadd32s,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fpadd32s %f4,%f10,%f0 + .end +! +! double vis_fpsub16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpsub16,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpsub16 %f4,%f10,%f0 + .end +! +! float vis_fpsub16s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpsub16s,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fpsub16s %f4,%f10,%f0 + .end +! +! double vis_fpsub32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpsub32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpsub32 %f4,%f10,%f0 + .end +! +! float vis_fpsub32s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpsub32s,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fpsub32s %f4,%f10,%f0 + .end + +!-------------------------------------------------------------------- +! Pixel packing +! +! float vis_fpack16(double /*frs2*/); +! + .inline vis_fpack16,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fpack16 %f4,%f0 + .end + +! +! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/); +! + .inline vis_fpack16_pair,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpack16 %f4,%f0 + fpack16 %f10,%f1 + .end +! +! void vis_st2_fpack16(double, double, double *) +! + .inline vis_st2_fpack16,20 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpack16 %f4,%f0 + fpack16 %f10,%f1 + st %f0,[%o4+0] + st %f1,[%o4+4] + .end +! +! void vis_std_fpack16(double, double, double *) +! + .inline vis_std_fpack16,20 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpack16 %f4,%f0 + fpack16 %f10,%f1 + std %f0,[%o4] + .end +! +! void vis_st2_fpackfix(double, double, double *) +! + .inline vis_st2_fpackfix,20 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpackfix %f4,%f0 + fpackfix %f10,%f1 + st %f0,[%o4+0] + st %f1,[%o4+4] + .end +! +! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack16_to_hi,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f0 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f4 + fpack16 %f4,%f0 + .end + +! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack16_to_lo,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f0 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f4 + fpack16 %f4,%f3 + fmovs %f3,%f1 /* without this, optimizer goes wrong */ + .end + +! +! double vis_fpack32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack32,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fpack32 %f4,%f10,%f0 + .end +! +! float vis_fpackfix(double /*frs2*/); +! + .inline vis_fpackfix,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fpackfix %f4,%f0 + .end +! +! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/); +! + .inline vis_fpackfix_pair,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f6 + fpackfix %f4,%f0 + fpackfix %f6,%f1 + .end + +!-------------------------------------------------------------------- +! Motion estimation +! +! double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/); +! + .inline vis_pdist,24 + std %o4,[%sp+0x48] + ldd [%sp+0x48],%f0 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + pdist %f4,%f10,%f0 + .end + +!-------------------------------------------------------------------- +! Channel merging +! +! double vis_fpmerge(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpmerge,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fpmerge %f4,%f10,%f0 + .end + +!-------------------------------------------------------------------- +! Pixel expansion +! +! double vis_fexpand(float /*frs2*/); +! + .inline vis_fexpand,4 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + fexpand %f4,%f0 + .end + +! double vis_fexpand_hi(double /*frs2*/); +! + .inline vis_fexpand_hi,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fexpand %f4,%f0 + .end + +! double vis_fexpand_lo(double /*frs2*/); +! + .inline vis_fexpand_lo,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fmovs %f5, %f2 + fexpand %f2,%f0 + .end + +!-------------------------------------------------------------------- +! Bitwise logical operations +! +! double vis_fnor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fnor,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fnor %f4,%f10,%f0 + .end +! +! float vis_fnors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fnors,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fnors %f4,%f10,%f0 + .end +! +! double vis_fandnot(double /*frs1*/, double /*frs2*/); +! + .inline vis_fandnot,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fandnot1 %f4,%f10,%f0 + .end +! +! float vis_fandnots(float /*frs1*/, float /*frs2*/); +! + .inline vis_fandnots,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fandnot1s %f4,%f10,%f0 + .end +! +! double vis_fnot(double /*frs1*/); +! + .inline vis_fnot,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fnot1 %f4,%f0 + .end +! +! float vis_fnots(float /*frs1*/); +! + .inline vis_fnots,4 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + fnot1s %f4,%f0 + .end +! +! double vis_fxor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fxor,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fxor %f4,%f10,%f0 + .end +! +! float vis_fxors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fxors,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fxors %f4,%f10,%f0 + .end +! +! double vis_fnand(double /*frs1*/, double /*frs2*/); +! + .inline vis_fnand,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fnand %f4,%f10,%f0 + .end +! +! float vis_fnands(float /*frs1*/, float /*frs2*/); +! + .inline vis_fnands,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fnands %f4,%f10,%f0 + .end +! +! double vis_fand(double /*frs1*/, double /*frs2*/); +! + .inline vis_fand,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fand %f4,%f10,%f0 + .end +! +! float vis_fands(float /*frs1*/, float /*frs2*/); +! + .inline vis_fands,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fands %f4,%f10,%f0 + .end +! +! double vis_fxnor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fxnor,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fxnor %f4,%f10,%f0 + .end +! +! float vis_fxnors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fxnors,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fxnors %f4,%f10,%f0 + .end +! +! double vis_fsrc(double /*frs1*/); +! + .inline vis_fsrc,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + fsrc1 %f4,%f0 + .end +! +! float vis_fsrcs(float /*frs1*/); +! + .inline vis_fsrcs,4 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + fsrc1s %f4,%f0 + .end +! +! double vis_fornot(double /*frs1*/, double /*frs2*/); +! + .inline vis_fornot,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + fornot1 %f4,%f10,%f0 + .end +! +! float vis_fornots(float /*frs1*/, float /*frs2*/); +! + .inline vis_fornots,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fornot1s %f4,%f10,%f0 + .end +! +! double vis_for(double /*frs1*/, double /*frs2*/); +! + .inline vis_for,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + std %o2,[%sp+0x48] + ldd [%sp+0x48],%f10 + for %f4,%f10,%f0 + .end +! +! float vis_fors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fors,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + st %o1,[%sp+0x48] + ld [%sp+0x48],%f10 + fors %f4,%f10,%f0 + .end +! +! double vis_fzero(/* void */) +! + .inline vis_fzero,0 + fzero %f0 + .end +! +! float vis_fzeros(/* void */) +! + .inline vis_fzeros,0 + fzeros %f0 + .end +! +! double vis_fone(/* void */) +! + .inline vis_fone,0 + fone %f0 + .end +! +! float vis_fones(/* void */) +! + .inline vis_fones,0 + fones %f0 + .end + +!-------------------------------------------------------------------- +! Partial store instructions +! +! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8P,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P + .end +! +! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8PL,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc8 ! ASI_PST8_PL + .end +! +! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask); +! + .inline vis_stdfa_ASI_PST8P_int_pair,16 + ld [%o0],%f4 + ld [%o1],%f5 + stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P + .end +! +! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8S,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc1 ! ASI_PST8_S + .end +! +! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST16P,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc2 ! ASI_PST16_P + .end +! +! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST16S,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc3 ! ASI_PST16_S + .end +! +! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST32P,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc4 ! ASI_PST32_P + .end +! +! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST32S,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]%o3,0xc5 ! ASI_PST32_S + .end + +!-------------------------------------------------------------------- +! Short store instructions +! +! vis_stdfa_ASI_FL8P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8P,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd0 ! ASI_FL8_P + .end +! +! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index) +! + .inline vis_stdfa_ASI_FL8P_index,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2+%o3]0xd0 ! ASI_FL8_P + .end +! +! vis_stdfa_ASI_FL8S(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8S,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd1 ! ASI_FL8_S + .end +! +! vis_stdfa_ASI_FL16P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16P,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd2 ! ASI_FL16_P + .end +! +! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index) +! + .inline vis_stdfa_ASI_FL16P_index,16 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2+%o3]0xd2 ! ASI_FL16_P + .end +! +! vis_stdfa_ASI_FL16S(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16S,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd3 ! ASI_FL16_S + .end +! +! vis_stdfa_ASI_FL8PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8PL,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd8 ! ASI_FL8_PL + .end +! +! vis_stdfa_ASI_FL8SL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8SL,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xd9 ! ASI_FL8_SL + .end +! +! vis_stdfa_ASI_FL16PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16PL,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xda ! ASI_FL16_PL + .end +! +! vis_stdfa_ASI_FL16SL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16SL,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0xdb ! ASI_FL16_SL + .end + +!-------------------------------------------------------------------- +! Short load instructions +! +! double vis_lddfa_ASI_FL8P(void *rs1) +! + .inline vis_lddfa_ASI_FL8P,4 + ldda [%o0]0xd0,%f4 ! ASI_FL8_P + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_FL8P_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL8P_index,8 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index) +! + .inline vis_lddfa_ASI_FL8P_hi,8 + sra %o1,16,%o1 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index) +! + .inline vis_lddfa_ASI_FL8P_lo,8 + sll %o1,16,%o1 + sra %o1,16,%o1 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8S(void *rs1) +! + .inline vis_lddfa_ASI_FL8S,4 + ldda [%o0]0xd1,%f4 ! ASI_FL8_S + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16P(void *rs1) +! + .inline vis_lddfa_ASI_FL16P,4 + ldda [%o0]0xd2,%f4 ! ASI_FL16_P + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16P_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL16P_index,8 + ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16S(void *rs1) +! + .inline vis_lddfa_ASI_FL16S,4 + ldda [%o0]0xd3,%f4 ! ASI_FL16_S + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8PL(void *rs1) +! + .inline vis_lddfa_ASI_FL8PL,4 + ldda [%o0]0xd8,%f4 ! ASI_FL8_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL8PL_index,8 + ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8SL(void *rs1) +! + .inline vis_lddfa_ASI_FL8SL,4 + ldda [%o0]0xd9,%f4 ! ASI_FL8_SL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16PL(void *rs1) +! + .inline vis_lddfa_ASI_FL16PL,4 + ldda [%o0]0xda,%f4 ! ASI_FL16_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL16PL_index,8 + ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16SL(void *rs1) +! + .inline vis_lddfa_ASI_FL16SL,4 + ldda [%o0]0xdb,%f4 ! ASI_FL16_SL + fmovd %f4,%f0 + .end + +!-------------------------------------------------------------------- +! Graphics status register +! +! unsigned int vis_read_gsr(void) +! + .inline vis_read_gsr,0 + rd %gsr,%o0 + .end +! +! void vis_write_gsr(unsigned int /* GSR */) +! + .inline vis_write_gsr,4 + wr %g0,%o0,%gsr + .end + +!-------------------------------------------------------------------- +! Voxel texture mapping +! +! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/) +! + .inline vis_array8,12 + sllx %o0,32,%o0 + srl %o1,0,%o1 ! clear the most significant 32 bits of %o1 + or %o0,%o1,%o3 ! join %o0 and %o1 into %o3 + array8 %o3,%o2,%o0 + .end +! +! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/) +! + .inline vis_array16,12 + sllx %o0,32,%o0 + srl %o1,0,%o1 ! clear the most significant 32 bits of %o1 + or %o0,%o1,%o3 ! join %o0 and %o1 into %o3 + array16 %o3,%o2,%o0 + .end +! +! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/) +! + .inline vis_array32,12 + sllx %o0,32,%o0 + srl %o1,0,%o1 ! clear the most significant 32 bits of %o1 + or %o0,%o1,%o3 ! join %o0 and %o1 into %o3 + array32 %o3,%o2,%o0 + .end + +!-------------------------------------------------------------------- +! Register aliasing and type casts +! +! float vis_read_hi(double /* frs1 */); +! + .inline vis_read_hi,8 + std %o0,[%sp+0x48] ! store double frs1 + ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; return %f0; + .end +! +! float vis_read_lo(double /* frs1 */); +! + .inline vis_read_lo,8 + std %o0,[%sp+0x48] ! store double frs1 + ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; + fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0; + .end +! +! double vis_write_hi(double /* frs1 */, float /* frs2 */); +! + .inline vis_write_hi,12 + std %o0,[%sp+0x48] ! store double frs1; + ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; + st %o2,[%sp+0x44] ! store float frs2; + ld [%sp+0x44],%f2 ! %f2 = float frs2; + fmovs %f2,%f0 ! %f0 = float frs2; return %f0:f1; + .end +! +! double vis_write_lo(double /* frs1 */, float /* frs2 */); +! + .inline vis_write_lo,12 + std %o0,[%sp+0x48] ! store double frs1; + ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; + st %o2,[%sp+0x44] ! store float frs2; + ld [%sp+0x44],%f2 ! %f2 = float frs2; + fmovs %f2,%f1 ! %f1 = float frs2; return %f0:f1; + .end +! +! double vis_freg_pair(float /* frs1 */, float /* frs2 */); +! + .inline vis_freg_pair,8 + st %o0,[%sp+0x48] ! store float frs1 + ld [%sp+0x48],%f0 + st %o1,[%sp+0x48] ! store float frs2 + ld [%sp+0x48],%f1 + .end +! +! float vis_to_float(unsigned int /*value*/); +! + .inline vis_to_float,4 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f0 + .end +! +! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/); +! + .inline vis_to_double,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f0 + .end +! +! double vis_to_double_dup(unsigned int /*value*/); +! + .inline vis_to_double_dup,4 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f1 + fmovs %f1,%f0 ! duplicate value + .end +! +! double vis_ll_to_double(unsigned long long /*value*/); +! + .inline vis_ll_to_double,8 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f0 + .end + +!-------------------------------------------------------------------- +! Address space identifier (ASI) register +! +! unsigned int vis_read_asi(void) +! + .inline vis_read_asi,0 + rd %asi,%o0 + .end +! +! void vis_write_asi(unsigned int /* ASI */) +! + .inline vis_write_asi,4 + wr %g0,%o0,%asi + .end + +!-------------------------------------------------------------------- +! Load/store from/into alternate space +! +! float vis_ldfa_ASI_REG(void *rs1) +! + .inline vis_ldfa_ASI_REG,4 + lda [%o0+0]%asi,%f4 + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! float vis_ldfa_ASI_P(void *rs1) +! + .inline vis_ldfa_ASI_P,4 + lda [%o0]0x80,%f4 ! ASI_P + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! float vis_ldfa_ASI_PL(void *rs1) +! + .inline vis_ldfa_ASI_PL,4 + lda [%o0]0x88,%f4 ! ASI_PL + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_REG(void *rs1) +! + .inline vis_lddfa_ASI_REG,4 + ldda [%o0+0]%asi,%f4 + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_P(void *rs1) +! + .inline vis_lddfa_ASI_P,4 + ldda [%o0]0x80,%f4 ! ASI_P + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_PL(void *rs1) +! + .inline vis_lddfa_ASI_PL,4 + ldda [%o0]0x88,%f4 ! ASI_PL + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! vis_stfa_ASI_REG(float frs, void *rs1) +! + .inline vis_stfa_ASI_REG,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + sta %f4,[%o1+0]%asi + .end +! +! vis_stfa_ASI_P(float frs, void *rs1) +! + .inline vis_stfa_ASI_P,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + sta %f4,[%o1]0x80 ! ASI_P + .end +! +! vis_stfa_ASI_PL(float frs, void *rs1) +! + .inline vis_stfa_ASI_PL,8 + st %o0,[%sp+0x48] + ld [%sp+0x48],%f4 + sta %f4,[%o1]0x88 ! ASI_PL + .end +! +! vis_stdfa_ASI_REG(double frd, void *rs1) +! + .inline vis_stdfa_ASI_REG,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2+0]%asi + .end +! +! vis_stdfa_ASI_P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_P,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0x80 ! ASI_P + .end +! +! vis_stdfa_ASI_PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_PL,12 + std %o0,[%sp+0x48] + ldd [%sp+0x48],%f4 + stda %f4,[%o2]0x88 ! ASI_PL + .end +! +! unsigned short vis_lduha_ASI_REG(void *rs1) +! + .inline vis_lduha_ASI_REG,4 + lduha [%o0+0]%asi,%o0 + .end +! +! unsigned short vis_lduha_ASI_P(void *rs1) +! + .inline vis_lduha_ASI_P,4 + lduha [%o0]0x80,%o0 ! ASI_P + .end +! +! unsigned short vis_lduha_ASI_PL(void *rs1) +! + .inline vis_lduha_ASI_PL,4 + lduha [%o0]0x88,%o0 ! ASI_PL + .end +! +! unsigned short vis_lduha_ASI_P_index(void *rs1, long index) +! + .inline vis_lduha_ASI_P_index,8 + lduha [%o0+%o1]0x80,%o0 ! ASI_P + .end +! +! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index) +! + .inline vis_lduha_ASI_PL_index,8 + lduha [%o0+%o1]0x88,%o0 ! ASI_PL + .end + +!-------------------------------------------------------------------- +! Prefetch +! +! void vis_prefetch_read(void * /*address*/); +! + .inline vis_prefetch_read,4 + prefetch [%o0+0],0 + .end +! +! void vis_prefetch_write(void * /*address*/); +! + .inline vis_prefetch_write,4 + prefetch [%o0+0],2 + .end diff --git a/security/nss/lib/freebl/mpi/vis_64.il b/security/nss/lib/freebl/mpi/vis_64.il new file mode 100644 index 000000000..7a57e9b79 --- /dev/null +++ b/security/nss/lib/freebl/mpi/vis_64.il @@ -0,0 +1,1026 @@ +! +! The contents of this file are subject to the Mozilla Public +! License Version 1.1 (the "License"); you may not use this file +! except in compliance with the License. You may obtain a copy of +! the License at http://www.mozilla.org/MPL/ +! +! Software distributed under the License is distributed on an "AS +! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +! implied. See the License for the specific language governing +! rights and limitations under the License. +! +! The Original Code is vis inline macros (64 bit). (vis_64.il 3.4) +! +! The Initial Developer of the Original Code is Sun Microsystems Inc. +! Portions created by Sun Microsystems Inc. are +! Copyright (C) 1998-2000 Sun Microsystems Inc. All Rights Reserved. +! +! Contributor(s): +! +! Alternatively, the contents of this file may be used under the +! terms of the GNU General Public License Version 2 or later (the +! "GPL"), in which case the provisions of the GPL are applicable +! instead of those above. If you wish to allow use of your +! version of this file only under the terms of the GPL and not to +! allow others to use your version of this file under the MPL, +! indicate your decision by deleting the provisions above and +! replace them with the notice and other provisions required by +! the GPL. If you do not delete the provisions above, a recipient +! may use your version of this file under either the MPL or the +! GPL. +! $Id$ +! +! @(#)vis_64.il 3.4 00/03/02 SMI + +! This file is to be used in place of vis.il in 64-bit builds. + +!-------------------------------------------------------------------- +! Pure edge handling instructions +! +! int vis_edge8(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8,16 + edge8 %o0,%o1,%o0 + .end +! +! int vis_edge8l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8l,16 + edge8l %o0,%o1,%o0 + .end +! +! int vis_edge16(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16,16 + edge16 %o0,%o1,%o0 + .end +! +! int vis_edge16l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16l,16 + edge16l %o0,%o1,%o0 + .end +! +! int vis_edge32(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32,16 + edge32 %o0,%o1,%o0 + .end +! +! int vis_edge32l(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32l,16 + edge32l %o0,%o1,%o0 + .end + +!-------------------------------------------------------------------- +! Edge handling instructions with negative return values if cc set +! +! int vis_edge8cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8cc,16 + edge8 %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge8lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge8lcc,16 + edge8l %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge16cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16cc,16 + edge16 %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge16lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge16lcc,16 + edge16l %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge32cc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32cc,16 + edge32 %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end +! +! int vis_edge32lcc(void */*frs1*/, void */*frs2*/); +! + .inline vis_edge32lcc,16 + edge32l %o0,%o1,%o0 + mov 0,%o1 + movgu %xcc,-1024,%o1 + or %o1,%o0,%o0 + .end + +!-------------------------------------------------------------------- +! Alignment instructions +! +! void *vis_alignaddr(void */*rs1*/, int /*rs2*/); +! + .inline vis_alignaddr,12 + alignaddr %o0,%o1,%o0 + .end +! +! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/); +! + .inline vis_alignaddrl,12 + alignaddrl %o0,%o1,%o0 + .end +! +! double vis_faligndata(double /*frs1*/, double /*frs2*/); +! + .inline vis_faligndata,16 + faligndata %f0,%f2,%f0 + .end + +!-------------------------------------------------------------------- +! Partitioned comparison instructions +! +! int vis_fcmple16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmple16,16 + fcmple16 %f0,%f2,%o0 + .end +! +! int vis_fcmpne16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpne16,16 + fcmpne16 %f0,%f2,%o0 + .end +! +! int vis_fcmple32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmple32,16 + fcmple32 %f0,%f2,%o0 + .end +! +! int vis_fcmpne32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpne32,16 + fcmpne32 %f0,%f2,%o0 + .end +! +! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpgt16,16 + fcmpgt16 %f0,%f2,%o0 + .end +! +! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpeq16,16 + fcmpeq16 %f0,%f2,%o0 + .end +! +! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpgt32,16 + fcmpgt32 %f0,%f2,%o0 + .end +! +! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fcmpeq32,16 + fcmpeq32 %f0,%f2,%o0 + .end + +!-------------------------------------------------------------------- +! Partitioned arithmetic +! +! double vis_fmul8x16(float /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8x16,12 + fmul8x16 %f1,%f2,%f0 + .end +! +! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/); +! + .inline vis_fmul8x16_dummy,16 + fmul8x16 %f1,%f4,%f0 + .end +! +! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmul8x16au,8 + fmul8x16au %f1,%f3,%f0 + .end +! +! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmul8x16al,8 + fmul8x16al %f1,%f3,%f0 + .end +! +! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8sux16,16 + fmul8sux16 %f0,%f2,%f0 + .end +! +! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fmul8ulx16,16 + fmul8ulx16 %f0,%f2,%f0 + .end +! +! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmuld8sux16,8 + fmuld8sux16 %f1,%f3,%f0 + .end +! +! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/); +! + .inline vis_fmuld8ulx16,8 + fmuld8ulx16 %f1,%f3,%f0 + .end +! +! double vis_fpadd16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpadd16,16 + fpadd16 %f0,%f2,%f0 + .end +! +! float vis_fpadd16s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpadd16s,8 + fpadd16s %f1,%f3,%f0 + .end +! +! double vis_fpadd32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpadd32,16 + fpadd32 %f0,%f2,%f0 + .end +! +! float vis_fpadd32s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpadd32s,8 + fpadd32s %f1,%f3,%f0 + .end +! +! double vis_fpsub16(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpsub16,16 + fpsub16 %f0,%f2,%f0 + .end +! +! float vis_fpsub16s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpsub16s,8 + fpsub16s %f1,%f3,%f0 + .end +! +! double vis_fpsub32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpsub32,16 + fpsub32 %f0,%f2,%f0 + .end +! +! float vis_fpsub32s(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpsub32s,8 + fpsub32s %f1,%f3,%f0 + .end + +!-------------------------------------------------------------------- +! Pixel packing +! +! float vis_fpack16(double /*frs2*/); +! + .inline vis_fpack16,8 + fpack16 %f0,%f0 + .end +! +! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/); +! + .inline vis_fpack16_pair,16 + fpack16 %f0,%f0 + fpack16 %f2,%f1 + .end +! +! void vis_st2_fpack16(double, double, double *) +! + .inline vis_st2_fpack16,24 + fpack16 %f0,%f0 + fpack16 %f2,%f1 + st %f0,[%o2+0] + st %f1,[%o2+4] + .end +! +! void vis_std_fpack16(double, double, double *) +! + .inline vis_std_fpack16,24 + fpack16 %f0,%f0 + fpack16 %f2,%f1 + std %f0,[%o2] + .end +! +! void vis_st2_fpackfix(double, double, double *) +! + .inline vis_st2_fpackfix,24 + fpackfix %f0,%f0 + fpackfix %f2,%f1 + st %f0,[%o2+0] + st %f1,[%o2+4] + .end +! +! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack16_to_hi,16 + fpack16 %f2,%f0 + .end + +! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack16_to_lo,16 + fpack16 %f2,%f3 + fmovs %f3,%f1 /* without this, optimizer goes wrong */ + .end + +! +! double vis_fpack32(double /*frs1*/, double /*frs2*/); +! + .inline vis_fpack32,16 + fpack32 %f0,%f2,%f0 + .end +! +! float vis_fpackfix(double /*frs2*/); +! + .inline vis_fpackfix,8 + fpackfix %f0,%f0 + .end +! +! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/); +! + .inline vis_fpackfix_pair,16 + fpackfix %f0,%f0 + fpackfix %f2,%f1 + .end + +!-------------------------------------------------------------------- +! Motion estimation +! +! double vis_pxldist64(double accum /*frd*/, double pxls1 /*frs1*/, +! double pxls2 /*frs2*/); +! + .inline vis_pxldist64,24 + pdist %f2,%f4,%f0 + .end + +!-------------------------------------------------------------------- +! Channel merging +! +! double vis_fpmerge(float /*frs1*/, float /*frs2*/); +! + .inline vis_fpmerge,8 + fpmerge %f1,%f3,%f0 + .end + +!-------------------------------------------------------------------- +! Pixel expansion +! +! double vis_fexpand(float /*frs2*/); +! + .inline vis_fexpand,4 + fexpand %f1,%f0 + .end + +! double vis_fexpand_hi(double /*frs2*/); +! + .inline vis_fexpand_hi,8 + fexpand %f0,%f0 + .end + +! double vis_fexpand_lo(double /*frs2*/); +! + .inline vis_fexpand_lo,8 + fexpand %f1,%f0 + .end + +!-------------------------------------------------------------------- +! Bitwise logical operations +! +! double vis_fnor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fnor,16 + fnor %f0,%f2,%f0 + .end +! +! float vis_fnors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fnors,8 + fnors %f1,%f3,%f0 + .end +! +! double vis_fandnot(double /*frs1*/, double /*frs2*/); +! + .inline vis_fandnot,16 + fandnot1 %f0,%f2,%f0 + .end +! +! float vis_fandnots(float /*frs1*/, float /*frs2*/); +! + .inline vis_fandnots,8 + fandnot1s %f1,%f3,%f0 + .end +! +! double vis_fnot(double /*frs1*/); +! + .inline vis_fnot,8 + fnot1 %f0,%f0 + .end +! +! float vis_fnots(float /*frs1*/); +! + .inline vis_fnots,4 + fnot1s %f1,%f0 + .end +! +! double vis_fxor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fxor,16 + fxor %f0,%f2,%f0 + .end +! +! float vis_fxors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fxors,8 + fxors %f1,%f3,%f0 + .end +! +! double vis_fnand(double /*frs1*/, double /*frs2*/); +! + .inline vis_fnand,16 + fnand %f0,%f2,%f0 + .end +! +! float vis_fnands(float /*frs1*/, float /*frs2*/); +! + .inline vis_fnands,8 + fnands %f1,%f3,%f0 + .end +! +! double vis_fand(double /*frs1*/, double /*frs2*/); +! + .inline vis_fand,16 + fand %f0,%f2,%f0 + .end +! +! float vis_fands(float /*frs1*/, float /*frs2*/); +! + .inline vis_fands,8 + fands %f1,%f3,%f0 + .end +! +! double vis_fxnor(double /*frs1*/, double /*frs2*/); +! + .inline vis_fxnor,16 + fxnor %f0,%f2,%f0 + .end +! +! float vis_fxnors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fxnors,8 + fxnors %f1,%f3,%f0 + .end +! +! double vis_fsrc(double /*frs1*/); +! + .inline vis_fsrc,8 + fsrc1 %f0,%f0 + .end +! +! float vis_fsrcs(float /*frs1*/); +! + .inline vis_fsrcs,4 + fsrc1s %f1,%f0 + .end +! +! double vis_fornot(double /*frs1*/, double /*frs2*/); +! + .inline vis_fornot,16 + fornot1 %f0,%f2,%f0 + .end +! +! float vis_fornots(float /*frs1*/, float /*frs2*/); +! + .inline vis_fornots,8 + fornot1s %f1,%f3,%f0 + .end +! +! double vis_for(double /*frs1*/, double /*frs2*/); +! + .inline vis_for,16 + for %f0,%f2,%f0 + .end +! +! float vis_fors(float /*frs1*/, float /*frs2*/); +! + .inline vis_fors,8 + fors %f1,%f3,%f0 + .end +! +! double vis_fzero(/* void */) +! + .inline vis_fzero,0 + fzero %f0 + .end +! +! float vis_fzeros(/* void */) +! + .inline vis_fzeros,0 + fzeros %f0 + .end +! +! double vis_fone(/* void */) +! + .inline vis_fone,0 + fone %f0 + .end +! +! float vis_fones(/* void */) +! + .inline vis_fones,0 + fones %f0 + .end + +!-------------------------------------------------------------------- +! Partial store instructions +! +! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8P,20 + stda %f0,[%o1]%o2,0xc0 ! ASI_PST8_P + .end +! +! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8PL,20 + stda %f0,[%o1]%o2,0xc8 ! ASI_PST8_PL + .end +! +! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask); +! + .inline vis_stdfa_ASI_PST8P_int_pair,28 + ld [%o0],%f4 + ld [%o1],%f5 + stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P + .end +! +! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST8S,20 + stda %f0,[%o1]%o2,0xc1 ! ASI_PST8_S + .end +! +! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST16P,20 + stda %f0,[%o1]%o2,0xc2 ! ASI_PST16_P + .end +! +! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST16S,20 + stda %f0,[%o1]%o2,0xc3 ! ASI_PST16_S + .end +! +! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST32P,20 + stda %f0,[%o1]%o2,0xc4 ! ASI_PST32_P + .end +! +! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask) +! + .inline vis_stdfa_ASI_PST32S,20 + stda %f0,[%o1]%o2,0xc5 ! ASI_PST32_S + .end + +!-------------------------------------------------------------------- +! Short store instructions +! +! vis_stdfa_ASI_FL8P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8P,16 + stda %f0,[%o1]0xd0 ! ASI_FL8_P + .end +! +! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index) +! + .inline vis_stdfa_ASI_FL8P_index,24 + stda %f0,[%o1+%o2]0xd0 ! ASI_FL8_P + .end +! +! vis_stdfa_ASI_FL8S(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8S,16 + stda %f0,[%o1]0xd1 ! ASI_FL8_S + .end +! +! vis_stdfa_ASI_FL16P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16P,16 + stda %f0,[%o1]0xd2 ! ASI_FL16_P + .end +! +! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index) +! + .inline vis_stdfa_ASI_FL16P_index,24 + stda %f0,[%o1+%o2]0xd2 ! ASI_FL16_P + .end +! +! vis_stdfa_ASI_FL16S(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16S,16 + stda %f0,[%o1]0xd3 ! ASI_FL16_S + .end +! +! vis_stdfa_ASI_FL8PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8PL,16 + stda %f0,[%o1]0xd8 ! ASI_FL8_PL + .end +! +! vis_stdfa_ASI_FL8SL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL8SL,16 + stda %f0,[%o1]0xd9 ! ASI_FL8_SL + .end +! +! vis_stdfa_ASI_FL16PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16PL,16 + stda %f0,[%o1]0xda ! ASI_FL16_PL + .end +! +! vis_stdfa_ASI_FL16SL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_FL16SL,16 + stda %f0,[%o1]0xdb ! ASI_FL16_SL + .end + +!-------------------------------------------------------------------- +! Short load instructions +! +! double vis_lddfa_ASI_FL8P(void *rs1) +! + .inline vis_lddfa_ASI_FL8P,8 + ldda [%o0]0xd0,%f4 ! ASI_FL8_P + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_FL8P_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL8P_index,16 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index) +! + .inline vis_lddfa_ASI_FL8P_hi,12 + sra %o1,16,%o1 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index) +! + .inline vis_lddfa_ASI_FL8P_lo,12 + sll %o1,16,%o1 + sra %o1,16,%o1 + ldda [%o0+%o1]0xd0,%f4 + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8S(void *rs1) +! + .inline vis_lddfa_ASI_FL8S,8 + ldda [%o0]0xd1,%f4 ! ASI_FL8_S + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16P(void *rs1) +! + .inline vis_lddfa_ASI_FL16P,8 + ldda [%o0]0xd2,%f4 ! ASI_FL16_P + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16P_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL16P_index,16 + ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16S(void *rs1) +! + .inline vis_lddfa_ASI_FL16S,8 + ldda [%o0]0xd3,%f4 ! ASI_FL16_S + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8PL(void *rs1) +! + .inline vis_lddfa_ASI_FL8PL,8 + ldda [%o0]0xd8,%f4 ! ASI_FL8_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL8PL_index,16 + ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL8SL(void *rs1) +! + .inline vis_lddfa_ASI_FL8SL,8 + ldda [%o0]0xd9,%f4 ! ASI_FL8_SL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16PL(void *rs1) +! + .inline vis_lddfa_ASI_FL16PL,8 + ldda [%o0]0xda,%f4 ! ASI_FL16_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index) +! + .inline vis_lddfa_ASI_FL16PL_index,16 + ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL + fmovd %f4,%f0 + .end +! +! double vis_lddfa_ASI_FL16SL(void *rs1) +! + .inline vis_lddfa_ASI_FL16SL,8 + ldda [%o0]0xdb,%f4 ! ASI_FL16_SL + fmovd %f4,%f0 + .end + +!-------------------------------------------------------------------- +! Graphics status register +! +! unsigned int vis_read_gsr(void) +! + .inline vis_read_gsr,0 + rd %gsr,%o0 + .end +! +! void vis_write_gsr(unsigned int /* GSR */) +! + .inline vis_write_gsr,4 + wr %g0,%o0,%gsr + .end + +!-------------------------------------------------------------------- +! Voxel texture mapping +! +! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/) +! + .inline vis_array8,12 + array8 %o0,%o1,%o0 + .end +! +! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/) +! + .inline vis_array16,12 + array16 %o0,%o1,%o0 + .end +! +! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/) +! + .inline vis_array32,12 + array32 %o0,%o1,%o0 + .end + +!-------------------------------------------------------------------- +! Register aliasing and type casts +! +! float vis_read_hi(double /* frs1 */); +! + .inline vis_read_hi,8 + fmovs %f0,%f0 + .end +! +! float vis_read_lo(double /* frs1 */); +! + .inline vis_read_lo,8 + fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0; + .end +! +! double vis_write_hi(double /* frs1 */, float /* frs2 */); +! + .inline vis_write_hi,12 + fmovs %f3,%f0 ! %f3 = float frs2; return %f0:f1; + .end +! +! double vis_write_lo(double /* frs1 */, float /* frs2 */); +! + .inline vis_write_lo,12 + fmovs %f3,%f1 ! %f3 = float frs2; return %f0:f1; + .end +! +! double vis_freg_pair(float /* frs1 */, float /* frs2 */); +! + .inline vis_freg_pair,8 + fmovs %f1,%f0 ! %f1 = float frs1; put in hi; + fmovs %f3,%f1 ! %f3 = float frs2; put in lo; return %f0:f1; + .end +! +! float vis_to_float(unsigned int /*value*/); +! + .inline vis_to_float,4 + st %o0,[%sp+2183] + ld [%sp+2183],%f0 + .end +! +! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/); +! + .inline vis_to_double,8 + st %o0,[%sp+2183] + ld [%sp+2183],%f0 + st %o1,[%sp+2183] + ld [%sp+2183],%f1 + .end +! +! double vis_to_double_dup(unsigned int /*value*/); +! + .inline vis_to_double_dup,4 + st %o0,[%sp+2183] + ld [%sp+2183],%f1 + fmovs %f1,%f0 ! duplicate value + .end +! +! double vis_ll_to_double(unsigned long long /*value*/); +! + .inline vis_ll_to_double,8 + stx %o0,[%sp+2183] + ldd [%sp+2183],%f0 + .end + +!-------------------------------------------------------------------- +! Address space identifier (ASI) register +! +! unsigned int vis_read_asi(void) +! + .inline vis_read_asi,0 + rd %asi,%o0 + .end +! +! void vis_write_asi(unsigned int /* ASI */) +! + .inline vis_write_asi,4 + wr %g0,%o0,%asi + .end + +!-------------------------------------------------------------------- +! Load/store from/into alternate space +! +! float vis_ldfa_ASI_REG(void *rs1) +! + .inline vis_ldfa_ASI_REG,8 + lda [%o0+0]%asi,%f4 + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! float vis_ldfa_ASI_P(void *rs1) +! + .inline vis_ldfa_ASI_P,8 + lda [%o0]0x80,%f4 ! ASI_P + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! float vis_ldfa_ASI_PL(void *rs1) +! + .inline vis_ldfa_ASI_PL,8 + lda [%o0]0x88,%f4 ! ASI_PL + fmovs %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_REG(void *rs1) +! + .inline vis_lddfa_ASI_REG,8 + ldda [%o0+0]%asi,%f4 + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_P(void *rs1) +! + .inline vis_lddfa_ASI_P,8 + ldda [%o0]0x80,%f4 ! ASI_P + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! double vis_lddfa_ASI_PL(void *rs1) +! + .inline vis_lddfa_ASI_PL,8 + ldda [%o0]0x88,%f4 ! ASI_PL + fmovd %f4,%f0 ! Compiler can clean this up + .end +! +! vis_stfa_ASI_REG(float frs, void *rs1) +! + .inline vis_stfa_ASI_REG,12 + sta %f1,[%o1+0]%asi + .end +! +! vis_stfa_ASI_P(float frs, void *rs1) +! + .inline vis_stfa_ASI_P,12 + sta %f1,[%o1]0x80 ! ASI_P + .end +! +! vis_stfa_ASI_PL(float frs, void *rs1) +! + .inline vis_stfa_ASI_PL,12 + sta %f1,[%o1]0x88 ! ASI_PL + .end +! +! vis_stdfa_ASI_REG(double frd, void *rs1) +! + .inline vis_stdfa_ASI_REG,16 + stda %f0,[%o1+0]%asi + .end +! +! vis_stdfa_ASI_P(double frd, void *rs1) +! + .inline vis_stdfa_ASI_P,16 + stda %f0,[%o1]0x80 ! ASI_P + .end +! +! vis_stdfa_ASI_PL(double frd, void *rs1) +! + .inline vis_stdfa_ASI_PL,16 + stda %f0,[%o1]0x88 ! ASI_PL + .end +! +! unsigned short vis_lduha_ASI_REG(void *rs1) +! + .inline vis_lduha_ASI_REG,8 + lduha [%o0+0]%asi,%o0 + .end +! +! unsigned short vis_lduha_ASI_P(void *rs1) +! + .inline vis_lduha_ASI_P,8 + lduha [%o0]0x80,%o0 ! ASI_P + .end +! +! unsigned short vis_lduha_ASI_PL(void *rs1) +! + .inline vis_lduha_ASI_PL,8 + lduha [%o0]0x88,%o0 ! ASI_PL + .end +! +! unsigned short vis_lduha_ASI_P_index(void *rs1, long index) +! + .inline vis_lduha_ASI_P_index,16 + lduha [%o0+%o1]0x80,%o0 ! ASI_P + .end +! +! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index) +! + .inline vis_lduha_ASI_PL_index,16 + lduha [%o0+%o1]0x88,%o0 ! ASI_PL + .end + +!-------------------------------------------------------------------- +! Prefetch +! +! void vis_prefetch_read(void * /*address*/); +! + .inline vis_prefetch_read,8 + prefetch [%o0+0],0 + .end +! +! void vis_prefetch_write(void * /*address*/); +! + .inline vis_prefetch_write,8 + prefetch [%o0+0],2 + .end diff --git a/security/nss/lib/freebl/mpi/vis_proto.h b/security/nss/lib/freebl/mpi/vis_proto.h new file mode 100644 index 000000000..44192ad53 --- /dev/null +++ b/security/nss/lib/freebl/mpi/vis_proto.h @@ -0,0 +1,263 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is prototypes for vis.il (vis_proto.h 1.3) + * + * The Initial Developer of the Original Code is Sun Microsystems Inc. + * Portions created by Sun Microsystems Inc. are + * Copyright (C) 1995, 1997 Sun Microsystems Inc. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ + +/* + * Prototypes for the inline templates in vis.il + */ + +#ifndef VIS_PROTO_H +#define VIS_PROTO_H + +#pragma ident "@(#)vis_proto.h 1.3 97/03/30 SMI" + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +/* Pure edge handling instructions */ +int vis_edge8(void * /*frs1*/, void * /*frs2*/); +int vis_edge8l(void * /*frs1*/, void * /*frs2*/); +int vis_edge16(void * /*frs1*/, void * /*frs2*/); +int vis_edge16l(void * /*frs1*/, void * /*frs2*/); +int vis_edge32(void * /*frs1*/, void * /*frs2*/); +int vis_edge32l(void * /*frs1*/, void * /*frs2*/); + +/* Edge handling instructions with negative return values if cc set. */ +int vis_edge8cc(void * /*frs1*/, void * /*frs2*/); +int vis_edge8lcc(void * /*frs1*/, void * /*frs2*/); +int vis_edge16cc(void * /*frs1*/, void * /*frs2*/); +int vis_edge16lcc(void * /*frs1*/, void * /*frs2*/); +int vis_edge32cc(void * /*frs1*/, void * /*frs2*/); +int vis_edge32lcc(void * /*frs1*/, void * /*frs2*/); + +/* Alignment instructions. */ +void *vis_alignaddr(void * /*rs1*/, int /*rs2*/); +void *vis_alignaddrl(void * /*rs1*/, int /*rs2*/); +double vis_faligndata(double /*frs1*/, double /*frs2*/); + +/* Partitioned comparison instructions. */ +int vis_fcmple16(double /*frs1*/, double /*frs2*/); +int vis_fcmpne16(double /*frs1*/, double /*frs2*/); +int vis_fcmple32(double /*frs1*/, double /*frs2*/); +int vis_fcmpne32(double /*frs1*/, double /*frs2*/); +int vis_fcmpgt16(double /*frs1*/, double /*frs2*/); +int vis_fcmpeq16(double /*frs1*/, double /*frs2*/); +int vis_fcmpgt32(double /*frs1*/, double /*frs2*/); +int vis_fcmpeq32(double /*frs1*/, double /*frs2*/); + +/* Partitioned multiplication. */ +#if 0 +double vis_fmul8x16(float /*frs1*/, double /*frs2*/); +#endif +double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/); +double vis_fmul8x16au(float /*frs1*/, float /*frs2*/); +double vis_fmul8x16al(float /*frs1*/, float /*frs2*/); +double vis_fmul8sux16(double /*frs1*/, double /*frs2*/); +double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/); +double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/); +double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/); + +/* Partitioned addition & subtraction. */ +double vis_fpadd16(double /*frs1*/, double /*frs2*/); +float vis_fpadd16s(float /*frs1*/, float /*frs2*/); +double vis_fpadd32(double /*frs1*/, double /*frs2*/); +float vis_fpadd32s(float /*frs1*/, float /*frs2*/); +double vis_fpsub16(double /*frs1*/, double /*frs2*/); +float vis_fpsub16s(float /*frs1*/, float /*frs2*/); +double vis_fpsub32(double /*frs1*/, double /*frs2*/); +float vis_fpsub32s(float /*frs1*/, float /*frs2*/); + +/* Pixel packing & clamping. */ +float vis_fpack16(double /*frs2*/); +double vis_fpack32(double /*frs1*/, double /*frs2*/); +float vis_fpackfix(double /*frs2*/); + +/* Combined pack ops. */ +double vis_fpack16_pair(double /*frs2*/, double /*frs2*/); +double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/); +void vis_st2_fpack16(double, double, double *); +void vis_std_fpack16(double, double, double *); +void vis_st2_fpackfix(double, double, double *); + +double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/); +double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/); + +/* Motion estimation. */ +double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/); + +/* Channel merging. */ +double vis_fpmerge(float /*frs1*/, float /*frs2*/); + +/* Pixel expansion. */ +double vis_fexpand(float /*frs2*/); +double vis_fexpand_hi(double /*frs2*/); +double vis_fexpand_lo(double /*frs2*/); + +/* Bitwise logical operators. */ +double vis_fnor(double /*frs1*/, double /*frs2*/); +float vis_fnors(float /*frs1*/, float /*frs2*/); +double vis_fandnot(double /*frs1*/, double /*frs2*/); +float vis_fandnots(float /*frs1*/, float /*frs2*/); +double vis_fnot(double /*frs1*/); +float vis_fnots(float /*frs1*/); +double vis_fxor(double /*frs1*/, double /*frs2*/); +float vis_fxors(float /*frs1*/, float /*frs2*/); +double vis_fnand(double /*frs1*/, double /*frs2*/); +float vis_fnands(float /*frs1*/, float /*frs2*/); +double vis_fand(double /*frs1*/, double /*frs2*/); +float vis_fands(float /*frs1*/, float /*frs2*/); +double vis_fxnor(double /*frs1*/, double /*frs2*/); +float vis_fxnors(float /*frs1*/, float /*frs2*/); +double vis_fsrc(double /*frs1*/); +float vis_fsrcs(float /*frs1*/); +double vis_fornot(double /*frs1*/, double /*frs2*/); +float vis_fornots(float /*frs1*/, float /*frs2*/); +double vis_for(double /*frs1*/, double /*frs2*/); +float vis_fors(float /*frs1*/, float /*frs2*/); +double vis_fzero(void); +float vis_fzeros(void); +double vis_fone(void); +float vis_fones(void); + +/* Partial stores. */ +void vis_stdfa_ASI_PST8P(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST8PL(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST8P_int_pair(void * /*rs1*/, void * /*rs2*/, + void * /*rs3*/, int /*rmask*/); +void vis_stdfa_ASI_PST8S(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST16P(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST16S(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST32P(double /*frd*/, void * /*rs1*/, int /*rmask*/); +void vis_stdfa_ASI_PST32S(double /*frd*/, void * /*rs1*/, int /*rmask*/); + +/* Byte & short stores. */ +void vis_stdfa_ASI_FL8P(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL8P_index(double /*frd*/, void * /*rs1*/, long /*index*/); +void vis_stdfa_ASI_FL8S(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL16P(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL16P_index(double /*frd*/, void * /*rs1*/, long /*index*/); +void vis_stdfa_ASI_FL16S(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL8PL(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL8SL(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL16PL(double /*frd*/, void * /*rs1*/); +void vis_stdfa_ASI_FL16SL(double /*frd*/, void * /*rs1*/); + +/* Byte & short loads. */ +double vis_lddfa_ASI_FL8P(void * /*rs1*/); +double vis_lddfa_ASI_FL8P_index(void * /*rs1*/, long /*index*/); +double vis_lddfa_ASI_FL8P_hi(void * /*rs1*/, unsigned int /*index*/); +double vis_lddfa_ASI_FL8P_lo(void * /*rs1*/, unsigned int /*index*/); +double vis_lddfa_ASI_FL8S(void * /*rs1*/); +double vis_lddfa_ASI_FL16P(void * /*rs1*/); +double vis_lddfa_ASI_FL16P_index(void * /*rs1*/, long /*index*/); +double vis_lddfa_ASI_FL16S(void * /*rs1*/); +double vis_lddfa_ASI_FL8PL(void * /*rs1*/); +double vis_lddfa_ASI_FL8SL(void * /*rs1*/); +double vis_lddfa_ASI_FL16PL(void * /*rs1*/); +double vis_lddfa_ASI_FL16SL(void * /*rs1*/); + +/* Direct write to GSR, read from GSR */ +void vis_write_gsr(unsigned int /*GSR*/); +unsigned int vis_read_gsr(void); + +/* Voxel texture mapping. */ +#if !defined(_NO_LONGLONG) +unsigned long vis_array8(unsigned long long /*rs1*/, int /*rs2*/); +unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/); +unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/); +#endif /* !defined(_NO_LONGLONG) */ + +/* Register aliasing and type casts. */ +float vis_read_hi(double /*frs1*/); +float vis_read_lo(double /*frs1*/); +double vis_write_hi(double /*frs1*/, float /*frs2*/); +double vis_write_lo(double /*frs1*/, float /*frs2*/); +double vis_freg_pair(float /*frs1*/, float /*frs2*/); +float vis_to_float(unsigned int /*value*/); +double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/); +double vis_to_double_dup(unsigned int /*value*/); +#if !defined(_NO_LONGLONG) +double vis_ll_to_double(unsigned long long /*value*/); +#endif /* !defined(_NO_LONGLONG) */ + +/* Miscellany (no inlines) */ +void vis_error(char * /*fmt*/, int /*a0*/); +void vis_sim_init(void); + +/* For better performance */ +#define vis_fmul8x16(farg,darg) vis_fmul8x16_dummy((farg),0,(darg)) + +/* Nicknames for explicit ASI loads and stores. */ +#define vis_st_u8 vis_stdfa_ASI_FL8P +#define vis_st_u8_i vis_stdfa_ASI_FL8P_index +#define vis_st_u8_le vis_stdfa_ASI_FL8PL +#define vis_st_u16 vis_stdfa_ASI_FL16P +#define vis_st_u16_i vis_stdfa_ASI_FL16P_index +#define vis_st_u16_le vis_stdfa_ASI_FL16PL + +#define vis_ld_u8 vis_lddfa_ASI_FL8P +#define vis_ld_u8_i vis_lddfa_ASI_FL8P_index +#define vis_ld_u8_le vis_lddfa_ASI_FL8PL +#define vis_ld_u16 vis_lddfa_ASI_FL16P +#define vis_ld_u16_i vis_lddfa_ASI_FL16P_index +#define vis_ld_u16_le vis_lddfa_ASI_FL16PL + +#define vis_pst_8 vis_stdfa_ASI_PST8P +#define vis_pst_16 vis_stdfa_ASI_PST16P +#define vis_pst_32 vis_stdfa_ASI_PST32P + +#define vis_st_u8s vis_stdfa_ASI_FL8S +#define vis_st_u8s_le vis_stdfa_ASI_FL8SL +#define vis_st_u16s vis_stdfa_ASI_FL16S +#define vis_st_u16s_le vis_stdfa_ASI_FL16SL + +#define vis_ld_u8s vis_lddfa_ASI_FL8S +#define vis_ld_u8s_le vis_lddfa_ASI_FL8SL +#define vis_ld_u16s vis_lddfa_ASI_FL16S +#define vis_ld_u16s_le vis_lddfa_ASI_FL16SL + +#define vis_pst_8s vis_stdfa_ASI_PST8S +#define vis_pst_16s vis_stdfa_ASI_PST16S +#define vis_pst_32s vis_stdfa_ASI_PST32S + +/* "<" and ">=" may be implemented in terms of ">" and "<=". */ +#define vis_fcmplt16(a,b) vis_fcmpgt16((b),(a)) +#define vis_fcmplt32(a,b) vis_fcmpgt32((b),(a)) +#define vis_fcmpge16(a,b) vis_fcmple16((b),(a)) +#define vis_fcmpge32(a,b) vis_fcmple32((b),(a)) + +#ifdef __cplusplus +} // End of extern "C" +#endif /* __cplusplus */ + +#endif /* VIS_PROTO_H */ diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c new file mode 100644 index 000000000..7eede8883 --- /dev/null +++ b/security/nss/lib/freebl/os2_rand.c @@ -0,0 +1,329 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#define INCL_DOS +#define INCL_DOSERRORS +#include <os2.h> +#include <secrng.h> +#include <stdlib.h> +#include <time.h> +#include <stdio.h> +#include <sys/stat.h> + +static BOOL clockTickTime(unsigned long *phigh, unsigned long *plow) +{ + APIRET rc = NO_ERROR; + QWORD qword = {0,0}; + + rc = DosTmrQueryTime(&qword); + if (rc != NO_ERROR) + return FALSE; + + *phigh = qword.ulHi; + *plow = qword.ulLo; + + return TRUE; +} + +size_t RNG_GetNoise(void *buf, size_t maxbuf) +{ + unsigned long high = 0; + unsigned long low = 0; + clock_t val = 0; + int n = 0; + int nBytes = 0; + time_t sTime; + + if (maxbuf <= 0) + return 0; + + clockTickTime(&high, &low); + + /* get the maximally changing bits first */ + nBytes = sizeof(low) > maxbuf ? maxbuf : sizeof(low); + memcpy(buf, &low, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + nBytes = sizeof(high) > maxbuf ? maxbuf : sizeof(high); + memcpy(((char *)buf) + n, &high, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + /* get the number of milliseconds that have elapsed since application started */ + val = clock(); + + nBytes = sizeof(val) > maxbuf ? maxbuf : sizeof(val); + memcpy(((char *)buf) + n, &val, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + /* get the time in seconds since midnight Jan 1, 1970 */ + time(&sTime); + nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime); + memcpy(((char *)buf) + n, &sTime, nBytes); + n += nBytes; + + return n; +} + +static BOOL +EnumSystemFiles(void (*func)(const char *)) +{ + APIRET rc; + ULONG sysInfo = 0; + char bootLetter[2]; + char sysDir[_MAX_PATH] = ""; + char filename[_MAX_PATH]; + HDIR hdir = HDIR_CREATE; + ULONG numFiles = 1; + FILEFINDBUF3 fileBuf = {0}; + ULONG buflen = sizeof(FILEFINDBUF3); + + if (DosQuerySysInfo(QSV_BOOT_DRIVE, QSV_BOOT_DRIVE, (PVOID)&sysInfo, + sizeof(ULONG)) == NO_ERROR) + { + bootLetter[0] = sysInfo + 'A' -1; + strcpy(sysDir, bootLetter); + strcpy(sysDir+1, ":\\OS2\\"); + + strcpy( filename, sysDir ); + strcat( filename, "*.*" ); + } + + rc =DosFindFirst( filename, &hdir, FILE_NORMAL, &fileBuf, buflen, + &numFiles, FIL_STANDARD ); + if( rc == NO_ERROR ) + { + do { + // pass the full pathname to the callback + sprintf( filename, "%s\\%s", sysDir, fileBuf.achName ); + (*func)(filename); + + numFiles = 1; + rc = DosFindNext( hdir, &fileBuf, buflen, &numFiles ); + if( rc != NO_ERROR && rc != ERROR_NO_MORE_FILES ) + printf( "DosFindNext errod code = %d\n", rc ); + } while ( rc == NO_ERROR ); + + rc = DosFindClose(hdir); + if( rc != NO_ERROR ) + printf( "DosFindClose error code = %d", rc ); + } + else + printf( "DosFindFirst error code = %d", rc ); + + return TRUE; +} + +static int dwNumFiles, dwReadEvery; + +static void +CountFiles(const char *file) +{ + dwNumFiles++; +} + +static void +ReadFiles(const char *file) +{ + if ((dwNumFiles % dwReadEvery) == 0) + RNG_FileForRNG(file); + + dwNumFiles++; +} + +static void +ReadSystemFiles() +{ + // first count the number of files + dwNumFiles = 0; + if (!EnumSystemFiles(CountFiles)) + return; + + RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles)); + + // now read 10 files + if (dwNumFiles == 0) + return; + + dwReadEvery = dwNumFiles / 10; + if (dwReadEvery == 0) + dwReadEvery = 1; // less than 10 files + + dwNumFiles = 0; + EnumSystemFiles(ReadFiles); +} + +void RNG_SystemInfoForRNG(void) +{ + unsigned long *plong = 0; + PTIB ptib; + PPIB ppib; + APIRET rc = NO_ERROR; + DATETIME dt; + COUNTRYCODE cc = {0}; + COUNTRYINFO ci = {0}; + unsigned long actual = 0; + char path[_MAX_PATH]=""; + char fullpath[_MAX_PATH]=""; + unsigned long pathlength = sizeof(path); + FSALLOCATE fsallocate; + FILESTATUS3 fstatus; + unsigned long defaultdrive = 0; + unsigned long logicaldrives = 0; + unsigned long sysInfo[QSV_MAX] = {0}; + char buffer[20]; + int nBytes = 0; + + nBytes = RNG_GetNoise(buffer, sizeof(buffer)); + RNG_RandomUpdate(buffer, nBytes); + + /* allocate memory and use address and memory */ + plong = (unsigned long *)malloc(sizeof(*plong)); + RNG_RandomUpdate(&plong, sizeof(plong)); + RNG_RandomUpdate(plong, sizeof(*plong)); + free(plong); + + /* process info */ + rc = DosGetInfoBlocks(&ptib, &ppib); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(ptib, sizeof(*ptib)); + RNG_RandomUpdate(ppib, sizeof(*ppib)); + } + + /* time */ + rc = DosGetDateTime(&dt); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&dt, sizeof(dt)); + } + + /* country */ + rc = DosQueryCtryInfo(sizeof(ci), &cc, &ci, &actual); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&cc, sizeof(cc)); + RNG_RandomUpdate(&ci, sizeof(ci)); + RNG_RandomUpdate(&actual, sizeof(actual)); + } + + /* current directory */ + rc = DosQueryCurrentDir(0, path, &pathlength); + strcat(fullpath, "\\"); + strcat(fullpath, path); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(fullpath, strlen(fullpath)); + // path info + rc = DosQueryPathInfo(fullpath, FIL_STANDARD, &fstatus, sizeof(fstatus)); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&fstatus, sizeof(fstatus)); + } + } + + /* file system info */ + rc = DosQueryFSInfo(0, FSIL_ALLOC, &fsallocate, sizeof(fsallocate)); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&fsallocate, sizeof(fsallocate)); + } + + /* drive info */ + rc = DosQueryCurrentDisk(&defaultdrive, &logicaldrives); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&defaultdrive, sizeof(defaultdrive)); + RNG_RandomUpdate(&logicaldrives, sizeof(logicaldrives)); + } + + /* system info */ + rc = DosQuerySysInfo(1L, QSV_MAX, (PVOID)&sysInfo, sizeof(ULONG)*QSV_MAX); + if (rc == NO_ERROR) + { + RNG_RandomUpdate(&sysInfo, sizeof(sysInfo)); + } + + // now let's do some files + ReadSystemFiles(); + + /* more noise */ + nBytes = RNG_GetNoise(buffer, sizeof(buffer)); + RNG_RandomUpdate(buffer, nBytes); +} + +void RNG_FileForRNG(const char *filename) +{ + struct stat stat_buf; + unsigned char buffer[1024]; + FILE *file = 0; + int nBytes = 0; + static int totalFileBytes = 0; + + if (stat((char *)filename, &stat_buf) < 0) + return; + + RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf)); + + file = fopen((char *)filename, "r"); + if (file != NULL) + { + for (;;) + { + size_t bytes = fread(buffer, 1, sizeof(buffer), file); + + if (bytes == 0) + break; + + RNG_RandomUpdate(buffer, bytes); + totalFileBytes += bytes; + if (totalFileBytes > 250000) + break; + } + fclose(file); + } + + nBytes = RNG_GetNoise(buffer, 20); + RNG_RandomUpdate(buffer, nBytes); +} diff --git a/security/nss/lib/freebl/pqg.c b/security/nss/lib/freebl/pqg.c new file mode 100644 index 000000000..dca53e93d --- /dev/null +++ b/security/nss/lib/freebl/pqg.c @@ -0,0 +1,667 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +/* + * PQG parameter generation/verification. Based on FIPS 186-1. + * + * $Id$ + */ + +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" +#include "blapi.h" +#include "secitem.h" +#include "mpi.h" +#include "mpprime.h" +#include "mplogic.h" +#include "secmpi.h" + +#define MAX_ITERATIONS 600 /* Maximum number of iterations of primegen */ +#define PQG_Q_PRIMALITY_TESTS 18 /* from HAC table 4.4 */ +#define PQG_P_PRIMALITY_TESTS 5 /* from HAC table 4.4 */ + + /* XXX to be replaced by define in blapit.h */ +#define BITS_IN_Q 160 + +/* For FIPS-compliance testing. +** The following array holds the seed defined in FIPS 186-1 appendix 5. +** This seed is used to generate P and Q according to appendix 2; use of +** this seed will exactly generate the PQG specified in appendix 2. +*/ +#ifdef FIPS_186_1_A5_TEST +static const unsigned char fips_186_1_a5_pqseed[] = { + 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, + 0xb6, 0x21, 0x1b, 0x40, 0x62, 0xba, 0x32, 0x24, + 0xe0, 0x42, 0x7d, 0xd3 +}; +#endif + +/* Get a seed for generating P and Q. If in testing mode, copy in the +** seed from FIPS 186-1 appendix 5. Otherwise, obtain bytes from the +** global random number generator. +*/ +static SECStatus +getPQseed(SECItem *seed) +{ + if (seed->data) { + PORT_Free(seed->data); + seed->data = NULL; + } + seed->data = (unsigned char*)PORT_ZAlloc(seed->len); + if (!seed->data) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return SECFailure; + } +#ifdef FIPS_186_1_A5_TEST + memcpy(seed->data, fips_186_1_a5_pqseed, seed->len); + return SECSuccess; +#else + return RNG_GenerateGlobalRandomBytes(seed->data, seed->len); +#endif +} + +/* Generate a candidate h value. If in testing mode, use the h value +** specified in FIPS 186-1 appendix 5, h = 2. Otherwise, obtain bytes +** from the global random number generator. +*/ +static SECStatus +generate_h_candidate(SECItem *hit, mp_int *H) +{ + SECStatus rv = SECSuccess; + mp_err err = MP_OKAY; +#ifdef FIPS_186_1_A5_TEST + memset(hit->data, 0, hit->len); + hit->data[hit->len-1] = 0x02; +#else + rv = RNG_GenerateGlobalRandomBytes(hit->data, hit->len); +#endif + if (rv) + return SECFailure; + err = mp_read_unsigned_octets(H, hit->data, hit->len); + if (err) { + MP_TO_SEC_ERROR(err); + return SECFailure; + } + return SECSuccess; +} + +/* Compute SHA[(SEED + addend) mod 2**g] +** Result is placed in shaOutBuf. +** This computation is used in steps 2 and 7 of FIPS 186 Appendix 2.2 . +*/ +static SECStatus +addToSeedThenSHA(const SECItem * seed, + unsigned long addend, + int g, + unsigned char * shaOutBuf) +{ + SECItem str = { 0, 0, 0 }; + mp_int s, sum, modulus, tmp; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&s) = 0; + MP_DIGITS(&sum) = 0; + MP_DIGITS(&modulus) = 0; + MP_DIGITS(&tmp) = 0; + CHECK_MPI_OK( mp_init(&s) ); + CHECK_MPI_OK( mp_init(&sum) ); + CHECK_MPI_OK( mp_init(&modulus) ); + SECITEM_TO_MPINT(*seed, &s); /* s = seed */ + /* seed += addend */ + if (addend < MP_DIGIT_MAX) { + CHECK_MPI_OK( mp_add_d(&s, (mp_digit)addend, &s) ); + } else { + CHECK_MPI_OK( mp_init(&tmp) ); + CHECK_MPI_OK( mp_set_ulong(&tmp, addend) ); + CHECK_MPI_OK( mp_add(&s, &tmp, &s) ); + } + CHECK_MPI_OK( mp_div_2d(&s, (mp_digit)g, NULL, &sum) );/*sum = s mod 2**g */ + MPINT_TO_SECITEM(&sum, &str, NULL); + rv = SHA1_HashBuf(shaOutBuf, str.data, str.len); /* SHA1 hash result */ +cleanup: + mp_clear(&s); + mp_clear(&sum); + mp_clear(&modulus); + mp_clear(&tmp); + if (str.data) + SECITEM_ZfreeItem(&str, PR_FALSE); + if (err) { + MP_TO_SEC_ERROR(err); + return SECFailure; + } + return rv; +} + +/* +** Perform steps 2 and 3 of FIPS 186, appendix 2.2. +** Generate Q from seed. +*/ +static SECStatus +makeQfromSeed( + unsigned int g, /* input. Length of seed in bits. */ +const SECItem * seed, /* input. */ + mp_int * Q) /* output. */ +{ + unsigned char sha1[SHA1_LENGTH]; + unsigned char sha2[SHA1_LENGTH]; + unsigned char U[SHA1_LENGTH]; + SECStatus rv = SECSuccess; + mp_err err = MP_OKAY; + int i; + /* ****************************************************************** + ** Step 2. + ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]." + **/ + CHECK_SEC_OK( SHA1_HashBuf(sha1, seed->data, seed->len) ); + CHECK_SEC_OK( addToSeedThenSHA(seed, 1, g, sha2) ); + for (i=0; i<SHA1_LENGTH; ++i) + U[i] = sha1[i] ^ sha2[i]; + /* ****************************************************************** + ** Step 3. + ** "Form Q from U by setting the most signficant bit (the 2**159 bit) + ** and the least signficant bit to 1. In terms of boolean operations, + ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160." + */ + U[0] |= 0x80; /* U is MSB first */ + U[SHA1_LENGTH-1] |= 0x01; + err = mp_read_unsigned_octets(Q, U, SHA1_LENGTH); +cleanup: + memset(U, 0, SHA1_LENGTH); + memset(sha1, 0, SHA1_LENGTH); + memset(sha2, 0, SHA1_LENGTH); + if (err) { + MP_TO_SEC_ERROR(err); + return SECFailure; + } + return rv; +} + +/* Perform steps 7, 8 and 9 of FIPS 186, appendix 2.2. +** Generate P from Q, seed, L, and offset. +*/ +static SECStatus +makePfromQandSeed( + unsigned int L, /* Length of P in bits. Per FIPS 186. */ + unsigned int offset, /* Per FIPS 186, appendix 2.2. */ + unsigned int g, /* input. Length of seed in bits. */ +const SECItem * seed, /* input. */ +const mp_int * Q, /* input. */ + mp_int * P) /* output. */ +{ + unsigned int k; /* Per FIPS 186, appendix 2.2. */ + unsigned int n; /* Per FIPS 186, appendix 2.2. */ + mp_digit b; /* Per FIPS 186, appendix 2.2. */ + unsigned char V_k[SHA1_LENGTH]; + mp_int W, X, c, twoQ, V_n, tmp; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + /* Initialize bignums */ + MP_DIGITS(&W) = 0; + MP_DIGITS(&X) = 0; + MP_DIGITS(&c) = 0; + MP_DIGITS(&twoQ) = 0; + MP_DIGITS(&V_n) = 0; + MP_DIGITS(&tmp) = 0; + CHECK_MPI_OK( mp_init(&W) ); + CHECK_MPI_OK( mp_init(&X) ); + CHECK_MPI_OK( mp_init(&c) ); + CHECK_MPI_OK( mp_init(&twoQ) ); + CHECK_MPI_OK( mp_init(&tmp) ); + CHECK_MPI_OK( mp_init(&V_n) ); + /* L - 1 = n*160 + b */ + n = (L - 1) / BITS_IN_Q; + b = (L - 1) % BITS_IN_Q; + /* ****************************************************************** + ** Step 7. + ** "for k = 0 ... n let + ** V_k = SHA[(SEED + offset + k) mod 2**g]." + ** + ** Step 8. + ** "Let W be the integer + ** W = V_0 + (V_1 * 2**160) + ... + (V_n-1 * 2**((n-1)*160)) + ** + ((V_n mod 2**b) * 2**(n*160)) + */ + for (k=0; k<n; ++k) { /* Do the first n terms of V_k */ + /* Do step 7 for iteration k. + ** V_k = SHA[(seed + offset + k) mod 2**g] + */ + CHECK_SEC_OK( addToSeedThenSHA(seed, offset + k, g, V_k) ); + /* Do step 8 for iteration k. + ** W += V_k * 2**(k*160) + */ + OCTETS_TO_MPINT(V_k, &tmp, SHA1_LENGTH); /* get bignum V_k */ + CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, k*160) ); /* tmp = V_k << k*160 */ + CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */ + } + /* Step 8, continued. + ** [W += ((V_n mod 2**b) * 2**(n*160))] + */ + CHECK_SEC_OK( addToSeedThenSHA(seed, offset + n, g, V_k) ); + OCTETS_TO_MPINT(V_k, &V_n, SHA1_LENGTH); /* get bignum V_n */ + CHECK_MPI_OK( mp_div_2d(&V_n, b, NULL, &tmp) ); /* tmp = V_n mod 2**b */ + CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, n*160) ); /* tmp = tmp << n*160 */ + CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */ + /* Step 8, continued. + ** "and let X = W + 2**(L-1). + ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L." + */ + CHECK_MPI_OK( mpl_set_bit(&X, (mp_size)(L-1), 1) ); /* X = 2**(L-1) */ + CHECK_MPI_OK( mp_add(&X, &W, &X) ); /* X += W */ + /************************************************************* + ** Step 9. + ** "Let c = X mod 2q and set p = X - (c - 1). + ** Note that p is congruent to 1 mod 2q." + */ + CHECK_MPI_OK( mp_mul_2(Q, &twoQ) ); /* 2q */ + CHECK_MPI_OK( mp_mod(&X, &twoQ, &c) ); /* c = X mod 2q */ + CHECK_MPI_OK( mp_sub_d(&c, 1, &c) ); /* c -= 1 */ + CHECK_MPI_OK( mp_sub(&X, &c, P) ); /* P = X - c */ +cleanup: + mp_clear(&W); + mp_clear(&X); + mp_clear(&c); + mp_clear(&twoQ); + mp_clear(&V_n); + mp_clear(&tmp); + if (err) { + MP_TO_SEC_ERROR(err); + return SECFailure; + } + return rv; +} + +/* +** Generate G from h, P, and Q. +*/ +static SECStatus +makeGfromH(const mp_int *P, /* input. */ + const mp_int *Q, /* input. */ + mp_int *H, /* input and output. */ + mp_int *G, /* output. */ + PRBool *passed) +{ + mp_int exp, pm1; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + *passed = PR_FALSE; + MP_DIGITS(&exp) = 0; + MP_DIGITS(&pm1) = 0; + CHECK_MPI_OK( mp_init(&exp) ); + CHECK_MPI_OK( mp_init(&pm1) ); + CHECK_MPI_OK( mp_sub_d(P, 1, &pm1) ); /* P - 1 */ + if ( mp_cmp(H, &pm1) > 0) /* H = H mod (P-1) */ + CHECK_MPI_OK( mp_sub(H, &pm1, H) ); + /* Let b = 2**n (smallest power of 2 greater than P). + ** Since P-1 >= b/2, and H < b, quotient(H/(P-1)) = 0 or 1 + ** so the above operation safely computes H mod (P-1) + */ + /* Check for H = to 0 or 1. Regen H if so. (Regen means return error). */ + if (mp_cmp_d(H, 1) <= 0) { + rv = SECFailure; + goto cleanup; + } + /* Compute G, according to the equation G = (H ** ((P-1)/Q)) mod P */ + CHECK_MPI_OK( mp_div(&pm1, Q, &exp, NULL) ); /* exp = (P-1)/Q */ + CHECK_MPI_OK( mp_exptmod(H, &exp, P, G) ); /* G = H ** exp mod P */ + /* Check for G == 0 or G == 1, return error if so. */ + if (mp_cmp_d(G, 1) <= 0) { + rv = SECFailure; + goto cleanup; + } + *passed = PR_TRUE; +cleanup: + mp_clear(&exp); + mp_clear(&pm1); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +SECStatus +PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy) +{ + unsigned int L; /* Length of P in bits. Per FIPS 186. */ + unsigned int seedBytes; + + if (j > 8 || !pParams || !pVfy) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + L = 512 + (j * 64); /* bits in P */ + seedBytes = L/8; + return PQG_ParamGenSeedLen(j, seedBytes, pParams, pVfy); +} + +/* This code uses labels and gotos, so that it can follow the numbered +** steps in the algorithms from FIPS 186 appendix 2.2 very closely, +** and so that the correctness of this code can be easily verified. +** So, please forgive the ugly c code. +**/ +SECStatus +PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes, + PQGParams **pParams, PQGVerify **pVfy) +{ + unsigned int L; /* Length of P in bits. Per FIPS 186. */ + unsigned int n; /* Per FIPS 186, appendix 2.2. */ + unsigned int b; /* Per FIPS 186, appendix 2.2. */ + unsigned int g; /* Per FIPS 186, appendix 2.2. */ + unsigned int counter; /* Per FIPS 186, appendix 2.2. */ + unsigned int offset; /* Per FIPS 186, appendix 2.2. */ + SECItem *seed; /* Per FIPS 186, appendix 2.2. */ + PRArenaPool *arena = NULL; + PQGParams *params = NULL; + PQGVerify *verify = NULL; + PRBool passed; + SECItem hit = { 0, 0, 0 }; + mp_int P, Q, G, H, l; + mp_err err = MP_OKAY; + SECStatus rv = SECFailure; + int iterations = 0; + if (j > 8 || !pParams || !pVfy) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* Initialize an arena for the params. */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return SECFailure; + } + params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams)); + if (!params) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + return SECFailure; + } + params->arena = arena; + /* Initialize an arena for the verify. */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(params->arena, PR_TRUE); + return SECFailure; + } + verify = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify)); + if (!verify) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + PORT_FreeArena(params->arena, PR_TRUE); + return SECFailure; + } + verify->arena = arena; + seed = &verify->seed; + arena = NULL; + /* Initialize bignums */ + MP_DIGITS(&P) = 0; + MP_DIGITS(&Q) = 0; + MP_DIGITS(&G) = 0; + MP_DIGITS(&H) = 0; + MP_DIGITS(&l) = 0; + CHECK_MPI_OK( mp_init(&P) ); + CHECK_MPI_OK( mp_init(&Q) ); + CHECK_MPI_OK( mp_init(&G) ); + CHECK_MPI_OK( mp_init(&H) ); + CHECK_MPI_OK( mp_init(&l) ); + /* Compute lengths. */ + L = 512 + (j * 64); /* bits in P */ + n = (L - 1) / BITS_IN_Q; /* BITS_IN_Q is 160 */ + b = (L - 1) % BITS_IN_Q; + g = seedBytes * BITS_PER_BYTE; /* bits in seed, NOT G of PQG. */ +step_1: + /* ****************************************************************** + ** Step 1. + ** "Choose an abitrary sequence of at least 160 bits and call it SEED. + ** Let g be the length of SEED in bits." + */ + if (++iterations > MAX_ITERATIONS) { /* give up after a while */ + PORT_SetError(SEC_ERROR_NEED_RANDOM); + goto cleanup; + } + seed->len = seedBytes; + CHECK_SEC_OK( getPQseed(seed) ); + /* ****************************************************************** + ** Step 2. + ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]." + ** + ** Step 3. + ** "Form Q from U by setting the most signficant bit (the 2**159 bit) + ** and the least signficant bit to 1. In terms of boolean operations, + ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160." + */ + CHECK_SEC_OK( makeQfromSeed(g, seed, &Q) ); + /* ****************************************************************** + ** Step 4. + ** "Use a robust primality testing algorithm to test whether q is prime." + ** + ** Appendix 2.1 states that a Rabin test with at least 50 iterations + ** "will give an acceptable probability of error." + */ + /*CHECK_SEC_OK( prm_RabinTest(&Q, &passed) );*/ + err = mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS); + passed = (err == MP_YES) ? SECSuccess : SECFailure; + /* ****************************************************************** + ** Step 5. "If q is not prime, goto step 1." + */ + if (passed != SECSuccess) + goto step_1; + /* ****************************************************************** + ** Step 6. "Let counter = 0 and offset = 2." + */ + counter = 0; + offset = 2; +step_7: + /* ****************************************************************** + ** Step 7. + ** "for k = 0 ... n let + ** V_k = SHA[(SEED + offset + k) mod 2**g]." + ** + ** Step 8. + ** "Let W be the sum of (V_k * 2**(k*160)) for k = 0 ... n + ** and let X = W + 2**(L-1). + ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L." + ** + ** Step 9. + ** "Let c = X mod 2q and set p = X - (c - 1). + ** Note that p is congruent to 1 mod 2q." + */ + CHECK_SEC_OK( makePfromQandSeed(L, offset, g, seed, &Q, &P) ); + /************************************************************* + ** Step 10. + ** "if p < 2**(L-1), then goto step 13." + */ + CHECK_MPI_OK( mpl_set_bit(&l, (mp_size)(L-1), 1) ); /* l = 2**(L-1) */ + if (mp_cmp(&P, &l) < 0) + goto step_13; + /************************************************************ + ** Step 11. + ** "Perform a robust primality test on p." + */ + /*CHECK_SEC_OK( prm_RabinTest(&P, &passed) );*/ + err = mpp_pprime(&P, PQG_P_PRIMALITY_TESTS); + passed = (err == MP_YES) ? SECSuccess : SECFailure; + /* ****************************************************************** + ** Step 12. "If p passes the test performed in step 11, go to step 15." + */ + if (passed == SECSuccess) + goto step_15; +step_13: + /* ****************************************************************** + ** Step 13. "Let counter = counter + 1 and offset = offset + n + 1." + */ + counter++; + offset += n + 1; + /* ****************************************************************** + ** Step 14. "If counter >= 4096 goto step 1, otherwise go to step 7." + */ + if (counter >= 4096) + goto step_1; + goto step_7; +step_15: + /* ****************************************************************** + ** Step 15. + ** "Save the value of SEED and the value of counter for use + ** in certifying the proper generation of p and q." + */ + /* Generate h. */ + SECITEM_AllocItem(NULL, &hit, seedBytes); /* h is no longer than p */ + if (!hit.data) goto cleanup; + do { + /* loop generate h until 1<h<p-1 and (h**[(p-1)/q])mod p > 1 */ + CHECK_SEC_OK( generate_h_candidate(&hit, &H) ); + CHECK_SEC_OK( makeGfromH(&P, &Q, &H, &G, &passed) ); + } while (passed != PR_TRUE); + /* All generation is done. Now, save the PQG params. */ + MPINT_TO_SECITEM(&P, ¶ms->prime, params->arena); + MPINT_TO_SECITEM(&Q, ¶ms->subPrime, params->arena); + MPINT_TO_SECITEM(&G, ¶ms->base, params->arena); + MPINT_TO_SECITEM(&H, &verify->h, verify->arena); + verify->counter = counter; + *pParams = params; + *pVfy = verify; +cleanup: + mp_clear(&P); + mp_clear(&Q); + mp_clear(&G); + mp_clear(&H); + mp_clear(&l); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + if (rv) { + PORT_FreeArena(params->arena, PR_TRUE); + PORT_FreeArena(verify->arena, PR_TRUE); + } + return rv; +} + +SECStatus +PQG_VerifyParams(const PQGParams *params, + const PQGVerify *vfy, SECStatus *result) +{ + SECStatus rv = SECSuccess; + int passed; + unsigned int g, n, L, offset; + mp_int P, Q, G, P_, Q_, G_, r, h; + mp_err err = MP_OKAY; + int j; +#define CHECKPARAM(cond) \ + if (!(cond)) { \ + *result = SECFailure; \ + goto cleanup; \ + } + if (!params || !vfy || !result) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + MP_DIGITS(&P) = 0; + MP_DIGITS(&Q) = 0; + MP_DIGITS(&G) = 0; + MP_DIGITS(&P_) = 0; + MP_DIGITS(&Q_) = 0; + MP_DIGITS(&G_) = 0; + MP_DIGITS(&r) = 0; + MP_DIGITS(&h) = 0; + CHECK_MPI_OK( mp_init(&P) ); + CHECK_MPI_OK( mp_init(&Q) ); + CHECK_MPI_OK( mp_init(&G) ); + CHECK_MPI_OK( mp_init(&P_) ); + CHECK_MPI_OK( mp_init(&Q_) ); + CHECK_MPI_OK( mp_init(&G_) ); + CHECK_MPI_OK( mp_init(&r) ); + CHECK_MPI_OK( mp_init(&h) ); + *result = SECSuccess; + SECITEM_TO_MPINT(params->prime, &P); + SECITEM_TO_MPINT(params->subPrime, &Q); + SECITEM_TO_MPINT(params->base, &G); + /* 1. Q is 160 bits long. */ + CHECKPARAM( mpl_significant_bits(&Q) == 160 ); + /* 2. P is one of the 9 valid lengths. */ + L = mpl_significant_bits(&P); + j = PQG_PBITS_TO_INDEX(L); + CHECKPARAM( j >= 0 && j <= 8 ); + /* 3. G < P */ + CHECKPARAM( mp_cmp(&G, &P) < 0 ); + /* 4. P % Q == 1 */ + CHECK_MPI_OK( mp_mod(&P, &Q, &r) ); + CHECKPARAM( mp_cmp_d(&r, 1) == 0 ); + /* 5. Q is prime */ + CHECKPARAM( mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS) == MP_YES ); + /* 6. P is prime */ + CHECKPARAM( mpp_pprime(&P, PQG_P_PRIMALITY_TESTS) == MP_YES ); + /* Steps 7-12 are done only if the optional PQGVerify is supplied. */ + if (!vfy) goto cleanup; + /* 7. counter < 4096 */ + CHECKPARAM( vfy->counter < 4096 ); + /* 8. g >= 160 and g < 2048 (g is length of seed in bits) */ + g = vfy->seed.len * 8; + CHECKPARAM( g >= 160 && g < 2048 ); + /* 9. Q generated from SEED matches Q in PQGParams. */ + CHECK_SEC_OK( makeQfromSeed(g, &vfy->seed, &Q_) ); + CHECKPARAM( mp_cmp(&Q, &Q_) == 0 ); + /* 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams. */ + n = (L - 1) / BITS_IN_Q; + offset = vfy->counter * (n + 1) + 2; + CHECK_SEC_OK( makePfromQandSeed(L, offset, g, &vfy->seed, &Q, &P_) ); + CHECKPARAM( mp_cmp(&P, &P_) == 0 ); + /* Next two are optional: if h == 0 ignore */ + if (vfy->h.len == 0) goto cleanup; + /* 11. 1 < h < P-1 */ + SECITEM_TO_MPINT(vfy->h, &h); + CHECK_MPI_OK( mpl_set_bit(&P, 0, 0) ); /* P is prime, p-1 == zero 1st bit */ + CHECKPARAM( mp_cmp_d(&h, 1) > 0 && mp_cmp(&h, &P) ); + CHECK_MPI_OK( mpl_set_bit(&P, 0, 1) ); /* set it back */ + /* 12. G generated from h matches G in PQGParams. */ + CHECK_SEC_OK( makeGfromH(&P, &Q, &h, &G_, &passed) ); + CHECKPARAM( passed && mp_cmp(&G, &G_) == 0 ); +cleanup: + mp_clear(&P); + mp_clear(&Q); + mp_clear(&G); + mp_clear(&P_); + mp_clear(&Q_); + mp_clear(&G_); + mp_clear(&r); + mp_clear(&h); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + + diff --git a/security/nss/lib/freebl/prng_fips1861.c b/security/nss/lib/freebl/prng_fips1861.c new file mode 100644 index 000000000..bf0199926 --- /dev/null +++ b/security/nss/lib/freebl/prng_fips1861.c @@ -0,0 +1,513 @@ +/* + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" +#include "prinit.h" +#include "blapi.h" +#include "nssilock.h" +#include "secitem.h" +#include "sha_fast.h" +#include "secrng.h" /* for RNG_GetNoise() */ + +/* + * The minimum amount of seed data required before the generator will + * provide data. + * Note that this is a measure of the number of bytes sent to + * RNG_RandomUpdate, not the actual amount of entropy present in the + * generator. Naturally, it is impossible to know (at this level) just + * how much entropy is present in the provided seed data. A bare minimum + * of entropy would be 20 bytes, so by requiring 1K this code is making + * the tacit assumption that at least 1 byte of pure entropy is provided + * with every 8 bytes supplied to RNG_RandomUpdate. The reality of this + * assumption is left up to the caller. + */ +#define MIN_SEED_COUNT 1024 + +/* + * Steps taken from FIPS 186-1 Appendix 3.1 + */ + +/* + * According to FIPS 186-1, 160 <= b <= 512 + * For our purposes, we will assume b == 160 + */ +#define FIPS_B 160 +#define BSIZE FIPS_B / BITS_PER_BYTE + +/* + * Add two 160-bit numbers represented as arrays of 20 bytes. + * The numbers are big-endian, MSB first, so addition is done + * from the end of the buffer to the beginning. + */ +#define ADD_160BIT_PLUS_CARRY(dest, add1, add2, cy) \ + carry = cy; \ + for (i=BSIZE-1; i>=0; --i) { \ + carry += add1[i] + add2[i]; \ + dest[i] = (PRUint8)carry; \ + carry >>= 8; \ + } + +#define ADD_160BIT_2(dest, add1, add2) \ + ADD_160BIT_PLUS_CARRY(dest, add1, add2, 0) + + +/* + * FIPS requires result from Step 3c to be reduced mod q when generating + * random numbers for DSA. + * by definition q >= 2^159 + 1, thus xj < 2q + * thus reducing mod q is simple subtraction when xj > q + */ +#define dsa_reduce_mod_q(xj, q) \ + PORT_Assert(q[0] >= 0x80); \ + if (memcmp(xj,q,BSIZE) > 0) { \ + carry = 0; \ + for (i=BSIZE-1; i>=0; --i) { \ + carry += (signed int)xj[i] - (signed int)q[i]; \ + xj[i] = (PRUint8)carry; \ + carry >>= 8; \ + } \ + } + +/* + * Specialized SHA1-like function. This function appends zeroes to a + * single input block and runs a single instance of the compression function, + * as specified in FIPS 186-1 appendix 3.3. + */ +void +RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx, + unsigned char *input, unsigned int inputLen, + unsigned char *hashout, unsigned int *pDigestLen, + unsigned int maxDigestLen); + +/* + * Global RNG context + */ +struct RNGContextStr { + PRUint8 XKEY[BSIZE]; /* Seed for next SHA iteration */ + PRUint8 Xj[BSIZE]; /* Output from previous operation */ + PZLock *lock; /* Lock to serialize access to global rng */ + PRUint8 avail; /* # bytes of output available, [0...20] */ + PRUint32 seedCount; /* number of seed bytes given to generator */ + PRBool isValid; /* false if RNG reaches an invalid state */ +}; +typedef struct RNGContextStr RNGContext; +static RNGContext *globalrng = NULL; + +/* + * Free the global RNG context + */ +static void +freeRNGContext() +{ + PZ_DestroyLock(globalrng->lock); + PORT_ZFree(globalrng, sizeof *globalrng); + globalrng = NULL; +} + +/* + * Implementation of the algorithm in FIPS 186-1 appendix 3.1, heretofore + * called alg3_1(). It is assumed a lock for the global rng context has + * already been acquired. + * Calling this function with XSEEDj == NULL is equivalent to saying there + * is no optional user input, which is further equivalent to saying that + * the optional user input is 0. + */ +static SECStatus +alg_fips186_1_x3_1(RNGContext *rng, + const unsigned char *XSEEDj, unsigned char *q) +{ + /* SHA1 context for G(t, XVAL) function */ + SHA1Context sha1cx; + /* input to hash function */ + PRUint8 XVAL[BSIZE]; + /* store a copy of the output to compare with the previous output */ + PRUint8 x_j[BSIZE]; + /* used by ADD_160BIT macros */ + int i, carry; + unsigned int len; + if (!rng->isValid) { + /* RNG has alread entered an invalid state. */ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* initialize the SHA1 context */ + memset(&sha1cx, 0, sizeof(sha1cx)); + /* + * <Step 2> Initialize t, taken care of in SHA-1 (same initial values) + */ + SHA1_Begin(&sha1cx); + /* + * <Step 3a> XSEEDj is optional user input + * + * <Step 3b> XVAL = (XKEY + XSEEDj) mod 2^b + * :always reduced mod 2^b, since storing as 160-bit value + */ + if (XSEEDj) { + /* XSEEDj > 0 */ + ADD_160BIT_2(XVAL, rng->XKEY, XSEEDj); + } else { + /* XSEEDj == 0 */ + memcpy(XVAL, rng->XKEY, BSIZE); + } + /* + * <Step 3c> Xj = G(t, XVAL) mod q + * :In this code, (mod q) is only understood for DSA ops, + * :not general RNG (what would q be in non-DSA uses?). + * :If a q is specified, use it. + * :FIPS 186-1 specifies a different padding than the SHA1 180-1 + * :specification, this function is implemented below. + */ + RNG_UpdateAndEnd_FIPS186_1(&sha1cx, XVAL, BSIZE, x_j, &len, BSIZE); + if (q != NULL) { + dsa_reduce_mod_q(x_j, q); + } + /* [FIPS 140-1] verify output does not match previous output */ + if (memcmp(x_j, rng->Xj, BSIZE) == 0) { + /* failed FIPS 140-1 continuous RNG condition. RNG now invalid. */ + rng->isValid = PR_FALSE; + return SECFailure; + } + /* Xj is the output */ + memcpy(rng->Xj, x_j, BSIZE); + /* + * <Step 3d> XKEY = (1 + XKEY + Xj) mod 2^b + * :always reduced mod 2^b, since storing as 160-bit value + */ + ADD_160BIT_PLUS_CARRY(rng->XKEY, rng->XKEY, x_j, 1); + /* Always have a full buffer after executing alg3_1() */ + rng->avail = BSIZE; + /* housekeeping */ + memset(x_j, 0, BSIZE); + memset(XVAL, 0, BSIZE); + return SECSuccess; +} + +/* Use NSPR to prevent RNG_RNGInit from being called from separate + * threads, creating a race condition. + */ +static PRCallOnceType coRNGInit = { 0, 0, 0 }; +static PRStatus rng_init(void) +{ + unsigned char bytes[120]; + unsigned int numBytes; + if (globalrng == NULL) { + /* create a new global RNG context */ + globalrng = (RNGContext *)PORT_ZAlloc(sizeof(RNGContext)); + if (globalrng == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return PR_FAILURE; + } + /* create a lock for it */ + globalrng->lock = PZ_NewLock(nssILockOther); + if (globalrng->lock == NULL) { + PORT_SetError(PR_OUT_OF_MEMORY_ERROR); + return PR_FAILURE; + } + /* the RNG is in a valid state */ + globalrng->isValid = PR_TRUE; + /* Try to get some seed data for the RNG */ + numBytes = RNG_GetNoise(bytes, sizeof bytes); + RNG_RandomUpdate(bytes, numBytes); + } + return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE; +} + +/* + * Initialize the global RNG context and give it some seed input taken + * from the system. This function is thread-safe and will only allow + * the global context to be initialized once. The seed input is likely + * small, so it is imperative that RNG_RandomUpdate() be called with + * additional seed data before the generator is used. A good way to + * provide the generator with additional entropy is to call + * RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that. + */ +SECStatus +RNG_RNGInit(void) +{ + /* Allow only one call to initialize the context */ + PR_CallOnce(&coRNGInit, rng_init); + /* Make sure there is a context */ + return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE; +} + +/* +** Update the global random number generator with more seeding +** material +*/ +SECStatus +prng_RandomUpdate(RNGContext *rng, const void *data, size_t bytes, + unsigned char *q) +{ + SECStatus rv = SECSuccess; + unsigned char inputhash[BSIZE]; + /* check for a valid global RNG context */ + PORT_Assert(rng != NULL); + if (rng == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* RNG_SystemInfoForRNG() sometimes does this, not really an error */ + if (bytes == 0) + return SECSuccess; + /* If received 20 bytes of input, use it, else hash the input before + * locking. + */ + if (bytes == BSIZE) + memcpy(inputhash, data, BSIZE); + else + rv = SHA1_HashBuf(inputhash, data, bytes); + if (rv != SECSuccess) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* --- LOCKED --- */ + PZ_Lock(rng->lock); + /* + * Random information is initially supplied by a call to + * RNG_SystemInfoForRNG(). That function collects entropy from + * the system and calls RNG_RandomUpdate() to seed the generator. + * FIPS 186-1 3.1 step 1 specifies that a secret value for the + * seed-key must be chosen before the generator can begin. The + * size of XKEY is b-bytes, so fill it with the first b-bytes + * sent to RNG_RandomUpdate(). + */ + if (rng->seedCount == 0) { + /* This is the first call to RandomUpdate(). Use a SHA1 hash + * of the input to set the seed, XKEY. + * + * <Step 1> copy seed bytes into context's XKEY + */ + memcpy(rng->XKEY, inputhash, BSIZE); + /* + * Now continue with algorithm. Since the input was used to + * initialize XKEY, the "optional user input" at this stage + * will be a pad of zeros, XSEEDj = 0. + */ + rv = alg_fips186_1_x3_1(rng, NULL, q); + /* As per FIPS 140-1 continuous RNG requirement, the first + * iteration of output is discarded. So here there is really + * no output available. This forces another execution of alg3_1() + * before any bytes can be extracted from the generator. + */ + rng->avail = 0; + } else { + /* Execute the algorithm from FIPS 186-1 appendix 3.1 */ + rv = alg_fips186_1_x3_1(rng, inputhash, q); + } + /* If got this far, have added bytes of seed data. */ + rng->seedCount += bytes; + PZ_Unlock(rng->lock); + /* --- UNLOCKED --- */ + /* housekeeping */ + memset(inputhash, 0, BSIZE); + return rv; +} + +/* +** Update the global random number generator with more seeding +** material. Not DSA, so no q. +*/ +SECStatus +RNG_RandomUpdate(const void *data, size_t bytes) +{ + return prng_RandomUpdate(globalrng, data, bytes, NULL); +} + +/* +** Generate some random bytes, using the global random number generator +** object. +*/ +SECStatus +prng_GenerateGlobalRandomBytes(RNGContext *rng, + void *dest, size_t len, unsigned char *q) +{ + PRUint8 num; + SECStatus rv = SECSuccess; + unsigned char *output = dest; + /* check for a valid global RNG context */ + PORT_Assert(rng != NULL); + if (rng == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* --- LOCKED --- */ + PZ_Lock(rng->lock); + /* Check the amount of seed data in the generator. If not enough, + * don't produce any data. + */ + if (rng->seedCount < MIN_SEED_COUNT) { + PZ_Unlock(rng->lock); + PORT_SetError(SEC_ERROR_NEED_RANDOM); + return SECFailure; + } + /* + * If there are enough bytes of random data, send back Xj, + * else call alg3_1() with 0's to generate more random data. + */ + while (len > 0) { + if (rng->avail == 0) + /* All available bytes are used, so generate more. */ + rv = alg_fips186_1_x3_1(rng, NULL, q); + /* number of bytes to obtain on this iteration (max of 20) */ + num = PR_MIN(rng->avail, len); + /* if avail < BSIZE, the first avail bytes have already been used. */ + memcpy(output, rng->Xj + (BSIZE - rng->avail), num); + rng->avail -= num; + len -= num; + output += num; + } + PZ_Unlock(rng->lock); + /* --- UNLOCKED --- */ + return rv; +} + +/* +** Generate some random bytes, using the global random number generator +** object. Not DSA, so no q. +*/ +SECStatus +RNG_GenerateGlobalRandomBytes(void *dest, size_t len) +{ + return prng_GenerateGlobalRandomBytes(globalrng, dest, len, NULL); +} + +void +RNG_RNGShutdown(void) +{ + /* check for a valid global RNG context */ + PORT_Assert(globalrng != NULL); + if (globalrng == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return; + } + /* clear */ + freeRNGContext(); + /* zero the callonce struct to allow a new call to RNG_RNGInit() */ + memset(&coRNGInit, 0, sizeof coRNGInit); +} + +/* + * SHA: Generate hash value from context + * Specialized function for PRNG + * The PRNG specified in FIPS 186-1 3.3 uses a function, G, + * which has the same initialization and compression functions + * as SHA1 180-1, but uses different padding. FIPS 186-1 3.3 + * specifies that the message be padded with 0's until the size + * reaches 512 bits. + */ +void +RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx, + unsigned char *input, unsigned int inputLen, + unsigned char *hashout, unsigned int *pDigestLen, + unsigned int maxDigestLen) +{ + register PRUint32 A; + static const unsigned char bulk_pad0[64] = { 0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; + + PORT_Assert(maxDigestLen >= SHA1_LENGTH); + PORT_Assert(inputLen <= SHA1_INPUT_LEN); + + /* + * Add the input + */ + SHA1_Update(ctx, input, inputLen); + /* + * Pad with zeroes + * This will fill the input block and cause the compression function + * to be called. + */ + SHA1_Update(ctx, bulk_pad0, SHA1_INPUT_LEN - inputLen); + + /* + * Output hash + */ +#if defined(IS_LITTLE_ENDIAN) + SHA_BYTESWAP(ctx->H[0]); + SHA_BYTESWAP(ctx->H[1]); + SHA_BYTESWAP(ctx->H[2]); + SHA_BYTESWAP(ctx->H[3]); + SHA_BYTESWAP(ctx->H[4]); +#endif + memcpy(hashout, ctx->H, SHA1_LENGTH); + *pDigestLen = SHA1_LENGTH; + + /* + * Re-initialize the context (also zeroizes contents) + */ + SHA1_Begin(ctx); +} + +/* + * Specialized RNG for DSA + * + * As per FIPS 186-1 appendix 3.1, in step 5 the value Xj should + * be reduced mod q, a 160-bit prime number. Since this parameter is + * only meaningful in the context of DSA, the above RNG functions + * were implemented without it. They are re-implemented below for use + * with DSA. + * + */ + +/* +** Update the global random number generator with more seeding +** material. DSA needs a q parameter. +*/ +SECStatus +DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q) +{ + if( q && (*q == 0) ) { + ++q; + } + return prng_RandomUpdate(globalrng, data, bytes, q); +} + +/* +** Generate some random bytes, using the global random number generator +** object. In DSA mode, so there is a q. +*/ +SECStatus +DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q) +{ + if( q && (*q == 0) ) { + ++q; + } + return prng_GenerateGlobalRandomBytes(globalrng, dest, len, q); +} diff --git a/security/nss/lib/freebl/rijndael.c b/security/nss/lib/freebl/rijndael.c new file mode 100644 index 000000000..374a0fad4 --- /dev/null +++ b/security/nss/lib/freebl/rijndael.c @@ -0,0 +1,1136 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "prinit.h" +#include "prerr.h" +#include "secerr.h" + +#include "prtypes.h" +#include "blapi.h" +#include "rijndael.h" + +/* + * There are currently five ways to build this code, varying in performance + * and code size. + * + * RIJNDAEL_INCLUDE_TABLES Include all tables from rijndael32.tab + * RIJNDAEL_GENERATE_TABLES Generate tables on first + * encryption/decryption, then store them; + * use the function gfm + * RIJNDAEL_GENERATE_TABLES_MACRO Same as above, but use macros to do + * the generation + * RIJNDAEL_GENERATE_VALUES Do not store tables, generate the table + * values "on-the-fly", using gfm + * RIJNDAEL_GENERATE_VALUES_MACRO Same as above, but use macros + * + * The default is RIJNDAEL_INCLUDE_TABLES. + */ + +/* + * When building RIJNDAEL_INCLUDE_TABLES, includes S**-1, Rcon, T[0..4], + * T**-1[0..4], IMXC[0..4] + * When building anything else, includes S, S**-1, Rcon + */ +#include "rijndael32.tab" + +#if defined(RIJNDAEL_INCLUDE_TABLES) +/* + * RIJNDAEL_INCLUDE_TABLES + */ +#define T0(i) _T0[i] +#define T1(i) _T1[i] +#define T2(i) _T2[i] +#define T3(i) _T3[i] +#define TInv0(i) _TInv0[i] +#define TInv1(i) _TInv1[i] +#define TInv2(i) _TInv2[i] +#define TInv3(i) _TInv3[i] +#define IMXC0(b) _IMXC0[b] +#define IMXC1(b) _IMXC1[b] +#define IMXC2(b) _IMXC2[b] +#define IMXC3(b) _IMXC3[b] +/* The S-box can be recovered from the T-tables */ +#ifdef IS_LITTLE_ENDIAN +#define SBOX(b) ((PRUint8)_T3[b]) +#else +#define SBOX(b) ((PRUint8)_T1[b]) +#endif +#define SINV(b) (_SInv[b]) + +#else /* not RIJNDAEL_INCLUDE_TABLES */ + +/* + * Code for generating T-table values. + */ + +#ifdef IS_LITTLE_ENDIAN +#define WORD4(b0, b1, b2, b3) \ + (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | (b0)) +#else +#define WORD4(b0, b1, b2, b3) \ + (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | (b3)) +#endif + +/* + * Define the S and S**-1 tables (both have been stored) + */ +#define SBOX(b) (_S[b]) +#define SINV(b) (_SInv[b]) + +/* + * The function xtime, used for Galois field multiplication + */ +#define XTIME(a) \ + ((a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1)) + +/* Choose GFM method (macros or function) */ +#if defined(RIJNDAEL_GENERATE_TABLES_MACRO) || \ + defined(RIJNDAEL_GENERATE_VALUES_MACRO) + +/* + * Galois field GF(2**8) multipliers, in macro form + */ +#define GFM01(a) \ + (a) /* a * 01 = a, the identity */ +#define GFM02(a) \ + (XTIME(a) & 0xff) /* a * 02 = xtime(a) */ +#define GFM04(a) \ + (GFM02(GFM02(a))) /* a * 04 = xtime**2(a) */ +#define GFM08(a) \ + (GFM02(GFM04(a))) /* a * 08 = xtime**3(a) */ +#define GFM03(a) \ + (GFM01(a) ^ GFM02(a)) /* a * 03 = a * (01 + 02) */ +#define GFM09(a) \ + (GFM01(a) ^ GFM08(a)) /* a * 09 = a * (01 + 08) */ +#define GFM0B(a) \ + (GFM01(a) ^ GFM02(a) ^ GFM08(a)) /* a * 0B = a * (01 + 02 + 08) */ +#define GFM0D(a) \ + (GFM01(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0D = a * (01 + 04 + 08) */ +#define GFM0E(a) \ + (GFM02(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0E = a * (02 + 04 + 08) */ + +#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_VALUES */ + +/* GF_MULTIPLY + * + * multiply two bytes represented in GF(2**8), mod (x**4 + 1) + */ +PRUint8 gfm(PRUint8 a, PRUint8 b) +{ + PRUint8 res = 0; + while (b > 0) { + res = (b & 0x01) ? res ^ a : res; + a = XTIME(a); + b >>= 1; + } + return res; +} + +#define GFM01(a) \ + (a) /* a * 01 = a, the identity */ +#define GFM02(a) \ + (XTIME(a) & 0xff) /* a * 02 = xtime(a) */ +#define GFM03(a) \ + (gfm(a, 0x03)) /* a * 03 */ +#define GFM09(a) \ + (gfm(a, 0x09)) /* a * 09 */ +#define GFM0B(a) \ + (gfm(a, 0x0B)) /* a * 0B */ +#define GFM0D(a) \ + (gfm(a, 0x0D)) /* a * 0D */ +#define GFM0E(a) \ + (gfm(a, 0x0E)) /* a * 0E */ + +#endif /* choosing GFM function */ + +/* + * The T-tables + */ +#define G_T0(i) \ + ( WORD4( GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)) ) ) +#define G_T1(i) \ + ( WORD4( GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)) ) ) +#define G_T2(i) \ + ( WORD4( GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)) ) ) +#define G_T3(i) \ + ( WORD4( GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)) ) ) + +/* + * The inverse T-tables + */ +#define G_TInv0(i) \ + ( WORD4( GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)) ) ) +#define G_TInv1(i) \ + ( WORD4( GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)) ) ) +#define G_TInv2(i) \ + ( WORD4( GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)) ) ) +#define G_TInv3(i) \ + ( WORD4( GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)) ) ) + +/* + * The inverse mix column tables + */ +#define G_IMXC0(i) \ + ( WORD4( GFM0E(i), GFM09(i), GFM0D(i), GFM0B(i) ) ) +#define G_IMXC1(i) \ + ( WORD4( GFM0B(i), GFM0E(i), GFM09(i), GFM0D(i) ) ) +#define G_IMXC2(i) \ + ( WORD4( GFM0D(i), GFM0B(i), GFM0E(i), GFM09(i) ) ) +#define G_IMXC3(i) \ + ( WORD4( GFM09(i), GFM0D(i), GFM0B(i), GFM0E(i) ) ) + +/* Now choose the T-table indexing method */ +#if defined(RIJNDAEL_GENERATE_VALUES) +/* generate values for the tables with a function*/ +static PRUint32 gen_TInvXi(PRUint8 tx, PRUint8 i) +{ + PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E; + si01 = SINV(i); + si02 = XTIME(si01); + si04 = XTIME(si02); + si08 = XTIME(si04); + si03 = si02 ^ si01; + si09 = si08 ^ si01; + si0B = si08 ^ si03; + si0D = si09 ^ si04; + si0E = si08 ^ si04 ^ si02; + switch (tx) { + case 0: + return WORD4(si0E, si09, si0D, si0B); + case 1: + return WORD4(si0B, si0E, si09, si0D); + case 2: + return WORD4(si0D, si0B, si0E, si09); + case 3: + return WORD4(si09, si0D, si0B, si0E); + } + return -1; +} +#define T0(i) G_T0(i) +#define T1(i) G_T1(i) +#define T2(i) G_T2(i) +#define T3(i) G_T3(i) +#define TInv0(i) gen_TInvXi(0, i) +#define TInv1(i) gen_TInvXi(1, i) +#define TInv2(i) gen_TInvXi(2, i) +#define TInv3(i) gen_TInvXi(3, i) +#define IMXC0(b) G_IMXC0(b) +#define IMXC1(b) G_IMXC1(b) +#define IMXC2(b) G_IMXC2(b) +#define IMXC3(b) G_IMXC3(b) +#elif defined(RIJNDAEL_GENERATE_VALUES_MACRO) +/* generate values for the tables with macros */ +#define T0(i) G_T0(i) +#define T1(i) G_T1(i) +#define T2(i) G_T2(i) +#define T3(i) G_T3(i) +#define TInv0(i) G_TInv0(i) +#define TInv1(i) G_TInv1(i) +#define TInv2(i) G_TInv2(i) +#define TInv3(i) G_TInv3(i) +#define IMXC0(b) G_IMXC0(b) +#define IMXC1(b) G_IMXC1(b) +#define IMXC2(b) G_IMXC2(b) +#define IMXC3(b) G_IMXC3(b) +#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_TABLES_MACRO */ +/* Generate T and T**-1 table values and store, then index */ +/* The inverse mix column tables are still generated */ +#define T0(i) rijndaelTables->T0[i] +#define T1(i) rijndaelTables->T1[i] +#define T2(i) rijndaelTables->T2[i] +#define T3(i) rijndaelTables->T3[i] +#define TInv0(i) rijndaelTables->TInv0[i] +#define TInv1(i) rijndaelTables->TInv1[i] +#define TInv2(i) rijndaelTables->TInv2[i] +#define TInv3(i) rijndaelTables->TInv3[i] +#define IMXC0(b) G_IMXC0(b) +#define IMXC1(b) G_IMXC1(b) +#define IMXC2(b) G_IMXC2(b) +#define IMXC3(b) G_IMXC3(b) +#endif /* choose T-table indexing method */ + +#endif /* not RIJNDAEL_INCLUDE_TABLES */ + +#if defined(RIJNDAEL_GENERATE_TABLES) || \ + defined(RIJNDAEL_GENERATE_TABLES_MACRO) + +/* Code to generate and store the tables */ + +struct rijndael_tables_str { + PRUint32 T0[256]; + PRUint32 T1[256]; + PRUint32 T2[256]; + PRUint32 T3[256]; + PRUint32 TInv0[256]; + PRUint32 TInv1[256]; + PRUint32 TInv2[256]; + PRUint32 TInv3[256]; +}; + +static struct rijndael_tables_str *rijndaelTables = NULL; +static PRCallOnceType coRTInit = { 0, 0, 0 }; +static PRStatus +init_rijndael_tables(void) +{ + PRUint32 i; + PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E; + struct rijndael_tables_str *rts; + rts = (struct rijndael_tables_str *) + PORT_Alloc(sizeof(struct rijndael_tables_str)); + if (!rts) return PR_FAILURE; + for (i=0; i<256; i++) { + /* The forward values */ + si01 = SBOX(i); + si02 = XTIME(si01); + si03 = si02 ^ si01; + rts->T0[i] = WORD4(si02, si01, si01, si03); + rts->T1[i] = WORD4(si03, si02, si01, si01); + rts->T2[i] = WORD4(si01, si03, si02, si01); + rts->T3[i] = WORD4(si01, si01, si03, si02); + /* The inverse values */ + si01 = SINV(i); + si02 = XTIME(si01); + si04 = XTIME(si02); + si08 = XTIME(si04); + si03 = si02 ^ si01; + si09 = si08 ^ si01; + si0B = si08 ^ si03; + si0D = si09 ^ si04; + si0E = si08 ^ si04 ^ si02; + rts->TInv0[i] = WORD4(si0E, si09, si0D, si0B); + rts->TInv1[i] = WORD4(si0B, si0E, si09, si0D); + rts->TInv2[i] = WORD4(si0D, si0B, si0E, si09); + rts->TInv3[i] = WORD4(si09, si0D, si0B, si0E); + } + /* wait until all the values are in to set */ + rijndaelTables = rts; + return PR_SUCCESS; +} + +#endif /* code to generate tables */ + +/************************************************************************** + * + * Stuff related to the Rijndael key schedule + * + *************************************************************************/ + +#define SUBBYTE(w) \ + ((SBOX((w >> 24) & 0xff) << 24) | \ + (SBOX((w >> 16) & 0xff) << 16) | \ + (SBOX((w >> 8) & 0xff) << 8) | \ + (SBOX((w ) & 0xff) )) + +#ifdef IS_LITTLE_ENDIAN +#define ROTBYTE(b) \ + ((b >> 8) | (b << 24)) +#else +#define ROTBYTE(b) \ + ((b << 8) | (b >> 24)) +#endif + +/* rijndael_key_expansion7 + * + * Generate the expanded key from the key input by the user. + * XXX + * Nk == 7 (224 key bits) is a weird case. Since Nk > 6, an added SubByte + * transformation is done periodically. The period is every 4 bytes, and + * since 7%4 != 0 this happens at different times for each key word (unlike + * Nk == 8 where it happens twice in every key word, in the same positions). + * For now, I'm implementing this case "dumbly", w/o any unrolling. + */ +static SECStatus +rijndael_key_expansion7(AESContext *cx, unsigned char *key, unsigned int Nk) +{ + unsigned int i; + PRUint32 *W; + PRUint32 *pW; + PRUint32 tmp; + W = cx->expandedKey; + /* 1. the first Nk words contain the cipher key */ + memcpy(W, key, Nk * 4); + i = Nk; + /* 2. loop until full expanded key is obtained */ + pW = W + i - 1; + for (; i < cx->Nb * (cx->Nr + 1); ++i) { + tmp = *pW++; + if (i % Nk == 0) + tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1]; + else if (i % Nk == 4) + tmp = SUBBYTE(tmp); + *pW = W[i - Nk] ^ tmp; + } + return SECSuccess; +} + +/* rijndael_key_expansion + * + * Generate the expanded key from the key input by the user. + */ +static SECStatus +rijndael_key_expansion(AESContext *cx, unsigned char *key, unsigned int Nk) +{ + unsigned int i; + PRUint32 *W; + PRUint32 *pW; + PRUint32 tmp; + unsigned int round_key_words = cx->Nb * (cx->Nr + 1); + if (Nk == 7) + return rijndael_key_expansion7(cx, key, Nk); + W = cx->expandedKey; + /* The first Nk words contain the input cipher key */ + memcpy(W, key, Nk * 4); + i = Nk; + pW = W + i - 1; + /* Loop over all sets of Nk words, except the last */ + while (i < round_key_words - Nk) { + tmp = *pW++; + tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1]; + *pW = W[i++ - Nk] ^ tmp; + tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + if (Nk == 4) + continue; + switch (Nk) { + case 8: tmp = *pW++; tmp = SUBBYTE(tmp); *pW = W[i++ - Nk] ^ tmp; + case 7: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + case 6: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + case 5: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp; + } + } + /* Generate the last word */ + tmp = *pW++; + tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1]; + *pW = W[i++ - Nk] ^ tmp; + /* There may be overflow here, if Nk % (Nb * (Nr + 1)) > 0. However, + * since the above loop generated all but the last Nk key words, there + * is no more need for the SubByte transformation. + */ + if (Nk < 8) { + for (; i < round_key_words; ++i) { + tmp = *pW++; + *pW = W[i - Nk] ^ tmp; + } + } else { + /* except in the case when Nk == 8. Then one more SubByte may have + * to be performed, at i % Nk == 4. + */ + for (; i < round_key_words; ++i) { + tmp = *pW++; + if (i % Nk == 4) + tmp = SUBBYTE(tmp); + *pW = W[i - Nk] ^ tmp; + } + } + return SECSuccess; +} + +/* rijndael_invkey_expansion + * + * Generate the expanded key for the inverse cipher from the key input by + * the user. + */ +static SECStatus +rijndael_invkey_expansion(AESContext *cx, unsigned char *key, unsigned int Nk) +{ + unsigned int r; + PRUint32 *roundkeyw; + PRUint8 *b; + int Nb = cx->Nb; + /* begins like usual key expansion ... */ + if (rijndael_key_expansion(cx, key, Nk) != SECSuccess) + return SECFailure; + /* ... but has the additional step of InvMixColumn, + * excepting the first and last round keys. + */ + roundkeyw = cx->expandedKey + cx->Nb; + for (r=1; r<cx->Nr; ++r) { + /* each key word, roundkeyw, represents a column in the key + * matrix. Each column is multiplied by the InvMixColumn matrix. + * [ 0E 0B 0D 09 ] [ b0 ] + * [ 09 0E 0B 0D ] * [ b1 ] + * [ 0D 09 0E 0B ] [ b2 ] + * [ 0B 0D 09 0E ] [ b3 ] + */ + b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]); + b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]); + b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]); + b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]); + if (Nb <= 4) + continue; + switch (Nb) { + case 8: b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ + IMXC2(b[2]) ^ IMXC3(b[3]); + case 7: b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ + IMXC2(b[2]) ^ IMXC3(b[3]); + case 6: b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ + IMXC2(b[2]) ^ IMXC3(b[3]); + case 5: b = (PRUint8 *)roundkeyw; + *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ + IMXC2(b[2]) ^ IMXC3(b[3]); + } + } + return SECSuccess; +} +/************************************************************************** + * + * Stuff related to Rijndael encryption/decryption, optimized for + * a 128-bit blocksize. + * + *************************************************************************/ + +#ifdef IS_LITTLE_ENDIAN +#define BYTE0WORD(w) ((w) & 0x000000ff) +#define BYTE1WORD(w) ((w) & 0x0000ff00) +#define BYTE2WORD(w) ((w) & 0x00ff0000) +#define BYTE3WORD(w) ((w) & 0xff000000) +#else +#define BYTE0WORD(w) ((w) & 0xff000000) +#define BYTE1WORD(w) ((w) & 0x00ff0000) +#define BYTE2WORD(w) ((w) & 0x0000ff00) +#define BYTE3WORD(w) ((w) & 0x000000ff) +#endif + +typedef union { + PRUint32 w[4]; + PRUint8 b[16]; +} rijndael_state; + +#define COLUMN_0(state) state.w[0] +#define COLUMN_1(state) state.w[1] +#define COLUMN_2(state) state.w[2] +#define COLUMN_3(state) state.w[3] + +#define STATE_BYTE(i) state.b[i] + +static SECStatus +rijndael_encryptBlock128(AESContext *cx, + unsigned char *output, + const unsigned char *input) +{ + unsigned int r; + PRUint32 *roundkeyw; + rijndael_state state; + PRUint32 C0, C1, C2, C3; +#if defined(_X86_) +#define pIn input +#define pOut output +#else + unsigned char *pIn, *pOut; + PRUint32 inBuf[4], outBuf[4]; + + if ((ptrdiff_t)input & 0x3) { + memcpy(inBuf, input, sizeof inBuf); + pIn = (unsigned char *)inBuf; + } else { + pIn = (unsigned char *)input; + } + if ((ptrdiff_t)output & 0x3) { + pOut = (unsigned char *)outBuf; + } else { + pOut = (unsigned char *)output; + } +#endif + roundkeyw = cx->expandedKey; + /* Step 1: Add Round Key 0 to initial state */ + COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw++; + COLUMN_1(state) = *((PRUint32 *)(pIn + 4 )) ^ *roundkeyw++; + COLUMN_2(state) = *((PRUint32 *)(pIn + 8 )) ^ *roundkeyw++; + COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++; + /* Step 2: Loop over rounds [1..NR-1] */ + for (r=1; r<cx->Nr; ++r) { + /* Do ShiftRow, ByteSub, and MixColumn all at once */ + C0 = T0(STATE_BYTE(0)) ^ + T1(STATE_BYTE(5)) ^ + T2(STATE_BYTE(10)) ^ + T3(STATE_BYTE(15)); + C1 = T0(STATE_BYTE(4)) ^ + T1(STATE_BYTE(9)) ^ + T2(STATE_BYTE(14)) ^ + T3(STATE_BYTE(3)); + C2 = T0(STATE_BYTE(8)) ^ + T1(STATE_BYTE(13)) ^ + T2(STATE_BYTE(2)) ^ + T3(STATE_BYTE(7)); + C3 = T0(STATE_BYTE(12)) ^ + T1(STATE_BYTE(1)) ^ + T2(STATE_BYTE(6)) ^ + T3(STATE_BYTE(11)); + /* Round key addition */ + COLUMN_0(state) = C0 ^ *roundkeyw++; + COLUMN_1(state) = C1 ^ *roundkeyw++; + COLUMN_2(state) = C2 ^ *roundkeyw++; + COLUMN_3(state) = C3 ^ *roundkeyw++; + } + /* Step 3: Do the last round */ + /* Final round does not employ MixColumn */ + C0 = ((BYTE0WORD(T2(STATE_BYTE(0)))) | + (BYTE1WORD(T3(STATE_BYTE(5)))) | + (BYTE2WORD(T0(STATE_BYTE(10)))) | + (BYTE3WORD(T1(STATE_BYTE(15))))) ^ + *roundkeyw++; + C1 = ((BYTE0WORD(T2(STATE_BYTE(4)))) | + (BYTE1WORD(T3(STATE_BYTE(9)))) | + (BYTE2WORD(T0(STATE_BYTE(14)))) | + (BYTE3WORD(T1(STATE_BYTE(3))))) ^ + *roundkeyw++; + C2 = ((BYTE0WORD(T2(STATE_BYTE(8)))) | + (BYTE1WORD(T3(STATE_BYTE(13)))) | + (BYTE2WORD(T0(STATE_BYTE(2)))) | + (BYTE3WORD(T1(STATE_BYTE(7))))) ^ + *roundkeyw++; + C3 = ((BYTE0WORD(T2(STATE_BYTE(12)))) | + (BYTE1WORD(T3(STATE_BYTE(1)))) | + (BYTE2WORD(T0(STATE_BYTE(6)))) | + (BYTE3WORD(T1(STATE_BYTE(11))))) ^ + *roundkeyw++; + *((PRUint32 *) pOut ) = C0; + *((PRUint32 *)(pOut + 4)) = C1; + *((PRUint32 *)(pOut + 8)) = C2; + *((PRUint32 *)(pOut + 12)) = C3; +#if defined(_X86_) +#undef pIn +#undef pOut +#else + if ((ptrdiff_t)output & 0x3) { + memcpy(output, outBuf, sizeof outBuf); + } +#endif + return SECSuccess; +} + +static SECStatus +rijndael_decryptBlock128(AESContext *cx, + unsigned char *output, + const unsigned char *input) +{ + int r; + PRUint32 *roundkeyw; + rijndael_state state; + PRUint32 C0, C1, C2, C3; +#if defined(_X86_) +#define pIn input +#define pOut output +#else + unsigned char *pIn, *pOut; + PRUint32 inBuf[4], outBuf[4]; + + if ((ptrdiff_t)input & 0x3) { + memcpy(inBuf, input, sizeof inBuf); + pIn = (unsigned char *)inBuf; + } else { + pIn = (unsigned char *)input; + } + if ((ptrdiff_t)output & 0x3) { + pOut = (unsigned char *)outBuf; + } else { + pOut = (unsigned char *)output; + } +#endif + roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3; + /* reverse the final key addition */ + COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--; + COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw--; + COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw--; + COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw--; + /* Loop over rounds in reverse [NR..1] */ + for (r=cx->Nr; r>1; --r) { + /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */ + C0 = TInv0(STATE_BYTE(0)) ^ + TInv1(STATE_BYTE(13)) ^ + TInv2(STATE_BYTE(10)) ^ + TInv3(STATE_BYTE(7)); + C1 = TInv0(STATE_BYTE(4)) ^ + TInv1(STATE_BYTE(1)) ^ + TInv2(STATE_BYTE(14)) ^ + TInv3(STATE_BYTE(11)); + C2 = TInv0(STATE_BYTE(8)) ^ + TInv1(STATE_BYTE(5)) ^ + TInv2(STATE_BYTE(2)) ^ + TInv3(STATE_BYTE(15)); + C3 = TInv0(STATE_BYTE(12)) ^ + TInv1(STATE_BYTE(9)) ^ + TInv2(STATE_BYTE(6)) ^ + TInv3(STATE_BYTE(3)); + /* Invert the key addition step */ + COLUMN_3(state) = C3 ^ *roundkeyw--; + COLUMN_2(state) = C2 ^ *roundkeyw--; + COLUMN_1(state) = C1 ^ *roundkeyw--; + COLUMN_0(state) = C0 ^ *roundkeyw--; + } + /* inverse sub */ + pOut[ 0] = SINV(STATE_BYTE( 0)); + pOut[ 1] = SINV(STATE_BYTE(13)); + pOut[ 2] = SINV(STATE_BYTE(10)); + pOut[ 3] = SINV(STATE_BYTE( 7)); + pOut[ 4] = SINV(STATE_BYTE( 4)); + pOut[ 5] = SINV(STATE_BYTE( 1)); + pOut[ 6] = SINV(STATE_BYTE(14)); + pOut[ 7] = SINV(STATE_BYTE(11)); + pOut[ 8] = SINV(STATE_BYTE( 8)); + pOut[ 9] = SINV(STATE_BYTE( 5)); + pOut[10] = SINV(STATE_BYTE( 2)); + pOut[11] = SINV(STATE_BYTE(15)); + pOut[12] = SINV(STATE_BYTE(12)); + pOut[13] = SINV(STATE_BYTE( 9)); + pOut[14] = SINV(STATE_BYTE( 6)); + pOut[15] = SINV(STATE_BYTE( 3)); + /* final key addition */ + *((PRUint32 *)(pOut + 12)) ^= *roundkeyw--; + *((PRUint32 *)(pOut + 8)) ^= *roundkeyw--; + *((PRUint32 *)(pOut + 4)) ^= *roundkeyw--; + *((PRUint32 *) pOut ) ^= *roundkeyw--; +#if defined(_X86_) +#undef pIn +#undef pOut +#else + if ((ptrdiff_t)output & 0x3) { + memcpy(output, outBuf, sizeof outBuf); + } +#endif + return SECSuccess; +} + +/************************************************************************** + * + * Stuff related to general Rijndael encryption/decryption, for blocksizes + * greater than 128 bits. + * + * XXX This code is currently untested! So far, AES specs have only been + * released for 128 bit blocksizes. This will be tested, but for now + * only the code above has been tested using known values. + * + *************************************************************************/ + +#define COLUMN(array, j) *((PRUint32 *)(array + j)) + +SECStatus +rijndael_encryptBlock(AESContext *cx, + unsigned char *output, + const unsigned char *input) +{ + return SECFailure; +#ifdef rijndael_large_blocks_fixed + unsigned int j, r, Nb; + unsigned int c2=0, c3=0; + PRUint32 *roundkeyw; + PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE]; + Nb = cx->Nb; + roundkeyw = cx->expandedKey; + /* Step 1: Add Round Key 0 to initial state */ + for (j=0; j<4*Nb; j+=4) { + COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw++; + } + /* Step 2: Loop over rounds [1..NR-1] */ + for (r=1; r<cx->Nr; ++r) { + for (j=0; j<Nb; ++j) { + COLUMN(output, j) = T0(STATE_BYTE(4* j )) ^ + T1(STATE_BYTE(4*((j+ 1)%Nb)+1)) ^ + T2(STATE_BYTE(4*((j+c2)%Nb)+2)) ^ + T3(STATE_BYTE(4*((j+c3)%Nb)+3)); + } + for (j=0; j<4*Nb; j+=4) { + COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw++; + } + } + /* Step 3: Do the last round */ + /* Final round does not employ MixColumn */ + for (j=0; j<Nb; ++j) { + COLUMN(output, j) = ((BYTE0WORD(T2(STATE_BYTE(4* j )))) | + (BYTE1WORD(T3(STATE_BYTE(4*(j+ 1)%Nb)+1))) | + (BYTE2WORD(T0(STATE_BYTE(4*(j+c2)%Nb)+2))) | + (BYTE3WORD(T1(STATE_BYTE(4*(j+c3)%Nb)+3)))) ^ + *roundkeyw++; + } + return SECSuccess; +#endif +} + +SECStatus +rijndael_decryptBlock(AESContext *cx, + unsigned char *output, + const unsigned char *input) +{ + return SECFailure; +#ifdef rijndael_large_blocks_fixed + int j, r, Nb; + int c2=0, c3=0; + PRUint32 *roundkeyw; + PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE]; + Nb = cx->Nb; + roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3; + /* reverse key addition */ + for (j=4*Nb; j>=0; j-=4) { + COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw--; + } + /* Loop over rounds in reverse [NR..1] */ + for (r=cx->Nr; r>1; --r) { + /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */ + for (j=0; j<Nb; ++j) { + COLUMN(output, 4*j) = TInv0(STATE_BYTE(4* j )) ^ + TInv1(STATE_BYTE(4*(j+Nb- 1)%Nb)+1) ^ + TInv2(STATE_BYTE(4*(j+Nb-c2)%Nb)+2) ^ + TInv3(STATE_BYTE(4*(j+Nb-c3)%Nb)+3); + } + /* Invert the key addition step */ + for (j=4*Nb; j>=0; j-=4) { + COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw--; + } + } + /* inverse sub */ + for (j=0; j<4*Nb; ++j) { + output[j] = SINV(clone[j]); + } + /* final key addition */ + for (j=4*Nb; j>=0; j-=4) { + COLUMN(output, j) ^= *roundkeyw--; + } + return SECSuccess; +#endif +} + +/************************************************************************** + * + * Rijndael modes of operation (ECB and CBC) + * + *************************************************************************/ + +static SECStatus +rijndael_encryptECB(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen, + int blocksize) +{ + SECStatus rv; + AESBlockFunc *encryptor; + encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) + ? &rijndael_encryptBlock128 + : &rijndael_encryptBlock; + while (inputLen > 0) { + rv = (*encryptor)(cx, output, input); + if (rv != SECSuccess) + return rv; + output += blocksize; + input += blocksize; + inputLen -= blocksize; + } + return SECSuccess; +} + +static SECStatus +rijndael_encryptCBC(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen, + int blocksize) +{ + int j; + SECStatus rv; + AESBlockFunc *encryptor; + unsigned char *lastblock; + unsigned char inblock[RIJNDAEL_MAX_STATE_SIZE * 8]; + + if (!inputLen) + return SECSuccess; + lastblock = cx->iv; + encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) + ? &rijndael_encryptBlock128 + : &rijndael_encryptBlock; + while (inputLen > 0) { + /* XOR with the last block (IV if first block) */ + for (j=0; j<blocksize; ++j) + inblock[j] = input[j] ^ lastblock[j]; + /* encrypt */ + rv = (*encryptor)(cx, output, inblock); + if (rv != SECSuccess) + return rv; + /* move to the next block */ + lastblock = output; + output += blocksize; + input += blocksize; + inputLen -= blocksize; + } + memcpy(cx->iv, lastblock, blocksize); + return SECSuccess; +} + +static SECStatus +rijndael_decryptECB(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen, + int blocksize) +{ + SECStatus rv; + AESBlockFunc *decryptor; + decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) + ? &rijndael_decryptBlock128 + : &rijndael_decryptBlock; + while (inputLen > 0) { + rv = (*decryptor)(cx, output, input); + if (rv != SECSuccess) + return rv; + output += blocksize; + input += blocksize; + inputLen -= blocksize; + } + return SECSuccess; +} + +static SECStatus +rijndael_decryptCBC(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen, + int blocksize) +{ + SECStatus rv; + AESBlockFunc *decryptor; + const unsigned char *in; + unsigned char *out; + int j; + unsigned char newIV[RIJNDAEL_MAX_BLOCKSIZE]; + + if (!inputLen) + return SECSuccess; + PORT_Assert(output - input >= 0 || input - output >= (int)inputLen ); + decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) + ? &rijndael_decryptBlock128 + : &rijndael_decryptBlock; + in = input + (inputLen - blocksize); + memcpy(newIV, in, blocksize); + out = output + (inputLen - blocksize); + while (inputLen > blocksize) { + rv = (*decryptor)(cx, out, in); + if (rv != SECSuccess) + return rv; + for (j=0; j<blocksize; ++j) + out[j] ^= in[j - blocksize]; + out -= blocksize; + in -= blocksize; + inputLen -= blocksize; + } + if (in == input) { + rv = (*decryptor)(cx, out, in); + if (rv != SECSuccess) + return rv; + for (j=0; j<blocksize; ++j) + out[j] ^= cx->iv[j]; + } + memcpy(cx->iv, newIV, blocksize); + return SECSuccess; +} + +/************************************************************************ + * + * BLAPI Interface functions + * + * The following functions implement the encryption routines defined in + * BLAPI for the AES cipher, Rijndael. + * + ***********************************************************************/ + +/* AES_CreateContext + * + * create a new context for Rijndael operations + */ +AESContext * +AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt, + unsigned int keysize, unsigned int blocksize) +{ + AESContext *cx; + unsigned int Nk; + /* According to Rijndael AES Proposal, section 12.1, block and key + * lengths between 128 and 256 bits are supported, as long as the + * length in bytes is divisible by 4. + */ + if (key == NULL || + keysize < RIJNDAEL_MIN_BLOCKSIZE || + keysize > RIJNDAEL_MAX_BLOCKSIZE || + keysize % 4 != 0 || + blocksize < RIJNDAEL_MIN_BLOCKSIZE || + blocksize > RIJNDAEL_MAX_BLOCKSIZE || + blocksize % 4 != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + if (mode != NSS_AES && mode != NSS_AES_CBC) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + if (mode == NSS_AES_CBC && iv == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + cx = PORT_ZNew(AESContext); + if (!cx) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return NULL; + } + /* Nb = (block size in bits) / 32 */ + cx->Nb = blocksize / 4; + /* Nk = (key size in bits) / 32 */ + Nk = keysize / 4; + /* Obtain number of rounds from "table" */ + cx->Nr = RIJNDAEL_NUM_ROUNDS(Nk, cx->Nb); + /* copy in the iv, if neccessary */ + if (mode == NSS_AES_CBC) { + memcpy(cx->iv, iv, blocksize); + cx->worker = (encrypt) ? &rijndael_encryptCBC : &rijndael_decryptCBC; + } else { + cx->worker = (encrypt) ? &rijndael_encryptECB : &rijndael_decryptECB; + } + /* Allocate memory for the expanded key */ + cx->expandedKey = PORT_ZNewArray(PRUint32, cx->Nb * (cx->Nr + 1)); + if (!cx->expandedKey) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + goto cleanup; + } + /* Generate expanded key */ + if (encrypt) { + if (rijndael_key_expansion(cx, key, Nk) != SECSuccess) + goto cleanup; + } else { + if (rijndael_invkey_expansion(cx, key, Nk) != SECSuccess) + goto cleanup; + } + return cx; +cleanup: + if (cx->expandedKey) + PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1)); + PORT_ZFree(cx, sizeof *cx); + return NULL; +} + +/* + * AES_DestroyContext + * + * Zero an AES cipher context. If freeit is true, also free the pointer + * to the context. + */ +void +AES_DestroyContext(AESContext *cx, PRBool freeit) +{ + PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1)); + memset(cx, 0, sizeof *cx); + if (freeit) + PORT_Free(cx); +} + +/* + * AES_Encrypt + * + * Encrypt an arbitrary-length buffer. The output buffer must already be + * allocated to at least inputLen. + */ +SECStatus +AES_Encrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + int blocksize; + /* Check args */ + if (cx == NULL || output == NULL || input == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + blocksize = 4 * cx->Nb; + if (inputLen % blocksize != 0) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } + *outputLen = inputLen; +#if defined(RIJNDAEL_GENERATE_TABLES) || \ + defined(RIJNDAEL_GENERATE_TABLES_MACRO) + if (rijndaelTables == NULL) { + if (PR_CallOnce(&coRTInit, init_rijndael_tables) + != PR_SUCCESS) { + return PR_FAILURE; + } + } +#endif + return (*cx->worker)(cx, output, outputLen, maxOutputLen, + input, inputLen, blocksize); +} + +/* + * AES_Decrypt + * + * Decrypt and arbitrary-length buffer. The output buffer must already be + * allocated to at least inputLen. + */ +SECStatus +AES_Decrypt(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen) +{ + int blocksize; + /* Check args */ + if (cx == NULL || output == NULL || input == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + blocksize = 4 * cx->Nb; + if (inputLen % blocksize != 0) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + if (maxOutputLen < inputLen) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } + *outputLen = inputLen; +#if defined(RIJNDAEL_GENERATE_TABLES) || \ + defined(RIJNDAEL_GENERATE_TABLES_MACRO) + if (rijndaelTables == NULL) { + if (PR_CallOnce(&coRTInit, init_rijndael_tables) + != PR_SUCCESS) { + return PR_FAILURE; + } + } +#endif + return (*cx->worker)(cx, output, outputLen, maxOutputLen, + input, inputLen, blocksize); +} + diff --git a/security/nss/lib/freebl/rijndael.h b/security/nss/lib/freebl/rijndael.h new file mode 100644 index 000000000..2a928ae4f --- /dev/null +++ b/security/nss/lib/freebl/rijndael.h @@ -0,0 +1,86 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#ifndef _RIJNDAEL_H_ +#define _RIJNDAEL_H_ 1 + +#define RIJNDAEL_MIN_BLOCKSIZE 16 /* bytes */ +#define RIJNDAEL_MAX_BLOCKSIZE 32 /* bytes */ + +typedef SECStatus AESFunc(AESContext *cx, unsigned char *output, + unsigned int *outputLen, unsigned int maxOutputLen, + const unsigned char *input, unsigned int inputLen, + int blocksize); + +typedef SECStatus AESBlockFunc(AESContext *cx, + unsigned char *output, + const unsigned char *input); + +/* AESContextStr + * + * Values which maintain the state for Rijndael encryption/decryption. + * + * iv - initialization vector for CBC mode + * Nb - the number of bytes in a block, specified by user + * Nr - the number of rounds, specified by a table + * expandedKey - the round keys in 4-byte words, the length is Nr * Nb + * worker - the encryption/decryption function to use with this context + */ +struct AESContextStr +{ + unsigned int Nb; + unsigned int Nr; + PRUint32 *expandedKey; + AESFunc *worker; + unsigned char iv[RIJNDAEL_MAX_BLOCKSIZE]; +}; + +/* RIJNDAEL_NUM_ROUNDS + * + * Number of rounds per execution + * Nk - number of key bytes + * Nb - blocksize (in bytes) + */ +#define RIJNDAEL_NUM_ROUNDS(Nk, Nb) \ + (PR_MAX(Nk, Nb) + 6) + +/* RIJNDAEL_NUM_ROUNDS + * + * Maximum number of bytes in the state (spec includes up to 256-bit block + * size) + */ +#define RIJNDAEL_MAX_STATE_SIZE 32 + +#endif /* _RIJNDAEL_H_ */ diff --git a/security/nss/lib/freebl/rijndael32.tab b/security/nss/lib/freebl/rijndael32.tab new file mode 100644 index 000000000..6b78e2e8b --- /dev/null +++ b/security/nss/lib/freebl/rijndael32.tab @@ -0,0 +1,1215 @@ +#ifndef RIJNDAEL_INCLUDE_TABLES +static const PRUint8 _S[256] = +{ + 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, +202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, +183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, +208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, +205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, +224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, +231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, +186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, +112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, +225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, +140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22 +}; +#endif /* not RIJNDAEL_INCLUDE_TABLES */ + +static const PRUint8 _SInv[256] = +{ + 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251, +124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37, +114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, +108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, +144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6, +208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, +150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, +252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, +160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125 +}; + +#ifdef RIJNDAEL_INCLUDE_TABLES +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _T0[256] = +{ +0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 0xbd6b6bd6, +0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56, +0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f, +0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, +0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453, +0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c, +0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551, +0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a, +0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, +0x0f05050a, 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, +0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d, +0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b, +0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd, +0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, +0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d, +0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85, +0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a, +0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe, +0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, +0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, +0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5, +0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3, +0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755, +0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, +0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54, +0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428, +0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264, +0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8, +0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, +0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, +0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac, +0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810, +0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657, +0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, +0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c, +0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c, +0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199, +0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122, +0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, +0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, +0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7, +0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e, +0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c +}; +#else +static const PRUint32 _T0[256] = +{ +0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, +0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, +0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d, +0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, +0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7, +0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, +0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4, +0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, +0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1, +0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, +0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e, +0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, +0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e, +0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, +0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46, +0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, +0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7, +0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, +0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe, +0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, +0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a, +0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, +0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2, +0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, +0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e, +0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, +0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256, +0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, +0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4, +0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, +0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa, +0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, +0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1, +0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, +0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42, +0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, +0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158, +0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, +0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22, +0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, +0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631, +0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, +0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _T1[256] = +{ +0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd, +0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d, +0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, 0xcaca8f45, 0x82821f9d, +0xc9c98940, 0x7d7dfa87, 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b, +0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7, +0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a, +0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 0x3434685c, 0xa5a551f4, +0xe5e5d134, 0xf1f1f908, 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f, +0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1, +0x05050a0f, 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d, +0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 0x83831d9e, +0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb, +0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, 0x2929527b, 0xe3e3dd3e, +0x2f2f5e71, 0x84841397, 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c, +0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46, +0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a, +0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 0x434386c5, 0x4d4d9ad7, +0x33336655, 0x85851194, 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81, +0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe, +0x404080c0, 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104, +0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 0xffffe51a, +0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f, +0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, 0xc4c49357, 0xa7a755f2, +0x7e7efc82, 0x3d3d7a47, 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695, +0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e, +0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c, +0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 0xe0e0db3b, 0x32326456, +0x3a3a744e, 0x0a0a141e, 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4, +0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4, +0xe4e4d337, 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7, +0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 0x5656acfa, +0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018, +0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1, +0xb4b473c7, 0xc6c69751, 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21, +0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42, +0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12, +0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 0x86861791, 0xc1c19958, +0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233, +0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22, +0x87871592, 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a, +0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 0xe6e6d731, +0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11, +0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a +}; +#else +static const PRUint32 _T1[256] = +{ +0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0x0dfff2f2, 0xbdd66b6b, +0xb1de6f6f, 0x5491c5c5, 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b, +0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, 0x458fcaca, 0x9d1f8282, +0x4089c9c9, 0x87fa7d7d, 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0, +0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, 0xbf239c9c, 0xf753a4a4, +0x96e47272, 0x5b9bc0c0, 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626, +0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, 0x5c683434, 0xf451a5a5, +0x34d1e5e5, 0x08f9f1f1, 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515, +0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, 0x28301818, 0xa1379696, +0x0f0a0505, 0xb52f9a9a, 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2, +0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, 0x1b120909, 0x9e1d8383, +0x74582c2c, 0x2e341a1a, 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0, +0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, 0x7b522929, 0x3edde3e3, +0x715e2f2f, 0x97138484, 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded, +0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, 0xbed46a6a, 0x468dcbcb, +0xd967bebe, 0x4b723939, 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf, +0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, 0xc5864343, 0xd79a4d4d, +0x55663333, 0x94118585, 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f, +0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, 0xf3a25151, 0xfe5da3a3, +0xc0804040, 0x8a058f8f, 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5, +0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, 0x30201010, 0x1ae5ffff, +0x0efdf3f3, 0x6dbfd2d2, 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec, +0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, 0x5793c4c4, 0xf255a7a7, +0x82fc7e7e, 0x477a3d3d, 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373, +0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, 0x66442222, 0x7e542a2a, +0xab3b9090, 0x830b8888, 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414, +0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, 0x3bdbe0e0, 0x56643232, +0x4e743a3a, 0x1e140a0a, 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c, +0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, 0xa8399191, 0xa4319595, +0x37d3e4e4, 0x8bf27979, 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d, +0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, 0xb4d86c6c, 0xfaac5656, +0x07f3f4f4, 0x25cfeaea, 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808, +0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, 0x24381c1c, 0xf157a6a6, +0xc773b4b4, 0x5197c6c6, 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f, +0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, 0x90e07070, 0x427c3e3e, +0xc471b5b5, 0xaacc6666, 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e, +0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, 0x91178686, 0x5899c1c1, +0x273a1d1d, 0xb9279e9e, 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111, +0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, 0xb62d9b9b, 0x223c1e1e, +0x92158787, 0x20c9e9e9, 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf, +0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, 0xda65bfbf, 0x31d7e6e6, +0xc6844242, 0xb8d06868, 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, +0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _T2[256] = +{ +0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b, +0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b, +0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, 0xca8f45ca, 0x821f9d82, +0xc98940c9, 0x7dfa877d, 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0, +0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4, +0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26, +0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 0x34685c34, 0xa551f4a5, +0xe5d134e5, 0xf1f908f1, 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15, +0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196, +0x050a0f05, 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2, +0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 0x831d9e83, +0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0, +0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, 0x29527b29, 0xe3dd3ee3, +0x2f5e712f, 0x84139784, 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced, +0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb, +0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf, +0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 0x4386c543, 0x4d9ad74d, +0x33665533, 0x85119485, 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f, +0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3, +0x4080c040, 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5, +0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 0xffe51aff, +0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec, +0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, 0xc49357c4, 0xa755f2a7, +0x7efc827e, 0x3d7a473d, 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573, +0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a, +0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14, +0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 0xe0db3be0, 0x32645632, +0x3a744e3a, 0x0a141e0a, 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c, +0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495, +0xe4d337e4, 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d, +0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 0x56acfa56, +0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808, +0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, 0x1c38241c, 0xa657f1a6, +0xb473c7b4, 0xc69751c6, 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f, +0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e, +0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e, +0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 0x86179186, 0xc19958c1, +0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311, +0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e, +0x87159287, 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf, +0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 0xe6d731e6, +0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f, +0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16 +}; +#else +static const PRUint32 _T2[256] = +{ +0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b, +0x6fb1de6f, 0xc55491c5, 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b, +0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, 0xca458fca, 0x829d1f82, +0xc94089c9, 0x7d87fa7d, 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0, +0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, 0x9cbf239c, 0xa4f753a4, +0x7296e472, 0xc05b9bc0, 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26, +0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, 0x345c6834, 0xa5f451a5, +0xe534d1e5, 0xf108f9f1, 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15, +0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, 0x18283018, 0x96a13796, +0x050f0a05, 0x9ab52f9a, 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2, +0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, 0x091b1209, 0x839e1d83, +0x2c74582c, 0x1a2e341a, 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0, +0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, 0x297b5229, 0xe33edde3, +0x2f715e2f, 0x84971384, 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed, +0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, 0x6abed46a, 0xcb468dcb, +0xbed967be, 0x394b7239, 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf, +0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, 0x43c58643, 0x4dd79a4d, +0x33556633, 0x85941185, 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f, +0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, 0x51f3a251, 0xa3fe5da3, +0x40c08040, 0x8f8a058f, 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5, +0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, 0x10302010, 0xff1ae5ff, +0xf30efdf3, 0xd26dbfd2, 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec, +0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, 0xc45793c4, 0xa7f255a7, +0x7e82fc7e, 0x3d477a3d, 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673, +0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, 0x22664422, 0x2a7e542a, +0x90ab3b90, 0x88830b88, 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814, +0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, 0xe03bdbe0, 0x32566432, +0x3a4e743a, 0x0a1e140a, 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c, +0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, 0x91a83991, 0x95a43195, +0xe437d3e4, 0x798bf279, 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d, +0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, 0x6cb4d86c, 0x56faac56, +0xf407f3f4, 0xea25cfea, 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008, +0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, 0x1c24381c, 0xa6f157a6, +0xb4c773b4, 0xc65197c6, 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f, +0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, 0x7090e070, 0x3e427c3e, +0xb5c471b5, 0x66aacc66, 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e, +0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, 0x86911786, 0xc15899c1, +0x1d273a1d, 0x9eb9279e, 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211, +0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, 0x9bb62d9b, 0x1e223c1e, +0x87921587, 0xe920c9e9, 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df, +0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, 0xbfda65bf, 0xe631d7e6, +0x42c68442, 0x68b8d068, 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f, +0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _T3[256] = +{ +0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b, +0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b, +0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, 0x8f45caca, 0x1f9d8282, +0x8940c9c9, 0xfa877d7d, 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0, +0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4, +0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626, +0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 0x685c3434, 0x51f4a5a5, +0xd134e5e5, 0xf908f1f1, 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515, +0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696, +0x0a0f0505, 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2, +0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 0x1d9e8383, +0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0, +0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3, +0x5e712f2f, 0x13978484, 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded, +0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb, +0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf, +0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 0x86c54343, 0x9ad74d4d, +0x66553333, 0x11948585, 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f, +0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3, +0x80c04040, 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5, +0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 0xe51affff, +0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec, +0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, 0x9357c4c4, 0x55f2a7a7, +0xfc827e7e, 0x7a473d3d, 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373, +0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a, +0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414, +0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 0xdb3be0e0, 0x64563232, +0x744e3a3a, 0x141e0a0a, 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c, +0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595, +0xd337e4e4, 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d, +0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 0xacfa5656, +0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808, +0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, 0x38241c1c, 0x57f1a6a6, +0x73c7b4b4, 0x9751c6c6, 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f, +0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e, +0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e, +0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 0x17918686, 0x9958c1c1, +0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111, +0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e, +0x15928787, 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf, +0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 0xd731e6e6, +0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f, +0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616 +}; +#else +static const PRUint32 _T3[256] = +{ +0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6, +0x6f6fb1de, 0xc5c55491, 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56, +0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, 0xcaca458f, 0x82829d1f, +0xc9c94089, 0x7d7d87fa, 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb, +0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, 0x9c9cbf23, 0xa4a4f753, +0x727296e4, 0xc0c05b9b, 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c, +0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, 0x34345c68, 0xa5a5f451, +0xe5e534d1, 0xf1f108f9, 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a, +0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, 0x18182830, 0x9696a137, +0x05050f0a, 0x9a9ab52f, 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf, +0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, 0x09091b12, 0x83839e1d, +0x2c2c7458, 0x1a1a2e34, 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b, +0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, 0x29297b52, 0xe3e33edd, +0x2f2f715e, 0x84849713, 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1, +0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, 0x6a6abed4, 0xcbcb468d, +0xbebed967, 0x39394b72, 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85, +0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, 0x4343c586, 0x4d4dd79a, +0x33335566, 0x85859411, 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe, +0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, 0x5151f3a2, 0xa3a3fe5d, +0x4040c080, 0x8f8f8a05, 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1, +0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, 0x10103020, 0xffff1ae5, +0xf3f30efd, 0xd2d26dbf, 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3, +0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, 0xc4c45793, 0xa7a7f255, +0x7e7e82fc, 0x3d3d477a, 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6, +0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, 0x22226644, 0x2a2a7e54, +0x9090ab3b, 0x8888830b, 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28, +0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, 0xe0e03bdb, 0x32325664, +0x3a3a4e74, 0x0a0a1e14, 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8, +0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, 0x9191a839, 0x9595a431, +0xe4e437d3, 0x79798bf2, 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da, +0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, 0x6c6cb4d8, 0x5656faac, +0xf4f407f3, 0xeaea25cf, 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810, +0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, 0x1c1c2438, 0xa6a6f157, +0xb4b4c773, 0xc6c65197, 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e, +0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, 0x707090e0, 0x3e3e427c, +0xb5b5c471, 0x6666aacc, 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c, +0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, 0x86869117, 0xc1c15899, +0x1d1d273a, 0x9e9eb927, 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322, +0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, 0x9b9bb62d, 0x1e1e223c, +0x87879215, 0xe9e920c9, 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5, +0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, 0xbfbfda65, 0xe6e631d7, +0x4242c684, 0x6868b8d0, 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e, +0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _TInv0[256] = +{ +0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f, +0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5, +0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25, +0x980eea45, 0xe1c0fe5d, 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, +0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458, +0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927, +0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5, +0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9, +0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, +0x578f1fe3, 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, +0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7, +0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4, +0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040, +0x069f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, +0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6, +0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879, +0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 0x83868009, 0x48ed2b32, +0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36, +0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, +0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, +0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 0xadc78bf2, +0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3, +0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb, +0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, +0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc, +0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947, +0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9, +0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f, +0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, +0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, +0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 0xf418596e, +0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef, +0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a, +0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, +0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43, +0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546, +0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92, +0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb, +0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, +0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, +0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0x0c25e2bc, +0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664, +0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0 +}; +#else +static const PRUint32 _TInv0[256] = +{ +0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, +0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, +0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67, +0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, +0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3, +0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, +0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182, +0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, +0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2, +0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, +0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492, +0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, +0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa, +0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, +0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997, +0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, +0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48, +0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, +0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f, +0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, +0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad, +0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, +0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc, +0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, +0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3, +0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, +0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1, +0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, +0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8, +0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, +0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4, +0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, +0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331, +0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, +0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d, +0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, +0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252, +0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, +0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f, +0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, +0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c, +0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, +0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _TInv1[256] = +{ +0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1, +0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525, +0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f, 0x5ab1de49, 0x1bba2567, +0x0eea4598, 0xc0fe5de1, 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6, +0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3, +0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd, +0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 0x4adf6318, 0x311ae582, +0x33519760, 0x7f536245, 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994, +0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2, +0x8f1fe357, 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5, +0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 0xb479a792, +0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a, +0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475, 0xec830b39, 0xef6040aa, +0x9f715e06, 0x106ebd51, 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46, +0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697, +0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db, +0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 0x86800983, 0xed2b3248, +0x70111eac, 0x725a6c4e, 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627, +0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f, +0x96eeb4d2, 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16, +0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 0xc78bf2ad, +0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd, +0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34, 0x29438b76, 0xc623cbdc, +0xfcedb668, 0xf1e4b863, 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420, +0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3, +0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722, +0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 0x4e4987c7, 0xd138d9c1, +0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4, +0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8, +0xf7392e5e, 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3, +0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 0x18596ef4, +0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6, +0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6, 0xb2a431af, 0x233f2a31, +0x94a5c630, 0x66a235c0, 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315, +0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d, +0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f, +0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 0x1d67b35a, 0xd2db9252, +0x5610e933, 0x47d66d13, 0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89, +0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f, +0xce141879, 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886, +0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 0x25e2bc0c, +0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490, +0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042 +}; +#else +static const PRUint32 _TInv1[256] = +{ +0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45, +0xabacfa58, 0x934be303, 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c, +0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, 0x49deb15a, 0x6725ba1b, +0x9845ea0e, 0xe15dfec0, 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9, +0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, 0x2dd4be83, 0xd3587421, +0x2949e069, 0x448ec9c8, 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971, +0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, 0x1863df4a, 0x82e51a31, +0x60975133, 0x4562537f, 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b, +0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, 0x23ab73d3, 0xe2724b02, +0x57e31f8f, 0x2a6655ab, 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708, +0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, 0x2b8acf1c, 0x92a779b4, +0xf0f307f2, 0xa14e69e2, 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe, +0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, 0x390b83ec, 0xaa4060ef, +0x065e719f, 0x51bd6e10, 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd, +0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, 0x241998fb, 0x97d6bde9, +0xcc894043, 0x7767d99e, 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee, +0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, 0x83098086, 0x48322bed, +0xac1e1170, 0x4e6c5a72, 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39, +0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, 0xb10c0a67, 0x0f9357e7, +0xd2b4ee96, 0x9e1b9b91, 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a, +0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, 0x0b0e090d, 0xadf28bc7, +0xb92db6a8, 0xc8141ea9, 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60, +0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, 0x768b4329, 0xdccb23c6, +0x68b6edfc, 0x63b8e4f1, 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611, +0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, 0x4b1d9e2f, 0xf3dcb230, +0xec0d8652, 0xd077c1e3, 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964, +0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, 0xc787494e, 0xc1d938d1, +0xfe8ccaa2, 0x3698d40b, 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf, +0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, 0xc2f68d13, 0xe890d8b8, +0x5e2e39f7, 0xf582c3af, 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512, +0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, 0x09cd2678, 0xf46e5918, +0x01ec9ab7, 0xa8834f9a, 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8, +0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, 0xaf31a4b2, 0x312a3f23, +0x30c6a594, 0xc035a266, 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8, +0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, 0x8d764dd6, 0x4d43efb0, +0x54ccaa4d, 0xdfe49604, 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551, +0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, 0x5ab3671d, 0x5292dbd2, +0x33e91056, 0x136dd647, 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c, +0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, 0x599cd2df, 0x3f55f273, +0x791814ce, 0xbf73c737, 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db, +0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, 0x72161dc3, 0x0cbce225, +0x8b283c49, 0x41ff0d95, 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1, +0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _TInv2[256] = +{ +0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145, +0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c, +0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3, 0xb1de495a, 0xba25671b, +0xea45980e, 0xfe5de1c0, 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9, +0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321, +0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71, +0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 0xdf63184a, 0x1ae58231, +0x51976033, 0x5362457f, 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b, +0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202, +0x1fe3578f, 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508, +0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 0x79a792b4, +0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe, +0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb, 0x830b39ec, 0x6040aaef, +0x715e069f, 0x6ebd5110, 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd, +0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9, +0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee, +0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 0x80098386, 0x2b3248ed, +0x111eac70, 0x5a6c4e72, 0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739, +0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7, +0xeeb4d296, 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a, +0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 0x8bf2adc7, +0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60, +0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e, 0x438b7629, 0x23cbdcc6, +0xedb668fc, 0xe4b863f1, 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011, +0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330, +0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264, +0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 0x4987c74e, 0x38d9c1d1, +0xca8cfea2, 0xd498360b, 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf, +0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8, +0x392e5ef7, 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312, +0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 0x596ef418, +0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8, +0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c, 0xa431afb2, 0x3f2a3123, +0xa5c63094, 0xa235c066, 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8, +0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0, +0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51, +0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 0x67b35a1d, 0xdb9252d2, +0x10e93356, 0xd66d1347, 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c, +0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73, +0x141879ce, 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db, +0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 0xe2bc0c25, +0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1, +0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257 +}; +#else +static const PRUint32 _TInv2[256] = +{ +0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d, +0x58abacfa, 0x03934be3, 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502, +0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, 0x5a49deb1, 0x1b6725ba, +0x0e9845ea, 0xc0e15dfe, 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3, +0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, 0x832dd4be, 0x21d35874, +0x692949e0, 0xc8448ec9, 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9, +0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, 0x4a1863df, 0x3182e51a, +0x33609751, 0x7f456253, 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908, +0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, 0xd323ab73, 0x02e2724b, +0x8f57e31f, 0xab2a6655, 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337, +0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, 0x1c2b8acf, 0xb492a779, +0xf2f0f307, 0xe2a14e69, 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6, +0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, 0xec390b83, 0xefaa4060, +0x9f065e71, 0x1051bd6e, 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6, +0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, 0xfb241998, 0xe997d6bd, +0x43cc8940, 0x9e7767d9, 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8, +0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, 0x86830980, 0xed48322b, +0x70ac1e11, 0x724e6c5a, 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d, +0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, 0x67b10c0a, 0xe70f9357, +0x96d2b4ee, 0x919e1b9b, 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12, +0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, 0x0d0b0e09, 0xc7adf28b, +0xa8b92db6, 0xa9c8141e, 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f, +0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, 0x29768b43, 0xc6dccb23, +0xfc68b6ed, 0xf163b8e4, 0xdccad731, 0x85104263, 0x22401397, 0x112084c6, +0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, 0x2f4b1d9e, 0x30f3dcb2, +0x52ec0d86, 0xe3d077c1, 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9, +0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, 0x4ec78749, 0xd1c1d938, +0xa2fe8cca, 0x0b3698d4, 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad, +0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, 0x13c2f68d, 0xb8e890d8, +0xf75e2e39, 0xaff582c3, 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25, +0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, 0x7809cd26, 0x18f46e59, +0xb701ec9a, 0x9aa8834f, 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15, +0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, 0xb2af31a4, 0x23312a3f, +0x9430c6a5, 0x66c035a2, 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7, +0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, 0xd68d764d, 0xb04d43ef, +0x4d54ccaa, 0x04dfe496, 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665, +0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, 0x1d5ab367, 0xd25292db, +0x5633e910, 0x47136dd6, 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13, +0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, 0xdf599cd2, 0x733f55f2, +0xce791814, 0x37bf73c7, 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844, +0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, 0xc372161d, 0x250cbce2, +0x498b283c, 0x9541ff0d, 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456, +0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _TInv3[256] = +{ +0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d, +0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02, +0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362, 0xde495ab1, 0x25671bba, +0x45980eea, 0x5de1c0fe, 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3, +0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174, +0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9, +0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 0x63184adf, 0xe582311a, +0x97603351, 0x62457f53, 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08, +0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b, +0xe3578f1f, 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837, +0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 0xa792b479, +0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6, +0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6, 0x0b39ec83, 0x40aaef60, +0x5e069f71, 0xbd51106e, 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6, +0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd, +0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8, +0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 0x09838680, 0x3248ed2b, +0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d, +0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757, +0xb4d296ee, 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12, +0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 0xf2adc78b, +0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f, +0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb, 0x8b762943, 0xcbdcc623, +0xb668fced, 0xb863f1e4, 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6, +0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2, +0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9, +0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 0x87c74e49, 0xd9c1d138, +0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad, +0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8, +0x2e5ef739, 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225, +0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 0x6ef41859, +0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815, +0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0, 0x31afb2a4, 0x2a31233f, +0xc63094a5, 0x35c066a2, 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7, +0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef, +0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165, +0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 0xb35a1d67, 0x9252d2db, +0xe9335610, 0x6d1347d6, 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13, +0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2, +0x1879ce14, 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44, +0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 0xbc0c25e2, +0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156, +0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8 +}; +#else +static const PRUint32 _TInv3[256] = +{ +0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f, +0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5, +0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725, +0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, +0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358, +0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, +0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5, +0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9, +0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272, +0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, +0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7, +0x07f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4, +0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40, +0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, +0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6, +0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, +0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, 0x80868309, 0x2bed4832, +0x1170ac1e, 0x5a724e6c, 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, +0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0x0a67b10c, 0x57e70f93, +0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, +0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x090d0b0e, 0x8bc7adf2, +0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, +0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb, +0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, +0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc, +0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, +0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9, +0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, +0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890, +0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, +0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e, +0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, +0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a, +0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, +0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43, +0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, +0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, 0x671d5ab3, 0xdbd25292, +0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, +0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55, +0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, +0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc, +0x3c498b28, 0x0d9541ff, 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064, +0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _IMXC0[256] = +{ +0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36, +0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362, +0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, 0xb0d090e0, 0xbbdd99ee, +0xa6ca82fc, 0xadc78bf2, 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca, +0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, 0xc48cfca8, 0xcf81f5a6, +0xd296eeb4, 0xd99be7ba, 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9, +0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, 0x23d373ab, 0x28de7aa5, +0x35c961b7, 0x3ec468b9, 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81, +0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, 0xe75f8f03, 0xec52860d, +0xf1459d1f, 0xfa489411, 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859, +0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, 0xf66d76ad, 0xfd607fa3, +0xe07764b1, 0xeb7a6dbf, 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987, +0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, 0x82311ae5, 0x893c13eb, +0x942b08f9, 0x9f2601f7, 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f, +0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, 0x1ed5ae3d, 0x15d8a733, +0x08cfbc21, 0x03c2b52f, 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117, +0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, 0xa1e2694e, 0xaaef6040, +0xb7f87b52, 0xbcf5725c, 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14, +0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, 0x3d06dd96, 0x360bd498, +0x2b1ccf8a, 0x2011c684, 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc, +0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, 0x495ab1de, 0x4257b8d0, +0x5f40a3c2, 0x544daacc, 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753, +0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, 0xafb2a431, 0xa4bfad3f, +0xb9a8b62d, 0xb2a5bf23, 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b, +0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, 0x6b3e5899, 0x60335197, +0x7d244a85, 0x7629438b, 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3, +0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, 0x8c61d79a, 0x876cde94, +0x9a7bc586, 0x9176cc88, 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0, +0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, 0xf83dbbd2, 0xf330b2dc, +0xee27a9ce, 0xe52aa0c0, 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68, +0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, 0x64d90f0a, 0x6fd40604, +0x72c31d16, 0x79ce1418, 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020, +0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, 0x2d83bed4, 0x268eb7da, +0x3b99acc8, 0x3094a5c6, 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e, +0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, 0xb1670a0c, 0xba6a0302, +0xa77d1810, 0xac70111e, 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526, +0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, 0xc53b6644, 0xce366f4a, +0xd3217458, 0xd82c7d56, 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25, +0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, 0x2264e947, 0x2969e049, +0x347efb5b, 0x3f73f255, 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d, +0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, 0xe6e815ef, 0xede51ce1, +0xf0f207f3, 0xfbff0efd, 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5, +0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d +}; +#else +static const PRUint32 _IMXC0[256] = +{ +0x00000000, 0x0e090d0b, 0x1c121a16, 0x121b171d, 0x3824342c, 0x362d3927, +0x24362e3a, 0x2a3f2331, 0x70486858, 0x7e416553, 0x6c5a724e, 0x62537f45, +0x486c5c74, 0x4665517f, 0x547e4662, 0x5a774b69, 0xe090d0b0, 0xee99ddbb, +0xfc82caa6, 0xf28bc7ad, 0xd8b4e49c, 0xd6bde997, 0xc4a6fe8a, 0xcaaff381, +0x90d8b8e8, 0x9ed1b5e3, 0x8ccaa2fe, 0x82c3aff5, 0xa8fc8cc4, 0xa6f581cf, +0xb4ee96d2, 0xbae79bd9, 0xdb3bbb7b, 0xd532b670, 0xc729a16d, 0xc920ac66, +0xe31f8f57, 0xed16825c, 0xff0d9541, 0xf104984a, 0xab73d323, 0xa57ade28, +0xb761c935, 0xb968c43e, 0x9357e70f, 0x9d5eea04, 0x8f45fd19, 0x814cf012, +0x3bab6bcb, 0x35a266c0, 0x27b971dd, 0x29b07cd6, 0x038f5fe7, 0x0d8652ec, +0x1f9d45f1, 0x119448fa, 0x4be30393, 0x45ea0e98, 0x57f11985, 0x59f8148e, +0x73c737bf, 0x7dce3ab4, 0x6fd52da9, 0x61dc20a2, 0xad766df6, 0xa37f60fd, +0xb16477e0, 0xbf6d7aeb, 0x955259da, 0x9b5b54d1, 0x894043cc, 0x87494ec7, +0xdd3e05ae, 0xd33708a5, 0xc12c1fb8, 0xcf2512b3, 0xe51a3182, 0xeb133c89, +0xf9082b94, 0xf701269f, 0x4de6bd46, 0x43efb04d, 0x51f4a750, 0x5ffdaa5b, +0x75c2896a, 0x7bcb8461, 0x69d0937c, 0x67d99e77, 0x3daed51e, 0x33a7d815, +0x21bccf08, 0x2fb5c203, 0x058ae132, 0x0b83ec39, 0x1998fb24, 0x1791f62f, +0x764dd68d, 0x7844db86, 0x6a5fcc9b, 0x6456c190, 0x4e69e2a1, 0x4060efaa, +0x527bf8b7, 0x5c72f5bc, 0x0605bed5, 0x080cb3de, 0x1a17a4c3, 0x141ea9c8, +0x3e218af9, 0x302887f2, 0x223390ef, 0x2c3a9de4, 0x96dd063d, 0x98d40b36, +0x8acf1c2b, 0x84c61120, 0xaef93211, 0xa0f03f1a, 0xb2eb2807, 0xbce2250c, +0xe6956e65, 0xe89c636e, 0xfa877473, 0xf48e7978, 0xdeb15a49, 0xd0b85742, +0xc2a3405f, 0xccaa4d54, 0x41ecdaf7, 0x4fe5d7fc, 0x5dfec0e1, 0x53f7cdea, +0x79c8eedb, 0x77c1e3d0, 0x65daf4cd, 0x6bd3f9c6, 0x31a4b2af, 0x3fadbfa4, +0x2db6a8b9, 0x23bfa5b2, 0x09808683, 0x07898b88, 0x15929c95, 0x1b9b919e, +0xa17c0a47, 0xaf75074c, 0xbd6e1051, 0xb3671d5a, 0x99583e6b, 0x97513360, +0x854a247d, 0x8b432976, 0xd134621f, 0xdf3d6f14, 0xcd267809, 0xc32f7502, +0xe9105633, 0xe7195b38, 0xf5024c25, 0xfb0b412e, 0x9ad7618c, 0x94de6c87, +0x86c57b9a, 0x88cc7691, 0xa2f355a0, 0xacfa58ab, 0xbee14fb6, 0xb0e842bd, +0xea9f09d4, 0xe49604df, 0xf68d13c2, 0xf8841ec9, 0xd2bb3df8, 0xdcb230f3, +0xcea927ee, 0xc0a02ae5, 0x7a47b13c, 0x744ebc37, 0x6655ab2a, 0x685ca621, +0x42638510, 0x4c6a881b, 0x5e719f06, 0x5078920d, 0x0a0fd964, 0x0406d46f, +0x161dc372, 0x1814ce79, 0x322bed48, 0x3c22e043, 0x2e39f75e, 0x2030fa55, +0xec9ab701, 0xe293ba0a, 0xf088ad17, 0xfe81a01c, 0xd4be832d, 0xdab78e26, +0xc8ac993b, 0xc6a59430, 0x9cd2df59, 0x92dbd252, 0x80c0c54f, 0x8ec9c844, +0xa4f6eb75, 0xaaffe67e, 0xb8e4f163, 0xb6edfc68, 0x0c0a67b1, 0x02036aba, +0x10187da7, 0x1e1170ac, 0x342e539d, 0x3a275e96, 0x283c498b, 0x26354480, +0x7c420fe9, 0x724b02e2, 0x605015ff, 0x6e5918f4, 0x44663bc5, 0x4a6f36ce, +0x587421d3, 0x567d2cd8, 0x37a10c7a, 0x39a80171, 0x2bb3166c, 0x25ba1b67, +0x0f853856, 0x018c355d, 0x13972240, 0x1d9e2f4b, 0x47e96422, 0x49e06929, +0x5bfb7e34, 0x55f2733f, 0x7fcd500e, 0x71c45d05, 0x63df4a18, 0x6dd64713, +0xd731dcca, 0xd938d1c1, 0xcb23c6dc, 0xc52acbd7, 0xef15e8e6, 0xe11ce5ed, +0xf307f2f0, 0xfd0efffb, 0xa779b492, 0xa970b999, 0xbb6bae84, 0xb562a38f, +0x9f5d80be, 0x91548db5, 0x834f9aa8, 0x8d4697a3 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _IMXC1[256] = +{ +0x00000000, 0x0d090e0b, 0x1a121c16, 0x171b121d, 0x3424382c, 0x392d3627, +0x2e36243a, 0x233f2a31, 0x68487058, 0x65417e53, 0x725a6c4e, 0x7f536245, +0x5c6c4874, 0x5165467f, 0x467e5462, 0x4b775a69, 0xd090e0b0, 0xdd99eebb, +0xca82fca6, 0xc78bf2ad, 0xe4b4d89c, 0xe9bdd697, 0xfea6c48a, 0xf3afca81, +0xb8d890e8, 0xb5d19ee3, 0xa2ca8cfe, 0xafc382f5, 0x8cfca8c4, 0x81f5a6cf, +0x96eeb4d2, 0x9be7bad9, 0xbb3bdb7b, 0xb632d570, 0xa129c76d, 0xac20c966, +0x8f1fe357, 0x8216ed5c, 0x950dff41, 0x9804f14a, 0xd373ab23, 0xde7aa528, +0xc961b735, 0xc468b93e, 0xe757930f, 0xea5e9d04, 0xfd458f19, 0xf04c8112, +0x6bab3bcb, 0x66a235c0, 0x71b927dd, 0x7cb029d6, 0x5f8f03e7, 0x52860dec, +0x459d1ff1, 0x489411fa, 0x03e34b93, 0x0eea4598, 0x19f15785, 0x14f8598e, +0x37c773bf, 0x3ace7db4, 0x2dd56fa9, 0x20dc61a2, 0x6d76adf6, 0x607fa3fd, +0x7764b1e0, 0x7a6dbfeb, 0x595295da, 0x545b9bd1, 0x434089cc, 0x4e4987c7, +0x053eddae, 0x0837d3a5, 0x1f2cc1b8, 0x1225cfb3, 0x311ae582, 0x3c13eb89, +0x2b08f994, 0x2601f79f, 0xbde64d46, 0xb0ef434d, 0xa7f45150, 0xaafd5f5b, +0x89c2756a, 0x84cb7b61, 0x93d0697c, 0x9ed96777, 0xd5ae3d1e, 0xd8a73315, +0xcfbc2108, 0xc2b52f03, 0xe18a0532, 0xec830b39, 0xfb981924, 0xf691172f, +0xd64d768d, 0xdb447886, 0xcc5f6a9b, 0xc1566490, 0xe2694ea1, 0xef6040aa, +0xf87b52b7, 0xf5725cbc, 0xbe0506d5, 0xb30c08de, 0xa4171ac3, 0xa91e14c8, +0x8a213ef9, 0x872830f2, 0x903322ef, 0x9d3a2ce4, 0x06dd963d, 0x0bd49836, +0x1ccf8a2b, 0x11c68420, 0x32f9ae11, 0x3ff0a01a, 0x28ebb207, 0x25e2bc0c, +0x6e95e665, 0x639ce86e, 0x7487fa73, 0x798ef478, 0x5ab1de49, 0x57b8d042, +0x40a3c25f, 0x4daacc54, 0xdaec41f7, 0xd7e54ffc, 0xc0fe5de1, 0xcdf753ea, +0xeec879db, 0xe3c177d0, 0xf4da65cd, 0xf9d36bc6, 0xb2a431af, 0xbfad3fa4, +0xa8b62db9, 0xa5bf23b2, 0x86800983, 0x8b890788, 0x9c921595, 0x919b1b9e, +0x0a7ca147, 0x0775af4c, 0x106ebd51, 0x1d67b35a, 0x3e58996b, 0x33519760, +0x244a857d, 0x29438b76, 0x6234d11f, 0x6f3ddf14, 0x7826cd09, 0x752fc302, +0x5610e933, 0x5b19e738, 0x4c02f525, 0x410bfb2e, 0x61d79a8c, 0x6cde9487, +0x7bc5869a, 0x76cc8891, 0x55f3a2a0, 0x58faacab, 0x4fe1beb6, 0x42e8b0bd, +0x099fead4, 0x0496e4df, 0x138df6c2, 0x1e84f8c9, 0x3dbbd2f8, 0x30b2dcf3, +0x27a9ceee, 0x2aa0c0e5, 0xb1477a3c, 0xbc4e7437, 0xab55662a, 0xa65c6821, +0x85634210, 0x886a4c1b, 0x9f715e06, 0x9278500d, 0xd90f0a64, 0xd406046f, +0xc31d1672, 0xce141879, 0xed2b3248, 0xe0223c43, 0xf7392e5e, 0xfa302055, +0xb79aec01, 0xba93e20a, 0xad88f017, 0xa081fe1c, 0x83bed42d, 0x8eb7da26, +0x99acc83b, 0x94a5c630, 0xdfd29c59, 0xd2db9252, 0xc5c0804f, 0xc8c98e44, +0xebf6a475, 0xe6ffaa7e, 0xf1e4b863, 0xfcedb668, 0x670a0cb1, 0x6a0302ba, +0x7d1810a7, 0x70111eac, 0x532e349d, 0x5e273a96, 0x493c288b, 0x44352680, +0x0f427ce9, 0x024b72e2, 0x155060ff, 0x18596ef4, 0x3b6644c5, 0x366f4ace, +0x217458d3, 0x2c7d56d8, 0x0ca1377a, 0x01a83971, 0x16b32b6c, 0x1bba2567, +0x38850f56, 0x358c015d, 0x22971340, 0x2f9e1d4b, 0x64e94722, 0x69e04929, +0x7efb5b34, 0x73f2553f, 0x50cd7f0e, 0x5dc47105, 0x4adf6318, 0x47d66d13, +0xdc31d7ca, 0xd138d9c1, 0xc623cbdc, 0xcb2ac5d7, 0xe815efe6, 0xe51ce1ed, +0xf207f3f0, 0xff0efdfb, 0xb479a792, 0xb970a999, 0xae6bbb84, 0xa362b58f, +0x805d9fbe, 0x8d5491b5, 0x9a4f83a8, 0x97468da3 +}; +#else +static const PRUint32 _IMXC1[256] = +{ +0x00000000, 0x0b0e090d, 0x161c121a, 0x1d121b17, 0x2c382434, 0x27362d39, +0x3a24362e, 0x312a3f23, 0x58704868, 0x537e4165, 0x4e6c5a72, 0x4562537f, +0x74486c5c, 0x7f466551, 0x62547e46, 0x695a774b, 0xb0e090d0, 0xbbee99dd, +0xa6fc82ca, 0xadf28bc7, 0x9cd8b4e4, 0x97d6bde9, 0x8ac4a6fe, 0x81caaff3, +0xe890d8b8, 0xe39ed1b5, 0xfe8ccaa2, 0xf582c3af, 0xc4a8fc8c, 0xcfa6f581, +0xd2b4ee96, 0xd9bae79b, 0x7bdb3bbb, 0x70d532b6, 0x6dc729a1, 0x66c920ac, +0x57e31f8f, 0x5ced1682, 0x41ff0d95, 0x4af10498, 0x23ab73d3, 0x28a57ade, +0x35b761c9, 0x3eb968c4, 0x0f9357e7, 0x049d5eea, 0x198f45fd, 0x12814cf0, +0xcb3bab6b, 0xc035a266, 0xdd27b971, 0xd629b07c, 0xe7038f5f, 0xec0d8652, +0xf11f9d45, 0xfa119448, 0x934be303, 0x9845ea0e, 0x8557f119, 0x8e59f814, +0xbf73c737, 0xb47dce3a, 0xa96fd52d, 0xa261dc20, 0xf6ad766d, 0xfda37f60, +0xe0b16477, 0xebbf6d7a, 0xda955259, 0xd19b5b54, 0xcc894043, 0xc787494e, +0xaedd3e05, 0xa5d33708, 0xb8c12c1f, 0xb3cf2512, 0x82e51a31, 0x89eb133c, +0x94f9082b, 0x9ff70126, 0x464de6bd, 0x4d43efb0, 0x5051f4a7, 0x5b5ffdaa, +0x6a75c289, 0x617bcb84, 0x7c69d093, 0x7767d99e, 0x1e3daed5, 0x1533a7d8, +0x0821bccf, 0x032fb5c2, 0x32058ae1, 0x390b83ec, 0x241998fb, 0x2f1791f6, +0x8d764dd6, 0x867844db, 0x9b6a5fcc, 0x906456c1, 0xa14e69e2, 0xaa4060ef, +0xb7527bf8, 0xbc5c72f5, 0xd50605be, 0xde080cb3, 0xc31a17a4, 0xc8141ea9, +0xf93e218a, 0xf2302887, 0xef223390, 0xe42c3a9d, 0x3d96dd06, 0x3698d40b, +0x2b8acf1c, 0x2084c611, 0x11aef932, 0x1aa0f03f, 0x07b2eb28, 0x0cbce225, +0x65e6956e, 0x6ee89c63, 0x73fa8774, 0x78f48e79, 0x49deb15a, 0x42d0b857, +0x5fc2a340, 0x54ccaa4d, 0xf741ecda, 0xfc4fe5d7, 0xe15dfec0, 0xea53f7cd, +0xdb79c8ee, 0xd077c1e3, 0xcd65daf4, 0xc66bd3f9, 0xaf31a4b2, 0xa43fadbf, +0xb92db6a8, 0xb223bfa5, 0x83098086, 0x8807898b, 0x9515929c, 0x9e1b9b91, +0x47a17c0a, 0x4caf7507, 0x51bd6e10, 0x5ab3671d, 0x6b99583e, 0x60975133, +0x7d854a24, 0x768b4329, 0x1fd13462, 0x14df3d6f, 0x09cd2678, 0x02c32f75, +0x33e91056, 0x38e7195b, 0x25f5024c, 0x2efb0b41, 0x8c9ad761, 0x8794de6c, +0x9a86c57b, 0x9188cc76, 0xa0a2f355, 0xabacfa58, 0xb6bee14f, 0xbdb0e842, +0xd4ea9f09, 0xdfe49604, 0xc2f68d13, 0xc9f8841e, 0xf8d2bb3d, 0xf3dcb230, +0xeecea927, 0xe5c0a02a, 0x3c7a47b1, 0x37744ebc, 0x2a6655ab, 0x21685ca6, +0x10426385, 0x1b4c6a88, 0x065e719f, 0x0d507892, 0x640a0fd9, 0x6f0406d4, +0x72161dc3, 0x791814ce, 0x48322bed, 0x433c22e0, 0x5e2e39f7, 0x552030fa, +0x01ec9ab7, 0x0ae293ba, 0x17f088ad, 0x1cfe81a0, 0x2dd4be83, 0x26dab78e, +0x3bc8ac99, 0x30c6a594, 0x599cd2df, 0x5292dbd2, 0x4f80c0c5, 0x448ec9c8, +0x75a4f6eb, 0x7eaaffe6, 0x63b8e4f1, 0x68b6edfc, 0xb10c0a67, 0xba02036a, +0xa710187d, 0xac1e1170, 0x9d342e53, 0x963a275e, 0x8b283c49, 0x80263544, +0xe97c420f, 0xe2724b02, 0xff605015, 0xf46e5918, 0xc544663b, 0xce4a6f36, +0xd3587421, 0xd8567d2c, 0x7a37a10c, 0x7139a801, 0x6c2bb316, 0x6725ba1b, +0x560f8538, 0x5d018c35, 0x40139722, 0x4b1d9e2f, 0x2247e964, 0x2949e069, +0x345bfb7e, 0x3f55f273, 0x0e7fcd50, 0x0571c45d, 0x1863df4a, 0x136dd647, +0xcad731dc, 0xc1d938d1, 0xdccb23c6, 0xd7c52acb, 0xe6ef15e8, 0xede11ce5, +0xf0f307f2, 0xfbfd0eff, 0x92a779b4, 0x99a970b9, 0x84bb6bae, 0x8fb562a3, +0xbe9f5d80, 0xb591548d, 0xa8834f9a, 0xa38d4697 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _IMXC2[256] = +{ +0x00000000, 0x090e0b0d, 0x121c161a, 0x1b121d17, 0x24382c34, 0x2d362739, +0x36243a2e, 0x3f2a3123, 0x48705868, 0x417e5365, 0x5a6c4e72, 0x5362457f, +0x6c48745c, 0x65467f51, 0x7e546246, 0x775a694b, 0x90e0b0d0, 0x99eebbdd, +0x82fca6ca, 0x8bf2adc7, 0xb4d89ce4, 0xbdd697e9, 0xa6c48afe, 0xafca81f3, +0xd890e8b8, 0xd19ee3b5, 0xca8cfea2, 0xc382f5af, 0xfca8c48c, 0xf5a6cf81, +0xeeb4d296, 0xe7bad99b, 0x3bdb7bbb, 0x32d570b6, 0x29c76da1, 0x20c966ac, +0x1fe3578f, 0x16ed5c82, 0x0dff4195, 0x04f14a98, 0x73ab23d3, 0x7aa528de, +0x61b735c9, 0x68b93ec4, 0x57930fe7, 0x5e9d04ea, 0x458f19fd, 0x4c8112f0, +0xab3bcb6b, 0xa235c066, 0xb927dd71, 0xb029d67c, 0x8f03e75f, 0x860dec52, +0x9d1ff145, 0x9411fa48, 0xe34b9303, 0xea45980e, 0xf1578519, 0xf8598e14, +0xc773bf37, 0xce7db43a, 0xd56fa92d, 0xdc61a220, 0x76adf66d, 0x7fa3fd60, +0x64b1e077, 0x6dbfeb7a, 0x5295da59, 0x5b9bd154, 0x4089cc43, 0x4987c74e, +0x3eddae05, 0x37d3a508, 0x2cc1b81f, 0x25cfb312, 0x1ae58231, 0x13eb893c, +0x08f9942b, 0x01f79f26, 0xe64d46bd, 0xef434db0, 0xf45150a7, 0xfd5f5baa, +0xc2756a89, 0xcb7b6184, 0xd0697c93, 0xd967779e, 0xae3d1ed5, 0xa73315d8, +0xbc2108cf, 0xb52f03c2, 0x8a0532e1, 0x830b39ec, 0x981924fb, 0x91172ff6, +0x4d768dd6, 0x447886db, 0x5f6a9bcc, 0x566490c1, 0x694ea1e2, 0x6040aaef, +0x7b52b7f8, 0x725cbcf5, 0x0506d5be, 0x0c08deb3, 0x171ac3a4, 0x1e14c8a9, +0x213ef98a, 0x2830f287, 0x3322ef90, 0x3a2ce49d, 0xdd963d06, 0xd498360b, +0xcf8a2b1c, 0xc6842011, 0xf9ae1132, 0xf0a01a3f, 0xebb20728, 0xe2bc0c25, +0x95e6656e, 0x9ce86e63, 0x87fa7374, 0x8ef47879, 0xb1de495a, 0xb8d04257, +0xa3c25f40, 0xaacc544d, 0xec41f7da, 0xe54ffcd7, 0xfe5de1c0, 0xf753eacd, +0xc879dbee, 0xc177d0e3, 0xda65cdf4, 0xd36bc6f9, 0xa431afb2, 0xad3fa4bf, +0xb62db9a8, 0xbf23b2a5, 0x80098386, 0x8907888b, 0x9215959c, 0x9b1b9e91, +0x7ca1470a, 0x75af4c07, 0x6ebd5110, 0x67b35a1d, 0x58996b3e, 0x51976033, +0x4a857d24, 0x438b7629, 0x34d11f62, 0x3ddf146f, 0x26cd0978, 0x2fc30275, +0x10e93356, 0x19e7385b, 0x02f5254c, 0x0bfb2e41, 0xd79a8c61, 0xde94876c, +0xc5869a7b, 0xcc889176, 0xf3a2a055, 0xfaacab58, 0xe1beb64f, 0xe8b0bd42, +0x9fead409, 0x96e4df04, 0x8df6c213, 0x84f8c91e, 0xbbd2f83d, 0xb2dcf330, +0xa9ceee27, 0xa0c0e52a, 0x477a3cb1, 0x4e7437bc, 0x55662aab, 0x5c6821a6, +0x63421085, 0x6a4c1b88, 0x715e069f, 0x78500d92, 0x0f0a64d9, 0x06046fd4, +0x1d1672c3, 0x141879ce, 0x2b3248ed, 0x223c43e0, 0x392e5ef7, 0x302055fa, +0x9aec01b7, 0x93e20aba, 0x88f017ad, 0x81fe1ca0, 0xbed42d83, 0xb7da268e, +0xacc83b99, 0xa5c63094, 0xd29c59df, 0xdb9252d2, 0xc0804fc5, 0xc98e44c8, +0xf6a475eb, 0xffaa7ee6, 0xe4b863f1, 0xedb668fc, 0x0a0cb167, 0x0302ba6a, +0x1810a77d, 0x111eac70, 0x2e349d53, 0x273a965e, 0x3c288b49, 0x35268044, +0x427ce90f, 0x4b72e202, 0x5060ff15, 0x596ef418, 0x6644c53b, 0x6f4ace36, +0x7458d321, 0x7d56d82c, 0xa1377a0c, 0xa8397101, 0xb32b6c16, 0xba25671b, +0x850f5638, 0x8c015d35, 0x97134022, 0x9e1d4b2f, 0xe9472264, 0xe0492969, +0xfb5b347e, 0xf2553f73, 0xcd7f0e50, 0xc471055d, 0xdf63184a, 0xd66d1347, +0x31d7cadc, 0x38d9c1d1, 0x23cbdcc6, 0x2ac5d7cb, 0x15efe6e8, 0x1ce1ede5, +0x07f3f0f2, 0x0efdfbff, 0x79a792b4, 0x70a999b9, 0x6bbb84ae, 0x62b58fa3, +0x5d9fbe80, 0x5491b58d, 0x4f83a89a, 0x468da397 +}; +#else +static const PRUint32 _IMXC2[256] = +{ +0x00000000, 0x0d0b0e09, 0x1a161c12, 0x171d121b, 0x342c3824, 0x3927362d, +0x2e3a2436, 0x23312a3f, 0x68587048, 0x65537e41, 0x724e6c5a, 0x7f456253, +0x5c74486c, 0x517f4665, 0x4662547e, 0x4b695a77, 0xd0b0e090, 0xddbbee99, +0xcaa6fc82, 0xc7adf28b, 0xe49cd8b4, 0xe997d6bd, 0xfe8ac4a6, 0xf381caaf, +0xb8e890d8, 0xb5e39ed1, 0xa2fe8cca, 0xaff582c3, 0x8cc4a8fc, 0x81cfa6f5, +0x96d2b4ee, 0x9bd9bae7, 0xbb7bdb3b, 0xb670d532, 0xa16dc729, 0xac66c920, +0x8f57e31f, 0x825ced16, 0x9541ff0d, 0x984af104, 0xd323ab73, 0xde28a57a, +0xc935b761, 0xc43eb968, 0xe70f9357, 0xea049d5e, 0xfd198f45, 0xf012814c, +0x6bcb3bab, 0x66c035a2, 0x71dd27b9, 0x7cd629b0, 0x5fe7038f, 0x52ec0d86, +0x45f11f9d, 0x48fa1194, 0x03934be3, 0x0e9845ea, 0x198557f1, 0x148e59f8, +0x37bf73c7, 0x3ab47dce, 0x2da96fd5, 0x20a261dc, 0x6df6ad76, 0x60fda37f, +0x77e0b164, 0x7aebbf6d, 0x59da9552, 0x54d19b5b, 0x43cc8940, 0x4ec78749, +0x05aedd3e, 0x08a5d337, 0x1fb8c12c, 0x12b3cf25, 0x3182e51a, 0x3c89eb13, +0x2b94f908, 0x269ff701, 0xbd464de6, 0xb04d43ef, 0xa75051f4, 0xaa5b5ffd, +0x896a75c2, 0x84617bcb, 0x937c69d0, 0x9e7767d9, 0xd51e3dae, 0xd81533a7, +0xcf0821bc, 0xc2032fb5, 0xe132058a, 0xec390b83, 0xfb241998, 0xf62f1791, +0xd68d764d, 0xdb867844, 0xcc9b6a5f, 0xc1906456, 0xe2a14e69, 0xefaa4060, +0xf8b7527b, 0xf5bc5c72, 0xbed50605, 0xb3de080c, 0xa4c31a17, 0xa9c8141e, +0x8af93e21, 0x87f23028, 0x90ef2233, 0x9de42c3a, 0x063d96dd, 0x0b3698d4, +0x1c2b8acf, 0x112084c6, 0x3211aef9, 0x3f1aa0f0, 0x2807b2eb, 0x250cbce2, +0x6e65e695, 0x636ee89c, 0x7473fa87, 0x7978f48e, 0x5a49deb1, 0x5742d0b8, +0x405fc2a3, 0x4d54ccaa, 0xdaf741ec, 0xd7fc4fe5, 0xc0e15dfe, 0xcdea53f7, +0xeedb79c8, 0xe3d077c1, 0xf4cd65da, 0xf9c66bd3, 0xb2af31a4, 0xbfa43fad, +0xa8b92db6, 0xa5b223bf, 0x86830980, 0x8b880789, 0x9c951592, 0x919e1b9b, +0x0a47a17c, 0x074caf75, 0x1051bd6e, 0x1d5ab367, 0x3e6b9958, 0x33609751, +0x247d854a, 0x29768b43, 0x621fd134, 0x6f14df3d, 0x7809cd26, 0x7502c32f, +0x5633e910, 0x5b38e719, 0x4c25f502, 0x412efb0b, 0x618c9ad7, 0x6c8794de, +0x7b9a86c5, 0x769188cc, 0x55a0a2f3, 0x58abacfa, 0x4fb6bee1, 0x42bdb0e8, +0x09d4ea9f, 0x04dfe496, 0x13c2f68d, 0x1ec9f884, 0x3df8d2bb, 0x30f3dcb2, +0x27eecea9, 0x2ae5c0a0, 0xb13c7a47, 0xbc37744e, 0xab2a6655, 0xa621685c, +0x85104263, 0x881b4c6a, 0x9f065e71, 0x920d5078, 0xd9640a0f, 0xd46f0406, +0xc372161d, 0xce791814, 0xed48322b, 0xe0433c22, 0xf75e2e39, 0xfa552030, +0xb701ec9a, 0xba0ae293, 0xad17f088, 0xa01cfe81, 0x832dd4be, 0x8e26dab7, +0x993bc8ac, 0x9430c6a5, 0xdf599cd2, 0xd25292db, 0xc54f80c0, 0xc8448ec9, +0xeb75a4f6, 0xe67eaaff, 0xf163b8e4, 0xfc68b6ed, 0x67b10c0a, 0x6aba0203, +0x7da71018, 0x70ac1e11, 0x539d342e, 0x5e963a27, 0x498b283c, 0x44802635, +0x0fe97c42, 0x02e2724b, 0x15ff6050, 0x18f46e59, 0x3bc54466, 0x36ce4a6f, +0x21d35874, 0x2cd8567d, 0x0c7a37a1, 0x017139a8, 0x166c2bb3, 0x1b6725ba, +0x38560f85, 0x355d018c, 0x22401397, 0x2f4b1d9e, 0x642247e9, 0x692949e0, +0x7e345bfb, 0x733f55f2, 0x500e7fcd, 0x5d0571c4, 0x4a1863df, 0x47136dd6, +0xdccad731, 0xd1c1d938, 0xc6dccb23, 0xcbd7c52a, 0xe8e6ef15, 0xe5ede11c, +0xf2f0f307, 0xfffbfd0e, 0xb492a779, 0xb999a970, 0xae84bb6b, 0xa38fb562, +0x80be9f5d, 0x8db59154, 0x9aa8834f, 0x97a38d46 +}; +#endif + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 _IMXC3[256] = +{ +0x00000000, 0x0e0b0d09, 0x1c161a12, 0x121d171b, 0x382c3424, 0x3627392d, +0x243a2e36, 0x2a31233f, 0x70586848, 0x7e536541, 0x6c4e725a, 0x62457f53, +0x48745c6c, 0x467f5165, 0x5462467e, 0x5a694b77, 0xe0b0d090, 0xeebbdd99, +0xfca6ca82, 0xf2adc78b, 0xd89ce4b4, 0xd697e9bd, 0xc48afea6, 0xca81f3af, +0x90e8b8d8, 0x9ee3b5d1, 0x8cfea2ca, 0x82f5afc3, 0xa8c48cfc, 0xa6cf81f5, +0xb4d296ee, 0xbad99be7, 0xdb7bbb3b, 0xd570b632, 0xc76da129, 0xc966ac20, +0xe3578f1f, 0xed5c8216, 0xff41950d, 0xf14a9804, 0xab23d373, 0xa528de7a, +0xb735c961, 0xb93ec468, 0x930fe757, 0x9d04ea5e, 0x8f19fd45, 0x8112f04c, +0x3bcb6bab, 0x35c066a2, 0x27dd71b9, 0x29d67cb0, 0x03e75f8f, 0x0dec5286, +0x1ff1459d, 0x11fa4894, 0x4b9303e3, 0x45980eea, 0x578519f1, 0x598e14f8, +0x73bf37c7, 0x7db43ace, 0x6fa92dd5, 0x61a220dc, 0xadf66d76, 0xa3fd607f, +0xb1e07764, 0xbfeb7a6d, 0x95da5952, 0x9bd1545b, 0x89cc4340, 0x87c74e49, +0xddae053e, 0xd3a50837, 0xc1b81f2c, 0xcfb31225, 0xe582311a, 0xeb893c13, +0xf9942b08, 0xf79f2601, 0x4d46bde6, 0x434db0ef, 0x5150a7f4, 0x5f5baafd, +0x756a89c2, 0x7b6184cb, 0x697c93d0, 0x67779ed9, 0x3d1ed5ae, 0x3315d8a7, +0x2108cfbc, 0x2f03c2b5, 0x0532e18a, 0x0b39ec83, 0x1924fb98, 0x172ff691, +0x768dd64d, 0x7886db44, 0x6a9bcc5f, 0x6490c156, 0x4ea1e269, 0x40aaef60, +0x52b7f87b, 0x5cbcf572, 0x06d5be05, 0x08deb30c, 0x1ac3a417, 0x14c8a91e, +0x3ef98a21, 0x30f28728, 0x22ef9033, 0x2ce49d3a, 0x963d06dd, 0x98360bd4, +0x8a2b1ccf, 0x842011c6, 0xae1132f9, 0xa01a3ff0, 0xb20728eb, 0xbc0c25e2, +0xe6656e95, 0xe86e639c, 0xfa737487, 0xf478798e, 0xde495ab1, 0xd04257b8, +0xc25f40a3, 0xcc544daa, 0x41f7daec, 0x4ffcd7e5, 0x5de1c0fe, 0x53eacdf7, +0x79dbeec8, 0x77d0e3c1, 0x65cdf4da, 0x6bc6f9d3, 0x31afb2a4, 0x3fa4bfad, +0x2db9a8b6, 0x23b2a5bf, 0x09838680, 0x07888b89, 0x15959c92, 0x1b9e919b, +0xa1470a7c, 0xaf4c0775, 0xbd51106e, 0xb35a1d67, 0x996b3e58, 0x97603351, +0x857d244a, 0x8b762943, 0xd11f6234, 0xdf146f3d, 0xcd097826, 0xc302752f, +0xe9335610, 0xe7385b19, 0xf5254c02, 0xfb2e410b, 0x9a8c61d7, 0x94876cde, +0x869a7bc5, 0x889176cc, 0xa2a055f3, 0xacab58fa, 0xbeb64fe1, 0xb0bd42e8, +0xead4099f, 0xe4df0496, 0xf6c2138d, 0xf8c91e84, 0xd2f83dbb, 0xdcf330b2, +0xceee27a9, 0xc0e52aa0, 0x7a3cb147, 0x7437bc4e, 0x662aab55, 0x6821a65c, +0x42108563, 0x4c1b886a, 0x5e069f71, 0x500d9278, 0x0a64d90f, 0x046fd406, +0x1672c31d, 0x1879ce14, 0x3248ed2b, 0x3c43e022, 0x2e5ef739, 0x2055fa30, +0xec01b79a, 0xe20aba93, 0xf017ad88, 0xfe1ca081, 0xd42d83be, 0xda268eb7, +0xc83b99ac, 0xc63094a5, 0x9c59dfd2, 0x9252d2db, 0x804fc5c0, 0x8e44c8c9, +0xa475ebf6, 0xaa7ee6ff, 0xb863f1e4, 0xb668fced, 0x0cb1670a, 0x02ba6a03, +0x10a77d18, 0x1eac7011, 0x349d532e, 0x3a965e27, 0x288b493c, 0x26804435, +0x7ce90f42, 0x72e2024b, 0x60ff1550, 0x6ef41859, 0x44c53b66, 0x4ace366f, +0x58d32174, 0x56d82c7d, 0x377a0ca1, 0x397101a8, 0x2b6c16b3, 0x25671bba, +0x0f563885, 0x015d358c, 0x13402297, 0x1d4b2f9e, 0x472264e9, 0x492969e0, +0x5b347efb, 0x553f73f2, 0x7f0e50cd, 0x71055dc4, 0x63184adf, 0x6d1347d6, +0xd7cadc31, 0xd9c1d138, 0xcbdcc623, 0xc5d7cb2a, 0xefe6e815, 0xe1ede51c, +0xf3f0f207, 0xfdfbff0e, 0xa792b479, 0xa999b970, 0xbb84ae6b, 0xb58fa362, +0x9fbe805d, 0x91b58d54, 0x83a89a4f, 0x8da39746 +}; +#else +static const PRUint32 _IMXC3[256] = +{ +0x00000000, 0x090d0b0e, 0x121a161c, 0x1b171d12, 0x24342c38, 0x2d392736, +0x362e3a24, 0x3f23312a, 0x48685870, 0x4165537e, 0x5a724e6c, 0x537f4562, +0x6c5c7448, 0x65517f46, 0x7e466254, 0x774b695a, 0x90d0b0e0, 0x99ddbbee, +0x82caa6fc, 0x8bc7adf2, 0xb4e49cd8, 0xbde997d6, 0xa6fe8ac4, 0xaff381ca, +0xd8b8e890, 0xd1b5e39e, 0xcaa2fe8c, 0xc3aff582, 0xfc8cc4a8, 0xf581cfa6, +0xee96d2b4, 0xe79bd9ba, 0x3bbb7bdb, 0x32b670d5, 0x29a16dc7, 0x20ac66c9, +0x1f8f57e3, 0x16825ced, 0x0d9541ff, 0x04984af1, 0x73d323ab, 0x7ade28a5, +0x61c935b7, 0x68c43eb9, 0x57e70f93, 0x5eea049d, 0x45fd198f, 0x4cf01281, +0xab6bcb3b, 0xa266c035, 0xb971dd27, 0xb07cd629, 0x8f5fe703, 0x8652ec0d, +0x9d45f11f, 0x9448fa11, 0xe303934b, 0xea0e9845, 0xf1198557, 0xf8148e59, +0xc737bf73, 0xce3ab47d, 0xd52da96f, 0xdc20a261, 0x766df6ad, 0x7f60fda3, +0x6477e0b1, 0x6d7aebbf, 0x5259da95, 0x5b54d19b, 0x4043cc89, 0x494ec787, +0x3e05aedd, 0x3708a5d3, 0x2c1fb8c1, 0x2512b3cf, 0x1a3182e5, 0x133c89eb, +0x082b94f9, 0x01269ff7, 0xe6bd464d, 0xefb04d43, 0xf4a75051, 0xfdaa5b5f, +0xc2896a75, 0xcb84617b, 0xd0937c69, 0xd99e7767, 0xaed51e3d, 0xa7d81533, +0xbccf0821, 0xb5c2032f, 0x8ae13205, 0x83ec390b, 0x98fb2419, 0x91f62f17, +0x4dd68d76, 0x44db8678, 0x5fcc9b6a, 0x56c19064, 0x69e2a14e, 0x60efaa40, +0x7bf8b752, 0x72f5bc5c, 0x05bed506, 0x0cb3de08, 0x17a4c31a, 0x1ea9c814, +0x218af93e, 0x2887f230, 0x3390ef22, 0x3a9de42c, 0xdd063d96, 0xd40b3698, +0xcf1c2b8a, 0xc6112084, 0xf93211ae, 0xf03f1aa0, 0xeb2807b2, 0xe2250cbc, +0x956e65e6, 0x9c636ee8, 0x877473fa, 0x8e7978f4, 0xb15a49de, 0xb85742d0, +0xa3405fc2, 0xaa4d54cc, 0xecdaf741, 0xe5d7fc4f, 0xfec0e15d, 0xf7cdea53, +0xc8eedb79, 0xc1e3d077, 0xdaf4cd65, 0xd3f9c66b, 0xa4b2af31, 0xadbfa43f, +0xb6a8b92d, 0xbfa5b223, 0x80868309, 0x898b8807, 0x929c9515, 0x9b919e1b, +0x7c0a47a1, 0x75074caf, 0x6e1051bd, 0x671d5ab3, 0x583e6b99, 0x51336097, +0x4a247d85, 0x4329768b, 0x34621fd1, 0x3d6f14df, 0x267809cd, 0x2f7502c3, +0x105633e9, 0x195b38e7, 0x024c25f5, 0x0b412efb, 0xd7618c9a, 0xde6c8794, +0xc57b9a86, 0xcc769188, 0xf355a0a2, 0xfa58abac, 0xe14fb6be, 0xe842bdb0, +0x9f09d4ea, 0x9604dfe4, 0x8d13c2f6, 0x841ec9f8, 0xbb3df8d2, 0xb230f3dc, +0xa927eece, 0xa02ae5c0, 0x47b13c7a, 0x4ebc3774, 0x55ab2a66, 0x5ca62168, +0x63851042, 0x6a881b4c, 0x719f065e, 0x78920d50, 0x0fd9640a, 0x06d46f04, +0x1dc37216, 0x14ce7918, 0x2bed4832, 0x22e0433c, 0x39f75e2e, 0x30fa5520, +0x9ab701ec, 0x93ba0ae2, 0x88ad17f0, 0x81a01cfe, 0xbe832dd4, 0xb78e26da, +0xac993bc8, 0xa59430c6, 0xd2df599c, 0xdbd25292, 0xc0c54f80, 0xc9c8448e, +0xf6eb75a4, 0xffe67eaa, 0xe4f163b8, 0xedfc68b6, 0x0a67b10c, 0x036aba02, +0x187da710, 0x1170ac1e, 0x2e539d34, 0x275e963a, 0x3c498b28, 0x35448026, +0x420fe97c, 0x4b02e272, 0x5015ff60, 0x5918f46e, 0x663bc544, 0x6f36ce4a, +0x7421d358, 0x7d2cd856, 0xa10c7a37, 0xa8017139, 0xb3166c2b, 0xba1b6725, +0x8538560f, 0x8c355d01, 0x97224013, 0x9e2f4b1d, 0xe9642247, 0xe0692949, +0xfb7e345b, 0xf2733f55, 0xcd500e7f, 0xc45d0571, 0xdf4a1863, 0xd647136d, +0x31dccad7, 0x38d1c1d9, 0x23c6dccb, 0x2acbd7c5, 0x15e8e6ef, 0x1ce5ede1, +0x07f2f0f3, 0x0efffbfd, 0x79b492a7, 0x70b999a9, 0x6bae84bb, 0x62a38fb5, +0x5d80be9f, 0x548db591, 0x4f9aa883, 0x4697a38d +}; +#endif + +#endif /* RIJNDAEL_INCLUDE_TABLES */ + +#ifdef IS_LITTLE_ENDIAN +static const PRUint32 Rcon[30] = { +0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, +0x00000040, 0x00000080, 0x0000001b, 0x00000036, 0x0000006c, 0x000000d8, +0x000000ab, 0x0000004d, 0x0000009a, 0x0000002f, 0x0000005e, 0x000000bc, +0x00000063, 0x000000c6, 0x00000097, 0x00000035, 0x0000006a, 0x000000d4, +0x000000b3, 0x0000007d, 0x000000fa, 0x000000ef, 0x000000c5, 0x00000091 +}; +#else +static const PRUint32 Rcon[30] = { +0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, +0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000, +0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000, +0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000, +0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000 +}; +#endif + diff --git a/security/nss/lib/freebl/rijndael_tables.c b/security/nss/lib/freebl/rijndael_tables.c new file mode 100644 index 000000000..6f1957468 --- /dev/null +++ b/security/nss/lib/freebl/rijndael_tables.c @@ -0,0 +1,244 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + * $Id$ + */ + +#include "stdio.h" +#include "prtypes.h" +#include "blapi.h" + +/* + * what follows is code thrown together to generate the myriad of tables + * used by Rijndael, the AES cipher. + */ + + +#define WORD_LE(b0, b1, b2, b3) \ + (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | b0) + +#define WORD_BE(b0, b1, b2, b3) \ + (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | b3) + +static const PRUint8 __S[256] = +{ + 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, +202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, +183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, +208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, +205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, +224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, +231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, +186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, +112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, +225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, +140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22, +}; + +static const PRUint8 __SInv[256] = +{ + 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251, +124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37, +114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, +108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, +144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6, +208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, +150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, +252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, +160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125 +}; + +/* GF_MULTIPLY + * + * multiply two bytes represented in GF(2**8), mod (x**4 + 1) + */ +PRUint8 gf_multiply(PRUint8 a, PRUint8 b) +{ + PRUint8 res = 0; + while (b > 0) { + res = (b & 0x01) ? res ^ a : res; + a = (a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1); + b >>= 1; + } + return res; +} + +void +make_T_Table(char *table, const PRUint8 Sx[256], FILE *file, + unsigned char m0, unsigned char m1, + unsigned char m2, unsigned char m3) +{ + PRUint32 Ti; + int i; + fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n"); + fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table); + for (i=0; i<256; i++) { + Ti = WORD_LE( gf_multiply(Sx[i], m0), + gf_multiply(Sx[i], m1), + gf_multiply(Sx[i], m2), + gf_multiply(Sx[i], m3) ); + if (Ti == 0) + fprintf(file, "0x00000000%c%c", (i==255)?' ':',', + (i%6==5)?'\n':' '); + else + fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',', + (i%6==5)?'\n':' '); + } + fprintf(file, "\n};\n"); + fprintf(file, "#else\n"); + fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table); + for (i=0; i<256; i++) { + Ti = WORD_BE( gf_multiply(Sx[i], m0), + gf_multiply(Sx[i], m1), + gf_multiply(Sx[i], m2), + gf_multiply(Sx[i], m3) ); + if (Ti == 0) + fprintf(file, "0x00000000%c%c", (i==255)?' ':',', + (i%6==5)?'\n':' '); + else + fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',', + (i%6==5)?'\n':' '); + } + fprintf(file, "\n};\n"); + fprintf(file, "#endif\n\n"); +} + +void make_InvMixCol_Table(int num, FILE *file, PRUint8 m0, PRUint8 m1, PRUint8 m2, PRUint8 m3) +{ + PRUint16 i; + PRUint8 b0, b1, b2, b3; + fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n"); + fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num); + for (i=0; i<256; i++) { + b0 = gf_multiply(i, m0); + b1 = gf_multiply(i, m1); + b2 = gf_multiply(i, m2); + b3 = gf_multiply(i, m3); + fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b3, b2, b1, b0, (i==255)?' ':',', (i%6==5)?'\n':' '); + } + fprintf(file, "\n};\n"); + fprintf(file, "#else\n"); + fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num); + for (i=0; i<256; i++) { + b0 = gf_multiply(i, m0); + b1 = gf_multiply(i, m1); + b2 = gf_multiply(i, m2); + b3 = gf_multiply(i, m3); + fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b0, b1, b2, b3, (i==255)?' ':',', (i%6==5)?'\n':' '); + } + fprintf(file, "\n};\n"); + fprintf(file, "#endif\n\n"); +} + +int main() +{ + int i, j; + PRUint8 cur, last; + PRUint32 tmp; + FILE *optfile; + optfile = fopen("rijndael32.tab", "w"); + /* output S, if there are no T tables */ + fprintf(optfile, "#ifndef RIJNDAEL_INCLUDE_TABLES\n"); + fprintf(optfile, "static const PRUint8 _S[256] = \n{\n"); + for (i=0; i<256; i++) { + fprintf(optfile, "%3d%c%c", __S[i],(i==255)?' ':',', + (i%16==15)?'\n':' '); + } + fprintf(optfile, "};\n#endif /* not RIJNDAEL_INCLUDE_TABLES */\n\n"); + /* output S**-1 */ + fprintf(optfile, "static const PRUint8 _SInv[256] = \n{\n"); + for (i=0; i<256; i++) { + fprintf(optfile, "%3d%c%c", __SInv[i],(i==255)?' ':',', + (i%16==15)?'\n':' '); + } + fprintf(optfile, "};\n\n"); + fprintf(optfile, "#ifdef RIJNDAEL_INCLUDE_TABLES\n"); + /* The 32-bit word tables for optimized implementation */ + /* T0 = [ S[a] * 02, S[a], S[a], S[a] * 03 ] */ + make_T_Table("0", __S, optfile, 0x02, 0x01, 0x01, 0x03); + /* T1 = [ S[a] * 03, S[a] * 02, S[a], S[a] ] */ + make_T_Table("1", __S, optfile, 0x03, 0x02, 0x01, 0x01); + /* T2 = [ S[a], S[a] * 03, S[a] * 02, S[a] ] */ + make_T_Table("2", __S, optfile, 0x01, 0x03, 0x02, 0x01); + /* T3 = [ S[a], S[a], S[a] * 03, S[a] * 02 ] */ + make_T_Table("3", __S, optfile, 0x01, 0x01, 0x03, 0x02); + /* TInv0 = [ Si[a] * 0E, Si[a] * 09, Si[a] * 0D, Si[a] * 0B ] */ + make_T_Table("Inv0", __SInv, optfile, 0x0e, 0x09, 0x0d, 0x0b); + /* TInv1 = [ Si[a] * 0B, Si[a] * 0E, Si[a] * 09, Si[a] * 0D ] */ + make_T_Table("Inv1", __SInv, optfile, 0x0b, 0x0e, 0x09, 0x0d); + /* TInv2 = [ Si[a] * 0D, Si[a] * 0B, Si[a] * 0E, Si[a] * 09 ] */ + make_T_Table("Inv2", __SInv, optfile, 0x0d, 0x0b, 0x0e, 0x09); + /* TInv3 = [ Si[a] * 09, Si[a] * 0D, Si[a] * 0B, Si[a] * 0E ] */ + make_T_Table("Inv3", __SInv, optfile, 0x09, 0x0d, 0x0b, 0x0e); + /* byte multiply tables for inverse key expansion (mimics InvMixColumn) */ + make_InvMixCol_Table(0, optfile, 0x0e, 0x09, 0x0d, 0x0b); + make_InvMixCol_Table(1, optfile, 0x0b, 0x0E, 0x09, 0x0d); + make_InvMixCol_Table(2, optfile, 0x0d, 0x0b, 0x0e, 0x09); + make_InvMixCol_Table(3, optfile, 0x09, 0x0d, 0x0b, 0x0e); + fprintf(optfile, "#endif /* RIJNDAEL_INCLUDE_TABLES */\n\n"); + /* round constants for key expansion */ + fprintf(optfile, "#ifdef IS_LITTLE_ENDIAN\n"); + fprintf(optfile, "static const PRUint32 Rcon[30] = {\n"); + cur = 0x01; + for (i=0; i<30; i++) { + fprintf(optfile, "%#.8x%c%c", WORD_LE(cur, 0, 0, 0), + (i==29)?' ':',', (i%6==5)?'\n':' '); + last = cur; + cur = gf_multiply(last, 0x02); + } + fprintf(optfile, "};\n"); + fprintf(optfile, "#else\n"); + fprintf(optfile, "static const PRUint32 Rcon[30] = {\n"); + cur = 0x01; + for (i=0; i<30; i++) { + fprintf(optfile, "%#.8x%c%c", WORD_BE(cur, 0, 0, 0), + (i==29)?' ':',', (i%6==5)?'\n':' '); + last = cur; + cur = gf_multiply(last, 0x02); + } + fprintf(optfile, "};\n"); + fprintf(optfile, "#endif\n\n"); + fclose(optfile); + return 0; +} diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c new file mode 100644 index 000000000..3151ebb87 --- /dev/null +++ b/security/nss/lib/freebl/rsa.c @@ -0,0 +1,927 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * + */ + +/* + * RSA key generation, public key op, private key op. + * + * $Id$ + */ + +#include "secerr.h" + +#include "prclist.h" +#include "nssilock.h" +#include "prinit.h" +#include "blapi.h" +#include "mpi.h" +#include "mpprime.h" +#include "mplogic.h" +#include "secmpi.h" +#include "secitem.h" + +/* +** Number of times to attempt to generate a prime (p or q) from a random +** seed (the seed changes for each iteration). +*/ +#define MAX_PRIME_GEN_ATTEMPTS 10 +/* +** Number of times to attempt to generate a key. The primes p and q change +** for each attempt. +*/ +#define MAX_KEY_GEN_ATTEMPTS 10 + +/* +** RSABlindingParamsStr +** +** For discussion of Paul Kocher's timing attack against an RSA private key +** operation, see http://www.cryptography.com/timingattack/paper.html. The +** countermeasure to this attack, known as blinding, is also discussed in +** the Handbook of Applied Cryptography, 11.118-11.119. +*/ +struct RSABlindingParamsStr +{ + /* Blinding-specific parameters */ + PRCList link; /* link to list of structs */ + SECItem modulus; /* list element "key" */ + mp_int f, g; /* Blinding parameters */ + int counter; /* number of remaining uses of (f, g) */ +}; + +/* +** RSABlindingParamsListStr +** +** List of key-specific blinding params. The arena holds the volatile pool +** of memory for each entry and the list itself. The lock is for list +** operations, in this case insertions and iterations, as well as control +** of the counter for each set of blinding parameters. +*/ +struct RSABlindingParamsListStr +{ + PZLock *lock; /* Lock for the list */ + PRCList head; /* Pointer to the list */ +}; + +/* +** The master blinding params list. +*/ +static struct RSABlindingParamsListStr blindingParamsList = { 0 }; + +/* Number of times to reuse (f, g). Suggested by Paul Kocher */ +#define RSA_BLINDING_PARAMS_MAX_REUSE 50 + +/* Global, allows optional use of blinding. On by default. */ +/* Cannot be changed at the moment, due to thread-safety issues. */ +static PRBool nssRSAUseBlinding = PR_TRUE; + +static SECStatus +rsa_keygen_from_primes(mp_int *p, mp_int *q, mp_int *e, RSAPrivateKey *key, + unsigned int keySizeInBits) +{ + mp_int n, d, phi; + mp_int psub1, qsub1, tmp; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&n) = 0; + MP_DIGITS(&d) = 0; + MP_DIGITS(&phi) = 0; + MP_DIGITS(&psub1) = 0; + MP_DIGITS(&qsub1) = 0; + MP_DIGITS(&tmp) = 0; + CHECK_MPI_OK( mp_init(&n) ); + CHECK_MPI_OK( mp_init(&d) ); + CHECK_MPI_OK( mp_init(&phi) ); + CHECK_MPI_OK( mp_init(&psub1) ); + CHECK_MPI_OK( mp_init(&qsub1) ); + CHECK_MPI_OK( mp_init(&tmp) ); + /* 1. Compute n = p*q */ + CHECK_MPI_OK( mp_mul(p, q, &n) ); + /* verify that the modulus has the desired number of bits */ + if ((unsigned)mpl_significant_bits(&n) != keySizeInBits) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + rv = SECFailure; + goto cleanup; + } + /* 2. Compute phi = (p-1)*(q-1) */ + CHECK_MPI_OK( mp_sub_d(p, 1, &psub1) ); + CHECK_MPI_OK( mp_sub_d(q, 1, &qsub1) ); + CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) ); + /* 3. Compute d = e**-1 mod(phi) */ + err = mp_invmod(e, &phi, &d); + /* Verify that phi(n) and e have no common divisors */ + if (err != MP_OKAY) { + if (err == MP_UNDEF) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + err = MP_OKAY; /* to keep PORT_SetError from being called again */ + rv = SECFailure; + } + goto cleanup; + } + MPINT_TO_SECITEM(&n, &key->modulus, key->arena); + MPINT_TO_SECITEM(&d, &key->privateExponent, key->arena); + /* 4. Compute exponent1 = d mod (p-1) */ + CHECK_MPI_OK( mp_mod(&d, &psub1, &tmp) ); + MPINT_TO_SECITEM(&tmp, &key->exponent1, key->arena); + /* 5. Compute exponent2 = d mod (q-1) */ + CHECK_MPI_OK( mp_mod(&d, &qsub1, &tmp) ); + MPINT_TO_SECITEM(&tmp, &key->exponent2, key->arena); + /* 6. Compute coefficient = q**-1 mod p */ + CHECK_MPI_OK( mp_invmod(q, p, &tmp) ); + MPINT_TO_SECITEM(&tmp, &key->coefficient, key->arena); +cleanup: + mp_clear(&n); + mp_clear(&d); + mp_clear(&phi); + mp_clear(&psub1); + mp_clear(&qsub1); + mp_clear(&tmp); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} +static SECStatus +generate_prime(mp_int *prime, int primeLen) +{ + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + unsigned long counter = 0; + int piter; + unsigned char *pb = NULL; + pb = PORT_Alloc(primeLen); + if (!pb) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + goto cleanup; + } + for (piter = 0; piter < MAX_PRIME_GEN_ATTEMPTS; piter++) { + CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) ); + pb[0] |= 0xC0; /* set two high-order bits */ + pb[primeLen-1] |= 0x01; /* set low-order bit */ + CHECK_MPI_OK( mp_read_unsigned_octets(prime, pb, primeLen) ); + err = mpp_make_prime(prime, primeLen * 8, PR_FALSE, &counter); + if (err != MP_NO) + goto cleanup; + /* keep going while err == MP_NO */ + } +cleanup: + if (pb) + PORT_ZFree(pb, primeLen); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +/* +** Generate and return a new RSA public and private key. +** Both keys are encoded in a single RSAPrivateKey structure. +** "cx" is the random number generator context +** "keySizeInBits" is the size of the key to be generated, in bits. +** 512, 1024, etc. +** "publicExponent" when not NULL is a pointer to some data that +** represents the public exponent to use. The data is a byte +** encoded integer, in "big endian" order. +*/ +RSAPrivateKey * +RSA_NewKey(int keySizeInBits, SECItem *publicExponent) +{ + unsigned int primeLen; + mp_int p, q, e; + int kiter; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + int prerr = 0; + RSAPrivateKey *key = NULL; + PRArenaPool *arena = NULL; + /* Require key size to be a multiple of 16 bits. */ + if (!publicExponent || keySizeInBits % 16 != 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + /* 1. Allocate arena & key */ + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); + if (!arena) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return NULL; + } + key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey)); + if (!key) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + PORT_FreeArena(arena, PR_TRUE); + return NULL; + } + key->arena = arena; + /* length of primes p and q (in bytes) */ + primeLen = keySizeInBits / (2 * BITS_PER_BYTE); + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&e) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&q) ); + CHECK_MPI_OK( mp_init(&e) ); + /* 2. Set the version number (PKCS1 v1.5 says it should be zero) */ + SECITEM_AllocItem(arena, &key->version, 1); + key->version.data[0] = 0; + /* 3. Set the public exponent */ + SECITEM_CopyItem(arena, &key->publicExponent, publicExponent); + SECITEM_TO_MPINT(*publicExponent, &e); + kiter = 0; + do { + prerr = 0; + PORT_SetError(0); + CHECK_SEC_OK( generate_prime(&p, primeLen) ); + CHECK_SEC_OK( generate_prime(&q, primeLen) ); + /* Assure q < p */ + if (mp_cmp(&p, &q) < 0) + mp_exch(&p, &q); + /* Attempt to use these primes to generate a key */ + rv = rsa_keygen_from_primes(&p, &q, &e, key, keySizeInBits); + if (rv == SECSuccess) + break; /* generated two good primes */ + prerr = PORT_GetError(); + kiter++; + /* loop until have primes */ + } while (prerr == SEC_ERROR_NEED_RANDOM && kiter < MAX_KEY_GEN_ATTEMPTS); + if (prerr) + goto cleanup; + MPINT_TO_SECITEM(&p, &key->prime1, arena); + MPINT_TO_SECITEM(&q, &key->prime2, arena); +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&e); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + if (rv && arena) { + PORT_FreeArena(arena, PR_TRUE); + key = NULL; + } + return key; +} + +static unsigned int +rsa_modulusLen(SECItem *modulus) +{ + unsigned char byteZero = modulus->data[0]; + unsigned int modLen = modulus->len - !byteZero; + return modLen; +} + +/* +** Perform a raw public-key operation +** Length of input and output buffers are equal to key's modulus len. +*/ +SECStatus +RSA_PublicKeyOp(RSAPublicKey *key, + unsigned char *output, + const unsigned char *input) +{ + unsigned int modLen; + mp_int n, e, m, c; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + if (!key || !output || !input) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + MP_DIGITS(&n) = 0; + MP_DIGITS(&e) = 0; + MP_DIGITS(&m) = 0; + MP_DIGITS(&c) = 0; + CHECK_MPI_OK( mp_init(&n) ); + CHECK_MPI_OK( mp_init(&e) ); + CHECK_MPI_OK( mp_init(&m) ); + CHECK_MPI_OK( mp_init(&c) ); + modLen = rsa_modulusLen(&key->modulus); + /* 1. Obtain public key (n, e) */ + SECITEM_TO_MPINT(key->modulus, &n); + SECITEM_TO_MPINT(key->publicExponent, &e); + /* 2. Represent message as integer in range [0..n-1] */ + CHECK_MPI_OK( mp_read_unsigned_octets(&m, input, modLen) ); + /* 3. Compute c = m**e mod n */ +#ifdef USE_MPI_EXPT_D + /* XXX see which is faster */ + if (MP_USED(&e) == 1) { + CHECK_MPI_OK( mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c) ); + } else +#endif + CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) ); + /* 4. result c is ciphertext */ + err = mp_to_fixlen_octets(&c, output, modLen); + if (err >= 0) err = MP_OKAY; +cleanup: + mp_clear(&n); + mp_clear(&e); + mp_clear(&m); + mp_clear(&c); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +/* +** RSA Private key operation (no CRT). +*/ +static SECStatus +rsa_PrivateKeyOpNoCRT(RSAPrivateKey *key, mp_int *m, mp_int *c, mp_int *n, + unsigned int modLen) +{ + mp_int d; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&d) = 0; + CHECK_MPI_OK( mp_init(&d) ); + SECITEM_TO_MPINT(key->privateExponent, &d); + /* 1. m = c**d mod n */ + CHECK_MPI_OK( mp_exptmod(c, &d, n, m) ); +cleanup: + mp_clear(&d); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +/* +** RSA Private key operation using CRT. +*/ +static SECStatus +rsa_PrivateKeyOpCRTNoCheck(RSAPrivateKey *key, mp_int *m, mp_int *c) +{ + mp_int p, q, d_p, d_q, qInv; + mp_int m1, m2, h, ctmp; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&p) = 0; + MP_DIGITS(&q) = 0; + MP_DIGITS(&d_p) = 0; + MP_DIGITS(&d_q) = 0; + MP_DIGITS(&qInv) = 0; + MP_DIGITS(&m1) = 0; + MP_DIGITS(&m2) = 0; + MP_DIGITS(&h) = 0; + MP_DIGITS(&ctmp) = 0; + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&q) ); + CHECK_MPI_OK( mp_init(&d_p) ); + CHECK_MPI_OK( mp_init(&d_q) ); + CHECK_MPI_OK( mp_init(&qInv) ); + CHECK_MPI_OK( mp_init(&m1) ); + CHECK_MPI_OK( mp_init(&m2) ); + CHECK_MPI_OK( mp_init(&h) ); + CHECK_MPI_OK( mp_init(&ctmp) ); + /* copy private key parameters into mp integers */ + SECITEM_TO_MPINT(key->prime1, &p); /* p */ + SECITEM_TO_MPINT(key->prime2, &q); /* q */ + SECITEM_TO_MPINT(key->exponent1, &d_p); /* d_p = d mod (p-1) */ + SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_q = d mod (q-1) */ + SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */ + /* 1. m1 = c**d_p mod p */ + CHECK_MPI_OK( mp_mod(c, &p, &ctmp) ); + CHECK_MPI_OK( mp_exptmod(&ctmp, &d_p, &p, &m1) ); + /* 2. m2 = c**d_q mod q */ + CHECK_MPI_OK( mp_mod(c, &q, &ctmp) ); + CHECK_MPI_OK( mp_exptmod(&ctmp, &d_q, &q, &m2) ); + /* 3. h = (m1 - m2) * qInv mod p */ + CHECK_MPI_OK( mp_submod(&m1, &m2, &p, &h) ); + CHECK_MPI_OK( mp_mulmod(&h, &qInv, &p, &h) ); + /* 4. m = m2 + h * q */ + CHECK_MPI_OK( mp_mul(&h, &q, m) ); + CHECK_MPI_OK( mp_add(m, &m2, m) ); +cleanup: + mp_clear(&p); + mp_clear(&q); + mp_clear(&d_p); + mp_clear(&d_q); + mp_clear(&qInv); + mp_clear(&m1); + mp_clear(&m2); + mp_clear(&h); + mp_clear(&ctmp); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +/* +** An attack against RSA CRT was described by Boneh, DeMillo, and Lipton in: +** "On the Importance of Eliminating Errors in Cryptographic Computations", +** http://theory.stanford.edu/~dabo/papers/faults.ps.gz +** +** As a defense against the attack, carry out the private key operation, +** followed up with a public key operation to invert the result. +** Verify that result against the input. +*/ +static SECStatus +rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c) +{ + mp_int n, e, v; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&n) = 0; + MP_DIGITS(&e) = 0; + MP_DIGITS(&v) = 0; + CHECK_MPI_OK( mp_init(&n) ); + CHECK_MPI_OK( mp_init(&e) ); + CHECK_MPI_OK( mp_init(&v) ); + CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, m, c) ); + SECITEM_TO_MPINT(key->modulus, &n); + SECITEM_TO_MPINT(key->publicExponent, &e); + /* Perform a public key operation v = m ** e mod n */ + CHECK_MPI_OK( mp_exptmod(m, &e, &n, &v) ); + if (mp_cmp(&v, c) != 0) { + rv = SECFailure; + } +cleanup: + mp_clear(&n); + mp_clear(&e); + mp_clear(&v); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +static PRCallOnceType coBPInit = { 0, 0, 0 }; +static PRStatus +init_blinding_params_list(void) +{ + blindingParamsList.lock = PZ_NewLock(nssILockOther); + if (!blindingParamsList.lock) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + return PR_FAILURE; + } + PR_INIT_CLIST(&blindingParamsList.head); + return PR_SUCCESS; +} + +static SECStatus +generate_blinding_params(struct RSABlindingParamsStr *rsabp, + RSAPrivateKey *key, mp_int *n, unsigned int modLen) +{ + SECStatus rv = SECSuccess; + mp_int e, k; + mp_err err = MP_OKAY; + unsigned char *kb = NULL; + MP_DIGITS(&e) = 0; + MP_DIGITS(&k) = 0; + CHECK_MPI_OK( mp_init(&e) ); + CHECK_MPI_OK( mp_init(&k) ); + SECITEM_TO_MPINT(key->publicExponent, &e); + /* generate random k < n */ + kb = PORT_Alloc(modLen); + if (!kb) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + goto cleanup; + } + CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(kb, modLen) ); + CHECK_MPI_OK( mp_read_unsigned_octets(&k, kb, modLen) ); + /* k < n */ + CHECK_MPI_OK( mp_mod(&k, n, &k) ); + /* f = k**e mod n */ + CHECK_MPI_OK( mp_exptmod(&k, &e, n, &rsabp->f) ); + /* g = k**-1 mod n */ + CHECK_MPI_OK( mp_invmod(&k, n, &rsabp->g) ); + /* Initialize the counter for this (f, g) */ + rsabp->counter = RSA_BLINDING_PARAMS_MAX_REUSE; +cleanup: + if (kb) + PORT_ZFree(kb, modLen); + mp_clear(&k); + mp_clear(&e); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +static SECStatus +init_blinding_params(struct RSABlindingParamsStr *rsabp, RSAPrivateKey *key, + mp_int *n, unsigned int modLen) +{ + SECStatus rv = SECSuccess; + mp_err err = MP_OKAY; + MP_DIGITS(&rsabp->f) = 0; + MP_DIGITS(&rsabp->g) = 0; + /* initialize blinding parameters */ + CHECK_MPI_OK( mp_init(&rsabp->f) ); + CHECK_MPI_OK( mp_init(&rsabp->g) ); + /* List elements are keyed using the modulus */ + SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus); + CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) ); + return SECSuccess; +cleanup: + mp_clear(&rsabp->f); + mp_clear(&rsabp->g); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +static SECStatus +get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen, + mp_int *f, mp_int *g) +{ + SECStatus rv = SECSuccess; + mp_err err = MP_OKAY; + int cmp; + PRCList *el; + struct RSABlindingParamsStr *rsabp = NULL; + /* Init the list if neccessary (the init function is only called once!) */ + if (blindingParamsList.lock == NULL) { + if (PR_CallOnce(&coBPInit, init_blinding_params_list) != PR_SUCCESS) { + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + return SECFailure; + } + } + /* Acquire the list lock */ + PZ_Lock(blindingParamsList.lock); + /* Walk the list looking for the private key */ + for (el = PR_NEXT_LINK(&blindingParamsList.head); + el != &blindingParamsList.head; + el = PR_NEXT_LINK(el)) { + rsabp = (struct RSABlindingParamsStr *)el; + cmp = SECITEM_CompareItem(&rsabp->modulus, &key->modulus); + if (cmp == 0) { + /* Check the usage counter for the parameters */ + if (--rsabp->counter <= 0) { + /* Regenerate the blinding parameters */ + CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) ); + } + /* Return the parameters */ + CHECK_MPI_OK( mp_copy(&rsabp->f, f) ); + CHECK_MPI_OK( mp_copy(&rsabp->g, g) ); + /* Now that the params are located, release the list lock. */ + PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */ + return SECSuccess; + } else if (cmp > 0) { + /* The key is not in the list. Break to param creation. */ + break; + } + } + /* At this point, the key is not in the list. el should point to the + ** list element that this key should be inserted before. NOTE: the list + ** lock is still held, so there cannot be a race condition here. + */ + rsabp = (struct RSABlindingParamsStr *) + PORT_ZAlloc(sizeof(struct RSABlindingParamsStr)); + if (!rsabp) { + PORT_SetError(SEC_ERROR_NO_MEMORY); + goto cleanup; + } + /* Initialize the list pointer for the element */ + PR_INIT_CLIST(&rsabp->link); + /* Initialize the blinding parameters + ** This ties up the list lock while doing some heavy, element-specific + ** operations, but we don't want to insert the element until it is valid, + ** which requires computing the blinding params. If this proves costly, + ** it could be done after the list lock is released, and then if it fails + ** the lock would have to be reobtained and the invalid element removed. + */ + rv = init_blinding_params(rsabp, key, n, modLen); + if (rv != SECSuccess) { + PORT_ZFree(rsabp, sizeof(struct RSABlindingParamsStr)); + goto cleanup; + } + /* Insert the new element into the list + ** If inserting in the middle of the list, el points to the link + ** to insert before. Otherwise, the link needs to be appended to + ** the end of the list, which is the same as inserting before the + ** head (since el would have looped back to the head). + */ + PR_INSERT_BEFORE(&rsabp->link, el); + /* Return the parameters */ + CHECK_MPI_OK( mp_copy(&rsabp->f, f) ); + CHECK_MPI_OK( mp_copy(&rsabp->g, g) ); + /* Release the list lock */ + PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */ + return SECSuccess; +cleanup: + /* It is possible to reach this after the lock is already released. + ** Ignore the error in that case. + */ + PZ_Unlock(blindingParamsList.lock); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return SECFailure; +} + +/* +** Perform a raw private-key operation +** Length of input and output buffers are equal to key's modulus len. +*/ +static SECStatus +rsa_PrivateKeyOp(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input, + PRBool check) +{ + unsigned int modLen; + unsigned int offset; + SECStatus rv = SECSuccess; + mp_err err; + mp_int n, c, m; + mp_int f, g; + if (!key || !output || !input) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* check input out of range (needs to be in range [0..n-1]) */ + modLen = rsa_modulusLen(&key->modulus); + offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */ + if (memcmp(input, key->modulus.data + offset, modLen) >= 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + MP_DIGITS(&n) = 0; + MP_DIGITS(&c) = 0; + MP_DIGITS(&m) = 0; + MP_DIGITS(&f) = 0; + MP_DIGITS(&g) = 0; + CHECK_MPI_OK( mp_init(&n) ); + CHECK_MPI_OK( mp_init(&c) ); + CHECK_MPI_OK( mp_init(&m) ); + CHECK_MPI_OK( mp_init(&f) ); + CHECK_MPI_OK( mp_init(&g) ); + SECITEM_TO_MPINT(key->modulus, &n); + OCTETS_TO_MPINT(input, &c, modLen); + /* If blinding, compute pre-image of ciphertext by multiplying by + ** blinding factor + */ + if (nssRSAUseBlinding) { + CHECK_SEC_OK( get_blinding_params(key, &n, modLen, &f, &g) ); + /* c' = c*f mod n */ + CHECK_MPI_OK( mp_mulmod(&c, &f, &n, &c) ); + } + /* Do the private key operation m = c**d mod n */ + if ( key->prime1.len == 0 || + key->prime2.len == 0 || + key->exponent1.len == 0 || + key->exponent2.len == 0 || + key->coefficient.len == 0) { + CHECK_SEC_OK( rsa_PrivateKeyOpNoCRT(key, &m, &c, &n, modLen) ); + } else if (check) { + CHECK_SEC_OK( rsa_PrivateKeyOpCRTCheckedPubKey(key, &m, &c) ); + } else { + CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, &m, &c) ); + } + /* If blinding, compute post-image of plaintext by multiplying by + ** blinding factor + */ + if (nssRSAUseBlinding) { + /* m = m'*g mod n */ + CHECK_MPI_OK( mp_mulmod(&m, &g, &n, &m) ); + } + err = mp_to_fixlen_octets(&m, output, modLen); + if (err >= 0) err = MP_OKAY; +cleanup: + mp_clear(&n); + mp_clear(&c); + mp_clear(&m); + mp_clear(&f); + mp_clear(&g); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +SECStatus +RSA_PrivateKeyOp(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input) +{ + return rsa_PrivateKeyOp(key, output, input, PR_FALSE); +} + +SECStatus +RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key, + unsigned char *output, + const unsigned char *input) +{ + return rsa_PrivateKeyOp(key, output, input, PR_TRUE); +} + +static SECStatus +swap_in_key_value(PRArenaPool *arena, mp_int *mpval, SECItem *buffer) +{ + int len; + mp_err err = MP_OKAY; + memset(buffer->data, 0, buffer->len); + len = mp_unsigned_octet_size(mpval); + if (len <= 0) return SECFailure; + if ((unsigned int)len <= buffer->len) { + /* The new value is no longer than the old buffer, so use it */ + err = mp_to_unsigned_octets(mpval, buffer->data, len); + buffer->len = len; + } else if (arena) { + /* The new value is longer, but working within an arena */ + (void)SECITEM_AllocItem(arena, buffer, len); + err = mp_to_unsigned_octets(mpval, buffer->data, len); + } else { + /* The new value is longer, no arena, can't handle this key */ + return SECFailure; + } + return (err == MP_OKAY) ? SECSuccess : SECFailure; +} + +SECStatus +RSA_PrivateKeyCheck(RSAPrivateKey *key) +{ + mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res; + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + MP_DIGITS(&n) = 0; + MP_DIGITS(&psub1)= 0; + MP_DIGITS(&qsub1)= 0; + MP_DIGITS(&e) = 0; + MP_DIGITS(&d) = 0; + MP_DIGITS(&d_p) = 0; + MP_DIGITS(&d_q) = 0; + MP_DIGITS(&qInv) = 0; + MP_DIGITS(&res) = 0; + CHECK_MPI_OK( mp_init(&n) ); + CHECK_MPI_OK( mp_init(&p) ); + CHECK_MPI_OK( mp_init(&q) ); + CHECK_MPI_OK( mp_init(&psub1)); + CHECK_MPI_OK( mp_init(&qsub1)); + CHECK_MPI_OK( mp_init(&e) ); + CHECK_MPI_OK( mp_init(&d) ); + CHECK_MPI_OK( mp_init(&d_p) ); + CHECK_MPI_OK( mp_init(&d_q) ); + CHECK_MPI_OK( mp_init(&qInv) ); + CHECK_MPI_OK( mp_init(&res) ); + SECITEM_TO_MPINT(key->modulus, &n); + SECITEM_TO_MPINT(key->prime1, &p); + SECITEM_TO_MPINT(key->prime2, &q); + SECITEM_TO_MPINT(key->publicExponent, &e); + SECITEM_TO_MPINT(key->privateExponent, &d); + SECITEM_TO_MPINT(key->exponent1, &d_p); + SECITEM_TO_MPINT(key->exponent2, &d_q); + SECITEM_TO_MPINT(key->coefficient, &qInv); + /* p > q */ + if (mp_cmp(&p, &q) <= 0) { + /* mind the p's and q's (and d_p's and d_q's) */ + SECItem tmp; + mp_exch(&p, &q); + tmp = key->prime1; + key->prime1 = key->prime2; + key->prime2 = tmp; + tmp = key->exponent1; + key->exponent1 = key->exponent2; + key->exponent2 = tmp; + } +#define VERIFY_MPI_EQUAL(m1, m2) \ + if (mp_cmp(m1, m2) != 0) { \ + rv = SECFailure; \ + goto cleanup; \ + } +#define VERIFY_MPI_EQUAL_1(m) \ + if (mp_cmp_d(m, 1) != 0) { \ + rv = SECFailure; \ + goto cleanup; \ + } + /* + * The following errors cannot be recovered from. + */ + /* n == p * q */ + CHECK_MPI_OK( mp_mul(&p, &q, &res) ); + VERIFY_MPI_EQUAL(&res, &n); + /* gcd(e, p-1) == 1 */ + CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) ); + CHECK_MPI_OK( mp_gcd(&e, &psub1, &res) ); + VERIFY_MPI_EQUAL_1(&res); + /* gcd(e, q-1) == 1 */ + CHECK_MPI_OK( mp_sub_d(&q, 1, &qsub1) ); + CHECK_MPI_OK( mp_gcd(&e, &qsub1, &res) ); + VERIFY_MPI_EQUAL_1(&res); + /* d*e == 1 mod p-1 */ + CHECK_MPI_OK( mp_mulmod(&d, &e, &psub1, &res) ); + VERIFY_MPI_EQUAL_1(&res); + /* d*e == 1 mod q-1 */ + CHECK_MPI_OK( mp_mulmod(&d, &e, &qsub1, &res) ); + VERIFY_MPI_EQUAL_1(&res); + /* + * The following errors can be recovered from. + */ + /* d_p == d mod p-1 */ + CHECK_MPI_OK( mp_mod(&d, &psub1, &res) ); + if (mp_cmp(&d_p, &res) != 0) { + /* swap in the correct value */ + CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent1) ); + } + /* d_q == d mod q-1 */ + CHECK_MPI_OK( mp_mod(&d, &qsub1, &res) ); + if (mp_cmp(&d_q, &res) != 0) { + /* swap in the correct value */ + CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent2) ); + } + /* q * q**-1 == 1 mod p */ + CHECK_MPI_OK( mp_mulmod(&q, &qInv, &p, &res) ); + if (mp_cmp_d(&res, 1) != 0) { + /* compute the correct value */ + CHECK_MPI_OK( mp_invmod(&q, &p, &qInv) ); + CHECK_SEC_OK( swap_in_key_value(key->arena, &qInv, &key->coefficient) ); + } +cleanup: + mp_clear(&n); + mp_clear(&p); + mp_clear(&q); + mp_clear(&psub1); + mp_clear(&qsub1); + mp_clear(&e); + mp_clear(&d); + mp_clear(&d_p); + mp_clear(&d_q); + mp_clear(&qInv); + mp_clear(&res); + if (err) { + MP_TO_SEC_ERROR(err); + rv = SECFailure; + } + return rv; +} + +/* cleanup at shutdown */ +void RSA_Cleanup(void) +{ + if (!coBPInit.initialized) + return; + + while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head)) + { + struct RSABlindingParamsStr * rsabp = (struct RSABlindingParamsStr *) + PR_LIST_HEAD(&blindingParamsList.head); + PR_REMOVE_LINK(&rsabp->link); + mp_clear(&rsabp->f); + mp_clear(&rsabp->g); + SECITEM_FreeItem(&rsabp->modulus,PR_FALSE); + PORT_Free(rsabp); + } + + if (blindingParamsList.lock) + { + PZ_DestroyLock(blindingParamsList.lock); + blindingParamsList.lock = NULL; + } + + coBPInit.initialized = 0; + coBPInit.inProgress = 0; + coBPInit.status = 0; +} + +/* + * need a central place for this function to free up all the memory that + * free_bl may have allocated along the way. Currently only RSA does this, + * so I've put it here for now. + */ +void BL_Cleanup(void) +{ + RSA_Cleanup(); +} diff --git a/security/nss/lib/freebl/secmpi.h b/security/nss/lib/freebl/secmpi.h new file mode 100644 index 000000000..cddcbb03d --- /dev/null +++ b/security/nss/lib/freebl/secmpi.h @@ -0,0 +1,57 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "mpi.h" + +#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup + +#define CHECK_MPI_OK(func) if (MP_OKAY > (err = func)) goto cleanup + +#define OCTETS_TO_MPINT(oc, mp, len) \ + CHECK_MPI_OK(mp_read_unsigned_octets((mp), oc, len)) + +#define SECITEM_TO_MPINT(it, mp) \ + CHECK_MPI_OK(mp_read_unsigned_octets((mp), (it).data, (it).len)) + +#define MPINT_TO_SECITEM(mp, it, arena) \ + SECITEM_AllocItem(arena, (it), mp_unsigned_octet_size(mp)); \ + err = mp_to_unsigned_octets(mp, (it)->data, (it)->len); \ + if (err < 0) goto cleanup; else err = MP_OKAY; + +#define MP_TO_SEC_ERROR(err) \ + switch (err) { \ + case MP_MEM: PORT_SetError(SEC_ERROR_NO_MEMORY); break; \ + case MP_RANGE: PORT_SetError(SEC_ERROR_BAD_DATA); break; \ + case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS); break; \ + default: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break; \ + } diff --git a/security/nss/lib/freebl/secrng.h b/security/nss/lib/freebl/secrng.h new file mode 100644 index 000000000..cddc7b000 --- /dev/null +++ b/security/nss/lib/freebl/secrng.h @@ -0,0 +1,82 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifndef _SECRNG_H_ +#define _SECRNG_H_ +/* + * secrng.h - public data structures and prototypes for the secure random + * number generator + * + * $Id$ + */ + +/******************************************/ +/* +** Random number generation. A cryptographically strong random number +** generator. +*/ + +#include "blapi.h" + +SEC_BEGIN_PROTOS + +/* +** The following 3 functions are provided by the security library +** but are differently implemented for the UNIX, Mac and Win +** versions +*/ + +/* +** Get the "noisiest" information available on the system. +** The amount of data returned depends on the system implementation. +** It will not exceed maxbytes, but may be (much) less. +** Returns number of noise bytes copied into buf, or zero if error. +*/ +extern size_t RNG_GetNoise(void *buf, size_t maxbytes); + +/* +** RNG_SystemInfoForRNG should be called before any use of SSL. It +** gathers up the system specific information to help seed the +** state of the global random number generator. +*/ +extern void RNG_SystemInfoForRNG(void); + +/* +** Use the contents (and stat) of a file to help seed the +** global random number generator. +*/ +extern void RNG_FileForRNG(const char *filename); + +SEC_END_PROTOS + +#endif /* _SECUTIL_H_ */ diff --git a/security/nss/lib/freebl/sha.c b/security/nss/lib/freebl/sha.c new file mode 100644 index 000000000..c8480c72c --- /dev/null +++ b/security/nss/lib/freebl/sha.c @@ -0,0 +1,160 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is SHA 180-1 Reference Implementation (Compact version) + * + * The Initial Developer of the Original Code is Paul Kocher of + * Cryptography Research. Portions created by Paul Kocher are + * Copyright (C) 1995-9 by Cryptography Research, Inc. All + * Rights Reserved. + * + * Contributor(s): + * + * Paul Kocher + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "sha.h" + +static void shaHashBlock(SHA_CTX *ctx); + +void shaInit(SHA_CTX *ctx) { + int i; + + ctx->lenW = 0; + ctx->sizeHi = ctx->sizeLo = 0; + + /* Initialize H with the magic constants (see FIPS180 for constants) + */ + ctx->H[0] = 0x67452301L; + ctx->H[1] = 0xefcdab89L; + ctx->H[2] = 0x98badcfeL; + ctx->H[3] = 0x10325476L; + ctx->H[4] = 0xc3d2e1f0L; + + for (i = 0; i < 80; i++) + ctx->W[i] = 0; +} + + +void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len) { + int i; + + /* Read the data into W and process blocks as they get full + */ + for (i = 0; i < len; i++) { + ctx->W[ctx->lenW / 4] <<= 8; + ctx->W[ctx->lenW / 4] |= (unsigned long)dataIn[i]; + if ((++ctx->lenW) % 64 == 0) { + shaHashBlock(ctx); + ctx->lenW = 0; + } + ctx->sizeLo += 8; + ctx->sizeHi += (ctx->sizeLo < 8); + } +} + + +void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]) { + unsigned char pad0x80 = 0x80; + unsigned char pad0x00 = 0x00; + unsigned char padlen[8]; + int i; + + /* Pad with a binary 1 (e.g. 0x80), then zeroes, then length + */ + padlen[0] = (unsigned char)((ctx->sizeHi >> 24) & 255); + padlen[1] = (unsigned char)((ctx->sizeHi >> 16) & 255); + padlen[2] = (unsigned char)((ctx->sizeHi >> 8) & 255); + padlen[3] = (unsigned char)((ctx->sizeHi >> 0) & 255); + padlen[4] = (unsigned char)((ctx->sizeLo >> 24) & 255); + padlen[5] = (unsigned char)((ctx->sizeLo >> 16) & 255); + padlen[6] = (unsigned char)((ctx->sizeLo >> 8) & 255); + padlen[7] = (unsigned char)((ctx->sizeLo >> 0) & 255); + shaUpdate(ctx, &pad0x80, 1); + while (ctx->lenW != 56) + shaUpdate(ctx, &pad0x00, 1); + shaUpdate(ctx, padlen, 8); + + /* Output hash + */ + for (i = 0; i < 20; i++) { + hashout[i] = (unsigned char)(ctx->H[i / 4] >> 24); + ctx->H[i / 4] <<= 8; + } + + /* + * Re-initialize the context (also zeroizes contents) + */ + shaInit(ctx); +} + + +void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) { + SHA_CTX ctx; + + shaInit(&ctx); + shaUpdate(&ctx, dataIn, len); + shaFinal(&ctx, hashout); +} + + +#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n)))) + +static void shaHashBlock(SHA_CTX *ctx) { + int t; + unsigned long A,B,C,D,E,TEMP; + + for (t = 16; t <= 79; t++) + ctx->W[t] = + SHA_ROTL(ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], 1); + + A = ctx->H[0]; + B = ctx->H[1]; + C = ctx->H[2]; + D = ctx->H[3]; + E = ctx->H[4]; + + for (t = 0; t <= 19; t++) { + TEMP = SHA_ROTL(A,5) + (((C^D)&B)^D) + E + ctx->W[t] + 0x5a827999L; + E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP; + } + for (t = 20; t <= 39; t++) { + TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0x6ed9eba1L; + E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP; + } + for (t = 40; t <= 59; t++) { + TEMP = SHA_ROTL(A,5) + ((B&C)|(D&(B|C))) + E + ctx->W[t] + 0x8f1bbcdcL; + E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP; + } + for (t = 60; t <= 79; t++) { + TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0xca62c1d6L; + E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP; + } + + ctx->H[0] += A; + ctx->H[1] += B; + ctx->H[2] += C; + ctx->H[3] += D; + ctx->H[4] += E; +} + diff --git a/security/nss/lib/freebl/sha.h b/security/nss/lib/freebl/sha.h new file mode 100644 index 000000000..0522a00b2 --- /dev/null +++ b/security/nss/lib/freebl/sha.h @@ -0,0 +1,48 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is SHA 180-1 Header File + * + * The Initial Developer of the Original Code is Paul Kocher of + * Cryptography Research. Portions created by Paul Kocher are + * Copyright (C) 1995-9 by Cryptography Research, Inc. All + * Rights Reserved. + * + * Contributor(s): + * + * Paul Kocher + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +typedef struct { + unsigned long H[5]; + unsigned long W[80]; + int lenW; + unsigned long sizeHi,sizeLo; +} SHA_CTX; + + +void shaInit(SHA_CTX *ctx); +void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len); +void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]); +void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]); + diff --git a/security/nss/lib/freebl/sha_fast.c b/security/nss/lib/freebl/sha_fast.c new file mode 100644 index 000000000..655f5c3e6 --- /dev/null +++ b/security/nss/lib/freebl/sha_fast.c @@ -0,0 +1,421 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is SHA 180-1 Reference Implementation (Optimized) + * + * The Initial Developer of the Original Code is Paul Kocher of + * Cryptography Research. Portions created by Paul Kocher are + * Copyright (C) 1995-9 by Cryptography Research, Inc. All + * Rights Reserved. + * + * Contributor(s): + * + * Paul Kocher + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ +#include <memory.h> +#include "blapi.h" +#include "sha_fast.h" +#include "prerror.h" + +#ifdef TRACING_SSL +#include "ssl.h" +#include "ssltrace.h" +#endif + +static void shaCompress(SHA1Context *ctx); + +#define W u.w +#define B u.b + +#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n)))) +#define SHA_F1(X,Y,Z) ((((Y)^(Z))&(X))^(Z)) +#define SHA_F2(X,Y,Z) ((X)^(Y)^(Z)) +#define SHA_F3(X,Y,Z) (((X)&(Y))|((Z)&((X)|(Y)))) +#define SHA_F4(X,Y,Z) ((X)^(Y)^(Z)) +#define SHA_MIX(t) ctx->W[t] = \ + (A = ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], SHA_ROTL(A, 1)) + + +/* + * SHA: Zeroize and initialize context + */ +void +SHA1_Begin(SHA1Context *ctx) +{ + memset(ctx, 0, sizeof(SHA1Context)); + + /* + * Initialize H with constants from FIPS180-1. + */ + ctx->H[0] = 0x67452301L; + ctx->H[1] = 0xefcdab89L; + ctx->H[2] = 0x98badcfeL; + ctx->H[3] = 0x10325476L; + ctx->H[4] = 0xc3d2e1f0L; + +} + + +/* + * SHA: Add data to context. + */ +void +SHA1_Update(SHA1Context *ctx, const unsigned char *dataIn, unsigned int len) +{ + register unsigned int lenB = ctx->sizeLo & 63; + register unsigned int togo; + + if (!len) + return; + + /* accumulate the byte count. */ + ctx->sizeLo += len; + ctx->sizeHi += (ctx->sizeLo < len); + + /* + * Read the data into W and process blocks as they get full + */ + if (lenB > 0) { + togo = 64 - lenB; + if (len < togo) + togo = len; + memcpy(ctx->B + lenB, dataIn, togo); + len -= togo; + dataIn += togo; + lenB = (lenB + togo) & 63; + if (!lenB) { + shaCompress(ctx); + } + } + while (len >= 64) { + memcpy(ctx->B, dataIn, 64); + dataIn += 64; + len -= 64; + shaCompress(ctx); + } + if (len) { + memcpy(ctx->B, dataIn, len); + } +} + + +/* + * SHA: Generate hash value from context + */ +void +SHA1_End(SHA1Context *ctx, unsigned char *hashout, + unsigned int *pDigestLen, unsigned int maxDigestLen) +{ + register PRUint32 sizeHi, sizeLo, lenB; + static const unsigned char bulk_pad[64] = { 0x80,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; +#define A lenB + + PORT_Assert (maxDigestLen >= SHA1_LENGTH); + + /* + * Pad with a binary 1 (e.g. 0x80), then zeroes, then length in bits + */ + sizeHi = ctx->sizeHi; + sizeLo = ctx->sizeLo; + lenB = sizeLo & 63; + SHA1_Update(ctx, bulk_pad, (((55+64) - lenB) & 63) + 1); + PORT_Assert((ctx->sizeLo & 63) == 56); + + /* Convert size{Hi,Lo} from bytes to bits. */ + sizeHi = (sizeHi << 3) | (sizeLo >> 29); + sizeLo <<= 3; + + ctx->W[14] = SHA_HTONL(sizeHi); + ctx->W[15] = SHA_HTONL(sizeLo); + shaCompress(ctx); + + /* + * Output hash + */ +#if defined(IS_LITTLE_ENDIAN) + SHA_BYTESWAP(ctx->H[0]); + SHA_BYTESWAP(ctx->H[1]); + SHA_BYTESWAP(ctx->H[2]); + SHA_BYTESWAP(ctx->H[3]); + SHA_BYTESWAP(ctx->H[4]); +#endif + memcpy(hashout, ctx->H, SHA1_LENGTH); + *pDigestLen = SHA1_LENGTH; + + /* + * Re-initialize the context (also zeroizes contents) + */ + SHA1_Begin(ctx); +} + +#undef A +#undef B +/* + * SHA: Compression function, unrolled. + */ +static void +shaCompress(SHA1Context *ctx) +{ + register PRUint32 A, B, C, D, E; + +#if defined(IS_LITTLE_ENDIAN) + SHA_BYTESWAP(ctx->W[0]); + SHA_BYTESWAP(ctx->W[1]); + SHA_BYTESWAP(ctx->W[2]); + SHA_BYTESWAP(ctx->W[3]); + SHA_BYTESWAP(ctx->W[4]); + SHA_BYTESWAP(ctx->W[5]); + SHA_BYTESWAP(ctx->W[6]); + SHA_BYTESWAP(ctx->W[7]); + SHA_BYTESWAP(ctx->W[8]); + SHA_BYTESWAP(ctx->W[9]); + SHA_BYTESWAP(ctx->W[10]); + SHA_BYTESWAP(ctx->W[11]); + SHA_BYTESWAP(ctx->W[12]); + SHA_BYTESWAP(ctx->W[13]); + SHA_BYTESWAP(ctx->W[14]); + SHA_BYTESWAP(ctx->W[15]); +#endif + + /* + * This can be moved into the main code block below, but doing + * so can cause some compilers to run out of registers and resort + * to storing intermediates in RAM. + */ + + SHA_MIX(16); SHA_MIX(17); SHA_MIX(18); SHA_MIX(19); + SHA_MIX(20); SHA_MIX(21); SHA_MIX(22); SHA_MIX(23); SHA_MIX(24); + SHA_MIX(25); SHA_MIX(26); SHA_MIX(27); SHA_MIX(28); SHA_MIX(29); + SHA_MIX(30); SHA_MIX(31); SHA_MIX(32); SHA_MIX(33); SHA_MIX(34); + SHA_MIX(35); SHA_MIX(36); SHA_MIX(37); SHA_MIX(38); SHA_MIX(39); + SHA_MIX(40); SHA_MIX(41); SHA_MIX(42); SHA_MIX(43); SHA_MIX(44); + SHA_MIX(45); SHA_MIX(46); SHA_MIX(47); SHA_MIX(48); SHA_MIX(49); + SHA_MIX(50); SHA_MIX(51); SHA_MIX(52); SHA_MIX(53); SHA_MIX(54); + SHA_MIX(55); SHA_MIX(56); SHA_MIX(57); SHA_MIX(58); SHA_MIX(59); + SHA_MIX(60); SHA_MIX(61); SHA_MIX(62); SHA_MIX(63); SHA_MIX(64); + SHA_MIX(65); SHA_MIX(66); SHA_MIX(67); SHA_MIX(68); SHA_MIX(69); + SHA_MIX(70); SHA_MIX(71); SHA_MIX(72); SHA_MIX(73); SHA_MIX(74); + SHA_MIX(75); SHA_MIX(76); SHA_MIX(77); SHA_MIX(78); SHA_MIX(79); + + A = ctx->H[0]; + B = ctx->H[1]; + C = ctx->H[2]; + D = ctx->H[3]; + E = ctx->H[4]; + + E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 0]+0x5a827999L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 1]+0x5a827999L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 2]+0x5a827999L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 3]+0x5a827999L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 4]+0x5a827999L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 5]+0x5a827999L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 6]+0x5a827999L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 7]+0x5a827999L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 8]+0x5a827999L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 9]+0x5a827999L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[10]+0x5a827999L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[11]+0x5a827999L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[12]+0x5a827999L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[13]+0x5a827999L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[14]+0x5a827999L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[15]+0x5a827999L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[16]+0x5a827999L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[17]+0x5a827999L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[18]+0x5a827999L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[19]+0x5a827999L; C=SHA_ROTL(C,30); + + E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[20]+0x6ed9eba1L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[21]+0x6ed9eba1L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[22]+0x6ed9eba1L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[23]+0x6ed9eba1L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[24]+0x6ed9eba1L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[25]+0x6ed9eba1L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[26]+0x6ed9eba1L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[27]+0x6ed9eba1L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[28]+0x6ed9eba1L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[29]+0x6ed9eba1L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[30]+0x6ed9eba1L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[31]+0x6ed9eba1L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[32]+0x6ed9eba1L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[33]+0x6ed9eba1L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[34]+0x6ed9eba1L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[35]+0x6ed9eba1L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[36]+0x6ed9eba1L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[37]+0x6ed9eba1L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[38]+0x6ed9eba1L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[39]+0x6ed9eba1L; C=SHA_ROTL(C,30); + + E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[40]+0x8f1bbcdcL; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[41]+0x8f1bbcdcL; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[42]+0x8f1bbcdcL; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[43]+0x8f1bbcdcL; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[44]+0x8f1bbcdcL; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[45]+0x8f1bbcdcL; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[46]+0x8f1bbcdcL; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[47]+0x8f1bbcdcL; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[48]+0x8f1bbcdcL; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[49]+0x8f1bbcdcL; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[50]+0x8f1bbcdcL; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[51]+0x8f1bbcdcL; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[52]+0x8f1bbcdcL; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[53]+0x8f1bbcdcL; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[54]+0x8f1bbcdcL; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[55]+0x8f1bbcdcL; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[56]+0x8f1bbcdcL; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[57]+0x8f1bbcdcL; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[58]+0x8f1bbcdcL; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[59]+0x8f1bbcdcL; C=SHA_ROTL(C,30); + + E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[60]+0xca62c1d6L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[61]+0xca62c1d6L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[62]+0xca62c1d6L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[63]+0xca62c1d6L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[64]+0xca62c1d6L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[65]+0xca62c1d6L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[66]+0xca62c1d6L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[67]+0xca62c1d6L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[68]+0xca62c1d6L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[69]+0xca62c1d6L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[70]+0xca62c1d6L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[71]+0xca62c1d6L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[72]+0xca62c1d6L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[73]+0xca62c1d6L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[74]+0xca62c1d6L; C=SHA_ROTL(C,30); + E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[75]+0xca62c1d6L; B=SHA_ROTL(B,30); + D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[76]+0xca62c1d6L; A=SHA_ROTL(A,30); + C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[77]+0xca62c1d6L; E=SHA_ROTL(E,30); + B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[78]+0xca62c1d6L; D=SHA_ROTL(D,30); + A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[79]+0xca62c1d6L; C=SHA_ROTL(C,30); + + ctx->H[0] += A; + ctx->H[1] += B; + ctx->H[2] += C; + ctx->H[3] += D; + ctx->H[4] += E; +} + +/************************************************************************* +** Code below this line added to make SHA code support BLAPI interface +*/ + +SHA1Context * +SHA1_NewContext(void) +{ + SHA1Context *cx; + + cx = PORT_ZNew(SHA1Context); + return cx; +} + +void +SHA1_DestroyContext(SHA1Context *cx, PRBool freeit) +{ + if (freeit) { + PORT_ZFree(cx, sizeof(SHA1Context)); + } +} + +SECStatus +SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) +{ + SHA1Context ctx; + unsigned int outLen; + + SHA1_Begin(&ctx); + SHA1_Update(&ctx, src, src_length); + SHA1_End(&ctx, dest, &outLen, SHA1_LENGTH); + + return SECSuccess; +} + +/* Hash a null-terminated character string. */ +SECStatus +SHA1_Hash(unsigned char *dest, const char *src) +{ + return SHA1_HashBuf(dest, (const unsigned char *)src, PORT_Strlen (src)); +} + +/* + * need to support save/restore state in pkcs11. Stores all the info necessary + * for a structure into just a stream of bytes. + */ +unsigned int +SHA1_FlattenSize(SHA1Context *cx) +{ + return sizeof(SHA1Context); +} + +SECStatus +SHA1_Flatten(SHA1Context *cx,unsigned char *space) +{ + PORT_Memcpy(space,cx, sizeof(SHA1Context)); + return SECSuccess; +} + +SHA1Context * +SHA1_Resurrect(unsigned char *space,void *arg) +{ + SHA1Context *cx = SHA1_NewContext(); + if (cx == NULL) return NULL; + + PORT_Memcpy(cx,space, sizeof(SHA1Context)); + return cx; +} + +void +SHA1_TraceState(SHA1Context *ctx) +{ +#ifdef TRACING_SSL + uint32 W; + int i; + int len; + int fixWord = -1; + int remainder; /* bytes in last word */ + unsigned char buf[64 * 4]; + + SSL_TRC(99, ("%d: SSL: SHA1 state: %08x %08x %08x %08x %08x", SSL_GETPID(), + ctx->H[0], ctx->H[1], ctx->H[2], ctx->H[3], ctx->H[4])); + + len = (int)(ctx->sizeLo & 63); + remainder = len % 4; + if (remainder) + fixWord = len - remainder; + for (i = 0; i < len; i++) { + if (0 == (i % 4)) { + W = ctx->W[i / 4]; + if (i == fixWord) { + W <<= 8 * (4 - remainder); + } + } + buf[i] = (unsigned char)(W >> 24); + W <<= 8; + } + + PRINT_BUF(99, (0, "SHA1_TraceState: buffered input", buf, len)); + +#else + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); +#endif +} diff --git a/security/nss/lib/freebl/sha_fast.h b/security/nss/lib/freebl/sha_fast.h new file mode 100644 index 000000000..d371f9332 --- /dev/null +++ b/security/nss/lib/freebl/sha_fast.h @@ -0,0 +1,59 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is SHA 180-1 Reference Implementation (Optimized) + * + * The Initial Developer of the Original Code is Paul Kocher of + * Cryptography Research. Portions created by Paul Kocher are + * Copyright (C) 1995-9 by Cryptography Research, Inc. All + * Rights Reserved. + * + * Contributor(s): + * + * Paul Kocher + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifndef _SHA_FAST_H_ +#define _SHA_FAST_H_ + +#define SHA1_INPUT_LEN 64 + +struct SHA1ContextStr { + union { + PRUint32 w[80]; /* input buffer, plus 64 words */ + PRUint8 b[320]; + } u; + PRUint32 H[5]; /* 5 state variables */ + PRUint32 sizeHi,sizeLo; /* 64-bit count of hashed bytes. */ +}; + +#define SHA_MASK 0x00FF00FF +#if defined(IS_LITTLE_ENDIAN) +#define SHA_HTONL(x) (A = (x), A = (A << 16) | (A >> 16), \ + ((A & SHA_MASK) << 8) | ((A >> 8) & SHA_MASK)) +#else +#define SHA_HTONL(x) (x) +#endif +#define SHA_BYTESWAP(x) x = SHA_HTONL(x) + +#endif /* _SHA_FAST_H_ */ diff --git a/security/nss/lib/freebl/sparcfix.c b/security/nss/lib/freebl/sparcfix.c new file mode 100644 index 000000000..6ebc41cf0 --- /dev/null +++ b/security/nss/lib/freebl/sparcfix.c @@ -0,0 +1,95 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is a program to modify v8+vis objects for linking. + * + * The Initial Developer of the Original Code is Sun Microsystems Inc. + * Portions created by Sun Microsystems Inc. are + * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved. + * + * Contributor(s): + * Netscape Communications Corporation + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + * $Id$ + */ +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#if defined(SOLARIS2_6) || defined(SOLARIS2_7) || defined(SOLARIS2_8) +#define NEW_SYSV_SPARC 1 +#include <gelf.h> +#endif +#include <libelf.h> +#include <sys/elf_SPARC.h> + +int +main(int argc, char *argv[]) +{ + Elf * elf; + off_t size; + int fd; + int count; +#if defined(NEW_SYSV_SPARC) + GElf_Ehdr hdr; + GElf_Ehdr *ehdr = &hdr; +#else + Elf32_Ehdr *ehdr; +#endif + + + elf_version(EV_CURRENT); + fd = open(argv[1], O_RDWR); + if (fd < 0) + goto loser; + elf = elf_begin(fd, ELF_C_RDWR, (Elf *)0); + if (!elf) + goto loser; + +#if defined(NEW_SYSV_SPARC) + gelf_getehdr(elf, ehdr); +#else + ehdr = elf32_getehdr(elf); + if (!ehdr) + goto loser; +#endif + + if (ehdr->e_machine == EM_SPARC32PLUS) { + ehdr->e_machine = EM_SPARC; + ehdr->e_flags &= ~(EF_SPARC_32PLUS | EF_SPARC_SUN_US1); +#if defined(NEW_SYSV_SPARC) + count = gelf_update_ehdr(elf, ehdr); + if (count < 0) + goto loser; +#endif + size = elf_update(elf, ELF_C_WRITE); + if (size < 0) + goto loser; + } + + do { + count = elf_end(elf); + } while (count > 0); + return count; + +loser: + return 1; +} diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c new file mode 100644 index 000000000..410ab9cc7 --- /dev/null +++ b/security/nss/lib/freebl/sysrand.c @@ -0,0 +1,46 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "seccomon.h" +#if defined(XP_UNIX) || defined(XP_BEOS) +#include "unix_rand.c" +#endif +#ifdef XP_WIN +#include "win_rand.c" +#endif +#ifdef XP_MAC +#include "mac_rand.c" +#endif +#ifdef XP_OS2 +#include "os2_rand.c" +#endif diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c new file mode 100644 index 000000000..aa64c8866 --- /dev/null +++ b/security/nss/lib/freebl/unix_rand.c @@ -0,0 +1,976 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include <stdio.h> +#include <string.h> +#include <signal.h> +#include <unistd.h> +#include <errno.h> +#include <stdlib.h> +#include <sys/time.h> +#include <sys/wait.h> +#include <sys/stat.h> +#include <assert.h> +#include "secrng.h" + +size_t RNG_FileUpdate(const char *fileName, size_t limit); + +/* + * When copying data to the buffer we want the least signicant bytes + * from the input since those bits are changing the fastest. The address + * of least significant byte depends upon whether we are running on + * a big-endian or little-endian machine. + * + * Does this mean the least signicant bytes are the most significant + * to us? :-) + */ + +static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen) +{ + union endianness { + int32 i; + char c[4]; + } u; + + if (srclen <= dstlen) { + memcpy(dst, src, srclen); + return srclen; + } + u.i = 0x01020304; + if (u.c[0] == 0x01) { + /* big-endian case */ + memcpy(dst, (char*)src + (srclen - dstlen), dstlen); + } else { + /* little-endian case */ + memcpy(dst, src, dstlen); + } + return dstlen; +} + +#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) \ + || defined(NETBSD) || defined(NTO) || defined(DARWIN) +#include <sys/times.h> + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + int ticks; + struct tms buffer; + + ticks=times(&buffer); + return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks)); +} + +static void +GiveSystemInfo(void) +{ + long si; + + /* + * Is this really necessary? Why not use rand48 or something? + */ + si = sysconf(_SC_CHILD_MAX); + RNG_RandomUpdate(&si, sizeof(si)); + + si = sysconf(_SC_STREAM_MAX); + RNG_RandomUpdate(&si, sizeof(si)); + + si = sysconf(_SC_OPEN_MAX); + RNG_RandomUpdate(&si, sizeof(si)); +} +#endif + +#if defined(__sun) +#if defined(__svr4) || defined(SVR4) +#include <sys/systeminfo.h> +#include <sys/times.h> +#include <wait.h> + +int gettimeofday(struct timeval *); +int gethostname(char *, int); + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[2000]; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + hrtime_t t; + t = gethrtime(); + if (t) { + return CopyLowBits(buf, maxbytes, &t, sizeof(t)); + } + return 0; +} +#else /* SunOS (Sun, but not SVR4) */ + +extern long sysconf(int name); + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + long si; + + /* This is not very good */ + si = sysconf(_SC_CHILD_MAX); + RNG_RandomUpdate(&si, sizeof(si)); +} +#endif +#endif /* Sun */ + +#if defined(__hpux) +#include <sys/unistd.h> + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + extern int ret_cr16(); + int cr16val; + + cr16val = ret_cr16(); + return CopyLowBits(buf, maxbytes, &cr16val, sizeof(cr16val)); +} + +static void +GiveSystemInfo(void) +{ + long si; + + /* This is not very good */ + si = sysconf(_AES_OS_VERSION); + RNG_RandomUpdate(&si, sizeof(si)); + si = sysconf(_SC_CPU_VERSION); + RNG_RandomUpdate(&si, sizeof(si)); +} +#endif /* HPUX */ + +#if defined(OSF1) +#include <sys/types.h> +#include <sys/sysinfo.h> +#include <sys/systeminfo.h> +#include <c_asm.h> + +static void +GiveSystemInfo(void) +{ + char buf[BUFSIZ]; + int rv; + int off = 0; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} + +/* + * Use the "get the cycle counter" instruction on the alpha. + * The low 32 bits completely turn over in less than a minute. + * The high 32 bits are some non-counter gunk that changes sometimes. + */ +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + unsigned long t; + + t = asm("rpcc %v0"); + return CopyLowBits(buf, maxbytes, &t, sizeof(t)); +} + +#endif /* Alpha */ + +#if defined(_IBMR2) +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + /* XXX haven't found any yet! */ +} +#endif /* IBM R2 */ + +#if defined(LINUX) +#include <linux/kernel.h> + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + /* XXX sysinfo() does not seem be implemented anywhwere */ +#if 0 + struct sysinfo si; + char hn[2000]; + if (sysinfo(&si) == 0) { + RNG_RandomUpdate(&si, sizeof(si)); + } +#endif +} +#endif /* LINUX */ + +#if defined(NCR) + +#include <sys/utsname.h> +#include <sys/systeminfo.h> + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[2000]; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} + +#endif /* NCR */ + + +#if defined(sgi) +#include <fcntl.h> +#undef PRIVATE +#include <sys/mman.h> +#include <sys/syssgi.h> +#include <sys/immu.h> +#include <sys/systeminfo.h> +#include <sys/utsname.h> +#include <wait.h> + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[4096]; + + rv = syssgi(SGI_SYSID, &buf[0]); + if (rv > 0) { + RNG_RandomUpdate(buf, MAXSYSIDSIZE); + } +#ifdef SGI_RDUBLK + rv = syssgi(SGI_RDUBLK, getpid(), &buf[0], sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, sizeof(buf)); + } +#endif /* SGI_RDUBLK */ + rv = syssgi(SGI_INVENT, SGI_INV_READ, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, sizeof(buf)); + } + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} + +static size_t GetHighResClock(void *buf, size_t maxbuf) +{ + unsigned phys_addr, raddr, cycleval; + static volatile unsigned *iotimer_addr = NULL; + static int tries = 0; + static int cntr_size; + int mfd; + long s0[2]; + struct timeval tv; + +#ifndef SGI_CYCLECNTR_SIZE +#define SGI_CYCLECNTR_SIZE 165 /* Size user needs to use to read CC */ +#endif + + if (iotimer_addr == NULL) { + if (tries++ > 1) { + /* Don't keep trying if it didn't work */ + return 0; + } + + /* + ** For SGI machines we can use the cycle counter, if it has one, + ** to generate some truly random numbers + */ + phys_addr = syssgi(SGI_QUERY_CYCLECNTR, &cycleval); + if (phys_addr) { + int pgsz = getpagesize(); + int pgoffmask = pgsz - 1; + + raddr = phys_addr & ~pgoffmask; + mfd = open("/dev/mmem", O_RDONLY); + if (mfd < 0) { + return 0; + } + iotimer_addr = (unsigned *) + mmap(0, pgoffmask, PROT_READ, MAP_PRIVATE, mfd, (int)raddr); + if (iotimer_addr == (void*)-1) { + close(mfd); + iotimer_addr = NULL; + return 0; + } + iotimer_addr = (unsigned*) + ((__psint_t)iotimer_addr | (phys_addr & pgoffmask)); + /* + * The file 'mfd' is purposefully not closed. + */ + cntr_size = syssgi(SGI_CYCLECNTR_SIZE); + if (cntr_size < 0) { + struct utsname utsinfo; + + /* + * We must be executing on a 6.0 or earlier system, since the + * SGI_CYCLECNTR_SIZE call is not supported. + * + * The only pre-6.1 platforms with 64-bit counters are + * IP19 and IP21 (Challenge, PowerChallenge, Onyx). + */ + uname(&utsinfo); + if (!strncmp(utsinfo.machine, "IP19", 4) || + !strncmp(utsinfo.machine, "IP21", 4)) + cntr_size = 64; + else + cntr_size = 32; + } + cntr_size /= 8; /* Convert from bits to bytes */ + } + } + + s0[0] = *iotimer_addr; + if (cntr_size > 4) + s0[1] = *(iotimer_addr + 1); + memcpy(buf, (char *)&s0[0], cntr_size); + return CopyLowBits(buf, maxbuf, &s0, cntr_size); +} +#endif + +#if defined(sony) +#include <sys/systeminfo.h> + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[2000]; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} +#endif /* sony */ + +#if defined(sinix) +#include <sys/systeminfo.h> +#include <sys/times.h> + +int gettimeofday(struct timeval *, struct timezone *); +int gethostname(char *, int); + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + int ticks; + struct tms buffer; + + ticks=times(&buffer); + return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks)); +} + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[2000]; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} +#endif /* sinix */ + +#if defined(VMS) +#include <c_asm.h> + +static void +GiveSystemInfo(void) +{ + long si; + + /* + * This is copied from the SCO/UNIXWARE etc section. And like the comment + * there says, what's the point? This isn't random, it generates the same + * stuff every time its run! + */ + si = sysconf(_SC_CHILD_MAX); + RNG_RandomUpdate(&si, sizeof(si)); + + si = sysconf(_SC_STREAM_MAX); + RNG_RandomUpdate(&si, sizeof(si)); + + si = sysconf(_SC_OPEN_MAX); + RNG_RandomUpdate(&si, sizeof(si)); +} + +/* + * Use the "get the cycle counter" instruction on the alpha. + * The low 32 bits completely turn over in less than a minute. + * The high 32 bits are some non-counter gunk that changes sometimes. + */ +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + unsigned long t; + + t = asm("rpcc %v0"); + return CopyLowBits(buf, maxbytes, &t, sizeof(t)); +} + +#endif /* VMS */ + +#ifdef BEOS +#include <be/kernel/OS.h> + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + bigtime_t bigtime; /* Actually an int64 */ + + bigtime = real_time_clock_usecs(); + return CopyLowBits(buf, maxbytes, &bigtime, sizeof(bigtime)); +} + +static void +GiveSystemInfo(void) +{ + system_info *info = NULL; + int32 val; + get_system_info(info); + if (info) { + val = info->boot_time; + RNG_RandomUpdate(&val, sizeof(val)); + val = info->used_pages; + RNG_RandomUpdate(&val, sizeof(val)); + val = info->used_ports; + RNG_RandomUpdate(&val, sizeof(val)); + val = info->used_threads; + RNG_RandomUpdate(&val, sizeof(val)); + val = info->used_teams; + RNG_RandomUpdate(&val, sizeof(val)); + } +} +#endif /* BEOS */ + +#if defined(nec_ews) +#include <sys/systeminfo.h> + +#define getdtablesize() sysconf(_SC_OPEN_MAX) + +static size_t +GetHighResClock(void *buf, size_t maxbytes) +{ + return 0; +} + +static void +GiveSystemInfo(void) +{ + int rv; + char buf[2000]; + + rv = sysinfo(SI_MACHINE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_RELEASE, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } + rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf)); + if (rv > 0) { + RNG_RandomUpdate(buf, rv); + } +} +#endif /* nec_ews */ + +size_t RNG_GetNoise(void *buf, size_t maxbytes) +{ + struct timeval tv; + int n = 0; + int c; + + n = GetHighResClock(buf, maxbytes); + maxbytes -= n; + +#if defined(__sun) && (defined(_svr4) || defined(SVR4)) || defined(sony) + (void)gettimeofday(&tv); +#else + (void)gettimeofday(&tv, 0); +#endif + c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_usec, sizeof(tv.tv_usec)); + n += c; + maxbytes -= c; + c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_sec, sizeof(tv.tv_sec)); + n += c; + return n; +} + +#define SAFE_POPEN_MAXARGS 10 /* must be at least 2 */ + +/* + * safe_popen is static to this module and we know what arguments it is + * called with. Note that this version only supports a single open child + * process at any time. + */ +static pid_t safe_popen_pid; +static struct sigaction oldact; + +static FILE * +safe_popen(char *cmd) +{ + int p[2], fd, argc; + pid_t pid; + char *argv[SAFE_POPEN_MAXARGS + 1]; + FILE *fp; + static char blank[] = " \t"; + static struct sigaction newact; + + if (pipe(p) < 0) + return 0; + + /* Setup signals so that SIGCHLD is ignored as we want to do waitpid */ + newact.sa_handler = SIG_DFL; + newact.sa_flags = 0; + sigfillset(&newact.sa_mask); + sigaction (SIGCHLD, &newact, &oldact); + + pid = fork(); + switch (pid) { + case -1: + close(p[0]); + close(p[1]); + sigaction (SIGCHLD, &oldact, NULL); + return 0; + + case 0: + /* dup write-side of pipe to stderr and stdout */ + if (p[1] != 1) dup2(p[1], 1); + if (p[1] != 2) dup2(p[1], 2); + close(0); + for (fd = getdtablesize(); --fd > 2; close(fd)) + ; + + /* clean up environment in the child process */ + putenv("PATH=/bin:/usr/bin:/sbin:/usr/sbin:/etc:/usr/etc"); + putenv("SHELL=/bin/sh"); + putenv("IFS= \t"); + + /* + * The caller may have passed us a string that is in text + * space. It may be illegal to modify the string + */ + cmd = strdup(cmd); + /* format argv */ + argv[0] = strtok(cmd, blank); + argc = 1; + while ((argv[argc] = strtok(0, blank)) != 0) { + if (++argc == SAFE_POPEN_MAXARGS) { + argv[argc] = 0; + break; + } + } + + /* and away we go */ + execvp(argv[0], argv); + exit(127); + break; + + default: + close(p[1]); + fp = fdopen(p[0], "r"); + if (fp == 0) { + close(p[0]); + sigaction (SIGCHLD, &oldact, NULL); + return 0; + } + break; + } + + /* non-zero means there's a cmd running */ + safe_popen_pid = pid; + return fp; +} + +static int +safe_pclose(FILE *fp) +{ + pid_t pid; + int count, status; + + if ((pid = safe_popen_pid) == 0) + return -1; + safe_popen_pid = 0; + + /* if the child hasn't exited, kill it -- we're done with its output */ + count = 0; + while (waitpid(pid, &status, WNOHANG) == 0) { + if (kill(pid, SIGKILL) < 0 && errno == ESRCH) + break; + if (++count == 1000) + break; + } + + /* Reset SIGCHLD signal hander before returning */ + sigaction(SIGCHLD, &oldact, NULL); + + fclose(fp); + return status; +} + + +#if !defined(VMS) + +#ifdef DARWIN +#include <crt_externs.h> +#endif + +void RNG_SystemInfoForRNG(void) +{ + FILE *fp; + char buf[BUFSIZ]; + size_t bytes; + const char * const *cp; + char *randfile; +#ifdef DARWIN + char **environ = *_NSGetEnviron(); +#else + extern char **environ; +#endif +#ifdef BEOS + static const char * const files[] = { + "/boot/var/swap", + "/boot/var/log/syslog", + "/boot/var/tmp", + "/boot/home/config/settings", + "/boot/home", + 0 + }; +#else + static const char * const files[] = { + "/etc/passwd", + "/etc/utmp", + "/tmp", + "/var/tmp", + "/usr/tmp", + 0 + }; +#endif + +#ifdef DO_PS +For now it is considered that it is too expensive to run the ps command +for the small amount of entropy it provides. +#if defined(__sun) && (!defined(__svr4) && !defined(SVR4)) || defined(bsdi) || defined(LINUX) + static char ps_cmd[] = "ps aux"; +#else + static char ps_cmd[] = "ps -el"; +#endif +#endif /* DO_PS */ +#if defined(BSDI) + static char netstat_ni_cmd[] = "netstat -nis"; +#else + static char netstat_ni_cmd[] = "netstat -ni"; +#endif + + GiveSystemInfo(); + + bytes = RNG_GetNoise(buf, sizeof(buf)); + RNG_RandomUpdate(buf, bytes); + + /* + * Pass the C environment and the addresses of the pointers to the + * hash function. This makes the random number function depend on the + * execution environment of the user and on the platform the program + * is running on. + */ + cp = (const char * const *)environ; + while (*cp) { + RNG_RandomUpdate(*cp, strlen(*cp)); + cp++; + } + RNG_RandomUpdate(environ, (char*)cp - (char*)environ); + + /* Give in system information */ + if (gethostname(buf, sizeof(buf)) > 0) { + RNG_RandomUpdate(buf, strlen(buf)); + } + GiveSystemInfo(); + + /* grab some data from system's PRNG before any other files. */ + bytes = RNG_FileUpdate("/dev/urandom", 1024); + + /* If the user points us to a random file, pass it through the rng */ + randfile = getenv("NSRANDFILE"); + if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) { + RNG_FileForRNG(randfile); + } + + /* pass other files through */ + for (cp = files; *cp; cp++) + RNG_FileForRNG(*cp); + +/* + * Bug 100447: On BSD/OS 4.2 and 4.3, we have problem calling safe_popen + * in a pthreads environment. Therefore, we call safe_popen last and on + * BSD/OS we do not call safe_popen when we succeeded in getting data + * from /dev/urandom. + */ + +#ifdef BSDI + if (bytes) + return; +#endif + +#ifdef DO_PS + fp = safe_popen(ps_cmd); + if (fp != NULL) { + while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0) + RNG_RandomUpdate(buf, bytes); + safe_pclose(fp); + } +#endif + fp = safe_popen(netstat_ni_cmd); + if (fp != NULL) { + while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0) + RNG_RandomUpdate(buf, bytes); + safe_pclose(fp); + } + +} +#else +void RNG_SystemInfoForRNG(void) +{ + FILE *fp; + char buf[BUFSIZ]; + size_t bytes; + int extra; + char **cp; + extern char **environ; + char *randfile; + + GiveSystemInfo(); + + bytes = RNG_GetNoise(buf, sizeof(buf)); + RNG_RandomUpdate(buf, bytes); + + /* + * Pass the C environment and the addresses of the pointers to the + * hash function. This makes the random number function depend on the + * execution environment of the user and on the platform the program + * is running on. + */ + cp = environ; + while (*cp) { + RNG_RandomUpdate(*cp, strlen(*cp)); + cp++; + } + RNG_RandomUpdate(environ, (char*)cp - (char*)environ); + + /* Give in system information */ + if (gethostname(buf, sizeof(buf)) > 0) { + RNG_RandomUpdate(buf, strlen(buf)); + } + GiveSystemInfo(); + + /* If the user points us to a random file, pass it through the rng */ + randfile = getenv("NSRANDFILE"); + if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) { + RNG_FileForRNG(randfile); + } + + /* + ** We need to generate at least 1024 bytes of seed data. Since we don't + ** do the file stuff for VMS, and because the environ list is so short + ** on VMS, we need to make sure we generate enough. So do another 1000 + ** bytes to be sure. + */ + extra = 1000; + while (extra > 0) { + cp = environ; + while (*cp) { + int n = strlen(*cp); + RNG_RandomUpdate(*cp, n); + extra -= n; + cp++; + } + } +} +#endif + +#define TOTAL_FILE_LIMIT 1000000 /* one million */ + +size_t RNG_FileUpdate(const char *fileName, size_t limit) +{ + FILE * file; + size_t bytes; + size_t fileBytes = 0; + struct stat stat_buf; + unsigned char buffer[BUFSIZ]; + static size_t totalFileBytes = 0; + + if (stat((char *)fileName, &stat_buf) < 0) + return fileBytes; + RNG_RandomUpdate(&stat_buf, sizeof(stat_buf)); + + file = fopen((char *)fileName, "r"); + if (file != NULL) { + while (limit > fileBytes) { + bytes = PR_MIN(sizeof buffer, limit - fileBytes); + bytes = fread(buffer, 1, bytes, file); + if (bytes == 0) + break; + RNG_RandomUpdate(buffer, bytes); + fileBytes += bytes; + totalFileBytes += bytes; + /* after TOTAL_FILE_LIMIT has been reached, only read in first + ** buffer of data from each subsequent file. + */ + if (totalFileBytes > TOTAL_FILE_LIMIT) + break; + } + fclose(file); + } + /* + * Pass yet another snapshot of our highest resolution clock into + * the hash function. + */ + bytes = RNG_GetNoise(buffer, sizeof(buffer)); + RNG_RandomUpdate(buffer, bytes); + return fileBytes; +} + +void RNG_FileForRNG(const char *fileName) +{ + RNG_FileUpdate(fileName, TOTAL_FILE_LIMIT); +} diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c new file mode 100644 index 000000000..dc16b19b7 --- /dev/null +++ b/security/nss/lib/freebl/win_rand.c @@ -0,0 +1,415 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#include "secrng.h" +#ifdef XP_WIN +#include <windows.h> +#include <time.h> +#include <io.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> + +#ifndef _WIN32 +#define VTD_Device_ID 5 +#define OP_OVERRIDE _asm _emit 0x66 +#include <dos.h> +#endif + +static BOOL +CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow) +{ +#ifdef _WIN32 + LARGE_INTEGER liCount; + + if (!QueryPerformanceCounter(&liCount)) + return FALSE; + + *lpdwHigh = liCount.u.HighPart; + *lpdwLow = liCount.u.LowPart; + return TRUE; + +#else /* is WIN16 */ + BOOL bRetVal; + FARPROC lpAPI; + WORD w1, w2, w3, w4; + + // Get direct access to the VTD and query the current clock tick time + _asm { + xor di, di + mov es, di + mov ax, 1684h + mov bx, VTD_Device_ID + int 2fh + mov ax, es + or ax, di + jz EnumerateFailed + + ; VTD API is available. First store the API address (the address actually + ; contains an instruction that causes a fault, the fault handler then + ; makes the ring transition and calls the API in the VxD) + mov word ptr lpAPI, di + mov word ptr lpAPI+2, es + mov ax, 100h ; API function to VTD_Get_Real_Time +; call dword ptr [lpAPI] + call [lpAPI] + + ; Result is in EDX:EAX which we will get 16-bits at a time + mov w2, dx + OP_OVERRIDE + shr dx,10h ; really "shr edx, 16" + mov w1, dx + + mov w4, ax + OP_OVERRIDE + shr ax,10h ; really "shr eax, 16" + mov w3, ax + + mov bRetVal, 1 ; return TRUE + jmp EnumerateExit + + EnumerateFailed: + mov bRetVal, 0 ; return FALSE + + EnumerateExit: + } + + *lpdwHigh = MAKELONG(w2, w1); + *lpdwLow = MAKELONG(w4, w3); + + return bRetVal; +#endif /* is WIN16 */ +} + +size_t RNG_GetNoise(void *buf, size_t maxbuf) +{ + DWORD dwHigh, dwLow, dwVal; + int n = 0; + int nBytes; + time_t sTime; + + if (maxbuf <= 0) + return 0; + + CurrentClockTickTime(&dwHigh, &dwLow); + + // get the maximally changing bits first + nBytes = sizeof(dwLow) > maxbuf ? maxbuf : sizeof(dwLow); + memcpy((char *)buf, &dwLow, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + nBytes = sizeof(dwHigh) > maxbuf ? maxbuf : sizeof(dwHigh); + memcpy(((char *)buf) + n, &dwHigh, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + // get the number of milliseconds that have elapsed since Windows started + dwVal = GetTickCount(); + + nBytes = sizeof(dwVal) > maxbuf ? maxbuf : sizeof(dwVal); + memcpy(((char *)buf) + n, &dwVal, nBytes); + n += nBytes; + maxbuf -= nBytes; + + if (maxbuf <= 0) + return n; + + // get the time in seconds since midnight Jan 1, 1970 + time(&sTime); + nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime); + memcpy(((char *)buf) + n, &sTime, nBytes); + n += nBytes; + + return n; +} + +static BOOL +EnumSystemFiles(void (*func)(const char *)) +{ + int iStatus; + char szSysDir[_MAX_PATH]; + char szFileName[_MAX_PATH]; +#ifdef _WIN32 + struct _finddata_t fdData; + long lFindHandle; +#else + struct _find_t fdData; +#endif + + if (!GetSystemDirectory(szSysDir, sizeof(szSysDir))) + return FALSE; + + // tack *.* on the end so we actually look for files. this will + // not overflow + strcpy(szFileName, szSysDir); + strcat(szFileName, "\\*.*"); + +#ifdef _WIN32 + lFindHandle = _findfirst(szFileName, &fdData); + if (lFindHandle == -1) + return FALSE; +#else + if (_dos_findfirst(szFileName, _A_NORMAL | _A_RDONLY | _A_ARCH | _A_SUBDIR, &fdData) != 0) + return FALSE; +#endif + + do { + // pass the full pathname to the callback + sprintf(szFileName, "%s\\%s", szSysDir, fdData.name); + (*func)(szFileName); + +#ifdef _WIN32 + iStatus = _findnext(lFindHandle, &fdData); +#else + iStatus = _dos_findnext(&fdData); +#endif + } while (iStatus == 0); + +#ifdef _WIN32 + _findclose(lFindHandle); +#endif + + return TRUE; +} + +static DWORD dwNumFiles, dwReadEvery; + +static void +CountFiles(const char *file) +{ + dwNumFiles++; +} + +static void +ReadFiles(const char *file) +{ + if ((dwNumFiles % dwReadEvery) == 0) + RNG_FileForRNG(file); + + dwNumFiles++; +} + +static void +ReadSystemFiles() +{ + // first count the number of files + dwNumFiles = 0; + if (!EnumSystemFiles(CountFiles)) + return; + + RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles)); + + // now read 10 files + if (dwNumFiles == 0) + return; + + dwReadEvery = dwNumFiles / 10; + if (dwReadEvery == 0) + dwReadEvery = 1; // less than 10 files + + dwNumFiles = 0; + EnumSystemFiles(ReadFiles); +} + +void RNG_SystemInfoForRNG(void) +{ + DWORD dwVal; + char buffer[256]; + int nBytes; +#ifdef _WIN32 + MEMORYSTATUS sMem; + DWORD dwSerialNum; + DWORD dwComponentLen; + DWORD dwSysFlags; + char volName[128]; + DWORD dwSectors, dwBytes, dwFreeClusters, dwNumClusters; + HANDLE hVal; +#else + int iVal; + HTASK hTask; + WORD wDS, wCS; + LPSTR lpszEnv; +#endif + + nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes + RNG_RandomUpdate(buffer, nBytes); + +#ifdef _WIN32 + sMem.dwLength = sizeof(sMem); + GlobalMemoryStatus(&sMem); // assorted memory stats + RNG_RandomUpdate(&sMem, sizeof(sMem)); + + dwVal = GetLogicalDrives(); + RNG_RandomUpdate(&dwVal, sizeof(dwVal)); // bitfields in bits 0-25 + +#else + dwVal = GetFreeSpace(0); + RNG_RandomUpdate(&dwVal, sizeof(dwVal)); + + _asm mov wDS, ds; + _asm mov wCS, cs; + RNG_RandomUpdate(&wDS, sizeof(wDS)); + RNG_RandomUpdate(&wCS, sizeof(wCS)); +#endif + +#ifdef _WIN32 + dwVal = sizeof(buffer); + if (GetComputerName(buffer, &dwVal)) + RNG_RandomUpdate(buffer, dwVal); + +/* XXX This is code that got yanked because of NSPR20. We should put it + * back someday. + */ +#ifdef notdef + { + POINT ptVal; + GetCursorPos(&ptVal); + RNG_RandomUpdate(&ptVal, sizeof(ptVal)); + } + + dwVal = GetQueueStatus(QS_ALLINPUT); // high and low significant + RNG_RandomUpdate(&dwVal, sizeof(dwVal)); + + { + HWND hWnd; + hWnd = GetClipboardOwner(); // 2 or 4 bytes + RNG_RandomUpdate((void *)&hWnd, sizeof(hWnd)); + } + + { + UUID sUuid; + UuidCreate(&sUuid); // this will fail on machines with no ethernet + RNG_RandomUpdate(&sUuid, sizeof(sUuid)); // boards. shove the bits in regardless + } +#endif + + hVal = GetCurrentProcess(); // 4 byte handle of current task + RNG_RandomUpdate(&hVal, sizeof(hVal)); + + dwVal = GetCurrentProcessId(); // process ID (4 bytes) + RNG_RandomUpdate(&dwVal, sizeof(dwVal)); + + volName[0] = '\0'; + buffer[0] = '\0'; + GetVolumeInformation(NULL, + volName, + sizeof(volName), + &dwSerialNum, + &dwComponentLen, + &dwSysFlags, + buffer, + sizeof(buffer)); + + RNG_RandomUpdate(volName, strlen(volName)); + RNG_RandomUpdate(&dwSerialNum, sizeof(dwSerialNum)); + RNG_RandomUpdate(&dwComponentLen, sizeof(dwComponentLen)); + RNG_RandomUpdate(&dwSysFlags, sizeof(dwSysFlags)); + RNG_RandomUpdate(buffer, strlen(buffer)); + + if (GetDiskFreeSpace(NULL, &dwSectors, &dwBytes, &dwFreeClusters, &dwNumClusters)) { + RNG_RandomUpdate(&dwSectors, sizeof(dwSectors)); + RNG_RandomUpdate(&dwBytes, sizeof(dwBytes)); + RNG_RandomUpdate(&dwFreeClusters, sizeof(dwFreeClusters)); + RNG_RandomUpdate(&dwNumClusters, sizeof(dwNumClusters)); + } + +#else /* is WIN16 */ + hTask = GetCurrentTask(); + RNG_RandomUpdate((void *)&hTask, sizeof(hTask)); + + iVal = GetNumTasks(); + RNG_RandomUpdate(&iVal, sizeof(iVal)); // number of running tasks + + lpszEnv = GetDOSEnvironment(); + while (*lpszEnv != '\0') { + RNG_RandomUpdate(lpszEnv, strlen(lpszEnv)); + + lpszEnv += strlen(lpszEnv) + 1; + } +#endif /* is WIN16 */ + + // now let's do some files + ReadSystemFiles(); + + nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes + RNG_RandomUpdate(buffer, nBytes); +} + +void RNG_FileForRNG(const char *filename) +{ + FILE* file; + int nBytes; + struct stat stat_buf; + unsigned char buffer[1024]; + + static DWORD totalFileBytes = 0; + + /* windows doesn't initialize all the bytes in the stat buf, + * so initialize them all here to avoid UMRs. + */ + memset(&stat_buf, 0, sizeof stat_buf); + + if (stat((char *)filename, &stat_buf) < 0) + return; + + RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf)); + + file = fopen((char *)filename, "r"); + if (file != NULL) { + for (;;) { + size_t bytes = fread(buffer, 1, sizeof(buffer), file); + + if (bytes == 0) + break; + + RNG_RandomUpdate(buffer, bytes); + totalFileBytes += bytes; + if (totalFileBytes > 250000) + break; + } + + fclose(file); + } + + nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes + RNG_RandomUpdate(buffer, nBytes); +} + +#endif /* is XP_WIN */ |