diff options
| author | Andy Polyakov <appro@openssl.org> | 2018-07-06 15:13:15 +0200 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2018-07-12 14:52:57 +0200 |
| commit | 71883868ea5b33416ae8283bcc38dd2d97e5006b (patch) | |
| tree | e86cd1d7f051b4381b5a9ef4cb93ecc09dad3b57 /crypto/bn/bn_lcl.h | |
| parent | 305b68f1a2b6d4d0aa07a6ab47ac372f067a40bb (diff) | |
| download | openssl-new-71883868ea5b33416ae8283bcc38dd2d97e5006b.tar.gz | |
bn/bn_{mont|exp}.c: switch to zero-padded intermediate vectors.
Note that exported functions maintain original behaviour, so that
external callers won't observe difference. While internally we can
now perform Montogomery multiplication on fixed-length vectors, fixed
at modulus size. The new functions, bn_to_mont_fixed_top and
bn_mul_mont_fixed_top, are declared in bn_int.h, because one can use
them even outside bn, e.g. in RSA, DSA, ECDSA...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
(Merged from https://github.com/openssl/openssl/pull/6662)
Diffstat (limited to 'crypto/bn/bn_lcl.h')
| -rw-r--r-- | crypto/bn/bn_lcl.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index b658a9516b..0d3a8bfd5d 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -229,7 +229,8 @@ struct bignum_st { /* Used for montgomery multiplication */ struct bn_mont_ctx_st { int ri; /* number of bits in R */ - BIGNUM RR; /* used to convert to montgomery form */ + BIGNUM RR; /* used to convert to montgomery form, + possibly zero-padded */ BIGNUM N; /* The modulus */ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only * stored for bignum algorithm) */ |