| /external/boringssl/src/crypto/fipsmodule/bn/ |
| D | shift.c | 78 nw = n / BN_BITS2; in BN_lshift()
82 lb = n % BN_BITS2; in BN_lshift()
83 rb = BN_BITS2 - lb; in BN_lshift()
126 c = t >> (BN_BITS2 - 1); in BN_lshift1()
138 unsigned shift_bits = shift % BN_BITS2; in bn_rshift_words()
139 size_t shift_words = shift / BN_BITS2; in bn_rshift_words()
149 (a[i] >> shift_bits) | (a[i + 1] << (BN_BITS2 - shift_bits)); in bn_rshift_words()
184 unsigned max_bits = BN_BITS2 * r->width; in bn_rshift_secret_shift()
205 r[i] = (a[i] >> 1) | (a[i + 1] << (BN_BITS2 - 1)); in bn_rshift1_words()
226 int i = n / BN_BITS2; in BN_set_bit()
[all …]
|
| D | bn.c | 189 #if BN_BITS2 > 32 in BN_num_bits_word()
195 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
205 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
211 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
217 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
223 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
229 mask = (0u - (mask >> (BN_BITS2 - 1))); in BN_num_bits_word()
241 return (width - 1) * BN_BITS2 + BN_num_bits_word(bn->d[width - 1]); in BN_num_bits()
273 #if BN_BITS2 == 64 in BN_set_u64()
275 #elif BN_BITS2 == 32 in BN_set_u64()
[all …]
|
| D | montgomery_inv.c | 32 #define LG_LITTLE_R (BN_MONT_CTX_N0_LIMBS * BN_BITS2)
76 n_mod_r |= (uint64_t)n->d[1] << BN_BITS2; in bn_mont_n0()
119 #if BN_BITS2 == 64 && defined(BN_ULLONG) in bn_neg_inv_mod_r_u64()
156 #if BN_BITS2 == 64 && defined(BN_ULLONG) in bn_neg_inv_mod_r_u64()
|
| D | random.c | 144 if (bits > INT_MAX - (BN_BITS2 - 1)) { in BN_rand()
149 int words = (bits + BN_BITS2 - 1) / BN_BITS2; in BN_rand()
150 int bit = (bits - 1) % BN_BITS2; in BN_rand()
153 BN_ULONG mask = bit < BN_BITS2 - 1 ? (kOne << (bit + 1)) - 1 : BN_MASK2; in BN_rand()
164 rnd->d[words - 2] |= kOne << (BN_BITS2 - 1); in BN_rand()
|
| D | div.c | 79 assert((i == BN_BITS2) || (h <= (BN_ULONG)1 << i)); in bn_div_words()
81 i = BN_BITS2 - i; in bn_div_words()
88 h = (h << i) | (l >> (BN_BITS2 - i)); in bn_div_words()
170 BN_ULLONG n = (((BN_ULLONG)n0) << BN_BITS2) | n1; in bn_div_rem_words()
237 norm_shift = BN_BITS2 - (BN_num_bits(divisor) % BN_BITS2); in BN_div()
243 norm_shift += BN_BITS2; in BN_div()
327 if (t2 <= ((((BN_ULLONG)rm) << BN_BITS2) | wnump[-2])) { in BN_div()
503 for (int bit = BN_BITS2 - 1; bit >= 0; bit--) { in bn_div_consttime()
752 j = BN_BITS2 - BN_num_bits_word(w); in BN_div_word()
803 ret = (BN_ULLONG)(((ret << (BN_ULLONG)BN_BITS2) | a->d[i]) % (BN_ULLONG)w); in BN_mod_word()
[all …]
|
| D | montgomery.c | 201 mont->n0[1] = (BN_ULONG)(n0 >> BN_BITS2); in bn_mont_ctx_set_N_and_n0()
227 unsigned lgBigR = mont->N.width * BN_BITS2; in BN_MONT_CTX_set()
252 unsigned lgBigR = mont->N.width * BN_BITS2; in BN_MONT_CTX_new_consttime()
367 if (n->width > 0 && (n->d[n->width - 1] >> (BN_BITS2 - 1)) != 0) { in bn_one_to_montgomery()
427 if (num >= (128 / BN_BITS2) && in BN_mod_mul_montgomery()
481 if (num >= (128 / BN_BITS2)) { in bn_mod_mul_montgomery_small()
|
| D | div_extra.c | 77 #if BN_BITS2 == 32 in bn_mod_u16_consttime()
79 #elif BN_BITS2 == 64 in bn_mod_u16_consttime()
|
| D | gcd_extra.c | 38 a[num - 1] |= carry << (BN_BITS2-1); in maybe_rshift1_words_carry()
75 unsigned x_bits = x->width * BN_BITS2, y_bits = y->width * BN_BITS2; in bn_gcd_consttime()
242 unsigned a_bits = a_width * BN_BITS2, n_bits = n_width * BN_BITS2; in bn_mod_inverse_consttime()
|
| D | internal.h | 151 #define BN_BITS2 64 in OPENSSL_MSVC_PRAGMA() macro
167 #define BN_BITS2 32 in OPENSSL_MSVC_PRAGMA()
211 #define Hw(t) ((BN_ULONG)((t) >> BN_BITS2)) in OPENSSL_MSVC_PRAGMA()
|
| D | generic.c | 216 ll >>= BN_BITS2; in bn_add_words()
219 ll >>= BN_BITS2; in bn_add_words()
222 ll >>= BN_BITS2; in bn_add_words()
225 ll >>= BN_BITS2; in bn_add_words()
234 ll >>= BN_BITS2; in bn_add_words()
|
| D | prime.c | 394 if (n->width * BN_BITS2 > 1024) { in num_trial_division_primes()
955 char is_single_word = bits <= BN_BITS2; in probable_prime()
970 if (bits == BN_BITS2) { in probable_prime()
|
| D | bn_test.cc | 2061 for (unsigned i = 1; i < BN_BITS2; i++) { in TEST_F()
2066 for (unsigned i = 0; i < BN_BITS2; i++) { in TEST_F()
2078 const unsigned num_bits = buf[0] % (BN_BITS2 + 1); in TEST_F()
2079 if (num_bits == BN_BITS2) { in TEST_F()
2080 w |= kOne << (BN_BITS2 - 1); in TEST_F()
2095 static const BN_ULONG kTestVectors[][256 / BN_BITS2] = { in TEST_F()
2322 for (int i = 0; i < BN_BITS2; i++) { in TEST_F()
2339 ASSERT_TRUE(BN_lshift(bn.get(), bn.get(), BN_BITS2 * 5)); in TEST_F()
2340 EXPECT_EQ(i + BN_BITS2 * 5, BN_count_low_zero_bits(bn.get())); in TEST_F()
2342 EXPECT_EQ(i + BN_BITS2 * 5, BN_count_low_zero_bits(bn.get())); in TEST_F()
[all …]
|
| D | exponentiation.c | 738 unsigned bits = BN_num_bits_word(p[num_p - 1]) + (num_p - 1) * BN_BITS2; in bn_mod_exp_mont_small()
928 int max_bits = p->width * BN_BITS2; in BN_mod_exp_mont_consttime()
1000 assert(powerbuf != NULL || top * BN_BITS2 > 1024); in BN_mod_exp_mont_consttime()
|
| /external/boringssl/src/crypto/bn_extra/ |
| D | convert.c | 99 for (int j = BN_BITS2 - 8; j >= 0; j -= 8) { in BN_bn2hex()
352 for (j = BN_BITS2 - 4; j >= 0; j -= 4) { in BN_print()
|
| /external/boringssl/src/crypto/fipsmodule/ec/ |
| D | p256-x86_64.h | 44 #define P256_LIMBS (256 / BN_BITS2)
|
| D | p256-x86_64.c | 115 in >>= BN_BITS2 - 1; in is_not_zero()
|
| /external/boringssl/src/include/openssl/ |
| D | bn.h | 152 #define BN_BITS2 64 macro
159 #define BN_BITS2 32
|
| /external/boringssl/src/third_party/fiat/ |
| D | p256.c | 111 256 / 8 == sizeof(BN_ULONG) * ((256 + BN_BITS2 - 1) / BN_BITS2), in fe_to_generic()
|
| /external/boringssl/src/crypto/fipsmodule/rsa/ |
| D | rsa_impl.c | 957 if (bits < 128 || (bits % BN_BITS2) != 0) { in generate_prime()
1149 int sqrt2_bits = kBoringSSLRSASqrtTwoLen * BN_BITS2; in rsa_generate_key_impl()
|
| /external/boringssl/src/crypto/rsa_extra/ |
| D | rsa_test.cc | 1029 size_t bits = kBoringSSLRSASqrtTwoLen * BN_BITS2; in TEST()
|