139 void BN_MONT_CTX_free(BN_MONT_CTX *mont) {  in BN_MONT_CTX_free()  argument
140   if (mont == NULL) {  in BN_MONT_CTX_free()
144   BN_free(&mont->RR);  in BN_MONT_CTX_free()
145   BN_free(&mont->N);  in BN_MONT_CTX_free()
146   OPENSSL_free(mont);  in BN_MONT_CTX_free()
163 static int bn_mont_ctx_set_N_and_n0(BN_MONT_CTX *mont, const BIGNUM *mod) {  in bn_mont_ctx_set_N_and_n0()  argument
178   if (!BN_copy(&mont->N, mod)) {  in bn_mont_ctx_set_N_and_n0()
185   bn_set_minimal_width(&mont->N);  in bn_mont_ctx_set_N_and_n0()
198   uint64_t n0 = bn_mont_n0(&mont->N);  in bn_mont_ctx_set_N_and_n0()
199   mont->n0[0] = (BN_ULONG)n0;  in bn_mont_ctx_set_N_and_n0()
201   mont->n0[1] = (BN_ULONG)(n0 >> BN_BITS2);  in bn_mont_ctx_set_N_and_n0()
203   mont->n0[1] = 0;  in bn_mont_ctx_set_N_and_n0()
208 int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) {  in BN_MONT_CTX_set()  argument
209   if (!bn_mont_ctx_set_N_and_n0(mont, mod)) {  in BN_MONT_CTX_set()
227   unsigned lgBigR = mont->N.width * BN_BITS2;  in BN_MONT_CTX_set()
228   BN_zero(&mont->RR);  in BN_MONT_CTX_set()
229   int ok = BN_set_bit(&mont->RR, lgBigR * 2) &&  in BN_MONT_CTX_set()
230            BN_mod(&mont->RR, &mont->RR, &mont->N, ctx) &&  in BN_MONT_CTX_set()
231            bn_resize_words(&mont->RR, mont->N.width);  in BN_MONT_CTX_set()
237   BN_MONT_CTX *mont = BN_MONT_CTX_new();  in BN_MONT_CTX_new_for_modulus()  local
238   if (mont == NULL ||  in BN_MONT_CTX_new_for_modulus()
239       !BN_MONT_CTX_set(mont, mod, ctx)) {  in BN_MONT_CTX_new_for_modulus()
240     BN_MONT_CTX_free(mont);  in BN_MONT_CTX_new_for_modulus()
243   return mont;  in BN_MONT_CTX_new_for_modulus()
247   BN_MONT_CTX *mont = BN_MONT_CTX_new();  in BN_MONT_CTX_new_consttime()  local
248   if (mont == NULL ||  in BN_MONT_CTX_new_consttime()
249       !bn_mont_ctx_set_N_and_n0(mont, mod)) {  in BN_MONT_CTX_new_consttime()
252   unsigned lgBigR = mont->N.width * BN_BITS2;  in BN_MONT_CTX_new_consttime()
253   if (!bn_mod_exp_base_2_consttime(&mont->RR, lgBigR * 2, &mont->N, ctx) ||  in BN_MONT_CTX_new_consttime()
254       !bn_resize_words(&mont->RR, mont->N.width)) {  in BN_MONT_CTX_new_consttime()
257   return mont;  in BN_MONT_CTX_new_consttime()
260   BN_MONT_CTX_free(mont);  in BN_MONT_CTX_new_consttime()
283 int BN_to_montgomery(BIGNUM *ret, const BIGNUM *a, const BN_MONT_CTX *mont,  in BN_to_montgomery()  argument
285   return BN_mod_mul_montgomery(ret, a, &mont->RR, mont, ctx);  in BN_to_montgomery()
289                                        size_t num_a, const BN_MONT_CTX *mont) {  in bn_from_montgomery_in_place()  argument
290   const BN_ULONG *n = mont->N.d;  in bn_from_montgomery_in_place()
291   size_t num_n = mont->N.width;  in bn_from_montgomery_in_place()
300   BN_ULONG n0 = mont->n0[0];  in bn_from_montgomery_in_place()
320                                    const BN_MONT_CTX *mont) {  in BN_from_montgomery_word()  argument
326   const BIGNUM *n = &mont->N;  in BN_from_montgomery_word()
340   return bn_from_montgomery_in_place(ret->d, ret->width, r->d, r->width, mont);  in BN_from_montgomery_word()
343 int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, const BN_MONT_CTX *mont,  in BN_from_montgomery()  argument
355   ret = BN_from_montgomery_word(r, t, mont);  in BN_from_montgomery()
363 int bn_one_to_montgomery(BIGNUM *r, const BN_MONT_CTX *mont, BN_CTX *ctx) {  in bn_one_to_montgomery()  argument
366   const BIGNUM *n = &mont->N;  in bn_one_to_montgomery()
380   return BN_from_montgomery(r, &mont->RR, mont, ctx);  in bn_one_to_montgomery()
385                                           const BN_MONT_CTX *mont,  in bn_mod_mul_montgomery_fallback()  argument
406   if (!BN_from_montgomery_word(r, tmp, mont)) {  in bn_mod_mul_montgomery_fallback()
418                           const BN_MONT_CTX *mont, BN_CTX *ctx) {  in BN_mod_mul_montgomery()  argument
426   int num = mont->N.width;  in BN_mod_mul_montgomery()
433     if (!bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {  in BN_mod_mul_montgomery()
445   return bn_mod_mul_montgomery_fallback(r, a, b, mont, ctx);  in BN_mod_mul_montgomery()
448 int bn_less_than_montgomery_R(const BIGNUM *bn, const BN_MONT_CTX *mont) {  in bn_less_than_montgomery_R()  argument
450          bn_fits_in_words(bn, mont->N.width);  in bn_less_than_montgomery_R()
454                             const BN_MONT_CTX *mont) {  in bn_to_montgomery_small()  argument
455   bn_mod_mul_montgomery_small(r, a, mont->RR.d, num, mont);  in bn_to_montgomery_small()
459                               const BN_MONT_CTX *mont) {  in bn_from_montgomery_small()  argument
460   if (num != (size_t)mont->N.width || num > BN_SMALL_MAX_WORDS) {  in bn_from_montgomery_small()
466   if (!bn_from_montgomery_in_place(r, num, tmp, 2 * num, mont)) {  in bn_from_montgomery_small()
474                                  const BN_MONT_CTX *mont) {  in bn_mod_mul_montgomery_small()  argument
475   if (num != (size_t)mont->N.width || num > BN_SMALL_MAX_WORDS) {  in bn_mod_mul_montgomery_small()
482     if (!bn_mul_mont(r, a, b, mont->N.d, mont->n0, num)) {  in bn_mod_mul_montgomery_small()
498   if (!bn_from_montgomery_in_place(r, num, tmp, 2 * num, mont)) {  in bn_mod_mul_montgomery_small()