Linux/lib/crypto/mpi/mpi-pow.c

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 // SPDX-License-Identifier: GPL-2.0-or-later 1 2 /* mpi-pow.c - MPI functions 3 * Copyright (C) 1994, 1996, 1998, 2000 F 4 * 5 * This file is part of GnuPG. 6 * 7 * Note: This code is heavily based on the GNU 8 * Actually it's the same code with only 9 * way the data is stored; this is to su 10 * of an optional secure memory allocati 11 * to avoid revealing of sensitive data 12 * The GNU MP Library itself is publishe 13 * however I decided to publish this cod 14 */ 15 16 #include <linux/sched.h> 17 #include <linux/string.h> 18 #include "mpi-internal.h" 19 #include "longlong.h" 20 21 /**************** 22 * RES = BASE ^ EXP mod MOD 23 */ 24 int mpi_powm(MPI res, MPI base, MPI exp, MPI m 25 { 26 mpi_ptr_t mp_marker = NULL, bp_marker 27 struct karatsuba_ctx karactx = {}; 28 mpi_ptr_t xp_marker = NULL; 29 mpi_ptr_t tspace = NULL; 30 mpi_ptr_t rp, ep, mp, bp; 31 mpi_size_t esize, msize, bsize, rsize; 32 int msign, bsign, rsign; 33 mpi_size_t size; 34 int mod_shift_cnt; 35 int negative_result; 36 int assign_rp = 0; 37 mpi_size_t tsize = 0; /* to avoid co 38 /* fixme: we should check that the war 39 int rc = -ENOMEM; 40 41 esize = exp->nlimbs; 42 msize = mod->nlimbs; 43 size = 2 * msize; 44 msign = mod->sign; 45 46 rp = res->d; 47 ep = exp->d; 48 49 if (!msize) 50 return -EINVAL; 51 52 if (!esize) { 53 /* Exponent is zero, result is 54 * depending on if MOD equals 55 res->nlimbs = (msize == 1 && m 56 if (res->nlimbs) { 57 if (mpi_resize(res, 1) 58 goto enomem; 59 rp = res->d; 60 rp[0] = 1; 61 } 62 res->sign = 0; 63 goto leave; 64 } 65 66 /* Normalize MOD (i.e. make its most s 67 * mpn_divrem. This will make the int 68 * slightly larger, but the correct re 69 * reduction using the original MOD va 70 mp = mp_marker = mpi_alloc_limb_space( 71 if (!mp) 72 goto enomem; 73 mod_shift_cnt = count_leading_zeros(mo 74 if (mod_shift_cnt) 75 mpihelp_lshift(mp, mod->d, msi 76 else 77 MPN_COPY(mp, mod->d, msize); 78 79 bsize = base->nlimbs; 80 bsign = base->sign; 81 if (bsize > msize) { /* The base is 82 /* Allocate (BSIZE + 1) with s 83 * (The quotient is (bsize - m 84 bp = bp_marker = mpi_alloc_lim 85 if (!bp) 86 goto enomem; 87 MPN_COPY(bp, base->d, bsize); 88 /* We don't care about the quo 89 * at BP + MSIZE. */ 90 mpihelp_divrem(bp + msize, 0, 91 bsize = msize; 92 /* Canonicalize the base, sinc 93 * quite a few times. */ 94 MPN_NORMALIZE(bp, bsize); 95 } else 96 bp = base->d; 97 98 if (!bsize) { 99 res->nlimbs = 0; 100 res->sign = 0; 101 goto leave; 102 } 103 104 if (res->alloced < size) { 105 /* We have to allocate more sp 106 * parameters are identical to 107 * space. */ 108 if (rp == ep || rp == mp || rp 109 rp = mpi_alloc_limb_sp 110 if (!rp) 111 goto enomem; 112 assign_rp = 1; 113 } else { 114 if (mpi_resize(res, si 115 goto enomem; 116 rp = res->d; 117 } 118 } else { /* Make BASE, 119 if (rp == bp) { 120 /* RES and BASE are id 121 BUG_ON(bp_marker); 122 bp = bp_marker = mpi_a 123 if (!bp) 124 goto enomem; 125 MPN_COPY(bp, rp, bsize 126 } 127 if (rp == ep) { 128 /* RES and EXP are ide 129 ep = ep_marker = mpi_a 130 if (!ep) 131 goto enomem; 132 MPN_COPY(ep, rp, esize 133 } 134 if (rp == mp) { 135 /* RES and MOD are ide 136 BUG_ON(mp_marker); 137 mp = mp_marker = mpi_a 138 if (!mp) 139 goto enomem; 140 MPN_COPY(mp, rp, msize 141 } 142 } 143 144 MPN_COPY(rp, bp, bsize); 145 rsize = bsize; 146 rsign = bsign; 147 148 { 149 mpi_size_t i; 150 mpi_ptr_t xp; 151 int c; 152 mpi_limb_t e; 153 mpi_limb_t carry_limb; 154 155 xp = xp_marker = mpi_alloc_lim 156 if (!xp) 157 goto enomem; 158 159 negative_result = (ep[0] & 1) 160 161 i = esize - 1; 162 e = ep[i]; 163 c = count_leading_zeros(e); 164 e = (e << c) << 1; /* shi 165 c = BITS_PER_MPI_LIMB - 1 - c; 166 167 /* Main loop. 168 * 169 * Make the result be pointed 170 * helps us avoid block copyin 171 * with the overlap restrictio 172 * the result after this loop 173 * by RP (==RES->d), and with 174 * pointed to by XP. 175 */ 176 177 for (;;) { 178 while (c) { 179 mpi_size_t xsi 180 181 /*if (mpihelp_ 182 if (rsize < KA 183 mpih_s 184 else { 185 if (!t 186 187 188 189 190 191 } else 192 193 194 195 196 197 198 } 199 mpih_s 200 } 201 202 xsize = 2 * rs 203 if (xsize > ms 204 mpihel 205 206 xsize 207 } 208 209 swap(rp, xp); 210 rsize = xsize; 211 212 if ((mpi_limb_ 213 /*mpih 214 if (bs 215 216 217 218 219 220 } else 221 222 223 224 225 } 226 227 xsize 228 if (xs 229 230 231 232 233 } 234 235 swap(r 236 rsize 237 } 238 e <<= 1; 239 c--; 240 cond_resched() 241 } 242 243 i--; 244 if (i < 0) 245 break; 246 e = ep[i]; 247 c = BITS_PER_MPI_LIMB; 248 } 249 250 /* We shifted MOD, the modulo 251 * steps. Adjust the result b 252 * 253 * Also make sure the result i 254 * might be, see above). 255 */ 256 if (mod_shift_cnt) { 257 carry_limb = 258 mpihelp_lshift(res 259 rp = res->d; 260 if (carry_limb) { 261 rp[rsize] = ca 262 rsize++; 263 } 264 } else { 265 MPN_COPY(res->d, rp, r 266 rp = res->d; 267 } 268 269 if (rsize >= msize) { 270 mpihelp_divrem(rp + ms 271 rsize = msize; 272 } 273 274 /* Remove any leading zero wor 275 if (mod_shift_cnt) 276 mpihelp_rshift(rp, rp, 277 MPN_NORMALIZE(rp, rsize); 278 } 279 280 if (negative_result && rsize) { 281 if (mod_shift_cnt) 282 mpihelp_rshift(mp, mp, 283 mpihelp_sub(rp, mp, msize, rp, 284 rsize = msize; 285 rsign = msign; 286 MPN_NORMALIZE(rp, rsize); 287 } 288 res->nlimbs = rsize; 289 res->sign = rsign; 290 291 leave: 292 rc = 0; 293 enomem: 294 mpihelp_release_karatsuba_ctx(&karactx 295 if (assign_rp) 296 mpi_assign_limb_space(res, rp, 297 if (mp_marker) 298 mpi_free_limb_space(mp_marker) 299 if (bp_marker) 300 mpi_free_limb_space(bp_marker) 301 if (ep_marker) 302 mpi_free_limb_space(ep_marker) 303 if (xp_marker) 304 mpi_free_limb_space(xp_marker) 305 if (tspace) 306 mpi_free_limb_space(tspace); 307 return rc; 308 } 309 EXPORT_SYMBOL_GPL(mpi_powm); 310

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/lib/crypto/mpi/mpi-pow.c

Diff markup

Differences between /lib/crypto/mpi/mpi-pow.c (Version linux-6.12-rc7) and /lib/crypto/mpi/mpi-pow.c (Version linux-4.11.12)

TOMOYO Linux Cross Reference Linux/lib/crypto/mpi/mpi-pow.c

Diff markup

Differences between /lib/crypto/mpi/mpi-pow.c (Version linux-6.12-rc7) and /lib/crypto/mpi/mpi-pow.c (Version linux-4.11.12)

TOMOYO Linux Cross Reference
Linux/lib/crypto/mpi/mpi-pow.c