Botan 3.8.1
Crypto and TLS for C&
big_ops2.cpp
Go to the documentation of this file.
1/*
2* (C) 1999-2007,2018 Jack Lloyd
3* 2016 Matthias Gierlings
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/bigint.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/mp_core.h>
12#include <algorithm>
13
14namespace Botan {
15
16BigInt& BigInt::add(const word y[], size_t y_words, Sign y_sign) {
17 const size_t x_sw = sig_words();
18
19 grow_to(std::max(x_sw, y_words) + 1);
20
21 if(sign() == y_sign) {
22 bigint_add2(mutable_data(), size() - 1, y, y_words);
23 } else {
24 const int32_t relative_size = bigint_cmp(_data(), x_sw, y, y_words);
25
26 if(relative_size >= 0) {
27 // *this >= y
28 bigint_sub2(mutable_data(), x_sw, y, y_words);
29 } else {
30 // *this < y
31 bigint_sub2_rev(mutable_data(), y, y_words);
32 }
33
34 //this->sign_fixup(relative_size, y_sign);
35 if(relative_size < 0) {
36 set_sign(y_sign);
37 } else if(relative_size == 0) {
38 set_sign(Positive);
39 }
40 }
41
42 return (*this);
43}
44
45BigInt& BigInt::mod_add(const BigInt& s, const BigInt& mod, secure_vector<word>& ws) {
46 if(this->is_negative() || s.is_negative() || mod.is_negative()) {
47 throw Invalid_Argument("BigInt::mod_add expects all arguments are positive");
48 }
49
50 BOTAN_DEBUG_ASSERT(*this < mod);
51 BOTAN_DEBUG_ASSERT(s < mod);
52
53 /*
54 t + s or t + s - p == t - (p - s)
55
56 So first compute ws = p - s
57
58 Then compute t + s and t - ws
59
60 If t - ws does not borrow, then that is the correct valued
61 */
62
63 const size_t mod_sw = mod.sig_words();
64 BOTAN_ARG_CHECK(mod_sw > 0, "BigInt::mod_add modulus must be positive");
65
66 this->grow_to(mod_sw);
67 s.grow_to(mod_sw);
68
69 // First mod_sw for p - s, 2*mod_sw for bigint_addsub workspace
70 if(ws.size() < 3 * mod_sw) {
71 ws.resize(3 * mod_sw);
72 }
73
74 word borrow = bigint_sub3(&ws[0], mod._data(), mod_sw, s._data(), mod_sw);
75 BOTAN_DEBUG_ASSERT(borrow == 0);
76 BOTAN_UNUSED(borrow);
77
78 // Compute t - ws
79 borrow = bigint_sub3(&ws[mod_sw], this->_data(), mod_sw, &ws[0], mod_sw);
80
81 // Compute t + s
82 bigint_add3_nc(&ws[mod_sw * 2], this->_data(), mod_sw, s._data(), mod_sw);
83
84 CT::conditional_copy_mem(borrow, &ws[0], &ws[mod_sw * 2], &ws[mod_sw], mod_sw);
85 set_words(&ws[0], mod_sw);
86
87 return (*this);
88}
89
90BigInt& BigInt::mod_sub(const BigInt& s, const BigInt& mod, secure_vector<word>& ws) {
91 if(this->is_negative() || s.is_negative() || mod.is_negative()) {
92 throw Invalid_Argument("BigInt::mod_sub expects all arguments are positive");
93 }
94
95 // We are assuming in this function that *this and s are no more than mod_sw words long
96 BOTAN_DEBUG_ASSERT(*this < mod);
97 BOTAN_DEBUG_ASSERT(s < mod);
98
99 const size_t mod_sw = mod.sig_words();
100
101 this->grow_to(mod_sw);
102 s.grow_to(mod_sw);
103
104 if(ws.size() < mod_sw) {
105 ws.resize(mod_sw);
106 }
107
108 bigint_mod_sub(mutable_data(), s._data(), mod._data(), mod_sw, ws.data());
109
110 return (*this);
111}
112
113BigInt& BigInt::mod_mul(uint8_t y, const BigInt& mod, secure_vector<word>& ws) {
114 BOTAN_ARG_CHECK(this->is_negative() == false, "*this must be positive");
115 BOTAN_ARG_CHECK(y < 16, "y too large");
116
117 BOTAN_DEBUG_ASSERT(*this < mod);
118
119 *this *= static_cast<word>(y);
120 this->reduce_below(mod, ws);
121 return (*this);
122}
123
124BigInt& BigInt::rev_sub(const word y[], size_t y_sw, secure_vector<word>& ws) {
125 if(this->sign() != BigInt::Positive) {
126 throw Invalid_State("BigInt::sub_rev requires this is positive");
127 }
128
129 const size_t x_sw = this->sig_words();
130
131 ws.resize(std::max(x_sw, y_sw));
132 clear_mem(ws.data(), ws.size());
133
134 const int32_t relative_size = bigint_sub_abs(ws.data(), _data(), x_sw, y, y_sw);
135
136 this->cond_flip_sign(relative_size > 0);
137 this->swap_reg(ws);
138
139 return (*this);
140}
141
142/*
143* Multiplication Operator
144*/
145BigInt& BigInt::operator*=(const BigInt& y) {
146 secure_vector<word> ws;
147 return this->mul(y, ws);
148}
149
150BigInt& BigInt::mul(const BigInt& y, secure_vector<word>& ws) {
151 const size_t x_sw = sig_words();
152 const size_t y_sw = y.sig_words();
153 set_sign((sign() == y.sign()) ? Positive : Negative);
154
155 if(x_sw == 0 || y_sw == 0) {
156 clear();
157 set_sign(Positive);
158 } else if(x_sw == 1 && y_sw) {
159 grow_to(y_sw + 1);
160 bigint_linmul3(mutable_data(), y._data(), y_sw, word_at(0));
161 } else if(y_sw == 1 && x_sw) {
162 word carry = bigint_linmul2(mutable_data(), x_sw, y.word_at(0));
163 set_word_at(x_sw, carry);
164 } else {
165 const size_t new_size = x_sw + y_sw + 1;
166 if(ws.size() < new_size) {
167 ws.resize(new_size);
168 }
169 secure_vector<word> z_reg(new_size);
170
171 bigint_mul(z_reg.data(), z_reg.size(), _data(), size(), x_sw, y._data(), y.size(), y_sw, ws.data(), ws.size());
172
173 this->swap_reg(z_reg);
174 }
175
176 return (*this);
177}
178
179BigInt& BigInt::square(secure_vector<word>& ws) {
180 const size_t sw = sig_words();
181
182 secure_vector<word> z(2 * sw);
183 ws.resize(z.size());
184
185 bigint_sqr(z.data(), z.size(), _data(), size(), sw, ws.data(), ws.size());
186
187 swap_reg(z);
188 set_sign(BigInt::Positive);
189
190 return (*this);
191}
192
193BigInt& BigInt::operator*=(word y) {
194 if(y == 0) {
195 clear();
196 set_sign(Positive);
197 }
198
199 const word carry = bigint_linmul2(mutable_data(), size(), y);
200 set_word_at(size(), carry);
201
202 return (*this);
203}
204
205/*
206* Division Operator
207*/
208BigInt& BigInt::operator/=(const BigInt& y) {
209 if(y.sig_words() == 1 && is_power_of_2(y.word_at(0))) {
210 (*this) >>= (y.bits() - 1);
211 } else {
212 (*this) = (*this) / y;
213 }
214 return (*this);
215}
216
217/*
218* Modulo Operator
219*/
220BigInt& BigInt::operator%=(const BigInt& mod) {
221 return (*this = (*this) % mod);
222}
223
224/*
225* Modulo Operator
226*/
227word BigInt::operator%=(word mod) {
228 if(mod == 0) {
229 throw Invalid_Argument("BigInt::operator%= divide by zero");
230 }
231
232 word remainder = 0;
233
234 if(is_power_of_2(mod)) {
235 remainder = (word_at(0) & (mod - 1));
236 } else {
237 const size_t sw = sig_words();
238 for(size_t i = sw; i > 0; --i) {
239 remainder = bigint_modop_vartime(remainder, word_at(i - 1), mod);
240 }
241 }
242
243 if(remainder && sign() == BigInt::Negative) {
244 remainder = mod - remainder;
245 }
246
247 m_data.set_to_zero();
248 m_data.set_word_at(0, remainder);
249 set_sign(BigInt::Positive);
250 return remainder;
251}
252
253/*
254* Left Shift Operator
255*/
256BigInt& BigInt::operator<<=(size_t shift) {
257 const size_t sw = sig_words();
258 const size_t new_size = sw + (shift + WordInfo<word>::bits - 1) / WordInfo<word>::bits;
259
260 m_data.grow_to(new_size);
261
262 bigint_shl1(m_data.mutable_data(), new_size, sw, shift);
263
264 return (*this);
265}
266
267/*
268* Right Shift Operator
269*/
270BigInt& BigInt::operator>>=(size_t shift) {
271 bigint_shr1(m_data.mutable_data(), m_data.size(), shift);
272
273 if(is_negative() && is_zero()) {
274 set_sign(Positive);
275 }
276
277 return (*this);
278}
279
280} // namespace Botan
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:120
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:100
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:31
Botan::BigInt::operator>>=
BigInt & operator>>=(size_t shift)
Definition big_ops2.cpp:270
Botan::BigInt::mod_mul
BigInt & mod_mul(uint8_t y, const BigInt &mod, secure_vector< word > &ws)
Definition big_ops2.cpp:113
Botan::BigInt::sig_words
size_t sig_words() const
Definition bigint.h:615
Botan::BigInt::operator/=
BigInt & operator/=(const BigInt &y)
Definition big_ops2.cpp:208
Botan::BigInt::BigInt
BigInt()=default
Botan::BigInt::set_word_at
void set_word_at(size_t i, word w)
Definition bigint.h:549
Botan::BigInt::mutable_data
word * mutable_data()
Definition bigint.h:640
Botan::BigInt::size
size_t size() const
Definition bigint.h:609
Botan::BigInt::rev_sub
BigInt & rev_sub(const word y[], size_t y_words, secure_vector< word > &ws)
Definition big_ops2.cpp:124
Botan::BigInt::grow_to
void grow_to(size_t n) const
Definition bigint.h:666
Botan::BigInt::set_words
void set_words(const word w[], size_t len)
Definition bigint.h:551
Botan::BigInt::operator*=
BigInt & operator*=(const BigInt &y)
Definition big_ops2.cpp:145
Botan::BigInt::mod_add
BigInt & mod_add(const BigInt &y, const BigInt &mod, secure_vector< word > &ws)
Definition big_ops2.cpp:45
Botan::BigInt::word_at
word word_at(size_t n) const
Definition bigint.h:547
Botan::BigInt::mul
BigInt & mul(const BigInt &y, secure_vector< word > &ws)
Definition big_ops2.cpp:150
Botan::BigInt::cond_flip_sign
void cond_flip_sign(bool predicate)
Definition bigint.cpp:503
Botan::BigInt::mod_sub
BigInt & mod_sub(const BigInt &y, const BigInt &mod, secure_vector< word > &ws)
Definition big_ops2.cpp:90
Botan::BigInt::bits
size_t bits() const
Definition bigint.cpp:310
Botan::BigInt::operator%=
BigInt & operator%=(const BigInt &y)
Definition big_ops2.cpp:220
Botan::BigInt::clear
void clear()
Definition bigint.h:399
Botan::BigInt::_data
const word * _data() const
Definition bigint.h:936
Botan::BigInt::sign
Sign sign() const
Definition bigint.h:571
Botan::BigInt::operator<<=
BigInt & operator<<=(size_t shift)
Definition big_ops2.cpp:256
Botan::BigInt::add
BigInt & add(const word y[], size_t y_words, Sign sign)
Definition big_ops2.cpp:16
Botan::BigInt::is_zero
bool is_zero() const
Definition bigint.h:457
Botan::BigInt::reduce_below
size_t reduce_below(const BigInt &mod, secure_vector< word > &ws)
Definition bigint.cpp:332
Botan::BigInt::square
BigInt & square(secure_vector< word > &ws)
Definition big_ops2.cpp:179
Botan::BigInt::is_negative
bool is_negative() const
Definition bigint.h:559
Botan::BigInt::swap_reg
void swap_reg(secure_vector< word > &reg)
Definition bigint.h:198
Botan::BigInt::set_sign
void set_sign(Sign sign)
Definition bigint.h:592
Botan::Invalid_Argument
Definition exceptn.h:131
Botan::Invalid_State
Definition exceptn.h:206
Botan::CT::conditional_copy_mem
constexpr Mask< T > conditional_copy_mem(Mask< T > mask, T *to, const T *from0, const T *from1, size_t elems)
Definition ct_utils.h:733
Botan::bigint_linmul3
constexpr void bigint_linmul3(W z[], const W x[], size_t x_size, W y)
Definition mp_core.h:528
Botan::is_power_of_2
constexpr bool is_power_of_2(T arg)
Definition bit_ops.h:48
Botan::bigint_shr1
constexpr void bigint_shr1(W x[], size_t x_size, size_t shift)
Definition mp_core.h:445
Botan::bigint_sqr
void bigint_sqr(word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, word workspace[], size_t ws_size)
Definition mp_karat.cpp:326
Botan::bigint_sub3
constexpr auto bigint_sub3(W z[], const W x[], size_t x_size, const W y[], size_t y_size) -> W
Definition mp_core.h:311
Botan::bigint_mul
void bigint_mul(word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw, word workspace[], size_t ws_size)
Definition mp_karat.cpp:282
Botan::bigint_shl1
constexpr void bigint_shl1(W x[], size_t x_size, size_t x_words, size_t shift)
Definition mp_core.h:426
Botan::bigint_cmp
constexpr int32_t bigint_cmp(const W x[], size_t x_size, const W y[], size_t y_size)
Definition mp_core.h:551
Botan::carry
void carry(int64_t &h0, int64_t &h1)
Definition ed25519_internal.h:28
Botan::bigint_modop_vartime
constexpr auto bigint_modop_vartime(W n1, W n0, W d) -> W
Definition mp_core.h:747
Botan::bigint_sub_abs
constexpr auto bigint_sub_abs(W z[], const W x[], const W y[], size_t N, W ws[]) -> CT::Mask< W >
Definition mp_core.h:398
Botan::bigint_add2
constexpr void bigint_add2(W x[], size_t x_size, const W y[], size_t y_size)
Definition mp_core.h:245
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:65
Botan::bigint_sub2
constexpr auto bigint_sub2(W x[], size_t x_size, const W y[], size_t y_size) -> W
Definition mp_core.h:261
Botan::bigint_sub2_rev
constexpr void bigint_sub2_rev(W x[], const W y[], size_t y_size)
Definition mp_core.h:287
Botan::word
std::conditional_t< HasNative64BitRegisters, std::uint64_t, uint32_t > word
Definition types.h:119
Botan::clear_mem
constexpr void clear_mem(T *ptr, size_t n)
Definition mem_ops.h:123
Botan::bigint_mod_sub
constexpr void bigint_mod_sub(W t[], const W s[], const W mod[], size_t mod_sw, W ws[])
Definition mp_core.h:698
Botan::bigint_add3_nc
constexpr auto bigint_add3_nc(W z[], const W x[], size_t x_size, const W y[], size_t y_size) -> W
Definition mp_core.h:213
Botan::bigint_linmul2
constexpr auto bigint_linmul2(W x[], size_t x_size, W y) -> W
Definition mp_core.h:511
Generated by doxygen 1.13.2