Botan 3.0.0-alpha0
Crypto and TLS for C&
big_ops2.cpp
Go to the documentation of this file.
1/*
2* (C) 1999-2007,2018 Jack Lloyd
3* 2016 Matthias Gierlings
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/bigint.h>
9#include <botan/internal/mp_core.h>
10#include <botan/internal/bit_ops.h>
11#include <algorithm>
12
13namespace Botan {
14
15BigInt& BigInt::add(const word y[], size_t y_words, Sign y_sign)
16 {
17 const size_t x_sw = sig_words();
18
19 grow_to(std::max(x_sw, y_words) + 1);
20
21 if(sign() == y_sign)
22 {
23 bigint_add2(mutable_data(), size() - 1, y, y_words);
24 }
25 else
26 {
27 const int32_t relative_size = bigint_cmp(data(), x_sw, y, y_words);
28
29 if(relative_size >= 0)
30 {
31 // *this >= y
32 bigint_sub2(mutable_data(), x_sw, y, y_words);
33 }
34 else
35 {
36 // *this < y
37 bigint_sub2_rev(mutable_data(), y, y_words);
38 }
39
40 //this->sign_fixup(relative_size, y_sign);
41 if(relative_size < 0)
42 set_sign(y_sign);
43 else if(relative_size == 0)
44 set_sign(Positive);
45 }
46
47 return (*this);
48 }
49
50BigInt& BigInt::mod_add(const BigInt& s, const BigInt& mod, secure_vector<word>& ws)
51 {
52 if(this->is_negative() || s.is_negative() || mod.is_negative())
53 throw Invalid_Argument("BigInt::mod_add expects all arguments are positive");
54
55 BOTAN_DEBUG_ASSERT(*this < mod);
56 BOTAN_DEBUG_ASSERT(s < mod);
57
58 /*
59 t + s or t + s - p == t - (p - s)
60
61 So first compute ws = p - s
62
63 Then compute t + s and t - ws
64
65 If t - ws does not borrow, then that is the correct valued
66 */
67
68 const size_t mod_sw = mod.sig_words();
69 BOTAN_ARG_CHECK(mod_sw > 0, "BigInt::mod_add modulus must be positive");
70
71 this->grow_to(mod_sw);
72 s.grow_to(mod_sw);
73
74 // First mod_sw for p - s, 2*mod_sw for bigint_addsub workspace
75 if(ws.size() < 3*mod_sw)
76 ws.resize(3*mod_sw);
77
78 word borrow = bigint_sub3(&ws[0], mod.data(), mod_sw, s.data(), mod_sw);
79 BOTAN_DEBUG_ASSERT(borrow == 0);
80 BOTAN_UNUSED(borrow);
81
82 // Compute t - ws
83 borrow = bigint_sub3(&ws[mod_sw], this->data(), mod_sw, &ws[0], mod_sw);
84
85 // Compute t + s
86 bigint_add3_nc(&ws[mod_sw*2], this->data(), mod_sw, s.data(), mod_sw);
87
88 CT::conditional_copy_mem(borrow, &ws[0], &ws[mod_sw*2], &ws[mod_sw], mod_sw);
89 set_words(&ws[0], mod_sw);
90
91 return (*this);
92 }
93
94BigInt& BigInt::mod_sub(const BigInt& s, const BigInt& mod, secure_vector<word>& ws)
95 {
96 if(this->is_negative() || s.is_negative() || mod.is_negative())
97 throw Invalid_Argument("BigInt::mod_sub expects all arguments are positive");
98
99 // We are assuming in this function that *this and s are no more than mod_sw words long
100 BOTAN_DEBUG_ASSERT(*this < mod);
101 BOTAN_DEBUG_ASSERT(s < mod);
102
103 const size_t mod_sw = mod.sig_words();
104
105 this->grow_to(mod_sw);
106 s.grow_to(mod_sw);
107
108 if(ws.size() < mod_sw)
109 ws.resize(mod_sw);
110
111 if(mod_sw == 4)
112 bigint_mod_sub_n<4>(mutable_data(), s.data(), mod.data(), ws.data());
113 else if(mod_sw == 6)
114 bigint_mod_sub_n<6>(mutable_data(), s.data(), mod.data(), ws.data());
115 else
116 bigint_mod_sub(mutable_data(), s.data(), mod.data(), mod_sw, ws.data());
117
118 return (*this);
119 }
120
121BigInt& BigInt::mod_mul(uint8_t y, const BigInt& mod, secure_vector<word>& ws)
122 {
123 BOTAN_ARG_CHECK(this->is_negative() == false, "*this must be positive");
124 BOTAN_ARG_CHECK(y < 16, "y too large");
125
126 BOTAN_DEBUG_ASSERT(*this < mod);
127
128 *this *= static_cast<word>(y);
129 this->reduce_below(mod, ws);
130 return (*this);
131 }
132
133BigInt& BigInt::rev_sub(const word y[], size_t y_sw, secure_vector<word>& ws)
134 {
135 if(this->sign() != BigInt::Positive)
136 throw Invalid_State("BigInt::sub_rev requires this is positive");
137
138 const size_t x_sw = this->sig_words();
139
140 ws.resize(std::max(x_sw, y_sw));
141 clear_mem(ws.data(), ws.size());
142
143 const int32_t relative_size = bigint_sub_abs(ws.data(), data(), x_sw, y, y_sw);
144
145 this->cond_flip_sign(relative_size > 0);
146 this->swap_reg(ws);
147
148 return (*this);
149 }
150
151/*
152* Multiplication Operator
153*/
154BigInt& BigInt::operator*=(const BigInt& y)
155 {
156 secure_vector<word> ws;
157 return this->mul(y, ws);
158 }
159
160BigInt& BigInt::mul(const BigInt& y, secure_vector<word>& ws)
161 {
162 const size_t x_sw = sig_words();
163 const size_t y_sw = y.sig_words();
164 set_sign((sign() == y.sign()) ? Positive : Negative);
165
166 if(x_sw == 0 || y_sw == 0)
167 {
168 clear();
169 set_sign(Positive);
170 }
171 else if(x_sw == 1 && y_sw)
172 {
173 grow_to(y_sw + 1);
174 bigint_linmul3(mutable_data(), y.data(), y_sw, word_at(0));
175 }
176 else if(y_sw == 1 && x_sw)
177 {
178 word carry = bigint_linmul2(mutable_data(), x_sw, y.word_at(0));
179 set_word_at(x_sw, carry);
180 }
181 else
182 {
183 const size_t new_size = x_sw + y_sw + 1;
184 ws.resize(new_size);
185 secure_vector<word> z_reg(new_size);
186
187 bigint_mul(z_reg.data(), z_reg.size(),
188 data(), size(), x_sw,
189 y.data(), y.size(), y_sw,
190 ws.data(), ws.size());
191
192 this->swap_reg(z_reg);
193 }
194
195 return (*this);
196 }
197
198BigInt& BigInt::square(secure_vector<word>& ws)
199 {
200 const size_t sw = sig_words();
201
202 secure_vector<word> z(2*sw);
203 ws.resize(z.size());
204
205 bigint_sqr(z.data(), z.size(),
206 data(), size(), sw,
207 ws.data(), ws.size());
208
209 swap_reg(z);
210 set_sign(BigInt::Positive);
211
212 return (*this);
213 }
214
215BigInt& BigInt::operator*=(word y)
216 {
217 if(y == 0)
218 {
219 clear();
220 set_sign(Positive);
221 }
222
223 const word carry = bigint_linmul2(mutable_data(), size(), y);
224 set_word_at(size(), carry);
225
226 return (*this);
227 }
228
229/*
230* Division Operator
231*/
232BigInt& BigInt::operator/=(const BigInt& y)
233 {
234 if(y.sig_words() == 1 && is_power_of_2(y.word_at(0)))
235 (*this) >>= (y.bits() - 1);
236 else
237 (*this) = (*this) / y;
238 return (*this);
239 }
240
241/*
242* Modulo Operator
243*/
244BigInt& BigInt::operator%=(const BigInt& mod)
245 {
246 return (*this = (*this) % mod);
247 }
248
249/*
250* Modulo Operator
251*/
252word BigInt::operator%=(word mod)
253 {
254 if(mod == 0)
255 throw Invalid_Argument("BigInt::operator%= divide by zero");
256
257 word remainder = 0;
258
259 if(is_power_of_2(mod))
260 {
261 remainder = (word_at(0) & (mod - 1));
262 }
263 else
264 {
265 const size_t sw = sig_words();
266 for(size_t i = sw; i > 0; --i)
267 remainder = bigint_modop(remainder, word_at(i-1), mod);
268 }
269
270 if(remainder && sign() == BigInt::Negative)
271 remainder = mod - remainder;
272
273 m_data.set_to_zero();
274 m_data.set_word_at(0, remainder);
275 set_sign(BigInt::Positive);
276 return remainder;
277 }
278
279/*
280* Left Shift Operator
281*/
282BigInt& BigInt::operator<<=(size_t shift)
283 {
284 const size_t shift_words = shift / BOTAN_MP_WORD_BITS;
285 const size_t shift_bits = shift % BOTAN_MP_WORD_BITS;
286 const size_t size = sig_words();
287
288 const size_t bits_free = top_bits_free();
289
290 const size_t new_size = size + shift_words + (bits_free < shift_bits);
291
292 m_data.grow_to(new_size);
293
294 bigint_shl1(m_data.mutable_data(), new_size, size, shift_words, shift_bits);
295
296 return (*this);
297 }
298
299/*
300* Right Shift Operator
301*/
302BigInt& BigInt::operator>>=(size_t shift)
303 {
304 const size_t shift_words = shift / BOTAN_MP_WORD_BITS;
305 const size_t shift_bits = shift % BOTAN_MP_WORD_BITS;
306
307 bigint_shr1(m_data.mutable_data(), m_data.size(), shift_words, shift_bits);
308
309 if(is_negative() && is_zero())
310 set_sign(Positive);
311
312 return (*this);
313 }
314
315}
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:122
BOTAN_UNUSED
#define BOTAN_UNUSED(...)
Definition: assert.h:141
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition: assert.h:36
Botan::BigInt::operator>>=
BigInt & operator>>=(size_t shift)
Definition: big_ops2.cpp:302
Botan::BigInt::mod_mul
BigInt & mod_mul(uint8_t y, const BigInt &mod, secure_vector< word > &ws)
Definition: big_ops2.cpp:121
Botan::BigInt::sig_words
size_t sig_words() const
Definition: bigint.h:600
Botan::BigInt::operator/=
BigInt & operator/=(const BigInt &y)
Definition: big_ops2.cpp:232
Botan::BigInt::set_word_at
void set_word_at(size_t i, word w)
Definition: bigint.h:527
Botan::BigInt::mutable_data
word * mutable_data()
Definition: bigint.h:628
Botan::BigInt::size
size_t size() const
Definition: bigint.h:594
Botan::BigInt::rev_sub
BigInt & rev_sub(const word y[], size_t y_words, secure_vector< word > &ws)
Definition: big_ops2.cpp:133
Botan::BigInt::grow_to
void grow_to(size_t n) const
Definition: bigint.h:650
Botan::BigInt::set_words
void set_words(const word w[], size_t len)
Definition: bigint.h:532
Botan::BigInt::operator*=
BigInt & operator*=(const BigInt &y)
Definition: big_ops2.cpp:154
Botan::BigInt::top_bits_free
size_t top_bits_free() const
Definition: bigint.cpp:299
Botan::BigInt::mod_add
BigInt & mod_add(const BigInt &y, const BigInt &mod, secure_vector< word > &ws)
Definition: big_ops2.cpp:50
Botan::BigInt::data
const word * data() const
Definition: bigint.h:634
Botan::BigInt::word_at
word word_at(size_t n) const
Definition: bigint.h:522
Botan::BigInt::mul
BigInt & mul(const BigInt &y, secure_vector< word > &ws)
Definition: big_ops2.cpp:160
Botan::BigInt::cond_flip_sign
void cond_flip_sign(bool predicate)
Definition: bigint.cpp:471
Botan::BigInt::mod_sub
BigInt & mod_sub(const BigInt &y, const BigInt &mod, secure_vector< word > &ws)
Definition: big_ops2.cpp:94
Botan::BigInt::bits
size_t bits() const
Definition: bigint.cpp:309
Botan::BigInt::operator%=
BigInt & operator%=(const BigInt &y)
Definition: big_ops2.cpp:244
Botan::BigInt::clear
void clear()
Definition: bigint.h:375
Botan::BigInt::sign
Sign sign() const
Definition: bigint.h:553
Botan::BigInt::operator<<=
BigInt & operator<<=(size_t shift)
Definition: big_ops2.cpp:282
Botan::BigInt::add
BigInt & add(const word y[], size_t y_words, Sign sign)
Definition: big_ops2.cpp:15
Botan::BigInt::is_zero
bool is_zero() const
Definition: bigint.h:430
Botan::BigInt::reduce_below
size_t reduce_below(const BigInt &mod, secure_vector< word > &ws)
Definition: bigint.cpp:332
Botan::BigInt::square
BigInt & square(secure_vector< word > &ws)
Definition: big_ops2.cpp:198
Botan::BigInt::is_negative
bool is_negative() const
Definition: bigint.h:541
Botan::BigInt::swap_reg
void swap_reg(secure_vector< word > &reg)
Definition: bigint.h:176
Botan::BigInt::set_sign
void set_sign(Sign sign)
Definition: bigint.h:577
Botan::Invalid_Argument
Definition: exceptn.h:133
Botan::Invalid_State
Definition: exceptn.h:204
BOTAN_MP_WORD_BITS
#define BOTAN_MP_WORD_BITS
Definition: build.h:52
Botan::CT::conditional_copy_mem
Mask< T > conditional_copy_mem(T cnd, T *to, const T *from0, const T *from1, size_t elems)
Definition: ct_utils.h:360
Botan
Definition: alg_id.cpp:13
Botan::bigint_sub2_rev
void bigint_sub2_rev(word x[], const word y[], size_t y_size)
Definition: mp_core.h:324
Botan::bigint_shr1
void bigint_shr1(word x[], size_t x_size, size_t word_shift, size_t bit_shift)
Definition: mp_core.h:427
Botan::bigint_linmul3
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_core.h:504
Botan::bigint_sub2
word bigint_sub2(word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_core.h:300
Botan::bigint_shl1
void bigint_shl1(word x[], size_t x_size, size_t x_words, size_t word_shift, size_t bit_shift)
Definition: mp_core.h:409
Botan::bigint_sqr
void bigint_sqr(word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, word workspace[], size_t ws_size)
Definition: mp_karat.cpp:356
Botan::bigint_sub_abs
CT::Mask< word > bigint_sub_abs(word z[], const word x[], const word y[], size_t N, word ws[])
Definition: mp_core.h:377
Botan::bigint_mul
void bigint_mul(word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw, word workspace[], size_t ws_size)
Definition: mp_karat.cpp:297
Botan::carry
void carry(int64_t &h0, int64_t &h1)
Definition: ed25519_internal.h:32
Botan::bigint_add2
void bigint_add2(word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_core.h:280
Botan::bigint_add3_nc
word bigint_add3_nc(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_core.h:250
Botan::bigint_linmul2
word bigint_linmul2(word x[], size_t x_size, word y)
Definition: mp_core.h:489
Botan::bigint_modop
word bigint_modop(word n1, word n0, word d)
Definition: mp_core.h:755
Botan::bigint_cmp
int32_t bigint_cmp(const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_core.h:525
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
Botan::is_power_of_2
constexpr bool is_power_of_2(T arg)
Definition: bit_ops.h:43
Botan::bigint_sub3
word bigint_sub3(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_core.h:342
Botan::clear_mem
constexpr void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:115
Botan::bigint_mod_sub
void bigint_mod_sub(word t[], const word s[], const word mod[], size_t mod_sw, word ws[])
Definition: mp_core.h:687
Generated by doxygen 1.9.3