/* crypto/bn/bn_lcl.h *//* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. *  * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to.  The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code.  The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). *  * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. *  * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright *    notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in the *    documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software *    must display the following acknowledgement: *    "This product includes cryptographic software written by *     Eric Young (eay@cryptsoft.com)" *    The word 'cryptographic' can be left out if the rouines from the library *    being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from  *    the apps directory (application code) you must include an acknowledgement: *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" *  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. *  * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed.  i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] *//* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright *    notice, this list of conditions and the following disclaimer.  * * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in *    the documentation and/or other materials provided with the *    distribution. * * 3. All advertising materials mentioning features or use of this *    software must display the following acknowledgment: *    "This product includes software developed by the OpenSSL Project *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to *    endorse or promote products derived from this software without *    prior written permission. For written permission, please contact *    openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" *    nor may "OpenSSL" appear in their names without prior written *    permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following *    acknowledgment: *    "This product includes software developed by the OpenSSL Project *    for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com).  This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */#ifndef HEADER_BN_LCL_H#define HEADER_BN_LCL_H#include <openssl/bn.h>#ifdef  __cplusplusextern "C" {#endif/* Used for temp variables */#define BN_CTX_NUM	32#define BN_CTX_NUM_POS	12struct bignum_ctx	{	int tos;	BIGNUM bn[BN_CTX_NUM];	int flags;	int depth;	int pos[BN_CTX_NUM_POS];	int too_many;	} /* BN_CTX */;/* * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions * * * For window size 'w' (w >= 2) and a random 'b' bits exponent, * the number of multiplications is a constant plus on average * *    2^(w-1) + (b-w)/(w+1); * * here  2^(w-1)  is for precomputing the table (we actually need * entries only for windows that have the lowest bit set), and * (b-w)/(w+1)  is an approximation for the expected number of * w-bit windows, not counting the first one. * * Thus we should use * *    w >= 6  if        b > 671 *     w = 5  if  671 > b > 239 *     w = 4  if  239 > b >  79 *     w = 3  if   79 > b >  23 *    w <= 2  if   23 > b * * (with draws in between).  Very small exponents are often selected * with low Hamming weight, so we use  w = 1  for b <= 23. */#if 1#define BN_window_bits_for_exponent_size(b) \		((b) > 671 ? 6 : \		 (b) > 239 ? 5 : \		 (b) >  79 ? 4 : \		 (b) >  23 ? 3 : 1)#else/* Old SSLeay/OpenSSL table. * Maximum window size was 5, so this table differs for b==1024; * but it coincides for other interesting values (b==160, b==512). */#define BN_window_bits_for_exponent_size(b) \		((b) > 255 ? 5 : \		 (b) > 127 ? 4 : \		 (b) >  17 ? 3 : 1)#endif	 /* BN_mod_exp_mont_conttime is based on the assumption that the * L1 data cache line width of the target processor is at least * the following value. */#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH	( 64 )#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK	(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)/* Window sizes optimized for fixed window size modular exponentiation * algorithm (BN_mod_exp_mont_consttime). * * To achieve the security goals of BN_mode_exp_mont_consttime, the * maximum size of the window must not exceed * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH).  * * Window size thresholds are defined for cache line sizes of 32 and 64, * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A * window size of 7 should only be used on processors that have a 128 * byte or greater cache line size. */#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64#  define BN_window_bits_for_ctime_exponent_size(b) \		((b) > 937 ? 6 : \		 (b) > 306 ? 5 : \		 (b) >  89 ? 4 : \		 (b) >  22 ? 3 : 1)#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(6)#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32#  define BN_window_bits_for_ctime_exponent_size(b) \		((b) > 306 ? 5 : \		 (b) >  89 ? 4 : \		 (b) >  22 ? 3 : 1)#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(5)#endif/* Pentium pro 16,16,16,32,64 *//* Alpha       16,16,16,16.64 */#define BN_MULL_SIZE_NORMAL			(16) /* 32 */#define BN_MUL_RECURSIVE_SIZE_NORMAL		(16) /* 32 less than */#define BN_SQR_RECURSIVE_SIZE_NORMAL		(16) /* 32 */#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL	(32) /* 32 */#define BN_MONT_CTX_SET_SIZE_WORD		(64) /* 32 */#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)/* * BN_UMULT_HIGH section. * * No, I'm not trying to overwhelm you when stating that the * product of N-bit numbers is 2*N bits wide:-) No, I don't expect * you to be impressed when I say that if the compiler doesn't * support 2*N integer type, then you have to replace every N*N * multiplication with 4 (N/2)*(N/2) accompanied by some shifts * and additions which unavoidably results in severe performance * penalties. Of course provided that the hardware is capable of * producing 2*N result... That's when you normally start * considering assembler implementation. However! It should be * pointed out that some CPUs (most notably Alpha, PowerPC and * upcoming IA-64 family:-) provide *separate* instruction * calculating the upper half of the product placing the result * into a general purpose register. Now *if* the compiler supports * inline assembler, then it's not impossible to implement the * "bignum" routines (and have the compiler optimize 'em) * exhibiting "native" performance in C. That's what BN_UMULT_HIGH * macro is about:-)