/src/botan/src/lib/math/bigint/big_ops2.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 1999-2007,2018 Jack Lloyd |
3 | | * 2016 Matthias Gierlings |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/bigint.h> |
9 | | |
10 | | #include <botan/internal/bit_ops.h> |
11 | | #include <botan/internal/mp_core.h> |
12 | | #include <algorithm> |
13 | | |
14 | | namespace Botan { |
15 | | |
16 | 13.0M | BigInt& BigInt::add(const word y[], size_t y_words, Sign y_sign) { |
17 | 13.0M | const size_t x_sw = sig_words(); |
18 | | |
19 | 13.0M | grow_to(std::max(x_sw, y_words) + 1); |
20 | | |
21 | 13.0M | if(sign() == y_sign) { |
22 | 12.9M | bigint_add2(mutable_data(), size() - 1, y, y_words); |
23 | 12.9M | } else { |
24 | 20.8k | const int32_t relative_size = bigint_cmp(_data(), x_sw, y, y_words); |
25 | | |
26 | 20.8k | if(relative_size >= 0) { |
27 | | // *this >= y |
28 | 16.8k | bigint_sub2(mutable_data(), x_sw, y, y_words); |
29 | 16.8k | } else { |
30 | | // *this < y |
31 | 3.93k | bigint_sub2_rev(mutable_data(), y, y_words); |
32 | 3.93k | } |
33 | | |
34 | | //this->sign_fixup(relative_size, y_sign); |
35 | 20.8k | if(relative_size < 0) { |
36 | 3.93k | set_sign(y_sign); |
37 | 16.8k | } else if(relative_size == 0) { |
38 | 31 | set_sign(Positive); |
39 | 31 | } |
40 | 20.8k | } |
41 | | |
42 | 13.0M | return (*this); |
43 | 13.0M | } |
44 | | |
45 | 27.6k | BigInt& BigInt::mod_add(const BigInt& s, const BigInt& mod, secure_vector<word>& ws) { |
46 | 27.6k | if(this->is_negative() || s.is_negative() || mod.is_negative()) { |
47 | 0 | throw Invalid_Argument("BigInt::mod_add expects all arguments are positive"); |
48 | 0 | } |
49 | | |
50 | 27.6k | BOTAN_DEBUG_ASSERT(*this < mod); |
51 | 27.6k | BOTAN_DEBUG_ASSERT(s < mod); |
52 | | |
53 | | /* |
54 | | t + s or t + s - p == t - (p - s) |
55 | | |
56 | | So first compute ws = p - s |
57 | | |
58 | | Then compute t + s and t - ws |
59 | | |
60 | | If t - ws does not borrow, then that is the correct valued |
61 | | */ |
62 | | |
63 | 27.6k | const size_t mod_sw = mod.sig_words(); |
64 | 27.6k | BOTAN_ARG_CHECK(mod_sw > 0, "BigInt::mod_add modulus must be positive"); |
65 | | |
66 | 27.6k | this->grow_to(mod_sw); |
67 | 27.6k | s.grow_to(mod_sw); |
68 | | |
69 | | // First mod_sw for p - s, 2*mod_sw for bigint_addsub workspace |
70 | 27.6k | if(ws.size() < 3 * mod_sw) { |
71 | 10.5k | ws.resize(3 * mod_sw); |
72 | 10.5k | } |
73 | | |
74 | 27.6k | word borrow = bigint_sub3(&ws[0], mod._data(), mod_sw, s._data(), mod_sw); |
75 | 27.6k | BOTAN_DEBUG_ASSERT(borrow == 0); |
76 | 27.6k | BOTAN_UNUSED(borrow); |
77 | | |
78 | | // Compute t - ws |
79 | 27.6k | borrow = bigint_sub3(&ws[mod_sw], this->_data(), mod_sw, &ws[0], mod_sw); |
80 | | |
81 | | // Compute t + s |
82 | 27.6k | bigint_add3_nc(&ws[mod_sw * 2], this->_data(), mod_sw, s._data(), mod_sw); |
83 | | |
84 | 27.6k | CT::conditional_copy_mem(borrow, &ws[0], &ws[mod_sw * 2], &ws[mod_sw], mod_sw); |
85 | 27.6k | set_words(&ws[0], mod_sw); |
86 | | |
87 | 27.6k | return (*this); |
88 | 27.6k | } |
89 | | |
90 | 482k | BigInt& BigInt::mod_sub(const BigInt& s, const BigInt& mod, secure_vector<word>& ws) { |
91 | 482k | if(this->is_negative() || s.is_negative() || mod.is_negative()) { |
92 | 0 | throw Invalid_Argument("BigInt::mod_sub expects all arguments are positive"); |
93 | 0 | } |
94 | | |
95 | | // We are assuming in this function that *this and s are no more than mod_sw words long |
96 | 482k | BOTAN_DEBUG_ASSERT(*this < mod); |
97 | 482k | BOTAN_DEBUG_ASSERT(s < mod); |
98 | | |
99 | 482k | const size_t mod_sw = mod.sig_words(); |
100 | | |
101 | 482k | this->grow_to(mod_sw); |
102 | 482k | s.grow_to(mod_sw); |
103 | | |
104 | 482k | if(ws.size() < mod_sw) { |
105 | 0 | ws.resize(mod_sw); |
106 | 0 | } |
107 | | |
108 | 482k | bigint_mod_sub(mutable_data(), s._data(), mod._data(), mod_sw, ws.data()); |
109 | | |
110 | 482k | return (*this); |
111 | 482k | } |
112 | | |
113 | 160k | BigInt& BigInt::mod_mul(uint8_t y, const BigInt& mod, secure_vector<word>& ws) { |
114 | 160k | BOTAN_ARG_CHECK(this->is_negative() == false, "*this must be positive"); |
115 | 160k | BOTAN_ARG_CHECK(y < 16, "y too large"); |
116 | | |
117 | 160k | BOTAN_DEBUG_ASSERT(*this < mod); |
118 | | |
119 | 160k | *this *= static_cast<word>(y); |
120 | 160k | this->reduce_below(mod, ws); |
121 | 160k | return (*this); |
122 | 160k | } |
123 | | |
124 | 413k | BigInt& BigInt::rev_sub(const word y[], size_t y_sw, secure_vector<word>& ws) { |
125 | 413k | if(this->sign() != BigInt::Positive) { |
126 | 0 | throw Invalid_State("BigInt::sub_rev requires this is positive"); |
127 | 0 | } |
128 | | |
129 | 413k | const size_t x_sw = this->sig_words(); |
130 | | |
131 | 413k | ws.resize(std::max(x_sw, y_sw)); |
132 | 413k | clear_mem(ws.data(), ws.size()); |
133 | | |
134 | 413k | const int32_t relative_size = bigint_sub_abs(ws.data(), _data(), x_sw, y, y_sw); |
135 | | |
136 | 413k | this->cond_flip_sign(relative_size > 0); |
137 | 413k | this->swap_reg(ws); |
138 | | |
139 | 413k | return (*this); |
140 | 413k | } |
141 | | |
142 | | /* |
143 | | * Multiplication Operator |
144 | | */ |
145 | 358 | BigInt& BigInt::operator*=(const BigInt& y) { |
146 | 358 | secure_vector<word> ws; |
147 | 358 | return this->mul(y, ws); |
148 | 358 | } |
149 | | |
150 | 826k | BigInt& BigInt::mul(const BigInt& y, secure_vector<word>& ws) { |
151 | 826k | const size_t x_sw = sig_words(); |
152 | 826k | const size_t y_sw = y.sig_words(); |
153 | 826k | set_sign((sign() == y.sign()) ? Positive : Negative); |
154 | | |
155 | 826k | if(x_sw == 0 || y_sw == 0) { |
156 | 100k | clear(); |
157 | 100k | set_sign(Positive); |
158 | 726k | } else if(x_sw == 1 && y_sw) { |
159 | 98.7k | grow_to(y_sw + 1); |
160 | 98.7k | bigint_linmul3(mutable_data(), y._data(), y_sw, word_at(0)); |
161 | 627k | } else if(y_sw == 1 && x_sw) { |
162 | 3 | word carry = bigint_linmul2(mutable_data(), x_sw, y.word_at(0)); |
163 | 3 | set_word_at(x_sw, carry); |
164 | 627k | } else { |
165 | 627k | const size_t new_size = x_sw + y_sw + 1; |
166 | 627k | ws.resize(new_size); |
167 | 627k | secure_vector<word> z_reg(new_size); |
168 | | |
169 | 627k | bigint_mul(z_reg.data(), z_reg.size(), _data(), size(), x_sw, y._data(), y.size(), y_sw, ws.data(), ws.size()); |
170 | | |
171 | 627k | this->swap_reg(z_reg); |
172 | 627k | } |
173 | | |
174 | 826k | return (*this); |
175 | 826k | } |
176 | | |
177 | 200k | BigInt& BigInt::square(secure_vector<word>& ws) { |
178 | 200k | const size_t sw = sig_words(); |
179 | | |
180 | 200k | secure_vector<word> z(2 * sw); |
181 | 200k | ws.resize(z.size()); |
182 | | |
183 | 200k | bigint_sqr(z.data(), z.size(), _data(), size(), sw, ws.data(), ws.size()); |
184 | | |
185 | 200k | swap_reg(z); |
186 | 200k | set_sign(BigInt::Positive); |
187 | | |
188 | 200k | return (*this); |
189 | 200k | } |
190 | | |
191 | 12.7M | BigInt& BigInt::operator*=(word y) { |
192 | 12.7M | if(y == 0) { |
193 | 0 | clear(); |
194 | 0 | set_sign(Positive); |
195 | 0 | } |
196 | | |
197 | 12.7M | const word carry = bigint_linmul2(mutable_data(), size(), y); |
198 | 12.7M | set_word_at(size(), carry); |
199 | | |
200 | 12.7M | return (*this); |
201 | 12.7M | } |
202 | | |
203 | | /* |
204 | | * Division Operator |
205 | | */ |
206 | 0 | BigInt& BigInt::operator/=(const BigInt& y) { |
207 | 0 | if(y.sig_words() == 1 && is_power_of_2(y.word_at(0))) { |
208 | 0 | (*this) >>= (y.bits() - 1); |
209 | 0 | } else { |
210 | 0 | (*this) = (*this) / y; |
211 | 0 | } |
212 | 0 | return (*this); |
213 | 0 | } |
214 | | |
215 | | /* |
216 | | * Modulo Operator |
217 | | */ |
218 | 89 | BigInt& BigInt::operator%=(const BigInt& mod) { |
219 | 89 | return (*this = (*this) % mod); |
220 | 89 | } |
221 | | |
222 | | /* |
223 | | * Modulo Operator |
224 | | */ |
225 | 0 | word BigInt::operator%=(word mod) { |
226 | 0 | if(mod == 0) { |
227 | 0 | throw Invalid_Argument("BigInt::operator%= divide by zero"); |
228 | 0 | } |
229 | | |
230 | 0 | word remainder = 0; |
231 | |
|
232 | 0 | if(is_power_of_2(mod)) { |
233 | 0 | remainder = (word_at(0) & (mod - 1)); |
234 | 0 | } else { |
235 | 0 | const size_t sw = sig_words(); |
236 | 0 | for(size_t i = sw; i > 0; --i) { |
237 | 0 | remainder = bigint_modop_vartime(remainder, word_at(i - 1), mod); |
238 | 0 | } |
239 | 0 | } |
240 | |
|
241 | 0 | if(remainder && sign() == BigInt::Negative) { |
242 | 0 | remainder = mod - remainder; |
243 | 0 | } |
244 | |
|
245 | 0 | m_data.set_to_zero(); |
246 | 0 | m_data.set_word_at(0, remainder); |
247 | 0 | set_sign(BigInt::Positive); |
248 | 0 | return remainder; |
249 | 0 | } |
250 | | |
251 | | /* |
252 | | * Left Shift Operator |
253 | | */ |
254 | 1.51M | BigInt& BigInt::operator<<=(size_t shift) { |
255 | 1.51M | const size_t sw = sig_words(); |
256 | 1.51M | const size_t new_size = sw + (shift + WordInfo<word>::bits - 1) / WordInfo<word>::bits; |
257 | | |
258 | 1.51M | m_data.grow_to(new_size); |
259 | | |
260 | 1.51M | bigint_shl1(m_data.mutable_data(), new_size, sw, shift); |
261 | | |
262 | 1.51M | return (*this); |
263 | 1.51M | } |
264 | | |
265 | | /* |
266 | | * Right Shift Operator |
267 | | */ |
268 | 1.01M | BigInt& BigInt::operator>>=(size_t shift) { |
269 | 1.01M | bigint_shr1(m_data.mutable_data(), m_data.size(), shift); |
270 | | |
271 | 1.01M | if(is_negative() && is_zero()) { |
272 | 0 | set_sign(Positive); |
273 | 0 | } |
274 | | |
275 | 1.01M | return (*this); |
276 | 1.01M | } |
277 | | |
278 | | } // namespace Botan |