WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion.

pull/8253/head
Daniel Pouzzner 2024-12-18 11:51:06 -06:00
parent ba050d6a3f
commit 122502e2b1
21 changed files with 598 additions and 588 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
wolfcrypt/src/aes.c
View File

@ -6509,7 +6509,7 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
{
int i;
int carryIn = 0;
byte borrow = (0x00 - (x[15] & 0x01)) & 0xE1;
byte borrow = (byte)((0x00U - (x[15] & 0x01U)) & 0xE1U);
for (i = 0; i < WC_AES_BLOCK_SIZE; i++) {
int carryOut = (x[i] & 0x01) << 7;
@ -8037,13 +8037,13 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
/* Check if we have unprocessed data. */
if (aes->aOver > 0) {
/* Calculate amount we can use - fill up the block. */
byte sz = WC_AES_BLOCK_SIZE - aes->aOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
if (sz > aSz) {
sz = (byte)aSz;
}
/* Copy extra into last GHASH block array and update count. */
XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz);
aes->aOver += sz;
aes->aOver = (byte)(aes->aOver + sz);
if (aes->aOver == WC_AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
@ -8072,7 +8072,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
if (aes->aOver > 0 && cSz > 0 && c != NULL) {
/* No more AAD coming and we have a partial block. */
/* Fill the rest of the block with zeros. */
byte sz = WC_AES_BLOCK_SIZE - aes->aOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0, sz);
/* GHASH last AAD block. */
GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
@ -8086,13 +8086,13 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
aes->cSz += cSz;
if (aes->cOver > 0) {
/* Calculate amount we can use - fill up the block. */
byte sz = WC_AES_BLOCK_SIZE - aes->cOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
if (sz > cSz) {
sz = (byte)cSz;
}
XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
/* Update count of unused encrypted counter. */
aes->cOver += sz;
aes->cOver = (byte)(aes->cOver + sz);
if (aes->cOver == WC_AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
@ -8139,7 +8139,7 @@ static void GHASH_FINAL(Aes* aes, byte* s, word32 sSz)
}
if (over > 0) {
/* Zeroize the unused part of the block. */
XMEMSET(AES_LASTGBLOCK(aes) + over, 0, WC_AES_BLOCK_SIZE - over);
XMEMSET(AES_LASTGBLOCK(aes) + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
/* Hash the last block of cipher text. */
GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
}
@ -9352,7 +9352,7 @@ static WARN_UNUSED_RESULT int AesGcmCryptUpdate_C(
/* Check if previous encrypted block was not used up. */
if (aes->over > 0) {
byte pSz = WC_AES_BLOCK_SIZE - aes->over;
byte pSz = (byte)(WC_AES_BLOCK_SIZE - aes->over);
if (pSz > sz) pSz = (byte)sz;
/* Use some/all of last encrypted block. */
@ -9579,13 +9579,13 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
/* Check if we have unprocessed data. */
if (aes->aOver > 0) {
/* Calculate amount we can use - fill up the block. */
byte sz = WC_AES_BLOCK_SIZE - aes->aOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
if (sz > aSz) {
sz = (byte)aSz;
}
/* Copy extra into last GHASH block array and update count. */
XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz);
aes->aOver += sz;
aes->aOver = (byte)(aes->aOver + sz);
if (aes->aOver == WC_AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
#ifdef HAVE_INTEL_AVX2
@ -9650,7 +9650,7 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
/* No more AAD coming and we have a partial block. */
/* Fill the rest of the block with zeros. */
XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0,
WC_AES_BLOCK_SIZE - aes->aOver);
(size_t)WC_AES_BLOCK_SIZE - aes->aOver);
/* GHASH last AAD block. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
@ -9708,7 +9708,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
aes->cSz += cSz;
if (aes->cOver > 0) {
/* Calculate amount we can use - fill up the block. */
byte sz = WC_AES_BLOCK_SIZE - aes->cOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
if (sz > cSz) {
sz = (byte)cSz;
}
@ -9716,7 +9716,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz);
XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz);
/* Update count of unused encrypted counter. */
aes->cOver += sz;
aes->cOver = (byte)(aes->cOver + sz);
if (aes->cOver == WC_AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
#ifdef HAVE_INTEL_AVX2
@ -9832,7 +9832,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
}
if (over > 0) {
/* Fill the rest of the block with zeros. */
XMEMSET(AES_LASTGBLOCK(aes) + over, 0, WC_AES_BLOCK_SIZE - over);
XMEMSET(AES_LASTGBLOCK(aes) + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
/* GHASH last cipher block. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
@ -9939,7 +9939,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
aes->cSz += cSz;
if (aes->cOver > 0) {
/* Calculate amount we can use - fill up the block. */
byte sz = WC_AES_BLOCK_SIZE - aes->cOver;
byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
if (sz > cSz) {
sz = (byte)cSz;
}
@ -9949,7 +9949,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz);
/* Update count of unused encrypted counter. */
aes->cOver += sz;
aes->cOver = (byte)(aes->cOver + sz);
if (aes->cOver == WC_AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
#ifdef HAVE_INTEL_AVX2
@ -10072,7 +10072,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
}
if (over > 0) {
/* Zeroize the unused part of the block. */
XMEMSET(lastBlock + over, 0, WC_AES_BLOCK_SIZE - over);
XMEMSET(lastBlock + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
/* Hash the last block of cipher text. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
@ -11044,14 +11044,14 @@ static WC_INLINE void AesCcmCtrIncSet4(byte* B, word32 lenSz)
for (i = 0; i < lenSz; i++) {
if (++B[WC_AES_BLOCK_SIZE * 2 - 1 - i] != 0) break;
}
B[WC_AES_BLOCK_SIZE * 3 - 1] += 2;
if (B[WC_AES_BLOCK_SIZE * 3 - 1] < 2) {
B[WC_AES_BLOCK_SIZE * 3 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 3 - 1] + 2U);
if (B[WC_AES_BLOCK_SIZE * 3 - 1] < 2U) {
for (i = 1; i < lenSz; i++) {
if (++B[WC_AES_BLOCK_SIZE * 3 - 1 - i] != 0) break;
}
}
B[WC_AES_BLOCK_SIZE * 4 - 1] += 3;
if (B[WC_AES_BLOCK_SIZE * 4 - 1] < 3) {
B[WC_AES_BLOCK_SIZE * 4 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 4 - 1] + 3U);
if (B[WC_AES_BLOCK_SIZE * 4 - 1] < 3U) {
for (i = 1; i < lenSz; i++) {
if (++B[WC_AES_BLOCK_SIZE * 4 - 1 - i] != 0) break;
}
@ -11062,8 +11062,8 @@ static WC_INLINE void AesCcmCtrInc4(byte* B, word32 lenSz)
{
word32 i;
B[WC_AES_BLOCK_SIZE - 1] += 4;
if (B[WC_AES_BLOCK_SIZE - 1] < 4) {
B[WC_AES_BLOCK_SIZE - 1] = (byte)(B[WC_AES_BLOCK_SIZE - 1] + 4U);
if (B[WC_AES_BLOCK_SIZE - 1] < 4U) {
for (i = 1; i < lenSz; i++) {
if (++B[WC_AES_BLOCK_SIZE - 1 - i] != 0) break;
}
@ -11123,7 +11123,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
XMEMSET(A, 0, sizeof(A));
XMEMCPY(B+1, nonce, nonceSz);
lenSz = WC_AES_BLOCK_SIZE - 1 - (byte)nonceSz;
lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz);
B[0] = (byte)((authInSz > 0 ? 64 : 0)
+ (8 * (((byte)authTagSz - 2) / 2))
+ (lenSz - 1));
@ -11153,7 +11153,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
if (ret == 0) {
XMEMCPY(authTag, A, authTagSz);
B[0] = lenSz - 1;
B[0] = (byte)(lenSz - 1U);
for (i = 0; i < lenSz; i++)
B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
ret = wc_AesEncrypt(aes, B, A);
@ -11272,9 +11272,9 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
oSz = inSz;
XMEMSET(A, 0, sizeof A);
XMEMCPY(B+1, nonce, nonceSz);
lenSz = WC_AES_BLOCK_SIZE - 1 - (byte)nonceSz;
lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz);
B[0] = lenSz - 1;
B[0] = (byte)(lenSz - 1U);
for (i = 0; i < lenSz; i++)
B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
B[15] = 1;
@ -11353,7 +11353,7 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
ret = roll_x(aes, o, oSz, A);
if (ret == 0) {
B[0] = lenSz - 1;
B[0] = (byte)(lenSz - 1U);
for (i = 0; i < lenSz; i++)
B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
ret = wc_AesEncrypt(aes, B, B);
@ -12175,11 +12175,11 @@ static void shiftLeftArray(byte* ary, byte shift)
else {
/* shifting over by 7 or less bits */
for (i = 0; i < WC_AES_BLOCK_SIZE - 1; i++) {
byte carry = ary[i+1] & (0XFF << (WOLFSSL_BIT_SIZE - shift));
carry >>= (WOLFSSL_BIT_SIZE - shift);
byte carry = (byte)(ary[i+1] & (0XFF << (WOLFSSL_BIT_SIZE - shift)));
carry = (byte)(carry >> (WOLFSSL_BIT_SIZE - shift));
ary[i] = (byte)((ary[i] << shift) + carry);
}
ary[i] = ary[i] << shift;
ary[i] = (byte)(ary[i] << shift);
}
}
@ -12265,19 +12265,19 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
pt = (byte*)aes->reg;
/* LSB + CAT */
tmp = (0X01 << bit) & in[0];
tmp = tmp >> bit;
tmp = (byte)((0X01U << bit) & in[0]);
tmp = (byte)(tmp >> bit);
tmp &= 0x01;
shiftLeftArray((byte*)aes->reg, 1);
pt[WC_AES_BLOCK_SIZE - 1] |= tmp;
}
/* MSB + XOR */
tmp = (0X01 << bit) & in[0];
tmp = (byte)((0X01U << bit) & in[0]);
pt = (byte*)aes->tmp;
tmp = (pt[0] >> 7) ^ (tmp >> bit);
tmp = (byte)((pt[0] >> 7) ^ (tmp >> bit));
tmp &= 0x01;
cur |= (tmp << bit);
cur = (byte)(cur | (tmp << bit));
if (dir == AES_ENCRYPTION) {
@ -12294,7 +12294,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
out += 1;
in += 1;
sz -= 1;
bit = 7;
bit = 7U;
cur = 0;
}
else {
@ -14062,7 +14062,7 @@ static WARN_UNUSED_RESULT int S2V(
if (ret != 0)
break;
xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE);
tmpi = 1 - tmpi;
tmpi = (byte)(1 - tmpi);
}
/* Add nonce as final AD. See RFC 5297 Section 3. */
@ -14073,7 +14073,7 @@ static WARN_UNUSED_RESULT int S2V(
if (ret == 0) {
xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE);
}
tmpi = 1 - tmpi;
tmpi = (byte)(1U - tmpi);
}
/* For simplicity of the remaining code, make sure the "final" result

21
wolfcrypt/src/asn.c
View File

@ -1273,8 +1273,8 @@ static int GetASN_StoreData(const ASNItem* asn, ASNGetData* data,
/* Fill number with all of data. */
*data->data.u16 = 0;
for (i = 0; i < len; i++) {
*data->data.u16 <<= 8;
*data->data.u16 |= input[idx + (word32)i] ;
*data->data.u16 = (word16)(*data->data.u16 << 8U);
*data->data.u16 = (word16)(*data->data.u16 | input[idx + (word32)i]);
}
break;
case ASN_DATA_TYPE_WORD32:
@ -8640,12 +8640,12 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
pbeOidBuf = pbes2;
pbeOidBufSz = sizeof(pbes2);
/* kdf = OBJ pbkdf2 [ SEQ innerLen ] */
kdfLen = 2 + sizeof(pbkdf2Oid) + 2 + innerLen;
kdfLen = 2U + (word32)sizeof(pbkdf2Oid) + 2U + innerLen;
/* enc = OBJ enc_alg OCT iv */
encLen = 2 + (word32)encOidSz + 2 + (word32)blockSz;
encLen = 2U + (word32)encOidSz + 2U + (word32)blockSz;
/* pbe = OBJ pbse2 SEQ [ SEQ [ kdf ] SEQ [ enc ] ] */
pbeLen = (word32)(2 + sizeof(pbes2) + 2 + 2 + (size_t)kdfLen + 2 +
(size_t)encLen);
pbeLen = 2U + (word32)sizeof(pbes2) + 2U + 2U + kdfLen + 2U +
encLen;
ret = wc_RNG_GenerateBlock(rng, cbcIv, (word32)blockSz);
}
@ -8715,7 +8715,7 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
idx += SetSequence(kdfLen, out + idx);
idx += (word32)SetObjectId((int)sizeof(pbkdf2Oid), out + idx);
XMEMCPY(out + idx, pbkdf2Oid, sizeof(pbkdf2Oid));
idx += sizeof(pbkdf2Oid);
idx += (word32)sizeof(pbkdf2Oid);
}
idx += SetSequence(innerLen, out + idx);
idx += SetOctetString(saltSz, out + idx);
@ -24085,7 +24085,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm, Signer
}
}
else {
cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1,
cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1U,
cert->maxPathLen);
}
}
@ -27020,7 +27020,7 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz,
#ifndef NO_ASN_TIME
static WC_INLINE byte itob(int number)
{
return (byte)number + 0x30;
return (byte)(number + 0x30);
}
@ -33432,7 +33432,8 @@ int EncodePolicyOID(byte *out, word32 *outSz, const char *in, void* heap)
return BUFFER_E;
}
out[idx++] += (byte)val;
out[idx] = (byte)(out[idx] + val);
++idx;
}
else {
word32 tb = 0;

16
wolfcrypt/src/coding.c
View File

@ -99,7 +99,7 @@ static WC_INLINE byte Base64_Char2Val(byte c)
byte v;
byte mask;
c -= BASE64_MIN;
c = (byte)(c - BASE64_MIN);
mask = (byte)((((byte)(0x3f - c)) >> 7) - 1);
/* Load a value from the first cache line and use when mask set. */
v = (byte)(base64Decode[ c & 0x3f ] & mask);
@ -507,7 +507,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return BAD_FUNC_ARG;
if (inLen == 1 && *outLen && in) {
byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */
byte b = (byte)(in[inIdx++] - BASE16_MIN); /* 0 starts at 0x30 */
/* sanity check */
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0]))
@ -531,8 +531,8 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return BAD_FUNC_ARG;
while (inLen) {
byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */
byte b2 = in[inIdx++] - BASE16_MIN;
byte b = (byte)(in[inIdx++] - BASE16_MIN); /* 0 starts at 0x30 */
byte b2 = (byte)(in[inIdx++] - BASE16_MIN);
/* sanity checks */
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0]))
@ -570,14 +570,14 @@ int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
byte lb = in[i] & 0x0f;
/* ASCII value */
hb += '0';
hb = (byte)(hb + '0');
if (hb > '9')
hb += 7;
hb = (byte)(hb + 7U);
/* ASCII value */
lb += '0';
lb = (byte)(lb + '0');
if (lb>'9')
lb += 7;
lb = (byte)(lb + 7U);
out[outIdx++] = hb;
out[outIdx++] = lb;

8
wolfcrypt/src/ecc.c
View File

@ -1642,7 +1642,7 @@ static void wc_ecc_curve_cache_free_spec_item(ecc_curve_spec* curve, mp_int* ite
#endif
mp_clear(item);
}
curve->load_mask &= ~mask;
curve->load_mask = (byte)(curve->load_mask & ~mask);
}
static void wc_ecc_curve_cache_free_spec(ecc_curve_spec* curve)
{
@ -12811,7 +12811,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
by x bits from the start */
bitpos = (unsigned)x;
for (y = z = 0; y < FP_LUT; y++) {
z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
z |= (((word32)kb[bitpos>>3U] >> (bitpos&7U)) & 1U) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}
@ -13064,8 +13064,8 @@ static int accel_fp_mul2add(int idx1, int idx2,
offset by x bits from the start */
bitpos = (unsigned)x;
for (y = zA = zB = 0; y < FP_LUT; y++) {
zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
zA |= (((word32)kb[0][bitpos>>3U] >> (bitpos&7U)) & 1U) << y;
zB |= (((word32)kb[1][bitpos>>3U] >> (bitpos&7U)) & 1U) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
the mult in each loop */
}

18
wolfcrypt/src/fe_x25519_128.h
View File

@ -120,30 +120,30 @@ void fe_tobytes(unsigned char *out, const fe n)
out[ 3] = (((byte)((in[0] >> 24) )) );
out[ 4] = (((byte)((in[0] >> 32) )) );
out[ 5] = (((byte)((in[0] >> 40) )) );
out[ 6] = (((byte)((in[0] >> 48) & 0x07)) )
| (((byte)((in[1] ) & 0x1f)) << 3);
out[ 6] = (byte)((((byte)((in[0] >> 48) & 0x07)))
| (((byte)((in[1] ) & 0x1f)) << 3));
out[ 7] = (((byte)((in[1] >> 5) )) );
out[ 8] = (((byte)((in[1] >> 13) )) );
out[ 9] = (((byte)((in[1] >> 21) )) );
out[10] = (((byte)((in[1] >> 29) )) );
out[11] = (((byte)((in[1] >> 37) )) );
out[12] = (((byte)((in[1] >> 45) & 0x3f)) )
| (((byte)((in[2] ) & 0x03)) << 6);
out[12] = (byte)((((byte)((in[1] >> 45) & 0x3f)))
| (((byte)((in[2] ) & 0x03)) << 6));
out[13] = (((byte)((in[2] >> 2) )) );
out[14] = (((byte)((in[2] >> 10) )) );
out[15] = (((byte)((in[2] >> 18) )) );
out[16] = (((byte)((in[2] >> 26) )) );
out[17] = (((byte)((in[2] >> 34) )) );
out[18] = (((byte)((in[2] >> 42) )) );
out[19] = (((byte)((in[2] >> 50) & 0x01)) )
| (((byte)((in[3] ) & 0x7f)) << 1);
out[19] = (byte)((((byte)((in[2] >> 50) & 0x01)))
| (((byte)((in[3] ) & 0x7f)) << 1));
out[20] = (((byte)((in[3] >> 7) )) );
out[21] = (((byte)((in[3] >> 15) )) );
out[22] = (((byte)((in[3] >> 23) )) );
out[23] = (((byte)((in[3] >> 31) )) );
out[24] = (((byte)((in[3] >> 39) )) );
out[25] = (((byte)((in[3] >> 47) & 0x0f)) )
| (((byte)((in[4] ) & 0x0f)) << 4);
out[25] = (byte)((((byte)((in[3] >> 47) & 0x0f)))
| (((byte)((in[4] ) & 0x0f)) << 4));
out[26] = (((byte)((in[4] >> 4) )) );
out[27] = (((byte)((in[4] >> 12) )) );
out[28] = (((byte)((in[4] >> 20) )) );
@ -427,7 +427,7 @@ int curve25519(byte* r, const byte* n, const byte* a)
swap = 0;
for (pos = 254;pos >= 0;--pos) {
b = n[pos / 8] >> (pos & 7);
b = (unsigned int)(n[pos / 8] >> (pos & 7));
b &= 1;
swap ^= b;
fe_cswap(x2, x3, (int)swap);

750
wolfcrypt/src/ge_448.c
View File

@ -464,120 +464,120 @@ void sc448_reduce(byte* b)
word64 o;
/* Load from bytes */
t[ 0] = ((sword64) (b[ 0]) << 0)
| ((sword64) (b[ 1]) << 8)
| ((sword64) (b[ 2]) << 16)
| ((sword64) (b[ 3]) << 24)
| ((sword64) (b[ 4]) << 32)
| ((sword64) (b[ 5]) << 40)
| ((sword64) (b[ 6]) << 48);
t[ 1] = ((sword64) (b[ 7]) << 0)
| ((sword64) (b[ 8]) << 8)
| ((sword64) (b[ 9]) << 16)
| ((sword64) (b[10]) << 24)
| ((sword64) (b[11]) << 32)
| ((sword64) (b[12]) << 40)
| ((sword64) (b[13]) << 48);
t[ 2] = ((sword64) (b[14]) << 0)
| ((sword64) (b[15]) << 8)
| ((sword64) (b[16]) << 16)
| ((sword64) (b[17]) << 24)
| ((sword64) (b[18]) << 32)
| ((sword64) (b[19]) << 40)
| ((sword64) (b[20]) << 48);
t[ 3] = ((sword64) (b[21]) << 0)
| ((sword64) (b[22]) << 8)
| ((sword64) (b[23]) << 16)
| ((sword64) (b[24]) << 24)
| ((sword64) (b[25]) << 32)
| ((sword64) (b[26]) << 40)
| ((sword64) (b[27]) << 48);
t[ 4] = ((sword64) (b[28]) << 0)
| ((sword64) (b[29]) << 8)
| ((sword64) (b[30]) << 16)
| ((sword64) (b[31]) << 24)
| ((sword64) (b[32]) << 32)
| ((sword64) (b[33]) << 40)
| ((sword64) (b[34]) << 48);
t[ 5] = ((sword64) (b[35]) << 0)
| ((sword64) (b[36]) << 8)
| ((sword64) (b[37]) << 16)
| ((sword64) (b[38]) << 24)
| ((sword64) (b[39]) << 32)
| ((sword64) (b[40]) << 40)
| ((sword64) (b[41]) << 48);
t[ 6] = ((sword64) (b[42]) << 0)
| ((sword64) (b[43]) << 8)
| ((sword64) (b[44]) << 16)
| ((sword64) (b[45]) << 24)
| ((sword64) (b[46]) << 32)
| ((sword64) (b[47]) << 40)
| ((sword64) (b[48]) << 48);
t[ 7] = ((sword64) (b[49]) << 0)
| ((sword64) (b[50]) << 8)
| ((sword64) (b[51]) << 16)
| ((sword64) (b[52]) << 24)
| ((sword64) (b[53]) << 32)
| ((sword64) (b[54]) << 40)
| ((sword64) (b[55]) << 48);
t[ 8] = ((sword64) (b[56]) << 0)
| ((sword64) (b[57]) << 8)
| ((sword64) (b[58]) << 16)
| ((sword64) (b[59]) << 24)
| ((sword64) (b[60]) << 32)
| ((sword64) (b[61]) << 40)
| ((sword64) (b[62]) << 48);
t[ 9] = ((sword64) (b[63]) << 0)
| ((sword64) (b[64]) << 8)
| ((sword64) (b[65]) << 16)
| ((sword64) (b[66]) << 24)
| ((sword64) (b[67]) << 32)
| ((sword64) (b[68]) << 40)
| ((sword64) (b[69]) << 48);
t[10] = ((sword64) (b[70]) << 0)
| ((sword64) (b[71]) << 8)
| ((sword64) (b[72]) << 16)
| ((sword64) (b[73]) << 24)
| ((sword64) (b[74]) << 32)
| ((sword64) (b[75]) << 40)
| ((sword64) (b[76]) << 48);
t[11] = ((sword64) (b[77]) << 0)
| ((sword64) (b[78]) << 8)
| ((sword64) (b[79]) << 16)
| ((sword64) (b[80]) << 24)
| ((sword64) (b[81]) << 32)
| ((sword64) (b[82]) << 40)
| ((sword64) (b[83]) << 48);
t[12] = ((sword64) (b[84]) << 0)
| ((sword64) (b[85]) << 8)
| ((sword64) (b[86]) << 16)
| ((sword64) (b[87]) << 24)
| ((sword64) (b[88]) << 32)
| ((sword64) (b[89]) << 40)
| ((sword64) (b[90]) << 48);
t[13] = ((sword64) (b[91]) << 0)
| ((sword64) (b[92]) << 8)
| ((sword64) (b[93]) << 16)
| ((sword64) (b[94]) << 24)
| ((sword64) (b[95]) << 32)
| ((sword64) (b[96]) << 40)
| ((sword64) (b[97]) << 48);
t[14] = ((sword64) (b[98]) << 0)
| ((sword64) (b[99]) << 8)
| ((sword64) (b[100]) << 16)
| ((sword64) (b[101]) << 24)
| ((sword64) (b[102]) << 32)
| ((sword64) (b[103]) << 40)
| ((sword64) (b[104]) << 48);
t[15] = ((sword64) (b[105]) << 0)
| ((sword64) (b[106]) << 8)
| ((sword64) (b[107]) << 16)
| ((sword64) (b[108]) << 24)
| ((sword64) (b[109]) << 32)
| ((sword64) (b[110]) << 40)
| ((sword64) (b[111]) << 48);
t[16] = ((sword64) (b[112]) << 0)
| ((sword64) (b[113]) << 8);
t[ 0] = (word64)((sword64) (b[ 0]) << 0)
| (word64)((sword64) (b[ 1]) << 8)
| (word64)((sword64) (b[ 2]) << 16)
| (word64)((sword64) (b[ 3]) << 24)
| (word64)((sword64) (b[ 4]) << 32)
| (word64)((sword64) (b[ 5]) << 40)
| (word64)((sword64) (b[ 6]) << 48);
t[ 1] = (word64)((sword64) (b[ 7]) << 0)
| (word64)((sword64) (b[ 8]) << 8)
| (word64)((sword64) (b[ 9]) << 16)
| (word64)((sword64) (b[10]) << 24)
| (word64)((sword64) (b[11]) << 32)
| (word64)((sword64) (b[12]) << 40)
| (word64)((sword64) (b[13]) << 48);
t[ 2] = (word64)((sword64) (b[14]) << 0)
| (word64)((sword64) (b[15]) << 8)
| (word64)((sword64) (b[16]) << 16)
| (word64)((sword64) (b[17]) << 24)
| (word64)((sword64) (b[18]) << 32)
| (word64)((sword64) (b[19]) << 40)
| (word64)((sword64) (b[20]) << 48);
t[ 3] = (word64)((sword64) (b[21]) << 0)
| (word64)((sword64) (b[22]) << 8)
| (word64)((sword64) (b[23]) << 16)
| (word64)((sword64) (b[24]) << 24)
| (word64)((sword64) (b[25]) << 32)
| (word64)((sword64) (b[26]) << 40)
| (word64)((sword64) (b[27]) << 48);
t[ 4] = (word64)((sword64) (b[28]) << 0)
| (word64)((sword64) (b[29]) << 8)
| (word64)((sword64) (b[30]) << 16)
| (word64)((sword64) (b[31]) << 24)
| (word64)((sword64) (b[32]) << 32)
| (word64)((sword64) (b[33]) << 40)
| (word64)((sword64) (b[34]) << 48);
t[ 5] = (word64)((sword64) (b[35]) << 0)
| (word64)((sword64) (b[36]) << 8)
| (word64)((sword64) (b[37]) << 16)
| (word64)((sword64) (b[38]) << 24)
| (word64)((sword64) (b[39]) << 32)
| (word64)((sword64) (b[40]) << 40)
| (word64)((sword64) (b[41]) << 48);
t[ 6] = (word64)((sword64) (b[42]) << 0)
| (word64)((sword64) (b[43]) << 8)
| (word64)((sword64) (b[44]) << 16)
| (word64)((sword64) (b[45]) << 24)
| (word64)((sword64) (b[46]) << 32)
| (word64)((sword64) (b[47]) << 40)
| (word64)((sword64) (b[48]) << 48);
t[ 7] = (word64)((sword64) (b[49]) << 0)
| (word64)((sword64) (b[50]) << 8)
| (word64)((sword64) (b[51]) << 16)
| (word64)((sword64) (b[52]) << 24)
| (word64)((sword64) (b[53]) << 32)
| (word64)((sword64) (b[54]) << 40)
| (word64)((sword64) (b[55]) << 48);
t[ 8] = (word64)((sword64) (b[56]) << 0)
| (word64)((sword64) (b[57]) << 8)
| (word64)((sword64) (b[58]) << 16)
| (word64)((sword64) (b[59]) << 24)
| (word64)((sword64) (b[60]) << 32)
| (word64)((sword64) (b[61]) << 40)
| (word64)((sword64) (b[62]) << 48);
t[ 9] = (word64)((sword64) (b[63]) << 0)
| (word64)((sword64) (b[64]) << 8)
| (word64)((sword64) (b[65]) << 16)
| (word64)((sword64) (b[66]) << 24)
| (word64)((sword64) (b[67]) << 32)
| (word64)((sword64) (b[68]) << 40)
| (word64)((sword64) (b[69]) << 48);
t[10] = (word64)((sword64) (b[70]) << 0)
| (word64)((sword64) (b[71]) << 8)
| (word64)((sword64) (b[72]) << 16)
| (word64)((sword64) (b[73]) << 24)
| (word64)((sword64) (b[74]) << 32)
| (word64)((sword64) (b[75]) << 40)
| (word64)((sword64) (b[76]) << 48);
t[11] = (word64)((sword64) (b[77]) << 0)
| (word64)((sword64) (b[78]) << 8)
| (word64)((sword64) (b[79]) << 16)
| (word64)((sword64) (b[80]) << 24)
| (word64)((sword64) (b[81]) << 32)
| (word64)((sword64) (b[82]) << 40)
| (word64)((sword64) (b[83]) << 48);
t[12] = (word64)((sword64) (b[84]) << 0)
| (word64)((sword64) (b[85]) << 8)
| (word64)((sword64) (b[86]) << 16)
| (word64)((sword64) (b[87]) << 24)
| (word64)((sword64) (b[88]) << 32)
| (word64)((sword64) (b[89]) << 40)
| (word64)((sword64) (b[90]) << 48);
t[13] = (word64)((sword64) (b[91]) << 0)
| (word64)((sword64) (b[92]) << 8)
| (word64)((sword64) (b[93]) << 16)
| (word64)((sword64) (b[94]) << 24)
| (word64)((sword64) (b[95]) << 32)
| (word64)((sword64) (b[96]) << 40)
| (word64)((sword64) (b[97]) << 48);
t[14] = (word64)((sword64) (b[98]) << 0)
| (word64)((sword64) (b[99]) << 8)
| (word64)((sword64) (b[100]) << 16)
| (word64)((sword64) (b[101]) << 24)
| (word64)((sword64) (b[102]) << 32)
| (word64)((sword64) (b[103]) << 40)
| (word64)((sword64) (b[104]) << 48);
t[15] = (word64)((sword64) (b[105]) << 0)
| (word64)((sword64) (b[106]) << 8)
| (word64)((sword64) (b[107]) << 16)
| (word64)((sword64) (b[108]) << 24)
| (word64)((sword64) (b[109]) << 32)
| (word64)((sword64) (b[110]) << 40)
| (word64)((sword64) (b[111]) << 48);
t[16] = (word64)((sword64) (b[112]) << 0)
| (word64)((sword64) (b[113]) << 8);
/* Mod curve order */
/* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */
@ -747,241 +747,241 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
sword64 u;
/* Load from bytes */
ad[ 0] = ((sword64) (a[ 0]) << 0)
| ((sword64) (a[ 1]) << 8)
| ((sword64) (a[ 2]) << 16)
| ((sword64) (a[ 3]) << 24)
| ((sword64) (a[ 4]) << 32)
| ((sword64) (a[ 5]) << 40)
| ((sword64) (a[ 6]) << 48);
ad[ 1] = ((sword64) (a[ 7]) << 0)
| ((sword64) (a[ 8]) << 8)
| ((sword64) (a[ 9]) << 16)
| ((sword64) (a[10]) << 24)
| ((sword64) (a[11]) << 32)
| ((sword64) (a[12]) << 40)
| ((sword64) (a[13]) << 48);
ad[ 2] = ((sword64) (a[14]) << 0)
| ((sword64) (a[15]) << 8)
| ((sword64) (a[16]) << 16)
| ((sword64) (a[17]) << 24)
| ((sword64) (a[18]) << 32)
| ((sword64) (a[19]) << 40)
| ((sword64) (a[20]) << 48);
ad[ 3] = ((sword64) (a[21]) << 0)
| ((sword64) (a[22]) << 8)
| ((sword64) (a[23]) << 16)
| ((sword64) (a[24]) << 24)
| ((sword64) (a[25]) << 32)
| ((sword64) (a[26]) << 40)
| ((sword64) (a[27]) << 48);
ad[ 4] = ((sword64) (a[28]) << 0)
| ((sword64) (a[29]) << 8)
| ((sword64) (a[30]) << 16)
| ((sword64) (a[31]) << 24)
| ((sword64) (a[32]) << 32)
| ((sword64) (a[33]) << 40)
| ((sword64) (a[34]) << 48);
ad[ 5] = ((sword64) (a[35]) << 0)
| ((sword64) (a[36]) << 8)
| ((sword64) (a[37]) << 16)
| ((sword64) (a[38]) << 24)
| ((sword64) (a[39]) << 32)
| ((sword64) (a[40]) << 40)
| ((sword64) (a[41]) << 48);
ad[ 6] = ((sword64) (a[42]) << 0)
| ((sword64) (a[43]) << 8)
| ((sword64) (a[44]) << 16)
| ((sword64) (a[45]) << 24)
| ((sword64) (a[46]) << 32)
| ((sword64) (a[47]) << 40)
| ((sword64) (a[48]) << 48);
ad[ 7] = ((sword64) (a[49]) << 0)
| ((sword64) (a[50]) << 8)
| ((sword64) (a[51]) << 16)
| ((sword64) (a[52]) << 24)
| ((sword64) (a[53]) << 32)
| ((sword64) (a[54]) << 40)
| ((sword64) (a[55]) << 48);
ad[ 0] = (word64)((sword64) (a[ 0]) << 0)
| (word64)((sword64) (a[ 1]) << 8)
| (word64)((sword64) (a[ 2]) << 16)
| (word64)((sword64) (a[ 3]) << 24)
| (word64)((sword64) (a[ 4]) << 32)
| (word64)((sword64) (a[ 5]) << 40)
| (word64)((sword64) (a[ 6]) << 48);
ad[ 1] = (word64)((sword64) (a[ 7]) << 0)
| (word64)((sword64) (a[ 8]) << 8)
| (word64)((sword64) (a[ 9]) << 16)
| (word64)((sword64) (a[10]) << 24)
| (word64)((sword64) (a[11]) << 32)
| (word64)((sword64) (a[12]) << 40)
| (word64)((sword64) (a[13]) << 48);
ad[ 2] = (word64)((sword64) (a[14]) << 0)
| (word64)((sword64) (a[15]) << 8)
| (word64)((sword64) (a[16]) << 16)
| (word64)((sword64) (a[17]) << 24)
| (word64)((sword64) (a[18]) << 32)
| (word64)((sword64) (a[19]) << 40)
| (word64)((sword64) (a[20]) << 48);
ad[ 3] = (word64)((sword64) (a[21]) << 0)
| (word64)((sword64) (a[22]) << 8)
| (word64)((sword64) (a[23]) << 16)
| (word64)((sword64) (a[24]) << 24)
| (word64)((sword64) (a[25]) << 32)
| (word64)((sword64) (a[26]) << 40)
| (word64)((sword64) (a[27]) << 48);
ad[ 4] = (word64)((sword64) (a[28]) << 0)
| (word64)((sword64) (a[29]) << 8)
| (word64)((sword64) (a[30]) << 16)
| (word64)((sword64) (a[31]) << 24)
| (word64)((sword64) (a[32]) << 32)
| (word64)((sword64) (a[33]) << 40)
| (word64)((sword64) (a[34]) << 48);
ad[ 5] = (word64)((sword64) (a[35]) << 0)
| (word64)((sword64) (a[36]) << 8)
| (word64)((sword64) (a[37]) << 16)
| (word64)((sword64) (a[38]) << 24)
| (word64)((sword64) (a[39]) << 32)
| (word64)((sword64) (a[40]) << 40)
| (word64)((sword64) (a[41]) << 48);
ad[ 6] = (word64)((sword64) (a[42]) << 0)
| (word64)((sword64) (a[43]) << 8)
| (word64)((sword64) (a[44]) << 16)
| (word64)((sword64) (a[45]) << 24)
| (word64)((sword64) (a[46]) << 32)
| (word64)((sword64) (a[47]) << 40)
| (word64)((sword64) (a[48]) << 48);
ad[ 7] = (word64)((sword64) (a[49]) << 0)
| (word64)((sword64) (a[50]) << 8)
| (word64)((sword64) (a[51]) << 16)
| (word64)((sword64) (a[52]) << 24)
| (word64)((sword64) (a[53]) << 32)
| (word64)((sword64) (a[54]) << 40)
| (word64)((sword64) (a[55]) << 48);
/* Load from bytes */
bd[ 0] = ((sword64) (b[ 0]) << 0)
| ((sword64) (b[ 1]) << 8)
| ((sword64) (b[ 2]) << 16)
| ((sword64) (b[ 3]) << 24)
| ((sword64) (b[ 4]) << 32)
| ((sword64) (b[ 5]) << 40)
| ((sword64) (b[ 6]) << 48);
bd[ 1] = ((sword64) (b[ 7]) << 0)
| ((sword64) (b[ 8]) << 8)
| ((sword64) (b[ 9]) << 16)
| ((sword64) (b[10]) << 24)
| ((sword64) (b[11]) << 32)
| ((sword64) (b[12]) << 40)
| ((sword64) (b[13]) << 48);
bd[ 2] = ((sword64) (b[14]) << 0)
| ((sword64) (b[15]) << 8)
| ((sword64) (b[16]) << 16)
| ((sword64) (b[17]) << 24)
| ((sword64) (b[18]) << 32)
| ((sword64) (b[19]) << 40)
| ((sword64) (b[20]) << 48);
bd[ 3] = ((sword64) (b[21]) << 0)
| ((sword64) (b[22]) << 8)
| ((sword64) (b[23]) << 16)
| ((sword64) (b[24]) << 24)
| ((sword64) (b[25]) << 32)
| ((sword64) (b[26]) << 40)
| ((sword64) (b[27]) << 48);
bd[ 4] = ((sword64) (b[28]) << 0)
| ((sword64) (b[29]) << 8)
| ((sword64) (b[30]) << 16)
| ((sword64) (b[31]) << 24)
| ((sword64) (b[32]) << 32)
| ((sword64) (b[33]) << 40)
| ((sword64) (b[34]) << 48);
bd[ 5] = ((sword64) (b[35]) << 0)
| ((sword64) (b[36]) << 8)
| ((sword64) (b[37]) << 16)
| ((sword64) (b[38]) << 24)
| ((sword64) (b[39]) << 32)
| ((sword64) (b[40]) << 40)
| ((sword64) (b[41]) << 48);
bd[ 6] = ((sword64) (b[42]) << 0)
| ((sword64) (b[43]) << 8)
| ((sword64) (b[44]) << 16)
| ((sword64) (b[45]) << 24)
| ((sword64) (b[46]) << 32)
| ((sword64) (b[47]) << 40)
| ((sword64) (b[48]) << 48);
bd[ 7] = ((sword64) (b[49]) << 0)
| ((sword64) (b[50]) << 8)
| ((sword64) (b[51]) << 16)
| ((sword64) (b[52]) << 24)
| ((sword64) (b[53]) << 32)
| ((sword64) (b[54]) << 40)
| ((sword64) (b[55]) << 48);
bd[ 0] = (word64)((sword64) (b[ 0]) << 0)
| (word64)((sword64) (b[ 1]) << 8)
| (word64)((sword64) (b[ 2]) << 16)
| (word64)((sword64) (b[ 3]) << 24)
| (word64)((sword64) (b[ 4]) << 32)
| (word64)((sword64) (b[ 5]) << 40)
| (word64)((sword64) (b[ 6]) << 48);
bd[ 1] = (word64)((sword64) (b[ 7]) << 0)
| (word64)((sword64) (b[ 8]) << 8)
| (word64)((sword64) (b[ 9]) << 16)
| (word64)((sword64) (b[10]) << 24)
| (word64)((sword64) (b[11]) << 32)
| (word64)((sword64) (b[12]) << 40)
| (word64)((sword64) (b[13]) << 48);
bd[ 2] = (word64)((sword64) (b[14]) << 0)
| (word64)((sword64) (b[15]) << 8)
| (word64)((sword64) (b[16]) << 16)
| (word64)((sword64) (b[17]) << 24)
| (word64)((sword64) (b[18]) << 32)
| (word64)((sword64) (b[19]) << 40)
| (word64)((sword64) (b[20]) << 48);
bd[ 3] = (word64)((sword64) (b[21]) << 0)
| (word64)((sword64) (b[22]) << 8)
| (word64)((sword64) (b[23]) << 16)
| (word64)((sword64) (b[24]) << 24)
| (word64)((sword64) (b[25]) << 32)
| (word64)((sword64) (b[26]) << 40)
| (word64)((sword64) (b[27]) << 48);
bd[ 4] = (word64)((sword64) (b[28]) << 0)
| (word64)((sword64) (b[29]) << 8)
| (word64)((sword64) (b[30]) << 16)
| (word64)((sword64) (b[31]) << 24)
| (word64)((sword64) (b[32]) << 32)
| (word64)((sword64) (b[33]) << 40)
| (word64)((sword64) (b[34]) << 48);
bd[ 5] = (word64)((sword64) (b[35]) << 0)
| (word64)((sword64) (b[36]) << 8)
| (word64)((sword64) (b[37]) << 16)
| (word64)((sword64) (b[38]) << 24)
| (word64)((sword64) (b[39]) << 32)
| (word64)((sword64) (b[40]) << 40)
| (word64)((sword64) (b[41]) << 48);
bd[ 6] = (word64)((sword64) (b[42]) << 0)
| (word64)((sword64) (b[43]) << 8)
| (word64)((sword64) (b[44]) << 16)
| (word64)((sword64) (b[45]) << 24)
| (word64)((sword64) (b[46]) << 32)
| (word64)((sword64) (b[47]) << 40)
| (word64)((sword64) (b[48]) << 48);
bd[ 7] = (word64)((sword64) (b[49]) << 0)
| (word64)((sword64) (b[50]) << 8)
| (word64)((sword64) (b[51]) << 16)
| (word64)((sword64) (b[52]) << 24)
| (word64)((sword64) (b[53]) << 32)
| (word64)((sword64) (b[54]) << 40)
| (word64)((sword64) (b[55]) << 48);
/* Load from bytes */
dd[ 0] = ((sword64) (d[ 0]) << 0)
| ((sword64) (d[ 1]) << 8)
| ((sword64) (d[ 2]) << 16)
| ((sword64) (d[ 3]) << 24)
| ((sword64) (d[ 4]) << 32)
| ((sword64) (d[ 5]) << 40)
| ((sword64) (d[ 6]) << 48);
dd[ 1] = ((sword64) (d[ 7]) << 0)
| ((sword64) (d[ 8]) << 8)
| ((sword64) (d[ 9]) << 16)
| ((sword64) (d[10]) << 24)
| ((sword64) (d[11]) << 32)
| ((sword64) (d[12]) << 40)
| ((sword64) (d[13]) << 48);
dd[ 2] = ((sword64) (d[14]) << 0)
| ((sword64) (d[15]) << 8)
| ((sword64) (d[16]) << 16)
| ((sword64) (d[17]) << 24)
| ((sword64) (d[18]) << 32)
| ((sword64) (d[19]) << 40)
| ((sword64) (d[20]) << 48);
dd[ 3] = ((sword64) (d[21]) << 0)
| ((sword64) (d[22]) << 8)
| ((sword64) (d[23]) << 16)
| ((sword64) (d[24]) << 24)
| ((sword64) (d[25]) << 32)
| ((sword64) (d[26]) << 40)
| ((sword64) (d[27]) << 48);
dd[ 4] = ((sword64) (d[28]) << 0)
| ((sword64) (d[29]) << 8)
| ((sword64) (d[30]) << 16)
| ((sword64) (d[31]) << 24)
| ((sword64) (d[32]) << 32)
| ((sword64) (d[33]) << 40)
| ((sword64) (d[34]) << 48);
dd[ 5] = ((sword64) (d[35]) << 0)
| ((sword64) (d[36]) << 8)
| ((sword64) (d[37]) << 16)
| ((sword64) (d[38]) << 24)
| ((sword64) (d[39]) << 32)
| ((sword64) (d[40]) << 40)
| ((sword64) (d[41]) << 48);
dd[ 6] = ((sword64) (d[42]) << 0)
| ((sword64) (d[43]) << 8)
| ((sword64) (d[44]) << 16)
| ((sword64) (d[45]) << 24)
| ((sword64) (d[46]) << 32)
| ((sword64) (d[47]) << 40)
| ((sword64) (d[48]) << 48);
dd[ 7] = ((sword64) (d[49]) << 0)
| ((sword64) (d[50]) << 8)
| ((sword64) (d[51]) << 16)
| ((sword64) (d[52]) << 24)
| ((sword64) (d[53]) << 32)
| ((sword64) (d[54]) << 40)
| ((sword64) (d[55]) << 48);
dd[ 0] = (word64)((sword64) (d[ 0]) << 0)
| (word64)((sword64) (d[ 1]) << 8)
| (word64)((sword64) (d[ 2]) << 16)
| (word64)((sword64) (d[ 3]) << 24)
| (word64)((sword64) (d[ 4]) << 32)
| (word64)((sword64) (d[ 5]) << 40)
| (word64)((sword64) (d[ 6]) << 48);
dd[ 1] = (word64)((sword64) (d[ 7]) << 0)
| (word64)((sword64) (d[ 8]) << 8)
| (word64)((sword64) (d[ 9]) << 16)
| (word64)((sword64) (d[10]) << 24)
| (word64)((sword64) (d[11]) << 32)
| (word64)((sword64) (d[12]) << 40)
| (word64)((sword64) (d[13]) << 48);
dd[ 2] = (word64)((sword64) (d[14]) << 0)
| (word64)((sword64) (d[15]) << 8)
| (word64)((sword64) (d[16]) << 16)
| (word64)((sword64) (d[17]) << 24)
| (word64)((sword64) (d[18]) << 32)
| (word64)((sword64) (d[19]) << 40)
| (word64)((sword64) (d[20]) << 48);
dd[ 3] = (word64)((sword64) (d[21]) << 0)
| (word64)((sword64) (d[22]) << 8)
| (word64)((sword64) (d[23]) << 16)
| (word64)((sword64) (d[24]) << 24)
| (word64)((sword64) (d[25]) << 32)
| (word64)((sword64) (d[26]) << 40)
| (word64)((sword64) (d[27]) << 48);
dd[ 4] = (word64)((sword64) (d[28]) << 0)
| (word64)((sword64) (d[29]) << 8)
| (word64)((sword64) (d[30]) << 16)
| (word64)((sword64) (d[31]) << 24)
| (word64)((sword64) (d[32]) << 32)
| (word64)((sword64) (d[33]) << 40)
| (word64)((sword64) (d[34]) << 48);
dd[ 5] = (word64)((sword64) (d[35]) << 0)
| (word64)((sword64) (d[36]) << 8)
| (word64)((sword64) (d[37]) << 16)
| (word64)((sword64) (d[38]) << 24)
| (word64)((sword64) (d[39]) << 32)
| (word64)((sword64) (d[40]) << 40)
| (word64)((sword64) (d[41]) << 48);
dd[ 6] = (word64)((sword64) (d[42]) << 0)
| (word64)((sword64) (d[43]) << 8)
| (word64)((sword64) (d[44]) << 16)
| (word64)((sword64) (d[45]) << 24)
| (word64)((sword64) (d[46]) << 32)
| (word64)((sword64) (d[47]) << 40)
| (word64)((sword64) (d[48]) << 48);
dd[ 7] = (word64)((sword64) (d[49]) << 0)
| (word64)((sword64) (d[50]) << 8)
| (word64)((sword64) (d[51]) << 16)
| (word64)((sword64) (d[52]) << 24)
| (word64)((sword64) (d[53]) << 32)
| (word64)((sword64) (d[54]) << 40)
| (word64)((sword64) (d[55]) << 48);
/* a * b + d */
t[ 0] = (word128)dd[ 0] + (sword128)ad[ 0] * bd[ 0];
t[ 1] = (word128)dd[ 1] + (sword128)ad[ 0] * bd[ 1]
+ (sword128)ad[ 1] * bd[ 0];
t[ 2] = (word128)dd[ 2] + (sword128)ad[ 0] * bd[ 2]
+ (sword128)ad[ 1] * bd[ 1]
+ (sword128)ad[ 2] * bd[ 0];
t[ 3] = (word128)dd[ 3] + (sword128)ad[ 0] * bd[ 3]
+ (sword128)ad[ 1] * bd[ 2]
+ (sword128)ad[ 2] * bd[ 1]
+ (sword128)ad[ 3] * bd[ 0];
t[ 4] = (word128)dd[ 4] + (sword128)ad[ 0] * bd[ 4]
t[ 0] = (word128)dd[ 0] + (word128)((sword128)ad[ 0] * bd[ 0]);
t[ 1] = (word128)dd[ 1] + (word128)((sword128)ad[ 0] * bd[ 1]
+ (sword128)ad[ 1] * bd[ 0]);
t[ 2] = (word128)dd[ 2] + (word128)((sword128)ad[ 0] * bd[ 2]
+ (sword128)ad[ 1] * bd[ 1]
+ (sword128)ad[ 2] * bd[ 0]);
t[ 3] = (word128)dd[ 3] + (word128)((sword128)ad[ 0] * bd[ 3]
+ (sword128)ad[ 1] * bd[ 2]
+ (sword128)ad[ 2] * bd[ 1]
+ (sword128)ad[ 3] * bd[ 0]);
t[ 4] = (word128)dd[ 4] + (word128)((sword128)ad[ 0] * bd[ 4]
+ (sword128)ad[ 1] * bd[ 3]
+ (sword128)ad[ 2] * bd[ 2]
+ (sword128)ad[ 3] * bd[ 1]
+ (sword128)ad[ 4] * bd[ 0];
t[ 5] = (word128)dd[ 5] + (sword128)ad[ 0] * bd[ 5]
+ (sword128)ad[ 4] * bd[ 0]);
t[ 5] = (word128)dd[ 5] + (word128)((sword128)ad[ 0] * bd[ 5]
+ (sword128)ad[ 1] * bd[ 4]
+ (sword128)ad[ 2] * bd[ 3]
+ (sword128)ad[ 3] * bd[ 2]
+ (sword128)ad[ 4] * bd[ 1]
+ (sword128)ad[ 5] * bd[ 0];
t[ 6] = (word128)dd[ 6] + (sword128)ad[ 0] * bd[ 6]
+ (sword128)ad[ 5] * bd[ 0]);
t[ 6] = (word128)dd[ 6] + (word128)((sword128)ad[ 0] * bd[ 6]
+ (sword128)ad[ 1] * bd[ 5]
+ (sword128)ad[ 2] * bd[ 4]
+ (sword128)ad[ 3] * bd[ 3]
+ (sword128)ad[ 4] * bd[ 2]
+ (sword128)ad[ 5] * bd[ 1]
+ (sword128)ad[ 6] * bd[ 0];
t[ 7] = (word128)dd[ 7] + (sword128)ad[ 0] * bd[ 7]
+ (sword128)ad[ 6] * bd[ 0]);
t[ 7] = (word128)dd[ 7] + (word128)((sword128)ad[ 0] * bd[ 7]
+ (sword128)ad[ 1] * bd[ 6]
+ (sword128)ad[ 2] * bd[ 5]
+ (sword128)ad[ 3] * bd[ 4]
+ (sword128)ad[ 4] * bd[ 3]
+ (sword128)ad[ 5] * bd[ 2]
+ (sword128)ad[ 6] * bd[ 1]
+ (sword128)ad[ 7] * bd[ 0];
t[ 8] = (word128) (sword128)ad[ 1] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 0]);
t[ 8] = (word128) ((sword128)ad[ 1] * bd[ 7]
+ (sword128)ad[ 2] * bd[ 6]
+ (sword128)ad[ 3] * bd[ 5]
+ (sword128)ad[ 4] * bd[ 4]
+ (sword128)ad[ 5] * bd[ 3]
+ (sword128)ad[ 6] * bd[ 2]
+ (sword128)ad[ 7] * bd[ 1];
t[ 9] = (word128) (sword128)ad[ 2] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 1]);
t[ 9] = (word128) ((sword128)ad[ 2] * bd[ 7]
+ (sword128)ad[ 3] * bd[ 6]
+ (sword128)ad[ 4] * bd[ 5]
+ (sword128)ad[ 5] * bd[ 4]
+ (sword128)ad[ 6] * bd[ 3]
+ (sword128)ad[ 7] * bd[ 2];
t[10] = (word128) (sword128)ad[ 3] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 2]);
t[10] = (word128) ((sword128)ad[ 3] * bd[ 7]
+ (sword128)ad[ 4] * bd[ 6]
+ (sword128)ad[ 5] * bd[ 5]
+ (sword128)ad[ 6] * bd[ 4]
+ (sword128)ad[ 7] * bd[ 3];
t[11] = (word128) (sword128)ad[ 4] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 3]);
t[11] = (word128) ((sword128)ad[ 4] * bd[ 7]
+ (sword128)ad[ 5] * bd[ 6]
+ (sword128)ad[ 6] * bd[ 5]
+ (sword128)ad[ 7] * bd[ 4];
t[12] = (word128) (sword128)ad[ 5] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 4]);
t[12] = (word128) ((sword128)ad[ 5] * bd[ 7]
+ (sword128)ad[ 6] * bd[ 6]
+ (sword128)ad[ 7] * bd[ 5];
t[13] = (word128) (sword128)ad[ 6] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 6];
+ (sword128)ad[ 7] * bd[ 5]);
t[13] = (word128) ((sword128)ad[ 6] * bd[ 7]
+ (sword128)ad[ 7] * bd[ 6]);
t[14] = (word128) (sword128)ad[ 7] * bd[ 7];
t[15] = 0;
@ -1070,31 +1070,39 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
o = rd[ 6] >> 56; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xffffffffffffff;
/* Reduce to mod order. */
u = 0;
u += rd[0] - (sword64)0x078c292ab5844f3L; u >>= 56;
u += rd[1] - (sword64)0x0c2728dc58f5523L; u >>= 56;
u += rd[2] - (sword64)0x049aed63690216cL; u >>= 56;
u += rd[3] - (sword64)0x07cca23e9c44edbL; u >>= 56;
u += rd[4] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += rd[5] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += rd[6] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += rd[7] - (sword64)0x03fffffffffffffL; u >>= 56;
u += (sword64)rd[0] - (sword64)0x078c292ab5844f3L; u >>= 56;
u += (sword64)rd[1] - (sword64)0x0c2728dc58f5523L; u >>= 56;
u += (sword64)rd[2] - (sword64)0x049aed63690216cL; u >>= 56;
u += (sword64)rd[3] - (sword64)0x07cca23e9c44edbL; u >>= 56;
u += (sword64)rd[4] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += (sword64)rd[5] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += (sword64)rd[6] - (sword64)0x0ffffffffffffffL; u >>= 56;
u += (sword64)rd[7] - (sword64)0x03fffffffffffffL; u >>= 56;
o = (word64)0 - (u >= 0);
u = 0;
u += rd[0] - ((word64)0x078c292ab5844f3L & o); rd[0] = u & 0xffffffffffffff;
u += (sword64)rd[0] - (sword64)((word64)0x078c292ab5844f3L & o);
rd[0] = u & 0xffffffffffffff;
u >>= 56;
u += rd[1] - ((word64)0x0c2728dc58f5523L & o); rd[1] = u & 0xffffffffffffff;
u += (sword64)rd[1] - (sword64)((word64)0x0c2728dc58f5523L & o);
rd[1] = u & 0xffffffffffffff;
u >>= 56;
u += rd[2] - ((word64)0x049aed63690216cL & o); rd[2] = u & 0xffffffffffffff;
u += (sword64)rd[2] - (sword64)((word64)0x049aed63690216cL & o);
rd[2] = u & 0xffffffffffffff;
u >>= 56;
u += rd[3] - ((word64)0x07cca23e9c44edbL & o); rd[3] = u & 0xffffffffffffff;
u += (sword64)rd[3] - (sword64)((word64)0x07cca23e9c44edbL & o);
rd[3] = u & 0xffffffffffffff;
u >>= 56;
u += rd[4] - ((word64)0x0ffffffffffffffL & o); rd[4] = u & 0xffffffffffffff;
u += (sword64)rd[4] - (sword64)((word64)0x0ffffffffffffffL & o);
rd[4] = u & 0xffffffffffffff;
u >>= 56;
u += rd[5] - ((word64)0x0ffffffffffffffL & o); rd[5] = u & 0xffffffffffffff;
u += (sword64)rd[5] - (sword64)((word64)0x0ffffffffffffffL & o);
rd[5] = u & 0xffffffffffffff;
u >>= 56;
u += rd[6] - ((word64)0x0ffffffffffffffL & o); rd[6] = u & 0xffffffffffffff;
u += (sword64)rd[6] - (sword64)((word64)0x0ffffffffffffffL & o);
rd[6] = u & 0xffffffffffffff;
u >>= 56;
u += rd[7] - ((word64)0x03fffffffffffffL & o); rd[7] = u & 0xffffffffffffff;
u += (sword64)rd[7] - (sword64)((word64)0x03fffffffffffffL & o);
rd[7] = u & 0xffffffffffffff;
/* Convert to bytes */
r[ 0] = (byte)(rd[0 ] >> 0);
@ -6257,55 +6265,55 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
o = rd[14] >> 28; rd[15] += o; rd[14] = rd[14] & 0xfffffff;
/* Reduce to mod order. */
u = 0;
u += rd[0] - (sword32)0x0b5844f3L; u >>= 28;
u += rd[1] - (sword32)0x078c292aL; u >>= 28;
u += rd[2] - (sword32)0x058f5523L; u >>= 28;
u += rd[3] - (sword32)0x0c2728dcL; u >>= 28;
u += rd[4] - (sword32)0x0690216cL; u >>= 28;
u += rd[5] - (sword32)0x049aed63L; u >>= 28;
u += rd[6] - (sword32)0x09c44edbL; u >>= 28;
u += rd[7] - (sword32)0x07cca23eL; u >>= 28;
u += rd[8] - (sword32)0x0fffffffL; u >>= 28;
u += rd[9] - (sword32)0x0fffffffL; u >>= 28;
u += rd[10] - (sword32)0x0fffffffL; u >>= 28;
u += rd[11] - (sword32)0x0fffffffL; u >>= 28;
u += rd[12] - (sword32)0x0fffffffL; u >>= 28;
u += rd[13] - (sword32)0x0fffffffL; u >>= 28;
u += rd[14] - (sword32)0x0fffffffL; u >>= 28;
u += rd[15] - (sword32)0x03ffffffL; u >>= 28;
u += (sword32)(rd[0] - (sword32)0x0b5844f3L); u >>= 28;
u += (sword32)(rd[1] - (sword32)0x078c292aL); u >>= 28;
u += (sword32)(rd[2] - (sword32)0x058f5523L); u >>= 28;
u += (sword32)(rd[3] - (sword32)0x0c2728dcL); u >>= 28;
u += (sword32)(rd[4] - (sword32)0x0690216cL); u >>= 28;
u += (sword32)(rd[5] - (sword32)0x049aed63L); u >>= 28;
u += (sword32)(rd[6] - (sword32)0x09c44edbL); u >>= 28;
u += (sword32)(rd[7] - (sword32)0x07cca23eL); u >>= 28;
u += (sword32)(rd[8] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[9] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[10] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[11] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[12] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[13] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[14] - (sword32)0x0fffffffL); u >>= 28;
u += (sword32)(rd[15] - (sword32)0x03ffffffL); u >>= 28;
o = (word32)0 - (u >= 0);
u = 0;
u += rd[0] - ((word32)0x0b5844f3L & o); rd[0] = u & 0xfffffff;
u += (sword32)(rd[0] - ((word32)0x0b5844f3L & o)); rd[0] = u & 0xfffffff;
u >>= 28;
u += rd[1] - ((word32)0x078c292aL & o); rd[1] = u & 0xfffffff;
u += (sword32)(rd[1] - ((word32)0x078c292aL & o)); rd[1] = u & 0xfffffff;
u >>= 28;
u += rd[2] - ((word32)0x058f5523L & o); rd[2] = u & 0xfffffff;
u += (sword32)(rd[2] - ((word32)0x058f5523L & o)); rd[2] = u & 0xfffffff;
u >>= 28;
u += rd[3] - ((word32)0x0c2728dcL & o); rd[3] = u & 0xfffffff;
u += (sword32)(rd[3] - ((word32)0x0c2728dcL & o)); rd[3] = u & 0xfffffff;
u >>= 28;
u += rd[4] - ((word32)0x0690216cL & o); rd[4] = u & 0xfffffff;
u += (sword32)(rd[4] - ((word32)0x0690216cL & o)); rd[4] = u & 0xfffffff;
u >>= 28;
u += rd[5] - ((word32)0x049aed63L & o); rd[5] = u & 0xfffffff;
u += (sword32)(rd[5] - ((word32)0x049aed63L & o)); rd[5] = u & 0xfffffff;
u >>= 28;
u += rd[6] - ((word32)0x09c44edbL & o); rd[6] = u & 0xfffffff;
u += (sword32)(rd[6] - ((word32)0x09c44edbL & o)); rd[6] = u & 0xfffffff;
u >>= 28;
u += rd[7] - ((word32)0x07cca23eL & o); rd[7] = u & 0xfffffff;
u += (sword32)(rd[7] - ((word32)0x07cca23eL & o)); rd[7] = u & 0xfffffff;
u >>= 28;
u += rd[8] - ((word32)0x0fffffffL & o); rd[8] = u & 0xfffffff;
u += (sword32)(rd[8] - ((word32)0x0fffffffL & o)); rd[8] = u & 0xfffffff;
u >>= 28;
u += rd[9] - ((word32)0x0fffffffL & o); rd[9] = u & 0xfffffff;
u += (sword32)(rd[9] - ((word32)0x0fffffffL & o)); rd[9] = u & 0xfffffff;
u >>= 28;
u += rd[10] - ((word32)0x0fffffffL & o); rd[10] = u & 0xfffffff;
u += (sword32)(rd[10] - ((word32)0x0fffffffL & o)); rd[10] = u & 0xfffffff;
u >>= 28;
u += rd[11] - ((word32)0x0fffffffL & o); rd[11] = u & 0xfffffff;
u += (sword32)(rd[11] - ((word32)0x0fffffffL & o)); rd[11] = u & 0xfffffff;
u >>= 28;
u += rd[12] - ((word32)0x0fffffffL & o); rd[12] = u & 0xfffffff;
u += (sword32)(rd[12] - ((word32)0x0fffffffL & o)); rd[12] = u & 0xfffffff;
u >>= 28;
u += rd[13] - ((word32)0x0fffffffL & o); rd[13] = u & 0xfffffff;
u += (sword32)(rd[13] - ((word32)0x0fffffffL & o)); rd[13] = u & 0xfffffff;
u >>= 28;
u += rd[14] - ((word32)0x0fffffffL & o); rd[14] = u & 0xfffffff;
u += (sword32)(rd[14] - ((word32)0x0fffffffL & o)); rd[14] = u & 0xfffffff;
u >>= 28;
u += rd[15] - ((word32)0x03ffffffL & o); rd[15] = u & 0xfffffff;
u += (sword32)(rd[15] - ((word32)0x03ffffffL & o)); rd[15] = u & 0xfffffff;
/* Convert to bytes */
r[ 0] = (byte)(rd[0 ] >> 0);
@ -10561,7 +10569,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
fe448_mul(x, p->X, recip);
fe448_mul(y, p->Y, recip);
fe448_to_bytes(b, y);
b[56] = (byte)fe448_isnegative(x) << 7;
b[56] = (byte)((byte)fe448_isnegative(x) << 7);
}
/* Convert point to byte array assuming z is 1.
@ -10572,7 +10580,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
static void ge448_p2z1_to_bytes(byte *b, const ge448_p2 *p)
{
fe448_to_bytes(b, p->Y);
b[56] = (byte)fe448_isnegative(p->X) << 7;
b[56] = (byte)((byte)fe448_isnegative(p->X) << 7);
}
/* Compress the point to y-ordinate and negative bit.
@ -10694,15 +10702,15 @@ int ge448_scalarmult_base(ge448_p2* r, const byte* a)
carry = 0;
for (i = 0; i < 56; ++i) {
e[2 * i + 0] = ((a[i] >> 0) & 0xf) + carry;
carry = e[2 * i + 0] + 8;
e[2 * i + 0] = (byte)(((a[i] >> 0) & 0xf) + carry);
carry = (byte)(e[2 * i + 0] + 8);
carry >>= 4;
e[2 * i + 0] -= (byte)(carry << 4);
e[2 * i + 0] = (byte)(e[2 * i + 0] - (byte)(carry << 4));
e[2 * i + 1] = ((a[i] >> 4) & 0xf) + carry;
carry = e[2 * i + 1] + 8;
carry >>= 4;
e[2 * i + 1] -= (byte)(carry << 4);
e[2 * i + 1] = (byte)(((a[i] >> 4) & 0xf) + carry);
carry = (byte)(e[2 * i + 1] + 8);
carry = (byte)(carry >> 4);
e[2 * i + 1] = (byte)(e[2 * i + 1] - (carry << 4));
}
e[112] = carry;
/* each e[i] is between -8 and 8 */
@ -10762,11 +10770,11 @@ static void slide(sword8 *r, const byte *a)
}
if (r[i] + (r[i + b] << b) <= 31) {
r[i] += (sword8)(r[i + b] << b);
r[i] = (sword8)(r[i] + (r[i + b] << b));
r[i + b] = 0;
}
else if (r[i] - (r[i + b] << b) >= -31) {
r[i] -= (sword8)(r[i + b] << b);
r[i] = (sword8)(r[i] - (r[i + b] << b));
for (k = i + b; k < 448; ++k) {
if (!r[k]) {
r[k] = 1;

15
wolfcrypt/src/ge_operations.c
View File

@ -9125,12 +9125,12 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a)
carry = 0;
for (i = 0;i < 63;++i) {
e[i] += carry;
carry = e[i] + 8;
carry >>= 4;
e[i] -= (signed char)(carry << 4);
e[i] = (signed char)(e[i] + carry);
carry = (signed char)(e[i] + 8);
carry = (signed char)(carry >> 4);
e[i] = (signed char)(e[i] - (carry << 4));
}
e[63] += carry;
e[63] = (signed char)(e[63] + carry);
/* each e[i] is between -8 and 8 */
#ifndef CURVED25519_ASM
@ -9190,9 +9190,10 @@ static void slide(signed char *r,const unsigned char *a)
for (b = 1;b <= 6 && i + b < SLIDE_SIZE;++b) {
if (r[i + b]) {
if (r[i] + (r[i + b] << b) <= 15) {
r[i] += (signed char)(r[i + b] << b); r[i + b] = 0;
r[i] = (signed char)(r[i] + (r[i + b] << b));
r[i + b] = 0;
} else if (r[i] - (r[i + b] << b) >= -15) {
r[i] -= (signed char)(r[i + b] << b);
r[i] = (signed char)(r[i] - (r[i + b] << b));
for (k = i + b;k < SLIDE_SIZE;++k) {
if (!r[k]) {
r[k] = 1;

6
wolfcrypt/src/kdf.c
View File

@ -942,11 +942,11 @@ static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx,
}
else {
/* XOR in as bit shifted index. */
block[WC_SRTP_MAX_SALT - indexSz] ^= index[0] >> bits;
block[WC_SRTP_MAX_SALT - indexSz] ^= (byte)(index[0] >> bits);
for (i = 1; i < indexSz; i++) {
block[i + WC_SRTP_MAX_SALT - indexSz] ^=
(index[i-1] << (8 - bits)) |
(index[i+0] >> bits );
(byte)((index[i-1] << (8 - bits)) |
(index[i+0] >> bits ));
}
}
}

12
wolfcrypt/src/misc.c
View File

@ -118,14 +118,14 @@ masking and clearing memory logic.
/* This routine performs a left circular arithmetic shift of <x> by <y> value */
WC_MISC_STATIC WC_INLINE word16 rotlFixed16(word16 x, word16 y)
{
return (x << y) | (x >> (sizeof(x) * 8 - y));
return (word16)((x << y) | (x >> (sizeof(x) * 8U - y)));
}
/* This routine performs a right circular arithmetic shift of <x> by <y> value */
WC_MISC_STATIC WC_INLINE word16 rotrFixed16(word16 x, word16 y)
{
return (x >> y) | (x << (sizeof(x) * 8 - y));
return (word16)((x >> y) | (x << (sizeof(x) * 8U - y)));
}
/* This routine performs a byte swap of 32-bit word value. */
@ -196,7 +196,7 @@ WC_MISC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
byteCount &= ~0x3U;
for (i = 0; i < byteCount; i += sizeof(word32)) {
for (i = 0; i < byteCount; i += (word32)sizeof(word32)) {
XMEMCPY(&scratch, in_bytes + i, sizeof(scratch));
scratch = ByteReverseWord32(scratch);
XMEMCPY(out_bytes + i, &scratch, sizeof(scratch));
@ -619,11 +619,11 @@ WC_MISC_STATIC WC_INLINE signed char HexCharToByte(char ch)
{
signed char ret = (signed char)ch;
if (ret >= '0' && ret <= '9')
ret -= '0';
ret = (signed char)(ret - '0');
else if (ret >= 'A' && ret <= 'F')
ret -= 'A' - 10;
ret = (signed char)(ret - ('A' - 10));
else if (ret >= 'a' && ret <= 'f')
ret -= 'a' - 10;
ret = (signed char)(ret - ('a' - 10));
else
ret = -1; /* error case - return code must be signed */
return ret;

16
wolfcrypt/src/pkcs12.c
View File

@ -978,7 +978,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
totalSz += 4; /* Element */
totalSz += 2 + sizeof(WC_PKCS12_DATA_OID);
totalSz += 2U + (word32)sizeof(WC_PKCS12_DATA_OID);
totalSz += 4; /* Seq */
@ -1037,7 +1037,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
/* OID */
idx += (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), &buf[idx]);
XMEMCPY(&buf[idx], WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
idx += sizeof(WC_PKCS12_DATA_OID);
idx += (word32)sizeof(WC_PKCS12_DATA_OID);
/* Element */
buf[idx++] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC;
@ -2080,12 +2080,12 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
/* calculate size */
totalSz = (word32)SetObjectId(sizeof(WC_PKCS12_ENCRYPTED_OID), seq);
totalSz += sizeof(WC_PKCS12_ENCRYPTED_OID);
totalSz += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID);
totalSz += ASN_TAG_SZ;
length = (word32)SetMyVersion(0, seq, 0);
tmpSz = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq);
tmpSz += sizeof(WC_PKCS12_DATA_OID);
tmpSz += (word32)sizeof(WC_PKCS12_DATA_OID);
tmpSz += encSz;
length += SetSequence(tmpSz, seq) + tmpSz;
outerSz = SetSequence(length, seq) + length;
@ -2108,7 +2108,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
}
XMEMCPY(out + idx, WC_PKCS12_ENCRYPTED_OID,
sizeof(WC_PKCS12_ENCRYPTED_OID));
idx += sizeof(WC_PKCS12_ENCRYPTED_OID);
idx += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID);
if (idx + 1 > *outSz){
return BUFFER_E;
@ -2149,7 +2149,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
return BUFFER_E;
}
XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
idx += sizeof(WC_PKCS12_DATA_OID);
idx += (word32)sizeof(WC_PKCS12_DATA_OID);
/* copy over encrypted data */
if (idx + encSz > *outSz){
@ -2171,7 +2171,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
if (type == WC_PKCS12_DATA) {
/* calculate size */
totalSz = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq);
totalSz += sizeof(WC_PKCS12_DATA_OID);
totalSz += (word32)sizeof(WC_PKCS12_DATA_OID);
totalSz += ASN_TAG_SZ;
length = SetOctetString(contentSz, seq);
@ -2197,7 +2197,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
return BUFFER_E;
}
XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
idx += sizeof(WC_PKCS12_DATA_OID);
idx += (word32)sizeof(WC_PKCS12_DATA_OID);
if (idx + 1 > *outSz){
return BUFFER_E;

8
wolfcrypt/src/pkcs7.c
View File

@ -7127,7 +7127,7 @@ static int wc_PKCS7_KariGenerateSharedInfo(WC_PKCS7_KARI* kari, int keyWrapOID)
/* suppPubInfo */
suppPubInfoSeqSz = (int)SetImplicit(ASN_SEQUENCE, 2,
(word32)kekOctetSz + sizeof(word32),
(word32)kekOctetSz + (word32)sizeof(word32),
suppPubInfoSeq, 0);
sharedInfoSz += suppPubInfoSeqSz;
@ -8911,9 +8911,9 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kek
return BUFFER_E;
out[0] = (byte)cekSz;
out[1] = ~cek[0];
out[2] = ~cek[1];
out[3] = ~cek[2];
out[1] = (byte)~cek[0];
out[2] = (byte)~cek[1];
out[3] = (byte)~cek[2];
XMEMCPY(out + 4, cek, cekSz);
/* random padding of size padSz */

4
wolfcrypt/src/pwdbased.c
View File

@ -826,7 +826,7 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
goto end;
}
/* Temporary for scryptROMix. */
v = (byte*)XMALLOC((size_t)((1 << cost) * bSz), NULL,
v = (byte*)XMALLOC((size_t)((1U << cost) * bSz), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (v == NULL) {
ret = MEMORY_E;
@ -848,7 +848,7 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
/* Step 2. */
for (i = 0; i < parallel; i++)
scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1 << cost);
scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1U << cost);
/* Step 3. */
ret = wc_PBKDF2(output, passwd, passLen, blocks, (int)blocksSz, 1, dkLen,

4
wolfcrypt/src/random.c
View File

@ -598,14 +598,14 @@ static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen
dIdx = (int)dLen - 1;
for (sIdx = (int)sLen - 1; sIdx >= 0; sIdx--) {
carry += (word16)((word16)d[dIdx] + (word16)s[sIdx]);
carry = (word16)(carry + d[dIdx] + s[sIdx]);
d[dIdx] = (byte)carry;
carry >>= 8;
dIdx--;
}
for (; dIdx >= 0; dIdx--) {
carry += (word16)d[dIdx];
carry = (word16)(carry + d[dIdx]);
d[dIdx] = (byte)carry;
carry >>= 8;
}

22
wolfcrypt/src/sha3.c
View File

@ -550,7 +550,7 @@ void BlockSha3(word64* s)
#ifndef SHA3_BY_SPEC
word64 t1;
#endif
byte i;
word32 i;
for (i = 0; i < 24; i += 2)
{
@ -694,7 +694,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
}
data += i;
len -= i;
sha3->i += (byte) i;
sha3->i = (byte)(sha3->i + i);
if (sha3->i == p * 8) {
for (i = 0; i < p; i++) {
@ -708,12 +708,12 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
sha3->i = 0;
}
}
blocks = len / (p * 8);
blocks = len / (p * 8U);
#ifdef USE_INTEL_SPEEDUP
if ((SHA3_BLOCK_N != NULL) && (blocks > 0)) {
(*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8);
len -= blocks * (p * 8);
data += blocks * (p * 8);
(*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8U);
len -= blocks * (p * 8U);
data += blocks * (p * 8U);
blocks = 0;
}
#endif
@ -726,15 +726,15 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
#else
BlockSha3(sha3->s);
#endif
len -= p * 8;
data += p * 8;
len -= p * 8U;
data += p * 8U;
}
#if defined(WOLFSSL_LINUXKM) && defined(USE_INTEL_SPEEDUP)
if (SHA3_BLOCK == sha3_block_avx2)
RESTORE_VECTOR_REGISTERS();
#endif
XMEMCPY(sha3->t, data, len);
sha3->i += (byte)len;
sha3->i = (byte)(sha3->i + len);
return 0;
}
@ -749,7 +749,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
*/
static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
{
word32 rate = p * 8;
word32 rate = p * 8U;
word32 j;
word32 i;
@ -761,7 +761,7 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
sha3->t[sha3->i ] = padChar;
sha3->t[rate - 1] |= 0x80;
if (rate - 1 > (word32)sha3->i + 1) {
XMEMSET(sha3->t + sha3->i + 1, 0, rate - 1 - (sha3->i + 1));
XMEMSET(sha3->t + sha3->i + 1, 0, rate - 1U - (sha3->i + 1U));
}
for (i = 0; i < p; i++) {
sha3->s[i] ^= Load64BitBigEndian(sha3->t + 8 * i);

6
wolfcrypt/src/siphash.c
View File

@ -256,14 +256,14 @@ int wc_SipHashUpdate(SipHash* sipHash, const unsigned char* in, word32 inSz)
if ((ret == 0) && (inSz > 0)) {
/* Add to cache if already started. */
if (sipHash->cacheCnt > 0) {
byte len = SIPHASH_BLOCK_SIZE - sipHash->cacheCnt;
byte len = (byte)(SIPHASH_BLOCK_SIZE - sipHash->cacheCnt);
if (len > inSz) {
len = (byte)inSz;
}
XMEMCPY(sipHash->cache + sipHash->cacheCnt, in, len);
in += len;
inSz -= len;
sipHash->cacheCnt += len;
sipHash->cacheCnt = (byte)(sipHash->cacheCnt + len);
if (sipHash->cacheCnt == SIPHASH_BLOCK_SIZE) {
/* Compress the block from the cache. */
@ -331,7 +331,7 @@ int wc_SipHashFinal(SipHash* sipHash, unsigned char* out, unsigned char outSz)
if (ret == 0) {
/* Put in remaining cached message bytes. */
XMEMSET(sipHash->cache + sipHash->cacheCnt, 0, 7 - sipHash->cacheCnt);
XMEMSET(sipHash->cache + sipHash->cacheCnt, 0, 7U - sipHash->cacheCnt);
sipHash->cache[7] = (byte)(sipHash->inCnt + sipHash->cacheCnt);
SipHashCompress(sipHash, sipHash->cache);

20
wolfcrypt/src/sp_arm64.c
View File

@ -24258,7 +24258,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_4_6[y];
v[i].neg = recode_neg_4_6[y];
carry = (y >> 6) + v[i].neg;
@ -27341,7 +27341,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_4_7[y];
v[i].neg = recode_neg_4_7[y];
carry = (y >> 7) + v[i].neg;
@ -39445,7 +39445,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
p->infinity = !v[i].i;
sp_256_sub_4(negy, p256_mod, p->y);
sp_256_norm_4(negy);
sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg);
sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_256_proj_point_add_qz1_4(rt, rt, p, tmp);
}
if (map != 0) {
@ -45220,7 +45220,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_6_6[y];
v[i].neg = recode_neg_6_6[y];
carry = (y >> 6) + v[i].neg;
@ -48267,7 +48267,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_6_7[y];
v[i].neg = recode_neg_6_7[y];
carry = (y >> 7) + v[i].neg;
@ -66185,7 +66185,7 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g,
p->infinity = !v[i].i;
sp_384_sub_6(negy, p384_mod, p->y);
sp_384_norm_6(negy);
sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg);
sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_384_proj_point_add_qz1_6(rt, rt, p, tmp);
}
if (map != 0) {
@ -73577,7 +73577,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_6[y];
v[i].neg = recode_neg_9_6[y];
carry = (y >> 6) + v[i].neg;
@ -77323,7 +77323,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_7[y];
v[i].neg = recode_neg_9_7[y];
carry = (y >> 7) + v[i].neg;
@ -111319,7 +111319,7 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g,
p->infinity = !v[i].i;
sp_521_sub_9(negy, p521_mod, p->y);
sp_521_norm_9(negy);
sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg);
sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_521_proj_point_add_qz1_9(rt, rt, p, tmp);
}
if (map != 0) {
@ -117664,7 +117664,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_16_7[y];
v[i].neg = recode_neg_16_7[y];
carry = (y >> 7) + v[i].neg;

8
wolfcrypt/src/sp_c32.c
View File

@ -22446,7 +22446,7 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_6[y];
v[i].neg = recode_neg_9_6[y];
carry = (y >> 6) + v[i].neg;
@ -29915,7 +29915,7 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_15_6[y];
v[i].neg = recode_neg_15_6[y];
carry = (y >> 6) + v[i].neg;
@ -37434,7 +37434,7 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_21_6[y];
v[i].neg = recode_neg_21_6[y];
carry = (y >> 6) + v[i].neg;
@ -46251,7 +46251,7 @@ static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_42_7[y];
v[i].neg = recode_neg_42_7[y];
carry = (y >> 7) + v[i].neg;

8
wolfcrypt/src/sp_c64.c
View File

@ -23382,7 +23382,7 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_5_6[y];
v[i].neg = recode_neg_5_6[y];
carry = (y >> 6) + v[i].neg;
@ -30318,7 +30318,7 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_7_6[y];
v[i].neg = recode_neg_7_6[y];
carry = (y >> 6) + v[i].neg;
@ -37715,7 +37715,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_6[y];
v[i].neg = recode_neg_9_6[y];
carry = (y >> 6) + v[i].neg;
@ -45594,7 +45594,7 @@ static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_18_7[y];
v[i].neg = recode_neg_18_7[y];
carry = (y >> 7) + v[i].neg;

132
wolfcrypt/src/sp_int.c
View File

@ -176,7 +176,7 @@ This library provides single precision (SP) integer math functions.
/* Array declared on stack - check size is valid. */
#define ALLOC_SP_INT(n, s, err, h) \
do { \
if (((err) == MP_OKAY) && ((s) > SP_INT_DIGITS)) { \
if (((err) == MP_OKAY) && ((s) > (int)SP_INT_DIGITS)) { \
(err) = MP_VAL; \
} \
} \
@ -5306,7 +5306,7 @@ void sp_forcezero(sp_int* a)
/* Zeroize when a vald pointer passed in. */
if (a != NULL) {
/* Ensure all data zeroized - data not zeroed when used decreases. */
ForceZero(a->dp, a->size * SP_WORD_SIZEOF);
ForceZero(a->dp, a->size * (word32)SP_WORD_SIZEOF);
/* Set back to zero. */
#ifdef HAVE_WOLF_BIGINT
/* Zeroize the raw data as well. */
@ -5333,7 +5333,7 @@ static void _sp_copy(const sp_int* a, sp_int* r)
r->dp[0] = 0;
}
else {
XMEMCPY(r->dp, a->dp, a->used * SP_WORD_SIZEOF);
XMEMCPY(r->dp, a->dp, a->used * (word32)SP_WORD_SIZEOF);
}
/* Set number of used words in result. */
r->used = a->used;
@ -6072,7 +6072,7 @@ int sp_set_bit(sp_int* a, int i)
a->dp[w] |= (sp_int_digit)1 << s;
/* Update used if necessary */
if (a->used <= w) {
a->used = w + 1;
a->used = (sp_size_t)(w + 1U);
}
}
@ -7317,7 +7317,7 @@ static void _sp_div_2(const sp_int* a, sp_int* r)
/* Last word only needs to be shifted down. */
r->dp[i] = a->dp[i] >> 1;
/* Set used to be all words seen. */
r->used = (sp_size_t)i + 1;
r->used = (sp_size_t)(i + 1);
/* Remove leading zeros. */
sp_clamp(r);
#ifdef WOLFSSL_SP_INT_NEGATIVE
@ -7438,7 +7438,7 @@ int sp_div_2_mod_ct(const sp_int* a, const sp_int* m, sp_int* r)
r->dp[i] = l;
#endif
/* Used includes carry - set or not. */
r->used = i + 1;
r->used = (sp_size_t)(i + 1);
#ifdef WOLFSSL_SP_INT_NEGATIVE
r->sign = MP_ZPOS;
#endif
@ -7826,7 +7826,7 @@ static int _sp_addmod(const sp_int* a, const sp_int* b, const sp_int* m,
{
int err = MP_OKAY;
/* Calculate used based on digits used in a and b. */
sp_size_t used = ((a->used >= b->used) ? a->used + 1 : b->used + 1);
sp_size_t used = (sp_size_t)(((a->used >= b->used) ? a->used + 1U : b->used + 1U));
DECL_SP_INT(t, used);
/* Allocate a temporary SP int to hold sum. */
@ -7914,8 +7914,8 @@ static int _sp_submod(const sp_int* a, const sp_int* b, const sp_int* m,
int err = MP_OKAY;
#ifndef WOLFSSL_SP_INT_NEGATIVE
unsigned int used = ((a->used >= m->used) ?
((a->used >= b->used) ? (a->used + 1) : (b->used + 1)) :
((b->used >= m->used)) ? (b->used + 1) : (m->used + 1));
((a->used >= b->used) ? (a->used + 1U) : (b->used + 1U)) :
((b->used >= m->used)) ? (b->used + 1U) : (m->used + 1U));
DECL_SP_INT_ARRAY(t, used, 2);
ALLOC_SP_INT_ARRAY(t, used, 2, err, NULL);
@ -8406,11 +8406,11 @@ int sp_lshd(sp_int* a, int s)
}
if (err == MP_OKAY) {
/* Move up digits. */
XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF);
XMEMMOVE(a->dp + s, a->dp, a->used * (word32)SP_WORD_SIZEOF);
/* Back fill with zeros. */
XMEMSET(a->dp, 0, (size_t)s * SP_WORD_SIZEOF);
/* Update used. */
a->used += (sp_size_t)s;
a->used = (sp_size_t)(a->used + s);
/* Remove leading zeros. */
sp_clamp(a);
}
@ -8447,7 +8447,7 @@ static int sp_lshb(sp_int* a, int n)
}
if (err == MP_OKAY) {
/* Get count of bits to move in digit. */
n &= SP_WORD_MASK;
n &= (int)SP_WORD_MASK;
/* Check whether this is a complicated case. */
if (n != 0) {
unsigned int i;
@ -8456,7 +8456,7 @@ static int sp_lshb(sp_int* a, int n)
/* Get new most significant digit. */
sp_int_digit v = a->dp[a->used - 1] >> (SP_WORD_SIZE - n);
/* Shift up each digit. */
for (i = a->used - 1; i >= 1; i--) {
for (i = a->used - 1U; i >= 1U; i--) {
a->dp[i + s] = (a->dp[i] << n) |
(a->dp[i - 1] >> (SP_WORD_SIZE - n));
}
@ -8471,13 +8471,13 @@ static int sp_lshb(sp_int* a, int n)
/* Only digits to move and ensure not zero. */
else if (s > 0) {
/* Move up digits. */
XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF);
XMEMMOVE(a->dp + s, a->dp, a->used * (word32)SP_WORD_SIZEOF);
}
/* Update used digit count. */
a->used += s;
a->used = (sp_size_t)(a->used + s);
/* Back fill with zeros. */
XMEMSET(a->dp, 0, SP_WORD_SIZEOF * s);
XMEMSET(a->dp, 0, (word32)SP_WORD_SIZEOF * s);
}
}
@ -8504,7 +8504,7 @@ void sp_rshd(sp_int* a, int c)
sp_size_t i;
/* Update used digits count. */
a->used -= (sp_size_t)c;
a->used = (sp_size_t)(a->used - c);
/* Move digits down. */
for (i = 0; i < a->used; i++, c++) {
a->dp[i] = a->dp[c];
@ -8548,13 +8548,13 @@ int sp_rshb(const sp_int* a, int n, sp_int* r)
/* Handle simple case. */
if (n == 0) {
/* Set the count of used digits. */
r->used = a->used - i;
r->used = (sp_size_t)(a->used - i);
/* Move digits down. */
if (r == a) {
XMEMMOVE(r->dp, r->dp + i, SP_WORD_SIZEOF * r->used);
XMEMMOVE(r->dp, r->dp + i, (word32)SP_WORD_SIZEOF * r->used);
}
else {
XMEMCPY(r->dp, a->dp + i, SP_WORD_SIZEOF * r->used);
XMEMCPY(r->dp, a->dp + i, (word32)SP_WORD_SIZEOF * r->used);
}
}
else {
@ -8591,7 +8591,7 @@ static void _sp_div_same_size(sp_int* a, const sp_int* d, sp_int* r)
sp_size_t i;
/* Compare top digits of dividend with those of divisor up to last. */
for (i = d->used - 1; i > 0; i--) {
for (i = (sp_size_t)(d->used - 1U); i > 0; i--) {
/* Break if top divisor is not equal to dividend. */
if (a->dp[a->used - d->used + i] != d->dp[i]) {
break;
@ -8604,7 +8604,7 @@ static void _sp_div_same_size(sp_int* a, const sp_int* d, sp_int* r)
/* Get 'used' to restore - ensure zeros put into quotient. */
i = a->used;
/* Subtract d from top of a. */
_sp_sub_off(a, d, a, a->used - d->used);
_sp_sub_off(a, d, a, (sp_size_t)(a->used - d->used));
/* Restore 'used' on remainder. */
a->used = i;
}
@ -8661,7 +8661,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial)
/* Keep subtracting multiples of d as long as the digit count of a is
* greater than equal to d.
*/
for (i = a->used - 1; i >= d->used; i--) {
for (i = (sp_size_t)(a->used - 1U); i >= d->used; i--) {
/* When top digits equal, guestimate maximum multiplier.
* Worst case, multiplier is actually SP_DIGIT_MAX - 1.
* That is, for w (word size in bits) > 1, n > 1, let:
@ -8715,7 +8715,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial)
}
#else
/* Index of lowest digit trial is subtracted from. */
o = i - d->used;
o = (sp_size_t)(i - d->used);
do {
#ifndef SQR_MUL_ASM
sp_int_word tw = 0;
@ -8784,7 +8784,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial)
#endif /* WOLFSSL_SP_SMALL */
}
/* Update used. */
a->used = i + 1;
a->used = (sp_size_t)(i + 1U);
if (a->used == d->used) {
/* Finish div now that length of dividend is same as divisor. */
_sp_div_same_size(a, d, r);
@ -8918,12 +8918,12 @@ static int _sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem,
trial = td[1];
/* Initialize sizes to minimal values. */
_sp_init_size(sd, d->used + 1);
_sp_init_size(sd, (sp_size_t)(d->used + 1U));
_sp_init_size(trial, used);
/* Move divisor to top of word. Adjust dividend as well. */
s = sp_count_bits(d);
s = SP_WORD_SIZE - (s & SP_WORD_MASK);
s = SP_WORD_SIZE - (s & (int)SP_WORD_MASK);
_sp_copy(a, sa);
/* Only shift if top bit of divisor no set. */
if (s != SP_WORD_SIZE) {
@ -9012,7 +9012,7 @@ int sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem)
/* May need to shift number being divided left into a new word. */
int bits = SP_WORD_SIZE - (sp_count_bits(d) % SP_WORD_SIZE);
if ((bits != SP_WORD_SIZE) &&
(sp_count_bits(a) + bits > SP_INT_DIGITS * SP_WORD_SIZE)) {
(sp_count_bits(a) + bits > (int)(SP_INT_DIGITS * SP_WORD_SIZE))) {
err = MP_VAL;
}
else {
@ -9020,7 +9020,7 @@ int sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem)
}
}
else {
used = a->used + 1;
used = (sp_size_t)(a->used + 1U);
}
}
@ -9282,7 +9282,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
}
for (; k <= (sp_size_t)((a->used - 1) + (b->used - 1)); k++) {
j = (int)(b->used - 1);
i = k - (sp_size_t)j;
i = (sp_size_t)(k - (sp_size_t)j);
for (; (i < a->used) && (j >= 0); i++, j--) {
SP_ASM_MUL_ADD(l, h, o, a->dp[i], b->dp[j]);
}
@ -9350,7 +9350,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
o = 0;
#endif
for (k = 1; (int)k <= ((int)a->used - 1) + ((int)b->used - 1); k++) {
i = k - (sp_size_t)(b->used - 1);
i = (sp_size_t)(k - (b->used - 1));
i &= (sp_size_t)(((unsigned int)i >> (sizeof(i) * 8 - 1)) - 1U);
j = (int)(k - i);
for (; (i < a->used) && (j >= 0); i++, j--) {
@ -12152,7 +12152,7 @@ static int _sp_mulmod_tmp(const sp_int* a, const sp_int* b, const sp_int* m,
ALLOC_SP_INT(t, a->used + b->used, err, NULL);
if (err == MP_OKAY) {
err = sp_init_size(t, a->used + b->used);
err = sp_init_size(t, (sp_size_t)(a->used + b->used));
}
/* Multiply and reduce. */
@ -12388,7 +12388,7 @@ static int _sp_invmod_div(const sp_int* a, const sp_int* m, sp_int* x,
ALLOC_SP_INT(d, m->used + 1, err, NULL);
if (err == MP_OKAY) {
err = sp_init_size(d, m->used + 1);
err = sp_init_size(d, (sp_size_t)(m->used + 1U));
}
if (err == MP_OKAY) {
@ -12532,7 +12532,7 @@ static int _sp_invmod(const sp_int* a, const sp_int* m, sp_int* r)
* - x3 one word larger than modulus
* - x1 one word longer than twice modulus used
*/
ALLOC_SP_INT_ARRAY(t, m->used + 1, 3, err, NULL);
ALLOC_SP_INT_ARRAY(t, m->used + 1U, 3, err, NULL);
ALLOC_SP_INT(c, 2 * m->used + 1, err, NULL);
if (err == MP_OKAY) {
u = t[0];
@ -12543,16 +12543,16 @@ static int _sp_invmod(const sp_int* a, const sp_int* m, sp_int* r)
/* Initialize intermediate values with minimal sizes. */
if (err == MP_OKAY) {
err = sp_init_size(u, m->used + 1);
err = sp_init_size(u, (sp_size_t)(m->used + 1U));
}
if (err == MP_OKAY) {
err = sp_init_size(v, m->used + 1);
err = sp_init_size(v, (sp_size_t)(m->used + 1U));
}
if (err == MP_OKAY) {
err = sp_init_size(b, m->used + 1);
err = sp_init_size(b, (sp_size_t)(m->used + 1U));
}
if (err == MP_OKAY) {
err = sp_init_size(c, (sp_size_t)(2 * m->used + 1));
err = sp_init_size(c, (sp_size_t)(2U * m->used + 1U));
}
if (err == MP_OKAY) {
@ -12747,10 +12747,10 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
#endif
#ifndef WOLFSSL_SP_NO_MALLOC
ALLOC_DYN_SP_INT_ARRAY(pre, m->used * 2 + 1, CT_INV_MOD_PRE_CNT + 2, err,
ALLOC_DYN_SP_INT_ARRAY(pre, m->used * 2U + 1U, CT_INV_MOD_PRE_CNT + 2, err,
NULL);
#else
ALLOC_SP_INT_ARRAY(pre, m->used * 2 + 1, CT_INV_MOD_PRE_CNT + 2, err, NULL);
ALLOC_SP_INT_ARRAY(pre, m->used * 2U + 1U, CT_INV_MOD_PRE_CNT + 2, err, NULL);
#endif
if (err == MP_OKAY) {
t = pre[CT_INV_MOD_PRE_CNT + 0];
@ -12994,7 +12994,7 @@ static int _sp_exptmod_ex(const sp_int* b, const sp_int* e, int bits,
ALLOC_SP_INT_ARRAY(t, 2 * m->used + 1, 2, err, NULL);
#else
/* Working SP int needed when cache resistant. */
ALLOC_SP_INT_ARRAY(t, 2 * m->used + 1, 3, err, NULL);
ALLOC_SP_INT_ARRAY(t, 2U * m->used + 1U, 3, err, NULL);
#endif
if (err == MP_OKAY) {
/* Initialize temporaries. */
@ -13054,7 +13054,7 @@ static int _sp_exptmod_ex(const sp_int* b, const sp_int* e, int bits,
if (err == MP_OKAY) {
/* 4.2. y = e[i] */
int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1);
int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & (int)SP_WORD_MASK)) & 1);
/* 4.3. j = y & s */
int j = y & s;
/* 4.4 s = s | y */
@ -13226,7 +13226,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
DECL_SP_INT_ARRAY(t, m->used * 2 + 1, 4);
/* Allocate temporaries. */
ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, 4, err, NULL);
ALLOC_SP_INT_ARRAY(t, m->used * 2U + 1U, 4, err, NULL);
if (err == MP_OKAY) {
/* Initialize temporaries. */
_sp_init_size(t[0], (sp_size_t)(m->used * 2 + 1));
@ -13266,7 +13266,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
}
if (err == MP_OKAY) {
/* t[0] = t[0] mod m, temporary size has to be bigger than t[0]. */
err = _sp_div(t[0], m, NULL, t[0], t[0]->used + 1);
err = _sp_div(t[0], m, NULL, t[0], t[0]->used + 1U);
}
if (err == MP_OKAY) {
/* 4. t[1] = t[0]
@ -13293,7 +13293,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
if (err == MP_OKAY) {
/* 6.2. y = e[i] */
int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1);
int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & (int)SP_WORD_MASK)) & 1);
/* 6.3 j = y & s */
int j = y & s;
/* 6.4 s = s | y */
@ -13761,10 +13761,10 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m,
* - constant time add value for mod operation
* - temporary result
*/
ALLOC_SP_INT_ARRAY(d, m->used * 2 + 1, 2, err, NULL);
ALLOC_SP_INT_ARRAY(d, m->used * 2U + 1U, 2, err, NULL);
#else
/* Allocate sp_int for temporary result. */
ALLOC_SP_INT(tr, m->used * 2 + 1, err, NULL);
ALLOC_SP_INT(tr, m->used * 2U + 1U, err, NULL);
#endif
if (err == MP_OKAY) {
#ifndef WC_NO_HARDEN
@ -14223,9 +14223,9 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
* - Montgomery form of base
*/
#ifndef WOLFSSL_SP_NO_MALLOC
ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2U + 1U, (size_t)preCnt + 2, err, NULL);
#else
ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
ALLOC_SP_INT_ARRAY(t, m->used * 2U + 1U, (size_t)preCnt + 2, err, NULL);
#endif
if (err == MP_OKAY) {
/* Set variables to use allocate memory. */
@ -14269,7 +14269,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
}
if (err == MP_OKAY) {
/* bm = bm mod m, temporary size has to be bigger than bm->used. */
err = _sp_div(bm, m, NULL, bm, bm->used + 1);
err = _sp_div(bm, m, NULL, bm, bm->used + 1U);
}
if (err == MP_OKAY) {
/* Copy Montgomery form of base into first element of table. */
@ -14739,7 +14739,7 @@ int sp_mod_2d(const sp_int* a, int e, sp_int* r)
if (err == MP_OKAY) {
/* Copy a into r if not same pointer. */
if (a != r) {
XMEMCPY(r->dp, a->dp, digits * SP_WORD_SIZEOF);
XMEMCPY(r->dp, a->dp, digits * (word32)SP_WORD_SIZEOF);
r->used = a->used;
#ifdef WOLFSSL_SP_INT_NEGATIVE
r->sign = a->sign;
@ -14953,7 +14953,7 @@ static int _sp_sqr(const sp_int* a, sp_int* r)
}
if (err == MP_OKAY) {
r->used = a->used * 2;
r->used = (sp_size_t)(a->used * 2U);
sp_clamp(r);
}
@ -17296,7 +17296,7 @@ static int _sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r)
ALLOC_SP_INT(t, a->used * 2, err, NULL);
if (err == MP_OKAY) {
err = sp_init_size(t, a->used * 2);
err = sp_init_size(t, a->used * 2U);
}
/* Square and reduce. */
@ -17511,7 +17511,7 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
/* 4. a = a mod m
* Always subtract but at a too high offset if a is less than m.
*/
_sp_submod_ct(a, m, m, m->used + 1, a);
_sp_submod_ct(a, m, m, m->used + 1U, a);
}
@ -17842,7 +17842,7 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
/* Constant time clamping. */
sp_clamp_ct(a);
_sp_submod_ct(a, m, m, m->used + 1, a);
_sp_submod_ct(a, m, m, m->used + 1U, a);
}
#if 0
@ -18259,7 +18259,7 @@ int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz)
/* Put each digit in. */
i = 0;
for (j = outSz - 1; j >= 0; ) {
int b;
unsigned int b;
d = a->dp[i];
/* Place each byte of a digit into the buffer. */
for (b = 0; (j >= 0) && (b < SP_WORD_SIZEOF); b++) {
@ -18386,7 +18386,7 @@ static int _sp_read_radix_16(sp_int* a, const char* in)
a->dp[j] = d;
}
/* Update used count. */
a->used = j + 1;
a->used = (sp_size_t)(j + 1U);
/* Remove leading zeros. */
sp_clamp(a);
}
@ -18424,7 +18424,7 @@ static int _sp_read_radix_10(sp_int* a, const char* in)
/* Check character is valid. */
if ((ch >= '0') && (ch <= '9')) {
/* Assume '0'..'9' are continuous values as characters. */
ch -= '0';
ch = (char)(ch - '0');
}
else {
if (CharIsWhiteSpace(ch))
@ -19280,9 +19280,9 @@ static int _sp_prime_trials(const sp_int* a, int trials, int* result)
n1 = t[0];
r = t[1];
_sp_init_size(n1, a->used + 1);
_sp_init_size(r, a->used + 1);
_sp_init_size(b, (sp_size_t)(a->used * 2 + 1));
_sp_init_size(n1, a->used + 1U);
_sp_init_size(r, a->used + 1U);
_sp_init_size(b, (sp_size_t)(a->used * 2U + 1U));
/* Do requested number of trials of Miller-Rabin test. */
for (i = 0; i < trials; i++) {
@ -19404,10 +19404,10 @@ static int _sp_prime_random_trials(const sp_int* a, int trials, int* result,
sp_int* b = d[0];
sp_int* r = d[1];
_sp_init_size(c , a->used + 1);
_sp_init_size(n1, a->used + 1);
_sp_init_size(b , (sp_size_t)(a->used * 2 + 1));
_sp_init_size(r , (sp_size_t)(a->used * 2 + 1));
_sp_init_size(c , a->used + 1U);
_sp_init_size(n1, a->used + 1U);
_sp_init_size(b , (sp_size_t)(a->used * 2U + 1U));
_sp_init_size(r , (sp_size_t)(a->used * 2U + 1U));
_sp_sub_d(a, 2, c);
@ -19574,7 +19574,7 @@ static WC_INLINE int _sp_gcd(const sp_int* a, const sp_int* b, sp_int* r)
/* Used for swapping sp_ints. */
sp_int* s;
/* Determine maximum digit length numbers will reach. */
unsigned int used = (a->used >= b->used) ? a->used + 1 : b->used + 1;
unsigned int used = (a->used >= b->used) ? a->used + 1U : b->used + 1U;
DECL_SP_INT_ARRAY(d, used, 3);
SAVE_VECTOR_REGISTERS(err = _svr_ret;);

26
wolfcrypt/src/sp_x86_64.c
View File

@ -9435,7 +9435,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_4_6[y];
v[i].neg = recode_neg_4_6[y];
carry = (y >> 6) + v[i].neg;
@ -12110,7 +12110,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_4_7[y];
v[i].neg = recode_neg_4_7[y];
carry = (y >> 7) + v[i].neg;
@ -24173,7 +24173,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
p->infinity = !v[i].i;
sp_256_sub_4(negy, p256_mod, p->y);
sp_256_norm_4(negy);
sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg);
sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_256_proj_point_add_qz1_4(rt, rt, p, tmp);
}
if (map != 0) {
@ -24306,7 +24306,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
p->infinity = !v[i].i;
sp_256_sub_4(negy, p256_mod, p->y);
sp_256_norm_4(negy);
sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg);
sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_256_proj_point_add_qz1_avx2_4(rt, rt, p, tmp);
}
if (map != 0) {
@ -28596,7 +28596,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_6_6[y];
v[i].neg = recode_neg_6_6[y];
carry = (y >> 6) + v[i].neg;
@ -31330,7 +31330,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_6_7[y];
v[i].neg = recode_neg_6_7[y];
carry = (y >> 7) + v[i].neg;
@ -49207,7 +49207,7 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g,
p->infinity = !v[i].i;
sp_384_sub_6(negy, p384_mod, p->y);
sp_384_norm_6(negy);
sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg);
sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_384_proj_point_add_qz1_6(rt, rt, p, tmp);
}
if (map != 0) {
@ -49340,7 +49340,7 @@ static int sp_384_ecc_mulmod_add_only_avx2_6(sp_point_384* r, const sp_point_384
p->infinity = !v[i].i;
sp_384_sub_6(negy, p384_mod, p->y);
sp_384_norm_6(negy);
sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg);
sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_384_proj_point_add_qz1_avx2_6(rt, rt, p, tmp);
}
if (map != 0) {
@ -53526,7 +53526,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_6[y];
v[i].neg = recode_neg_9_6[y];
carry = (y >> 6) + v[i].neg;
@ -56363,7 +56363,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_9_7[y];
v[i].neg = recode_neg_9_7[y];
carry = (y >> 7) + v[i].neg;
@ -90300,7 +90300,7 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g,
p->infinity = !v[i].i;
sp_521_sub_9(negy, p521_mod, p->y);
sp_521_norm_9(negy);
sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg);
sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_521_proj_point_add_qz1_9(rt, rt, p, tmp);
}
if (map != 0) {
@ -90433,7 +90433,7 @@ static int sp_521_ecc_mulmod_add_only_avx2_9(sp_point_521* r, const sp_point_521
p->infinity = !v[i].i;
sp_521_sub_9(negy, p521_mod, p->y);
sp_521_norm_9(negy);
sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg);
sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
sp_521_proj_point_add_qz1_avx2_9(rt, rt, p, tmp);
}
if (map != 0) {
@ -94820,7 +94820,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v)
n >>= o;
}
y += (word8)carry;
y = (word8)(y + carry);
v[i].i = recode_index_16_7[y];
v[i].neg = recode_neg_16_7[y];
carry = (y >> 7) + v[i].neg;

8
wolfcrypt/src/wc_port.c
View File

@ -1186,10 +1186,10 @@ int wc_strcasecmp(const char *s1, const char *s2)
for (;;++s1, ++s2) {
c1 = *s1;
if ((c1 >= 'a') && (c1 <= 'z'))
c1 -= ('a' - 'A');
c1 = (char)(c1 - ('a' - 'A'));
c2 = *s2;
if ((c2 >= 'a') && (c2 <= 'z'))
c2 -= ('a' - 'A');
c2 = (char)(c2 - ('a' - 'A'));
if ((c1 != c2) || (c1 == 0))
break;
}
@ -1204,10 +1204,10 @@ int wc_strncasecmp(const char *s1, const char *s2, size_t n)
for (c1 = 0, c2 = 0; n > 0; --n, ++s1, ++s2) {
c1 = *s1;
if ((c1 >= 'a') && (c1 <= 'z'))
c1 -= ('a' - 'A');
c1 = (char)(c1 - ('a' - 'A'));
c2 = *s2;
if ((c2 >= 'a') && (c2 <= 'z'))
c2 -= ('a' - 'A');
c2 = (char)(c2 - ('a' - 'A'));
if ((c1 != c2) || (c1 == 0))
break;
}