bn_exp.c

RMI的处理器au1200系列所用的BOOTLOAD,包括SD卡启动USB启动硬盘启动网络启动,并初始化硬件的所有参数,支持内核调试.

/* crypto/bn/bn_exp.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
/* ====================================================================
 * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

/* modifications by Reinhard Wobst 2004/09/20:
 * BIGNUM val[TABLE_SIZE] is too large for the embedded stack,
 * so the extern accessor sps_dve_getvalbuf() will return the pointer:
 */

#ifndef ORIGINAL_SSL_CODE
#include "conf.h"		/* sps_dve_getvalbuf() type */
#endif

#include <stdio.h>
#include "cryptlib.h"
#include "bn_lcl.h"
#ifdef ATALLA
# include <alloca.h>
# include <atasi.h>
# include <assert.h>
# include <dlfcn.h>
#endif

#include "workaround.h"

#define TABLE_SIZE	32

/* slow but works */
int BN_mod_mul(BIGNUM * ret, BIGNUM * a, BIGNUM * b, const BIGNUM * m,
	       BN_CTX * ctx)
{
    BIGNUM *t;
    int r = 0;

    bn_check_top(a);
    bn_check_top(b);
    bn_check_top(m);

    BN_CTX_start(ctx);
    if ((t = BN_CTX_get(ctx)) == NULL)
	goto err;
    if (a == b) {
	if (!BN_sqr(t, a, ctx))
	    goto err;
    } else {
	if (!BN_mul(t, a, b, ctx))
	    goto err;
    }
    if (!BN_mod(ret, t, m, ctx))
	goto err;
    r = 1;
  err:
    BN_CTX_end(ctx);
    return (r);
}


/* this one works - simple but works */
#if 0
int BN_exp(BIGNUM * r, BIGNUM * a, BIGNUM * p, BN_CTX * ctx)
{
    int i, bits, ret = 0;
    BIGNUM *v, *rr;

    BN_CTX_start(ctx);
    if ((r == a) || (r == p))
	rr = BN_CTX_get(ctx);
    else
	rr = r;
    if ((v = BN_CTX_get(ctx)) == NULL)
	goto err;

    if (BN_copy(v, a) == NULL)
	goto err;
    bits = BN_num_bits(p);

    if (BN_is_odd(p)) {
	if (BN_copy(rr, a) == NULL)
	    goto err;
    } else {
	if (!BN_one(rr))
	    goto err;
    }

    for (i = 1; i < bits; i++) {
	if (!BN_sqr(v, v, ctx))
	    goto err;
	if (BN_is_bit_set(p, i)) {
	    if (!BN_mul(rr, rr, v, ctx))
		goto err;
	}
    }
    ret = 1;
  err:
    if (r != rr)
	BN_copy(r, rr);
    BN_CTX_end(ctx);
    return (ret);
}
#endif


#ifdef ATALLA

/*
 * This routine will dynamically check for the existance of an Atalla AXL-200
 * SSL accelerator module.  If one is found, the variable
 * asi_accelerator_present is set to 1 and the function pointers
 * ptr_ASI_xxxxxx above will be initialized to corresponding ASI API calls.
 */
typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
					    unsigned int *ret_buf);
typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
				     unsigned char *output,
				     unsigned char *input,
				     unsigned int modulus_len);

static tfnASI_GetHardwareConfig *ptr_ASI_GetHardwareConfig;
static tfnASI_RSAPrivateKeyOpFn *ptr_ASI_RSAPrivateKeyOpFn;
static tfnASI_GetPerformanceStatistics *ptr_ASI_GetPerformanceStatistics;
static int asi_accelerator_present;
static int tried_atalla;

void atalla_initialize_accelerator_handle(void)
{
    void *dl_handle;
    int status;
    unsigned int config_buf[1024];
    static int tested;

    if (tested)
	return;

    tested = 1;

    bzero((void *) config_buf, 1024);

    /*
     * Check to see if the library is present on the system
     */
    dl_handle = dlopen("atasi.so", RTLD_NOW);
    if (dl_handle == (void *) NULL) {
/*		printf("atasi.so library is not present on the system\n");
		printf("No HW acceleration available\n");*/
	return;
    }

    /*
     * The library is present.  Now we'll check to insure that the
     * LDM is up and running. First we'll get the address of the
     * function in the atasi library that we need to see if the
     * LDM is operating.
     */

    ptr_ASI_GetHardwareConfig =
	(tfnASI_GetHardwareConfig *) dlsym(dl_handle,
					   "ASI_GetHardwareConfig");

    if (ptr_ASI_GetHardwareConfig) {
	/*
	 * We found the call, now we'll get our config
	 * status.  If we get a non 0 result, the LDM is not
	 * running and we cannot use the Atalla ASI *
	 * library.
	 */
	status = (*ptr_ASI_GetHardwareConfig) (0L, config_buf);
	if (status != 0) {
	    printf("atasi.so library is present but not initialized\n");
	    printf("No HW acceleration available\n");
	    return;
	}
    } else {
/*		printf("We found the library, but not the function. Very Strange!\n");*/
	return;
    }

    /* 
     * It looks like we have acceleration capabilities.  Load up the
     * pointers to our ASI API calls.
     */
    ptr_ASI_RSAPrivateKeyOpFn =
	(tfnASI_RSAPrivateKeyOpFn *) dlsym(dl_handle,
					   "ASI_RSAPrivateKeyOpFn");
    if (ptr_ASI_RSAPrivateKeyOpFn == NULL) {
/*		printf("We found the library, but no RSA function. Very Strange!\n");*/
	return;
    }

    ptr_ASI_GetPerformanceStatistics =
	(tfnASI_GetPerformanceStatistics *) dlsym(dl_handle,
						  "ASI_GetPerformanceStatistics");
    if (ptr_ASI_GetPerformanceStatistics == NULL) {
/*		printf("We found the library, but no stat function. Very Strange!\n");*/
	return;
    }

    /*
     * Indicate that acceleration is available
     */
    asi_accelerator_present = 1;

/*	printf("This system has acceleration!\n");*/

    return;
}

/* make sure this only gets called once when bn_mod_exp calls bn_mod_exp_mont */
int BN_mod_exp_atalla(BIGNUM * r, BIGNUM * a, const BIGNUM * p,
		      const BIGNUM * m)
{
    unsigned char *abin;
    unsigned char *pbin;
    unsigned char *mbin;
    unsigned char *rbin;
    int an, pn, mn, ret;
    RSAPrivateKey keydata;

    atalla_initialize_accelerator_handle();
    if (!asi_accelerator_present)
	return 0;


/* We should be able to run without size testing */
# define ASIZE	128
    an = BN_num_bytes(a);
    pn = BN_num_bytes(p);
    mn = BN_num_bytes(m);

    if (an <= ASIZE && pn <= ASIZE && mn <= ASIZE) {
	int size = mn;

	assert(an <= mn);
	abin = alloca(size);
	memset(abin, '\0', mn);
	BN_bn2bin(a, abin + size - an);

	pbin = alloca(pn);
	BN_bn2bin(p, pbin);

	mbin = alloca(size);
	memset(mbin, '\0', mn);
	BN_bn2bin(m, mbin + size - mn);

	rbin = alloca(size);

	memset(&keydata, '\0', sizeof keydata);
	keydata.privateExponent.data = pbin;
	keydata.privateExponent.len = pn;
	keydata.modulus.data = mbin;
	keydata.modulus.len = size;

	ret =
	    (*ptr_ASI_RSAPrivateKeyOpFn) (&keydata, rbin, abin,
					  keydata.modulus.len);
/*fprintf(stderr,"!%s\n",BN_bn2hex(a));*/
	if (!ret) {
	    BN_bin2bn(rbin, keydata.modulus.len, r);
/*fprintf(stderr,"?%s\n",BN_bn2hex(r));*/
	    return 1;
	}
    }
    return 0;
}
#endif				/* def ATALLA */


int BN_mod_exp(BIGNUM * r, BIGNUM * a, const BIGNUM * p, const BIGNUM * m,
	       BN_CTX * ctx)
{
    int ret;

    bn_check_top(a);
    bn_check_top(p);
    bn_check_top(m);

#ifdef ATALLA
    if (BN_mod_exp_atalla(r, a, p, m))
	return 1;
/* If it fails, try the other methods (but don't try atalla again) */
    tried_atalla = 1;
#endif

#ifdef MONT_MUL_MOD
    /* I have finally been able to take out this pre-condition of
     * the top bit being set.  It was caused by an error in BN_div
     * with negatives.  There was also another problem when for a^b%m
     * a >= m.  eay 07-May-97 */
/*	if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */

    if (BN_is_odd(m)) {
	if (a->top == 1) {
	    BN_ULONG A = a->d[0];
	    ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
	} else
	    ret = BN_mod_exp_mont(r, a, p, m, ctx, NULL);
    } else
#endif
#ifdef RECP_MUL_MOD
    {
	ret = BN_mod_exp_recp(r, a, p, m, ctx);
    }
#else
	/* AMD CHANGE: Casting of p and m to BIGNUM* in order 
	 * to avoid compiler warnings */
    {
	ret = BN_mod_exp_simple(r, a, (BIGNUM *) p, (BIGNUM *) m, ctx);
    }
#endif

#ifdef ATALLA
    tried_atalla = 0;
#endif

    return (ret);
}


int BN_mod_exp_recp(BIGNUM * r, const BIGNUM * a, const BIGNUM * p,
		    const BIGNUM * m, BN_CTX * ctx)
{
    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
    int start = 1, ts = 0;
    BIGNUM *aa;
    BN_RECP_CTX recp;

#ifdef ORIGINAL_SSL_CODE
    BIGNUM val[TABLE_SIZE];
#else
    BIGNUM *val =
	(BIGNUM *) sps_dve_get_valbuf(sizeof(BIGNUM) * TABLE_SIZE);
#endif

    bits = BN_num_bits(p);

    if (bits == 0) {
	BN_one(r);
	return (1);
    }

    BN_CTX_start(ctx);
    if ((aa = BN_CTX_get(ctx)) == NULL)
	goto err;

    BN_RECP_CTX_init(&recp);
    if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
	goto err;

    BN_init(&(val[0]));
    ts = 1;

    if (!BN_mod(&(val[0]), a, m, ctx))
	goto err;		/* 1 */

    window = BN_window_bits_for_exponent_size(bits);
    if (window > 1) {
	if (!BN_mod_mul_reciprocal(aa, &(val[0]), &(val[0]), &recp, ctx))
	    goto err;		/* 2 */