diff options
author | Rohan McLure <rohanmclure@linux.ibm.com> | 2022-06-30 16:21:06 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-08-17 13:00:50 +0200 |
commit | 2f1112b22a826dc8854b41b60a422c987f8ddafb (patch) | |
tree | 882f5ef92e4824bd3907d37713a201818c15bad3 /crypto/bn | |
parent | eae70100fadbc94f18ba7a729bf065cb524a9fc9 (diff) | |
download | openssl-new-2f1112b22a826dc8854b41b60a422c987f8ddafb.tar.gz |
Fix unrolled montgomery multiplication for POWER9
In the reference C implementation in bn_asm.c, tp[num + 1] contains the
carry bit for accumulations into tp[num]. tp[num + 1] is only ever
assigned, never itself incremented.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18883)
Diffstat (limited to 'crypto/bn')
-rwxr-xr-x | crypto/bn/asm/ppc64-mont-fixed.pl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/bn/asm/ppc64-mont-fixed.pl b/crypto/bn/asm/ppc64-mont-fixed.pl index 0fb397bc5f..e27d0ad93d 100755 --- a/crypto/bn/asm/ppc64-mont-fixed.pl +++ b/crypto/bn/asm/ppc64-mont-fixed.pl @@ -63,6 +63,7 @@ my $SIZE_T= 8; # Registers are global so the code is remotely readable # Parameters for Montgomery multiplication +my $ze = "r0"; my $sp = "r1"; my $toc = "r2"; my $rp = "r3"; @@ -192,6 +193,7 @@ ___ $self->save_registers(); $self->add_code(<<___); + li $ze,0 ld $n0,0($n0) ld $bp0,0($bp) @@ -242,7 +244,7 @@ ___ $self->add_code(<<___); addc $tp[$n],$tp[$n],$c0 - addze $tp[$n+1],$tp[$n+1] + addze $tp[$n+1],$ze ___ $self->add_code(<<___); @@ -272,7 +274,7 @@ ___ and. $tp[$n],$tp[$n],$tp[$n] bne $label->{"sub"} - cmpld $tp[$n-1],$npj + cmpld $tp[$n-1],$npj blt $label->{"copy"} $label->{"sub"}: |