From 55c9f83d640d008649ebb37047f6d96e66195c0a Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Mon, 1 Jun 2026 10:38:05 +1000 Subject: [PATCH] Improvements to SP code Fixed left shifts to be on unsigned types. Mod exp change to correctly get the highest indeces of exponent - corrected in some places and now the same in all. --- wolfcrypt/src/sp_arm32.c | 334 ++++----- wolfcrypt/src/sp_arm64.c | 284 ++++---- wolfcrypt/src/sp_armthumb.c | 332 ++++----- wolfcrypt/src/sp_c32.c | 1274 +++++++++++++++++------------------ wolfcrypt/src/sp_c64.c | 1254 +++++++++++++++++----------------- wolfcrypt/src/sp_cortexm.c | 334 ++++----- wolfcrypt/src/sp_x86_64.c | 130 ++-- 7 files changed, 1971 insertions(+), 1971 deletions(-) diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c index 41c7d9ce1eb..a67622d089e 100644 --- a/wolfcrypt/src/sp_arm32.c +++ b/wolfcrypt/src/sp_arm32.c @@ -141,10 +141,10 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -199,7 +199,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -234,7 +234,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -6583,17 +6583,17 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -12498,10 +12498,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -12510,14 +12510,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -12525,12 +12525,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -12651,10 +12651,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -12663,14 +12663,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -12678,12 +12678,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -17364,10 +17364,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -17376,14 +17376,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -17391,12 +17391,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -17500,10 +17500,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -17512,14 +17512,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -17527,12 +17527,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -17605,7 +17605,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -18087,7 +18087,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -18112,7 +18112,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -18646,10 +18646,10 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -18658,14 +18658,14 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_2048_lshift_64(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -18673,12 +18673,12 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -18846,10 +18846,10 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -18904,7 +18904,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -18939,7 +18939,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -29998,17 +29998,17 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -38353,10 +38353,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -38365,14 +38365,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -38380,12 +38380,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -38506,10 +38506,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -38518,14 +38518,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -38533,12 +38533,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -45088,10 +45088,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -45100,14 +45100,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -45115,12 +45115,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -45224,10 +45224,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -45236,14 +45236,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -45251,12 +45251,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -45329,7 +45329,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -45867,7 +45867,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -45892,7 +45892,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -46618,10 +46618,10 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -46630,14 +46630,14 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_3072_lshift_96(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -46645,12 +46645,12 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -46818,10 +46818,10 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -46876,7 +46876,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -46911,7 +46911,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -48059,17 +48059,17 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -60696,10 +60696,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -60708,14 +60708,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -60723,12 +60723,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -60832,10 +60832,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -60844,14 +60844,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -60859,12 +60859,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -60937,7 +60937,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -61531,7 +61531,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -61556,7 +61556,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -62474,10 +62474,10 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -62486,14 +62486,14 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_4096_lshift_128(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -62501,12 +62501,12 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -67597,7 +67597,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -67632,7 +67632,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -67698,7 +67698,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -67723,7 +67723,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -72601,7 +72601,7 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 8); for (i=254; i>=0; i--) { sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p256_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 8); @@ -75246,7 +75246,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons t[15].infinity = 0; i = 6; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -75259,14 +75259,14 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons { XMEMCPY(rt, &t[y], sizeof(sp_point_256)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_256_proj_point_dbl_8(rt, rt, tmp); @@ -77932,10 +77932,10 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -90478,7 +90478,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -90513,7 +90513,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -90579,7 +90579,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -90604,7 +90604,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -91540,7 +91540,7 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 12); for (i=382; i>=0; i--) { sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p384_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 12); @@ -93263,7 +93263,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con t[15].infinity = 0; i = 10; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -93276,14 +93276,14 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_384)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_384_proj_point_dbl_12(rt, rt, tmp); @@ -95987,10 +95987,10 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -117084,7 +117084,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -117119,7 +117119,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -117185,7 +117185,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -117210,7 +117210,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -118769,7 +118769,7 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 17); for (i=519; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 17); @@ -119658,7 +119658,7 @@ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* (void)m; - sp_521_rshift1_17(r, r); + sp_521_rshift1_17(r, a); r[16] |= o << 8; } @@ -120388,7 +120388,7 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con t[15].infinity = 0; i = 15; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 5; y = (int)(n >> 5); #ifndef WC_NO_CACHE_RESISTANT @@ -120401,15 +120401,15 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_521)); } - n <<= 27; + n = (sp_uint32)n << (27); for (; i>=0 || c>=4; ) { if (c < 4) { - n = (k[i+1] << 31) | (k[i] >> 1); + n = ((sp_uint32)k[i+1] << 31) | (k[i] >> 1); i--; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_521_proj_point_dbl_17(rt, rt, tmp); @@ -123719,10 +123719,10 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -128335,7 +128335,7 @@ static int sp_521_mont_sqrt_17(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 17); for (i=518; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_sqrt_power[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 17); @@ -146613,7 +146613,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -146648,7 +146648,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -146714,7 +146714,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -146739,7 +146739,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -150295,18 +150295,18 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, t[15].infinity = 0; i = 30; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); XMEMCPY(rt, &t[y], sizeof(sp_point_1024)); - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_1024_proj_point_dbl_32(rt, rt, tmp); @@ -158411,10 +158411,10 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index 402e75a6db0..2ceb8d4fbdc 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -265,7 +265,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -300,7 +300,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -2911,10 +2911,10 @@ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -2922,7 +2922,7 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } /* Mul a by digit b into r. (r = a * b) @@ -4151,10 +4151,10 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -4163,14 +4163,14 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 16); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 60); - n <<= 4; + n = (sp_uint64)n << 4; c = 60; } else if (c < 4) { @@ -4178,12 +4178,12 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } @@ -4304,10 +4304,10 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -4316,14 +4316,14 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 16); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 59); - n <<= 5; + n = (sp_uint64)n << 5; c = 59; } else if (c < 5) { @@ -4331,12 +4331,12 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } @@ -5746,10 +5746,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -5758,14 +5758,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 59); - n <<= 5; + n = (sp_uint64)n << 5; c = 59; } else if (c < 5) { @@ -5773,12 +5773,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } @@ -5932,10 +5932,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -5944,14 +5944,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=6; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 58); - n <<= 6; + n = (sp_uint64)n << 6; c = 58; } else if (c < 6) { @@ -5959,12 +5959,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 6 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 58) & 0x3f); - n <<= 6; + n = (sp_uint64)n << 6; c -= 6; } @@ -6039,7 +6039,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -6352,7 +6352,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -6377,7 +6377,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -6703,10 +6703,10 @@ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -6715,14 +6715,14 @@ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } sp_2048_lshift_32(r, norm, y); for (; i>=0 || c>=6; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 58); - n <<= 6; + n = (sp_uint64)n << 6; c = 58; } else if (c < 6) { @@ -6730,12 +6730,12 @@ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 6 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 58) & 0x3f); - n <<= 6; + n = (sp_uint64)n << 6; c -= 6; } @@ -7028,7 +7028,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -7063,7 +7063,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -11584,10 +11584,10 @@ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -11595,7 +11595,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } /* Mul a by digit b into r. (r = a * b) @@ -13212,10 +13212,10 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -13224,14 +13224,14 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 24); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 60); - n <<= 4; + n = (sp_uint64)n << 4; c = 60; } else if (c < 4) { @@ -13239,12 +13239,12 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } @@ -13365,10 +13365,10 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -13377,14 +13377,14 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 24); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 59); - n <<= 5; + n = (sp_uint64)n << 5; c = 59; } else if (c < 5) { @@ -13392,12 +13392,12 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } @@ -15175,10 +15175,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -15187,14 +15187,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 61); - n <<= 3; + n = (sp_uint64)n << 3; c = 61; } else if (c < 3) { @@ -15202,12 +15202,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 61) & 0x7); - n <<= 3; + n = (sp_uint64)n << 3; c -= 3; } @@ -15311,10 +15311,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -15323,14 +15323,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 60); - n <<= 4; + n = (sp_uint64)n << 4; c = 60; } else if (c < 4) { @@ -15338,12 +15338,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } @@ -15416,7 +15416,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -15729,7 +15729,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 48; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -15754,7 +15754,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 48; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -16176,10 +16176,10 @@ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -16188,14 +16188,14 @@ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } sp_3072_lshift_48(r, norm, y); for (; i>=0 || c>=6; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 58); - n <<= 6; + n = (sp_uint64)n << 6; c = 58; } else if (c < 6) { @@ -16203,12 +16203,12 @@ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 6 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 58) & 0x3f); - n <<= 6; + n = (sp_uint64)n << 6; c -= 6; } @@ -16501,7 +16501,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -16536,7 +16536,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -17444,10 +17444,10 @@ static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a) */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -17455,7 +17455,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } /* Mul a by digit b into r. (r = a * b) @@ -20186,10 +20186,10 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -20198,14 +20198,14 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 61); - n <<= 3; + n = (sp_uint64)n << 3; c = 61; } else if (c < 3) { @@ -20213,12 +20213,12 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 61) & 0x7); - n <<= 3; + n = (sp_uint64)n << 3; c -= 3; } @@ -20322,10 +20322,10 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -20334,14 +20334,14 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 60); - n <<= 4; + n = (sp_uint64)n << 4; c = 60; } else if (c < 4) { @@ -20349,12 +20349,12 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } @@ -20427,7 +20427,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -20740,7 +20740,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -20765,7 +20765,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -21283,10 +21283,10 @@ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint64)n << c); n = e[i--]; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else if (c == 0) { @@ -21295,14 +21295,14 @@ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 64 - c; + n = (sp_uint64)n << (64 - c); } sp_4096_lshift_64(r, norm, y); for (; i>=0 || c>=6; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 58); - n <<= 6; + n = (sp_uint64)n << 6; c = 58; } else if (c < 6) { @@ -21310,12 +21310,12 @@ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 6 - c; y |= (byte)(n >> (64 - c)); - n <<= c; + n = (sp_uint64)n << c; c = 64 - c; } else { y = (byte)((n >> 58) & 0x3f); - n <<= 6; + n = (sp_uint64)n << 6; c -= 6; } @@ -21865,10 +21865,10 @@ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* t[5] += t[4] >> 32; t[4] &= 0xffffffff; t[6] += t[5] >> 32; t[5] &= 0xffffffff; t[7] += t[6] >> 32; t[6] &= 0xffffffff; - r[0] = (sp_digit)((t[1] << 32) | t[0]); - r[1] = (sp_digit)((t[3] << 32) | t[2]); - r[2] = (sp_digit)((t[5] << 32) | t[4]); - r[3] = (sp_digit)((t[7] << 32) | t[6]); + r[0] = (sp_digit)(((sp_uint64)t[1] << 32) | (sp_uint64)t[0]); + r[1] = (sp_digit)(((sp_uint64)t[3] << 32) | (sp_uint64)t[2]); + r[2] = (sp_digit)(((sp_uint64)t[5] << 32) | (sp_uint64)t[4]); + r[3] = (sp_digit)(((sp_uint64)t[7] << 32) | (sp_uint64)t[6]); return MP_OKAY; } @@ -21899,7 +21899,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -21934,7 +21934,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -22000,7 +22000,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 4; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -22025,7 +22025,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 4; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -22465,7 +22465,7 @@ static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 4); for (i=254; i>=0; i--) { sp_256_mont_sqr_4(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p256_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_256_mont_mul_4(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 4); @@ -23959,7 +23959,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) } else if (++j < 4) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -26903,7 +26903,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) } else if (++j < 4) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -42693,12 +42693,12 @@ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* t[10] += t[9] >> 32; t[9] &= 0xffffffff; t[11] += t[10] >> 32; t[10] &= 0xffffffff; - r[0] = (sp_digit)((t[1] << 32) | t[0]); - r[1] = (sp_digit)((t[3] << 32) | t[2]); - r[2] = (sp_digit)((t[5] << 32) | t[4]); - r[3] = (sp_digit)((t[7] << 32) | t[6]); - r[4] = (sp_digit)((t[9] << 32) | t[8]); - r[5] = (sp_digit)((t[11] << 32) | t[10]); + r[0] = (sp_digit)(((sp_uint64)t[1] << 32) | (sp_uint64)t[0]); + r[1] = (sp_digit)(((sp_uint64)t[3] << 32) | (sp_uint64)t[2]); + r[2] = (sp_digit)(((sp_uint64)t[5] << 32) | (sp_uint64)t[4]); + r[3] = (sp_digit)(((sp_uint64)t[7] << 32) | (sp_uint64)t[6]); + r[4] = (sp_digit)(((sp_uint64)t[9] << 32) | (sp_uint64)t[8]); + r[5] = (sp_digit)(((sp_uint64)t[11] << 32) | (sp_uint64)t[10]); } SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC); @@ -42732,7 +42732,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -42767,7 +42767,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -42833,7 +42833,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 6; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -42858,7 +42858,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 6; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -43247,7 +43247,7 @@ static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 6); for (i=382; i>=0; i--) { sp_384_mont_sqr_6(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p384_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_384_mont_mul_6(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 6); @@ -44497,7 +44497,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) } else if (++j < 6) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -47405,7 +47405,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) } else if (++j < 6) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -69713,7 +69713,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -69748,7 +69748,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -69814,7 +69814,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -69839,7 +69839,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -71004,7 +71004,7 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 9); for (i=519; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 9); @@ -72442,7 +72442,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -76049,7 +76049,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -111994,7 +111994,7 @@ static int sp_521_mont_sqrt_9(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 9); for (i=518; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_sqrt_power[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 9); @@ -114032,7 +114032,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -114067,7 +114067,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -114133,7 +114133,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 16; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -114158,7 +114158,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 16; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -116114,7 +116114,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) } else if (++j < 16) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c index b479c93b9bd..eecec7cab8b 100644 --- a/wolfcrypt/src/sp_armthumb.c +++ b/wolfcrypt/src/sp_armthumb.c @@ -141,10 +141,10 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -199,7 +199,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -234,7 +234,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -21740,17 +21740,17 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_32(sp_digit* r, */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } /* Mul a by digit b into r. (r = a * b) @@ -24177,10 +24177,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -24189,14 +24189,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -24204,12 +24204,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -24330,10 +24330,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -24342,14 +24342,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -24357,12 +24357,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -27737,10 +27737,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -27749,14 +27749,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -27764,12 +27764,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -27873,10 +27873,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -27885,14 +27885,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -27900,12 +27900,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -27978,7 +27978,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -28325,7 +28325,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -28350,7 +28350,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -30066,10 +30066,10 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -30078,14 +30078,14 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_2048_lshift_64(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -30093,12 +30093,12 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -30266,10 +30266,10 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -30324,7 +30324,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -30359,7 +30359,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -72867,17 +72867,17 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_48(sp_digit* r, */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } /* Mul a by digit b into r. (r = a * b) @@ -75576,10 +75576,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -75588,14 +75588,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -75603,12 +75603,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -75729,10 +75729,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -75741,14 +75741,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -75756,12 +75756,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -79967,10 +79967,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -79979,14 +79979,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -79994,12 +79994,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -80103,10 +80103,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -80115,14 +80115,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -80130,12 +80130,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -80208,7 +80208,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -80555,7 +80555,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -80580,7 +80580,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -83094,10 +83094,10 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -83106,14 +83106,14 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_3072_lshift_96(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -83121,12 +83121,12 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -83294,10 +83294,10 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -83352,7 +83352,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -83387,7 +83387,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -87248,17 +87248,17 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_sqr_128(sp_digit* r, */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } /* Mul a by digit b into r. (r = a * b) @@ -92447,10 +92447,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -92459,14 +92459,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -92474,12 +92474,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -92583,10 +92583,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -92595,14 +92595,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -92610,12 +92610,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -92688,7 +92688,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -93040,7 +93040,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -93065,7 +93065,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -96367,10 +96367,10 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -96379,14 +96379,14 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_4096_lshift_128(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -96394,12 +96394,12 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -97538,7 +97538,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -97573,7 +97573,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -97639,7 +97639,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -97664,7 +97664,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -98763,7 +98763,7 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 8); for (i=254; i>=0; i--) { sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p256_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 8); @@ -100866,7 +100866,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons t[15].infinity = 0; i = 6; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -100879,14 +100879,14 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons { XMEMCPY(rt, &t[y], sizeof(sp_point_256)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_256_proj_point_dbl_8(rt, rt, tmp); @@ -103600,10 +103600,10 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -108780,7 +108780,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -108815,7 +108815,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -108881,7 +108881,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -108906,7 +108906,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -109816,7 +109816,7 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 12); for (i=382; i>=0; i--) { sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p384_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 12); @@ -111318,7 +111318,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con t[15].infinity = 0; i = 10; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -111331,14 +111331,14 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_384)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_384_proj_point_dbl_12(rt, rt, tmp); @@ -114120,10 +114120,10 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -119587,7 +119587,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -119622,7 +119622,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -119688,7 +119688,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -119713,7 +119713,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -121713,7 +121713,7 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 17); for (i=519; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 17); @@ -124547,7 +124547,7 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con t[15].infinity = 0; i = 15; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 5; y = (int)(n >> 5); #ifndef WC_NO_CACHE_RESISTANT @@ -124560,15 +124560,15 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_521)); } - n <<= 27; + n = (sp_uint32)n << (27); for (; i>=0 || c>=4; ) { if (c < 4) { - n = (k[i+1] << 31) | (k[i] >> 1); + n = ((sp_uint32)k[i+1] << 31) | (k[i] >> 1); i--; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_521_proj_point_dbl_17(rt, rt, tmp); @@ -127992,10 +127992,10 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -134979,7 +134979,7 @@ static int sp_521_mont_sqrt_17(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 17); for (i=518; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_sqrt_power[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 17); @@ -201254,7 +201254,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -201289,7 +201289,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -201355,7 +201355,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -201380,7 +201380,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -208949,18 +208949,18 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, t[15].infinity = 0; i = 30; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); XMEMCPY(rt, &t[y], sizeof(sp_point_1024)); - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_1024_proj_point_dbl_32(rt, rt, tmp); @@ -217065,10 +217065,10 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 907c04c61ad..7ac4bfac1cb 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -239,7 +239,7 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 21U) { r[j] &= 0x1fffffff; s = 29U - s; @@ -285,7 +285,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1fffffff; s = 29U - s; if (j + 1 >= size) { @@ -320,7 +320,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 29) { r[j] &= 0x1fffffff; if (j + 1 >= size) { @@ -369,7 +369,7 @@ static void sp_2048_to_bin_72(sp_digit* r, byte* a) for (i=0; i<71 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -1526,10 +1526,10 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -1537,7 +1537,7 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1fffffff; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 29) - x; + *rho = (sp_digit)(((sp_uint32)1 << 29) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -2030,22 +2030,22 @@ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<35; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } #else for (i=0; i<32; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff); - } - r[32] = (a[32] >> n) | (sp_digit)((a[33] << (29 - n)) & 0x1fffffff); - r[33] = (a[33] >> n) | (sp_digit)((a[34] << (29 - n)) & 0x1fffffff); - r[34] = (a[34] >> n) | (sp_digit)((a[35] << (29 - n)) & 0x1fffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (29 - n)) & 0x1fffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (29 - n)) & 0x1fffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (29 - n)) & 0x1fffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (29 - n)) & 0x1fffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (29 - n)) & 0x1fffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (29 - n)) & 0x1fffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (29 - n)) & 0x1fffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (29 - n)) & 0x1fffffff); + } + r[32] = (a[32] >> n) | (sp_digit)(((sp_uint32)a[33] << (29 - n)) & 0x1fffffff); + r[33] = (a[33] >> n) | (sp_digit)(((sp_uint32)a[34] << (29 - n)) & 0x1fffffff); + r[34] = (a[34] >> n) | (sp_digit)(((sp_uint32)a[35] << (29 - n)) & 0x1fffffff); #endif /* WOLFSSL_SP_SMALL */ r[35] = a[35] >> n; } @@ -2085,7 +2085,7 @@ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -2277,9 +2277,9 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -2291,7 +2291,7 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp); @@ -2353,9 +2353,9 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -2367,7 +2367,7 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp); @@ -2468,38 +2468,38 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 29; } if (i < 36) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 72); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c = 24; } else { y = (byte)((n >> 27) & 0x1f); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 5 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -3027,26 +3027,26 @@ SP_NOINLINE static void sp_2048_rshift_72(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<71; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } #else for (i=0; i<64; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff); - } - r[64] = (a[64] >> n) | (sp_digit)((a[65] << (29 - n)) & 0x1fffffff); - r[65] = (a[65] >> n) | (sp_digit)((a[66] << (29 - n)) & 0x1fffffff); - r[66] = (a[66] >> n) | (sp_digit)((a[67] << (29 - n)) & 0x1fffffff); - r[67] = (a[67] >> n) | (sp_digit)((a[68] << (29 - n)) & 0x1fffffff); - r[68] = (a[68] >> n) | (sp_digit)((a[69] << (29 - n)) & 0x1fffffff); - r[69] = (a[69] >> n) | (sp_digit)((a[70] << (29 - n)) & 0x1fffffff); - r[70] = (a[70] >> n) | (sp_digit)((a[71] << (29 - n)) & 0x1fffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (29 - n)) & 0x1fffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (29 - n)) & 0x1fffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (29 - n)) & 0x1fffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (29 - n)) & 0x1fffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (29 - n)) & 0x1fffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (29 - n)) & 0x1fffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (29 - n)) & 0x1fffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (29 - n)) & 0x1fffffff); + } + r[64] = (a[64] >> n) | (sp_digit)(((sp_uint32)a[65] << (29 - n)) & 0x1fffffff); + r[65] = (a[65] >> n) | (sp_digit)(((sp_uint32)a[66] << (29 - n)) & 0x1fffffff); + r[66] = (a[66] >> n) | (sp_digit)(((sp_uint32)a[67] << (29 - n)) & 0x1fffffff); + r[67] = (a[67] >> n) | (sp_digit)(((sp_uint32)a[68] << (29 - n)) & 0x1fffffff); + r[68] = (a[68] >> n) | (sp_digit)(((sp_uint32)a[69] << (29 - n)) & 0x1fffffff); + r[69] = (a[69] >> n) | (sp_digit)(((sp_uint32)a[70] << (29 - n)) & 0x1fffffff); + r[70] = (a[70] >> n) | (sp_digit)(((sp_uint32)a[71] << (29 - n)) & 0x1fffffff); #endif /* WOLFSSL_SP_SMALL */ r[71] = a[71] >> n; } @@ -3086,7 +3086,7 @@ static WC_INLINE sp_digit sp_2048_div_word_72(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -3281,9 +3281,9 @@ static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -3295,7 +3295,7 @@ static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_2048_mont_mul_72(t[y^1], t[0], t[1], m, mp); @@ -3357,9 +3357,9 @@ static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -3371,7 +3371,7 @@ static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_2048_mont_mul_72(t[y^1], t[0], t[1], m, mp); @@ -3456,38 +3456,38 @@ static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 29; } if (i < 72) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 144); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -3583,10 +3583,10 @@ static int sp_2048_mod_exp_72_nb(sp_2048_mod_exp_72_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 29 + 1 keeps the shift in [1, 29]. */ ctx->i = (ctx->bits - 1) / 29; ctx->c = ((ctx->bits - 1) % 29) + 1; - ctx->n = e[ctx->i--] << (29 - ctx->c); + ctx->n = (sp_uint32)e[ctx->i--] << (29 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -3599,7 +3599,7 @@ static int sp_2048_mod_exp_72_nb(sp_2048_mod_exp_72_ctx* ctx, ctx->c = 29; } ctx->y = (byte)((ctx->n >> 28) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -4372,7 +4372,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 71; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -4397,7 +4397,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 71; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 29 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -4614,7 +4614,7 @@ SP_NOINLINE static void sp_2048_lshift_72(sp_digit* r, const sp_digit* a, r[72] = a[71] >> (29 - n); for (i=71; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); } #else sp_int_digit s; @@ -4765,7 +4765,7 @@ SP_NOINLINE static void sp_2048_lshift_72(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x1fffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x1fffffff); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -4811,38 +4811,38 @@ static int sp_2048_mod_exp_2_72(sp_digit* r, const sp_digit* e, int bits, const c = 29; } if (i < 72) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_2048_lshift_72(r, norm, (byte)y); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -5172,7 +5172,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 21U) { r[j] &= 0x1fffffff; s = 29U - s; @@ -5218,7 +5218,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1fffffff; s = 29U - s; if (j + 1 >= size) { @@ -5253,7 +5253,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 29) { r[j] &= 0x1fffffff; if (j + 1 >= size) { @@ -5302,7 +5302,7 @@ static void sp_3072_to_bin_106(sp_digit* r, byte* a) for (i=0; i<106 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -5478,10 +5478,10 @@ SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -5489,7 +5489,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1fffffff; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 29) - x; + *rho = (sp_digit)(((sp_uint32)1 << 29) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -5902,7 +5902,7 @@ SP_NOINLINE static void sp_3072_rshift_53(sp_digit* r, const sp_digit* a, int i; for (i=0; i<52; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } r[52] = a[52] >> n; } @@ -5942,7 +5942,7 @@ static WC_INLINE sp_digit sp_3072_div_word_53(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -6134,9 +6134,9 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -6148,7 +6148,7 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_53(t[y^1], t[0], t[1], m, mp); @@ -6210,9 +6210,9 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -6224,7 +6224,7 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_53(t[y^1], t[0], t[1], m, mp); @@ -6325,38 +6325,38 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 29; } if (i < 53) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 106); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c = 24; } else { y = (byte)((n >> 27) & 0x1f); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 5 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -6680,7 +6680,7 @@ SP_NOINLINE static void sp_3072_rshift_106(sp_digit* r, const sp_digit* a, int i; for (i=0; i<105; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } r[105] = a[105] >> n; } @@ -6720,7 +6720,7 @@ static WC_INLINE sp_digit sp_3072_div_word_106(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -6913,9 +6913,9 @@ static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -6927,7 +6927,7 @@ static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_106(t[y^1], t[0], t[1], m, mp); @@ -6989,9 +6989,9 @@ static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -7003,7 +7003,7 @@ static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_106(t[y^1], t[0], t[1], m, mp); @@ -7088,38 +7088,38 @@ static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e c = 29; } if (i < 106) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 212); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -7215,10 +7215,10 @@ static int sp_3072_mod_exp_106_nb(sp_3072_mod_exp_106_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 29 + 1 keeps the shift in [1, 29]. */ ctx->i = (ctx->bits - 1) / 29; ctx->c = ((ctx->bits - 1) % 29) + 1; - ctx->n = e[ctx->i--] << (29 - ctx->c); + ctx->n = (sp_uint32)e[ctx->i--] << (29 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -7231,7 +7231,7 @@ static int sp_3072_mod_exp_106_nb(sp_3072_mod_exp_106_ctx* ctx, ctx->c = 29; } ctx->y = (byte)((ctx->n >> 28) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -8002,7 +8002,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 106; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -8027,7 +8027,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 106; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 29 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -8243,9 +8243,9 @@ SP_NOINLINE static void sp_3072_lshift_106(sp_digit* r, const sp_digit* a, r[106] = a[105] >> (29 - n); for (i=105; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); } - r[0] = (sp_digit)((a[0] << n) & 0x1fffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x1fffffff); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -8291,38 +8291,38 @@ static int sp_3072_mod_exp_2_106(sp_digit* r, const sp_digit* e, int bits, const c = 29; } if (i < 106) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_3072_lshift_106(r, norm, (byte)y); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -8649,7 +8649,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 20U) { r[j] &= 0xfffffff; s = 28U - s; @@ -8695,7 +8695,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xfffffff; s = 28U - s; if (j + 1 >= size) { @@ -8730,7 +8730,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 28) { r[j] &= 0xfffffff; if (j + 1 >= size) { @@ -8779,7 +8779,7 @@ static void sp_3072_to_bin_112(sp_digit* r, byte* a) for (i=0; i<110 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -9701,10 +9701,10 @@ SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -9712,7 +9712,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0xfffffff; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 28) - x; + *rho = (sp_digit)(((sp_uint32)1 << 28) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -10094,22 +10094,22 @@ SP_NOINLINE static void sp_3072_rshift_56(sp_digit* r, const sp_digit* a, int i; for (i=0; i<48; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (28 - n)) & 0xfffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (28 - n)) & 0xfffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (28 - n)) & 0xfffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (28 - n)) & 0xfffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (28 - n)) & 0xfffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (28 - n)) & 0xfffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (28 - n)) & 0xfffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (28 - n)) & 0xfffffff); - } - r[48] = (a[48] >> n) | (sp_digit)((a[49] << (28 - n)) & 0xfffffff); - r[49] = (a[49] >> n) | (sp_digit)((a[50] << (28 - n)) & 0xfffffff); - r[50] = (a[50] >> n) | (sp_digit)((a[51] << (28 - n)) & 0xfffffff); - r[51] = (a[51] >> n) | (sp_digit)((a[52] << (28 - n)) & 0xfffffff); - r[52] = (a[52] >> n) | (sp_digit)((a[53] << (28 - n)) & 0xfffffff); - r[53] = (a[53] >> n) | (sp_digit)((a[54] << (28 - n)) & 0xfffffff); - r[54] = (a[54] >> n) | (sp_digit)((a[55] << (28 - n)) & 0xfffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (28 - n)) & 0xfffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (28 - n)) & 0xfffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (28 - n)) & 0xfffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (28 - n)) & 0xfffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (28 - n)) & 0xfffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (28 - n)) & 0xfffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (28 - n)) & 0xfffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (28 - n)) & 0xfffffff); + } + r[48] = (a[48] >> n) | (sp_digit)(((sp_uint32)a[49] << (28 - n)) & 0xfffffff); + r[49] = (a[49] >> n) | (sp_digit)(((sp_uint32)a[50] << (28 - n)) & 0xfffffff); + r[50] = (a[50] >> n) | (sp_digit)(((sp_uint32)a[51] << (28 - n)) & 0xfffffff); + r[51] = (a[51] >> n) | (sp_digit)(((sp_uint32)a[52] << (28 - n)) & 0xfffffff); + r[52] = (a[52] >> n) | (sp_digit)(((sp_uint32)a[53] << (28 - n)) & 0xfffffff); + r[53] = (a[53] >> n) | (sp_digit)(((sp_uint32)a[54] << (28 - n)) & 0xfffffff); + r[54] = (a[54] >> n) | (sp_digit)(((sp_uint32)a[55] << (28 - n)) & 0xfffffff); r[55] = a[55] >> n; } @@ -10148,7 +10148,7 @@ static WC_INLINE sp_digit sp_3072_div_word_56(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 26; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 27) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -10340,9 +10340,9 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 28; - c = bits % 28; - n = e[i--] << (28 - c); + i = (bits - 1) / 28; + c = ((bits - 1) % 28) + 1; + n = (sp_uint32)e[i--] << (28 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -10354,7 +10354,7 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 27) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_56(t[y^1], t[0], t[1], m, mp); @@ -10416,9 +10416,9 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 28; - c = bits % 28; - n = e[i--] << (28 - c); + i = (bits - 1) / 28; + c = ((bits - 1) % 28) + 1; + n = (sp_uint32)e[i--] << (28 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -10430,7 +10430,7 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 27) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_56(t[y^1], t[0], t[1], m, mp); @@ -10531,38 +10531,38 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 28; } if (i < 56) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (4 - c); + n |= (sp_uint32)e[i--] << (4 - c); c += 28; } y = (int)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 112); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c = 23; } else { y = (byte)((n >> 27) & 0x1f); - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; c = 5 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 28 - c; } @@ -10951,22 +10951,22 @@ SP_NOINLINE static void sp_3072_rshift_112(sp_digit* r, const sp_digit* a, int i; for (i=0; i<104; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (28 - n)) & 0xfffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (28 - n)) & 0xfffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (28 - n)) & 0xfffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (28 - n)) & 0xfffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (28 - n)) & 0xfffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (28 - n)) & 0xfffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (28 - n)) & 0xfffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (28 - n)) & 0xfffffff); - } - r[104] = (a[104] >> n) | (sp_digit)((a[105] << (28 - n)) & 0xfffffff); - r[105] = (a[105] >> n) | (sp_digit)((a[106] << (28 - n)) & 0xfffffff); - r[106] = (a[106] >> n) | (sp_digit)((a[107] << (28 - n)) & 0xfffffff); - r[107] = (a[107] >> n) | (sp_digit)((a[108] << (28 - n)) & 0xfffffff); - r[108] = (a[108] >> n) | (sp_digit)((a[109] << (28 - n)) & 0xfffffff); - r[109] = (a[109] >> n) | (sp_digit)((a[110] << (28 - n)) & 0xfffffff); - r[110] = (a[110] >> n) | (sp_digit)((a[111] << (28 - n)) & 0xfffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (28 - n)) & 0xfffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (28 - n)) & 0xfffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (28 - n)) & 0xfffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (28 - n)) & 0xfffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (28 - n)) & 0xfffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (28 - n)) & 0xfffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (28 - n)) & 0xfffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (28 - n)) & 0xfffffff); + } + r[104] = (a[104] >> n) | (sp_digit)(((sp_uint32)a[105] << (28 - n)) & 0xfffffff); + r[105] = (a[105] >> n) | (sp_digit)(((sp_uint32)a[106] << (28 - n)) & 0xfffffff); + r[106] = (a[106] >> n) | (sp_digit)(((sp_uint32)a[107] << (28 - n)) & 0xfffffff); + r[107] = (a[107] >> n) | (sp_digit)(((sp_uint32)a[108] << (28 - n)) & 0xfffffff); + r[108] = (a[108] >> n) | (sp_digit)(((sp_uint32)a[109] << (28 - n)) & 0xfffffff); + r[109] = (a[109] >> n) | (sp_digit)(((sp_uint32)a[110] << (28 - n)) & 0xfffffff); + r[110] = (a[110] >> n) | (sp_digit)(((sp_uint32)a[111] << (28 - n)) & 0xfffffff); r[111] = a[111] >> n; } @@ -11005,7 +11005,7 @@ static WC_INLINE sp_digit sp_3072_div_word_112(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 26; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 27) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -11201,9 +11201,9 @@ static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 28; - c = bits % 28; - n = e[i--] << (28 - c); + i = (bits - 1) / 28; + c = ((bits - 1) % 28) + 1; + n = (sp_uint32)e[i--] << (28 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -11215,7 +11215,7 @@ static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 27) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_112(t[y^1], t[0], t[1], m, mp); @@ -11277,9 +11277,9 @@ static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 28; - c = bits % 28; - n = e[i--] << (28 - c); + i = (bits - 1) / 28; + c = ((bits - 1) % 28) + 1; + n = (sp_uint32)e[i--] << (28 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -11291,7 +11291,7 @@ static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 27) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_3072_mont_mul_112(t[y^1], t[0], t[1], m, mp); @@ -11376,38 +11376,38 @@ static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e c = 28; } if (i < 112) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (4 - c); + n |= (sp_uint32)e[i--] << (4 - c); c += 28; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 224); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 24; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 28 - c; } @@ -11503,10 +11503,10 @@ static int sp_3072_mod_exp_112_nb(sp_3072_mod_exp_112_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 28 + 1 keeps the shift in [1, 28]. */ ctx->i = (ctx->bits - 1) / 28; ctx->c = ((ctx->bits - 1) % 28) + 1; - ctx->n = e[ctx->i--] << (28 - ctx->c); + ctx->n = (sp_uint32)e[ctx->i--] << (28 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -11519,7 +11519,7 @@ static int sp_3072_mod_exp_112_nb(sp_3072_mod_exp_112_ctx* ctx, ctx->c = 28; } ctx->y = (byte)((ctx->n >> 27) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -12090,7 +12090,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 110; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -12115,7 +12115,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 110; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 28 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -12468,7 +12468,7 @@ SP_NOINLINE static void sp_3072_lshift_112(sp_digit* r, const sp_digit* a, r[2] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff); s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff); - r[0] = (sp_digit)((a[0] << n) & 0xfffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0xfffffff); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -12514,38 +12514,38 @@ static int sp_3072_mod_exp_2_112(sp_digit* r, const sp_digit* e, int bits, const c = 28; } if (i < 112) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (4 - c); + n |= (sp_uint32)e[i--] << (4 - c); c += 28; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_3072_lshift_112(r, norm, (byte)y); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 24; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 4; + n = (sp_uint32)e[i--] << 4; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 28 - c; } @@ -12774,7 +12774,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 21U) { r[j] &= 0x1fffffff; s = 29U - s; @@ -12820,7 +12820,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1fffffff; s = 29U - s; if (j + 1 >= size) { @@ -12855,7 +12855,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 29) { r[j] &= 0x1fffffff; if (j + 1 >= size) { @@ -12904,7 +12904,7 @@ static void sp_4096_to_bin_142(sp_digit* r, byte* a) for (i=0; i<142 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -13082,10 +13082,10 @@ SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a) */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -13093,7 +13093,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1fffffff; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 29) - x; + *rho = (sp_digit)(((sp_uint32)1 << 29) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -13513,7 +13513,7 @@ SP_NOINLINE static void sp_4096_rshift_71(sp_digit* r, const sp_digit* a, int i; for (i=0; i<70; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } r[70] = a[70] >> n; } @@ -13553,7 +13553,7 @@ static WC_INLINE sp_digit sp_4096_div_word_71(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -13745,9 +13745,9 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -13759,7 +13759,7 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_71(t[y^1], t[0], t[1], m, mp); @@ -13821,9 +13821,9 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -13835,7 +13835,7 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_71(t[y^1], t[0], t[1], m, mp); @@ -13936,38 +13936,38 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 29; } if (i < 71) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 142); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c = 24; } else { y = (byte)((n >> 27) & 0x1f); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 5 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -14292,7 +14292,7 @@ SP_NOINLINE static void sp_4096_rshift_142(sp_digit* r, const sp_digit* a, int i; for (i=0; i<141; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } r[141] = a[141] >> n; } @@ -14332,7 +14332,7 @@ static WC_INLINE sp_digit sp_4096_div_word_142(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 27; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 28) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -14525,9 +14525,9 @@ static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -14539,7 +14539,7 @@ static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_142(t[y^1], t[0], t[1], m, mp); @@ -14601,9 +14601,9 @@ static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 29; - c = bits % 29; - n = e[i--] << (29 - c); + i = (bits - 1) / 29; + c = ((bits - 1) % 29) + 1; + n = (sp_uint32)e[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -14615,7 +14615,7 @@ static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 28) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_142(t[y^1], t[0], t[1], m, mp); @@ -14700,38 +14700,38 @@ static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e c = 29; } if (i < 142) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 284); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -14827,10 +14827,10 @@ static int sp_4096_mod_exp_142_nb(sp_4096_mod_exp_142_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 29 + 1 keeps the shift in [1, 29]. */ ctx->i = (ctx->bits - 1) / 29; ctx->c = ((ctx->bits - 1) % 29) + 1; - ctx->n = e[ctx->i--] << (29 - ctx->c); + ctx->n = (sp_uint32)e[ctx->i--] << (29 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -14843,7 +14843,7 @@ static int sp_4096_mod_exp_142_nb(sp_4096_mod_exp_142_ctx* ctx, ctx->c = 29; } ctx->y = (byte)((ctx->n >> 28) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -15614,7 +15614,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 142; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -15639,7 +15639,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 142; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 29 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -15855,9 +15855,9 @@ SP_NOINLINE static void sp_4096_lshift_142(sp_digit* r, const sp_digit* a, r[142] = a[141] >> (29 - n); for (i=141; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); } - r[0] = (sp_digit)((a[0] << n) & 0x1fffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x1fffffff); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -15903,38 +15903,38 @@ static int sp_4096_mod_exp_2_142(sp_digit* r, const sp_digit* e, int bits, const c = 29; } if (i < 142) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint32)e[i--] << (3 - c); c += 29; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_4096_lshift_142(r, norm, (byte)y); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 25; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 3; + n = (sp_uint32)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 29 - c; } @@ -16160,7 +16160,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 18U) { r[j] &= 0x3ffffff; s = 26U - s; @@ -16206,7 +16206,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x3ffffff; s = 26U - s; if (j + 1 >= size) { @@ -16241,7 +16241,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 26) { r[j] &= 0x3ffffff; if (j + 1 >= size) { @@ -16290,7 +16290,7 @@ static void sp_4096_to_bin_162(sp_digit* r, byte* a) for (i=0; i<158 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -17221,10 +17221,10 @@ SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a) */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -17232,7 +17232,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x3ffffff; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 26) - x; + *rho = (sp_digit)(((sp_uint32)1 << 26) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -17633,14 +17633,14 @@ SP_NOINLINE static void sp_4096_rshift_81(sp_digit* r, const sp_digit* a, int i; for (i=0; i<80; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (26 - n)) & 0x3ffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (26 - n)) & 0x3ffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (26 - n)) & 0x3ffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (26 - n)) & 0x3ffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (26 - n)) & 0x3ffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (26 - n)) & 0x3ffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (26 - n)) & 0x3ffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (26 - n)) & 0x3ffffff); } r[80] = a[80] >> n; } @@ -17680,7 +17680,7 @@ static WC_INLINE sp_digit sp_4096_div_word_81(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 24; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 25) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -17873,9 +17873,9 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 26; - c = bits % 26; - n = e[i--] << (26 - c); + i = (bits - 1) / 26; + c = ((bits - 1) % 26) + 1; + n = (sp_uint32)e[i--] << (26 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -17887,7 +17887,7 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 25) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_81(t[y^1], t[0], t[1], m, mp); @@ -17949,9 +17949,9 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 26; - c = bits % 26; - n = e[i--] << (26 - c); + i = (bits - 1) / 26; + c = ((bits - 1) % 26) + 1; + n = (sp_uint32)e[i--] << (26 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -17963,7 +17963,7 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 25) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_81(t[y^1], t[0], t[1], m, mp); @@ -18064,38 +18064,38 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 26; } if (i < 81) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (6 - c); + n |= (sp_uint32)e[i--] << (6 - c); c += 26; } y = (int)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 162); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c = 21; } else { y = (byte)((n >> 27) & 0x1f); - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; c = 5 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 26 - c; } @@ -18475,16 +18475,16 @@ SP_NOINLINE static void sp_4096_rshift_162(sp_digit* r, const sp_digit* a, int i; for (i=0; i<160; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff); - } - r[160] = (a[160] >> n) | (sp_digit)((a[161] << (26 - n)) & 0x3ffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (26 - n)) & 0x3ffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (26 - n)) & 0x3ffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (26 - n)) & 0x3ffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (26 - n)) & 0x3ffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (26 - n)) & 0x3ffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (26 - n)) & 0x3ffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (26 - n)) & 0x3ffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (26 - n)) & 0x3ffffff); + } + r[160] = (a[160] >> n) | (sp_digit)(((sp_uint32)a[161] << (26 - n)) & 0x3ffffff); r[161] = a[161] >> n; } @@ -18523,7 +18523,7 @@ static WC_INLINE sp_digit sp_4096_div_word_162(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 24; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 25) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -18721,9 +18721,9 @@ static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 26; - c = bits % 26; - n = e[i--] << (26 - c); + i = (bits - 1) / 26; + c = ((bits - 1) % 26) + 1; + n = (sp_uint32)e[i--] << (26 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -18735,7 +18735,7 @@ static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 25) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_162(t[y^1], t[0], t[1], m, mp); @@ -18797,9 +18797,9 @@ static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e } if (err == MP_OKAY) { - i = bits / 26; - c = bits % 26; - n = e[i--] << (26 - c); + i = (bits - 1) / 26; + c = ((bits - 1) % 26) + 1; + n = (sp_uint32)e[i--] << (26 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -18811,7 +18811,7 @@ static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e } y = (int)((n >> 25) & 1); - n <<= 1; + n = (sp_uint32)n << 1; sp_4096_mont_mul_162(t[y^1], t[0], t[1], m, mp); @@ -18896,38 +18896,38 @@ static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e c = 26; } if (i < 162) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (6 - c); + n |= (sp_uint32)e[i--] << (6 - c); c += 26; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 324); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 22; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 26 - c; } @@ -19023,10 +19023,10 @@ static int sp_4096_mod_exp_162_nb(sp_4096_mod_exp_162_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 26 + 1 keeps the shift in [1, 26]. */ ctx->i = (ctx->bits - 1) / 26; ctx->c = ((ctx->bits - 1) % 26) + 1; - ctx->n = e[ctx->i--] << (26 - ctx->c); + ctx->n = (sp_uint32)e[ctx->i--] << (26 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -19039,7 +19039,7 @@ static int sp_4096_mod_exp_162_nb(sp_4096_mod_exp_162_ctx* ctx, ctx->c = 26; } ctx->y = (byte)((ctx->n >> 25) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -19610,7 +19610,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 158; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -19635,7 +19635,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 158; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 26 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -20088,7 +20088,7 @@ SP_NOINLINE static void sp_4096_lshift_162(sp_digit* r, const sp_digit* a, r[2] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff); s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff); - r[0] = (sp_digit)((a[0] << n) & 0x3ffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x3ffffff); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -20134,38 +20134,38 @@ static int sp_4096_mod_exp_2_162(sp_digit* r, const sp_digit* e, int bits, const c = 26; } if (i < 162) { - n = e[i--] << (32 - c); + n = (sp_uint32)e[i--] << (32 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (6 - c); + n |= (sp_uint32)e[i--] << (6 - c); c += 26; } y = (int)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_4096_lshift_162(r, norm, (byte)y); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c = 22; } else { y = (byte)((n >> 28) & 0xf); - n = e[i--] << 6; + n = (sp_uint32)e[i--] << 6; c = 4 - c; y |= (byte)((n >> (32 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint32)n << c; c = 26 - c; } @@ -20753,7 +20753,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1fffffff; s = 29U - s; if (j + 1 >= size) { @@ -20788,7 +20788,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 29) { r[j] &= 0x1fffffff; if (j + 1 >= size) { @@ -20854,7 +20854,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -20879,7 +20879,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 29 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -21170,32 +21170,32 @@ static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) for (i = 0; i < 8; i++) { am = (sp_digit)(a[i] & 0x1fffffff); - a[i + 3] += (sp_digit)((am << 9) & 0x1fffffff); + a[i + 3] += (sp_digit)(((sp_uint32)am << 9) & 0x1fffffff); a[i + 4] += am >> 20; - a[i + 6] += (sp_digit)((am << 18) & 0x1fffffff); - a[i + 7] += (am >> 11) - (sp_digit)((am << 21) & 0x1fffffff); - a[i + 8] += -(am >> 8) + (sp_digit)((am << 24) & 0x1fffffff); + a[i + 6] += (sp_digit)(((sp_uint32)am << 18) & 0x1fffffff); + a[i + 7] += (am >> 11) - (sp_digit)(((sp_uint32)am << 21) & 0x1fffffff); + a[i + 8] += -(am >> 8) + (sp_digit)(((sp_uint32)am << 24) & 0x1fffffff); a[i + 9] += am >> 5; a[i + 1] += a[i] >> 29; } am = (sp_digit)(a[8] & 0xffffff); - a[8 + 3] += (sp_digit)((am << 9) & 0x1fffffff); + a[8 + 3] += (sp_digit)(((sp_uint32)am << 9) & 0x1fffffff); a[8 + 4] += am >> 20; - a[8 + 6] += (sp_digit)((am << 18) & 0x1fffffff); - a[8 + 7] += (am >> 11) - (sp_digit)((am << 21) & 0x1fffffff); - a[8 + 8] += -(am >> 8) + (sp_digit)((am << 24) & 0x1fffffff); + a[8 + 6] += (sp_digit)(((sp_uint32)am << 18) & 0x1fffffff); + a[8 + 7] += (am >> 11) - (sp_digit)(((sp_uint32)am << 21) & 0x1fffffff); + a[8 + 8] += -(am >> 8) + (sp_digit)(((sp_uint32)am << 24) & 0x1fffffff); a[8 + 9] += am >> 5; - a[0] = (a[ 8] >> 24) + (sp_digit)((a[ 9] << 5) & 0x1fffffff); - a[1] = (a[ 9] >> 24) + (sp_digit)((a[10] << 5) & 0x1fffffff); - a[2] = (a[10] >> 24) + (sp_digit)((a[11] << 5) & 0x1fffffff); - a[3] = (a[11] >> 24) + (sp_digit)((a[12] << 5) & 0x1fffffff); - a[4] = (a[12] >> 24) + (sp_digit)((a[13] << 5) & 0x1fffffff); - a[5] = (a[13] >> 24) + (sp_digit)((a[14] << 5) & 0x1fffffff); - a[6] = (a[14] >> 24) + (sp_digit)((a[15] << 5) & 0x1fffffff); - a[7] = (a[15] >> 24) + (sp_digit)((a[16] << 5) & 0x1fffffff); - a[8] = (a[16] >> 24) + (a[17] << 5); + a[0] = (a[ 8] >> 24) + (sp_digit)(((sp_uint32)a[ 9] << 5) & 0x1fffffff); + a[1] = (a[ 9] >> 24) + (sp_digit)(((sp_uint32)a[10] << 5) & 0x1fffffff); + a[2] = (a[10] >> 24) + (sp_digit)(((sp_uint32)a[11] << 5) & 0x1fffffff); + a[3] = (a[11] >> 24) + (sp_digit)(((sp_uint32)a[12] << 5) & 0x1fffffff); + a[4] = (a[12] >> 24) + (sp_digit)(((sp_uint32)a[13] << 5) & 0x1fffffff); + a[5] = (a[13] >> 24) + (sp_digit)(((sp_uint32)a[14] << 5) & 0x1fffffff); + a[6] = (a[14] >> 24) + (sp_digit)(((sp_uint32)a[15] << 5) & 0x1fffffff); + a[7] = (a[15] >> 24) + (sp_digit)(((sp_uint32)a[16] << 5) & 0x1fffffff); + a[8] = (a[16] >> 24) + (sp_digit)((sp_uint32)a[17] << 5); a[1] += a[0] >> 29; a[0] &= 0x1fffffff; a[2] += a[1] >> 29; a[1] &= 0x1fffffff; @@ -21304,7 +21304,7 @@ static void sp_256_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 9); for (i=254; i>=0; i--) { sp_256_mont_sqr_9(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p256_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_256_mont_mul_9(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 9); @@ -21524,17 +21524,17 @@ SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a) int i; for (i=0; i<8; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 28) & 0x1fffffff); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint32)a[i + 1] << 28) & 0x1fffffff); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 28) & 0x1fffffff); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 28) & 0x1fffffff); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 28) & 0x1fffffff); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 28) & 0x1fffffff); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 28) & 0x1fffffff); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 28) & 0x1fffffff); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 28) & 0x1fffffff); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 28) & 0x1fffffff); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint32)a[1] << 28) & 0x1fffffff); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint32)a[2] << 28) & 0x1fffffff); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint32)a[3] << 28) & 0x1fffffff); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint32)a[4] << 28) & 0x1fffffff); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint32)a[5] << 28) & 0x1fffffff); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint32)a[6] << 28) & 0x1fffffff); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint32)a[7] << 28) & 0x1fffffff); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint32)a[8] << 28) & 0x1fffffff); #endif r[8] = a[8] >> 1; } @@ -22156,25 +22156,25 @@ static int sp_256_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* r[0] = (sp_digit)(t[0]) & 0x1fffffffL; r[1] = (sp_digit)(t[0] >> 29U); - r[1] |= (sp_digit)(t[1] << 3U); + r[1] |= (sp_digit)((sp_uint32)t[1] << 3U); r[1] &= 0x1fffffffL; r[2] = (sp_digit)(t[1] >> 26U); - r[2] |= (sp_digit)(t[2] << 6U); + r[2] |= (sp_digit)((sp_uint32)t[2] << 6U); r[2] &= 0x1fffffffL; r[3] = (sp_digit)(t[2] >> 23U); - r[3] |= (sp_digit)(t[3] << 9U); + r[3] |= (sp_digit)((sp_uint32)t[3] << 9U); r[3] &= 0x1fffffffL; r[4] = (sp_digit)(t[3] >> 20U); - r[4] |= (sp_digit)(t[4] << 12U); + r[4] |= (sp_digit)((sp_uint32)t[4] << 12U); r[4] &= 0x1fffffffL; r[5] = (sp_digit)(t[4] >> 17U); - r[5] |= (sp_digit)(t[5] << 15U); + r[5] |= (sp_digit)((sp_uint32)t[5] << 15U); r[5] &= 0x1fffffffL; r[6] = (sp_digit)(t[5] >> 14U); - r[6] |= (sp_digit)(t[6] << 18U); + r[6] |= (sp_digit)((sp_uint32)t[6] << 18U); r[6] &= 0x1fffffffL; r[7] = (sp_digit)(t[6] >> 11U); - r[7] |= (sp_digit)(t[7] << 21U); + r[7] |= (sp_digit)((sp_uint32)t[7] << 21U); r[7] &= 0x1fffffffL; r[8] = (sp_digit)(t[7] >> 8U); } @@ -22234,7 +22234,7 @@ static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, if (err == MP_OKAY) { i = 8; c = 24; - n = k[i--] << (29 - c); + n = (sp_uint32)k[i--] << (29 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -22245,7 +22245,7 @@ static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, } y = (n >> 28) & 1; - n <<= 1; + n = (sp_uint32)n << 1; sp_256_proj_point_add_9(&t[y^1], &t[0], &t[1], tmp); @@ -22304,7 +22304,7 @@ static int sp_256_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, XMEMSET(ctx->t, 0, sizeof(sp_point_256) * 3); ctx->i = 8; ctx->c = 24; - ctx->n = k[ctx->i--] << (29 - ctx->c); + ctx->n = (sp_uint32)k[ctx->i--] << (29 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -22334,7 +22334,7 @@ static int sp_256_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, ctx->c = 29; } ctx->y = (ctx->n >> 28) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -22737,7 +22737,7 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (29 - o)) & 0x3f); + y |= (word8)(((sp_uint32)n << (29 - o)) & 0x3f); o -= 23; n >>= o; } @@ -24987,7 +24987,7 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 21U) { r[j] &= 0x1fffffff; s = 29U - s; @@ -25208,7 +25208,7 @@ static void sp_256_to_bin_9(sp_digit* r, byte* a) for (i=0; i<9 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -25332,18 +25332,18 @@ SP_NOINLINE static void sp_256_rshift_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<8; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (29 - n))) & 0x1fffffff); } #else for (i=0; i<8; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (29 - n)) & 0x1fffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (29 - n)) & 0x1fffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (29 - n)) & 0x1fffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (29 - n)) & 0x1fffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (29 - n)) & 0x1fffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (29 - n)) & 0x1fffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (29 - n)) & 0x1fffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (29 - n)) & 0x1fffffff); } #endif /* WOLFSSL_SP_SMALL */ r[8] = a[8] >> n; @@ -25403,7 +25403,7 @@ SP_NOINLINE static void sp_256_lshift_18(sp_digit* r, const sp_digit* a, r[18] = a[17] >> (29 - n); for (i=17; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff); } #else sp_int_digit s; @@ -25446,7 +25446,7 @@ SP_NOINLINE static void sp_256_lshift_18(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x1fffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x1fffffff); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -27681,7 +27681,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x3ffffff; s = 26U - s; if (j + 1 >= size) { @@ -27716,7 +27716,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 26) { r[j] &= 0x3ffffff; if (j + 1 >= size) { @@ -27782,7 +27782,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 15; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -27807,7 +27807,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 15; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 26 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -28113,43 +28113,43 @@ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) (void)mp; for (i = 0; i < 14; i++) { - am = (sp_digit)((a[i] * 0x1) & 0x3ffffff); - a[i + 1] += (sp_digit)((am << 6) & 0x3ffffff); + am = (sp_digit)((((sp_uint32)a[i]) * 0x1) & 0x3ffffff); + a[i + 1] += (sp_digit)(((sp_uint32)am << 6) & 0x3ffffff); a[i + 2] += am >> 20; - a[i + 3] -= (sp_digit)((am << 18) & 0x3ffffff); + a[i + 3] -= (sp_digit)(((sp_uint32)am << 18) & 0x3ffffff); a[i + 4] -= am >> 8; - a[i + 4] -= (sp_digit)((am << 24) & 0x3ffffff); + a[i + 4] -= (sp_digit)(((sp_uint32)am << 24) & 0x3ffffff); a[i + 5] -= am >> 2; - a[i + 14] += (sp_digit)((am << 20) & 0x3ffffff); + a[i + 14] += (sp_digit)(((sp_uint32)am << 20) & 0x3ffffff); a[i + 15] += am >> 6; a[i + 1] += a[i] >> 26; } - am = (sp_digit)((a[14] * 0x1) & 0xfffff); - a[14 + 1] += (sp_digit)((am << 6) & 0x3ffffff); + am = (sp_digit)((((sp_uint32)a[14]) * 0x1) & 0xfffff); + a[14 + 1] += (sp_digit)(((sp_uint32)am << 6) & 0x3ffffff); a[14 + 2] += am >> 20; - a[14 + 3] -= (sp_digit)((am << 18) & 0x3ffffff); + a[14 + 3] -= (sp_digit)(((sp_uint32)am << 18) & 0x3ffffff); a[14 + 4] -= am >> 8; - a[14 + 4] -= (sp_digit)((am << 24) & 0x3ffffff); + a[14 + 4] -= (sp_digit)(((sp_uint32)am << 24) & 0x3ffffff); a[14 + 5] -= am >> 2; - a[14 + 14] += (sp_digit)((am << 20) & 0x3ffffff); + a[14 + 14] += (sp_digit)(((sp_uint32)am << 20) & 0x3ffffff); a[14 + 15] += am >> 6; - a[0] = (a[14] >> 20) + (sp_digit)((a[15] << 6) & 0x3ffffff); - a[1] = (a[15] >> 20) + (sp_digit)((a[16] << 6) & 0x3ffffff); - a[2] = (a[16] >> 20) + (sp_digit)((a[17] << 6) & 0x3ffffff); - a[3] = (a[17] >> 20) + (sp_digit)((a[18] << 6) & 0x3ffffff); - a[4] = (a[18] >> 20) + (sp_digit)((a[19] << 6) & 0x3ffffff); - a[5] = (a[19] >> 20) + (sp_digit)((a[20] << 6) & 0x3ffffff); - a[6] = (a[20] >> 20) + (sp_digit)((a[21] << 6) & 0x3ffffff); - a[7] = (a[21] >> 20) + (sp_digit)((a[22] << 6) & 0x3ffffff); - a[8] = (a[22] >> 20) + (sp_digit)((a[23] << 6) & 0x3ffffff); - a[9] = (a[23] >> 20) + (sp_digit)((a[24] << 6) & 0x3ffffff); - a[10] = (a[24] >> 20) + (sp_digit)((a[25] << 6) & 0x3ffffff); - a[11] = (a[25] >> 20) + (sp_digit)((a[26] << 6) & 0x3ffffff); - a[12] = (a[26] >> 20) + (sp_digit)((a[27] << 6) & 0x3ffffff); - a[13] = (a[27] >> 20) + (sp_digit)((a[28] << 6) & 0x3ffffff); - a[14] = (a[14 + 14] >> 20) + (a[29] << 6); + a[0] = (a[14] >> 20) + (sp_digit)(((sp_uint32)a[15] << 6) & 0x3ffffff); + a[1] = (a[15] >> 20) + (sp_digit)(((sp_uint32)a[16] << 6) & 0x3ffffff); + a[2] = (a[16] >> 20) + (sp_digit)(((sp_uint32)a[17] << 6) & 0x3ffffff); + a[3] = (a[17] >> 20) + (sp_digit)(((sp_uint32)a[18] << 6) & 0x3ffffff); + a[4] = (a[18] >> 20) + (sp_digit)(((sp_uint32)a[19] << 6) & 0x3ffffff); + a[5] = (a[19] >> 20) + (sp_digit)(((sp_uint32)a[20] << 6) & 0x3ffffff); + a[6] = (a[20] >> 20) + (sp_digit)(((sp_uint32)a[21] << 6) & 0x3ffffff); + a[7] = (a[21] >> 20) + (sp_digit)(((sp_uint32)a[22] << 6) & 0x3ffffff); + a[8] = (a[22] >> 20) + (sp_digit)(((sp_uint32)a[23] << 6) & 0x3ffffff); + a[9] = (a[23] >> 20) + (sp_digit)(((sp_uint32)a[24] << 6) & 0x3ffffff); + a[10] = (a[24] >> 20) + (sp_digit)(((sp_uint32)a[25] << 6) & 0x3ffffff); + a[11] = (a[25] >> 20) + (sp_digit)(((sp_uint32)a[26] << 6) & 0x3ffffff); + a[12] = (a[26] >> 20) + (sp_digit)(((sp_uint32)a[27] << 6) & 0x3ffffff); + a[13] = (a[27] >> 20) + (sp_digit)(((sp_uint32)a[28] << 6) & 0x3ffffff); + a[14] = (a[14 + 14] >> 20) + (sp_digit)((sp_uint32)a[29] << 6); a[1] += a[0] >> 26; a[0] &= 0x3ffffff; a[2] += a[1] >> 26; a[1] &= 0x3ffffff; @@ -28276,7 +28276,7 @@ static void sp_384_mont_inv_15(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 15); for (i=382; i>=0; i--) { sp_384_mont_sqr_15(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p384_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_384_mont_mul_15(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 15); @@ -28518,23 +28518,23 @@ SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a) int i; for (i=0; i<14; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 25) & 0x3ffffff); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint32)a[i + 1] << 25) & 0x3ffffff); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 25) & 0x3ffffff); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 25) & 0x3ffffff); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 25) & 0x3ffffff); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 25) & 0x3ffffff); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 25) & 0x3ffffff); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 25) & 0x3ffffff); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 25) & 0x3ffffff); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 25) & 0x3ffffff); - r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 25) & 0x3ffffff); - r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 25) & 0x3ffffff); - r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 25) & 0x3ffffff); - r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 25) & 0x3ffffff); - r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 25) & 0x3ffffff); - r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 25) & 0x3ffffff); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint32)a[1] << 25) & 0x3ffffff); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint32)a[2] << 25) & 0x3ffffff); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint32)a[3] << 25) & 0x3ffffff); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint32)a[4] << 25) & 0x3ffffff); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint32)a[5] << 25) & 0x3ffffff); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint32)a[6] << 25) & 0x3ffffff); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint32)a[7] << 25) & 0x3ffffff); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint32)a[8] << 25) & 0x3ffffff); + r[8] = (a[8] >> 1) + (sp_digit)(((sp_uint32)a[9] << 25) & 0x3ffffff); + r[9] = (a[9] >> 1) + (sp_digit)(((sp_uint32)a[10] << 25) & 0x3ffffff); + r[10] = (a[10] >> 1) + (sp_digit)(((sp_uint32)a[11] << 25) & 0x3ffffff); + r[11] = (a[11] >> 1) + (sp_digit)(((sp_uint32)a[12] << 25) & 0x3ffffff); + r[12] = (a[12] >> 1) + (sp_digit)(((sp_uint32)a[13] << 25) & 0x3ffffff); + r[13] = (a[13] >> 1) + (sp_digit)(((sp_uint32)a[14] << 25) & 0x3ffffff); #endif r[14] = a[14] >> 1; } @@ -29188,39 +29188,39 @@ static int sp_384_mod_mul_norm_15(sp_digit* r, const sp_digit* a, const sp_digit r[0] = (sp_digit)(t[0]) & 0x3ffffffL; r[1] = (sp_digit)(t[0] >> 26U); - r[1] |= (sp_digit)(t[1] << 6U); + r[1] |= (sp_digit)((sp_uint32)t[1] << 6U); r[1] &= 0x3ffffffL; r[2] = (sp_digit)(t[1] >> 20U); - r[2] |= (sp_digit)(t[2] << 12U); + r[2] |= (sp_digit)((sp_uint32)t[2] << 12U); r[2] &= 0x3ffffffL; r[3] = (sp_digit)(t[2] >> 14U); - r[3] |= (sp_digit)(t[3] << 18U); + r[3] |= (sp_digit)((sp_uint32)t[3] << 18U); r[3] &= 0x3ffffffL; r[4] = (sp_digit)(t[3] >> 8U); - r[4] |= (sp_digit)(t[4] << 24U); + r[4] |= (sp_digit)((sp_uint32)t[4] << 24U); r[4] &= 0x3ffffffL; r[5] = (sp_digit)(t[4] >> 2U) & 0x3ffffffL; r[6] = (sp_digit)(t[4] >> 28U); - r[6] |= (sp_digit)(t[5] << 4U); + r[6] |= (sp_digit)((sp_uint32)t[5] << 4U); r[6] &= 0x3ffffffL; r[7] = (sp_digit)(t[5] >> 22U); - r[7] |= (sp_digit)(t[6] << 10U); + r[7] |= (sp_digit)((sp_uint32)t[6] << 10U); r[7] &= 0x3ffffffL; r[8] = (sp_digit)(t[6] >> 16U); - r[8] |= (sp_digit)(t[7] << 16U); + r[8] |= (sp_digit)((sp_uint32)t[7] << 16U); r[8] &= 0x3ffffffL; r[9] = (sp_digit)(t[7] >> 10U); - r[9] |= (sp_digit)(t[8] << 22U); + r[9] |= (sp_digit)((sp_uint32)t[8] << 22U); r[9] &= 0x3ffffffL; r[10] = (sp_digit)(t[8] >> 4U) & 0x3ffffffL; r[11] = (sp_digit)(t[8] >> 30U); - r[11] |= (sp_digit)(t[9] << 2U); + r[11] |= (sp_digit)((sp_uint32)t[9] << 2U); r[11] &= 0x3ffffffL; r[12] = (sp_digit)(t[9] >> 24U); - r[12] |= (sp_digit)(t[10] << 8U); + r[12] |= (sp_digit)((sp_uint32)t[10] << 8U); r[12] &= 0x3ffffffL; r[13] = (sp_digit)(t[10] >> 18U); - r[13] |= (sp_digit)(t[11] << 14U); + r[13] |= (sp_digit)((sp_uint32)t[11] << 14U); r[13] &= 0x3ffffffL; r[14] = (sp_digit)(t[11] >> 12U); } @@ -29280,7 +29280,7 @@ static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, if (err == MP_OKAY) { i = 14; c = 20; - n = k[i--] << (26 - c); + n = (sp_uint32)k[i--] << (26 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -29291,7 +29291,7 @@ static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, } y = (n >> 25) & 1; - n <<= 1; + n = (sp_uint32)n << 1; sp_384_proj_point_add_15(&t[y^1], &t[0], &t[1], tmp); @@ -29350,7 +29350,7 @@ static int sp_384_ecc_mulmod_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, XMEMSET(ctx->t, 0, sizeof(sp_point_384) * 3); ctx->i = 14; ctx->c = 20; - ctx->n = k[ctx->i--] << (26 - ctx->c); + ctx->n = (sp_uint32)k[ctx->i--] << (26 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -29380,7 +29380,7 @@ static int sp_384_ecc_mulmod_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, ctx->c = 26; } ctx->y = (ctx->n >> 25) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -29795,7 +29795,7 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v) } else if (++j < 15) { n = k[j]; - y |= (word8)((n << (26 - o)) & 0x3f); + y |= (word8)(((sp_uint32)n << (26 - o)) & 0x3f); o -= 20; n >>= o; } @@ -32617,7 +32617,7 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 18U) { r[j] &= 0x3ffffff; s = 26U - s; @@ -32838,7 +32838,7 @@ static void sp_384_to_bin_15(sp_digit* r, byte* a) for (i=0; i<15 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -32962,25 +32962,25 @@ SP_NOINLINE static void sp_384_rshift_15(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<14; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (26 - n))) & 0x3ffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (26 - n))) & 0x3ffffff); } #else for (i=0; i<8; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff); - } - r[8] = (a[8] >> n) | (sp_digit)((a[9] << (26 - n)) & 0x3ffffff); - r[9] = (a[9] >> n) | (sp_digit)((a[10] << (26 - n)) & 0x3ffffff); - r[10] = (a[10] >> n) | (sp_digit)((a[11] << (26 - n)) & 0x3ffffff); - r[11] = (a[11] >> n) | (sp_digit)((a[12] << (26 - n)) & 0x3ffffff); - r[12] = (a[12] >> n) | (sp_digit)((a[13] << (26 - n)) & 0x3ffffff); - r[13] = (a[13] >> n) | (sp_digit)((a[14] << (26 - n)) & 0x3ffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (26 - n)) & 0x3ffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (26 - n)) & 0x3ffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (26 - n)) & 0x3ffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (26 - n)) & 0x3ffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (26 - n)) & 0x3ffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (26 - n)) & 0x3ffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (26 - n)) & 0x3ffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (26 - n)) & 0x3ffffff); + } + r[8] = (a[8] >> n) | (sp_digit)(((sp_uint32)a[9] << (26 - n)) & 0x3ffffff); + r[9] = (a[9] >> n) | (sp_digit)(((sp_uint32)a[10] << (26 - n)) & 0x3ffffff); + r[10] = (a[10] >> n) | (sp_digit)(((sp_uint32)a[11] << (26 - n)) & 0x3ffffff); + r[11] = (a[11] >> n) | (sp_digit)(((sp_uint32)a[12] << (26 - n)) & 0x3ffffff); + r[12] = (a[12] >> n) | (sp_digit)(((sp_uint32)a[13] << (26 - n)) & 0x3ffffff); + r[13] = (a[13] >> n) | (sp_digit)(((sp_uint32)a[14] << (26 - n)) & 0x3ffffff); #endif /* WOLFSSL_SP_SMALL */ r[14] = a[14] >> n; } @@ -33051,7 +33051,7 @@ SP_NOINLINE static void sp_384_lshift_30(sp_digit* r, const sp_digit* a, r[30] = a[29] >> (26 - n); for (i=29; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (26 - n))) & 0x3ffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (26 - n))) & 0x3ffffff); } #else sp_int_digit s; @@ -33118,7 +33118,7 @@ SP_NOINLINE static void sp_384_lshift_30(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x3ffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x3ffffff); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -34983,7 +34983,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1ffffff; s = 25U - s; if (j + 1 >= size) { @@ -35018,7 +35018,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 25) { r[j] &= 0x1ffffff; if (j + 1 >= size) { @@ -35084,7 +35084,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 21; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -35109,7 +35109,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 21; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 25 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -35197,10 +35197,10 @@ static void sp_521_mont_reduce_21(sp_digit* a, const sp_digit* m, sp_digit mp) (void)mp; for (i = 0; i < 20; i++) { - a[i] += (sp_digit)(((a[20 + i] >> 21) + (a[20 + i + 1] << 4)) & 0x1ffffff); + a[i] += (sp_digit)(((a[20 + i] >> 21) + ((sp_uint32)a[20 + i + 1] << 4)) & 0x1ffffff); } a[20] &= 0x1fffff; - a[20] += (sp_digit)(((a[40] >> 21) + (a[41] << 4)) & 0x1ffffff); + a[20] += (sp_digit)(((a[40] >> 21) + ((sp_uint32)a[41] << 4)) & 0x1ffffff); sp_521_norm_21(a); @@ -35368,12 +35368,12 @@ static void sp_521_mont_shift_21(sp_digit* r, const sp_digit* a) s = a[21]; n = a[20] >> 21; for (i = 0; i < 20; i++) { - n += (sp_digit)((s & 0x1ffffff) << 4); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[22 + i] + (s >> 25); } - n += s << 4; + n += (sp_uint32)s << 4; r[20] = n; #else sp_digit n; @@ -35382,32 +35382,32 @@ static void sp_521_mont_shift_21(sp_digit* r, const sp_digit* a) s = a[21]; n = a[20] >> 21; for (i = 0; i < 16; i += 8) { - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+0] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+0] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+22] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+1] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+1] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+23] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+2] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+2] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+24] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+3] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+3] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+25] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+4] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+4] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+26] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+5] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+5] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+27] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+6] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+6] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+28] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[i+7] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[i+7] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[i+29] + (s >> 25); } - n += (sp_digit)((s & 0x1ffffff) << 4); r[16] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[16] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[38] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[17] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[17] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[39] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[18] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[18] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[40] + (s >> 25); - n += (sp_digit)((s & 0x1ffffff) << 4); r[19] = (sp_digit)(n & 0x1ffffff); + n += (sp_digit)((sp_uint32)(s & 0x1ffffff) << 4); r[19] = (sp_digit)(n & 0x1ffffff); n >>= 25; s = a[41] + (s >> 25); - n += s << 4; r[20] = n; + n += (sp_uint32)s << 4; r[20] = n; #endif /* WOLFSSL_SP_SMALL */ XMEMSET(&r[21], 0, sizeof(*r) * 21U); } @@ -35515,7 +35515,7 @@ static void sp_521_mont_inv_21(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 21); for (i=519; i>=0; i--) { sp_521_mont_sqr_21(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_21(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 21); @@ -35755,29 +35755,29 @@ SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a) int i; for (i=0; i<20; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 24) & 0x1ffffff); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint32)a[i + 1] << 24) & 0x1ffffff); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 24) & 0x1ffffff); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 24) & 0x1ffffff); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 24) & 0x1ffffff); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 24) & 0x1ffffff); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 24) & 0x1ffffff); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 24) & 0x1ffffff); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 24) & 0x1ffffff); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 24) & 0x1ffffff); - r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 24) & 0x1ffffff); - r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 24) & 0x1ffffff); - r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 24) & 0x1ffffff); - r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 24) & 0x1ffffff); - r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 24) & 0x1ffffff); - r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 24) & 0x1ffffff); - r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 24) & 0x1ffffff); - r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 24) & 0x1ffffff); - r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 24) & 0x1ffffff); - r[17] = (a[17] >> 1) + (sp_digit)((a[18] << 24) & 0x1ffffff); - r[18] = (a[18] >> 1) + (sp_digit)((a[19] << 24) & 0x1ffffff); - r[19] = (a[19] >> 1) + (sp_digit)((a[20] << 24) & 0x1ffffff); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint32)a[1] << 24) & 0x1ffffff); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint32)a[2] << 24) & 0x1ffffff); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint32)a[3] << 24) & 0x1ffffff); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint32)a[4] << 24) & 0x1ffffff); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint32)a[5] << 24) & 0x1ffffff); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint32)a[6] << 24) & 0x1ffffff); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint32)a[7] << 24) & 0x1ffffff); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint32)a[8] << 24) & 0x1ffffff); + r[8] = (a[8] >> 1) + (sp_digit)(((sp_uint32)a[9] << 24) & 0x1ffffff); + r[9] = (a[9] >> 1) + (sp_digit)(((sp_uint32)a[10] << 24) & 0x1ffffff); + r[10] = (a[10] >> 1) + (sp_digit)(((sp_uint32)a[11] << 24) & 0x1ffffff); + r[11] = (a[11] >> 1) + (sp_digit)(((sp_uint32)a[12] << 24) & 0x1ffffff); + r[12] = (a[12] >> 1) + (sp_digit)(((sp_uint32)a[13] << 24) & 0x1ffffff); + r[13] = (a[13] >> 1) + (sp_digit)(((sp_uint32)a[14] << 24) & 0x1ffffff); + r[14] = (a[14] >> 1) + (sp_digit)(((sp_uint32)a[15] << 24) & 0x1ffffff); + r[15] = (a[15] >> 1) + (sp_digit)(((sp_uint32)a[16] << 24) & 0x1ffffff); + r[16] = (a[16] >> 1) + (sp_digit)(((sp_uint32)a[17] << 24) & 0x1ffffff); + r[17] = (a[17] >> 1) + (sp_digit)(((sp_uint32)a[18] << 24) & 0x1ffffff); + r[18] = (a[18] >> 1) + (sp_digit)(((sp_uint32)a[19] << 24) & 0x1ffffff); + r[19] = (a[19] >> 1) + (sp_digit)(((sp_uint32)a[20] << 24) & 0x1ffffff); #endif r[20] = a[20] >> 1; } @@ -36388,7 +36388,7 @@ static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, if (err == MP_OKAY) { i = 20; c = 21; - n = k[i--] << (25 - c); + n = (sp_uint32)k[i--] << (25 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -36399,7 +36399,7 @@ static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, } y = (n >> 24) & 1; - n <<= 1; + n = (sp_uint32)n << 1; sp_521_proj_point_add_21(&t[y^1], &t[0], &t[1], tmp); @@ -36458,7 +36458,7 @@ static int sp_521_ecc_mulmod_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, XMEMSET(ctx->t, 0, sizeof(sp_point_521) * 3); ctx->i = 20; ctx->c = 21; - ctx->n = k[ctx->i--] << (25 - ctx->c); + ctx->n = (sp_uint32)k[ctx->i--] << (25 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -36488,7 +36488,7 @@ static int sp_521_ecc_mulmod_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, ctx->c = 25; } ctx->y = (ctx->n >> 24) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -36915,7 +36915,7 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v) } else if (++j < 21) { n = k[j]; - y |= (word8)((n << (25 - o)) & 0x3f); + y |= (word8)(((sp_uint32)n << (25 - o)) & 0x3f); o -= 19; n >>= o; } @@ -40307,7 +40307,7 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 17U) { r[j] &= 0x1ffffff; s = 25U - s; @@ -40529,7 +40529,7 @@ static void sp_521_to_bin_21(sp_digit* r, byte* a) for (i=0; i<21 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint32)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -40651,23 +40651,23 @@ SP_NOINLINE static void sp_521_rshift_21(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<20; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (25 - n))) & 0x1ffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (25 - n))) & 0x1ffffff); } #else for (i=0; i<16; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (25 - n)) & 0x1ffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (25 - n)) & 0x1ffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (25 - n)) & 0x1ffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (25 - n)) & 0x1ffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (25 - n)) & 0x1ffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (25 - n)) & 0x1ffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (25 - n)) & 0x1ffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (25 - n)) & 0x1ffffff); - } - r[16] = (a[16] >> n) | (sp_digit)((a[17] << (25 - n)) & 0x1ffffff); - r[17] = (a[17] >> n) | (sp_digit)((a[18] << (25 - n)) & 0x1ffffff); - r[18] = (a[18] >> n) | (sp_digit)((a[19] << (25 - n)) & 0x1ffffff); - r[19] = (a[19] >> n) | (sp_digit)((a[20] << (25 - n)) & 0x1ffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (25 - n)) & 0x1ffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (25 - n)) & 0x1ffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (25 - n)) & 0x1ffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (25 - n)) & 0x1ffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (25 - n)) & 0x1ffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (25 - n)) & 0x1ffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (25 - n)) & 0x1ffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (25 - n)) & 0x1ffffff); + } + r[16] = (a[16] >> n) | (sp_digit)(((sp_uint32)a[17] << (25 - n)) & 0x1ffffff); + r[17] = (a[17] >> n) | (sp_digit)(((sp_uint32)a[18] << (25 - n)) & 0x1ffffff); + r[18] = (a[18] >> n) | (sp_digit)(((sp_uint32)a[19] << (25 - n)) & 0x1ffffff); + r[19] = (a[19] >> n) | (sp_digit)(((sp_uint32)a[20] << (25 - n)) & 0x1ffffff); #endif /* WOLFSSL_SP_SMALL */ r[20] = a[20] >> n; } @@ -40738,7 +40738,7 @@ SP_NOINLINE static void sp_521_lshift_42(sp_digit* r, const sp_digit* a, r[42] = a[41] >> (25 - n); for (i=41; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (25 - n))) & 0x1ffffff); + r[i] = (sp_digit)((((sp_uint32)a[i] << n) | (a[i-1] >> (25 - n))) & 0x1ffffff); } #else sp_int_digit s; @@ -40829,7 +40829,7 @@ SP_NOINLINE static void sp_521_lshift_42(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x1ffffff); + r[0] = (sp_digit)(((sp_uint32)a[0] << n) & 0x1ffffff); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -42253,7 +42253,7 @@ static int sp_521_mont_sqrt_21(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 21); for (i=518; i>=0; i--) { sp_521_mont_sqr_21(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_sqrt_power[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_21(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 21); @@ -43165,20 +43165,20 @@ SP_NOINLINE static void sp_1024_rshift_42(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<41; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (25 - n))) & 0x1ffffff); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint32)a[i + 1] << (25 - n))) & 0x1ffffff); } #else for (i=0; i<40; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (25 - n)) & 0x1ffffff); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (25 - n)) & 0x1ffffff); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (25 - n)) & 0x1ffffff); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (25 - n)) & 0x1ffffff); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (25 - n)) & 0x1ffffff); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (25 - n)) & 0x1ffffff); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (25 - n)) & 0x1ffffff); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (25 - n)) & 0x1ffffff); - } - r[40] = (a[40] >> n) | (sp_digit)((a[41] << (25 - n)) & 0x1ffffff); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint32)a[i+1] << (25 - n)) & 0x1ffffff); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint32)a[i+2] << (25 - n)) & 0x1ffffff); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint32)a[i+3] << (25 - n)) & 0x1ffffff); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint32)a[i+4] << (25 - n)) & 0x1ffffff); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint32)a[i+5] << (25 - n)) & 0x1ffffff); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint32)a[i+6] << (25 - n)) & 0x1ffffff); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint32)a[i+7] << (25 - n)) & 0x1ffffff); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint32)a[i+8] << (25 - n)) & 0x1ffffff); + } + r[40] = (a[40] >> n) | (sp_digit)(((sp_uint32)a[41] << (25 - n)) & 0x1ffffff); #endif /* WOLFSSL_SP_SMALL */ r[41] = a[41] >> n; } @@ -43218,7 +43218,7 @@ static WC_INLINE sp_digit sp_1024_div_word_42(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 23; i >= 1; i--) { t1 += t1 + (((sp_uint32)t0 >> 24) & 1); - t0 <<= 1; + t0 = (sp_uint32)t0 << 1; t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31); r += r + t2; t1 -= dv & (0 - t2); @@ -43461,7 +43461,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0x1ffffff; s = 25U - s; if (j + 1 >= size) { @@ -43496,7 +43496,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 25) { r[j] &= 0x1ffffff; if (j + 1 >= size) { @@ -43562,7 +43562,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 41; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -43587,7 +43587,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 41; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 25 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -43850,11 +43850,11 @@ static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp) if (mp != 1) { for (i=0; i<40; i++) { - mu = (sp_digit)((a[i] * mp) & 0x1ffffff); + mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1ffffff); sp_1024_mul_add_42(a+i, m, mu); a[i+1] += a[i] >> 25; } - mu = (sp_digit)((a[i] * mp) & 0xffffffL); + mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xffffffL); sp_1024_mul_add_42(a+i, m, mu); a[i+1] += a[i] >> 25; a[i] &= 0x1ffffff; @@ -44091,50 +44091,50 @@ SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a) int i; for (i=0; i<41; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 24) & 0x1ffffff); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint32)a[i + 1] << 24) & 0x1ffffff); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 24) & 0x1ffffff); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 24) & 0x1ffffff); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 24) & 0x1ffffff); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 24) & 0x1ffffff); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 24) & 0x1ffffff); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 24) & 0x1ffffff); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 24) & 0x1ffffff); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 24) & 0x1ffffff); - r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 24) & 0x1ffffff); - r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 24) & 0x1ffffff); - r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 24) & 0x1ffffff); - r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 24) & 0x1ffffff); - r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 24) & 0x1ffffff); - r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 24) & 0x1ffffff); - r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 24) & 0x1ffffff); - r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 24) & 0x1ffffff); - r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 24) & 0x1ffffff); - r[17] = (a[17] >> 1) + (sp_digit)((a[18] << 24) & 0x1ffffff); - r[18] = (a[18] >> 1) + (sp_digit)((a[19] << 24) & 0x1ffffff); - r[19] = (a[19] >> 1) + (sp_digit)((a[20] << 24) & 0x1ffffff); - r[20] = (a[20] >> 1) + (sp_digit)((a[21] << 24) & 0x1ffffff); - r[21] = (a[21] >> 1) + (sp_digit)((a[22] << 24) & 0x1ffffff); - r[22] = (a[22] >> 1) + (sp_digit)((a[23] << 24) & 0x1ffffff); - r[23] = (a[23] >> 1) + (sp_digit)((a[24] << 24) & 0x1ffffff); - r[24] = (a[24] >> 1) + (sp_digit)((a[25] << 24) & 0x1ffffff); - r[25] = (a[25] >> 1) + (sp_digit)((a[26] << 24) & 0x1ffffff); - r[26] = (a[26] >> 1) + (sp_digit)((a[27] << 24) & 0x1ffffff); - r[27] = (a[27] >> 1) + (sp_digit)((a[28] << 24) & 0x1ffffff); - r[28] = (a[28] >> 1) + (sp_digit)((a[29] << 24) & 0x1ffffff); - r[29] = (a[29] >> 1) + (sp_digit)((a[30] << 24) & 0x1ffffff); - r[30] = (a[30] >> 1) + (sp_digit)((a[31] << 24) & 0x1ffffff); - r[31] = (a[31] >> 1) + (sp_digit)((a[32] << 24) & 0x1ffffff); - r[32] = (a[32] >> 1) + (sp_digit)((a[33] << 24) & 0x1ffffff); - r[33] = (a[33] >> 1) + (sp_digit)((a[34] << 24) & 0x1ffffff); - r[34] = (a[34] >> 1) + (sp_digit)((a[35] << 24) & 0x1ffffff); - r[35] = (a[35] >> 1) + (sp_digit)((a[36] << 24) & 0x1ffffff); - r[36] = (a[36] >> 1) + (sp_digit)((a[37] << 24) & 0x1ffffff); - r[37] = (a[37] >> 1) + (sp_digit)((a[38] << 24) & 0x1ffffff); - r[38] = (a[38] >> 1) + (sp_digit)((a[39] << 24) & 0x1ffffff); - r[39] = (a[39] >> 1) + (sp_digit)((a[40] << 24) & 0x1ffffff); - r[40] = (a[40] >> 1) + (sp_digit)((a[41] << 24) & 0x1ffffff); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint32)a[1] << 24) & 0x1ffffff); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint32)a[2] << 24) & 0x1ffffff); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint32)a[3] << 24) & 0x1ffffff); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint32)a[4] << 24) & 0x1ffffff); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint32)a[5] << 24) & 0x1ffffff); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint32)a[6] << 24) & 0x1ffffff); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint32)a[7] << 24) & 0x1ffffff); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint32)a[8] << 24) & 0x1ffffff); + r[8] = (a[8] >> 1) + (sp_digit)(((sp_uint32)a[9] << 24) & 0x1ffffff); + r[9] = (a[9] >> 1) + (sp_digit)(((sp_uint32)a[10] << 24) & 0x1ffffff); + r[10] = (a[10] >> 1) + (sp_digit)(((sp_uint32)a[11] << 24) & 0x1ffffff); + r[11] = (a[11] >> 1) + (sp_digit)(((sp_uint32)a[12] << 24) & 0x1ffffff); + r[12] = (a[12] >> 1) + (sp_digit)(((sp_uint32)a[13] << 24) & 0x1ffffff); + r[13] = (a[13] >> 1) + (sp_digit)(((sp_uint32)a[14] << 24) & 0x1ffffff); + r[14] = (a[14] >> 1) + (sp_digit)(((sp_uint32)a[15] << 24) & 0x1ffffff); + r[15] = (a[15] >> 1) + (sp_digit)(((sp_uint32)a[16] << 24) & 0x1ffffff); + r[16] = (a[16] >> 1) + (sp_digit)(((sp_uint32)a[17] << 24) & 0x1ffffff); + r[17] = (a[17] >> 1) + (sp_digit)(((sp_uint32)a[18] << 24) & 0x1ffffff); + r[18] = (a[18] >> 1) + (sp_digit)(((sp_uint32)a[19] << 24) & 0x1ffffff); + r[19] = (a[19] >> 1) + (sp_digit)(((sp_uint32)a[20] << 24) & 0x1ffffff); + r[20] = (a[20] >> 1) + (sp_digit)(((sp_uint32)a[21] << 24) & 0x1ffffff); + r[21] = (a[21] >> 1) + (sp_digit)(((sp_uint32)a[22] << 24) & 0x1ffffff); + r[22] = (a[22] >> 1) + (sp_digit)(((sp_uint32)a[23] << 24) & 0x1ffffff); + r[23] = (a[23] >> 1) + (sp_digit)(((sp_uint32)a[24] << 24) & 0x1ffffff); + r[24] = (a[24] >> 1) + (sp_digit)(((sp_uint32)a[25] << 24) & 0x1ffffff); + r[25] = (a[25] >> 1) + (sp_digit)(((sp_uint32)a[26] << 24) & 0x1ffffff); + r[26] = (a[26] >> 1) + (sp_digit)(((sp_uint32)a[27] << 24) & 0x1ffffff); + r[27] = (a[27] >> 1) + (sp_digit)(((sp_uint32)a[28] << 24) & 0x1ffffff); + r[28] = (a[28] >> 1) + (sp_digit)(((sp_uint32)a[29] << 24) & 0x1ffffff); + r[29] = (a[29] >> 1) + (sp_digit)(((sp_uint32)a[30] << 24) & 0x1ffffff); + r[30] = (a[30] >> 1) + (sp_digit)(((sp_uint32)a[31] << 24) & 0x1ffffff); + r[31] = (a[31] >> 1) + (sp_digit)(((sp_uint32)a[32] << 24) & 0x1ffffff); + r[32] = (a[32] >> 1) + (sp_digit)(((sp_uint32)a[33] << 24) & 0x1ffffff); + r[33] = (a[33] >> 1) + (sp_digit)(((sp_uint32)a[34] << 24) & 0x1ffffff); + r[34] = (a[34] >> 1) + (sp_digit)(((sp_uint32)a[35] << 24) & 0x1ffffff); + r[35] = (a[35] >> 1) + (sp_digit)(((sp_uint32)a[36] << 24) & 0x1ffffff); + r[36] = (a[36] >> 1) + (sp_digit)(((sp_uint32)a[37] << 24) & 0x1ffffff); + r[37] = (a[37] >> 1) + (sp_digit)(((sp_uint32)a[38] << 24) & 0x1ffffff); + r[38] = (a[38] >> 1) + (sp_digit)(((sp_uint32)a[39] << 24) & 0x1ffffff); + r[39] = (a[39] >> 1) + (sp_digit)(((sp_uint32)a[40] << 24) & 0x1ffffff); + r[40] = (a[40] >> 1) + (sp_digit)(((sp_uint32)a[41] << 24) & 0x1ffffff); #endif r[41] = a[41] >> 1; } @@ -44737,7 +44737,7 @@ static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, if (err == MP_OKAY) { i = 40; c = 24; - n = k[i--] << (25 - c); + n = (sp_uint32)k[i--] << (25 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -44748,7 +44748,7 @@ static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, } y = (n >> 24) & 1; - n <<= 1; + n = (sp_uint32)n << 1; sp_1024_proj_point_add_42(&t[y^1], &t[0], &t[1], tmp); @@ -44807,7 +44807,7 @@ static int sp_1024_ecc_mulmod_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, XMEMSET(ctx->t, 0, sizeof(sp_point_1024) * 3); ctx->i = 40; ctx->c = 24; - ctx->n = k[ctx->i--] << (25 - ctx->c); + ctx->n = (sp_uint32)k[ctx->i--] << (25 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -44837,7 +44837,7 @@ static int sp_1024_ecc_mulmod_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, ctx->c = 25; } ctx->y = (ctx->n >> 24) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint32)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -45314,7 +45314,7 @@ static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v) } else if (++j < 42) { n = k[j]; - y |= (word8)((n << (25 - o)) & 0x7f); + y |= (word8)(((sp_uint32)n << (25 - o)) & 0x7f); o -= 18; n >>= o; } @@ -53427,7 +53427,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint32)a[i]) << s); if (s >= 17U) { r[j] &= 0x1ffffff; s = 25U - s; diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index ae32ae2ce77..35f3737b33b 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -175,7 +175,7 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 53U) { r[j] &= 0x1fffffffffffffffL; s = 61U - s; @@ -221,7 +221,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x1fffffffffffffffL; s = 61U - s; if (j + 1 >= size) { @@ -256,7 +256,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 61) { r[j] &= 0x1fffffffffffffffL; if (j + 1 >= size) { @@ -305,7 +305,7 @@ static void sp_2048_to_bin_34(sp_digit* r, byte* a) for (i=0; i<34 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -481,10 +481,10 @@ SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -493,7 +493,7 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1fffffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 61) - x; + *rho = (sp_digit)(((sp_uint64)1 << 61) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -892,7 +892,7 @@ SP_NOINLINE static void sp_2048_rshift_17(sp_digit* r, const sp_digit* a, int i; for (i=0; i<16; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (61 - n))) & 0x1fffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (61 - n))) & 0x1fffffffffffffffL); } r[16] = a[16] >> n; } @@ -932,7 +932,7 @@ static WC_INLINE sp_digit sp_2048_div_word_17(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 59; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 60) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -1124,9 +1124,9 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 61; - c = bits % 61; - n = e[i--] << (61 - c); + i = (bits - 1) / 61; + c = ((bits - 1) % 61) + 1; + n = (sp_uint64)e[i--] << (61 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -1138,7 +1138,7 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 60) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_17(t[y^1], t[0], t[1], m, mp); @@ -1200,9 +1200,9 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 61; - c = bits % 61; - n = e[i--] << (61 - c); + i = (bits - 1) / 61; + c = ((bits - 1) % 61) + 1; + n = (sp_uint64)e[i--] << (61 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -1214,7 +1214,7 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 60) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_17(t[y^1], t[0], t[1], m, mp); @@ -1315,38 +1315,38 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 61; } if (i < 17) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (3 - c); + n |= (sp_uint64)e[i--] << (3 - c); c += 61; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 34); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 56; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 61 - c; } @@ -1656,7 +1656,7 @@ SP_NOINLINE static void sp_2048_rshift_34(sp_digit* r, const sp_digit* a, int i; for (i=0; i<33; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (61 - n))) & 0x1fffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (61 - n))) & 0x1fffffffffffffffL); } r[33] = a[33] >> n; } @@ -1696,7 +1696,7 @@ static WC_INLINE sp_digit sp_2048_div_word_34(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 59; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 60) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -1889,9 +1889,9 @@ static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 61; - c = bits % 61; - n = e[i--] << (61 - c); + i = (bits - 1) / 61; + c = ((bits - 1) % 61) + 1; + n = (sp_uint64)e[i--] << (61 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -1903,7 +1903,7 @@ static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 60) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_34(t[y^1], t[0], t[1], m, mp); @@ -1965,9 +1965,9 @@ static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 61; - c = bits % 61; - n = e[i--] << (61 - c); + i = (bits - 1) / 61; + c = ((bits - 1) % 61) + 1; + n = (sp_uint64)e[i--] << (61 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -1979,7 +1979,7 @@ static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 60) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_34(t[y^1], t[0], t[1], m, mp); @@ -2064,38 +2064,38 @@ static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 61; } if (i < 34) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (3 - c); + n |= (sp_uint64)e[i--] << (3 - c); c += 61; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 68); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 57; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 61 - c; } @@ -2191,10 +2191,10 @@ static int sp_2048_mod_exp_34_nb(sp_2048_mod_exp_34_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 61 + 1 keeps the shift in [1, 61]. */ ctx->i = (ctx->bits - 1) / 61; ctx->c = ((ctx->bits - 1) % 61) + 1; - ctx->n = e[ctx->i--] << (61 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (61 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -2207,7 +2207,7 @@ static int sp_2048_mod_exp_34_nb(sp_2048_mod_exp_34_ctx* ctx, ctx->c = 61; } ctx->y = (byte)((ctx->n >> 60) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -2978,7 +2978,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 34; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -3003,7 +3003,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 34; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 61 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -3219,9 +3219,9 @@ SP_NOINLINE static void sp_2048_lshift_34(sp_digit* r, const sp_digit* a, r[34] = a[33] >> (61 - n); for (i=33; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (61 - n))) & 0x1fffffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (61 - n))) & 0x1fffffffffffffffL); } - r[0] = (sp_digit)((a[0] << n) & 0x1fffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x1fffffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -3267,38 +3267,38 @@ static int sp_2048_mod_exp_2_34(sp_digit* r, const sp_digit* e, int bits, const c = 61; } if (i < 34) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (3 - c); + n |= (sp_uint64)e[i--] << (3 - c); c += 61; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_2048_lshift_34(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 56; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 3; + n = (sp_uint64)e[i--] << 3; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 61 - c; } @@ -3626,7 +3626,7 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 49U) { r[j] &= 0x1ffffffffffffffL; s = 57U - s; @@ -3672,7 +3672,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x1ffffffffffffffL; s = 57U - s; if (j + 1 >= size) { @@ -3707,7 +3707,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 57) { r[j] &= 0x1ffffffffffffffL; if (j + 1 >= size) { @@ -3756,7 +3756,7 @@ static void sp_2048_to_bin_36(sp_digit* r, byte* a) for (i=0; i<36 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -4245,10 +4245,10 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -4257,7 +4257,7 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1ffffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 57) - x; + *rho = (sp_digit)(((sp_uint64)1 << 57) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -4591,16 +4591,16 @@ SP_NOINLINE static void sp_2048_rshift_18(sp_digit* r, const sp_digit* a, int i; for (i=0; i<16; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL); - } - r[16] = (a[16] >> n) | (sp_digit)((a[17] << (57 - n)) & 0x1ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (57 - n)) & 0x1ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (57 - n)) & 0x1ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (57 - n)) & 0x1ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (57 - n)) & 0x1ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (57 - n)) & 0x1ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (57 - n)) & 0x1ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (57 - n)) & 0x1ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (57 - n)) & 0x1ffffffffffffffL); + } + r[16] = (a[16] >> n) | (sp_digit)(((sp_uint64)a[17] << (57 - n)) & 0x1ffffffffffffffL); r[17] = a[17] >> n; } @@ -4639,7 +4639,7 @@ static WC_INLINE sp_digit sp_2048_div_word_18(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 55; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 56) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -4831,9 +4831,9 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -4845,7 +4845,7 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_18(t[y^1], t[0], t[1], m, mp); @@ -4907,9 +4907,9 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -4921,7 +4921,7 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_18(t[y^1], t[0], t[1], m, mp); @@ -5022,38 +5022,38 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 57; } if (i < 18) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 36); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 52; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -5226,30 +5226,30 @@ static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a) s = a[36]; n = a[35] >> 53; for (i = 0; i < 32; i += 8) { - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+37] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+38] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+39] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+40] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+41] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+42] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+43] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+44] + (s >> 57); } - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[32] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[32] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[69] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[33] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[33] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[70] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[34] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 4); r[34] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[71] + (s >> 57); - n += s << 4; r[35] = n; + n += (sp_uint64)s << 4; r[35] = n; XMEMSET(&r[36], 0, sizeof(*r) * 36U); } @@ -5414,18 +5414,18 @@ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, int i; for (i=0; i<32; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL); - } - r[32] = (a[32] >> n) | (sp_digit)((a[33] << (57 - n)) & 0x1ffffffffffffffL); - r[33] = (a[33] >> n) | (sp_digit)((a[34] << (57 - n)) & 0x1ffffffffffffffL); - r[34] = (a[34] >> n) | (sp_digit)((a[35] << (57 - n)) & 0x1ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (57 - n)) & 0x1ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (57 - n)) & 0x1ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (57 - n)) & 0x1ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (57 - n)) & 0x1ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (57 - n)) & 0x1ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (57 - n)) & 0x1ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (57 - n)) & 0x1ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (57 - n)) & 0x1ffffffffffffffL); + } + r[32] = (a[32] >> n) | (sp_digit)(((sp_uint64)a[33] << (57 - n)) & 0x1ffffffffffffffL); + r[33] = (a[33] >> n) | (sp_digit)(((sp_uint64)a[34] << (57 - n)) & 0x1ffffffffffffffL); + r[34] = (a[34] >> n) | (sp_digit)(((sp_uint64)a[35] << (57 - n)) & 0x1ffffffffffffffL); r[35] = a[35] >> n; } @@ -5464,7 +5464,7 @@ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 55; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 56) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -5659,9 +5659,9 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -5673,7 +5673,7 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp); @@ -5735,9 +5735,9 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -5749,7 +5749,7 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp); @@ -5834,38 +5834,38 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 57; } if (i < 36) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 72); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 53; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -5961,10 +5961,10 @@ static int sp_2048_mod_exp_36_nb(sp_2048_mod_exp_36_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 57 + 1 keeps the shift in [1, 57]. */ ctx->i = (ctx->bits - 1) / 57; ctx->c = ((ctx->bits - 1) % 57) + 1; - ctx->n = e[ctx->i--] << (57 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (57 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -5977,7 +5977,7 @@ static int sp_2048_mod_exp_36_nb(sp_2048_mod_exp_36_ctx* ctx, ctx->c = 57; } ctx->y = (byte)((ctx->n >> 56) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -6548,7 +6548,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 36; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -6573,7 +6573,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 36; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 57 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -6774,7 +6774,7 @@ SP_NOINLINE static void sp_2048_lshift_36(sp_digit* r, const sp_digit* a, r[2] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL); s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL); - r[0] = (sp_digit)((a[0] << n) & 0x1ffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x1ffffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -6820,38 +6820,38 @@ static int sp_2048_mod_exp_2_36(sp_digit* r, const sp_digit* e, int bits, const c = 57; } if (i < 36) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_2048_lshift_36(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 52; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -7081,7 +7081,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 52U) { r[j] &= 0xfffffffffffffffL; s = 60U - s; @@ -7127,7 +7127,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xfffffffffffffffL; s = 60U - s; if (j + 1 >= size) { @@ -7162,7 +7162,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 60) { r[j] &= 0xfffffffffffffffL; if (j + 1 >= size) { @@ -7211,7 +7211,7 @@ static void sp_3072_to_bin_52(sp_digit* r, byte* a) for (i=0; i<52 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -7348,10 +7348,10 @@ SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -7360,7 +7360,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0xfffffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 60) - x; + *rho = (sp_digit)(((sp_uint64)1 << 60) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -7723,7 +7723,7 @@ SP_NOINLINE static void sp_3072_rshift_26(sp_digit* r, const sp_digit* a, int i; for (i=0; i<25; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (60 - n))) & 0xfffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (60 - n))) & 0xfffffffffffffffL); } r[25] = a[25] >> n; } @@ -7763,7 +7763,7 @@ static WC_INLINE sp_digit sp_3072_div_word_26(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 58; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 59) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -7955,9 +7955,9 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 60; - c = bits % 60; - n = e[i--] << (60 - c); + i = (bits - 1) / 60; + c = ((bits - 1) % 60) + 1; + n = (sp_uint64)e[i--] << (60 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -7969,7 +7969,7 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 59) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_26(t[y^1], t[0], t[1], m, mp); @@ -8031,9 +8031,9 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 60; - c = bits % 60; - n = e[i--] << (60 - c); + i = (bits - 1) / 60; + c = ((bits - 1) % 60) + 1; + n = (sp_uint64)e[i--] << (60 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -8045,7 +8045,7 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 59) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_26(t[y^1], t[0], t[1], m, mp); @@ -8146,38 +8146,38 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 60; } if (i < 26) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (4 - c); + n |= (sp_uint64)e[i--] << (4 - c); c += 60; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 52); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 55; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 60 - c; } @@ -8493,7 +8493,7 @@ SP_NOINLINE static void sp_3072_rshift_52(sp_digit* r, const sp_digit* a, int i; for (i=0; i<51; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (60 - n))) & 0xfffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (60 - n))) & 0xfffffffffffffffL); } r[51] = a[51] >> n; } @@ -8533,7 +8533,7 @@ static WC_INLINE sp_digit sp_3072_div_word_52(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 58; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 59) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -8726,9 +8726,9 @@ static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 60; - c = bits % 60; - n = e[i--] << (60 - c); + i = (bits - 1) / 60; + c = ((bits - 1) % 60) + 1; + n = (sp_uint64)e[i--] << (60 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -8740,7 +8740,7 @@ static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 59) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_52(t[y^1], t[0], t[1], m, mp); @@ -8802,9 +8802,9 @@ static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 60; - c = bits % 60; - n = e[i--] << (60 - c); + i = (bits - 1) / 60; + c = ((bits - 1) % 60) + 1; + n = (sp_uint64)e[i--] << (60 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -8816,7 +8816,7 @@ static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 59) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_52(t[y^1], t[0], t[1], m, mp); @@ -8901,38 +8901,38 @@ static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 60; } if (i < 52) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (4 - c); + n |= (sp_uint64)e[i--] << (4 - c); c += 60; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 104); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 56; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 60 - c; } @@ -9028,10 +9028,10 @@ static int sp_3072_mod_exp_52_nb(sp_3072_mod_exp_52_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 60 + 1 keeps the shift in [1, 60]. */ ctx->i = (ctx->bits - 1) / 60; ctx->c = ((ctx->bits - 1) % 60) + 1; - ctx->n = e[ctx->i--] << (60 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (60 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -9044,7 +9044,7 @@ static int sp_3072_mod_exp_52_nb(sp_3072_mod_exp_52_ctx* ctx, ctx->c = 60; } ctx->y = (byte)((ctx->n >> 59) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -9815,7 +9815,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 52; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -9840,7 +9840,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 52; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 60 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -10056,9 +10056,9 @@ SP_NOINLINE static void sp_3072_lshift_52(sp_digit* r, const sp_digit* a, r[52] = a[51] >> (60 - n); for (i=51; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (60 - n))) & 0xfffffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (60 - n))) & 0xfffffffffffffffL); } - r[0] = (sp_digit)((a[0] << n) & 0xfffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0xfffffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -10104,38 +10104,38 @@ static int sp_3072_mod_exp_2_52(sp_digit* r, const sp_digit* e, int bits, const c = 60; } if (i < 52) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (4 - c); + n |= (sp_uint64)e[i--] << (4 - c); c += 60; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_3072_lshift_52(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 55; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 4; + n = (sp_uint64)e[i--] << 4; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 60 - c; } @@ -10463,7 +10463,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 49U) { r[j] &= 0x1ffffffffffffffL; s = 57U - s; @@ -10509,7 +10509,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x1ffffffffffffffL; s = 57U - s; if (j + 1 >= size) { @@ -10544,7 +10544,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 57) { r[j] &= 0x1ffffffffffffffL; if (j + 1 >= size) { @@ -10593,7 +10593,7 @@ static void sp_3072_to_bin_54(sp_digit* r, byte* a) for (i=0; i<54 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -11165,10 +11165,10 @@ SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -11177,7 +11177,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1ffffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 57) - x; + *rho = (sp_digit)(((sp_uint64)1 << 57) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -11396,28 +11396,28 @@ static void sp_3072_mont_shift_27(sp_digit* r, const sp_digit* a) s = a[27]; n = a[26] >> 54; for (i = 0; i < 24; i += 8) { - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+28] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+29] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+30] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+31] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+32] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+33] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+34] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[i+35] + (s >> 57); } - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[24] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[24] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[52] + (s >> 57); - n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[25] = (sp_digit)(n & 0x1ffffffffffffffL); + n += (sp_digit)((sp_uint64)(s & 0x1ffffffffffffffL) << 3); r[25] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; s = a[53] + (s >> 57); - n += s << 3; r[26] = n; + n += (sp_uint64)s << 3; r[26] = n; XMEMSET(&r[27], 0, sizeof(*r) * 27U); } @@ -11565,17 +11565,17 @@ SP_NOINLINE static void sp_3072_rshift_27(sp_digit* r, const sp_digit* a, int i; for (i=0; i<24; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL); - } - r[24] = (a[24] >> n) | (sp_digit)((a[25] << (57 - n)) & 0x1ffffffffffffffL); - r[25] = (a[25] >> n) | (sp_digit)((a[26] << (57 - n)) & 0x1ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (57 - n)) & 0x1ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (57 - n)) & 0x1ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (57 - n)) & 0x1ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (57 - n)) & 0x1ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (57 - n)) & 0x1ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (57 - n)) & 0x1ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (57 - n)) & 0x1ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (57 - n)) & 0x1ffffffffffffffL); + } + r[24] = (a[24] >> n) | (sp_digit)(((sp_uint64)a[25] << (57 - n)) & 0x1ffffffffffffffL); + r[25] = (a[25] >> n) | (sp_digit)(((sp_uint64)a[26] << (57 - n)) & 0x1ffffffffffffffL); r[26] = a[26] >> n; } @@ -11614,7 +11614,7 @@ static WC_INLINE sp_digit sp_3072_div_word_27(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 55; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 56) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -11806,9 +11806,9 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -11820,7 +11820,7 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_27(t[y^1], t[0], t[1], m, mp); @@ -11882,9 +11882,9 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -11896,7 +11896,7 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_27(t[y^1], t[0], t[1], m, mp); @@ -11997,38 +11997,38 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 57; } if (i < 27) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 54); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 52; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -12398,20 +12398,20 @@ SP_NOINLINE static void sp_3072_rshift_54(sp_digit* r, const sp_digit* a, int i; for (i=0; i<48; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL); - } - r[48] = (a[48] >> n) | (sp_digit)((a[49] << (57 - n)) & 0x1ffffffffffffffL); - r[49] = (a[49] >> n) | (sp_digit)((a[50] << (57 - n)) & 0x1ffffffffffffffL); - r[50] = (a[50] >> n) | (sp_digit)((a[51] << (57 - n)) & 0x1ffffffffffffffL); - r[51] = (a[51] >> n) | (sp_digit)((a[52] << (57 - n)) & 0x1ffffffffffffffL); - r[52] = (a[52] >> n) | (sp_digit)((a[53] << (57 - n)) & 0x1ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (57 - n)) & 0x1ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (57 - n)) & 0x1ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (57 - n)) & 0x1ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (57 - n)) & 0x1ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (57 - n)) & 0x1ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (57 - n)) & 0x1ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (57 - n)) & 0x1ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (57 - n)) & 0x1ffffffffffffffL); + } + r[48] = (a[48] >> n) | (sp_digit)(((sp_uint64)a[49] << (57 - n)) & 0x1ffffffffffffffL); + r[49] = (a[49] >> n) | (sp_digit)(((sp_uint64)a[50] << (57 - n)) & 0x1ffffffffffffffL); + r[50] = (a[50] >> n) | (sp_digit)(((sp_uint64)a[51] << (57 - n)) & 0x1ffffffffffffffL); + r[51] = (a[51] >> n) | (sp_digit)(((sp_uint64)a[52] << (57 - n)) & 0x1ffffffffffffffL); + r[52] = (a[52] >> n) | (sp_digit)(((sp_uint64)a[53] << (57 - n)) & 0x1ffffffffffffffL); r[53] = a[53] >> n; } @@ -12450,7 +12450,7 @@ static WC_INLINE sp_digit sp_3072_div_word_54(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 55; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 56) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -12645,9 +12645,9 @@ static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -12659,7 +12659,7 @@ static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_54(t[y^1], t[0], t[1], m, mp); @@ -12721,9 +12721,9 @@ static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 57; - c = bits % 57; - n = e[i--] << (57 - c); + i = (bits - 1) / 57; + c = ((bits - 1) % 57) + 1; + n = (sp_uint64)e[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -12735,7 +12735,7 @@ static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 56) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_3072_mont_mul_54(t[y^1], t[0], t[1], m, mp); @@ -12820,38 +12820,38 @@ static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 57; } if (i < 54) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 108); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 53; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -12947,10 +12947,10 @@ static int sp_3072_mod_exp_54_nb(sp_3072_mod_exp_54_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 57 + 1 keeps the shift in [1, 57]. */ ctx->i = (ctx->bits - 1) / 57; ctx->c = ((ctx->bits - 1) % 57) + 1; - ctx->n = e[ctx->i--] << (57 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (57 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -12963,7 +12963,7 @@ static int sp_3072_mod_exp_54_nb(sp_3072_mod_exp_54_ctx* ctx, ctx->c = 57; } ctx->y = (byte)((ctx->n >> 56) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -13534,7 +13534,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 54; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -13559,7 +13559,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 54; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 57 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -13796,7 +13796,7 @@ SP_NOINLINE static void sp_3072_lshift_54(sp_digit* r, const sp_digit* a, r[2] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL); s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL); - r[0] = (sp_digit)((a[0] << n) & 0x1ffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x1ffffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -13842,38 +13842,38 @@ static int sp_3072_mod_exp_2_54(sp_digit* r, const sp_digit* e, int bits, const c = 57; } if (i < 54) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (7 - c); + n |= (sp_uint64)e[i--] << (7 - c); c += 57; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_3072_lshift_54(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 52; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 7; + n = (sp_uint64)e[i--] << 7; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 57 - c; } @@ -14103,7 +14103,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 51U) { r[j] &= 0x7ffffffffffffffL; s = 59U - s; @@ -14149,7 +14149,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x7ffffffffffffffL; s = 59U - s; if (j + 1 >= size) { @@ -14184,7 +14184,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 59) { r[j] &= 0x7ffffffffffffffL; if (j + 1 >= size) { @@ -14233,7 +14233,7 @@ static void sp_4096_to_bin_70(sp_digit* r, byte* a) for (i=0; i<70 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -14372,10 +14372,10 @@ SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a) */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -14384,7 +14384,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x7ffffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 59) - x; + *rho = (sp_digit)(((sp_uint64)1 << 59) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -14751,7 +14751,7 @@ SP_NOINLINE static void sp_4096_rshift_35(sp_digit* r, const sp_digit* a, int i; for (i=0; i<34; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (59 - n))) & 0x7ffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (59 - n))) & 0x7ffffffffffffffL); } r[34] = a[34] >> n; } @@ -14791,7 +14791,7 @@ static WC_INLINE sp_digit sp_4096_div_word_35(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 57; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 58) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -14983,9 +14983,9 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 59; - c = bits % 59; - n = e[i--] << (59 - c); + i = (bits - 1) / 59; + c = ((bits - 1) % 59) + 1; + n = (sp_uint64)e[i--] << (59 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -14997,7 +14997,7 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 58) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_35(t[y^1], t[0], t[1], m, mp); @@ -15059,9 +15059,9 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 59; - c = bits % 59; - n = e[i--] << (59 - c); + i = (bits - 1) / 59; + c = ((bits - 1) % 59) + 1; + n = (sp_uint64)e[i--] << (59 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -15073,7 +15073,7 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 58) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_35(t[y^1], t[0], t[1], m, mp); @@ -15174,38 +15174,38 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 59; } if (i < 35) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (5 - c); + n |= (sp_uint64)e[i--] << (5 - c); c += 59; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 70); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 54; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 59 - c; } @@ -15516,7 +15516,7 @@ SP_NOINLINE static void sp_4096_rshift_70(sp_digit* r, const sp_digit* a, int i; for (i=0; i<69; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (59 - n))) & 0x7ffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (59 - n))) & 0x7ffffffffffffffL); } r[69] = a[69] >> n; } @@ -15556,7 +15556,7 @@ static WC_INLINE sp_digit sp_4096_div_word_70(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 57; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 58) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -15749,9 +15749,9 @@ static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 59; - c = bits % 59; - n = e[i--] << (59 - c); + i = (bits - 1) / 59; + c = ((bits - 1) % 59) + 1; + n = (sp_uint64)e[i--] << (59 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -15763,7 +15763,7 @@ static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 58) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_70(t[y^1], t[0], t[1], m, mp); @@ -15825,9 +15825,9 @@ static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 59; - c = bits % 59; - n = e[i--] << (59 - c); + i = (bits - 1) / 59; + c = ((bits - 1) % 59) + 1; + n = (sp_uint64)e[i--] << (59 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -15839,7 +15839,7 @@ static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 58) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_70(t[y^1], t[0], t[1], m, mp); @@ -15924,38 +15924,38 @@ static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 59; } if (i < 70) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (5 - c); + n |= (sp_uint64)e[i--] << (5 - c); c += 59; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 140); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 55; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 59 - c; } @@ -16051,10 +16051,10 @@ static int sp_4096_mod_exp_70_nb(sp_4096_mod_exp_70_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 59 + 1 keeps the shift in [1, 59]. */ ctx->i = (ctx->bits - 1) / 59; ctx->c = ((ctx->bits - 1) % 59) + 1; - ctx->n = e[ctx->i--] << (59 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (59 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -16067,7 +16067,7 @@ static int sp_4096_mod_exp_70_nb(sp_4096_mod_exp_70_ctx* ctx, ctx->c = 59; } ctx->y = (byte)((ctx->n >> 58) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -16838,7 +16838,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 70; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -16863,7 +16863,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 70; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 59 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -17079,9 +17079,9 @@ SP_NOINLINE static void sp_4096_lshift_70(sp_digit* r, const sp_digit* a, r[70] = a[69] >> (59 - n); for (i=69; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (59 - n))) & 0x7ffffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (59 - n))) & 0x7ffffffffffffffL); } - r[0] = (sp_digit)((a[0] << n) & 0x7ffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x7ffffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -17127,38 +17127,38 @@ static int sp_4096_mod_exp_2_70(sp_digit* r, const sp_digit* e, int bits, const c = 59; } if (i < 70) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (5 - c); + n |= (sp_uint64)e[i--] << (5 - c); c += 59; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_4096_lshift_70(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 54; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 5; + n = (sp_uint64)e[i--] << 5; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 59 - c; } @@ -17385,7 +17385,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 45U) { r[j] &= 0x1fffffffffffffL; s = 53U - s; @@ -17431,7 +17431,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x1fffffffffffffL; s = 53U - s; if (j + 1 >= size) { @@ -17466,7 +17466,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 53) { r[j] &= 0x1fffffffffffffL; if (j + 1 >= size) { @@ -17515,7 +17515,7 @@ static void sp_4096_to_bin_78(sp_digit* r, byte* a) for (i=0; i<78 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -18255,10 +18255,10 @@ SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a) */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -18267,7 +18267,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x &= 0x1fffffffffffffL; /* rho = -1/m mod b */ - *rho = ((sp_digit)1 << 53) - x; + *rho = (sp_digit)(((sp_uint64)1 << 53) - (sp_digit)x); } /* Multiply a by scalar b into r. (r = a * b) @@ -18684,21 +18684,21 @@ SP_NOINLINE static void sp_4096_rshift_39(sp_digit* r, const sp_digit* a, int i; for (i=0; i<32; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (53 - n)) & 0x1fffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (53 - n)) & 0x1fffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (53 - n)) & 0x1fffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (53 - n)) & 0x1fffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (53 - n)) & 0x1fffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (53 - n)) & 0x1fffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (53 - n)) & 0x1fffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (53 - n)) & 0x1fffffffffffffL); - } - r[32] = (a[32] >> n) | (sp_digit)((a[33] << (53 - n)) & 0x1fffffffffffffL); - r[33] = (a[33] >> n) | (sp_digit)((a[34] << (53 - n)) & 0x1fffffffffffffL); - r[34] = (a[34] >> n) | (sp_digit)((a[35] << (53 - n)) & 0x1fffffffffffffL); - r[35] = (a[35] >> n) | (sp_digit)((a[36] << (53 - n)) & 0x1fffffffffffffL); - r[36] = (a[36] >> n) | (sp_digit)((a[37] << (53 - n)) & 0x1fffffffffffffL); - r[37] = (a[37] >> n) | (sp_digit)((a[38] << (53 - n)) & 0x1fffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (53 - n)) & 0x1fffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (53 - n)) & 0x1fffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (53 - n)) & 0x1fffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (53 - n)) & 0x1fffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (53 - n)) & 0x1fffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (53 - n)) & 0x1fffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (53 - n)) & 0x1fffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (53 - n)) & 0x1fffffffffffffL); + } + r[32] = (a[32] >> n) | (sp_digit)(((sp_uint64)a[33] << (53 - n)) & 0x1fffffffffffffL); + r[33] = (a[33] >> n) | (sp_digit)(((sp_uint64)a[34] << (53 - n)) & 0x1fffffffffffffL); + r[34] = (a[34] >> n) | (sp_digit)(((sp_uint64)a[35] << (53 - n)) & 0x1fffffffffffffL); + r[35] = (a[35] >> n) | (sp_digit)(((sp_uint64)a[36] << (53 - n)) & 0x1fffffffffffffL); + r[36] = (a[36] >> n) | (sp_digit)(((sp_uint64)a[37] << (53 - n)) & 0x1fffffffffffffL); + r[37] = (a[37] >> n) | (sp_digit)(((sp_uint64)a[38] << (53 - n)) & 0x1fffffffffffffL); r[38] = a[38] >> n; } @@ -18737,7 +18737,7 @@ static WC_INLINE sp_digit sp_4096_div_word_39(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 51; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 52) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -18929,9 +18929,9 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 53; - c = bits % 53; - n = e[i--] << (53 - c); + i = (bits - 1) / 53; + c = ((bits - 1) % 53) + 1; + n = (sp_uint64)e[i--] << (53 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -18943,7 +18943,7 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 52) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_39(t[y^1], t[0], t[1], m, mp); @@ -19005,9 +19005,9 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 53; - c = bits % 53; - n = e[i--] << (53 - c); + i = (bits - 1) / 53; + c = ((bits - 1) % 53) + 1; + n = (sp_uint64)e[i--] << (53 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -19019,7 +19019,7 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 52) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_39(t[y^1], t[0], t[1], m, mp); @@ -19120,38 +19120,38 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 53; } if (i < 39) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (11 - c); + n |= (sp_uint64)e[i--] << (11 - c); c += 53; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; XMEMCPY(rt, t[y], sizeof(sp_digit) * 78); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 48; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 53 - c; } @@ -19522,20 +19522,20 @@ SP_NOINLINE static void sp_4096_rshift_78(sp_digit* r, const sp_digit* a, int i; for (i=0; i<72; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (53 - n)) & 0x1fffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (53 - n)) & 0x1fffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (53 - n)) & 0x1fffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (53 - n)) & 0x1fffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (53 - n)) & 0x1fffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (53 - n)) & 0x1fffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (53 - n)) & 0x1fffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (53 - n)) & 0x1fffffffffffffL); - } - r[72] = (a[72] >> n) | (sp_digit)((a[73] << (53 - n)) & 0x1fffffffffffffL); - r[73] = (a[73] >> n) | (sp_digit)((a[74] << (53 - n)) & 0x1fffffffffffffL); - r[74] = (a[74] >> n) | (sp_digit)((a[75] << (53 - n)) & 0x1fffffffffffffL); - r[75] = (a[75] >> n) | (sp_digit)((a[76] << (53 - n)) & 0x1fffffffffffffL); - r[76] = (a[76] >> n) | (sp_digit)((a[77] << (53 - n)) & 0x1fffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (53 - n)) & 0x1fffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (53 - n)) & 0x1fffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (53 - n)) & 0x1fffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (53 - n)) & 0x1fffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (53 - n)) & 0x1fffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (53 - n)) & 0x1fffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (53 - n)) & 0x1fffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (53 - n)) & 0x1fffffffffffffL); + } + r[72] = (a[72] >> n) | (sp_digit)(((sp_uint64)a[73] << (53 - n)) & 0x1fffffffffffffL); + r[73] = (a[73] >> n) | (sp_digit)(((sp_uint64)a[74] << (53 - n)) & 0x1fffffffffffffL); + r[74] = (a[74] >> n) | (sp_digit)(((sp_uint64)a[75] << (53 - n)) & 0x1fffffffffffffL); + r[75] = (a[75] >> n) | (sp_digit)(((sp_uint64)a[76] << (53 - n)) & 0x1fffffffffffffL); + r[76] = (a[76] >> n) | (sp_digit)(((sp_uint64)a[77] << (53 - n)) & 0x1fffffffffffffL); r[77] = a[77] >> n; } @@ -19574,7 +19574,7 @@ static WC_INLINE sp_digit sp_4096_div_word_78(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 51; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 52) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -19769,9 +19769,9 @@ static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 53; - c = bits % 53; - n = e[i--] << (53 - c); + i = (bits - 1) / 53; + c = ((bits - 1) % 53) + 1; + n = (sp_uint64)e[i--] << (53 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -19783,7 +19783,7 @@ static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 52) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_78(t[y^1], t[0], t[1], m, mp); @@ -19845,9 +19845,9 @@ static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, } if (err == MP_OKAY) { - i = bits / 53; - c = bits % 53; - n = e[i--] << (53 - c); + i = (bits - 1) / 53; + c = ((bits - 1) % 53) + 1; + n = (sp_uint64)e[i--] << (53 - c); for (; ; c--) { if (c == 0) { if (i == -1) { @@ -19859,7 +19859,7 @@ static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, } y = (int)((n >> 52) & 1); - n <<= 1; + n = (sp_uint64)n << 1; sp_4096_mont_mul_78(t[y^1], t[0], t[1], m, mp); @@ -19944,38 +19944,38 @@ static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, c = 53; } if (i < 78) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 4) { - n |= e[i--] << (11 - c); + n |= (sp_uint64)e[i--] << (11 - c); c += 53; } y = (int)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; XMEMCPY(rt, t[y], sizeof(sp_digit) * 156); while ((i >= 0) || (c >= 4)) { if (c >= 4) { y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c -= 4; } else if (c == 0) { - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; y = (byte)((n >> 60) & 0xf); - n <<= 4; + n = (sp_uint64)n << 4; c = 49; } else { y = (byte)((n >> 60) & 0xf); - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; c = 4 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 53 - c; } @@ -20071,10 +20071,10 @@ static int sp_4096_mod_exp_78_nb(sp_4096_mod_exp_78_ctx* ctx, case 4: /* BIT_INIT: index the most-significant exponent limb without reading off the end when bits is an exact multiple of the limb width. (bits-1) keeps i within the populated range and - c = (bits-1) % @bits + 1 keeps the shift in [1, @bits]. */ + c = (bits-1) % 53 + 1 keeps the shift in [1, 53]. */ ctx->i = (ctx->bits - 1) / 53; ctx->c = ((ctx->bits - 1) % 53) + 1; - ctx->n = e[ctx->i--] << (53 - ctx->c); + ctx->n = (sp_uint64)e[ctx->i--] << (53 - ctx->c); ctx->state = 5; break; case 5: /* BIT_NEXT: refill on word boundary, peel one exponent bit */ @@ -20087,7 +20087,7 @@ static int sp_4096_mod_exp_78_nb(sp_4096_mod_exp_78_ctx* ctx, ctx->c = 53; } ctx->y = (byte)((ctx->n >> 52) & 1); - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; ctx->state = 6; break; case 6: /* MUL: t[y^1] = t[0] * t[1] in Montgomery form */ @@ -20658,7 +20658,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 78; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -20683,7 +20683,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 78; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 53 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -20968,7 +20968,7 @@ SP_NOINLINE static void sp_4096_lshift_78(sp_digit* r, const sp_digit* a, r[2] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL); s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL); - r[0] = (sp_digit)((a[0] << n) & 0x1fffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x1fffffffffffffL); } /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) @@ -21014,38 +21014,38 @@ static int sp_4096_mod_exp_2_78(sp_digit* r, const sp_digit* e, int bits, const c = 53; } if (i < 78) { - n = e[i--] << (64 - c); + n = (sp_uint64)e[i--] << (64 - c); } else { n = 0; i--; } if (c < 5) { - n |= e[i--] << (11 - c); + n |= (sp_uint64)e[i--] << (11 - c); c += 53; } y = (int)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; sp_4096_lshift_78(r, norm, (byte)y); while ((i >= 0) || (c >= 5)) { if (c >= 5) { y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c -= 5; } else if (c == 0) { - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; y = (byte)((n >> 59) & 0x1f); - n <<= 5; + n = (sp_uint64)n << 5; c = 48; } else { y = (byte)((n >> 59) & 0x1f); - n = e[i--] << 11; + n = (sp_uint64)e[i--] << 11; c = 5 - c; y |= (byte)((n >> (64 - c)) & ((1 << c) - 1)); - n <<= c; + n = (sp_uint64)n << c; c = 53 - c; } @@ -21513,7 +21513,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xfffffffffffffL; s = 52U - s; if (j + 1 >= size) { @@ -21548,7 +21548,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 52) { r[j] &= 0xfffffffffffffL; if (j + 1 >= size) { @@ -21614,7 +21614,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 5; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -21639,7 +21639,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 5; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 52 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -21886,9 +21886,9 @@ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) /* Fifth word of modulus word */ t = am; t *= 0x0ffffffff0000L; - a[i + 1] += (sp_digit)((am << 44) & 0xfffffffffffffL); + a[i + 1] += (sp_digit)(((sp_uint64)am << 44) & 0xfffffffffffffL); a[i + 2] += am >> 8; - a[i + 3] += (sp_digit)((am << 36) & 0xfffffffffffffL); + a[i + 3] += (sp_digit)(((sp_uint64)am << 36) & 0xfffffffffffffL); a[i + 4] += (am >> 16) + (sp_digit)(t & 0xfffffffffffffL); a[i + 5] += t >> 52; @@ -21898,17 +21898,17 @@ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) /* Fifth word of modulus word */ t = am; t *= 0x0ffffffff0000L; - a[4 + 1] += (sp_digit)((am << 44) & 0xfffffffffffffL); + a[4 + 1] += (sp_digit)(((sp_uint64)am << 44) & 0xfffffffffffffL); a[4 + 2] += am >> 8; - a[4 + 3] += (sp_digit)((am << 36) & 0xfffffffffffffL); + a[4 + 3] += (sp_digit)(((sp_uint64)am << 36) & 0xfffffffffffffL); a[4 + 4] += (am >> 16) + (sp_digit)(t & 0xfffffffffffffL); a[4 + 5] += t >> 52; - a[0] = (a[4] >> 48) + (sp_digit)((a[5] << 4) & 0xfffffffffffffL); - a[1] = (a[5] >> 48) + (sp_digit)((a[6] << 4) & 0xfffffffffffffL); - a[2] = (a[6] >> 48) + (sp_digit)((a[7] << 4) & 0xfffffffffffffL); - a[3] = (a[7] >> 48) + (sp_digit)((a[8] << 4) & 0xfffffffffffffL); - a[4] = (a[8] >> 48) + (a[9] << 4); + a[0] = (a[4] >> 48) + (sp_digit)(((sp_uint64)a[5] << 4) & 0xfffffffffffffL); + a[1] = (a[5] >> 48) + (sp_digit)(((sp_uint64)a[6] << 4) & 0xfffffffffffffL); + a[2] = (a[6] >> 48) + (sp_digit)(((sp_uint64)a[7] << 4) & 0xfffffffffffffL); + a[3] = (a[7] >> 48) + (sp_digit)(((sp_uint64)a[8] << 4) & 0xfffffffffffffL); + a[4] = (a[8] >> 48) + (sp_digit)((sp_uint64)a[9] << 4); a[1] += a[0] >> 52; a[0] &= 0xfffffffffffffL; a[2] += a[1] >> 52; a[1] &= 0xfffffffffffffL; @@ -22005,7 +22005,7 @@ static void sp_256_mont_inv_5(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 5); for (i=254; i>=0; i--) { sp_256_mont_sqr_5(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p256_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_256_mont_mul_5(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 5); @@ -22221,13 +22221,13 @@ SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a) int i; for (i=0; i<4; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 51) & 0xfffffffffffffL); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint64)a[i + 1] << 51) & 0xfffffffffffffL); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 51) & 0xfffffffffffffL); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 51) & 0xfffffffffffffL); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 51) & 0xfffffffffffffL); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 51) & 0xfffffffffffffL); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint64)a[1] << 51) & 0xfffffffffffffL); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint64)a[2] << 51) & 0xfffffffffffffL); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint64)a[3] << 51) & 0xfffffffffffffL); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint64)a[4] << 51) & 0xfffffffffffffL); #endif r[4] = a[4] >> 1; } @@ -22785,18 +22785,18 @@ static int sp_256_mod_mul_norm_5(sp_digit* r, const sp_digit* a, const sp_digit* a32[0] = (sp_digit)(a[0]) & 0xffffffffL; a32[1] = (sp_digit)(a[0] >> 32U); - a32[1] |= (sp_digit)(a[1] << 20U); + a32[1] |= (sp_digit)((sp_uint64)a[1] << 20U); a32[1] &= 0xffffffffL; a32[2] = (sp_digit)(a[1] >> 12U) & 0xffffffffL; a32[3] = (sp_digit)(a[1] >> 44U); - a32[3] |= (sp_digit)(a[2] << 8U); + a32[3] |= (sp_digit)((sp_uint64)a[2] << 8U); a32[3] &= 0xffffffffL; a32[4] = (sp_digit)(a[2] >> 24U); - a32[4] |= (sp_digit)(a[3] << 28U); + a32[4] |= (sp_digit)((sp_uint64)a[3] << 28U); a32[4] &= 0xffffffffL; a32[5] = (sp_digit)(a[3] >> 4U) & 0xffffffffL; a32[6] = (sp_digit)(a[3] >> 36U); - a32[6] |= (sp_digit)(a[4] << 16U); + a32[6] |= (sp_digit)((sp_uint64)a[4] << 16U); a32[6] &= 0xffffffffL; a32[7] = (sp_digit)(a[4] >> 16U) & 0xffffffffL; @@ -22910,7 +22910,7 @@ static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, if (err == MP_OKAY) { i = 4; c = 48; - n = k[i--] << (52 - c); + n = (sp_uint64)k[i--] << (52 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -22921,7 +22921,7 @@ static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, } y = (n >> 51) & 1; - n <<= 1; + n = (sp_uint64)n << 1; sp_256_proj_point_add_5(&t[y^1], &t[0], &t[1], tmp); @@ -22980,7 +22980,7 @@ static int sp_256_ecc_mulmod_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, XMEMSET(ctx->t, 0, sizeof(sp_point_256) * 3); ctx->i = 4; ctx->c = 48; - ctx->n = k[ctx->i--] << (52 - ctx->c); + ctx->n = (sp_uint64)k[ctx->i--] << (52 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -23010,7 +23010,7 @@ static int sp_256_ecc_mulmod_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, ctx->c = 52; } ctx->y = (ctx->n >> 51) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -23405,7 +23405,7 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v) } else if (++j < 5) { n = k[j]; - y |= (word8)((n << (52 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (52 - o)) & 0x3f); o -= 46; n >>= o; } @@ -25615,7 +25615,7 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 44U) { r[j] &= 0xfffffffffffffL; s = 52U - s; @@ -25836,7 +25836,7 @@ static void sp_256_to_bin_5(sp_digit* r, byte* a) for (i=0; i<5 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -25960,23 +25960,23 @@ SP_NOINLINE static void sp_256_rshift_5(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<4; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (52 - n))) & 0xfffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (52 - n))) & 0xfffffffffffffL); } #else for (i=0; i<0; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (52 - n)) & 0xfffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (52 - n)) & 0xfffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (52 - n)) & 0xfffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (52 - n)) & 0xfffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (52 - n)) & 0xfffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (52 - n)) & 0xfffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (52 - n)) & 0xfffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (52 - n)) & 0xfffffffffffffL); - } - r[0] = (a[0] >> n) | (sp_digit)((a[1] << (52 - n)) & 0xfffffffffffffL); - r[1] = (a[1] >> n) | (sp_digit)((a[2] << (52 - n)) & 0xfffffffffffffL); - r[2] = (a[2] >> n) | (sp_digit)((a[3] << (52 - n)) & 0xfffffffffffffL); - r[3] = (a[3] >> n) | (sp_digit)((a[4] << (52 - n)) & 0xfffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (52 - n)) & 0xfffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (52 - n)) & 0xfffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (52 - n)) & 0xfffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (52 - n)) & 0xfffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (52 - n)) & 0xfffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (52 - n)) & 0xfffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (52 - n)) & 0xfffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (52 - n)) & 0xfffffffffffffL); + } + r[0] = (a[0] >> n) | (sp_digit)(((sp_uint64)a[1] << (52 - n)) & 0xfffffffffffffL); + r[1] = (a[1] >> n) | (sp_digit)(((sp_uint64)a[2] << (52 - n)) & 0xfffffffffffffL); + r[2] = (a[2] >> n) | (sp_digit)(((sp_uint64)a[3] << (52 - n)) & 0xfffffffffffffL); + r[3] = (a[3] >> n) | (sp_digit)(((sp_uint64)a[4] << (52 - n)) & 0xfffffffffffffL); #endif /* WOLFSSL_SP_SMALL */ r[4] = a[4] >> n; } @@ -26027,7 +26027,7 @@ SP_NOINLINE static void sp_256_lshift_10(sp_digit* r, const sp_digit* a, r[10] = a[9] >> (52 - n); for (i=9; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (52 - n))) & 0xfffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (52 - n))) & 0xfffffffffffffL); } #else sp_int_digit s; @@ -26054,7 +26054,7 @@ SP_NOINLINE static void sp_256_lshift_10(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0xfffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0xfffffffffffffL); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -27960,7 +27960,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x7fffffffffffffL; s = 55U - s; if (j + 1 >= size) { @@ -27995,7 +27995,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 55) { r[j] &= 0x7fffffffffffffL; if (j + 1 >= size) { @@ -28061,7 +28061,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 7; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -28086,7 +28086,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 7; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 55 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -28346,31 +28346,31 @@ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) (void)mp; for (i = 0; i < 6; i++) { - am = (sp_digit)((a[i] * 0x100000001) & 0x7fffffffffffffL); - a[i + 0] += (sp_digit)((am << 32) & 0x7fffffffffffffL); - a[i + 1] += (am >> 23) - (sp_digit)((am << 41) & 0x7fffffffffffffL); - a[i + 2] += -(am >> 14) - ((sp_digit)(am << 18) & 0x7fffffffffffffL); + am = (sp_digit)((((sp_uint64)a[i]) * 0x100000001) & 0x7fffffffffffffL); + a[i + 0] += (sp_digit)(((sp_uint64)am << 32) & 0x7fffffffffffffL); + a[i + 1] += (am >> 23) - (sp_digit)(((sp_uint64)am << 41) & 0x7fffffffffffffL); + a[i + 2] += -(am >> 14) - (sp_digit)(((sp_uint64)am << 18) & 0x7fffffffffffffL); a[i + 3] += -(am >> 37); - a[i + 6] += ((sp_digit)(am << 54) & 0x7fffffffffffffL); + a[i + 6] += (sp_digit)(((sp_uint64)am << 54) & 0x7fffffffffffffL); a[i + 7] += am >> 1; a[i + 1] += a[i] >> 55; } - am = (sp_digit)((a[6] * 0x100000001) & 0x3fffffffffffff); - a[6 + 0] += (sp_digit)((am << 32) & 0x7fffffffffffffL); - a[6 + 1] += (am >> 23) - (sp_digit)((am << 41) & 0x7fffffffffffffL); - a[6 + 2] += -(am >> 14) - (sp_digit)((am << 18) & 0x7fffffffffffffL); + am = (sp_digit)((((sp_uint64)a[6]) * 0x100000001) & 0x3fffffffffffff); + a[6 + 0] += (sp_digit)(((sp_uint64)am << 32) & 0x7fffffffffffffL); + a[6 + 1] += (am >> 23) - (sp_digit)(((sp_uint64)am << 41) & 0x7fffffffffffffL); + a[6 + 2] += -(am >> 14) - (sp_digit)(((sp_uint64)am << 18) & 0x7fffffffffffffL); a[6 + 3] += -(am >> 37); - a[6 + 6] += (sp_digit)((am << 54) & 0x7fffffffffffffL); + a[6 + 6] += (sp_digit)(((sp_uint64)am << 54) & 0x7fffffffffffffL); a[6 + 7] += am >> 1; - a[0] = (a[6] >> 54) + (sp_digit)((a[7] << 1) & 0x7fffffffffffffL); - a[1] = (a[7] >> 54) + (sp_digit)((a[8] << 1) & 0x7fffffffffffffL); - a[2] = (a[8] >> 54) + (sp_digit)((a[9] << 1) & 0x7fffffffffffffL); - a[3] = (a[9] >> 54) + (sp_digit)((a[10] << 1) & 0x7fffffffffffffL); - a[4] = (a[10] >> 54) + (sp_digit)((a[11] << 1) & 0x7fffffffffffffL); - a[5] = (a[11] >> 54) + (sp_digit)((a[12] << 1) & 0x7fffffffffffffL); - a[6] = (a[12] >> 54) + (a[13] << 1); + a[0] = (a[6] >> 54) + (sp_digit)(((sp_uint64)a[7] << 1) & 0x7fffffffffffffL); + a[1] = (a[7] >> 54) + (sp_digit)(((sp_uint64)a[8] << 1) & 0x7fffffffffffffL); + a[2] = (a[8] >> 54) + (sp_digit)(((sp_uint64)a[9] << 1) & 0x7fffffffffffffL); + a[3] = (a[9] >> 54) + (sp_digit)(((sp_uint64)a[10] << 1) & 0x7fffffffffffffL); + a[4] = (a[10] >> 54) + (sp_digit)(((sp_uint64)a[11] << 1) & 0x7fffffffffffffL); + a[5] = (a[11] >> 54) + (sp_digit)(((sp_uint64)a[12] << 1) & 0x7fffffffffffffL); + a[6] = (a[12] >> 54) + (sp_digit)((sp_uint64)a[13] << 1); a[1] += a[0] >> 55; a[0] &= 0x7fffffffffffffL; a[2] += a[1] >> 55; a[1] &= 0x7fffffffffffffL; @@ -28473,7 +28473,7 @@ static void sp_384_mont_inv_7(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 7); for (i=382; i>=0; i--) { sp_384_mont_sqr_7(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p384_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_384_mont_mul_7(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 7); @@ -28707,15 +28707,15 @@ SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a) int i; for (i=0; i<6; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 54) & 0x7fffffffffffffL); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint64)a[i + 1] << 54) & 0x7fffffffffffffL); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 54) & 0x7fffffffffffffL); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 54) & 0x7fffffffffffffL); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 54) & 0x7fffffffffffffL); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 54) & 0x7fffffffffffffL); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 54) & 0x7fffffffffffffL); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 54) & 0x7fffffffffffffL); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint64)a[1] << 54) & 0x7fffffffffffffL); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint64)a[2] << 54) & 0x7fffffffffffffL); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint64)a[3] << 54) & 0x7fffffffffffffL); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint64)a[4] << 54) & 0x7fffffffffffffL); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint64)a[5] << 54) & 0x7fffffffffffffL); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint64)a[6] << 54) & 0x7fffffffffffffL); #endif r[6] = a[6] >> 1; } @@ -29274,26 +29274,26 @@ static int sp_384_mod_mul_norm_7(sp_digit* r, const sp_digit* a, const sp_digit* a32[0] = (sp_digit)(a[0]) & 0xffffffffL; a32[1] = (sp_digit)(a[0] >> 32U); - a32[1] |= (sp_digit)(a[1] << 23U); + a32[1] |= (sp_digit)((sp_uint64)a[1] << 23U); a32[1] &= 0xffffffffL; a32[2] = (sp_digit)(a[1] >> 9U) & 0xffffffffL; a32[3] = (sp_digit)(a[1] >> 41U); - a32[3] |= (sp_digit)(a[2] << 14U); + a32[3] |= (sp_digit)((sp_uint64)a[2] << 14U); a32[3] &= 0xffffffffL; a32[4] = (sp_digit)(a[2] >> 18U) & 0xffffffffL; a32[5] = (sp_digit)(a[2] >> 50U); - a32[5] |= (sp_digit)(a[3] << 5U); + a32[5] |= (sp_digit)((sp_uint64)a[3] << 5U); a32[5] &= 0xffffffffL; a32[6] = (sp_digit)(a[3] >> 27U); - a32[6] |= (sp_digit)(a[4] << 28U); + a32[6] |= (sp_digit)((sp_uint64)a[4] << 28U); a32[6] &= 0xffffffffL; a32[7] = (sp_digit)(a[4] >> 4U) & 0xffffffffL; a32[8] = (sp_digit)(a[4] >> 36U); - a32[8] |= (sp_digit)(a[5] << 19U); + a32[8] |= (sp_digit)((sp_uint64)a[5] << 19U); a32[8] &= 0xffffffffL; a32[9] = (sp_digit)(a[5] >> 13U) & 0xffffffffL; a32[10] = (sp_digit)(a[5] >> 45U); - a32[10] |= (sp_digit)(a[6] << 10U); + a32[10] |= (sp_digit)((sp_uint64)a[6] << 10U); a32[10] &= 0xffffffffL; a32[11] = (sp_digit)(a[6] >> 22U) & 0xffffffffL; @@ -29431,7 +29431,7 @@ static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, if (err == MP_OKAY) { i = 6; c = 54; - n = k[i--] << (55 - c); + n = (sp_uint64)k[i--] << (55 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -29442,7 +29442,7 @@ static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, } y = (n >> 54) & 1; - n <<= 1; + n = (sp_uint64)n << 1; sp_384_proj_point_add_7(&t[y^1], &t[0], &t[1], tmp); @@ -29501,7 +29501,7 @@ static int sp_384_ecc_mulmod_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, XMEMSET(ctx->t, 0, sizeof(sp_point_384) * 3); ctx->i = 6; ctx->c = 54; - ctx->n = k[ctx->i--] << (55 - ctx->c); + ctx->n = (sp_uint64)k[ctx->i--] << (55 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -29531,7 +29531,7 @@ static int sp_384_ecc_mulmod_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, ctx->c = 55; } ctx->y = (ctx->n >> 54) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -29930,7 +29930,7 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v) } else if (++j < 7) { n = k[j]; - y |= (word8)((n << (55 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (55 - o)) & 0x3f); o -= 49; n >>= o; } @@ -32670,7 +32670,7 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 47U) { r[j] &= 0x7fffffffffffffL; s = 55U - s; @@ -32891,7 +32891,7 @@ static void sp_384_to_bin_7(sp_digit* r, byte* a) for (i=0; i<7 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -33015,25 +33015,25 @@ SP_NOINLINE static void sp_384_rshift_7(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<6; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (55 - n))) & 0x7fffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (55 - n))) & 0x7fffffffffffffL); } #else for (i=0; i<0; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (55 - n)) & 0x7fffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (55 - n)) & 0x7fffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (55 - n)) & 0x7fffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (55 - n)) & 0x7fffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (55 - n)) & 0x7fffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (55 - n)) & 0x7fffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (55 - n)) & 0x7fffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (55 - n)) & 0x7fffffffffffffL); - } - r[0] = (a[0] >> n) | (sp_digit)((a[1] << (55 - n)) & 0x7fffffffffffffL); - r[1] = (a[1] >> n) | (sp_digit)((a[2] << (55 - n)) & 0x7fffffffffffffL); - r[2] = (a[2] >> n) | (sp_digit)((a[3] << (55 - n)) & 0x7fffffffffffffL); - r[3] = (a[3] >> n) | (sp_digit)((a[4] << (55 - n)) & 0x7fffffffffffffL); - r[4] = (a[4] >> n) | (sp_digit)((a[5] << (55 - n)) & 0x7fffffffffffffL); - r[5] = (a[5] >> n) | (sp_digit)((a[6] << (55 - n)) & 0x7fffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (55 - n)) & 0x7fffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (55 - n)) & 0x7fffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (55 - n)) & 0x7fffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (55 - n)) & 0x7fffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (55 - n)) & 0x7fffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (55 - n)) & 0x7fffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (55 - n)) & 0x7fffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (55 - n)) & 0x7fffffffffffffL); + } + r[0] = (a[0] >> n) | (sp_digit)(((sp_uint64)a[1] << (55 - n)) & 0x7fffffffffffffL); + r[1] = (a[1] >> n) | (sp_digit)(((sp_uint64)a[2] << (55 - n)) & 0x7fffffffffffffL); + r[2] = (a[2] >> n) | (sp_digit)(((sp_uint64)a[3] << (55 - n)) & 0x7fffffffffffffL); + r[3] = (a[3] >> n) | (sp_digit)(((sp_uint64)a[4] << (55 - n)) & 0x7fffffffffffffL); + r[4] = (a[4] >> n) | (sp_digit)(((sp_uint64)a[5] << (55 - n)) & 0x7fffffffffffffL); + r[5] = (a[5] >> n) | (sp_digit)(((sp_uint64)a[6] << (55 - n)) & 0x7fffffffffffffL); #endif /* WOLFSSL_SP_SMALL */ r[6] = a[6] >> n; } @@ -33088,7 +33088,7 @@ SP_NOINLINE static void sp_384_lshift_14(sp_digit* r, const sp_digit* a, r[14] = a[13] >> (55 - n); for (i=13; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (55 - n))) & 0x7fffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (55 - n))) & 0x7fffffffffffffL); } #else sp_int_digit s; @@ -33123,7 +33123,7 @@ SP_NOINLINE static void sp_384_lshift_14(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x7fffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x7fffffffffffffL); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -35101,7 +35101,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x3ffffffffffffffL; s = 58U - s; if (j + 1 >= size) { @@ -35136,7 +35136,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 58) { r[j] &= 0x3ffffffffffffffL; if (j + 1 >= size) { @@ -35202,7 +35202,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -35227,7 +35227,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 58 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -35308,10 +35308,10 @@ static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) (void)mp; for (i = 0; i < 8; i++) { - a[i] += (sp_digit)(((a[8 + i] >> 57) + (a[8 + i + 1] << 1)) & 0x3ffffffffffffffL); + a[i] += (sp_digit)(((a[8 + i] >> 57) + ((sp_uint64)a[8 + i + 1] << 1)) & 0x3ffffffffffffffL); } a[8] &= 0x1ffffffffffffff; - a[8] += (sp_digit)(((a[16] >> 57) + (a[17] << 1)) & 0x3ffffffffffffffL); + a[8] += (sp_digit)(((a[16] >> 57) + ((sp_uint64)a[17] << 1)) & 0x3ffffffffffffffL); sp_521_norm_9(a); @@ -35577,7 +35577,7 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 9); for (i=519; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 9); @@ -35809,17 +35809,17 @@ SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a) int i; for (i=0; i<8; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 57) & 0x3ffffffffffffffL); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint64)a[i + 1] << 57) & 0x3ffffffffffffffL); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 57) & 0x3ffffffffffffffL); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 57) & 0x3ffffffffffffffL); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 57) & 0x3ffffffffffffffL); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 57) & 0x3ffffffffffffffL); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 57) & 0x3ffffffffffffffL); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 57) & 0x3ffffffffffffffL); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 57) & 0x3ffffffffffffffL); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 57) & 0x3ffffffffffffffL); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint64)a[1] << 57) & 0x3ffffffffffffffL); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint64)a[2] << 57) & 0x3ffffffffffffffL); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint64)a[3] << 57) & 0x3ffffffffffffffL); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint64)a[4] << 57) & 0x3ffffffffffffffL); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint64)a[5] << 57) & 0x3ffffffffffffffL); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint64)a[6] << 57) & 0x3ffffffffffffffL); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint64)a[7] << 57) & 0x3ffffffffffffffL); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint64)a[8] << 57) & 0x3ffffffffffffffL); #endif r[8] = a[8] >> 1; } @@ -36425,7 +36425,7 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, if (err == MP_OKAY) { i = 8; c = 57; - n = k[i--] << (58 - c); + n = (sp_uint64)k[i--] << (58 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -36436,7 +36436,7 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, } y = (n >> 57) & 1; - n <<= 1; + n = (sp_uint64)n << 1; sp_521_proj_point_add_9(&t[y^1], &t[0], &t[1], tmp); @@ -36495,7 +36495,7 @@ static int sp_521_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, XMEMSET(ctx->t, 0, sizeof(sp_point_521) * 3); ctx->i = 8; ctx->c = 57; - ctx->n = k[ctx->i--] << (58 - ctx->c); + ctx->n = (sp_uint64)k[ctx->i--] << (58 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -36525,7 +36525,7 @@ static int sp_521_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, ctx->c = 58; } ctx->y = (ctx->n >> 57) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -36928,7 +36928,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (58 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (58 - o)) & 0x3f); o -= 52; n >>= o; } @@ -39688,7 +39688,7 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 50U) { r[j] &= 0x3ffffffffffffffL; s = 58U - s; @@ -39910,7 +39910,7 @@ static void sp_521_to_bin_9(sp_digit* r, byte* a) for (i=0; i<9 && j>=0; i++) { b = 0; /* lint allow cast of mismatch sp_digit and int */ - a[j--] |= (byte)(r[i] << s); /*lint !e9033*/ + a[j--] |= (byte)((sp_uint64)r[i] << s); /*lint !e9033*/ b += 8 - s; if (j < 0) { break; @@ -40032,18 +40032,18 @@ SP_NOINLINE static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<8; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (58 - n))) & 0x3ffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (58 - n))) & 0x3ffffffffffffffL); } #else for (i=0; i<8; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (58 - n)) & 0x3ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (58 - n)) & 0x3ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (58 - n)) & 0x3ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (58 - n)) & 0x3ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (58 - n)) & 0x3ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (58 - n)) & 0x3ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (58 - n)) & 0x3ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (58 - n)) & 0x3ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (58 - n)) & 0x3ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (58 - n)) & 0x3ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (58 - n)) & 0x3ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (58 - n)) & 0x3ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (58 - n)) & 0x3ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (58 - n)) & 0x3ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (58 - n)) & 0x3ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (58 - n)) & 0x3ffffffffffffffL); } #endif /* WOLFSSL_SP_SMALL */ r[8] = a[8] >> n; @@ -40105,7 +40105,7 @@ SP_NOINLINE static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, r[18] = a[17] >> (58 - n); for (i=17; i>0; i--) { - r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (58 - n))) & 0x3ffffffffffffffL); + r[i] = (sp_digit)((((sp_uint64)a[i] << n) | (a[i-1] >> (58 - n))) & 0x3ffffffffffffffL); } #else sp_int_digit s; @@ -40148,7 +40148,7 @@ SP_NOINLINE static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]); r[1] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL); #endif /* WOLFSSL_SP_SMALL */ - r[0] = (sp_digit)((a[0] << n) & 0x3ffffffffffffffL); + r[0] = (sp_digit)(((sp_uint64)a[0] << n) & 0x3ffffffffffffffL); } /* Divide d in a and put remainder into r (m*d + r = a) @@ -41565,7 +41565,7 @@ static int sp_521_mont_sqrt_9(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 9); for (i=518; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_sqrt_power[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 9); @@ -42351,20 +42351,20 @@ SP_NOINLINE static void sp_1024_rshift_18(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL for (i=0; i<17; i++) { - r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (57 - n))) & 0x1ffffffffffffffL); + r[i] = (sp_digit)(((a[i] >> n) | ((sp_uint64)a[i + 1] << (57 - n))) & 0x1ffffffffffffffL); } #else for (i=0; i<16; i += 8) { - r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL); - r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL); - r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL); - r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL); - r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL); - r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL); - r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL); - r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL); - } - r[16] = (a[16] >> n) | (sp_digit)((a[17] << (57 - n)) & 0x1ffffffffffffffL); + r[i+0] = (a[i+0] >> n) | (sp_digit)(((sp_uint64)a[i+1] << (57 - n)) & 0x1ffffffffffffffL); + r[i+1] = (a[i+1] >> n) | (sp_digit)(((sp_uint64)a[i+2] << (57 - n)) & 0x1ffffffffffffffL); + r[i+2] = (a[i+2] >> n) | (sp_digit)(((sp_uint64)a[i+3] << (57 - n)) & 0x1ffffffffffffffL); + r[i+3] = (a[i+3] >> n) | (sp_digit)(((sp_uint64)a[i+4] << (57 - n)) & 0x1ffffffffffffffL); + r[i+4] = (a[i+4] >> n) | (sp_digit)(((sp_uint64)a[i+5] << (57 - n)) & 0x1ffffffffffffffL); + r[i+5] = (a[i+5] >> n) | (sp_digit)(((sp_uint64)a[i+6] << (57 - n)) & 0x1ffffffffffffffL); + r[i+6] = (a[i+6] >> n) | (sp_digit)(((sp_uint64)a[i+7] << (57 - n)) & 0x1ffffffffffffffL); + r[i+7] = (a[i+7] >> n) | (sp_digit)(((sp_uint64)a[i+8] << (57 - n)) & 0x1ffffffffffffffL); + } + r[16] = (a[16] >> n) | (sp_digit)(((sp_uint64)a[17] << (57 - n)) & 0x1ffffffffffffffL); #endif /* WOLFSSL_SP_SMALL */ r[17] = a[17] >> n; } @@ -42404,7 +42404,7 @@ static WC_INLINE sp_digit sp_1024_div_word_18(sp_digit d1, sp_digit d0, t1 -= dv & (0 - r); for (i = 55; i >= 1; i--) { t1 += t1 + (((sp_uint64)t0 >> 56) & 1); - t0 <<= 1; + t0 = (sp_uint64)t0 << 1; t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63); r += r + t2; t1 -= dv & (0 - t2); @@ -42647,7 +42647,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0x1ffffffffffffffL; s = 57U - s; if (j + 1 >= size) { @@ -42682,7 +42682,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 57) { r[j] &= 0x1ffffffffffffffL; if (j + 1 >= size) { @@ -42748,7 +42748,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 18; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -42773,7 +42773,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 18; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 57 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -43009,11 +43009,11 @@ static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp) if (mp != 1) { for (i=0; i<17; i++) { - mu = (sp_digit)((a[i] * mp) & 0x1ffffffffffffffL); + mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL); sp_1024_mul_add_18(a+i, m, mu); a[i+1] += a[i] >> 57; } - mu = (sp_digit)((a[i] * mp) & 0x7fffffffffffffL); + mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7fffffffffffffL); sp_1024_mul_add_18(a+i, m, mu); a[i+1] += a[i] >> 57; a[i] &= 0x1ffffffffffffffL; @@ -43249,26 +43249,26 @@ SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a) int i; for (i=0; i<17; i++) { - r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 56) & 0x1ffffffffffffffL); + r[i] = (a[i] >> 1) + (sp_digit)(((sp_uint64)a[i + 1] << 56) & 0x1ffffffffffffffL); } #else - r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 56) & 0x1ffffffffffffffL); - r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 56) & 0x1ffffffffffffffL); - r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 56) & 0x1ffffffffffffffL); - r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 56) & 0x1ffffffffffffffL); - r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 56) & 0x1ffffffffffffffL); - r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 56) & 0x1ffffffffffffffL); - r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 56) & 0x1ffffffffffffffL); - r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 56) & 0x1ffffffffffffffL); - r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 56) & 0x1ffffffffffffffL); - r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 56) & 0x1ffffffffffffffL); - r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 56) & 0x1ffffffffffffffL); - r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 56) & 0x1ffffffffffffffL); - r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 56) & 0x1ffffffffffffffL); - r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 56) & 0x1ffffffffffffffL); - r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 56) & 0x1ffffffffffffffL); - r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 56) & 0x1ffffffffffffffL); - r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 56) & 0x1ffffffffffffffL); + r[0] = (a[0] >> 1) + (sp_digit)(((sp_uint64)a[1] << 56) & 0x1ffffffffffffffL); + r[1] = (a[1] >> 1) + (sp_digit)(((sp_uint64)a[2] << 56) & 0x1ffffffffffffffL); + r[2] = (a[2] >> 1) + (sp_digit)(((sp_uint64)a[3] << 56) & 0x1ffffffffffffffL); + r[3] = (a[3] >> 1) + (sp_digit)(((sp_uint64)a[4] << 56) & 0x1ffffffffffffffL); + r[4] = (a[4] >> 1) + (sp_digit)(((sp_uint64)a[5] << 56) & 0x1ffffffffffffffL); + r[5] = (a[5] >> 1) + (sp_digit)(((sp_uint64)a[6] << 56) & 0x1ffffffffffffffL); + r[6] = (a[6] >> 1) + (sp_digit)(((sp_uint64)a[7] << 56) & 0x1ffffffffffffffL); + r[7] = (a[7] >> 1) + (sp_digit)(((sp_uint64)a[8] << 56) & 0x1ffffffffffffffL); + r[8] = (a[8] >> 1) + (sp_digit)(((sp_uint64)a[9] << 56) & 0x1ffffffffffffffL); + r[9] = (a[9] >> 1) + (sp_digit)(((sp_uint64)a[10] << 56) & 0x1ffffffffffffffL); + r[10] = (a[10] >> 1) + (sp_digit)(((sp_uint64)a[11] << 56) & 0x1ffffffffffffffL); + r[11] = (a[11] >> 1) + (sp_digit)(((sp_uint64)a[12] << 56) & 0x1ffffffffffffffL); + r[12] = (a[12] >> 1) + (sp_digit)(((sp_uint64)a[13] << 56) & 0x1ffffffffffffffL); + r[13] = (a[13] >> 1) + (sp_digit)(((sp_uint64)a[14] << 56) & 0x1ffffffffffffffL); + r[14] = (a[14] >> 1) + (sp_digit)(((sp_uint64)a[15] << 56) & 0x1ffffffffffffffL); + r[15] = (a[15] >> 1) + (sp_digit)(((sp_uint64)a[16] << 56) & 0x1ffffffffffffffL); + r[16] = (a[16] >> 1) + (sp_digit)(((sp_uint64)a[17] << 56) & 0x1ffffffffffffffL); #endif r[17] = a[17] >> 1; } @@ -43860,7 +43860,7 @@ static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, if (err == MP_OKAY) { i = 17; c = 55; - n = k[i--] << (57 - c); + n = (sp_uint64)k[i--] << (57 - c); for (; ; c--) { if (c == 0) { if (i == -1) @@ -43871,7 +43871,7 @@ static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, } y = (n >> 56) & 1; - n <<= 1; + n = (sp_uint64)n << 1; sp_1024_proj_point_add_18(&t[y^1], &t[0], &t[1], tmp); @@ -43930,7 +43930,7 @@ static int sp_1024_ecc_mulmod_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, XMEMSET(ctx->t, 0, sizeof(sp_point_1024) * 3); ctx->i = 17; ctx->c = 55; - ctx->n = k[ctx->i--] << (57 - ctx->c); + ctx->n = (sp_uint64)k[ctx->i--] << (57 - ctx->c); /* t[0] = {0, 0, 1} * norm */ ctx->t[0].infinity = 1; @@ -43960,7 +43960,7 @@ static int sp_1024_ecc_mulmod_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, ctx->c = 57; } ctx->y = (ctx->n >> 56) & 1; - ctx->n <<= 1; + ctx->n = (sp_uint64)ctx->n << 1; XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx)); ctx->state = 5; break; @@ -44389,7 +44389,7 @@ static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v) } else if (++j < 18) { n = k[j]; - y |= (word8)((n << (57 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (57 - o)) & 0x7f); o -= 50; n >>= o; } @@ -51732,7 +51732,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) r[0] = 0; for (i = n-1; i >= 0; i--) { - r[j] |= (((sp_digit)a[i]) << s); + r[j] |= (((sp_uint64)a[i]) << s); if (s >= 49U) { r[j] &= 0x1ffffffffffffffL; s = 57U - s; diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c index 9a334f4d4a4..f0e755636f2 100644 --- a/wolfcrypt/src/sp_cortexm.c +++ b/wolfcrypt/src/sp_cortexm.c @@ -141,10 +141,10 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -199,7 +199,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -234,7 +234,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -3136,17 +3136,17 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -5600,10 +5600,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -5612,14 +5612,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -5627,12 +5627,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -5753,10 +5753,10 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -5765,14 +5765,14 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 32); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -5780,12 +5780,12 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -8772,10 +8772,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -8784,14 +8784,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -8799,12 +8799,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -8908,10 +8908,10 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -8920,14 +8920,14 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 64); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -8935,12 +8935,12 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -9013,7 +9013,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -9505,7 +9505,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -9530,7 +9530,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -10064,10 +10064,10 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -10076,14 +10076,14 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_2048_lshift_64(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -10091,12 +10091,12 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -10264,10 +10264,10 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -10322,7 +10322,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -10357,7 +10357,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -14361,17 +14361,17 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -17505,10 +17505,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -17517,14 +17517,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -17532,12 +17532,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -17658,10 +17658,10 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -17670,14 +17670,14 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 48); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -17685,12 +17685,12 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -21613,10 +21613,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -21625,14 +21625,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -21640,12 +21640,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -21749,10 +21749,10 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -21761,14 +21761,14 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 96); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -21776,12 +21776,12 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -21854,7 +21854,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -22402,7 +22402,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -22427,7 +22427,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 96; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -23153,10 +23153,10 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -23165,14 +23165,14 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_3072_lshift_96(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -23180,12 +23180,12 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -23353,10 +23353,10 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -23411,7 +23411,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -23446,7 +23446,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -24488,17 +24488,17 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint32 x; + sp_uint32 b; - b = a[0]; + b = (sp_uint32)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ x *= 2 - b * x; /* here x*a==1 mod 2**32 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int32)0 - (sp_int32)x); } #ifdef WOLFSSL_SP_SMALL @@ -30072,10 +30072,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -30084,14 +30084,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=3; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 29); - n <<= 3; + n = (sp_uint32)n << 3; c = 29; } else if (c < 3) { @@ -30099,12 +30099,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 3 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 29) & 0x7); - n <<= 3; + n = (sp_uint32)n << 3; c -= 3; } @@ -30208,10 +30208,10 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -30220,14 +30220,14 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } XMEMCPY(r, t[y], sizeof(sp_digit) * 128); for (; i>=0 || c>=4; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 28); - n <<= 4; + n = (sp_uint32)n << 4; c = 28; } else if (c < 4) { @@ -30235,12 +30235,12 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e n = e[i--]; c = 4 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 28) & 0xf); - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; } @@ -30313,7 +30313,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #else e[0] = em->dp[0]; if (em->used > 1) { - e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT; + e[0] |= ((sp_uint32)em->dp[1]) << DIGIT_BIT; } #endif if (e[0] == 0) { @@ -30917,7 +30917,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -30942,7 +30942,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 128; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -31860,10 +31860,10 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, if (c < 0) { /* Number of bits in top word is less than number needed. */ c = -c; - y = (byte)(n << c); + y = (byte)((sp_uint32)n << c); n = e[i--]; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else if (c == 0) { @@ -31872,14 +31872,14 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, } else { y = (byte)(n >> c); - n <<= 32 - c; + n = (sp_uint32)n << (32 - c); } sp_4096_lshift_128(r, norm, y); for (; i>=0 || c>=5; ) { if (c == 0) { n = e[i--]; y = (byte)(n >> 27); - n <<= 5; + n = (sp_uint32)n << 5; c = 27; } else if (c < 5) { @@ -31887,12 +31887,12 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, n = e[i--]; c = 5 - c; y |= (byte)(n >> (32 - c)); - n <<= c; + n = (sp_uint32)n << c; c = 32 - c; } else { y = (byte)((n >> 27) & 0x1f); - n <<= 5; + n = (sp_uint32)n << 5; c -= 5; } @@ -33632,7 +33632,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -33667,7 +33667,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -33733,7 +33733,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -33758,7 +33758,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 8; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -35269,7 +35269,7 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 8); for (i=254; i>=0; i--) { sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p256_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 8); @@ -37352,7 +37352,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons t[15].infinity = 0; i = 6; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -37365,14 +37365,14 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons { XMEMCPY(rt, &t[y], sizeof(sp_point_256)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_256_proj_point_dbl_8(rt, rt, tmp); @@ -40038,10 +40038,10 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -45025,7 +45025,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -45060,7 +45060,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -45126,7 +45126,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -45151,7 +45151,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 12; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -45703,7 +45703,7 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 12); for (i=382; i>=0; i--) { sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p384_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 12); @@ -47444,7 +47444,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con t[15].infinity = 0; i = 10; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); #ifndef WC_NO_CACHE_RESISTANT @@ -47457,14 +47457,14 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_384)); } - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_384_proj_point_dbl_12(rt, rt, tmp); @@ -50168,10 +50168,10 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -56725,7 +56725,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -56760,7 +56760,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -56826,7 +56826,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -56851,7 +56851,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 17; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -57804,7 +57804,7 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 17); for (i=519; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_mod_minus_2[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 17); @@ -58677,7 +58677,7 @@ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* (void)m; - sp_521_rshift1_17(r, r); + sp_521_rshift1_17(r, a); r[16] |= o << 8; } @@ -59407,7 +59407,7 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con t[15].infinity = 0; i = 15; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 5; y = (int)(n >> 5); #ifndef WC_NO_CACHE_RESISTANT @@ -59420,15 +59420,15 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con { XMEMCPY(rt, &t[y], sizeof(sp_point_521)); } - n <<= 27; + n = (sp_uint32)n << (27); for (; i>=0 || c>=4; ) { if (c < 4) { - n = (k[i+1] << 31) | (k[i] >> 1); + n = ((sp_uint32)k[i+1] << 31) | (k[i] >> 1); i--; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_521_proj_point_dbl_17(rt, rt, tmp); @@ -62738,10 +62738,10 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } @@ -66139,7 +66139,7 @@ static int sp_521_mont_sqrt_17(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 17); for (i=518; i>=0; i--) { sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32))) + if (p521_sqrt_power[i / 32] & ((sp_uint32)1 << (i % 32))) sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 17); @@ -71319,7 +71319,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint32)a->dp[i] << s); r[j] &= 0xffffffff; s = 32U - s; if (j + 1 >= size) { @@ -71354,7 +71354,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint32)a->dp[i]) << s; if (s + DIGIT_BIT >= 32) { r[j] &= 0xffffffff; if (j + 1 >= size) { @@ -71420,7 +71420,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint32)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -71445,7 +71445,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint32)a[i]) << s; if (s + 32 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -74032,18 +74032,18 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, t[15].infinity = 0; i = 30; - n = k[i+1] << 0; + n = (sp_uint32)k[i+1] << 0; c = 28; y = (int)(n >> 28); XMEMCPY(rt, &t[y], sizeof(sp_point_1024)); - n <<= 4; + n = (sp_uint32)n << (4); for (; i>=0 || c>=4; ) { if (c < 4) { n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; - n <<= 4; + n = (sp_uint32)n << 4; c -= 4; sp_1024_proj_point_dbl_32(rt, rt, tmp); @@ -82148,10 +82148,10 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) j = 0; for (i = n - 1; i >= 3; i -= 4) { - r[j] = ((sp_digit)a[i - 0] << 0) | - ((sp_digit)a[i - 1] << 8) | - ((sp_digit)a[i - 2] << 16) | - ((sp_digit)a[i - 3] << 24); + r[j] = ((sp_uint32)a[i - 0] << 0) | + ((sp_uint32)a[i - 1] << 8) | + ((sp_uint32)a[i - 2] << 16) | + ((sp_uint32)a[i - 3] << 24); j++; } diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index 37a4bac2325..fbf63bc6445 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -188,7 +188,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -223,7 +223,7 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -397,10 +397,10 @@ extern sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b); */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -408,7 +408,7 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } #ifdef __cplusplus @@ -2361,7 +2361,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -2386,7 +2386,7 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 32; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -2958,7 +2958,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -2993,7 +2993,7 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -3206,10 +3206,10 @@ extern void sp_3072_sqr_avx2_48(sp_digit* r, const sp_digit* a); */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -3217,7 +3217,7 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } #ifdef __cplusplus @@ -5066,7 +5066,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 48; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -5091,7 +5091,7 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 48; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -5663,7 +5663,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -5698,7 +5698,7 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -5827,10 +5827,10 @@ extern void sp_4096_sqr_avx2_64(sp_digit* r, const sp_digit* a); */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { - sp_digit x; - sp_digit b; + sp_uint64 x; + sp_uint64 b; - b = a[0]; + b = (sp_uint64)a[0]; x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ x *= 2 - b * x; /* here x*a==1 mod 2**8 */ x *= 2 - b * x; /* here x*a==1 mod 2**16 */ @@ -5838,7 +5838,7 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) x *= 2 - b * x; /* here x*a==1 mod 2**64 */ /* rho = -1/m mod b */ - *rho = (sp_digit)0 - x; + *rho = (sp_digit)((sp_int64)0 - (sp_int64)x); } #ifdef __cplusplus @@ -7027,7 +7027,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -7052,7 +7052,7 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 64; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -7697,10 +7697,10 @@ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* t[5] += t[4] >> 32; t[4] &= 0xffffffff; t[6] += t[5] >> 32; t[5] &= 0xffffffff; t[7] += t[6] >> 32; t[6] &= 0xffffffff; - r[0] = (sp_digit)((t[1] << 32) | t[0]); - r[1] = (sp_digit)((t[3] << 32) | t[2]); - r[2] = (sp_digit)((t[5] << 32) | t[4]); - r[3] = (sp_digit)((t[7] << 32) | t[6]); + r[0] = (sp_digit)(((sp_uint64)t[1] << 32) | (sp_uint64)t[0]); + r[1] = (sp_digit)(((sp_uint64)t[3] << 32) | (sp_uint64)t[2]); + r[2] = (sp_digit)(((sp_uint64)t[5] << 32) | (sp_uint64)t[4]); + r[3] = (sp_digit)(((sp_uint64)t[7] << 32) | (sp_uint64)t[6]); return MP_OKAY; } @@ -7731,7 +7731,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -7766,7 +7766,7 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -7832,7 +7832,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 4; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -7857,7 +7857,7 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 4; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -7964,7 +7964,7 @@ static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 4); for (i=254; i>=0; i--) { sp_256_mont_sqr_4(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p256_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_256_mont_mul_4(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 4); @@ -8935,7 +8935,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) } else if (++j < 4) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -9138,7 +9138,7 @@ static void sp_256_mont_inv_avx2_4(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 4); for (i=254; i>=0; i--) { sp_256_mont_sqr_avx2_4(t, t, p256_mod, p256_mp_mod); - if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p256_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_256_mont_mul_avx2_4(t, t, a, p256_mod, p256_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 4); @@ -11459,7 +11459,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) } else if (++j < 4) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -26383,12 +26383,12 @@ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* t[10] += t[9] >> 32; t[9] &= 0xffffffff; t[11] += t[10] >> 32; t[10] &= 0xffffffff; - r[0] = (sp_digit)((t[1] << 32) | t[0]); - r[1] = (sp_digit)((t[3] << 32) | t[2]); - r[2] = (sp_digit)((t[5] << 32) | t[4]); - r[3] = (sp_digit)((t[7] << 32) | t[6]); - r[4] = (sp_digit)((t[9] << 32) | t[8]); - r[5] = (sp_digit)((t[11] << 32) | t[10]); + r[0] = (sp_digit)(((sp_uint64)t[1] << 32) | (sp_uint64)t[0]); + r[1] = (sp_digit)(((sp_uint64)t[3] << 32) | (sp_uint64)t[2]); + r[2] = (sp_digit)(((sp_uint64)t[5] << 32) | (sp_uint64)t[4]); + r[3] = (sp_digit)(((sp_uint64)t[7] << 32) | (sp_uint64)t[6]); + r[4] = (sp_digit)(((sp_uint64)t[9] << 32) | (sp_uint64)t[8]); + r[5] = (sp_digit)(((sp_uint64)t[11] << 32) | (sp_uint64)t[10]); } SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC); @@ -26422,7 +26422,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -26457,7 +26457,7 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -26523,7 +26523,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 6; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -26548,7 +26548,7 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 6; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -26692,7 +26692,7 @@ static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 6); for (i=382; i>=0; i--) { sp_384_mont_sqr_6(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p384_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_384_mont_mul_6(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 6); @@ -27669,7 +27669,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) } else if (++j < 6) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -27900,7 +27900,7 @@ static void sp_384_mont_inv_avx2_6(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 6); for (i=382; i>=0; i--) { sp_384_mont_sqr_avx2_6(t, t, p384_mod, p384_mp_mod); - if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p384_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_384_mont_mul_avx2_6(t, t, a, p384_mod, p384_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 6); @@ -30252,7 +30252,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) } else if (++j < 6) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -50953,7 +50953,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -50988,7 +50988,7 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -51054,7 +51054,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -51079,7 +51079,7 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 9; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -51187,7 +51187,7 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 9); for (i=519; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 9); @@ -52183,7 +52183,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x3f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x3f); o -= 58; n >>= o; } @@ -52386,7 +52386,7 @@ static void sp_521_mont_inv_avx2_9(sp_digit* r, const sp_digit* a, sp_digit* td) XMEMCPY(t, a, sizeof(sp_digit) * 9); for (i=519; i>=0; i--) { sp_521_mont_sqr_avx2_9(t, t, p521_mod, p521_mp_mod); - if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_mod_minus_2[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_avx2_9(t, t, a, p521_mod, p521_mp_mod); } XMEMCPY(r, t, sizeof(sp_digit) * 9); @@ -54869,7 +54869,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) } else if (++j < 9) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; } @@ -91333,7 +91333,7 @@ static int sp_521_mont_sqrt_9(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 9); for (i=518; i>=0; i--) { sp_521_mont_sqr_avx2_9(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_sqrt_power[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_avx2_9(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 9); @@ -91347,7 +91347,7 @@ static int sp_521_mont_sqrt_9(sp_digit* y) XMEMCPY(t, y, sizeof(sp_digit) * 9); for (i=518; i>=0; i--) { sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod); - if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64))) + if (p521_sqrt_power[i / 64] & ((sp_uint64)1 << (i % 64))) sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod); } XMEMCPY(y, t, sizeof(sp_digit) * 9); @@ -91870,7 +91870,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i] << s); + r[j] |= ((sp_uint64)a->dp[i] << s); r[j] &= 0xffffffffffffffffl; s = 64U - s; if (j + 1 >= size) { @@ -91905,7 +91905,7 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) r[0] = 0; for (i = 0; i < (unsigned int)a->used && j < size; i++) { - r[j] |= ((sp_digit)a->dp[i]) << s; + r[j] |= ((sp_uint64)a->dp[i]) << s; if (s + DIGIT_BIT >= 64) { r[j] &= 0xffffffffffffffffl; if (j + 1 >= size) { @@ -91971,7 +91971,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 16; i++) { - r->dp[j] |= (mp_digit)(a[i] << s); + r->dp[j] |= (mp_digit)((sp_uint64)a[i] << s); r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; s = DIGIT_BIT - s; r->dp[++j] = (mp_digit)(a[i] >> s); @@ -91996,7 +91996,7 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) r->dp[0] = 0; for (i = 0; i < 16; i++) { - r->dp[j] |= ((mp_digit)a[i]) << s; + r->dp[j] |= ((sp_uint64)a[i]) << s; if (s + 64 >= DIGIT_BIT) { #if DIGIT_BIT != 32 && DIGIT_BIT != 64 r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1; @@ -93058,7 +93058,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) } else if (++j < 16) { n = k[j]; - y |= (word8)((n << (64 - o)) & 0x7f); + y |= (word8)(((sp_uint64)n << (64 - o)) & 0x7f); o -= 57; n >>= o; }