s/BN_BITS/BN_BITS2/ in |BN_mod_inverse_ex|; remove |BN_BITS| & |BN_MASK|.
The comment in |BN_mod_inverse_ex| makes it clear that |BN_BITS2| was
intended. Besides fixing the code to match the comment, remove
the now-unused |BN_BITS| and the already-unused |BN_MASK| to prevent
future confusion of this sort.
On MSVC builds there seems to be very little difference in performance
between the two code paths according to |bssl speed|.
Change-Id: I765b7b3d464e2057b1d7952af25b6deb2724976a
Reviewed-on: https://boringssl-review.googlesource.com/6525
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/bn/gcd.c b/crypto/bn/gcd.c
index e106149..41ca6d2 100644
--- a/crypto/bn/gcd.c
+++ b/crypto/bn/gcd.c
@@ -279,7 +279,7 @@
* sign*Y*a == A (mod |n|).
*/
- if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) {
+ if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS2 <= 32 ? 450 : 2048))) {
/* Binary inversion algorithm; requires odd modulus.
* This is faster than the general algorithm if the modulus
* is sufficiently small (about 400 .. 500 bits on 32-bit
diff --git a/crypto/bn/internal.h b/crypto/bn/internal.h
index 60f10c7..6bb54b5 100644
--- a/crypto/bn/internal.h
+++ b/crypto/bn/internal.h
@@ -148,11 +148,9 @@
#define BN_ULLONG __uint128_t
#endif
-#define BN_BITS 128
#define BN_BITS2 64
#define BN_BYTES 8
#define BN_BITS4 32
-#define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
#define BN_MASK2 (0xffffffffffffffffL)
#define BN_MASK2l (0xffffffffL)
#define BN_MASK2h (0xffffffff00000000L)
@@ -166,8 +164,6 @@
#define BN_LLONG int64_t
#define BN_ULLONG uint64_t
-#define BN_MASK (0xffffffffffffffffLL)
-#define BN_BITS 64
#define BN_BITS2 32
#define BN_BYTES 4
#define BN_BITS4 16