Remove the |ri| field of |BN_MONT_CTX|.
The |ri| field was only used in |BN_MONT_CTX_set|, so make it a local
variable of that function.
Change-Id: Id8c3d44ac2e30e3961311a7b1a6731fe2c33a0eb
Reviewed-on: https://boringssl-review.googlesource.com/6526
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/bn/montgomery.c b/crypto/bn/montgomery.c
index 07e1a41..18da0da 100644
--- a/crypto/bn/montgomery.c
+++ b/crypto/bn/montgomery.c
@@ -157,7 +157,6 @@
!BN_copy(&to->N, &from->N)) {
return NULL;
}
- to->ri = from->ri;
to->n0[0] = from->n0[0];
to->n0[1] = from->n0[1];
return to;
@@ -190,8 +189,6 @@
tmod.dmax = 2;
tmod.neg = 0;
- mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
-
#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2 <= 32)
/* Only certain BN_BITS2<=32 platforms actually make use of
* n0[1], and we could use the #else case (with a shorter R
@@ -275,9 +272,10 @@
mont->n0[1] = 0;
#endif
- /* setup RR for conversions */
+ /* RR = (2^ri)^2 == 2^(ri*2) == 1 << (ri*2), which has its (ri*2)th bit set. */
+ int ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
BN_zero(&(mont->RR));
- if (!BN_set_bit(&(mont->RR), mont->ri * 2)) {
+ if (!BN_set_bit(&(mont->RR), ri * 2)) {
goto err;
}
if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx)) {
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index cbc1ee7..bc30d0a 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -837,7 +837,6 @@
BIGNUM RR; /* used to convert to montgomery form */
BIGNUM N; /* The modulus */
BN_ULONG n0[2]; /* least significant words of (R*Ri-1)/N */
- int ri; /* number of bits in R */
};
OPENSSL_EXPORT unsigned BN_num_bits_word(BN_ULONG l);
