自学教程：C++ BN_mul_word函数代码示例

//.........这里部分代码省略.........						tmp=A; /* keep the BIGNUM object, the value does not matter */						/* (A, B) := (B, A mod B) ... */			A=B;			B=M;			/* ... so we have  0 <= B < A  again */						/* Since the former  M  is now  B  and the former  B  is now  A,			 * (**) translates into			 *       sign*Y*a  ==  D*A + B    (mod |n|),			 * i.e.			 *       sign*Y*a - D*A  ==  B    (mod |n|).			 * Similarly, (*) translates into			 *      -sign*X*a  ==  A          (mod |n|).			 *			 * Thus,			 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),			 * i.e.			 *        sign*(Y + D*X)*a  ==  B  (mod |n|).			 *			 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at			 *      -sign*X*a  ==  B   (mod |n|),			 *       sign*Y*a  ==  A   (mod |n|).			 * Note that  X  and  Y  stay non-negative all the time.			 */						/* most of the time D is very small, so we can optimize tmp := D*X+Y */			if (BN_is_one(D))				{				if (!BN_add(tmp,X,Y)) goto err;				}			else				{				if (BN_is_word(D,2))					{					if (!BN_lshift1(tmp,X)) goto err;					}				else if (BN_is_word(D,4))					{					if (!BN_lshift(tmp,X,2)) goto err;					}				else if (D->top == 1)					{					if (!BN_copy(tmp,X)) goto err;					if (!BN_mul_word(tmp,D->d[0])) goto err;					}				else					{					if (!BN_mul(tmp,D,X,ctx)) goto err;					}				if (!BN_add(tmp,tmp,Y)) goto err;				}						M=Y; /* keep the BIGNUM object, the value does not matter */			Y=X;			X=tmp;			sign = -sign;			}		}			/*	 * The while loop (Euclid's algorithm) ends when	 *      A == gcd(a,n);	 * we have	 *       sign*Y*a  ==  A  (mod |n|),	 * where  Y  is non-negative.	 */	if (sign < 0)		{		if (!BN_sub(Y,n,Y)) goto err;		}	/* Now  Y*a  ==  A  (mod |n|).  */		if (BN_is_one(A))		{		/* Y*a == 1  (mod |n|) */		if (!Y->neg && BN_ucmp(Y,n) < 0)			{			if (!BN_copy(R,Y)) goto err;			}		else			{			if (!BN_nnmod(R,Y,n,ctx)) goto err;			}		}	else		{		BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);		goto err;		}	ret=R;err:	if ((ret == NULL) && (in == NULL)) BN_free(R);	BN_CTX_end(ctx);	bn_check_top(ret);	return(ret);	}

// Perform ECDSA key recovery (see SEC1 4.1.6) for curves over (mod p)-fields// recid selects which key is recovered// if check is nonzero, additional checks are performedint ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned char *msg, int msglen, int recid, int check){    if (!eckey) return 0;    int ret = 0;    BN_CTX *ctx = NULL;    BIGNUM *x = NULL;    BIGNUM *e = NULL;    BIGNUM *order = NULL;    BIGNUM *sor = NULL;    BIGNUM *eor = NULL;    BIGNUM *field = NULL;    EC_POINT *R = NULL;    EC_POINT *O = NULL;    EC_POINT *Q = NULL;    BIGNUM *rr = NULL;    BIGNUM *zero = NULL;    int n = 0;    int i = recid / 2;    const EC_GROUP *group = EC_KEY_get0_group(eckey);    if ((ctx = BN_CTX_new()) == NULL) { ret = -1; goto err; }    BN_CTX_start(ctx);    order = BN_CTX_get(ctx);    if (!EC_GROUP_get_order(group, order, ctx)) { ret = -2; goto err; }    x = BN_CTX_get(ctx);    if (!BN_copy(x, order)) { ret=-1; goto err; }    if (!BN_mul_word(x, i)) { ret=-1; goto err; }    if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; }    field = BN_CTX_get(ctx);    if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; }    if (BN_cmp(x, field) >= 0) { ret=0; goto err; }    if ((R = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }    if (!EC_POINT_set_compressed_coordinates_GFp(group, R, x, recid % 2, ctx)) { ret=0; goto err; }    if (check)    {        if ((O = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }        if (!EC_POINT_mul(group, O, NULL, R, order, ctx)) { ret=-2; goto err; }        if (!EC_POINT_is_at_infinity(group, O)) { ret = 0; goto err; }    }    if ((Q = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }    n = EC_GROUP_get_degree(group);    e = BN_CTX_get(ctx);    if (!BN_bin2bn(msg, msglen, e)) { ret=-1; goto err; }    if (8*msglen > n) BN_rshift(e, e, 8-(n & 7));    zero = BN_CTX_get(ctx);    if (!BN_zero(zero)) { ret=-1; goto err; }    if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; }    rr = BN_CTX_get(ctx);    if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; }    sor = BN_CTX_get(ctx);    if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; }    eor = BN_CTX_get(ctx);    if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; }    if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; }    if (!EC_KEY_set_public_key(eckey, Q)) { ret=-2; goto err; }    ret = 1;err:    if (ctx) {        BN_CTX_end(ctx);        BN_CTX_free(ctx);    }    if (R != NULL) EC_POINT_free(R);    if (O != NULL) EC_POINT_free(O);    if (Q != NULL) EC_POINT_free(Q);    return ret;}

voidprintnumber(FILE *f, const struct number *b, u_int base){	struct number	*int_part, *fract_part;	int		digits;	char		buf[11];	size_t		sz;	int		i;	struct stack	stack;	char		*p;	charcount = 0;	lastchar = -1;	if (BN_is_zero(b->number))		putcharwrap(f, '0');	int_part = new_number();	fract_part = new_number();	fract_part->scale = b->scale;	if (base <= 16)		digits = 1;	else {		digits = snprintf(buf, sizeof(buf), "%u", base-1);	}	split_number(b, int_part->number, fract_part->number);	i = 0;	stack_init(&stack);	while (!BN_is_zero(int_part->number)) {		BN_ULONG rem = BN_div_word(int_part->number, base);		stack_pushstring(&stack, get_digit(rem, digits, base));		i++;	}	sz = i;	if (BN_cmp(b->number, &zero) < 0)		putcharwrap(f, '-');	for (i = 0; i < sz; i++) {		p = stack_popstring(&stack);		if (base > 16)			putcharwrap(f, ' ');		printwrap(f, p);		free(p);	}	stack_clear(&stack);	if (b->scale > 0) {		struct number	*num_base;		BIGNUM		mult, stop;		putcharwrap(f, '.');		num_base = new_number();		bn_check(BN_set_word(num_base->number, base));		BN_init(&mult);		bn_check(BN_one(&mult));		BN_init(&stop);		bn_check(BN_one(&stop));		scale_number(&stop, b->scale);		i = 0;		while (BN_cmp(&mult, &stop) < 0) {			u_long	rem;			if (i && base > 16)				putcharwrap(f, ' ');			i = 1;			bmul_number(fract_part, fract_part, num_base);			split_number(fract_part, int_part->number, NULL);			rem = BN_get_word(int_part->number);			p = get_digit(rem, digits, base);			int_part->scale = 0;			normalize(int_part, fract_part->scale);			bn_check(BN_sub(fract_part->number, fract_part->number,			    int_part->number));			printwrap(f, p);			free(p);			bn_check(BN_mul_word(&mult, base));		}		free_number(num_base);		BN_free(&mult);		BN_free(&stop);	}	flushwrap(f);	free_number(int_part);	free_number(fract_part);}

inta2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num){	int i, first, len = 0, c, use_bn;	char ftmp[24], *tmp = ftmp;	int tmpsize = sizeof ftmp;	const char *p;	unsigned long l;	BIGNUM *bl = NULL;	if (num == 0)		return (0);	else if (num == -1)		num = strlen(buf);	p = buf;	c = *(p++);	num--;	if ((c >= '0') && (c <= '2')) {		first= c-'0';	} else {		ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);		goto err;	}	if (num <= 0) {		ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);		goto err;	}	c = *(p++);	num--;	for (;;) {		if (num <= 0)			break;		if ((c != '.') && (c != ' ')) {			ASN1err(ASN1_F_A2D_ASN1_OBJECT,			    ASN1_R_INVALID_SEPARATOR);			goto err;		}		l = 0;		use_bn = 0;		for (;;) {			if (num <= 0)				break;			num--;			c = *(p++);			if ((c == ' ') || (c == '.'))				break;			if ((c < '0') || (c > '9')) {				ASN1err(ASN1_F_A2D_ASN1_OBJECT,				    ASN1_R_INVALID_DIGIT);				goto err;			}			if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {				use_bn = 1;				if (!bl)					bl = BN_new();				if (!bl || !BN_set_word(bl, l))					goto err;			}			if (use_bn) {				if (!BN_mul_word(bl, 10L) ||				    !BN_add_word(bl, c-'0'))					goto err;			} else				l = l * 10L + (long)(c - '0');		}		if (len == 0) {			if ((first < 2) && (l >= 40)) {				ASN1err(ASN1_F_A2D_ASN1_OBJECT,				    ASN1_R_SECOND_NUMBER_TOO_LARGE);				goto err;			}			if (use_bn) {				if (!BN_add_word(bl, first * 40))					goto err;			} else				l += (long)first * 40;		}		i = 0;		if (use_bn) {			int blsize;			blsize = BN_num_bits(bl);			blsize = (blsize + 6) / 7;			if (blsize > tmpsize) {				if (tmp != ftmp)					free(tmp);				tmpsize = blsize + 32;				tmp = malloc(tmpsize);				if (!tmp)					goto err;			}			while (blsize--)				tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);		} else {			for (;;) {				tmp[i++] = (unsigned char)l & 0x7f;				l >>= 7L;				if (l == 0L)//.........这里部分代码省略.........

int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx){    int ret = 0;    BIGNUM *a, *b, *order, *tmp_1, *tmp_2;    const BIGNUM *p = group->field;    BN_CTX *new_ctx = NULL;    if (ctx == NULL) {        ctx = new_ctx = BN_CTX_new();        if (ctx == NULL) {            ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,                  ERR_R_MALLOC_FAILURE);            goto err;        }    }    BN_CTX_start(ctx);    a = BN_CTX_get(ctx);    b = BN_CTX_get(ctx);    tmp_1 = BN_CTX_get(ctx);    tmp_2 = BN_CTX_get(ctx);    order = BN_CTX_get(ctx);    if (order == NULL)        goto err;    if (group->meth->field_decode) {        if (!group->meth->field_decode(group, a, group->a, ctx))            goto err;        if (!group->meth->field_decode(group, b, group->b, ctx))            goto err;    } else {        if (!BN_copy(a, group->a))            goto err;        if (!BN_copy(b, group->b))            goto err;    }    /*-     * check the discriminant:     * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p)     * 0 =< a, b < p     */    if (BN_is_zero(a)) {        if (BN_is_zero(b))            goto err;    } else if (!BN_is_zero(b)) {        if (!BN_mod_sqr(tmp_1, a, p, ctx))            goto err;        if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx))            goto err;        if (!BN_lshift(tmp_1, tmp_2, 2))            goto err;        /* tmp_1 = 4*a^3 */        if (!BN_mod_sqr(tmp_2, b, p, ctx))            goto err;        if (!BN_mul_word(tmp_2, 27))            goto err;        /* tmp_2 = 27*b^2 */        if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx))            goto err;        if (BN_is_zero(a))            goto err;    }    ret = 1; err:    if (ctx != NULL)        BN_CTX_end(ctx);    BN_CTX_free(new_ctx);    return ret;}

BN& BN::operator*=(unsigned mul){	BN_mul_word(BNP, mul);	return *this;}

BN BN::operator*(unsigned mul) const{	BN result(*this);	BN_mul_word(PTR(result.dp), mul);	return result;}

/** * public static native boolean BN_mul_word(int, int) */static jboolean NativeBN_BN_mul_word(JNIEnv* env, jclass cls, BIGNUM *a, BN_ULONG w) {    if (!oneValidHandle(env, a)) return FALSE;    return BN_mul_word(a, w);}

extern "C" void Java_java_math_NativeBN_BN_1mul_1word(JNIEnv* env, jclass, jlong a, BN_ULONG w) {  if (!oneValidHandle(env, a)) return;  BN_mul_word(toBigNum(a), w);  throwExceptionIfNecessary(env);}