mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
dd1d7bcb69
FIPS 186-4 has 5 different algorithms for key generation, and all of them rely on testing GCD(a,n) == 1 many times. Cachegrind was showing that during a RSA keygen operation, the function BN_gcd() was taking a considerable percentage of the total cycles. The default provider uses multiprime keygen, which seemed to be much faster. This is because it uses BN_mod_inverse() instead. For a 4096 bit key, the entropy of a key that was taking a long time to generate was recorded and fed back into subsequent runs. Roughly 40% of the cycle time was BN_gcd() with most of the remainder in the prime testing. Changing to use the inverse resulted in the cycle count being 96% in the prime testing. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19578)
65 lines
1.9 KiB
Plaintext
65 lines
1.9 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd, BN_are_coprime
|
|
- BIGNUM comparison and test functions
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/bn.h>
|
|
|
|
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
|
|
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
|
|
|
|
int BN_is_zero(const BIGNUM *a);
|
|
int BN_is_one(const BIGNUM *a);
|
|
int BN_is_word(const BIGNUM *a, const BN_ULONG w);
|
|
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
|
|
int BN_is_odd(const BIGNUM *a);
|
|
|
|
int BN_are_coprime(BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
BN_cmp() compares the numbers I<a> and I<b>. BN_ucmp() compares their
|
|
absolute values.
|
|
|
|
BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if
|
|
I<a> equals 0, 1, I<w>, or E<verbar>I<w>E<verbar> respectively.
|
|
BN_is_odd() tests if I<a> is odd.
|
|
|
|
BN_are_coprime() determines if B<a> and B<b> are coprime.
|
|
B<ctx> is used internally for storing temporary variables.
|
|
The values of B<a> and B<b> and B<ctx> must not be NULL.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
BN_cmp() returns -1 if I<a> E<lt> I<b>, 0 if I<a> == I<b> and 1 if
|
|
I<a> E<gt> I<b>. BN_ucmp() is the same using the absolute values
|
|
of I<a> and I<b>.
|
|
|
|
BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and
|
|
BN_is_odd() return 1 if the condition is true, 0 otherwise.
|
|
|
|
BN_are_coprime() returns 1 if the B<BIGNUM>'s are coprime, otherwise it
|
|
returns 0.
|
|
|
|
=head1 HISTORY
|
|
|
|
Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(),
|
|
BN_abs_is_word() and BN_is_odd() were macros.
|
|
|
|
The function BN_are_coprime() was added in OpenSSL 3.1.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|