RubyGems - grpc - Versions diffs - 1.69.0 → 1.70.1 - Mend

grpc 1.69.0 → 1.70.1

Files changed (640) hide show

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} RENAMED Viewed

@@ -63,8 +63,8 @@
 #include <openssl/err.h>
 #include <openssl/mem.h>
-#include "internal.h"
 #include "../delocate.h"
+#include "internal.h"
 // BN_MAX_WORDS is the maximum number of words allowed in a |BIGNUM|. It is
@@ -73,7 +73,7 @@
 #define BN_MAX_WORDS (INT_MAX / (4 * BN_BITS2))
 BIGNUM *BN_new(void) {
-  BIGNUM *bn = OPENSSL_malloc(sizeof(BIGNUM));
+  BIGNUM *bn = reinterpret_cast<BIGNUM *>(OPENSSL_malloc(sizeof(BIGNUM)));
   if (bn == NULL) {
     return NULL;
@@ -87,9 +87,7 @@ BIGNUM *BN_new(void) {
 BIGNUM *BN_secure_new(void) { return BN_new(); }
-void BN_init(BIGNUM *bn) {
-  OPENSSL_memset(bn, 0, sizeof(BIGNUM));
-}
+void BN_init(BIGNUM *bn) { OPENSSL_memset(bn, 0, sizeof(BIGNUM)); }
 void BN_free(BIGNUM *bn) {
   if (bn == NULL) {
@@ -107,9 +105,7 @@ void BN_free(BIGNUM *bn) {
   }
 }
-void BN_clear_free(BIGNUM *bn) {
-  BN_free(bn);
-}
+void BN_clear_free(BIGNUM *bn) { BN_free(bn); }
 BIGNUM *BN_dup(const BIGNUM *src) {
   BIGNUM *copy;
@@ -157,8 +153,8 @@ void BN_clear(BIGNUM *bn) {
 }
 DEFINE_METHOD_FUNCTION(BIGNUM, BN_value_one) {
-  static const BN_ULONG kOneLimbs[1] = { 1 };
-  out->d = (BN_ULONG*) kOneLimbs;
+  static const BN_ULONG kOneLimbs[1] = {1};
+  out->d = (BN_ULONG *)kOneLimbs;
   out->width = 1;
   out->dmax = 1;
   out->neg = 0;
@@ -229,17 +225,11 @@ unsigned BN_num_bits(const BIGNUM *bn) {
   return (width - 1) * BN_BITS2 + BN_num_bits_word(bn->d[width - 1]);
 }
-unsigned BN_num_bytes(const BIGNUM *bn) {
-  return (BN_num_bits(bn) + 7) / 8;
-}
+unsigned BN_num_bytes(const BIGNUM *bn) { return (BN_num_bits(bn) + 7) / 8; }
-void BN_zero(BIGNUM *bn) {
-  bn->width = bn->neg = 0;
-}
+void BN_zero(BIGNUM *bn) { bn->width = bn->neg = 0; }
-int BN_one(BIGNUM *bn) {
-  return BN_set_word(bn, 1);
-}
+int BN_one(BIGNUM *bn) { return BN_set_word(bn, 1); }
 int BN_set_word(BIGNUM *bn, BN_ULONG value) {
   if (value == 0) {
@@ -332,9 +322,7 @@ int bn_copy_words(BN_ULONG *out, size_t num, const BIGNUM *bn) {
   return 1;
 }
-int BN_is_negative(const BIGNUM *bn) {
-  return bn->neg != 0;
-}
+int BN_is_negative(const BIGNUM *bn) { return bn->neg != 0; }
 void BN_set_negative(BIGNUM *bn, int sign) {
   if (sign && !BN_is_zero(bn)) {
@@ -361,7 +349,7 @@ int bn_wexpand(BIGNUM *bn, size_t words) {
     return 0;
   }
-  a = OPENSSL_calloc(words, sizeof(BN_ULONG));
+  a = reinterpret_cast<BN_ULONG *>(OPENSSL_calloc(words, sizeof(BN_ULONG)));
   if (a == NULL) {
     return 0;
   }
@@ -380,7 +368,7 @@ int bn_expand(BIGNUM *bn, size_t bits) {
     OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG);
     return 0;
   }
-  return bn_wexpand(bn, (bits+BN_BITS2-1)/BN_BITS2);
+  return bn_wexpand(bn, (bits + BN_BITS2 - 1) / BN_BITS2);
 }
 int bn_resize_words(BIGNUM *bn, size_t words) {

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} RENAMED Viewed

@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -106,7 +106,7 @@ struct bignum_ctx {
 };
 BN_CTX *BN_CTX_new(void) {
-  BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX));
+  BN_CTX *ret = reinterpret_cast<BN_CTX *>(OPENSSL_malloc(sizeof(BN_CTX)));
   if (!ret) {
     return NULL;
   }
@@ -201,9 +201,7 @@ static void BN_STACK_init(BN_STACK *st) {
   st->depth = st->size = 0;
 }
-static void BN_STACK_cleanup(BN_STACK *st) {
-  OPENSSL_free(st->indexes);
-}
+static void BN_STACK_cleanup(BN_STACK *st) { OPENSSL_free(st->indexes); }
 static int BN_STACK_push(BN_STACK *st, size_t idx) {
   if (st->depth == st->size) {
@@ -213,8 +211,8 @@ static int BN_STACK_push(BN_STACK *st, size_t idx) {
     if (new_size <= st->size || new_size > SIZE_MAX / sizeof(size_t)) {
       return 0;
     }
-    size_t *new_indexes =
-        OPENSSL_realloc(st->indexes, new_size * sizeof(size_t));
+    size_t *new_indexes = reinterpret_cast<size_t *>(
+        OPENSSL_realloc(st->indexes, new_size * sizeof(size_t)));
     if (new_indexes == NULL) {
       return 0;
     }

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} RENAMED Viewed

@@ -66,8 +66,7 @@
 // bn_div_words divides a double-width |h|,|l| by |d| and returns the result,
 // which must fit in a |BN_ULONG|.
-OPENSSL_UNUSED static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l,
-                                            BN_ULONG d) {
+static inline BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) {
   BN_ULONG dh, dl, q, ret = 0, th, tl, t;
   int i, count = 2;
@@ -195,6 +194,8 @@ int BN_div(BIGNUM *quotient, BIGNUM *rem, const BIGNUM *numerator,
   BIGNUM *snum = BN_CTX_get(ctx);
   BIGNUM *sdiv = BN_CTX_get(ctx);
   BIGNUM *res = quotient == NULL ? BN_CTX_get(ctx) : quotient;
+  int norm_shift, num_n, loop, div_n;
+  BN_ULONG d0, d1;
   if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL) {
     goto err;
   }
@@ -202,7 +203,7 @@ int BN_div(BIGNUM *quotient, BIGNUM *rem, const BIGNUM *numerator,
   // Knuth step D1: Normalise the numbers such that the divisor's MSB is set.
   // This ensures, in Knuth's terminology, that v1 >= b/2, needed for the
   // quotient estimation step.
-  int norm_shift = BN_BITS2 - (BN_num_bits(divisor) % BN_BITS2);
+  norm_shift = BN_BITS2 - (BN_num_bits(divisor) % BN_BITS2);
   if (!BN_lshift(sdiv, divisor, norm_shift) ||
       !BN_lshift(snum, numerator, norm_shift)) {
     goto err;
@@ -213,9 +214,9 @@ int BN_div(BIGNUM *quotient, BIGNUM *rem, const BIGNUM *numerator,
   // avoid looping on leading zeros, as we're not trying to be leak-free.
   bn_set_minimal_width(sdiv);
   bn_set_minimal_width(snum);
-  int div_n = sdiv->width;
-  const BN_ULONG d0 = sdiv->d[div_n - 1];
-  const BN_ULONG d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
+  div_n = sdiv->width;
+  d0 = sdiv->d[div_n - 1];
+  d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
   assert(d0 & (((BN_ULONG)1) << (BN_BITS2 - 1)));
   // Extend |snum| with zeros to satisfy the long division invariants:
@@ -223,14 +224,14 @@ int BN_div(BIGNUM *quotient, BIGNUM *rem, const BIGNUM *numerator,
   // - |snum|'s most significant word must be zero to guarantee the first loop
   //   iteration works with a prefix greater than |sdiv|. (This is the extra u0
   //   digit in Knuth step D1.)
-  int num_n = snum->width <= div_n ? div_n + 1 : snum->width + 1;
+  num_n = snum->width <= div_n ? div_n + 1 : snum->width + 1;
   if (!bn_resize_words(snum, num_n)) {
     goto err;
   }
   // Knuth step D2: The quotient's width is the difference between numerator and
   // denominator. Also set up its sign and size a temporary for the loop.
-  int loop = num_n - div_n;
+  loop = num_n - div_n;
   res->neg = snum->neg ^ sdiv->neg;
   if (!bn_wexpand(res, loop) ||  //
       !bn_wexpand(tmp, div_n + 1)) {
@@ -447,9 +448,9 @@ int bn_div_consttime(BIGNUM *quotient, BIGNUM *remainder,
     r = BN_CTX_get(ctx);
   }
   BIGNUM *tmp = BN_CTX_get(ctx);
+  int initial_words;
   if (q == NULL || r == NULL || tmp == NULL ||
-      !bn_wexpand(q, numerator->width) ||
-      !bn_wexpand(r, divisor->width) ||
+      !bn_wexpand(q, numerator->width) || !bn_wexpand(r, divisor->width) ||
       !bn_wexpand(tmp, divisor->width)) {
     goto err;
   }
@@ -472,7 +473,7 @@ int bn_div_consttime(BIGNUM *quotient, BIGNUM *remainder,
   // without reductions. This significantly speeds up |RSA_check_key|. For
   // simplicity, we round down to a whole number of words.
   declassify_assert(divisor_min_bits <= BN_num_bits(divisor));
-  int initial_words = 0;
+  initial_words = 0;
   if (divisor_min_bits > 0) {
     initial_words = (divisor_min_bits - 1) / BN_BITS2;
     if (initial_words > numerator->width) {
@@ -514,8 +515,7 @@ err:
 static BIGNUM *bn_scratch_space_from_ctx(size_t width, BN_CTX *ctx) {
   BIGNUM *ret = BN_CTX_get(ctx);
-  if (ret == NULL ||
-      !bn_wexpand(ret, width)) {
+  if (ret == NULL || !bn_wexpand(ret, width)) {
     return NULL;
   }
   ret->neg = 0;
@@ -536,9 +536,7 @@ static const BIGNUM *bn_resized_from_ctx(const BIGNUM *bn, size_t width,
     return bn;
   }
   BIGNUM *ret = bn_scratch_space_from_ctx(width, ctx);
-  if (ret == NULL ||
-      !BN_copy(ret, bn) ||
-      !bn_resize_words(ret, width)) {
+  if (ret == NULL || !BN_copy(ret, bn) || !bn_resize_words(ret, width)) {
     return NULL;
   }
   return ret;
@@ -555,8 +553,7 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
 int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
                      const BIGNUM *m) {
   BN_CTX *ctx = BN_CTX_new();
-  int ok = ctx != NULL &&
-           bn_mod_add_consttime(r, a, b, m, ctx);
+  int ok = ctx != NULL && bn_mod_add_consttime(r, a, b, m, ctx);
   BN_CTX_free(ctx);
   return ok;
 }
@@ -567,8 +564,7 @@ int bn_mod_add_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
   a = bn_resized_from_ctx(a, m->width, ctx);
   b = bn_resized_from_ctx(b, m->width, ctx);
   BIGNUM *tmp = bn_scratch_space_from_ctx(m->width, ctx);
-  int ok = a != NULL && b != NULL && tmp != NULL &&
-           bn_wexpand(r, m->width);
+  int ok = a != NULL && b != NULL && tmp != NULL && bn_wexpand(r, m->width);
   if (ok) {
     bn_mod_add_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
     r->width = m->width;
@@ -592,8 +588,7 @@ int bn_mod_sub_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
   a = bn_resized_from_ctx(a, m->width, ctx);
   b = bn_resized_from_ctx(b, m->width, ctx);
   BIGNUM *tmp = bn_scratch_space_from_ctx(m->width, ctx);
-  int ok = a != NULL && b != NULL && tmp != NULL &&
-           bn_wexpand(r, m->width);
+  int ok = a != NULL && b != NULL && tmp != NULL && bn_wexpand(r, m->width);
   if (ok) {
     bn_mod_sub_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
     r->width = m->width;
@@ -606,8 +601,7 @@ int bn_mod_sub_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
                      const BIGNUM *m) {
   BN_CTX *ctx = BN_CTX_new();
-  int ok = ctx != NULL &&
-           bn_mod_sub_consttime(r, a, b, m, ctx);
+  int ok = ctx != NULL && bn_mod_sub_consttime(r, a, b, m, ctx);
   BN_CTX_free(ctx);
   return ok;
 }
@@ -678,8 +672,7 @@ int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
 int bn_mod_lshift_consttime(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
                             BN_CTX *ctx) {
-  if (!BN_copy(r, a) ||
-      !bn_resize_words(r, m->width)) {
+  if (!BN_copy(r, a) || !bn_resize_words(r, m->width)) {
     return 0;
   }
@@ -698,8 +691,7 @@ int bn_mod_lshift_consttime(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
 int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) {
   BN_CTX *ctx = BN_CTX_new();
-  int ok = ctx != NULL &&
-           bn_mod_lshift_consttime(r, a, n, m, ctx);
+  int ok = ctx != NULL && bn_mod_lshift_consttime(r, a, n, m, ctx);
   BN_CTX_free(ctx);
   return ok;
 }
@@ -719,8 +711,7 @@ int bn_mod_lshift1_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *m,
 int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) {
   BN_CTX *ctx = BN_CTX_new();
-  int ok = ctx != NULL &&
-           bn_mod_lshift1_consttime(r, a, m, ctx);
+  int ok = ctx != NULL && bn_mod_lshift1_consttime(r, a, m, ctx);
   BN_CTX_free(ctx);
   return ok;
 }
@@ -731,7 +722,7 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) {
   if (!w) {
     // actually this an error (division by zero)
-    return (BN_ULONG) - 1;
+    return (BN_ULONG)-1;
   }
   if (a->width == 0) {
@@ -742,7 +733,7 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) {
   j = BN_BITS2 - BN_num_bits_word(w);
   w <<= j;
   if (!BN_lshift(a, a, j)) {
-    return (BN_ULONG) - 1;
+    return (BN_ULONG)-1;
   }
   for (i = a->width - 1; i >= 0; i--) {
@@ -768,7 +759,7 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) {
   int i;
   if (w == 0) {
-    return (BN_ULONG) -1;
+    return (BN_ULONG)-1;
   }
 #ifndef BN_CAN_DIVIDE_ULLONG
@@ -805,7 +796,7 @@ int BN_mod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
   size_t num_words = 1 + ((e - 1) / BN_BITS2);
   // If |a| definitely has less than |e| bits, just BN_copy.
-  if ((size_t) a->width < num_words) {
+  if ((size_t)a->width < num_words) {
     return BN_copy(r, a) != NULL;
   }
@@ -821,12 +812,12 @@ int BN_mod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
   // If |e| isn't word-aligned, we have to mask off some of our bits.
   size_t top_word_exponent = e % (sizeof(BN_ULONG) * 8);
   if (top_word_exponent != 0) {
-    r->d[num_words - 1] &= (((BN_ULONG) 1) << top_word_exponent) - 1;
+    r->d[num_words - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
   }
   // Fill in the remaining fields of |r|.
   r->neg = a->neg;
-  r->width = (int) num_words;
+  r->width = (int)num_words;
   bn_set_minimal_width(r);
   return 1;
 }
@@ -853,7 +844,7 @@ int BN_nnmod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
   // Set parameters of |r|.
   r->neg = 0;
-  r->width = (int) num_words;
+  r->width = (int)num_words;
   // Now, invert every word. The idea here is that we want to compute 2^e-|x|,
   // which is actually equivalent to the twos-complement representation of |x|
@@ -865,7 +856,7 @@ int BN_nnmod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
   // If our exponent doesn't span the top word, we have to mask the rest.
   size_t top_word_exponent = e % BN_BITS2;
   if (top_word_exponent != 0) {
-    r->d[r->width - 1] &= (((BN_ULONG) 1) << top_word_exponent) - 1;
+    r->d[r->width - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
   }
   // Keep the minimal-width invariant for |BIGNUM|.

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} RENAMED Viewed

@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, Google Inc.
+/* Copyright 2018 The BoringSSL Authors
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} RENAMED Viewed

@@ -130,9 +130,9 @@
 // WARNING: This function implements Almost Montgomery Multiplication from
 // https://eprint.iacr.org/2011/239. The inputs do not need to be fully reduced.
 // However, even if they are fully reduced, the output may not be.
-static void bn_mul_mont_gather5(
-    BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *table, const BN_ULONG *np,
-    const BN_ULONG *n0, int num, int power) {
+static void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
+                                const BN_ULONG *table, const BN_ULONG *np,
+                                const BN_ULONG *n0, int num, int power) {
   if (bn_mulx4x_mont_gather5_capable(num)) {
     bn_mulx4x_mont_gather5(rp, ap, table, np, n0, num, power);
   } else if (bn_mul4x_mont_gather5_capable(num)) {
@@ -162,7 +162,7 @@ static void bn_power5(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *table,
   }
 }
-#endif // defined(OPENSSL_BN_ASM_MONT5)
+#endif  // defined(OPENSSL_BN_ASM_MONT5)
 int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) {
   int i, bits, ret = 0;
@@ -534,9 +534,9 @@ static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
     }
   }
-  start = 1;  // This is used to avoid multiplication etc
-              // when there is only the value '1' in the
-              // buffer.
+  start = 1;          // This is used to avoid multiplication etc
+                      // when there is only the value '1' in the
+                      // buffer.
   wstart = bits - 1;  // The top bit of the window
   if (!BN_one(r)) {
@@ -545,7 +545,7 @@ static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
   for (;;) {
     int wvalue;  // The 'value' of the window
-    int wend;  // The bottom bit of the window
+    int wend;    // The bottom bit of the window
     if (!BN_is_bit_set(p, wstart)) {
       if (!start) {
@@ -661,6 +661,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   BN_CTX_start(ctx);
   BIGNUM *r = BN_CTX_get(ctx);
   val[0] = BN_CTX_get(ctx);
+  int window, r_is_one, wstart;
   if (r == NULL || val[0] == NULL) {
     goto err;
   }
@@ -678,14 +679,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   // precomputing powers of |a|. Windows may be shifted so they always end on a
   // set bit, so only precompute odd powers. We compute val[i] = a^(2*i + 1)
   // for i = 0 to 2^(window-1), all in Montgomery form.
-  int window = BN_window_bits_for_exponent_size(bits);
+  window = BN_window_bits_for_exponent_size(bits);
   if (!BN_to_montgomery(val[0], a, mont, ctx)) {
     goto err;
   }
   if (window > 1) {
     BIGNUM *d = BN_CTX_get(ctx);
-    if (d == NULL ||
-        !BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx)) {
+    if (d == NULL || !BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx)) {
       goto err;
     }
     for (int i = 1; i < 1 << (window - 1); i++) {
@@ -699,8 +699,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   // |p| is non-zero, so at least one window is non-zero. To save some
   // multiplications, defer initializing |r| until then.
-  int r_is_one = 1;
-  int wstart = bits - 1;  // The top bit of the window.
+  r_is_one = 1;
+  wstart = bits - 1;  // The top bit of the window.
   for (;;) {
     if (!BN_is_bit_set(p, wstart)) {
       if (!r_is_one && !BN_mod_mul_montgomery(r, r, r, mont, ctx)) {
@@ -930,7 +930,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   int i, ret = 0, wvalue;
   BN_MONT_CTX *new_mont = NULL;
-  unsigned char *powerbuf_free = NULL;
+  void *powerbuf_free = NULL;
   size_t powerbuf_len = 0;
   BN_ULONG *powerbuf = NULL;
@@ -963,6 +963,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   }
   // Allocate a montgomery context if it was not supplied by the caller.
+  int top, num_powers, window;
   if (mont == NULL) {
     new_mont = BN_MONT_CTX_new_consttime(m, ctx);
     if (new_mont == NULL) {
@@ -973,7 +974,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   // Use the width in |mont->N|, rather than the copy in |m|. The assembly
   // implementation assumes it can use |top| to size R.
-  int top = mont->N.width;
+  top = mont->N.width;
 #if defined(OPENSSL_BN_ASM_MONT5) || defined(RSAZ_ENABLED)
   // Share one large stack-allocated buffer between the RSAZ and non-RSAZ code
@@ -1001,7 +1002,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 #endif
   // Get the window size to use with size of p.
-  int window = BN_window_bits_for_ctime_exponent_size(bits);
+  window = BN_window_bits_for_ctime_exponent_size(bits);
   assert(window <= BN_MAX_MOD_EXP_CTIME_WINDOW);
   // Calculating |powerbuf_len| below cannot overflow because of the bound on
@@ -1022,7 +1023,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   // Allocate a buffer large enough to hold all of the pre-computed
   // powers of |am|, |am| itself, and |tmp|.
-  int num_powers = 1 << window;
+  num_powers = 1 << window;
   powerbuf_len += sizeof(m->d[0]) * top * (num_powers + 2);
 #if defined(OPENSSL_BN_ASM_MONT5)
@@ -1037,7 +1038,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
     if (powerbuf_free == NULL) {
       goto err;
     }
-    powerbuf = align_pointer(powerbuf_free, MOD_EXP_CTIME_ALIGN);
+    powerbuf = reinterpret_cast<BN_ULONG *>(
+        align_pointer(powerbuf_free, MOD_EXP_CTIME_ALIGN));
   }
   OPENSSL_memset(powerbuf, 0, powerbuf_len);
@@ -1050,16 +1052,14 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
   tmp.neg = am.neg = 0;
   tmp.flags = am.flags = BN_FLG_STATIC_DATA;
-  if (!bn_one_to_montgomery(&tmp, mont, ctx) ||
-      !bn_resize_words(&tmp, top)) {
+  if (!bn_one_to_montgomery(&tmp, mont, ctx) || !bn_resize_words(&tmp, top)) {
     goto err;
   }
   // Prepare a^1 in the Montgomery domain.
   assert(!a->neg);
   declassify_assert(BN_ucmp(a, m) < 0);
-  if (!BN_to_montgomery(&am, a, mont, ctx) ||
-      !bn_resize_words(&am, top)) {
+  if (!BN_to_montgomery(&am, a, mont, ctx) || !bn_resize_words(&am, top)) {
     goto err;
   }

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} RENAMED Viewed

@@ -136,12 +136,11 @@ int BN_mod_inverse_odd(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
   B = BN_CTX_get(ctx);
   X = BN_CTX_get(ctx);
   Y = BN_CTX_get(ctx);
+  BIGNUM *R = out;
   if (Y == NULL) {
     goto err;
   }
-  BIGNUM *R = out;
   BN_zero(Y);
   if (!BN_one(X) || BN_copy(B, a) == NULL || BN_copy(A, n) == NULL) {
     goto err;
@@ -376,8 +375,7 @@ int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
                          BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
   BN_CTX_start(ctx);
   BIGNUM *p_minus_2 = BN_CTX_get(ctx);
-  int ok = p_minus_2 != NULL &&
-           BN_copy(p_minus_2, p) &&
+  int ok = p_minus_2 != NULL && BN_copy(p_minus_2, p) &&
            BN_sub_word(p_minus_2, 2) &&
            BN_mod_exp_mont(out, a, p_minus_2, p, ctx, mont_p);
   BN_CTX_end(ctx);
@@ -388,8 +386,7 @@ int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
                                 BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
   BN_CTX_start(ctx);
   BIGNUM *p_minus_2 = BN_CTX_get(ctx);
-  int ok = p_minus_2 != NULL &&
-           BN_copy(p_minus_2, p) &&
+  int ok = p_minus_2 != NULL && BN_copy(p_minus_2, p) &&
            BN_sub_word(p_minus_2, 2) &&
            BN_mod_exp_mont_consttime(out, a, p_minus_2, p, ctx, mont_p);
   BN_CTX_end(ctx);

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} RENAMED Viewed

@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, Google Inc.
+/* Copyright 2018 The BoringSSL Authors
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -35,7 +35,7 @@ static void maybe_rshift1_words_carry(BN_ULONG *a, BN_ULONG carry,
   maybe_rshift1_words(a, mask, tmp, num);
   if (num != 0) {
     carry &= mask;
-    a[num - 1] |= carry << (BN_BITS2-1);
+    a[num - 1] |= carry << (BN_BITS2 - 1);
   }
 }
@@ -61,25 +61,27 @@ static int bn_gcd_consttime(BIGNUM *r, unsigned *out_shift, const BIGNUM *x,
   BIGNUM *u = BN_CTX_get(ctx);
   BIGNUM *v = BN_CTX_get(ctx);
   BIGNUM *tmp = BN_CTX_get(ctx);
-  if (u == NULL || v == NULL || tmp == NULL ||
-      !BN_copy(u, x) ||
-      !BN_copy(v, y) ||
-      !bn_resize_words(u, width) ||
-      !bn_resize_words(v, width) ||
+  unsigned x_bits, y_bits, num_iters, shift;
+  if (u == NULL || v == NULL || tmp == NULL ||  //
+      !BN_copy(u, x) ||                         //
+      !BN_copy(v, y) ||                         //
+      !bn_resize_words(u, width) ||             //
+      !bn_resize_words(v, width) ||             //
       !bn_resize_words(tmp, width)) {
     goto err;
   }
   // Each loop iteration halves at least one of |u| and |v|. Thus we need at
   // most the combined bit width of inputs for at least one value to be zero.
-  unsigned x_bits = x->width * BN_BITS2, y_bits = y->width * BN_BITS2;
-  unsigned num_iters = x_bits + y_bits;
+  x_bits = x->width * BN_BITS2;
+  y_bits = y->width * BN_BITS2;
+  num_iters = x_bits + y_bits;
   if (num_iters < x_bits) {
     OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG);
     goto err;
   }
-  unsigned shift = 0;
+  shift = 0;
   for (unsigned i = 0; i < num_iters; i++) {
     BN_ULONG both_odd = word_is_odd_mask(u->d[0]) & word_is_odd_mask(v->d[0]);
@@ -121,8 +123,7 @@ err:
 int BN_gcd(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) {
   unsigned shift;
-  return bn_gcd_consttime(r, &shift, x, y, ctx) &&
-         BN_lshift(r, r, shift);
+  return bn_gcd_consttime(r, &shift, x, y, ctx) && BN_lshift(r, r, shift);
 }
 int bn_is_relatively_prime(int *out_relatively_prime, const BIGNUM *x,
@@ -131,8 +132,7 @@ int bn_is_relatively_prime(int *out_relatively_prime, const BIGNUM *x,
   BN_CTX_start(ctx);
   unsigned shift;
   BIGNUM *gcd = BN_CTX_get(ctx);
-  if (gcd == NULL ||
-      !bn_gcd_consttime(gcd, &shift, x, y, ctx)) {
+  if (gcd == NULL || !bn_gcd_consttime(gcd, &shift, x, y, ctx)) {
     goto err;
   }
@@ -217,23 +217,30 @@ int bn_mod_inverse_consttime(BIGNUM *r, int *out_no_inverse, const BIGNUM *a,
   BIGNUM *D = BN_CTX_get(ctx);
   BIGNUM *tmp = BN_CTX_get(ctx);
   BIGNUM *tmp2 = BN_CTX_get(ctx);
-  if (u == NULL || v == NULL || A == NULL || B == NULL || C == NULL ||
-      D == NULL || tmp == NULL || tmp2 == NULL ||
-      !BN_copy(u, a) ||
-      !BN_copy(v, n) ||
-      !BN_one(A) ||
+  size_t a_bits, num_iters, n_bits;
+  if (u == NULL ||       //
+      v == NULL ||       //
+      A == NULL ||       //
+      B == NULL ||       //
+      C == NULL ||       //
+      D == NULL ||       //
+      tmp == NULL ||     //
+      tmp2 == NULL ||    //
+      !BN_copy(u, a) ||  //
+      !BN_copy(v, n) ||  //
+      !BN_one(A) ||      //
       !BN_one(D) ||
       // For convenience, size |u| and |v| equivalently.
-      !bn_resize_words(u, n_width) ||
+      !bn_resize_words(u, n_width) ||  //
       !bn_resize_words(v, n_width) ||
       // |A| and |C| are bounded by |m|.
-      !bn_resize_words(A, n_width) ||
+      !bn_resize_words(A, n_width) ||  //
       !bn_resize_words(C, n_width) ||
       // |B| and |D| are bounded by |a|.
-      !bn_resize_words(B, a_width) ||
+      !bn_resize_words(B, a_width) ||  //
       !bn_resize_words(D, a_width) ||
       // |tmp| and |tmp2| may be used at either size.
-      !bn_resize_words(tmp, n_width) ||
+      !bn_resize_words(tmp, n_width) ||  //
       !bn_resize_words(tmp2, n_width)) {
     goto err;
   }
@@ -242,8 +249,9 @@ int bn_mod_inverse_consttime(BIGNUM *r, int *out_no_inverse, const BIGNUM *a,
   // most the combined bit width of inputs for at least one value to be zero.
   // |a_bits| and |n_bits| cannot overflow because |bn_wexpand| ensures bit
   // counts fit in even |int|.
-  size_t a_bits = a_width * BN_BITS2, n_bits = n_width * BN_BITS2;
-  size_t num_iters = a_bits + n_bits;
+  a_bits = a_width * BN_BITS2;
+  n_bits = n_width * BN_BITS2;
+  num_iters = a_bits + n_bits;
   if (num_iters < a_bits) {
     OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG);
     goto err;