Minimise the amount of code dependent on BN_DEBUG_RAND. In particular,

redefine bn_clear_top2max() to be a NOP in the non-debugging case, and
remove some unnecessary usages in bn_nist.c.

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller

3 files changed, 5 insertions, 23 deletions

diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 2f464b31d1..556fcda1e3 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -232,10 +232,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	wnum.neg   = 0;
 	wnum.d     = &(snum->d[loop]);
 	wnum.top   = div_n;
-#ifdef BN_DEBUG_RAND
 	/* only needed when BN_ucmp messes up the values between top and max */
 	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
-#endif
 
 	/* Get the top 2 words of sdiv */
 	/* div_n=sdiv->top; */
@@ -256,12 +254,10 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 
 	if (BN_ucmp(&wnum,sdiv) >= 0)
 		{
-#ifdef BN_DEBUG_RAND
 		/* If BN_DEBUG_RAND is defined BN_ucmp changes (via
 		 * bn_pollute) the const bignum arguments =>
 		 * clean the values between top and max again */
 		bn_clear_top2max(&wnum);
-#endif
 		bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
 		*resp=1;
 		}
@@ -384,13 +380,13 @@ X) -> 0x%08X\n",
 		/* store part of the result */
 		*resp = q;
 		}
+	bn_correct_top(snum);
 	if (rm != NULL)
 		{
 		/* Keep a copy of the neg flag in num because if rm==num
 		 * BN_rshift() will overwrite it.
 		 */
 		int neg = num->neg;
-		bn_correct_top(snum);
 		BN_rshift(rm,snum,norm_shift);
 		if (!BN_is_zero(rm))
 			rm->neg = neg;
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index 18960f191b..45e19221aa 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -240,7 +240,7 @@ extern "C" {
 #define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
 #define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
 
-
+#ifdef BN_DEBUG_RAND
 #define bn_clear_top2max(a) \
 	{ \
 	int      ind = (a)->dmax - (a)->top; \
@@ -248,6 +248,9 @@ extern "C" {
 	for (; ind != 0; ind--) \
 		*(++ftl) = 0x0; \
 	}
+#else
+#define bn_clear_top2max(a)
+#endif
 
 #ifdef BN_LLONG
 #define mul_add(r,a,w,c) { \
diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
index f30f6c65d1..a29503be25 100644
--- a/crypto/bn/bn_nist.c
+++ b/crypto/bn/bn_nist.c
@@ -359,12 +359,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 			--carry; 
 		}
 	r->top = BN_NIST_192_TOP;
-
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_192, BN_NIST_192_TOP);
@@ -453,11 +448,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 			}
 
 	r->top = BN_NIST_224_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_224, BN_NIST_224_TOP);
@@ -612,11 +603,7 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 		}
 
 	r->top = BN_NIST_256_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_256, BN_NIST_256_TOP);
@@ -781,11 +768,7 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 		}
 
 	r->top = BN_NIST_384_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_384, BN_NIST_384_TOP);