2 * Bignum routines for RSA and DH and stuff.
12 #if defined __GNUC__ && defined __i386__
13 typedef unsigned long BignumInt;
14 typedef unsigned long long BignumDblInt;
15 #define BIGNUM_INT_MASK 0xFFFFFFFFUL
16 #define BIGNUM_TOP_BIT 0x80000000UL
17 #define BIGNUM_INT_BITS 32
18 #define MUL_WORD(w1, w2) ((BignumDblInt)w1 * w2)
19 #define DIVMOD_WORD(q, r, hi, lo, w) \
21 "=d" (r), "=a" (q) : \
22 "r" (w), "d" (hi), "a" (lo))
24 typedef unsigned short BignumInt;
25 typedef unsigned long BignumDblInt;
26 #define BIGNUM_INT_MASK 0xFFFFU
27 #define BIGNUM_TOP_BIT 0x8000U
28 #define BIGNUM_INT_BITS 16
29 #define MUL_WORD(w1, w2) ((BignumDblInt)w1 * w2)
30 #define DIVMOD_WORD(q, r, hi, lo, w) do { \
31 BignumDblInt n = (((BignumDblInt)hi) << BIGNUM_INT_BITS) | lo; \
37 #define BIGNUM_INT_BYTES (BIGNUM_INT_BITS / 8)
39 #define BIGNUM_INTERNAL
40 typedef BignumInt *Bignum;
44 BignumInt bnZero[1] = { 0 };
45 BignumInt bnOne[2] = { 1, 1 };
48 * The Bignum format is an array of `BignumInt'. The first
49 * element of the array counts the remaining elements. The
50 * remaining elements express the actual number, base 2^BIGNUM_INT_BITS, _least_
51 * significant digit first. (So it's trivial to extract the bit
52 * with value 2^n for any n.)
54 * All Bignums in this module are positive. Negative numbers must
55 * be dealt with outside it.
57 * INVARIANT: the most significant word of any Bignum must be
61 Bignum Zero = bnZero, One = bnOne;
63 static Bignum newbn(int length)
65 Bignum b = snewn(length + 1, BignumInt);
68 memset(b, 0, (length + 1) * sizeof(*b));
73 void bn_restore_invariant(Bignum b)
75 while (b[0] > 1 && b[b[0]] == 0)
79 Bignum copybn(Bignum orig)
81 Bignum b = snewn(orig[0] + 1, BignumInt);
84 memcpy(b, orig, (orig[0] + 1) * sizeof(*b));
91 * Burn the evidence, just in case.
93 memset(b, 0, sizeof(b[0]) * (b[0] + 1));
97 Bignum bn_power_2(int n)
99 Bignum ret = newbn(n / BIGNUM_INT_BITS + 1);
100 bignum_set_bit(ret, n, 1);
106 * Input is in the first len words of a and b.
107 * Result is returned in the first 2*len words of c.
109 static void internal_mul(BignumInt *a, BignumInt *b,
110 BignumInt *c, int len)
115 for (j = 0; j < 2 * len; j++)
118 for (i = len - 1; i >= 0; i--) {
120 for (j = len - 1; j >= 0; j--) {
121 t += MUL_WORD(a[i], (BignumDblInt) b[j]);
122 t += (BignumDblInt) c[i + j + 1];
123 c[i + j + 1] = (BignumInt) t;
124 t = t >> BIGNUM_INT_BITS;
126 c[i] = (BignumInt) t;
130 static void internal_add_shifted(BignumInt *number,
131 unsigned n, int shift)
133 int word = 1 + (shift / BIGNUM_INT_BITS);
134 int bshift = shift % BIGNUM_INT_BITS;
137 addend = (BignumDblInt)n << bshift;
140 addend += number[word];
141 number[word] = (BignumInt) addend & BIGNUM_INT_MASK;
142 addend >>= BIGNUM_INT_BITS;
149 * Input in first alen words of a and first mlen words of m.
150 * Output in first alen words of a
151 * (of which first alen-mlen words will be zero).
152 * The MSW of m MUST have its high bit set.
153 * Quotient is accumulated in the `quotient' array, which is a Bignum
154 * rather than the internal bigendian format. Quotient parts are shifted
155 * left by `qshift' before adding into quot.
157 static void internal_mod(BignumInt *a, int alen,
158 BignumInt *m, int mlen,
159 BignumInt *quot, int qshift)
171 for (i = 0; i <= alen - mlen; i++) {
173 unsigned int q, r, c, ai1;
187 /* Find q = h:a[i] / m0 */
188 DIVMOD_WORD(q, r, h, a[i], m0);
190 /* Refine our estimate of q by looking at
191 h:a[i]:a[i+1] / m0:m1 */
193 if (t > ((BignumDblInt) r << BIGNUM_INT_BITS) + ai1) {
196 r = (r + m0) & BIGNUM_INT_MASK; /* overflow? */
197 if (r >= (BignumDblInt) m0 &&
198 t > ((BignumDblInt) r << BIGNUM_INT_BITS) + ai1) q--;
201 /* Subtract q * m from a[i...] */
203 for (k = mlen - 1; k >= 0; k--) {
204 t = MUL_WORD(q, m[k]);
206 c = t >> BIGNUM_INT_BITS;
207 if ((BignumInt) t > a[i + k])
209 a[i + k] -= (BignumInt) t;
212 /* Add back m in case of borrow */
215 for (k = mlen - 1; k >= 0; k--) {
218 a[i + k] = (BignumInt) t;
219 t = t >> BIGNUM_INT_BITS;
224 internal_add_shifted(quot, q, qshift + BIGNUM_INT_BITS * (alen - mlen - i));
229 * Compute (base ^ exp) % mod.
231 Bignum modpow(Bignum base_in, Bignum exp, Bignum mod)
233 BignumInt *a, *b, *n, *m;
239 * The most significant word of mod needs to be non-zero. It
240 * should already be, but let's make sure.
242 assert(mod[mod[0]] != 0);
245 * Make sure the base is smaller than the modulus, by reducing
246 * it modulo the modulus if not.
248 base = bigmod(base_in, mod);
250 /* Allocate m of size mlen, copy mod to m */
251 /* We use big endian internally */
253 m = snewn(mlen, BignumInt);
254 for (j = 0; j < mlen; j++)
255 m[j] = mod[mod[0] - j];
257 /* Shift m left to make msb bit set */
258 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
259 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
262 for (i = 0; i < mlen - 1; i++)
263 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
264 m[mlen - 1] = m[mlen - 1] << mshift;
267 /* Allocate n of size mlen, copy base to n */
268 n = snewn(mlen, BignumInt);
270 for (j = 0; j < i; j++)
272 for (j = 0; j < base[0]; j++)
273 n[i + j] = base[base[0] - j];
275 /* Allocate a and b of size 2*mlen. Set a = 1 */
276 a = snewn(2 * mlen, BignumInt);
277 b = snewn(2 * mlen, BignumInt);
278 for (i = 0; i < 2 * mlen; i++)
282 /* Skip leading zero bits of exp. */
284 j = BIGNUM_INT_BITS-1;
285 while (i < exp[0] && (exp[exp[0] - i] & (1 << j)) == 0) {
289 j = BIGNUM_INT_BITS-1;
293 /* Main computation */
296 internal_mul(a + mlen, a + mlen, b, mlen);
297 internal_mod(b, mlen * 2, m, mlen, NULL, 0);
298 if ((exp[exp[0] - i] & (1 << j)) != 0) {
299 internal_mul(b + mlen, n, a, mlen);
300 internal_mod(a, mlen * 2, m, mlen, NULL, 0);
310 j = BIGNUM_INT_BITS-1;
313 /* Fixup result in case the modulus was shifted */
315 for (i = mlen - 1; i < 2 * mlen - 1; i++)
316 a[i] = (a[i] << mshift) | (a[i + 1] >> (BIGNUM_INT_BITS - mshift));
317 a[2 * mlen - 1] = a[2 * mlen - 1] << mshift;
318 internal_mod(a, mlen * 2, m, mlen, NULL, 0);
319 for (i = 2 * mlen - 1; i >= mlen; i--)
320 a[i] = (a[i] >> mshift) | (a[i - 1] << (BIGNUM_INT_BITS - mshift));
323 /* Copy result to buffer */
324 result = newbn(mod[0]);
325 for (i = 0; i < mlen; i++)
326 result[result[0] - i] = a[i + mlen];
327 while (result[0] > 1 && result[result[0]] == 0)
330 /* Free temporary arrays */
331 for (i = 0; i < 2 * mlen; i++)
334 for (i = 0; i < 2 * mlen; i++)
337 for (i = 0; i < mlen; i++)
340 for (i = 0; i < mlen; i++)
350 * Compute (p * q) % mod.
351 * The most significant word of mod MUST be non-zero.
352 * We assume that the result array is the same size as the mod array.
354 Bignum modmul(Bignum p, Bignum q, Bignum mod)
356 BignumInt *a, *n, *m, *o;
358 int pqlen, mlen, rlen, i, j;
361 /* Allocate m of size mlen, copy mod to m */
362 /* We use big endian internally */
364 m = snewn(mlen, BignumInt);
365 for (j = 0; j < mlen; j++)
366 m[j] = mod[mod[0] - j];
368 /* Shift m left to make msb bit set */
369 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
370 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
373 for (i = 0; i < mlen - 1; i++)
374 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
375 m[mlen - 1] = m[mlen - 1] << mshift;
378 pqlen = (p[0] > q[0] ? p[0] : q[0]);
380 /* Allocate n of size pqlen, copy p to n */
381 n = snewn(pqlen, BignumInt);
383 for (j = 0; j < i; j++)
385 for (j = 0; j < p[0]; j++)
386 n[i + j] = p[p[0] - j];
388 /* Allocate o of size pqlen, copy q to o */
389 o = snewn(pqlen, BignumInt);
391 for (j = 0; j < i; j++)
393 for (j = 0; j < q[0]; j++)
394 o[i + j] = q[q[0] - j];
396 /* Allocate a of size 2*pqlen for result */
397 a = snewn(2 * pqlen, BignumInt);
399 /* Main computation */
400 internal_mul(n, o, a, pqlen);
401 internal_mod(a, pqlen * 2, m, mlen, NULL, 0);
403 /* Fixup result in case the modulus was shifted */
405 for (i = 2 * pqlen - mlen - 1; i < 2 * pqlen - 1; i++)
406 a[i] = (a[i] << mshift) | (a[i + 1] >> (BIGNUM_INT_BITS - mshift));
407 a[2 * pqlen - 1] = a[2 * pqlen - 1] << mshift;
408 internal_mod(a, pqlen * 2, m, mlen, NULL, 0);
409 for (i = 2 * pqlen - 1; i >= 2 * pqlen - mlen; i--)
410 a[i] = (a[i] >> mshift) | (a[i - 1] << (BIGNUM_INT_BITS - mshift));
413 /* Copy result to buffer */
414 rlen = (mlen < pqlen * 2 ? mlen : pqlen * 2);
415 result = newbn(rlen);
416 for (i = 0; i < rlen; i++)
417 result[result[0] - i] = a[i + 2 * pqlen - rlen];
418 while (result[0] > 1 && result[result[0]] == 0)
421 /* Free temporary arrays */
422 for (i = 0; i < 2 * pqlen; i++)
425 for (i = 0; i < mlen; i++)
428 for (i = 0; i < pqlen; i++)
431 for (i = 0; i < pqlen; i++)
440 * The most significant word of mod MUST be non-zero.
441 * We assume that the result array is the same size as the mod array.
442 * We optionally write out a quotient if `quotient' is non-NULL.
443 * We can avoid writing out the result if `result' is NULL.
445 static void bigdivmod(Bignum p, Bignum mod, Bignum result, Bignum quotient)
449 int plen, mlen, i, j;
451 /* Allocate m of size mlen, copy mod to m */
452 /* We use big endian internally */
454 m = snewn(mlen, BignumInt);
455 for (j = 0; j < mlen; j++)
456 m[j] = mod[mod[0] - j];
458 /* Shift m left to make msb bit set */
459 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
460 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
463 for (i = 0; i < mlen - 1; i++)
464 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
465 m[mlen - 1] = m[mlen - 1] << mshift;
469 /* Ensure plen > mlen */
473 /* Allocate n of size plen, copy p to n */
474 n = snewn(plen, BignumInt);
475 for (j = 0; j < plen; j++)
477 for (j = 1; j <= p[0]; j++)
480 /* Main computation */
481 internal_mod(n, plen, m, mlen, quotient, mshift);
483 /* Fixup result in case the modulus was shifted */
485 for (i = plen - mlen - 1; i < plen - 1; i++)
486 n[i] = (n[i] << mshift) | (n[i + 1] >> (BIGNUM_INT_BITS - mshift));
487 n[plen - 1] = n[plen - 1] << mshift;
488 internal_mod(n, plen, m, mlen, quotient, 0);
489 for (i = plen - 1; i >= plen - mlen; i--)
490 n[i] = (n[i] >> mshift) | (n[i - 1] << (BIGNUM_INT_BITS - mshift));
493 /* Copy result to buffer */
495 for (i = 1; i <= result[0]; i++) {
497 result[i] = j >= 0 ? n[j] : 0;
501 /* Free temporary arrays */
502 for (i = 0; i < mlen; i++)
505 for (i = 0; i < plen; i++)
511 * Decrement a number.
513 void decbn(Bignum bn)
516 while (i < bn[0] && bn[i] == 0)
517 bn[i++] = BIGNUM_INT_MASK;
521 Bignum bignum_from_bytes(const unsigned char *data, int nbytes)
526 w = (nbytes + BIGNUM_INT_BYTES - 1) / BIGNUM_INT_BYTES; /* bytes->words */
529 for (i = 1; i <= w; i++)
531 for (i = nbytes; i--;) {
532 unsigned char byte = *data++;
533 result[1 + i / BIGNUM_INT_BYTES] |= byte << (8*i % BIGNUM_INT_BITS);
536 while (result[0] > 1 && result[result[0]] == 0)
542 * Read an ssh1-format bignum from a data buffer. Return the number
545 int ssh1_read_bignum(const unsigned char *data, Bignum * result)
547 const unsigned char *p = data;
552 for (i = 0; i < 2; i++)
554 b = (w + 7) / 8; /* bits -> bytes */
556 if (!result) /* just return length */
559 *result = bignum_from_bytes(p, b);
565 * Return the bit count of a bignum, for ssh1 encoding.
567 int bignum_bitcount(Bignum bn)
569 int bitcount = bn[0] * BIGNUM_INT_BITS - 1;
571 && (bn[bitcount / BIGNUM_INT_BITS + 1] >> (bitcount % BIGNUM_INT_BITS)) == 0) bitcount--;
576 * Return the byte length of a bignum when ssh1 encoded.
578 int ssh1_bignum_length(Bignum bn)
580 return 2 + (bignum_bitcount(bn) + 7) / 8;
584 * Return the byte length of a bignum when ssh2 encoded.
586 int ssh2_bignum_length(Bignum bn)
588 return 4 + (bignum_bitcount(bn) + 8) / 8;
592 * Return a byte from a bignum; 0 is least significant, etc.
594 int bignum_byte(Bignum bn, int i)
596 if (i >= BIGNUM_INT_BYTES * bn[0])
597 return 0; /* beyond the end */
599 return (bn[i / BIGNUM_INT_BYTES + 1] >>
600 ((i % BIGNUM_INT_BYTES)*8)) & 0xFF;
604 * Return a bit from a bignum; 0 is least significant, etc.
606 int bignum_bit(Bignum bn, int i)
608 if (i >= BIGNUM_INT_BITS * bn[0])
609 return 0; /* beyond the end */
611 return (bn[i / BIGNUM_INT_BITS + 1] >> (i % BIGNUM_INT_BITS)) & 1;
615 * Set a bit in a bignum; 0 is least significant, etc.
617 void bignum_set_bit(Bignum bn, int bitnum, int value)
619 if (bitnum >= BIGNUM_INT_BITS * bn[0])
620 abort(); /* beyond the end */
622 int v = bitnum / BIGNUM_INT_BITS + 1;
623 int mask = 1 << (bitnum % BIGNUM_INT_BITS);
632 * Write a ssh1-format bignum into a buffer. It is assumed the
633 * buffer is big enough. Returns the number of bytes used.
635 int ssh1_write_bignum(void *data, Bignum bn)
637 unsigned char *p = data;
638 int len = ssh1_bignum_length(bn);
640 int bitc = bignum_bitcount(bn);
642 *p++ = (bitc >> 8) & 0xFF;
643 *p++ = (bitc) & 0xFF;
644 for (i = len - 2; i--;)
645 *p++ = bignum_byte(bn, i);
650 * Compare two bignums. Returns like strcmp.
652 int bignum_cmp(Bignum a, Bignum b)
654 int amax = a[0], bmax = b[0];
655 int i = (amax > bmax ? amax : bmax);
657 BignumInt aval = (i > amax ? 0 : a[i]);
658 BignumInt bval = (i > bmax ? 0 : b[i]);
669 * Right-shift one bignum to form another.
671 Bignum bignum_rshift(Bignum a, int shift)
674 int i, shiftw, shiftb, shiftbb, bits;
677 bits = bignum_bitcount(a) - shift;
678 ret = newbn((bits + BIGNUM_INT_BITS - 1) / BIGNUM_INT_BITS);
681 shiftw = shift / BIGNUM_INT_BITS;
682 shiftb = shift % BIGNUM_INT_BITS;
683 shiftbb = BIGNUM_INT_BITS - shiftb;
686 for (i = 1; i <= ret[0]; i++) {
688 ai1 = (i + shiftw + 1 <= a[0] ? a[i + shiftw + 1] : 0);
689 ret[i] = ((ai >> shiftb) | (ai1 << shiftbb)) & BIGNUM_INT_MASK;
697 * Non-modular multiplication and addition.
699 Bignum bigmuladd(Bignum a, Bignum b, Bignum addend)
701 int alen = a[0], blen = b[0];
702 int mlen = (alen > blen ? alen : blen);
703 int rlen, i, maxspot;
704 BignumInt *workspace;
707 /* mlen space for a, mlen space for b, 2*mlen for result */
708 workspace = snewn(mlen * 4, BignumInt);
709 for (i = 0; i < mlen; i++) {
710 workspace[0 * mlen + i] = (mlen - i <= a[0] ? a[mlen - i] : 0);
711 workspace[1 * mlen + i] = (mlen - i <= b[0] ? b[mlen - i] : 0);
714 internal_mul(workspace + 0 * mlen, workspace + 1 * mlen,
715 workspace + 2 * mlen, mlen);
717 /* now just copy the result back */
718 rlen = alen + blen + 1;
719 if (addend && rlen <= addend[0])
720 rlen = addend[0] + 1;
723 for (i = 1; i <= ret[0]; i++) {
724 ret[i] = (i <= 2 * mlen ? workspace[4 * mlen - i] : 0);
730 /* now add in the addend, if any */
732 BignumDblInt carry = 0;
733 for (i = 1; i <= rlen; i++) {
734 carry += (i <= ret[0] ? ret[i] : 0);
735 carry += (i <= addend[0] ? addend[i] : 0);
736 ret[i] = (BignumInt) carry & BIGNUM_INT_MASK;
737 carry >>= BIGNUM_INT_BITS;
738 if (ret[i] != 0 && i > maxspot)
749 * Non-modular multiplication.
751 Bignum bigmul(Bignum a, Bignum b)
753 return bigmuladd(a, b, NULL);
757 * Create a bignum which is the bitmask covering another one. That
758 * is, the smallest integer which is >= N and is also one less than
761 Bignum bignum_bitmask(Bignum n)
763 Bignum ret = copybn(n);
768 while (n[i] == 0 && i > 0)
771 return ret; /* input was zero */
777 ret[i] = BIGNUM_INT_MASK;
782 * Convert a (max 32-bit) long into a bignum.
784 Bignum bignum_from_long(unsigned long nn)
790 ret[1] = (BignumInt)(n & BIGNUM_INT_MASK);
791 ret[2] = (BignumInt)((n >> BIGNUM_INT_BITS) & BIGNUM_INT_MASK);
793 ret[0] = (ret[2] ? 2 : 1);
798 * Add a long to a bignum.
800 Bignum bignum_add_long(Bignum number, unsigned long addendx)
802 Bignum ret = newbn(number[0] + 1);
804 BignumDblInt carry = 0, addend = addendx;
806 for (i = 1; i <= ret[0]; i++) {
807 carry += addend & BIGNUM_INT_MASK;
808 carry += (i <= number[0] ? number[i] : 0);
809 addend >>= BIGNUM_INT_BITS;
810 ret[i] = (BignumInt) carry & BIGNUM_INT_MASK;
811 carry >>= BIGNUM_INT_BITS;
820 * Compute the residue of a bignum, modulo a (max 16-bit) short.
822 unsigned short bignum_mod_short(Bignum number, unsigned short modulus)
829 for (i = number[0]; i > 0; i--)
830 r = (r * (BIGNUM_TOP_BIT % mod) * 2 + number[i] % mod) % mod;
831 return (unsigned short) r;
835 void diagbn(char *prefix, Bignum md)
837 int i, nibbles, morenibbles;
838 static const char hex[] = "0123456789ABCDEF";
840 debug(("%s0x", prefix ? prefix : ""));
842 nibbles = (3 + bignum_bitcount(md)) / 4;
845 morenibbles = 4 * md[0] - nibbles;
846 for (i = 0; i < morenibbles; i++)
848 for (i = nibbles; i--;)
850 hex[(bignum_byte(md, i / 2) >> (4 * (i % 2))) & 0xF]));
860 Bignum bigdiv(Bignum a, Bignum b)
862 Bignum q = newbn(a[0]);
863 bigdivmod(a, b, NULL, q);
870 Bignum bigmod(Bignum a, Bignum b)
872 Bignum r = newbn(b[0]);
873 bigdivmod(a, b, r, NULL);
878 * Greatest common divisor.
880 Bignum biggcd(Bignum av, Bignum bv)
882 Bignum a = copybn(av);
883 Bignum b = copybn(bv);
885 while (bignum_cmp(b, Zero) != 0) {
886 Bignum t = newbn(b[0]);
887 bigdivmod(a, b, t, NULL);
888 while (t[0] > 1 && t[t[0]] == 0)
900 * Modular inverse, using Euclid's extended algorithm.
902 Bignum modinv(Bignum number, Bignum modulus)
904 Bignum a = copybn(modulus);
905 Bignum b = copybn(number);
906 Bignum xp = copybn(Zero);
907 Bignum x = copybn(One);
910 while (bignum_cmp(b, One) != 0) {
911 Bignum t = newbn(b[0]);
912 Bignum q = newbn(a[0]);
913 bigdivmod(a, b, t, q);
914 while (t[0] > 1 && t[t[0]] == 0)
921 x = bigmuladd(q, xp, t);
931 /* now we know that sign * x == 1, and that x < modulus */
933 /* set a new x to be modulus - x */
934 Bignum newx = newbn(modulus[0]);
939 for (i = 1; i <= newx[0]; i++) {
940 BignumInt aword = (i <= modulus[0] ? modulus[i] : 0);
941 BignumInt bword = (i <= x[0] ? x[i] : 0);
942 newx[i] = aword - bword - carry;
944 carry = carry ? (newx[i] >= bword) : (newx[i] > bword);
958 * Render a bignum into decimal. Return a malloced string holding
959 * the decimal representation.
961 char *bignum_decimal(Bignum x)
967 BignumInt *workspace;
970 * First, estimate the number of digits. Since log(10)/log(2)
971 * is just greater than 93/28 (the joys of continued fraction
972 * approximations...) we know that for every 93 bits, we need
973 * at most 28 digits. This will tell us how much to malloc.
975 * Formally: if x has i bits, that means x is strictly less
976 * than 2^i. Since 2 is less than 10^(28/93), this is less than
977 * 10^(28i/93). We need an integer power of ten, so we must
978 * round up (rounding down might make it less than x again).
979 * Therefore if we multiply the bit count by 28/93, rounding
980 * up, we will have enough digits.
982 i = bignum_bitcount(x);
983 ndigits = (28 * i + 92) / 93; /* multiply by 28/93 and round up */
984 ndigits++; /* allow for trailing \0 */
985 ret = snewn(ndigits, char);
988 * Now allocate some workspace to hold the binary form as we
989 * repeatedly divide it by ten. Initialise this to the
990 * big-endian form of the number.
992 workspace = snewn(x[0], BignumInt);
993 for (i = 0; i < x[0]; i++)
994 workspace[i] = x[x[0] - i];
997 * Next, write the decimal number starting with the last digit.
998 * We use ordinary short division, dividing 10 into the
1001 ndigit = ndigits - 1;
1006 for (i = 0; i < x[0]; i++) {
1007 carry = (carry << BIGNUM_INT_BITS) + workspace[i];
1008 workspace[i] = (BignumInt) (carry / 10);
1013 ret[--ndigit] = (char) (carry + '0');
1017 * There's a chance we've fallen short of the start of the
1018 * string. Correct if so.
1021 memmove(ret, ret + ndigit, ndigits - ndigit);
projects / PuTTY.git / blob