2 * Bignum routines for RSA and DH and stuff.
11 #if defined __GNUC__ && defined __i386__
12 typedef unsigned long BignumInt;
13 typedef unsigned long long BignumDblInt;
14 #define BIGNUM_INT_MASK 0xFFFFFFFFUL
15 #define BIGNUM_TOP_BIT 0x80000000UL
16 #define BIGNUM_INT_BITS 32
17 #define MUL_WORD(w1, w2) ((BignumDblInt)w1 * w2)
18 #define DIVMOD_WORD(q, r, hi, lo, w) \
20 "=d" (r), "=a" (q) : \
21 "r" (w), "d" (hi), "a" (lo))
23 typedef unsigned short BignumInt;
24 typedef unsigned long BignumDblInt;
25 #define BIGNUM_INT_MASK 0xFFFFU
26 #define BIGNUM_TOP_BIT 0x8000U
27 #define BIGNUM_INT_BITS 16
28 #define MUL_WORD(w1, w2) ((BignumDblInt)w1 * w2)
29 #define DIVMOD_WORD(q, r, hi, lo, w) do { \
30 BignumDblInt n = (((BignumDblInt)hi) << BIGNUM_INT_BITS) | lo; \
36 #define BIGNUM_INT_BYTES (BIGNUM_INT_BITS / 8)
38 #define BIGNUM_INTERNAL
39 typedef BignumInt *Bignum;
43 BignumInt bnZero[1] = { 0 };
44 BignumInt bnOne[2] = { 1, 1 };
47 * The Bignum format is an array of `BignumInt'. The first
48 * element of the array counts the remaining elements. The
49 * remaining elements express the actual number, base 2^BIGNUM_INT_BITS, _least_
50 * significant digit first. (So it's trivial to extract the bit
51 * with value 2^n for any n.)
53 * All Bignums in this module are positive. Negative numbers must
54 * be dealt with outside it.
56 * INVARIANT: the most significant word of any Bignum must be
60 Bignum Zero = bnZero, One = bnOne;
62 static Bignum newbn(int length)
64 Bignum b = snewn(length + 1, BignumInt);
67 memset(b, 0, (length + 1) * sizeof(*b));
72 void bn_restore_invariant(Bignum b)
74 while (b[0] > 1 && b[b[0]] == 0)
78 Bignum copybn(Bignum orig)
80 Bignum b = snewn(orig[0] + 1, BignumInt);
83 memcpy(b, orig, (orig[0] + 1) * sizeof(*b));
90 * Burn the evidence, just in case.
92 memset(b, 0, sizeof(b[0]) * (b[0] + 1));
96 Bignum bn_power_2(int n)
98 Bignum ret = newbn(n / BIGNUM_INT_BITS + 1);
99 bignum_set_bit(ret, n, 1);
105 * Input is in the first len words of a and b.
106 * Result is returned in the first 2*len words of c.
108 static void internal_mul(BignumInt *a, BignumInt *b,
109 BignumInt *c, int len)
114 for (j = 0; j < 2 * len; j++)
117 for (i = len - 1; i >= 0; i--) {
119 for (j = len - 1; j >= 0; j--) {
120 t += MUL_WORD(a[i], (BignumDblInt) b[j]);
121 t += (BignumDblInt) c[i + j + 1];
122 c[i + j + 1] = (BignumInt) t;
123 t = t >> BIGNUM_INT_BITS;
125 c[i] = (BignumInt) t;
129 static void internal_add_shifted(BignumInt *number,
130 unsigned n, int shift)
132 int word = 1 + (shift / BIGNUM_INT_BITS);
133 int bshift = shift % BIGNUM_INT_BITS;
136 addend = n << bshift;
139 addend += number[word];
140 number[word] = (BignumInt) addend & BIGNUM_INT_MASK;
141 addend >>= BIGNUM_INT_BITS;
148 * Input in first alen words of a and first mlen words of m.
149 * Output in first alen words of a
150 * (of which first alen-mlen words will be zero).
151 * The MSW of m MUST have its high bit set.
152 * Quotient is accumulated in the `quotient' array, which is a Bignum
153 * rather than the internal bigendian format. Quotient parts are shifted
154 * left by `qshift' before adding into quot.
156 static void internal_mod(BignumInt *a, int alen,
157 BignumInt *m, int mlen,
158 BignumInt *quot, int qshift)
170 for (i = 0; i <= alen - mlen; i++) {
172 unsigned int q, r, c, ai1;
186 /* Find q = h:a[i] / m0 */
187 DIVMOD_WORD(q, r, h, a[i], m0);
189 /* Refine our estimate of q by looking at
190 h:a[i]:a[i+1] / m0:m1 */
192 if (t > ((BignumDblInt) r << BIGNUM_INT_BITS) + ai1) {
195 r = (r + m0) & BIGNUM_INT_MASK; /* overflow? */
196 if (r >= (BignumDblInt) m0 &&
197 t > ((BignumDblInt) r << BIGNUM_INT_BITS) + ai1) q--;
200 /* Subtract q * m from a[i...] */
202 for (k = mlen - 1; k >= 0; k--) {
203 t = MUL_WORD(q, m[k]);
205 c = t >> BIGNUM_INT_BITS;
206 if ((BignumInt) t > a[i + k])
208 a[i + k] -= (BignumInt) t;
211 /* Add back m in case of borrow */
214 for (k = mlen - 1; k >= 0; k--) {
217 a[i + k] = (BignumInt) t;
218 t = t >> BIGNUM_INT_BITS;
223 internal_add_shifted(quot, q, qshift + BIGNUM_INT_BITS * (alen - mlen - i));
228 * Compute (base ^ exp) % mod.
229 * The base MUST be smaller than the modulus.
230 * The most significant word of mod MUST be non-zero.
231 * We assume that the result array is the same size as the mod array.
233 Bignum modpow(Bignum base, Bignum exp, Bignum mod)
235 BignumInt *a, *b, *n, *m;
240 /* Allocate m of size mlen, copy mod to m */
241 /* We use big endian internally */
243 m = snewn(mlen, BignumInt);
244 for (j = 0; j < mlen; j++)
245 m[j] = mod[mod[0] - j];
247 /* Shift m left to make msb bit set */
248 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
249 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
252 for (i = 0; i < mlen - 1; i++)
253 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
254 m[mlen - 1] = m[mlen - 1] << mshift;
257 /* Allocate n of size mlen, copy base to n */
258 n = snewn(mlen, BignumInt);
260 for (j = 0; j < i; j++)
262 for (j = 0; j < base[0]; j++)
263 n[i + j] = base[base[0] - j];
265 /* Allocate a and b of size 2*mlen. Set a = 1 */
266 a = snewn(2 * mlen, BignumInt);
267 b = snewn(2 * mlen, BignumInt);
268 for (i = 0; i < 2 * mlen; i++)
272 /* Skip leading zero bits of exp. */
274 j = BIGNUM_INT_BITS-1;
275 while (i < exp[0] && (exp[exp[0] - i] & (1 << j)) == 0) {
279 j = BIGNUM_INT_BITS-1;
283 /* Main computation */
286 internal_mul(a + mlen, a + mlen, b, mlen);
287 internal_mod(b, mlen * 2, m, mlen, NULL, 0);
288 if ((exp[exp[0] - i] & (1 << j)) != 0) {
289 internal_mul(b + mlen, n, a, mlen);
290 internal_mod(a, mlen * 2, m, mlen, NULL, 0);
300 j = BIGNUM_INT_BITS-1;
303 /* Fixup result in case the modulus was shifted */
305 for (i = mlen - 1; i < 2 * mlen - 1; i++)
306 a[i] = (a[i] << mshift) | (a[i + 1] >> (BIGNUM_INT_BITS - mshift));
307 a[2 * mlen - 1] = a[2 * mlen - 1] << mshift;
308 internal_mod(a, mlen * 2, m, mlen, NULL, 0);
309 for (i = 2 * mlen - 1; i >= mlen; i--)
310 a[i] = (a[i] >> mshift) | (a[i - 1] << (BIGNUM_INT_BITS - mshift));
313 /* Copy result to buffer */
314 result = newbn(mod[0]);
315 for (i = 0; i < mlen; i++)
316 result[result[0] - i] = a[i + mlen];
317 while (result[0] > 1 && result[result[0]] == 0)
320 /* Free temporary arrays */
321 for (i = 0; i < 2 * mlen; i++)
324 for (i = 0; i < 2 * mlen; i++)
327 for (i = 0; i < mlen; i++)
330 for (i = 0; i < mlen; i++)
338 * Compute (p * q) % mod.
339 * The most significant word of mod MUST be non-zero.
340 * We assume that the result array is the same size as the mod array.
342 Bignum modmul(Bignum p, Bignum q, Bignum mod)
344 BignumInt *a, *n, *m, *o;
346 int pqlen, mlen, rlen, i, j;
349 /* Allocate m of size mlen, copy mod to m */
350 /* We use big endian internally */
352 m = snewn(mlen, BignumInt);
353 for (j = 0; j < mlen; j++)
354 m[j] = mod[mod[0] - j];
356 /* Shift m left to make msb bit set */
357 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
358 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
361 for (i = 0; i < mlen - 1; i++)
362 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
363 m[mlen - 1] = m[mlen - 1] << mshift;
366 pqlen = (p[0] > q[0] ? p[0] : q[0]);
368 /* Allocate n of size pqlen, copy p to n */
369 n = snewn(pqlen, BignumInt);
371 for (j = 0; j < i; j++)
373 for (j = 0; j < p[0]; j++)
374 n[i + j] = p[p[0] - j];
376 /* Allocate o of size pqlen, copy q to o */
377 o = snewn(pqlen, BignumInt);
379 for (j = 0; j < i; j++)
381 for (j = 0; j < q[0]; j++)
382 o[i + j] = q[q[0] - j];
384 /* Allocate a of size 2*pqlen for result */
385 a = snewn(2 * pqlen, BignumInt);
387 /* Main computation */
388 internal_mul(n, o, a, pqlen);
389 internal_mod(a, pqlen * 2, m, mlen, NULL, 0);
391 /* Fixup result in case the modulus was shifted */
393 for (i = 2 * pqlen - mlen - 1; i < 2 * pqlen - 1; i++)
394 a[i] = (a[i] << mshift) | (a[i + 1] >> (BIGNUM_INT_BITS - mshift));
395 a[2 * pqlen - 1] = a[2 * pqlen - 1] << mshift;
396 internal_mod(a, pqlen * 2, m, mlen, NULL, 0);
397 for (i = 2 * pqlen - 1; i >= 2 * pqlen - mlen; i--)
398 a[i] = (a[i] >> mshift) | (a[i - 1] << (BIGNUM_INT_BITS - mshift));
401 /* Copy result to buffer */
402 rlen = (mlen < pqlen * 2 ? mlen : pqlen * 2);
403 result = newbn(rlen);
404 for (i = 0; i < rlen; i++)
405 result[result[0] - i] = a[i + 2 * pqlen - rlen];
406 while (result[0] > 1 && result[result[0]] == 0)
409 /* Free temporary arrays */
410 for (i = 0; i < 2 * pqlen; i++)
413 for (i = 0; i < mlen; i++)
416 for (i = 0; i < pqlen; i++)
419 for (i = 0; i < pqlen; i++)
428 * The most significant word of mod MUST be non-zero.
429 * We assume that the result array is the same size as the mod array.
430 * We optionally write out a quotient if `quotient' is non-NULL.
431 * We can avoid writing out the result if `result' is NULL.
433 static void bigdivmod(Bignum p, Bignum mod, Bignum result, Bignum quotient)
437 int plen, mlen, i, j;
439 /* Allocate m of size mlen, copy mod to m */
440 /* We use big endian internally */
442 m = snewn(mlen, BignumInt);
443 for (j = 0; j < mlen; j++)
444 m[j] = mod[mod[0] - j];
446 /* Shift m left to make msb bit set */
447 for (mshift = 0; mshift < BIGNUM_INT_BITS-1; mshift++)
448 if ((m[0] << mshift) & BIGNUM_TOP_BIT)
451 for (i = 0; i < mlen - 1; i++)
452 m[i] = (m[i] << mshift) | (m[i + 1] >> (BIGNUM_INT_BITS - mshift));
453 m[mlen - 1] = m[mlen - 1] << mshift;
457 /* Ensure plen > mlen */
461 /* Allocate n of size plen, copy p to n */
462 n = snewn(plen, BignumInt);
463 for (j = 0; j < plen; j++)
465 for (j = 1; j <= p[0]; j++)
468 /* Main computation */
469 internal_mod(n, plen, m, mlen, quotient, mshift);
471 /* Fixup result in case the modulus was shifted */
473 for (i = plen - mlen - 1; i < plen - 1; i++)
474 n[i] = (n[i] << mshift) | (n[i + 1] >> (BIGNUM_INT_BITS - mshift));
475 n[plen - 1] = n[plen - 1] << mshift;
476 internal_mod(n, plen, m, mlen, quotient, 0);
477 for (i = plen - 1; i >= plen - mlen; i--)
478 n[i] = (n[i] >> mshift) | (n[i - 1] << (BIGNUM_INT_BITS - mshift));
481 /* Copy result to buffer */
483 for (i = 1; i <= result[0]; i++) {
485 result[i] = j >= 0 ? n[j] : 0;
489 /* Free temporary arrays */
490 for (i = 0; i < mlen; i++)
493 for (i = 0; i < plen; i++)
499 * Decrement a number.
501 void decbn(Bignum bn)
504 while (i < bn[0] && bn[i] == 0)
505 bn[i++] = BIGNUM_INT_MASK;
509 Bignum bignum_from_bytes(const unsigned char *data, int nbytes)
514 w = (nbytes + BIGNUM_INT_BYTES - 1) / BIGNUM_INT_BYTES; /* bytes->words */
517 for (i = 1; i <= w; i++)
519 for (i = nbytes; i--;) {
520 unsigned char byte = *data++;
521 result[1 + i / BIGNUM_INT_BYTES] |= byte << (8*i % BIGNUM_INT_BITS);
524 while (result[0] > 1 && result[result[0]] == 0)
530 * Read an ssh1-format bignum from a data buffer. Return the number
533 int ssh1_read_bignum(const unsigned char *data, Bignum * result)
535 const unsigned char *p = data;
540 for (i = 0; i < 2; i++)
542 b = (w + 7) / 8; /* bits -> bytes */
544 if (!result) /* just return length */
547 *result = bignum_from_bytes(p, b);
553 * Return the bit count of a bignum, for ssh1 encoding.
555 int bignum_bitcount(Bignum bn)
557 int bitcount = bn[0] * BIGNUM_INT_BITS - 1;
559 && (bn[bitcount / BIGNUM_INT_BITS + 1] >> (bitcount % BIGNUM_INT_BITS)) == 0) bitcount--;
564 * Return the byte length of a bignum when ssh1 encoded.
566 int ssh1_bignum_length(Bignum bn)
568 return 2 + (bignum_bitcount(bn) + 7) / 8;
572 * Return the byte length of a bignum when ssh2 encoded.
574 int ssh2_bignum_length(Bignum bn)
576 return 4 + (bignum_bitcount(bn) + 8) / 8;
580 * Return a byte from a bignum; 0 is least significant, etc.
582 int bignum_byte(Bignum bn, int i)
584 if (i >= BIGNUM_INT_BYTES * bn[0])
585 return 0; /* beyond the end */
587 return (bn[i / BIGNUM_INT_BYTES + 1] >>
588 ((i % BIGNUM_INT_BYTES)*8)) & 0xFF;
592 * Return a bit from a bignum; 0 is least significant, etc.
594 int bignum_bit(Bignum bn, int i)
596 if (i >= BIGNUM_INT_BITS * bn[0])
597 return 0; /* beyond the end */
599 return (bn[i / BIGNUM_INT_BITS + 1] >> (i % BIGNUM_INT_BITS)) & 1;
603 * Set a bit in a bignum; 0 is least significant, etc.
605 void bignum_set_bit(Bignum bn, int bitnum, int value)
607 if (bitnum >= BIGNUM_INT_BITS * bn[0])
608 abort(); /* beyond the end */
610 int v = bitnum / BIGNUM_INT_BITS + 1;
611 int mask = 1 << (bitnum % BIGNUM_INT_BITS);
620 * Write a ssh1-format bignum into a buffer. It is assumed the
621 * buffer is big enough. Returns the number of bytes used.
623 int ssh1_write_bignum(void *data, Bignum bn)
625 unsigned char *p = data;
626 int len = ssh1_bignum_length(bn);
628 int bitc = bignum_bitcount(bn);
630 *p++ = (bitc >> 8) & 0xFF;
631 *p++ = (bitc) & 0xFF;
632 for (i = len - 2; i--;)
633 *p++ = bignum_byte(bn, i);
638 * Compare two bignums. Returns like strcmp.
640 int bignum_cmp(Bignum a, Bignum b)
642 int amax = a[0], bmax = b[0];
643 int i = (amax > bmax ? amax : bmax);
645 BignumInt aval = (i > amax ? 0 : a[i]);
646 BignumInt bval = (i > bmax ? 0 : b[i]);
657 * Right-shift one bignum to form another.
659 Bignum bignum_rshift(Bignum a, int shift)
662 int i, shiftw, shiftb, shiftbb, bits;
665 bits = bignum_bitcount(a) - shift;
666 ret = newbn((bits + BIGNUM_INT_BITS - 1) / BIGNUM_INT_BITS);
669 shiftw = shift / BIGNUM_INT_BITS;
670 shiftb = shift % BIGNUM_INT_BITS;
671 shiftbb = BIGNUM_INT_BITS - shiftb;
674 for (i = 1; i <= ret[0]; i++) {
676 ai1 = (i + shiftw + 1 <= a[0] ? a[i + shiftw + 1] : 0);
677 ret[i] = ((ai >> shiftb) | (ai1 << shiftbb)) & BIGNUM_INT_MASK;
685 * Non-modular multiplication and addition.
687 Bignum bigmuladd(Bignum a, Bignum b, Bignum addend)
689 int alen = a[0], blen = b[0];
690 int mlen = (alen > blen ? alen : blen);
691 int rlen, i, maxspot;
692 BignumInt *workspace;
695 /* mlen space for a, mlen space for b, 2*mlen for result */
696 workspace = snewn(mlen * 4, BignumInt);
697 for (i = 0; i < mlen; i++) {
698 workspace[0 * mlen + i] = (mlen - i <= a[0] ? a[mlen - i] : 0);
699 workspace[1 * mlen + i] = (mlen - i <= b[0] ? b[mlen - i] : 0);
702 internal_mul(workspace + 0 * mlen, workspace + 1 * mlen,
703 workspace + 2 * mlen, mlen);
705 /* now just copy the result back */
706 rlen = alen + blen + 1;
707 if (addend && rlen <= addend[0])
708 rlen = addend[0] + 1;
711 for (i = 1; i <= ret[0]; i++) {
712 ret[i] = (i <= 2 * mlen ? workspace[4 * mlen - i] : 0);
718 /* now add in the addend, if any */
720 BignumDblInt carry = 0;
721 for (i = 1; i <= rlen; i++) {
722 carry += (i <= ret[0] ? ret[i] : 0);
723 carry += (i <= addend[0] ? addend[i] : 0);
724 ret[i] = (BignumInt) carry & BIGNUM_INT_MASK;
725 carry >>= BIGNUM_INT_BITS;
726 if (ret[i] != 0 && i > maxspot)
736 * Non-modular multiplication.
738 Bignum bigmul(Bignum a, Bignum b)
740 return bigmuladd(a, b, NULL);
744 * Create a bignum which is the bitmask covering another one. That
745 * is, the smallest integer which is >= N and is also one less than
748 Bignum bignum_bitmask(Bignum n)
750 Bignum ret = copybn(n);
755 while (n[i] == 0 && i > 0)
758 return ret; /* input was zero */
764 ret[i] = BIGNUM_INT_MASK;
769 * Convert a (max 32-bit) long into a bignum.
771 Bignum bignum_from_long(unsigned long nn)
777 ret[1] = (BignumInt)(n & BIGNUM_INT_MASK);
778 ret[2] = (BignumInt)((n >> BIGNUM_INT_BITS) & BIGNUM_INT_MASK);
780 ret[0] = (ret[2] ? 2 : 1);
785 * Add a long to a bignum.
787 Bignum bignum_add_long(Bignum number, unsigned long addendx)
789 Bignum ret = newbn(number[0] + 1);
791 BignumDblInt carry = 0, addend = addendx;
793 for (i = 1; i <= ret[0]; i++) {
794 carry += addend & BIGNUM_INT_MASK;
795 carry += (i <= number[0] ? number[i] : 0);
796 addend >>= BIGNUM_INT_BITS;
797 ret[i] = (BignumInt) carry & BIGNUM_INT_MASK;
798 carry >>= BIGNUM_INT_BITS;
807 * Compute the residue of a bignum, modulo a (max 16-bit) short.
809 unsigned short bignum_mod_short(Bignum number, unsigned short modulus)
816 for (i = number[0]; i > 0; i--)
817 r = (r * (BIGNUM_TOP_BIT % mod) * 2 + number[i] % mod) % mod;
818 return (unsigned short) r;
822 void diagbn(char *prefix, Bignum md)
824 int i, nibbles, morenibbles;
825 static const char hex[] = "0123456789ABCDEF";
827 debug(("%s0x", prefix ? prefix : ""));
829 nibbles = (3 + bignum_bitcount(md)) / 4;
832 morenibbles = 4 * md[0] - nibbles;
833 for (i = 0; i < morenibbles; i++)
835 for (i = nibbles; i--;)
837 hex[(bignum_byte(md, i / 2) >> (4 * (i % 2))) & 0xF]));
847 Bignum bigdiv(Bignum a, Bignum b)
849 Bignum q = newbn(a[0]);
850 bigdivmod(a, b, NULL, q);
857 Bignum bigmod(Bignum a, Bignum b)
859 Bignum r = newbn(b[0]);
860 bigdivmod(a, b, r, NULL);
865 * Greatest common divisor.
867 Bignum biggcd(Bignum av, Bignum bv)
869 Bignum a = copybn(av);
870 Bignum b = copybn(bv);
872 while (bignum_cmp(b, Zero) != 0) {
873 Bignum t = newbn(b[0]);
874 bigdivmod(a, b, t, NULL);
875 while (t[0] > 1 && t[t[0]] == 0)
887 * Modular inverse, using Euclid's extended algorithm.
889 Bignum modinv(Bignum number, Bignum modulus)
891 Bignum a = copybn(modulus);
892 Bignum b = copybn(number);
893 Bignum xp = copybn(Zero);
894 Bignum x = copybn(One);
897 while (bignum_cmp(b, One) != 0) {
898 Bignum t = newbn(b[0]);
899 Bignum q = newbn(a[0]);
900 bigdivmod(a, b, t, q);
901 while (t[0] > 1 && t[t[0]] == 0)
908 x = bigmuladd(q, xp, t);
917 /* now we know that sign * x == 1, and that x < modulus */
919 /* set a new x to be modulus - x */
920 Bignum newx = newbn(modulus[0]);
925 for (i = 1; i <= newx[0]; i++) {
926 BignumInt aword = (i <= modulus[0] ? modulus[i] : 0);
927 BignumInt bword = (i <= x[0] ? x[i] : 0);
928 newx[i] = aword - bword - carry;
930 carry = carry ? (newx[i] >= bword) : (newx[i] > bword);
944 * Render a bignum into decimal. Return a malloced string holding
945 * the decimal representation.
947 char *bignum_decimal(Bignum x)
953 BignumInt *workspace;
956 * First, estimate the number of digits. Since log(10)/log(2)
957 * is just greater than 93/28 (the joys of continued fraction
958 * approximations...) we know that for every 93 bits, we need
959 * at most 28 digits. This will tell us how much to malloc.
961 * Formally: if x has i bits, that means x is strictly less
962 * than 2^i. Since 2 is less than 10^(28/93), this is less than
963 * 10^(28i/93). We need an integer power of ten, so we must
964 * round up (rounding down might make it less than x again).
965 * Therefore if we multiply the bit count by 28/93, rounding
966 * up, we will have enough digits.
968 i = bignum_bitcount(x);
969 ndigits = (28 * i + 92) / 93; /* multiply by 28/93 and round up */
970 ndigits++; /* allow for trailing \0 */
971 ret = snewn(ndigits, char);
974 * Now allocate some workspace to hold the binary form as we
975 * repeatedly divide it by ten. Initialise this to the
976 * big-endian form of the number.
978 workspace = snewn(x[0], BignumInt);
979 for (i = 0; i < x[0]; i++)
980 workspace[i] = x[x[0] - i];
983 * Next, write the decimal number starting with the last digit.
984 * We use ordinary short division, dividing 10 into the
987 ndigit = ndigits - 1;
992 for (i = 0; i < x[0]; i++) {
993 carry = (carry << BIGNUM_INT_BITS) + workspace[i];
994 workspace[i] = (BignumInt) (carry / 10);
999 ret[--ndigit] = (char) (carry + '0');
1003 * There's a chance we've fallen short of the start of the
1004 * string. Correct if so.
1007 memmove(ret, ret + ndigit, ndigits - ndigit);
projects / PuTTY.git / blob