Reinstate bn_isqrt.c r1.8 and crypto_lock.c r1.3

This traded local copies of CTASSERT() to the one in crypto_internal.h.
This change was backed out due to SHA-512 breakage on STRICT_ALIGNMENT
archit

Reinstate bn_isqrt.c r1.8 and crypto_lock.c r1.3

This traded local copies of CTASSERT() to the one in crypto_internal.h.
This change was backed out due to SHA-512 breakage on STRICT_ALIGNMENT
architectures still using Fred Flintstone's gcc without asm sha512.

Original commit message:

Use crypto_internal.h's CTASSERT()

Now that this macro is available in a header, let's use that version
rather than copies in several .c files.

discussed with jsing

show more ...

backout alignment changes (breaking at least two architectures)

Use crypto_internal.h's CTASSERT()

Now that this macro is available in a header, let's use that version
rather than copies in several .c files.

discussed with jsing

Replace the remaining BN_copy() with bn_copy()

ok jsing

Provide BN_zero()/BN_one() as functions and make BN_zero() always succeed.

BN_zero() is currently implemented using BN_set_word(), which means it can
fail, however almost nothing ever checks the ret

Provide BN_zero()/BN_one() as functions and make BN_zero() always succeed.

BN_zero() is currently implemented using BN_set_word(), which means it can
fail, however almost nothing ever checks the return value. A long time
ago OpenSSL changed BN_zero() to always succeed and return void, however
kept BN_zero as a macro that calls a new BN_zero_ex() function, so that
it can be switched back to the "can fail" version.

Take a simpler approach - change BN_zero()/BN_one() to functions and make
BN_zero() always succeed. This will be exposed in the next bump, at which
point we can hopefully also remove the BN_zero_ex() function.

ok tb@

show more ...

Update reference to table generation

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...

Fix path of mentioned regress test

Do not make tables static so we can access them from regress.

Integer square root and perfect square test

This adds an implementation of the integer square root using a variant
of Newton's method with adaptive precision. The implementation is based
on a pure P

Integer square root and perfect square test

This adds an implementation of the integer square root using a variant
of Newton's method with adaptive precision. The implementation is based
on a pure Python description of cpython's math.isqrt(). This algorithm
is proven to be correct with a tricky but very neat loop invariant:
https://github.com/mdickinson/snippets/blob/master/proofs/isqrt/src/isqrt.lean

Using this algorithm instead of Newton method, implement Algorithm 1.7.3
(square test) from H. Cohen, "A course in computational algebraic number
theory" to detect perfect squares.

ok jsing

show more ...