s2n bignum import method change

crypto/fipsmodule/CMakeLists.txt

@@ -193,12 +193,12 @@ if((((ARCH STREQUAL "x86_64") AND NOT MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX) OR
 
   # Set the source directory for s2n-bignum assembly files
   if(ARCH STREQUAL "x86_64")
-    set(S2N_BIGNUM_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/x86_att)
+    set(S2N_BIGNUM_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/s2n-bignum-imported/x86_att)
   else()
-    set(S2N_BIGNUM_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/arm)
+    set(S2N_BIGNUM_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/s2n-bignum-imported/arm)
   endif()
 
-  set(S2N_BIGNUM_INCLUDE_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/include)
+  set(S2N_BIGNUM_INCLUDE_DIR ${AWSLC_SOURCE_DIR}/third_party/s2n-bignum/s2n-bignum-imported/include)
 
   # We add s2n-bignum files to a separate list because they need
   # to go through C preprocessor in case of the static build.
@@ -290,16 +290,10 @@ if((((ARCH STREQUAL "x86_64") AND NOT MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX) OR
                 generic/bignum_optsub.S
                 generic/bignum_sqr.S
 
-                fastmul/bignum_kmul_16_32_neon.S
-                fastmul/bignum_kmul_32_64_neon.S
-                fastmul/bignum_ksqr_16_32_neon.S
-                fastmul/bignum_ksqr_32_64_neon.S
-                fastmul/bignum_emontredc_8n_neon.S
-
                 generic/bignum_copy_row_from_table.S
-                generic/bignum_copy_row_from_table_8n_neon.S
-                generic/bignum_copy_row_from_table_16_neon.S
-                generic/bignum_copy_row_from_table_32_neon.S
+                generic/bignum_copy_row_from_table_8n.S
+                generic/bignum_copy_row_from_table_16.S
+                generic/bignum_copy_row_from_table_32.S
     )
   endif()
 endif()

crypto/fipsmodule/bn/exponentiation.c

@@ -124,11 +124,13 @@
      defined(OPENSSL_OPENBSD) || defined(OPENSSL_FREEBSD)) &&                        \
     defined(OPENSSL_AARCH64)
 
-#include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 
 #define BN_EXPONENTIATION_S2N_BIGNUM_CAPABLE 1
 
-OPENSSL_INLINE int exponentiation_use_s2n_bignum(void) { return 1; }
+OPENSSL_INLINE int exponentiation_use_s2n_bignum(void) {
+  return CRYPTO_is_NEON_capable();
+}
 
 #else
 
@@ -143,17 +145,12 @@ static void exponentiation_s2n_bignum_copy_from_prebuf(BN_ULONG *dest, int width
 #if defined(BN_EXPONENTIATION_S2N_BIGNUM_CAPABLE)
 
   int table_height = 1 << window;
-  if (CRYPTO_is_NEON_capable()) {
-    if (width == 32) {
-      bignum_copy_row_from_table_32_neon(dest, table, table_height, rowidx);
-    } else if (width == 16) {
-      bignum_copy_row_from_table_16_neon(dest, table, table_height, rowidx);
-    } else if (width % 8 == 0) {
-      bignum_copy_row_from_table_8n_neon(dest, table, table_height, width,
-                                         rowidx);
-    } else {
-      bignum_copy_row_from_table(dest, table, table_height, width, rowidx);
-    }
+  if (width == 32) {
+    bignum_copy_row_from_table_32(dest, table, table_height, rowidx);
+  } else if (width == 16) {
+    bignum_copy_row_from_table_16(dest, table, table_height, rowidx);
+  } else if (width % 8 == 0) {
+    bignum_copy_row_from_table_8n(dest, table, table_height, width, rowidx);
   } else {
     bignum_copy_row_from_table(dest, table, table_height, width, rowidx);
   }

crypto/fipsmodule/bn/montgomery.c

@@ -127,7 +127,7 @@
      defined(OPENSSL_OPENBSD) || defined(OPENSSL_FREEBSD)) &&                        \
     defined(OPENSSL_AARCH64) && defined(OPENSSL_BN_ASM_MONT)
 
-#include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 
 #define BN_MONTGOMERY_S2N_BIGNUM_CAPABLE 1
 
@@ -137,11 +137,14 @@ OPENSSL_INLINE int montgomery_use_s2n_bignum(unsigned int num) {
   // (2) num (which is the number of words) is multiplie of 8, because
   //     s2n-bignum's bignum_emontredc_8n requires it, and
   // (3) The word size is 64 bits.
+  // (4) CPU has NEON.
   assert(S2NBIGNUM_KSQR_16_32_TEMP_NWORDS <= S2NBIGNUM_KMUL_32_64_TEMP_NWORDS &&
          S2NBIGNUM_KSQR_32_64_TEMP_NWORDS <= S2NBIGNUM_KMUL_32_64_TEMP_NWORDS &&
          S2NBIGNUM_KMUL_16_32_TEMP_NWORDS <= S2NBIGNUM_KMUL_32_64_TEMP_NWORDS);
   assert(BN_BITS2 == 64);
-  return !CRYPTO_is_ARMv8_wide_multiplier_capable() && (num % 8 == 0);
+  return !CRYPTO_is_ARMv8_wide_multiplier_capable() &&
+          (num % 8 == 0) &&
+          CRYPTO_is_NEON_capable();
 }
 
 #else
@@ -454,7 +457,7 @@ static int bn_mod_mul_montgomery_fallback(BIGNUM *r, const BIGNUM *a,
 // are equivalent to the arguments of bn_mul_mont.
 // montgomery_s2n_bignum_mul_mont works only if num is a multiple of 8.
 // montgomery_use_s2n_bignum(num) must be called in advance to check this
-// condition.
+// condition, as well as other s2n-bignum requirements.
 // For num = 32 or num = 16, this uses faster primitives in s2n-bignum.
 // montgomery_s2n_bignum_mul_mont allocates S2NBIGNUM_KMUL_32_64_TEMP_NWORDS +
 // 2 * BN_MONTGOMERY_MAX_WORDS uint64_t words at the stack.
@@ -477,34 +480,23 @@ static void montgomery_s2n_bignum_mul_mont(BN_ULONG *rp, const BN_ULONG *ap,
   uint64_t w = n0[0];
 
   if (num == 32) {
-    if (CRYPTO_is_NEON_capable()) {
-      if (ap == bp)
-        bignum_ksqr_32_64_neon(mulres, ap, t);
-      else
-        bignum_kmul_32_64_neon(mulres, ap, bp, t);
+    if (ap == bp) {
+      bignum_ksqr_32_64(mulres, ap, t);
     } else {
-      if (ap == bp)
-        bignum_ksqr_32_64(mulres, ap, t);
-      else
-        bignum_kmul_32_64(mulres, ap, bp, t);
+      bignum_kmul_32_64(mulres, ap, bp, t);
     }
   } else if (num == 16) {
-    if (CRYPTO_is_NEON_capable()) {
-      if (ap == bp)
-        bignum_ksqr_16_32_neon(mulres, ap, t);
-      else
-        bignum_kmul_16_32_neon(mulres, ap, bp, t);
+    if (ap == bp) {
+      bignum_ksqr_16_32(mulres, ap, t);
     } else {
-      if (ap == bp)
-        bignum_ksqr_16_32(mulres, ap, t);
-      else
-        bignum_kmul_16_32(mulres, ap, bp, t);
+      bignum_kmul_16_32(mulres, ap, bp, t);
     }
   } else {
-    if (ap == bp)
+    if (ap == bp) {
       bignum_sqr(num * 2, mulres, num, ap);
-    else
+    } else {
       bignum_mul(num * 2, mulres, num, ap, num, bp);
+    }
   }
 
   // Do montgomery reduction. We follow the definition of montgomery reduction
@@ -518,9 +510,7 @@ static void montgomery_s2n_bignum_mul_mont(BN_ULONG *rp, const BN_ULONG *ap,
   //    A. The result of step 1 >= 2^(64*num), meaning that bignum_emontredc_8n
   //       returned 1. Since m is less than 2^(64*num), (result of step 1) >= m holds.
   //    B. The result of step 1 fits in 2^(64*num), and the result >= m.
-  uint64_t c = CRYPTO_is_NEON_capable() ? 
-               bignum_emontredc_8n_neon(num, mulres, np, w) :
-               bignum_emontredc_8n(num, mulres, np, w); // c: case A
+  uint64_t c = bignum_emontredc_8n(num, mulres, np, w); // c: case A
   c |= bignum_ge(num, mulres + num, num, np);  // c: case B
   // Optionally subtract and store the result at rp
   bignum_optsub(num, rp, mulres + num, c, np);

crypto/fipsmodule/curve25519/curve25519_s2n_bignum_asm.c

@@ -5,7 +5,7 @@
 #include "../cpucap/internal.h"
 
 #if defined(CURVE25519_S2N_BIGNUM_CAPABLE)
-#include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 
 void x25519_scalar_mult_generic_s2n_bignum(
   uint8_t out_shared_key[X25519_SHARED_KEY_LEN],

crypto/fipsmodule/ec/p256-nistz.c

@@ -34,7 +34,7 @@
 #include "ec_nistp.h"
 
 #if defined(EC_NISTP_USE_S2N_BIGNUM)
-#include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 #endif
 
 #if !defined(OPENSSL_NO_ASM) &&  \

crypto/fipsmodule/ec/p384.c

@@ -19,7 +19,7 @@
 #if !defined(OPENSSL_SMALL)
 
 #if defined(EC_NISTP_USE_S2N_BIGNUM)
-#  include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#  include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 #else
 #  if defined(EC_NISTP_USE_64BIT_LIMB)
 #    include "../../../third_party/fiat/p384_64.h"

crypto/fipsmodule/ec/p521.c

@@ -22,7 +22,7 @@
 #if !defined(OPENSSL_SMALL)
 
 #if defined(EC_NISTP_USE_S2N_BIGNUM)
-#  include "../../../third_party/s2n-bignum/include/s2n-bignum_aws-lc.h"
+#  include "../../../third_party/s2n-bignum/s2n-bignum_aws-lc.h"
 #else
 #  if defined(EC_NISTP_USE_64BIT_LIMB)
 #    include "../../../third_party/fiat/p521_64.h"

third_party/s2n-bignum/META.yml

@@ -0,0 +1,5 @@
+name: s2n-bignum-imported
+source: awslabs/s2n-bignum.git
+commit: 54e1fa5756d6b13961c2f61d90f75426aa25d373
+target: main
+imported-at: 2025-04-28T17:22:07+0000