116 static void bin48_to_felem(felem out, const u8 in[48])  in bin48_to_felem()
119     out[0] = (*((limb *) & in[0])) & bottom56bits;  in bin48_to_felem()
120     out[1] = (*((limb_aX *) & in[7])) & bottom56bits;  in bin48_to_felem()
121     out[2] = (*((limb_aX *) & in[14])) & bottom56bits;  in bin48_to_felem()
122     out[3] = (*((limb_aX *) & in[21])) & bottom56bits;  in bin48_to_felem()
123     out[4] = (*((limb_aX *) & in[28])) & bottom56bits;  in bin48_to_felem()
124     out[5] = (*((limb_aX *) & in[35])) & bottom56bits;  in bin48_to_felem()
125     memmove(&out[6], &in[42], 6);  in bin48_to_felem()
128 static void felem_to_bin48(u8 out[48], const felem in)  in felem_to_bin48()  argument
131     (*((limb *) & out[0]))     |= (in[0] & bottom56bits);  in felem_to_bin48()
132     (*((limb_aX *) & out[7]))  |= (in[1] & bottom56bits);  in felem_to_bin48()
133     (*((limb_aX *) & out[14])) |= (in[2] & bottom56bits);  in felem_to_bin48()
134     (*((limb_aX *) & out[21])) |= (in[3] & bottom56bits);  in felem_to_bin48()
135     (*((limb_aX *) & out[28])) |= (in[4] & bottom56bits);  in felem_to_bin48()
136     (*((limb_aX *) & out[35])) |= (in[5] & bottom56bits);  in felem_to_bin48()
137     memmove(&out[42], &in[6], 6);  in felem_to_bin48()
160 static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)  in felem_to_BN()  argument
164     felem_to_bin48(b_out, in);  in felem_to_BN()
179 static void felem_assign(felem out, const felem in)  in felem_assign()  argument
181     memcpy(out, in, sizeof(felem));  in felem_assign()
185 static void felem_sum64(felem out, const felem in)  in felem_sum64()  argument
190         out[i] += in[i];  in felem_sum64()
194 static void felem_scalar(felem out, const felem in, limb scalar)  in felem_scalar()  argument
199         out[i] = in[i] * scalar;  in felem_scalar()
227 static void felem_neg(felem out, const felem in)  in felem_neg()  argument
246     out[0] = two60p44m12 - in[0];  in felem_neg()
247     out[1] = two60m52m4 - in[1];  in felem_neg()
248     out[2] = two60m28m4 - in[2];  in felem_neg()
249     out[3] = two60m4 - in[3];  in felem_neg()
250     out[4] = two60m4 - in[4];  in felem_neg()
251     out[5] = two60m4 - in[5];  in felem_neg()
252     out[6] = two60m4 - in[6];  in felem_neg()
262 static void felem_diff64(felem out, const felem in)  in felem_diff64()  argument
282     out[0] += two60p44m12 - in[0];  in felem_diff64()
283     out[1] += two60m52m4 - in[1];  in felem_diff64()
284     out[2] += two60m28m4 - in[2];  in felem_diff64()
285     out[3] += two60m4 - in[3];  in felem_diff64()
286     out[4] += two60m4 - in[4];  in felem_diff64()
287     out[5] += two60m4 - in[5];  in felem_diff64()
288     out[6] += two60m4 - in[6];  in felem_diff64()
295 static void felem_diff_128_64(widefelem out, const felem in)  in felem_diff_128_64()  argument
325         out[i] -= in[i];  in felem_diff_128_64()
332 static void felem_diff128(widefelem out, const widefelem in)  in felem_diff128()  argument
370         out[i] -= in[i];  in felem_diff128()
373 static void felem_square_ref(widefelem out, const felem in)  in felem_square_ref()  argument
376     felem_scalar(inx2, in, 2);  in felem_square_ref()
378     out[0] = ((uint128_t) in[0]) * in[0];  in felem_square_ref()
380     out[1] = ((uint128_t) in[0]) * inx2[1];  in felem_square_ref()
382     out[2] = ((uint128_t) in[0]) * inx2[2]  in felem_square_ref()
383            + ((uint128_t) in[1]) * in[1];  in felem_square_ref()
385     out[3] = ((uint128_t) in[0]) * inx2[3]  in felem_square_ref()
386            + ((uint128_t) in[1]) * inx2[2];  in felem_square_ref()
388     out[4] = ((uint128_t) in[0]) * inx2[4]  in felem_square_ref()
389            + ((uint128_t) in[1]) * inx2[3]  in felem_square_ref()
390            + ((uint128_t) in[2]) * in[2];  in felem_square_ref()
392     out[5] = ((uint128_t) in[0]) * inx2[5]  in felem_square_ref()
393            + ((uint128_t) in[1]) * inx2[4]  in felem_square_ref()
394            + ((uint128_t) in[2]) * inx2[3];  in felem_square_ref()
396     out[6] = ((uint128_t) in[0]) * inx2[6]  in felem_square_ref()
397            + ((uint128_t) in[1]) * inx2[5]  in felem_square_ref()
398            + ((uint128_t) in[2]) * inx2[4]  in felem_square_ref()
399            + ((uint128_t) in[3]) * in[3];  in felem_square_ref()
401     out[7] = ((uint128_t) in[1]) * inx2[6]  in felem_square_ref()
402            + ((uint128_t) in[2]) * inx2[5]  in felem_square_ref()
403            + ((uint128_t) in[3]) * inx2[4];  in felem_square_ref()
405     out[8] = ((uint128_t) in[2]) * inx2[6]  in felem_square_ref()
406            + ((uint128_t) in[3]) * inx2[5]  in felem_square_ref()
407            + ((uint128_t) in[4]) * in[4];  in felem_square_ref()
409     out[9] = ((uint128_t) in[3]) * inx2[6]  in felem_square_ref()
410            + ((uint128_t) in[4]) * inx2[5];  in felem_square_ref()
412     out[10] = ((uint128_t) in[4]) * inx2[6]  in felem_square_ref()
413             + ((uint128_t) in[5]) * in[5];  in felem_square_ref()
415     out[11] = ((uint128_t) in[5]) * inx2[6];  in felem_square_ref()
417     out[12] = ((uint128_t) in[6]) * in[6];  in felem_square_ref()
506 static void felem_reduce(felem out, const widefelem in)  in felem_reduce()  argument
527     memcpy(acc, in, sizeof(widelimb) * 9);  in felem_reduce()
538     acc[8] += in[12] >> 32;  in felem_reduce()
539     acc[7] += (in[12] & 0xffffffff) << 24;  in felem_reduce()
540     acc[7] += in[12] >> 8;  in felem_reduce()
541     acc[6] += (in[12] & 0xff) << 48;  in felem_reduce()
542     acc[6] -= in[12] >> 16;  in felem_reduce()
543     acc[5] -= (in[12] & 0xffff) << 40;  in felem_reduce()
544     acc[6] += in[12] >> 48;  in felem_reduce()
545     acc[5] += (in[12] & 0xffffffffffff) << 8;  in felem_reduce()
547     acc[7] += in[11] >> 32;  in felem_reduce()
548     acc[6] += (in[11] & 0xffffffff) << 24;  in felem_reduce()
549     acc[6] += in[11] >> 8;  in felem_reduce()
550     acc[5] += (in[11] & 0xff) << 48;  in felem_reduce()
551     acc[5] -= in[11] >> 16;  in felem_reduce()
552     acc[4] -= (in[11] & 0xffff) << 40;  in felem_reduce()
553     acc[5] += in[11] >> 48;  in felem_reduce()
554     acc[4] += (in[11] & 0xffffffffffff) << 8;  in felem_reduce()
556     acc[6] += in[10] >> 32;  in felem_reduce()
557     acc[5] += (in[10] & 0xffffffff) << 24;  in felem_reduce()
558     acc[5] += in[10] >> 8;  in felem_reduce()
559     acc[4] += (in[10] & 0xff) << 48;  in felem_reduce()
560     acc[4] -= in[10] >> 16;  in felem_reduce()
561     acc[3] -= (in[10] & 0xffff) << 40;  in felem_reduce()
562     acc[4] += in[10] >> 48;  in felem_reduce()
563     acc[3] += (in[10] & 0xffffffffffff) << 8;  in felem_reduce()
565     acc[5] += in[9] >> 32;  in felem_reduce()
566     acc[4] += (in[9] & 0xffffffff) << 24;  in felem_reduce()
567     acc[4] += in[9] >> 8;  in felem_reduce()
568     acc[3] += (in[9] & 0xff) << 48;  in felem_reduce()
569     acc[3] -= in[9] >> 16;  in felem_reduce()
570     acc[2] -= (in[9] & 0xffff) << 40;  in felem_reduce()
571     acc[3] += in[9] >> 48;  in felem_reduce()
572     acc[2] += (in[9] & 0xffffffffffff) << 8;  in felem_reduce()
677 static void felem_square_wrapper(widefelem out, const felem in);
680 static void (*felem_square_p)(widefelem out, const felem in) =
685 void p384_felem_square(widefelem out, const felem in);
708 static void felem_square_wrapper(widefelem out, const felem in)  in felem_square_wrapper()  argument
711     felem_square_p(out, in);  in felem_square_wrapper()
727 static ossl_inline void felem_square_reduce(felem out, const felem in)  in felem_square_reduce()  argument
731     felem_square(tmp, in);  in felem_square_reduce()
751 static void felem_inv(felem out, const felem in)  in felem_inv()  argument
756     felem_square_reduce(ftmp, in);      /* 2^1 */  in felem_inv()
757     felem_mul_reduce(ftmp, ftmp, in);   /* 2^1 + 2^0 */  in felem_inv()
761     felem_mul_reduce(ftmp, ftmp, in);   /* 2^2 + 2^1 * 2^0 */  in felem_inv()
815 …felem_mul_reduce(ftmp, in, ftmp);    /* 2^383 + ... + 2^129 + 2^127 + ... + 2^96 + 2^31 + ... + 2^…  in felem_inv()
828 static limb felem_is_zero(const felem in)  in felem_is_zero()  argument
832     zero = in[0] | in[1] | in[2] | in[3] | in[4] | in[5] | in[6];  in felem_is_zero()
834     p384 = (in[0] ^ 0x000000ffffffff) | (in[1] ^ 0xffff0000000000)  in felem_is_zero()
835          | (in[2] ^ 0xfffffffffeffff) | (in[3] ^ 0xffffffffffffff)  in felem_is_zero()
836          | (in[4] ^ 0xffffffffffffff) | (in[5] ^ 0xffffffffffffff)  in felem_is_zero()
837          | (in[6] ^ 0xffffffffffff);  in felem_is_zero()
843 static int felem_is_zero_int(const void *in)  in felem_is_zero_int()  argument
845     return (int)(felem_is_zero(in) & ((limb) 1));  in felem_is_zero_int()
855 static void felem_contract(felem out, const felem in)  in felem_contract()  argument
867     memcpy(tmp, in, sizeof(felem));  in felem_contract()
870     a = (in[6] >> 48);  in felem_contract()
1052 static void copy_conditional(felem out, const felem in, limb mask)  in copy_conditional()  argument
1057         out[i] ^= mask & (in[i] ^ out[i]);  in copy_conditional()
1359 static char get_bit(const felem_bytearray in, int i)  in get_bit()  argument
1363     return (in[i >> 3] >> (i & 7)) & 1;  in get_bit()

Last Index update Tue Dec 03 00:04:52 UTC 2024

Dedicated to & Maintained by Room-11