Lines Matching refs:in
143 static void bin66_to_felem(felem out, const u8 in[66]) in bin66_to_felem()
145 out[0] = (*((limb *) & in[0])) & bottom58bits; in bin66_to_felem()
146 out[1] = (*((limb_aX *) & in[7]) >> 2) & bottom58bits; in bin66_to_felem()
147 out[2] = (*((limb_aX *) & in[14]) >> 4) & bottom58bits; in bin66_to_felem()
148 out[3] = (*((limb_aX *) & in[21]) >> 6) & bottom58bits; in bin66_to_felem()
149 out[4] = (*((limb_aX *) & in[29])) & bottom58bits; in bin66_to_felem()
150 out[5] = (*((limb_aX *) & in[36]) >> 2) & bottom58bits; in bin66_to_felem()
151 out[6] = (*((limb_aX *) & in[43]) >> 4) & bottom58bits; in bin66_to_felem()
152 out[7] = (*((limb_aX *) & in[50]) >> 6) & bottom58bits; in bin66_to_felem()
153 out[8] = (*((limb_aX *) & in[58])) & bottom57bits; in bin66_to_felem()
160 static void felem_to_bin66(u8 out[66], const felem in) in felem_to_bin66() argument
163 (*((limb *) & out[0])) = in[0]; in felem_to_bin66()
164 (*((limb_aX *) & out[7])) |= in[1] << 2; in felem_to_bin66()
165 (*((limb_aX *) & out[14])) |= in[2] << 4; in felem_to_bin66()
166 (*((limb_aX *) & out[21])) |= in[3] << 6; in felem_to_bin66()
167 (*((limb_aX *) & out[29])) = in[4]; in felem_to_bin66()
168 (*((limb_aX *) & out[36])) |= in[5] << 2; in felem_to_bin66()
169 (*((limb_aX *) & out[43])) |= in[6] << 4; in felem_to_bin66()
170 (*((limb_aX *) & out[50])) |= in[7] << 6; in felem_to_bin66()
171 (*((limb_aX *) & out[58])) = in[8]; in felem_to_bin66()
194 static BIGNUM *felem_to_BN(BIGNUM *out, const felem in) in felem_to_BN() argument
197 felem_to_bin66(b_out, in); in felem_to_BN()
219 static void felem_assign(felem out, const felem in) in felem_assign() argument
221 out[0] = in[0]; in felem_assign()
222 out[1] = in[1]; in felem_assign()
223 out[2] = in[2]; in felem_assign()
224 out[3] = in[3]; in felem_assign()
225 out[4] = in[4]; in felem_assign()
226 out[5] = in[5]; in felem_assign()
227 out[6] = in[6]; in felem_assign()
228 out[7] = in[7]; in felem_assign()
229 out[8] = in[8]; in felem_assign()
233 static void felem_sum64(felem out, const felem in) in felem_sum64() argument
235 out[0] += in[0]; in felem_sum64()
236 out[1] += in[1]; in felem_sum64()
237 out[2] += in[2]; in felem_sum64()
238 out[3] += in[3]; in felem_sum64()
239 out[4] += in[4]; in felem_sum64()
240 out[5] += in[5]; in felem_sum64()
241 out[6] += in[6]; in felem_sum64()
242 out[7] += in[7]; in felem_sum64()
243 out[8] += in[8]; in felem_sum64()
247 static void felem_scalar(felem out, const felem in, limb scalar) in felem_scalar() argument
249 out[0] = in[0] * scalar; in felem_scalar()
250 out[1] = in[1] * scalar; in felem_scalar()
251 out[2] = in[2] * scalar; in felem_scalar()
252 out[3] = in[3] * scalar; in felem_scalar()
253 out[4] = in[4] * scalar; in felem_scalar()
254 out[5] = in[5] * scalar; in felem_scalar()
255 out[6] = in[6] * scalar; in felem_scalar()
256 out[7] = in[7] * scalar; in felem_scalar()
257 out[8] = in[8] * scalar; in felem_scalar()
295 static void felem_neg(felem out, const felem in) in felem_neg() argument
301 out[0] = two62m3 - in[0]; in felem_neg()
302 out[1] = two62m2 - in[1]; in felem_neg()
303 out[2] = two62m2 - in[2]; in felem_neg()
304 out[3] = two62m2 - in[3]; in felem_neg()
305 out[4] = two62m2 - in[4]; in felem_neg()
306 out[5] = two62m2 - in[5]; in felem_neg()
307 out[6] = two62m2 - in[6]; in felem_neg()
308 out[7] = two62m2 - in[7]; in felem_neg()
309 out[8] = two62m2 - in[8]; in felem_neg()
319 static void felem_diff64(felem out, const felem in) in felem_diff64() argument
327 out[0] += two62m3 - in[0]; in felem_diff64()
328 out[1] += two62m2 - in[1]; in felem_diff64()
329 out[2] += two62m2 - in[2]; in felem_diff64()
330 out[3] += two62m2 - in[3]; in felem_diff64()
331 out[4] += two62m2 - in[4]; in felem_diff64()
332 out[5] += two62m2 - in[5]; in felem_diff64()
333 out[6] += two62m2 - in[6]; in felem_diff64()
334 out[7] += two62m2 - in[7]; in felem_diff64()
335 out[8] += two62m2 - in[8]; in felem_diff64()
345 static void felem_diff_128_64(largefelem out, const felem in) in felem_diff_128_64() argument
358 out[0] += two63m6 - in[0]; in felem_diff_128_64()
359 out[1] += two63m5 - in[1]; in felem_diff_128_64()
360 out[2] += two63m5 - in[2]; in felem_diff_128_64()
361 out[3] += two63m5 - in[3]; in felem_diff_128_64()
362 out[4] += two63m5 - in[4]; in felem_diff_128_64()
363 out[5] += two63m5 - in[5]; in felem_diff_128_64()
364 out[6] += two63m5 - in[6]; in felem_diff_128_64()
365 out[7] += two63m5 - in[7]; in felem_diff_128_64()
366 out[8] += two63m5 - in[8]; in felem_diff_128_64()
376 static void felem_diff128(largefelem out, const largefelem in) in felem_diff128() argument
386 out[0] += (two127m70 - in[0]); in felem_diff128()
387 out[1] += (two127m69 - in[1]); in felem_diff128()
388 out[2] += (two127m69 - in[2]); in felem_diff128()
389 out[3] += (two127m69 - in[3]); in felem_diff128()
390 out[4] += (two127m69 - in[4]); in felem_diff128()
391 out[5] += (two127m69 - in[5]); in felem_diff128()
392 out[6] += (two127m69 - in[6]); in felem_diff128()
393 out[7] += (two127m69 - in[7]); in felem_diff128()
394 out[8] += (two127m69 - in[8]); in felem_diff128()
404 static void felem_square_ref(largefelem out, const felem in) in felem_square_ref() argument
407 felem_scalar(inx2, in, 2); in felem_square_ref()
408 felem_scalar(inx4, in, 4); in felem_square_ref()
421 out[0] = ((uint128_t) in[0]) * in[0]; in felem_square_ref()
422 out[1] = ((uint128_t) in[0]) * inx2[1]; in felem_square_ref()
423 out[2] = ((uint128_t) in[0]) * inx2[2] + ((uint128_t) in[1]) * in[1]; in felem_square_ref()
424 out[3] = ((uint128_t) in[0]) * inx2[3] + ((uint128_t) in[1]) * inx2[2]; in felem_square_ref()
425 out[4] = ((uint128_t) in[0]) * inx2[4] + in felem_square_ref()
426 ((uint128_t) in[1]) * inx2[3] + ((uint128_t) in[2]) * in[2]; in felem_square_ref()
427 out[5] = ((uint128_t) in[0]) * inx2[5] + in felem_square_ref()
428 ((uint128_t) in[1]) * inx2[4] + ((uint128_t) in[2]) * inx2[3]; in felem_square_ref()
429 out[6] = ((uint128_t) in[0]) * inx2[6] + in felem_square_ref()
430 ((uint128_t) in[1]) * inx2[5] + in felem_square_ref()
431 ((uint128_t) in[2]) * inx2[4] + ((uint128_t) in[3]) * in[3]; in felem_square_ref()
432 out[7] = ((uint128_t) in[0]) * inx2[7] + in felem_square_ref()
433 ((uint128_t) in[1]) * inx2[6] + in felem_square_ref()
434 ((uint128_t) in[2]) * inx2[5] + ((uint128_t) in[3]) * inx2[4]; in felem_square_ref()
435 out[8] = ((uint128_t) in[0]) * inx2[8] + in felem_square_ref()
436 ((uint128_t) in[1]) * inx2[7] + in felem_square_ref()
437 ((uint128_t) in[2]) * inx2[6] + in felem_square_ref()
438 ((uint128_t) in[3]) * inx2[5] + ((uint128_t) in[4]) * in[4]; in felem_square_ref()
450 out[0] += ((uint128_t) in[1]) * inx4[8] + in felem_square_ref()
451 ((uint128_t) in[2]) * inx4[7] + in felem_square_ref()
452 ((uint128_t) in[3]) * inx4[6] + ((uint128_t) in[4]) * inx4[5]; in felem_square_ref()
455 out[1] += ((uint128_t) in[2]) * inx4[8] + in felem_square_ref()
456 ((uint128_t) in[3]) * inx4[7] + in felem_square_ref()
457 ((uint128_t) in[4]) * inx4[6] + ((uint128_t) in[5]) * inx2[5]; in felem_square_ref()
460 out[2] += ((uint128_t) in[3]) * inx4[8] + in felem_square_ref()
461 ((uint128_t) in[4]) * inx4[7] + ((uint128_t) in[5]) * inx4[6]; in felem_square_ref()
464 out[3] += ((uint128_t) in[4]) * inx4[8] + in felem_square_ref()
465 ((uint128_t) in[5]) * inx4[7] + ((uint128_t) in[6]) * inx2[6]; in felem_square_ref()
468 out[4] += ((uint128_t) in[5]) * inx4[8] + ((uint128_t) in[6]) * inx4[7]; in felem_square_ref()
471 out[5] += ((uint128_t) in[6]) * inx4[8] + ((uint128_t) in[7]) * inx2[7]; in felem_square_ref()
474 out[6] += ((uint128_t) in[7]) * inx4[8]; in felem_square_ref()
477 out[7] += ((uint128_t) in[8]) * inx2[8]; in felem_square_ref()
603 static void felem_reduce(felem out, const largefelem in) in felem_reduce() argument
607 out[0] = ((limb) in[0]) & bottom58bits; in felem_reduce()
608 out[1] = ((limb) in[1]) & bottom58bits; in felem_reduce()
609 out[2] = ((limb) in[2]) & bottom58bits; in felem_reduce()
610 out[3] = ((limb) in[3]) & bottom58bits; in felem_reduce()
611 out[4] = ((limb) in[4]) & bottom58bits; in felem_reduce()
612 out[5] = ((limb) in[5]) & bottom58bits; in felem_reduce()
613 out[6] = ((limb) in[6]) & bottom58bits; in felem_reduce()
614 out[7] = ((limb) in[7]) & bottom58bits; in felem_reduce()
615 out[8] = ((limb) in[8]) & bottom58bits; in felem_reduce()
619 out[1] += ((limb) in[0]) >> 58; in felem_reduce()
620 out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6; in felem_reduce()
625 out[2] += ((limb) (in[0] >> 64)) >> 52; in felem_reduce()
627 out[2] += ((limb) in[1]) >> 58; in felem_reduce()
628 out[2] += (((limb) (in[1] >> 64)) & bottom52bits) << 6; in felem_reduce()
629 out[3] += ((limb) (in[1] >> 64)) >> 52; in felem_reduce()
631 out[3] += ((limb) in[2]) >> 58; in felem_reduce()
632 out[3] += (((limb) (in[2] >> 64)) & bottom52bits) << 6; in felem_reduce()
633 out[4] += ((limb) (in[2] >> 64)) >> 52; in felem_reduce()
635 out[4] += ((limb) in[3]) >> 58; in felem_reduce()
636 out[4] += (((limb) (in[3] >> 64)) & bottom52bits) << 6; in felem_reduce()
637 out[5] += ((limb) (in[3] >> 64)) >> 52; in felem_reduce()
639 out[5] += ((limb) in[4]) >> 58; in felem_reduce()
640 out[5] += (((limb) (in[4] >> 64)) & bottom52bits) << 6; in felem_reduce()
641 out[6] += ((limb) (in[4] >> 64)) >> 52; in felem_reduce()
643 out[6] += ((limb) in[5]) >> 58; in felem_reduce()
644 out[6] += (((limb) (in[5] >> 64)) & bottom52bits) << 6; in felem_reduce()
645 out[7] += ((limb) (in[5] >> 64)) >> 52; in felem_reduce()
647 out[7] += ((limb) in[6]) >> 58; in felem_reduce()
648 out[7] += (((limb) (in[6] >> 64)) & bottom52bits) << 6; in felem_reduce()
649 out[8] += ((limb) (in[6] >> 64)) >> 52; in felem_reduce()
651 out[8] += ((limb) in[7]) >> 58; in felem_reduce()
652 out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6; in felem_reduce()
657 overflow1 = ((limb) (in[7] >> 64)) >> 52; in felem_reduce()
659 overflow1 += ((limb) in[8]) >> 58; in felem_reduce()
660 overflow1 += (((limb) (in[8] >> 64)) & bottom52bits) << 6; in felem_reduce()
661 overflow2 = ((limb) (in[8] >> 64)) >> 52; in felem_reduce()
679 static void felem_square_wrapper(largefelem out, const felem in);
682 static void (*felem_square_p)(largefelem out, const felem in) =
687 void p521_felem_square(largefelem out, const felem in);
710 static void felem_square_wrapper(largefelem out, const felem in) in felem_square_wrapper() argument
713 felem_square_p(out, in); in felem_square_wrapper()
729 static void felem_square_reduce(felem out, const felem in) in felem_square_reduce() argument
732 felem_square(tmp, in); in felem_square_reduce()
751 static void felem_inv(felem out, const felem in) in felem_inv() argument
757 felem_square(tmp, in); in felem_inv()
759 felem_mul(tmp, in, ftmp); in felem_inv()
764 felem_mul(tmp, in, ftmp); in felem_inv()
846 felem_mul(tmp, ftmp3, in); in felem_inv()
863 static limb felem_is_zero(const felem in) in felem_is_zero() argument
867 felem_assign(ftmp, in); in felem_is_zero()
931 static int felem_is_zero_int(const void *in) in felem_is_zero_int() argument
933 return (int)(felem_is_zero(in) & ((limb) 1)); in felem_is_zero_int()
941 static void felem_contract(felem out, const felem in) in felem_contract() argument
946 felem_assign(out, in); in felem_contract()
1185 static void copy_conditional(felem out, const felem in, limb mask) in copy_conditional() argument
1189 const limb tmp = mask & (in[i] ^ out[i]); in copy_conditional()
1567 static char get_bit(const felem_bytearray in, int i) in get_bit() argument
1571 return (in[i >> 3] >> (i & 7)) & 1; in get_bit()
