Lines Matching refs:out
130 static void bin32_to_felem(felem out, const u8 in[32]) in bin32_to_felem() argument
132 out[0] = *((u64 *)&in[0]); in bin32_to_felem()
133 out[1] = *((u64 *)&in[8]); in bin32_to_felem()
134 out[2] = *((u64 *)&in[16]); in bin32_to_felem()
135 out[3] = *((u64 *)&in[24]); in bin32_to_felem()
142 static void smallfelem_to_bin32(u8 out[32], const smallfelem in) in smallfelem_to_bin32()
144 *((u64 *)&out[0]) = in[0]; in smallfelem_to_bin32()
145 *((u64 *)&out[8]) = in[1]; in smallfelem_to_bin32()
146 *((u64 *)&out[16]) = in[2]; in smallfelem_to_bin32()
147 *((u64 *)&out[24]) = in[3]; in smallfelem_to_bin32()
151 static int BN_to_felem(felem out, const BIGNUM *bn) in BN_to_felem() argument
165 bin32_to_felem(out, b_out); in BN_to_felem()
170 static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in) in smallfelem_to_BN() argument
174 return BN_lebin2bn(b_out, sizeof(b_out), out); in smallfelem_to_BN()
182 static void smallfelem_one(smallfelem out) in smallfelem_one() argument
184 out[0] = 1; in smallfelem_one()
185 out[1] = 0; in smallfelem_one()
186 out[2] = 0; in smallfelem_one()
187 out[3] = 0; in smallfelem_one()
190 static void smallfelem_assign(smallfelem out, const smallfelem in) in smallfelem_assign() argument
192 out[0] = in[0]; in smallfelem_assign()
193 out[1] = in[1]; in smallfelem_assign()
194 out[2] = in[2]; in smallfelem_assign()
195 out[3] = in[3]; in smallfelem_assign()
198 static void felem_assign(felem out, const felem in) in felem_assign() argument
200 out[0] = in[0]; in felem_assign()
201 out[1] = in[1]; in felem_assign()
202 out[2] = in[2]; in felem_assign()
203 out[3] = in[3]; in felem_assign()
207 static void felem_sum(felem out, const felem in) in felem_sum() argument
209 out[0] += in[0]; in felem_sum()
210 out[1] += in[1]; in felem_sum()
211 out[2] += in[2]; in felem_sum()
212 out[3] += in[3]; in felem_sum()
216 static void felem_small_sum(felem out, const smallfelem in) in felem_small_sum() argument
218 out[0] += in[0]; in felem_small_sum()
219 out[1] += in[1]; in felem_small_sum()
220 out[2] += in[2]; in felem_small_sum()
221 out[3] += in[3]; in felem_small_sum()
225 static void felem_scalar(felem out, const u64 scalar) in felem_scalar() argument
227 out[0] *= scalar; in felem_scalar()
228 out[1] *= scalar; in felem_scalar()
229 out[2] *= scalar; in felem_scalar()
230 out[3] *= scalar; in felem_scalar()
234 static void longfelem_scalar(longfelem out, const u64 scalar) in longfelem_scalar() argument
236 out[0] *= scalar; in longfelem_scalar()
237 out[1] *= scalar; in longfelem_scalar()
238 out[2] *= scalar; in longfelem_scalar()
239 out[3] *= scalar; in longfelem_scalar()
240 out[4] *= scalar; in longfelem_scalar()
241 out[5] *= scalar; in longfelem_scalar()
242 out[6] *= scalar; in longfelem_scalar()
243 out[7] *= scalar; in longfelem_scalar()
259 static void smallfelem_neg(felem out, const smallfelem small) in smallfelem_neg() argument
262 out[0] = zero105[0] - small[0]; in smallfelem_neg()
263 out[1] = zero105[1] - small[1]; in smallfelem_neg()
264 out[2] = zero105[2] - small[2]; in smallfelem_neg()
265 out[3] = zero105[3] - small[3]; in smallfelem_neg()
275 static void felem_diff(felem out, const felem in) in felem_diff() argument
280 out[0] += zero105[0]; in felem_diff()
281 out[1] += zero105[1]; in felem_diff()
282 out[2] += zero105[2]; in felem_diff()
283 out[3] += zero105[3]; in felem_diff()
285 out[0] -= in[0]; in felem_diff()
286 out[1] -= in[1]; in felem_diff()
287 out[2] -= in[2]; in felem_diff()
288 out[3] -= in[3]; in felem_diff()
308 static void felem_diff_zero107(felem out, const felem in) in felem_diff_zero107() argument
313 out[0] += zero107[0]; in felem_diff_zero107()
314 out[1] += zero107[1]; in felem_diff_zero107()
315 out[2] += zero107[2]; in felem_diff_zero107()
316 out[3] += zero107[3]; in felem_diff_zero107()
318 out[0] -= in[0]; in felem_diff_zero107()
319 out[1] -= in[1]; in felem_diff_zero107()
320 out[2] -= in[2]; in felem_diff_zero107()
321 out[3] -= in[3]; in felem_diff_zero107()
331 static void longfelem_diff(longfelem out, const longfelem in) in longfelem_diff() argument
343 out[0] += two70m8p6; in longfelem_diff()
344 out[1] += two70p40; in longfelem_diff()
345 out[2] += two70; in longfelem_diff()
346 out[3] += two70m40m38p6; in longfelem_diff()
347 out[4] += two70m6; in longfelem_diff()
348 out[5] += two70m6; in longfelem_diff()
349 out[6] += two70m6; in longfelem_diff()
350 out[7] += two70m6; in longfelem_diff()
353 out[0] -= in[0]; in longfelem_diff()
354 out[1] -= in[1]; in longfelem_diff()
355 out[2] -= in[2]; in longfelem_diff()
356 out[3] -= in[3]; in longfelem_diff()
357 out[4] -= in[4]; in longfelem_diff()
358 out[5] -= in[5]; in longfelem_diff()
359 out[6] -= in[6]; in longfelem_diff()
360 out[7] -= in[7]; in longfelem_diff()
380 static void felem_shrink(smallfelem out, const felem in) in felem_shrink() argument
465 out[0] = tmp[0]; in felem_shrink()
466 out[1] = tmp[1]; in felem_shrink()
467 out[2] = tmp[2]; in felem_shrink()
468 out[3] = tmp[3]; in felem_shrink()
472 static void smallfelem_expand(felem out, const smallfelem in) in smallfelem_expand() argument
474 out[0] = in[0]; in smallfelem_expand()
475 out[1] = in[1]; in smallfelem_expand()
476 out[2] = in[2]; in smallfelem_expand()
477 out[3] = in[3]; in smallfelem_expand()
487 static void smallfelem_square(longfelem out, const smallfelem small) in smallfelem_square() argument
495 out[0] = low; in smallfelem_square()
496 out[1] = high; in smallfelem_square()
501 out[1] += low; in smallfelem_square()
502 out[1] += low; in smallfelem_square()
503 out[2] = high; in smallfelem_square()
508 out[2] += low; in smallfelem_square()
509 out[2] *= 2; in smallfelem_square()
510 out[3] = high; in smallfelem_square()
515 out[3] += low; in smallfelem_square()
516 out[4] = high; in smallfelem_square()
521 out[3] += low; in smallfelem_square()
522 out[3] *= 2; in smallfelem_square()
523 out[4] += high; in smallfelem_square()
528 out[2] += low; in smallfelem_square()
529 out[3] += high; in smallfelem_square()
534 out[4] += low; in smallfelem_square()
535 out[4] *= 2; in smallfelem_square()
536 out[5] = high; in smallfelem_square()
541 out[5] += low; in smallfelem_square()
542 out[5] *= 2; in smallfelem_square()
543 out[6] = high; in smallfelem_square()
544 out[6] += high; in smallfelem_square()
549 out[4] += low; in smallfelem_square()
550 out[5] += high; in smallfelem_square()
555 out[6] += low; in smallfelem_square()
556 out[7] = high; in smallfelem_square()
566 static void felem_square(longfelem out, const felem in) in felem_square() argument
570 smallfelem_square(out, small); in felem_square()
581 static void smallfelem_mul(longfelem out, const smallfelem small1, in smallfelem_mul() argument
590 out[0] = low; in smallfelem_mul()
591 out[1] = high; in smallfelem_mul()
596 out[1] += low; in smallfelem_mul()
597 out[2] = high; in smallfelem_mul()
602 out[1] += low; in smallfelem_mul()
603 out[2] += high; in smallfelem_mul()
608 out[2] += low; in smallfelem_mul()
609 out[3] = high; in smallfelem_mul()
614 out[2] += low; in smallfelem_mul()
615 out[3] += high; in smallfelem_mul()
620 out[2] += low; in smallfelem_mul()
621 out[3] += high; in smallfelem_mul()
626 out[3] += low; in smallfelem_mul()
627 out[4] = high; in smallfelem_mul()
632 out[3] += low; in smallfelem_mul()
633 out[4] += high; in smallfelem_mul()
638 out[3] += low; in smallfelem_mul()
639 out[4] += high; in smallfelem_mul()
644 out[3] += low; in smallfelem_mul()
645 out[4] += high; in smallfelem_mul()
650 out[4] += low; in smallfelem_mul()
651 out[5] = high; in smallfelem_mul()
656 out[4] += low; in smallfelem_mul()
657 out[5] += high; in smallfelem_mul()
662 out[4] += low; in smallfelem_mul()
663 out[5] += high; in smallfelem_mul()
668 out[5] += low; in smallfelem_mul()
669 out[6] = high; in smallfelem_mul()
674 out[5] += low; in smallfelem_mul()
675 out[6] += high; in smallfelem_mul()
680 out[6] += low; in smallfelem_mul()
681 out[7] = high; in smallfelem_mul()
692 static void felem_mul(longfelem out, const felem in1, const felem in2) in felem_mul() argument
697 smallfelem_mul(out, small1, small2); in felem_mul()
708 static void felem_small_mul(longfelem out, const smallfelem small1, in felem_small_mul() argument
713 smallfelem_mul(out, small1, small2); in felem_small_mul()
737 static void felem_reduce_(felem out, const longfelem in) in felem_reduce_() argument
742 out[0] += c; in felem_reduce_()
743 out[3] -= c; in felem_reduce_()
746 out[1] += c; in felem_reduce_()
747 out[2] -= c; in felem_reduce_()
751 out[1] -= (in[4] << 32); in felem_reduce_()
752 out[3] += (in[4] << 32); in felem_reduce_()
755 out[2] -= (in[5] << 32); in felem_reduce_()
758 out[0] -= in[6]; in felem_reduce_()
759 out[0] -= (in[6] << 32); in felem_reduce_()
760 out[1] += (in[6] << 33); in felem_reduce_()
761 out[2] += (in[6] * 2); in felem_reduce_()
762 out[3] -= (in[6] << 32); in felem_reduce_()
765 out[0] -= in[7]; in felem_reduce_()
766 out[0] -= (in[7] << 32); in felem_reduce_()
767 out[2] += (in[7] << 33); in felem_reduce_()
768 out[3] += (in[7] * 3); in felem_reduce_()
780 static void felem_reduce(felem out, const longfelem in) in felem_reduce() argument
782 out[0] = zero100[0] + in[0]; in felem_reduce()
783 out[1] = zero100[1] + in[1]; in felem_reduce()
784 out[2] = zero100[2] + in[2]; in felem_reduce()
785 out[3] = zero100[3] + in[3]; in felem_reduce()
787 felem_reduce_(out, in); in felem_reduce()
809 static void felem_reduce_zero105(felem out, const longfelem in) in felem_reduce_zero105() argument
811 out[0] = zero105[0] + in[0]; in felem_reduce_zero105()
812 out[1] = zero105[1] + in[1]; in felem_reduce_zero105()
813 out[2] = zero105[2] + in[2]; in felem_reduce_zero105()
814 out[3] = zero105[3] + in[3]; in felem_reduce_zero105()
816 felem_reduce_(out, in); in felem_reduce_zero105()
847 static void felem_contract(smallfelem out, const felem in) in felem_contract() argument
852 felem_shrink(out, in); in felem_contract()
864 uint128_t a = ((uint128_t) kPrime[i]) - out[i]; in felem_contract()
875 equal = kPrime[i] ^ out[i]; in felem_contract()
895 subtract_u64(&out[0], &carry, result & kPrime[0]); in felem_contract()
896 subtract_u64(&out[1], &carry, carry); in felem_contract()
897 subtract_u64(&out[2], &carry, carry); in felem_contract()
898 subtract_u64(&out[3], &carry, carry); in felem_contract()
900 subtract_u64(&out[1], &carry, result & kPrime[1]); in felem_contract()
901 subtract_u64(&out[2], &carry, carry); in felem_contract()
902 subtract_u64(&out[3], &carry, carry); in felem_contract()
904 subtract_u64(&out[2], &carry, result & kPrime[2]); in felem_contract()
905 subtract_u64(&out[3], &carry, carry); in felem_contract()
907 subtract_u64(&out[3], &carry, result & kPrime[3]); in felem_contract()
910 static void smallfelem_square_contract(smallfelem out, const smallfelem in) in smallfelem_square_contract() argument
917 felem_contract(out, tmp); in smallfelem_square_contract()
920 static void smallfelem_mul_contract(smallfelem out, const smallfelem in1, in smallfelem_mul_contract() argument
928 felem_contract(out, tmp); in smallfelem_mul_contract()
984 static void felem_inv(felem out, const felem in) in felem_inv() argument
1075 felem_reduce(out, tmp); /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */ in felem_inv()
1078 static void smallfelem_inv_contract(smallfelem out, const smallfelem in) in smallfelem_inv_contract() argument
1084 felem_contract(out, tmp); in smallfelem_inv_contract()
1206 static void copy_conditional(felem out, const felem in, limb mask) in copy_conditional() argument
1210 const limb tmp = mask & (in[i] ^ out[i]); in copy_conditional()
1211 out[i] ^= tmp; in copy_conditional()
1216 static void copy_small_conditional(felem out, const smallfelem in, limb mask) in copy_small_conditional() argument
1221 out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask); in copy_small_conditional()
1639 const smallfelem pre_comp[16][3], smallfelem out[3]) in select_point()
1642 u64 *outlimbs = &out[0][0]; in select_point()
1644 memset(out, 0, sizeof(*out) * 3); in select_point()
