Changeset 3185 for filezilla/trunk/fuentes/src/putty/sshccp.c
 Timestamp:
 Jan 9, 2017, 11:09:38 AM (2 years ago)
 File:

 1 edited
Legend:
 Unmodified
 Added
 Removed

filezilla/trunk/fuentes/src/putty/sshccp.c
r130 r3185 212 212 213 213 /* 214 * Addition of bigvals, not mod p. 214 * Core functions to do arithmetic mod p = 2^1305. The whole 215 * collection of these, up to and including the surrounding #if, are 216 * generated automatically for various sizes of BignumInt by 217 * contrib/make1305.py. 215 218 */ 219 220 #if BIGNUM_INT_BITS == 16 221 216 222 static void bigval_add(bigval *r, const bigval *a, const bigval *b) 217 223 { 218 #if BIGNUM_INT_BITS == 64 219 /* ./contrib/make1305.py add 64 */ 220 BignumDblInt acclo; 221 acclo = 0; 222 acclo += a>w[0]; 223 acclo += b>w[0]; 224 r>w[0] = acclo; 225 acclo >>= 64; 226 acclo += a>w[1]; 227 acclo += b>w[1]; 228 r>w[1] = acclo; 229 acclo >>= 64; 230 acclo += a>w[2]; 231 acclo += b>w[2]; 232 r>w[2] = acclo; 233 acclo >>= 64; 224 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14; 225 BignumInt v15, v16, v17, v18, v19, v20, v21, v22, v23, v24, v25, v26; 226 BignumCarry carry; 227 228 v0 = a>w[0]; 229 v1 = a>w[1]; 230 v2 = a>w[2]; 231 v3 = a>w[3]; 232 v4 = a>w[4]; 233 v5 = a>w[5]; 234 v6 = a>w[6]; 235 v7 = a>w[7]; 236 v8 = a>w[8]; 237 v9 = b>w[0]; 238 v10 = b>w[1]; 239 v11 = b>w[2]; 240 v12 = b>w[3]; 241 v13 = b>w[4]; 242 v14 = b>w[5]; 243 v15 = b>w[6]; 244 v16 = b>w[7]; 245 v17 = b>w[8]; 246 BignumADC(v18, carry, v0, v9, 0); 247 BignumADC(v19, carry, v1, v10, carry); 248 BignumADC(v20, carry, v2, v11, carry); 249 BignumADC(v21, carry, v3, v12, carry); 250 BignumADC(v22, carry, v4, v13, carry); 251 BignumADC(v23, carry, v5, v14, carry); 252 BignumADC(v24, carry, v6, v15, carry); 253 BignumADC(v25, carry, v7, v16, carry); 254 v26 = v8 + v17 + carry; 255 r>w[0] = v18; 256 r>w[1] = v19; 257 r>w[2] = v20; 258 r>w[3] = v21; 259 r>w[4] = v22; 260 r>w[5] = v23; 261 r>w[6] = v24; 262 r>w[7] = v25; 263 r>w[8] = v26; 264 } 265 266 static void bigval_mul_mod_p(bigval *r, const bigval *a, const bigval *b) 267 { 268 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14; 269 BignumInt v15, v16, v17, v18, v19, v20, v21, v22, v23, v24, v25, v26, v27; 270 BignumInt v28, v29, v30, v31, v32, v33, v34, v35, v36, v37, v38, v39, v40; 271 BignumInt v41, v42, v43, v44, v45, v46, v47, v48, v49, v50, v51, v52, v53; 272 BignumInt v54, v55, v56, v57, v58, v59, v60, v61, v62, v63, v64, v65, v66; 273 BignumInt v67, v68, v69, v70, v71, v72, v73, v74, v75, v76, v77, v78, v79; 274 BignumInt v80, v81, v82, v83, v84, v85, v86, v87, v88, v89, v90, v91, v92; 275 BignumInt v93, v94, v95, v96, v97, v98, v99, v100, v101, v102, v103, v104; 276 BignumInt v105, v106, v107, v108, v109, v110, v111, v112, v113, v114; 277 BignumInt v115, v116, v117, v118, v119, v120, v121, v122, v123, v124; 278 BignumInt v125, v126, v127, v128, v129, v130, v131, v132, v133, v134; 279 BignumInt v135, v136, v137, v138, v139, v140, v141, v142, v143, v144; 280 BignumInt v145, v146, v147, v148, v149, v150, v151, v152, v153, v154; 281 BignumInt v155, v156, v157, v158, v159, v160, v161, v162, v163, v164; 282 BignumInt v165, v166, v167, v168, v169, v170, v171, v172, v173, v174; 283 BignumInt v175, v176, v177, v178, v180, v181, v182, v183, v184, v185; 284 BignumInt v186, v187, v188, v189, v190, v191, v192, v193, v194, v195; 285 BignumInt v196, v197, v198, v199, v200, v201, v202, v203, v204, v205; 286 BignumInt v206, v207, v208, v210, v212, v213, v214, v215, v216, v217; 287 BignumInt v218, v219, v220, v221, v222, v223, v224, v225, v226, v227; 288 BignumInt v228, v229; 289 BignumCarry carry; 290 291 v0 = a>w[0]; 292 v1 = a>w[1]; 293 v2 = a>w[2]; 294 v3 = a>w[3]; 295 v4 = a>w[4]; 296 v5 = a>w[5]; 297 v6 = a>w[6]; 298 v7 = a>w[7]; 299 v8 = a>w[8]; 300 v9 = b>w[0]; 301 v10 = b>w[1]; 302 v11 = b>w[2]; 303 v12 = b>w[3]; 304 v13 = b>w[4]; 305 v14 = b>w[5]; 306 v15 = b>w[6]; 307 v16 = b>w[7]; 308 v17 = b>w[8]; 309 BignumMUL(v19, v18, v0, v9); 310 BignumMULADD(v21, v20, v0, v10, v19); 311 BignumMULADD(v23, v22, v0, v11, v21); 312 BignumMULADD(v25, v24, v0, v12, v23); 313 BignumMULADD(v27, v26, v0, v13, v25); 314 BignumMULADD(v29, v28, v0, v14, v27); 315 BignumMULADD(v31, v30, v0, v15, v29); 316 BignumMULADD(v33, v32, v0, v16, v31); 317 BignumMULADD(v35, v34, v0, v17, v33); 318 BignumMULADD(v37, v36, v1, v9, v20); 319 BignumMULADD2(v39, v38, v1, v10, v22, v37); 320 BignumMULADD2(v41, v40, v1, v11, v24, v39); 321 BignumMULADD2(v43, v42, v1, v12, v26, v41); 322 BignumMULADD2(v45, v44, v1, v13, v28, v43); 323 BignumMULADD2(v47, v46, v1, v14, v30, v45); 324 BignumMULADD2(v49, v48, v1, v15, v32, v47); 325 BignumMULADD2(v51, v50, v1, v16, v34, v49); 326 BignumMULADD2(v53, v52, v1, v17, v35, v51); 327 BignumMULADD(v55, v54, v2, v9, v38); 328 BignumMULADD2(v57, v56, v2, v10, v40, v55); 329 BignumMULADD2(v59, v58, v2, v11, v42, v57); 330 BignumMULADD2(v61, v60, v2, v12, v44, v59); 331 BignumMULADD2(v63, v62, v2, v13, v46, v61); 332 BignumMULADD2(v65, v64, v2, v14, v48, v63); 333 BignumMULADD2(v67, v66, v2, v15, v50, v65); 334 BignumMULADD2(v69, v68, v2, v16, v52, v67); 335 BignumMULADD2(v71, v70, v2, v17, v53, v69); 336 BignumMULADD(v73, v72, v3, v9, v56); 337 BignumMULADD2(v75, v74, v3, v10, v58, v73); 338 BignumMULADD2(v77, v76, v3, v11, v60, v75); 339 BignumMULADD2(v79, v78, v3, v12, v62, v77); 340 BignumMULADD2(v81, v80, v3, v13, v64, v79); 341 BignumMULADD2(v83, v82, v3, v14, v66, v81); 342 BignumMULADD2(v85, v84, v3, v15, v68, v83); 343 BignumMULADD2(v87, v86, v3, v16, v70, v85); 344 BignumMULADD2(v89, v88, v3, v17, v71, v87); 345 BignumMULADD(v91, v90, v4, v9, v74); 346 BignumMULADD2(v93, v92, v4, v10, v76, v91); 347 BignumMULADD2(v95, v94, v4, v11, v78, v93); 348 BignumMULADD2(v97, v96, v4, v12, v80, v95); 349 BignumMULADD2(v99, v98, v4, v13, v82, v97); 350 BignumMULADD2(v101, v100, v4, v14, v84, v99); 351 BignumMULADD2(v103, v102, v4, v15, v86, v101); 352 BignumMULADD2(v105, v104, v4, v16, v88, v103); 353 BignumMULADD2(v107, v106, v4, v17, v89, v105); 354 BignumMULADD(v109, v108, v5, v9, v92); 355 BignumMULADD2(v111, v110, v5, v10, v94, v109); 356 BignumMULADD2(v113, v112, v5, v11, v96, v111); 357 BignumMULADD2(v115, v114, v5, v12, v98, v113); 358 BignumMULADD2(v117, v116, v5, v13, v100, v115); 359 BignumMULADD2(v119, v118, v5, v14, v102, v117); 360 BignumMULADD2(v121, v120, v5, v15, v104, v119); 361 BignumMULADD2(v123, v122, v5, v16, v106, v121); 362 BignumMULADD2(v125, v124, v5, v17, v107, v123); 363 BignumMULADD(v127, v126, v6, v9, v110); 364 BignumMULADD2(v129, v128, v6, v10, v112, v127); 365 BignumMULADD2(v131, v130, v6, v11, v114, v129); 366 BignumMULADD2(v133, v132, v6, v12, v116, v131); 367 BignumMULADD2(v135, v134, v6, v13, v118, v133); 368 BignumMULADD2(v137, v136, v6, v14, v120, v135); 369 BignumMULADD2(v139, v138, v6, v15, v122, v137); 370 BignumMULADD2(v141, v140, v6, v16, v124, v139); 371 BignumMULADD2(v143, v142, v6, v17, v125, v141); 372 BignumMULADD(v145, v144, v7, v9, v128); 373 BignumMULADD2(v147, v146, v7, v10, v130, v145); 374 BignumMULADD2(v149, v148, v7, v11, v132, v147); 375 BignumMULADD2(v151, v150, v7, v12, v134, v149); 376 BignumMULADD2(v153, v152, v7, v13, v136, v151); 377 BignumMULADD2(v155, v154, v7, v14, v138, v153); 378 BignumMULADD2(v157, v156, v7, v15, v140, v155); 379 BignumMULADD2(v159, v158, v7, v16, v142, v157); 380 BignumMULADD2(v161, v160, v7, v17, v143, v159); 381 BignumMULADD(v163, v162, v8, v9, v146); 382 BignumMULADD2(v165, v164, v8, v10, v148, v163); 383 BignumMULADD2(v167, v166, v8, v11, v150, v165); 384 BignumMULADD2(v169, v168, v8, v12, v152, v167); 385 BignumMULADD2(v171, v170, v8, v13, v154, v169); 386 BignumMULADD2(v173, v172, v8, v14, v156, v171); 387 BignumMULADD2(v175, v174, v8, v15, v158, v173); 388 BignumMULADD2(v177, v176, v8, v16, v160, v175); 389 v178 = v8 * v17 + v161 + v177; 390 v180 = (v162) & ((((BignumInt)1) << 2)1); 391 v181 = ((v162) >> 2)  ((v164) << 14); 392 v182 = ((v164) >> 2)  ((v166) << 14); 393 v183 = ((v166) >> 2)  ((v168) << 14); 394 v184 = ((v168) >> 2)  ((v170) << 14); 395 v185 = ((v170) >> 2)  ((v172) << 14); 396 v186 = ((v172) >> 2)  ((v174) << 14); 397 v187 = ((v174) >> 2)  ((v176) << 14); 398 v188 = ((v176) >> 2)  ((v178) << 14); 399 v189 = (v178) >> 2; 400 v190 = (v189) & ((((BignumInt)1) << 2)1); 401 v191 = (v178) >> 4; 402 BignumMUL(v193, v192, 5, v181); 403 BignumMULADD(v195, v194, 5, v182, v193); 404 BignumMULADD(v197, v196, 5, v183, v195); 405 BignumMULADD(v199, v198, 5, v184, v197); 406 BignumMULADD(v201, v200, 5, v185, v199); 407 BignumMULADD(v203, v202, 5, v186, v201); 408 BignumMULADD(v205, v204, 5, v187, v203); 409 BignumMULADD(v207, v206, 5, v188, v205); 410 v208 = 5 * v190 + v207; 411 v210 = 25 * v191; 412 BignumADC(v212, carry, v18, v192, 0); 413 BignumADC(v213, carry, v36, v194, carry); 414 BignumADC(v214, carry, v54, v196, carry); 415 BignumADC(v215, carry, v72, v198, carry); 416 BignumADC(v216, carry, v90, v200, carry); 417 BignumADC(v217, carry, v108, v202, carry); 418 BignumADC(v218, carry, v126, v204, carry); 419 BignumADC(v219, carry, v144, v206, carry); 420 v220 = v180 + v208 + carry; 421 BignumADC(v221, carry, v212, v210, 0); 422 BignumADC(v222, carry, v213, 0, carry); 423 BignumADC(v223, carry, v214, 0, carry); 424 BignumADC(v224, carry, v215, 0, carry); 425 BignumADC(v225, carry, v216, 0, carry); 426 BignumADC(v226, carry, v217, 0, carry); 427 BignumADC(v227, carry, v218, 0, carry); 428 BignumADC(v228, carry, v219, 0, carry); 429 v229 = v220 + 0 + carry; 430 r>w[0] = v221; 431 r>w[1] = v222; 432 r>w[2] = v223; 433 r>w[3] = v224; 434 r>w[4] = v225; 435 r>w[5] = v226; 436 r>w[6] = v227; 437 r>w[7] = v228; 438 r>w[8] = v229; 439 } 440 441 static void bigval_final_reduce(bigval *n) 442 { 443 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v12, v13, v14, v15; 444 BignumInt v16, v17, v18, v19, v20, v21, v22, v24, v25, v26, v27, v28, v29; 445 BignumInt v30, v31, v32, v33; 446 BignumCarry carry; 447 448 v0 = n>w[0]; 449 v1 = n>w[1]; 450 v2 = n>w[2]; 451 v3 = n>w[3]; 452 v4 = n>w[4]; 453 v5 = n>w[5]; 454 v6 = n>w[6]; 455 v7 = n>w[7]; 456 v8 = n>w[8]; 457 v9 = (v8) >> 2; 458 v10 = 5 * v9; 459 BignumADC(v12, carry, v0, v10, 0); 460 (void)v12; 461 BignumADC(v13, carry, v1, 0, carry); 462 (void)v13; 463 BignumADC(v14, carry, v2, 0, carry); 464 (void)v14; 465 BignumADC(v15, carry, v3, 0, carry); 466 (void)v15; 467 BignumADC(v16, carry, v4, 0, carry); 468 (void)v16; 469 BignumADC(v17, carry, v5, 0, carry); 470 (void)v17; 471 BignumADC(v18, carry, v6, 0, carry); 472 (void)v18; 473 BignumADC(v19, carry, v7, 0, carry); 474 (void)v19; 475 v20 = v8 + 0 + carry; 476 v21 = (v20) >> 2; 477 v22 = 5 * v21; 478 BignumADC(v24, carry, v0, v22, 0); 479 BignumADC(v25, carry, v1, 0, carry); 480 BignumADC(v26, carry, v2, 0, carry); 481 BignumADC(v27, carry, v3, 0, carry); 482 BignumADC(v28, carry, v4, 0, carry); 483 BignumADC(v29, carry, v5, 0, carry); 484 BignumADC(v30, carry, v6, 0, carry); 485 BignumADC(v31, carry, v7, 0, carry); 486 v32 = v8 + 0 + carry; 487 v33 = (v32) & ((((BignumInt)1) << 2)1); 488 n>w[0] = v24; 489 n>w[1] = v25; 490 n>w[2] = v26; 491 n>w[3] = v27; 492 n>w[4] = v28; 493 n>w[5] = v29; 494 n>w[6] = v30; 495 n>w[7] = v31; 496 n>w[8] = v33; 497 } 498 234 499 #elif BIGNUM_INT_BITS == 32 235 /* ./contrib/make1305.py add 32 */ 236 BignumDblInt acclo; 237 acclo = 0; 238 acclo += a>w[0]; 239 acclo += b>w[0]; 240 r>w[0] = acclo; 241 acclo >>= 32; 242 acclo += a>w[1]; 243 acclo += b>w[1]; 244 r>w[1] = acclo; 245 acclo >>= 32; 246 acclo += a>w[2]; 247 acclo += b>w[2]; 248 r>w[2] = acclo; 249 acclo >>= 32; 250 acclo += a>w[3]; 251 acclo += b>w[3]; 252 r>w[3] = acclo; 253 acclo >>= 32; 254 acclo += a>w[4]; 255 acclo += b>w[4]; 256 r>w[4] = acclo; 257 acclo >>= 32; 258 #elif BIGNUM_INT_BITS == 16 259 /* ./contrib/make1305.py add 16 */ 260 BignumDblInt acclo; 261 acclo = 0; 262 acclo += a>w[0]; 263 acclo += b>w[0]; 264 r>w[0] = acclo; 265 acclo >>= 16; 266 acclo += a>w[1]; 267 acclo += b>w[1]; 268 r>w[1] = acclo; 269 acclo >>= 16; 270 acclo += a>w[2]; 271 acclo += b>w[2]; 272 r>w[2] = acclo; 273 acclo >>= 16; 274 acclo += a>w[3]; 275 acclo += b>w[3]; 276 r>w[3] = acclo; 277 acclo >>= 16; 278 acclo += a>w[4]; 279 acclo += b>w[4]; 280 r>w[4] = acclo; 281 acclo >>= 16; 282 acclo += a>w[5]; 283 acclo += b>w[5]; 284 r>w[5] = acclo; 285 acclo >>= 16; 286 acclo += a>w[6]; 287 acclo += b>w[6]; 288 r>w[6] = acclo; 289 acclo >>= 16; 290 acclo += a>w[7]; 291 acclo += b>w[7]; 292 r>w[7] = acclo; 293 acclo >>= 16; 294 acclo += a>w[8]; 295 acclo += b>w[8]; 296 r>w[8] = acclo; 297 acclo >>= 16; 500 501 static void bigval_add(bigval *r, const bigval *a, const bigval *b) 502 { 503 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14; 504 BignumCarry carry; 505 506 v0 = a>w[0]; 507 v1 = a>w[1]; 508 v2 = a>w[2]; 509 v3 = a>w[3]; 510 v4 = a>w[4]; 511 v5 = b>w[0]; 512 v6 = b>w[1]; 513 v7 = b>w[2]; 514 v8 = b>w[3]; 515 v9 = b>w[4]; 516 BignumADC(v10, carry, v0, v5, 0); 517 BignumADC(v11, carry, v1, v6, carry); 518 BignumADC(v12, carry, v2, v7, carry); 519 BignumADC(v13, carry, v3, v8, carry); 520 v14 = v4 + v9 + carry; 521 r>w[0] = v10; 522 r>w[1] = v11; 523 r>w[2] = v12; 524 r>w[3] = v13; 525 r>w[4] = v14; 526 } 527 528 static void bigval_mul_mod_p(bigval *r, const bigval *a, const bigval *b) 529 { 530 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14; 531 BignumInt v15, v16, v17, v18, v19, v20, v21, v22, v23, v24, v25, v26, v27; 532 BignumInt v28, v29, v30, v31, v32, v33, v34, v35, v36, v37, v38, v39, v40; 533 BignumInt v41, v42, v43, v44, v45, v46, v47, v48, v49, v50, v51, v52, v53; 534 BignumInt v54, v55, v56, v57, v58, v60, v61, v62, v63, v64, v65, v66, v67; 535 BignumInt v68, v69, v70, v71, v72, v73, v74, v75, v76, v78, v80, v81, v82; 536 BignumInt v83, v84, v85, v86, v87, v88, v89; 537 BignumCarry carry; 538 539 v0 = a>w[0]; 540 v1 = a>w[1]; 541 v2 = a>w[2]; 542 v3 = a>w[3]; 543 v4 = a>w[4]; 544 v5 = b>w[0]; 545 v6 = b>w[1]; 546 v7 = b>w[2]; 547 v8 = b>w[3]; 548 v9 = b>w[4]; 549 BignumMUL(v11, v10, v0, v5); 550 BignumMULADD(v13, v12, v0, v6, v11); 551 BignumMULADD(v15, v14, v0, v7, v13); 552 BignumMULADD(v17, v16, v0, v8, v15); 553 BignumMULADD(v19, v18, v0, v9, v17); 554 BignumMULADD(v21, v20, v1, v5, v12); 555 BignumMULADD2(v23, v22, v1, v6, v14, v21); 556 BignumMULADD2(v25, v24, v1, v7, v16, v23); 557 BignumMULADD2(v27, v26, v1, v8, v18, v25); 558 BignumMULADD2(v29, v28, v1, v9, v19, v27); 559 BignumMULADD(v31, v30, v2, v5, v22); 560 BignumMULADD2(v33, v32, v2, v6, v24, v31); 561 BignumMULADD2(v35, v34, v2, v7, v26, v33); 562 BignumMULADD2(v37, v36, v2, v8, v28, v35); 563 BignumMULADD2(v39, v38, v2, v9, v29, v37); 564 BignumMULADD(v41, v40, v3, v5, v32); 565 BignumMULADD2(v43, v42, v3, v6, v34, v41); 566 BignumMULADD2(v45, v44, v3, v7, v36, v43); 567 BignumMULADD2(v47, v46, v3, v8, v38, v45); 568 BignumMULADD2(v49, v48, v3, v9, v39, v47); 569 BignumMULADD(v51, v50, v4, v5, v42); 570 BignumMULADD2(v53, v52, v4, v6, v44, v51); 571 BignumMULADD2(v55, v54, v4, v7, v46, v53); 572 BignumMULADD2(v57, v56, v4, v8, v48, v55); 573 v58 = v4 * v9 + v49 + v57; 574 v60 = (v50) & ((((BignumInt)1) << 2)1); 575 v61 = ((v50) >> 2)  ((v52) << 30); 576 v62 = ((v52) >> 2)  ((v54) << 30); 577 v63 = ((v54) >> 2)  ((v56) << 30); 578 v64 = ((v56) >> 2)  ((v58) << 30); 579 v65 = (v58) >> 2; 580 v66 = (v65) & ((((BignumInt)1) << 2)1); 581 v67 = (v58) >> 4; 582 BignumMUL(v69, v68, 5, v61); 583 BignumMULADD(v71, v70, 5, v62, v69); 584 BignumMULADD(v73, v72, 5, v63, v71); 585 BignumMULADD(v75, v74, 5, v64, v73); 586 v76 = 5 * v66 + v75; 587 v78 = 25 * v67; 588 BignumADC(v80, carry, v10, v68, 0); 589 BignumADC(v81, carry, v20, v70, carry); 590 BignumADC(v82, carry, v30, v72, carry); 591 BignumADC(v83, carry, v40, v74, carry); 592 v84 = v60 + v76 + carry; 593 BignumADC(v85, carry, v80, v78, 0); 594 BignumADC(v86, carry, v81, 0, carry); 595 BignumADC(v87, carry, v82, 0, carry); 596 BignumADC(v88, carry, v83, 0, carry); 597 v89 = v84 + 0 + carry; 598 r>w[0] = v85; 599 r>w[1] = v86; 600 r>w[2] = v87; 601 r>w[3] = v88; 602 r>w[4] = v89; 603 } 604 605 static void bigval_final_reduce(bigval *n) 606 { 607 BignumInt v0, v1, v2, v3, v4, v5, v6, v8, v9, v10, v11, v12, v13, v14; 608 BignumInt v16, v17, v18, v19, v20, v21; 609 BignumCarry carry; 610 611 v0 = n>w[0]; 612 v1 = n>w[1]; 613 v2 = n>w[2]; 614 v3 = n>w[3]; 615 v4 = n>w[4]; 616 v5 = (v4) >> 2; 617 v6 = 5 * v5; 618 BignumADC(v8, carry, v0, v6, 0); 619 (void)v8; 620 BignumADC(v9, carry, v1, 0, carry); 621 (void)v9; 622 BignumADC(v10, carry, v2, 0, carry); 623 (void)v10; 624 BignumADC(v11, carry, v3, 0, carry); 625 (void)v11; 626 v12 = v4 + 0 + carry; 627 v13 = (v12) >> 2; 628 v14 = 5 * v13; 629 BignumADC(v16, carry, v0, v14, 0); 630 BignumADC(v17, carry, v1, 0, carry); 631 BignumADC(v18, carry, v2, 0, carry); 632 BignumADC(v19, carry, v3, 0, carry); 633 v20 = v4 + 0 + carry; 634 v21 = (v20) & ((((BignumInt)1) << 2)1); 635 n>w[0] = v16; 636 n>w[1] = v17; 637 n>w[2] = v18; 638 n>w[3] = v19; 639 n>w[4] = v21; 640 } 641 642 #elif BIGNUM_INT_BITS == 64 643 644 static void bigval_add(bigval *r, const bigval *a, const bigval *b) 645 { 646 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8; 647 BignumCarry carry; 648 649 v0 = a>w[0]; 650 v1 = a>w[1]; 651 v2 = a>w[2]; 652 v3 = b>w[0]; 653 v4 = b>w[1]; 654 v5 = b>w[2]; 655 BignumADC(v6, carry, v0, v3, 0); 656 BignumADC(v7, carry, v1, v4, carry); 657 v8 = v2 + v5 + carry; 658 r>w[0] = v6; 659 r>w[1] = v7; 660 r>w[2] = v8; 661 } 662 663 static void bigval_mul_mod_p(bigval *r, const bigval *a, const bigval *b) 664 { 665 BignumInt v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14; 666 BignumInt v15, v16, v17, v18, v19, v20, v21, v22, v24, v25, v26, v27, v28; 667 BignumInt v29, v30, v31, v32, v33, v34, v36, v38, v39, v40, v41, v42, v43; 668 BignumCarry carry; 669 670 v0 = a>w[0]; 671 v1 = a>w[1]; 672 v2 = a>w[2]; 673 v3 = b>w[0]; 674 v4 = b>w[1]; 675 v5 = b>w[2]; 676 BignumMUL(v7, v6, v0, v3); 677 BignumMULADD(v9, v8, v0, v4, v7); 678 BignumMULADD(v11, v10, v0, v5, v9); 679 BignumMULADD(v13, v12, v1, v3, v8); 680 BignumMULADD2(v15, v14, v1, v4, v10, v13); 681 BignumMULADD2(v17, v16, v1, v5, v11, v15); 682 BignumMULADD(v19, v18, v2, v3, v14); 683 BignumMULADD2(v21, v20, v2, v4, v16, v19); 684 v22 = v2 * v5 + v17 + v21; 685 v24 = (v18) & ((((BignumInt)1) << 2)1); 686 v25 = ((v18) >> 2)  ((v20) << 62); 687 v26 = ((v20) >> 2)  ((v22) << 62); 688 v27 = (v22) >> 2; 689 v28 = (v27) & ((((BignumInt)1) << 2)1); 690 v29 = (v22) >> 4; 691 BignumMUL(v31, v30, 5, v25); 692 BignumMULADD(v33, v32, 5, v26, v31); 693 v34 = 5 * v28 + v33; 694 v36 = 25 * v29; 695 BignumADC(v38, carry, v6, v30, 0); 696 BignumADC(v39, carry, v12, v32, carry); 697 v40 = v24 + v34 + carry; 698 BignumADC(v41, carry, v38, v36, 0); 699 BignumADC(v42, carry, v39, 0, carry); 700 v43 = v40 + 0 + carry; 701 r>w[0] = v41; 702 r>w[1] = v42; 703 r>w[2] = v43; 704 } 705 706 static void bigval_final_reduce(bigval *n) 707 { 708 BignumInt v0, v1, v2, v3, v4, v6, v7, v8, v9, v10, v12, v13, v14, v15; 709 BignumCarry carry; 710 711 v0 = n>w[0]; 712 v1 = n>w[1]; 713 v2 = n>w[2]; 714 v3 = (v2) >> 2; 715 v4 = 5 * v3; 716 BignumADC(v6, carry, v0, v4, 0); 717 (void)v6; 718 BignumADC(v7, carry, v1, 0, carry); 719 (void)v7; 720 v8 = v2 + 0 + carry; 721 v9 = (v8) >> 2; 722 v10 = 5 * v9; 723 BignumADC(v12, carry, v0, v10, 0); 724 BignumADC(v13, carry, v1, 0, carry); 725 v14 = v2 + 0 + carry; 726 v15 = (v14) & ((((BignumInt)1) << 2)1); 727 n>w[0] = v12; 728 n>w[1] = v13; 729 n>w[2] = v15; 730 } 731 298 732 #else 299 #error Run contrib/make1305.py again with a different bit count733 #error Add another bit count to contrib/make1305.py and rerun it 300 734 #endif 301 }302 303 /*304 * Multiplication of bigvals mod p. Uses r as temporary storage, so305 * don't pass r aliasing a or b.306 */307 static void bigval_mul_mod_p(bigval *r, const bigval *a, const bigval *b)308 {309 #if BIGNUM_INT_BITS == 64310 /* ./contrib/make1305.py mul 64 */311 BignumDblInt tmp;312 BignumDblInt acclo;313 BignumDblInt acchi;314 BignumDblInt acc2lo;315 acclo = 0;316 acchi = 0;317 tmp = (BignumDblInt)(a>w[0]) * (b>w[0]);318 acclo += tmp & BIGNUM_INT_MASK;319 acchi += tmp >> 64;320 r>w[0] = acclo;321 acclo = acchi + (acclo >> 64);322 acchi = 0;323 tmp = (BignumDblInt)(a>w[0]) * (b>w[1]);324 acclo += tmp & BIGNUM_INT_MASK;325 acchi += tmp >> 64;326 tmp = (BignumDblInt)(a>w[1]) * (b>w[0]);327 acclo += tmp & BIGNUM_INT_MASK;328 acchi += tmp >> 64;329 r>w[1] = acclo;330 acclo = acchi + (acclo >> 64);331 acchi = 0;332 tmp = (BignumDblInt)(a>w[0]) * (b>w[2]);333 acclo += tmp & BIGNUM_INT_MASK;334 acchi += tmp >> 64;335 tmp = (BignumDblInt)(a>w[1]) * (b>w[1]);336 acclo += tmp & BIGNUM_INT_MASK;337 acchi += tmp >> 64;338 tmp = (BignumDblInt)(a>w[2]) * (b>w[0]);339 acclo += tmp & BIGNUM_INT_MASK;340 acchi += tmp >> 64;341 r>w[2] = acclo & (((BignumInt)1 << 2)1);342 acc2lo = 0;343 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 62)1)) * ((BignumDblInt)5 << 0);344 acclo = acchi + (acclo >> 64);345 acchi = 0;346 tmp = (BignumDblInt)(a>w[1]) * (b>w[2]);347 acclo += tmp & BIGNUM_INT_MASK;348 acchi += tmp >> 64;349 tmp = (BignumDblInt)(a>w[2]) * (b>w[1]);350 acclo += tmp & BIGNUM_INT_MASK;351 acchi += tmp >> 64;352 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 62);353 acc2lo += r>w[0];354 r>w[0] = acc2lo;355 acc2lo >>= 64;356 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 62)1)) * ((BignumDblInt)5 << 0);357 acclo = acchi + (acclo >> 64);358 acchi = 0;359 tmp = (BignumDblInt)(a>w[2]) * (b>w[2]);360 acclo += tmp & BIGNUM_INT_MASK;361 acchi += tmp >> 64;362 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 62);363 acc2lo += r>w[1];364 r>w[1] = acc2lo;365 acc2lo >>= 64;366 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 0);367 acc2lo += r>w[2];368 r>w[2] = acc2lo;369 acc2lo = 0;370 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 60)1)) * ((BignumDblInt)25 << 0);371 acclo = acchi + (acclo >> 64);372 acchi = 0;373 acc2lo += (acclo & (((BignumInt)1 << 4)1)) * ((BignumDblInt)25 << 60);374 acc2lo += r>w[0];375 r>w[0] = acc2lo;376 acc2lo >>= 64;377 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 60)1)) * ((BignumDblInt)25 << 0);378 acclo = acchi + (acclo >> 64);379 acchi = 0;380 acc2lo += r>w[1];381 r>w[1] = acc2lo;382 acc2lo >>= 64;383 acc2lo += r>w[2];384 r>w[2] = acc2lo;385 acc2lo >>= 64;386 #elif BIGNUM_INT_BITS == 32387 /* ./contrib/make1305.py mul 32 */388 BignumDblInt tmp;389 BignumDblInt acclo;390 BignumDblInt acchi;391 BignumDblInt acc2lo;392 acclo = 0;393 acchi = 0;394 tmp = (BignumDblInt)(a>w[0]) * (b>w[0]);395 acclo += tmp & BIGNUM_INT_MASK;396 acchi += tmp >> 32;397 r>w[0] = acclo;398 acclo = acchi + (acclo >> 32);399 acchi = 0;400 tmp = (BignumDblInt)(a>w[0]) * (b>w[1]);401 acclo += tmp & BIGNUM_INT_MASK;402 acchi += tmp >> 32;403 tmp = (BignumDblInt)(a>w[1]) * (b>w[0]);404 acclo += tmp & BIGNUM_INT_MASK;405 acchi += tmp >> 32;406 r>w[1] = acclo;407 acclo = acchi + (acclo >> 32);408 acchi = 0;409 tmp = (BignumDblInt)(a>w[0]) * (b>w[2]);410 acclo += tmp & BIGNUM_INT_MASK;411 acchi += tmp >> 32;412 tmp = (BignumDblInt)(a>w[1]) * (b>w[1]);413 acclo += tmp & BIGNUM_INT_MASK;414 acchi += tmp >> 32;415 tmp = (BignumDblInt)(a>w[2]) * (b>w[0]);416 acclo += tmp & BIGNUM_INT_MASK;417 acchi += tmp >> 32;418 r>w[2] = acclo;419 acclo = acchi + (acclo >> 32);420 acchi = 0;421 tmp = (BignumDblInt)(a>w[0]) * (b>w[3]);422 acclo += tmp & BIGNUM_INT_MASK;423 acchi += tmp >> 32;424 tmp = (BignumDblInt)(a>w[1]) * (b>w[2]);425 acclo += tmp & BIGNUM_INT_MASK;426 acchi += tmp >> 32;427 tmp = (BignumDblInt)(a>w[2]) * (b>w[1]);428 acclo += tmp & BIGNUM_INT_MASK;429 acchi += tmp >> 32;430 tmp = (BignumDblInt)(a>w[3]) * (b>w[0]);431 acclo += tmp & BIGNUM_INT_MASK;432 acchi += tmp >> 32;433 r>w[3] = acclo;434 acclo = acchi + (acclo >> 32);435 acchi = 0;436 tmp = (BignumDblInt)(a>w[0]) * (b>w[4]);437 acclo += tmp & BIGNUM_INT_MASK;438 acchi += tmp >> 32;439 tmp = (BignumDblInt)(a>w[1]) * (b>w[3]);440 acclo += tmp & BIGNUM_INT_MASK;441 acchi += tmp >> 32;442 tmp = (BignumDblInt)(a>w[2]) * (b>w[2]);443 acclo += tmp & BIGNUM_INT_MASK;444 acchi += tmp >> 32;445 tmp = (BignumDblInt)(a>w[3]) * (b>w[1]);446 acclo += tmp & BIGNUM_INT_MASK;447 acchi += tmp >> 32;448 tmp = (BignumDblInt)(a>w[4]) * (b>w[0]);449 acclo += tmp & BIGNUM_INT_MASK;450 acchi += tmp >> 32;451 r>w[4] = acclo & (((BignumInt)1 << 2)1);452 acc2lo = 0;453 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 30)1)) * ((BignumDblInt)5 << 0);454 acclo = acchi + (acclo >> 32);455 acchi = 0;456 tmp = (BignumDblInt)(a>w[1]) * (b>w[4]);457 acclo += tmp & BIGNUM_INT_MASK;458 acchi += tmp >> 32;459 tmp = (BignumDblInt)(a>w[2]) * (b>w[3]);460 acclo += tmp & BIGNUM_INT_MASK;461 acchi += tmp >> 32;462 tmp = (BignumDblInt)(a>w[3]) * (b>w[2]);463 acclo += tmp & BIGNUM_INT_MASK;464 acchi += tmp >> 32;465 tmp = (BignumDblInt)(a>w[4]) * (b>w[1]);466 acclo += tmp & BIGNUM_INT_MASK;467 acchi += tmp >> 32;468 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 30);469 acc2lo += r>w[0];470 r>w[0] = acc2lo;471 acc2lo >>= 32;472 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 30)1)) * ((BignumDblInt)5 << 0);473 acclo = acchi + (acclo >> 32);474 acchi = 0;475 tmp = (BignumDblInt)(a>w[2]) * (b>w[4]);476 acclo += tmp & BIGNUM_INT_MASK;477 acchi += tmp >> 32;478 tmp = (BignumDblInt)(a>w[3]) * (b>w[3]);479 acclo += tmp & BIGNUM_INT_MASK;480 acchi += tmp >> 32;481 tmp = (BignumDblInt)(a>w[4]) * (b>w[2]);482 acclo += tmp & BIGNUM_INT_MASK;483 acchi += tmp >> 32;484 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 30);485 acc2lo += r>w[1];486 r>w[1] = acc2lo;487 acc2lo >>= 32;488 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 30)1)) * ((BignumDblInt)5 << 0);489 acclo = acchi + (acclo >> 32);490 acchi = 0;491 tmp = (BignumDblInt)(a>w[3]) * (b>w[4]);492 acclo += tmp & BIGNUM_INT_MASK;493 acchi += tmp >> 32;494 tmp = (BignumDblInt)(a>w[4]) * (b>w[3]);495 acclo += tmp & BIGNUM_INT_MASK;496 acchi += tmp >> 32;497 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 30);498 acc2lo += r>w[2];499 r>w[2] = acc2lo;500 acc2lo >>= 32;501 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 30)1)) * ((BignumDblInt)5 << 0);502 acclo = acchi + (acclo >> 32);503 acchi = 0;504 tmp = (BignumDblInt)(a>w[4]) * (b>w[4]);505 acclo += tmp & BIGNUM_INT_MASK;506 acchi += tmp >> 32;507 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 30);508 acc2lo += r>w[3];509 r>w[3] = acc2lo;510 acc2lo >>= 32;511 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 0);512 acc2lo += r>w[4];513 r>w[4] = acc2lo;514 acc2lo = 0;515 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 28)1)) * ((BignumDblInt)25 << 0);516 acclo = acchi + (acclo >> 32);517 acchi = 0;518 acc2lo += (acclo & (((BignumInt)1 << 4)1)) * ((BignumDblInt)25 << 28);519 acc2lo += r>w[0];520 r>w[0] = acc2lo;521 acc2lo >>= 32;522 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 28)1)) * ((BignumDblInt)25 << 0);523 acclo = acchi + (acclo >> 32);524 acchi = 0;525 acc2lo += r>w[1];526 r>w[1] = acc2lo;527 acc2lo >>= 32;528 acc2lo += r>w[2];529 r>w[2] = acc2lo;530 acc2lo >>= 32;531 acc2lo += r>w[3];532 r>w[3] = acc2lo;533 acc2lo >>= 32;534 acc2lo += r>w[4];535 r>w[4] = acc2lo;536 acc2lo >>= 32;537 #elif BIGNUM_INT_BITS == 16538 /* ./contrib/make1305.py mul 16 */539 BignumDblInt tmp;540 BignumDblInt acclo;541 BignumDblInt acchi;542 BignumDblInt acc2lo;543 acclo = 0;544 acchi = 0;545 tmp = (BignumDblInt)(a>w[0]) * (b>w[0]);546 acclo += tmp & BIGNUM_INT_MASK;547 acchi += tmp >> 16;548 r>w[0] = acclo;549 acclo = acchi + (acclo >> 16);550 acchi = 0;551 tmp = (BignumDblInt)(a>w[0]) * (b>w[1]);552 acclo += tmp & BIGNUM_INT_MASK;553 acchi += tmp >> 16;554 tmp = (BignumDblInt)(a>w[1]) * (b>w[0]);555 acclo += tmp & BIGNUM_INT_MASK;556 acchi += tmp >> 16;557 r>w[1] = acclo;558 acclo = acchi + (acclo >> 16);559 acchi = 0;560 tmp = (BignumDblInt)(a>w[0]) * (b>w[2]);561 acclo += tmp & BIGNUM_INT_MASK;562 acchi += tmp >> 16;563 tmp = (BignumDblInt)(a>w[1]) * (b>w[1]);564 acclo += tmp & BIGNUM_INT_MASK;565 acchi += tmp >> 16;566 tmp = (BignumDblInt)(a>w[2]) * (b>w[0]);567 acclo += tmp & BIGNUM_INT_MASK;568 acchi += tmp >> 16;569 r>w[2] = acclo;570 acclo = acchi + (acclo >> 16);571 acchi = 0;572 tmp = (BignumDblInt)(a>w[0]) * (b>w[3]);573 acclo += tmp & BIGNUM_INT_MASK;574 acchi += tmp >> 16;575 tmp = (BignumDblInt)(a>w[1]) * (b>w[2]);576 acclo += tmp & BIGNUM_INT_MASK;577 acchi += tmp >> 16;578 tmp = (BignumDblInt)(a>w[2]) * (b>w[1]);579 acclo += tmp & BIGNUM_INT_MASK;580 acchi += tmp >> 16;581 tmp = (BignumDblInt)(a>w[3]) * (b>w[0]);582 acclo += tmp & BIGNUM_INT_MASK;583 acchi += tmp >> 16;584 r>w[3] = acclo;585 acclo = acchi + (acclo >> 16);586 acchi = 0;587 tmp = (BignumDblInt)(a>w[0]) * (b>w[4]);588 acclo += tmp & BIGNUM_INT_MASK;589 acchi += tmp >> 16;590 tmp = (BignumDblInt)(a>w[1]) * (b>w[3]);591 acclo += tmp & BIGNUM_INT_MASK;592 acchi += tmp >> 16;593 tmp = (BignumDblInt)(a>w[2]) * (b>w[2]);594 acclo += tmp & BIGNUM_INT_MASK;595 acchi += tmp >> 16;596 tmp = (BignumDblInt)(a>w[3]) * (b>w[1]);597 acclo += tmp & BIGNUM_INT_MASK;598 acchi += tmp >> 16;599 tmp = (BignumDblInt)(a>w[4]) * (b>w[0]);600 acclo += tmp & BIGNUM_INT_MASK;601 acchi += tmp >> 16;602 r>w[4] = acclo;603 acclo = acchi + (acclo >> 16);604 acchi = 0;605 tmp = (BignumDblInt)(a>w[0]) * (b>w[5]);606 acclo += tmp & BIGNUM_INT_MASK;607 acchi += tmp >> 16;608 tmp = (BignumDblInt)(a>w[1]) * (b>w[4]);609 acclo += tmp & BIGNUM_INT_MASK;610 acchi += tmp >> 16;611 tmp = (BignumDblInt)(a>w[2]) * (b>w[3]);612 acclo += tmp & BIGNUM_INT_MASK;613 acchi += tmp >> 16;614 tmp = (BignumDblInt)(a>w[3]) * (b>w[2]);615 acclo += tmp & BIGNUM_INT_MASK;616 acchi += tmp >> 16;617 tmp = (BignumDblInt)(a>w[4]) * (b>w[1]);618 acclo += tmp & BIGNUM_INT_MASK;619 acchi += tmp >> 16;620 tmp = (BignumDblInt)(a>w[5]) * (b>w[0]);621 acclo += tmp & BIGNUM_INT_MASK;622 acchi += tmp >> 16;623 r>w[5] = acclo;624 acclo = acchi + (acclo >> 16);625 acchi = 0;626 tmp = (BignumDblInt)(a>w[0]) * (b>w[6]);627 acclo += tmp & BIGNUM_INT_MASK;628 acchi += tmp >> 16;629 tmp = (BignumDblInt)(a>w[1]) * (b>w[5]);630 acclo += tmp & BIGNUM_INT_MASK;631 acchi += tmp >> 16;632 tmp = (BignumDblInt)(a>w[2]) * (b>w[4]);633 acclo += tmp & BIGNUM_INT_MASK;634 acchi += tmp >> 16;635 tmp = (BignumDblInt)(a>w[3]) * (b>w[3]);636 acclo += tmp & BIGNUM_INT_MASK;637 acchi += tmp >> 16;638 tmp = (BignumDblInt)(a>w[4]) * (b>w[2]);639 acclo += tmp & BIGNUM_INT_MASK;640 acchi += tmp >> 16;641 tmp = (BignumDblInt)(a>w[5]) * (b>w[1]);642 acclo += tmp & BIGNUM_INT_MASK;643 acchi += tmp >> 16;644 tmp = (BignumDblInt)(a>w[6]) * (b>w[0]);645 acclo += tmp & BIGNUM_INT_MASK;646 acchi += tmp >> 16;647 r>w[6] = acclo;648 acclo = acchi + (acclo >> 16);649 acchi = 0;650 tmp = (BignumDblInt)(a>w[0]) * (b>w[7]);651 acclo += tmp & BIGNUM_INT_MASK;652 acchi += tmp >> 16;653 tmp = (BignumDblInt)(a>w[1]) * (b>w[6]);654 acclo += tmp & BIGNUM_INT_MASK;655 acchi += tmp >> 16;656 tmp = (BignumDblInt)(a>w[2]) * (b>w[5]);657 acclo += tmp & BIGNUM_INT_MASK;658 acchi += tmp >> 16;659 tmp = (BignumDblInt)(a>w[3]) * (b>w[4]);660 acclo += tmp & BIGNUM_INT_MASK;661 acchi += tmp >> 16;662 tmp = (BignumDblInt)(a>w[4]) * (b>w[3]);663 acclo += tmp & BIGNUM_INT_MASK;664 acchi += tmp >> 16;665 tmp = (BignumDblInt)(a>w[5]) * (b>w[2]);666 acclo += tmp & BIGNUM_INT_MASK;667 acchi += tmp >> 16;668 tmp = (BignumDblInt)(a>w[6]) * (b>w[1]);669 acclo += tmp & BIGNUM_INT_MASK;670 acchi += tmp >> 16;671 tmp = (BignumDblInt)(a>w[7]) * (b>w[0]);672 acclo += tmp & BIGNUM_INT_MASK;673 acchi += tmp >> 16;674 r>w[7] = acclo;675 acclo = acchi + (acclo >> 16);676 acchi = 0;677 tmp = (BignumDblInt)(a>w[0]) * (b>w[8]);678 acclo += tmp & BIGNUM_INT_MASK;679 acchi += tmp >> 16;680 tmp = (BignumDblInt)(a>w[1]) * (b>w[7]);681 acclo += tmp & BIGNUM_INT_MASK;682 acchi += tmp >> 16;683 tmp = (BignumDblInt)(a>w[2]) * (b>w[6]);684 acclo += tmp & BIGNUM_INT_MASK;685 acchi += tmp >> 16;686 tmp = (BignumDblInt)(a>w[3]) * (b>w[5]);687 acclo += tmp & BIGNUM_INT_MASK;688 acchi += tmp >> 16;689 tmp = (BignumDblInt)(a>w[4]) * (b>w[4]);690 acclo += tmp & BIGNUM_INT_MASK;691 acchi += tmp >> 16;692 tmp = (BignumDblInt)(a>w[5]) * (b>w[3]);693 acclo += tmp & BIGNUM_INT_MASK;694 acchi += tmp >> 16;695 tmp = (BignumDblInt)(a>w[6]) * (b>w[2]);696 acclo += tmp & BIGNUM_INT_MASK;697 acchi += tmp >> 16;698 tmp = (BignumDblInt)(a>w[7]) * (b>w[1]);699 acclo += tmp & BIGNUM_INT_MASK;700 acchi += tmp >> 16;701 tmp = (BignumDblInt)(a>w[8]) * (b>w[0]);702 acclo += tmp & BIGNUM_INT_MASK;703 acchi += tmp >> 16;704 r>w[8] = acclo & (((BignumInt)1 << 2)1);705 acc2lo = 0;706 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);707 acclo = acchi + (acclo >> 16);708 acchi = 0;709 tmp = (BignumDblInt)(a>w[1]) * (b>w[8]);710 acclo += tmp & BIGNUM_INT_MASK;711 acchi += tmp >> 16;712 tmp = (BignumDblInt)(a>w[2]) * (b>w[7]);713 acclo += tmp & BIGNUM_INT_MASK;714 acchi += tmp >> 16;715 tmp = (BignumDblInt)(a>w[3]) * (b>w[6]);716 acclo += tmp & BIGNUM_INT_MASK;717 acchi += tmp >> 16;718 tmp = (BignumDblInt)(a>w[4]) * (b>w[5]);719 acclo += tmp & BIGNUM_INT_MASK;720 acchi += tmp >> 16;721 tmp = (BignumDblInt)(a>w[5]) * (b>w[4]);722 acclo += tmp & BIGNUM_INT_MASK;723 acchi += tmp >> 16;724 tmp = (BignumDblInt)(a>w[6]) * (b>w[3]);725 acclo += tmp & BIGNUM_INT_MASK;726 acchi += tmp >> 16;727 tmp = (BignumDblInt)(a>w[7]) * (b>w[2]);728 acclo += tmp & BIGNUM_INT_MASK;729 acchi += tmp >> 16;730 tmp = (BignumDblInt)(a>w[8]) * (b>w[1]);731 acclo += tmp & BIGNUM_INT_MASK;732 acchi += tmp >> 16;733 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);734 acc2lo += r>w[0];735 r>w[0] = acc2lo;736 acc2lo >>= 16;737 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);738 acclo = acchi + (acclo >> 16);739 acchi = 0;740 tmp = (BignumDblInt)(a>w[2]) * (b>w[8]);741 acclo += tmp & BIGNUM_INT_MASK;742 acchi += tmp >> 16;743 tmp = (BignumDblInt)(a>w[3]) * (b>w[7]);744 acclo += tmp & BIGNUM_INT_MASK;745 acchi += tmp >> 16;746 tmp = (BignumDblInt)(a>w[4]) * (b>w[6]);747 acclo += tmp & BIGNUM_INT_MASK;748 acchi += tmp >> 16;749 tmp = (BignumDblInt)(a>w[5]) * (b>w[5]);750 acclo += tmp & BIGNUM_INT_MASK;751 acchi += tmp >> 16;752 tmp = (BignumDblInt)(a>w[6]) * (b>w[4]);753 acclo += tmp & BIGNUM_INT_MASK;754 acchi += tmp >> 16;755 tmp = (BignumDblInt)(a>w[7]) * (b>w[3]);756 acclo += tmp & BIGNUM_INT_MASK;757 acchi += tmp >> 16;758 tmp = (BignumDblInt)(a>w[8]) * (b>w[2]);759 acclo += tmp & BIGNUM_INT_MASK;760 acchi += tmp >> 16;761 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);762 acc2lo += r>w[1];763 r>w[1] = acc2lo;764 acc2lo >>= 16;765 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);766 acclo = acchi + (acclo >> 16);767 acchi = 0;768 tmp = (BignumDblInt)(a>w[3]) * (b>w[8]);769 acclo += tmp & BIGNUM_INT_MASK;770 acchi += tmp >> 16;771 tmp = (BignumDblInt)(a>w[4]) * (b>w[7]);772 acclo += tmp & BIGNUM_INT_MASK;773 acchi += tmp >> 16;774 tmp = (BignumDblInt)(a>w[5]) * (b>w[6]);775 acclo += tmp & BIGNUM_INT_MASK;776 acchi += tmp >> 16;777 tmp = (BignumDblInt)(a>w[6]) * (b>w[5]);778 acclo += tmp & BIGNUM_INT_MASK;779 acchi += tmp >> 16;780 tmp = (BignumDblInt)(a>w[7]) * (b>w[4]);781 acclo += tmp & BIGNUM_INT_MASK;782 acchi += tmp >> 16;783 tmp = (BignumDblInt)(a>w[8]) * (b>w[3]);784 acclo += tmp & BIGNUM_INT_MASK;785 acchi += tmp >> 16;786 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);787 acc2lo += r>w[2];788 r>w[2] = acc2lo;789 acc2lo >>= 16;790 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);791 acclo = acchi + (acclo >> 16);792 acchi = 0;793 tmp = (BignumDblInt)(a>w[4]) * (b>w[8]);794 acclo += tmp & BIGNUM_INT_MASK;795 acchi += tmp >> 16;796 tmp = (BignumDblInt)(a>w[5]) * (b>w[7]);797 acclo += tmp & BIGNUM_INT_MASK;798 acchi += tmp >> 16;799 tmp = (BignumDblInt)(a>w[6]) * (b>w[6]);800 acclo += tmp & BIGNUM_INT_MASK;801 acchi += tmp >> 16;802 tmp = (BignumDblInt)(a>w[7]) * (b>w[5]);803 acclo += tmp & BIGNUM_INT_MASK;804 acchi += tmp >> 16;805 tmp = (BignumDblInt)(a>w[8]) * (b>w[4]);806 acclo += tmp & BIGNUM_INT_MASK;807 acchi += tmp >> 16;808 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);809 acc2lo += r>w[3];810 r>w[3] = acc2lo;811 acc2lo >>= 16;812 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);813 acclo = acchi + (acclo >> 16);814 acchi = 0;815 tmp = (BignumDblInt)(a>w[5]) * (b>w[8]);816 acclo += tmp & BIGNUM_INT_MASK;817 acchi += tmp >> 16;818 tmp = (BignumDblInt)(a>w[6]) * (b>w[7]);819 acclo += tmp & BIGNUM_INT_MASK;820 acchi += tmp >> 16;821 tmp = (BignumDblInt)(a>w[7]) * (b>w[6]);822 acclo += tmp & BIGNUM_INT_MASK;823 acchi += tmp >> 16;824 tmp = (BignumDblInt)(a>w[8]) * (b>w[5]);825 acclo += tmp & BIGNUM_INT_MASK;826 acchi += tmp >> 16;827 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);828 acc2lo += r>w[4];829 r>w[4] = acc2lo;830 acc2lo >>= 16;831 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);832 acclo = acchi + (acclo >> 16);833 acchi = 0;834 tmp = (BignumDblInt)(a>w[6]) * (b>w[8]);835 acclo += tmp & BIGNUM_INT_MASK;836 acchi += tmp >> 16;837 tmp = (BignumDblInt)(a>w[7]) * (b>w[7]);838 acclo += tmp & BIGNUM_INT_MASK;839 acchi += tmp >> 16;840 tmp = (BignumDblInt)(a>w[8]) * (b>w[6]);841 acclo += tmp & BIGNUM_INT_MASK;842 acchi += tmp >> 16;843 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);844 acc2lo += r>w[5];845 r>w[5] = acc2lo;846 acc2lo >>= 16;847 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);848 acclo = acchi + (acclo >> 16);849 acchi = 0;850 tmp = (BignumDblInt)(a>w[7]) * (b>w[8]);851 acclo += tmp & BIGNUM_INT_MASK;852 acchi += tmp >> 16;853 tmp = (BignumDblInt)(a>w[8]) * (b>w[7]);854 acclo += tmp & BIGNUM_INT_MASK;855 acchi += tmp >> 16;856 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);857 acc2lo += r>w[6];858 r>w[6] = acc2lo;859 acc2lo >>= 16;860 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 14)1)) * ((BignumDblInt)5 << 0);861 acclo = acchi + (acclo >> 16);862 acchi = 0;863 tmp = (BignumDblInt)(a>w[8]) * (b>w[8]);864 acclo += tmp & BIGNUM_INT_MASK;865 acchi += tmp >> 16;866 acc2lo += (acclo & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 14);867 acc2lo += r>w[7];868 r>w[7] = acc2lo;869 acc2lo >>= 16;870 acc2lo += ((acclo >> 2) & (((BignumInt)1 << 2)1)) * ((BignumDblInt)5 << 0);871 acc2lo += r>w[8];872 r>w[8] = acc2lo;873 acc2lo = 0;874 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 12)1)) * ((BignumDblInt)25 << 0);875 acclo = acchi + (acclo >> 16);876 acchi = 0;877 acc2lo += (acclo & (((BignumInt)1 << 4)1)) * ((BignumDblInt)25 << 12);878 acc2lo += r>w[0];879 r>w[0] = acc2lo;880 acc2lo >>= 16;881 acc2lo += ((acclo >> 4) & (((BignumInt)1 << 12)1)) * ((BignumDblInt)25 << 0);882 acclo = acchi + (acclo >> 16);883 acchi = 0;884 acc2lo += r>w[1];885 r>w[1] = acc2lo;886 acc2lo >>= 16;887 acc2lo += r>w[2];888 r>w[2] = acc2lo;889 acc2lo >>= 16;890 acc2lo += r>w[3];891 r>w[3] = acc2lo;892 acc2lo >>= 16;893 acc2lo += r>w[4];894 r>w[4] = acc2lo;895 acc2lo >>= 16;896 acc2lo += r>w[5];897 r>w[5] = acc2lo;898 acc2lo >>= 16;899 acc2lo += r>w[6];900 r>w[6] = acc2lo;901 acc2lo >>= 16;902 acc2lo += r>w[7];903 r>w[7] = acc2lo;904 acc2lo >>= 16;905 acc2lo += r>w[8];906 r>w[8] = acc2lo;907 acc2lo >>= 16;908 #else909 #error Run contrib/make1305.py again with a different bit count910 #endif911 }912 913 static void bigval_final_reduce(bigval *n)914 {915 #if BIGNUM_INT_BITS == 64916 /* ./contrib/make1305.py final_reduce 64 */917 BignumDblInt acclo;918 acclo = 0;919 acclo += 5 * ((n>w[2] >> 2) + 1);920 acclo += n>w[0];921 acclo >>= 64;922 acclo += n>w[1];923 acclo >>= 64;924 acclo += n>w[2];925 acclo = 5 * (acclo >> 2);926 acclo += n>w[0];927 n>w[0] = acclo;928 acclo >>= 64;929 acclo += n>w[1];930 n>w[1] = acclo;931 acclo >>= 64;932 acclo += n>w[2];933 n>w[2] = acclo;934 acclo >>= 64;935 n>w[2] &= (1 << 2)  1;936 #elif BIGNUM_INT_BITS == 32937 /* ./contrib/make1305.py final_reduce 32 */938 BignumDblInt acclo;939 acclo = 0;940 acclo += 5 * ((n>w[4] >> 2) + 1);941 acclo += n>w[0];942 acclo >>= 32;943 acclo += n>w[1];944 acclo >>= 32;945 acclo += n>w[2];946 acclo >>= 32;947 acclo += n>w[3];948 acclo >>= 32;949 acclo += n>w[4];950 acclo = 5 * (acclo >> 2);951 acclo += n>w[0];952 n>w[0] = acclo;953 acclo >>= 32;954 acclo += n>w[1];955 n>w[1] = acclo;956 acclo >>= 32;957 acclo += n>w[2];958 n>w[2] = acclo;959 acclo >>= 32;960 acclo += n>w[3];961 n>w[3] = acclo;962 acclo >>= 32;963 acclo += n>w[4];964 n>w[4] = acclo;965 acclo >>= 32;966 n>w[4] &= (1 << 2)  1;967 #elif BIGNUM_INT_BITS == 16968 /* ./contrib/make1305.py final_reduce 16 */969 BignumDblInt acclo;970 acclo = 0;971 acclo += 5 * ((n>w[8] >> 2) + 1);972 acclo += n>w[0];973 acclo >>= 16;974 acclo += n>w[1];975 acclo >>= 16;976 acclo += n>w[2];977 acclo >>= 16;978 acclo += n>w[3];979 acclo >>= 16;980 acclo += n>w[4];981 acclo >>= 16;982 acclo += n>w[5];983 acclo >>= 16;984 acclo += n>w[6];985 acclo >>= 16;986 acclo += n>w[7];987 acclo >>= 16;988 acclo += n>w[8];989 acclo = 5 * (acclo >> 2);990 acclo += n>w[0];991 n>w[0] = acclo;992 acclo >>= 16;993 acclo += n>w[1];994 n>w[1] = acclo;995 acclo >>= 16;996 acclo += n>w[2];997 n>w[2] = acclo;998 acclo >>= 16;999 acclo += n>w[3];1000 n>w[3] = acclo;1001 acclo >>= 16;1002 acclo += n>w[4];1003 n>w[4] = acclo;1004 acclo >>= 16;1005 acclo += n>w[5];1006 n>w[5] = acclo;1007 acclo >>= 16;1008 acclo += n>w[6];1009 n>w[6] = acclo;1010 acclo >>= 16;1011 acclo += n>w[7];1012 n>w[7] = acclo;1013 acclo >>= 16;1014 acclo += n>w[8];1015 n>w[8] = acclo;1016 acclo >>= 16;1017 n>w[8] &= (1 << 2)  1;1018 #else1019 #error Run contrib/make1305.py again with a different bit count1020 #endif1021 }1022 735 1023 736 struct poly1305 {
Note: See TracChangeset
for help on using the changeset viewer.