Lines Matching refs:out
129 static void bin32_to_felem(felem out, const u8 in[32]) in bin32_to_felem() argument
131 out[0] = *((u64 *)&in[0]); in bin32_to_felem()
132 out[1] = *((u64 *)&in[8]); in bin32_to_felem()
133 out[2] = *((u64 *)&in[16]); in bin32_to_felem()
134 out[3] = *((u64 *)&in[24]); in bin32_to_felem()
141 static void smallfelem_to_bin32(u8 out[32], const smallfelem in) in smallfelem_to_bin32()
143 *((u64 *)&out[0]) = in[0]; in smallfelem_to_bin32()
144 *((u64 *)&out[8]) = in[1]; in smallfelem_to_bin32()
145 *((u64 *)&out[16]) = in[2]; in smallfelem_to_bin32()
146 *((u64 *)&out[24]) = in[3]; in smallfelem_to_bin32()
150 static int BN_to_felem(felem out, const BIGNUM *bn) in BN_to_felem() argument
164 bin32_to_felem(out, b_out); in BN_to_felem()
169 static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in) in smallfelem_to_BN() argument
173 return BN_lebin2bn(b_out, sizeof(b_out), out); in smallfelem_to_BN()
181 static void smallfelem_one(smallfelem out) in smallfelem_one() argument
183 out[0] = 1; in smallfelem_one()
184 out[1] = 0; in smallfelem_one()
185 out[2] = 0; in smallfelem_one()
186 out[3] = 0; in smallfelem_one()
189 static void smallfelem_assign(smallfelem out, const smallfelem in) in smallfelem_assign() argument
191 out[0] = in[0]; in smallfelem_assign()
192 out[1] = in[1]; in smallfelem_assign()
193 out[2] = in[2]; in smallfelem_assign()
194 out[3] = in[3]; in smallfelem_assign()
197 static void felem_assign(felem out, const felem in) in felem_assign() argument
199 out[0] = in[0]; in felem_assign()
200 out[1] = in[1]; in felem_assign()
201 out[2] = in[2]; in felem_assign()
202 out[3] = in[3]; in felem_assign()
206 static void felem_sum(felem out, const felem in) in felem_sum() argument
208 out[0] += in[0]; in felem_sum()
209 out[1] += in[1]; in felem_sum()
210 out[2] += in[2]; in felem_sum()
211 out[3] += in[3]; in felem_sum()
215 static void felem_small_sum(felem out, const smallfelem in) in felem_small_sum() argument
217 out[0] += in[0]; in felem_small_sum()
218 out[1] += in[1]; in felem_small_sum()
219 out[2] += in[2]; in felem_small_sum()
220 out[3] += in[3]; in felem_small_sum()
224 static void felem_scalar(felem out, const u64 scalar) in felem_scalar() argument
226 out[0] *= scalar; in felem_scalar()
227 out[1] *= scalar; in felem_scalar()
228 out[2] *= scalar; in felem_scalar()
229 out[3] *= scalar; in felem_scalar()
233 static void longfelem_scalar(longfelem out, const u64 scalar) in longfelem_scalar() argument
235 out[0] *= scalar; in longfelem_scalar()
236 out[1] *= scalar; in longfelem_scalar()
237 out[2] *= scalar; in longfelem_scalar()
238 out[3] *= scalar; in longfelem_scalar()
239 out[4] *= scalar; in longfelem_scalar()
240 out[5] *= scalar; in longfelem_scalar()
241 out[6] *= scalar; in longfelem_scalar()
242 out[7] *= scalar; in longfelem_scalar()
258 static void smallfelem_neg(felem out, const smallfelem small) in smallfelem_neg() argument
261 out[0] = zero105[0] - small[0]; in smallfelem_neg()
262 out[1] = zero105[1] - small[1]; in smallfelem_neg()
263 out[2] = zero105[2] - small[2]; in smallfelem_neg()
264 out[3] = zero105[3] - small[3]; in smallfelem_neg()
274 static void felem_diff(felem out, const felem in) in felem_diff() argument
279 out[0] += zero105[0]; in felem_diff()
280 out[1] += zero105[1]; in felem_diff()
281 out[2] += zero105[2]; in felem_diff()
282 out[3] += zero105[3]; in felem_diff()
284 out[0] -= in[0]; in felem_diff()
285 out[1] -= in[1]; in felem_diff()
286 out[2] -= in[2]; in felem_diff()
287 out[3] -= in[3]; in felem_diff()
306 static void felem_diff_zero107(felem out, const felem in) in felem_diff_zero107() argument
311 out[0] += zero107[0]; in felem_diff_zero107()
312 out[1] += zero107[1]; in felem_diff_zero107()
313 out[2] += zero107[2]; in felem_diff_zero107()
314 out[3] += zero107[3]; in felem_diff_zero107()
316 out[0] -= in[0]; in felem_diff_zero107()
317 out[1] -= in[1]; in felem_diff_zero107()
318 out[2] -= in[2]; in felem_diff_zero107()
319 out[3] -= in[3]; in felem_diff_zero107()
329 static void longfelem_diff(longfelem out, const longfelem in) in longfelem_diff() argument
341 out[0] += two70m8p6; in longfelem_diff()
342 out[1] += two70p40; in longfelem_diff()
343 out[2] += two70; in longfelem_diff()
344 out[3] += two70m40m38p6; in longfelem_diff()
345 out[4] += two70m6; in longfelem_diff()
346 out[5] += two70m6; in longfelem_diff()
347 out[6] += two70m6; in longfelem_diff()
348 out[7] += two70m6; in longfelem_diff()
351 out[0] -= in[0]; in longfelem_diff()
352 out[1] -= in[1]; in longfelem_diff()
353 out[2] -= in[2]; in longfelem_diff()
354 out[3] -= in[3]; in longfelem_diff()
355 out[4] -= in[4]; in longfelem_diff()
356 out[5] -= in[5]; in longfelem_diff()
357 out[6] -= in[6]; in longfelem_diff()
358 out[7] -= in[7]; in longfelem_diff()
378 static void felem_shrink(smallfelem out, const felem in) in felem_shrink() argument
463 out[0] = tmp[0]; in felem_shrink()
464 out[1] = tmp[1]; in felem_shrink()
465 out[2] = tmp[2]; in felem_shrink()
466 out[3] = tmp[3]; in felem_shrink()
470 static void smallfelem_expand(felem out, const smallfelem in) in smallfelem_expand() argument
472 out[0] = in[0]; in smallfelem_expand()
473 out[1] = in[1]; in smallfelem_expand()
474 out[2] = in[2]; in smallfelem_expand()
475 out[3] = in[3]; in smallfelem_expand()
485 static void smallfelem_square(longfelem out, const smallfelem small) in smallfelem_square() argument
493 out[0] = low; in smallfelem_square()
494 out[1] = high; in smallfelem_square()
499 out[1] += low; in smallfelem_square()
500 out[1] += low; in smallfelem_square()
501 out[2] = high; in smallfelem_square()
506 out[2] += low; in smallfelem_square()
507 out[2] *= 2; in smallfelem_square()
508 out[3] = high; in smallfelem_square()
513 out[3] += low; in smallfelem_square()
514 out[4] = high; in smallfelem_square()
519 out[3] += low; in smallfelem_square()
520 out[3] *= 2; in smallfelem_square()
521 out[4] += high; in smallfelem_square()
526 out[2] += low; in smallfelem_square()
527 out[3] += high; in smallfelem_square()
532 out[4] += low; in smallfelem_square()
533 out[4] *= 2; in smallfelem_square()
534 out[5] = high; in smallfelem_square()
539 out[5] += low; in smallfelem_square()
540 out[5] *= 2; in smallfelem_square()
541 out[6] = high; in smallfelem_square()
542 out[6] += high; in smallfelem_square()
547 out[4] += low; in smallfelem_square()
548 out[5] += high; in smallfelem_square()
553 out[6] += low; in smallfelem_square()
554 out[7] = high; in smallfelem_square()
564 static void felem_square(longfelem out, const felem in) in felem_square() argument
568 smallfelem_square(out, small); in felem_square()
579 static void smallfelem_mul(longfelem out, const smallfelem small1, in smallfelem_mul() argument
588 out[0] = low; in smallfelem_mul()
589 out[1] = high; in smallfelem_mul()
594 out[1] += low; in smallfelem_mul()
595 out[2] = high; in smallfelem_mul()
600 out[1] += low; in smallfelem_mul()
601 out[2] += high; in smallfelem_mul()
606 out[2] += low; in smallfelem_mul()
607 out[3] = high; in smallfelem_mul()
612 out[2] += low; in smallfelem_mul()
613 out[3] += high; in smallfelem_mul()
618 out[2] += low; in smallfelem_mul()
619 out[3] += high; in smallfelem_mul()
624 out[3] += low; in smallfelem_mul()
625 out[4] = high; in smallfelem_mul()
630 out[3] += low; in smallfelem_mul()
631 out[4] += high; in smallfelem_mul()
636 out[3] += low; in smallfelem_mul()
637 out[4] += high; in smallfelem_mul()
642 out[3] += low; in smallfelem_mul()
643 out[4] += high; in smallfelem_mul()
648 out[4] += low; in smallfelem_mul()
649 out[5] = high; in smallfelem_mul()
654 out[4] += low; in smallfelem_mul()
655 out[5] += high; in smallfelem_mul()
660 out[4] += low; in smallfelem_mul()
661 out[5] += high; in smallfelem_mul()
666 out[5] += low; in smallfelem_mul()
667 out[6] = high; in smallfelem_mul()
672 out[5] += low; in smallfelem_mul()
673 out[6] += high; in smallfelem_mul()
678 out[6] += low; in smallfelem_mul()
679 out[7] = high; in smallfelem_mul()
690 static void felem_mul(longfelem out, const felem in1, const felem in2) in felem_mul() argument
695 smallfelem_mul(out, small1, small2); in felem_mul()
706 static void felem_small_mul(longfelem out, const smallfelem small1, in felem_small_mul() argument
711 smallfelem_mul(out, small1, small2); in felem_small_mul()
735 static void felem_reduce_(felem out, const longfelem in) in felem_reduce_() argument
740 out[0] += c; in felem_reduce_()
741 out[3] -= c; in felem_reduce_()
744 out[1] += c; in felem_reduce_()
745 out[2] -= c; in felem_reduce_()
749 out[1] -= (in[4] << 32); in felem_reduce_()
750 out[3] += (in[4] << 32); in felem_reduce_()
753 out[2] -= (in[5] << 32); in felem_reduce_()
756 out[0] -= in[6]; in felem_reduce_()
757 out[0] -= (in[6] << 32); in felem_reduce_()
758 out[1] += (in[6] << 33); in felem_reduce_()
759 out[2] += (in[6] * 2); in felem_reduce_()
760 out[3] -= (in[6] << 32); in felem_reduce_()
763 out[0] -= in[7]; in felem_reduce_()
764 out[0] -= (in[7] << 32); in felem_reduce_()
765 out[2] += (in[7] << 33); in felem_reduce_()
766 out[3] += (in[7] * 3); in felem_reduce_()
778 static void felem_reduce(felem out, const longfelem in) in felem_reduce() argument
780 out[0] = zero100[0] + in[0]; in felem_reduce()
781 out[1] = zero100[1] + in[1]; in felem_reduce()
782 out[2] = zero100[2] + in[2]; in felem_reduce()
783 out[3] = zero100[3] + in[3]; in felem_reduce()
785 felem_reduce_(out, in); in felem_reduce()
807 static void felem_reduce_zero105(felem out, const longfelem in) in felem_reduce_zero105() argument
809 out[0] = zero105[0] + in[0]; in felem_reduce_zero105()
810 out[1] = zero105[1] + in[1]; in felem_reduce_zero105()
811 out[2] = zero105[2] + in[2]; in felem_reduce_zero105()
812 out[3] = zero105[3] + in[3]; in felem_reduce_zero105()
814 felem_reduce_(out, in); in felem_reduce_zero105()
845 static void felem_contract(smallfelem out, const felem in) in felem_contract() argument
850 felem_shrink(out, in); in felem_contract()
862 uint128_t a = ((uint128_t) kPrime[i]) - out[i]; in felem_contract()
873 equal = kPrime[i] ^ out[i]; in felem_contract()
893 subtract_u64(&out[0], &carry, result & kPrime[0]); in felem_contract()
894 subtract_u64(&out[1], &carry, carry); in felem_contract()
895 subtract_u64(&out[2], &carry, carry); in felem_contract()
896 subtract_u64(&out[3], &carry, carry); in felem_contract()
898 subtract_u64(&out[1], &carry, result & kPrime[1]); in felem_contract()
899 subtract_u64(&out[2], &carry, carry); in felem_contract()
900 subtract_u64(&out[3], &carry, carry); in felem_contract()
902 subtract_u64(&out[2], &carry, result & kPrime[2]); in felem_contract()
903 subtract_u64(&out[3], &carry, carry); in felem_contract()
905 subtract_u64(&out[3], &carry, result & kPrime[3]); in felem_contract()
908 static void smallfelem_square_contract(smallfelem out, const smallfelem in) in smallfelem_square_contract() argument
915 felem_contract(out, tmp); in smallfelem_square_contract()
918 static void smallfelem_mul_contract(smallfelem out, const smallfelem in1, in smallfelem_mul_contract() argument
926 felem_contract(out, tmp); in smallfelem_mul_contract()
982 static void felem_inv(felem out, const felem in) in felem_inv() argument
1073 felem_reduce(out, tmp); /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */ in felem_inv()
1076 static void smallfelem_inv_contract(smallfelem out, const smallfelem in) in smallfelem_inv_contract() argument
1082 felem_contract(out, tmp); in smallfelem_inv_contract()
1204 static void copy_conditional(felem out, const felem in, limb mask) in copy_conditional() argument
1208 const limb tmp = mask & (in[i] ^ out[i]); in copy_conditional()
1209 out[i] ^= tmp; in copy_conditional()
1214 static void copy_small_conditional(felem out, const smallfelem in, limb mask) in copy_small_conditional() argument
1219 out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask); in copy_small_conditional()
1637 const smallfelem pre_comp[16][3], smallfelem out[3]) in select_point()
1640 u64 *outlimbs = &out[0][0]; in select_point()
1642 memset(out, 0, sizeof(*out) * 3); in select_point()