Home
last modified time | relevance | path

Searched refs:limb (Results 1 – 19 of 19) sorted by relevance

/src/crypto/openssl/crypto/ec/curve448/
H A Dscalar.c47 chain = (chain + accum[i]) - sub->limb[i]; in sc_subx()
48 out->limb[i] = (c448_word_t)chain; in sc_subx()
55 chain = (chain + out->limb[i]) + (p->limb[i] & borrow); in sc_subx()
56 out->limb[i] = (c448_word_t)chain; in sc_subx()
69 c448_word_t mand = a->limb[i]; in sc_montmul()
70 const c448_word_t *mier = b->limb; in sc_montmul()
82 mier = sc_p->limb; in sc_montmul()
108 sc_subx(out, a->limb, b, sc_p, 0); in ossl_curve448_scalar_sub()
118 chain = (chain + a->limb[i]) + b->limb[i]; in ossl_curve448_scalar_add()
119 out->limb[i] = (c448_word_t)chain; in ossl_curve448_scalar_add()
[all …]
H A Df_generic.c35 buffer |= ((dword_t)red->limb[LIMBPERM(j)]) << fill; in gf_serialize()
52 return 0 - (y->limb[0] & 1); in gf_hibit()
62 return 0 - (y->limb[0] & 1); in gf_lobit()
87 … x->limb[LIMBPERM(i)] = (word_t)((i < NLIMBS - 1) ? buffer & LIMB_MASK(LIMBPERM(i)) : buffer); in gf_deserialize()
90 … scarry = (scarry + x->limb[LIMBPERM(i)] - MODULUS->limb[LIMBPERM(i)]) >> (8 * sizeof(word_t)); in gf_deserialize()
112 scarry = scarry + a->limb[LIMBPERM(i)] - MODULUS->limb[LIMBPERM(i)]; in gf_strong_reduce()
113 a->limb[LIMBPERM(i)] = scarry & LIMB_MASK(LIMBPERM(i)); in gf_strong_reduce()
128 carry = carry + a->limb[LIMBPERM(i)] + (scarry_0 & MODULUS->limb[LIMBPERM(i)]); in gf_strong_reduce()
129 a->limb[LIMBPERM(i)] = carry & LIMB_MASK(LIMBPERM(i)); in gf_strong_reduce()
162 ret |= c->limb[LIMBPERM(i)]; in gf_eq()
H A Dfield.h36 word_t limb[NLIMBS]; member
138 x[0].limb[i] = constant_time_select_32(is_z, z[0].limb[i], in gf_cond_sel()
139 y[0].limb[i]); in gf_cond_sel()
142 x[0].limb[i] = constant_time_select_64(is_z, z[0].limb[i], in gf_cond_sel()
143 y[0].limb[i]); in gf_cond_sel()
164 constant_time_cond_swap_32(swap, &(x[0].limb[i]), &(y->limb[i])); in gf_cond_swap()
167 constant_time_cond_swap_64(swap, &(x[0].limb[i]), &(y->limb[i])); in gf_cond_swap()
H A Dpoint_448.h68 c448_word_t limb[C448_SCALAR_LIMBS]; member
H A Dcurve448.c251 tab |= (scalar1x->limb[bit / WBITS] >> (bit % WBITS) & 1) << k; in ossl_curve448_precomputed_scalarmul()
552 uint64_t current = scalar->limb[0] & 0xFFFF; in recode_wnaf()
555 const unsigned int B_OVER_16 = sizeof(scalar->limb[0]) / 2; in recode_wnaf()
572 current += (uint32_t)((scalar->limb[w / B_OVER_16] in recode_wnaf()
/src/crypto/openssl/crypto/ec/curve448/arch_32/
H A Df_impl.h32 out->limb[i] = a->limb[i] + b->limb[i]; in gf_add_RAW()
40 out->limb[i] = a->limb[i] - b->limb[i]; in gf_sub_RAW()
49 a->limb[i] += (i == NLIMBS / 2) ? co2 : co1; in gf_bias()
55 uint32_t tmp = a->limb[NLIMBS - 1] >> 28; in gf_weak_reduce()
58 a->limb[NLIMBS / 2] += tmp; in gf_weak_reduce()
60 a->limb[i] = (a->limb[i] & mask) + (a->limb[i - 1] >> 28); in gf_weak_reduce()
61 a->limb[0] = (a->limb[0] & mask) + tmp; in gf_weak_reduce()
H A Df_impl32.c26 const uint32_t *a = as->limb, *b = bs->limb;
27 uint32_t *c = cs->limb;
75 const uint32_t *a = as->limb;
76 uint32_t *c = cs->limb;
/src/crypto/openssl/crypto/ec/curve448/arch_64/
H A Df_impl.h31 out->limb[i] = a->limb[i] + b->limb[i]; in gf_add_RAW()
42 out->limb[i] = a->limb[i] - b->limb[i] + ((i == NLIMBS / 2) ? co2 : co1); in gf_sub_RAW()
54 uint64_t tmp = a->limb[NLIMBS - 1] >> 56; in gf_weak_reduce()
57 a->limb[NLIMBS / 2] += tmp; in gf_weak_reduce()
59 a->limb[i] = (a->limb[i] & mask) + (a->limb[i - 1] >> 56); in gf_weak_reduce()
60 a->limb[0] = (a->limb[0] & mask) + tmp; in gf_weak_reduce()
H A Df_impl64.c26 const uint64_t *a = as->limb, *b = bs->limb;
27 uint64_t *c = cs->limb;
78 const uint64_t *a = as->limb;
79 uint64_t *c = cs->limb;
104 const uint64_t *a = as->limb;
105 uint64_t *c = cs->limb;
/src/crypto/openssl/crypto/ec/
H A Decp_nistp521.c131 typedef uint64_t limb; typedef
132 typedef limb limb_aX __attribute((__aligned__(1)));
133 typedef limb felem[NLIMBS];
136 static const limb bottom57bits = 0x1ffffffffffffff;
137 static const limb bottom58bits = 0x3ffffffffffffff;
145 out[0] = (*((limb *)&in[0])) & bottom58bits; in bin66_to_felem()
163 (*((limb *)&out[0])) = in[0]; in felem_to_bin66()
247 static void felem_scalar(felem out, const felem in, limb scalar) in felem_scalar()
261 static void felem_scalar64(felem out, limb scalar) in felem_scalar64()
275 static void felem_scalar128(largefelem out, limb scalar) in felem_scalar128()
[all …]
H A Decp_nistp256.c115 typedef uint128_t limb; typedef
116 typedef limb felem[NLIMBS];
117 typedef limb longfelem[NLIMBS * 2];
246 #define two105m41m9 (((limb)1) << 105) - (((limb)1) << 41) - (((limb)1) << 9)
247 #define two105 (((limb)1) << 105)
248 #define two105m41p9 (((limb)1) << 105) - (((limb)1) << 41) + (((limb)1) << 9)
290 #define two107m43m11 (((limb)1) << 107) - (((limb)1) << 43) - (((limb)1) << 11)
291 #define two107 (((limb)1) << 107)
292 #define two107m43p11 (((limb)1) << 107) - (((limb)1) << 43) + (((limb)1) << 11)
332 static const limb two70m8p6 = (((limb)1) << 70) - (((limb)1) << 8) + (((limb)1) << 6); in longfelem_diff()
[all …]
H A Decp_nistp384.c107 typedef uint64_t limb; typedef
109 typedef limb limb_aX __attribute((__aligned__(1)));
110 typedef limb felem[NLIMBS];
113 static const limb bottom56bits = 0xffffffffffffff;
119 out[0] = (*((limb *)&in[0])) & bottom56bits; in bin48_to_felem()
131 (*((limb *)&out[0])) |= (in[0] & bottom56bits); in felem_to_bin48()
176 memset(&out[1], 0, sizeof(limb) * (NLIMBS - 1)); in felem_one()
194 static void felem_scalar(felem out, const felem in, limb scalar) in felem_scalar()
203 static void felem_scalar64(felem out, limb scalar) in felem_scalar64()
212 static void felem_scalar128(widefelem out, limb scalar) in felem_scalar128()
[all …]
H A Decp_nistp224.c75 typedef uint64_t limb; typedef
79 typedef limb felem[4];
312 out[0] = *((const limb *)(in)) & 0x00ffffffffffffff; in bin28_to_felem()
396 static const limb two58p2 = (((limb)1) << 58) + (((limb)1) << 2); in felem_diff()
397 static const limb two58m2 = (((limb)1) << 58) - (((limb)1) << 2); in felem_diff()
398 static const limb two58m42m2 = (((limb)1) << 58) - (((limb)1) << 42) - (((limb)1) << 2); in felem_diff()
462 static void felem_scalar(felem out, const limb scalar) in felem_scalar()
488 limb tmp0, tmp1, tmp2; in felem_square()
598 static const int64_t two56 = ((limb)1) << 56; in felem_contract()
666 static limb felem_is_zero(const felem in) in felem_is_zero()
[all …]
/src/crypto/openssl/crypto/bn/
H A Dbn_lib.c1152 BN_ULONG limb; in bn_correct_top_consttime() local
1156 limb = a->d[j]; in bn_correct_top_consttime()
1157 limb |= 0 - limb; in bn_correct_top_consttime()
1158 limb >>= BN_BITS2 - 1; in bn_correct_top_consttime()
1159 limb = 0 - limb; in bn_correct_top_consttime()
1160 mask = (unsigned int)limb; in bn_correct_top_consttime()
/src/crypto/openssl/test/recipes/30-test_evp_data/
H A Devpmac_poly1305.txt54 # What happens if data limb is all ones and there is carry from lower limb?
278 # limb carry
/src/crypto/openssl/Configurations/
H A DREADME.md230 limb size is implied in
/src/crypto/openssl/
H A DCHANGES.md12303 mpz_t when openssl and GMP use the same limb size. Otherwise the
/src/share/dict/
H A Dweb2a13903 corolla limb
H A Dweb2106753 limb