* Originally written by Mike Hamburg
*/
-#ifndef __ARCH_REF64_ARCH_INTRINSICS_H__
-# define __ARCH_REF64_ARCH_INTRINSICS_H__
+#ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
+# define OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
# define ARCH_WORD_BITS 64
-static __inline__ __attribute((always_inline, unused))
-uint64_t word_is_zero(uint64_t a)
+static ossl_inline uint64_t word_is_zero(uint64_t a)
{
/* let's hope the compiler isn't clever enough to optimize this. */
return (((__uint128_t) a) - 1) >> 64;
}
-static __inline__ __attribute((always_inline, unused))
-__uint128_t widemul(uint64_t a, uint64_t b)
+static ossl_inline uint128_t widemul(uint64_t a, uint64_t b)
{
- return ((__uint128_t) a) * b;
+ return ((uint128_t) a) * b;
}
-#endif /* ARCH_REF64_ARCH_INTRINSICS_H__ */
+#endif /* OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H */
*
* Originally written by Mike Hamburg
*/
+
#include "field.h"
-void gf_mul(gf_s * __restrict__ cs, const gf as, const gf bs)
+void gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs)
{
const uint64_t *a = as->limb, *b = bs->limb;
uint64_t *c = cs->limb;
- __uint128_t accum0 = 0, accum1 = 0, accum2;
- uint64_t mask = (1ull << 56) - 1;
+ uint128_t accum0 = 0, accum1 = 0, accum2;
+ uint64_t mask = (1ULL << 56) - 1;
uint64_t aa[4], bb[4], bbb[4];
unsigned int i;
c[1] += ((uint64_t)(accum1));
}
-void gf_mulw_unsigned(gf_s * __restrict__ cs, const gf as, uint32_t b)
+void gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b)
{
const uint64_t *a = as->limb;
uint64_t *c = cs->limb;
- __uint128_t accum0 = 0, accum4 = 0;
- uint64_t mask = (1ull << 56) - 1;
+ uint128_t accum0 = 0, accum4 = 0;
+ uint64_t mask = (1ULL << 56) - 1;
int i;
for (i = 0; i < 4; i++) {
c[1] += accum4 >> 56;
}
-void gf_sqr(gf_s * __restrict__ cs, const gf as)
+void gf_sqr(gf_s * RESTRICT cs, const gf as)
{
const uint64_t *a = as->limb;
uint64_t *c = cs->limb;
- __uint128_t accum0 = 0, accum1 = 0, accum2;
- uint64_t mask = (1ull << 56) - 1;
+ uint128_t accum0 = 0, accum1 = 0, accum2;
+ uint64_t mask = (1ULL << 56) - 1;
uint64_t aa[4];
+ unsigned int i;
/* For some reason clang doesn't vectorize this without prompting? */
- unsigned int i;
- for (i = 0; i < 4; i++) {
+ for (i = 0; i < 4; i++)
aa[i] = a[i] + a[i + 4];
- }
accum2 = widemul(a[0], a[3]);
accum0 = widemul(aa[0], aa[3]);
* Originally written by Mike Hamburg
*/
-#define GF_HEADROOM 9999 /* Everything is reduced anyway */
-#define FIELD_LITERAL(a,b,c,d,e,f,g,h) {{a,b,c,d,e,f,g,h}}
+#ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_64_F_IMPL_H
+# define OSSL_CRYPTO_EC_CURVE448_ARCH_64_F_IMPL_H
-#define LIMB_PLACE_VALUE(i) 56
+# define GF_HEADROOM 9999 /* Everything is reduced anyway */
+# define FIELD_LITERAL(a,b,c,d,e,f,g,h) {{a,b,c,d,e,f,g,h}}
+
+# define LIMB_PLACE_VALUE(i) 56
void gf_add_RAW(gf out, const gf a, const gf b)
{
- for (unsigned int i = 0; i < 8; i++)
+ unsigned int i;
+
+ for (i = 0; i < 8; i++)
out->limb[i] = a->limb[i] + b->limb[i];
+
gf_weak_reduce(out);
}
void gf_sub_RAW(gf out, const gf a, const gf b)
{
- uint64_t co1 = ((1ull << 56) - 1) * 2, co2 = co1 - 2;
+ uint64_t co1 = ((1ULL << 56) - 1) * 2, co2 = co1 - 2;
+ unsigned int i;
- for (unsigned int i = 0; i < 8; i++)
+ for (i = 0; i < 8; i++)
out->limb[i] = a->limb[i] - b->limb[i] + ((i == 4) ? co2 : co1);
+
gf_weak_reduce(out);
}
void gf_bias(gf a, int amt)
{
- (void)a;
- (void)amt;
}
void gf_weak_reduce(gf a)
{
- uint64_t mask = (1ull << 56) - 1;
+ uint64_t mask = (1ULL << 56) - 1;
uint64_t tmp = a->limb[7] >> 56;
+ unsigned int i;
a->limb[4] += tmp;
- for (unsigned int i = 7; i > 0; i--)
+ for (i = 7; i > 0; i--)
a->limb[i] = (a->limb[i] & mask) + (a->limb[i - 1] >> 56);
a->limb[0] = (a->limb[0] & mask) + tmp;
}
+
+#endif /* OSSL_CRYPTO_EC_CURVE448_ARCH_64_F_IMPL_H */
projects / openssl.git / commitdiff