Lines Matching +full:in2 +full:-
2 * Copyright (C) 2017 - This file is part of libecc project
7 * Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr>
23 * o out = in1 +/- in2 if cnd is not zero.
27 * constant time for that specific factor, nor on the values of in1 and in2.
28 * It still depends on the maximal length of in1 and in2.
35 * Conditionally adds 'in2' to 'in1' according to "cnd", storing the result
38 * returns 0 on success, -1 on error.
41 * commutative, i.e. "_nn_cnd_add(cnd, out, in1, in2)" is not equivalent
42 * to "_nn_cnd_add(cnd, out, in2, in1)". It is commutative though if "cnd"
43 * is not zero or 'in1' == 'in2'.
46 * that is if not aliased to 'in1' or 'in2'. The length of "out" is set to
47 * the maximal length of 'in1' and 'in2'. Note that both 'in1' and 'in2' will
54 * o the data stored in 'in1' and 'in2'.
56 * o the maximal length of 'in1' and 'in2'.
60 ATTRIBUTE_WARN_UNUSED_RET static int _nn_cnd_add(int cnd, nn_t out, nn_src_t in1, nn_src_t in2, in _nn_cnd_add() argument
70 ret = nn_check_initialized(in2); EG(ret, err); in _nn_cnd_add()
73 loop_wlen = LOCAL_MAX(in1->wlen, in2->wlen); in _nn_cnd_add()
74 if ((out != in1) && (out != in2)) { in _nn_cnd_add()
82 tmp = (word_t)(in1->val[i] + (in2->val[i] & mask)); in _nn_cnd_add()
83 carry1 = (word_t)(tmp < in1->val[i]); in _nn_cnd_add()
84 out->val[i] = (word_t)(tmp + _carry); in _nn_cnd_add()
85 carry2 = (word_t)(out->val[i] < tmp); in _nn_cnd_add()
97 * Conditionally adds 'in2' to 'in1' according to "cnd", storing the result
99 * length of 'in1' and 'in2'. It is user responsibility to ensure that the
101 * for instance guaranteed if both in1->wlen and in2->wlen are less than
117 * The function returns 0 on success, -1 on error.
119 int nn_cnd_add(int cnd, nn_t out, nn_src_t in1, nn_src_t in2) in nn_cnd_add() argument
124 ret = _nn_cnd_add(cnd, out, in1, in2, &carry); EG(ret, err); in nn_cnd_add()
126 /* We cannot allow a non-zero carry if out->wlen is at its limit */ in nn_cnd_add()
127 MUST_HAVE(((out->wlen != NN_MAX_WORD_LEN) || (!carry)), ret, err); in nn_cnd_add()
129 if (out->wlen != NN_MAX_WORD_LEN) { in nn_cnd_add()
137 out->val[out->wlen] = carry; in nn_cnd_add()
138 out->wlen = (u8)(out->wlen + carry); in nn_cnd_add()
146 * Unconditionally adds 'in2' to 'in1', storing the result in "out",
148 * 'in1' and 'in2'. The function returns 0 on success, -1 on error.
158 int nn_add(nn_t out, nn_src_t in1, nn_src_t in2) in nn_add() argument
160 return nn_cnd_add(1, out, in1, in2); in nn_add()
167 * function returns 0 on succes, -1 on error.
188 n_wlen = in1->wlen; in nn_add_word()
198 tmp = (word_t)(in1->val[i] + carry); in nn_add_word()
199 carry = (word_t)(tmp < in1->val[i]); in nn_add_word()
200 out->val[i] = tmp; in nn_add_word()
203 MUST_HAVE(((out->wlen != NN_MAX_WORD_LEN) || (!carry)), ret, err); in nn_add_word()
204 if (out->wlen != NN_MAX_WORD_LEN) { in nn_add_word()
212 out->val[out->wlen] = carry; in nn_add_word()
213 out->wlen = (u8)(out->wlen + carry); in nn_add_word()
224 * less than NN_MAX_WORD_LEN). The function returns 0 on success, -1 on error.
237 * Conditionally subtracts 'in2' from 'in1' according to "cnd",
239 * o out = in1 - in2 if cnd is not zero.
242 * 'in1' and 'in2' must point to initialized nn, such that the value of 'in1'
243 * is larger than 'in2'. Aliasing is supported, i.e. 'out' can point to the
244 * same nn as 'in1' or 'in2'. If aliasing is not used, 'out' is initialized by
248 * The function returns 0 on success, -1 on error.
250 int nn_cnd_sub(int cnd, nn_t out, nn_src_t in1, nn_src_t in2) in nn_cnd_sub() argument
258 ret = nn_check_initialized(in2); EG(ret, err); in nn_cnd_sub()
261 loop_wlen = LOCAL_MAX(in1->wlen, in2->wlen); in nn_cnd_sub()
262 if ((out != in1) && (out != in2)) { in nn_cnd_sub()
265 ret = nn_set_wlen(out, in1->wlen); EG(ret, err); in nn_cnd_sub()
270 tmp = (word_t)(in1->val[i] - (in2->val[i] & mask)); in nn_cnd_sub()
271 borrow1 = (word_t)(tmp > in1->val[i]); in nn_cnd_sub()
272 out->val[i] = (word_t)(tmp - borrow); in nn_cnd_sub()
273 borrow2 = (word_t)(out->val[i] > tmp); in nn_cnd_sub()
278 /* We only support the in1 >= in2 case */ in nn_cnd_sub()
279 ret = (borrow != WORD(0)) ? -1 : 0; in nn_cnd_sub()
286 int nn_sub(nn_t out, nn_src_t in1, nn_src_t in2) in nn_sub() argument
288 return nn_cnd_sub(1, out, in1, in2); in nn_sub()
292 * Compute out = in1 - 1 where in1 is a *positive* integer. Aliasing is
293 * supported i.e. nn_dec(A, A) works as expected and provides A -= 1.
294 * The function returns 0 on success, -1 on error.
304 n_wlen = in1->wlen; in nn_dec()
310 tmp = (word_t)(in1->val[i] - borrow); in nn_dec()
311 borrow = (word_t)(tmp > in1->val[i]); in nn_dec()
312 out->val[i] = tmp; in nn_dec()
315 ret = (borrow != WORD(0)) ? -1 : 0; in nn_dec()
334 * Compute out = in1 + in2 mod p. The function returns 0 on success, -1 on
339 static int _nn_mod_add(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p) in _nn_mod_add() argument
344 ret = nn_check_initialized(in2); EG(ret, err); in _nn_mod_add()
346 MUST_HAVE((p->wlen < NN_MAX_WORD_LEN), ret, err); /* otherwise carry could overflow */ in _nn_mod_add()
348 …SHOULD_HAVE((!nn_cmp(in2, p, &cmp)) && (cmp < 0), ret, err); /* a SHOULD_HAVE as documented above … in _nn_mod_add()
350 ret = nn_add(out, in1, in2); EG(ret, err); in _nn_mod_add()
352 * If previous addition extends out->wlen, this may have an effect on in _nn_mod_add()
354 * normalize out->wlen to p->wlen + 1. Its length is set to that of in _nn_mod_add()
360 * of in1 and in2 so getting a carry out does not necessarily mean in _nn_mod_add()
363 ret = nn_set_wlen(out, (u8)(p->wlen + 1)); EG(ret, err); in _nn_mod_add()
367 ret = nn_set_wlen(out, p->wlen); in _nn_mod_add()
374 * Compute out = in1 + in2 mod p. The function returns 0 on success, -1 on
379 int nn_mod_add(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p) in nn_mod_add() argument
388 ret = _nn_mod_add(out, in1, in2, &p_cpy); in nn_mod_add()
395 ret = _nn_mod_add(out, in1, in2, p); in nn_mod_add()
403 * Compute out = in1 + 1 mod p. The function returns 0 on success, -1 on error.
413 MUST_HAVE((p->wlen < NN_MAX_WORD_LEN), ret, err); /* otherwise carry could overflow */ in _nn_mod_inc()
417 ret = nn_set_wlen(out, (u8)(p->wlen + 1)); EG(ret, err); /* see comment in nn_mod_add() */ in _nn_mod_inc()
421 ret = nn_set_wlen(out, p->wlen); in _nn_mod_inc()
428 * Compute out = in1 + 1 mod p. The function returns 0 on success, -1 on error.
457 * Compute out = in1 - in2 mod p. The function returns 0 on success, -1 on
462 static int _nn_mod_sub(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p) in _nn_mod_sub() argument
470 ret = nn_check_initialized(in2); EG(ret, err); in _nn_mod_sub()
472 MUST_HAVE((p->wlen < NN_MAX_WORD_LEN), ret, err); /* otherwise carry could overflow */ in _nn_mod_sub()
474 …SHOULD_HAVE((!nn_cmp(in2, p, &cmp)) && (cmp < 0), ret, err); /* a SHOULD_HAVE as documented above … in _nn_mod_sub()
476 /* Handle the case where in2 and out are aliased */ in _nn_mod_sub()
477 if (in2 == out) { in _nn_mod_sub()
478 ret = nn_copy(&in2_cpy, in2); EG(ret, err); in _nn_mod_sub()
482 in2_ = in2; in _nn_mod_sub()
489 ret = nn_set_wlen(out, (u8)(p->wlen + 1)); EG(ret, err);/* See Comment in nn_mod_add() */ in _nn_mod_sub()
491 ret = nn_set_wlen(out, p->wlen); in _nn_mod_sub()
500 * Compute out = in1 - in2 mod p. The function returns 0 on success, -1 on
505 int nn_mod_sub(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p) in nn_mod_sub() argument
514 ret = _nn_mod_sub(out, in1, in2, &p_cpy); in nn_mod_sub()
521 ret = _nn_mod_sub(out, in1, in2, p); in nn_mod_sub()
529 * Compute out = in1 - 1 mod p. The function returns 0 on success, -1 on error
539 MUST_HAVE((p->wlen < NN_MAX_WORD_LEN), ret, err); /* otherwise carry could overflow */ in _nn_mod_dec()
546 ret = nn_set_wlen(out, (u8)(p->wlen + 1)); EG(ret, err); /* See Comment in nn_mod_add() */ in _nn_mod_dec()
548 ret = nn_set_wlen(out, p->wlen); in _nn_mod_dec()
555 * Compute out = in1 - 1 mod p. The function returns 0 on success, -1 on error
583 * Compute out = -in mod p. The function returns 0 on success, -1 on error.
585 * out = p - in (except when value is 0).