Lines Matching +full:32 +full:-

11 static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])  in add()  argument
20 static void sub(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) in sub() argument
26 u += a[j] + 65280 - b[j]; in sub()
30 u += a[31] - b[31]; in sub()
34 static void squeeze(unsigned int a[32]) in squeeze() argument
46 static const unsigned int minusp[32] = {
50 static void freeze(unsigned int a[32]) in freeze() argument
52 unsigned int aorig[32]; in freeze()
56 for (j = 0;j < 32;++j) aorig[j] = a[j]; in freeze()
58 negative = -((a[31] >> 7) & 1); in freeze()
59 for (j = 0;j < 32;++j) a[j] ^= negative & (aorig[j] ^ a[j]); in freeze()
62 static void mult(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) in mult() argument
68 for (i = 0;i < 32;++i) { in mult()
70 for (j = 0;j <= i;++j) u += a[j] * b[i - j]; in mult()
71 for (j = i + 1;j < 32;++j) u += 38 * a[j] * b[i + 32 - j]; in mult()
77 static void mult121665(unsigned int out[32],const unsigned int a[32]) in mult121665() argument
90 static void square(unsigned int out[32],const unsigned int a[32]) in square() argument
96 for (i = 0;i < 32;++i) { in square()
98 for (j = 0;j < i - j;++j) u += a[j] * a[i - j]; in square()
99 for (j = i + 1;j < i + 32 - j;++j) u += 38 * a[j] * a[i + 32 - j]; in square()
116 bminus1 = b - 1; in select()
124 static void mainloop(unsigned int work[64],const unsigned char e[32]) in mainloop() argument
137 unsigned int r[32]; in mainloop()
138 unsigned int s[32]; in mainloop()
139 unsigned int t[32]; in mainloop()
140 unsigned int u[32]; in mainloop()
145 for (j = 0;j < 32;++j) xzm1[j] = work[j]; in mainloop()
146 xzm1[32] = 1; in mainloop()
152 for (pos = 254;pos >= 0;--pos) { in mainloop()
156 add(a0,xzmb,xzmb + 32); in mainloop()
157 sub(a0 + 32,xzmb,xzmb + 32); in mainloop()
158 add(a1,xzm1b,xzm1b + 32); in mainloop()
159 sub(a1 + 32,xzm1b,xzm1b + 32); in mainloop()
161 square(b0 + 32,a0 + 32); in mainloop()
162 mult(b1,a1,a0 + 32); in mainloop()
163 mult(b1 + 32,a1 + 32,a0); in mainloop()
164 add(c1,b1,b1 + 32); in mainloop()
165 sub(c1 + 32,b1,b1 + 32); in mainloop()
166 square(r,c1 + 32); in mainloop()
167 sub(s,b0,b0 + 32); in mainloop()
170 mult(xznb,b0,b0 + 32); in mainloop()
171 mult(xznb + 32,s,u); in mainloop()
173 mult(xzn1b + 32,r,work); in mainloop()
180 static void recip(unsigned int out[32],const unsigned int z[32]) in recip() argument
182 unsigned int z2[32]; in recip()
183 unsigned int z9[32]; in recip()
184 unsigned int z11[32]; in recip()
185 unsigned int z2_5_0[32]; in recip()
186 unsigned int z2_10_0[32]; in recip()
187 unsigned int z2_20_0[32]; in recip()
188 unsigned int z2_50_0[32]; in recip()
189 unsigned int z2_100_0[32]; in recip()
190 unsigned int t0[32]; in recip()
191 unsigned int t1[32]; in recip()
200 /* 2^5 - 2^0 = 31 */ mult(z2_5_0,t0,z9); in recip()
202 /* 2^6 - 2^1 */ square(t0,z2_5_0); in recip()
203 /* 2^7 - 2^2 */ square(t1,t0); in recip()
204 /* 2^8 - 2^3 */ square(t0,t1); in recip()
205 /* 2^9 - 2^4 */ square(t1,t0); in recip()
206 /* 2^10 - 2^5 */ square(t0,t1); in recip()
207 /* 2^10 - 2^0 */ mult(z2_10_0,t0,z2_5_0); in recip()
209 /* 2^11 - 2^1 */ square(t0,z2_10_0); in recip()
210 /* 2^12 - 2^2 */ square(t1,t0); in recip()
211 /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t0,t1); square(t1,t0); } in recip()
212 /* 2^20 - 2^0 */ mult(z2_20_0,t1,z2_10_0); in recip()
214 /* 2^21 - 2^1 */ square(t0,z2_20_0); in recip()
215 /* 2^22 - 2^2 */ square(t1,t0); in recip()
216 /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { square(t0,t1); square(t1,t0); } in recip()
217 /* 2^40 - 2^0 */ mult(t0,t1,z2_20_0); in recip()
219 /* 2^41 - 2^1 */ square(t1,t0); in recip()
220 /* 2^42 - 2^2 */ square(t0,t1); in recip()
221 /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t1,t0); square(t0,t1); } in recip()
222 /* 2^50 - 2^0 */ mult(z2_50_0,t0,z2_10_0); in recip()
224 /* 2^51 - 2^1 */ square(t0,z2_50_0); in recip()
225 /* 2^52 - 2^2 */ square(t1,t0); in recip()
226 /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } in recip()
227 /* 2^100 - 2^0 */ mult(z2_100_0,t1,z2_50_0); in recip()
229 /* 2^101 - 2^1 */ square(t1,z2_100_0); in recip()
230 /* 2^102 - 2^2 */ square(t0,t1); in recip()
231 /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { square(t1,t0); square(t0,t1); } in recip()
232 /* 2^200 - 2^0 */ mult(t1,t0,z2_100_0); in recip()
234 /* 2^201 - 2^1 */ square(t0,t1); in recip()
235 /* 2^202 - 2^2 */ square(t1,t0); in recip()
236 /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } in recip()
237 /* 2^250 - 2^0 */ mult(t0,t1,z2_50_0); in recip()
239 /* 2^251 - 2^1 */ square(t1,t0); in recip()
240 /* 2^252 - 2^2 */ square(t0,t1); in recip()
241 /* 2^253 - 2^3 */ square(t1,t0); in recip()
242 /* 2^254 - 2^4 */ square(t0,t1); in recip()
243 /* 2^255 - 2^5 */ square(t1,t0); in recip()
244 /* 2^255 - 21 */ mult(out,t1,z11); in recip()
252 unsigned char e[32]; in crypto_scalarmult_curve25519()
254 for (i = 0;i < 32;++i) e[i] = n[i]; in crypto_scalarmult_curve25519()
258 for (i = 0;i < 32;++i) work[i] = p[i]; in crypto_scalarmult_curve25519()
260 recip(work + 32,work + 32); in crypto_scalarmult_curve25519()
261 mult(work + 64,work,work + 32); in crypto_scalarmult_curve25519()
263 for (i = 0;i < 32;++i) q[i] = work[64 + i]; in crypto_scalarmult_curve25519()