1 C nettle, low-level cryptographics library
3 C Copyright (C) 2013 Niels Möller
5 C The nettle library is free software; you can redistribute it and/or modify
6 C it under the terms of the GNU Lesser General Public License as published by
7 C the Free Software Foundation; either version 2.1 of the License, or (at your
8 C option) any later version.
10 C The nettle library is distributed in the hope that it will be useful, but
11 C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
13 C License for more details.
15 C You should have received a copy of the GNU Lesser General Public License
16 C along with the nettle library; see the file COPYING.LIB. If not, write to
17 C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
20 .file "ecc-384-modp.asm"
37 define(<C0>, H5) C Overlap
38 define(<D0>, RP) C Overlap
39 define(<TMP>, H4) C Overlap
41 PROLOGUE(nettle_ecc_384_modp)
51 C First get top 2 limbs, which need folding twice
58 C Then shift right, (H1,H0,D4) <-- (H0,D4) << 32
88 adc $0, C2 C Do C2 later
106 neg C0 C FIXME: Switch sign of C0?
122 mov XREG(D4), XREG(D4)
131 C Shift right. High bits are sign, to be added to C0.
170 C Remains to add in C2 and C0
171 C C0 C0<<32 (-2^32+1)C0
172 C C2 C2<<32 (-2^32+1)C2
173 C where C2 is always positive, while C0 may be -1.
177 sar $63, C0 C Get sign
179 sub H1, H0 C Gives borrow iff C0 > 0
188 C Set (H1 H0) <-- C2 << 96 - C2 << 32 + 1
206 C Final unlikely carry
240 EPILOGUE(nettle_ecc_384_modp)