search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Correct PPTP server firewall rules chain.
[tomato/davidwu.git] / release / src / router / nettle / x86_64 / ecc-384-modp.asm
blob698838fd781ae8276c5e0dba12da24e5b78fd219
1 C nettle, low-level cryptographics library
2 C
3 C Copyright (C) 2013 Niels Möller
4 C
5 C The nettle library is free software; you can redistribute it and/or modify
6 C it under the terms of the GNU Lesser General Public License as published by
7 C the Free Software Foundation; either version 2.1 of the License, or (at your
8 C option) any later version.
9 C
10 C The nettle library is distributed in the hope that it will be useful, but
11 C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
13 C License for more details.
14 C
15 C You should have received a copy of the GNU Lesser General Public License
16 C along with the nettle library; see the file COPYING.LIB. If not, write to
17 C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
18 C MA 02111-1301, USA.
19
20 .file "ecc-384-modp.asm"
21
22 define(<RP>, <%rsi>)
23 define(<D4>, <%rax>)
24 define(<T0>, <%rbx>)
25 define(<T1>, <%rcx>)
26 define(<T2>, <%rdx>)
27 define(<T3>, <%rbp>)
28 define(<T4>, <%rdi>)
29 define(<T5>, <%r8>)
30 define(<H0>, <%r9>)
31 define(<H1>, <%r10>)
32 define(<H2>, <%r11>)
33 define(<H3>, <%r12>)
34 define(<H4>, <%r13>)
35 define(<H5>, <%r14>)
36 define(<C2>, <%r15>)
37 define(<C0>, H5) C Overlap
38 define(<D0>, RP) C Overlap
39 define(<TMP>, H4) C Overlap
40
41 PROLOGUE(nettle_ecc_384_modp)
42 W64_ENTRY(2, 0)
43
44 push %rbx
45 push %rbp
46 push %r12
47 push %r13
48 push %r14
49 push %r15
50
51 C First get top 2 limbs, which need folding twice
52 C
53 C H5 H4
54 C -H5
55 C ------
56 C H0 D4
57 C
58 C Then shift right, (H1,H0,D4) <-- (H0,D4) << 32
59 C and add
60 C
61 C H5 H4
62 C H1 H0
63 C ----------
64 C C2 H1 H0
65
66 mov 80(RP), D4
67 mov 88(RP), H0
68 mov D4, H4
69 mov H0, H5
70 sub H0, D4
71 sbb $0, H0
72
73 mov D4, T2
74 mov H0, H1
75 shl $32, H0
76 shr $32, T2
77 shr $32, H1
78 or T2, H0
79
80 xor C2, C2
81 add H4, H0
82 adc H5, H1
83 adc $0, C2
84
85 C Add in to high part
86 add 48(RP), H0
87 adc 56(RP), H1
88 adc $0, C2 C Do C2 later
89
90 C +1 term
91 mov (RP), T0
92 add H0, T0
93 mov 8(RP), T1
94 adc H1, T1
95 mov 16(RP), T2
96 mov 64(RP), H2
97 adc H2, T2
98 mov 24(RP), T3
99 mov 72(RP), H3
100 adc H3, T3
101 mov 32(RP), T4
102 adc H4, T4
103 mov 40(RP), T5
104 adc H5, T5
105 sbb C0, C0
106 neg C0 C FIXME: Switch sign of C0?
107
108 push RP
109
110 C +B^2 term
111 add H0, T2
112 adc H1, T3
113 adc H2, T4
114 adc H3, T5
115 adc $0, C0
116
117 C H3 H2 H1 H0 0
118 C - H4 H3 H2 H1 H0
119 C ---------------
120 C H3 H2 H1 H0 D0
121
122 mov XREG(D4), XREG(D4)
123 mov H0, D0
124 neg D0
125 sbb H1, H0
126 sbb H2, H1
127 sbb H3, H2
128 sbb H4, H3
129 sbb $0, D4
130
131 C Shift right. High bits are sign, to be added to C0.
132 mov D4, TMP
133 sar $32, TMP
134 shl $32, D4
135 add TMP, C0
136
137 mov H3, TMP
138 shr $32, TMP
139 shl $32, H3
140 or TMP, D4
141
142 mov H2, TMP
143 shr $32, TMP
144 shl $32, H2
145 or TMP, H3
146
147 mov H1, TMP
148 shr $32, TMP
149 shl $32, H1
150 or TMP, H2
151
152 mov H0, TMP
153 shr $32, TMP
154 shl $32, H0
155 or TMP, H1
156
157 mov D0, TMP
158 shr $32, TMP
159 shl $32, D0
160 or TMP, H0
161
162 add D0, T0
163 adc H0, T1
164 adc H1, T2
165 adc H2, T3
166 adc H3, T4
167 adc D4, T5
168 adc $0, C0
169
170 C Remains to add in C2 and C0
171 C C0 C0<<32 (-2^32+1)C0
172 C C2 C2<<32 (-2^32+1)C2
173 C where C2 is always positive, while C0 may be -1.
174 mov C0, H0
175 mov C0, H1
176 mov C0, H2
177 sar $63, C0 C Get sign
178 shl $32, H1
179 sub H1, H0 C Gives borrow iff C0 > 0
180 sbb $0, H1
181 add C0, H2
182
183 add H0, T0
184 adc H1, T1
185 adc $0, H2
186 adc $0, C0
187
188 C Set (H1 H0) <-- C2 << 96 - C2 << 32 + 1
189 mov C2, H0
190 mov C2, H1
191 shl $32, H1
192 sub H1, H0
193 sbb $0, H1
194
195 add H2, H0
196 adc C0, H1
197 adc C2, C0
198 mov C0, H2
199 sar $63, C0
200 add H0, T2
201 adc H1, T3
202 adc H2, T4
203 adc C0, T5
204 sbb C0, C0
205
206 C Final unlikely carry
207 mov C0, H0
208 mov C0, H1
209 mov C0, H2
210 sar $63, C0
211 shl $32, H1
212 sub H1, H0
213 sbb $0, H1
214 add C0, H2
215
216 pop RP
217
218 sub H0, T0
219 mov T0, (RP)
220 sbb H1, T1
221 mov T1, 8(RP)
222 sbb H2, T2
223 mov T2, 16(RP)
224 sbb C0, T3
225 mov T3, 24(RP)
226 sbb C0, T4
227 mov T4, 32(RP)
228 sbb C0, T5
229 mov T5, 40(RP)
230
231 pop %r15
232 pop %r14
233 pop %r13
234 pop %r12
235 pop %rbp
236 pop %rbx
237
238 W64_EXIT(2, 0)
239 ret
240 EPILOGUE(nettle_ecc_384_modp)