Lines Matching +full:- +full:i
5 * Peter Schwabe, Bo-Yin Yang.
6 * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c
21 static crypto_uint32 lt(crypto_uint32 a,crypto_uint32 b) /* 16-bit inputs */ in lt()
24 x -= (unsigned int) b; /* 0..65535: no; 4294901761..4294967295: yes */ in lt()
35 int i; in reduce_add_sub() local
38 for(i=0;i<32;i++) in reduce_add_sub()
40 pb += m[i]; in reduce_add_sub()
41 b = lt(r->v[i],pb); in reduce_add_sub()
42 t[i] = r->v[i]-pb+(b<<8); in reduce_add_sub()
45 mask = b - 1; in reduce_add_sub()
46 for(i=0;i<32;i++) in reduce_add_sub()
47 r->v[i] ^= mask & (r->v[i] ^ t[i]); in reduce_add_sub()
54 int i,j; in barrett_reduce() local
63 for (i = 0;i < 66;++i) q2[i] = 0; in barrett_reduce()
64 for (i = 0;i < 33;++i) r2[i] = 0; in barrett_reduce()
66 for(i=0;i<33;i++) in barrett_reduce()
68 if(i+j >= 31) q2[i+j] += mu[i]*x[j+31]; in barrett_reduce()
74 for(i=0;i<33;i++)r1[i] = x[i]; in barrett_reduce()
75 for(i=0;i<32;i++) in barrett_reduce()
77 if(i+j < 33) r2[i+j] += m[i]*q3[j]; in barrett_reduce()
79 for(i=0;i<32;i++) in barrett_reduce()
81 carry = r2[i] >> 8; in barrett_reduce()
82 r2[i+1] += carry; in barrett_reduce()
83 r2[i] &= 0xff; in barrett_reduce()
86 for(i=0;i<32;i++) in barrett_reduce()
88 pb += r2[i]; in barrett_reduce()
89 b = lt(r1[i],pb); in barrett_reduce()
90 r->v[i] = r1[i]-pb+(b<<8); in barrett_reduce()
104 int i; in sc25519_from32bytes() local
106 for(i=0;i<32;i++) t[i] = x[i]; in sc25519_from32bytes()
107 for(i=32;i<64;++i) t[i] = 0; in sc25519_from32bytes()
113 int i; in shortsc25519_from16bytes() local
114 for(i=0;i<16;i++) r->v[i] = x[i]; in shortsc25519_from16bytes()
119 int i; in sc25519_from64bytes() local
121 for(i=0;i<64;i++) t[i] = x[i]; in sc25519_from64bytes()
127 int i; in sc25519_from_shortsc() local
128 for(i=0;i<16;i++) in sc25519_from_shortsc()
129 r->v[i] = x->v[i]; in sc25519_from_shortsc()
130 for(i=0;i<16;i++) in sc25519_from_shortsc()
131 r->v[16+i] = 0; in sc25519_from_shortsc()
136 int i; in sc25519_to32bytes() local
137 for(i=0;i<32;i++) r[i] = x->v[i]; in sc25519_to32bytes()
142 int i; in sc25519_iszero_vartime() local
143 for(i=0;i<32;i++) in sc25519_iszero_vartime()
144 if(x->v[i] != 0) return 0; in sc25519_iszero_vartime()
150 int i; in sc25519_isshort_vartime() local
151 for(i=31;i>15;i--) in sc25519_isshort_vartime()
152 if(x->v[i] != 0) return 0; in sc25519_isshort_vartime()
158 int i; in sc25519_lt_vartime() local
159 for(i=31;i>=0;i--) in sc25519_lt_vartime()
161 if(x->v[i] < y->v[i]) return 1; in sc25519_lt_vartime()
162 if(x->v[i] > y->v[i]) return 0; in sc25519_lt_vartime()
169 int i, carry; in sc25519_add() local
170 for(i=0;i<32;i++) r->v[i] = x->v[i] + y->v[i]; in sc25519_add()
171 for(i=0;i<31;i++) in sc25519_add()
173 carry = r->v[i] >> 8; in sc25519_add()
174 r->v[i+1] += carry; in sc25519_add()
175 r->v[i] &= 0xff; in sc25519_add()
184 int i; in sc25519_sub_nored() local
185 for(i=0;i<32;i++) in sc25519_sub_nored()
187 t = x->v[i] - y->v[i] - b; in sc25519_sub_nored()
188 r->v[i] = t & 255; in sc25519_sub_nored()
195 int i,j,carry; in sc25519_mul() local
197 for(i=0;i<64;i++)t[i] = 0; in sc25519_mul()
199 for(i=0;i<32;i++) in sc25519_mul()
201 t[i+j] += x->v[i] * y->v[j]; in sc25519_mul()
204 for(i=0;i<63;i++) in sc25519_mul()
206 carry = t[i] >> 8; in sc25519_mul()
207 t[i+1] += carry; in sc25519_mul()
208 t[i] &= 0xff; in sc25519_mul()
224 int i; in sc25519_window3() local
225 for(i=0;i<10;i++) in sc25519_window3()
227 r[8*i+0] = s->v[3*i+0] & 7; in sc25519_window3()
228 r[8*i+1] = (s->v[3*i+0] >> 3) & 7; in sc25519_window3()
229 r[8*i+2] = (s->v[3*i+0] >> 6) & 7; in sc25519_window3()
230 r[8*i+2] ^= (s->v[3*i+1] << 2) & 7; in sc25519_window3()
231 r[8*i+3] = (s->v[3*i+1] >> 1) & 7; in sc25519_window3()
232 r[8*i+4] = (s->v[3*i+1] >> 4) & 7; in sc25519_window3()
233 r[8*i+5] = (s->v[3*i+1] >> 7) & 7; in sc25519_window3()
234 r[8*i+5] ^= (s->v[3*i+2] << 1) & 7; in sc25519_window3()
235 r[8*i+6] = (s->v[3*i+2] >> 2) & 7; in sc25519_window3()
236 r[8*i+7] = (s->v[3*i+2] >> 5) & 7; in sc25519_window3()
238 r[8*i+0] = s->v[3*i+0] & 7; in sc25519_window3()
239 r[8*i+1] = (s->v[3*i+0] >> 3) & 7; in sc25519_window3()
240 r[8*i+2] = (s->v[3*i+0] >> 6) & 7; in sc25519_window3()
241 r[8*i+2] ^= (s->v[3*i+1] << 2) & 7; in sc25519_window3()
242 r[8*i+3] = (s->v[3*i+1] >> 1) & 7; in sc25519_window3()
243 r[8*i+4] = (s->v[3*i+1] >> 4) & 7; in sc25519_window3()
247 for(i=0;i<84;i++) in sc25519_window3()
249 r[i] += carry; in sc25519_window3()
250 r[i+1] += r[i] >> 3; in sc25519_window3()
251 r[i] &= 7; in sc25519_window3()
252 carry = r[i] >> 2; in sc25519_window3()
253 r[i] -= carry<<3; in sc25519_window3()
261 int i; in sc25519_window5() local
262 for(i=0;i<6;i++) in sc25519_window5()
264 r[8*i+0] = s->v[5*i+0] & 31; in sc25519_window5()
265 r[8*i+1] = (s->v[5*i+0] >> 5) & 31; in sc25519_window5()
266 r[8*i+1] ^= (s->v[5*i+1] << 3) & 31; in sc25519_window5()
267 r[8*i+2] = (s->v[5*i+1] >> 2) & 31; in sc25519_window5()
268 r[8*i+3] = (s->v[5*i+1] >> 7) & 31; in sc25519_window5()
269 r[8*i+3] ^= (s->v[5*i+2] << 1) & 31; in sc25519_window5()
270 r[8*i+4] = (s->v[5*i+2] >> 4) & 31; in sc25519_window5()
271 r[8*i+4] ^= (s->v[5*i+3] << 4) & 31; in sc25519_window5()
272 r[8*i+5] = (s->v[5*i+3] >> 1) & 31; in sc25519_window5()
273 r[8*i+6] = (s->v[5*i+3] >> 6) & 31; in sc25519_window5()
274 r[8*i+6] ^= (s->v[5*i+4] << 2) & 31; in sc25519_window5()
275 r[8*i+7] = (s->v[5*i+4] >> 3) & 31; in sc25519_window5()
277 r[8*i+0] = s->v[5*i+0] & 31; in sc25519_window5()
278 r[8*i+1] = (s->v[5*i+0] >> 5) & 31; in sc25519_window5()
279 r[8*i+1] ^= (s->v[5*i+1] << 3) & 31; in sc25519_window5()
280 r[8*i+2] = (s->v[5*i+1] >> 2) & 31; in sc25519_window5()
284 for(i=0;i<50;i++) in sc25519_window5()
286 r[i] += carry; in sc25519_window5()
287 r[i+1] += r[i] >> 5; in sc25519_window5()
288 r[i] &= 31; in sc25519_window5()
289 carry = r[i] >> 4; in sc25519_window5()
290 r[i] -= carry<<5; in sc25519_window5()
297 int i; in sc25519_2interleave2() local
298 for(i=0;i<31;i++) in sc25519_2interleave2()
300 r[4*i] = ( s1->v[i] & 3) ^ (( s2->v[i] & 3) << 2); in sc25519_2interleave2()
301 r[4*i+1] = ((s1->v[i] >> 2) & 3) ^ (((s2->v[i] >> 2) & 3) << 2); in sc25519_2interleave2()
302 r[4*i+2] = ((s1->v[i] >> 4) & 3) ^ (((s2->v[i] >> 4) & 3) << 2); in sc25519_2interleave2()
303 r[4*i+3] = ((s1->v[i] >> 6) & 3) ^ (((s2->v[i] >> 6) & 3) << 2); in sc25519_2interleave2()
305 r[124] = ( s1->v[31] & 3) ^ (( s2->v[31] & 3) << 2); in sc25519_2interleave2()
306 r[125] = ((s1->v[31] >> 2) & 3) ^ (((s2->v[31] >> 2) & 3) << 2); in sc25519_2interleave2()
307 r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2); in sc25519_2interleave2()