diff options
author | irungentoo <irungentoo@gmail.com> | 2013-07-02 09:53:34 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-07-02 09:53:34 -0400 |
commit | e2967396ac73cb7410787886cdaf072a184ffc49 (patch) | |
tree | 527a74d25a4a0705fc641994fd35bfab22662034 /nacl/crypto_scalarmult | |
parent | 8928c817df345f29aa0b194743595aa11bd6a8ba (diff) |
Added NaCl crypto library.
Diffstat (limited to 'nacl/crypto_scalarmult')
25 files changed, 6249 insertions, 0 deletions
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/api.h b/nacl/crypto_scalarmult/curve25519/athlon/api.h new file mode 100644 index 00000000..60339596 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/api.h | |||
@@ -0,0 +1,2 @@ | |||
1 | #define CRYPTO_BYTES 32 | ||
2 | #define CRYPTO_SCALARBYTES 32 | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/base.c b/nacl/crypto_scalarmult/curve25519/athlon/base.c new file mode 100644 index 00000000..dde929ec --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/base.c | |||
@@ -0,0 +1,8 @@ | |||
1 | #include "crypto_scalarmult.h" | ||
2 | |||
3 | static char basepoint[32] = {9}; | ||
4 | |||
5 | int crypto_scalarmult_base(unsigned char *q,const unsigned char *n) | ||
6 | { | ||
7 | return crypto_scalarmult(q,n,basepoint); | ||
8 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/const.s b/nacl/crypto_scalarmult/curve25519/athlon/const.s new file mode 100644 index 00000000..9042c2fb --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/const.s | |||
@@ -0,0 +1,114 @@ | |||
1 | .data | ||
2 | .section .rodata | ||
3 | .p2align 5 | ||
4 | |||
5 | .globl crypto_scalarmult_curve25519_athlon_scale | ||
6 | .globl crypto_scalarmult_curve25519_athlon_121665 | ||
7 | .globl crypto_scalarmult_curve25519_athlon_alpha26 | ||
8 | .globl crypto_scalarmult_curve25519_athlon_alpha51 | ||
9 | .globl crypto_scalarmult_curve25519_athlon_alpha77 | ||
10 | .globl crypto_scalarmult_curve25519_athlon_alpha102 | ||
11 | .globl crypto_scalarmult_curve25519_athlon_alpha128 | ||
12 | .globl crypto_scalarmult_curve25519_athlon_alpha153 | ||
13 | .globl crypto_scalarmult_curve25519_athlon_alpha179 | ||
14 | .globl crypto_scalarmult_curve25519_athlon_alpha204 | ||
15 | .globl crypto_scalarmult_curve25519_athlon_alpha230 | ||
16 | .globl crypto_scalarmult_curve25519_athlon_alpha255 | ||
17 | .globl crypto_scalarmult_curve25519_athlon_in0offset | ||
18 | .globl crypto_scalarmult_curve25519_athlon_in1offset | ||
19 | .globl crypto_scalarmult_curve25519_athlon_in2offset | ||
20 | .globl crypto_scalarmult_curve25519_athlon_in3offset | ||
21 | .globl crypto_scalarmult_curve25519_athlon_in4offset | ||
22 | .globl crypto_scalarmult_curve25519_athlon_in5offset | ||
23 | .globl crypto_scalarmult_curve25519_athlon_in6offset | ||
24 | .globl crypto_scalarmult_curve25519_athlon_in7offset | ||
25 | .globl crypto_scalarmult_curve25519_athlon_in8offset | ||
26 | .globl crypto_scalarmult_curve25519_athlon_in9offset | ||
27 | .globl crypto_scalarmult_curve25519_athlon_out0offset | ||
28 | .globl crypto_scalarmult_curve25519_athlon_out1offset | ||
29 | .globl crypto_scalarmult_curve25519_athlon_out2offset | ||
30 | .globl crypto_scalarmult_curve25519_athlon_out3offset | ||
31 | .globl crypto_scalarmult_curve25519_athlon_out4offset | ||
32 | .globl crypto_scalarmult_curve25519_athlon_out5offset | ||
33 | .globl crypto_scalarmult_curve25519_athlon_out6offset | ||
34 | .globl crypto_scalarmult_curve25519_athlon_out7offset | ||
35 | .globl crypto_scalarmult_curve25519_athlon_out8offset | ||
36 | .globl crypto_scalarmult_curve25519_athlon_out9offset | ||
37 | .globl crypto_scalarmult_curve25519_athlon_two0 | ||
38 | .globl crypto_scalarmult_curve25519_athlon_two1 | ||
39 | .globl crypto_scalarmult_curve25519_athlon_zero | ||
40 | .globl crypto_scalarmult_curve25519_athlon_rounding | ||
41 | |||
42 | crypto_scalarmult_curve25519_athlon_scale: | ||
43 | .long 0x0,0x30430000 | ||
44 | crypto_scalarmult_curve25519_athlon_121665: | ||
45 | .long 0x0,0x40fdb410 | ||
46 | crypto_scalarmult_curve25519_athlon_in0offset: | ||
47 | .long 0x0,0x43300000 | ||
48 | crypto_scalarmult_curve25519_athlon_in1offset: | ||
49 | .long 0x0,0x45300000 | ||
50 | crypto_scalarmult_curve25519_athlon_in2offset: | ||
51 | .long 0x0,0x46b00000 | ||
52 | crypto_scalarmult_curve25519_athlon_in3offset: | ||
53 | .long 0x0,0x48300000 | ||
54 | crypto_scalarmult_curve25519_athlon_in4offset: | ||
55 | .long 0x0,0x49b00000 | ||
56 | crypto_scalarmult_curve25519_athlon_in5offset: | ||
57 | .long 0x0,0x4b300000 | ||
58 | crypto_scalarmult_curve25519_athlon_in6offset: | ||
59 | .long 0x0,0x4d300000 | ||
60 | crypto_scalarmult_curve25519_athlon_in7offset: | ||
61 | .long 0x0,0x4eb00000 | ||
62 | crypto_scalarmult_curve25519_athlon_in8offset: | ||
63 | .long 0x0,0x50300000 | ||
64 | crypto_scalarmult_curve25519_athlon_in9offset: | ||
65 | .long 0x0,0x51b00000 | ||
66 | crypto_scalarmult_curve25519_athlon_alpha26: | ||
67 | .long 0x0,0x45880000 | ||
68 | crypto_scalarmult_curve25519_athlon_alpha51: | ||
69 | .long 0x0,0x47180000 | ||
70 | crypto_scalarmult_curve25519_athlon_alpha77: | ||
71 | .long 0x0,0x48b80000 | ||
72 | crypto_scalarmult_curve25519_athlon_alpha102: | ||
73 | .long 0x0,0x4a480000 | ||
74 | crypto_scalarmult_curve25519_athlon_alpha128: | ||
75 | .long 0x0,0x4be80000 | ||
76 | crypto_scalarmult_curve25519_athlon_alpha153: | ||
77 | .long 0x0,0x4d780000 | ||
78 | crypto_scalarmult_curve25519_athlon_alpha179: | ||
79 | .long 0x0,0x4f180000 | ||
80 | crypto_scalarmult_curve25519_athlon_alpha204: | ||
81 | .long 0x0,0x50a80000 | ||
82 | crypto_scalarmult_curve25519_athlon_alpha230: | ||
83 | .long 0x0,0x52480000 | ||
84 | crypto_scalarmult_curve25519_athlon_alpha255: | ||
85 | .long 0x0,0x53d80000 | ||
86 | crypto_scalarmult_curve25519_athlon_two0: | ||
87 | .long 0x0,0x3ff00000 | ||
88 | crypto_scalarmult_curve25519_athlon_two1: | ||
89 | .long 0x0,0x40000000 | ||
90 | crypto_scalarmult_curve25519_athlon_zero: | ||
91 | .long 0x0,0x0 | ||
92 | crypto_scalarmult_curve25519_athlon_out0offset: | ||
93 | .long 0x1fffffed,0x43380000 | ||
94 | crypto_scalarmult_curve25519_athlon_out1offset: | ||
95 | .long 0xffffff8,0x44d80000 | ||
96 | crypto_scalarmult_curve25519_athlon_out2offset: | ||
97 | .long 0x1ffffff8,0x46680000 | ||
98 | crypto_scalarmult_curve25519_athlon_out3offset: | ||
99 | .long 0xffffff8,0x48080000 | ||
100 | crypto_scalarmult_curve25519_athlon_out4offset: | ||
101 | .long 0x1ffffff8,0x49980000 | ||
102 | crypto_scalarmult_curve25519_athlon_out5offset: | ||
103 | .long 0xffffff8,0x4b380000 | ||
104 | crypto_scalarmult_curve25519_athlon_out6offset: | ||
105 | .long 0x1ffffff8,0x4cc80000 | ||
106 | crypto_scalarmult_curve25519_athlon_out7offset: | ||
107 | .long 0xffffff8,0x4e680000 | ||
108 | crypto_scalarmult_curve25519_athlon_out8offset: | ||
109 | .long 0x1ffffff8,0x4ff80000 | ||
110 | crypto_scalarmult_curve25519_athlon_out9offset: | ||
111 | .long 0x1fffff8,0x51980000 | ||
112 | crypto_scalarmult_curve25519_athlon_rounding: | ||
113 | .byte 0x7f | ||
114 | .byte 0x13 | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/fromdouble.s b/nacl/crypto_scalarmult/curve25519/athlon/fromdouble.s new file mode 100644 index 00000000..221ca35f --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/fromdouble.s | |||
@@ -0,0 +1,195 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_fromdouble | ||
4 | .globl crypto_scalarmult_curve25519_athlon_fromdouble | ||
5 | _crypto_scalarmult_curve25519_athlon_fromdouble: | ||
6 | crypto_scalarmult_curve25519_athlon_fromdouble: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $192,%eax | ||
10 | sub %eax,%esp | ||
11 | movl %ebp,0(%esp) | ||
12 | movl 8(%esp,%eax),%ecx | ||
13 | fldl 0(%ecx) | ||
14 | faddl crypto_scalarmult_curve25519_athlon_out0offset | ||
15 | fstpl 96(%esp) | ||
16 | fldl 8(%ecx) | ||
17 | faddl crypto_scalarmult_curve25519_athlon_out1offset | ||
18 | fstpl 104(%esp) | ||
19 | fldl 16(%ecx) | ||
20 | faddl crypto_scalarmult_curve25519_athlon_out2offset | ||
21 | fstpl 112(%esp) | ||
22 | fldl 24(%ecx) | ||
23 | faddl crypto_scalarmult_curve25519_athlon_out3offset | ||
24 | fstpl 120(%esp) | ||
25 | fldl 32(%ecx) | ||
26 | faddl crypto_scalarmult_curve25519_athlon_out4offset | ||
27 | fstpl 128(%esp) | ||
28 | fldl 40(%ecx) | ||
29 | faddl crypto_scalarmult_curve25519_athlon_out5offset | ||
30 | fstpl 136(%esp) | ||
31 | fldl 48(%ecx) | ||
32 | faddl crypto_scalarmult_curve25519_athlon_out6offset | ||
33 | fstpl 144(%esp) | ||
34 | fldl 56(%ecx) | ||
35 | faddl crypto_scalarmult_curve25519_athlon_out7offset | ||
36 | fstpl 152(%esp) | ||
37 | fldl 64(%ecx) | ||
38 | faddl crypto_scalarmult_curve25519_athlon_out8offset | ||
39 | fstpl 160(%esp) | ||
40 | fldl 72(%ecx) | ||
41 | faddl crypto_scalarmult_curve25519_athlon_out9offset | ||
42 | fstpl 168(%esp) | ||
43 | movl 96(%esp),%ecx | ||
44 | movl %ecx,4(%esp) | ||
45 | movl 104(%esp),%ecx | ||
46 | shl $26,%ecx | ||
47 | movl %ecx,40(%esp) | ||
48 | movl 104(%esp),%ecx | ||
49 | shr $6,%ecx | ||
50 | movl %ecx,8(%esp) | ||
51 | movl 112(%esp),%ecx | ||
52 | shl $19,%ecx | ||
53 | movl %ecx,44(%esp) | ||
54 | movl 112(%esp),%ecx | ||
55 | shr $13,%ecx | ||
56 | movl %ecx,12(%esp) | ||
57 | movl 120(%esp),%ecx | ||
58 | shl $13,%ecx | ||
59 | movl %ecx,48(%esp) | ||
60 | movl 120(%esp),%ecx | ||
61 | shr $19,%ecx | ||
62 | movl %ecx,16(%esp) | ||
63 | movl 128(%esp),%ecx | ||
64 | shl $6,%ecx | ||
65 | movl %ecx,52(%esp) | ||
66 | movl 128(%esp),%ecx | ||
67 | shr $26,%ecx | ||
68 | movl 136(%esp),%edx | ||
69 | add %edx,%ecx | ||
70 | movl %ecx,20(%esp) | ||
71 | movl 144(%esp),%ecx | ||
72 | shl $25,%ecx | ||
73 | movl %ecx,56(%esp) | ||
74 | movl 144(%esp),%ecx | ||
75 | shr $7,%ecx | ||
76 | movl %ecx,24(%esp) | ||
77 | movl 152(%esp),%ecx | ||
78 | shl $19,%ecx | ||
79 | movl %ecx,60(%esp) | ||
80 | movl 152(%esp),%ecx | ||
81 | shr $13,%ecx | ||
82 | movl %ecx,28(%esp) | ||
83 | movl 160(%esp),%ecx | ||
84 | shl $12,%ecx | ||
85 | movl %ecx,64(%esp) | ||
86 | movl 160(%esp),%ecx | ||
87 | shr $20,%ecx | ||
88 | movl %ecx,32(%esp) | ||
89 | movl 168(%esp),%ecx | ||
90 | shl $6,%ecx | ||
91 | movl %ecx,68(%esp) | ||
92 | movl 168(%esp),%ecx | ||
93 | shr $26,%ecx | ||
94 | movl %ecx,36(%esp) | ||
95 | mov $0,%ecx | ||
96 | movl %ecx,72(%esp) | ||
97 | movl 4(%esp),%ecx | ||
98 | addl 40(%esp),%ecx | ||
99 | movl %ecx,4(%esp) | ||
100 | movl 8(%esp),%ecx | ||
101 | adcl 44(%esp),%ecx | ||
102 | movl %ecx,8(%esp) | ||
103 | movl 12(%esp),%ecx | ||
104 | adcl 48(%esp),%ecx | ||
105 | movl %ecx,12(%esp) | ||
106 | movl 16(%esp),%ecx | ||
107 | adcl 52(%esp),%ecx | ||
108 | movl %ecx,16(%esp) | ||
109 | movl 20(%esp),%ecx | ||
110 | adcl 56(%esp),%ecx | ||
111 | movl %ecx,20(%esp) | ||
112 | movl 24(%esp),%ecx | ||
113 | adcl 60(%esp),%ecx | ||
114 | movl %ecx,24(%esp) | ||
115 | movl 28(%esp),%ecx | ||
116 | adcl 64(%esp),%ecx | ||
117 | movl %ecx,28(%esp) | ||
118 | movl 32(%esp),%ecx | ||
119 | adcl 68(%esp),%ecx | ||
120 | movl %ecx,32(%esp) | ||
121 | movl 36(%esp),%ecx | ||
122 | adcl 72(%esp),%ecx | ||
123 | movl %ecx,36(%esp) | ||
124 | movl 4(%esp),%ecx | ||
125 | adc $0x13,%ecx | ||
126 | movl %ecx,40(%esp) | ||
127 | movl 8(%esp),%ecx | ||
128 | adc $0,%ecx | ||
129 | movl %ecx,44(%esp) | ||
130 | movl 12(%esp),%ecx | ||
131 | adc $0,%ecx | ||
132 | movl %ecx,48(%esp) | ||
133 | movl 16(%esp),%ecx | ||
134 | adc $0,%ecx | ||
135 | movl %ecx,52(%esp) | ||
136 | movl 20(%esp),%ecx | ||
137 | adc $0,%ecx | ||
138 | movl %ecx,56(%esp) | ||
139 | movl 24(%esp),%ecx | ||
140 | adc $0,%ecx | ||
141 | movl %ecx,60(%esp) | ||
142 | movl 28(%esp),%ecx | ||
143 | adc $0,%ecx | ||
144 | movl %ecx,64(%esp) | ||
145 | movl 32(%esp),%ecx | ||
146 | adc $0x80000000,%ecx | ||
147 | movl %ecx,68(%esp) | ||
148 | movl 36(%esp),%ebp | ||
149 | adc $0xffffffff,%ebp | ||
150 | and $0x80000000,%ebp | ||
151 | sar $31,%ebp | ||
152 | movl 4(%esp,%eax),%ecx | ||
153 | movl 4(%esp),%edx | ||
154 | xorl 40(%esp),%edx | ||
155 | and %ebp,%edx | ||
156 | xorl 40(%esp),%edx | ||
157 | movl %edx,0(%ecx) | ||
158 | movl 8(%esp),%edx | ||
159 | xorl 44(%esp),%edx | ||
160 | and %ebp,%edx | ||
161 | xorl 44(%esp),%edx | ||
162 | movl %edx,4(%ecx) | ||
163 | movl 12(%esp),%edx | ||
164 | xorl 48(%esp),%edx | ||
165 | and %ebp,%edx | ||
166 | xorl 48(%esp),%edx | ||
167 | movl %edx,8(%ecx) | ||
168 | movl 16(%esp),%edx | ||
169 | xorl 52(%esp),%edx | ||
170 | and %ebp,%edx | ||
171 | xorl 52(%esp),%edx | ||
172 | movl %edx,12(%ecx) | ||
173 | movl 20(%esp),%edx | ||
174 | xorl 56(%esp),%edx | ||
175 | and %ebp,%edx | ||
176 | xorl 56(%esp),%edx | ||
177 | movl %edx,16(%ecx) | ||
178 | movl 24(%esp),%edx | ||
179 | xorl 60(%esp),%edx | ||
180 | and %ebp,%edx | ||
181 | xorl 60(%esp),%edx | ||
182 | movl %edx,20(%ecx) | ||
183 | movl 28(%esp),%edx | ||
184 | xorl 64(%esp),%edx | ||
185 | and %ebp,%edx | ||
186 | xorl 64(%esp),%edx | ||
187 | movl %edx,24(%ecx) | ||
188 | movl 32(%esp),%edx | ||
189 | xorl 68(%esp),%edx | ||
190 | and %ebp,%edx | ||
191 | xorl 68(%esp),%edx | ||
192 | movl %edx,28(%ecx) | ||
193 | movl 0(%esp),%ebp | ||
194 | add %eax,%esp | ||
195 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/implementors b/nacl/crypto_scalarmult/curve25519/athlon/implementors new file mode 100644 index 00000000..f6fb3c73 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/implementors | |||
@@ -0,0 +1 @@ | |||
Daniel J. Bernstein | |||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/init.s b/nacl/crypto_scalarmult/curve25519/athlon/init.s new file mode 100644 index 00000000..edd3c589 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/init.s | |||
@@ -0,0 +1,13 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_init | ||
4 | .globl crypto_scalarmult_curve25519_athlon_init | ||
5 | _crypto_scalarmult_curve25519_athlon_init: | ||
6 | crypto_scalarmult_curve25519_athlon_init: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $0,%eax | ||
10 | sub %eax,%esp | ||
11 | fldcw crypto_scalarmult_curve25519_athlon_rounding | ||
12 | add %eax,%esp | ||
13 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/mainloop.s b/nacl/crypto_scalarmult/curve25519/athlon/mainloop.s new file mode 100644 index 00000000..47412905 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/mainloop.s | |||
@@ -0,0 +1,3990 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_mainloop | ||
4 | .globl crypto_scalarmult_curve25519_athlon_mainloop | ||
5 | _crypto_scalarmult_curve25519_athlon_mainloop: | ||
6 | crypto_scalarmult_curve25519_athlon_mainloop: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $704,%eax | ||
10 | sub %eax,%esp | ||
11 | lea 256(%esp),%edx | ||
12 | lea 512(%esp),%ecx | ||
13 | fldl crypto_scalarmult_curve25519_athlon_two0 | ||
14 | fldl crypto_scalarmult_curve25519_athlon_zero | ||
15 | movl %eax,160(%ecx) | ||
16 | movl %ebx,164(%ecx) | ||
17 | movl %esi,168(%ecx) | ||
18 | movl %edi,172(%ecx) | ||
19 | movl %ebp,176(%ecx) | ||
20 | movl 4(%esp,%eax),%ebx | ||
21 | fxch %st(1) | ||
22 | fstl 0(%esp) | ||
23 | fxch %st(1) | ||
24 | fstl 8(%esp) | ||
25 | fstl 16(%esp) | ||
26 | fstl 24(%esp) | ||
27 | fstl 32(%esp) | ||
28 | fstl 40(%esp) | ||
29 | fstl 48(%esp) | ||
30 | fstl -120(%edx) | ||
31 | fstl -112(%edx) | ||
32 | fstl -104(%edx) | ||
33 | fstl -96(%edx) | ||
34 | fstl -88(%edx) | ||
35 | fstl -80(%edx) | ||
36 | fstl -72(%edx) | ||
37 | fstl -64(%edx) | ||
38 | fstl -56(%edx) | ||
39 | fstl -48(%edx) | ||
40 | fstl -40(%edx) | ||
41 | fstl -32(%edx) | ||
42 | fstl -24(%edx) | ||
43 | fxch %st(1) | ||
44 | fstpl 64(%edx) | ||
45 | fstl 72(%edx) | ||
46 | fstl 80(%edx) | ||
47 | fstl 88(%edx) | ||
48 | fstl 96(%edx) | ||
49 | fstl 104(%edx) | ||
50 | fstl 112(%edx) | ||
51 | fstl 120(%edx) | ||
52 | fstl -128(%ecx) | ||
53 | fstpl -120(%ecx) | ||
54 | fldl 0(%ebx) | ||
55 | fldl 8(%ebx) | ||
56 | fldl 16(%ebx) | ||
57 | fldl 24(%ebx) | ||
58 | fxch %st(3) | ||
59 | fstl -16(%edx) | ||
60 | fstpl 56(%esp) | ||
61 | fldl 32(%ebx) | ||
62 | fxch %st(2) | ||
63 | fstl -8(%edx) | ||
64 | fstpl 64(%esp) | ||
65 | fldl 40(%ebx) | ||
66 | fxch %st(1) | ||
67 | fstl 0(%edx) | ||
68 | fstpl 72(%esp) | ||
69 | fldl 48(%ebx) | ||
70 | fxch %st(3) | ||
71 | fstl 8(%edx) | ||
72 | fstpl 80(%esp) | ||
73 | fldl 56(%ebx) | ||
74 | fxch %st(2) | ||
75 | fstl 16(%edx) | ||
76 | fstpl 88(%esp) | ||
77 | fldl 64(%ebx) | ||
78 | fxch %st(1) | ||
79 | fstl 24(%edx) | ||
80 | fstpl 96(%esp) | ||
81 | fldl 72(%ebx) | ||
82 | fxch %st(3) | ||
83 | fstl 32(%edx) | ||
84 | fstpl 104(%esp) | ||
85 | fxch %st(1) | ||
86 | fstl 40(%edx) | ||
87 | fstpl 112(%esp) | ||
88 | fstl 48(%edx) | ||
89 | fstpl 120(%esp) | ||
90 | fstl 56(%edx) | ||
91 | fstpl -128(%edx) | ||
92 | movl 8(%esp,%eax),%ebx | ||
93 | mov $28,%edi | ||
94 | mov $31,%ebp | ||
95 | movl 28(%ebx),%esi | ||
96 | rol $1,%esi | ||
97 | ._morebytes: | ||
98 | movl %edi,188(%ecx) | ||
99 | ._morebits: | ||
100 | rol $1,%esi | ||
101 | movl %esi,180(%ecx) | ||
102 | movl %ebp,184(%ecx) | ||
103 | and $1,%esi | ||
104 | movl $0x43300000,-108(%ecx) | ||
105 | movl %esi,-112(%ecx) | ||
106 | fldl -96(%edx) | ||
107 | fldl 0(%esp) | ||
108 | fadd %st(0),%st(1) | ||
109 | fsubl -96(%edx) | ||
110 | fldl 64(%edx) | ||
111 | fldl -16(%edx) | ||
112 | fadd %st(0),%st(1) | ||
113 | fsubl 64(%edx) | ||
114 | fldl -88(%edx) | ||
115 | fldl 8(%esp) | ||
116 | fadd %st(0),%st(1) | ||
117 | fsubl -88(%edx) | ||
118 | fxch %st(5) | ||
119 | fstpl 0(%esp) | ||
120 | fxch %st(3) | ||
121 | fstpl -96(%edx) | ||
122 | fldl 72(%edx) | ||
123 | fldl -8(%edx) | ||
124 | fadd %st(0),%st(1) | ||
125 | fsubl 72(%edx) | ||
126 | fxch %st(3) | ||
127 | fstpl -16(%edx) | ||
128 | fxch %st(1) | ||
129 | fstpl 64(%edx) | ||
130 | fldl -80(%edx) | ||
131 | fldl 16(%esp) | ||
132 | fadd %st(0),%st(1) | ||
133 | fsubl -80(%edx) | ||
134 | fxch %st(4) | ||
135 | fstpl 8(%esp) | ||
136 | fxch %st(4) | ||
137 | fstpl -88(%edx) | ||
138 | fldl 80(%edx) | ||
139 | fldl 0(%edx) | ||
140 | fadd %st(0),%st(1) | ||
141 | fsubl 80(%edx) | ||
142 | fxch %st(2) | ||
143 | fstpl -8(%edx) | ||
144 | fxch %st(2) | ||
145 | fstpl 72(%edx) | ||
146 | fldl -72(%edx) | ||
147 | fldl 24(%esp) | ||
148 | fadd %st(0),%st(1) | ||
149 | fsubl -72(%edx) | ||
150 | fxch %st(5) | ||
151 | fstpl 16(%esp) | ||
152 | fxch %st(3) | ||
153 | fstpl -80(%edx) | ||
154 | fldl 88(%edx) | ||
155 | fldl 8(%edx) | ||
156 | fadd %st(0),%st(1) | ||
157 | fsubl 88(%edx) | ||
158 | fxch %st(3) | ||
159 | fstpl 0(%edx) | ||
160 | fxch %st(1) | ||
161 | fstpl 80(%edx) | ||
162 | fldl -64(%edx) | ||
163 | fldl 32(%esp) | ||
164 | fadd %st(0),%st(1) | ||
165 | fsubl -64(%edx) | ||
166 | fxch %st(4) | ||
167 | fstpl 24(%esp) | ||
168 | fxch %st(4) | ||
169 | fstpl -72(%edx) | ||
170 | fldl 96(%edx) | ||
171 | fldl 16(%edx) | ||
172 | fadd %st(0),%st(1) | ||
173 | fsubl 96(%edx) | ||
174 | fxch %st(2) | ||
175 | fstpl 8(%edx) | ||
176 | fxch %st(2) | ||
177 | fstpl 88(%edx) | ||
178 | fldl -56(%edx) | ||
179 | fldl 40(%esp) | ||
180 | fadd %st(0),%st(1) | ||
181 | fsubl -56(%edx) | ||
182 | fxch %st(5) | ||
183 | fstpl 32(%esp) | ||
184 | fxch %st(3) | ||
185 | fstpl -64(%edx) | ||
186 | fldl 104(%edx) | ||
187 | fldl 24(%edx) | ||
188 | fadd %st(0),%st(1) | ||
189 | fsubl 104(%edx) | ||
190 | fxch %st(3) | ||
191 | fstpl 16(%edx) | ||
192 | fxch %st(1) | ||
193 | fstpl 96(%edx) | ||
194 | fldl -48(%edx) | ||
195 | fldl 48(%esp) | ||
196 | fadd %st(0),%st(1) | ||
197 | fsubl -48(%edx) | ||
198 | fxch %st(4) | ||
199 | fstpl 40(%esp) | ||
200 | fxch %st(4) | ||
201 | fstpl -56(%edx) | ||
202 | fldl 112(%edx) | ||
203 | fldl 32(%edx) | ||
204 | fadd %st(0),%st(1) | ||
205 | fsubl 112(%edx) | ||
206 | fxch %st(2) | ||
207 | fstpl 24(%edx) | ||
208 | fxch %st(2) | ||
209 | fstpl 104(%edx) | ||
210 | fldl -40(%edx) | ||
211 | fldl -120(%edx) | ||
212 | fadd %st(0),%st(1) | ||
213 | fsubl -40(%edx) | ||
214 | fxch %st(5) | ||
215 | fstpl 48(%esp) | ||
216 | fxch %st(3) | ||
217 | fstpl -48(%edx) | ||
218 | fldl 120(%edx) | ||
219 | fldl 40(%edx) | ||
220 | fadd %st(0),%st(1) | ||
221 | fsubl 120(%edx) | ||
222 | fxch %st(3) | ||
223 | fstpl 32(%edx) | ||
224 | fxch %st(1) | ||
225 | fstpl 112(%edx) | ||
226 | fldl -32(%edx) | ||
227 | fldl -112(%edx) | ||
228 | fadd %st(0),%st(1) | ||
229 | fsubl -32(%edx) | ||
230 | fxch %st(4) | ||
231 | fstpl -120(%edx) | ||
232 | fxch %st(4) | ||
233 | fstpl -40(%edx) | ||
234 | fldl -128(%ecx) | ||
235 | fldl 48(%edx) | ||
236 | fadd %st(0),%st(1) | ||
237 | fsubl -128(%ecx) | ||
238 | fxch %st(2) | ||
239 | fstpl 40(%edx) | ||
240 | fxch %st(2) | ||
241 | fstpl 120(%edx) | ||
242 | fldl -24(%edx) | ||
243 | fldl -104(%edx) | ||
244 | fadd %st(0),%st(1) | ||
245 | fsubl -24(%edx) | ||
246 | fxch %st(5) | ||
247 | fstpl -112(%edx) | ||
248 | fxch %st(3) | ||
249 | fstpl -32(%edx) | ||
250 | fldl -120(%ecx) | ||
251 | fldl 56(%edx) | ||
252 | fadd %st(0),%st(1) | ||
253 | fsubl -120(%ecx) | ||
254 | fxch %st(3) | ||
255 | fstpl 48(%edx) | ||
256 | fxch %st(1) | ||
257 | fstpl -128(%ecx) | ||
258 | fldl -112(%ecx) | ||
259 | fsubl crypto_scalarmult_curve25519_athlon_in0offset | ||
260 | fldl crypto_scalarmult_curve25519_athlon_two0 | ||
261 | fsub %st(1),%st(0) | ||
262 | fxch %st(4) | ||
263 | fstpl -104(%edx) | ||
264 | fxch %st(4) | ||
265 | fstpl -24(%edx) | ||
266 | fstpl 56(%edx) | ||
267 | fstpl -120(%ecx) | ||
268 | fxch %st(1) | ||
269 | fstl 136(%ecx) | ||
270 | fldl 0(%esp) | ||
271 | fmul %st(2),%st(0) | ||
272 | fldl -16(%edx) | ||
273 | fmul %st(2),%st(0) | ||
274 | faddp %st(0),%st(1) | ||
275 | fldl 8(%esp) | ||
276 | fmul %st(3),%st(0) | ||
277 | fldl -8(%edx) | ||
278 | fmul %st(3),%st(0) | ||
279 | faddp %st(0),%st(1) | ||
280 | fldl 16(%esp) | ||
281 | fmul %st(4),%st(0) | ||
282 | fldl 0(%edx) | ||
283 | fmul %st(4),%st(0) | ||
284 | faddp %st(0),%st(1) | ||
285 | fldl 24(%esp) | ||
286 | fmul %st(5),%st(0) | ||
287 | fldl 8(%edx) | ||
288 | fmul %st(5),%st(0) | ||
289 | faddp %st(0),%st(1) | ||
290 | fxch %st(3) | ||
291 | fstpl -112(%ecx) | ||
292 | fldl 32(%esp) | ||
293 | fmul %st(5),%st(0) | ||
294 | fldl 16(%edx) | ||
295 | fmul %st(5),%st(0) | ||
296 | faddp %st(0),%st(1) | ||
297 | fxch %st(2) | ||
298 | fstpl -104(%ecx) | ||
299 | fldl 40(%esp) | ||
300 | fmul %st(5),%st(0) | ||
301 | fldl 24(%edx) | ||
302 | fmul %st(5),%st(0) | ||
303 | faddp %st(0),%st(1) | ||
304 | fxch %st(1) | ||
305 | fstpl -96(%ecx) | ||
306 | fldl 48(%esp) | ||
307 | fmul %st(5),%st(0) | ||
308 | fldl 32(%edx) | ||
309 | fmul %st(5),%st(0) | ||
310 | faddp %st(0),%st(1) | ||
311 | fxch %st(3) | ||
312 | fstpl -88(%ecx) | ||
313 | fldl -120(%edx) | ||
314 | fmul %st(5),%st(0) | ||
315 | fldl 40(%edx) | ||
316 | fmul %st(5),%st(0) | ||
317 | faddp %st(0),%st(1) | ||
318 | fxch %st(2) | ||
319 | fstpl -80(%ecx) | ||
320 | fldl -112(%edx) | ||
321 | fmul %st(5),%st(0) | ||
322 | fldl 48(%edx) | ||
323 | fmul %st(5),%st(0) | ||
324 | faddp %st(0),%st(1) | ||
325 | fxch %st(1) | ||
326 | fstpl -72(%ecx) | ||
327 | fldl -104(%edx) | ||
328 | fmul %st(5),%st(0) | ||
329 | fldl 56(%edx) | ||
330 | fmul %st(5),%st(0) | ||
331 | faddp %st(0),%st(1) | ||
332 | fxch %st(3) | ||
333 | fstpl -64(%ecx) | ||
334 | fldl -96(%edx) | ||
335 | fmul %st(5),%st(0) | ||
336 | fldl 64(%edx) | ||
337 | fmul %st(5),%st(0) | ||
338 | faddp %st(0),%st(1) | ||
339 | fxch %st(2) | ||
340 | fstpl -56(%ecx) | ||
341 | fldl -88(%edx) | ||
342 | fmul %st(5),%st(0) | ||
343 | fldl 72(%edx) | ||
344 | fmul %st(5),%st(0) | ||
345 | faddp %st(0),%st(1) | ||
346 | fxch %st(1) | ||
347 | fstpl -48(%ecx) | ||
348 | fldl -80(%edx) | ||
349 | fmul %st(5),%st(0) | ||
350 | fldl 80(%edx) | ||
351 | fmul %st(5),%st(0) | ||
352 | faddp %st(0),%st(1) | ||
353 | fxch %st(3) | ||
354 | fstpl -40(%ecx) | ||
355 | fldl -72(%edx) | ||
356 | fmul %st(5),%st(0) | ||
357 | fldl 88(%edx) | ||
358 | fmul %st(5),%st(0) | ||
359 | faddp %st(0),%st(1) | ||
360 | fxch %st(2) | ||
361 | fstpl -32(%ecx) | ||
362 | fldl -64(%edx) | ||
363 | fmul %st(5),%st(0) | ||
364 | fldl 96(%edx) | ||
365 | fmul %st(5),%st(0) | ||
366 | faddp %st(0),%st(1) | ||
367 | fxch %st(1) | ||
368 | fstpl -24(%ecx) | ||
369 | fldl -56(%edx) | ||
370 | fmul %st(5),%st(0) | ||
371 | fldl 104(%edx) | ||
372 | fmul %st(5),%st(0) | ||
373 | faddp %st(0),%st(1) | ||
374 | fxch %st(3) | ||
375 | fstpl -16(%ecx) | ||
376 | fldl -48(%edx) | ||
377 | fmul %st(5),%st(0) | ||
378 | fldl 112(%edx) | ||
379 | fmul %st(5),%st(0) | ||
380 | faddp %st(0),%st(1) | ||
381 | fxch %st(2) | ||
382 | fstpl -8(%ecx) | ||
383 | fldl -40(%edx) | ||
384 | fmul %st(5),%st(0) | ||
385 | fldl 120(%edx) | ||
386 | fmul %st(5),%st(0) | ||
387 | faddp %st(0),%st(1) | ||
388 | fxch %st(1) | ||
389 | fstpl 0(%ecx) | ||
390 | fldl -32(%edx) | ||
391 | fmul %st(5),%st(0) | ||
392 | fldl -128(%ecx) | ||
393 | fmul %st(5),%st(0) | ||
394 | faddp %st(0),%st(1) | ||
395 | fxch %st(3) | ||
396 | fstpl 8(%ecx) | ||
397 | fldl -24(%edx) | ||
398 | fmulp %st(0),%st(5) | ||
399 | fldl -120(%ecx) | ||
400 | fmulp %st(0),%st(4) | ||
401 | fxch %st(3) | ||
402 | faddp %st(0),%st(4) | ||
403 | fstpl 16(%ecx) | ||
404 | fxch %st(1) | ||
405 | fstpl 24(%ecx) | ||
406 | fstpl 32(%ecx) | ||
407 | fstpl 40(%ecx) | ||
408 | fldl -24(%edx) | ||
409 | fmull 56(%edx) | ||
410 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
411 | fldl -96(%edx) | ||
412 | fmull 48(%edx) | ||
413 | faddp %st(0),%st(1) | ||
414 | fldl -88(%edx) | ||
415 | fmull 40(%edx) | ||
416 | faddp %st(0),%st(1) | ||
417 | fldl -96(%edx) | ||
418 | fmull 56(%edx) | ||
419 | fldl -80(%edx) | ||
420 | fmull 32(%edx) | ||
421 | faddp %st(0),%st(2) | ||
422 | fldl -88(%edx) | ||
423 | fmull 48(%edx) | ||
424 | faddp %st(0),%st(1) | ||
425 | fldl -72(%edx) | ||
426 | fmull 24(%edx) | ||
427 | faddp %st(0),%st(2) | ||
428 | fldl -80(%edx) | ||
429 | fmull 40(%edx) | ||
430 | faddp %st(0),%st(1) | ||
431 | fldl -64(%edx) | ||
432 | fmull 16(%edx) | ||
433 | faddp %st(0),%st(2) | ||
434 | fldl -72(%edx) | ||
435 | fmull 32(%edx) | ||
436 | faddp %st(0),%st(1) | ||
437 | fldl -88(%edx) | ||
438 | fmull 56(%edx) | ||
439 | fldl -56(%edx) | ||
440 | fmull 8(%edx) | ||
441 | faddp %st(0),%st(3) | ||
442 | fldl -64(%edx) | ||
443 | fmull 24(%edx) | ||
444 | faddp %st(0),%st(2) | ||
445 | fldl -80(%edx) | ||
446 | fmull 48(%edx) | ||
447 | faddp %st(0),%st(1) | ||
448 | fldl -48(%edx) | ||
449 | fmull 0(%edx) | ||
450 | faddp %st(0),%st(3) | ||
451 | fldl -56(%edx) | ||
452 | fmull 16(%edx) | ||
453 | faddp %st(0),%st(2) | ||
454 | fldl -72(%edx) | ||
455 | fmull 40(%edx) | ||
456 | faddp %st(0),%st(1) | ||
457 | fldl -40(%edx) | ||
458 | fmull -8(%edx) | ||
459 | faddp %st(0),%st(3) | ||
460 | fldl -48(%edx) | ||
461 | fmull 8(%edx) | ||
462 | faddp %st(0),%st(2) | ||
463 | fldl -64(%edx) | ||
464 | fmull 32(%edx) | ||
465 | faddp %st(0),%st(1) | ||
466 | fldl -32(%edx) | ||
467 | fmull -16(%edx) | ||
468 | faddp %st(0),%st(3) | ||
469 | fldl -40(%edx) | ||
470 | fmull 0(%edx) | ||
471 | faddp %st(0),%st(2) | ||
472 | fldl -56(%edx) | ||
473 | fmull 24(%edx) | ||
474 | faddp %st(0),%st(1) | ||
475 | fldl -80(%edx) | ||
476 | fmull 56(%edx) | ||
477 | fldl -48(%edx) | ||
478 | fmull 16(%edx) | ||
479 | faddp %st(0),%st(2) | ||
480 | fldl -32(%edx) | ||
481 | fmull -8(%edx) | ||
482 | faddp %st(0),%st(3) | ||
483 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
484 | fadd %st(4),%st(0) | ||
485 | fldl -72(%edx) | ||
486 | fmull 48(%edx) | ||
487 | faddp %st(0),%st(2) | ||
488 | fldl -40(%edx) | ||
489 | fmull 8(%edx) | ||
490 | faddp %st(0),%st(3) | ||
491 | fldl -24(%edx) | ||
492 | fmull -16(%edx) | ||
493 | faddp %st(0),%st(4) | ||
494 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
495 | fldl -64(%edx) | ||
496 | fmull 40(%edx) | ||
497 | faddp %st(0),%st(2) | ||
498 | fldl -72(%edx) | ||
499 | fmull 56(%edx) | ||
500 | fldl -32(%edx) | ||
501 | fmull 0(%edx) | ||
502 | faddp %st(0),%st(4) | ||
503 | fxch %st(1) | ||
504 | fadd %st(0),%st(4) | ||
505 | fldl -56(%edx) | ||
506 | fmull 32(%edx) | ||
507 | faddp %st(0),%st(3) | ||
508 | fldl -64(%edx) | ||
509 | fmull 48(%edx) | ||
510 | faddp %st(0),%st(2) | ||
511 | fsubrp %st(0),%st(5) | ||
512 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
513 | fadd %st(4),%st(0) | ||
514 | fldl -48(%edx) | ||
515 | fmull 24(%edx) | ||
516 | faddp %st(0),%st(3) | ||
517 | fldl -56(%edx) | ||
518 | fmull 40(%edx) | ||
519 | faddp %st(0),%st(2) | ||
520 | fldl -24(%edx) | ||
521 | fmull -8(%edx) | ||
522 | faddp %st(0),%st(4) | ||
523 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
524 | fldl -40(%edx) | ||
525 | fmull 16(%edx) | ||
526 | faddp %st(0),%st(3) | ||
527 | fldl -64(%edx) | ||
528 | fmull 56(%edx) | ||
529 | fldl -48(%edx) | ||
530 | fmull 32(%edx) | ||
531 | faddp %st(0),%st(3) | ||
532 | fldl -32(%edx) | ||
533 | fmull 8(%edx) | ||
534 | faddp %st(0),%st(4) | ||
535 | fxch %st(1) | ||
536 | fadd %st(0),%st(4) | ||
537 | fsubrp %st(0),%st(5) | ||
538 | fxch %st(5) | ||
539 | fstpl 64(%ecx) | ||
540 | fldl -56(%edx) | ||
541 | fmull 48(%edx) | ||
542 | faddp %st(0),%st(5) | ||
543 | fldl -40(%edx) | ||
544 | fmull 24(%edx) | ||
545 | faddp %st(0),%st(1) | ||
546 | fldl -24(%edx) | ||
547 | fmull 0(%edx) | ||
548 | faddp %st(0),%st(2) | ||
549 | fxch %st(2) | ||
550 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
551 | fldl -48(%edx) | ||
552 | fmull 40(%edx) | ||
553 | faddp %st(0),%st(5) | ||
554 | fldl -32(%edx) | ||
555 | fmull 16(%edx) | ||
556 | faddp %st(0),%st(3) | ||
557 | fxch %st(1) | ||
558 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
559 | fldl -96(%edx) | ||
560 | fmull -16(%edx) | ||
561 | faddp %st(0),%st(2) | ||
562 | fxch %st(3) | ||
563 | fstpl 72(%ecx) | ||
564 | fldl -56(%edx) | ||
565 | fmull 56(%edx) | ||
566 | fldl -40(%edx) | ||
567 | fmull 32(%edx) | ||
568 | faddp %st(0),%st(5) | ||
569 | fldl -24(%edx) | ||
570 | fmull 8(%edx) | ||
571 | faddp %st(0),%st(3) | ||
572 | fldl -96(%edx) | ||
573 | fmull -8(%edx) | ||
574 | faddp %st(0),%st(4) | ||
575 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
576 | fadd %st(2),%st(0) | ||
577 | fldl -48(%edx) | ||
578 | fmull 48(%edx) | ||
579 | faddp %st(0),%st(2) | ||
580 | fldl -32(%edx) | ||
581 | fmull 24(%edx) | ||
582 | faddp %st(0),%st(6) | ||
583 | fxch %st(3) | ||
584 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
585 | fldl -88(%edx) | ||
586 | fmull -16(%edx) | ||
587 | faddp %st(0),%st(5) | ||
588 | fxch %st(3) | ||
589 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
590 | fldl -40(%edx) | ||
591 | fmull 40(%edx) | ||
592 | faddp %st(0),%st(2) | ||
593 | fldl -24(%edx) | ||
594 | fmull 16(%edx) | ||
595 | faddp %st(0),%st(6) | ||
596 | fldl -96(%edx) | ||
597 | fmull 0(%edx) | ||
598 | faddp %st(0),%st(4) | ||
599 | fadd %st(0),%st(4) | ||
600 | fsubrp %st(0),%st(2) | ||
601 | fldl -48(%edx) | ||
602 | fmull 56(%edx) | ||
603 | fldl -32(%edx) | ||
604 | fmull 32(%edx) | ||
605 | faddp %st(0),%st(2) | ||
606 | fxch %st(5) | ||
607 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
608 | fldl -88(%edx) | ||
609 | fmull -8(%edx) | ||
610 | faddp %st(0),%st(4) | ||
611 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
612 | fadd %st(5),%st(0) | ||
613 | fldl -40(%edx) | ||
614 | fmull 48(%edx) | ||
615 | faddp %st(0),%st(7) | ||
616 | fldl -24(%edx) | ||
617 | fmull 24(%edx) | ||
618 | faddp %st(0),%st(3) | ||
619 | fldl -96(%edx) | ||
620 | fmull 8(%edx) | ||
621 | faddp %st(0),%st(2) | ||
622 | fldl -80(%edx) | ||
623 | fmull -16(%edx) | ||
624 | faddp %st(0),%st(5) | ||
625 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
626 | fxch %st(3) | ||
627 | fstpl 48(%ecx) | ||
628 | fldl -32(%edx) | ||
629 | fmull 40(%edx) | ||
630 | faddp %st(0),%st(6) | ||
631 | fxch %st(1) | ||
632 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
633 | fldl -88(%edx) | ||
634 | fmull 0(%edx) | ||
635 | faddp %st(0),%st(2) | ||
636 | fxch %st(2) | ||
637 | fadd %st(0),%st(3) | ||
638 | fsubrp %st(0),%st(4) | ||
639 | fldl -40(%edx) | ||
640 | fmull 56(%edx) | ||
641 | fldl -24(%edx) | ||
642 | fmull 32(%edx) | ||
643 | faddp %st(0),%st(6) | ||
644 | fldl -96(%edx) | ||
645 | fmull 16(%edx) | ||
646 | faddp %st(0),%st(3) | ||
647 | fldl -80(%edx) | ||
648 | fmull -8(%edx) | ||
649 | faddp %st(0),%st(2) | ||
650 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
651 | fadd %st(4),%st(0) | ||
652 | fldl -32(%edx) | ||
653 | fmull 48(%edx) | ||
654 | faddp %st(0),%st(2) | ||
655 | fxch %st(6) | ||
656 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
657 | fldl -88(%edx) | ||
658 | fmull 8(%edx) | ||
659 | faddp %st(0),%st(4) | ||
660 | fldl -72(%edx) | ||
661 | fmull -16(%edx) | ||
662 | faddp %st(0),%st(3) | ||
663 | fxch %st(6) | ||
664 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
665 | fxch %st(5) | ||
666 | fstpl 56(%ecx) | ||
667 | fldl -24(%edx) | ||
668 | fmull 40(%edx) | ||
669 | faddp %st(0),%st(1) | ||
670 | fldl -96(%edx) | ||
671 | fmull 24(%edx) | ||
672 | faddp %st(0),%st(6) | ||
673 | fldl -80(%edx) | ||
674 | fmull 0(%edx) | ||
675 | faddp %st(0),%st(3) | ||
676 | fxch %st(4) | ||
677 | fadd %st(0),%st(1) | ||
678 | fsubrp %st(0),%st(3) | ||
679 | fldl -32(%edx) | ||
680 | fmull 56(%edx) | ||
681 | fxch %st(4) | ||
682 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
683 | fldl -88(%edx) | ||
684 | fmull 16(%edx) | ||
685 | faddp %st(0),%st(6) | ||
686 | fldl -72(%edx) | ||
687 | fmull -8(%edx) | ||
688 | faddp %st(0),%st(3) | ||
689 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
690 | fadd %st(2),%st(0) | ||
691 | fldl -24(%edx) | ||
692 | fmull 48(%edx) | ||
693 | faddp %st(0),%st(6) | ||
694 | fldl -96(%edx) | ||
695 | fmull 32(%edx) | ||
696 | faddp %st(0),%st(2) | ||
697 | fldl -80(%edx) | ||
698 | fmull 8(%edx) | ||
699 | faddp %st(0),%st(7) | ||
700 | fldl -64(%edx) | ||
701 | fmull -16(%edx) | ||
702 | faddp %st(0),%st(4) | ||
703 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
704 | fxch %st(4) | ||
705 | fstpl -24(%edx) | ||
706 | fxch %st(4) | ||
707 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
708 | fldl -88(%edx) | ||
709 | fmull 24(%edx) | ||
710 | faddp %st(0),%st(5) | ||
711 | fldl -72(%edx) | ||
712 | fmull 0(%edx) | ||
713 | faddp %st(0),%st(6) | ||
714 | fxch %st(3) | ||
715 | fadd %st(0),%st(2) | ||
716 | fsubrp %st(0),%st(1) | ||
717 | fldl -96(%edx) | ||
718 | fmull 40(%edx) | ||
719 | faddp %st(0),%st(3) | ||
720 | fldl -80(%edx) | ||
721 | fmull 16(%edx) | ||
722 | faddp %st(0),%st(4) | ||
723 | fldl -64(%edx) | ||
724 | fmull -8(%edx) | ||
725 | faddp %st(0),%st(5) | ||
726 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
727 | fadd %st(2),%st(0) | ||
728 | fldl -88(%edx) | ||
729 | fmull 32(%edx) | ||
730 | faddp %st(0),%st(4) | ||
731 | fldl -72(%edx) | ||
732 | fmull 8(%edx) | ||
733 | faddp %st(0),%st(5) | ||
734 | fldl -56(%edx) | ||
735 | fmull -16(%edx) | ||
736 | faddp %st(0),%st(6) | ||
737 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
738 | fxch %st(1) | ||
739 | fstpl -96(%edx) | ||
740 | fldl -80(%edx) | ||
741 | fmull 24(%edx) | ||
742 | faddp %st(0),%st(3) | ||
743 | fldl -64(%edx) | ||
744 | fmull 0(%edx) | ||
745 | faddp %st(0),%st(4) | ||
746 | fadd %st(0),%st(4) | ||
747 | fsubrp %st(0),%st(1) | ||
748 | fstpl -88(%edx) | ||
749 | fldl -72(%edx) | ||
750 | fmull 16(%edx) | ||
751 | faddp %st(0),%st(1) | ||
752 | fldl -56(%edx) | ||
753 | fmull -8(%edx) | ||
754 | faddp %st(0),%st(2) | ||
755 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
756 | fadd %st(3),%st(0) | ||
757 | fldl -64(%edx) | ||
758 | fmull 8(%edx) | ||
759 | faddp %st(0),%st(2) | ||
760 | fldl -48(%edx) | ||
761 | fmull -16(%edx) | ||
762 | faddp %st(0),%st(3) | ||
763 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
764 | fldl -56(%edx) | ||
765 | fmull 0(%edx) | ||
766 | faddp %st(0),%st(2) | ||
767 | fadd %st(0),%st(2) | ||
768 | fsubrp %st(0),%st(3) | ||
769 | fxch %st(2) | ||
770 | fstpl -80(%edx) | ||
771 | fldl -48(%edx) | ||
772 | fmull -8(%edx) | ||
773 | faddp %st(0),%st(2) | ||
774 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
775 | fadd %st(1),%st(0) | ||
776 | fldl -40(%edx) | ||
777 | fmull -16(%edx) | ||
778 | faddp %st(0),%st(3) | ||
779 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
780 | fldl 64(%ecx) | ||
781 | fldl 72(%ecx) | ||
782 | fxch %st(2) | ||
783 | fadd %st(0),%st(4) | ||
784 | fsubrp %st(0),%st(3) | ||
785 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
786 | fadd %st(4),%st(0) | ||
787 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
788 | fadd %st(0),%st(1) | ||
789 | fsubrp %st(0),%st(4) | ||
790 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
791 | fadd %st(1),%st(0) | ||
792 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
793 | fsubr %st(0),%st(1) | ||
794 | faddp %st(0),%st(2) | ||
795 | fxch %st(2) | ||
796 | fstpl -72(%edx) | ||
797 | fxch %st(2) | ||
798 | fstpl -64(%edx) | ||
799 | fstpl -56(%edx) | ||
800 | fstpl -48(%edx) | ||
801 | fldl -104(%edx) | ||
802 | fmull -120(%ecx) | ||
803 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
804 | fldl 0(%esp) | ||
805 | fmull -128(%ecx) | ||
806 | faddp %st(0),%st(1) | ||
807 | fldl 8(%esp) | ||
808 | fmull 120(%edx) | ||
809 | faddp %st(0),%st(1) | ||
810 | fldl 0(%esp) | ||
811 | fmull -120(%ecx) | ||
812 | fldl 16(%esp) | ||
813 | fmull 112(%edx) | ||
814 | faddp %st(0),%st(2) | ||
815 | fldl 8(%esp) | ||
816 | fmull -128(%ecx) | ||
817 | faddp %st(0),%st(1) | ||
818 | fldl 24(%esp) | ||
819 | fmull 104(%edx) | ||
820 | faddp %st(0),%st(2) | ||
821 | fldl 16(%esp) | ||
822 | fmull 120(%edx) | ||
823 | faddp %st(0),%st(1) | ||
824 | fldl 32(%esp) | ||
825 | fmull 96(%edx) | ||
826 | faddp %st(0),%st(2) | ||
827 | fldl 24(%esp) | ||
828 | fmull 112(%edx) | ||
829 | faddp %st(0),%st(1) | ||
830 | fldl 8(%esp) | ||
831 | fmull -120(%ecx) | ||
832 | fldl 40(%esp) | ||
833 | fmull 88(%edx) | ||
834 | faddp %st(0),%st(3) | ||
835 | fldl 32(%esp) | ||
836 | fmull 104(%edx) | ||
837 | faddp %st(0),%st(2) | ||
838 | fldl 16(%esp) | ||
839 | fmull -128(%ecx) | ||
840 | faddp %st(0),%st(1) | ||
841 | fldl 48(%esp) | ||
842 | fmull 80(%edx) | ||
843 | faddp %st(0),%st(3) | ||
844 | fldl 40(%esp) | ||
845 | fmull 96(%edx) | ||
846 | faddp %st(0),%st(2) | ||
847 | fldl 24(%esp) | ||
848 | fmull 120(%edx) | ||
849 | faddp %st(0),%st(1) | ||
850 | fldl -120(%edx) | ||
851 | fmull 72(%edx) | ||
852 | faddp %st(0),%st(3) | ||
853 | fldl 48(%esp) | ||
854 | fmull 88(%edx) | ||
855 | faddp %st(0),%st(2) | ||
856 | fldl 32(%esp) | ||
857 | fmull 112(%edx) | ||
858 | faddp %st(0),%st(1) | ||
859 | fldl -112(%edx) | ||
860 | fmull 64(%edx) | ||
861 | faddp %st(0),%st(3) | ||
862 | fldl -120(%edx) | ||
863 | fmull 80(%edx) | ||
864 | faddp %st(0),%st(2) | ||
865 | fldl 40(%esp) | ||
866 | fmull 104(%edx) | ||
867 | faddp %st(0),%st(1) | ||
868 | fldl 16(%esp) | ||
869 | fmull -120(%ecx) | ||
870 | fldl 48(%esp) | ||
871 | fmull 96(%edx) | ||
872 | faddp %st(0),%st(2) | ||
873 | fldl -112(%edx) | ||
874 | fmull 72(%edx) | ||
875 | faddp %st(0),%st(3) | ||
876 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
877 | fadd %st(4),%st(0) | ||
878 | fldl 24(%esp) | ||
879 | fmull -128(%ecx) | ||
880 | faddp %st(0),%st(2) | ||
881 | fldl -120(%edx) | ||
882 | fmull 88(%edx) | ||
883 | faddp %st(0),%st(3) | ||
884 | fldl -104(%edx) | ||
885 | fmull 64(%edx) | ||
886 | faddp %st(0),%st(4) | ||
887 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
888 | fldl 32(%esp) | ||
889 | fmull 120(%edx) | ||
890 | faddp %st(0),%st(2) | ||
891 | fldl 24(%esp) | ||
892 | fmull -120(%ecx) | ||
893 | fldl -112(%edx) | ||
894 | fmull 80(%edx) | ||
895 | faddp %st(0),%st(4) | ||
896 | fxch %st(1) | ||
897 | fadd %st(0),%st(4) | ||
898 | fldl 40(%esp) | ||
899 | fmull 112(%edx) | ||
900 | faddp %st(0),%st(3) | ||
901 | fldl 32(%esp) | ||
902 | fmull -128(%ecx) | ||
903 | faddp %st(0),%st(2) | ||
904 | fsubrp %st(0),%st(5) | ||
905 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
906 | fadd %st(4),%st(0) | ||
907 | fldl 48(%esp) | ||
908 | fmull 104(%edx) | ||
909 | faddp %st(0),%st(3) | ||
910 | fldl 40(%esp) | ||
911 | fmull 120(%edx) | ||
912 | faddp %st(0),%st(2) | ||
913 | fldl -104(%edx) | ||
914 | fmull 72(%edx) | ||
915 | faddp %st(0),%st(4) | ||
916 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
917 | fldl -120(%edx) | ||
918 | fmull 96(%edx) | ||
919 | faddp %st(0),%st(3) | ||
920 | fldl 32(%esp) | ||
921 | fmull -120(%ecx) | ||
922 | fldl 48(%esp) | ||
923 | fmull 112(%edx) | ||
924 | faddp %st(0),%st(3) | ||
925 | fldl -112(%edx) | ||
926 | fmull 88(%edx) | ||
927 | faddp %st(0),%st(4) | ||
928 | fxch %st(1) | ||
929 | fadd %st(0),%st(4) | ||
930 | fsubrp %st(0),%st(5) | ||
931 | fxch %st(5) | ||
932 | fstpl 8(%edx) | ||
933 | fldl 40(%esp) | ||
934 | fmull -128(%ecx) | ||
935 | faddp %st(0),%st(5) | ||
936 | fldl -120(%edx) | ||
937 | fmull 104(%edx) | ||
938 | faddp %st(0),%st(1) | ||
939 | fldl -104(%edx) | ||
940 | fmull 80(%edx) | ||
941 | faddp %st(0),%st(2) | ||
942 | fxch %st(2) | ||
943 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
944 | fldl 48(%esp) | ||
945 | fmull 120(%edx) | ||
946 | faddp %st(0),%st(5) | ||
947 | fldl -112(%edx) | ||
948 | fmull 96(%edx) | ||
949 | faddp %st(0),%st(3) | ||
950 | fxch %st(1) | ||
951 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
952 | fldl 0(%esp) | ||
953 | fmull 64(%edx) | ||
954 | faddp %st(0),%st(2) | ||
955 | fxch %st(3) | ||
956 | fstpl 16(%edx) | ||
957 | fldl 40(%esp) | ||
958 | fmull -120(%ecx) | ||
959 | fldl -120(%edx) | ||
960 | fmull 112(%edx) | ||
961 | faddp %st(0),%st(5) | ||
962 | fldl -104(%edx) | ||
963 | fmull 88(%edx) | ||
964 | faddp %st(0),%st(3) | ||
965 | fldl 0(%esp) | ||
966 | fmull 72(%edx) | ||
967 | faddp %st(0),%st(4) | ||
968 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
969 | fadd %st(2),%st(0) | ||
970 | fldl 48(%esp) | ||
971 | fmull -128(%ecx) | ||
972 | faddp %st(0),%st(2) | ||
973 | fldl -112(%edx) | ||
974 | fmull 104(%edx) | ||
975 | faddp %st(0),%st(6) | ||
976 | fxch %st(3) | ||
977 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
978 | fldl 8(%esp) | ||
979 | fmull 64(%edx) | ||
980 | faddp %st(0),%st(5) | ||
981 | fxch %st(3) | ||
982 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
983 | fldl -120(%edx) | ||
984 | fmull 120(%edx) | ||
985 | faddp %st(0),%st(2) | ||
986 | fldl -104(%edx) | ||
987 | fmull 96(%edx) | ||
988 | faddp %st(0),%st(6) | ||
989 | fldl 0(%esp) | ||
990 | fmull 80(%edx) | ||
991 | faddp %st(0),%st(4) | ||
992 | fadd %st(0),%st(4) | ||
993 | fsubrp %st(0),%st(2) | ||
994 | fldl 48(%esp) | ||
995 | fmull -120(%ecx) | ||
996 | fldl -112(%edx) | ||
997 | fmull 112(%edx) | ||
998 | faddp %st(0),%st(2) | ||
999 | fxch %st(5) | ||
1000 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1001 | fldl 8(%esp) | ||
1002 | fmull 72(%edx) | ||
1003 | faddp %st(0),%st(4) | ||
1004 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1005 | fadd %st(5),%st(0) | ||
1006 | fldl -120(%edx) | ||
1007 | fmull -128(%ecx) | ||
1008 | faddp %st(0),%st(7) | ||
1009 | fldl -104(%edx) | ||
1010 | fmull 104(%edx) | ||
1011 | faddp %st(0),%st(3) | ||
1012 | fldl 0(%esp) | ||
1013 | fmull 88(%edx) | ||
1014 | faddp %st(0),%st(2) | ||
1015 | fldl 16(%esp) | ||
1016 | fmull 64(%edx) | ||
1017 | faddp %st(0),%st(5) | ||
1018 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1019 | fxch %st(3) | ||
1020 | fstpl -40(%edx) | ||
1021 | fldl -112(%edx) | ||
1022 | fmull 120(%edx) | ||
1023 | faddp %st(0),%st(6) | ||
1024 | fxch %st(1) | ||
1025 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1026 | fldl 8(%esp) | ||
1027 | fmull 80(%edx) | ||
1028 | faddp %st(0),%st(2) | ||
1029 | fxch %st(2) | ||
1030 | fadd %st(0),%st(3) | ||
1031 | fsubrp %st(0),%st(4) | ||
1032 | fldl -120(%edx) | ||
1033 | fmull -120(%ecx) | ||
1034 | fldl -104(%edx) | ||
1035 | fmull 112(%edx) | ||
1036 | faddp %st(0),%st(6) | ||
1037 | fldl 0(%esp) | ||
1038 | fmull 96(%edx) | ||
1039 | faddp %st(0),%st(3) | ||
1040 | fldl 16(%esp) | ||
1041 | fmull 72(%edx) | ||
1042 | faddp %st(0),%st(2) | ||
1043 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1044 | fadd %st(4),%st(0) | ||
1045 | fldl -112(%edx) | ||
1046 | fmull -128(%ecx) | ||
1047 | faddp %st(0),%st(2) | ||
1048 | fxch %st(6) | ||
1049 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1050 | fldl 8(%esp) | ||
1051 | fmull 88(%edx) | ||
1052 | faddp %st(0),%st(4) | ||
1053 | fldl 24(%esp) | ||
1054 | fmull 64(%edx) | ||
1055 | faddp %st(0),%st(3) | ||
1056 | fxch %st(6) | ||
1057 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1058 | fxch %st(5) | ||
1059 | fstpl -32(%edx) | ||
1060 | fldl -104(%edx) | ||
1061 | fmull 120(%edx) | ||
1062 | faddp %st(0),%st(1) | ||
1063 | fldl 0(%esp) | ||
1064 | fmull 104(%edx) | ||
1065 | faddp %st(0),%st(6) | ||
1066 | fldl 16(%esp) | ||
1067 | fmull 80(%edx) | ||
1068 | faddp %st(0),%st(3) | ||
1069 | fxch %st(4) | ||
1070 | fadd %st(0),%st(1) | ||
1071 | fsubrp %st(0),%st(3) | ||
1072 | fldl -112(%edx) | ||
1073 | fmull -120(%ecx) | ||
1074 | fxch %st(4) | ||
1075 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1076 | fldl 8(%esp) | ||
1077 | fmull 96(%edx) | ||
1078 | faddp %st(0),%st(6) | ||
1079 | fldl 24(%esp) | ||
1080 | fmull 72(%edx) | ||
1081 | faddp %st(0),%st(3) | ||
1082 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1083 | fadd %st(2),%st(0) | ||
1084 | fldl -104(%edx) | ||
1085 | fmull -128(%ecx) | ||
1086 | faddp %st(0),%st(6) | ||
1087 | fldl 0(%esp) | ||
1088 | fmull 112(%edx) | ||
1089 | faddp %st(0),%st(2) | ||
1090 | fldl 16(%esp) | ||
1091 | fmull 88(%edx) | ||
1092 | faddp %st(0),%st(7) | ||
1093 | fldl 32(%esp) | ||
1094 | fmull 64(%edx) | ||
1095 | faddp %st(0),%st(4) | ||
1096 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1097 | fxch %st(4) | ||
1098 | fstpl -104(%edx) | ||
1099 | fxch %st(4) | ||
1100 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1101 | fldl 8(%esp) | ||
1102 | fmull 104(%edx) | ||
1103 | faddp %st(0),%st(5) | ||
1104 | fldl 24(%esp) | ||
1105 | fmull 80(%edx) | ||
1106 | faddp %st(0),%st(6) | ||
1107 | fxch %st(3) | ||
1108 | fadd %st(0),%st(2) | ||
1109 | fsubrp %st(0),%st(1) | ||
1110 | fldl 0(%esp) | ||
1111 | fmull 120(%edx) | ||
1112 | faddp %st(0),%st(3) | ||
1113 | fldl 16(%esp) | ||
1114 | fmull 96(%edx) | ||
1115 | faddp %st(0),%st(4) | ||
1116 | fldl 32(%esp) | ||
1117 | fmull 72(%edx) | ||
1118 | faddp %st(0),%st(5) | ||
1119 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1120 | fadd %st(2),%st(0) | ||
1121 | fldl 8(%esp) | ||
1122 | fmull 112(%edx) | ||
1123 | faddp %st(0),%st(4) | ||
1124 | fldl 24(%esp) | ||
1125 | fmull 88(%edx) | ||
1126 | faddp %st(0),%st(5) | ||
1127 | fldl 40(%esp) | ||
1128 | fmull 64(%edx) | ||
1129 | faddp %st(0),%st(6) | ||
1130 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1131 | fxch %st(1) | ||
1132 | fstpl -16(%edx) | ||
1133 | fldl 16(%esp) | ||
1134 | fmull 104(%edx) | ||
1135 | faddp %st(0),%st(3) | ||
1136 | fldl 32(%esp) | ||
1137 | fmull 80(%edx) | ||
1138 | faddp %st(0),%st(4) | ||
1139 | fadd %st(0),%st(4) | ||
1140 | fsubrp %st(0),%st(1) | ||
1141 | fstpl -8(%edx) | ||
1142 | fldl 24(%esp) | ||
1143 | fmull 96(%edx) | ||
1144 | faddp %st(0),%st(1) | ||
1145 | fldl 40(%esp) | ||
1146 | fmull 72(%edx) | ||
1147 | faddp %st(0),%st(2) | ||
1148 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1149 | fadd %st(3),%st(0) | ||
1150 | fldl 32(%esp) | ||
1151 | fmull 88(%edx) | ||
1152 | faddp %st(0),%st(2) | ||
1153 | fldl 48(%esp) | ||
1154 | fmull 64(%edx) | ||
1155 | faddp %st(0),%st(3) | ||
1156 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1157 | fldl 40(%esp) | ||
1158 | fmull 80(%edx) | ||
1159 | faddp %st(0),%st(2) | ||
1160 | fadd %st(0),%st(2) | ||
1161 | fsubrp %st(0),%st(3) | ||
1162 | fxch %st(2) | ||
1163 | fstpl 0(%edx) | ||
1164 | fldl 48(%esp) | ||
1165 | fmull 72(%edx) | ||
1166 | faddp %st(0),%st(2) | ||
1167 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1168 | fadd %st(1),%st(0) | ||
1169 | fldl -120(%edx) | ||
1170 | fmull 64(%edx) | ||
1171 | faddp %st(0),%st(3) | ||
1172 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1173 | fldl 8(%edx) | ||
1174 | fldl 16(%edx) | ||
1175 | fxch %st(2) | ||
1176 | fadd %st(0),%st(4) | ||
1177 | fsubrp %st(0),%st(3) | ||
1178 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1179 | fadd %st(4),%st(0) | ||
1180 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1181 | fadd %st(0),%st(1) | ||
1182 | fsubrp %st(0),%st(4) | ||
1183 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1184 | fadd %st(1),%st(0) | ||
1185 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1186 | fsubr %st(0),%st(1) | ||
1187 | faddp %st(0),%st(2) | ||
1188 | fxch %st(2) | ||
1189 | fstpl 8(%edx) | ||
1190 | fxch %st(2) | ||
1191 | fstpl 16(%edx) | ||
1192 | fstpl 24(%edx) | ||
1193 | fstpl 32(%edx) | ||
1194 | fldl -40(%ecx) | ||
1195 | fmul %st(0),%st(0) | ||
1196 | fldl -112(%ecx) | ||
1197 | fadd %st(0),%st(0) | ||
1198 | fldl -104(%ecx) | ||
1199 | fadd %st(0),%st(0) | ||
1200 | fldl -96(%ecx) | ||
1201 | fadd %st(0),%st(0) | ||
1202 | fldl -56(%ecx) | ||
1203 | fxch %st(4) | ||
1204 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1205 | fldl -40(%ecx) | ||
1206 | fmul %st(4),%st(0) | ||
1207 | fldl -48(%ecx) | ||
1208 | fmul %st(4),%st(0) | ||
1209 | faddp %st(0),%st(1) | ||
1210 | fxch %st(4) | ||
1211 | fstl 0(%esp) | ||
1212 | fxch %st(3) | ||
1213 | fstl 8(%esp) | ||
1214 | fxch %st(3) | ||
1215 | fmull -48(%ecx) | ||
1216 | faddp %st(0),%st(1) | ||
1217 | fldl -64(%ecx) | ||
1218 | fxch %st(5) | ||
1219 | fmul %st(0),%st(3) | ||
1220 | fxch %st(3) | ||
1221 | faddp %st(0),%st(1) | ||
1222 | fxch %st(2) | ||
1223 | fadd %st(0),%st(0) | ||
1224 | fldl -56(%ecx) | ||
1225 | fmul %st(2),%st(0) | ||
1226 | faddp %st(0),%st(4) | ||
1227 | fxch %st(1) | ||
1228 | fstl 16(%esp) | ||
1229 | fldl -72(%ecx) | ||
1230 | fxch %st(5) | ||
1231 | fmul %st(0),%st(1) | ||
1232 | fxch %st(1) | ||
1233 | faddp %st(0),%st(3) | ||
1234 | fadd %st(0),%st(0) | ||
1235 | fstpl 48(%esp) | ||
1236 | fldl -88(%ecx) | ||
1237 | fadd %st(0),%st(0) | ||
1238 | fstl 24(%esp) | ||
1239 | fldl -64(%ecx) | ||
1240 | fmul %st(1),%st(0) | ||
1241 | faddp %st(0),%st(4) | ||
1242 | fmul %st(4),%st(0) | ||
1243 | faddp %st(0),%st(2) | ||
1244 | fxch %st(3) | ||
1245 | fadd %st(0),%st(0) | ||
1246 | fstpl 40(%esp) | ||
1247 | fldl -80(%ecx) | ||
1248 | fmul %st(0),%st(0) | ||
1249 | faddp %st(0),%st(1) | ||
1250 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1251 | fadd %st(1),%st(0) | ||
1252 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1253 | fsubr %st(0),%st(1) | ||
1254 | fldl 8(%esp) | ||
1255 | fldl -40(%ecx) | ||
1256 | fmul %st(0),%st(1) | ||
1257 | fldl 16(%esp) | ||
1258 | fmul %st(0),%st(1) | ||
1259 | fldl -48(%ecx) | ||
1260 | fmul %st(0),%st(1) | ||
1261 | fxch %st(1) | ||
1262 | faddp %st(0),%st(3) | ||
1263 | fldl 24(%esp) | ||
1264 | fmul %st(0),%st(1) | ||
1265 | fxch %st(1) | ||
1266 | faddp %st(0),%st(2) | ||
1267 | fldl -80(%ecx) | ||
1268 | fadd %st(0),%st(0) | ||
1269 | fstl 32(%esp) | ||
1270 | fmull -72(%ecx) | ||
1271 | faddp %st(0),%st(6) | ||
1272 | fxch %st(3) | ||
1273 | faddp %st(0),%st(5) | ||
1274 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1275 | fadd %st(5),%st(0) | ||
1276 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1277 | fsubr %st(0),%st(5) | ||
1278 | fldl -56(%ecx) | ||
1279 | fmul %st(0),%st(4) | ||
1280 | fxch %st(4) | ||
1281 | faddp %st(0),%st(3) | ||
1282 | fldl 32(%esp) | ||
1283 | fmul %st(0),%st(4) | ||
1284 | fxch %st(4) | ||
1285 | faddp %st(0),%st(2) | ||
1286 | fldl -64(%ecx) | ||
1287 | fmul %st(0),%st(4) | ||
1288 | fxch %st(4) | ||
1289 | faddp %st(0),%st(3) | ||
1290 | fxch %st(3) | ||
1291 | fmull 40(%esp) | ||
1292 | faddp %st(0),%st(1) | ||
1293 | fxch %st(3) | ||
1294 | fstpl -120(%edx) | ||
1295 | fldl -72(%ecx) | ||
1296 | fmul %st(0),%st(0) | ||
1297 | faddp %st(0),%st(1) | ||
1298 | fxch %st(2) | ||
1299 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1300 | fxch %st(3) | ||
1301 | fstpl -112(%edx) | ||
1302 | faddp %st(0),%st(1) | ||
1303 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1304 | fldl 24(%esp) | ||
1305 | fmull -40(%ecx) | ||
1306 | fldl -112(%ecx) | ||
1307 | fmul %st(0),%st(0) | ||
1308 | faddp %st(0),%st(2) | ||
1309 | fldl 32(%esp) | ||
1310 | fmull -48(%ecx) | ||
1311 | faddp %st(0),%st(1) | ||
1312 | fldl 0(%esp) | ||
1313 | fmull -104(%ecx) | ||
1314 | faddp %st(0),%st(3) | ||
1315 | fldl 40(%esp) | ||
1316 | fmull -56(%ecx) | ||
1317 | faddp %st(0),%st(1) | ||
1318 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1319 | fadd %st(2),%st(0) | ||
1320 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1321 | fsubr %st(0),%st(2) | ||
1322 | faddp %st(0),%st(3) | ||
1323 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1324 | fadd %st(3),%st(0) | ||
1325 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1326 | fsubr %st(0),%st(3) | ||
1327 | fldl -64(%ecx) | ||
1328 | fmul %st(0),%st(0) | ||
1329 | faddp %st(0),%st(2) | ||
1330 | fxch %st(1) | ||
1331 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1332 | fldl 0(%esp) | ||
1333 | fmull -96(%ecx) | ||
1334 | faddp %st(0),%st(1) | ||
1335 | fldl -104(%ecx) | ||
1336 | fmul %st(0),%st(0) | ||
1337 | faddp %st(0),%st(1) | ||
1338 | faddp %st(0),%st(1) | ||
1339 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1340 | fadd %st(1),%st(0) | ||
1341 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1342 | fsubr %st(0),%st(1) | ||
1343 | fxch %st(2) | ||
1344 | fstpl 64(%edx) | ||
1345 | fldl 32(%esp) | ||
1346 | fmull -40(%ecx) | ||
1347 | fldl 40(%esp) | ||
1348 | fmull -48(%ecx) | ||
1349 | faddp %st(0),%st(1) | ||
1350 | fldl 48(%esp) | ||
1351 | fmull -56(%ecx) | ||
1352 | faddp %st(0),%st(1) | ||
1353 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1354 | fldl 0(%esp) | ||
1355 | fmull -88(%ecx) | ||
1356 | faddp %st(0),%st(1) | ||
1357 | fldl 8(%esp) | ||
1358 | fmull -96(%ecx) | ||
1359 | faddp %st(0),%st(1) | ||
1360 | faddp %st(0),%st(2) | ||
1361 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1362 | fadd %st(2),%st(0) | ||
1363 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1364 | fsubr %st(0),%st(2) | ||
1365 | fxch %st(3) | ||
1366 | fstpl 72(%edx) | ||
1367 | fldl 40(%esp) | ||
1368 | fmull -40(%ecx) | ||
1369 | fldl 48(%esp) | ||
1370 | fmull -48(%ecx) | ||
1371 | faddp %st(0),%st(1) | ||
1372 | fldl -56(%ecx) | ||
1373 | fmul %st(0),%st(0) | ||
1374 | faddp %st(0),%st(1) | ||
1375 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1376 | fldl 0(%esp) | ||
1377 | fmull -80(%ecx) | ||
1378 | faddp %st(0),%st(1) | ||
1379 | fldl 8(%esp) | ||
1380 | fmull -88(%ecx) | ||
1381 | faddp %st(0),%st(1) | ||
1382 | fldl -96(%ecx) | ||
1383 | fmul %st(0),%st(0) | ||
1384 | faddp %st(0),%st(1) | ||
1385 | faddp %st(0),%st(3) | ||
1386 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1387 | fadd %st(3),%st(0) | ||
1388 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1389 | fsubr %st(0),%st(3) | ||
1390 | fxch %st(1) | ||
1391 | fstpl 80(%edx) | ||
1392 | fldl 48(%esp) | ||
1393 | fldl -40(%ecx) | ||
1394 | fmul %st(0),%st(1) | ||
1395 | fmul %st(5),%st(0) | ||
1396 | fxch %st(5) | ||
1397 | fmull -48(%ecx) | ||
1398 | faddp %st(0),%st(1) | ||
1399 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1400 | fldl 0(%esp) | ||
1401 | fmull -72(%ecx) | ||
1402 | faddp %st(0),%st(1) | ||
1403 | fldl 8(%esp) | ||
1404 | fmull -80(%ecx) | ||
1405 | faddp %st(0),%st(1) | ||
1406 | fldl 16(%esp) | ||
1407 | fmull -88(%ecx) | ||
1408 | faddp %st(0),%st(1) | ||
1409 | faddp %st(0),%st(1) | ||
1410 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1411 | fadd %st(1),%st(0) | ||
1412 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1413 | fsubr %st(0),%st(1) | ||
1414 | fxch %st(2) | ||
1415 | fstpl 88(%edx) | ||
1416 | fldl -48(%ecx) | ||
1417 | fmul %st(0),%st(0) | ||
1418 | faddp %st(0),%st(4) | ||
1419 | fxch %st(3) | ||
1420 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1421 | fldl 0(%esp) | ||
1422 | fmull -64(%ecx) | ||
1423 | faddp %st(0),%st(1) | ||
1424 | fldl 8(%esp) | ||
1425 | fmull -72(%ecx) | ||
1426 | faddp %st(0),%st(1) | ||
1427 | fldl 16(%esp) | ||
1428 | fmull -80(%ecx) | ||
1429 | faddp %st(0),%st(1) | ||
1430 | fldl -88(%ecx) | ||
1431 | fmul %st(0),%st(0) | ||
1432 | faddp %st(0),%st(1) | ||
1433 | faddp %st(0),%st(1) | ||
1434 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1435 | fadd %st(1),%st(0) | ||
1436 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1437 | fsubr %st(0),%st(1) | ||
1438 | fldl -48(%ecx) | ||
1439 | fadd %st(0),%st(0) | ||
1440 | fmull -40(%ecx) | ||
1441 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1442 | fldl 0(%esp) | ||
1443 | fmull -56(%ecx) | ||
1444 | faddp %st(0),%st(1) | ||
1445 | fldl 8(%esp) | ||
1446 | fmull -64(%ecx) | ||
1447 | faddp %st(0),%st(1) | ||
1448 | fldl 16(%esp) | ||
1449 | fmull -72(%ecx) | ||
1450 | faddp %st(0),%st(1) | ||
1451 | fldl 24(%esp) | ||
1452 | fmull -80(%ecx) | ||
1453 | faddp %st(0),%st(1) | ||
1454 | faddp %st(0),%st(1) | ||
1455 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1456 | fadd %st(1),%st(0) | ||
1457 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1458 | fsubr %st(0),%st(1) | ||
1459 | fldl -120(%edx) | ||
1460 | faddp %st(0),%st(1) | ||
1461 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1462 | fadd %st(1),%st(0) | ||
1463 | fldl -112(%edx) | ||
1464 | fxch %st(1) | ||
1465 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1466 | fsubr %st(0),%st(2) | ||
1467 | faddp %st(0),%st(1) | ||
1468 | fxch %st(4) | ||
1469 | fstpl 96(%edx) | ||
1470 | fxch %st(4) | ||
1471 | fstpl 104(%edx) | ||
1472 | fxch %st(1) | ||
1473 | fstpl 112(%edx) | ||
1474 | fstpl 120(%edx) | ||
1475 | fxch %st(1) | ||
1476 | fstpl -128(%ecx) | ||
1477 | fstpl -120(%ecx) | ||
1478 | fldl 40(%ecx) | ||
1479 | fmul %st(0),%st(0) | ||
1480 | fldl -32(%ecx) | ||
1481 | fadd %st(0),%st(0) | ||
1482 | fldl -24(%ecx) | ||
1483 | fadd %st(0),%st(0) | ||
1484 | fldl -16(%ecx) | ||
1485 | fadd %st(0),%st(0) | ||
1486 | fldl 24(%ecx) | ||
1487 | fxch %st(4) | ||
1488 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1489 | fldl 40(%ecx) | ||
1490 | fmul %st(4),%st(0) | ||
1491 | fldl 32(%ecx) | ||
1492 | fmul %st(4),%st(0) | ||
1493 | faddp %st(0),%st(1) | ||
1494 | fxch %st(4) | ||
1495 | fstl 0(%esp) | ||
1496 | fxch %st(3) | ||
1497 | fstl 8(%esp) | ||
1498 | fxch %st(3) | ||
1499 | fmull 32(%ecx) | ||
1500 | faddp %st(0),%st(1) | ||
1501 | fldl 16(%ecx) | ||
1502 | fxch %st(5) | ||
1503 | fmul %st(0),%st(3) | ||
1504 | fxch %st(3) | ||
1505 | faddp %st(0),%st(1) | ||
1506 | fxch %st(2) | ||
1507 | fadd %st(0),%st(0) | ||
1508 | fldl 24(%ecx) | ||
1509 | fmul %st(2),%st(0) | ||
1510 | faddp %st(0),%st(4) | ||
1511 | fxch %st(1) | ||
1512 | fstl 16(%esp) | ||
1513 | fldl 8(%ecx) | ||
1514 | fxch %st(5) | ||
1515 | fmul %st(0),%st(1) | ||
1516 | fxch %st(1) | ||
1517 | faddp %st(0),%st(3) | ||
1518 | fadd %st(0),%st(0) | ||
1519 | fstpl 48(%esp) | ||
1520 | fldl -8(%ecx) | ||
1521 | fadd %st(0),%st(0) | ||
1522 | fstl 24(%esp) | ||
1523 | fldl 16(%ecx) | ||
1524 | fmul %st(1),%st(0) | ||
1525 | faddp %st(0),%st(4) | ||
1526 | fmul %st(4),%st(0) | ||
1527 | faddp %st(0),%st(2) | ||
1528 | fxch %st(3) | ||
1529 | fadd %st(0),%st(0) | ||
1530 | fstpl 40(%esp) | ||
1531 | fldl 0(%ecx) | ||
1532 | fmul %st(0),%st(0) | ||
1533 | faddp %st(0),%st(1) | ||
1534 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1535 | fadd %st(1),%st(0) | ||
1536 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1537 | fsubr %st(0),%st(1) | ||
1538 | fldl 8(%esp) | ||
1539 | fldl 40(%ecx) | ||
1540 | fmul %st(0),%st(1) | ||
1541 | fldl 16(%esp) | ||
1542 | fmul %st(0),%st(1) | ||
1543 | fldl 32(%ecx) | ||
1544 | fmul %st(0),%st(1) | ||
1545 | fxch %st(1) | ||
1546 | faddp %st(0),%st(3) | ||
1547 | fldl 24(%esp) | ||
1548 | fmul %st(0),%st(1) | ||
1549 | fxch %st(1) | ||
1550 | faddp %st(0),%st(2) | ||
1551 | fldl 0(%ecx) | ||
1552 | fadd %st(0),%st(0) | ||
1553 | fstl 32(%esp) | ||
1554 | fmull 8(%ecx) | ||
1555 | faddp %st(0),%st(6) | ||
1556 | fxch %st(3) | ||
1557 | faddp %st(0),%st(5) | ||
1558 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1559 | fadd %st(5),%st(0) | ||
1560 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1561 | fsubr %st(0),%st(5) | ||
1562 | fldl 24(%ecx) | ||
1563 | fmul %st(0),%st(4) | ||
1564 | fxch %st(4) | ||
1565 | faddp %st(0),%st(3) | ||
1566 | fldl 32(%esp) | ||
1567 | fmul %st(0),%st(4) | ||
1568 | fxch %st(4) | ||
1569 | faddp %st(0),%st(2) | ||
1570 | fldl 16(%ecx) | ||
1571 | fmul %st(0),%st(4) | ||
1572 | fxch %st(4) | ||
1573 | faddp %st(0),%st(3) | ||
1574 | fxch %st(3) | ||
1575 | fmull 40(%esp) | ||
1576 | faddp %st(0),%st(1) | ||
1577 | fxch %st(3) | ||
1578 | fstpl -120(%edx) | ||
1579 | fldl 8(%ecx) | ||
1580 | fmul %st(0),%st(0) | ||
1581 | faddp %st(0),%st(1) | ||
1582 | fxch %st(2) | ||
1583 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1584 | fxch %st(3) | ||
1585 | fstpl -112(%edx) | ||
1586 | faddp %st(0),%st(1) | ||
1587 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1588 | fldl 24(%esp) | ||
1589 | fmull 40(%ecx) | ||
1590 | fldl -32(%ecx) | ||
1591 | fmul %st(0),%st(0) | ||
1592 | faddp %st(0),%st(2) | ||
1593 | fldl 32(%esp) | ||
1594 | fmull 32(%ecx) | ||
1595 | faddp %st(0),%st(1) | ||
1596 | fldl 0(%esp) | ||
1597 | fmull -24(%ecx) | ||
1598 | faddp %st(0),%st(3) | ||
1599 | fldl 40(%esp) | ||
1600 | fmull 24(%ecx) | ||
1601 | faddp %st(0),%st(1) | ||
1602 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1603 | fadd %st(2),%st(0) | ||
1604 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1605 | fsubr %st(0),%st(2) | ||
1606 | faddp %st(0),%st(3) | ||
1607 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1608 | fadd %st(3),%st(0) | ||
1609 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1610 | fsubr %st(0),%st(3) | ||
1611 | fldl 16(%ecx) | ||
1612 | fmul %st(0),%st(0) | ||
1613 | faddp %st(0),%st(2) | ||
1614 | fxch %st(1) | ||
1615 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1616 | fldl 0(%esp) | ||
1617 | fmull -16(%ecx) | ||
1618 | faddp %st(0),%st(1) | ||
1619 | fldl -24(%ecx) | ||
1620 | fmul %st(0),%st(0) | ||
1621 | faddp %st(0),%st(1) | ||
1622 | faddp %st(0),%st(1) | ||
1623 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1624 | fadd %st(1),%st(0) | ||
1625 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
1626 | fsubr %st(0),%st(1) | ||
1627 | fxch %st(2) | ||
1628 | fstpl -112(%ecx) | ||
1629 | fldl 32(%esp) | ||
1630 | fmull 40(%ecx) | ||
1631 | fldl 40(%esp) | ||
1632 | fmull 32(%ecx) | ||
1633 | faddp %st(0),%st(1) | ||
1634 | fldl 48(%esp) | ||
1635 | fmull 24(%ecx) | ||
1636 | faddp %st(0),%st(1) | ||
1637 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1638 | fldl 0(%esp) | ||
1639 | fmull -8(%ecx) | ||
1640 | faddp %st(0),%st(1) | ||
1641 | fldl 8(%esp) | ||
1642 | fmull -16(%ecx) | ||
1643 | faddp %st(0),%st(1) | ||
1644 | faddp %st(0),%st(2) | ||
1645 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1646 | fadd %st(2),%st(0) | ||
1647 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
1648 | fsubr %st(0),%st(2) | ||
1649 | fxch %st(3) | ||
1650 | fstpl -104(%ecx) | ||
1651 | fldl 40(%esp) | ||
1652 | fmull 40(%ecx) | ||
1653 | fldl 48(%esp) | ||
1654 | fmull 32(%ecx) | ||
1655 | faddp %st(0),%st(1) | ||
1656 | fldl 24(%ecx) | ||
1657 | fmul %st(0),%st(0) | ||
1658 | faddp %st(0),%st(1) | ||
1659 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1660 | fldl 0(%esp) | ||
1661 | fmull 0(%ecx) | ||
1662 | faddp %st(0),%st(1) | ||
1663 | fldl 8(%esp) | ||
1664 | fmull -8(%ecx) | ||
1665 | faddp %st(0),%st(1) | ||
1666 | fldl -16(%ecx) | ||
1667 | fmul %st(0),%st(0) | ||
1668 | faddp %st(0),%st(1) | ||
1669 | faddp %st(0),%st(3) | ||
1670 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1671 | fadd %st(3),%st(0) | ||
1672 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
1673 | fsubr %st(0),%st(3) | ||
1674 | fxch %st(1) | ||
1675 | fstpl -96(%ecx) | ||
1676 | fldl 48(%esp) | ||
1677 | fldl 40(%ecx) | ||
1678 | fmul %st(0),%st(1) | ||
1679 | fmul %st(5),%st(0) | ||
1680 | fxch %st(5) | ||
1681 | fmull 32(%ecx) | ||
1682 | faddp %st(0),%st(1) | ||
1683 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1684 | fldl 0(%esp) | ||
1685 | fmull 8(%ecx) | ||
1686 | faddp %st(0),%st(1) | ||
1687 | fldl 8(%esp) | ||
1688 | fmull 0(%ecx) | ||
1689 | faddp %st(0),%st(1) | ||
1690 | fldl 16(%esp) | ||
1691 | fmull -8(%ecx) | ||
1692 | faddp %st(0),%st(1) | ||
1693 | faddp %st(0),%st(1) | ||
1694 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1695 | fadd %st(1),%st(0) | ||
1696 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
1697 | fsubr %st(0),%st(1) | ||
1698 | fxch %st(2) | ||
1699 | fstpl -88(%ecx) | ||
1700 | fldl 32(%ecx) | ||
1701 | fmul %st(0),%st(0) | ||
1702 | faddp %st(0),%st(4) | ||
1703 | fxch %st(3) | ||
1704 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1705 | fldl 0(%esp) | ||
1706 | fmull 16(%ecx) | ||
1707 | faddp %st(0),%st(1) | ||
1708 | fldl 8(%esp) | ||
1709 | fmull 8(%ecx) | ||
1710 | faddp %st(0),%st(1) | ||
1711 | fldl 16(%esp) | ||
1712 | fmull 0(%ecx) | ||
1713 | faddp %st(0),%st(1) | ||
1714 | fldl -8(%ecx) | ||
1715 | fmul %st(0),%st(0) | ||
1716 | faddp %st(0),%st(1) | ||
1717 | faddp %st(0),%st(1) | ||
1718 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1719 | fadd %st(1),%st(0) | ||
1720 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
1721 | fsubr %st(0),%st(1) | ||
1722 | fldl 32(%ecx) | ||
1723 | fadd %st(0),%st(0) | ||
1724 | fmull 40(%ecx) | ||
1725 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1726 | fldl 0(%esp) | ||
1727 | fmull 24(%ecx) | ||
1728 | faddp %st(0),%st(1) | ||
1729 | fldl 8(%esp) | ||
1730 | fmull 16(%ecx) | ||
1731 | faddp %st(0),%st(1) | ||
1732 | fldl 16(%esp) | ||
1733 | fmull 8(%ecx) | ||
1734 | faddp %st(0),%st(1) | ||
1735 | fldl 24(%esp) | ||
1736 | fmull 0(%ecx) | ||
1737 | faddp %st(0),%st(1) | ||
1738 | faddp %st(0),%st(1) | ||
1739 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1740 | fadd %st(1),%st(0) | ||
1741 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
1742 | fsubr %st(0),%st(1) | ||
1743 | fldl -120(%edx) | ||
1744 | faddp %st(0),%st(1) | ||
1745 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1746 | fadd %st(1),%st(0) | ||
1747 | fldl -112(%edx) | ||
1748 | fxch %st(1) | ||
1749 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1750 | fsubr %st(0),%st(2) | ||
1751 | faddp %st(0),%st(1) | ||
1752 | fxch %st(4) | ||
1753 | fstpl -80(%ecx) | ||
1754 | fxch %st(4) | ||
1755 | fstpl -72(%ecx) | ||
1756 | fxch %st(1) | ||
1757 | fstpl -64(%ecx) | ||
1758 | fstpl -56(%ecx) | ||
1759 | fxch %st(1) | ||
1760 | fstpl -48(%ecx) | ||
1761 | fstpl -40(%ecx) | ||
1762 | fldl -40(%edx) | ||
1763 | fldl 48(%ecx) | ||
1764 | fadd %st(0),%st(1) | ||
1765 | fsubl -40(%edx) | ||
1766 | fxch %st(1) | ||
1767 | fstpl -120(%edx) | ||
1768 | fstpl -40(%edx) | ||
1769 | fldl -32(%edx) | ||
1770 | fldl 56(%ecx) | ||
1771 | fadd %st(0),%st(1) | ||
1772 | fsubl -32(%edx) | ||
1773 | fxch %st(1) | ||
1774 | fstpl -112(%edx) | ||
1775 | fstpl -32(%edx) | ||
1776 | fldl -104(%edx) | ||
1777 | fldl -24(%edx) | ||
1778 | fadd %st(0),%st(1) | ||
1779 | fsubl -104(%edx) | ||
1780 | fxch %st(1) | ||
1781 | fstpl -104(%edx) | ||
1782 | fstpl -24(%edx) | ||
1783 | fldl -16(%edx) | ||
1784 | fldl -96(%edx) | ||
1785 | fadd %st(0),%st(1) | ||
1786 | fsubl -16(%edx) | ||
1787 | fxch %st(1) | ||
1788 | fstpl -96(%edx) | ||
1789 | fstpl -16(%edx) | ||
1790 | fldl -8(%edx) | ||
1791 | fldl -88(%edx) | ||
1792 | fadd %st(0),%st(1) | ||
1793 | fsubl -8(%edx) | ||
1794 | fxch %st(1) | ||
1795 | fstpl -88(%edx) | ||
1796 | fstpl -8(%edx) | ||
1797 | fldl 0(%edx) | ||
1798 | fldl -80(%edx) | ||
1799 | fadd %st(0),%st(1) | ||
1800 | fsubl 0(%edx) | ||
1801 | fxch %st(1) | ||
1802 | fstpl -80(%edx) | ||
1803 | fstpl 0(%edx) | ||
1804 | fldl 8(%edx) | ||
1805 | fldl -72(%edx) | ||
1806 | fadd %st(0),%st(1) | ||
1807 | fsubl 8(%edx) | ||
1808 | fxch %st(1) | ||
1809 | fstpl -72(%edx) | ||
1810 | fstpl 8(%edx) | ||
1811 | fldl 16(%edx) | ||
1812 | fldl -64(%edx) | ||
1813 | fadd %st(0),%st(1) | ||
1814 | fsubl 16(%edx) | ||
1815 | fxch %st(1) | ||
1816 | fstpl -64(%edx) | ||
1817 | fstpl 16(%edx) | ||
1818 | fldl 24(%edx) | ||
1819 | fldl -56(%edx) | ||
1820 | fadd %st(0),%st(1) | ||
1821 | fsubl 24(%edx) | ||
1822 | fxch %st(1) | ||
1823 | fstpl -56(%edx) | ||
1824 | fstpl 24(%edx) | ||
1825 | fldl 32(%edx) | ||
1826 | fldl -48(%edx) | ||
1827 | fadd %st(0),%st(1) | ||
1828 | fsubl 32(%edx) | ||
1829 | fxch %st(1) | ||
1830 | fstpl -48(%edx) | ||
1831 | fstpl 32(%edx) | ||
1832 | fldl 64(%edx) | ||
1833 | fsubl -112(%ecx) | ||
1834 | fstpl -32(%ecx) | ||
1835 | fldl 72(%edx) | ||
1836 | fsubl -104(%ecx) | ||
1837 | fstpl -24(%ecx) | ||
1838 | fldl 80(%edx) | ||
1839 | fsubl -96(%ecx) | ||
1840 | fstpl -16(%ecx) | ||
1841 | fldl 88(%edx) | ||
1842 | fsubl -88(%ecx) | ||
1843 | fstpl -8(%ecx) | ||
1844 | fldl 96(%edx) | ||
1845 | fsubl -80(%ecx) | ||
1846 | fstpl 0(%ecx) | ||
1847 | fldl 104(%edx) | ||
1848 | fsubl -72(%ecx) | ||
1849 | fstpl 8(%ecx) | ||
1850 | fldl 112(%edx) | ||
1851 | fsubl -64(%ecx) | ||
1852 | fstpl 16(%ecx) | ||
1853 | fldl 120(%edx) | ||
1854 | fsubl -56(%ecx) | ||
1855 | fstpl 24(%ecx) | ||
1856 | fldl -128(%ecx) | ||
1857 | fsubl -48(%ecx) | ||
1858 | fstpl 32(%ecx) | ||
1859 | fldl -120(%ecx) | ||
1860 | fsubl -40(%ecx) | ||
1861 | fstpl 40(%ecx) | ||
1862 | fldl -48(%edx) | ||
1863 | fmul %st(0),%st(0) | ||
1864 | fldl -120(%edx) | ||
1865 | fadd %st(0),%st(0) | ||
1866 | fldl -112(%edx) | ||
1867 | fadd %st(0),%st(0) | ||
1868 | fldl -104(%edx) | ||
1869 | fadd %st(0),%st(0) | ||
1870 | fldl -64(%edx) | ||
1871 | fxch %st(4) | ||
1872 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1873 | fldl -48(%edx) | ||
1874 | fmul %st(4),%st(0) | ||
1875 | fldl -56(%edx) | ||
1876 | fmul %st(4),%st(0) | ||
1877 | faddp %st(0),%st(1) | ||
1878 | fxch %st(4) | ||
1879 | fstl 0(%esp) | ||
1880 | fxch %st(3) | ||
1881 | fstl 8(%esp) | ||
1882 | fxch %st(3) | ||
1883 | fmull -56(%edx) | ||
1884 | faddp %st(0),%st(1) | ||
1885 | fldl -72(%edx) | ||
1886 | fxch %st(5) | ||
1887 | fmul %st(0),%st(3) | ||
1888 | fxch %st(3) | ||
1889 | faddp %st(0),%st(1) | ||
1890 | fxch %st(2) | ||
1891 | fadd %st(0),%st(0) | ||
1892 | fldl -64(%edx) | ||
1893 | fmul %st(2),%st(0) | ||
1894 | faddp %st(0),%st(4) | ||
1895 | fxch %st(1) | ||
1896 | fstl 16(%esp) | ||
1897 | fldl -80(%edx) | ||
1898 | fxch %st(5) | ||
1899 | fmul %st(0),%st(1) | ||
1900 | fxch %st(1) | ||
1901 | faddp %st(0),%st(3) | ||
1902 | fadd %st(0),%st(0) | ||
1903 | fstpl 48(%esp) | ||
1904 | fldl -96(%edx) | ||
1905 | fadd %st(0),%st(0) | ||
1906 | fstl 24(%esp) | ||
1907 | fldl -72(%edx) | ||
1908 | fmul %st(1),%st(0) | ||
1909 | faddp %st(0),%st(4) | ||
1910 | fmul %st(4),%st(0) | ||
1911 | faddp %st(0),%st(2) | ||
1912 | fxch %st(3) | ||
1913 | fadd %st(0),%st(0) | ||
1914 | fstpl 40(%esp) | ||
1915 | fldl -88(%edx) | ||
1916 | fmul %st(0),%st(0) | ||
1917 | faddp %st(0),%st(1) | ||
1918 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1919 | fadd %st(1),%st(0) | ||
1920 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
1921 | fsubr %st(0),%st(1) | ||
1922 | fldl 8(%esp) | ||
1923 | fldl -48(%edx) | ||
1924 | fmul %st(0),%st(1) | ||
1925 | fldl 16(%esp) | ||
1926 | fmul %st(0),%st(1) | ||
1927 | fldl -56(%edx) | ||
1928 | fmul %st(0),%st(1) | ||
1929 | fxch %st(1) | ||
1930 | faddp %st(0),%st(3) | ||
1931 | fldl 24(%esp) | ||
1932 | fmul %st(0),%st(1) | ||
1933 | fxch %st(1) | ||
1934 | faddp %st(0),%st(2) | ||
1935 | fldl -88(%edx) | ||
1936 | fadd %st(0),%st(0) | ||
1937 | fstl 32(%esp) | ||
1938 | fmull -80(%edx) | ||
1939 | faddp %st(0),%st(6) | ||
1940 | fxch %st(3) | ||
1941 | faddp %st(0),%st(5) | ||
1942 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1943 | fadd %st(5),%st(0) | ||
1944 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
1945 | fsubr %st(0),%st(5) | ||
1946 | fldl -64(%edx) | ||
1947 | fmul %st(0),%st(4) | ||
1948 | fxch %st(4) | ||
1949 | faddp %st(0),%st(3) | ||
1950 | fldl 32(%esp) | ||
1951 | fmul %st(0),%st(4) | ||
1952 | fxch %st(4) | ||
1953 | faddp %st(0),%st(2) | ||
1954 | fldl -72(%edx) | ||
1955 | fmul %st(0),%st(4) | ||
1956 | fxch %st(4) | ||
1957 | faddp %st(0),%st(3) | ||
1958 | fxch %st(3) | ||
1959 | fmull 40(%esp) | ||
1960 | faddp %st(0),%st(1) | ||
1961 | fxch %st(3) | ||
1962 | fstpl 48(%edx) | ||
1963 | fldl -80(%edx) | ||
1964 | fmul %st(0),%st(0) | ||
1965 | faddp %st(0),%st(1) | ||
1966 | fxch %st(2) | ||
1967 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1968 | fxch %st(3) | ||
1969 | fstpl 56(%edx) | ||
1970 | faddp %st(0),%st(1) | ||
1971 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
1972 | fldl 24(%esp) | ||
1973 | fmull -48(%edx) | ||
1974 | fldl -120(%edx) | ||
1975 | fmul %st(0),%st(0) | ||
1976 | faddp %st(0),%st(2) | ||
1977 | fldl 32(%esp) | ||
1978 | fmull -56(%edx) | ||
1979 | faddp %st(0),%st(1) | ||
1980 | fldl 0(%esp) | ||
1981 | fmull -112(%edx) | ||
1982 | faddp %st(0),%st(3) | ||
1983 | fldl 40(%esp) | ||
1984 | fmull -64(%edx) | ||
1985 | faddp %st(0),%st(1) | ||
1986 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1987 | fadd %st(2),%st(0) | ||
1988 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
1989 | fsubr %st(0),%st(2) | ||
1990 | faddp %st(0),%st(3) | ||
1991 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1992 | fadd %st(3),%st(0) | ||
1993 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
1994 | fsubr %st(0),%st(3) | ||
1995 | fldl -72(%edx) | ||
1996 | fmul %st(0),%st(0) | ||
1997 | faddp %st(0),%st(2) | ||
1998 | fxch %st(1) | ||
1999 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2000 | fldl 0(%esp) | ||
2001 | fmull -104(%edx) | ||
2002 | faddp %st(0),%st(1) | ||
2003 | fldl -112(%edx) | ||
2004 | fmul %st(0),%st(0) | ||
2005 | faddp %st(0),%st(1) | ||
2006 | faddp %st(0),%st(1) | ||
2007 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2008 | fadd %st(1),%st(0) | ||
2009 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2010 | fsubr %st(0),%st(1) | ||
2011 | fxch %st(2) | ||
2012 | fstpl -120(%edx) | ||
2013 | fldl 32(%esp) | ||
2014 | fmull -48(%edx) | ||
2015 | fldl 40(%esp) | ||
2016 | fmull -56(%edx) | ||
2017 | faddp %st(0),%st(1) | ||
2018 | fldl 48(%esp) | ||
2019 | fmull -64(%edx) | ||
2020 | faddp %st(0),%st(1) | ||
2021 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2022 | fldl 0(%esp) | ||
2023 | fmull -96(%edx) | ||
2024 | faddp %st(0),%st(1) | ||
2025 | fldl 8(%esp) | ||
2026 | fmull -104(%edx) | ||
2027 | faddp %st(0),%st(1) | ||
2028 | faddp %st(0),%st(2) | ||
2029 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2030 | fadd %st(2),%st(0) | ||
2031 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2032 | fsubr %st(0),%st(2) | ||
2033 | fxch %st(3) | ||
2034 | fstpl -112(%edx) | ||
2035 | fldl 40(%esp) | ||
2036 | fmull -48(%edx) | ||
2037 | fldl 48(%esp) | ||
2038 | fmull -56(%edx) | ||
2039 | faddp %st(0),%st(1) | ||
2040 | fldl -64(%edx) | ||
2041 | fmul %st(0),%st(0) | ||
2042 | faddp %st(0),%st(1) | ||
2043 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2044 | fldl 0(%esp) | ||
2045 | fmull -88(%edx) | ||
2046 | faddp %st(0),%st(1) | ||
2047 | fldl 8(%esp) | ||
2048 | fmull -96(%edx) | ||
2049 | faddp %st(0),%st(1) | ||
2050 | fldl -104(%edx) | ||
2051 | fmul %st(0),%st(0) | ||
2052 | faddp %st(0),%st(1) | ||
2053 | faddp %st(0),%st(3) | ||
2054 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2055 | fadd %st(3),%st(0) | ||
2056 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2057 | fsubr %st(0),%st(3) | ||
2058 | fxch %st(1) | ||
2059 | fstpl -104(%edx) | ||
2060 | fldl 48(%esp) | ||
2061 | fldl -48(%edx) | ||
2062 | fmul %st(0),%st(1) | ||
2063 | fmul %st(5),%st(0) | ||
2064 | fxch %st(5) | ||
2065 | fmull -56(%edx) | ||
2066 | faddp %st(0),%st(1) | ||
2067 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2068 | fldl 0(%esp) | ||
2069 | fmull -80(%edx) | ||
2070 | faddp %st(0),%st(1) | ||
2071 | fldl 8(%esp) | ||
2072 | fmull -88(%edx) | ||
2073 | faddp %st(0),%st(1) | ||
2074 | fldl 16(%esp) | ||
2075 | fmull -96(%edx) | ||
2076 | faddp %st(0),%st(1) | ||
2077 | faddp %st(0),%st(1) | ||
2078 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2079 | fadd %st(1),%st(0) | ||
2080 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2081 | fsubr %st(0),%st(1) | ||
2082 | fxch %st(2) | ||
2083 | fstpl 40(%edx) | ||
2084 | fldl -56(%edx) | ||
2085 | fmul %st(0),%st(0) | ||
2086 | faddp %st(0),%st(4) | ||
2087 | fxch %st(3) | ||
2088 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2089 | fldl 0(%esp) | ||
2090 | fmull -72(%edx) | ||
2091 | faddp %st(0),%st(1) | ||
2092 | fldl 8(%esp) | ||
2093 | fmull -80(%edx) | ||
2094 | faddp %st(0),%st(1) | ||
2095 | fldl 16(%esp) | ||
2096 | fmull -88(%edx) | ||
2097 | faddp %st(0),%st(1) | ||
2098 | fldl -96(%edx) | ||
2099 | fmul %st(0),%st(0) | ||
2100 | faddp %st(0),%st(1) | ||
2101 | faddp %st(0),%st(1) | ||
2102 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2103 | fadd %st(1),%st(0) | ||
2104 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2105 | fsubr %st(0),%st(1) | ||
2106 | fldl -56(%edx) | ||
2107 | fadd %st(0),%st(0) | ||
2108 | fmull -48(%edx) | ||
2109 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2110 | fldl 0(%esp) | ||
2111 | fmull -64(%edx) | ||
2112 | faddp %st(0),%st(1) | ||
2113 | fldl 8(%esp) | ||
2114 | fmull -72(%edx) | ||
2115 | faddp %st(0),%st(1) | ||
2116 | fldl 16(%esp) | ||
2117 | fmull -80(%edx) | ||
2118 | faddp %st(0),%st(1) | ||
2119 | fldl 24(%esp) | ||
2120 | fmull -88(%edx) | ||
2121 | faddp %st(0),%st(1) | ||
2122 | faddp %st(0),%st(1) | ||
2123 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2124 | fadd %st(1),%st(0) | ||
2125 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2126 | fsubr %st(0),%st(1) | ||
2127 | fldl 48(%edx) | ||
2128 | faddp %st(0),%st(1) | ||
2129 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2130 | fadd %st(1),%st(0) | ||
2131 | fldl 56(%edx) | ||
2132 | fxch %st(1) | ||
2133 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2134 | fsubr %st(0),%st(2) | ||
2135 | faddp %st(0),%st(1) | ||
2136 | fxch %st(4) | ||
2137 | fstpl -96(%edx) | ||
2138 | fxch %st(4) | ||
2139 | fstpl -88(%edx) | ||
2140 | fxch %st(1) | ||
2141 | fstpl -80(%edx) | ||
2142 | fstpl -72(%edx) | ||
2143 | fxch %st(1) | ||
2144 | fstpl -64(%edx) | ||
2145 | fstpl -56(%edx) | ||
2146 | fldl 32(%edx) | ||
2147 | fmul %st(0),%st(0) | ||
2148 | fldl -40(%edx) | ||
2149 | fadd %st(0),%st(0) | ||
2150 | fldl -32(%edx) | ||
2151 | fadd %st(0),%st(0) | ||
2152 | fldl -24(%edx) | ||
2153 | fadd %st(0),%st(0) | ||
2154 | fldl 16(%edx) | ||
2155 | fxch %st(4) | ||
2156 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2157 | fldl 32(%edx) | ||
2158 | fmul %st(4),%st(0) | ||
2159 | fldl 24(%edx) | ||
2160 | fmul %st(4),%st(0) | ||
2161 | faddp %st(0),%st(1) | ||
2162 | fxch %st(4) | ||
2163 | fstl 0(%esp) | ||
2164 | fxch %st(3) | ||
2165 | fstl 8(%esp) | ||
2166 | fxch %st(3) | ||
2167 | fmull 24(%edx) | ||
2168 | faddp %st(0),%st(1) | ||
2169 | fldl 8(%edx) | ||
2170 | fxch %st(5) | ||
2171 | fmul %st(0),%st(3) | ||
2172 | fxch %st(3) | ||
2173 | faddp %st(0),%st(1) | ||
2174 | fxch %st(2) | ||
2175 | fadd %st(0),%st(0) | ||
2176 | fldl 16(%edx) | ||
2177 | fmul %st(2),%st(0) | ||
2178 | faddp %st(0),%st(4) | ||
2179 | fxch %st(1) | ||
2180 | fstl 16(%esp) | ||
2181 | fldl 0(%edx) | ||
2182 | fxch %st(5) | ||
2183 | fmul %st(0),%st(1) | ||
2184 | fxch %st(1) | ||
2185 | faddp %st(0),%st(3) | ||
2186 | fadd %st(0),%st(0) | ||
2187 | fstpl 48(%esp) | ||
2188 | fldl -16(%edx) | ||
2189 | fadd %st(0),%st(0) | ||
2190 | fstl 24(%esp) | ||
2191 | fldl 8(%edx) | ||
2192 | fmul %st(1),%st(0) | ||
2193 | faddp %st(0),%st(4) | ||
2194 | fmul %st(4),%st(0) | ||
2195 | faddp %st(0),%st(2) | ||
2196 | fxch %st(3) | ||
2197 | fadd %st(0),%st(0) | ||
2198 | fstpl 40(%esp) | ||
2199 | fldl -8(%edx) | ||
2200 | fmul %st(0),%st(0) | ||
2201 | faddp %st(0),%st(1) | ||
2202 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2203 | fadd %st(1),%st(0) | ||
2204 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2205 | fsubr %st(0),%st(1) | ||
2206 | fldl 8(%esp) | ||
2207 | fldl 32(%edx) | ||
2208 | fmul %st(0),%st(1) | ||
2209 | fldl 16(%esp) | ||
2210 | fmul %st(0),%st(1) | ||
2211 | fldl 24(%edx) | ||
2212 | fmul %st(0),%st(1) | ||
2213 | fxch %st(1) | ||
2214 | faddp %st(0),%st(3) | ||
2215 | fldl 24(%esp) | ||
2216 | fmul %st(0),%st(1) | ||
2217 | fxch %st(1) | ||
2218 | faddp %st(0),%st(2) | ||
2219 | fldl -8(%edx) | ||
2220 | fadd %st(0),%st(0) | ||
2221 | fstl 32(%esp) | ||
2222 | fmull 0(%edx) | ||
2223 | faddp %st(0),%st(6) | ||
2224 | fxch %st(3) | ||
2225 | faddp %st(0),%st(5) | ||
2226 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2227 | fadd %st(5),%st(0) | ||
2228 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2229 | fsubr %st(0),%st(5) | ||
2230 | fldl 16(%edx) | ||
2231 | fmul %st(0),%st(4) | ||
2232 | fxch %st(4) | ||
2233 | faddp %st(0),%st(3) | ||
2234 | fldl 32(%esp) | ||
2235 | fmul %st(0),%st(4) | ||
2236 | fxch %st(4) | ||
2237 | faddp %st(0),%st(2) | ||
2238 | fldl 8(%edx) | ||
2239 | fmul %st(0),%st(4) | ||
2240 | fxch %st(4) | ||
2241 | faddp %st(0),%st(3) | ||
2242 | fxch %st(3) | ||
2243 | fmull 40(%esp) | ||
2244 | faddp %st(0),%st(1) | ||
2245 | fxch %st(3) | ||
2246 | fstpl -48(%edx) | ||
2247 | fldl 0(%edx) | ||
2248 | fmul %st(0),%st(0) | ||
2249 | faddp %st(0),%st(1) | ||
2250 | fxch %st(2) | ||
2251 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2252 | fxch %st(3) | ||
2253 | fstpl 48(%edx) | ||
2254 | faddp %st(0),%st(1) | ||
2255 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2256 | fldl 24(%esp) | ||
2257 | fmull 32(%edx) | ||
2258 | fldl -40(%edx) | ||
2259 | fmul %st(0),%st(0) | ||
2260 | faddp %st(0),%st(2) | ||
2261 | fldl 32(%esp) | ||
2262 | fmull 24(%edx) | ||
2263 | faddp %st(0),%st(1) | ||
2264 | fldl 0(%esp) | ||
2265 | fmull -32(%edx) | ||
2266 | faddp %st(0),%st(3) | ||
2267 | fldl 40(%esp) | ||
2268 | fmull 16(%edx) | ||
2269 | faddp %st(0),%st(1) | ||
2270 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2271 | fadd %st(2),%st(0) | ||
2272 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2273 | fsubr %st(0),%st(2) | ||
2274 | faddp %st(0),%st(3) | ||
2275 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2276 | fadd %st(3),%st(0) | ||
2277 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2278 | fsubr %st(0),%st(3) | ||
2279 | fldl 8(%edx) | ||
2280 | fmul %st(0),%st(0) | ||
2281 | faddp %st(0),%st(2) | ||
2282 | fxch %st(1) | ||
2283 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2284 | fldl 0(%esp) | ||
2285 | fmull -24(%edx) | ||
2286 | faddp %st(0),%st(1) | ||
2287 | fldl -32(%edx) | ||
2288 | fmul %st(0),%st(0) | ||
2289 | faddp %st(0),%st(1) | ||
2290 | faddp %st(0),%st(1) | ||
2291 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2292 | fadd %st(1),%st(0) | ||
2293 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2294 | fsubr %st(0),%st(1) | ||
2295 | fxch %st(2) | ||
2296 | fstpl 56(%ecx) | ||
2297 | fldl 32(%esp) | ||
2298 | fmull 32(%edx) | ||
2299 | fldl 40(%esp) | ||
2300 | fmull 24(%edx) | ||
2301 | faddp %st(0),%st(1) | ||
2302 | fldl 48(%esp) | ||
2303 | fmull 16(%edx) | ||
2304 | faddp %st(0),%st(1) | ||
2305 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2306 | fldl 0(%esp) | ||
2307 | fmull -16(%edx) | ||
2308 | faddp %st(0),%st(1) | ||
2309 | fldl 8(%esp) | ||
2310 | fmull -24(%edx) | ||
2311 | faddp %st(0),%st(1) | ||
2312 | faddp %st(0),%st(2) | ||
2313 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2314 | fadd %st(2),%st(0) | ||
2315 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2316 | fsubr %st(0),%st(2) | ||
2317 | fxch %st(3) | ||
2318 | fstpl 64(%ecx) | ||
2319 | fldl 40(%esp) | ||
2320 | fmull 32(%edx) | ||
2321 | fldl 48(%esp) | ||
2322 | fmull 24(%edx) | ||
2323 | faddp %st(0),%st(1) | ||
2324 | fldl 16(%edx) | ||
2325 | fmul %st(0),%st(0) | ||
2326 | faddp %st(0),%st(1) | ||
2327 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2328 | fldl 0(%esp) | ||
2329 | fmull -8(%edx) | ||
2330 | faddp %st(0),%st(1) | ||
2331 | fldl 8(%esp) | ||
2332 | fmull -16(%edx) | ||
2333 | faddp %st(0),%st(1) | ||
2334 | fldl -24(%edx) | ||
2335 | fmul %st(0),%st(0) | ||
2336 | faddp %st(0),%st(1) | ||
2337 | faddp %st(0),%st(3) | ||
2338 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2339 | fadd %st(3),%st(0) | ||
2340 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2341 | fsubr %st(0),%st(3) | ||
2342 | fxch %st(1) | ||
2343 | fstpl 72(%ecx) | ||
2344 | fldl 48(%esp) | ||
2345 | fldl 32(%edx) | ||
2346 | fmul %st(0),%st(1) | ||
2347 | fmul %st(5),%st(0) | ||
2348 | fxch %st(5) | ||
2349 | fmull 24(%edx) | ||
2350 | faddp %st(0),%st(1) | ||
2351 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2352 | fldl 0(%esp) | ||
2353 | fmull 0(%edx) | ||
2354 | faddp %st(0),%st(1) | ||
2355 | fldl 8(%esp) | ||
2356 | fmull -8(%edx) | ||
2357 | faddp %st(0),%st(1) | ||
2358 | fldl 16(%esp) | ||
2359 | fmull -16(%edx) | ||
2360 | faddp %st(0),%st(1) | ||
2361 | faddp %st(0),%st(1) | ||
2362 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2363 | fadd %st(1),%st(0) | ||
2364 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2365 | fsubr %st(0),%st(1) | ||
2366 | fxch %st(2) | ||
2367 | fstpl 80(%ecx) | ||
2368 | fldl 24(%edx) | ||
2369 | fmul %st(0),%st(0) | ||
2370 | faddp %st(0),%st(4) | ||
2371 | fxch %st(3) | ||
2372 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2373 | fldl 0(%esp) | ||
2374 | fmull 8(%edx) | ||
2375 | faddp %st(0),%st(1) | ||
2376 | fldl 8(%esp) | ||
2377 | fmull 0(%edx) | ||
2378 | faddp %st(0),%st(1) | ||
2379 | fldl 16(%esp) | ||
2380 | fmull -8(%edx) | ||
2381 | faddp %st(0),%st(1) | ||
2382 | fldl -16(%edx) | ||
2383 | fmul %st(0),%st(0) | ||
2384 | faddp %st(0),%st(1) | ||
2385 | faddp %st(0),%st(1) | ||
2386 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2387 | fadd %st(1),%st(0) | ||
2388 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2389 | fsubr %st(0),%st(1) | ||
2390 | fldl 24(%edx) | ||
2391 | fadd %st(0),%st(0) | ||
2392 | fmull 32(%edx) | ||
2393 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2394 | fldl 0(%esp) | ||
2395 | fmull 16(%edx) | ||
2396 | faddp %st(0),%st(1) | ||
2397 | fldl 8(%esp) | ||
2398 | fmull 8(%edx) | ||
2399 | faddp %st(0),%st(1) | ||
2400 | fldl 16(%esp) | ||
2401 | fmull 0(%edx) | ||
2402 | faddp %st(0),%st(1) | ||
2403 | fldl 24(%esp) | ||
2404 | fmull -8(%edx) | ||
2405 | faddp %st(0),%st(1) | ||
2406 | faddp %st(0),%st(1) | ||
2407 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2408 | fadd %st(1),%st(0) | ||
2409 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2410 | fsubr %st(0),%st(1) | ||
2411 | fldl -48(%edx) | ||
2412 | faddp %st(0),%st(1) | ||
2413 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2414 | fadd %st(1),%st(0) | ||
2415 | fldl 48(%edx) | ||
2416 | fxch %st(1) | ||
2417 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2418 | fsubr %st(0),%st(2) | ||
2419 | faddp %st(0),%st(1) | ||
2420 | fxch %st(4) | ||
2421 | fstpl 88(%ecx) | ||
2422 | fxch %st(4) | ||
2423 | fstpl 96(%ecx) | ||
2424 | fxch %st(1) | ||
2425 | fstpl 104(%ecx) | ||
2426 | fstpl 112(%ecx) | ||
2427 | fxch %st(1) | ||
2428 | fstpl 120(%ecx) | ||
2429 | fstpl 128(%ecx) | ||
2430 | fldl 32(%ecx) | ||
2431 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2432 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2433 | fadd %st(1),%st(0) | ||
2434 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2435 | fldl 40(%ecx) | ||
2436 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2437 | fadd %st(1),%st(0) | ||
2438 | fxch %st(1) | ||
2439 | fsubrp %st(0),%st(2) | ||
2440 | fxch %st(1) | ||
2441 | fstpl 0(%esp) | ||
2442 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2443 | fadd %st(1),%st(0) | ||
2444 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2445 | fsubr %st(0),%st(1) | ||
2446 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2447 | fxch %st(1) | ||
2448 | fstpl 8(%esp) | ||
2449 | fldl -32(%ecx) | ||
2450 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2451 | faddp %st(0),%st(1) | ||
2452 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2453 | fadd %st(1),%st(0) | ||
2454 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2455 | fldl -24(%ecx) | ||
2456 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2457 | fadd %st(1),%st(0) | ||
2458 | fxch %st(1) | ||
2459 | fsubrp %st(0),%st(2) | ||
2460 | fxch %st(1) | ||
2461 | fstpl -48(%edx) | ||
2462 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2463 | fadd %st(1),%st(0) | ||
2464 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2465 | fldl -16(%ecx) | ||
2466 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2467 | fadd %st(1),%st(0) | ||
2468 | fxch %st(1) | ||
2469 | fsubrp %st(0),%st(2) | ||
2470 | fxch %st(1) | ||
2471 | fstpl -40(%edx) | ||
2472 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2473 | fadd %st(1),%st(0) | ||
2474 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2475 | fldl -8(%ecx) | ||
2476 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2477 | fadd %st(1),%st(0) | ||
2478 | fxch %st(1) | ||
2479 | fsubrp %st(0),%st(2) | ||
2480 | fxch %st(1) | ||
2481 | fstpl -32(%edx) | ||
2482 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2483 | fadd %st(1),%st(0) | ||
2484 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2485 | fldl 0(%ecx) | ||
2486 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2487 | fadd %st(1),%st(0) | ||
2488 | fxch %st(1) | ||
2489 | fsubrp %st(0),%st(2) | ||
2490 | fxch %st(1) | ||
2491 | fstpl -24(%edx) | ||
2492 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2493 | fadd %st(1),%st(0) | ||
2494 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2495 | fldl 8(%ecx) | ||
2496 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2497 | fadd %st(1),%st(0) | ||
2498 | fxch %st(1) | ||
2499 | fsubrp %st(0),%st(2) | ||
2500 | fxch %st(1) | ||
2501 | fstpl -16(%edx) | ||
2502 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2503 | fadd %st(1),%st(0) | ||
2504 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2505 | fldl 16(%ecx) | ||
2506 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2507 | fadd %st(1),%st(0) | ||
2508 | fxch %st(1) | ||
2509 | fsubrp %st(0),%st(2) | ||
2510 | fxch %st(1) | ||
2511 | fstpl -8(%edx) | ||
2512 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2513 | fadd %st(1),%st(0) | ||
2514 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2515 | fldl 24(%ecx) | ||
2516 | fmull crypto_scalarmult_curve25519_athlon_121665 | ||
2517 | fadd %st(1),%st(0) | ||
2518 | fxch %st(1) | ||
2519 | fsubrp %st(0),%st(2) | ||
2520 | fxch %st(1) | ||
2521 | fstpl 0(%edx) | ||
2522 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2523 | fadd %st(1),%st(0) | ||
2524 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2525 | fldl 0(%esp) | ||
2526 | fadd %st(1),%st(0) | ||
2527 | fxch %st(1) | ||
2528 | fsubrp %st(0),%st(2) | ||
2529 | fxch %st(1) | ||
2530 | fstpl 8(%edx) | ||
2531 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2532 | fadd %st(1),%st(0) | ||
2533 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2534 | fldl 8(%esp) | ||
2535 | fadd %st(1),%st(0) | ||
2536 | fxch %st(1) | ||
2537 | fsubrp %st(0),%st(2) | ||
2538 | fxch %st(1) | ||
2539 | fstpl 16(%edx) | ||
2540 | fstpl 48(%ecx) | ||
2541 | fldl -120(%ecx) | ||
2542 | fmull -40(%ecx) | ||
2543 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2544 | fldl 64(%edx) | ||
2545 | fmull -48(%ecx) | ||
2546 | faddp %st(0),%st(1) | ||
2547 | fldl 72(%edx) | ||
2548 | fmull -56(%ecx) | ||
2549 | faddp %st(0),%st(1) | ||
2550 | fldl 64(%edx) | ||
2551 | fmull -40(%ecx) | ||
2552 | fldl 80(%edx) | ||
2553 | fmull -64(%ecx) | ||
2554 | faddp %st(0),%st(2) | ||
2555 | fldl 72(%edx) | ||
2556 | fmull -48(%ecx) | ||
2557 | faddp %st(0),%st(1) | ||
2558 | fldl 88(%edx) | ||
2559 | fmull -72(%ecx) | ||
2560 | faddp %st(0),%st(2) | ||
2561 | fldl 80(%edx) | ||
2562 | fmull -56(%ecx) | ||
2563 | faddp %st(0),%st(1) | ||
2564 | fldl 96(%edx) | ||
2565 | fmull -80(%ecx) | ||
2566 | faddp %st(0),%st(2) | ||
2567 | fldl 88(%edx) | ||
2568 | fmull -64(%ecx) | ||
2569 | faddp %st(0),%st(1) | ||
2570 | fldl 72(%edx) | ||
2571 | fmull -40(%ecx) | ||
2572 | fldl 104(%edx) | ||
2573 | fmull -88(%ecx) | ||
2574 | faddp %st(0),%st(3) | ||
2575 | fldl 96(%edx) | ||
2576 | fmull -72(%ecx) | ||
2577 | faddp %st(0),%st(2) | ||
2578 | fldl 80(%edx) | ||
2579 | fmull -48(%ecx) | ||
2580 | faddp %st(0),%st(1) | ||
2581 | fldl 112(%edx) | ||
2582 | fmull -96(%ecx) | ||
2583 | faddp %st(0),%st(3) | ||
2584 | fldl 104(%edx) | ||
2585 | fmull -80(%ecx) | ||
2586 | faddp %st(0),%st(2) | ||
2587 | fldl 88(%edx) | ||
2588 | fmull -56(%ecx) | ||
2589 | faddp %st(0),%st(1) | ||
2590 | fldl 120(%edx) | ||
2591 | fmull -104(%ecx) | ||
2592 | faddp %st(0),%st(3) | ||
2593 | fldl 112(%edx) | ||
2594 | fmull -88(%ecx) | ||
2595 | faddp %st(0),%st(2) | ||
2596 | fldl 96(%edx) | ||
2597 | fmull -64(%ecx) | ||
2598 | faddp %st(0),%st(1) | ||
2599 | fldl -128(%ecx) | ||
2600 | fmull -112(%ecx) | ||
2601 | faddp %st(0),%st(3) | ||
2602 | fldl 120(%edx) | ||
2603 | fmull -96(%ecx) | ||
2604 | faddp %st(0),%st(2) | ||
2605 | fldl 104(%edx) | ||
2606 | fmull -72(%ecx) | ||
2607 | faddp %st(0),%st(1) | ||
2608 | fldl 80(%edx) | ||
2609 | fmull -40(%ecx) | ||
2610 | fldl 112(%edx) | ||
2611 | fmull -80(%ecx) | ||
2612 | faddp %st(0),%st(2) | ||
2613 | fldl -128(%ecx) | ||
2614 | fmull -104(%ecx) | ||
2615 | faddp %st(0),%st(3) | ||
2616 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2617 | fadd %st(4),%st(0) | ||
2618 | fldl 88(%edx) | ||
2619 | fmull -48(%ecx) | ||
2620 | faddp %st(0),%st(2) | ||
2621 | fldl 120(%edx) | ||
2622 | fmull -88(%ecx) | ||
2623 | faddp %st(0),%st(3) | ||
2624 | fldl -120(%ecx) | ||
2625 | fmull -112(%ecx) | ||
2626 | faddp %st(0),%st(4) | ||
2627 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2628 | fldl 96(%edx) | ||
2629 | fmull -56(%ecx) | ||
2630 | faddp %st(0),%st(2) | ||
2631 | fldl 88(%edx) | ||
2632 | fmull -40(%ecx) | ||
2633 | fldl -128(%ecx) | ||
2634 | fmull -96(%ecx) | ||
2635 | faddp %st(0),%st(4) | ||
2636 | fxch %st(1) | ||
2637 | fadd %st(0),%st(4) | ||
2638 | fldl 104(%edx) | ||
2639 | fmull -64(%ecx) | ||
2640 | faddp %st(0),%st(3) | ||
2641 | fldl 96(%edx) | ||
2642 | fmull -48(%ecx) | ||
2643 | faddp %st(0),%st(2) | ||
2644 | fsubrp %st(0),%st(5) | ||
2645 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2646 | fadd %st(4),%st(0) | ||
2647 | fldl 112(%edx) | ||
2648 | fmull -72(%ecx) | ||
2649 | faddp %st(0),%st(3) | ||
2650 | fldl 104(%edx) | ||
2651 | fmull -56(%ecx) | ||
2652 | faddp %st(0),%st(2) | ||
2653 | fldl -120(%ecx) | ||
2654 | fmull -104(%ecx) | ||
2655 | faddp %st(0),%st(4) | ||
2656 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
2657 | fldl 120(%edx) | ||
2658 | fmull -80(%ecx) | ||
2659 | faddp %st(0),%st(3) | ||
2660 | fldl 96(%edx) | ||
2661 | fmull -40(%ecx) | ||
2662 | fldl 112(%edx) | ||
2663 | fmull -64(%ecx) | ||
2664 | faddp %st(0),%st(3) | ||
2665 | fldl -128(%ecx) | ||
2666 | fmull -88(%ecx) | ||
2667 | faddp %st(0),%st(4) | ||
2668 | fxch %st(1) | ||
2669 | fadd %st(0),%st(4) | ||
2670 | fsubrp %st(0),%st(5) | ||
2671 | fxch %st(5) | ||
2672 | fstpl 0(%esp) | ||
2673 | fldl 104(%edx) | ||
2674 | fmull -48(%ecx) | ||
2675 | faddp %st(0),%st(5) | ||
2676 | fldl 120(%edx) | ||
2677 | fmull -72(%ecx) | ||
2678 | faddp %st(0),%st(1) | ||
2679 | fldl -120(%ecx) | ||
2680 | fmull -96(%ecx) | ||
2681 | faddp %st(0),%st(2) | ||
2682 | fxch %st(2) | ||
2683 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2684 | fldl 112(%edx) | ||
2685 | fmull -56(%ecx) | ||
2686 | faddp %st(0),%st(5) | ||
2687 | fldl -128(%ecx) | ||
2688 | fmull -80(%ecx) | ||
2689 | faddp %st(0),%st(3) | ||
2690 | fxch %st(1) | ||
2691 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2692 | fldl 64(%edx) | ||
2693 | fmull -112(%ecx) | ||
2694 | faddp %st(0),%st(2) | ||
2695 | fxch %st(3) | ||
2696 | fstpl 8(%esp) | ||
2697 | fldl 104(%edx) | ||
2698 | fmull -40(%ecx) | ||
2699 | fldl 120(%edx) | ||
2700 | fmull -64(%ecx) | ||
2701 | faddp %st(0),%st(5) | ||
2702 | fldl -120(%ecx) | ||
2703 | fmull -88(%ecx) | ||
2704 | faddp %st(0),%st(3) | ||
2705 | fldl 64(%edx) | ||
2706 | fmull -104(%ecx) | ||
2707 | faddp %st(0),%st(4) | ||
2708 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2709 | fadd %st(2),%st(0) | ||
2710 | fldl 112(%edx) | ||
2711 | fmull -48(%ecx) | ||
2712 | faddp %st(0),%st(2) | ||
2713 | fldl -128(%ecx) | ||
2714 | fmull -72(%ecx) | ||
2715 | faddp %st(0),%st(6) | ||
2716 | fxch %st(3) | ||
2717 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2718 | fldl 72(%edx) | ||
2719 | fmull -112(%ecx) | ||
2720 | faddp %st(0),%st(5) | ||
2721 | fxch %st(3) | ||
2722 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
2723 | fldl 120(%edx) | ||
2724 | fmull -56(%ecx) | ||
2725 | faddp %st(0),%st(2) | ||
2726 | fldl -120(%ecx) | ||
2727 | fmull -80(%ecx) | ||
2728 | faddp %st(0),%st(6) | ||
2729 | fldl 64(%edx) | ||
2730 | fmull -96(%ecx) | ||
2731 | faddp %st(0),%st(4) | ||
2732 | fadd %st(0),%st(4) | ||
2733 | fsubrp %st(0),%st(2) | ||
2734 | fldl 112(%edx) | ||
2735 | fmull -40(%ecx) | ||
2736 | fldl -128(%ecx) | ||
2737 | fmull -64(%ecx) | ||
2738 | faddp %st(0),%st(2) | ||
2739 | fxch %st(5) | ||
2740 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2741 | fldl 72(%edx) | ||
2742 | fmull -104(%ecx) | ||
2743 | faddp %st(0),%st(4) | ||
2744 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2745 | fadd %st(5),%st(0) | ||
2746 | fldl 120(%edx) | ||
2747 | fmull -48(%ecx) | ||
2748 | faddp %st(0),%st(7) | ||
2749 | fldl -120(%ecx) | ||
2750 | fmull -72(%ecx) | ||
2751 | faddp %st(0),%st(3) | ||
2752 | fldl 64(%edx) | ||
2753 | fmull -88(%ecx) | ||
2754 | faddp %st(0),%st(2) | ||
2755 | fldl 80(%edx) | ||
2756 | fmull -112(%ecx) | ||
2757 | faddp %st(0),%st(5) | ||
2758 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
2759 | fxch %st(3) | ||
2760 | fstpl 16(%esp) | ||
2761 | fldl -128(%ecx) | ||
2762 | fmull -56(%ecx) | ||
2763 | faddp %st(0),%st(6) | ||
2764 | fxch %st(1) | ||
2765 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2766 | fldl 72(%edx) | ||
2767 | fmull -96(%ecx) | ||
2768 | faddp %st(0),%st(2) | ||
2769 | fxch %st(2) | ||
2770 | fadd %st(0),%st(3) | ||
2771 | fsubrp %st(0),%st(4) | ||
2772 | fldl 120(%edx) | ||
2773 | fmull -40(%ecx) | ||
2774 | fldl -120(%ecx) | ||
2775 | fmull -64(%ecx) | ||
2776 | faddp %st(0),%st(6) | ||
2777 | fldl 64(%edx) | ||
2778 | fmull -80(%ecx) | ||
2779 | faddp %st(0),%st(3) | ||
2780 | fldl 80(%edx) | ||
2781 | fmull -104(%ecx) | ||
2782 | faddp %st(0),%st(2) | ||
2783 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2784 | fadd %st(4),%st(0) | ||
2785 | fldl -128(%ecx) | ||
2786 | fmull -48(%ecx) | ||
2787 | faddp %st(0),%st(2) | ||
2788 | fxch %st(6) | ||
2789 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2790 | fldl 72(%edx) | ||
2791 | fmull -88(%ecx) | ||
2792 | faddp %st(0),%st(4) | ||
2793 | fldl 88(%edx) | ||
2794 | fmull -112(%ecx) | ||
2795 | faddp %st(0),%st(3) | ||
2796 | fxch %st(6) | ||
2797 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
2798 | fxch %st(5) | ||
2799 | fstpl 24(%esp) | ||
2800 | fldl -120(%ecx) | ||
2801 | fmull -56(%ecx) | ||
2802 | faddp %st(0),%st(1) | ||
2803 | fldl 64(%edx) | ||
2804 | fmull -72(%ecx) | ||
2805 | faddp %st(0),%st(6) | ||
2806 | fldl 80(%edx) | ||
2807 | fmull -96(%ecx) | ||
2808 | faddp %st(0),%st(3) | ||
2809 | fxch %st(4) | ||
2810 | fadd %st(0),%st(1) | ||
2811 | fsubrp %st(0),%st(3) | ||
2812 | fldl -128(%ecx) | ||
2813 | fmull -40(%ecx) | ||
2814 | fxch %st(4) | ||
2815 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2816 | fldl 72(%edx) | ||
2817 | fmull -80(%ecx) | ||
2818 | faddp %st(0),%st(6) | ||
2819 | fldl 88(%edx) | ||
2820 | fmull -104(%ecx) | ||
2821 | faddp %st(0),%st(3) | ||
2822 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2823 | fadd %st(2),%st(0) | ||
2824 | fldl -120(%ecx) | ||
2825 | fmull -48(%ecx) | ||
2826 | faddp %st(0),%st(6) | ||
2827 | fldl 64(%edx) | ||
2828 | fmull -64(%ecx) | ||
2829 | faddp %st(0),%st(2) | ||
2830 | fldl 80(%edx) | ||
2831 | fmull -88(%ecx) | ||
2832 | faddp %st(0),%st(7) | ||
2833 | fldl 96(%edx) | ||
2834 | fmull -112(%ecx) | ||
2835 | faddp %st(0),%st(4) | ||
2836 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
2837 | fxch %st(4) | ||
2838 | fstpl 32(%esp) | ||
2839 | fxch %st(4) | ||
2840 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2841 | fldl 72(%edx) | ||
2842 | fmull -72(%ecx) | ||
2843 | faddp %st(0),%st(5) | ||
2844 | fldl 88(%edx) | ||
2845 | fmull -96(%ecx) | ||
2846 | faddp %st(0),%st(6) | ||
2847 | fxch %st(3) | ||
2848 | fadd %st(0),%st(2) | ||
2849 | fsubrp %st(0),%st(1) | ||
2850 | fldl 64(%edx) | ||
2851 | fmull -56(%ecx) | ||
2852 | faddp %st(0),%st(3) | ||
2853 | fldl 80(%edx) | ||
2854 | fmull -80(%ecx) | ||
2855 | faddp %st(0),%st(4) | ||
2856 | fldl 96(%edx) | ||
2857 | fmull -104(%ecx) | ||
2858 | faddp %st(0),%st(5) | ||
2859 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2860 | fadd %st(2),%st(0) | ||
2861 | fldl 72(%edx) | ||
2862 | fmull -64(%ecx) | ||
2863 | faddp %st(0),%st(4) | ||
2864 | fldl 88(%edx) | ||
2865 | fmull -88(%ecx) | ||
2866 | faddp %st(0),%st(5) | ||
2867 | fldl 104(%edx) | ||
2868 | fmull -112(%ecx) | ||
2869 | faddp %st(0),%st(6) | ||
2870 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
2871 | fxch %st(1) | ||
2872 | fstpl 40(%esp) | ||
2873 | fldl 80(%edx) | ||
2874 | fmull -72(%ecx) | ||
2875 | faddp %st(0),%st(3) | ||
2876 | fldl 96(%edx) | ||
2877 | fmull -96(%ecx) | ||
2878 | faddp %st(0),%st(4) | ||
2879 | fadd %st(0),%st(4) | ||
2880 | fsubrp %st(0),%st(1) | ||
2881 | fstpl 48(%esp) | ||
2882 | fldl 88(%edx) | ||
2883 | fmull -80(%ecx) | ||
2884 | faddp %st(0),%st(1) | ||
2885 | fldl 104(%edx) | ||
2886 | fmull -104(%ecx) | ||
2887 | faddp %st(0),%st(2) | ||
2888 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2889 | fadd %st(3),%st(0) | ||
2890 | fldl 96(%edx) | ||
2891 | fmull -88(%ecx) | ||
2892 | faddp %st(0),%st(2) | ||
2893 | fldl 112(%edx) | ||
2894 | fmull -112(%ecx) | ||
2895 | faddp %st(0),%st(3) | ||
2896 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
2897 | fldl 104(%edx) | ||
2898 | fmull -96(%ecx) | ||
2899 | faddp %st(0),%st(2) | ||
2900 | fadd %st(0),%st(2) | ||
2901 | fsubrp %st(0),%st(3) | ||
2902 | fxch %st(2) | ||
2903 | fstpl 24(%edx) | ||
2904 | fldl 112(%edx) | ||
2905 | fmull -104(%ecx) | ||
2906 | faddp %st(0),%st(2) | ||
2907 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2908 | fadd %st(1),%st(0) | ||
2909 | fldl 120(%edx) | ||
2910 | fmull -112(%ecx) | ||
2911 | faddp %st(0),%st(3) | ||
2912 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
2913 | fldl 0(%esp) | ||
2914 | fldl 8(%esp) | ||
2915 | fxch %st(2) | ||
2916 | fadd %st(0),%st(4) | ||
2917 | fsubrp %st(0),%st(3) | ||
2918 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2919 | fadd %st(4),%st(0) | ||
2920 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
2921 | fadd %st(0),%st(1) | ||
2922 | fsubrp %st(0),%st(4) | ||
2923 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2924 | fadd %st(1),%st(0) | ||
2925 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
2926 | fsubr %st(0),%st(1) | ||
2927 | faddp %st(0),%st(2) | ||
2928 | fxch %st(2) | ||
2929 | fstpl 32(%edx) | ||
2930 | fxch %st(2) | ||
2931 | fstpl 48(%edx) | ||
2932 | fstpl 56(%edx) | ||
2933 | fstpl -112(%ecx) | ||
2934 | fldl -48(%edx) | ||
2935 | faddl 64(%edx) | ||
2936 | fstpl -104(%ecx) | ||
2937 | fldl -40(%edx) | ||
2938 | faddl 72(%edx) | ||
2939 | fstpl -96(%ecx) | ||
2940 | fldl -32(%edx) | ||
2941 | faddl 80(%edx) | ||
2942 | fstpl -88(%ecx) | ||
2943 | fldl -24(%edx) | ||
2944 | faddl 88(%edx) | ||
2945 | fstpl -80(%ecx) | ||
2946 | fldl -16(%edx) | ||
2947 | faddl 96(%edx) | ||
2948 | fstpl -16(%edx) | ||
2949 | fldl -8(%edx) | ||
2950 | faddl 104(%edx) | ||
2951 | fstpl -8(%edx) | ||
2952 | fldl 0(%edx) | ||
2953 | faddl 112(%edx) | ||
2954 | fstpl 0(%edx) | ||
2955 | fldl 8(%edx) | ||
2956 | faddl 120(%edx) | ||
2957 | fstpl 8(%edx) | ||
2958 | fldl 16(%edx) | ||
2959 | faddl -128(%ecx) | ||
2960 | fstpl 16(%edx) | ||
2961 | fldl 48(%ecx) | ||
2962 | faddl -120(%ecx) | ||
2963 | fstpl 80(%edx) | ||
2964 | fldl 128(%ecx) | ||
2965 | fmull -128(%edx) | ||
2966 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
2967 | fldl 56(%ecx) | ||
2968 | fmull 120(%esp) | ||
2969 | faddp %st(0),%st(1) | ||
2970 | fldl 64(%ecx) | ||
2971 | fmull 112(%esp) | ||
2972 | faddp %st(0),%st(1) | ||
2973 | fldl 56(%ecx) | ||
2974 | fmull -128(%edx) | ||
2975 | fldl 72(%ecx) | ||
2976 | fmull 104(%esp) | ||
2977 | faddp %st(0),%st(2) | ||
2978 | fldl 64(%ecx) | ||
2979 | fmull 120(%esp) | ||
2980 | faddp %st(0),%st(1) | ||
2981 | fldl 80(%ecx) | ||
2982 | fmull 96(%esp) | ||
2983 | faddp %st(0),%st(2) | ||
2984 | fldl 72(%ecx) | ||
2985 | fmull 112(%esp) | ||
2986 | faddp %st(0),%st(1) | ||
2987 | fldl 88(%ecx) | ||
2988 | fmull 88(%esp) | ||
2989 | faddp %st(0),%st(2) | ||
2990 | fldl 80(%ecx) | ||
2991 | fmull 104(%esp) | ||
2992 | faddp %st(0),%st(1) | ||
2993 | fldl 64(%ecx) | ||
2994 | fmull -128(%edx) | ||
2995 | fldl 96(%ecx) | ||
2996 | fmull 80(%esp) | ||
2997 | faddp %st(0),%st(3) | ||
2998 | fldl 88(%ecx) | ||
2999 | fmull 96(%esp) | ||
3000 | faddp %st(0),%st(2) | ||
3001 | fldl 72(%ecx) | ||
3002 | fmull 120(%esp) | ||
3003 | faddp %st(0),%st(1) | ||
3004 | fldl 104(%ecx) | ||
3005 | fmull 72(%esp) | ||
3006 | faddp %st(0),%st(3) | ||
3007 | fldl 96(%ecx) | ||
3008 | fmull 88(%esp) | ||
3009 | faddp %st(0),%st(2) | ||
3010 | fldl 80(%ecx) | ||
3011 | fmull 112(%esp) | ||
3012 | faddp %st(0),%st(1) | ||
3013 | fldl 112(%ecx) | ||
3014 | fmull 64(%esp) | ||
3015 | faddp %st(0),%st(3) | ||
3016 | fldl 104(%ecx) | ||
3017 | fmull 80(%esp) | ||
3018 | faddp %st(0),%st(2) | ||
3019 | fldl 88(%ecx) | ||
3020 | fmull 104(%esp) | ||
3021 | faddp %st(0),%st(1) | ||
3022 | fldl 120(%ecx) | ||
3023 | fmull 56(%esp) | ||
3024 | faddp %st(0),%st(3) | ||
3025 | fldl 112(%ecx) | ||
3026 | fmull 72(%esp) | ||
3027 | faddp %st(0),%st(2) | ||
3028 | fldl 96(%ecx) | ||
3029 | fmull 96(%esp) | ||
3030 | faddp %st(0),%st(1) | ||
3031 | fldl 72(%ecx) | ||
3032 | fmull -128(%edx) | ||
3033 | fldl 104(%ecx) | ||
3034 | fmull 88(%esp) | ||
3035 | faddp %st(0),%st(2) | ||
3036 | fldl 120(%ecx) | ||
3037 | fmull 64(%esp) | ||
3038 | faddp %st(0),%st(3) | ||
3039 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3040 | fadd %st(4),%st(0) | ||
3041 | fldl 80(%ecx) | ||
3042 | fmull 120(%esp) | ||
3043 | faddp %st(0),%st(2) | ||
3044 | fldl 112(%ecx) | ||
3045 | fmull 80(%esp) | ||
3046 | faddp %st(0),%st(3) | ||
3047 | fldl 128(%ecx) | ||
3048 | fmull 56(%esp) | ||
3049 | faddp %st(0),%st(4) | ||
3050 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3051 | fldl 88(%ecx) | ||
3052 | fmull 112(%esp) | ||
3053 | faddp %st(0),%st(2) | ||
3054 | fldl 80(%ecx) | ||
3055 | fmull -128(%edx) | ||
3056 | fldl 120(%ecx) | ||
3057 | fmull 72(%esp) | ||
3058 | faddp %st(0),%st(4) | ||
3059 | fxch %st(1) | ||
3060 | fadd %st(0),%st(4) | ||
3061 | fldl 96(%ecx) | ||
3062 | fmull 104(%esp) | ||
3063 | faddp %st(0),%st(3) | ||
3064 | fldl 88(%ecx) | ||
3065 | fmull 120(%esp) | ||
3066 | faddp %st(0),%st(2) | ||
3067 | fsubrp %st(0),%st(5) | ||
3068 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
3069 | fadd %st(4),%st(0) | ||
3070 | fldl 104(%ecx) | ||
3071 | fmull 96(%esp) | ||
3072 | faddp %st(0),%st(3) | ||
3073 | fldl 96(%ecx) | ||
3074 | fmull 112(%esp) | ||
3075 | faddp %st(0),%st(2) | ||
3076 | fldl 128(%ecx) | ||
3077 | fmull 64(%esp) | ||
3078 | faddp %st(0),%st(4) | ||
3079 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
3080 | fldl 112(%ecx) | ||
3081 | fmull 88(%esp) | ||
3082 | faddp %st(0),%st(3) | ||
3083 | fldl 88(%ecx) | ||
3084 | fmull -128(%edx) | ||
3085 | fldl 104(%ecx) | ||
3086 | fmull 104(%esp) | ||
3087 | faddp %st(0),%st(3) | ||
3088 | fldl 120(%ecx) | ||
3089 | fmull 80(%esp) | ||
3090 | faddp %st(0),%st(4) | ||
3091 | fxch %st(1) | ||
3092 | fadd %st(0),%st(4) | ||
3093 | fsubrp %st(0),%st(5) | ||
3094 | fxch %st(5) | ||
3095 | fstpl 0(%esp) | ||
3096 | fldl 96(%ecx) | ||
3097 | fmull 120(%esp) | ||
3098 | faddp %st(0),%st(5) | ||
3099 | fldl 112(%ecx) | ||
3100 | fmull 96(%esp) | ||
3101 | faddp %st(0),%st(1) | ||
3102 | fldl 128(%ecx) | ||
3103 | fmull 72(%esp) | ||
3104 | faddp %st(0),%st(2) | ||
3105 | fxch %st(2) | ||
3106 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3107 | fldl 104(%ecx) | ||
3108 | fmull 112(%esp) | ||
3109 | faddp %st(0),%st(5) | ||
3110 | fldl 120(%ecx) | ||
3111 | fmull 88(%esp) | ||
3112 | faddp %st(0),%st(3) | ||
3113 | fxch %st(1) | ||
3114 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3115 | fldl 56(%ecx) | ||
3116 | fmull 56(%esp) | ||
3117 | faddp %st(0),%st(2) | ||
3118 | fxch %st(3) | ||
3119 | fstpl 8(%esp) | ||
3120 | fldl 96(%ecx) | ||
3121 | fmull -128(%edx) | ||
3122 | fldl 112(%ecx) | ||
3123 | fmull 104(%esp) | ||
3124 | faddp %st(0),%st(5) | ||
3125 | fldl 128(%ecx) | ||
3126 | fmull 80(%esp) | ||
3127 | faddp %st(0),%st(3) | ||
3128 | fldl 56(%ecx) | ||
3129 | fmull 64(%esp) | ||
3130 | faddp %st(0),%st(4) | ||
3131 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
3132 | fadd %st(2),%st(0) | ||
3133 | fldl 104(%ecx) | ||
3134 | fmull 120(%esp) | ||
3135 | faddp %st(0),%st(2) | ||
3136 | fldl 120(%ecx) | ||
3137 | fmull 96(%esp) | ||
3138 | faddp %st(0),%st(6) | ||
3139 | fxch %st(3) | ||
3140 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3141 | fldl 64(%ecx) | ||
3142 | fmull 56(%esp) | ||
3143 | faddp %st(0),%st(5) | ||
3144 | fxch %st(3) | ||
3145 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
3146 | fldl 112(%ecx) | ||
3147 | fmull 112(%esp) | ||
3148 | faddp %st(0),%st(2) | ||
3149 | fldl 128(%ecx) | ||
3150 | fmull 88(%esp) | ||
3151 | faddp %st(0),%st(6) | ||
3152 | fldl 56(%ecx) | ||
3153 | fmull 72(%esp) | ||
3154 | faddp %st(0),%st(4) | ||
3155 | fadd %st(0),%st(4) | ||
3156 | fsubrp %st(0),%st(2) | ||
3157 | fldl 104(%ecx) | ||
3158 | fmull -128(%edx) | ||
3159 | fldl 120(%ecx) | ||
3160 | fmull 104(%esp) | ||
3161 | faddp %st(0),%st(2) | ||
3162 | fxch %st(5) | ||
3163 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3164 | fldl 64(%ecx) | ||
3165 | fmull 64(%esp) | ||
3166 | faddp %st(0),%st(4) | ||
3167 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
3168 | fadd %st(5),%st(0) | ||
3169 | fldl 112(%ecx) | ||
3170 | fmull 120(%esp) | ||
3171 | faddp %st(0),%st(7) | ||
3172 | fldl 128(%ecx) | ||
3173 | fmull 96(%esp) | ||
3174 | faddp %st(0),%st(3) | ||
3175 | fldl 56(%ecx) | ||
3176 | fmull 80(%esp) | ||
3177 | faddp %st(0),%st(2) | ||
3178 | fldl 72(%ecx) | ||
3179 | fmull 56(%esp) | ||
3180 | faddp %st(0),%st(5) | ||
3181 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
3182 | fxch %st(3) | ||
3183 | fstpl -48(%edx) | ||
3184 | fldl 120(%ecx) | ||
3185 | fmull 112(%esp) | ||
3186 | faddp %st(0),%st(6) | ||
3187 | fxch %st(1) | ||
3188 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3189 | fldl 64(%ecx) | ||
3190 | fmull 72(%esp) | ||
3191 | faddp %st(0),%st(2) | ||
3192 | fxch %st(2) | ||
3193 | fadd %st(0),%st(3) | ||
3194 | fsubrp %st(0),%st(4) | ||
3195 | fldl 112(%ecx) | ||
3196 | fmull -128(%edx) | ||
3197 | fldl 128(%ecx) | ||
3198 | fmull 104(%esp) | ||
3199 | faddp %st(0),%st(6) | ||
3200 | fldl 56(%ecx) | ||
3201 | fmull 88(%esp) | ||
3202 | faddp %st(0),%st(3) | ||
3203 | fldl 72(%ecx) | ||
3204 | fmull 64(%esp) | ||
3205 | faddp %st(0),%st(2) | ||
3206 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
3207 | fadd %st(4),%st(0) | ||
3208 | fldl 120(%ecx) | ||
3209 | fmull 120(%esp) | ||
3210 | faddp %st(0),%st(2) | ||
3211 | fxch %st(6) | ||
3212 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3213 | fldl 64(%ecx) | ||
3214 | fmull 80(%esp) | ||
3215 | faddp %st(0),%st(4) | ||
3216 | fldl 80(%ecx) | ||
3217 | fmull 56(%esp) | ||
3218 | faddp %st(0),%st(3) | ||
3219 | fxch %st(6) | ||
3220 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
3221 | fxch %st(5) | ||
3222 | fstpl -40(%edx) | ||
3223 | fldl 128(%ecx) | ||
3224 | fmull 112(%esp) | ||
3225 | faddp %st(0),%st(1) | ||
3226 | fldl 56(%ecx) | ||
3227 | fmull 96(%esp) | ||
3228 | faddp %st(0),%st(6) | ||
3229 | fldl 72(%ecx) | ||
3230 | fmull 72(%esp) | ||
3231 | faddp %st(0),%st(3) | ||
3232 | fxch %st(4) | ||
3233 | fadd %st(0),%st(1) | ||
3234 | fsubrp %st(0),%st(3) | ||
3235 | fldl 120(%ecx) | ||
3236 | fmull -128(%edx) | ||
3237 | fxch %st(4) | ||
3238 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3239 | fldl 64(%ecx) | ||
3240 | fmull 88(%esp) | ||
3241 | faddp %st(0),%st(6) | ||
3242 | fldl 80(%ecx) | ||
3243 | fmull 64(%esp) | ||
3244 | faddp %st(0),%st(3) | ||
3245 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
3246 | fadd %st(2),%st(0) | ||
3247 | fldl 128(%ecx) | ||
3248 | fmull 120(%esp) | ||
3249 | faddp %st(0),%st(6) | ||
3250 | fldl 56(%ecx) | ||
3251 | fmull 104(%esp) | ||
3252 | faddp %st(0),%st(2) | ||
3253 | fldl 72(%ecx) | ||
3254 | fmull 80(%esp) | ||
3255 | faddp %st(0),%st(7) | ||
3256 | fldl 88(%ecx) | ||
3257 | fmull 56(%esp) | ||
3258 | faddp %st(0),%st(4) | ||
3259 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
3260 | fxch %st(4) | ||
3261 | fstpl -32(%edx) | ||
3262 | fxch %st(4) | ||
3263 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3264 | fldl 64(%ecx) | ||
3265 | fmull 96(%esp) | ||
3266 | faddp %st(0),%st(5) | ||
3267 | fldl 80(%ecx) | ||
3268 | fmull 72(%esp) | ||
3269 | faddp %st(0),%st(6) | ||
3270 | fxch %st(3) | ||
3271 | fadd %st(0),%st(2) | ||
3272 | fsubrp %st(0),%st(1) | ||
3273 | fldl 56(%ecx) | ||
3274 | fmull 112(%esp) | ||
3275 | faddp %st(0),%st(3) | ||
3276 | fldl 72(%ecx) | ||
3277 | fmull 88(%esp) | ||
3278 | faddp %st(0),%st(4) | ||
3279 | fldl 88(%ecx) | ||
3280 | fmull 64(%esp) | ||
3281 | faddp %st(0),%st(5) | ||
3282 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
3283 | fadd %st(2),%st(0) | ||
3284 | fldl 64(%ecx) | ||
3285 | fmull 104(%esp) | ||
3286 | faddp %st(0),%st(4) | ||
3287 | fldl 80(%ecx) | ||
3288 | fmull 80(%esp) | ||
3289 | faddp %st(0),%st(5) | ||
3290 | fldl 96(%ecx) | ||
3291 | fmull 56(%esp) | ||
3292 | faddp %st(0),%st(6) | ||
3293 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
3294 | fxch %st(1) | ||
3295 | fstpl -24(%edx) | ||
3296 | fldl 72(%ecx) | ||
3297 | fmull 96(%esp) | ||
3298 | faddp %st(0),%st(3) | ||
3299 | fldl 88(%ecx) | ||
3300 | fmull 72(%esp) | ||
3301 | faddp %st(0),%st(4) | ||
3302 | fadd %st(0),%st(4) | ||
3303 | fsubrp %st(0),%st(1) | ||
3304 | fstpl 96(%edx) | ||
3305 | fldl 80(%ecx) | ||
3306 | fmull 88(%esp) | ||
3307 | faddp %st(0),%st(1) | ||
3308 | fldl 96(%ecx) | ||
3309 | fmull 64(%esp) | ||
3310 | faddp %st(0),%st(2) | ||
3311 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
3312 | fadd %st(3),%st(0) | ||
3313 | fldl 88(%ecx) | ||
3314 | fmull 80(%esp) | ||
3315 | faddp %st(0),%st(2) | ||
3316 | fldl 104(%ecx) | ||
3317 | fmull 56(%esp) | ||
3318 | faddp %st(0),%st(3) | ||
3319 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
3320 | fldl 96(%ecx) | ||
3321 | fmull 72(%esp) | ||
3322 | faddp %st(0),%st(2) | ||
3323 | fadd %st(0),%st(2) | ||
3324 | fsubrp %st(0),%st(3) | ||
3325 | fxch %st(2) | ||
3326 | fstpl 104(%edx) | ||
3327 | fldl 104(%ecx) | ||
3328 | fmull 64(%esp) | ||
3329 | faddp %st(0),%st(2) | ||
3330 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
3331 | fadd %st(1),%st(0) | ||
3332 | fldl 112(%ecx) | ||
3333 | fmull 56(%esp) | ||
3334 | faddp %st(0),%st(3) | ||
3335 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
3336 | fldl 0(%esp) | ||
3337 | fldl 8(%esp) | ||
3338 | fxch %st(2) | ||
3339 | fadd %st(0),%st(4) | ||
3340 | fsubrp %st(0),%st(3) | ||
3341 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
3342 | fadd %st(4),%st(0) | ||
3343 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
3344 | fadd %st(0),%st(1) | ||
3345 | fsubrp %st(0),%st(4) | ||
3346 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3347 | fadd %st(1),%st(0) | ||
3348 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3349 | fsubr %st(0),%st(1) | ||
3350 | faddp %st(0),%st(2) | ||
3351 | fxch %st(2) | ||
3352 | fstpl 112(%edx) | ||
3353 | fxch %st(2) | ||
3354 | fstpl 120(%edx) | ||
3355 | fstpl -128(%ecx) | ||
3356 | fstpl -120(%ecx) | ||
3357 | fldl 80(%edx) | ||
3358 | fmull 40(%ecx) | ||
3359 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3360 | fldl -104(%ecx) | ||
3361 | fmull 32(%ecx) | ||
3362 | faddp %st(0),%st(1) | ||
3363 | fldl -96(%ecx) | ||
3364 | fmull 24(%ecx) | ||
3365 | faddp %st(0),%st(1) | ||
3366 | fldl -104(%ecx) | ||
3367 | fmull 40(%ecx) | ||
3368 | fldl -88(%ecx) | ||
3369 | fmull 16(%ecx) | ||
3370 | faddp %st(0),%st(2) | ||
3371 | fldl -96(%ecx) | ||
3372 | fmull 32(%ecx) | ||
3373 | faddp %st(0),%st(1) | ||
3374 | fldl -80(%ecx) | ||
3375 | fmull 8(%ecx) | ||
3376 | faddp %st(0),%st(2) | ||
3377 | fldl -88(%ecx) | ||
3378 | fmull 24(%ecx) | ||
3379 | faddp %st(0),%st(1) | ||
3380 | fldl -16(%edx) | ||
3381 | fmull 0(%ecx) | ||
3382 | faddp %st(0),%st(2) | ||
3383 | fldl -80(%ecx) | ||
3384 | fmull 16(%ecx) | ||
3385 | faddp %st(0),%st(1) | ||
3386 | fldl -96(%ecx) | ||
3387 | fmull 40(%ecx) | ||
3388 | fldl -8(%edx) | ||
3389 | fmull -8(%ecx) | ||
3390 | faddp %st(0),%st(3) | ||
3391 | fldl -16(%edx) | ||
3392 | fmull 8(%ecx) | ||
3393 | faddp %st(0),%st(2) | ||
3394 | fldl -88(%ecx) | ||
3395 | fmull 32(%ecx) | ||
3396 | faddp %st(0),%st(1) | ||
3397 | fldl 0(%edx) | ||
3398 | fmull -16(%ecx) | ||
3399 | faddp %st(0),%st(3) | ||
3400 | fldl -8(%edx) | ||
3401 | fmull 0(%ecx) | ||
3402 | faddp %st(0),%st(2) | ||
3403 | fldl -80(%ecx) | ||
3404 | fmull 24(%ecx) | ||
3405 | faddp %st(0),%st(1) | ||
3406 | fldl 8(%edx) | ||
3407 | fmull -24(%ecx) | ||
3408 | faddp %st(0),%st(3) | ||
3409 | fldl 0(%edx) | ||
3410 | fmull -8(%ecx) | ||
3411 | faddp %st(0),%st(2) | ||
3412 | fldl -16(%edx) | ||
3413 | fmull 16(%ecx) | ||
3414 | faddp %st(0),%st(1) | ||
3415 | fldl 16(%edx) | ||
3416 | fmull -32(%ecx) | ||
3417 | faddp %st(0),%st(3) | ||
3418 | fldl 8(%edx) | ||
3419 | fmull -16(%ecx) | ||
3420 | faddp %st(0),%st(2) | ||
3421 | fldl -8(%edx) | ||
3422 | fmull 8(%ecx) | ||
3423 | faddp %st(0),%st(1) | ||
3424 | fldl -88(%ecx) | ||
3425 | fmull 40(%ecx) | ||
3426 | fldl 0(%edx) | ||
3427 | fmull 0(%ecx) | ||
3428 | faddp %st(0),%st(2) | ||
3429 | fldl 16(%edx) | ||
3430 | fmull -24(%ecx) | ||
3431 | faddp %st(0),%st(3) | ||
3432 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3433 | fadd %st(4),%st(0) | ||
3434 | fldl -80(%ecx) | ||
3435 | fmull 32(%ecx) | ||
3436 | faddp %st(0),%st(2) | ||
3437 | fldl 8(%edx) | ||
3438 | fmull -8(%ecx) | ||
3439 | faddp %st(0),%st(3) | ||
3440 | fldl 80(%edx) | ||
3441 | fmull -32(%ecx) | ||
3442 | faddp %st(0),%st(4) | ||
3443 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3444 | fldl -16(%edx) | ||
3445 | fmull 24(%ecx) | ||
3446 | faddp %st(0),%st(2) | ||
3447 | fldl -80(%ecx) | ||
3448 | fmull 40(%ecx) | ||
3449 | fldl 16(%edx) | ||
3450 | fmull -16(%ecx) | ||
3451 | faddp %st(0),%st(4) | ||
3452 | fxch %st(1) | ||
3453 | fadd %st(0),%st(4) | ||
3454 | fldl -8(%edx) | ||
3455 | fmull 16(%ecx) | ||
3456 | faddp %st(0),%st(3) | ||
3457 | fldl -16(%edx) | ||
3458 | fmull 32(%ecx) | ||
3459 | faddp %st(0),%st(2) | ||
3460 | fsubrp %st(0),%st(5) | ||
3461 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
3462 | fadd %st(4),%st(0) | ||
3463 | fldl 0(%edx) | ||
3464 | fmull 8(%ecx) | ||
3465 | faddp %st(0),%st(3) | ||
3466 | fldl -8(%edx) | ||
3467 | fmull 24(%ecx) | ||
3468 | faddp %st(0),%st(2) | ||
3469 | fldl 80(%edx) | ||
3470 | fmull -24(%ecx) | ||
3471 | faddp %st(0),%st(4) | ||
3472 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
3473 | fldl 8(%edx) | ||
3474 | fmull 0(%ecx) | ||
3475 | faddp %st(0),%st(3) | ||
3476 | fldl -16(%edx) | ||
3477 | fmull 40(%ecx) | ||
3478 | fldl 0(%edx) | ||
3479 | fmull 16(%ecx) | ||
3480 | faddp %st(0),%st(3) | ||
3481 | fldl 16(%edx) | ||
3482 | fmull -8(%ecx) | ||
3483 | faddp %st(0),%st(4) | ||
3484 | fxch %st(1) | ||
3485 | fadd %st(0),%st(4) | ||
3486 | fsubrp %st(0),%st(5) | ||
3487 | fxch %st(5) | ||
3488 | fstpl 0(%esp) | ||
3489 | fldl -8(%edx) | ||
3490 | fmull 32(%ecx) | ||
3491 | faddp %st(0),%st(5) | ||
3492 | fldl 8(%edx) | ||
3493 | fmull 8(%ecx) | ||
3494 | faddp %st(0),%st(1) | ||
3495 | fldl 80(%edx) | ||
3496 | fmull -16(%ecx) | ||
3497 | faddp %st(0),%st(2) | ||
3498 | fxch %st(2) | ||
3499 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3500 | fldl 0(%edx) | ||
3501 | fmull 24(%ecx) | ||
3502 | faddp %st(0),%st(5) | ||
3503 | fldl 16(%edx) | ||
3504 | fmull 0(%ecx) | ||
3505 | faddp %st(0),%st(3) | ||
3506 | fxch %st(1) | ||
3507 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3508 | fldl -104(%ecx) | ||
3509 | fmull -32(%ecx) | ||
3510 | faddp %st(0),%st(2) | ||
3511 | fxch %st(3) | ||
3512 | fstpl 8(%esp) | ||
3513 | fldl -8(%edx) | ||
3514 | fmull 40(%ecx) | ||
3515 | fldl 8(%edx) | ||
3516 | fmull 16(%ecx) | ||
3517 | faddp %st(0),%st(5) | ||
3518 | fldl 80(%edx) | ||
3519 | fmull -8(%ecx) | ||
3520 | faddp %st(0),%st(3) | ||
3521 | fldl -104(%ecx) | ||
3522 | fmull -24(%ecx) | ||
3523 | faddp %st(0),%st(4) | ||
3524 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
3525 | fadd %st(2),%st(0) | ||
3526 | fldl 0(%edx) | ||
3527 | fmull 32(%ecx) | ||
3528 | faddp %st(0),%st(2) | ||
3529 | fldl 16(%edx) | ||
3530 | fmull 8(%ecx) | ||
3531 | faddp %st(0),%st(6) | ||
3532 | fxch %st(3) | ||
3533 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3534 | fldl -96(%ecx) | ||
3535 | fmull -32(%ecx) | ||
3536 | faddp %st(0),%st(5) | ||
3537 | fxch %st(3) | ||
3538 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
3539 | fldl 8(%edx) | ||
3540 | fmull 24(%ecx) | ||
3541 | faddp %st(0),%st(2) | ||
3542 | fldl 80(%edx) | ||
3543 | fmull 0(%ecx) | ||
3544 | faddp %st(0),%st(6) | ||
3545 | fldl -104(%ecx) | ||
3546 | fmull -16(%ecx) | ||
3547 | faddp %st(0),%st(4) | ||
3548 | fadd %st(0),%st(4) | ||
3549 | fsubrp %st(0),%st(2) | ||
3550 | fldl 0(%edx) | ||
3551 | fmull 40(%ecx) | ||
3552 | fldl 16(%edx) | ||
3553 | fmull 16(%ecx) | ||
3554 | faddp %st(0),%st(2) | ||
3555 | fxch %st(5) | ||
3556 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3557 | fldl -96(%ecx) | ||
3558 | fmull -24(%ecx) | ||
3559 | faddp %st(0),%st(4) | ||
3560 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
3561 | fadd %st(5),%st(0) | ||
3562 | fldl 8(%edx) | ||
3563 | fmull 32(%ecx) | ||
3564 | faddp %st(0),%st(7) | ||
3565 | fldl 80(%edx) | ||
3566 | fmull 8(%ecx) | ||
3567 | faddp %st(0),%st(3) | ||
3568 | fldl -104(%ecx) | ||
3569 | fmull -8(%ecx) | ||
3570 | faddp %st(0),%st(2) | ||
3571 | fldl -88(%ecx) | ||
3572 | fmull -32(%ecx) | ||
3573 | faddp %st(0),%st(5) | ||
3574 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
3575 | fxch %st(3) | ||
3576 | fstpl 64(%edx) | ||
3577 | fldl 16(%edx) | ||
3578 | fmull 24(%ecx) | ||
3579 | faddp %st(0),%st(6) | ||
3580 | fxch %st(1) | ||
3581 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3582 | fldl -96(%ecx) | ||
3583 | fmull -16(%ecx) | ||
3584 | faddp %st(0),%st(2) | ||
3585 | fxch %st(2) | ||
3586 | fadd %st(0),%st(3) | ||
3587 | fsubrp %st(0),%st(4) | ||
3588 | fldl 8(%edx) | ||
3589 | fmull 40(%ecx) | ||
3590 | fldl 80(%edx) | ||
3591 | fmull 16(%ecx) | ||
3592 | faddp %st(0),%st(6) | ||
3593 | fldl -104(%ecx) | ||
3594 | fmull 0(%ecx) | ||
3595 | faddp %st(0),%st(3) | ||
3596 | fldl -88(%ecx) | ||
3597 | fmull -24(%ecx) | ||
3598 | faddp %st(0),%st(2) | ||
3599 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
3600 | fadd %st(4),%st(0) | ||
3601 | fldl 16(%edx) | ||
3602 | fmull 32(%ecx) | ||
3603 | faddp %st(0),%st(2) | ||
3604 | fxch %st(6) | ||
3605 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3606 | fldl -96(%ecx) | ||
3607 | fmull -8(%ecx) | ||
3608 | faddp %st(0),%st(4) | ||
3609 | fldl -80(%ecx) | ||
3610 | fmull -32(%ecx) | ||
3611 | faddp %st(0),%st(3) | ||
3612 | fxch %st(6) | ||
3613 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
3614 | fxch %st(5) | ||
3615 | fstpl 72(%edx) | ||
3616 | fldl 80(%edx) | ||
3617 | fmull 24(%ecx) | ||
3618 | faddp %st(0),%st(1) | ||
3619 | fldl -104(%ecx) | ||
3620 | fmull 8(%ecx) | ||
3621 | faddp %st(0),%st(6) | ||
3622 | fldl -88(%ecx) | ||
3623 | fmull -16(%ecx) | ||
3624 | faddp %st(0),%st(3) | ||
3625 | fxch %st(4) | ||
3626 | fadd %st(0),%st(1) | ||
3627 | fsubrp %st(0),%st(3) | ||
3628 | fldl 16(%edx) | ||
3629 | fmull 40(%ecx) | ||
3630 | fxch %st(4) | ||
3631 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3632 | fldl -96(%ecx) | ||
3633 | fmull 0(%ecx) | ||
3634 | faddp %st(0),%st(6) | ||
3635 | fldl -80(%ecx) | ||
3636 | fmull -24(%ecx) | ||
3637 | faddp %st(0),%st(3) | ||
3638 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
3639 | fadd %st(2),%st(0) | ||
3640 | fldl 80(%edx) | ||
3641 | fmull 32(%ecx) | ||
3642 | faddp %st(0),%st(6) | ||
3643 | fldl -104(%ecx) | ||
3644 | fmull 16(%ecx) | ||
3645 | faddp %st(0),%st(2) | ||
3646 | fldl -88(%ecx) | ||
3647 | fmull -8(%ecx) | ||
3648 | faddp %st(0),%st(7) | ||
3649 | fldl -16(%edx) | ||
3650 | fmull -32(%ecx) | ||
3651 | faddp %st(0),%st(4) | ||
3652 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
3653 | fxch %st(4) | ||
3654 | fstpl 80(%edx) | ||
3655 | fxch %st(4) | ||
3656 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
3657 | fldl -96(%ecx) | ||
3658 | fmull 8(%ecx) | ||
3659 | faddp %st(0),%st(5) | ||
3660 | fldl -80(%ecx) | ||
3661 | fmull -16(%ecx) | ||
3662 | faddp %st(0),%st(6) | ||
3663 | fxch %st(3) | ||
3664 | fadd %st(0),%st(2) | ||
3665 | fsubrp %st(0),%st(1) | ||
3666 | fldl -104(%ecx) | ||
3667 | fmull 24(%ecx) | ||
3668 | faddp %st(0),%st(3) | ||
3669 | fldl -88(%ecx) | ||
3670 | fmull 0(%ecx) | ||
3671 | faddp %st(0),%st(4) | ||
3672 | fldl -16(%edx) | ||
3673 | fmull -24(%ecx) | ||
3674 | faddp %st(0),%st(5) | ||
3675 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
3676 | fadd %st(2),%st(0) | ||
3677 | fldl -96(%ecx) | ||
3678 | fmull 16(%ecx) | ||
3679 | faddp %st(0),%st(4) | ||
3680 | fldl -80(%ecx) | ||
3681 | fmull -8(%ecx) | ||
3682 | faddp %st(0),%st(5) | ||
3683 | fldl -8(%edx) | ||
3684 | fmull -32(%ecx) | ||
3685 | faddp %st(0),%st(6) | ||
3686 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
3687 | fxch %st(1) | ||
3688 | fstpl 88(%edx) | ||
3689 | fldl -88(%ecx) | ||
3690 | fmull 8(%ecx) | ||
3691 | faddp %st(0),%st(3) | ||
3692 | fldl -16(%edx) | ||
3693 | fmull -16(%ecx) | ||
3694 | faddp %st(0),%st(4) | ||
3695 | fadd %st(0),%st(4) | ||
3696 | fsubrp %st(0),%st(1) | ||
3697 | fstpl -104(%ecx) | ||
3698 | fldl -80(%ecx) | ||
3699 | fmull 0(%ecx) | ||
3700 | faddp %st(0),%st(1) | ||
3701 | fldl -8(%edx) | ||
3702 | fmull -24(%ecx) | ||
3703 | faddp %st(0),%st(2) | ||
3704 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
3705 | fadd %st(3),%st(0) | ||
3706 | fldl -16(%edx) | ||
3707 | fmull -8(%ecx) | ||
3708 | faddp %st(0),%st(2) | ||
3709 | fldl 0(%edx) | ||
3710 | fmull -32(%ecx) | ||
3711 | faddp %st(0),%st(3) | ||
3712 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
3713 | fldl -8(%edx) | ||
3714 | fmull -16(%ecx) | ||
3715 | faddp %st(0),%st(2) | ||
3716 | fadd %st(0),%st(2) | ||
3717 | fsubrp %st(0),%st(3) | ||
3718 | fxch %st(2) | ||
3719 | fstpl -96(%ecx) | ||
3720 | fldl 0(%edx) | ||
3721 | fmull -24(%ecx) | ||
3722 | faddp %st(0),%st(2) | ||
3723 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
3724 | fadd %st(1),%st(0) | ||
3725 | fldl 8(%edx) | ||
3726 | fmull -32(%ecx) | ||
3727 | faddp %st(0),%st(3) | ||
3728 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
3729 | fldl 0(%esp) | ||
3730 | fldl 8(%esp) | ||
3731 | fxch %st(2) | ||
3732 | fadd %st(0),%st(4) | ||
3733 | fsubrp %st(0),%st(3) | ||
3734 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
3735 | fadd %st(4),%st(0) | ||
3736 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
3737 | fadd %st(0),%st(1) | ||
3738 | fsubrp %st(0),%st(4) | ||
3739 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3740 | fadd %st(1),%st(0) | ||
3741 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
3742 | fsubr %st(0),%st(1) | ||
3743 | faddp %st(0),%st(2) | ||
3744 | fxch %st(2) | ||
3745 | fstpl -88(%ecx) | ||
3746 | fxch %st(2) | ||
3747 | fstpl -80(%ecx) | ||
3748 | fstpl -72(%ecx) | ||
3749 | fstpl -64(%ecx) | ||
3750 | fldl 136(%ecx) | ||
3751 | fldl -120(%edx) | ||
3752 | fldl 16(%esp) | ||
3753 | fsubr %st(1),%st(0) | ||
3754 | fmul %st(2),%st(0) | ||
3755 | fsubr %st(0),%st(1) | ||
3756 | faddl 16(%esp) | ||
3757 | fxch %st(1) | ||
3758 | fstpl -16(%edx) | ||
3759 | fstpl 0(%esp) | ||
3760 | fldl -112(%edx) | ||
3761 | fldl 24(%esp) | ||
3762 | fsubr %st(1),%st(0) | ||
3763 | fmul %st(2),%st(0) | ||
3764 | fsubr %st(0),%st(1) | ||
3765 | faddl 24(%esp) | ||
3766 | fxch %st(1) | ||
3767 | fstpl -8(%edx) | ||
3768 | fstpl 8(%esp) | ||
3769 | fldl -104(%edx) | ||
3770 | fldl 32(%esp) | ||
3771 | fsubr %st(1),%st(0) | ||
3772 | fmul %st(2),%st(0) | ||
3773 | fsubr %st(0),%st(1) | ||
3774 | faddl 32(%esp) | ||
3775 | fxch %st(1) | ||
3776 | fstpl 0(%edx) | ||
3777 | fstpl 16(%esp) | ||
3778 | fldl 40(%edx) | ||
3779 | fldl 40(%esp) | ||
3780 | fsubr %st(1),%st(0) | ||
3781 | fmul %st(2),%st(0) | ||
3782 | fsubr %st(0),%st(1) | ||
3783 | faddl 40(%esp) | ||
3784 | fxch %st(1) | ||
3785 | fstpl 8(%edx) | ||
3786 | fstpl 24(%esp) | ||
3787 | fldl -96(%edx) | ||
3788 | fldl 48(%esp) | ||
3789 | fsubr %st(1),%st(0) | ||
3790 | fmul %st(2),%st(0) | ||
3791 | fsubr %st(0),%st(1) | ||
3792 | faddl 48(%esp) | ||
3793 | fxch %st(1) | ||
3794 | fstpl 16(%edx) | ||
3795 | fstpl 32(%esp) | ||
3796 | fldl -88(%edx) | ||
3797 | fldl 24(%edx) | ||
3798 | fsubr %st(1),%st(0) | ||
3799 | fmul %st(2),%st(0) | ||
3800 | fsubr %st(0),%st(1) | ||
3801 | faddl 24(%edx) | ||
3802 | fxch %st(1) | ||
3803 | fstpl 24(%edx) | ||
3804 | fstpl 40(%esp) | ||
3805 | fldl -80(%edx) | ||
3806 | fldl 32(%edx) | ||
3807 | fsubr %st(1),%st(0) | ||
3808 | fmul %st(2),%st(0) | ||
3809 | fsubr %st(0),%st(1) | ||
3810 | faddl 32(%edx) | ||
3811 | fxch %st(1) | ||
3812 | fstpl 32(%edx) | ||
3813 | fstpl 48(%esp) | ||
3814 | fldl -72(%edx) | ||
3815 | fldl 48(%edx) | ||
3816 | fsubr %st(1),%st(0) | ||
3817 | fmul %st(2),%st(0) | ||
3818 | fsubr %st(0),%st(1) | ||
3819 | faddl 48(%edx) | ||
3820 | fxch %st(1) | ||
3821 | fstpl 40(%edx) | ||
3822 | fstpl -120(%edx) | ||
3823 | fldl -64(%edx) | ||
3824 | fldl 56(%edx) | ||
3825 | fsubr %st(1),%st(0) | ||
3826 | fmul %st(2),%st(0) | ||
3827 | fsubr %st(0),%st(1) | ||
3828 | faddl 56(%edx) | ||
3829 | fxch %st(1) | ||
3830 | fstpl 48(%edx) | ||
3831 | fstpl -112(%edx) | ||
3832 | fldl -56(%edx) | ||
3833 | fldl -112(%ecx) | ||
3834 | fsubr %st(1),%st(0) | ||
3835 | fmul %st(2),%st(0) | ||
3836 | fsubr %st(0),%st(1) | ||
3837 | faddl -112(%ecx) | ||
3838 | fxch %st(1) | ||
3839 | fstpl 56(%edx) | ||
3840 | fstpl -104(%edx) | ||
3841 | fldl -48(%edx) | ||
3842 | fldl 64(%edx) | ||
3843 | fsubr %st(1),%st(0) | ||
3844 | fmul %st(2),%st(0) | ||
3845 | fsubr %st(0),%st(1) | ||
3846 | faddl 64(%edx) | ||
3847 | fxch %st(1) | ||
3848 | fstpl 64(%edx) | ||
3849 | fstpl -96(%edx) | ||
3850 | fldl -40(%edx) | ||
3851 | fldl 72(%edx) | ||
3852 | fsubr %st(1),%st(0) | ||
3853 | fmul %st(2),%st(0) | ||
3854 | fsubr %st(0),%st(1) | ||
3855 | faddl 72(%edx) | ||
3856 | fxch %st(1) | ||
3857 | fstpl 72(%edx) | ||
3858 | fstpl -88(%edx) | ||
3859 | fldl -32(%edx) | ||
3860 | fldl 80(%edx) | ||
3861 | fsubr %st(1),%st(0) | ||
3862 | fmul %st(2),%st(0) | ||
3863 | fsubr %st(0),%st(1) | ||
3864 | faddl 80(%edx) | ||
3865 | fxch %st(1) | ||
3866 | fstpl 80(%edx) | ||
3867 | fstpl -80(%edx) | ||
3868 | fldl -24(%edx) | ||
3869 | fldl 88(%edx) | ||
3870 | fsubr %st(1),%st(0) | ||
3871 | fmul %st(2),%st(0) | ||
3872 | fsubr %st(0),%st(1) | ||
3873 | faddl 88(%edx) | ||
3874 | fxch %st(1) | ||
3875 | fstpl 88(%edx) | ||
3876 | fstpl -72(%edx) | ||
3877 | fldl 96(%edx) | ||
3878 | fldl -104(%ecx) | ||
3879 | fsubr %st(1),%st(0) | ||
3880 | fmul %st(2),%st(0) | ||
3881 | fsubr %st(0),%st(1) | ||
3882 | faddl -104(%ecx) | ||
3883 | fxch %st(1) | ||
3884 | fstpl 96(%edx) | ||
3885 | fstpl -64(%edx) | ||
3886 | fldl 104(%edx) | ||
3887 | fldl -96(%ecx) | ||
3888 | fsubr %st(1),%st(0) | ||
3889 | fmul %st(2),%st(0) | ||
3890 | fsubr %st(0),%st(1) | ||
3891 | faddl -96(%ecx) | ||
3892 | fxch %st(1) | ||
3893 | fstpl 104(%edx) | ||
3894 | fstpl -56(%edx) | ||
3895 | fldl 112(%edx) | ||
3896 | fldl -88(%ecx) | ||
3897 | fsubr %st(1),%st(0) | ||
3898 | fmul %st(2),%st(0) | ||
3899 | fsubr %st(0),%st(1) | ||
3900 | faddl -88(%ecx) | ||
3901 | fxch %st(1) | ||
3902 | fstpl 112(%edx) | ||
3903 | fstpl -48(%edx) | ||
3904 | fldl 120(%edx) | ||
3905 | fldl -80(%ecx) | ||
3906 | fsubr %st(1),%st(0) | ||
3907 | fmul %st(2),%st(0) | ||
3908 | fsubr %st(0),%st(1) | ||
3909 | faddl -80(%ecx) | ||
3910 | fxch %st(1) | ||
3911 | fstpl 120(%edx) | ||
3912 | fstpl -40(%edx) | ||
3913 | fldl -128(%ecx) | ||
3914 | fldl -72(%ecx) | ||
3915 | fsubr %st(1),%st(0) | ||
3916 | fmul %st(2),%st(0) | ||
3917 | fsubr %st(0),%st(1) | ||
3918 | faddl -72(%ecx) | ||
3919 | fxch %st(1) | ||
3920 | fstpl -128(%ecx) | ||
3921 | fstpl -32(%edx) | ||
3922 | fldl -120(%ecx) | ||
3923 | fldl -64(%ecx) | ||
3924 | fsubr %st(1),%st(0) | ||
3925 | fmulp %st(0),%st(2) | ||
3926 | fsub %st(1),%st(0) | ||
3927 | fxch %st(1) | ||
3928 | faddl -64(%ecx) | ||
3929 | fxch %st(1) | ||
3930 | fstpl -120(%ecx) | ||
3931 | fstpl -24(%edx) | ||
3932 | movl 180(%ecx),%esi | ||
3933 | movl 184(%ecx),%ebp | ||
3934 | sub $1,%ebp | ||
3935 | ja ._morebits | ||
3936 | movl 188(%ecx),%edi | ||
3937 | sub $4,%edi | ||
3938 | jb ._done | ||
3939 | movl (%ebx,%edi),%esi | ||
3940 | mov $32,%ebp | ||
3941 | jmp ._morebytes | ||
3942 | ._done: | ||
3943 | movl 4(%esp,%eax),%eax | ||
3944 | fldl 0(%esp) | ||
3945 | fstpl 0(%eax) | ||
3946 | fldl 8(%esp) | ||
3947 | fstpl 8(%eax) | ||
3948 | fldl 16(%esp) | ||
3949 | fstpl 16(%eax) | ||
3950 | fldl 24(%esp) | ||
3951 | fstpl 24(%eax) | ||
3952 | fldl 32(%esp) | ||
3953 | fstpl 32(%eax) | ||
3954 | fldl 40(%esp) | ||
3955 | fstpl 40(%eax) | ||
3956 | fldl 48(%esp) | ||
3957 | fstpl 48(%eax) | ||
3958 | fldl -120(%edx) | ||
3959 | fstpl 56(%eax) | ||
3960 | fldl -112(%edx) | ||
3961 | fstpl 64(%eax) | ||
3962 | fldl -104(%edx) | ||
3963 | fstpl 72(%eax) | ||
3964 | fldl -96(%edx) | ||
3965 | fstpl 80(%eax) | ||
3966 | fldl -88(%edx) | ||
3967 | fstpl 88(%eax) | ||
3968 | fldl -80(%edx) | ||
3969 | fstpl 96(%eax) | ||
3970 | fldl -72(%edx) | ||
3971 | fstpl 104(%eax) | ||
3972 | fldl -64(%edx) | ||
3973 | fstpl 112(%eax) | ||
3974 | fldl -56(%edx) | ||
3975 | fstpl 120(%eax) | ||
3976 | fldl -48(%edx) | ||
3977 | fstpl 128(%eax) | ||
3978 | fldl -40(%edx) | ||
3979 | fstpl 136(%eax) | ||
3980 | fldl -32(%edx) | ||
3981 | fstpl 144(%eax) | ||
3982 | fldl -24(%edx) | ||
3983 | fstpl 152(%eax) | ||
3984 | movl 160(%ecx),%eax | ||
3985 | movl 164(%ecx),%ebx | ||
3986 | movl 168(%ecx),%esi | ||
3987 | movl 172(%ecx),%edi | ||
3988 | movl 176(%ecx),%ebp | ||
3989 | add %eax,%esp | ||
3990 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/mult.s b/nacl/crypto_scalarmult/curve25519/athlon/mult.s new file mode 100644 index 00000000..16f0e908 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/mult.s | |||
@@ -0,0 +1,410 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_mult | ||
4 | .globl crypto_scalarmult_curve25519_athlon_mult | ||
5 | _crypto_scalarmult_curve25519_athlon_mult: | ||
6 | crypto_scalarmult_curve25519_athlon_mult: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $32,%eax | ||
10 | sub %eax,%esp | ||
11 | movl %ebp,0(%esp) | ||
12 | movl 4(%esp,%eax),%ecx | ||
13 | movl 8(%esp,%eax),%edx | ||
14 | movl 12(%esp,%eax),%ebp | ||
15 | fldl 72(%edx) | ||
16 | fmull 72(%ebp) | ||
17 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
18 | fldl 0(%edx) | ||
19 | fmull 64(%ebp) | ||
20 | faddp %st(0),%st(1) | ||
21 | fldl 8(%edx) | ||
22 | fmull 56(%ebp) | ||
23 | faddp %st(0),%st(1) | ||
24 | fldl 0(%edx) | ||
25 | fmull 72(%ebp) | ||
26 | fldl 16(%edx) | ||
27 | fmull 48(%ebp) | ||
28 | faddp %st(0),%st(2) | ||
29 | fldl 8(%edx) | ||
30 | fmull 64(%ebp) | ||
31 | faddp %st(0),%st(1) | ||
32 | fldl 24(%edx) | ||
33 | fmull 40(%ebp) | ||
34 | faddp %st(0),%st(2) | ||
35 | fldl 16(%edx) | ||
36 | fmull 56(%ebp) | ||
37 | faddp %st(0),%st(1) | ||
38 | fldl 32(%edx) | ||
39 | fmull 32(%ebp) | ||
40 | faddp %st(0),%st(2) | ||
41 | fldl 24(%edx) | ||
42 | fmull 48(%ebp) | ||
43 | faddp %st(0),%st(1) | ||
44 | fldl 8(%edx) | ||
45 | fmull 72(%ebp) | ||
46 | fldl 40(%edx) | ||
47 | fmull 24(%ebp) | ||
48 | faddp %st(0),%st(3) | ||
49 | fldl 32(%edx) | ||
50 | fmull 40(%ebp) | ||
51 | faddp %st(0),%st(2) | ||
52 | fldl 16(%edx) | ||
53 | fmull 64(%ebp) | ||
54 | faddp %st(0),%st(1) | ||
55 | fldl 48(%edx) | ||
56 | fmull 16(%ebp) | ||
57 | faddp %st(0),%st(3) | ||
58 | fldl 40(%edx) | ||
59 | fmull 32(%ebp) | ||
60 | faddp %st(0),%st(2) | ||
61 | fldl 24(%edx) | ||
62 | fmull 56(%ebp) | ||
63 | faddp %st(0),%st(1) | ||
64 | fldl 56(%edx) | ||
65 | fmull 8(%ebp) | ||
66 | faddp %st(0),%st(3) | ||
67 | fldl 48(%edx) | ||
68 | fmull 24(%ebp) | ||
69 | faddp %st(0),%st(2) | ||
70 | fldl 32(%edx) | ||
71 | fmull 48(%ebp) | ||
72 | faddp %st(0),%st(1) | ||
73 | fldl 64(%edx) | ||
74 | fmull 0(%ebp) | ||
75 | faddp %st(0),%st(3) | ||
76 | fldl 56(%edx) | ||
77 | fmull 16(%ebp) | ||
78 | faddp %st(0),%st(2) | ||
79 | fldl 40(%edx) | ||
80 | fmull 40(%ebp) | ||
81 | faddp %st(0),%st(1) | ||
82 | fldl 16(%edx) | ||
83 | fmull 72(%ebp) | ||
84 | fldl 48(%edx) | ||
85 | fmull 32(%ebp) | ||
86 | faddp %st(0),%st(2) | ||
87 | fldl 64(%edx) | ||
88 | fmull 8(%ebp) | ||
89 | faddp %st(0),%st(3) | ||
90 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
91 | fadd %st(4),%st(0) | ||
92 | fldl 24(%edx) | ||
93 | fmull 64(%ebp) | ||
94 | faddp %st(0),%st(2) | ||
95 | fldl 56(%edx) | ||
96 | fmull 24(%ebp) | ||
97 | faddp %st(0),%st(3) | ||
98 | fldl 72(%edx) | ||
99 | fmull 0(%ebp) | ||
100 | faddp %st(0),%st(4) | ||
101 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
102 | fldl 32(%edx) | ||
103 | fmull 56(%ebp) | ||
104 | faddp %st(0),%st(2) | ||
105 | fldl 24(%edx) | ||
106 | fmull 72(%ebp) | ||
107 | fldl 64(%edx) | ||
108 | fmull 16(%ebp) | ||
109 | faddp %st(0),%st(4) | ||
110 | fxch %st(1) | ||
111 | fadd %st(0),%st(4) | ||
112 | fldl 40(%edx) | ||
113 | fmull 48(%ebp) | ||
114 | faddp %st(0),%st(3) | ||
115 | fldl 32(%edx) | ||
116 | fmull 64(%ebp) | ||
117 | faddp %st(0),%st(2) | ||
118 | fsubrp %st(0),%st(5) | ||
119 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
120 | fadd %st(4),%st(0) | ||
121 | fldl 48(%edx) | ||
122 | fmull 40(%ebp) | ||
123 | faddp %st(0),%st(3) | ||
124 | fldl 40(%edx) | ||
125 | fmull 56(%ebp) | ||
126 | faddp %st(0),%st(2) | ||
127 | fldl 72(%edx) | ||
128 | fmull 8(%ebp) | ||
129 | faddp %st(0),%st(4) | ||
130 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
131 | fldl 56(%edx) | ||
132 | fmull 32(%ebp) | ||
133 | faddp %st(0),%st(3) | ||
134 | fldl 32(%edx) | ||
135 | fmull 72(%ebp) | ||
136 | fldl 48(%edx) | ||
137 | fmull 48(%ebp) | ||
138 | faddp %st(0),%st(3) | ||
139 | fldl 64(%edx) | ||
140 | fmull 24(%ebp) | ||
141 | faddp %st(0),%st(4) | ||
142 | fxch %st(1) | ||
143 | fadd %st(0),%st(4) | ||
144 | fsubrp %st(0),%st(5) | ||
145 | fxch %st(5) | ||
146 | fstpl 64(%ecx) | ||
147 | fldl 40(%edx) | ||
148 | fmull 64(%ebp) | ||
149 | faddp %st(0),%st(5) | ||
150 | fldl 56(%edx) | ||
151 | fmull 40(%ebp) | ||
152 | faddp %st(0),%st(1) | ||
153 | fldl 72(%edx) | ||
154 | fmull 16(%ebp) | ||
155 | faddp %st(0),%st(2) | ||
156 | fxch %st(2) | ||
157 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
158 | fldl 48(%edx) | ||
159 | fmull 56(%ebp) | ||
160 | faddp %st(0),%st(5) | ||
161 | fldl 64(%edx) | ||
162 | fmull 32(%ebp) | ||
163 | faddp %st(0),%st(3) | ||
164 | fxch %st(1) | ||
165 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
166 | fldl 0(%edx) | ||
167 | fmull 0(%ebp) | ||
168 | faddp %st(0),%st(2) | ||
169 | fxch %st(3) | ||
170 | fstpl 72(%ecx) | ||
171 | fldl 40(%edx) | ||
172 | fmull 72(%ebp) | ||
173 | fldl 56(%edx) | ||
174 | fmull 48(%ebp) | ||
175 | faddp %st(0),%st(5) | ||
176 | fldl 72(%edx) | ||
177 | fmull 24(%ebp) | ||
178 | faddp %st(0),%st(3) | ||
179 | fldl 0(%edx) | ||
180 | fmull 8(%ebp) | ||
181 | faddp %st(0),%st(4) | ||
182 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
183 | fadd %st(2),%st(0) | ||
184 | fldl 48(%edx) | ||
185 | fmull 64(%ebp) | ||
186 | faddp %st(0),%st(2) | ||
187 | fldl 64(%edx) | ||
188 | fmull 40(%ebp) | ||
189 | faddp %st(0),%st(6) | ||
190 | fxch %st(3) | ||
191 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
192 | fldl 8(%edx) | ||
193 | fmull 0(%ebp) | ||
194 | faddp %st(0),%st(5) | ||
195 | fxch %st(3) | ||
196 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
197 | fldl 56(%edx) | ||
198 | fmull 56(%ebp) | ||
199 | faddp %st(0),%st(2) | ||
200 | fldl 72(%edx) | ||
201 | fmull 32(%ebp) | ||
202 | faddp %st(0),%st(6) | ||
203 | fldl 0(%edx) | ||
204 | fmull 16(%ebp) | ||
205 | faddp %st(0),%st(4) | ||
206 | fadd %st(0),%st(4) | ||
207 | fsubrp %st(0),%st(2) | ||
208 | fldl 48(%edx) | ||
209 | fmull 72(%ebp) | ||
210 | fldl 64(%edx) | ||
211 | fmull 48(%ebp) | ||
212 | faddp %st(0),%st(2) | ||
213 | fxch %st(5) | ||
214 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
215 | fldl 8(%edx) | ||
216 | fmull 8(%ebp) | ||
217 | faddp %st(0),%st(4) | ||
218 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
219 | fadd %st(5),%st(0) | ||
220 | fldl 56(%edx) | ||
221 | fmull 64(%ebp) | ||
222 | faddp %st(0),%st(7) | ||
223 | fldl 72(%edx) | ||
224 | fmull 40(%ebp) | ||
225 | faddp %st(0),%st(3) | ||
226 | fldl 0(%edx) | ||
227 | fmull 24(%ebp) | ||
228 | faddp %st(0),%st(2) | ||
229 | fldl 16(%edx) | ||
230 | fmull 0(%ebp) | ||
231 | faddp %st(0),%st(5) | ||
232 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
233 | fxch %st(3) | ||
234 | fstpl 0(%ecx) | ||
235 | fldl 64(%edx) | ||
236 | fmull 56(%ebp) | ||
237 | faddp %st(0),%st(6) | ||
238 | fxch %st(1) | ||
239 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
240 | fldl 8(%edx) | ||
241 | fmull 16(%ebp) | ||
242 | faddp %st(0),%st(2) | ||
243 | fxch %st(2) | ||
244 | fadd %st(0),%st(3) | ||
245 | fsubrp %st(0),%st(4) | ||
246 | fldl 56(%edx) | ||
247 | fmull 72(%ebp) | ||
248 | fldl 72(%edx) | ||
249 | fmull 48(%ebp) | ||
250 | faddp %st(0),%st(6) | ||
251 | fldl 0(%edx) | ||
252 | fmull 32(%ebp) | ||
253 | faddp %st(0),%st(3) | ||
254 | fldl 16(%edx) | ||
255 | fmull 8(%ebp) | ||
256 | faddp %st(0),%st(2) | ||
257 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
258 | fadd %st(4),%st(0) | ||
259 | fldl 64(%edx) | ||
260 | fmull 64(%ebp) | ||
261 | faddp %st(0),%st(2) | ||
262 | fxch %st(6) | ||
263 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
264 | fldl 8(%edx) | ||
265 | fmull 24(%ebp) | ||
266 | faddp %st(0),%st(4) | ||
267 | fldl 24(%edx) | ||
268 | fmull 0(%ebp) | ||
269 | faddp %st(0),%st(3) | ||
270 | fxch %st(6) | ||
271 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
272 | fxch %st(5) | ||
273 | fstpl 8(%ecx) | ||
274 | fldl 72(%edx) | ||
275 | fmull 56(%ebp) | ||
276 | faddp %st(0),%st(1) | ||
277 | fldl 0(%edx) | ||
278 | fmull 40(%ebp) | ||
279 | faddp %st(0),%st(6) | ||
280 | fldl 16(%edx) | ||
281 | fmull 16(%ebp) | ||
282 | faddp %st(0),%st(3) | ||
283 | fxch %st(4) | ||
284 | fadd %st(0),%st(1) | ||
285 | fsubrp %st(0),%st(3) | ||
286 | fldl 64(%edx) | ||
287 | fmull 72(%ebp) | ||
288 | fxch %st(4) | ||
289 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
290 | fldl 8(%edx) | ||
291 | fmull 32(%ebp) | ||
292 | faddp %st(0),%st(6) | ||
293 | fldl 24(%edx) | ||
294 | fmull 8(%ebp) | ||
295 | faddp %st(0),%st(3) | ||
296 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
297 | fadd %st(2),%st(0) | ||
298 | fldl 72(%edx) | ||
299 | fmull 64(%ebp) | ||
300 | faddp %st(0),%st(6) | ||
301 | fldl 0(%edx) | ||
302 | fmull 48(%ebp) | ||
303 | faddp %st(0),%st(2) | ||
304 | fldl 16(%edx) | ||
305 | fmull 24(%ebp) | ||
306 | faddp %st(0),%st(7) | ||
307 | fldl 32(%edx) | ||
308 | fmull 0(%ebp) | ||
309 | faddp %st(0),%st(4) | ||
310 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
311 | fxch %st(4) | ||
312 | fstpl 16(%ecx) | ||
313 | fxch %st(4) | ||
314 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
315 | fldl 8(%edx) | ||
316 | fmull 40(%ebp) | ||
317 | faddp %st(0),%st(5) | ||
318 | fldl 24(%edx) | ||
319 | fmull 16(%ebp) | ||
320 | faddp %st(0),%st(6) | ||
321 | fxch %st(3) | ||
322 | fadd %st(0),%st(2) | ||
323 | fsubrp %st(0),%st(1) | ||
324 | fldl 0(%edx) | ||
325 | fmull 56(%ebp) | ||
326 | faddp %st(0),%st(3) | ||
327 | fldl 16(%edx) | ||
328 | fmull 32(%ebp) | ||
329 | faddp %st(0),%st(4) | ||
330 | fldl 32(%edx) | ||
331 | fmull 8(%ebp) | ||
332 | faddp %st(0),%st(5) | ||
333 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
334 | fadd %st(2),%st(0) | ||
335 | fldl 8(%edx) | ||
336 | fmull 48(%ebp) | ||
337 | faddp %st(0),%st(4) | ||
338 | fldl 24(%edx) | ||
339 | fmull 24(%ebp) | ||
340 | faddp %st(0),%st(5) | ||
341 | fldl 40(%edx) | ||
342 | fmull 0(%ebp) | ||
343 | faddp %st(0),%st(6) | ||
344 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
345 | fxch %st(1) | ||
346 | fstpl 24(%ecx) | ||
347 | fldl 16(%edx) | ||
348 | fmull 40(%ebp) | ||
349 | faddp %st(0),%st(3) | ||
350 | fldl 32(%edx) | ||
351 | fmull 16(%ebp) | ||
352 | faddp %st(0),%st(4) | ||
353 | fadd %st(0),%st(4) | ||
354 | fsubrp %st(0),%st(1) | ||
355 | fstpl 32(%ecx) | ||
356 | fldl 24(%edx) | ||
357 | fmull 32(%ebp) | ||
358 | faddp %st(0),%st(1) | ||
359 | fldl 40(%edx) | ||
360 | fmull 8(%ebp) | ||
361 | faddp %st(0),%st(2) | ||
362 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
363 | fadd %st(3),%st(0) | ||
364 | fldl 32(%edx) | ||
365 | fmull 24(%ebp) | ||
366 | faddp %st(0),%st(2) | ||
367 | fldl 48(%edx) | ||
368 | fmull 0(%ebp) | ||
369 | faddp %st(0),%st(3) | ||
370 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
371 | fldl 40(%edx) | ||
372 | fmull 16(%ebp) | ||
373 | faddp %st(0),%st(2) | ||
374 | fadd %st(0),%st(2) | ||
375 | fsubrp %st(0),%st(3) | ||
376 | fxch %st(2) | ||
377 | fstpl 40(%ecx) | ||
378 | fldl 48(%edx) | ||
379 | fmull 8(%ebp) | ||
380 | faddp %st(0),%st(2) | ||
381 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
382 | fadd %st(1),%st(0) | ||
383 | fldl 56(%edx) | ||
384 | fmull 0(%ebp) | ||
385 | faddp %st(0),%st(3) | ||
386 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
387 | fldl 64(%ecx) | ||
388 | fldl 72(%ecx) | ||
389 | fxch %st(2) | ||
390 | fadd %st(0),%st(4) | ||
391 | fsubrp %st(0),%st(3) | ||
392 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
393 | fadd %st(4),%st(0) | ||
394 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
395 | fadd %st(0),%st(1) | ||
396 | fsubrp %st(0),%st(4) | ||
397 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
398 | fadd %st(1),%st(0) | ||
399 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
400 | fsubr %st(0),%st(1) | ||
401 | faddp %st(0),%st(2) | ||
402 | fxch %st(2) | ||
403 | fstpl 48(%ecx) | ||
404 | fxch %st(2) | ||
405 | fstpl 56(%ecx) | ||
406 | fstpl 64(%ecx) | ||
407 | fstpl 72(%ecx) | ||
408 | movl 0(%esp),%ebp | ||
409 | add %eax,%esp | ||
410 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/smult.c b/nacl/crypto_scalarmult/curve25519/athlon/smult.c new file mode 100644 index 00000000..157f1e6c --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/smult.c | |||
@@ -0,0 +1,91 @@ | |||
1 | #include "crypto_scalarmult.h" | ||
2 | |||
3 | #define mult crypto_scalarmult_curve25519_athlon_mult | ||
4 | #define square crypto_scalarmult_curve25519_athlon_square | ||
5 | |||
6 | void crypto_scalarmult_curve25519_athlon_recip(double out[10],const double z[10]) | ||
7 | { | ||
8 | double z2[10]; | ||
9 | double z9[10]; | ||
10 | double z11[10]; | ||
11 | double z2_5_0[10]; | ||
12 | double z2_10_0[10]; | ||
13 | double z2_20_0[10]; | ||
14 | double z2_50_0[10]; | ||
15 | double z2_100_0[10]; | ||
16 | double t0[10]; | ||
17 | double t1[10]; | ||
18 | int i; | ||
19 | |||
20 | /* 2 */ square(z2,z); | ||
21 | /* 4 */ square(t1,z2); | ||
22 | /* 8 */ square(t0,t1); | ||
23 | /* 9 */ mult(z9,t0,z); | ||
24 | /* 11 */ mult(z11,z9,z2); | ||
25 | /* 22 */ square(t0,z11); | ||
26 | /* 2^5 - 2^0 = 31 */ mult(z2_5_0,t0,z9); | ||
27 | |||
28 | /* 2^6 - 2^1 */ square(t0,z2_5_0); | ||
29 | /* 2^7 - 2^2 */ square(t1,t0); | ||
30 | /* 2^8 - 2^3 */ square(t0,t1); | ||
31 | /* 2^9 - 2^4 */ square(t1,t0); | ||
32 | /* 2^10 - 2^5 */ square(t0,t1); | ||
33 | /* 2^10 - 2^0 */ mult(z2_10_0,t0,z2_5_0); | ||
34 | |||
35 | /* 2^11 - 2^1 */ square(t0,z2_10_0); | ||
36 | /* 2^12 - 2^2 */ square(t1,t0); | ||
37 | /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t0,t1); square(t1,t0); } | ||
38 | /* 2^20 - 2^0 */ mult(z2_20_0,t1,z2_10_0); | ||
39 | |||
40 | /* 2^21 - 2^1 */ square(t0,z2_20_0); | ||
41 | /* 2^22 - 2^2 */ square(t1,t0); | ||
42 | /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { square(t0,t1); square(t1,t0); } | ||
43 | /* 2^40 - 2^0 */ mult(t0,t1,z2_20_0); | ||
44 | |||
45 | /* 2^41 - 2^1 */ square(t1,t0); | ||
46 | /* 2^42 - 2^2 */ square(t0,t1); | ||
47 | /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t1,t0); square(t0,t1); } | ||
48 | /* 2^50 - 2^0 */ mult(z2_50_0,t0,z2_10_0); | ||
49 | |||
50 | /* 2^51 - 2^1 */ square(t0,z2_50_0); | ||
51 | /* 2^52 - 2^2 */ square(t1,t0); | ||
52 | /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } | ||
53 | /* 2^100 - 2^0 */ mult(z2_100_0,t1,z2_50_0); | ||
54 | |||
55 | /* 2^101 - 2^1 */ square(t1,z2_100_0); | ||
56 | /* 2^102 - 2^2 */ square(t0,t1); | ||
57 | /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { square(t1,t0); square(t0,t1); } | ||
58 | /* 2^200 - 2^0 */ mult(t1,t0,z2_100_0); | ||
59 | |||
60 | /* 2^201 - 2^1 */ square(t0,t1); | ||
61 | /* 2^202 - 2^2 */ square(t1,t0); | ||
62 | /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } | ||
63 | /* 2^250 - 2^0 */ mult(t0,t1,z2_50_0); | ||
64 | |||
65 | /* 2^251 - 2^1 */ square(t1,t0); | ||
66 | /* 2^252 - 2^2 */ square(t0,t1); | ||
67 | /* 2^253 - 2^3 */ square(t1,t0); | ||
68 | /* 2^254 - 2^4 */ square(t0,t1); | ||
69 | /* 2^255 - 2^5 */ square(t1,t0); | ||
70 | /* 2^255 - 21 */ mult(out,t1,z11); | ||
71 | } | ||
72 | |||
73 | int crypto_scalarmult(unsigned char *q, | ||
74 | const unsigned char *n, | ||
75 | const unsigned char *p) | ||
76 | { | ||
77 | double work[30]; | ||
78 | unsigned char e[32]; | ||
79 | int i; | ||
80 | for (i = 0;i < 32;++i) e[i] = n[i]; | ||
81 | e[0] &= 248; | ||
82 | e[31] &= 127; | ||
83 | e[31] |= 64; | ||
84 | crypto_scalarmult_curve25519_athlon_init(); | ||
85 | crypto_scalarmult_curve25519_athlon_todouble(work,p); | ||
86 | crypto_scalarmult_curve25519_athlon_mainloop(work,e); | ||
87 | crypto_scalarmult_curve25519_athlon_recip(work + 10,work + 10); | ||
88 | mult(work + 20,work,work + 10); | ||
89 | crypto_scalarmult_curve25519_athlon_fromdouble(q,work + 20); | ||
90 | return 0; | ||
91 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/square.s b/nacl/crypto_scalarmult/curve25519/athlon/square.s new file mode 100644 index 00000000..754def78 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/square.s | |||
@@ -0,0 +1,298 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_square | ||
4 | .globl crypto_scalarmult_curve25519_athlon_square | ||
5 | _crypto_scalarmult_curve25519_athlon_square: | ||
6 | crypto_scalarmult_curve25519_athlon_square: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $64,%eax | ||
10 | sub %eax,%esp | ||
11 | movl 8(%esp,%eax),%edx | ||
12 | movl 4(%esp,%eax),%ecx | ||
13 | fldl 72(%edx) | ||
14 | fmul %st(0),%st(0) | ||
15 | fldl 0(%edx) | ||
16 | fadd %st(0),%st(0) | ||
17 | fldl 8(%edx) | ||
18 | fadd %st(0),%st(0) | ||
19 | fldl 16(%edx) | ||
20 | fadd %st(0),%st(0) | ||
21 | fldl 56(%edx) | ||
22 | fxch %st(4) | ||
23 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
24 | fldl 72(%edx) | ||
25 | fmul %st(4),%st(0) | ||
26 | fldl 64(%edx) | ||
27 | fmul %st(4),%st(0) | ||
28 | faddp %st(0),%st(1) | ||
29 | fxch %st(4) | ||
30 | fstl 0(%esp) | ||
31 | fxch %st(3) | ||
32 | fstl 8(%esp) | ||
33 | fxch %st(3) | ||
34 | fmull 64(%edx) | ||
35 | faddp %st(0),%st(1) | ||
36 | fldl 48(%edx) | ||
37 | fxch %st(5) | ||
38 | fmul %st(0),%st(3) | ||
39 | fxch %st(3) | ||
40 | faddp %st(0),%st(1) | ||
41 | fxch %st(2) | ||
42 | fadd %st(0),%st(0) | ||
43 | fldl 56(%edx) | ||
44 | fmul %st(2),%st(0) | ||
45 | faddp %st(0),%st(4) | ||
46 | fxch %st(1) | ||
47 | fstl 16(%esp) | ||
48 | fldl 40(%edx) | ||
49 | fxch %st(5) | ||
50 | fmul %st(0),%st(1) | ||
51 | fxch %st(1) | ||
52 | faddp %st(0),%st(3) | ||
53 | fadd %st(0),%st(0) | ||
54 | fstpl 48(%esp) | ||
55 | fldl 24(%edx) | ||
56 | fadd %st(0),%st(0) | ||
57 | fstl 24(%esp) | ||
58 | fldl 48(%edx) | ||
59 | fmul %st(1),%st(0) | ||
60 | faddp %st(0),%st(4) | ||
61 | fmul %st(4),%st(0) | ||
62 | faddp %st(0),%st(2) | ||
63 | fxch %st(3) | ||
64 | fadd %st(0),%st(0) | ||
65 | fstpl 40(%esp) | ||
66 | fldl 32(%edx) | ||
67 | fmul %st(0),%st(0) | ||
68 | faddp %st(0),%st(1) | ||
69 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
70 | fadd %st(1),%st(0) | ||
71 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
72 | fsubr %st(0),%st(1) | ||
73 | fldl 8(%esp) | ||
74 | fldl 72(%edx) | ||
75 | fmul %st(0),%st(1) | ||
76 | fldl 16(%esp) | ||
77 | fmul %st(0),%st(1) | ||
78 | fldl 64(%edx) | ||
79 | fmul %st(0),%st(1) | ||
80 | fxch %st(1) | ||
81 | faddp %st(0),%st(3) | ||
82 | fldl 24(%esp) | ||
83 | fmul %st(0),%st(1) | ||
84 | fxch %st(1) | ||
85 | faddp %st(0),%st(2) | ||
86 | fldl 32(%edx) | ||
87 | fadd %st(0),%st(0) | ||
88 | fstl 32(%esp) | ||
89 | fmull 40(%edx) | ||
90 | faddp %st(0),%st(6) | ||
91 | fxch %st(3) | ||
92 | faddp %st(0),%st(5) | ||
93 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
94 | fadd %st(5),%st(0) | ||
95 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
96 | fsubr %st(0),%st(5) | ||
97 | fldl 56(%edx) | ||
98 | fmul %st(0),%st(4) | ||
99 | fxch %st(4) | ||
100 | faddp %st(0),%st(3) | ||
101 | fldl 32(%esp) | ||
102 | fmul %st(0),%st(4) | ||
103 | fxch %st(4) | ||
104 | faddp %st(0),%st(2) | ||
105 | fldl 48(%edx) | ||
106 | fmul %st(0),%st(4) | ||
107 | fxch %st(4) | ||
108 | faddp %st(0),%st(3) | ||
109 | fxch %st(3) | ||
110 | fmull 40(%esp) | ||
111 | faddp %st(0),%st(1) | ||
112 | fxch %st(3) | ||
113 | fstpl 64(%ecx) | ||
114 | fldl 40(%edx) | ||
115 | fmul %st(0),%st(0) | ||
116 | faddp %st(0),%st(1) | ||
117 | fxch %st(2) | ||
118 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
119 | fxch %st(3) | ||
120 | fstpl 72(%ecx) | ||
121 | faddp %st(0),%st(1) | ||
122 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
123 | fldl 24(%esp) | ||
124 | fmull 72(%edx) | ||
125 | fldl 0(%edx) | ||
126 | fmul %st(0),%st(0) | ||
127 | faddp %st(0),%st(2) | ||
128 | fldl 32(%esp) | ||
129 | fmull 64(%edx) | ||
130 | faddp %st(0),%st(1) | ||
131 | fldl 0(%esp) | ||
132 | fmull 8(%edx) | ||
133 | faddp %st(0),%st(3) | ||
134 | fldl 40(%esp) | ||
135 | fmull 56(%edx) | ||
136 | faddp %st(0),%st(1) | ||
137 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
138 | fadd %st(2),%st(0) | ||
139 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
140 | fsubr %st(0),%st(2) | ||
141 | faddp %st(0),%st(3) | ||
142 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
143 | fadd %st(3),%st(0) | ||
144 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
145 | fsubr %st(0),%st(3) | ||
146 | fldl 48(%edx) | ||
147 | fmul %st(0),%st(0) | ||
148 | faddp %st(0),%st(2) | ||
149 | fxch %st(1) | ||
150 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
151 | fldl 0(%esp) | ||
152 | fmull 16(%edx) | ||
153 | faddp %st(0),%st(1) | ||
154 | fldl 8(%edx) | ||
155 | fmul %st(0),%st(0) | ||
156 | faddp %st(0),%st(1) | ||
157 | faddp %st(0),%st(1) | ||
158 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
159 | fadd %st(1),%st(0) | ||
160 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
161 | fsubr %st(0),%st(1) | ||
162 | fxch %st(2) | ||
163 | fstpl 0(%ecx) | ||
164 | fldl 32(%esp) | ||
165 | fmull 72(%edx) | ||
166 | fldl 40(%esp) | ||
167 | fmull 64(%edx) | ||
168 | faddp %st(0),%st(1) | ||
169 | fldl 48(%esp) | ||
170 | fmull 56(%edx) | ||
171 | faddp %st(0),%st(1) | ||
172 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
173 | fldl 0(%esp) | ||
174 | fmull 24(%edx) | ||
175 | faddp %st(0),%st(1) | ||
176 | fldl 8(%esp) | ||
177 | fmull 16(%edx) | ||
178 | faddp %st(0),%st(1) | ||
179 | faddp %st(0),%st(2) | ||
180 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
181 | fadd %st(2),%st(0) | ||
182 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
183 | fsubr %st(0),%st(2) | ||
184 | fxch %st(3) | ||
185 | fstpl 8(%ecx) | ||
186 | fldl 40(%esp) | ||
187 | fmull 72(%edx) | ||
188 | fldl 48(%esp) | ||
189 | fmull 64(%edx) | ||
190 | faddp %st(0),%st(1) | ||
191 | fldl 56(%edx) | ||
192 | fmul %st(0),%st(0) | ||
193 | faddp %st(0),%st(1) | ||
194 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
195 | fldl 0(%esp) | ||
196 | fmull 32(%edx) | ||
197 | faddp %st(0),%st(1) | ||
198 | fldl 8(%esp) | ||
199 | fmull 24(%edx) | ||
200 | faddp %st(0),%st(1) | ||
201 | fldl 16(%edx) | ||
202 | fmul %st(0),%st(0) | ||
203 | faddp %st(0),%st(1) | ||
204 | faddp %st(0),%st(3) | ||
205 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
206 | fadd %st(3),%st(0) | ||
207 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
208 | fsubr %st(0),%st(3) | ||
209 | fxch %st(1) | ||
210 | fstpl 16(%ecx) | ||
211 | fldl 48(%esp) | ||
212 | fldl 72(%edx) | ||
213 | fmul %st(0),%st(1) | ||
214 | fmul %st(5),%st(0) | ||
215 | fxch %st(5) | ||
216 | fmull 64(%edx) | ||
217 | faddp %st(0),%st(1) | ||
218 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
219 | fldl 0(%esp) | ||
220 | fmull 40(%edx) | ||
221 | faddp %st(0),%st(1) | ||
222 | fldl 8(%esp) | ||
223 | fmull 32(%edx) | ||
224 | faddp %st(0),%st(1) | ||
225 | fldl 16(%esp) | ||
226 | fmull 24(%edx) | ||
227 | faddp %st(0),%st(1) | ||
228 | faddp %st(0),%st(1) | ||
229 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
230 | fadd %st(1),%st(0) | ||
231 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
232 | fsubr %st(0),%st(1) | ||
233 | fxch %st(2) | ||
234 | fstpl 24(%ecx) | ||
235 | fldl 64(%edx) | ||
236 | fmul %st(0),%st(0) | ||
237 | faddp %st(0),%st(4) | ||
238 | fxch %st(3) | ||
239 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
240 | fldl 0(%esp) | ||
241 | fmull 48(%edx) | ||
242 | faddp %st(0),%st(1) | ||
243 | fldl 8(%esp) | ||
244 | fmull 40(%edx) | ||
245 | faddp %st(0),%st(1) | ||
246 | fldl 16(%esp) | ||
247 | fmull 32(%edx) | ||
248 | faddp %st(0),%st(1) | ||
249 | fldl 24(%edx) | ||
250 | fmul %st(0),%st(0) | ||
251 | faddp %st(0),%st(1) | ||
252 | faddp %st(0),%st(1) | ||
253 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
254 | fadd %st(1),%st(0) | ||
255 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
256 | fsubr %st(0),%st(1) | ||
257 | fldl 64(%edx) | ||
258 | fadd %st(0),%st(0) | ||
259 | fmull 72(%edx) | ||
260 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
261 | fldl 0(%esp) | ||
262 | fmull 56(%edx) | ||
263 | faddp %st(0),%st(1) | ||
264 | fldl 8(%esp) | ||
265 | fmull 48(%edx) | ||
266 | faddp %st(0),%st(1) | ||
267 | fldl 16(%esp) | ||
268 | fmull 40(%edx) | ||
269 | faddp %st(0),%st(1) | ||
270 | fldl 24(%esp) | ||
271 | fmull 32(%edx) | ||
272 | faddp %st(0),%st(1) | ||
273 | faddp %st(0),%st(1) | ||
274 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
275 | fadd %st(1),%st(0) | ||
276 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
277 | fsubr %st(0),%st(1) | ||
278 | fldl 64(%ecx) | ||
279 | faddp %st(0),%st(1) | ||
280 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
281 | fadd %st(1),%st(0) | ||
282 | fldl 72(%ecx) | ||
283 | fxch %st(1) | ||
284 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
285 | fsubr %st(0),%st(2) | ||
286 | faddp %st(0),%st(1) | ||
287 | fxch %st(4) | ||
288 | fstpl 32(%ecx) | ||
289 | fxch %st(4) | ||
290 | fstpl 40(%ecx) | ||
291 | fxch %st(1) | ||
292 | fstpl 48(%ecx) | ||
293 | fstpl 56(%ecx) | ||
294 | fxch %st(1) | ||
295 | fstpl 64(%ecx) | ||
296 | fstpl 72(%ecx) | ||
297 | add %eax,%esp | ||
298 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/athlon/todouble.s b/nacl/crypto_scalarmult/curve25519/athlon/todouble.s new file mode 100644 index 00000000..c37aa447 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/athlon/todouble.s | |||
@@ -0,0 +1,144 @@ | |||
1 | .text | ||
2 | .p2align 5 | ||
3 | .globl _crypto_scalarmult_curve25519_athlon_todouble | ||
4 | .globl crypto_scalarmult_curve25519_athlon_todouble | ||
5 | _crypto_scalarmult_curve25519_athlon_todouble: | ||
6 | crypto_scalarmult_curve25519_athlon_todouble: | ||
7 | mov %esp,%eax | ||
8 | and $31,%eax | ||
9 | add $96,%eax | ||
10 | sub %eax,%esp | ||
11 | movl 8(%esp,%eax),%ecx | ||
12 | movl 0(%ecx),%edx | ||
13 | movl $0x43300000,4(%esp) | ||
14 | movl %edx,0(%esp) | ||
15 | movl 4(%ecx),%edx | ||
16 | and $0xffffff,%edx | ||
17 | movl $0x45300000,12(%esp) | ||
18 | movl %edx,8(%esp) | ||
19 | movl 7(%ecx),%edx | ||
20 | and $0xffffff,%edx | ||
21 | movl $0x46b00000,20(%esp) | ||
22 | movl %edx,16(%esp) | ||
23 | movl 10(%ecx),%edx | ||
24 | and $0xffffff,%edx | ||
25 | movl $0x48300000,28(%esp) | ||
26 | movl %edx,24(%esp) | ||
27 | movl 13(%ecx),%edx | ||
28 | and $0xffffff,%edx | ||
29 | movl $0x49b00000,36(%esp) | ||
30 | movl %edx,32(%esp) | ||
31 | movl 16(%ecx),%edx | ||
32 | movl $0x4b300000,44(%esp) | ||
33 | movl %edx,40(%esp) | ||
34 | movl 20(%ecx),%edx | ||
35 | and $0xffffff,%edx | ||
36 | movl $0x4d300000,52(%esp) | ||
37 | movl %edx,48(%esp) | ||
38 | movl 23(%ecx),%edx | ||
39 | and $0xffffff,%edx | ||
40 | movl $0x4eb00000,60(%esp) | ||
41 | movl %edx,56(%esp) | ||
42 | movl 26(%ecx),%edx | ||
43 | and $0xffffff,%edx | ||
44 | movl $0x50300000,68(%esp) | ||
45 | movl %edx,64(%esp) | ||
46 | movl 28(%ecx),%ecx | ||
47 | shr $8,%ecx | ||
48 | and $0x7fffff,%ecx | ||
49 | movl $0x51b00000,76(%esp) | ||
50 | movl %ecx,72(%esp) | ||
51 | movl 4(%esp,%eax),%ecx | ||
52 | fldl 72(%esp) | ||
53 | fsubl crypto_scalarmult_curve25519_athlon_in9offset | ||
54 | fldl crypto_scalarmult_curve25519_athlon_alpha255 | ||
55 | fadd %st(1),%st(0) | ||
56 | fsubl crypto_scalarmult_curve25519_athlon_alpha255 | ||
57 | fsubr %st(0),%st(1) | ||
58 | fldl 0(%esp) | ||
59 | fsubl crypto_scalarmult_curve25519_athlon_in0offset | ||
60 | fxch %st(1) | ||
61 | fmull crypto_scalarmult_curve25519_athlon_scale | ||
62 | faddp %st(0),%st(1) | ||
63 | fldl crypto_scalarmult_curve25519_athlon_alpha26 | ||
64 | fadd %st(1),%st(0) | ||
65 | fsubl crypto_scalarmult_curve25519_athlon_alpha26 | ||
66 | fsubr %st(0),%st(1) | ||
67 | fxch %st(1) | ||
68 | fstpl 0(%ecx) | ||
69 | fldl 8(%esp) | ||
70 | fsubl crypto_scalarmult_curve25519_athlon_in1offset | ||
71 | faddp %st(0),%st(1) | ||
72 | fldl crypto_scalarmult_curve25519_athlon_alpha51 | ||
73 | fadd %st(1),%st(0) | ||
74 | fsubl crypto_scalarmult_curve25519_athlon_alpha51 | ||
75 | fsubr %st(0),%st(1) | ||
76 | fxch %st(1) | ||
77 | fstpl 8(%ecx) | ||
78 | fldl 16(%esp) | ||
79 | fsubl crypto_scalarmult_curve25519_athlon_in2offset | ||
80 | faddp %st(0),%st(1) | ||
81 | fldl crypto_scalarmult_curve25519_athlon_alpha77 | ||
82 | fadd %st(1),%st(0) | ||
83 | fsubl crypto_scalarmult_curve25519_athlon_alpha77 | ||
84 | fsubr %st(0),%st(1) | ||
85 | fxch %st(1) | ||
86 | fstpl 16(%ecx) | ||
87 | fldl 24(%esp) | ||
88 | fsubl crypto_scalarmult_curve25519_athlon_in3offset | ||
89 | faddp %st(0),%st(1) | ||
90 | fldl crypto_scalarmult_curve25519_athlon_alpha102 | ||
91 | fadd %st(1),%st(0) | ||
92 | fsubl crypto_scalarmult_curve25519_athlon_alpha102 | ||
93 | fsubr %st(0),%st(1) | ||
94 | fxch %st(1) | ||
95 | fstpl 24(%ecx) | ||
96 | fldl 32(%esp) | ||
97 | fsubl crypto_scalarmult_curve25519_athlon_in4offset | ||
98 | faddp %st(0),%st(1) | ||
99 | fldl crypto_scalarmult_curve25519_athlon_alpha128 | ||
100 | fadd %st(1),%st(0) | ||
101 | fsubl crypto_scalarmult_curve25519_athlon_alpha128 | ||
102 | fsubr %st(0),%st(1) | ||
103 | fxch %st(1) | ||
104 | fstpl 32(%ecx) | ||
105 | fldl 40(%esp) | ||
106 | fsubl crypto_scalarmult_curve25519_athlon_in5offset | ||
107 | faddp %st(0),%st(1) | ||
108 | fldl crypto_scalarmult_curve25519_athlon_alpha153 | ||
109 | fadd %st(1),%st(0) | ||
110 | fsubl crypto_scalarmult_curve25519_athlon_alpha153 | ||
111 | fsubr %st(0),%st(1) | ||
112 | fxch %st(1) | ||
113 | fstpl 40(%ecx) | ||
114 | fldl 48(%esp) | ||
115 | fsubl crypto_scalarmult_curve25519_athlon_in6offset | ||
116 | faddp %st(0),%st(1) | ||
117 | fldl crypto_scalarmult_curve25519_athlon_alpha179 | ||
118 | fadd %st(1),%st(0) | ||
119 | fsubl crypto_scalarmult_curve25519_athlon_alpha179 | ||
120 | fsubr %st(0),%st(1) | ||
121 | fxch %st(1) | ||
122 | fstpl 48(%ecx) | ||
123 | fldl 56(%esp) | ||
124 | fsubl crypto_scalarmult_curve25519_athlon_in7offset | ||
125 | faddp %st(0),%st(1) | ||
126 | fldl crypto_scalarmult_curve25519_athlon_alpha204 | ||
127 | fadd %st(1),%st(0) | ||
128 | fsubl crypto_scalarmult_curve25519_athlon_alpha204 | ||
129 | fsubr %st(0),%st(1) | ||
130 | fxch %st(1) | ||
131 | fstpl 56(%ecx) | ||
132 | fldl 64(%esp) | ||
133 | fsubl crypto_scalarmult_curve25519_athlon_in8offset | ||
134 | faddp %st(0),%st(1) | ||
135 | fldl crypto_scalarmult_curve25519_athlon_alpha230 | ||
136 | fadd %st(1),%st(0) | ||
137 | fsubl crypto_scalarmult_curve25519_athlon_alpha230 | ||
138 | fsubr %st(0),%st(1) | ||
139 | fxch %st(1) | ||
140 | fstpl 64(%ecx) | ||
141 | faddp %st(0),%st(1) | ||
142 | fstpl 72(%ecx) | ||
143 | add %eax,%esp | ||
144 | ret | ||
diff --git a/nacl/crypto_scalarmult/curve25519/checksum b/nacl/crypto_scalarmult/curve25519/checksum new file mode 100644 index 00000000..ce2d395b --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/checksum | |||
@@ -0,0 +1 @@ | |||
dacdae4a0f12353dfc66757f2fd1fff538fe6616115dace9afb8016a55be2a52 | |||
diff --git a/nacl/crypto_scalarmult/curve25519/donna_c64/api.h b/nacl/crypto_scalarmult/curve25519/donna_c64/api.h new file mode 100644 index 00000000..60339596 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/donna_c64/api.h | |||
@@ -0,0 +1,2 @@ | |||
1 | #define CRYPTO_BYTES 32 | ||
2 | #define CRYPTO_SCALARBYTES 32 | ||
diff --git a/nacl/crypto_scalarmult/curve25519/donna_c64/base.c b/nacl/crypto_scalarmult/curve25519/donna_c64/base.c new file mode 100644 index 00000000..f33419e8 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/donna_c64/base.c | |||
@@ -0,0 +1,8 @@ | |||
1 | #include "crypto_scalarmult.h" | ||
2 | |||
3 | static const unsigned char basepoint[32] = {9}; | ||
4 | |||
5 | int crypto_scalarmult_base(unsigned char *q,const unsigned char *n) | ||
6 | { | ||
7 | return crypto_scalarmult(q, n, basepoint); | ||
8 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/donna_c64/implementors b/nacl/crypto_scalarmult/curve25519/donna_c64/implementors new file mode 100644 index 00000000..0ce43280 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/donna_c64/implementors | |||
@@ -0,0 +1 @@ | |||
Adam Langley (Google) | |||
diff --git a/nacl/crypto_scalarmult/curve25519/donna_c64/smult.c b/nacl/crypto_scalarmult/curve25519/donna_c64/smult.c new file mode 100644 index 00000000..6d26956b --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/donna_c64/smult.c | |||
@@ -0,0 +1,477 @@ | |||
1 | /* Copyright 2008, Google Inc. | ||
2 | * All rights reserved. | ||
3 | * | ||
4 | * Code released into the public domain. | ||
5 | * | ||
6 | * curve25519-donna: Curve25519 elliptic curve, public key function | ||
7 | * | ||
8 | * http://code.google.com/p/curve25519-donna/ | ||
9 | * | ||
10 | * Adam Langley <agl@imperialviolet.org> | ||
11 | * | ||
12 | * Derived from public domain C code by Daniel J. Bernstein <djb@cr.yp.to> | ||
13 | * | ||
14 | * More information about curve25519 can be found here | ||
15 | * http://cr.yp.to/ecdh.html | ||
16 | * | ||
17 | * djb's sample implementation of curve25519 is written in a special assembly | ||
18 | * language called qhasm and uses the floating point registers. | ||
19 | * | ||
20 | * This is, almost, a clean room reimplementation from the curve25519 paper. It | ||
21 | * uses many of the tricks described therein. Only the crecip function is taken | ||
22 | * from the sample implementation. | ||
23 | */ | ||
24 | |||
25 | #include <string.h> | ||
26 | #include <stdint.h> | ||
27 | #include "crypto_scalarmult.h" | ||
28 | |||
29 | typedef uint8_t u8; | ||
30 | typedef uint64_t felem; | ||
31 | // This is a special gcc mode for 128-bit integers. It's implemented on 64-bit | ||
32 | // platforms only as far as I know. | ||
33 | typedef unsigned uint128_t __attribute__((mode(TI))); | ||
34 | |||
35 | /* Sum two numbers: output += in */ | ||
36 | static void fsum(felem *output, const felem *in) { | ||
37 | unsigned i; | ||
38 | for (i = 0; i < 5; ++i) output[i] += in[i]; | ||
39 | } | ||
40 | |||
41 | /* Find the difference of two numbers: output = in - output | ||
42 | * (note the order of the arguments!) | ||
43 | */ | ||
44 | static void fdifference_backwards(felem *ioutput, const felem *iin) { | ||
45 | static const int64_t twotothe51 = (1l << 51); | ||
46 | const int64_t *in = (const int64_t *) iin; | ||
47 | int64_t *out = (int64_t *) ioutput; | ||
48 | |||
49 | out[0] = in[0] - out[0]; | ||
50 | out[1] = in[1] - out[1]; | ||
51 | out[2] = in[2] - out[2]; | ||
52 | out[3] = in[3] - out[3]; | ||
53 | out[4] = in[4] - out[4]; | ||
54 | |||
55 | // An arithmetic shift right of 63 places turns a positive number to 0 and a | ||
56 | // negative number to all 1's. This gives us a bitmask that lets us avoid | ||
57 | // side-channel prone branches. | ||
58 | int64_t t; | ||
59 | |||
60 | #define NEGCHAIN(a,b) \ | ||
61 | t = out[a] >> 63; \ | ||
62 | out[a] += twotothe51 & t; \ | ||
63 | out[b] -= 1 & t; | ||
64 | |||
65 | #define NEGCHAIN19(a,b) \ | ||
66 | t = out[a] >> 63; \ | ||
67 | out[a] += twotothe51 & t; \ | ||
68 | out[b] -= 19 & t; | ||
69 | |||
70 | NEGCHAIN(0, 1); | ||
71 | NEGCHAIN(1, 2); | ||
72 | NEGCHAIN(2, 3); | ||
73 | NEGCHAIN(3, 4); | ||
74 | NEGCHAIN19(4, 0); | ||
75 | NEGCHAIN(0, 1); | ||
76 | NEGCHAIN(1, 2); | ||
77 | NEGCHAIN(2, 3); | ||
78 | NEGCHAIN(3, 4); | ||
79 | } | ||
80 | |||
81 | /* Multiply a number by a scalar: output = in * scalar */ | ||
82 | static void fscalar_product(felem *output, const felem *in, const felem scalar) { | ||
83 | uint128_t a; | ||
84 | |||
85 | a = ((uint128_t) in[0]) * scalar; | ||
86 | output[0] = a & 0x7ffffffffffff; | ||
87 | |||
88 | a = ((uint128_t) in[1]) * scalar + (a >> 51); | ||
89 | output[1] = a & 0x7ffffffffffff; | ||
90 | |||
91 | a = ((uint128_t) in[2]) * scalar + (a >> 51); | ||
92 | output[2] = a & 0x7ffffffffffff; | ||
93 | |||
94 | a = ((uint128_t) in[3]) * scalar + (a >> 51); | ||
95 | output[3] = a & 0x7ffffffffffff; | ||
96 | |||
97 | a = ((uint128_t) in[4]) * scalar + (a >> 51); | ||
98 | output[4] = a & 0x7ffffffffffff; | ||
99 | |||
100 | output[0] += (a >> 51) * 19; | ||
101 | } | ||
102 | |||
103 | /* Multiply two numbers: output = in2 * in | ||
104 | * | ||
105 | * output must be distinct to both inputs. The inputs are reduced coefficient | ||
106 | * form, the output is not. | ||
107 | */ | ||
108 | static void fmul(felem *output, const felem *in2, const felem *in) { | ||
109 | uint128_t t[9]; | ||
110 | |||
111 | t[0] = ((uint128_t) in[0]) * in2[0]; | ||
112 | t[1] = ((uint128_t) in[0]) * in2[1] + | ||
113 | ((uint128_t) in[1]) * in2[0]; | ||
114 | t[2] = ((uint128_t) in[0]) * in2[2] + | ||
115 | ((uint128_t) in[2]) * in2[0] + | ||
116 | ((uint128_t) in[1]) * in2[1]; | ||
117 | t[3] = ((uint128_t) in[0]) * in2[3] + | ||
118 | ((uint128_t) in[3]) * in2[0] + | ||
119 | ((uint128_t) in[1]) * in2[2] + | ||
120 | ((uint128_t) in[2]) * in2[1]; | ||
121 | t[4] = ((uint128_t) in[0]) * in2[4] + | ||
122 | ((uint128_t) in[4]) * in2[0] + | ||
123 | ((uint128_t) in[3]) * in2[1] + | ||
124 | ((uint128_t) in[1]) * in2[3] + | ||
125 | ((uint128_t) in[2]) * in2[2]; | ||
126 | t[5] = ((uint128_t) in[4]) * in2[1] + | ||
127 | ((uint128_t) in[1]) * in2[4] + | ||
128 | ((uint128_t) in[2]) * in2[3] + | ||
129 | ((uint128_t) in[3]) * in2[2]; | ||
130 | t[6] = ((uint128_t) in[4]) * in2[2] + | ||
131 | ((uint128_t) in[2]) * in2[4] + | ||
132 | ((uint128_t) in[3]) * in2[3]; | ||
133 | t[7] = ((uint128_t) in[3]) * in2[4] + | ||
134 | ((uint128_t) in[4]) * in2[3]; | ||
135 | t[8] = ((uint128_t) in[4]) * in2[4]; | ||
136 | |||
137 | t[0] += t[5] * 19; | ||
138 | t[1] += t[6] * 19; | ||
139 | t[2] += t[7] * 19; | ||
140 | t[3] += t[8] * 19; | ||
141 | |||
142 | t[1] += t[0] >> 51; | ||
143 | t[0] &= 0x7ffffffffffff; | ||
144 | t[2] += t[1] >> 51; | ||
145 | t[1] &= 0x7ffffffffffff; | ||
146 | t[3] += t[2] >> 51; | ||
147 | t[2] &= 0x7ffffffffffff; | ||
148 | t[4] += t[3] >> 51; | ||
149 | t[3] &= 0x7ffffffffffff; | ||
150 | t[0] += 19 * (t[4] >> 51); | ||
151 | t[4] &= 0x7ffffffffffff; | ||
152 | t[1] += t[0] >> 51; | ||
153 | t[0] &= 0x7ffffffffffff; | ||
154 | t[2] += t[1] >> 51; | ||
155 | t[1] &= 0x7ffffffffffff; | ||
156 | |||
157 | output[0] = t[0]; | ||
158 | output[1] = t[1]; | ||
159 | output[2] = t[2]; | ||
160 | output[3] = t[3]; | ||
161 | output[4] = t[4]; | ||
162 | } | ||
163 | |||
164 | static void | ||
165 | fsquare(felem *output, const felem *in) { | ||
166 | uint128_t t[9]; | ||
167 | |||
168 | t[0] = ((uint128_t) in[0]) * in[0]; | ||
169 | t[1] = ((uint128_t) in[0]) * in[1] * 2; | ||
170 | t[2] = ((uint128_t) in[0]) * in[2] * 2 + | ||
171 | ((uint128_t) in[1]) * in[1]; | ||
172 | t[3] = ((uint128_t) in[0]) * in[3] * 2 + | ||
173 | ((uint128_t) in[1]) * in[2] * 2; | ||
174 | t[4] = ((uint128_t) in[0]) * in[4] * 2 + | ||
175 | ((uint128_t) in[3]) * in[1] * 2 + | ||
176 | ((uint128_t) in[2]) * in[2]; | ||
177 | t[5] = ((uint128_t) in[4]) * in[1] * 2 + | ||
178 | ((uint128_t) in[2]) * in[3] * 2; | ||
179 | t[6] = ((uint128_t) in[4]) * in[2] * 2 + | ||
180 | ((uint128_t) in[3]) * in[3]; | ||
181 | t[7] = ((uint128_t) in[3]) * in[4] * 2; | ||
182 | t[8] = ((uint128_t) in[4]) * in[4]; | ||
183 | |||
184 | t[0] += t[5] * 19; | ||
185 | t[1] += t[6] * 19; | ||
186 | t[2] += t[7] * 19; | ||
187 | t[3] += t[8] * 19; | ||
188 | |||
189 | t[1] += t[0] >> 51; | ||
190 | t[0] &= 0x7ffffffffffff; | ||
191 | t[2] += t[1] >> 51; | ||
192 | t[1] &= 0x7ffffffffffff; | ||
193 | t[3] += t[2] >> 51; | ||
194 | t[2] &= 0x7ffffffffffff; | ||
195 | t[4] += t[3] >> 51; | ||
196 | t[3] &= 0x7ffffffffffff; | ||
197 | t[0] += 19 * (t[4] >> 51); | ||
198 | t[4] &= 0x7ffffffffffff; | ||
199 | t[1] += t[0] >> 51; | ||
200 | t[0] &= 0x7ffffffffffff; | ||
201 | |||
202 | output[0] = t[0]; | ||
203 | output[1] = t[1]; | ||
204 | output[2] = t[2]; | ||
205 | output[3] = t[3]; | ||
206 | output[4] = t[4]; | ||
207 | } | ||
208 | |||
209 | /* Take a little-endian, 32-byte number and expand it into polynomial form */ | ||
210 | static void | ||
211 | fexpand(felem *output, const u8 *in) { | ||
212 | output[0] = *((const uint64_t *)(in)) & 0x7ffffffffffff; | ||
213 | output[1] = (*((const uint64_t *)(in+6)) >> 3) & 0x7ffffffffffff; | ||
214 | output[2] = (*((const uint64_t *)(in+12)) >> 6) & 0x7ffffffffffff; | ||
215 | output[3] = (*((const uint64_t *)(in+19)) >> 1) & 0x7ffffffffffff; | ||
216 | output[4] = (*((const uint64_t *)(in+25)) >> 4) & 0x7ffffffffffff; | ||
217 | } | ||
218 | |||
219 | /* Take a fully reduced polynomial form number and contract it into a | ||
220 | * little-endian, 32-byte array | ||
221 | */ | ||
222 | static void | ||
223 | fcontract(u8 *output, const felem *input) { | ||
224 | uint128_t t[5]; | ||
225 | |||
226 | t[0] = input[0]; | ||
227 | t[1] = input[1]; | ||
228 | t[2] = input[2]; | ||
229 | t[3] = input[3]; | ||
230 | t[4] = input[4]; | ||
231 | |||
232 | t[1] += t[0] >> 51; t[0] &= 0x7ffffffffffff; | ||
233 | t[2] += t[1] >> 51; t[1] &= 0x7ffffffffffff; | ||
234 | t[3] += t[2] >> 51; t[2] &= 0x7ffffffffffff; | ||
235 | t[4] += t[3] >> 51; t[3] &= 0x7ffffffffffff; | ||
236 | t[0] += 19 * (t[4] >> 51); t[4] &= 0x7ffffffffffff; | ||
237 | |||
238 | t[1] += t[0] >> 51; t[0] &= 0x7ffffffffffff; | ||
239 | t[2] += t[1] >> 51; t[1] &= 0x7ffffffffffff; | ||
240 | t[3] += t[2] >> 51; t[2] &= 0x7ffffffffffff; | ||
241 | t[4] += t[3] >> 51; t[3] &= 0x7ffffffffffff; | ||
242 | t[0] += 19 * (t[4] >> 51); t[4] &= 0x7ffffffffffff; | ||
243 | |||
244 | /* now t is between 0 and 2^255-1, properly carried. */ | ||
245 | /* case 1: between 0 and 2^255-20. case 2: between 2^255-19 and 2^255-1. */ | ||
246 | |||
247 | t[0] += 19; | ||
248 | |||
249 | t[1] += t[0] >> 51; t[0] &= 0x7ffffffffffff; | ||
250 | t[2] += t[1] >> 51; t[1] &= 0x7ffffffffffff; | ||
251 | t[3] += t[2] >> 51; t[2] &= 0x7ffffffffffff; | ||
252 | t[4] += t[3] >> 51; t[3] &= 0x7ffffffffffff; | ||
253 | t[0] += 19 * (t[4] >> 51); t[4] &= 0x7ffffffffffff; | ||
254 | |||
255 | /* now between 19 and 2^255-1 in both cases, and offset by 19. */ | ||
256 | |||
257 | t[0] += 0x8000000000000 - 19; | ||
258 | t[1] += 0x8000000000000 - 1; | ||
259 | t[2] += 0x8000000000000 - 1; | ||
260 | t[3] += 0x8000000000000 - 1; | ||
261 | t[4] += 0x8000000000000 - 1; | ||
262 | |||
263 | /* now between 2^255 and 2^256-20, and offset by 2^255. */ | ||
264 | |||
265 | t[1] += t[0] >> 51; t[0] &= 0x7ffffffffffff; | ||
266 | t[2] += t[1] >> 51; t[1] &= 0x7ffffffffffff; | ||
267 | t[3] += t[2] >> 51; t[2] &= 0x7ffffffffffff; | ||
268 | t[4] += t[3] >> 51; t[3] &= 0x7ffffffffffff; | ||
269 | t[4] &= 0x7ffffffffffff; | ||
270 | |||
271 | *((uint64_t *)(output)) = t[0] | (t[1] << 51); | ||
272 | *((uint64_t *)(output+8)) = (t[1] >> 13) | (t[2] << 38); | ||
273 | *((uint64_t *)(output+16)) = (t[2] >> 26) | (t[3] << 25); | ||
274 | *((uint64_t *)(output+24)) = (t[3] >> 39) | (t[4] << 12); | ||
275 | } | ||
276 | |||
277 | /* Input: Q, Q', Q-Q' | ||
278 | * Output: 2Q, Q+Q' | ||
279 | * | ||
280 | * x2 z3: long form | ||
281 | * x3 z3: long form | ||
282 | * x z: short form, destroyed | ||
283 | * xprime zprime: short form, destroyed | ||
284 | * qmqp: short form, preserved | ||
285 | */ | ||
286 | static void | ||
287 | fmonty(felem *x2, felem *z2, /* output 2Q */ | ||
288 | felem *x3, felem *z3, /* output Q + Q' */ | ||
289 | felem *x, felem *z, /* input Q */ | ||
290 | felem *xprime, felem *zprime, /* input Q' */ | ||
291 | const felem *qmqp /* input Q - Q' */) { | ||
292 | felem origx[5], origxprime[5], zzz[5], xx[5], zz[5], xxprime[5], | ||
293 | zzprime[5], zzzprime[5]; | ||
294 | |||
295 | memcpy(origx, x, 5 * sizeof(felem)); | ||
296 | fsum(x, z); | ||
297 | fdifference_backwards(z, origx); // does x - z | ||
298 | |||
299 | memcpy(origxprime, xprime, sizeof(felem) * 5); | ||
300 | fsum(xprime, zprime); | ||
301 | fdifference_backwards(zprime, origxprime); | ||
302 | fmul(xxprime, xprime, z); | ||
303 | fmul(zzprime, x, zprime); | ||
304 | memcpy(origxprime, xxprime, sizeof(felem) * 5); | ||
305 | fsum(xxprime, zzprime); | ||
306 | fdifference_backwards(zzprime, origxprime); | ||
307 | fsquare(x3, xxprime); | ||
308 | fsquare(zzzprime, zzprime); | ||
309 | fmul(z3, zzzprime, qmqp); | ||
310 | |||
311 | fsquare(xx, x); | ||
312 | fsquare(zz, z); | ||
313 | fmul(x2, xx, zz); | ||
314 | fdifference_backwards(zz, xx); // does zz = xx - zz | ||
315 | fscalar_product(zzz, zz, 121665); | ||
316 | fsum(zzz, xx); | ||
317 | fmul(z2, zz, zzz); | ||
318 | } | ||
319 | |||
320 | // ----------------------------------------------------------------------------- | ||
321 | // Maybe swap the contents of two felem arrays (@a and @b), each @len elements | ||
322 | // long. Perform the swap iff @swap is non-zero. | ||
323 | // | ||
324 | // This function performs the swap without leaking any side-channel | ||
325 | // information. | ||
326 | // ----------------------------------------------------------------------------- | ||
327 | static void | ||
328 | swap_conditional(felem *a, felem *b, unsigned len, felem iswap) { | ||
329 | unsigned i; | ||
330 | const felem swap = -iswap; | ||
331 | |||
332 | for (i = 0; i < len; ++i) { | ||
333 | const felem x = swap & (a[i] ^ b[i]); | ||
334 | a[i] ^= x; | ||
335 | b[i] ^= x; | ||
336 | } | ||
337 | } | ||
338 | |||
339 | /* Calculates nQ where Q is the x-coordinate of a point on the curve | ||
340 | * | ||
341 | * resultx/resultz: the x coordinate of the resulting curve point (short form) | ||
342 | * n: a little endian, 32-byte number | ||
343 | * q: a point of the curve (short form) | ||
344 | */ | ||
345 | static void | ||
346 | cmult(felem *resultx, felem *resultz, const u8 *n, const felem *q) { | ||
347 | felem a[5] = {0}, b[5] = {1}, c[5] = {1}, d[5] = {0}; | ||
348 | felem *nqpqx = a, *nqpqz = b, *nqx = c, *nqz = d, *t; | ||
349 | felem e[5] = {0}, f[5] = {1}, g[5] = {0}, h[5] = {1}; | ||
350 | felem *nqpqx2 = e, *nqpqz2 = f, *nqx2 = g, *nqz2 = h; | ||
351 | |||
352 | unsigned i, j; | ||
353 | |||
354 | memcpy(nqpqx, q, sizeof(felem) * 5); | ||
355 | |||
356 | for (i = 0; i < 32; ++i) { | ||
357 | u8 byte = n[31 - i]; | ||
358 | for (j = 0; j < 8; ++j) { | ||
359 | const felem bit = byte >> 7; | ||
360 | |||
361 | swap_conditional(nqx, nqpqx, 5, bit); | ||
362 | swap_conditional(nqz, nqpqz, 5, bit); | ||
363 | fmonty(nqx2, nqz2, | ||
364 | nqpqx2, nqpqz2, | ||
365 | nqx, nqz, | ||
366 | nqpqx, nqpqz, | ||
367 | q); | ||
368 | swap_conditional(nqx2, nqpqx2, 5, bit); | ||
369 | swap_conditional(nqz2, nqpqz2, 5, bit); | ||
370 | |||
371 | t = nqx; | ||
372 | nqx = nqx2; | ||
373 | nqx2 = t; | ||
374 | t = nqz; | ||
375 | nqz = nqz2; | ||
376 | nqz2 = t; | ||
377 | t = nqpqx; | ||
378 | nqpqx = nqpqx2; | ||
379 | nqpqx2 = t; | ||
380 | t = nqpqz; | ||
381 | nqpqz = nqpqz2; | ||
382 | nqpqz2 = t; | ||
383 | |||
384 | byte <<= 1; | ||
385 | } | ||
386 | } | ||
387 | |||
388 | memcpy(resultx, nqx, sizeof(felem) * 5); | ||
389 | memcpy(resultz, nqz, sizeof(felem) * 5); | ||
390 | } | ||
391 | |||
392 | // ----------------------------------------------------------------------------- | ||
393 | // Shamelessly copied from djb's code | ||
394 | // ----------------------------------------------------------------------------- | ||
395 | static void | ||
396 | crecip(felem *out, const felem *z) { | ||
397 | felem z2[5]; | ||
398 | felem z9[5]; | ||
399 | felem z11[5]; | ||
400 | felem z2_5_0[5]; | ||
401 | felem z2_10_0[5]; | ||
402 | felem z2_20_0[5]; | ||
403 | felem z2_50_0[5]; | ||
404 | felem z2_100_0[5]; | ||
405 | felem t0[5]; | ||
406 | felem t1[5]; | ||
407 | int i; | ||
408 | |||
409 | /* 2 */ fsquare(z2,z); | ||
410 | /* 4 */ fsquare(t1,z2); | ||
411 | /* 8 */ fsquare(t0,t1); | ||
412 | /* 9 */ fmul(z9,t0,z); | ||
413 | /* 11 */ fmul(z11,z9,z2); | ||
414 | /* 22 */ fsquare(t0,z11); | ||
415 | /* 2^5 - 2^0 = 31 */ fmul(z2_5_0,t0,z9); | ||
416 | |||
417 | /* 2^6 - 2^1 */ fsquare(t0,z2_5_0); | ||
418 | /* 2^7 - 2^2 */ fsquare(t1,t0); | ||
419 | /* 2^8 - 2^3 */ fsquare(t0,t1); | ||
420 | /* 2^9 - 2^4 */ fsquare(t1,t0); | ||
421 | /* 2^10 - 2^5 */ fsquare(t0,t1); | ||
422 | /* 2^10 - 2^0 */ fmul(z2_10_0,t0,z2_5_0); | ||
423 | |||
424 | /* 2^11 - 2^1 */ fsquare(t0,z2_10_0); | ||
425 | /* 2^12 - 2^2 */ fsquare(t1,t0); | ||
426 | /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { fsquare(t0,t1); fsquare(t1,t0); } | ||
427 | /* 2^20 - 2^0 */ fmul(z2_20_0,t1,z2_10_0); | ||
428 | |||
429 | /* 2^21 - 2^1 */ fsquare(t0,z2_20_0); | ||
430 | /* 2^22 - 2^2 */ fsquare(t1,t0); | ||
431 | /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { fsquare(t0,t1); fsquare(t1,t0); } | ||
432 | /* 2^40 - 2^0 */ fmul(t0,t1,z2_20_0); | ||
433 | |||
434 | /* 2^41 - 2^1 */ fsquare(t1,t0); | ||
435 | /* 2^42 - 2^2 */ fsquare(t0,t1); | ||
436 | /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { fsquare(t1,t0); fsquare(t0,t1); } | ||
437 | /* 2^50 - 2^0 */ fmul(z2_50_0,t0,z2_10_0); | ||
438 | |||
439 | /* 2^51 - 2^1 */ fsquare(t0,z2_50_0); | ||
440 | /* 2^52 - 2^2 */ fsquare(t1,t0); | ||
441 | /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { fsquare(t0,t1); fsquare(t1,t0); } | ||
442 | /* 2^100 - 2^0 */ fmul(z2_100_0,t1,z2_50_0); | ||
443 | |||
444 | /* 2^101 - 2^1 */ fsquare(t1,z2_100_0); | ||
445 | /* 2^102 - 2^2 */ fsquare(t0,t1); | ||
446 | /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { fsquare(t1,t0); fsquare(t0,t1); } | ||
447 | /* 2^200 - 2^0 */ fmul(t1,t0,z2_100_0); | ||
448 | |||
449 | /* 2^201 - 2^1 */ fsquare(t0,t1); | ||
450 | /* 2^202 - 2^2 */ fsquare(t1,t0); | ||
451 | /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { fsquare(t0,t1); fsquare(t1,t0); } | ||
452 | /* 2^250 - 2^0 */ fmul(t0,t1,z2_50_0); | ||
453 | |||
454 | /* 2^251 - 2^1 */ fsquare(t1,t0); | ||
455 | /* 2^252 - 2^2 */ fsquare(t0,t1); | ||
456 | /* 2^253 - 2^3 */ fsquare(t1,t0); | ||
457 | /* 2^254 - 2^4 */ fsquare(t0,t1); | ||
458 | /* 2^255 - 2^5 */ fsquare(t1,t0); | ||
459 | /* 2^255 - 21 */ fmul(out,t1,z11); | ||
460 | } | ||
461 | |||
462 | int | ||
463 | crypto_scalarmult(u8 *mypublic, const u8 *secret, const u8 *basepoint) { | ||
464 | felem bp[5], x[5], z[5], zmone[5]; | ||
465 | unsigned char e[32]; | ||
466 | int i; | ||
467 | for (i = 0;i < 32;++i) e[i] = secret[i]; | ||
468 | e[0] &= 248; | ||
469 | e[31] &= 127; | ||
470 | e[31] |= 64; | ||
471 | fexpand(bp, basepoint); | ||
472 | cmult(x, z, e, bp); | ||
473 | crecip(zmone, z); | ||
474 | fmul(z, x, zmone); | ||
475 | fcontract(mypublic, z); | ||
476 | return 0; | ||
477 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/ref/api.h b/nacl/crypto_scalarmult/curve25519/ref/api.h new file mode 100644 index 00000000..60339596 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/ref/api.h | |||
@@ -0,0 +1,2 @@ | |||
1 | #define CRYPTO_BYTES 32 | ||
2 | #define CRYPTO_SCALARBYTES 32 | ||
diff --git a/nacl/crypto_scalarmult/curve25519/ref/base.c b/nacl/crypto_scalarmult/curve25519/ref/base.c new file mode 100644 index 00000000..ac2d7eb4 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/ref/base.c | |||
@@ -0,0 +1,16 @@ | |||
1 | /* | ||
2 | version 20081011 | ||
3 | Matthew Dempsky | ||
4 | Public domain. | ||
5 | Derived from public domain code by D. J. Bernstein. | ||
6 | */ | ||
7 | |||
8 | #include "crypto_scalarmult.h" | ||
9 | |||
10 | const unsigned char base[32] = {9}; | ||
11 | |||
12 | int crypto_scalarmult_base(unsigned char *q, | ||
13 | const unsigned char *n) | ||
14 | { | ||
15 | return crypto_scalarmult(q,n,base); | ||
16 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/ref/implementors b/nacl/crypto_scalarmult/curve25519/ref/implementors new file mode 100644 index 00000000..aa551790 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/ref/implementors | |||
@@ -0,0 +1 @@ | |||
Matthew Dempsky (Mochi Media) | |||
diff --git a/nacl/crypto_scalarmult/curve25519/ref/smult.c b/nacl/crypto_scalarmult/curve25519/ref/smult.c new file mode 100644 index 00000000..6a479558 --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/ref/smult.c | |||
@@ -0,0 +1,265 @@ | |||
1 | /* | ||
2 | version 20081011 | ||
3 | Matthew Dempsky | ||
4 | Public domain. | ||
5 | Derived from public domain code by D. J. Bernstein. | ||
6 | */ | ||
7 | |||
8 | #include "crypto_scalarmult.h" | ||
9 | |||
10 | static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) | ||
11 | { | ||
12 | unsigned int j; | ||
13 | unsigned int u; | ||
14 | u = 0; | ||
15 | for (j = 0;j < 31;++j) { u += a[j] + b[j]; out[j] = u & 255; u >>= 8; } | ||
16 | u += a[31] + b[31]; out[31] = u; | ||
17 | } | ||
18 | |||
19 | static void sub(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) | ||
20 | { | ||
21 | unsigned int j; | ||
22 | unsigned int u; | ||
23 | u = 218; | ||
24 | for (j = 0;j < 31;++j) { | ||
25 | u += a[j] + 65280 - b[j]; | ||
26 | out[j] = u & 255; | ||
27 | u >>= 8; | ||
28 | } | ||
29 | u += a[31] - b[31]; | ||
30 | out[31] = u; | ||
31 | } | ||
32 | |||
33 | static void squeeze(unsigned int a[32]) | ||
34 | { | ||
35 | unsigned int j; | ||
36 | unsigned int u; | ||
37 | u = 0; | ||
38 | for (j = 0;j < 31;++j) { u += a[j]; a[j] = u & 255; u >>= 8; } | ||
39 | u += a[31]; a[31] = u & 127; | ||
40 | u = 19 * (u >> 7); | ||
41 | for (j = 0;j < 31;++j) { u += a[j]; a[j] = u & 255; u >>= 8; } | ||
42 | u += a[31]; a[31] = u; | ||
43 | } | ||
44 | |||
45 | static const unsigned int minusp[32] = { | ||
46 | 19, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 128 | ||
47 | } ; | ||
48 | |||
49 | static void freeze(unsigned int a[32]) | ||
50 | { | ||
51 | unsigned int aorig[32]; | ||
52 | unsigned int j; | ||
53 | unsigned int negative; | ||
54 | |||
55 | for (j = 0;j < 32;++j) aorig[j] = a[j]; | ||
56 | add(a,a,minusp); | ||
57 | negative = -((a[31] >> 7) & 1); | ||
58 | for (j = 0;j < 32;++j) a[j] ^= negative & (aorig[j] ^ a[j]); | ||
59 | } | ||
60 | |||
61 | static void mult(unsigned int out[32],const unsigned int a[32],const unsigned int b[32]) | ||
62 | { | ||
63 | unsigned int i; | ||
64 | unsigned int j; | ||
65 | unsigned int u; | ||
66 | |||
67 | for (i = 0;i < 32;++i) { | ||
68 | u = 0; | ||
69 | for (j = 0;j <= i;++j) u += a[j] * b[i - j]; | ||
70 | for (j = i + 1;j < 32;++j) u += 38 * a[j] * b[i + 32 - j]; | ||
71 | out[i] = u; | ||
72 | } | ||
73 | squeeze(out); | ||
74 | } | ||
75 | |||
76 | static void mult121665(unsigned int out[32],const unsigned int a[32]) | ||
77 | { | ||
78 | unsigned int j; | ||
79 | unsigned int u; | ||
80 | |||
81 | u = 0; | ||
82 | for (j = 0;j < 31;++j) { u += 121665 * a[j]; out[j] = u & 255; u >>= 8; } | ||
83 | u += 121665 * a[31]; out[31] = u & 127; | ||
84 | u = 19 * (u >> 7); | ||
85 | for (j = 0;j < 31;++j) { u += out[j]; out[j] = u & 255; u >>= 8; } | ||
86 | u += out[j]; out[j] = u; | ||
87 | } | ||
88 | |||
89 | static void square(unsigned int out[32],const unsigned int a[32]) | ||
90 | { | ||
91 | unsigned int i; | ||
92 | unsigned int j; | ||
93 | unsigned int u; | ||
94 | |||
95 | for (i = 0;i < 32;++i) { | ||
96 | u = 0; | ||
97 | for (j = 0;j < i - j;++j) u += a[j] * a[i - j]; | ||
98 | for (j = i + 1;j < i + 32 - j;++j) u += 38 * a[j] * a[i + 32 - j]; | ||
99 | u *= 2; | ||
100 | if ((i & 1) == 0) { | ||
101 | u += a[i / 2] * a[i / 2]; | ||
102 | u += 38 * a[i / 2 + 16] * a[i / 2 + 16]; | ||
103 | } | ||
104 | out[i] = u; | ||
105 | } | ||
106 | squeeze(out); | ||
107 | } | ||
108 | |||
109 | static void select(unsigned int p[64],unsigned int q[64],const unsigned int r[64],const unsigned int s[64],unsigned int b) | ||
110 | { | ||
111 | unsigned int j; | ||
112 | unsigned int t; | ||
113 | unsigned int bminus1; | ||
114 | |||
115 | bminus1 = b - 1; | ||
116 | for (j = 0;j < 64;++j) { | ||
117 | t = bminus1 & (r[j] ^ s[j]); | ||
118 | p[j] = s[j] ^ t; | ||
119 | q[j] = r[j] ^ t; | ||
120 | } | ||
121 | } | ||
122 | |||
123 | static void mainloop(unsigned int work[64],const unsigned char e[32]) | ||
124 | { | ||
125 | unsigned int xzm1[64]; | ||
126 | unsigned int xzm[64]; | ||
127 | unsigned int xzmb[64]; | ||
128 | unsigned int xzm1b[64]; | ||
129 | unsigned int xznb[64]; | ||
130 | unsigned int xzn1b[64]; | ||
131 | unsigned int a0[64]; | ||
132 | unsigned int a1[64]; | ||
133 | unsigned int b0[64]; | ||
134 | unsigned int b1[64]; | ||
135 | unsigned int c1[64]; | ||
136 | unsigned int r[32]; | ||
137 | unsigned int s[32]; | ||
138 | unsigned int t[32]; | ||
139 | unsigned int u[32]; | ||
140 | unsigned int i; | ||
141 | unsigned int j; | ||
142 | unsigned int b; | ||
143 | int pos; | ||
144 | |||
145 | for (j = 0;j < 32;++j) xzm1[j] = work[j]; | ||
146 | xzm1[32] = 1; | ||
147 | for (j = 33;j < 64;++j) xzm1[j] = 0; | ||
148 | |||
149 | xzm[0] = 1; | ||
150 | for (j = 1;j < 64;++j) xzm[j] = 0; | ||
151 | |||
152 | for (pos = 254;pos >= 0;--pos) { | ||
153 | b = e[pos / 8] >> (pos & 7); | ||
154 | b &= 1; | ||
155 | select(xzmb,xzm1b,xzm,xzm1,b); | ||
156 | add(a0,xzmb,xzmb + 32); | ||
157 | sub(a0 + 32,xzmb,xzmb + 32); | ||
158 | add(a1,xzm1b,xzm1b + 32); | ||
159 | sub(a1 + 32,xzm1b,xzm1b + 32); | ||
160 | square(b0,a0); | ||
161 | square(b0 + 32,a0 + 32); | ||
162 | mult(b1,a1,a0 + 32); | ||
163 | mult(b1 + 32,a1 + 32,a0); | ||
164 | add(c1,b1,b1 + 32); | ||
165 | sub(c1 + 32,b1,b1 + 32); | ||
166 | square(r,c1 + 32); | ||
167 | sub(s,b0,b0 + 32); | ||
168 | mult121665(t,s); | ||
169 | add(u,t,b0); | ||
170 | mult(xznb,b0,b0 + 32); | ||
171 | mult(xznb + 32,s,u); | ||
172 | square(xzn1b,c1); | ||
173 | mult(xzn1b + 32,r,work); | ||
174 | select(xzm,xzm1,xznb,xzn1b,b); | ||
175 | } | ||
176 | |||
177 | for (j = 0;j < 64;++j) work[j] = xzm[j]; | ||
178 | } | ||
179 | |||
180 | static void recip(unsigned int out[32],const unsigned int z[32]) | ||
181 | { | ||
182 | unsigned int z2[32]; | ||
183 | unsigned int z9[32]; | ||
184 | unsigned int z11[32]; | ||
185 | unsigned int z2_5_0[32]; | ||
186 | unsigned int z2_10_0[32]; | ||
187 | unsigned int z2_20_0[32]; | ||
188 | unsigned int z2_50_0[32]; | ||
189 | unsigned int z2_100_0[32]; | ||
190 | unsigned int t0[32]; | ||
191 | unsigned int t1[32]; | ||
192 | int i; | ||
193 | |||
194 | /* 2 */ square(z2,z); | ||
195 | /* 4 */ square(t1,z2); | ||
196 | /* 8 */ square(t0,t1); | ||
197 | /* 9 */ mult(z9,t0,z); | ||
198 | /* 11 */ mult(z11,z9,z2); | ||
199 | /* 22 */ square(t0,z11); | ||
200 | /* 2^5 - 2^0 = 31 */ mult(z2_5_0,t0,z9); | ||
201 | |||
202 | /* 2^6 - 2^1 */ square(t0,z2_5_0); | ||
203 | /* 2^7 - 2^2 */ square(t1,t0); | ||
204 | /* 2^8 - 2^3 */ square(t0,t1); | ||
205 | /* 2^9 - 2^4 */ square(t1,t0); | ||
206 | /* 2^10 - 2^5 */ square(t0,t1); | ||
207 | /* 2^10 - 2^0 */ mult(z2_10_0,t0,z2_5_0); | ||
208 | |||
209 | /* 2^11 - 2^1 */ square(t0,z2_10_0); | ||
210 | /* 2^12 - 2^2 */ square(t1,t0); | ||
211 | /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t0,t1); square(t1,t0); } | ||
212 | /* 2^20 - 2^0 */ mult(z2_20_0,t1,z2_10_0); | ||
213 | |||
214 | /* 2^21 - 2^1 */ square(t0,z2_20_0); | ||
215 | /* 2^22 - 2^2 */ square(t1,t0); | ||
216 | /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { square(t0,t1); square(t1,t0); } | ||
217 | /* 2^40 - 2^0 */ mult(t0,t1,z2_20_0); | ||
218 | |||
219 | /* 2^41 - 2^1 */ square(t1,t0); | ||
220 | /* 2^42 - 2^2 */ square(t0,t1); | ||
221 | /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t1,t0); square(t0,t1); } | ||
222 | /* 2^50 - 2^0 */ mult(z2_50_0,t0,z2_10_0); | ||
223 | |||
224 | /* 2^51 - 2^1 */ square(t0,z2_50_0); | ||
225 | /* 2^52 - 2^2 */ square(t1,t0); | ||
226 | /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } | ||
227 | /* 2^100 - 2^0 */ mult(z2_100_0,t1,z2_50_0); | ||
228 | |||
229 | /* 2^101 - 2^1 */ square(t1,z2_100_0); | ||
230 | /* 2^102 - 2^2 */ square(t0,t1); | ||
231 | /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { square(t1,t0); square(t0,t1); } | ||
232 | /* 2^200 - 2^0 */ mult(t1,t0,z2_100_0); | ||
233 | |||
234 | /* 2^201 - 2^1 */ square(t0,t1); | ||
235 | /* 2^202 - 2^2 */ square(t1,t0); | ||
236 | /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); } | ||
237 | /* 2^250 - 2^0 */ mult(t0,t1,z2_50_0); | ||
238 | |||
239 | /* 2^251 - 2^1 */ square(t1,t0); | ||
240 | /* 2^252 - 2^2 */ square(t0,t1); | ||
241 | /* 2^253 - 2^3 */ square(t1,t0); | ||
242 | /* 2^254 - 2^4 */ square(t0,t1); | ||
243 | /* 2^255 - 2^5 */ square(t1,t0); | ||
244 | /* 2^255 - 21 */ mult(out,t1,z11); | ||
245 | } | ||
246 | |||
247 | int crypto_scalarmult(unsigned char *q, | ||
248 | const unsigned char *n, | ||
249 | const unsigned char *p) | ||
250 | { | ||
251 | unsigned int work[96]; | ||
252 | unsigned char e[32]; | ||
253 | unsigned int i; | ||
254 | for (i = 0;i < 32;++i) e[i] = n[i]; | ||
255 | e[0] &= 248; | ||
256 | e[31] &= 127; | ||
257 | e[31] |= 64; | ||
258 | for (i = 0;i < 32;++i) work[i] = p[i]; | ||
259 | mainloop(work,e); | ||
260 | recip(work + 32,work + 32); | ||
261 | mult(work + 64,work,work + 32); | ||
262 | freeze(work + 64); | ||
263 | for (i = 0;i < 32;++i) q[i] = work[64 + i]; | ||
264 | return 0; | ||
265 | } | ||
diff --git a/nacl/crypto_scalarmult/curve25519/used b/nacl/crypto_scalarmult/curve25519/used new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/nacl/crypto_scalarmult/curve25519/used | |||
diff --git a/nacl/crypto_scalarmult/measure.c b/nacl/crypto_scalarmult/measure.c new file mode 100644 index 00000000..0c7265d5 --- /dev/null +++ b/nacl/crypto_scalarmult/measure.c | |||
@@ -0,0 +1,61 @@ | |||
1 | #include <stdlib.h> | ||
2 | #include "randombytes.h" | ||
3 | #include "cpucycles.h" | ||
4 | #include "crypto_scalarmult.h" | ||
5 | |||
6 | extern void printentry(long long,const char *,long long *,long long); | ||
7 | extern unsigned char *alignedcalloc(unsigned long long); | ||
8 | extern const char *primitiveimplementation; | ||
9 | extern const char *implementationversion; | ||
10 | extern const char *sizenames[]; | ||
11 | extern const long long sizes[]; | ||
12 | extern void allocate(void); | ||
13 | extern void measure(void); | ||
14 | |||
15 | const char *primitiveimplementation = crypto_scalarmult_IMPLEMENTATION; | ||
16 | const char *implementationversion = crypto_scalarmult_VERSION; | ||
17 | const char *sizenames[] = { "outputbytes", "scalarbytes", 0 }; | ||
18 | const long long sizes[] = { crypto_scalarmult_BYTES, crypto_scalarmult_SCALARBYTES }; | ||
19 | |||
20 | static unsigned char *m; | ||
21 | static unsigned char *n; | ||
22 | static unsigned char *p; | ||
23 | static unsigned char *q; | ||
24 | |||
25 | void preallocate(void) | ||
26 | { | ||
27 | } | ||
28 | |||
29 | void allocate(void) | ||
30 | { | ||
31 | m = alignedcalloc(crypto_scalarmult_SCALARBYTES); | ||
32 | n = alignedcalloc(crypto_scalarmult_SCALARBYTES); | ||
33 | p = alignedcalloc(crypto_scalarmult_BYTES); | ||
34 | q = alignedcalloc(crypto_scalarmult_BYTES); | ||
35 | } | ||
36 | |||
37 | #define TIMINGS 63 | ||
38 | static long long cycles[TIMINGS + 1]; | ||
39 | |||
40 | void measure(void) | ||
41 | { | ||
42 | int i; | ||
43 | int loop; | ||
44 | |||
45 | for (loop = 0;loop < LOOPS;++loop) { | ||
46 | randombytes(m,crypto_scalarmult_SCALARBYTES); | ||
47 | randombytes(n,crypto_scalarmult_SCALARBYTES); | ||
48 | for (i = 0;i <= TIMINGS;++i) { | ||
49 | cycles[i] = cpucycles(); | ||
50 | crypto_scalarmult_base(p,m); | ||
51 | } | ||
52 | for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; | ||
53 | printentry(-1,"base_cycles",cycles,TIMINGS); | ||
54 | for (i = 0;i <= TIMINGS;++i) { | ||
55 | cycles[i] = cpucycles(); | ||
56 | crypto_scalarmult(q,n,p); | ||
57 | } | ||
58 | for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; | ||
59 | printentry(-1,"cycles",cycles,TIMINGS); | ||
60 | } | ||
61 | } | ||
diff --git a/nacl/crypto_scalarmult/try.c b/nacl/crypto_scalarmult/try.c new file mode 100644 index 00000000..560ce493 --- /dev/null +++ b/nacl/crypto_scalarmult/try.c | |||
@@ -0,0 +1,126 @@ | |||
1 | /* | ||
2 | * crypto_scalarmult/try.c version 20090118 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | */ | ||
6 | |||
7 | #include <stdlib.h> | ||
8 | #include "crypto_scalarmult.h" | ||
9 | |||
10 | extern unsigned char *alignedcalloc(unsigned long long); | ||
11 | |||
12 | const char *primitiveimplementation = crypto_scalarmult_IMPLEMENTATION; | ||
13 | |||
14 | #define mlen crypto_scalarmult_SCALARBYTES | ||
15 | #define nlen crypto_scalarmult_SCALARBYTES | ||
16 | #define plen crypto_scalarmult_BYTES | ||
17 | #define qlen crypto_scalarmult_BYTES | ||
18 | #define rlen crypto_scalarmult_BYTES | ||
19 | |||
20 | static unsigned char *m; | ||
21 | static unsigned char *n; | ||
22 | static unsigned char *p; | ||
23 | static unsigned char *q; | ||
24 | static unsigned char *r; | ||
25 | |||
26 | static unsigned char *m2; | ||
27 | static unsigned char *n2; | ||
28 | static unsigned char *p2; | ||
29 | static unsigned char *q2; | ||
30 | static unsigned char *r2; | ||
31 | |||
32 | void preallocate(void) | ||
33 | { | ||
34 | } | ||
35 | |||
36 | void allocate(void) | ||
37 | { | ||
38 | m = alignedcalloc(mlen); | ||
39 | n = alignedcalloc(nlen); | ||
40 | p = alignedcalloc(plen); | ||
41 | q = alignedcalloc(qlen); | ||
42 | r = alignedcalloc(rlen); | ||
43 | m2 = alignedcalloc(mlen + crypto_scalarmult_BYTES); | ||
44 | n2 = alignedcalloc(nlen + crypto_scalarmult_BYTES); | ||
45 | p2 = alignedcalloc(plen + crypto_scalarmult_BYTES); | ||
46 | q2 = alignedcalloc(qlen + crypto_scalarmult_BYTES); | ||
47 | r2 = alignedcalloc(rlen + crypto_scalarmult_BYTES); | ||
48 | } | ||
49 | |||
50 | void predoit(void) | ||
51 | { | ||
52 | } | ||
53 | |||
54 | void doit(void) | ||
55 | { | ||
56 | crypto_scalarmult(q,n,p); | ||
57 | crypto_scalarmult_base(r,n); | ||
58 | } | ||
59 | |||
60 | char checksum[crypto_scalarmult_BYTES * 2 + 1]; | ||
61 | |||
62 | const char *checksum_compute(void) | ||
63 | { | ||
64 | long long i; | ||
65 | long long j; | ||
66 | long long tests; | ||
67 | |||
68 | for (i = 0;i < mlen;++i) m[i] = i; | ||
69 | for (i = 0;i < nlen;++i) n[i] = i + 1; | ||
70 | for (i = 0;i < plen;++i) p[i] = i + 2; | ||
71 | for (i = 0;i < qlen;++i) q[i] = i + 3; | ||
72 | for (i = 0;i < rlen;++i) r[i] = i + 4; | ||
73 | |||
74 | for (i = -16;i < 0;++i) p[i] = random(); | ||
75 | for (i = -16;i < 0;++i) n[i] = random(); | ||
76 | for (i = plen;i < plen + 16;++i) p[i] = random(); | ||
77 | for (i = nlen;i < nlen + 16;++i) n[i] = random(); | ||
78 | for (i = -16;i < plen + 16;++i) p2[i] = p[i]; | ||
79 | for (i = -16;i < nlen + 16;++i) n2[i] = n[i]; | ||
80 | |||
81 | if (crypto_scalarmult_base(p,n) != 0) return "crypto_scalarmult_base returns nonzero"; | ||
82 | |||
83 | for (i = -16;i < nlen + 16;++i) if (n2[i] != n[i]) return "crypto_scalarmult_base overwrites input"; | ||
84 | for (i = -16;i < 0;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes before output"; | ||
85 | for (i = plen;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes after output"; | ||
86 | |||
87 | for (tests = 0;tests < 100;++tests) { | ||
88 | for (i = -16;i < 0;++i) q[i] = random(); | ||
89 | for (i = -16;i < 0;++i) p[i] = random(); | ||
90 | for (i = -16;i < 0;++i) m[i] = random(); | ||
91 | for (i = qlen;i < qlen + 16;++i) q[i] = random(); | ||
92 | for (i = plen;i < plen + 16;++i) p[i] = random(); | ||
93 | for (i = mlen;i < mlen + 16;++i) m[i] = random(); | ||
94 | for (i = -16;i < qlen + 16;++i) q2[i] = q[i]; | ||
95 | for (i = -16;i < plen + 16;++i) p2[i] = p[i]; | ||
96 | for (i = -16;i < mlen + 16;++i) m2[i] = m[i]; | ||
97 | |||
98 | if (crypto_scalarmult(q,m,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
99 | |||
100 | for (i = -16;i < mlen + 16;++i) if (m2[i] != m[i]) return "crypto_scalarmult overwrites n input"; | ||
101 | for (i = -16;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult overwrites p input"; | ||
102 | for (i = -16;i < 0;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes before output"; | ||
103 | for (i = qlen;i < qlen + 16;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes after output"; | ||
104 | |||
105 | if (crypto_scalarmult(m2,m2,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
106 | for (i = 0;i < qlen;++i) if (q[i] != m2[i]) return "crypto_scalarmult does not handle n overlap"; | ||
107 | for (i = 0;i < qlen;++i) m2[i] = m[i]; | ||
108 | |||
109 | if (crypto_scalarmult(p2,m2,p2) != 0) return "crypto_scalarmult returns nonzero"; | ||
110 | for (i = 0;i < qlen;++i) if (q[i] != p2[i]) return "crypto_scalarmult does not handle p overlap"; | ||
111 | |||
112 | if (crypto_scalarmult(r,n,q) != 0) return "crypto_scalarmult returns nonzero"; | ||
113 | if (crypto_scalarmult(q,n,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
114 | if (crypto_scalarmult(p,m,q) != 0) return "crypto_scalarmult returns nonzero"; | ||
115 | for (j = 0;j < plen;++j) if (p[j] != r[j]) return "crypto_scalarmult not associative"; | ||
116 | for (j = 0;j < mlen;++j) m[j] ^= q[j % qlen]; | ||
117 | for (j = 0;j < nlen;++j) n[j] ^= p[j % plen]; | ||
118 | } | ||
119 | |||
120 | for (i = 0;i < crypto_scalarmult_BYTES;++i) { | ||
121 | checksum[2 * i] = "0123456789abcdef"[15 & (p[i] >> 4)]; | ||
122 | checksum[2 * i + 1] = "0123456789abcdef"[15 & p[i]]; | ||
123 | } | ||
124 | checksum[2 * i] = 0; | ||
125 | return 0; | ||
126 | } | ||
diff --git a/nacl/crypto_scalarmult/wrapper-base.cpp b/nacl/crypto_scalarmult/wrapper-base.cpp new file mode 100644 index 00000000..f71ce19a --- /dev/null +++ b/nacl/crypto_scalarmult/wrapper-base.cpp | |||
@@ -0,0 +1,11 @@ | |||
1 | #include <string> | ||
2 | using std::string; | ||
3 | #include "crypto_scalarmult.h" | ||
4 | |||
5 | string crypto_scalarmult_base(const string &n) | ||
6 | { | ||
7 | unsigned char q[crypto_scalarmult_BYTES]; | ||
8 | if (n.size() != crypto_scalarmult_SCALARBYTES) throw "incorrect scalar length"; | ||
9 | crypto_scalarmult_base(q,(const unsigned char *) n.c_str()); | ||
10 | return string((char *) q,sizeof q); | ||
11 | } | ||
diff --git a/nacl/crypto_scalarmult/wrapper-mult.cpp b/nacl/crypto_scalarmult/wrapper-mult.cpp new file mode 100644 index 00000000..fc693cf0 --- /dev/null +++ b/nacl/crypto_scalarmult/wrapper-mult.cpp | |||
@@ -0,0 +1,12 @@ | |||
1 | #include <string> | ||
2 | using std::string; | ||
3 | #include "crypto_scalarmult.h" | ||
4 | |||
5 | string crypto_scalarmult(const string &n,const string &p) | ||
6 | { | ||
7 | unsigned char q[crypto_scalarmult_BYTES]; | ||
8 | if (n.size() != crypto_scalarmult_SCALARBYTES) throw "incorrect scalar length"; | ||
9 | if (p.size() != crypto_scalarmult_BYTES) throw "incorrect element length"; | ||
10 | crypto_scalarmult(q,(const unsigned char *) n.c_str(),(const unsigned char *) p.c_str()); | ||
11 | return string((char *) q,sizeof q); | ||
12 | } | ||