7 #ifndef SECP256K1_FIELD_INNER5X52_IMPL_H 8 #define SECP256K1_FIELD_INNER5X52_IMPL_H 13 #define VERIFY_BITS(x, n) VERIFY_CHECK(((x) >> (n)) == 0) 15 #define VERIFY_BITS(x, n) do { } while(0) 20 uint64_t t3, t4, tx, u0;
21 uint64_t a0 = a[0], a1 = a[1], a2 = a[2], a3 = a[3], a4 = a[4];
22 const uint64_t
M = 0xFFFFFFFFFFFFFULL, R = 0x1000003D10ULL;
41 d = (uint128_t)a0 * b[3]
42 + (uint128_t)a1 * b[2]
43 + (uint128_t)a2 * b[1]
44 + (uint128_t)a3 * b[0];
47 c = (uint128_t)a4 * b[4];
50 d += (c &
M) * R; c >>= 52;
59 d += (uint128_t)a0 * b[4]
60 + (uint128_t)a1 * b[3]
61 + (uint128_t)a2 * b[2]
62 + (uint128_t)a3 * b[1]
63 + (uint128_t)a4 * b[0];
73 tx = (t4 >> 48); t4 &= (M >> 4);
78 c = (uint128_t)a0 * b[0];
81 d += (uint128_t)a1 * b[4]
82 + (uint128_t)a2 * b[3]
83 + (uint128_t)a3 * b[2]
84 + (uint128_t)a4 * b[1];
95 c += (uint128_t)u0 * (R >> 4);
98 r[0] = c &
M; c >>= 52;
103 c += (uint128_t)a0 * b[1]
104 + (uint128_t)a1 * b[0];
107 d += (uint128_t)a2 * b[4]
108 + (uint128_t)a3 * b[3]
109 + (uint128_t)a4 * b[2];
112 c += (d &
M) * R; d >>= 52;
116 r[1] = c &
M; c >>= 52;
121 c += (uint128_t)a0 * b[2]
122 + (uint128_t)a1 * b[1]
123 + (uint128_t)a2 * b[0];
126 d += (uint128_t)a3 * b[4]
127 + (uint128_t)a4 * b[3];
130 c += (d &
M) * R; d >>= 52;
136 r[2] = c &
M; c >>= 52;
143 r[3] = c &
M; c >>= 52;
155 SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r,
const uint64_t *a) {
157 uint64_t a0 = a[0], a1 = a[1], a2 = a[2], a3 = a[3], a4 = a[4];
158 int64_t t3, t4, tx, u0;
159 const uint64_t
M = 0xFFFFFFFFFFFFFULL, R = 0x1000003D10ULL;
172 d = (uint128_t)(a0*2) * a3
173 + (uint128_t)(a1*2) * a2;
176 c = (uint128_t)a4 * a4;
179 d += (c &
M) * R; c >>= 52;
183 t3 = d &
M; d >>= 52;
189 d += (uint128_t)a0 * a4
190 + (uint128_t)(a1*2) * a3
191 + (uint128_t)a2 * a2;
197 t4 = d &
M; d >>= 52;
201 tx = (t4 >> 48); t4 &= (M >> 4);
206 c = (uint128_t)a0 * a0;
209 d += (uint128_t)a1 * a4
210 + (uint128_t)(a2*2) * a3;
213 u0 = d &
M; d >>= 52;
221 c += (uint128_t)u0 * (R >> 4);
224 r[0] = c &
M; c >>= 52;
230 c += (uint128_t)a0 * a1;
233 d += (uint128_t)a2 * a4
234 + (uint128_t)a3 * a3;
237 c += (d &
M) * R; d >>= 52;
241 r[1] = c &
M; c >>= 52;
246 c += (uint128_t)a0 * a2
247 + (uint128_t)a1 * a1;
250 d += (uint128_t)a3 * a4;
253 c += (d &
M) * R; d >>= 52;
257 r[2] = c &
M; c >>= 52;
265 r[3] = c &
M; c >>= 52;
#define VERIFY_CHECK(cond)
#define SECP256K1_RESTRICT
#define VERIFY_BITS(x, n)