37 #define NUM_ECC_DIGITS (ECC_BYTES / 8)  macro
40 	u64 x[NUM_ECC_DIGITS];
41 	u64 y[NUM_ECC_DIGITS];
62 static u64 curve_p[NUM_ECC_DIGITS] = CURVE_P_32;
64 static u64 curve_n[NUM_ECC_DIGITS] = CURVE_N_32;
70 	for (i = 0; i < NUM_ECC_DIGITS; i++)  in vli_clear()
79 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in vli_is_zero()
102 	for (i = NUM_ECC_DIGITS - 1; i >= 0 && vli[i] == 0; i--);  in vli_num_digits()
129 	for (i = 0; i < NUM_ECC_DIGITS; i++)  in vli_set()
138     for (i = NUM_ECC_DIGITS - 1; i >= 0; i--) {  in vli_cmp()
157 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in vli_lshift()
173 	vli += NUM_ECC_DIGITS;  in vli_rshift1()
189 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in vli_add()
208 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in vli_sub()
265 	for (k = 0; k < NUM_ECC_DIGITS * 2 - 1; k++) {  in vli_mult()
268 		if (k < NUM_ECC_DIGITS)  in vli_mult()
271 			min = (k + 1) - NUM_ECC_DIGITS;  in vli_mult()
273 		for (i = min; i <= k && i < NUM_ECC_DIGITS; i++) {  in vli_mult()
288 	result[NUM_ECC_DIGITS * 2 - 1] = r01.m_low;  in vli_mult()
297 	for (k = 0; k < NUM_ECC_DIGITS * 2 - 1; k++) {  in vli_square()
300 		if (k < NUM_ECC_DIGITS)  in vli_square()
303 			min = (k + 1) - NUM_ECC_DIGITS;  in vli_square()
327 	result[NUM_ECC_DIGITS * 2 - 1] = r01.m_low;  in vli_square()
367 	u64 tmp[NUM_ECC_DIGITS];  in vli_mmod_fast()
443 	u64 product[2 * NUM_ECC_DIGITS];  in vli_mod_mult_fast()
452 	u64 product[2 * NUM_ECC_DIGITS];  in vli_mod_square_fast()
465 	u64 a[NUM_ECC_DIGITS], b[NUM_ECC_DIGITS];  in vli_mod_inv()
466 	u64 u[NUM_ECC_DIGITS], v[NUM_ECC_DIGITS];  in vli_mod_inv()
492 				u[NUM_ECC_DIGITS - 1] |= 0x8000000000000000ull;  in vli_mod_inv()
501 				v[NUM_ECC_DIGITS - 1] |= 0x8000000000000000ull;  in vli_mod_inv()
515 				u[NUM_ECC_DIGITS - 1] |= 0x8000000000000000ull;  in vli_mod_inv()
529 				v[NUM_ECC_DIGITS - 1] |= 0x8000000000000000ull;  in vli_mod_inv()
552 	u64 t4[NUM_ECC_DIGITS];  in ecc_point_double_jacobian()
553 	u64 t5[NUM_ECC_DIGITS];  in ecc_point_double_jacobian()
574 		x1[NUM_ECC_DIGITS - 1] |= carry << 63;  in ecc_point_double_jacobian()
595 	u64 t1[NUM_ECC_DIGITS];  in apply_z()
607 	u64 z[NUM_ECC_DIGITS];  in xycz_initial_double()
632 	u64 t5[NUM_ECC_DIGITS];  in xycz_add()
659 	u64 t5[NUM_ECC_DIGITS];  in xycz_add_c()
660 	u64 t6[NUM_ECC_DIGITS];  in xycz_add_c()
661 	u64 t7[NUM_ECC_DIGITS];  in xycz_add_c()
694 	u64 rx[2][NUM_ECC_DIGITS];  in ecc_point_mult()
695 	u64 ry[2][NUM_ECC_DIGITS];  in ecc_point_mult()
696 	u64 z[NUM_ECC_DIGITS];  in ecc_point_mult()
731 			     u64 native[NUM_ECC_DIGITS])  in ecc_bytes2native()  argument
735 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in ecc_bytes2native()
736 		const u8 *digit = bytes + 8 * (NUM_ECC_DIGITS - 1 - i);  in ecc_bytes2native()
738 		native[NUM_ECC_DIGITS - 1 - i] =  in ecc_bytes2native()
750 static void ecc_native2bytes(const u64 native[NUM_ECC_DIGITS],  in ecc_native2bytes()  argument
755 	for (i = 0; i < NUM_ECC_DIGITS; i++) {  in ecc_native2bytes()
756 		u8 *digit = bytes + 8 * (NUM_ECC_DIGITS - 1 - i);  in ecc_native2bytes()
758 		digit[0] = native[NUM_ECC_DIGITS - 1 - i] >> 0;  in ecc_native2bytes()
759 		digit[1] = native[NUM_ECC_DIGITS - 1 - i] >> 8;  in ecc_native2bytes()
760 		digit[2] = native[NUM_ECC_DIGITS - 1 - i] >> 16;  in ecc_native2bytes()
761 		digit[3] = native[NUM_ECC_DIGITS - 1 - i] >> 24;  in ecc_native2bytes()
762 		digit[4] = native[NUM_ECC_DIGITS - 1 - i] >> 32;  in ecc_native2bytes()
763 		digit[5] = native[NUM_ECC_DIGITS - 1 - i] >> 40;  in ecc_native2bytes()
764 		digit[6] = native[NUM_ECC_DIGITS - 1 - i] >> 48;  in ecc_native2bytes()
765 		digit[7] = native[NUM_ECC_DIGITS - 1 - i] >> 56;  in ecc_native2bytes()
772 	u64 priv[NUM_ECC_DIGITS];  in ecc_make_key()
801 	u64 priv[NUM_ECC_DIGITS];  in ecdh_shared_secret()
802 	u64 rand[NUM_ECC_DIGITS];  in ecdh_shared_secret()