|
- /* Copyright (c) 2015, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
- /* This file is adapted from crypto_scalarmult/curve25519/amd64-51/ in
- * SUPERCOP 20141124 (http://bench.cr.yp.to/supercop.html). That code is public
- * domain licensed but the standard ISC license is included above to keep
- * licensing simple. */
-
- #if !defined(OPENSSL_NO_ASM)
- #if defined(__x86_64__)
-
- .data
- .p2align 4
-
- #if defined(__APPLE__)
- /* OS X's C ABI prefixes functions with underscore. */
- #define C_ABI(x) _ ## x
- #define HIDDEN .private_extern
- #else
- #define C_ABI(x) x
- #define HIDDEN .hidden
- #endif
-
- x25519_x86_64_REDMASK51: .quad 0x0007FFFFFFFFFFFF
- x25519_x86_64_121666_213: .quad 996687872
- x25519_x86_64_2P0: .quad 0xFFFFFFFFFFFDA
- x25519_x86_64_2P1234: .quad 0xFFFFFFFFFFFFE
- x25519_x86_64_4P0: .quad 0x1FFFFFFFFFFFB4
- x25519_x86_64_4P1234: .quad 0x1FFFFFFFFFFFFC
- x25519_x86_64_MU0: .quad 0xED9CE5A30A2C131B
- x25519_x86_64_MU1: .quad 0x2106215D086329A7
- x25519_x86_64_MU2: .quad 0xFFFFFFFFFFFFFFEB
- x25519_x86_64_MU3: .quad 0xFFFFFFFFFFFFFFFF
- x25519_x86_64_MU4: .quad 0x000000000000000F
- x25519_x86_64_ORDER0: .quad 0x5812631A5CF5D3ED
- x25519_x86_64_ORDER1: .quad 0x14DEF9DEA2F79CD6
- x25519_x86_64_ORDER2: .quad 0x0000000000000000
- x25519_x86_64_ORDER3: .quad 0x1000000000000000
- x25519_x86_64_EC2D0: .quad 1859910466990425
- x25519_x86_64_EC2D1: .quad 932731440258426
- x25519_x86_64_EC2D2: .quad 1072319116312658
- x25519_x86_64_EC2D3: .quad 1815898335770999
- x25519_x86_64_EC2D4: .quad 633789495995903
- x25519_x86_64__38: .quad 38
-
- .text
- .p2align 5
-
- .globl C_ABI(x25519_x86_64_freeze)
- HIDDEN C_ABI(x25519_x86_64_freeze)
- C_ABI(x25519_x86_64_freeze):
- mov %rsp,%r11
- and $31,%r11
- add $64,%r11
- sub %r11,%rsp
- movq %r11,0(%rsp)
- movq %r12,8(%rsp)
- movq %r13,16(%rsp)
- movq %r14,24(%rsp)
- movq %r15,32(%rsp)
- movq %rbx,40(%rsp)
- movq %rbp,48(%rsp)
- movq 0(%rdi),%rsi
- movq 8(%rdi),%rdx
- movq 16(%rdi),%rcx
- movq 24(%rdi),%r8
- movq 32(%rdi),%r9
- movq x25519_x86_64_REDMASK51(%rip),%rax
- mov %rax,%r10
- sub $18,%r10
- mov $3,%r11
- ._reduceloop:
- mov %rsi,%r12
- shr $51,%r12
- and %rax,%rsi
- add %r12,%rdx
- mov %rdx,%r12
- shr $51,%r12
- and %rax,%rdx
- add %r12,%rcx
- mov %rcx,%r12
- shr $51,%r12
- and %rax,%rcx
- add %r12,%r8
- mov %r8,%r12
- shr $51,%r12
- and %rax,%r8
- add %r12,%r9
- mov %r9,%r12
- shr $51,%r12
- and %rax,%r9
- imulq $19,%r12,%r12
- add %r12,%rsi
- sub $1,%r11
- ja ._reduceloop
- mov $1,%r12
- cmp %r10,%rsi
- cmovl %r11,%r12
- cmp %rax,%rdx
- cmovne %r11,%r12
- cmp %rax,%rcx
- cmovne %r11,%r12
- cmp %rax,%r8
- cmovne %r11,%r12
- cmp %rax,%r9
- cmovne %r11,%r12
- neg %r12
- and %r12,%rax
- and %r12,%r10
- sub %r10,%rsi
- sub %rax,%rdx
- sub %rax,%rcx
- sub %rax,%r8
- sub %rax,%r9
- movq %rsi,0(%rdi)
- movq %rdx,8(%rdi)
- movq %rcx,16(%rdi)
- movq %r8,24(%rdi)
- movq %r9,32(%rdi)
- movq 0(%rsp),%r11
- movq 8(%rsp),%r12
- movq 16(%rsp),%r13
- movq 24(%rsp),%r14
- movq 32(%rsp),%r15
- movq 40(%rsp),%rbx
- movq 48(%rsp),%rbp
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-
- .p2align 5
- .globl C_ABI(x25519_x86_64_mul)
- HIDDEN C_ABI(x25519_x86_64_mul)
- C_ABI(x25519_x86_64_mul):
- mov %rsp,%r11
- and $31,%r11
- add $96,%r11
- sub %r11,%rsp
- movq %r11,0(%rsp)
- movq %r12,8(%rsp)
- movq %r13,16(%rsp)
- movq %r14,24(%rsp)
- movq %r15,32(%rsp)
- movq %rbx,40(%rsp)
- movq %rbp,48(%rsp)
- movq %rdi,56(%rsp)
- mov %rdx,%rcx
- movq 24(%rsi),%rdx
- imulq $19,%rdx,%rax
- movq %rax,64(%rsp)
- mulq 16(%rcx)
- mov %rax,%r8
- mov %rdx,%r9
- movq 32(%rsi),%rdx
- imulq $19,%rdx,%rax
- movq %rax,72(%rsp)
- mulq 8(%rcx)
- add %rax,%r8
- adc %rdx,%r9
- movq 0(%rsi),%rax
- mulq 0(%rcx)
- add %rax,%r8
- adc %rdx,%r9
- movq 0(%rsi),%rax
- mulq 8(%rcx)
- mov %rax,%r10
- mov %rdx,%r11
- movq 0(%rsi),%rax
- mulq 16(%rcx)
- mov %rax,%r12
- mov %rdx,%r13
- movq 0(%rsi),%rax
- mulq 24(%rcx)
- mov %rax,%r14
- mov %rdx,%r15
- movq 0(%rsi),%rax
- mulq 32(%rcx)
- mov %rax,%rbx
- mov %rdx,%rbp
- movq 8(%rsi),%rax
- mulq 0(%rcx)
- add %rax,%r10
- adc %rdx,%r11
- movq 8(%rsi),%rax
- mulq 8(%rcx)
- add %rax,%r12
- adc %rdx,%r13
- movq 8(%rsi),%rax
- mulq 16(%rcx)
- add %rax,%r14
- adc %rdx,%r15
- movq 8(%rsi),%rax
- mulq 24(%rcx)
- add %rax,%rbx
- adc %rdx,%rbp
- movq 8(%rsi),%rdx
- imulq $19,%rdx,%rax
- mulq 32(%rcx)
- add %rax,%r8
- adc %rdx,%r9
- movq 16(%rsi),%rax
- mulq 0(%rcx)
- add %rax,%r12
- adc %rdx,%r13
- movq 16(%rsi),%rax
- mulq 8(%rcx)
- add %rax,%r14
- adc %rdx,%r15
- movq 16(%rsi),%rax
- mulq 16(%rcx)
- add %rax,%rbx
- adc %rdx,%rbp
- movq 16(%rsi),%rdx
- imulq $19,%rdx,%rax
- mulq 24(%rcx)
- add %rax,%r8
- adc %rdx,%r9
- movq 16(%rsi),%rdx
- imulq $19,%rdx,%rax
- mulq 32(%rcx)
- add %rax,%r10
- adc %rdx,%r11
- movq 24(%rsi),%rax
- mulq 0(%rcx)
- add %rax,%r14
- adc %rdx,%r15
- movq 24(%rsi),%rax
- mulq 8(%rcx)
- add %rax,%rbx
- adc %rdx,%rbp
- movq 64(%rsp),%rax
- mulq 24(%rcx)
- add %rax,%r10
- adc %rdx,%r11
- movq 64(%rsp),%rax
- mulq 32(%rcx)
- add %rax,%r12
- adc %rdx,%r13
- movq 32(%rsi),%rax
- mulq 0(%rcx)
- add %rax,%rbx
- adc %rdx,%rbp
- movq 72(%rsp),%rax
- mulq 16(%rcx)
- add %rax,%r10
- adc %rdx,%r11
- movq 72(%rsp),%rax
- mulq 24(%rcx)
- add %rax,%r12
- adc %rdx,%r13
- movq 72(%rsp),%rax
- mulq 32(%rcx)
- add %rax,%r14
- adc %rdx,%r15
- movq x25519_x86_64_REDMASK51(%rip),%rsi
- shld $13,%r8,%r9
- and %rsi,%r8
- shld $13,%r10,%r11
- and %rsi,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rsi,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rsi,%r14
- add %r13,%r14
- shld $13,%rbx,%rbp
- and %rsi,%rbx
- add %r15,%rbx
- imulq $19,%rbp,%rdx
- add %rdx,%r8
- mov %r8,%rdx
- shr $51,%rdx
- add %r10,%rdx
- mov %rdx,%rcx
- shr $51,%rdx
- and %rsi,%r8
- add %r12,%rdx
- mov %rdx,%r9
- shr $51,%rdx
- and %rsi,%rcx
- add %r14,%rdx
- mov %rdx,%rax
- shr $51,%rdx
- and %rsi,%r9
- add %rbx,%rdx
- mov %rdx,%r10
- shr $51,%rdx
- and %rsi,%rax
- imulq $19,%rdx,%rdx
- add %rdx,%r8
- and %rsi,%r10
- movq %r8,0(%rdi)
- movq %rcx,8(%rdi)
- movq %r9,16(%rdi)
- movq %rax,24(%rdi)
- movq %r10,32(%rdi)
- movq 0(%rsp),%r11
- movq 8(%rsp),%r12
- movq 16(%rsp),%r13
- movq 24(%rsp),%r14
- movq 32(%rsp),%r15
- movq 40(%rsp),%rbx
- movq 48(%rsp),%rbp
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-
- .p2align 5
- .globl C_ABI(x25519_x86_64_square)
- HIDDEN C_ABI(x25519_x86_64_square)
- C_ABI(x25519_x86_64_square):
- mov %rsp,%r11
- and $31,%r11
- add $64,%r11
- sub %r11,%rsp
- movq %r11,0(%rsp)
- movq %r12,8(%rsp)
- movq %r13,16(%rsp)
- movq %r14,24(%rsp)
- movq %r15,32(%rsp)
- movq %rbx,40(%rsp)
- movq %rbp,48(%rsp)
- movq 0(%rsi),%rax
- mulq 0(%rsi)
- mov %rax,%rcx
- mov %rdx,%r8
- movq 0(%rsi),%rax
- shl $1,%rax
- mulq 8(%rsi)
- mov %rax,%r9
- mov %rdx,%r10
- movq 0(%rsi),%rax
- shl $1,%rax
- mulq 16(%rsi)
- mov %rax,%r11
- mov %rdx,%r12
- movq 0(%rsi),%rax
- shl $1,%rax
- mulq 24(%rsi)
- mov %rax,%r13
- mov %rdx,%r14
- movq 0(%rsi),%rax
- shl $1,%rax
- mulq 32(%rsi)
- mov %rax,%r15
- mov %rdx,%rbx
- movq 8(%rsi),%rax
- mulq 8(%rsi)
- add %rax,%r11
- adc %rdx,%r12
- movq 8(%rsi),%rax
- shl $1,%rax
- mulq 16(%rsi)
- add %rax,%r13
- adc %rdx,%r14
- movq 8(%rsi),%rax
- shl $1,%rax
- mulq 24(%rsi)
- add %rax,%r15
- adc %rdx,%rbx
- movq 8(%rsi),%rdx
- imulq $38,%rdx,%rax
- mulq 32(%rsi)
- add %rax,%rcx
- adc %rdx,%r8
- movq 16(%rsi),%rax
- mulq 16(%rsi)
- add %rax,%r15
- adc %rdx,%rbx
- movq 16(%rsi),%rdx
- imulq $38,%rdx,%rax
- mulq 24(%rsi)
- add %rax,%rcx
- adc %rdx,%r8
- movq 16(%rsi),%rdx
- imulq $38,%rdx,%rax
- mulq 32(%rsi)
- add %rax,%r9
- adc %rdx,%r10
- movq 24(%rsi),%rdx
- imulq $19,%rdx,%rax
- mulq 24(%rsi)
- add %rax,%r9
- adc %rdx,%r10
- movq 24(%rsi),%rdx
- imulq $38,%rdx,%rax
- mulq 32(%rsi)
- add %rax,%r11
- adc %rdx,%r12
- movq 32(%rsi),%rdx
- imulq $19,%rdx,%rax
- mulq 32(%rsi)
- add %rax,%r13
- adc %rdx,%r14
- movq x25519_x86_64_REDMASK51(%rip),%rsi
- shld $13,%rcx,%r8
- and %rsi,%rcx
- shld $13,%r9,%r10
- and %rsi,%r9
- add %r8,%r9
- shld $13,%r11,%r12
- and %rsi,%r11
- add %r10,%r11
- shld $13,%r13,%r14
- and %rsi,%r13
- add %r12,%r13
- shld $13,%r15,%rbx
- and %rsi,%r15
- add %r14,%r15
- imulq $19,%rbx,%rdx
- add %rdx,%rcx
- mov %rcx,%rdx
- shr $51,%rdx
- add %r9,%rdx
- and %rsi,%rcx
- mov %rdx,%r8
- shr $51,%rdx
- add %r11,%rdx
- and %rsi,%r8
- mov %rdx,%r9
- shr $51,%rdx
- add %r13,%rdx
- and %rsi,%r9
- mov %rdx,%rax
- shr $51,%rdx
- add %r15,%rdx
- and %rsi,%rax
- mov %rdx,%r10
- shr $51,%rdx
- imulq $19,%rdx,%rdx
- add %rdx,%rcx
- and %rsi,%r10
- movq %rcx,0(%rdi)
- movq %r8,8(%rdi)
- movq %r9,16(%rdi)
- movq %rax,24(%rdi)
- movq %r10,32(%rdi)
- movq 0(%rsp),%r11
- movq 8(%rsp),%r12
- movq 16(%rsp),%r13
- movq 24(%rsp),%r14
- movq 32(%rsp),%r15
- movq 40(%rsp),%rbx
- movq 48(%rsp),%rbp
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-
- .p2align 5
- .globl C_ABI(x25519_x86_64_ladderstep)
- HIDDEN C_ABI(x25519_x86_64_ladderstep)
- C_ABI(x25519_x86_64_ladderstep):
- mov %rsp,%r11
- and $31,%r11
- add $352,%r11
- sub %r11,%rsp
- movq %r11,0(%rsp)
- movq %r12,8(%rsp)
- movq %r13,16(%rsp)
- movq %r14,24(%rsp)
- movq %r15,32(%rsp)
- movq %rbx,40(%rsp)
- movq %rbp,48(%rsp)
- movq 40(%rdi),%rsi
- movq 48(%rdi),%rdx
- movq 56(%rdi),%rcx
- movq 64(%rdi),%r8
- movq 72(%rdi),%r9
- mov %rsi,%rax
- mov %rdx,%r10
- mov %rcx,%r11
- mov %r8,%r12
- mov %r9,%r13
- add x25519_x86_64_2P0(%rip),%rax
- add x25519_x86_64_2P1234(%rip),%r10
- add x25519_x86_64_2P1234(%rip),%r11
- add x25519_x86_64_2P1234(%rip),%r12
- add x25519_x86_64_2P1234(%rip),%r13
- addq 80(%rdi),%rsi
- addq 88(%rdi),%rdx
- addq 96(%rdi),%rcx
- addq 104(%rdi),%r8
- addq 112(%rdi),%r9
- subq 80(%rdi),%rax
- subq 88(%rdi),%r10
- subq 96(%rdi),%r11
- subq 104(%rdi),%r12
- subq 112(%rdi),%r13
- movq %rsi,56(%rsp)
- movq %rdx,64(%rsp)
- movq %rcx,72(%rsp)
- movq %r8,80(%rsp)
- movq %r9,88(%rsp)
- movq %rax,96(%rsp)
- movq %r10,104(%rsp)
- movq %r11,112(%rsp)
- movq %r12,120(%rsp)
- movq %r13,128(%rsp)
- movq 96(%rsp),%rax
- mulq 96(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 96(%rsp),%rax
- shl $1,%rax
- mulq 104(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 96(%rsp),%rax
- shl $1,%rax
- mulq 112(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 96(%rsp),%rax
- shl $1,%rax
- mulq 120(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 96(%rsp),%rax
- shl $1,%rax
- mulq 128(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 104(%rsp),%rax
- mulq 104(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 104(%rsp),%rax
- shl $1,%rax
- mulq 112(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 104(%rsp),%rax
- shl $1,%rax
- mulq 120(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 104(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 112(%rsp),%rax
- mulq 112(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 112(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 120(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 112(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 120(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 120(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 120(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 128(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- and %rdx,%rsi
- mov %rcx,%r8
- shr $51,%rcx
- add %r10,%rcx
- and %rdx,%r8
- mov %rcx,%r9
- shr $51,%rcx
- add %r12,%rcx
- and %rdx,%r9
- mov %rcx,%rax
- shr $51,%rcx
- add %r14,%rcx
- and %rdx,%rax
- mov %rcx,%r10
- shr $51,%rcx
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,136(%rsp)
- movq %r8,144(%rsp)
- movq %r9,152(%rsp)
- movq %rax,160(%rsp)
- movq %r10,168(%rsp)
- movq 56(%rsp),%rax
- mulq 56(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 56(%rsp),%rax
- shl $1,%rax
- mulq 64(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 56(%rsp),%rax
- shl $1,%rax
- mulq 72(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 56(%rsp),%rax
- shl $1,%rax
- mulq 80(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 56(%rsp),%rax
- shl $1,%rax
- mulq 88(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 64(%rsp),%rax
- mulq 64(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 64(%rsp),%rax
- shl $1,%rax
- mulq 72(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 64(%rsp),%rax
- shl $1,%rax
- mulq 80(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 64(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 72(%rsp),%rax
- mulq 72(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 72(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 80(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 72(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 80(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 80(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 80(%rsp),%rdx
- imulq $38,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 88(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- and %rdx,%rsi
- mov %rcx,%r8
- shr $51,%rcx
- add %r10,%rcx
- and %rdx,%r8
- mov %rcx,%r9
- shr $51,%rcx
- add %r12,%rcx
- and %rdx,%r9
- mov %rcx,%rax
- shr $51,%rcx
- add %r14,%rcx
- and %rdx,%rax
- mov %rcx,%r10
- shr $51,%rcx
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,176(%rsp)
- movq %r8,184(%rsp)
- movq %r9,192(%rsp)
- movq %rax,200(%rsp)
- movq %r10,208(%rsp)
- mov %rsi,%rsi
- mov %r8,%rdx
- mov %r9,%rcx
- mov %rax,%r8
- mov %r10,%r9
- add x25519_x86_64_2P0(%rip),%rsi
- add x25519_x86_64_2P1234(%rip),%rdx
- add x25519_x86_64_2P1234(%rip),%rcx
- add x25519_x86_64_2P1234(%rip),%r8
- add x25519_x86_64_2P1234(%rip),%r9
- subq 136(%rsp),%rsi
- subq 144(%rsp),%rdx
- subq 152(%rsp),%rcx
- subq 160(%rsp),%r8
- subq 168(%rsp),%r9
- movq %rsi,216(%rsp)
- movq %rdx,224(%rsp)
- movq %rcx,232(%rsp)
- movq %r8,240(%rsp)
- movq %r9,248(%rsp)
- movq 120(%rdi),%rsi
- movq 128(%rdi),%rdx
- movq 136(%rdi),%rcx
- movq 144(%rdi),%r8
- movq 152(%rdi),%r9
- mov %rsi,%rax
- mov %rdx,%r10
- mov %rcx,%r11
- mov %r8,%r12
- mov %r9,%r13
- add x25519_x86_64_2P0(%rip),%rax
- add x25519_x86_64_2P1234(%rip),%r10
- add x25519_x86_64_2P1234(%rip),%r11
- add x25519_x86_64_2P1234(%rip),%r12
- add x25519_x86_64_2P1234(%rip),%r13
- addq 160(%rdi),%rsi
- addq 168(%rdi),%rdx
- addq 176(%rdi),%rcx
- addq 184(%rdi),%r8
- addq 192(%rdi),%r9
- subq 160(%rdi),%rax
- subq 168(%rdi),%r10
- subq 176(%rdi),%r11
- subq 184(%rdi),%r12
- subq 192(%rdi),%r13
- movq %rsi,256(%rsp)
- movq %rdx,264(%rsp)
- movq %rcx,272(%rsp)
- movq %r8,280(%rsp)
- movq %r9,288(%rsp)
- movq %rax,296(%rsp)
- movq %r10,304(%rsp)
- movq %r11,312(%rsp)
- movq %r12,320(%rsp)
- movq %r13,328(%rsp)
- movq 280(%rsp),%rsi
- imulq $19,%rsi,%rax
- movq %rax,336(%rsp)
- mulq 112(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 288(%rsp),%rdx
- imulq $19,%rdx,%rax
- movq %rax,344(%rsp)
- mulq 104(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 256(%rsp),%rax
- mulq 96(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 256(%rsp),%rax
- mulq 104(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 256(%rsp),%rax
- mulq 112(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 256(%rsp),%rax
- mulq 120(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 256(%rsp),%rax
- mulq 128(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 264(%rsp),%rax
- mulq 96(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 264(%rsp),%rax
- mulq 104(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 264(%rsp),%rax
- mulq 112(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 264(%rsp),%rax
- mulq 120(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 264(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 272(%rsp),%rax
- mulq 96(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 272(%rsp),%rax
- mulq 104(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 272(%rsp),%rax
- mulq 112(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 272(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 120(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 272(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 128(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 280(%rsp),%rax
- mulq 96(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 280(%rsp),%rax
- mulq 104(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 336(%rsp),%rax
- mulq 120(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 336(%rsp),%rax
- mulq 128(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 288(%rsp),%rax
- mulq 96(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 344(%rsp),%rax
- mulq 112(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 344(%rsp),%rax
- mulq 120(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 344(%rsp),%rax
- mulq 128(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- mov %rcx,%r8
- shr $51,%rcx
- and %rdx,%rsi
- add %r10,%rcx
- mov %rcx,%r9
- shr $51,%rcx
- and %rdx,%r8
- add %r12,%rcx
- mov %rcx,%rax
- shr $51,%rcx
- and %rdx,%r9
- add %r14,%rcx
- mov %rcx,%r10
- shr $51,%rcx
- and %rdx,%rax
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,96(%rsp)
- movq %r8,104(%rsp)
- movq %r9,112(%rsp)
- movq %rax,120(%rsp)
- movq %r10,128(%rsp)
- movq 320(%rsp),%rsi
- imulq $19,%rsi,%rax
- movq %rax,256(%rsp)
- mulq 72(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 328(%rsp),%rdx
- imulq $19,%rdx,%rax
- movq %rax,264(%rsp)
- mulq 64(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 296(%rsp),%rax
- mulq 56(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 296(%rsp),%rax
- mulq 64(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 296(%rsp),%rax
- mulq 72(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 296(%rsp),%rax
- mulq 80(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 296(%rsp),%rax
- mulq 88(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 304(%rsp),%rax
- mulq 56(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 304(%rsp),%rax
- mulq 64(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 304(%rsp),%rax
- mulq 72(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 304(%rsp),%rax
- mulq 80(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 304(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 312(%rsp),%rax
- mulq 56(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 312(%rsp),%rax
- mulq 64(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 312(%rsp),%rax
- mulq 72(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 312(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 80(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 312(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 88(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 320(%rsp),%rax
- mulq 56(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 320(%rsp),%rax
- mulq 64(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 256(%rsp),%rax
- mulq 80(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 256(%rsp),%rax
- mulq 88(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 328(%rsp),%rax
- mulq 56(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 264(%rsp),%rax
- mulq 72(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 264(%rsp),%rax
- mulq 80(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 264(%rsp),%rax
- mulq 88(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- mov %rcx,%r8
- shr $51,%rcx
- and %rdx,%rsi
- add %r10,%rcx
- mov %rcx,%r9
- shr $51,%rcx
- and %rdx,%r8
- add %r12,%rcx
- mov %rcx,%rax
- shr $51,%rcx
- and %rdx,%r9
- add %r14,%rcx
- mov %rcx,%r10
- shr $51,%rcx
- and %rdx,%rax
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- mov %rsi,%rdx
- mov %r8,%rcx
- mov %r9,%r11
- mov %rax,%r12
- mov %r10,%r13
- add x25519_x86_64_2P0(%rip),%rdx
- add x25519_x86_64_2P1234(%rip),%rcx
- add x25519_x86_64_2P1234(%rip),%r11
- add x25519_x86_64_2P1234(%rip),%r12
- add x25519_x86_64_2P1234(%rip),%r13
- addq 96(%rsp),%rsi
- addq 104(%rsp),%r8
- addq 112(%rsp),%r9
- addq 120(%rsp),%rax
- addq 128(%rsp),%r10
- subq 96(%rsp),%rdx
- subq 104(%rsp),%rcx
- subq 112(%rsp),%r11
- subq 120(%rsp),%r12
- subq 128(%rsp),%r13
- movq %rsi,120(%rdi)
- movq %r8,128(%rdi)
- movq %r9,136(%rdi)
- movq %rax,144(%rdi)
- movq %r10,152(%rdi)
- movq %rdx,160(%rdi)
- movq %rcx,168(%rdi)
- movq %r11,176(%rdi)
- movq %r12,184(%rdi)
- movq %r13,192(%rdi)
- movq 120(%rdi),%rax
- mulq 120(%rdi)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 120(%rdi),%rax
- shl $1,%rax
- mulq 128(%rdi)
- mov %rax,%r8
- mov %rdx,%r9
- movq 120(%rdi),%rax
- shl $1,%rax
- mulq 136(%rdi)
- mov %rax,%r10
- mov %rdx,%r11
- movq 120(%rdi),%rax
- shl $1,%rax
- mulq 144(%rdi)
- mov %rax,%r12
- mov %rdx,%r13
- movq 120(%rdi),%rax
- shl $1,%rax
- mulq 152(%rdi)
- mov %rax,%r14
- mov %rdx,%r15
- movq 128(%rdi),%rax
- mulq 128(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 128(%rdi),%rax
- shl $1,%rax
- mulq 136(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq 128(%rdi),%rax
- shl $1,%rax
- mulq 144(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 128(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 152(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 136(%rdi),%rax
- mulq 136(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 136(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 144(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 136(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 152(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 144(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 144(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 144(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 152(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 152(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 152(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- and %rdx,%rsi
- mov %rcx,%r8
- shr $51,%rcx
- add %r10,%rcx
- and %rdx,%r8
- mov %rcx,%r9
- shr $51,%rcx
- add %r12,%rcx
- and %rdx,%r9
- mov %rcx,%rax
- shr $51,%rcx
- add %r14,%rcx
- and %rdx,%rax
- mov %rcx,%r10
- shr $51,%rcx
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,120(%rdi)
- movq %r8,128(%rdi)
- movq %r9,136(%rdi)
- movq %rax,144(%rdi)
- movq %r10,152(%rdi)
- movq 160(%rdi),%rax
- mulq 160(%rdi)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 160(%rdi),%rax
- shl $1,%rax
- mulq 168(%rdi)
- mov %rax,%r8
- mov %rdx,%r9
- movq 160(%rdi),%rax
- shl $1,%rax
- mulq 176(%rdi)
- mov %rax,%r10
- mov %rdx,%r11
- movq 160(%rdi),%rax
- shl $1,%rax
- mulq 184(%rdi)
- mov %rax,%r12
- mov %rdx,%r13
- movq 160(%rdi),%rax
- shl $1,%rax
- mulq 192(%rdi)
- mov %rax,%r14
- mov %rdx,%r15
- movq 168(%rdi),%rax
- mulq 168(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 168(%rdi),%rax
- shl $1,%rax
- mulq 176(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq 168(%rdi),%rax
- shl $1,%rax
- mulq 184(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 168(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 192(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rdi),%rax
- mulq 176(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 176(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 184(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 192(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 184(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 184(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 184(%rdi),%rdx
- imulq $38,%rdx,%rax
- mulq 192(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 192(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 192(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- and %rdx,%rsi
- mov %rcx,%r8
- shr $51,%rcx
- add %r10,%rcx
- and %rdx,%r8
- mov %rcx,%r9
- shr $51,%rcx
- add %r12,%rcx
- and %rdx,%r9
- mov %rcx,%rax
- shr $51,%rcx
- add %r14,%rcx
- and %rdx,%rax
- mov %rcx,%r10
- shr $51,%rcx
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,160(%rdi)
- movq %r8,168(%rdi)
- movq %r9,176(%rdi)
- movq %rax,184(%rdi)
- movq %r10,192(%rdi)
- movq 184(%rdi),%rsi
- imulq $19,%rsi,%rax
- movq %rax,56(%rsp)
- mulq 16(%rdi)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 192(%rdi),%rdx
- imulq $19,%rdx,%rax
- movq %rax,64(%rsp)
- mulq 8(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 160(%rdi),%rax
- mulq 0(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 160(%rdi),%rax
- mulq 8(%rdi)
- mov %rax,%r8
- mov %rdx,%r9
- movq 160(%rdi),%rax
- mulq 16(%rdi)
- mov %rax,%r10
- mov %rdx,%r11
- movq 160(%rdi),%rax
- mulq 24(%rdi)
- mov %rax,%r12
- mov %rdx,%r13
- movq 160(%rdi),%rax
- mulq 32(%rdi)
- mov %rax,%r14
- mov %rdx,%r15
- movq 168(%rdi),%rax
- mulq 0(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 168(%rdi),%rax
- mulq 8(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 168(%rdi),%rax
- mulq 16(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq 168(%rdi),%rax
- mulq 24(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 168(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 32(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rdi),%rax
- mulq 0(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 176(%rdi),%rax
- mulq 8(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq 176(%rdi),%rax
- mulq 16(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 176(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 24(%rdi)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 32(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 184(%rdi),%rax
- mulq 0(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq 184(%rdi),%rax
- mulq 8(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 56(%rsp),%rax
- mulq 24(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 56(%rsp),%rax
- mulq 32(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 192(%rdi),%rax
- mulq 0(%rdi)
- add %rax,%r14
- adc %rdx,%r15
- movq 64(%rsp),%rax
- mulq 16(%rdi)
- add %rax,%r8
- adc %rdx,%r9
- movq 64(%rsp),%rax
- mulq 24(%rdi)
- add %rax,%r10
- adc %rdx,%r11
- movq 64(%rsp),%rax
- mulq 32(%rdi)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- mov %rcx,%r8
- shr $51,%rcx
- and %rdx,%rsi
- add %r10,%rcx
- mov %rcx,%r9
- shr $51,%rcx
- and %rdx,%r8
- add %r12,%rcx
- mov %rcx,%rax
- shr $51,%rcx
- and %rdx,%r9
- add %r14,%rcx
- mov %rcx,%r10
- shr $51,%rcx
- and %rdx,%rax
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,160(%rdi)
- movq %r8,168(%rdi)
- movq %r9,176(%rdi)
- movq %rax,184(%rdi)
- movq %r10,192(%rdi)
- movq 200(%rsp),%rsi
- imulq $19,%rsi,%rax
- movq %rax,56(%rsp)
- mulq 152(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 208(%rsp),%rdx
- imulq $19,%rdx,%rax
- movq %rax,64(%rsp)
- mulq 144(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rsp),%rax
- mulq 136(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 176(%rsp),%rax
- mulq 144(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 176(%rsp),%rax
- mulq 152(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 176(%rsp),%rax
- mulq 160(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 176(%rsp),%rax
- mulq 168(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 184(%rsp),%rax
- mulq 136(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 184(%rsp),%rax
- mulq 144(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 184(%rsp),%rax
- mulq 152(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 184(%rsp),%rax
- mulq 160(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 184(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 168(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 192(%rsp),%rax
- mulq 136(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 192(%rsp),%rax
- mulq 144(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 192(%rsp),%rax
- mulq 152(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 192(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 160(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 192(%rsp),%rdx
- imulq $19,%rdx,%rax
- mulq 168(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 200(%rsp),%rax
- mulq 136(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 200(%rsp),%rax
- mulq 144(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 56(%rsp),%rax
- mulq 160(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 56(%rsp),%rax
- mulq 168(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 208(%rsp),%rax
- mulq 136(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 64(%rsp),%rax
- mulq 152(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 64(%rsp),%rax
- mulq 160(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 64(%rsp),%rax
- mulq 168(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- mov %rcx,%r8
- shr $51,%rcx
- and %rdx,%rsi
- add %r10,%rcx
- mov %rcx,%r9
- shr $51,%rcx
- and %rdx,%r8
- add %r12,%rcx
- mov %rcx,%rax
- shr $51,%rcx
- and %rdx,%r9
- add %r14,%rcx
- mov %rcx,%r10
- shr $51,%rcx
- and %rdx,%rax
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,40(%rdi)
- movq %r8,48(%rdi)
- movq %r9,56(%rdi)
- movq %rax,64(%rdi)
- movq %r10,72(%rdi)
- movq 216(%rsp),%rax
- mulq x25519_x86_64_121666_213(%rip)
- shr $13,%rax
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 224(%rsp),%rax
- mulq x25519_x86_64_121666_213(%rip)
- shr $13,%rax
- add %rax,%rcx
- mov %rdx,%r8
- movq 232(%rsp),%rax
- mulq x25519_x86_64_121666_213(%rip)
- shr $13,%rax
- add %rax,%r8
- mov %rdx,%r9
- movq 240(%rsp),%rax
- mulq x25519_x86_64_121666_213(%rip)
- shr $13,%rax
- add %rax,%r9
- mov %rdx,%r10
- movq 248(%rsp),%rax
- mulq x25519_x86_64_121666_213(%rip)
- shr $13,%rax
- add %rax,%r10
- imulq $19,%rdx,%rdx
- add %rdx,%rsi
- addq 136(%rsp),%rsi
- addq 144(%rsp),%rcx
- addq 152(%rsp),%r8
- addq 160(%rsp),%r9
- addq 168(%rsp),%r10
- movq %rsi,80(%rdi)
- movq %rcx,88(%rdi)
- movq %r8,96(%rdi)
- movq %r9,104(%rdi)
- movq %r10,112(%rdi)
- movq 104(%rdi),%rsi
- imulq $19,%rsi,%rax
- movq %rax,56(%rsp)
- mulq 232(%rsp)
- mov %rax,%rsi
- mov %rdx,%rcx
- movq 112(%rdi),%rdx
- imulq $19,%rdx,%rax
- movq %rax,64(%rsp)
- mulq 224(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 80(%rdi),%rax
- mulq 216(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 80(%rdi),%rax
- mulq 224(%rsp)
- mov %rax,%r8
- mov %rdx,%r9
- movq 80(%rdi),%rax
- mulq 232(%rsp)
- mov %rax,%r10
- mov %rdx,%r11
- movq 80(%rdi),%rax
- mulq 240(%rsp)
- mov %rax,%r12
- mov %rdx,%r13
- movq 80(%rdi),%rax
- mulq 248(%rsp)
- mov %rax,%r14
- mov %rdx,%r15
- movq 88(%rdi),%rax
- mulq 216(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 88(%rdi),%rax
- mulq 224(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 88(%rdi),%rax
- mulq 232(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 88(%rdi),%rax
- mulq 240(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 88(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 248(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 96(%rdi),%rax
- mulq 216(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 96(%rdi),%rax
- mulq 224(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 96(%rdi),%rax
- mulq 232(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 96(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 240(%rsp)
- add %rax,%rsi
- adc %rdx,%rcx
- movq 96(%rdi),%rdx
- imulq $19,%rdx,%rax
- mulq 248(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 104(%rdi),%rax
- mulq 216(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq 104(%rdi),%rax
- mulq 224(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 56(%rsp),%rax
- mulq 240(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 56(%rsp),%rax
- mulq 248(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 112(%rdi),%rax
- mulq 216(%rsp)
- add %rax,%r14
- adc %rdx,%r15
- movq 64(%rsp),%rax
- mulq 232(%rsp)
- add %rax,%r8
- adc %rdx,%r9
- movq 64(%rsp),%rax
- mulq 240(%rsp)
- add %rax,%r10
- adc %rdx,%r11
- movq 64(%rsp),%rax
- mulq 248(%rsp)
- add %rax,%r12
- adc %rdx,%r13
- movq x25519_x86_64_REDMASK51(%rip),%rdx
- shld $13,%rsi,%rcx
- and %rdx,%rsi
- shld $13,%r8,%r9
- and %rdx,%r8
- add %rcx,%r8
- shld $13,%r10,%r11
- and %rdx,%r10
- add %r9,%r10
- shld $13,%r12,%r13
- and %rdx,%r12
- add %r11,%r12
- shld $13,%r14,%r15
- and %rdx,%r14
- add %r13,%r14
- imulq $19,%r15,%rcx
- add %rcx,%rsi
- mov %rsi,%rcx
- shr $51,%rcx
- add %r8,%rcx
- mov %rcx,%r8
- shr $51,%rcx
- and %rdx,%rsi
- add %r10,%rcx
- mov %rcx,%r9
- shr $51,%rcx
- and %rdx,%r8
- add %r12,%rcx
- mov %rcx,%rax
- shr $51,%rcx
- and %rdx,%r9
- add %r14,%rcx
- mov %rcx,%r10
- shr $51,%rcx
- and %rdx,%rax
- imulq $19,%rcx,%rcx
- add %rcx,%rsi
- and %rdx,%r10
- movq %rsi,80(%rdi)
- movq %r8,88(%rdi)
- movq %r9,96(%rdi)
- movq %rax,104(%rdi)
- movq %r10,112(%rdi)
- movq 0(%rsp),%r11
- movq 8(%rsp),%r12
- movq 16(%rsp),%r13
- movq 24(%rsp),%r14
- movq 32(%rsp),%r15
- movq 40(%rsp),%rbx
- movq 48(%rsp),%rbp
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-
- .p2align 5
- .globl C_ABI(x25519_x86_64_work_cswap)
- HIDDEN C_ABI(x25519_x86_64_work_cswap)
- C_ABI(x25519_x86_64_work_cswap):
- mov %rsp,%r11
- and $31,%r11
- add $0,%r11
- sub %r11,%rsp
- cmp $1,%rsi
- movq 0(%rdi),%rsi
- movq 80(%rdi),%rdx
- movq 8(%rdi),%rcx
- movq 88(%rdi),%r8
- mov %rsi,%r9
- cmove %rdx,%rsi
- cmove %r9,%rdx
- mov %rcx,%r9
- cmove %r8,%rcx
- cmove %r9,%r8
- movq %rsi,0(%rdi)
- movq %rdx,80(%rdi)
- movq %rcx,8(%rdi)
- movq %r8,88(%rdi)
- movq 16(%rdi),%rsi
- movq 96(%rdi),%rdx
- movq 24(%rdi),%rcx
- movq 104(%rdi),%r8
- mov %rsi,%r9
- cmove %rdx,%rsi
- cmove %r9,%rdx
- mov %rcx,%r9
- cmove %r8,%rcx
- cmove %r9,%r8
- movq %rsi,16(%rdi)
- movq %rdx,96(%rdi)
- movq %rcx,24(%rdi)
- movq %r8,104(%rdi)
- movq 32(%rdi),%rsi
- movq 112(%rdi),%rdx
- movq 40(%rdi),%rcx
- movq 120(%rdi),%r8
- mov %rsi,%r9
- cmove %rdx,%rsi
- cmove %r9,%rdx
- mov %rcx,%r9
- cmove %r8,%rcx
- cmove %r9,%r8
- movq %rsi,32(%rdi)
- movq %rdx,112(%rdi)
- movq %rcx,40(%rdi)
- movq %r8,120(%rdi)
- movq 48(%rdi),%rsi
- movq 128(%rdi),%rdx
- movq 56(%rdi),%rcx
- movq 136(%rdi),%r8
- mov %rsi,%r9
- cmove %rdx,%rsi
- cmove %r9,%rdx
- mov %rcx,%r9
- cmove %r8,%rcx
- cmove %r9,%r8
- movq %rsi,48(%rdi)
- movq %rdx,128(%rdi)
- movq %rcx,56(%rdi)
- movq %r8,136(%rdi)
- movq 64(%rdi),%rsi
- movq 144(%rdi),%rdx
- movq 72(%rdi),%rcx
- movq 152(%rdi),%r8
- mov %rsi,%r9
- cmove %rdx,%rsi
- cmove %r9,%rdx
- mov %rcx,%r9
- cmove %r8,%rcx
- cmove %r9,%r8
- movq %rsi,64(%rdi)
- movq %rdx,144(%rdi)
- movq %rcx,72(%rdi)
- movq %r8,152(%rdi)
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-
- #endif /* __x86_64__ */
- #endif /* !OPENSSL_NO_ASM */
|