Lines Matching refs:dd
128 __m128i *cc, __m128i *dd)
131 * Caryless multiplication dd:cc = aa * bb
135 *dd = _mm_clmulepi64_si128(aa, bb, 0x11); // a1*b1 = d1:d0
142 *dd = _mm_xor_si128(*dd, ff); // d1:d0+e1+f1
146 static void gcm_shift(__m128i *cc, __m128i *dd)
148 /* [CMUCL-WP] Algorithm 5 Step 1: shift cc:dd one bit to the left,
151 // // *dd = r3:r2
153 __m128i dd_lo = _mm_slli_epi64(*dd, 1); // r3<<1:r2<<1
155 __m128i dd_hi = _mm_srli_epi64(*dd, 63); // r3>>63:r2>>63
161 *dd = _mm_or_si128(_mm_or_si128(dd_lo, dd_hi), xmm5); // r3<<1|r2>>62:r2<<1|r1>>63
171 __m128i dd = _mm_slli_si128(_mm_xor_si128(_mm_xor_si128(aa, bb), cc), 8); // a+b+c:0
172 return _mm_xor_si128(dd, xx); // x1+a+b+c:x0 = d:x0
196 __m128i aa = { 0 }, bb = { 0 }, cc, dd;
204 gcm_clmul(aa, bb, &cc, &dd);
205 gcm_shift(&cc, &dd);
209 * Currently dd:cc holds x3:x2:x1:x0 (already shifted).
213 cc = _mm_xor_si128(xh, dd); // x3+h1:x2+h0