Lines Matching refs:tmp
380 felem tmp;
386 tmp[3] = zero110[3] + in[3] + ((u64)(in[2] >> 64));
387 /* tmp[3] < 2^110 */
389 tmp[2] = zero110[2] + (u64)in[2];
390 tmp[0] = zero110[0] + in[0];
391 tmp[1] = zero110[1] + in[1];
392 /* tmp[0] < 2**110, tmp[1] < 2^111, tmp[2] < 2**65 */
396 * tmp[3]. We don't update the other words till the end.
398 a = tmp[3] >> 64; /* a < 2^46 */
399 tmp[3] = (u64)tmp[3];
400 tmp[3] -= a;
401 tmp[3] += ((limb) a) << 32;
402 /* tmp[3] < 2^79 */
405 a = tmp[3] >> 64; /* a < 2^15 */
407 tmp[3] = (u64)tmp[3];
408 tmp[3] -= a;
409 tmp[3] += ((limb) a) << 32;
410 /* tmp[3] < 2^64 + 2^47 */
416 tmp[0] += b;
417 tmp[1] -= (((limb) b) << 32);
420 * In order to make space in tmp[3] for the carry from 2 -> 3, we
421 * conditionally subtract kPrime if tmp[3] is large enough.
423 high = (u64)(tmp[3] >> 64);
424 /* As tmp[3] < 2^65, high is either 1 or 0 */
428 * all ones if the high word of tmp[3] is 1
429 * all zeros if the high word of tmp[3] if 0
431 low = (u64)tmp[3];
449 tmp[0] -= mask & kPrime[0];
450 tmp[1] -= mask & kPrime[1];
452 tmp[3] -= mask & kPrime[3];
453 /* tmp[3] < 2**64 - 2**32 + 1 */
455 tmp[1] += ((u64)(tmp[0] >> 64));
456 tmp[0] = (u64)tmp[0];
457 tmp[2] += ((u64)(tmp[1] >> 64));
458 tmp[1] = (u64)tmp[1];
459 tmp[3] += ((u64)(tmp[2] >> 64));
460 tmp[2] = (u64)tmp[2];
461 /* tmp[i] < 2^64 */
463 out[0] = tmp[0];
464 out[1] = tmp[1];
465 out[2] = tmp[2];
466 out[3] = tmp[3];
911 felem tmp;
914 felem_reduce(tmp, longtmp);
915 felem_contract(out, tmp);
922 felem tmp;
925 felem_reduce(tmp, longtmp);
926 felem_contract(out, tmp);
987 longfelem tmp;
990 felem_square(tmp, in);
991 felem_reduce(ftmp, tmp); /* 2^1 */
992 felem_mul(tmp, in, ftmp);
993 felem_reduce(ftmp, tmp); /* 2^2 - 2^0 */
995 felem_square(tmp, ftmp);
996 felem_reduce(ftmp, tmp); /* 2^3 - 2^1 */
997 felem_square(tmp, ftmp);
998 felem_reduce(ftmp, tmp); /* 2^4 - 2^2 */
999 felem_mul(tmp, ftmp, e2);
1000 felem_reduce(ftmp, tmp); /* 2^4 - 2^0 */
1002 felem_square(tmp, ftmp);
1003 felem_reduce(ftmp, tmp); /* 2^5 - 2^1 */
1004 felem_square(tmp, ftmp);
1005 felem_reduce(ftmp, tmp); /* 2^6 - 2^2 */
1006 felem_square(tmp, ftmp);
1007 felem_reduce(ftmp, tmp); /* 2^7 - 2^3 */
1008 felem_square(tmp, ftmp);
1009 felem_reduce(ftmp, tmp); /* 2^8 - 2^4 */
1010 felem_mul(tmp, ftmp, e4);
1011 felem_reduce(ftmp, tmp); /* 2^8 - 2^0 */
1014 felem_square(tmp, ftmp);
1015 felem_reduce(ftmp, tmp);
1017 felem_mul(tmp, ftmp, e8);
1018 felem_reduce(ftmp, tmp); /* 2^16 - 2^0 */
1021 felem_square(tmp, ftmp);
1022 felem_reduce(ftmp, tmp);
1024 felem_mul(tmp, ftmp, e16);
1025 felem_reduce(ftmp, tmp); /* 2^32 - 2^0 */
1028 felem_square(tmp, ftmp);
1029 felem_reduce(ftmp, tmp);
1032 felem_mul(tmp, ftmp, in);
1033 felem_reduce(ftmp, tmp); /* 2^64 - 2^32 + 2^0 */
1035 felem_square(tmp, ftmp);
1036 felem_reduce(ftmp, tmp);
1039 felem_mul(tmp, e64, e32);
1040 felem_reduce(ftmp2, tmp); /* 2^64 - 2^0 */
1042 felem_square(tmp, ftmp2);
1043 felem_reduce(ftmp2, tmp);
1045 felem_mul(tmp, ftmp2, e16);
1046 felem_reduce(ftmp2, tmp); /* 2^80 - 2^0 */
1048 felem_square(tmp, ftmp2);
1049 felem_reduce(ftmp2, tmp);
1051 felem_mul(tmp, ftmp2, e8);
1052 felem_reduce(ftmp2, tmp); /* 2^88 - 2^0 */
1054 felem_square(tmp, ftmp2);
1055 felem_reduce(ftmp2, tmp);
1057 felem_mul(tmp, ftmp2, e4);
1058 felem_reduce(ftmp2, tmp); /* 2^92 - 2^0 */
1059 felem_square(tmp, ftmp2);
1060 felem_reduce(ftmp2, tmp); /* 2^93 - 2^1 */
1061 felem_square(tmp, ftmp2);
1062 felem_reduce(ftmp2, tmp); /* 2^94 - 2^2 */
1063 felem_mul(tmp, ftmp2, e2);
1064 felem_reduce(ftmp2, tmp); /* 2^94 - 2^0 */
1065 felem_square(tmp, ftmp2);
1066 felem_reduce(ftmp2, tmp); /* 2^95 - 2^1 */
1067 felem_square(tmp, ftmp2);
1068 felem_reduce(ftmp2, tmp); /* 2^96 - 2^2 */
1069 felem_mul(tmp, ftmp2, in);
1070 felem_reduce(ftmp2, tmp); /* 2^96 - 3 */
1072 felem_mul(tmp, ftmp2, ftmp);
1073 felem_reduce(out, tmp); /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
1078 felem tmp;
1080 smallfelem_expand(tmp, in);
1081 felem_inv(tmp, tmp);
1082 felem_contract(out, tmp);
1107 longfelem tmp, tmp2;
1117 felem_square(tmp, z_in);
1118 felem_reduce(delta, tmp);
1122 felem_square(tmp, y_in);
1123 felem_reduce(gamma, tmp);
1128 felem_small_mul(tmp, small1, x_in);
1129 felem_reduce(beta, tmp);
1139 felem_mul(tmp, ftmp, ftmp2);
1140 felem_reduce(alpha, tmp);
1145 smallfelem_square(tmp, small2);
1146 felem_reduce(x_out, tmp);
1159 felem_square(tmp, ftmp);
1160 felem_reduce(z_out, tmp);
1169 felem_small_mul(tmp, small2, beta);
1170 /* tmp[i] < 7 * 2^64 < 2^67 */
1175 longfelem_diff(tmp, tmp2);
1176 /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
1177 felem_reduce_zero105(y_out, tmp);
1208 const limb tmp = mask & (in[i] ^ out[i]);
1209 out[i] ^= tmp;
1241 longfelem tmp, tmp2;
1252 smallfelem_square(tmp, small3);
1253 felem_reduce(ftmp, tmp);
1259 smallfelem_square(tmp, z2);
1260 felem_reduce(ftmp2, tmp);
1267 smallfelem_mul(tmp, small5, small2);
1268 felem_reduce(ftmp3, tmp);
1277 felem_square(tmp, ftmp5);
1278 felem_reduce(ftmp5, tmp);
1286 smallfelem_mul(tmp, small2, z2);
1287 felem_reduce(ftmp2, tmp);
1290 felem_mul(tmp, y1, ftmp2);
1291 felem_reduce(ftmp6, tmp);
1313 smallfelem_mul(tmp, x2, small1);
1314 felem_reduce(ftmp4, tmp);
1324 felem_small_mul(tmp, small4, ftmp5);
1325 felem_reduce(z_out, tmp);
1329 smallfelem_mul(tmp, small1, small3);
1330 felem_reduce(ftmp, tmp);
1332 /* s2 = tmp = y2 * z1**3 */
1333 felem_small_mul(tmp, y2, ftmp);
1334 felem_reduce(ftmp5, tmp);
1372 felem_square(tmp, ftmp);
1373 felem_reduce(ftmp, tmp);
1376 felem_mul(tmp, ftmp4, ftmp);
1377 felem_reduce(ftmp2, tmp);
1380 felem_mul(tmp, ftmp3, ftmp);
1381 felem_reduce(ftmp4, tmp);
1384 smallfelem_square(tmp, small1);
1385 felem_reduce(x_out, tmp);
1396 felem_small_mul(tmp, small1, ftmp3);
1400 longfelem_diff(tmp, tmp2);
1401 /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
1402 felem_reduce_zero105(y_out, tmp);
1681 smallfelem tmp[3];
1708 select_point(bits, 16, g_pre_comp[1], tmp);
1713 nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
1715 smallfelem_expand(nq[0], tmp[0]);
1716 smallfelem_expand(nq[1], tmp[1]);
1717 smallfelem_expand(nq[2], tmp[2]);
1727 select_point(bits, 16, g_pre_comp[0], tmp);
1730 nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
1748 select_point(digit, 17, pre_comp[num], tmp);
1749 smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
1751 copy_small_conditional(ftmp, tmp[1], (((limb) sign) - 1));
1752 felem_contract(tmp[1], ftmp);
1757 mixed, tmp[0], tmp[1], tmp[2]);
1759 smallfelem_expand(nq[0], tmp[0]);
1760 smallfelem_expand(nq[1], tmp[1]);
1761 smallfelem_expand(nq[2], tmp[2]);
1955 longfelem tmp;
1965 felem_square(tmp, z2);
1966 felem_reduce(z1, tmp);
1967 felem_mul(tmp, x_in, z1);
1968 felem_reduce(x_in, tmp);
1976 felem_mul(tmp, z1, z2);
1977 felem_reduce(z1, tmp);
1978 felem_mul(tmp, y_in, z1);
1979 felem_reduce(y_in, tmp);