diff options
author | Niels Möller <nisse@lysator.liu.se> | 2021-12-01 22:20:10 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2021-12-01 22:20:10 +0100 |
commit | 0ea74c0238e3f8be2293a1d32aac2292381ef81f (patch) | |
tree | 10b2c04e1f72bc96f3df3b76a645c65a993dccb5 /x86_64 | |
parent | d2e4e5311a84f2ca6144378aaa8d3b8a6d76dd5e (diff) | |
download | nettle-0ea74c0238e3f8be2293a1d32aac2292381ef81f.tar.gz |
Comment improvements for x86_64 ecc_secp256r1_redc
Diffstat (limited to 'x86_64')
-rw-r--r-- | x86_64/ecc-secp256r1-redc.asm | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/x86_64/ecc-secp256r1-redc.asm b/x86_64/ecc-secp256r1-redc.asm index a03059ae..91f55225 100644 --- a/x86_64/ecc-secp256r1-redc.asm +++ b/x86_64/ecc-secp256r1-redc.asm @@ -47,7 +47,7 @@ define(`F1', `%r13') define(`F2', `%rbx') define(`F3', `%rbp') -C FOLD(x), sets (F3,F2,F1,F0) <-- (x << 224) - (x << 128) - (x<<32) +C FOLD(x), sets (F3,F2,F1,F0) <-- (x << 160) - (x << 128) - (x<<32) define(`FOLD', ` mov $1, F2 mov $1, F3 @@ -104,8 +104,10 @@ PROLOGUE(_nettle_ecc_secp256r1_redc) adc U6, U2 adc 56(XP), U3 - C If carry, we need to add in - C 2^256 - p = <0xfffffffe, 0xff..ff, 0xffffffff00000000, 1> + C Sum, including carry, is < 2^{256} + p. + C If carry, we need to add in 2^{256} mod p = 2^{256} - p + C = <0xfffffffe, 0xff..ff, 0xffffffff00000000, 1> + C and this addition can not overflow. sbb F2, F2 mov F2, F0 mov F2, F1 |