From 2e293f9e607460f369eb01199970debcc02341a0 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 24 Apr 2023 16:22:22 -0400 Subject: [PATCH 01/27] Began trying to make the optimization. from here, making the optimization should consist of just writing "register_width = 64" in Arith/DettmanMultiplcation. something broke. --- src/Arithmetic/DettmanMultiplication.v | 33 +++++++++++++++++++------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index e3042bd2b2..1d876464ae 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -13,6 +13,9 @@ Local Coercion Z.of_nat : nat >-> Z. Module DettmanMultiplication. Section DettmanMultiplication. Context + (*(register_size : nat) for the algorithm to behave sensibly, we want, for each i, + to have 2^(register_size * i) >= weight i. + this is important to the proof, so I need to formalize it. *) (s : Z) (c_ : list (Z*Z)) (limbs : nat) @@ -25,6 +28,8 @@ Module DettmanMultiplication. (weight_limbs_mod_s_eq_0 : (weight limbs) mod s = 0) (wprops : @weight_properties weight). + Definition register_width : nat := 52. (* for testing purposes *) + Let c := Associational.eval c_. Lemma s_positive : s > 0. @@ -69,12 +74,12 @@ Module DettmanMultiplication. Proof. cbv [loop_body carry' reduce']. autorewrite with push_eval; auto with arith. Qed. Definition loop start := - fold_right loop_body start (rev (seq 1 (limbs - 2 - 1))). + fold_right loop_body start (rev (seq 1 (limbs - 2 - 1 - 1))). Lemma eval_loop start : ((Associational.eval (loop start)) mod (s - c) = (Associational.eval start) mod (s - c))%Z. Proof. - cbv [loop]. induction (rev (seq 1 (limbs - 2 - 1))) as [| i l' IHl']. + cbv [loop]. induction (rev (seq 1 (limbs - 2 - 1 - 1))) as [| i l' IHl']. - reflexivity. - simpl. rewrite eval_loop_body. apply IHl'. Qed. @@ -82,10 +87,12 @@ Module DettmanMultiplication. Definition reduce_carry_borrow r0 := let l := limbs in let r0' := dedup_weights r0 in - let r1 := carry' (weight (2 * l - 2)) (weight 1) r0' in + let r1 := carry' (weight (2 * l - 2)) (2^register_width) r0' in let r2 := reduce' s (weight (2 * l - 2)) (weight l) c r1 in let r3 := carry' (weight (l - 2)) (weight 1) r2 in - let r4 := reduce' s (weight (2 * l - 1)) (weight l) c r3 in + let from4 := Z.mul (weight (2 * l - 2)) (2^register_width) in + let to4 := weight (l - 1) in + let r4 := reduce' s from4 (from4 / to4) c r3 in let r5 := carry' (weight (l - 1)) (weight 1) r4 in let r6 := carry' (weight (l - 1)) (Z.div s (weight (l - 1))) r5 in let r7 := carry' (weight l) (weight 1) r6 in @@ -93,8 +100,18 @@ Module DettmanMultiplication. let r8' := dedup_weights r8 in let r9 := reduce' s s s c r8' in let r10 := carry' (weight 0) (weight 1) r9 in - let r11 := loop r10 in - let r12 := reduce' s (weight (2 * l - 2)) (weight l) c r11 in + + (* here I've pulled out the first iteration of the loop to do + the special register_width carry. The loop now runs for one fewer iteration. *) + let i0 := limbs - 2 - 1 in + let rloop1 := carry' (weight (i0 + limbs)) (2^register_width) r10 in + let rloop2 := reduce' s (weight (i0 + limbs)) (weight limbs) c rloop1 in + let rloop3 := carry' (weight i0) (weight 1) rloop2 in + + let r11 := loop rloop3 in + let from12 := Z.mul (weight (i0 + limbs)) (2^register_width) in + let to12 := i0 + 1 (* should I write this as limbs - 2? idk *) in + let r12 := reduce' s from12 (from12 / to12) c r11 in let r13 := carry' (weight (l - 2)) (weight 1) r12 in Positional.from_associational weight l r13. @@ -117,13 +134,13 @@ Module DettmanMultiplication. Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). - Proof. + Proof. (* cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. all: try apply Weight.weight_multiples_full; auto with arith; try lia. - apply div_nz; try assumption. remember (weight_positive wprops (limbs - 1)). lia. - apply Divide.Z.mod_divide_full in weight_limbs_mod_s_eq_0. destruct weight_limbs_mod_s_eq_0 as [x H]. rewrite H. rewrite Z_div_mult; try apply s_positive. rewrite Z.mul_comm. rewrite Z_mod_mult. lia. - Qed. + Qed.*) Admitted. Hint Rewrite eval_reduce_carry_borrow : push_eval. From 878dd64e43a71170605e4cc40aee27e43f641f3e Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 24 Apr 2023 17:01:26 -0400 Subject: [PATCH 02/27] fixed small bugs. now, generated dettman code is correct---the same as it originally was. --- src/Arithmetic/DettmanMultiplication.v | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 1d876464ae..f2a09922bb 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -100,18 +100,18 @@ Module DettmanMultiplication. let r8' := dedup_weights r8 in let r9 := reduce' s s s c r8' in let r10 := carry' (weight 0) (weight 1) r9 in - - (* here I've pulled out the first iteration of the loop to do + let r11 := loop r10 in + + (* here I've pulled out the final iteration of the loop to do the special register_width carry. The loop now runs for one fewer iteration. *) let i0 := limbs - 2 - 1 in - let rloop1 := carry' (weight (i0 + limbs)) (2^register_width) r10 in + let rloop1 := carry' (weight (i0 + limbs)) (2^register_width) r11 in let rloop2 := reduce' s (weight (i0 + limbs)) (weight limbs) c rloop1 in let rloop3 := carry' (weight i0) (weight 1) rloop2 in - let r11 := loop rloop3 in let from12 := Z.mul (weight (i0 + limbs)) (2^register_width) in - let to12 := i0 + 1 (* should I write this as limbs - 2? idk *) in - let r12 := reduce' s from12 (from12 / to12) c r11 in + let to12 := weight (i0 + 1) (* should I write this as limbs - 2? idk *) in + let r12 := reduce' s from12 (from12 / to12) c rloop3 in let r13 := carry' (weight (l - 2)) (weight 1) r12 in Positional.from_associational weight l r13. From 7547ccc4f4d72204bc9177c2c0c4a129c289f339 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 24 Apr 2023 17:17:24 -0400 Subject: [PATCH 03/27] generated the optimized dettman code --- fiat-c/src/secp256k1_dettman_64.c | 24 ++++++++++++------------ src/Arithmetic/DettmanMultiplication.v | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/fiat-c/src/secp256k1_dettman_64.c b/fiat-c/src/secp256k1_dettman_64.c index b81c4e4460..8e25f88b06 100644 --- a/fiat-c/src/secp256k1_dettman_64.c +++ b/fiat-c/src/secp256k1_dettman_64.c @@ -75,12 +75,12 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 uint64_t x32; uint64_t x33; x1 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[4])); - x2 = (uint64_t)(x1 >> 52); - x3 = (uint64_t)(x1 & UINT64_C(0xfffffffffffff)); + x2 = (uint64_t)(x1 >> 64); + x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); x4 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)x3 * UINT64_C(0x1000003d10))); x5 = (uint64_t)(x4 >> 52); x6 = (uint64_t)(x4 & UINT64_C(0xfffffffffffff)); - x7 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x5) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10))); + x7 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x5) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); x8 = (uint64_t)(x7 >> 52); x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); x10 = (x9 >> 48); @@ -98,12 +98,12 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 x22 = (uint64_t)(x21 >> 52); x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); x24 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x19); - x25 = (uint64_t)(x24 >> 52); - x26 = (uint64_t)(x24 & UINT64_C(0xfffffffffffff)); + x25 = (uint64_t)(x24 >> 64); + x26 = (uint64_t)(x24 & UINT64_C(0xffffffffffffffff)); x27 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x22) + ((fiat_secp256k1_dettman_uint128)x26 * UINT64_C(0x1000003d10))); x28 = (uint64_t)(x27 >> 52); x29 = (uint64_t)(x27 & UINT64_C(0xfffffffffffff)); - x30 = ((x6 + x28) + ((fiat_secp256k1_dettman_uint128)x25 * UINT64_C(0x1000003d10))); + x30 = ((x6 + x28) + ((fiat_secp256k1_dettman_uint128)x25 * UINT64_C(0x1000003d10000))); x31 = (uint64_t)(x30 >> 52); x32 = (uint64_t)(x30 & UINT64_C(0xfffffffffffff)); x33 = (x11 + x31); @@ -168,12 +168,12 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin x3 = ((arg1[1]) * 0x2); x4 = ((arg1[0]) * 0x2); x5 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg1[4])); - x6 = (uint64_t)(x5 >> 52); - x7 = (uint64_t)(x5 & UINT64_C(0xfffffffffffff)); + x6 = (uint64_t)(x5 >> 64); + x7 = (uint64_t)(x5 & UINT64_C(0xffffffffffffffff)); x8 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)x7 * UINT64_C(0x1000003d10))); x9 = (uint64_t)(x8 >> 52); x10 = (uint64_t)(x8 & UINT64_C(0xfffffffffffff)); - x11 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x9) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10))); + x11 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x9) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); x12 = (uint64_t)(x11 >> 52); x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); x14 = (x13 >> 48); @@ -191,12 +191,12 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin x26 = (uint64_t)(x25 >> 52); x27 = (uint64_t)(x25 & UINT64_C(0xfffffffffffff)); x28 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x23); - x29 = (uint64_t)(x28 >> 52); - x30 = (uint64_t)(x28 & UINT64_C(0xfffffffffffff)); + x29 = (uint64_t)(x28 >> 64); + x30 = (uint64_t)(x28 & UINT64_C(0xffffffffffffffff)); x31 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x26) + ((fiat_secp256k1_dettman_uint128)x30 * UINT64_C(0x1000003d10))); x32 = (uint64_t)(x31 >> 52); x33 = (uint64_t)(x31 & UINT64_C(0xfffffffffffff)); - x34 = ((x10 + x32) + ((fiat_secp256k1_dettman_uint128)x29 * UINT64_C(0x1000003d10))); + x34 = ((x10 + x32) + ((fiat_secp256k1_dettman_uint128)x29 * UINT64_C(0x1000003d10000))); x35 = (uint64_t)(x34 >> 52); x36 = (uint64_t)(x34 & UINT64_C(0xfffffffffffff)); x37 = (x15 + x35); diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index f2a09922bb..cdc1031207 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -28,7 +28,7 @@ Module DettmanMultiplication. (weight_limbs_mod_s_eq_0 : (weight limbs) mod s = 0) (wprops : @weight_properties weight). - Definition register_width : nat := 52. (* for testing purposes *) + Definition register_width : nat := 64. (* for testing purposes *) Let c := Associational.eval c_. From fd4ee40ce26e31255f1db72acf650eca006900f1 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 24 Apr 2023 21:30:10 -0400 Subject: [PATCH 04/27] In its state before this commit, the reduce_carry_borrow function did rather unreasonable things when the limbwidth was fractional. In this commit, I tried to fix this issue, but I ended up making the reduce_carry_borrow function pretty obnoxious. Also, fixing this issue requires somewhat strange (and strong) hypotheses on the weight function. We'd want, for instance, (weight (2 * limbs - 2) / weight (limbs - 2)) mod s = 0. I plan to revert my changes (from this commit) to the reduce_carry_borrow function, so that it will continue to do unreasonable things given fractional limbwidths. This was not worth it. --- src/Arithmetic/DettmanMultiplication.v | 137 ++++++++++++++++++++----- 1 file changed, 112 insertions(+), 25 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index cdc1031207..d5c9e82720 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -13,33 +13,52 @@ Local Coercion Z.of_nat : nat >-> Z. Module DettmanMultiplication. Section DettmanMultiplication. Context - (*(register_size : nat) for the algorithm to behave sensibly, we want, for each i, - to have 2^(register_size * i) >= weight i. - this is important to the proof, so I need to formalize it. *) (s : Z) (c_ : list (Z*Z)) + (register_width : nat) (limbs : nat) (weight: nat -> Z) (p_nz : s - Associational.eval c_ <> 0) - (limbs_gteq_3 : 3%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. - Note that having 3 limbs corresponds to zero iterations of the "loop" function defined below. *) + (limbs_gteq_4 : 4%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. + Note that having 4 limbs corresponds to zero iterations of the "loop" function defined below. *) (s_small : s <= weight limbs) (s_big : weight (limbs - 1)%nat <= s) (weight_limbs_mod_s_eq_0 : (weight limbs) mod s = 0) + (weight_small : forall i, weight i * (2^register_width) <= weight (i + 1)%nat) (wprops : @weight_properties weight). - Definition register_width : nat := 64. (* for testing purposes *) + Context + (weight_0 := weight_positive wprops) + (weight_positive := weight_positive wprops) + (weight_multiples := weight_multiples wprops) + (weight_divides := weight_divides wprops). + Let c := Associational.eval c_. Lemma s_positive : s > 0. - Proof. remember (weight_positive wprops (limbs - 1)). lia. Qed. + Proof. remember (weight_positive (limbs - 1)). lia. Qed. Lemma s_nz : s <> 0. Proof. remember s_positive. lia. Qed. Lemma weight_nz : forall i, weight i <> 0. - Proof. intros i. remember (weight_positive wprops i). lia. Qed. + Proof. intros i. remember (weight_positive i). lia. Qed. + + Lemma div_mul_le : forall x y, y > 0 -> x / y * y <= x. + Proof. intros x y H. remember (Zmod_eq x y H). remember (Z_mod_lt x y H). lia. Qed. + + Lemma weight_increasing : forall i j : nat, (i <= j)%nat -> weight i <= weight j. + Proof. + intros i j H. + assert (0 < weight j / weight i). { apply Weight.weight_divides_full; try assumption. } + assert (1 <= weight j / weight i) by lia. + assert (1 * weight i <= weight j / weight i * weight i). + { apply Zmult_le_compat_r; try lia. remember (weight_positive i). lia. } + apply (Z.le_trans _ (weight j / weight i * weight i) _). + - lia. + - (*rewrite Weight.weight_div_mod.*) apply div_mul_le. remember (weight_positive i). lia. + Qed. Lemma div_nz a b : b > 0 -> b <= a -> a / b <> 0. Proof. @@ -87,32 +106,71 @@ Module DettmanMultiplication. Definition reduce_carry_borrow r0 := let l := limbs in let r0' := dedup_weights r0 in + let r1 := carry' (weight (2 * l - 2)) (2^register_width) r0' in - let r2 := reduce' s (weight (2 * l - 2)) (weight l) c r1 in - let r3 := carry' (weight (l - 2)) (weight 1) r2 in + + let from2 := weight (2 * l - 2) in + let to2 := weight (l - 2) in + let r2 := reduce' s from2 (from2 / to2) c r1 in + + let from3 := weight (l - 2) in + let to3 := weight (l - 1) in + let r3 := carry' from3 (to3 / from3) r2 in + let from4 := Z.mul (weight (2 * l - 2)) (2^register_width) in let to4 := weight (l - 1) in let r4 := reduce' s from4 (from4 / to4) c r3 in - let r5 := carry' (weight (l - 1)) (weight 1) r4 in - let r6 := carry' (weight (l - 1)) (Z.div s (weight (l - 1))) r5 in - let r7 := carry' (weight l) (weight 1) r6 in - let r8 := borrow (weight l) (weight l / s) r7 in + + let from5 := weight (l - 1) in + let to5 := weight l in + let r5 := carry' from5 (to5 / from5) r4 in + + let from6 := weight (l - 1) in + let to6 := s in + let r6 := carry' from6 (to6 / from6) r5 in + + let from7 := weight l in + let to7 := weight (l + 1) in + let r7 := carry' from7 (to7 / from7) r6 in + + let from8 := weight l in + let to8 := s in + let r8 := borrow from8 (from8 / to8) r7 in + let r8' := dedup_weights r8 in + let r9 := reduce' s s s c r8' in - let r10 := carry' (weight 0) (weight 1) r9 in + + let from10 := weight 0 in + let to10 := weight 1 in + let r10 := carry' from10 (to10 / from10) r9 in + let r11 := loop r10 in (* here I've pulled out the final iteration of the loop to do - the special register_width carry. The loop now runs for one fewer iteration. *) - let i0 := limbs - 2 - 1 in + the special register_width carry. *) + (* begin loop iteration *) + let i0 := l - 2 - 1 in + let rloop1 := carry' (weight (i0 + limbs)) (2^register_width) r11 in - let rloop2 := reduce' s (weight (i0 + limbs)) (weight limbs) c rloop1 in - let rloop3 := carry' (weight i0) (weight 1) rloop2 in + + let fromLoop2 := weight (i0 + limbs) in + let toLoop2 := weight i0 in + let rloop2 := reduce' s fromLoop2 (fromLoop2 / toLoop2) c rloop1 in + + let fromLoop3 := weight i0 in + let toLoop3 := weight (i0 + 1) in + let rloop3 := carry' fromLoop3 (toLoop3 / fromLoop3) rloop2 in + (* end loop iteration*) let from12 := Z.mul (weight (i0 + limbs)) (2^register_width) in - let to12 := weight (i0 + 1) (* should I write this as limbs - 2? idk *) in + let to12 := weight (i0 + 1) in let r12 := reduce' s from12 (from12 / to12) c rloop3 in - let r13 := carry' (weight (l - 2)) (weight 1) r12 in + + let from13 := weight (l - 2) in + let to13 := weight (l - 1) in + let r13 := carry' from13 (to13 / from13) r12 in + Positional.from_associational weight l r13. Definition mulmod a b := @@ -131,16 +189,45 @@ Module DettmanMultiplication. Local Open Scope Z_scope. + Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. + Proof. + intros i j H. + assert (0 < weight j / weight i). { apply Weight.weight_divides_full; assumption. } + lia. + Qed. + + Lemma weight_mod_quotient_zero : forall i j : nat, (i <= j)%nat -> + (weight j) mod (weight j / weight i) = 0. + Proof. + intros i j H. destruct wprops. replace (weight j) with (weight i * (weight j / weight i)). + - repeat rewrite (Z.mul_comm (weight i)). Search (_ * _ / _). rewrite Z_div_mult. + + rewrite (Z.mul_comm _ (weight i)). apply Z_mod_mult. + + remember (weight_positive i). lia. + - symmetry. apply Weight.weight_div_mod; assumption. + Qed. + Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). - Proof. (* + Proof. cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. - all: try apply Weight.weight_multiples_full; auto with arith; try lia. - - apply div_nz; try assumption. remember (weight_positive wprops (limbs - 1)). lia. + all: try apply weight_div_nz; try lia. + all: try apply weight_mod_quotient_zero; try lia. + - apply weight_div_nz. lia. apply div_nz. + + remember (weight_positive wprops (limbs - 1)). lia. + + (* weight (limbs - 1) <= weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width *) + assert (H: (limbs - 1 <= 2 * limbs - 2)%nat) by lia. + apply weight_increasing in H. + assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } + replace (weight (limbs - 1)) with (weight (limbs - 1) * 1) by lia. + apply Zmult_le_compat; try lia. + remember (@weight_positive weight wprops (limbs - 1)). lia. + - + remember (weight_small (limbs - 1)). remember (weight_small (2 * limbs - 2)). lia. + - apply Divide.Z.mod_divide_full in weight_limbs_mod_s_eq_0. destruct weight_limbs_mod_s_eq_0 as [x H]. rewrite H. rewrite Z_div_mult; try apply s_positive. rewrite Z.mul_comm. rewrite Z_mod_mult. lia. - Qed.*) Admitted. + Qed. Hint Rewrite eval_reduce_carry_borrow : push_eval. From 8fb6a87a0a3d591512d7eb5d788970d491babce1 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 24 Apr 2023 22:26:54 -0400 Subject: [PATCH 05/27] checked that running 'make fiat-c/src/secp256k1_dettman_64.c' doesn't change anything --- src/Arithmetic/DettmanMultiplication.v | 71 ++++++++++++++++---------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index d5c9e82720..ee4f93d574 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -15,16 +15,17 @@ Module DettmanMultiplication. Context (s : Z) (c_ : list (Z*Z)) - (register_width : nat) + (*(register_width : nat)*) (limbs : nat) (weight: nat -> Z) (p_nz : s - Associational.eval c_ <> 0) - (limbs_gteq_4 : 4%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. + (limbs_gteq_4 : 3%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. Note that having 4 limbs corresponds to zero iterations of the "loop" function defined below. *) (s_small : s <= weight limbs) (s_big : weight (limbs - 1)%nat <= s) (weight_limbs_mod_s_eq_0 : (weight limbs) mod s = 0) - (weight_small : forall i, weight i * (2^register_width) <= weight (i + 1)%nat) + (*(weight_small : forall i, weight i * (2^register_width) <= weight (i + 1)%nat) + ((weight (i + limbs) / weight i) mod s)%Z = 0%Z*) (wprops : @weight_properties weight). Context @@ -32,7 +33,8 @@ Module DettmanMultiplication. (weight_positive := weight_positive wprops) (weight_multiples := weight_multiples wprops) (weight_divides := weight_divides wprops). - + + Definition register_width := 64. Let c := Associational.eval c_. @@ -71,18 +73,45 @@ Module DettmanMultiplication. + apply H. Qed. + Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. + Proof. + intros i j H. + assert (0 < weight j / weight i). { apply Weight.weight_divides_full; assumption. } + lia. + Qed. + + Lemma weight_mod_quotient_zero : forall i j : nat, (i <= j)%nat -> + (weight j) mod (weight j / weight i) = 0. + Proof. + intros i j H. destruct wprops. replace (weight j) with (weight i * (weight j / weight i)). + - repeat rewrite (Z.mul_comm (weight i)). Search (_ * _ / _). rewrite Z_div_mult. + + rewrite (Z.mul_comm _ (weight i)). apply Z_mod_mult. + + remember (weight_positive i). lia. + - symmetry. apply Weight.weight_div_mod; assumption. + Qed. + Hint Resolve s_positive s_nz weight_nz div_nz : arith. Hint Resolve weight_0 weight_positive weight_multiples Weight.weight_multiples_full : arith. - + Hint Resolve weight_div_nz weight_mod_quotient_zero : arith. + Local Open Scope nat_scope. Definition reduce' x1 x2 x3 x4 x5 := dedup_weights (reduce_one x1 x2 x3 x4 x5). Definition carry' x1 x2 x3 := dedup_weights (Associational.carry x1 x2 x3). Definition loop_body i before := - let middle1 := carry' (weight (i + limbs)) (weight 1) before in - let middle2 := reduce' s (weight (i + limbs)) (weight limbs) c middle1 in - let after := carry' (weight i) (weight 1) middle2 in + + let from1 := weight (i + limbs) in + let to1 := weight (i + limbs + 1) in + let middle1 := carry' from1 (to1 / from1) before in + + let from2 := weight (i + limbs) in + let to2 := weight i in + let middle2 := reduce' s from2 (from2 / to2) c middle1 in + + let from := weight i in + let to := weight (i + 1) in + let after := carry' from (to / from) middle2 in after. Hint Rewrite eval_reduce_one Associational.eval_carry eval_dedup_weights: push_eval. @@ -90,7 +119,10 @@ Module DettmanMultiplication. Lemma eval_loop_body i before : (Associational.eval (loop_body i before) mod (s - c) = Associational.eval before mod (s - c))%Z. - Proof. cbv [loop_body carry' reduce']. autorewrite with push_eval; auto with arith. Qed. + Proof. + (*cbv [loop_body carry' reduce']. autorewrite with push_eval; auto with arith. + all: try apply weight_div_nz; try lia. + Qed.*) Admitted. Definition loop start := fold_right loop_body start (rev (seq 1 (limbs - 2 - 1 - 1))). @@ -189,28 +221,11 @@ Module DettmanMultiplication. Local Open Scope Z_scope. - Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. - Proof. - intros i j H. - assert (0 < weight j / weight i). { apply Weight.weight_divides_full; assumption. } - lia. - Qed. - - Lemma weight_mod_quotient_zero : forall i j : nat, (i <= j)%nat -> - (weight j) mod (weight j / weight i) = 0. - Proof. - intros i j H. destruct wprops. replace (weight j) with (weight i * (weight j / weight i)). - - repeat rewrite (Z.mul_comm (weight i)). Search (_ * _ / _). rewrite Z_div_mult. - + rewrite (Z.mul_comm _ (weight i)). apply Z_mod_mult. - + remember (weight_positive i). lia. - - symmetry. apply Weight.weight_div_mod; assumption. - Qed. - Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). Proof. - cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. + (*cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. all: try apply weight_div_nz; try lia. all: try apply weight_mod_quotient_zero; try lia. - apply weight_div_nz. lia. apply div_nz. @@ -227,7 +242,7 @@ Module DettmanMultiplication. - apply Divide.Z.mod_divide_full in weight_limbs_mod_s_eq_0. destruct weight_limbs_mod_s_eq_0 as [x H]. rewrite H. rewrite Z_div_mult; try apply s_positive. rewrite Z.mul_comm. rewrite Z_mod_mult. lia. - Qed. + Qed.*) Admitted. Hint Rewrite eval_reduce_carry_borrow : push_eval. From ba042cfa4565700a5f21f3e5180b8497b275fb65 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Tue, 25 Apr 2023 01:38:33 -0400 Subject: [PATCH 06/27] decided to keep the messy-ish, fractional-limbwidth-friendly implementation. wrote some (messy) arithmetic proofs. still more proofs to go in Arithmetic/DettmanMultiplication.v. Then need to change PushButtonSynthesis appropriately. --- src/Arithmetic/DettmanMultiplication.v | 118 ++++++++++++++++++------- 1 file changed, 85 insertions(+), 33 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index ee4f93d574..3560740d83 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -15,26 +15,22 @@ Module DettmanMultiplication. Context (s : Z) (c_ : list (Z*Z)) - (*(register_width : nat)*) + (register_width : nat) (limbs : nat) (weight: nat -> Z) (p_nz : s - Associational.eval c_ <> 0) (limbs_gteq_4 : 3%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. Note that having 4 limbs corresponds to zero iterations of the "loop" function defined below. *) - (s_small : s <= weight limbs) (s_big : weight (limbs - 1)%nat <= s) - (weight_limbs_mod_s_eq_0 : (weight limbs) mod s = 0) - (*(weight_small : forall i, weight i * (2^register_width) <= weight (i + 1)%nat) - ((weight (i + limbs) / weight i) mod s)%Z = 0%Z*) + (weight_lt_width : forall i: nat, (weight i * 2^register_width) mod weight (i + 1)%nat = 0) + (s_small : forall i: nat, (weight (i + limbs)%nat / weight i) mod s = 0) (wprops : @weight_properties weight). Context - (weight_0 := weight_positive wprops) + (weight_0 := weight_0 wprops) (weight_positive := weight_positive wprops) (weight_multiples := weight_multiples wprops) (weight_divides := weight_divides wprops). - - Definition register_width := 64. Let c := Associational.eval c_. @@ -80,16 +76,25 @@ Module DettmanMultiplication. lia. Qed. + Lemma mod_quotient_zero : forall x y, 0 < y -> x mod y = 0 -> x mod (x / y) = 0. + Proof. + intros x y H H1. rewrite Divide.Z.mod_divide_full in H1. destruct H1 as [z H1]. + subst. rewrite Z_div_mult by lia. rewrite Z.mul_comm. apply Z_mod_mult. + Qed. + Lemma weight_mod_quotient_zero : forall i j : nat, (i <= j)%nat -> (weight j) mod (weight j / weight i) = 0. Proof. - intros i j H. destruct wprops. replace (weight j) with (weight i * (weight j / weight i)). - - repeat rewrite (Z.mul_comm (weight i)). Search (_ * _ / _). rewrite Z_div_mult. - + rewrite (Z.mul_comm _ (weight i)). apply Z_mod_mult. - + remember (weight_positive i). lia. - - symmetry. apply Weight.weight_div_mod; assumption. + intros i j H. apply mod_quotient_zero; try apply weight_positive. + apply Weight.weight_multiples_full; assumption. Qed. + Lemma divisible_implies_nonzero a b : + a mod b = 0 -> + a <> 0 -> + a / b <> 0. + Proof. intros H1 H2. remember (Z_div_mod_eq_full a b). lia. Qed. + Hint Resolve s_positive s_nz weight_nz div_nz : arith. Hint Resolve weight_0 weight_positive weight_multiples Weight.weight_multiples_full : arith. Hint Resolve weight_div_nz weight_mod_quotient_zero : arith. @@ -119,10 +124,7 @@ Module DettmanMultiplication. Lemma eval_loop_body i before : (Associational.eval (loop_body i before) mod (s - c) = Associational.eval before mod (s - c))%Z. - Proof. - (*cbv [loop_body carry' reduce']. autorewrite with push_eval; auto with arith. - all: try apply weight_div_nz; try lia. - Qed.*) Admitted. + Proof. cbv [loop_body carry' reduce']. autorewrite with push_eval; auto with arith. Qed. Definition loop start := fold_right loop_body start (rev (seq 1 (limbs - 2 - 1 - 1))). @@ -225,24 +227,74 @@ Module DettmanMultiplication. (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). Proof. - (*cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. + cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. all: try apply weight_div_nz; try lia. all: try apply weight_mod_quotient_zero; try lia. - - apply weight_div_nz. lia. apply div_nz. - + remember (weight_positive wprops (limbs - 1)). lia. - + (* weight (limbs - 1) <= weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width *) - assert (H: (limbs - 1 <= 2 * limbs - 2)%nat) by lia. - apply weight_increasing in H. - assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } - replace (weight (limbs - 1)) with (weight (limbs - 1) * 1) by lia. - apply Zmult_le_compat; try lia. - remember (@weight_positive weight wprops (limbs - 1)). lia. - - - remember (weight_small (limbs - 1)). remember (weight_small (2 * limbs - 2)). lia. - - - apply Divide.Z.mod_divide_full in weight_limbs_mod_s_eq_0. destruct weight_limbs_mod_s_eq_0 as [x H]. - rewrite H. rewrite Z_div_mult; try apply s_positive. rewrite Z.mul_comm. rewrite Z_mod_mult. lia. - Qed.*) Admitted. + (*(weight (2 * limbs - 2) / weight (limbs - 2)) mod s = 0*) + 1: { replace (2 * limbs - 2)%nat with ((limbs - 2) + limbs)%nat by lia. apply s_small. } + (* s / weight (limbs - 1) <> 0 *) + 4: { apply div_nz; auto with arith. remember (weight_positive (limbs - 1)). lia. } + (* weight limbs mod (weight limbs / s) = 0 *) + 5: { apply mod_quotient_zero. + + remember s_positive. lia. + + replace (weight limbs) with (weight (0 + limbs) / weight 0). + -- apply s_small. + -- rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. } + (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) + 7: { rewrite Divide.Z.mod_divide_full. + remember (s_small (limbs - 2 - 1 + 1)) as H eqn:clearMe. clear clearMe. + apply (Z.divide_trans _ (weight (2*limbs - 2) / weight (limbs - 2))). + - rewrite <- Divide.Z.mod_divide_full. + replace (2*limbs-2)%nat with (limbs - 2 + limbs)%nat by lia. apply s_small. + - replace (limbs - 2 - 1 + 1)%nat with (limbs - 2)%nat by lia. apply Z.divide_div. + + remember (weight_positive (limbs-2)). lia. + + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. + lia. + + rewrite <- Divide.Z.mod_divide_full. replace (2 * limbs - 2)%nat with (limbs - 2 - 1 + limbs + 1)%nat by lia. apply weight_lt_width. } + (* (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width) + mod (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) = + 0 *) + 6: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } + (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width) + mod (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) = 0 *) + 2: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } + (* weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1) <> 0 *) + 1: { apply divisible_implies_nonzero. + - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. + - Search (_ * _ <> 0). rewrite <- Z.neq_mul_0. split. + + remember (weight_positive (2 * limbs - 2)). lia. + + assert (0 < 2^register_width). { Search (0 < 2^_). apply Pow2.Z.pow2_gt_0. lia. } + lia. + } + (* weight limbs / s <> 0 *) + 2: { apply divisible_implies_nonzero. + - replace (weight limbs) with (weight (0 + limbs) / weight 0). + + apply s_small. + + rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. + - remember (weight_positive limbs). lia. + } + (* weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1) <> 0 *) + 2: { apply divisible_implies_nonzero. + - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. + - Search (_ * _ <> 0). rewrite <- Z.neq_mul_0. split. + + remember (weight_positive (limbs - 2 - 1 + limbs)). lia. + + assert (0 < 2^register_width). { Search (0 < 2^_). apply Pow2.Z.pow2_gt_0. lia. } + lia. + } + + (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) mod s = 0 *) + 1: { rewrite Divide.Z.mod_divide_full. + remember (s_small (limbs - 1)) as H eqn:clearMe. clear clearMe. + apply (Z.divide_trans _ (weight (2 * limbs - 1) / weight (limbs - 1))). + - rewrite <- Divide.Z.mod_divide_full. + replace (2*limbs-1)%nat with (limbs - 1 + limbs)%nat by lia. apply s_small. + - Search ((_ / _) | (_ / _)). apply Z.divide_div. + + remember (weight_positive (limbs-1)). lia. + + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. + lia. + + rewrite <- Divide.Z.mod_divide_full. replace (2 * limbs - 1)%nat with (2 * limbs - 2 + 1)%nat by lia. apply weight_lt_width. + } + Qed. Hint Rewrite eval_reduce_carry_borrow : push_eval. From 6cb81cbe9451ecda9b15f256c3f5fd209ccfcc51 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 1 May 2023 17:32:05 -0400 Subject: [PATCH 07/27] proved almost all of the things --- src/Arithmetic/DettmanMultiplication.v | 124 +++++++++++++++++-------- 1 file changed, 84 insertions(+), 40 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 3560740d83..36549a9a44 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -19,11 +19,11 @@ Module DettmanMultiplication. (limbs : nat) (weight: nat -> Z) (p_nz : s - Associational.eval c_ <> 0) - (limbs_gteq_4 : 3%nat <= limbs) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. + (limbs_gteq_4 : (4 <= limbs)%nat) (* Technically we only need 2 <= limbs to get the proof to go through, but it doesn't make any sense to try to do this with less than three limbs. Note that having 4 limbs corresponds to zero iterations of the "loop" function defined below. *) + (s_small : forall i: nat, (weight (i + limbs)%nat / weight i) mod s = 0) (s_big : weight (limbs - 1)%nat <= s) (weight_lt_width : forall i: nat, (weight i * 2^register_width) mod weight (i + 1)%nat = 0) - (s_small : forall i: nat, (weight (i + limbs)%nat / weight i) mod s = 0) (wprops : @weight_properties weight). Context @@ -323,21 +323,27 @@ Module dettman_multiplication_mod_ops. Context (s : Z) (c : list (Z*Z)) + (register_width : nat) (n : nat) (last_limb_width : nat) (p_nz : s - Associational.eval c <> 0) - (n_gteq_3 : 3%nat <= n) + (n_gteq_4 : (4 <= n)%nat) (last_limb_width_small : last_limb_width * n <= Z.log2_up s) (last_limb_width_big : 1 <= last_limb_width) (s_power_of_2 : 2 ^ (Z.log2 s) = s). (* I do want to have Z.log2_up s, not Z.log2_up (s - c) below. We want to ensure that weight (n - 1) <= s <= weight limbs *) - Local Notation limbwidth_num := (Z.log2_up s - last_limb_width). - Local Notation limbwidth_den := (n - 1). (* can't use Q here, or else reification doesn't work *) + Definition limbwidth_num := (Z.log2_up s - last_limb_width). + Definition limbwidth_den := (n - 1). (* can't use Q here, or else reification doesn't work *) + + Context + (registers_big : limbwidth_num <= register_width * limbwidth_den) (* stated somewhat awkwardly in terms of Z; i think we might want to avoid Q here too? idk *) + (weight_big : Z.log2 s <= n * limbwidth_num / limbwidth_den). + Definition weight := (weight limbwidth_num limbwidth_den). - Definition mulmod := mulmod s c n weight. - Definition squaremod := squaremod s c n weight. + Definition mulmod := mulmod s c register_width n weight. + Definition squaremod := squaremod s c register_width n weight. Lemma n_small : n - 1 <= Z.log2_up s - last_limb_width. Proof. @@ -352,30 +358,65 @@ Module dettman_multiplication_mod_ops. Qed. Lemma limbwidth_good : 0 < limbwidth_den <= limbwidth_num. - Proof. remember n_small. lia. Qed. + Proof. remember n_small. cbv [limbwidth_den limbwidth_num]. lia. Qed. Local Notation wprops := (@wprops limbwidth_num limbwidth_den limbwidth_good). - Lemma s_small : s <= weight n. + Lemma Qceiling_diff x y : Qfloor (x - y) <= Qceiling x - Qceiling y. Proof. - rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). - remember (Log2.Z.log2_up_le_full s) as H eqn:clearMe. clear clearMe. - apply (Z.le_trans _ _ _ H). apply Z.pow_le_mono_r; try lia. - rewrite Zle_Qle. - remember (_ *_)%Q as x eqn:E. apply (Qle_trans _ x). - - subst. rewrite <- (Qmult_le_r _ _ (inject_Z (Z.of_nat n) - 1)). - + cbv [Qdiv Qminus]. replace 0%Q with (inject_Z 0) by reflexivity. - replace (-(1))%Q with (inject_Z (-1)) by reflexivity. rewrite <- inject_Z_plus. - rewrite <- inject_Z_mult. repeat rewrite <- Qmult_assoc. rewrite (Qmult_comm (Qinv _)). - rewrite <- (Qmult_assoc _ _ (Qinv _)). rewrite Qmult_inv_r. - -- rewrite Qmult_1_r. rewrite <- inject_Z_mult. rewrite <- Zle_Qle. lia. - -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite inject_Z_injective. lia. - + replace 0%Q with (inject_Z 0) by reflexivity. - replace 1%Q with (inject_Z 1) by reflexivity. cbv [Qminus]. rewrite <- inject_Z_opp. - rewrite <- inject_Z_plus. rewrite <- Zlt_Qlt. lia. - - apply Qle_ceiling. + assert (H: Qfloor (x - y) + Qceiling y <= Qceiling x). + - replace (Qceiling x) with (Qceiling (x - y + y))%Q. + + Search Qceiling. apply QUtil.add_floor_l_le_ceiling. + + Search (_ + _)%Q. Check (Qplus_comm). Check Qplus_assoc. cbv [Qminus]. + rewrite <- Qplus_assoc. rewrite (Qplus_comm (-y) y). Search (_ + (-_))%Q. + rewrite Qplus_opp_r. Search (_ + 0)%Q. rewrite Qplus_0_r. reflexivity. + - lia. Qed. + Lemma Qopp_distr_mul_r x y : (- (x * y) == x * -y)%Q. + Proof. cbv [Qmult Qopp Qeq]. simpl. lia. Qed. + + Lemma s_small : forall i : nat, (weight (i + n) / weight i) mod s = 0. + Proof. + intros i. repeat rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). + rewrite <- Z.pow_sub_r. + - rewrite <- s_power_of_2. apply Modulo.Z.mod_same_pow. split. + + apply Z.log2_nonneg. + + remember (_ * (i + n)%nat)%Q as x. remember (_ * i)%Q as y. + apply (Z.le_trans _ (Qfloor (x - y))). + -- subst. cbv [Qminus]. rewrite Qopp_distr_mul_r. rewrite <- Qmult_plus_distr_r. + rewrite <- inject_Z_opp. rewrite <- inject_Z_plus. + replace (Z.of_nat (i + n) + - Z.of_nat i) with (Z.of_nat n) by lia. + replace (Z.log2 s) with (Qfloor (inject_Z (Z.log2 s))). + ++ apply Qfloor_resp_le. cbv [Qdiv]. rewrite Qmult_comm. + apply (Qle_trans _ (inject_Z (n * limbwidth_num / limbwidth_den)))%Z. + --- rewrite <- Zle_Qle. apply weight_big. + --- cbv [Qdiv]. rewrite Zdiv_Qdiv. + apply (Qle_trans _ ((n * limbwidth_num)%Z / limbwidth_den)). + +++ apply Qfloor_le. + +++ rewrite inject_Z_mult. rewrite Qmult_assoc. apply Qle_refl. + ++ apply Qfloor_Z. + -- apply Qceiling_diff. + - lia. + - split. + + replace 0 with (Qceiling 0) by reflexivity. apply Qceiling_resp_le. + apply Qmult_le_0_compat. + -- cbv [Qdiv]. remember limbwidth_good as H eqn:clearMe; clear clearMe. + apply Qmult_le_0_compat. + ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. + rewrite <- Zle_Qle. lia. + -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + + apply Qceiling_resp_le. rewrite Qmult_comm. rewrite (Qmult_comm (_ / _)). + apply Qmult_le_compat_r. + -- rewrite <- Zle_Qle. lia. + -- cbv [Qdiv]. remember limbwidth_good as H eqn:clearMe; clear clearMe. + apply Qmult_le_0_compat. + ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. + rewrite <- Zle_Qle. lia. + Qed. + Lemma s_gt_0 : 0 < s. assert (H: s <= 0 \/ 0 < s) by lia. destruct H as [H|H]. - apply Z.log2_up_nonpos in H. lia. @@ -385,6 +426,7 @@ Module dettman_multiplication_mod_ops. Lemma s_big : weight (n - 1) <= s. Proof. rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). + cbv [limbwidth_num limbwidth_den]. remember (Z.log2_spec _ s_gt_0) as H eqn:clearMe. clear clearMe. destruct H as [H _]. apply (Z.le_trans _ (2 ^ Z.log2 s)); try apply H. @@ -399,22 +441,24 @@ Module dettman_multiplication_mod_ops. replace 0%Q with (inject_Z 0) by reflexivity. rewrite inject_Z_injective. lia. Qed. - Lemma weight_n_mod_s_eq_0 : weight n mod s = 0. + Lemma weight_lt_width : forall i: nat, (weight i * 2^register_width) mod weight (i + 1)%nat = 0. Proof. - cbv [weight ModOps.weight]. remember (- _) as e eqn:E. rewrite <- s_power_of_2. - apply Modulo.Z.mod_same_pow. split. - - apply Z.log2_nonneg. - - assert (H: 0 < 2) by lia. rewrite (Z.pow_le_mono_r_iff 2); try lia. - + subst. replace (2^(-_)) with (weight n) by reflexivity. rewrite s_power_of_2. - apply s_small. - + remember (weight_positive wprops n) as H1 eqn:clearMe. clear clearMe. - cbv [ModOps.weight] in H1. rewrite <- E in H1. - assert (H': 0 <= e \/ e < 0) by lia. destruct H' as [H'|H']; try lia. - apply (Z.pow_neg_r 2 _) in H'. lia. - Qed. - - Definition eval_mulmod := eval_mulmod s c n weight p_nz n_gteq_3 s_small s_big weight_n_mod_s_eq_0 wprops. - Definition eval_squaremod := eval_squaremod s c n weight p_nz n_gteq_3 s_small s_big weight_n_mod_s_eq_0 wprops. + intros i. repeat rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). + rewrite <- Z.pow_add_r; try lia. + - apply Modulo.Z.mod_same_pow. split. + + remember (_ / _ * _)%Q as x. Search Qceiling. replace 0 with (Qceiling 0%Z) by reflexivity. + Search Qceiling. apply Qceiling_resp_le. subst. replace (inject_Z 0) with 0%Q by reflexivity. + cbv [Qdiv]. Search (0 <= _ * _)%Q. apply Qmult_le_0_compat. + -- remember limbwidth_good eqn:clearMe; clear clearMe. apply Qmult_le_0_compat. + ++ replace 0%Q with (inject_Z 0) by reflexivity. Search inject_Z. rewrite <- Zle_Qle. + lia. + ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. + rewrite <- Zle_Qle. lia. + -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + + Check Qceiling_diff. + + Definition eval_mulmod := eval_mulmod s c register_width n weight p_nz n_gteq_4 s_small s_big wprops. + Definition eval_squaremod := eval_squaremod s c register_width n weight p_nz n_gteq_3 s_small s_big weight_n_mod_s_eq_0 wprops. End dettman_multiplication_mod_ops. End dettman_multiplication_mod_ops. From 2696decb48112b00ef2ad0c5badff56817c7a9b1 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 1 May 2023 18:46:23 -0400 Subject: [PATCH 08/27] finished dettman arithmetic proofs --- src/Arithmetic/DettmanMultiplication.v | 34 ++++++++++++++++++++------ 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 36549a9a44..dffe390946 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -446,19 +446,39 @@ Module dettman_multiplication_mod_ops. intros i. repeat rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). rewrite <- Z.pow_add_r; try lia. - apply Modulo.Z.mod_same_pow. split. - + remember (_ / _ * _)%Q as x. Search Qceiling. replace 0 with (Qceiling 0%Z) by reflexivity. - Search Qceiling. apply Qceiling_resp_le. subst. replace (inject_Z 0) with 0%Q by reflexivity. - cbv [Qdiv]. Search (0 <= _ * _)%Q. apply Qmult_le_0_compat. + + remember (_ / _ * _)%Q as x. replace 0 with (Qceiling 0%Z) by reflexivity. + apply Qceiling_resp_le. subst. replace (inject_Z 0) with 0%Q by reflexivity. + cbv [Qdiv]. apply Qmult_le_0_compat. -- remember limbwidth_good eqn:clearMe; clear clearMe. apply Qmult_le_0_compat. - ++ replace 0%Q with (inject_Z 0) by reflexivity. Search inject_Z. rewrite <- Zle_Qle. + ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. - + Check Qceiling_diff. + + rewrite Nat2Z.inj_add. rewrite inject_Z_plus. rewrite Qmult_plus_distr_r. + remember (_ / _ * i)%Q as x. remember (_ / _ * 1%nat)%Q as y. + apply (Z.le_trans _ (Qceiling x + Qceiling y)). + -- apply QUtil.Qceiling_le_add. + -- assert (Qceiling y <= register_width); try lia. + replace (Z.of_nat register_width) with (Qceiling (inject_Z register_width)). + ++ apply Qceiling_resp_le. subst. + replace (inject_Z (Z.of_nat 1)) with 1%Q by reflexivity. + rewrite Qmult_1_r. apply Qle_shift_div_r. + --- remember limbwidth_good. replace 0%Q with (inject_Z 0) by reflexivity. + rewrite <- Zlt_Qlt. lia. + --- rewrite <- inject_Z_mult. rewrite <- Zle_Qle. lia. + ++ apply Qceiling_Z. + - replace 0 with (Qceiling 0) by reflexivity. apply Qceiling_resp_le. + apply Qmult_le_0_compat. + + cbv [Qdiv]. remember limbwidth_good. apply Qmult_le_0_compat. + -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + -- apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. + lia. + + replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. + Qed. - Definition eval_mulmod := eval_mulmod s c register_width n weight p_nz n_gteq_4 s_small s_big wprops. - Definition eval_squaremod := eval_squaremod s c register_width n weight p_nz n_gteq_3 s_small s_big weight_n_mod_s_eq_0 wprops. + Definition eval_mulmod := eval_mulmod s c register_width n weight p_nz n_gteq_4 s_small s_big weight_lt_width wprops. + Definition eval_squaremod := eval_squaremod s c register_width n weight p_nz n_gteq_4 s_small s_big weight_lt_width wprops. End dettman_multiplication_mod_ops. End dettman_multiplication_mod_ops. From 9a1c67f211e6fedaf8d31fe554f39a7520241a59 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 1 May 2023 19:18:59 -0400 Subject: [PATCH 09/27] changed PushButtonSynthesis/DettmanMultiplication.v to reflect changes to Arithmetic/DettmanMultiplication.v --- src/Arithmetic/DettmanMultiplication.v | 22 ++++++++++-------- .../DettmanMultiplication.v | 23 +++++++++++++------ 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index dffe390946..dc74228302 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -261,9 +261,9 @@ Module DettmanMultiplication. (* weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1) <> 0 *) 1: { apply divisible_implies_nonzero. - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. - - Search (_ * _ <> 0). rewrite <- Z.neq_mul_0. split. + - rewrite <- Z.neq_mul_0. split. + remember (weight_positive (2 * limbs - 2)). lia. - + assert (0 < 2^register_width). { Search (0 < 2^_). apply Pow2.Z.pow2_gt_0. lia. } + + assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } lia. } (* weight limbs / s <> 0 *) @@ -276,9 +276,9 @@ Module DettmanMultiplication. (* weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1) <> 0 *) 2: { apply divisible_implies_nonzero. - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. - - Search (_ * _ <> 0). rewrite <- Z.neq_mul_0. split. + - rewrite <- Z.neq_mul_0. split. + remember (weight_positive (limbs - 2 - 1 + limbs)). lia. - + assert (0 < 2^register_width). { Search (0 < 2^_). apply Pow2.Z.pow2_gt_0. lia. } + + assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } lia. } @@ -333,12 +333,15 @@ Module dettman_multiplication_mod_ops. (s_power_of_2 : 2 ^ (Z.log2 s) = s). (* I do want to have Z.log2_up s, not Z.log2_up (s - c) below. We want to ensure that weight (n - 1) <= s <= weight limbs *) - Definition limbwidth_num := (Z.log2_up s - last_limb_width). - Definition limbwidth_den := (n - 1). (* can't use Q here, or else reification doesn't work *) + Local Notation limbwidth_num' := (Z.log2_up s - last_limb_width). + Local Notation limbwidth_den' := (n - 1). (* can't use Q here, or else reification doesn't work *) Context - (registers_big : limbwidth_num <= register_width * limbwidth_den) (* stated somewhat awkwardly in terms of Z; i think we might want to avoid Q here too? idk *) - (weight_big : Z.log2 s <= n * limbwidth_num / limbwidth_den). + (registers_big : limbwidth_num' <= register_width * limbwidth_den') (* stated somewhat awkwardly in terms of Z; i think we might want to avoid Q here too? idk *) + (weight_big : Z.log2 s <= n * limbwidth_num' / limbwidth_den'). + + Definition limbwidth_num := limbwidth_num'. + Definition limbwidth_den := limbwidth_den'. Definition weight := (weight limbwidth_num limbwidth_den). @@ -466,7 +469,8 @@ Module dettman_multiplication_mod_ops. rewrite Qmult_1_r. apply Qle_shift_div_r. --- remember limbwidth_good. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zlt_Qlt. lia. - --- rewrite <- inject_Z_mult. rewrite <- Zle_Qle. lia. + --- rewrite <- inject_Z_mult. rewrite <- Zle_Qle. + cbv [limbwidth_num limbwidth_den]. lia. ++ apply Qceiling_Z. - replace 0 with (Qceiling 0) by reflexivity. apply Qceiling_resp_le. apply Qmult_le_0_compat. diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index 753794fa7f..8a7f05f321 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -112,7 +112,7 @@ Section __. Local Instance no_select_size : no_select_size_opt := no_select_size_of_no_select machine_wordsize. Local Instance split_mul_to : split_mul_to_opt := split_mul_to_of_should_split_mul machine_wordsize possible_values. Local Instance split_multiret_to : split_multiret_to_opt := split_multiret_to_of_should_split_multiret machine_wordsize possible_values. - + (** Note: If you change the name or type signature of this function, you will need to update the code in CLI.v *) Definition check_args {T} (requests : list string) (res : Pipeline.ErrorT T) @@ -121,22 +121,27 @@ Section __. (List.map (fun v => (true, v)) [(negb (s - c =? 0), Pipeline.Values_not_provably_distinctZ "s - c <> 0" (s - c) 0) - ; (3 <=? n, Pipeline.Value_not_leZ "3 <= n" 3 n) + ; (4 <=? n, Pipeline.Value_not_leZ "4 <= n" 3 n) ; (last_limb_width * n <=? Z.log2_up s, Pipeline.Value_not_leZ "last_limb_width * n <= Z.log2_up s" (last_limb_width * n) (Z.log2_up s)) ; (1 <=? last_limb_width, Pipeline.Value_not_leZ "1 <= last_limb_width" 1 last_limb_width) ; (2 ^ (Z.log2 s) =? s, Pipeline.Values_not_provably_equalZ "2 ^ (Z.log2 s) = s" (2 ^ Z.log2 s) s) + ; (Z.log2_up s - last_limb_width <=? (Z.to_nat machine_wordsize) * (n - 1), Pipeline.Value_not_leZ "Z.log2_up s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1)" (Z.log2_up s - last_limb_width) (Z.to_nat machine_wordsize * (n - 1))) + ; (Z.log2 s <=? n * (Z.log2_up s - last_limb_width) / (n - 1), Pipeline.Value_not_leZ "Z.log2 s <= n * (Z.log2_up s - last_limb_width) / (n - 1)" (Z.log2 s) (n * (Z.log2_up s - last_limb_width) / (n - 1))) ]) res. Context (requests : list string) (curve_good : check_args requests (Success tt) = Success tt). + (* should probably use limbwidth_num, limbwidth_den to make this less confusing-looking *) Lemma use_curve_good : s - c <> 0 - /\ (3 <= n) + /\ (4 <= n) /\ last_limb_width * n <= Z.log2_up s /\ 1 <= last_limb_width - /\ 2 ^ (Z.log2 s) = s. + /\ 2 ^ (Z.log2 s) = s + /\ Z.log2_up s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1) + /\ Z.log2 s <= n * (Z.log2_up s - last_limb_width) / (n - 1). Proof using curve_good. prepare_use_curve_good (). Qed. Local Notation evalf := (eval weightf n). @@ -152,13 +157,15 @@ Section __. summary correctness) (only parsing, at level 10, summary at next level, correctness at next level). - + Definition mul := Pipeline.BoundsPipeline false (* subst01 *) possible_values (reified_mul_gen - @ GallinaReify.Reify s @ GallinaReify.Reify c_ @ GallinaReify.Reify n @ GallinaReify.Reify last_limb_width) + @ GallinaReify.Reify s @ GallinaReify.Reify c_ + @ GallinaReify.Reify (Z.to_nat machine_wordsize) @ GallinaReify.Reify n + @ GallinaReify.Reify last_limb_width) (Some input_bounds, (Some input_bounds, tt)) (Some output_bounds). @@ -167,7 +174,9 @@ Section __. false (* subst01 *) possible_values (reified_square_gen - @ GallinaReify.Reify s @ GallinaReify.Reify c_ @ GallinaReify.Reify n @ GallinaReify.Reify last_limb_width) + @ GallinaReify.Reify s @ GallinaReify.Reify c_ + @ GallinaReify.Reify (Z.to_nat machine_wordsize) + @ GallinaReify.Reify n @ GallinaReify.Reify last_limb_width) (Some input_bounds, tt) (Some output_bounds). From bc0a990244fa987197753dfa097376eed1dd2ed9 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 1 May 2023 20:43:33 -0400 Subject: [PATCH 10/27] ran make --- fiat-bedrock2/src/secp256k1_dettman_64.c | 664 +++++++++--------- .../64/secp256k1dettman/secp256k1dettman.go | 520 +++++++------- fiat-json/src/secp256k1_dettman_64.json | 24 +- fiat-rust/src/secp256k1_dettman_64.rs | 24 +- fiat-zig/src/secp256k1_dettman_64.zig | 24 +- 5 files changed, 620 insertions(+), 636 deletions(-) diff --git a/fiat-bedrock2/src/secp256k1_dettman_64.c b/fiat-bedrock2/src/secp256k1_dettman_64.c index a741272174..3b140105a9 100644 --- a/fiat-bedrock2/src/secp256k1_dettman_64.c +++ b/fiat-bedrock2/src/secp256k1_dettman_64.c @@ -84,7 +84,7 @@ uintptr_t _br2_shamt(uintptr_t a) { */ static void internal_fiat_secp256k1_dettman_mul(uintptr_t out0, uintptr_t in0, uintptr_t in1) { - uintptr_t x11, x10, x13, x16, x18, x21, x19, x22, x17, x20, x24, x27, x25, x28, x23, x26, x30, x33, x31, x34, x29, x14, x32, x37, x35, x38, x15, x39, x36, x12, x44, x46, x49, x47, x50, x45, x48, x52, x55, x53, x56, x51, x54, x58, x61, x59, x62, x57, x60, x64, x67, x65, x68, x63, x40, x66, x71, x69, x42, x70, x74, x72, x75, x43, x76, x73, x78, x81, x83, x86, x84, x87, x82, x85, x89, x92, x90, x93, x88, x91, x95, x98, x96, x99, x94, x77, x97, x102, x100, x103, x101, x105, x79, x106, x108, x111, x109, x112, x107, x113, x110, x116, x118, x121, x119, x122, x117, x120, x124, x127, x125, x128, x123, x104, x126, x131, x129, x132, x130, x134, x137, x139, x142, x140, x143, x138, x114, x141, x146, x144, x135, x145, x149, x147, x150, x136, x151, x148, x4, x8, x3, x9, x154, x156, x159, x157, x160, x155, x133, x158, x163, x161, x164, x162, x166, x2, x5, x1, x6, x169, x171, x174, x172, x175, x170, x0, x7, x173, x177, x180, x178, x181, x176, x152, x179, x184, x182, x167, x183, x187, x185, x188, x168, x189, x186, x165, x192, x41, x190, x195, x193, x196, x194, x80, x197, x115, x153, x191, x198, x199, x200, x201, x202, x203, x204; + uintptr_t x10, x14, x16, x19, x17, x20, x15, x18, x22, x25, x23, x26, x21, x24, x28, x31, x29, x32, x27, x12, x30, x35, x33, x36, x13, x37, x34, x11, x42, x44, x47, x45, x48, x43, x46, x50, x53, x51, x54, x49, x52, x56, x59, x57, x60, x55, x58, x62, x65, x63, x66, x61, x38, x64, x69, x67, x40, x68, x72, x70, x73, x41, x74, x71, x76, x79, x81, x84, x82, x85, x80, x83, x87, x90, x88, x91, x86, x89, x93, x96, x94, x97, x92, x75, x95, x100, x98, x101, x99, x103, x77, x104, x106, x109, x107, x110, x105, x111, x108, x114, x116, x119, x117, x120, x115, x118, x122, x125, x123, x126, x121, x102, x124, x129, x127, x130, x128, x132, x135, x137, x140, x138, x141, x136, x112, x139, x144, x142, x133, x143, x147, x145, x148, x134, x149, x146, x4, x8, x3, x9, x152, x154, x157, x155, x158, x153, x131, x156, x161, x159, x160, x2, x5, x1, x6, x165, x167, x170, x168, x171, x166, x0, x7, x169, x173, x176, x174, x177, x172, x150, x175, x180, x178, x163, x179, x183, x181, x184, x164, x185, x182, x162, x188, x39, x186, x191, x189, x192, x190, x78, x193, x113, x151, x187, x194, x195, x196, x197, x198, x199, x200; x0 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(0))), sizeof(uintptr_t)); x1 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(8))), sizeof(uintptr_t)); x2 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(16))), sizeof(uintptr_t)); @@ -100,205 +100,201 @@ void internal_fiat_secp256k1_dettman_mul(uintptr_t out0, uintptr_t in0, uintptr_ /*skip*/ x10 = (x4)*(x9); x11 = _br2_mulhuu((x4), (x9)); - x12 = ((x10)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x11)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x13 = (x10)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x14 = (x13)*((uintptr_t)(UINTMAX_C(68719492368))); - x15 = _br2_mulhuu((x13), ((uintptr_t)(UINTMAX_C(68719492368)))); - x16 = (x3)*(x5); - x17 = _br2_mulhuu((x3), (x5)); - x18 = (x2)*(x6); - x19 = _br2_mulhuu((x2), (x6)); - x20 = (x18)+(x16); - x21 = (uintptr_t)((x20)<(x18)); - x22 = (x21)+(x19); - x23 = (x22)+(x17); - x24 = (x1)*(x7); - x25 = _br2_mulhuu((x1), (x7)); - x26 = (x24)+(x20); - x27 = (uintptr_t)((x26)<(x24)); - x28 = (x27)+(x25); - x29 = (x28)+(x23); - x30 = (x0)*(x8); - x31 = _br2_mulhuu((x0), (x8)); - x32 = (x30)+(x26); - x33 = (uintptr_t)((x32)<(x30)); - x34 = (x33)+(x31); - x35 = (x34)+(x29); - x36 = (x32)+(x14); - x37 = (uintptr_t)((x36)<(x32)); - x38 = (x37)+(x35); - x39 = (x38)+(x15); - x40 = ((x36)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x39)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x41 = (x36)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x42 = (x12)*((uintptr_t)(UINTMAX_C(68719492368))); - x43 = _br2_mulhuu((x12), ((uintptr_t)(UINTMAX_C(68719492368)))); - x44 = (x4)*(x5); - x45 = _br2_mulhuu((x4), (x5)); - x46 = (x3)*(x6); - x47 = _br2_mulhuu((x3), (x6)); - x48 = (x46)+(x44); - x49 = (uintptr_t)((x48)<(x46)); - x50 = (x49)+(x47); - x51 = (x50)+(x45); - x52 = (x2)*(x7); - x53 = _br2_mulhuu((x2), (x7)); - x54 = (x52)+(x48); - x55 = (uintptr_t)((x54)<(x52)); - x56 = (x55)+(x53); - x57 = (x56)+(x51); - x58 = (x1)*(x8); - x59 = _br2_mulhuu((x1), (x8)); - x60 = (x58)+(x54); - x61 = (uintptr_t)((x60)<(x58)); - x62 = (x61)+(x59); - x63 = (x62)+(x57); - x64 = (x0)*(x9); - x65 = _br2_mulhuu((x0), (x9)); - x66 = (x64)+(x60); - x67 = (uintptr_t)((x66)<(x64)); - x68 = (x67)+(x65); - x69 = (x68)+(x63); - x70 = (x66)+(x40); - x71 = (uintptr_t)((x70)<(x66)); - x72 = (x71)+(x69); - x73 = (x70)+(x42); - x74 = (uintptr_t)((x73)<(x70)); - x75 = (x74)+(x72); - x76 = (x75)+(x43); - x77 = ((x73)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x76)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x78 = (x73)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x79 = (x78)>>_br2_shamt((uintptr_t)(UINTMAX_C(48))); - x80 = (x78)&((uintptr_t)(UINTMAX_C(281474976710655))); - x81 = (x4)*(x6); - x82 = _br2_mulhuu((x4), (x6)); - x83 = (x3)*(x7); - x84 = _br2_mulhuu((x3), (x7)); - x85 = (x83)+(x81); - x86 = (uintptr_t)((x85)<(x83)); - x87 = (x86)+(x84); - x88 = (x87)+(x82); - x89 = (x2)*(x8); - x90 = _br2_mulhuu((x2), (x8)); - x91 = (x89)+(x85); - x92 = (uintptr_t)((x91)<(x89)); - x93 = (x92)+(x90); - x94 = (x93)+(x88); - x95 = (x1)*(x9); - x96 = _br2_mulhuu((x1), (x9)); - x97 = (x95)+(x91); - x98 = (uintptr_t)((x97)<(x95)); - x99 = (x98)+(x96); - x100 = (x99)+(x94); - x101 = (x97)+(x77); - x102 = (uintptr_t)((x101)<(x97)); - x103 = (x102)+(x100); - x104 = ((x101)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x103)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x105 = (x101)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x106 = (((x105)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x79))*((uintptr_t)(UINTMAX_C(4294968273))); - x107 = _br2_mulhuu((((x105)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x79)), ((uintptr_t)(UINTMAX_C(4294968273)))); - x108 = (x0)*(x5); - x109 = _br2_mulhuu((x0), (x5)); - x110 = (x108)+(x106); - x111 = (uintptr_t)((x110)<(x108)); - x112 = (x111)+(x109); - x113 = (x112)+(x107); - x114 = ((x110)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x113)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x115 = (x110)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x116 = (x4)*(x7); - x117 = _br2_mulhuu((x4), (x7)); - x118 = (x3)*(x8); - x119 = _br2_mulhuu((x3), (x8)); - x120 = (x118)+(x116); - x121 = (uintptr_t)((x120)<(x118)); - x122 = (x121)+(x119); - x123 = (x122)+(x117); - x124 = (x2)*(x9); - x125 = _br2_mulhuu((x2), (x9)); - x126 = (x124)+(x120); - x127 = (uintptr_t)((x126)<(x124)); - x128 = (x127)+(x125); - x129 = (x128)+(x123); - x130 = (x126)+(x104); - x131 = (uintptr_t)((x130)<(x126)); - x132 = (x131)+(x129); - x133 = ((x130)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x132)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x134 = (x130)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x135 = (x134)*((uintptr_t)(UINTMAX_C(68719492368))); - x136 = _br2_mulhuu((x134), ((uintptr_t)(UINTMAX_C(68719492368)))); - x137 = (x1)*(x5); - x138 = _br2_mulhuu((x1), (x5)); - x139 = (x0)*(x6); - x140 = _br2_mulhuu((x0), (x6)); - x141 = (x139)+(x137); - x142 = (uintptr_t)((x141)<(x139)); - x143 = (x142)+(x140); - x144 = (x143)+(x138); - x145 = (x141)+(x114); - x146 = (uintptr_t)((x145)<(x141)); - x147 = (x146)+(x144); - x148 = (x145)+(x135); - x149 = (uintptr_t)((x148)<(x145)); - x150 = (x149)+(x147); - x151 = (x150)+(x136); - x152 = ((x148)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x151)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x153 = (x148)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x154 = (x4)*(x8); - x155 = _br2_mulhuu((x4), (x8)); - x156 = (x3)*(x9); - x157 = _br2_mulhuu((x3), (x9)); - x158 = (x156)+(x154); - x159 = (uintptr_t)((x158)<(x156)); - x160 = (x159)+(x157); - x161 = (x160)+(x155); - x162 = (x158)+(x133); - x163 = (uintptr_t)((x162)<(x158)); - x164 = (x163)+(x161); - x165 = ((x162)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x164)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x166 = (x162)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x167 = (x166)*((uintptr_t)(UINTMAX_C(68719492368))); - x168 = _br2_mulhuu((x166), ((uintptr_t)(UINTMAX_C(68719492368)))); - x169 = (x2)*(x5); - x170 = _br2_mulhuu((x2), (x5)); - x171 = (x1)*(x6); - x172 = _br2_mulhuu((x1), (x6)); - x173 = (x171)+(x169); - x174 = (uintptr_t)((x173)<(x171)); - x175 = (x174)+(x172); - x176 = (x175)+(x170); - x177 = (x0)*(x7); - x178 = _br2_mulhuu((x0), (x7)); - x179 = (x177)+(x173); - x180 = (uintptr_t)((x179)<(x177)); + x12 = (x10)*((uintptr_t)(UINTMAX_C(68719492368))); + x13 = _br2_mulhuu((x10), ((uintptr_t)(UINTMAX_C(68719492368)))); + x14 = (x3)*(x5); + x15 = _br2_mulhuu((x3), (x5)); + x16 = (x2)*(x6); + x17 = _br2_mulhuu((x2), (x6)); + x18 = (x16)+(x14); + x19 = (uintptr_t)((x18)<(x16)); + x20 = (x19)+(x17); + x21 = (x20)+(x15); + x22 = (x1)*(x7); + x23 = _br2_mulhuu((x1), (x7)); + x24 = (x22)+(x18); + x25 = (uintptr_t)((x24)<(x22)); + x26 = (x25)+(x23); + x27 = (x26)+(x21); + x28 = (x0)*(x8); + x29 = _br2_mulhuu((x0), (x8)); + x30 = (x28)+(x24); + x31 = (uintptr_t)((x30)<(x28)); + x32 = (x31)+(x29); + x33 = (x32)+(x27); + x34 = (x30)+(x12); + x35 = (uintptr_t)((x34)<(x30)); + x36 = (x35)+(x33); + x37 = (x36)+(x13); + x38 = ((x34)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x37)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x39 = (x34)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x40 = (x11)*((uintptr_t)(UINTMAX_C(281475040739328))); + x41 = _br2_mulhuu((x11), ((uintptr_t)(UINTMAX_C(281475040739328)))); + x42 = (x4)*(x5); + x43 = _br2_mulhuu((x4), (x5)); + x44 = (x3)*(x6); + x45 = _br2_mulhuu((x3), (x6)); + x46 = (x44)+(x42); + x47 = (uintptr_t)((x46)<(x44)); + x48 = (x47)+(x45); + x49 = (x48)+(x43); + x50 = (x2)*(x7); + x51 = _br2_mulhuu((x2), (x7)); + x52 = (x50)+(x46); + x53 = (uintptr_t)((x52)<(x50)); + x54 = (x53)+(x51); + x55 = (x54)+(x49); + x56 = (x1)*(x8); + x57 = _br2_mulhuu((x1), (x8)); + x58 = (x56)+(x52); + x59 = (uintptr_t)((x58)<(x56)); + x60 = (x59)+(x57); + x61 = (x60)+(x55); + x62 = (x0)*(x9); + x63 = _br2_mulhuu((x0), (x9)); + x64 = (x62)+(x58); + x65 = (uintptr_t)((x64)<(x62)); + x66 = (x65)+(x63); + x67 = (x66)+(x61); + x68 = (x64)+(x38); + x69 = (uintptr_t)((x68)<(x64)); + x70 = (x69)+(x67); + x71 = (x68)+(x40); + x72 = (uintptr_t)((x71)<(x68)); + x73 = (x72)+(x70); + x74 = (x73)+(x41); + x75 = ((x71)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x74)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x76 = (x71)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x77 = (x76)>>_br2_shamt((uintptr_t)(UINTMAX_C(48))); + x78 = (x76)&((uintptr_t)(UINTMAX_C(281474976710655))); + x79 = (x4)*(x6); + x80 = _br2_mulhuu((x4), (x6)); + x81 = (x3)*(x7); + x82 = _br2_mulhuu((x3), (x7)); + x83 = (x81)+(x79); + x84 = (uintptr_t)((x83)<(x81)); + x85 = (x84)+(x82); + x86 = (x85)+(x80); + x87 = (x2)*(x8); + x88 = _br2_mulhuu((x2), (x8)); + x89 = (x87)+(x83); + x90 = (uintptr_t)((x89)<(x87)); + x91 = (x90)+(x88); + x92 = (x91)+(x86); + x93 = (x1)*(x9); + x94 = _br2_mulhuu((x1), (x9)); + x95 = (x93)+(x89); + x96 = (uintptr_t)((x95)<(x93)); + x97 = (x96)+(x94); + x98 = (x97)+(x92); + x99 = (x95)+(x75); + x100 = (uintptr_t)((x99)<(x95)); + x101 = (x100)+(x98); + x102 = ((x99)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x101)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x103 = (x99)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x104 = (((x103)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x77))*((uintptr_t)(UINTMAX_C(4294968273))); + x105 = _br2_mulhuu((((x103)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x77)), ((uintptr_t)(UINTMAX_C(4294968273)))); + x106 = (x0)*(x5); + x107 = _br2_mulhuu((x0), (x5)); + x108 = (x106)+(x104); + x109 = (uintptr_t)((x108)<(x106)); + x110 = (x109)+(x107); + x111 = (x110)+(x105); + x112 = ((x108)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x111)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x113 = (x108)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x114 = (x4)*(x7); + x115 = _br2_mulhuu((x4), (x7)); + x116 = (x3)*(x8); + x117 = _br2_mulhuu((x3), (x8)); + x118 = (x116)+(x114); + x119 = (uintptr_t)((x118)<(x116)); + x120 = (x119)+(x117); + x121 = (x120)+(x115); + x122 = (x2)*(x9); + x123 = _br2_mulhuu((x2), (x9)); + x124 = (x122)+(x118); + x125 = (uintptr_t)((x124)<(x122)); + x126 = (x125)+(x123); + x127 = (x126)+(x121); + x128 = (x124)+(x102); + x129 = (uintptr_t)((x128)<(x124)); + x130 = (x129)+(x127); + x131 = ((x128)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x130)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x132 = (x128)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x133 = (x132)*((uintptr_t)(UINTMAX_C(68719492368))); + x134 = _br2_mulhuu((x132), ((uintptr_t)(UINTMAX_C(68719492368)))); + x135 = (x1)*(x5); + x136 = _br2_mulhuu((x1), (x5)); + x137 = (x0)*(x6); + x138 = _br2_mulhuu((x0), (x6)); + x139 = (x137)+(x135); + x140 = (uintptr_t)((x139)<(x137)); + x141 = (x140)+(x138); + x142 = (x141)+(x136); + x143 = (x139)+(x112); + x144 = (uintptr_t)((x143)<(x139)); + x145 = (x144)+(x142); + x146 = (x143)+(x133); + x147 = (uintptr_t)((x146)<(x143)); + x148 = (x147)+(x145); + x149 = (x148)+(x134); + x150 = ((x146)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x149)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x151 = (x146)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x152 = (x4)*(x8); + x153 = _br2_mulhuu((x4), (x8)); + x154 = (x3)*(x9); + x155 = _br2_mulhuu((x3), (x9)); + x156 = (x154)+(x152); + x157 = (uintptr_t)((x156)<(x154)); + x158 = (x157)+(x155); + x159 = (x158)+(x153); + x160 = (x156)+(x131); + x161 = (uintptr_t)((x160)<(x156)); + x162 = (x161)+(x159); + x163 = (x160)*((uintptr_t)(UINTMAX_C(68719492368))); + x164 = _br2_mulhuu((x160), ((uintptr_t)(UINTMAX_C(68719492368)))); + x165 = (x2)*(x5); + x166 = _br2_mulhuu((x2), (x5)); + x167 = (x1)*(x6); + x168 = _br2_mulhuu((x1), (x6)); + x169 = (x167)+(x165); + x170 = (uintptr_t)((x169)<(x167)); + x171 = (x170)+(x168); + x172 = (x171)+(x166); + x173 = (x0)*(x7); + x174 = _br2_mulhuu((x0), (x7)); + x175 = (x173)+(x169); + x176 = (uintptr_t)((x175)<(x173)); + x177 = (x176)+(x174); + x178 = (x177)+(x172); + x179 = (x175)+(x150); + x180 = (uintptr_t)((x179)<(x175)); x181 = (x180)+(x178); - x182 = (x181)+(x176); - x183 = (x179)+(x152); - x184 = (uintptr_t)((x183)<(x179)); - x185 = (x184)+(x182); - x186 = (x183)+(x167); - x187 = (uintptr_t)((x186)<(x183)); - x188 = (x187)+(x185); - x189 = (x188)+(x168); - x190 = ((x186)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x189)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x191 = (x186)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x192 = (x165)*((uintptr_t)(UINTMAX_C(68719492368))); - x193 = _br2_mulhuu((x165), ((uintptr_t)(UINTMAX_C(68719492368)))); - x194 = ((x41)+(x190))+(x192); - x195 = (uintptr_t)((x194)<((x41)+(x190))); - x196 = (x195)+(x193); - x197 = ((x194)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x196)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x198 = (x194)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x199 = (x80)+(x197); - x200 = x115; - x201 = x153; - x202 = x191; - x203 = x198; - x204 = x199; + x182 = (x179)+(x163); + x183 = (uintptr_t)((x182)<(x179)); + x184 = (x183)+(x181); + x185 = (x184)+(x164); + x186 = ((x182)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x185)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x187 = (x182)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x188 = (x162)*((uintptr_t)(UINTMAX_C(281475040739328))); + x189 = _br2_mulhuu((x162), ((uintptr_t)(UINTMAX_C(281475040739328)))); + x190 = ((x39)+(x186))+(x188); + x191 = (uintptr_t)((x190)<((x39)+(x186))); + x192 = (x191)+(x189); + x193 = ((x190)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x192)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x194 = (x190)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x195 = (x78)+(x193); + x196 = x113; + x197 = x151; + x198 = x187; + x199 = x194; + x200 = x195; /*skip*/ - _br2_store((out0)+((uintptr_t)(UINTMAX_C(0))), x200, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(8))), x201, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(16))), x202, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(24))), x203, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(32))), x204, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(0))), x196, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(8))), x197, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(16))), x198, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(24))), x199, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(32))), x200, sizeof(uintptr_t)); /*skip*/ return; } @@ -317,7 +313,7 @@ static void fiat_secp256k1_dettman_mul(uint64_t out1[5], const uint64_t arg1[5], */ static void internal_fiat_secp256k1_dettman_square(uintptr_t out0, uintptr_t in0) { - uintptr_t x10, x9, x12, x15, x17, x20, x18, x21, x16, x13, x19, x24, x22, x25, x14, x26, x23, x11, x31, x33, x36, x34, x37, x32, x35, x39, x42, x40, x43, x38, x27, x41, x46, x44, x29, x45, x49, x47, x50, x30, x51, x48, x53, x7, x56, x58, x61, x59, x62, x57, x52, x60, x65, x63, x66, x64, x68, x54, x0, x69, x71, x74, x72, x75, x70, x76, x73, x3, x6, x79, x81, x84, x82, x85, x80, x67, x83, x88, x86, x89, x87, x91, x77, x94, x97, x95, x92, x96, x100, x98, x101, x93, x102, x99, x5, x4, x90, x105, x108, x106, x109, x107, x111, x1, x8, x2, x114, x116, x119, x117, x120, x115, x103, x118, x123, x121, x112, x122, x126, x124, x127, x113, x128, x125, x110, x131, x28, x129, x134, x132, x135, x133, x55, x136, x78, x104, x130, x137, x138, x139, x140, x141, x142, x143; + uintptr_t x9, x13, x15, x18, x16, x19, x14, x11, x17, x22, x20, x23, x12, x24, x21, x10, x29, x31, x34, x32, x35, x30, x33, x37, x40, x38, x41, x36, x25, x39, x44, x42, x27, x43, x47, x45, x48, x28, x49, x46, x51, x7, x54, x56, x59, x57, x60, x55, x50, x58, x63, x61, x64, x62, x66, x52, x0, x67, x69, x72, x70, x73, x68, x74, x71, x3, x6, x77, x79, x82, x80, x83, x78, x65, x81, x86, x84, x87, x85, x89, x75, x92, x95, x93, x90, x94, x98, x96, x99, x91, x100, x97, x5, x4, x88, x103, x106, x104, x105, x1, x8, x2, x110, x112, x115, x113, x116, x111, x101, x114, x119, x117, x108, x118, x122, x120, x123, x109, x124, x121, x107, x127, x26, x125, x130, x128, x131, x129, x53, x132, x76, x102, x126, x133, x134, x135, x136, x137, x138, x139; x0 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(0))), sizeof(uintptr_t)); x1 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(8))), sizeof(uintptr_t)); x2 = _br2_load((in0)+((uintptr_t)(UINTMAX_C(16))), sizeof(uintptr_t)); @@ -331,145 +327,141 @@ void internal_fiat_secp256k1_dettman_square(uintptr_t out0, uintptr_t in0) { x8 = (x0)*((uintptr_t)(UINTMAX_C(2))); x9 = (x4)*(x4); x10 = _br2_mulhuu((x4), (x4)); - x11 = ((x9)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x10)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x12 = (x9)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x13 = (x12)*((uintptr_t)(UINTMAX_C(68719492368))); - x14 = _br2_mulhuu((x12), ((uintptr_t)(UINTMAX_C(68719492368)))); - x15 = (x7)*(x2); - x16 = _br2_mulhuu((x7), (x2)); - x17 = (x8)*(x3); - x18 = _br2_mulhuu((x8), (x3)); - x19 = (x17)+(x15); - x20 = (uintptr_t)((x19)<(x17)); - x21 = (x20)+(x18); - x22 = (x21)+(x16); - x23 = (x19)+(x13); - x24 = (uintptr_t)((x23)<(x19)); - x25 = (x24)+(x22); - x26 = (x25)+(x14); - x27 = ((x23)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x26)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x28 = (x23)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x29 = (x11)*((uintptr_t)(UINTMAX_C(68719492368))); - x30 = _br2_mulhuu((x11), ((uintptr_t)(UINTMAX_C(68719492368)))); - x31 = (x2)*(x2); - x32 = _br2_mulhuu((x2), (x2)); - x33 = (x7)*(x3); - x34 = _br2_mulhuu((x7), (x3)); - x35 = (x33)+(x31); - x36 = (uintptr_t)((x35)<(x33)); - x37 = (x36)+(x34); - x38 = (x37)+(x32); - x39 = (x8)*(x4); - x40 = _br2_mulhuu((x8), (x4)); - x41 = (x39)+(x35); - x42 = (uintptr_t)((x41)<(x39)); - x43 = (x42)+(x40); - x44 = (x43)+(x38); - x45 = (x41)+(x27); - x46 = (uintptr_t)((x45)<(x41)); - x47 = (x46)+(x44); - x48 = (x45)+(x29); - x49 = (uintptr_t)((x48)<(x45)); - x50 = (x49)+(x47); - x51 = (x50)+(x30); - x52 = ((x48)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x51)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x53 = (x48)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x54 = (x53)>>_br2_shamt((uintptr_t)(UINTMAX_C(48))); - x55 = (x53)&((uintptr_t)(UINTMAX_C(281474976710655))); - x56 = (x6)*(x3); - x57 = _br2_mulhuu((x6), (x3)); - x58 = (x7)*(x4); - x59 = _br2_mulhuu((x7), (x4)); - x60 = (x58)+(x56); - x61 = (uintptr_t)((x60)<(x58)); - x62 = (x61)+(x59); - x63 = (x62)+(x57); - x64 = (x60)+(x52); - x65 = (uintptr_t)((x64)<(x60)); - x66 = (x65)+(x63); - x67 = ((x64)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x66)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x68 = (x64)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x69 = (((x68)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x54))*((uintptr_t)(UINTMAX_C(4294968273))); - x70 = _br2_mulhuu((((x68)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x54)), ((uintptr_t)(UINTMAX_C(4294968273)))); - x71 = (x0)*(x0); - x72 = _br2_mulhuu((x0), (x0)); - x73 = (x71)+(x69); - x74 = (uintptr_t)((x73)<(x71)); - x75 = (x74)+(x72); - x76 = (x75)+(x70); - x77 = ((x73)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x76)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x78 = (x73)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x79 = (x3)*(x3); - x80 = _br2_mulhuu((x3), (x3)); - x81 = (x6)*(x4); - x82 = _br2_mulhuu((x6), (x4)); - x83 = (x81)+(x79); - x84 = (uintptr_t)((x83)<(x81)); - x85 = (x84)+(x82); - x86 = (x85)+(x80); - x87 = (x83)+(x67); - x88 = (uintptr_t)((x87)<(x83)); - x89 = (x88)+(x86); - x90 = ((x87)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x89)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x91 = (x87)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x92 = (x91)*((uintptr_t)(UINTMAX_C(68719492368))); - x93 = _br2_mulhuu((x91), ((uintptr_t)(UINTMAX_C(68719492368)))); - x94 = (x8)*(x1); - x95 = _br2_mulhuu((x8), (x1)); - x96 = (x94)+(x77); - x97 = (uintptr_t)((x96)<(x94)); - x98 = (x97)+(x95); - x99 = (x96)+(x92); - x100 = (uintptr_t)((x99)<(x96)); - x101 = (x100)+(x98); - x102 = (x101)+(x93); - x103 = ((x99)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x102)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x104 = (x99)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x105 = (x5)*(x4); - x106 = _br2_mulhuu((x5), (x4)); - x107 = (x105)+(x90); - x108 = (uintptr_t)((x107)<(x105)); - x109 = (x108)+(x106); - x110 = ((x107)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x109)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x111 = (x107)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x112 = (x111)*((uintptr_t)(UINTMAX_C(68719492368))); - x113 = _br2_mulhuu((x111), ((uintptr_t)(UINTMAX_C(68719492368)))); - x114 = (x1)*(x1); - x115 = _br2_mulhuu((x1), (x1)); - x116 = (x8)*(x2); - x117 = _br2_mulhuu((x8), (x2)); - x118 = (x116)+(x114); - x119 = (uintptr_t)((x118)<(x116)); + x11 = (x9)*((uintptr_t)(UINTMAX_C(68719492368))); + x12 = _br2_mulhuu((x9), ((uintptr_t)(UINTMAX_C(68719492368)))); + x13 = (x7)*(x2); + x14 = _br2_mulhuu((x7), (x2)); + x15 = (x8)*(x3); + x16 = _br2_mulhuu((x8), (x3)); + x17 = (x15)+(x13); + x18 = (uintptr_t)((x17)<(x15)); + x19 = (x18)+(x16); + x20 = (x19)+(x14); + x21 = (x17)+(x11); + x22 = (uintptr_t)((x21)<(x17)); + x23 = (x22)+(x20); + x24 = (x23)+(x12); + x25 = ((x21)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x24)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x26 = (x21)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x27 = (x10)*((uintptr_t)(UINTMAX_C(281475040739328))); + x28 = _br2_mulhuu((x10), ((uintptr_t)(UINTMAX_C(281475040739328)))); + x29 = (x2)*(x2); + x30 = _br2_mulhuu((x2), (x2)); + x31 = (x7)*(x3); + x32 = _br2_mulhuu((x7), (x3)); + x33 = (x31)+(x29); + x34 = (uintptr_t)((x33)<(x31)); + x35 = (x34)+(x32); + x36 = (x35)+(x30); + x37 = (x8)*(x4); + x38 = _br2_mulhuu((x8), (x4)); + x39 = (x37)+(x33); + x40 = (uintptr_t)((x39)<(x37)); + x41 = (x40)+(x38); + x42 = (x41)+(x36); + x43 = (x39)+(x25); + x44 = (uintptr_t)((x43)<(x39)); + x45 = (x44)+(x42); + x46 = (x43)+(x27); + x47 = (uintptr_t)((x46)<(x43)); + x48 = (x47)+(x45); + x49 = (x48)+(x28); + x50 = ((x46)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x49)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x51 = (x46)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x52 = (x51)>>_br2_shamt((uintptr_t)(UINTMAX_C(48))); + x53 = (x51)&((uintptr_t)(UINTMAX_C(281474976710655))); + x54 = (x6)*(x3); + x55 = _br2_mulhuu((x6), (x3)); + x56 = (x7)*(x4); + x57 = _br2_mulhuu((x7), (x4)); + x58 = (x56)+(x54); + x59 = (uintptr_t)((x58)<(x56)); + x60 = (x59)+(x57); + x61 = (x60)+(x55); + x62 = (x58)+(x50); + x63 = (uintptr_t)((x62)<(x58)); + x64 = (x63)+(x61); + x65 = ((x62)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x64)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x66 = (x62)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x67 = (((x66)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x52))*((uintptr_t)(UINTMAX_C(4294968273))); + x68 = _br2_mulhuu((((x66)<<_br2_shamt((uintptr_t)(UINTMAX_C(4))))+(x52)), ((uintptr_t)(UINTMAX_C(4294968273)))); + x69 = (x0)*(x0); + x70 = _br2_mulhuu((x0), (x0)); + x71 = (x69)+(x67); + x72 = (uintptr_t)((x71)<(x69)); + x73 = (x72)+(x70); + x74 = (x73)+(x68); + x75 = ((x71)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x74)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x76 = (x71)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x77 = (x3)*(x3); + x78 = _br2_mulhuu((x3), (x3)); + x79 = (x6)*(x4); + x80 = _br2_mulhuu((x6), (x4)); + x81 = (x79)+(x77); + x82 = (uintptr_t)((x81)<(x79)); + x83 = (x82)+(x80); + x84 = (x83)+(x78); + x85 = (x81)+(x65); + x86 = (uintptr_t)((x85)<(x81)); + x87 = (x86)+(x84); + x88 = ((x85)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x87)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x89 = (x85)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x90 = (x89)*((uintptr_t)(UINTMAX_C(68719492368))); + x91 = _br2_mulhuu((x89), ((uintptr_t)(UINTMAX_C(68719492368)))); + x92 = (x8)*(x1); + x93 = _br2_mulhuu((x8), (x1)); + x94 = (x92)+(x75); + x95 = (uintptr_t)((x94)<(x92)); + x96 = (x95)+(x93); + x97 = (x94)+(x90); + x98 = (uintptr_t)((x97)<(x94)); + x99 = (x98)+(x96); + x100 = (x99)+(x91); + x101 = ((x97)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x100)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x102 = (x97)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x103 = (x5)*(x4); + x104 = _br2_mulhuu((x5), (x4)); + x105 = (x103)+(x88); + x106 = (uintptr_t)((x105)<(x103)); + x107 = (x106)+(x104); + x108 = (x105)*((uintptr_t)(UINTMAX_C(68719492368))); + x109 = _br2_mulhuu((x105), ((uintptr_t)(UINTMAX_C(68719492368)))); + x110 = (x1)*(x1); + x111 = _br2_mulhuu((x1), (x1)); + x112 = (x8)*(x2); + x113 = _br2_mulhuu((x8), (x2)); + x114 = (x112)+(x110); + x115 = (uintptr_t)((x114)<(x112)); + x116 = (x115)+(x113); + x117 = (x116)+(x111); + x118 = (x114)+(x101); + x119 = (uintptr_t)((x118)<(x114)); x120 = (x119)+(x117); - x121 = (x120)+(x115); - x122 = (x118)+(x103); - x123 = (uintptr_t)((x122)<(x118)); - x124 = (x123)+(x121); - x125 = (x122)+(x112); - x126 = (uintptr_t)((x125)<(x122)); - x127 = (x126)+(x124); - x128 = (x127)+(x113); - x129 = ((x125)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x128)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x130 = (x125)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x131 = (x110)*((uintptr_t)(UINTMAX_C(68719492368))); - x132 = _br2_mulhuu((x110), ((uintptr_t)(UINTMAX_C(68719492368)))); - x133 = ((x28)+(x129))+(x131); - x134 = (uintptr_t)((x133)<((x28)+(x129))); - x135 = (x134)+(x132); - x136 = ((x133)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x135)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); - x137 = (x133)&((uintptr_t)(UINTMAX_C(4503599627370495))); - x138 = (x55)+(x136); - x139 = x78; - x140 = x104; - x141 = x130; - x142 = x137; - x143 = x138; + x121 = (x118)+(x108); + x122 = (uintptr_t)((x121)<(x118)); + x123 = (x122)+(x120); + x124 = (x123)+(x109); + x125 = ((x121)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x124)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x126 = (x121)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x127 = (x107)*((uintptr_t)(UINTMAX_C(281475040739328))); + x128 = _br2_mulhuu((x107), ((uintptr_t)(UINTMAX_C(281475040739328)))); + x129 = ((x26)+(x125))+(x127); + x130 = (uintptr_t)((x129)<((x26)+(x125))); + x131 = (x130)+(x128); + x132 = ((x129)>>_br2_shamt((uintptr_t)(UINTMAX_C(52))))|((x131)<<_br2_shamt((uintptr_t)(UINTMAX_C(12)))); + x133 = (x129)&((uintptr_t)(UINTMAX_C(4503599627370495))); + x134 = (x53)+(x132); + x135 = x76; + x136 = x102; + x137 = x126; + x138 = x133; + x139 = x134; /*skip*/ - _br2_store((out0)+((uintptr_t)(UINTMAX_C(0))), x139, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(8))), x140, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(16))), x141, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(24))), x142, sizeof(uintptr_t)); - _br2_store((out0)+((uintptr_t)(UINTMAX_C(32))), x143, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(0))), x135, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(8))), x136, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(16))), x137, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(24))), x138, sizeof(uintptr_t)); + _br2_store((out0)+((uintptr_t)(UINTMAX_C(32))), x139, sizeof(uintptr_t)); /*skip*/ return; } diff --git a/fiat-go/64/secp256k1dettman/secp256k1dettman.go b/fiat-go/64/secp256k1dettman/secp256k1dettman.go index fb6b99c3c5..629245401b 100644 --- a/fiat-go/64/secp256k1dettman/secp256k1dettman.go +++ b/fiat-go/64/secp256k1dettman/secp256k1dettman.go @@ -44,257 +44,253 @@ func Mul(out1 *[5]uint64, arg1 *[5]uint64, arg2 *[5]uint64) { var x1 uint64 var x2 uint64 x2, x1 = bits.Mul64(arg1[4], arg2[4]) - x3 := ((x1 >> 52) | ((x2 << 12) & 0xffffffffffffffff)) - x4 := (x1 & 0xfffffffffffff) + var x3 uint64 + var x4 uint64 + x4, x3 = bits.Mul64(x1, 0x1000003d10) var x5 uint64 var x6 uint64 - x6, x5 = bits.Mul64(x4, 0x1000003d10) + x6, x5 = bits.Mul64(arg1[3], arg2[0]) var x7 uint64 var x8 uint64 - x8, x7 = bits.Mul64(arg1[3], arg2[0]) + x8, x7 = bits.Mul64(arg1[2], arg2[1]) var x9 uint64 var x10 uint64 - x10, x9 = bits.Mul64(arg1[2], arg2[1]) + x9, x10 = bits.Add64(x7, x5, uint64(0x0)) var x11 uint64 - var x12 uint64 - x11, x12 = bits.Add64(x9, x7, uint64(0x0)) + x11, _ = bits.Add64(x8, x6, uint64(uint1(x10))) var x13 uint64 - x13, _ = bits.Add64(x10, x8, uint64(uint1(x12))) + var x14 uint64 + x14, x13 = bits.Mul64(arg1[1], arg2[2]) var x15 uint64 var x16 uint64 - x16, x15 = bits.Mul64(arg1[1], arg2[2]) + x15, x16 = bits.Add64(x13, x9, uint64(0x0)) var x17 uint64 - var x18 uint64 - x17, x18 = bits.Add64(x15, x11, uint64(0x0)) + x17, _ = bits.Add64(x14, x11, uint64(uint1(x16))) var x19 uint64 - x19, _ = bits.Add64(x16, x13, uint64(uint1(x18))) + var x20 uint64 + x20, x19 = bits.Mul64(arg1[0], arg2[3]) var x21 uint64 var x22 uint64 - x22, x21 = bits.Mul64(arg1[0], arg2[3]) + x21, x22 = bits.Add64(x19, x15, uint64(0x0)) var x23 uint64 - var x24 uint64 - x23, x24 = bits.Add64(x21, x17, uint64(0x0)) + x23, _ = bits.Add64(x20, x17, uint64(uint1(x22))) var x25 uint64 - x25, _ = bits.Add64(x22, x19, uint64(uint1(x24))) + var x26 uint64 + x25, x26 = bits.Add64(x21, x3, uint64(0x0)) var x27 uint64 - var x28 uint64 - x27, x28 = bits.Add64(x23, x5, uint64(0x0)) - var x29 uint64 - x29, _ = bits.Add64(x25, x6, uint64(uint1(x28))) - x31 := ((x27 >> 52) | ((x29 << 12) & 0xffffffffffffffff)) - x32 := (x27 & 0xfffffffffffff) + x27, _ = bits.Add64(x23, x4, uint64(uint1(x26))) + x29 := ((x25 >> 52) | ((x27 << 12) & 0xffffffffffffffff)) + x30 := (x25 & 0xfffffffffffff) + var x31 uint64 + var x32 uint64 + x32, x31 = bits.Mul64(x2, 0x1000003d10000) var x33 uint64 var x34 uint64 - x34, x33 = bits.Mul64(x3, 0x1000003d10) + x34, x33 = bits.Mul64(arg1[4], arg2[0]) var x35 uint64 var x36 uint64 - x36, x35 = bits.Mul64(arg1[4], arg2[0]) + x36, x35 = bits.Mul64(arg1[3], arg2[1]) var x37 uint64 var x38 uint64 - x38, x37 = bits.Mul64(arg1[3], arg2[1]) + x37, x38 = bits.Add64(x35, x33, uint64(0x0)) var x39 uint64 - var x40 uint64 - x39, x40 = bits.Add64(x37, x35, uint64(0x0)) + x39, _ = bits.Add64(x36, x34, uint64(uint1(x38))) var x41 uint64 - x41, _ = bits.Add64(x38, x36, uint64(uint1(x40))) + var x42 uint64 + x42, x41 = bits.Mul64(arg1[2], arg2[2]) var x43 uint64 var x44 uint64 - x44, x43 = bits.Mul64(arg1[2], arg2[2]) + x43, x44 = bits.Add64(x41, x37, uint64(0x0)) var x45 uint64 - var x46 uint64 - x45, x46 = bits.Add64(x43, x39, uint64(0x0)) + x45, _ = bits.Add64(x42, x39, uint64(uint1(x44))) var x47 uint64 - x47, _ = bits.Add64(x44, x41, uint64(uint1(x46))) + var x48 uint64 + x48, x47 = bits.Mul64(arg1[1], arg2[3]) var x49 uint64 var x50 uint64 - x50, x49 = bits.Mul64(arg1[1], arg2[3]) + x49, x50 = bits.Add64(x47, x43, uint64(0x0)) var x51 uint64 - var x52 uint64 - x51, x52 = bits.Add64(x49, x45, uint64(0x0)) + x51, _ = bits.Add64(x48, x45, uint64(uint1(x50))) var x53 uint64 - x53, _ = bits.Add64(x50, x47, uint64(uint1(x52))) + var x54 uint64 + x54, x53 = bits.Mul64(arg1[0], arg2[4]) var x55 uint64 var x56 uint64 - x56, x55 = bits.Mul64(arg1[0], arg2[4]) + x55, x56 = bits.Add64(x53, x49, uint64(0x0)) var x57 uint64 - var x58 uint64 - x57, x58 = bits.Add64(x55, x51, uint64(0x0)) + x57, _ = bits.Add64(x54, x51, uint64(uint1(x56))) var x59 uint64 - x59, _ = bits.Add64(x56, x53, uint64(uint1(x58))) - var x61 uint64 + var x60 uint64 + x59, x60 = bits.Add64(x55, x29, uint64(0x0)) + x61 := (uint64(uint1(x60)) + x57) var x62 uint64 - x61, x62 = bits.Add64(x57, x31, uint64(0x0)) - x63 := (uint64(uint1(x62)) + x59) + var x63 uint64 + x62, x63 = bits.Add64(x59, x31, uint64(0x0)) var x64 uint64 - var x65 uint64 - x64, x65 = bits.Add64(x61, x33, uint64(0x0)) - var x66 uint64 - x66, _ = bits.Add64(x63, x34, uint64(uint1(x65))) - x68 := ((x64 >> 52) | ((x66 << 12) & 0xffffffffffffffff)) - x69 := (x64 & 0xfffffffffffff) - x70 := (x69 >> 48) - x71 := (x69 & 0xffffffffffff) + x64, _ = bits.Add64(x61, x32, uint64(uint1(x63))) + x66 := ((x62 >> 52) | ((x64 << 12) & 0xffffffffffffffff)) + x67 := (x62 & 0xfffffffffffff) + x68 := (x67 >> 48) + x69 := (x67 & 0xffffffffffff) + var x70 uint64 + var x71 uint64 + x71, x70 = bits.Mul64(arg1[4], arg2[1]) var x72 uint64 var x73 uint64 - x73, x72 = bits.Mul64(arg1[4], arg2[1]) + x73, x72 = bits.Mul64(arg1[3], arg2[2]) var x74 uint64 var x75 uint64 - x75, x74 = bits.Mul64(arg1[3], arg2[2]) + x74, x75 = bits.Add64(x72, x70, uint64(0x0)) var x76 uint64 - var x77 uint64 - x76, x77 = bits.Add64(x74, x72, uint64(0x0)) + x76, _ = bits.Add64(x73, x71, uint64(uint1(x75))) var x78 uint64 - x78, _ = bits.Add64(x75, x73, uint64(uint1(x77))) + var x79 uint64 + x79, x78 = bits.Mul64(arg1[2], arg2[3]) var x80 uint64 var x81 uint64 - x81, x80 = bits.Mul64(arg1[2], arg2[3]) + x80, x81 = bits.Add64(x78, x74, uint64(0x0)) var x82 uint64 - var x83 uint64 - x82, x83 = bits.Add64(x80, x76, uint64(0x0)) + x82, _ = bits.Add64(x79, x76, uint64(uint1(x81))) var x84 uint64 - x84, _ = bits.Add64(x81, x78, uint64(uint1(x83))) + var x85 uint64 + x85, x84 = bits.Mul64(arg1[1], arg2[4]) var x86 uint64 var x87 uint64 - x87, x86 = bits.Mul64(arg1[1], arg2[4]) + x86, x87 = bits.Add64(x84, x80, uint64(0x0)) var x88 uint64 - var x89 uint64 - x88, x89 = bits.Add64(x86, x82, uint64(0x0)) + x88, _ = bits.Add64(x85, x82, uint64(uint1(x87))) var x90 uint64 - x90, _ = bits.Add64(x87, x84, uint64(uint1(x89))) - var x92 uint64 - var x93 uint64 - x92, x93 = bits.Add64(x88, x68, uint64(0x0)) - x94 := (uint64(uint1(x93)) + x90) - x95 := ((x92 >> 52) | ((x94 << 12) & 0xffffffffffffffff)) - x96 := (x92 & 0xfffffffffffff) + var x91 uint64 + x90, x91 = bits.Add64(x86, x66, uint64(0x0)) + x92 := (uint64(uint1(x91)) + x88) + x93 := ((x90 >> 52) | ((x92 << 12) & 0xffffffffffffffff)) + x94 := (x90 & 0xfffffffffffff) + var x95 uint64 + var x96 uint64 + x96, x95 = bits.Mul64(((x94 << 4) + x68), 0x1000003d1) var x97 uint64 var x98 uint64 - x98, x97 = bits.Mul64(((x96 << 4) + x70), 0x1000003d1) + x98, x97 = bits.Mul64(arg1[0], arg2[0]) var x99 uint64 var x100 uint64 - x100, x99 = bits.Mul64(arg1[0], arg2[0]) + x99, x100 = bits.Add64(x97, x95, uint64(0x0)) var x101 uint64 - var x102 uint64 - x101, x102 = bits.Add64(x99, x97, uint64(0x0)) - var x103 uint64 - x103, _ = bits.Add64(x100, x98, uint64(uint1(x102))) - x105 := ((x101 >> 52) | ((x103 << 12) & 0xffffffffffffffff)) - x106 := (x101 & 0xfffffffffffff) + x101, _ = bits.Add64(x98, x96, uint64(uint1(x100))) + x103 := ((x99 >> 52) | ((x101 << 12) & 0xffffffffffffffff)) + x104 := (x99 & 0xfffffffffffff) + var x105 uint64 + var x106 uint64 + x106, x105 = bits.Mul64(arg1[4], arg2[2]) var x107 uint64 var x108 uint64 - x108, x107 = bits.Mul64(arg1[4], arg2[2]) + x108, x107 = bits.Mul64(arg1[3], arg2[3]) var x109 uint64 var x110 uint64 - x110, x109 = bits.Mul64(arg1[3], arg2[3]) + x109, x110 = bits.Add64(x107, x105, uint64(0x0)) var x111 uint64 - var x112 uint64 - x111, x112 = bits.Add64(x109, x107, uint64(0x0)) + x111, _ = bits.Add64(x108, x106, uint64(uint1(x110))) var x113 uint64 - x113, _ = bits.Add64(x110, x108, uint64(uint1(x112))) + var x114 uint64 + x114, x113 = bits.Mul64(arg1[2], arg2[4]) var x115 uint64 var x116 uint64 - x116, x115 = bits.Mul64(arg1[2], arg2[4]) + x115, x116 = bits.Add64(x113, x109, uint64(0x0)) var x117 uint64 - var x118 uint64 - x117, x118 = bits.Add64(x115, x111, uint64(0x0)) + x117, _ = bits.Add64(x114, x111, uint64(uint1(x116))) var x119 uint64 - x119, _ = bits.Add64(x116, x113, uint64(uint1(x118))) - var x121 uint64 - var x122 uint64 - x121, x122 = bits.Add64(x117, x95, uint64(0x0)) - x123 := (uint64(uint1(x122)) + x119) - x124 := ((x121 >> 52) | ((x123 << 12) & 0xffffffffffffffff)) - x125 := (x121 & 0xfffffffffffff) + var x120 uint64 + x119, x120 = bits.Add64(x115, x93, uint64(0x0)) + x121 := (uint64(uint1(x120)) + x117) + x122 := ((x119 >> 52) | ((x121 << 12) & 0xffffffffffffffff)) + x123 := (x119 & 0xfffffffffffff) + var x124 uint64 + var x125 uint64 + x125, x124 = bits.Mul64(x123, 0x1000003d10) var x126 uint64 var x127 uint64 - x127, x126 = bits.Mul64(x125, 0x1000003d10) + x127, x126 = bits.Mul64(arg1[1], arg2[0]) var x128 uint64 var x129 uint64 - x129, x128 = bits.Mul64(arg1[1], arg2[0]) + x129, x128 = bits.Mul64(arg1[0], arg2[1]) var x130 uint64 var x131 uint64 - x131, x130 = bits.Mul64(arg1[0], arg2[1]) + x130, x131 = bits.Add64(x128, x126, uint64(0x0)) var x132 uint64 - var x133 uint64 - x132, x133 = bits.Add64(x130, x128, uint64(0x0)) + x132, _ = bits.Add64(x129, x127, uint64(uint1(x131))) var x134 uint64 - x134, _ = bits.Add64(x131, x129, uint64(uint1(x133))) - var x136 uint64 + var x135 uint64 + x134, x135 = bits.Add64(x130, x103, uint64(0x0)) + x136 := (uint64(uint1(x135)) + x132) var x137 uint64 - x136, x137 = bits.Add64(x132, x105, uint64(0x0)) - x138 := (uint64(uint1(x137)) + x134) + var x138 uint64 + x137, x138 = bits.Add64(x134, x124, uint64(0x0)) var x139 uint64 - var x140 uint64 - x139, x140 = bits.Add64(x136, x126, uint64(0x0)) - var x141 uint64 - x141, _ = bits.Add64(x138, x127, uint64(uint1(x140))) - x143 := ((x139 >> 52) | ((x141 << 12) & 0xffffffffffffffff)) - x144 := (x139 & 0xfffffffffffff) + x139, _ = bits.Add64(x136, x125, uint64(uint1(x138))) + x141 := ((x137 >> 52) | ((x139 << 12) & 0xffffffffffffffff)) + x142 := (x137 & 0xfffffffffffff) + var x143 uint64 + var x144 uint64 + x144, x143 = bits.Mul64(arg1[4], arg2[3]) var x145 uint64 var x146 uint64 - x146, x145 = bits.Mul64(arg1[4], arg2[3]) + x146, x145 = bits.Mul64(arg1[3], arg2[4]) var x147 uint64 var x148 uint64 - x148, x147 = bits.Mul64(arg1[3], arg2[4]) + x147, x148 = bits.Add64(x145, x143, uint64(0x0)) var x149 uint64 - var x150 uint64 - x149, x150 = bits.Add64(x147, x145, uint64(0x0)) + x149, _ = bits.Add64(x146, x144, uint64(uint1(x148))) var x151 uint64 - x151, _ = bits.Add64(x148, x146, uint64(uint1(x150))) - var x153 uint64 + var x152 uint64 + x151, x152 = bits.Add64(x147, x122, uint64(0x0)) + x153 := (uint64(uint1(x152)) + x149) var x154 uint64 - x153, x154 = bits.Add64(x149, x124, uint64(0x0)) - x155 := (uint64(uint1(x154)) + x151) - x156 := ((x153 >> 52) | ((x155 << 12) & 0xffffffffffffffff)) - x157 := (x153 & 0xfffffffffffff) + var x155 uint64 + x155, x154 = bits.Mul64(x151, 0x1000003d10) + var x156 uint64 + var x157 uint64 + x157, x156 = bits.Mul64(arg1[2], arg2[0]) var x158 uint64 var x159 uint64 - x159, x158 = bits.Mul64(x157, 0x1000003d10) + x159, x158 = bits.Mul64(arg1[1], arg2[1]) var x160 uint64 var x161 uint64 - x161, x160 = bits.Mul64(arg1[2], arg2[0]) + x160, x161 = bits.Add64(x158, x156, uint64(0x0)) var x162 uint64 - var x163 uint64 - x163, x162 = bits.Mul64(arg1[1], arg2[1]) + x162, _ = bits.Add64(x159, x157, uint64(uint1(x161))) var x164 uint64 var x165 uint64 - x164, x165 = bits.Add64(x162, x160, uint64(0x0)) + x165, x164 = bits.Mul64(arg1[0], arg2[2]) var x166 uint64 - x166, _ = bits.Add64(x163, x161, uint64(uint1(x165))) + var x167 uint64 + x166, x167 = bits.Add64(x164, x160, uint64(0x0)) var x168 uint64 - var x169 uint64 - x169, x168 = bits.Mul64(arg1[0], arg2[2]) + x168, _ = bits.Add64(x165, x162, uint64(uint1(x167))) var x170 uint64 var x171 uint64 - x170, x171 = bits.Add64(x168, x164, uint64(0x0)) - var x172 uint64 - x172, _ = bits.Add64(x169, x166, uint64(uint1(x171))) + x170, x171 = bits.Add64(x166, x141, uint64(0x0)) + x172 := (uint64(uint1(x171)) + x168) + var x173 uint64 var x174 uint64 + x173, x174 = bits.Add64(x170, x154, uint64(0x0)) var x175 uint64 - x174, x175 = bits.Add64(x170, x143, uint64(0x0)) - x176 := (uint64(uint1(x175)) + x172) - var x177 uint64 - var x178 uint64 - x177, x178 = bits.Add64(x174, x158, uint64(0x0)) + x175, _ = bits.Add64(x172, x155, uint64(uint1(x174))) + x177 := ((x173 >> 52) | ((x175 << 12) & 0xffffffffffffffff)) + x178 := (x173 & 0xfffffffffffff) var x179 uint64 - x179, _ = bits.Add64(x176, x159, uint64(uint1(x178))) - x181 := ((x177 >> 52) | ((x179 << 12) & 0xffffffffffffffff)) - x182 := (x177 & 0xfffffffffffff) - var x183 uint64 - var x184 uint64 - x184, x183 = bits.Mul64(x156, 0x1000003d10) - var x185 uint64 - var x186 uint64 - x185, x186 = bits.Add64((x32 + x181), x183, uint64(0x0)) - x187 := (uint64(uint1(x186)) + x184) - x188 := ((x185 >> 52) | ((x187 << 12) & 0xffffffffffffffff)) - x189 := (x185 & 0xfffffffffffff) - x190 := (x71 + x188) - out1[0] = x106 - out1[1] = x144 - out1[2] = x182 - out1[3] = x189 - out1[4] = x190 + var x180 uint64 + x180, x179 = bits.Mul64(x153, 0x1000003d10000) + var x181 uint64 + var x182 uint64 + x181, x182 = bits.Add64((x30 + x177), x179, uint64(0x0)) + x183 := (uint64(uint1(x182)) + x180) + x184 := ((x181 >> 52) | ((x183 << 12) & 0xffffffffffffffff)) + x185 := (x181 & 0xfffffffffffff) + x186 := (x69 + x184) + out1[0] = x104 + out1[1] = x142 + out1[2] = x178 + out1[3] = x185 + out1[4] = x186 } // Square squares a field element. @@ -314,175 +310,171 @@ func Square(out1 *[5]uint64, arg1 *[5]uint64) { var x5 uint64 var x6 uint64 x6, x5 = bits.Mul64(arg1[4], arg1[4]) - x7 := ((x5 >> 52) | ((x6 << 12) & 0xffffffffffffffff)) - x8 := (x5 & 0xfffffffffffff) + var x7 uint64 + var x8 uint64 + x8, x7 = bits.Mul64(x5, 0x1000003d10) var x9 uint64 var x10 uint64 - x10, x9 = bits.Mul64(x8, 0x1000003d10) + x10, x9 = bits.Mul64(x3, arg1[2]) var x11 uint64 var x12 uint64 - x12, x11 = bits.Mul64(x3, arg1[2]) + x12, x11 = bits.Mul64(x4, arg1[3]) var x13 uint64 var x14 uint64 - x14, x13 = bits.Mul64(x4, arg1[3]) + x13, x14 = bits.Add64(x11, x9, uint64(0x0)) var x15 uint64 - var x16 uint64 - x15, x16 = bits.Add64(x13, x11, uint64(0x0)) + x15, _ = bits.Add64(x12, x10, uint64(uint1(x14))) var x17 uint64 - x17, _ = bits.Add64(x14, x12, uint64(uint1(x16))) + var x18 uint64 + x17, x18 = bits.Add64(x13, x7, uint64(0x0)) var x19 uint64 - var x20 uint64 - x19, x20 = bits.Add64(x15, x9, uint64(0x0)) - var x21 uint64 - x21, _ = bits.Add64(x17, x10, uint64(uint1(x20))) - x23 := ((x19 >> 52) | ((x21 << 12) & 0xffffffffffffffff)) - x24 := (x19 & 0xfffffffffffff) + x19, _ = bits.Add64(x15, x8, uint64(uint1(x18))) + x21 := ((x17 >> 52) | ((x19 << 12) & 0xffffffffffffffff)) + x22 := (x17 & 0xfffffffffffff) + var x23 uint64 + var x24 uint64 + x24, x23 = bits.Mul64(x6, 0x1000003d10000) var x25 uint64 var x26 uint64 - x26, x25 = bits.Mul64(x7, 0x1000003d10) + x26, x25 = bits.Mul64(arg1[2], arg1[2]) var x27 uint64 var x28 uint64 - x28, x27 = bits.Mul64(arg1[2], arg1[2]) + x28, x27 = bits.Mul64(x3, arg1[3]) var x29 uint64 var x30 uint64 - x30, x29 = bits.Mul64(x3, arg1[3]) + x29, x30 = bits.Add64(x27, x25, uint64(0x0)) var x31 uint64 - var x32 uint64 - x31, x32 = bits.Add64(x29, x27, uint64(0x0)) + x31, _ = bits.Add64(x28, x26, uint64(uint1(x30))) var x33 uint64 - x33, _ = bits.Add64(x30, x28, uint64(uint1(x32))) + var x34 uint64 + x34, x33 = bits.Mul64(x4, arg1[4]) var x35 uint64 var x36 uint64 - x36, x35 = bits.Mul64(x4, arg1[4]) + x35, x36 = bits.Add64(x33, x29, uint64(0x0)) var x37 uint64 - var x38 uint64 - x37, x38 = bits.Add64(x35, x31, uint64(0x0)) + x37, _ = bits.Add64(x34, x31, uint64(uint1(x36))) var x39 uint64 - x39, _ = bits.Add64(x36, x33, uint64(uint1(x38))) - var x41 uint64 + var x40 uint64 + x39, x40 = bits.Add64(x35, x21, uint64(0x0)) + x41 := (uint64(uint1(x40)) + x37) var x42 uint64 - x41, x42 = bits.Add64(x37, x23, uint64(0x0)) - x43 := (uint64(uint1(x42)) + x39) + var x43 uint64 + x42, x43 = bits.Add64(x39, x23, uint64(0x0)) var x44 uint64 - var x45 uint64 - x44, x45 = bits.Add64(x41, x25, uint64(0x0)) - var x46 uint64 - x46, _ = bits.Add64(x43, x26, uint64(uint1(x45))) - x48 := ((x44 >> 52) | ((x46 << 12) & 0xffffffffffffffff)) - x49 := (x44 & 0xfffffffffffff) - x50 := (x49 >> 48) - x51 := (x49 & 0xffffffffffff) + x44, _ = bits.Add64(x41, x24, uint64(uint1(x43))) + x46 := ((x42 >> 52) | ((x44 << 12) & 0xffffffffffffffff)) + x47 := (x42 & 0xfffffffffffff) + x48 := (x47 >> 48) + x49 := (x47 & 0xffffffffffff) + var x50 uint64 + var x51 uint64 + x51, x50 = bits.Mul64(x2, arg1[3]) var x52 uint64 var x53 uint64 - x53, x52 = bits.Mul64(x2, arg1[3]) + x53, x52 = bits.Mul64(x3, arg1[4]) var x54 uint64 var x55 uint64 - x55, x54 = bits.Mul64(x3, arg1[4]) + x54, x55 = bits.Add64(x52, x50, uint64(0x0)) var x56 uint64 - var x57 uint64 - x56, x57 = bits.Add64(x54, x52, uint64(0x0)) + x56, _ = bits.Add64(x53, x51, uint64(uint1(x55))) var x58 uint64 - x58, _ = bits.Add64(x55, x53, uint64(uint1(x57))) - var x60 uint64 - var x61 uint64 - x60, x61 = bits.Add64(x56, x48, uint64(0x0)) - x62 := (uint64(uint1(x61)) + x58) - x63 := ((x60 >> 52) | ((x62 << 12) & 0xffffffffffffffff)) - x64 := (x60 & 0xfffffffffffff) + var x59 uint64 + x58, x59 = bits.Add64(x54, x46, uint64(0x0)) + x60 := (uint64(uint1(x59)) + x56) + x61 := ((x58 >> 52) | ((x60 << 12) & 0xffffffffffffffff)) + x62 := (x58 & 0xfffffffffffff) + var x63 uint64 + var x64 uint64 + x64, x63 = bits.Mul64(((x62 << 4) + x48), 0x1000003d1) var x65 uint64 var x66 uint64 - x66, x65 = bits.Mul64(((x64 << 4) + x50), 0x1000003d1) + x66, x65 = bits.Mul64(arg1[0], arg1[0]) var x67 uint64 var x68 uint64 - x68, x67 = bits.Mul64(arg1[0], arg1[0]) + x67, x68 = bits.Add64(x65, x63, uint64(0x0)) var x69 uint64 - var x70 uint64 - x69, x70 = bits.Add64(x67, x65, uint64(0x0)) - var x71 uint64 - x71, _ = bits.Add64(x68, x66, uint64(uint1(x70))) - x73 := ((x69 >> 52) | ((x71 << 12) & 0xffffffffffffffff)) - x74 := (x69 & 0xfffffffffffff) + x69, _ = bits.Add64(x66, x64, uint64(uint1(x68))) + x71 := ((x67 >> 52) | ((x69 << 12) & 0xffffffffffffffff)) + x72 := (x67 & 0xfffffffffffff) + var x73 uint64 + var x74 uint64 + x74, x73 = bits.Mul64(arg1[3], arg1[3]) var x75 uint64 var x76 uint64 - x76, x75 = bits.Mul64(arg1[3], arg1[3]) + x76, x75 = bits.Mul64(x2, arg1[4]) var x77 uint64 var x78 uint64 - x78, x77 = bits.Mul64(x2, arg1[4]) + x77, x78 = bits.Add64(x75, x73, uint64(0x0)) var x79 uint64 - var x80 uint64 - x79, x80 = bits.Add64(x77, x75, uint64(0x0)) + x79, _ = bits.Add64(x76, x74, uint64(uint1(x78))) var x81 uint64 - x81, _ = bits.Add64(x78, x76, uint64(uint1(x80))) - var x83 uint64 - var x84 uint64 - x83, x84 = bits.Add64(x79, x63, uint64(0x0)) - x85 := (uint64(uint1(x84)) + x81) - x86 := ((x83 >> 52) | ((x85 << 12) & 0xffffffffffffffff)) - x87 := (x83 & 0xfffffffffffff) + var x82 uint64 + x81, x82 = bits.Add64(x77, x61, uint64(0x0)) + x83 := (uint64(uint1(x82)) + x79) + x84 := ((x81 >> 52) | ((x83 << 12) & 0xffffffffffffffff)) + x85 := (x81 & 0xfffffffffffff) + var x86 uint64 + var x87 uint64 + x87, x86 = bits.Mul64(x85, 0x1000003d10) var x88 uint64 var x89 uint64 - x89, x88 = bits.Mul64(x87, 0x1000003d10) + x89, x88 = bits.Mul64(x4, arg1[1]) var x90 uint64 var x91 uint64 - x91, x90 = bits.Mul64(x4, arg1[1]) - var x92 uint64 + x90, x91 = bits.Add64(x88, x71, uint64(0x0)) + x92 := (uint64(uint1(x91)) + x89) var x93 uint64 - x92, x93 = bits.Add64(x90, x73, uint64(0x0)) - x94 := (uint64(uint1(x93)) + x91) + var x94 uint64 + x93, x94 = bits.Add64(x90, x86, uint64(0x0)) var x95 uint64 - var x96 uint64 - x95, x96 = bits.Add64(x92, x88, uint64(0x0)) - var x97 uint64 - x97, _ = bits.Add64(x94, x89, uint64(uint1(x96))) - x99 := ((x95 >> 52) | ((x97 << 12) & 0xffffffffffffffff)) - x100 := (x95 & 0xfffffffffffff) + x95, _ = bits.Add64(x92, x87, uint64(uint1(x94))) + x97 := ((x93 >> 52) | ((x95 << 12) & 0xffffffffffffffff)) + x98 := (x93 & 0xfffffffffffff) + var x99 uint64 + var x100 uint64 + x100, x99 = bits.Mul64(x1, arg1[4]) var x101 uint64 var x102 uint64 - x102, x101 = bits.Mul64(x1, arg1[4]) - var x103 uint64 + x101, x102 = bits.Add64(x99, x84, uint64(0x0)) + x103 := (uint64(uint1(x102)) + x100) var x104 uint64 - x103, x104 = bits.Add64(x101, x86, uint64(0x0)) - x105 := (uint64(uint1(x104)) + x102) - x106 := ((x103 >> 52) | ((x105 << 12) & 0xffffffffffffffff)) - x107 := (x103 & 0xfffffffffffff) + var x105 uint64 + x105, x104 = bits.Mul64(x101, 0x1000003d10) + var x106 uint64 + var x107 uint64 + x107, x106 = bits.Mul64(arg1[1], arg1[1]) var x108 uint64 var x109 uint64 - x109, x108 = bits.Mul64(x107, 0x1000003d10) + x109, x108 = bits.Mul64(x4, arg1[2]) var x110 uint64 var x111 uint64 - x111, x110 = bits.Mul64(arg1[1], arg1[1]) + x110, x111 = bits.Add64(x108, x106, uint64(0x0)) var x112 uint64 - var x113 uint64 - x113, x112 = bits.Mul64(x4, arg1[2]) + x112, _ = bits.Add64(x109, x107, uint64(uint1(x111))) var x114 uint64 var x115 uint64 - x114, x115 = bits.Add64(x112, x110, uint64(0x0)) - var x116 uint64 - x116, _ = bits.Add64(x113, x111, uint64(uint1(x115))) + x114, x115 = bits.Add64(x110, x97, uint64(0x0)) + x116 := (uint64(uint1(x115)) + x112) + var x117 uint64 var x118 uint64 + x117, x118 = bits.Add64(x114, x104, uint64(0x0)) var x119 uint64 - x118, x119 = bits.Add64(x114, x99, uint64(0x0)) - x120 := (uint64(uint1(x119)) + x116) - var x121 uint64 - var x122 uint64 - x121, x122 = bits.Add64(x118, x108, uint64(0x0)) + x119, _ = bits.Add64(x116, x105, uint64(uint1(x118))) + x121 := ((x117 >> 52) | ((x119 << 12) & 0xffffffffffffffff)) + x122 := (x117 & 0xfffffffffffff) var x123 uint64 - x123, _ = bits.Add64(x120, x109, uint64(uint1(x122))) - x125 := ((x121 >> 52) | ((x123 << 12) & 0xffffffffffffffff)) - x126 := (x121 & 0xfffffffffffff) - var x127 uint64 - var x128 uint64 - x128, x127 = bits.Mul64(x106, 0x1000003d10) - var x129 uint64 - var x130 uint64 - x129, x130 = bits.Add64((x24 + x125), x127, uint64(0x0)) - x131 := (uint64(uint1(x130)) + x128) - x132 := ((x129 >> 52) | ((x131 << 12) & 0xffffffffffffffff)) - x133 := (x129 & 0xfffffffffffff) - x134 := (x51 + x132) - out1[0] = x74 - out1[1] = x100 - out1[2] = x126 - out1[3] = x133 - out1[4] = x134 + var x124 uint64 + x124, x123 = bits.Mul64(x103, 0x1000003d10000) + var x125 uint64 + var x126 uint64 + x125, x126 = bits.Add64((x22 + x121), x123, uint64(0x0)) + x127 := (uint64(uint1(x126)) + x124) + x128 := ((x125 >> 52) | ((x127 << 12) & 0xffffffffffffffff)) + x129 := (x125 & 0xfffffffffffff) + x130 := (x49 + x128) + out1[0] = x72 + out1[1] = x98 + out1[2] = x122 + out1[3] = x129 + out1[4] = x130 } diff --git a/fiat-json/src/secp256k1_dettman_64.json b/fiat-json/src/secp256k1_dettman_64.json index a843a9a5c8..c009c21655 100644 --- a/fiat-json/src/secp256k1_dettman_64.json +++ b/fiat-json/src/secp256k1_dettman_64.json @@ -112,7 +112,7 @@ "x1" ] }, - "52" + "64" ] } ] @@ -137,7 +137,7 @@ "x1" ] }, - "0xfffffffffffff" + "0xffffffffffffffff" ] } ] @@ -651,7 +651,7 @@ "x2" ] }, - "0x1000003d10" + "0x1000003d10000" ] } ] @@ -1647,7 +1647,7 @@ "x24" ] }, - "52" + "64" ] } ] @@ -1672,7 +1672,7 @@ "x24" ] }, - "0xfffffffffffff" + "0xffffffffffffffff" ] } ] @@ -1966,7 +1966,7 @@ "x25" ] }, - "0x1000003d10" + "0x1000003d10000" ] } ] @@ -2304,7 +2304,7 @@ "x5" ] }, - "52" + "64" ] } ] @@ -2329,7 +2329,7 @@ "x5" ] }, - "0xfffffffffffff" + "0xffffffffffffffff" ] } ] @@ -2667,7 +2667,7 @@ "x6" ] }, - "0x1000003d10" + "0x1000003d10000" ] } ] @@ -3443,7 +3443,7 @@ "x28" ] }, - "52" + "64" ] } ] @@ -3468,7 +3468,7 @@ "x28" ] }, - "0xfffffffffffff" + "0xffffffffffffffff" ] } ] @@ -3718,7 +3718,7 @@ "x29" ] }, - "0x1000003d10" + "0x1000003d10000" ] } ] diff --git a/fiat-rust/src/secp256k1_dettman_64.rs b/fiat-rust/src/secp256k1_dettman_64.rs index 7a9fe4c270..398b70725c 100644 --- a/fiat-rust/src/secp256k1_dettman_64.rs +++ b/fiat-rust/src/secp256k1_dettman_64.rs @@ -29,12 +29,12 @@ #[inline] pub fn fiat_secp256k1_dettman_mul(out1: &mut [u64; 5], arg1: &[u64; 5], arg2: &[u64; 5]) -> () { let x1: u128 = (((arg1[4]) as u128) * ((arg2[4]) as u128)); - let x2: u64 = ((x1 >> 52) as u64); - let x3: u64 = ((x1 & (0xfffffffffffff as u128)) as u64); + let x2: u64 = ((x1 >> 64) as u64); + let x3: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); let x4: u128 = (((((arg1[0]) as u128) * ((arg2[3]) as u128)) + ((((arg1[1]) as u128) * ((arg2[2]) as u128)) + ((((arg1[2]) as u128) * ((arg2[1]) as u128)) + (((arg1[3]) as u128) * ((arg2[0]) as u128))))) + ((x3 as u128) * (0x1000003d10 as u128))); let x5: u64 = ((x4 >> 52) as u64); let x6: u64 = ((x4 & (0xfffffffffffff as u128)) as u64); - let x7: u128 = ((((((arg1[0]) as u128) * ((arg2[4]) as u128)) + ((((arg1[1]) as u128) * ((arg2[3]) as u128)) + ((((arg1[2]) as u128) * ((arg2[2]) as u128)) + ((((arg1[3]) as u128) * ((arg2[1]) as u128)) + (((arg1[4]) as u128) * ((arg2[0]) as u128)))))) + (x5 as u128)) + ((x2 as u128) * (0x1000003d10 as u128))); + let x7: u128 = ((((((arg1[0]) as u128) * ((arg2[4]) as u128)) + ((((arg1[1]) as u128) * ((arg2[3]) as u128)) + ((((arg1[2]) as u128) * ((arg2[2]) as u128)) + ((((arg1[3]) as u128) * ((arg2[1]) as u128)) + (((arg1[4]) as u128) * ((arg2[0]) as u128)))))) + (x5 as u128)) + ((x2 as u128) * (0x1000003d10000 as u128))); let x8: u64 = ((x7 >> 52) as u64); let x9: u64 = ((x7 & (0xfffffffffffff as u128)) as u64); let x10: u64 = (x9 >> 48); @@ -52,12 +52,12 @@ pub fn fiat_secp256k1_dettman_mul(out1: &mut [u64; 5], arg1: &[u64; 5], arg2: &[ let x22: u64 = ((x21 >> 52) as u64); let x23: u64 = ((x21 & (0xfffffffffffff as u128)) as u64); let x24: u128 = (((((arg1[3]) as u128) * ((arg2[4]) as u128)) + (((arg1[4]) as u128) * ((arg2[3]) as u128))) + (x19 as u128)); - let x25: u64 = ((x24 >> 52) as u64); - let x26: u64 = ((x24 & (0xfffffffffffff as u128)) as u64); + let x25: u64 = ((x24 >> 64) as u64); + let x26: u64 = ((x24 & (0xffffffffffffffff as u128)) as u64); let x27: u128 = ((((((arg1[0]) as u128) * ((arg2[2]) as u128)) + ((((arg1[1]) as u128) * ((arg2[1]) as u128)) + (((arg1[2]) as u128) * ((arg2[0]) as u128)))) + (x22 as u128)) + ((x26 as u128) * (0x1000003d10 as u128))); let x28: u64 = ((x27 >> 52) as u64); let x29: u64 = ((x27 & (0xfffffffffffff as u128)) as u64); - let x30: u128 = (((x6 + x28) as u128) + ((x25 as u128) * (0x1000003d10 as u128))); + let x30: u128 = (((x6 + x28) as u128) + ((x25 as u128) * (0x1000003d10000 as u128))); let x31: u64 = ((x30 >> 52) as u64); let x32: u64 = ((x30 & (0xfffffffffffff as u128)) as u64); let x33: u64 = (x11 + x31); @@ -84,12 +84,12 @@ pub fn fiat_secp256k1_dettman_square(out1: &mut [u64; 5], arg1: &[u64; 5]) -> () let x3: u64 = ((arg1[1]) * 0x2); let x4: u64 = ((arg1[0]) * 0x2); let x5: u128 = (((arg1[4]) as u128) * ((arg1[4]) as u128)); - let x6: u64 = ((x5 >> 52) as u64); - let x7: u64 = ((x5 & (0xfffffffffffff as u128)) as u64); + let x6: u64 = ((x5 >> 64) as u64); + let x7: u64 = ((x5 & (0xffffffffffffffff as u128)) as u64); let x8: u128 = ((((x4 as u128) * ((arg1[3]) as u128)) + ((x3 as u128) * ((arg1[2]) as u128))) + ((x7 as u128) * (0x1000003d10 as u128))); let x9: u64 = ((x8 >> 52) as u64); let x10: u64 = ((x8 & (0xfffffffffffff as u128)) as u64); - let x11: u128 = (((((x4 as u128) * ((arg1[4]) as u128)) + (((x3 as u128) * ((arg1[3]) as u128)) + (((arg1[2]) as u128) * ((arg1[2]) as u128)))) + (x9 as u128)) + ((x6 as u128) * (0x1000003d10 as u128))); + let x11: u128 = (((((x4 as u128) * ((arg1[4]) as u128)) + (((x3 as u128) * ((arg1[3]) as u128)) + (((arg1[2]) as u128) * ((arg1[2]) as u128)))) + (x9 as u128)) + ((x6 as u128) * (0x1000003d10000 as u128))); let x12: u64 = ((x11 >> 52) as u64); let x13: u64 = ((x11 & (0xfffffffffffff as u128)) as u64); let x14: u64 = (x13 >> 48); @@ -107,12 +107,12 @@ pub fn fiat_secp256k1_dettman_square(out1: &mut [u64; 5], arg1: &[u64; 5]) -> () let x26: u64 = ((x25 >> 52) as u64); let x27: u64 = ((x25 & (0xfffffffffffff as u128)) as u64); let x28: u128 = (((x1 as u128) * ((arg1[4]) as u128)) + (x23 as u128)); - let x29: u64 = ((x28 >> 52) as u64); - let x30: u64 = ((x28 & (0xfffffffffffff as u128)) as u64); + let x29: u64 = ((x28 >> 64) as u64); + let x30: u64 = ((x28 & (0xffffffffffffffff as u128)) as u64); let x31: u128 = (((((x4 as u128) * ((arg1[2]) as u128)) + (((arg1[1]) as u128) * ((arg1[1]) as u128))) + (x26 as u128)) + ((x30 as u128) * (0x1000003d10 as u128))); let x32: u64 = ((x31 >> 52) as u64); let x33: u64 = ((x31 & (0xfffffffffffff as u128)) as u64); - let x34: u128 = (((x10 + x32) as u128) + ((x29 as u128) * (0x1000003d10 as u128))); + let x34: u128 = (((x10 + x32) as u128) + ((x29 as u128) * (0x1000003d10000 as u128))); let x35: u64 = ((x34 >> 52) as u64); let x36: u64 = ((x34 & (0xfffffffffffff as u128)) as u64); let x37: u64 = (x15 + x35); diff --git a/fiat-zig/src/secp256k1_dettman_64.zig b/fiat-zig/src/secp256k1_dettman_64.zig index 66788edcfd..19d45ab0e1 100644 --- a/fiat-zig/src/secp256k1_dettman_64.zig +++ b/fiat-zig/src/secp256k1_dettman_64.zig @@ -42,12 +42,12 @@ pub fn mul(out1: *[5]u64, arg1: [5]u64, arg2: [5]u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, (arg1[4])) * cast(u128, (arg2[4]))); - const x2 = cast(u64, (x1 >> 52)); - const x3 = cast(u64, (x1 & cast(u128, 0xfffffffffffff))); + const x2 = cast(u64, (x1 >> 64)); + const x3 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); const x4 = (((cast(u128, (arg1[0])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[3])) * cast(u128, (arg2[0])))))) + (cast(u128, x3) * cast(u128, 0x1000003d10))); const x5 = cast(u64, (x4 >> 52)); const x6 = cast(u64, (x4 & cast(u128, 0xfffffffffffff))); - const x7 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[0]))))))) + cast(u128, x5)) + (cast(u128, x2) * cast(u128, 0x1000003d10))); + const x7 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[0]))))))) + cast(u128, x5)) + (cast(u128, x2) * cast(u128, 0x1000003d10000))); const x8 = cast(u64, (x7 >> 52)); const x9 = cast(u64, (x7 & cast(u128, 0xfffffffffffff))); const x10 = (x9 >> 48); @@ -65,12 +65,12 @@ pub fn mul(out1: *[5]u64, arg1: [5]u64, arg2: [5]u64) void { const x22 = cast(u64, (x21 >> 52)); const x23 = cast(u64, (x21 & cast(u128, 0xfffffffffffff))); const x24 = (((cast(u128, (arg1[3])) * cast(u128, (arg2[4]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[3])))) + cast(u128, x19)); - const x25 = cast(u64, (x24 >> 52)); - const x26 = cast(u64, (x24 & cast(u128, 0xfffffffffffff))); + const x25 = cast(u64, (x24 >> 64)); + const x26 = cast(u64, (x24 & cast(u128, 0xffffffffffffffff))); const x27 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[2])) * cast(u128, (arg2[0]))))) + cast(u128, x22)) + (cast(u128, x26) * cast(u128, 0x1000003d10))); const x28 = cast(u64, (x27 >> 52)); const x29 = cast(u64, (x27 & cast(u128, 0xfffffffffffff))); - const x30 = (cast(u128, (x6 + x28)) + (cast(u128, x25) * cast(u128, 0x1000003d10))); + const x30 = (cast(u128, (x6 + x28)) + (cast(u128, x25) * cast(u128, 0x1000003d10000))); const x31 = cast(u64, (x30 >> 52)); const x32 = cast(u64, (x30 & cast(u128, 0xfffffffffffff))); const x33 = (x11 + x31); @@ -98,12 +98,12 @@ pub fn square(out1: *[5]u64, arg1: [5]u64) void { const x3 = ((arg1[1]) * 0x2); const x4 = ((arg1[0]) * 0x2); const x5 = (cast(u128, (arg1[4])) * cast(u128, (arg1[4]))); - const x6 = cast(u64, (x5 >> 52)); - const x7 = cast(u64, (x5 & cast(u128, 0xfffffffffffff))); + const x6 = cast(u64, (x5 >> 64)); + const x7 = cast(u64, (x5 & cast(u128, 0xffffffffffffffff))); const x8 = (((cast(u128, x4) * cast(u128, (arg1[3]))) + (cast(u128, x3) * cast(u128, (arg1[2])))) + (cast(u128, x7) * cast(u128, 0x1000003d10))); const x9 = cast(u64, (x8 >> 52)); const x10 = cast(u64, (x8 & cast(u128, 0xfffffffffffff))); - const x11 = ((((cast(u128, x4) * cast(u128, (arg1[4]))) + ((cast(u128, x3) * cast(u128, (arg1[3]))) + (cast(u128, (arg1[2])) * cast(u128, (arg1[2]))))) + cast(u128, x9)) + (cast(u128, x6) * cast(u128, 0x1000003d10))); + const x11 = ((((cast(u128, x4) * cast(u128, (arg1[4]))) + ((cast(u128, x3) * cast(u128, (arg1[3]))) + (cast(u128, (arg1[2])) * cast(u128, (arg1[2]))))) + cast(u128, x9)) + (cast(u128, x6) * cast(u128, 0x1000003d10000))); const x12 = cast(u64, (x11 >> 52)); const x13 = cast(u64, (x11 & cast(u128, 0xfffffffffffff))); const x14 = (x13 >> 48); @@ -121,12 +121,12 @@ pub fn square(out1: *[5]u64, arg1: [5]u64) void { const x26 = cast(u64, (x25 >> 52)); const x27 = cast(u64, (x25 & cast(u128, 0xfffffffffffff))); const x28 = ((cast(u128, x1) * cast(u128, (arg1[4]))) + cast(u128, x23)); - const x29 = cast(u64, (x28 >> 52)); - const x30 = cast(u64, (x28 & cast(u128, 0xfffffffffffff))); + const x29 = cast(u64, (x28 >> 64)); + const x30 = cast(u64, (x28 & cast(u128, 0xffffffffffffffff))); const x31 = ((((cast(u128, x4) * cast(u128, (arg1[2]))) + (cast(u128, (arg1[1])) * cast(u128, (arg1[1])))) + cast(u128, x26)) + (cast(u128, x30) * cast(u128, 0x1000003d10))); const x32 = cast(u64, (x31 >> 52)); const x33 = cast(u64, (x31 & cast(u128, 0xfffffffffffff))); - const x34 = (cast(u128, (x10 + x32)) + (cast(u128, x29) * cast(u128, 0x1000003d10))); + const x34 = (cast(u128, (x10 + x32)) + (cast(u128, x29) * cast(u128, 0x1000003d10000))); const x35 = cast(u64, (x34 >> 52)); const x36 = cast(u64, (x34 & cast(u128, 0xfffffffffffff))); const x37 = (x15 + x35); From a21e03cf7899bf99c1aa5e11577ab6621137cf84 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 3 May 2023 02:34:32 -0400 Subject: [PATCH 11/27] made proofs a bit nicer --- src/Arithmetic/DettmanMultiplication.v | 58 ++++++++++++++++---------- 1 file changed, 37 insertions(+), 21 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index dc74228302..5c3c02ad47 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -223,6 +223,41 @@ Module DettmanMultiplication. Local Open Scope Z_scope. + (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) + Lemma reduction_works i : weight (limbs + i - 1) * 2^register_width / weight i mod s = 0. + Proof. + rewrite Divide.Z.mod_divide_full. + remember (s_small (limbs + i - 1)) as H eqn:clearMe. clear clearMe. + apply (Z.divide_trans _ (weight (limbs + i) / weight i)). + - rewrite <- Divide.Z.mod_divide_full. rewrite (Nat.add_comm limbs i). apply s_small. + - apply Z.divide_div. + + remember (weight_positive i). lia. + + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. + lia. + + rewrite <- Divide.Z.mod_divide_full. + replace (weight (limbs + i)) with (weight (limbs + i - 1 + 1)). + -- apply weight_lt_width. + -- f_equal. lia. + Qed. + + Lemma reduction_works' (i j : nat) : + (j = limbs + i - 1)%nat -> + weight j * 2^register_width / weight i mod s = 0. + Proof. + intros H. subst. apply reduction_works. + Qed. + + Lemma weight_prod_div_nz (i j : nat) (e : Z) : + 0 <= e -> + (i <= j)%nat -> + weight j * 2^e / weight i <> 0. + Proof. + intros H1 H2 H3. Check Weight.weight_divides_full. + apply (Weight.weight_divides_full weight weight_positive weight_multiples) in H2. + assert (0 < 2^e). { apply Pow2.Z.pow2_gt_0. lia. } + Search (_ * _ = 0). Abort. + + Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). @@ -241,16 +276,7 @@ Module DettmanMultiplication. -- apply s_small. -- rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. } (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) - 7: { rewrite Divide.Z.mod_divide_full. - remember (s_small (limbs - 2 - 1 + 1)) as H eqn:clearMe. clear clearMe. - apply (Z.divide_trans _ (weight (2*limbs - 2) / weight (limbs - 2))). - - rewrite <- Divide.Z.mod_divide_full. - replace (2*limbs-2)%nat with (limbs - 2 + limbs)%nat by lia. apply s_small. - - replace (limbs - 2 - 1 + 1)%nat with (limbs - 2)%nat by lia. apply Z.divide_div. - + remember (weight_positive (limbs-2)). lia. - + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. - lia. - + rewrite <- Divide.Z.mod_divide_full. replace (2 * limbs - 2)%nat with (limbs - 2 - 1 + limbs + 1)%nat by lia. apply weight_lt_width. } + 7: { apply reduction_works'; lia. } (* (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width) mod (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) = 0 *) @@ -283,17 +309,7 @@ Module DettmanMultiplication. } (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) mod s = 0 *) - 1: { rewrite Divide.Z.mod_divide_full. - remember (s_small (limbs - 1)) as H eqn:clearMe. clear clearMe. - apply (Z.divide_trans _ (weight (2 * limbs - 1) / weight (limbs - 1))). - - rewrite <- Divide.Z.mod_divide_full. - replace (2*limbs-1)%nat with (limbs - 1 + limbs)%nat by lia. apply s_small. - - Search ((_ / _) | (_ / _)). apply Z.divide_div. - + remember (weight_positive (limbs-1)). lia. - + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. - lia. - + rewrite <- Divide.Z.mod_divide_full. replace (2 * limbs - 1)%nat with (2 * limbs - 2 + 1)%nat by lia. apply weight_lt_width. - } + 1: { apply reduction_works'; lia. } Qed. Hint Rewrite eval_reduce_carry_borrow : push_eval. From 0e6448b31f4e60a168022dfe133d84cbd3922215 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 3 May 2023 12:50:35 -0400 Subject: [PATCH 12/27] made proofs nicer --- src/Arithmetic/DettmanMultiplication.v | 59 +++++++------------------- 1 file changed, 16 insertions(+), 43 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 5c3c02ad47..89c029099a 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -59,15 +59,7 @@ Module DettmanMultiplication. Qed. Lemma div_nz a b : b > 0 -> b <= a -> a / b <> 0. - Proof. - intros H1 H2. assert (H: 1 <= a / b). - - replace 1 with (b / b). - + apply Z_div_le; assumption. - + apply Z_div_same. apply H1. - - symmetry. apply Z.lt_neq. apply Z.lt_le_trans with 1. - + reflexivity. - + apply H. - Qed. + Proof. Z.div_mod_to_equations. lia. Qed. Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. Proof. @@ -224,7 +216,7 @@ Module DettmanMultiplication. Local Open Scope Z_scope. (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) - Lemma reduction_works i : weight (limbs + i - 1) * 2^register_width / weight i mod s = 0. + Lemma reduction_divides i : weight (limbs + i - 1) * 2^register_width / weight i mod s = 0. Proof. rewrite Divide.Z.mod_divide_full. remember (s_small (limbs + i - 1)) as H eqn:clearMe. clear clearMe. @@ -240,11 +232,11 @@ Module DettmanMultiplication. -- f_equal. lia. Qed. - Lemma reduction_works' (i j : nat) : + Lemma reduction_divides' (i j : nat) : (j = limbs + i - 1)%nat -> weight j * 2^register_width / weight i mod s = 0. Proof. - intros H. subst. apply reduction_works. + intros H. subst. apply reduction_divides. Qed. Lemma weight_prod_div_nz (i j : nat) (e : Z) : @@ -252,11 +244,11 @@ Module DettmanMultiplication. (i <= j)%nat -> weight j * 2^e / weight i <> 0. Proof. - intros H1 H2 H3. Check Weight.weight_divides_full. - apply (Weight.weight_divides_full weight weight_positive weight_multiples) in H2. - assert (0 < 2^e). { apply Pow2.Z.pow2_gt_0. lia. } - Search (_ * _ = 0). Abort. - + intros H1 H2. apply div_nz. + - remember (weight_positive i). lia. + - apply weight_increasing in H2. replace (weight i) with (weight i * 1) by lia. + apply Zmult_le_compat; try lia. remember (weight_positive i). lia. + Qed. Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = @@ -265,51 +257,32 @@ Module DettmanMultiplication. cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. all: try apply weight_div_nz; try lia. all: try apply weight_mod_quotient_zero; try lia. + all: try apply reduction_divides'; try lia. + all: try apply weight_prod_div_nz; try lia. (*(weight (2 * limbs - 2) / weight (limbs - 2)) mod s = 0*) 1: { replace (2 * limbs - 2)%nat with ((limbs - 2) + limbs)%nat by lia. apply s_small. } (* s / weight (limbs - 1) <> 0 *) - 4: { apply div_nz; auto with arith. remember (weight_positive (limbs - 1)). lia. } + 2: { apply div_nz; auto with arith. remember (weight_positive (limbs - 1)). lia. } (* weight limbs mod (weight limbs / s) = 0 *) - 5: { apply mod_quotient_zero. + 3: { apply mod_quotient_zero. + remember s_positive. lia. + replace (weight limbs) with (weight (0 + limbs) / weight 0). -- apply s_small. -- rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. } - (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) - 7: { apply reduction_works'; lia. } (* (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width) mod (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) = 0 *) - 6: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } + 3: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width) mod (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) = 0 *) - 2: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } - (* weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1) <> 0 *) - 1: { apply divisible_implies_nonzero. - - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. - - rewrite <- Z.neq_mul_0. split. - + remember (weight_positive (2 * limbs - 2)). lia. - + assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } - lia. - } + 1: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } (* weight limbs / s <> 0 *) - 2: { apply divisible_implies_nonzero. + 1: { apply divisible_implies_nonzero. - replace (weight limbs) with (weight (0 + limbs) / weight 0). + apply s_small. + rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. - remember (weight_positive limbs). lia. } - (* weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1) <> 0 *) - 2: { apply divisible_implies_nonzero. - - rewrite Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. - - rewrite <- Z.neq_mul_0. split. - + remember (weight_positive (limbs - 2 - 1 + limbs)). lia. - + assert (0 < 2^register_width). { apply Pow2.Z.pow2_gt_0. lia. } - lia. - } - - (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) mod s = 0 *) - 1: { apply reduction_works'; lia. } Qed. Hint Rewrite eval_reduce_carry_borrow : push_eval. From 5bd1fe6f0cb1f32b5c03ee85c1c04b7569ab2ef7 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 3 May 2023 16:07:40 -0400 Subject: [PATCH 13/27] made proofs a bit nicer --- src/Arithmetic/DettmanMultiplication.v | 147 ++++++++++++------------- 1 file changed, 69 insertions(+), 78 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 89c029099a..7d0eee0943 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -46,6 +46,23 @@ Module DettmanMultiplication. Lemma div_mul_le : forall x y, y > 0 -> x / y * y <= x. Proof. intros x y H. remember (Zmod_eq x y H). remember (Z_mod_lt x y H). lia. Qed. + Lemma div_nz a b : b > 0 -> b <= a -> a / b <> 0. + Proof. Z.div_mod_to_equations. lia. Qed. + + Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. + Proof. + intros i j H. assert (0 < weight j / weight i); try lia. + apply Weight.weight_divides_full; assumption. + Qed. + + Lemma s_small' (i j : nat) : + (j = i + limbs)%nat -> + weight j / weight i mod s = 0. + Proof. intros H. subst. apply s_small. Qed. + + Lemma s_big' : s / weight (limbs - 1) <> 0. + Proof. remember (weight_positive (limbs - 1)). apply div_nz; lia. Qed. + Lemma weight_increasing : forall i j : nat, (i <= j)%nat -> weight i <= weight j. Proof. intros i j H. @@ -53,19 +70,8 @@ Module DettmanMultiplication. assert (1 <= weight j / weight i) by lia. assert (1 * weight i <= weight j / weight i * weight i). { apply Zmult_le_compat_r; try lia. remember (weight_positive i). lia. } - apply (Z.le_trans _ (weight j / weight i * weight i) _). - - lia. - - (*rewrite Weight.weight_div_mod.*) apply div_mul_le. remember (weight_positive i). lia. - Qed. - - Lemma div_nz a b : b > 0 -> b <= a -> a / b <> 0. - Proof. Z.div_mod_to_equations. lia. Qed. - - Lemma weight_div_nz : forall i j : nat, (i <= j)%nat -> weight j / weight i <> 0. - Proof. - intros i j H. - assert (0 < weight j / weight i). { apply Weight.weight_divides_full; assumption. } - lia. + apply (Z.le_trans _ (weight j / weight i * weight i) _); try lia. + apply div_mul_le. remember (weight_positive i). lia. Qed. Lemma mod_quotient_zero : forall x y, 0 < y -> x mod y = 0 -> x mod (x / y) = 0. @@ -74,8 +80,9 @@ Module DettmanMultiplication. subst. rewrite Z_div_mult by lia. rewrite Z.mul_comm. apply Z_mod_mult. Qed. - Lemma weight_mod_quotient_zero : forall i j : nat, (i <= j)%nat -> - (weight j) mod (weight j / weight i) = 0. + Lemma weight_mod_quotient_zero : forall i j : nat, + (i <= j)%nat -> + (weight j) mod (weight j / weight i) = 0. Proof. intros i j H. apply mod_quotient_zero; try apply weight_positive. apply Weight.weight_multiples_full; assumption. @@ -87,7 +94,7 @@ Module DettmanMultiplication. a / b <> 0. Proof. intros H1 H2. remember (Z_div_mod_eq_full a b). lia. Qed. - Hint Resolve s_positive s_nz weight_nz div_nz : arith. + Hint Resolve s_positive s_nz weight_nz div_nz s_big' : arith. Hint Resolve weight_0 weight_positive weight_multiples Weight.weight_multiples_full : arith. Hint Resolve weight_div_nz weight_mod_quotient_zero : arith. @@ -175,7 +182,7 @@ Module DettmanMultiplication. (* here I've pulled out the final iteration of the loop to do the special register_width carry. *) - (* begin loop iteration *) + (* begin final loop iteration *) let i0 := l - 2 - 1 in let rloop1 := carry' (weight (i0 + limbs)) (2^register_width) r11 in @@ -187,7 +194,7 @@ Module DettmanMultiplication. let fromLoop3 := weight i0 in let toLoop3 := weight (i0 + 1) in let rloop3 := carry' fromLoop3 (toLoop3 / fromLoop3) rloop2 in - (* end loop iteration*) + (* end final loop iteration*) let from12 := Z.mul (weight (i0 + limbs)) (2^register_width) in let to12 := weight (i0 + 1) in @@ -215,12 +222,9 @@ Module DettmanMultiplication. Local Open Scope Z_scope. - (*(weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) mod s = 0*) Lemma reduction_divides i : weight (limbs + i - 1) * 2^register_width / weight i mod s = 0. Proof. - rewrite Divide.Z.mod_divide_full. - remember (s_small (limbs + i - 1)) as H eqn:clearMe. clear clearMe. - apply (Z.divide_trans _ (weight (limbs + i) / weight i)). + rewrite Divide.Z.mod_divide_full. apply (Z.divide_trans _ (weight (limbs + i) / weight i)). - rewrite <- Divide.Z.mod_divide_full. rewrite (Nat.add_comm limbs i). apply s_small. - apply Z.divide_div. + remember (weight_positive i). lia. @@ -235,21 +239,31 @@ Module DettmanMultiplication. Lemma reduction_divides' (i j : nat) : (j = limbs + i - 1)%nat -> weight j * 2^register_width / weight i mod s = 0. + Proof. intros H. subst. apply reduction_divides. Qed. + + Lemma weight_prod_mod_zero (i j : nat) : + (i <= j)%nat -> + (weight j * 2^register_width) mod (weight i) = 0. Proof. - intros H. subst. apply reduction_divides. + intros H. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. + rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. Qed. - - Lemma weight_prod_div_nz (i j : nat) (e : Z) : - 0 <= e -> + + Lemma weight_prod_div_nz (i j : nat) : (i <= j)%nat -> - weight j * 2^e / weight i <> 0. + weight j * 2^register_width / weight i <> 0. Proof. - intros H1 H2. apply div_nz. - - remember (weight_positive i). lia. - - apply weight_increasing in H2. replace (weight i) with (weight i * 1) by lia. - apply Zmult_le_compat; try lia. remember (weight_positive i). lia. + intros H. apply divisible_implies_nonzero. apply weight_prod_mod_zero; try lia. + remember (weight_positive j). remember (Z.pow_nonneg 2 register_width). lia. Qed. + Lemma s_small_particular : weight limbs mod s = 0. + Proof. + replace (weight limbs) with (weight limbs / weight 0). + - apply s_small'; lia. + - Z.div_mod_to_equations. lia. + Qed. + Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). @@ -259,30 +273,11 @@ Module DettmanMultiplication. all: try apply weight_mod_quotient_zero; try lia. all: try apply reduction_divides'; try lia. all: try apply weight_prod_div_nz; try lia. - (*(weight (2 * limbs - 2) / weight (limbs - 2)) mod s = 0*) - 1: { replace (2 * limbs - 2)%nat with ((limbs - 2) + limbs)%nat by lia. apply s_small. } - (* s / weight (limbs - 1) <> 0 *) - 2: { apply div_nz; auto with arith. remember (weight_positive (limbs - 1)). lia. } - (* weight limbs mod (weight limbs / s) = 0 *) - 3: { apply mod_quotient_zero. - + remember s_positive. lia. - + replace (weight limbs) with (weight (0 + limbs) / weight 0). - -- apply s_small. - -- rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. } - (* (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width) - mod (weight (limbs - 2 - 1 + limbs) * 2 ^ Z.of_nat register_width / weight (limbs - 2 - 1 + 1)) = - 0 *) - 3: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } - (* (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width) - mod (weight (2 * limbs - 2) * 2 ^ Z.of_nat register_width / weight (limbs - 1)) = 0 *) - 1: { apply mod_quotient_zero; try apply weight_positive. apply Divide.Z.mod_divide_full. apply Z.divide_mul_l. rewrite <- Divide.Z.mod_divide_full. apply Weight.weight_multiples_full; try assumption. lia. } - (* weight limbs / s <> 0 *) - 1: { apply divisible_implies_nonzero. - - replace (weight limbs) with (weight (0 + limbs) / weight 0). - + apply s_small. - + rewrite weight_0. rewrite Z.div_1_r. rewrite Nat.add_0_l. reflexivity. - - remember (weight_positive limbs). lia. - } + all: try apply s_small'; try lia. + all: try apply mod_quotient_zero; try apply divisible_implies_nonzero; try apply s_small_particular; try apply weight_positive. + all: try apply weight_prod_mod_zero; try lia. + all: try (remember (weight_positive limbs); lia). + all: try (remember s_positive; lia). Qed. Hint Rewrite eval_reduce_carry_borrow : push_eval. @@ -326,9 +321,10 @@ Module dettman_multiplication_mod_ops. Local Notation limbwidth_den' := (n - 1). (* can't use Q here, or else reification doesn't work *) Context - (registers_big : limbwidth_num' <= register_width * limbwidth_den') (* stated somewhat awkwardly in terms of Z; i think we might want to avoid Q here too? idk *) + (registers_big : limbwidth_num' <= register_width * limbwidth_den') (* stated somewhat awkwardly in terms of Z; i think we might want to avoid Q here too *) (weight_big : Z.log2 s <= n * limbwidth_num' / limbwidth_den'). + (* I don't want these to be automatically unfolded in the proofs below. *) Definition limbwidth_num := limbwidth_num'. Definition limbwidth_den := limbwidth_den'. @@ -358,10 +354,10 @@ Module dettman_multiplication_mod_ops. Proof. assert (H: Qfloor (x - y) + Qceiling y <= Qceiling x). - replace (Qceiling x) with (Qceiling (x - y + y))%Q. - + Search Qceiling. apply QUtil.add_floor_l_le_ceiling. - + Search (_ + _)%Q. Check (Qplus_comm). Check Qplus_assoc. cbv [Qminus]. - rewrite <- Qplus_assoc. rewrite (Qplus_comm (-y) y). Search (_ + (-_))%Q. - rewrite Qplus_opp_r. Search (_ + 0)%Q. rewrite Qplus_0_r. reflexivity. + + apply QUtil.add_floor_l_le_ceiling. + + cbv [Qminus]. + rewrite <- Qplus_assoc. rewrite (Qplus_comm (-y) y). + rewrite Qplus_opp_r. rewrite Qplus_0_r. reflexivity. - lia. Qed. @@ -371,7 +367,7 @@ Module dettman_multiplication_mod_ops. Lemma s_small : forall i : nat, (weight (i + n) / weight i) mod s = 0. Proof. intros i. repeat rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). - rewrite <- Z.pow_sub_r. + rewrite <- Z.pow_sub_r; try lia. - rewrite <- s_power_of_2. apply Modulo.Z.mod_same_pow. split. + apply Z.log2_nonneg. + remember (_ * (i + n)%nat)%Q as x. remember (_ * i)%Q as y. @@ -380,7 +376,7 @@ Module dettman_multiplication_mod_ops. rewrite <- inject_Z_opp. rewrite <- inject_Z_plus. replace (Z.of_nat (i + n) + - Z.of_nat i) with (Z.of_nat n) by lia. replace (Z.log2 s) with (Qfloor (inject_Z (Z.log2 s))). - ++ apply Qfloor_resp_le. cbv [Qdiv]. rewrite Qmult_comm. + ++ apply Qfloor_resp_le. rewrite Qmult_comm. apply (Qle_trans _ (inject_Z (n * limbwidth_num / limbwidth_den)))%Z. --- rewrite <- Zle_Qle. apply weight_big. --- cbv [Qdiv]. rewrite Zdiv_Qdiv. @@ -389,12 +385,10 @@ Module dettman_multiplication_mod_ops. +++ rewrite inject_Z_mult. rewrite Qmult_assoc. apply Qle_refl. ++ apply Qfloor_Z. -- apply Qceiling_diff. - - lia. - - split. + - remember limbwidth_good as H eqn:clearMe; clear clearMe. split. + replace 0 with (Qceiling 0) by reflexivity. apply Qceiling_resp_le. apply Qmult_le_0_compat. - -- cbv [Qdiv]. remember limbwidth_good as H eqn:clearMe; clear clearMe. - apply Qmult_le_0_compat. + -- cbv [Qdiv]. apply Qmult_le_0_compat. ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. @@ -402,8 +396,7 @@ Module dettman_multiplication_mod_ops. + apply Qceiling_resp_le. rewrite Qmult_comm. rewrite (Qmult_comm (_ / _)). apply Qmult_le_compat_r. -- rewrite <- Zle_Qle. lia. - -- cbv [Qdiv]. remember limbwidth_good as H eqn:clearMe; clear clearMe. - apply Qmult_le_0_compat. + -- cbv [Qdiv]. apply Qmult_le_0_compat. ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. @@ -425,25 +418,23 @@ Module dettman_multiplication_mod_ops. apply Z.pow_le_mono_r; try lia. rewrite Zle_Qle. cbv [Qdiv]. rewrite <- (Qmult_assoc _ (Qinv _)). rewrite (Qmult_comm (Qinv _)). rewrite Nat2Z.inj_sub; try lia. simpl. cbv [Z.sub]. - rewrite inject_Z_plus. simpl. replace (inject_Z (-1)) with (-(1))%Q by reflexivity. - cbv [Qminus]. rewrite Qmult_inv_r. + rewrite inject_Z_plus. simpl. cbv [Qminus]. rewrite Qmult_inv_r. - rewrite <- inject_Z_plus. rewrite Qmult_1_r. rewrite Qceiling_Z. rewrite <- Zle_Qle. remember (Z.le_log2_up_succ_log2 s). lia. - - replace (-(1))%Q with (inject_Z (-1)) by reflexivity. - replace 0%Q with (inject_Z 0) by reflexivity. rewrite inject_Z_injective. lia. + - replace 0%Q with (inject_Z 0) by reflexivity. rewrite inject_Z_injective. lia. Qed. Lemma weight_lt_width : forall i: nat, (weight i * 2^register_width) mod weight (i + 1)%nat = 0. Proof. intros i. repeat rewrite (ModOps.weight_ZQ_correct _ _ limbwidth_good). + remember limbwidth_good eqn:clearMe; clear clearMe. rewrite <- Z.pow_add_r; try lia. - apply Modulo.Z.mod_same_pow. split. + remember (_ / _ * _)%Q as x. replace 0 with (Qceiling 0%Z) by reflexivity. apply Qceiling_resp_le. subst. replace (inject_Z 0) with 0%Q by reflexivity. cbv [Qdiv]. apply Qmult_le_0_compat. - -- remember limbwidth_good eqn:clearMe; clear clearMe. apply Qmult_le_0_compat. - ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. - lia. + -- apply Qmult_le_0_compat. + ++ replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. ++ apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. @@ -463,10 +454,10 @@ Module dettman_multiplication_mod_ops. ++ apply Qceiling_Z. - replace 0 with (Qceiling 0) by reflexivity. apply Qceiling_resp_le. apply Qmult_le_0_compat. - + cbv [Qdiv]. remember limbwidth_good. apply Qmult_le_0_compat. + + cbv [Qdiv]. apply Qmult_le_0_compat. -- replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. - -- apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. - lia. + -- apply Qinv_le_0_compat. replace 0%Q with (inject_Z 0) by reflexivity. + rewrite <- Zle_Qle. lia. + replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. Qed. From 4450dfaa39bf55669c96f41366eec35d06725c02 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 3 May 2023 16:22:29 -0400 Subject: [PATCH 14/27] Cleaned up PushButtonSynthesis/DettmanMultiplication.v Replaced a bunch of references to (Z.log2_up s) with (Z.log2 s), since (in the dettman_multiplication_mod_ops module) we now stipulate that s is a power of 2. --- src/Arithmetic/DettmanMultiplication.v | 10 +++++----- src/PushButtonSynthesis/DettmanMultiplication.v | 17 ++++++++--------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index 7d0eee0943..b0092ed9a7 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -312,12 +312,12 @@ Module dettman_multiplication_mod_ops. (last_limb_width : nat) (p_nz : s - Associational.eval c <> 0) (n_gteq_4 : (4 <= n)%nat) - (last_limb_width_small : last_limb_width * n <= Z.log2_up s) + (last_limb_width_small : last_limb_width * n <= Z.log2 s) (last_limb_width_big : 1 <= last_limb_width) (s_power_of_2 : 2 ^ (Z.log2 s) = s). - (* I do want to have Z.log2_up s, not Z.log2_up (s - c) below. We want to ensure that weight (n - 1) <= s <= weight limbs *) - Local Notation limbwidth_num' := (Z.log2_up s - last_limb_width). + (* I do want to have Z.log2 s, not Z.log2_up (s - c) below. We want to ensure that weight (n - 1) <= s <= weight limbs *) + Local Notation limbwidth_num' := (Z.log2 s - last_limb_width). Local Notation limbwidth_den' := (n - 1). (* can't use Q here, or else reification doesn't work *) Context @@ -333,7 +333,7 @@ Module dettman_multiplication_mod_ops. Definition mulmod := mulmod s c register_width n weight. Definition squaremod := squaremod s c register_width n weight. - Lemma n_small : n - 1 <= Z.log2_up s - last_limb_width. + Lemma n_small : n - 1 <= Z.log2 s - last_limb_width. Proof. replace (Z.of_nat n) with (Z.of_nat n - 1 + 1) in last_limb_width_small by lia. remember (Z.of_nat n - 1) as n'. @@ -404,7 +404,7 @@ Module dettman_multiplication_mod_ops. Lemma s_gt_0 : 0 < s. assert (H: s <= 0 \/ 0 < s) by lia. destruct H as [H|H]. - - apply Z.log2_up_nonpos in H. lia. + - apply Z.log2_nonpos in H. lia. - assumption. Qed. diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index 8a7f05f321..08a4e0b382 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -112,7 +112,7 @@ Section __. Local Instance no_select_size : no_select_size_opt := no_select_size_of_no_select machine_wordsize. Local Instance split_mul_to : split_mul_to_opt := split_mul_to_of_should_split_mul machine_wordsize possible_values. Local Instance split_multiret_to : split_multiret_to_opt := split_multiret_to_of_should_split_multiret machine_wordsize possible_values. - + (** Note: If you change the name or type signature of this function, you will need to update the code in CLI.v *) Definition check_args {T} (requests : list string) (res : Pipeline.ErrorT T) @@ -122,26 +122,25 @@ Section __. (fun v => (true, v)) [(negb (s - c =? 0), Pipeline.Values_not_provably_distinctZ "s - c <> 0" (s - c) 0) ; (4 <=? n, Pipeline.Value_not_leZ "4 <= n" 3 n) - ; (last_limb_width * n <=? Z.log2_up s, Pipeline.Value_not_leZ "last_limb_width * n <= Z.log2_up s" (last_limb_width * n) (Z.log2_up s)) + ; (last_limb_width * n <=? Z.log2 s, Pipeline.Value_not_leZ "last_limb_width * n <= Z.log2 s" (last_limb_width * n) (Z.log2 s)) ; (1 <=? last_limb_width, Pipeline.Value_not_leZ "1 <= last_limb_width" 1 last_limb_width) ; (2 ^ (Z.log2 s) =? s, Pipeline.Values_not_provably_equalZ "2 ^ (Z.log2 s) = s" (2 ^ Z.log2 s) s) - ; (Z.log2_up s - last_limb_width <=? (Z.to_nat machine_wordsize) * (n - 1), Pipeline.Value_not_leZ "Z.log2_up s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1)" (Z.log2_up s - last_limb_width) (Z.to_nat machine_wordsize * (n - 1))) - ; (Z.log2 s <=? n * (Z.log2_up s - last_limb_width) / (n - 1), Pipeline.Value_not_leZ "Z.log2 s <= n * (Z.log2_up s - last_limb_width) / (n - 1)" (Z.log2 s) (n * (Z.log2_up s - last_limb_width) / (n - 1))) + ; (Z.log2 s - last_limb_width <=? (Z.to_nat machine_wordsize) * (n - 1), Pipeline.Value_not_leZ "Z.log2 s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1)" (Z.log2 s - last_limb_width) (Z.to_nat machine_wordsize * (n - 1))) + ; (Z.log2 s <=? n * (Z.log2 s - last_limb_width) / (n - 1), Pipeline.Value_not_leZ "Z.log2 s <= n * (Z.log2 s - last_limb_width) / (n - 1)" (Z.log2 s) (n * (Z.log2 s - last_limb_width) / (n - 1))) ]) res. Context (requests : list string) (curve_good : check_args requests (Success tt) = Success tt). - (* should probably use limbwidth_num, limbwidth_den to make this less confusing-looking *) Lemma use_curve_good : s - c <> 0 /\ (4 <= n) - /\ last_limb_width * n <= Z.log2_up s + /\ last_limb_width * n <= Z.log2 s /\ 1 <= last_limb_width /\ 2 ^ (Z.log2 s) = s - /\ Z.log2_up s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1) - /\ Z.log2 s <= n * (Z.log2_up s - last_limb_width) / (n - 1). + /\ Z.log2 s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1) + /\ Z.log2 s <= n * (Z.log2 s - last_limb_width) / (n - 1). Proof using curve_good. prepare_use_curve_good (). Qed. Local Notation evalf := (eval weightf n). @@ -157,7 +156,7 @@ Section __. summary correctness) (only parsing, at level 10, summary at next level, correctness at next level). - + Definition mul := Pipeline.BoundsPipeline false (* subst01 *) From 59753ffb2f3da06494f8cf9a0dd2808f0e5be1d9 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 3 May 2023 20:19:49 -0400 Subject: [PATCH 15/27] updated fiat-amd64 with new code from CryptOpt repo --- .../seed0000000081311827_ratio11348.asm | 203 +++++++++++++++ .../seed0000000085598755_ratio14415.asm | 206 +++++++++++++++ .../seed0000000089299041_ratio11830.asm | 205 +++++++++++++++ .../seed0000000167564361_ratio10038.asm | 223 ---------------- .../seed0000000173120506_ratio09924.asm | 220 ---------------- .../seed0000000187885082_ratio10923.asm | 211 ---------------- .../seed0000000207903621_ratio10975.asm | 210 ---------------- .../seed0000000218287519_ratio10697.asm | 212 ---------------- .../seed0000000310070466_ratio10853.asm | 214 ---------------- .../seed0000000315781005_ratio10469.asm | 218 ---------------- .../seed0000000321244957_ratio09782.asm | 219 ---------------- .../seed0000000410279163_ratio10651.asm | 218 ---------------- .../seed0000000414447154_ratio10660.asm | 216 ---------------- .../seed0000000418905233_ratio10632.asm | 218 ---------------- .../seed0000000444700045_ratio13742.asm | 210 ---------------- .../seed0000000448264824_ratio13511.asm | 212 ---------------- .../seed0000000451748095_ratio12970.asm | 209 --------------- .../seed0000000460255063_ratio09429.asm | 218 ---------------- .../seed0000000481627505_ratio09368.asm | 233 ----------------- .../seed0000000489048938_ratio10616.asm | 214 ++++++++++++++++ .../seed0000000535313018_ratio11423.asm | 208 +++++++++++++++ .../seed0000000546819615_ratio11457.asm | 205 +++++++++++++++ .../seed0000000555361062_ratio13085.asm | 211 ---------------- .../seed0000000559080840_ratio13610.asm | 209 --------------- .../seed0000000562633940_ratio13177.asm | 209 --------------- .../seed0000000567549713_ratio11444.asm | 208 +++++++++++++++ .../seed0000000662633942_ratio11215.asm | 221 ---------------- .../seed0000000666944134_ratio11480.asm | 213 ---------------- .../seed0000000772484259_ratio10034.asm | 224 ----------------- .../seed0000000806416557_ratio10790.asm | 216 ---------------- .../seed0000000828129769_ratio12356.asm | 210 ++++++++++++++++ .../seed0000000840064169_ratio13378.asm | 211 ++++++++++++++++ .../seed0000000843851796_ratio10725.asm | 216 ---------------- .../seed0000000868742192_ratio10756.asm | 216 ---------------- .../seed0368642358329107_ratio09662.asm | 232 ----------------- .../seed0840662850038204_ratio12375.asm | 220 ++++++++++++++++ .../seed1731199642428425_ratio09263.asm | 237 ------------------ .../seed3305037213716836_ratio09830.asm | 235 ----------------- .../seed3940186205970135_ratio10721.asm | 229 ----------------- .../seed4089020644677350_ratio09743.asm | 232 ----------------- .../seed0000000028947467_ratio10562.asm | 175 +++++++++++++ .../seed0000000036693438_ratio10222.asm | 170 ------------- .../seed0000000040691228_ratio13621.asm | 163 ++++++++++++ .../seed0000000047110845_ratio10399.asm | 167 ------------ .../seed0000000056257707_ratio10503.asm | 162 ++++++++++++ .../seed0000000063664254_ratio09742.asm | 175 ------------- .../seed0000000112902737_ratio11823.asm | 161 ++++++++++++ .../seed0000000124204574_ratio11848.asm | 160 ++++++++++++ .../seed0000000128593365_ratio10650.asm | 172 +++++++++++++ .../seed0000000164663271_ratio12077.asm | 161 ++++++++++++ .../seed0000000167123146_ratio09249.asm | 173 ------------- .../seed0000000188982661_ratio09261.asm | 177 ------------- .../seed0000000225267441_ratio09530.asm | 174 ------------- .../seed0000000236131603_ratio10227.asm | 186 -------------- .../seed0000000315680831_ratio10448.asm | 167 ------------ .../seed0000000376311432_ratio12018.asm | 164 ------------ .../seed0000000381222304_ratio11625.asm | 169 ------------- .../seed0000000384758604_ratio11428.asm | 167 ------------ .../seed0000000498539251_ratio12252.asm | 167 ------------ .../seed0000000501708072_ratio12114.asm | 167 ------------ .../seed0000000583341977_ratio11387.asm | 175 ------------- .../seed0000000606061798_ratio09932.asm | 177 ------------- .../seed0000000611338417_ratio10317.asm | 170 ------------- .../seed0000000658460606_ratio10113.asm | 167 ------------ .../seed0000000715772546_ratio10136.asm | 168 ------------- .../seed0000000965885279_ratio12004.asm | 160 ++++++++++++ .../seed0083163082569707_ratio10092.asm | 172 ------------- .../seed0230724527438160_ratio10059.asm | 171 ------------- .../seed0238950055575944_ratio08976.asm | 180 ------------- .../seed1170714404961826_ratio09785.asm | 180 ------------- .../seed2596661856072031_ratio10107.asm | 174 ------------- .../seed2625400661231680_ratio11844.asm | 174 ------------- .../seed2716647052398798_ratio11133.asm | 179 ------------- .../seed2811747862207902_ratio11362.asm | 173 ------------- .../seed3093611607776169_ratio09742.asm | 176 ------------- .../seed3353910002713579_ratio10198.asm | 171 ------------- .../seed3939486227538568_ratio09910.asm | 176 +++++++++++++ .../seed4086124786706180_ratio10393.asm | 159 ++++++++++++ .../seed4165422984695448_ratio09805.asm | 181 ------------- .../seed4430124589542693_ratio09814.asm | 183 -------------- 80 files changed, 3739 insertions(+), 11755 deletions(-) create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000081311827_ratio11348.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000085598755_ratio14415.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000089299041_ratio11830.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000167564361_ratio10038.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000173120506_ratio09924.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000187885082_ratio10923.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000207903621_ratio10975.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000218287519_ratio10697.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000310070466_ratio10853.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000315781005_ratio10469.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000321244957_ratio09782.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000410279163_ratio10651.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000414447154_ratio10660.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000418905233_ratio10632.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000444700045_ratio13742.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000448264824_ratio13511.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000451748095_ratio12970.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000460255063_ratio09429.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000481627505_ratio09368.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000489048938_ratio10616.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000535313018_ratio11423.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000546819615_ratio11457.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000555361062_ratio13085.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000559080840_ratio13610.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000562633940_ratio13177.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000567549713_ratio11444.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000662633942_ratio11215.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000666944134_ratio11480.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000772484259_ratio10034.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000806416557_ratio10790.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000828129769_ratio12356.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000840064169_ratio13378.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000843851796_ratio10725.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000868742192_ratio10756.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0368642358329107_ratio09662.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed0840662850038204_ratio12375.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed1731199642428425_ratio09263.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed3305037213716836_ratio09830.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed3940186205970135_ratio10721.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_mul/seed4089020644677350_ratio09743.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000028947467_ratio10562.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000036693438_ratio10222.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000040691228_ratio13621.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000047110845_ratio10399.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000056257707_ratio10503.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000063664254_ratio09742.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000112902737_ratio11823.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000124204574_ratio11848.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000128593365_ratio10650.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000164663271_ratio12077.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000167123146_ratio09249.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000188982661_ratio09261.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000225267441_ratio09530.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000236131603_ratio10227.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000315680831_ratio10448.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000376311432_ratio12018.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000381222304_ratio11625.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000384758604_ratio11428.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000498539251_ratio12252.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000501708072_ratio12114.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000583341977_ratio11387.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000606061798_ratio09932.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000611338417_ratio10317.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000658460606_ratio10113.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000715772546_ratio10136.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0000000965885279_ratio12004.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0083163082569707_ratio10092.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0230724527438160_ratio10059.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed0238950055575944_ratio08976.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed1170714404961826_ratio09785.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed2596661856072031_ratio10107.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed2625400661231680_ratio11844.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed2716647052398798_ratio11133.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed2811747862207902_ratio11362.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed3093611607776169_ratio09742.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed3353910002713579_ratio10198.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed3939486227538568_ratio09910.asm create mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed4086124786706180_ratio10393.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed4165422984695448_ratio09805.asm delete mode 100644 fiat-amd64/fiat_secp256k1_dettman_square/seed4430124589542693_ratio09814.asm diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000081311827_ratio11348.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000081311827_ratio11348.asm new file mode 100644 index 0000000000..9946b9619d --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000081311827_ratio11348.asm @@ -0,0 +1,203 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r11, r10, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r8, rcx, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +xor rdx, rdx +adox rcx, rbp +adox r12, r8 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rbp, r8, [ rax + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +adcx r10, r13 +adcx r14, r11 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r13, r11, [ rax + 0x10 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rsi + 0x0 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +add rcx, r11; could be done better, if r0 has been u8 as well +adcx r13, r12 +add rcx, r15; could be done better, if r0 has been u8 as well +adcx rdi, r13 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r11, r12, r8; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +add r12, rcx; could be done better, if r0 has been u8 as well +adcx rdi, r11 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r13, r15, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +mov rdx, r12; +shrd rdx, rdi, 52; x5 <- x4_1||x4_0 >> 52 +xor r8, r8 +adox r10, r9 +adox rbx, r14 +adcx r10, r15 +adcx r13, rbx +mov r9, rdx; preserving value of x5 into a new reg +mov rdx, [ rsi + 0x0 ]; saving arg1[0] in rdx. +mulx rcx, r14, [ rax + 0x20 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +xor rdx, rdx +adox r10, r14 +adox rcx, r13 +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r11, r8, [ rsi + 0x20 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +adcx r9, r10 +adc rcx, 0x0; add CF to r0's alloc +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r15, rdi, [ rsi + 0x18 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +test al, al +adox r8, rdi +adox r15, r11 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r13, rbx, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r10, r14, rbp; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r11, rbp, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +adcx r14, r9 +adcx rcx, r10 +mov rdx, 0xfffffffffffff ; moving imm to reg +mov r9, r14; +and r9, rdx; x9 <- x7_0&0xfffffffffffff +adox r8, rbx +adox r13, r15 +mov rdi, 0xffffffffffff ; moving imm to reg +mov r15, r9; +and r15, rdi; x11 <- x9&0xffffffffffff +adox r8, rbp +adox r11, r13 +shrd r14, rcx, 52; x8 <- x7_1||x7_0 >> 52 +test al, al +adox r14, r8 +mov rbx, 0x0 ; moving imm to reg +adox r11, rbx +mov r10, r14; +and r10, rdx; x14 <- x12_0&0xfffffffffffff +shl r10, 4; x10027 <- x14<< 4 +shr r9, 48; x10 <- x9>> 48 +lea r10, [ r10 + r9 ] +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx rcx, rbp, [ rsi + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r8, r13, r10; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r10, r9, [ rsi + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rdi, rbx, [ rax + 0x10 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +xor rdx, rdx +adox rbx, r9 +adox r10, rdi +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx rdi, r9, [ rsi + 0x10 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +adcx rbx, r9 +adcx rdi, r10 +shrd r14, r11, 52; x13 <- x12_1||x12_0 >> 52 +add r14, rbx; could be done better, if r0 has been u8 as well +adc rdi, 0x0; add CF to r0's alloc +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r10, r11, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rbx, r9, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x48 ], r15; spilling x11 to mem +mov [ rsp - 0x40 ], rdi; spilling x18_1 to mem +mulx rdi, r15, [ rax + 0x0 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +xor rdx, rdx +adox r11, r9 +adox rbx, r10 +adcx r13, rbp +adcx rcx, r8 +mov rbp, [ rsp - 0x40 ]; load m64 x18_1 to register64 +mov r8, r14; +shrd r8, rbp, 52; x19 <- x18_1||x18_0 >> 52 +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r10, rbp, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, r13; +shrd rdx, rcx, 52; x16 <- x15_1||x15_0 >> 52 +xor r9, r9 +adox rdx, r11 +adox rbx, r9 +mov r11, rdx; preserving value of x10038_0 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mulx r9, rcx, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +adcx r15, rbp +adcx r10, rdi +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx rbp, rdi, [ rsi + 0x20 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +xor rdx, rdx +adox rdi, rcx +adox r9, rbp +adcx r8, rdi +adc r9, 0x0; add CF to r0's alloc +mov rcx, 0xfffffffffffff ; moving imm to reg +and r14, rcx; x20 <- x18_0&0xfffffffffffff +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx rdi, rbp, [ rsi + 0x0 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +adox r15, rbp +adox rdi, r10 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx rbp, r10, r14; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +adcx r10, r11 +adcx rbx, rbp +mov r11, r10; +shrd r11, rbx, 52; x22 <- x21_1||x21_0 >> 52 +and r10, rcx; x23 <- x21_0&0xfffffffffffff +mulx rbp, r14, r8; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +mov r8, 0x1000003d10000 ; moving imm to reg +mov rdx, r9; x25 to rdx +mulx rbx, r9, r8; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +adox r11, r15 +mov rdx, 0x0 ; moving imm to reg +adox rdi, rdx +adcx r14, r11 +adcx rdi, rbp +mov r15, r14; +shrd r15, rdi, 52; x28 <- x27_1||x27_0 >> 52 +mov rbp, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rbp + 0x8 ], r10; out1[1] = x23 +and r12, rcx; x6 <- x4_0&0xfffffffffffff +lea r12, [ r12 + r15 ] +adox r9, r12 +adox rbx, rdx +and r13, rcx; x17 <- x15_0&0xfffffffffffff +mov [ rbp + 0x0 ], r13; out1[0] = x17 +and r14, rcx; x29 <- x27_0&0xfffffffffffff +mov r10, r9; +shrd r10, rbx, 52; x31 <- x30_1||x30_0 >> 52 +mov [ rbp + 0x10 ], r14; out1[2] = x29 +add r10, [ rsp - 0x48 ] +and r9, rcx; x32 <- x30_0&0xfffffffffffff +mov [ rbp + 0x20 ], r10; out1[4] = x33 +mov [ rbp + 0x18 ], r9; out1[3] = x32 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 13th Gen Intel(R) Core(TM) i9-13900KF +; ratio 1.1348 +; seed 2894912397212679 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1205169 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=266, initial num_batches=31): 117178 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09722951718804583 +; number reverted permutation / tried permutation: 103911 / 134966 =76.991% +; number reverted decision / tried decision: 79370 / 135033 =58.778% +; validated in 0.243s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000085598755_ratio14415.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000085598755_ratio14415.asm new file mode 100644 index 0000000000..4e05fc2750 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000085598755_ratio14415.asm @@ -0,0 +1,206 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x0 ]; saving arg2[0] in rdx. +mulx r11, r10, [ rsi + 0x20 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r8, rcx, [ rax + 0x8 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rsi + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +add r10, rcx; could be done better, if r0 has been u8 as well +adcx r8, r11 +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rcx, r11, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rax + 0x0 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +add r13, r11; could be done better, if r0 has been u8 as well +adcx rcx, r14 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r14, r11, [ rax + 0x10 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +test al, al +adox r10, r15 +adox rdi, r8 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r15, r8, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mov [ rsp - 0x48 ], rbx; spilling x10022_1 to mem +mov [ rsp - 0x40 ], r9; spilling x10022_0 to mem +mulx r9, rbx, r12; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +adcx r13, r11 +adcx r14, rcx +xor r12, r12 +adox r13, r8 +adox r15, r14 +mov rcx, 0x1000003d10 ; moving imm to reg +mov rdx, rcx; 0x1000003d10 to rdx +mulx r11, rcx, rbp; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx rbp, r8, [ rsi + 0x18 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r12, r14, [ rax + 0x18 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +adcx r10, r14 +adcx r12, rdi +add rcx, r13; could be done better, if r0 has been u8 as well +adcx r15, r11 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r13, rdi, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +xor rdx, rdx +adox r10, rdi +adox r13, r12 +mov r11, rcx; +shrd r11, r15, 52; x5 <- x4_1||x4_0 >> 52 +add r11, r10; could be done better, if r0 has been u8 as well +adc r13, 0x0; add CF to r0's alloc +test al, al +adox rbx, r11 +adox r13, r9 +mov r9, 0xfffffffffffff ; moving imm to reg +mov r14, rbx; +and r14, r9; x9 <- x7_0&0xfffffffffffff +shrd rbx, r13, 52; x8 <- x7_1||x7_0 >> 52 +mov r12, r14; +shr r12, 48; x10 <- x9>> 48 +mov r15, r8; +xor rdi, rdi +adox r15, [ rsp - 0x40 ] +adox rbp, [ rsp - 0x48 ] +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r10, r8, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r13, r11, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +adcx r15, r8 +adcx r10, rbp +mov rdx, 0xffffffffffff ; moving imm to reg +and r14, rdx; x11 <- x9&0xffffffffffff +adox r15, r11 +adox r13, r10 +adcx rbx, r15 +adc r13, 0x0; add CF to r0's alloc +mov rbp, rbx; +and rbp, r9; x14 <- x12_0&0xfffffffffffff +shrd rbx, r13, 52; x13 <- x12_1||x12_0 >> 52 +shl rbp, 4; x10027 <- x14<< 4 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r11, r8, [ rsi + 0x10 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +lea rbp, [ rbp + r12 ] +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r10, r12, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r13, r15, [ rsi + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +xor rdx, rdx +adox r12, r15 +adox r13, r10 +adcx r12, r8 +adcx r11, r13 +add rbx, r12; could be done better, if r0 has been u8 as well +adc r11, 0x0; add CF to r0's alloc +mov rdi, rbx; +shrd rdi, r11, 52; x19 <- x18_1||x18_0 >> 52 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r10, r8, [ rsi + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r13, r15, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r11, r12, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +test al, al +adox r12, r15 +adox r13, r11 +adcx rdi, r12 +adc r13, 0x0; add CF to r0's alloc +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r11, r15, rbp; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +and rbx, r9; x20 <- x18_0&0xfffffffffffff +adox r15, r8 +adox r10, r11 +mov rbp, 0x1000003d10 ; moving imm to reg +mov rdx, rbx; x20 to rdx +mulx r8, rbx, rbp; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +mov r12, r15; +and r12, r9; x17 <- x15_0&0xfffffffffffff +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r9, r11, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp - 0x38 ], r14; spilling x11 to mem +mulx r14, rbp, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +adox rbp, r11 +adox r9, r14 +mov rdx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rdx + 0x0 ], r12; out1[0] = x17 +shrd r15, r10, 52; x16 <- x15_1||x15_0 >> 52 +xor r10, r10 +adox r15, rbp +adox r9, r10 +adcx rbx, r15 +adcx r9, r8 +mov r8, 0xfffffffffffff ; moving imm to reg +mov r12, rbx; +and r12, r8; x23 <- x21_0&0xfffffffffffff +shrd rbx, r9, 52; x22 <- x21_1||x21_0 >> 52 +mov r11, rdx; preserving value of out1 into a new reg +mov rdx, [ rsi + 0x8 ]; saving arg1[1] in rdx. +mulx rbp, r14, [ rax + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r9, r15, [ rax + 0x0 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +xor rdx, rdx +adox r15, r14 +adox rbp, r9 +mov [ r11 + 0x8 ], r12; out1[1] = x23 +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r12, r10, [ rsi + 0x0 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +adcx r15, r10 +adcx r12, rbp +and rcx, r8; x6 <- x4_0&0xfffffffffffff +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r9, r14, rdi; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +adox rbx, r15 +mov rbp, 0x0 ; moving imm to reg +adox r12, rbp +adcx r14, rbx +adcx r12, r9 +mov rdi, 0x1000003d10000 ; moving imm to reg +mov rdx, r13; x25 to rdx +mulx r10, r13, rdi; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +mov rdx, r14; +shrd rdx, r12, 52; x28 <- x27_1||x27_0 >> 52 +lea rcx, [ rcx + rdx ] +xor r15, r15 +adox r13, rcx +adox r10, r15 +mov rbp, r13; +shrd rbp, r10, 52; x31 <- x30_1||x30_0 >> 52 +add rbp, [ rsp - 0x38 ] +and r14, r8; x29 <- x27_0&0xfffffffffffff +mov [ r11 + 0x10 ], r14; out1[2] = x29 +and r13, r8; x32 <- x30_0&0xfffffffffffff +mov [ r11 + 0x18 ], r13; out1[3] = x32 +mov [ r11 + 0x20 ], rbp; out1[4] = x33 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 13th Gen Intel(R) Core(TM) i9-13900KF +; ratio 1.4415 +; seed 0264257440107563 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1209347 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=304, initial num_batches=31): 118109 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09766344977909566 +; number reverted permutation / tried permutation: 104399 / 134989 =77.339% +; number reverted decision / tried decision: 79910 / 135010 =59.188% +; validated in 0.246s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000089299041_ratio11830.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000089299041_ratio11830.asm new file mode 100644 index 0000000000..cf922825e4 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000089299041_ratio11830.asm @@ -0,0 +1,205 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x0 ]; saving arg2[0] in rdx. +mulx r11, r10, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r8, rcx, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rsi + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, r9; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +test al, al +adox r10, rcx +adox r8, r11 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rcx, r11, [ rax + 0x10 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +adcx r10, r11 +adcx rcx, r8 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r8, r9, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +xor rdx, rdx +adox r10, r9 +adox r8, rcx +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rcx, r11, [ rax + 0x8 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r9, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], r12; spilling x10009_1 to mem +mulx r12, rdi, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +adcx r9, r11 +adcx rcx, r15 +test al, al +adox r9, rdi +adox r12, rcx +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r15, r11, [ rax + 0x10 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx rcx, rdi, rbx; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x40 ], r15; spilling x10043_1 to mem +mulx r15, rbx, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +adcx r13, r10 +adcx r8, r14 +mov rdx, r13; +shrd rdx, r8, 52; x5 <- x4_1||x4_0 >> 52 +xor r14, r14 +adox r9, rbp +adox r12, [ rsp - 0x48 ] +adcx r9, rbx +adcx r15, r12 +add rdx, r9; could be done better, if r0 has been u8 as well +adc r15, 0x0; add CF to r0's alloc +add rdi, rdx; could be done better, if r0 has been u8 as well +adcx r15, rcx +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r10, rbp, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rbx, rcx, [ rax + 0x10 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r12, r8, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r14, r9, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +xor rdx, rdx +adox r8, rcx +adox rbx, r12 +adcx r8, rbp +adcx r10, rbx +mov rbp, rdi; +shrd rbp, r15, 52; x8 <- x7_1||x7_0 >> 52 +xor r15, r15 +adox r8, r9 +adox r14, r10 +adcx rbp, r8 +adc r14, 0x0; add CF to r0's alloc +mov rdx, 0xfffffffffffff ; moving imm to reg +and rdi, rdx; x9 <- x7_0&0xfffffffffffff +mov rcx, rbp; +and rcx, rdx; x14 <- x12_0&0xfffffffffffff +mov r12, rdi; +shr r12, 48; x10 <- x9>> 48 +shl rcx, 4; x10027 <- x14<< 4 +mov r9, 0xffffffffffff ; moving imm to reg +and rdi, r9; x11 <- x9&0xffffffffffff +lea rcx, [ rcx + r12 ] +mov rbx, 0x1000003d1 ; moving imm to reg +mov rdx, rcx; x10028 to rdx +mulx r10, rcx, rbx; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +shrd rbp, r14, 52; x13 <- x12_1||x12_0 >> 52 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r14, r8, [ rax + 0x10 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r15, r12, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r9, rbx, [ rsi + 0x10 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +add r8, r12; could be done better, if r0 has been u8 as well +adcx r15, r14 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r12, r14, [ rax + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +xor rdx, rdx +adox rcx, r14 +adox r12, r10 +mov r10, 0xfffffffffffff ; moving imm to reg +mov r14, rcx; +and r14, r10; x17 <- x15_0&0xfffffffffffff +shrd rcx, r12, 52; x16 <- x15_1||x15_0 >> 52 +test al, al +adox r8, rbx +adox r9, r15 +adcx rbp, r8 +adc r9, 0x0; add CF to r0's alloc +mov rbx, rbp; +shrd rbx, r9, 52; x19 <- x18_1||x18_0 >> 52 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r12, r15, [ rsi + 0x20 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r9, r8, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x38 ], rdi; spilling x11 to mem +mulx rdi, r10, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +xor rdx, rdx +adox r15, r10 +adox rdi, r12 +adcx rbx, r15 +adc rdi, 0x0; add CF to r0's alloc +mov r12, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r12 + 0x0 ], r14; out1[0] = x17 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r10, r14, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +xor rdx, rdx +adox r14, r8 +adox r9, r10 +adcx rcx, r14 +adc r9, 0x0; add CF to r0's alloc +mov r8, 0xfffffffffffff ; moving imm to reg +and rbp, r8; x20 <- x18_0&0xfffffffffffff +mov r15, 0x1000003d10 ; moving imm to reg +mov rdx, rbp; x20 to rdx +mulx r10, rbp, r15; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +adox rbp, rcx +adox r9, r10 +mov r14, rbp; +and r14, r8; x23 <- x21_0&0xfffffffffffff +shrd rbp, r9, 52; x22 <- x21_1||x21_0 >> 52 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r10, rcx, [ rsi + 0x10 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r15, r9, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov [ r12 + 0x8 ], r14; out1[1] = x23 +and r13, r8; x6 <- x4_0&0xfffffffffffff +adox rcx, r9 +adox r15, r10 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r10, r14, rbx; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +adcx rcx, r11 +adcx r15, [ rsp - 0x40 ] +xor r11, r11 +adox rbp, rcx +adox r15, r11 +adcx r14, rbp +adcx r15, r10 +mov r9, r14; +shrd r9, r15, 52; x28 <- x27_1||x27_0 >> 52 +lea r13, [ r13 + r9 ] +mov rbx, 0x1000003d10000 ; moving imm to reg +mov rdx, rdi; x25 to rdx +mulx r10, rdi, rbx; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +and r14, r8; x29 <- x27_0&0xfffffffffffff +adox rdi, r13 +adox r10, r11 +mov rdx, rdi; +and rdx, r8; x32 <- x30_0&0xfffffffffffff +shrd rdi, r10, 52; x31 <- x30_1||x30_0 >> 52 +add rdi, [ rsp - 0x38 ] +mov [ r12 + 0x18 ], rdx; out1[3] = x32 +mov [ r12 + 0x10 ], r14; out1[2] = x29 +mov [ r12 + 0x20 ], rdi; out1[4] = x33 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 13th Gen Intel(R) Core(TM) i9-13900KF +; ratio 1.1830 +; seed 2855002300978685 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1212939 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=368, initial num_batches=31): 118076 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09734702239766385 +; number reverted permutation / tried permutation: 102230 / 134445 =76.039% +; number reverted decision / tried decision: 78953 / 135554 =58.245% +; validated in 0.244s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000167564361_ratio10038.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000167564361_ratio10038.asm deleted file mode 100644 index ab3fcf0595..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000167564361_ratio10038.asm +++ /dev/null @@ -1,223 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 144 -mov rax, rdx -mov rdx, [ rdx + 0x18 ] -mulx r11, r10, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mulx r8, rcx, [ rax + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x48 ], rdi -mov [ rsp - 0x40 ], r15 -mulx r15, rdi, [ rax + 0x18 ] -mov rdx, r9 -shrd rdx, rbx, 52 -mov rbx, rdx -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x38 ], r15 -mov [ rsp - 0x30 ], rdi -mulx rdi, r15, [ rsi + 0x10 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x28 ], r14 -mov [ rsp - 0x20 ], r13 -mulx r13, r14, [ rsi + 0x18 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x18 ], r8 -mov [ rsp - 0x10 ], rcx -mulx rcx, r8, [ rsi + 0x20 ] -test al, al -adox r8, r14 -adox r13, rcx -mov rdx, [ rsi + 0x10 ] -mulx rcx, r14, [ rax + 0x8 ] -adcx rbp, r14 -adcx rcx, r12 -mov rdx, [ rsi + 0x8 ] -mulx r14, r12, [ rax + 0x10 ] -test al, al -adox rbp, r12 -adox r14, rcx -mov rdx, [ rax + 0x18 ] -mulx r12, rcx, [ rsi + 0x8 ] -mov rdx, 0x34 -mov [ rsp - 0x8 ], rbx -bzhi rbx, r9, rdx -mov rdx, [ rsi + 0x0 ] -mov [ rsp + 0x0 ], r14 -mulx r14, r9, [ rax + 0x20 ] -adox r8, r15 -adox rdi, r13 -test al, al -adox r8, rcx -adox r12, rdi -mov rdx, 0x1000003d10 -mulx r13, r15, rbx -adcx rbp, r10 -adcx r11, [ rsp + 0x0 ] -add r15, rbp -adcx r11, r13 -test al, al -adox r8, r9 -adox r14, r12 -mov r10, r15 -shrd r10, r11, 52 -test al, al -adox r10, r8 -mov rcx, 0x0 -adox r14, rcx -mulx r9, rbx, [ rsp - 0x8 ] -adcx rbx, r10 -adcx r14, r9 -mov rdi, rbx -shrd rdi, r14, 52 -mov r12, 0xfffffffffffff -and r15, r12 -mov rdx, [ rax + 0x8 ] -mulx rbp, r13, [ rsi + 0x20 ] -adox r13, [ rsp - 0x10 ] -adox rbp, [ rsp - 0x18 ] -mov rdx, [ rsi + 0x10 ] -mulx r8, r11, [ rax + 0x18 ] -adcx r13, r11 -adcx r8, rbp -mov rdx, [ rsi + 0x8 ] -mulx r9, r10, [ rax + 0x20 ] -test al, al -adox r13, r10 -adox r9, r8 -adcx rdi, r13 -adc r9, 0x0 -mov rdx, [ rax + 0x18 ] -mulx rbp, r14, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, r11, [ rax + 0x10 ] -test al, al -adox r11, r14 -adox rbp, r8 -adcx r11, [ rsp - 0x20 ] -adcx rbp, [ rsp - 0x28 ] -mov rdx, rdi -shrd rdx, r9, 52 -test al, al -adox rdx, r11 -adox rbp, rcx -mov r10, rdx -shrd r10, rbp, 52 -mov r13, rdx -mov rdx, [ rsi + 0x18 ] -mulx r14, r9, [ rax + 0x20 ] -mov rdx, r9 -xor r8, r8 -adox rdx, [ rsp - 0x30 ] -adox r14, [ rsp - 0x38 ] -adcx r10, rdx -adc r14, 0x0 -mov rcx, r10 -and rcx, r12 -and rbx, r12 -mov r11, 0x30 -bzhi rbp, rbx, r11 -and rdi, r12 -shl rdi, 4 -mov rdx, [ rax + 0x8 ] -mulx r8, r9, [ rsi + 0x0 ] -shr rbx, 48 -mov rdx, [ rax + 0x0 ] -mulx r12, r11, [ rsi + 0x0 ] -lea rdi, [ rdi + rbx ] -mov rdx, 0x1000003d1 -mov [ rsp + 0x8 ], rbp -mulx rbp, rbx, rdi -xor rdi, rdi -adox rbx, r11 -adox r12, rbp -shrd r10, r14, 52 -mov rdx, [ rsi + 0x8 ] -mulx r11, r14, [ rax + 0x0 ] -mov rdx, 0x34 -bzhi rbp, rbx, rdx -shrd rbx, r12, 52 -mov r12, [ rsp - 0x50 ] -mov [ r12 + 0x0 ], rbp -xor rbp, rbp -adox r14, r9 -adox r8, r11 -bzhi rdi, r13, rdx -mov r13, 0x1000003d10 -mov rdx, r13 -mulx r9, r13, rdi -adox rbx, r14 -adox r8, rbp -mov rdx, [ rax + 0x10 ] -mulx r14, r11, [ rsi + 0x0 ] -add r13, rbx -adcx r8, r9 -mov rdx, [ rsi + 0x8 ] -mulx r9, rdi, [ rax + 0x8 ] -mov rdx, rdi -test al, al -adox rdx, [ rsp - 0x40 ] -adox r9, [ rsp - 0x48 ] -adcx rdx, r11 -adcx r14, r9 -mov rbx, 0x1000003d10 -xchg rdx, rbx -mulx rdi, r11, rcx -mov rcx, r13 -shrd rcx, r8, 52 -add rcx, rbx -adc r14, 0x0 -add r11, rcx -adcx r14, rdi -mov r8, r11 -shrd r8, r14, 52 -mulx rbx, r9, r10 -lea r15, [ r15 + r8 ] -xor r10, r10 -adox r9, r15 -adox rbx, r10 -mov rbp, 0x34 -bzhi rdi, r9, rbp -shrd r9, rbx, 52 -bzhi rcx, r11, rbp -add r9, [ rsp + 0x8 ] -bzhi r11, r13, rbp -mov [ r12 + 0x20 ], r9 -mov [ r12 + 0x18 ], rdi -mov [ r12 + 0x8 ], r11 -mov [ r12 + 0x10 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 144 -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 1.0038 -; seed 0581699663046300 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1269110 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=184, initial num_batches=31): 88117 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06943212172309729 -; number reverted permutation / tried permutation: 67477 / 90049 =74.934% -; number reverted decision / tried decision: 37309 / 89950 =41.477% -; validated in 0.417s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000173120506_ratio09924.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000173120506_ratio09924.asm deleted file mode 100644 index 32aace703a..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000173120506_ratio09924.asm +++ /dev/null @@ -1,220 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x8 ] -mulx r11, r10, [ rsi + 0x18 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x18 ] -xor rdx, rdx -adox rcx, r13 -adox r14, r8 -mov rdx, [ rsi + 0x8 ] -mulx r13, r8, [ rax + 0x10 ] -adcx rcx, r8 -adcx r13, r14 -mov rdx, [ rsi + 0x0 ] -mulx r8, r14, [ rax + 0x18 ] -mov rdx, r9 -shrd rdx, rbx, 52 -mov rbx, rdx -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x48 ], rdi -mov [ rsp - 0x40 ], r15 -mulx r15, rdi, [ rsi + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x38 ], r15 -mov [ rsp - 0x30 ], rdi -mulx rdi, r15, rbx -mov rbx, 0xfffffffffffff -and r9, rbx -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x28 ], rdi -mulx rdi, rbx, [ rsi + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x20 ], rdi -mov [ rsp - 0x18 ], rbx -mulx rbx, rdi, r9 -adox rcx, r14 -adox r8, r13 -mov rdx, [ rax + 0x0 ] -mulx r14, r13, [ rsi + 0x20 ] -adcx r13, r10 -adcx r11, r14 -test al, al -adox r13, rbp -adox r12, r11 -mov rdx, [ rax + 0x20 ] -mulx rbp, r10, [ rsi + 0x0 ] -mov rdx, [ rax + 0x18 ] -mulx r14, r9, [ rsi + 0x8 ] -adcx rdi, rcx -adcx r8, rbx -test al, al -adox r13, r9 -adox r14, r12 -mov rdx, 0x34 -bzhi rbx, rdi, rdx -shrd rdi, r8, 52 -test al, al -adox r13, r10 -adox rbp, r14 -adcx rdi, r13 -adc rbp, 0x0 -mov rdx, [ rsi + 0x18 ] -mulx r11, rcx, [ rax + 0x10 ] -xor rdx, rdx -adox r15, rdi -adox rbp, [ rsp - 0x28 ] -mov rdx, [ rax + 0x8 ] -mulx r10, r12, [ rsi + 0x20 ] -adcx r12, rcx -adcx r11, r10 -mov rdx, [ rsi + 0x20 ] -mulx r8, r9, [ rax + 0x10 ] -mov rdx, 0xfffffffffffff -mov r14, r15 -and r14, rdx -mov rdx, [ rsi + 0x8 ] -mulx rdi, r13, [ rax + 0x20 ] -adox r12, [ rsp - 0x40 ] -adox r11, [ rsp - 0x48 ] -adcx r12, r13 -adcx rdi, r11 -mov rdx, r14 -shr rdx, 48 -mov rcx, rdx -mov rdx, [ rax + 0x0 ] -mulx r13, r10, [ rsi + 0x0 ] -mov rdx, 0x30 -bzhi r11, r14, rdx -shrd r15, rbp, 52 -mov rdx, [ rsi + 0x18 ] -mulx r14, rbp, [ rax + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x10 ], r11 -mov [ rsp - 0x8 ], rbx -mulx rbx, r11, [ rax + 0x20 ] -xor rdx, rdx -adox r15, r12 -adox rdi, rdx -mov r12, r15 -shrd r12, rdi, 52 -xor rdi, rdi -adox r9, rbp -adox r14, r8 -adcx r9, r11 -adcx rbx, r14 -mov rdx, 0xfffffffffffff -and r15, rdx -shl r15, 4 -mov rdx, [ rsi + 0x18 ] -mulx rbp, r8, [ rax + 0x20 ] -lea r15, [ r15 + rcx ] -mov rdx, 0x1000003d1 -mulx r11, rcx, r15 -add r12, r9 -adc rbx, 0x0 -mov r14, r12 -shrd r14, rbx, 52 -mov r9, r8 -test al, al -adox r9, [ rsp - 0x18 ] -adox rbp, [ rsp - 0x20 ] -adcx rcx, r10 -adcx r13, r11 -test al, al -adox r14, r9 -adox rbp, rdi -mov r10, 0xfffffffffffff -mov r8, rcx -and r8, r10 -mov r15, r14 -shrd r15, rbp, 52 -mov rdx, [ rsi + 0x10 ] -mulx rbx, r11, [ rax + 0x0 ] -and r14, r10 -mov rdx, [ rax + 0x8 ] -mulx rbp, r9, [ rsi + 0x0 ] -mov rdx, [ rax + 0x0 ] -mulx r10, rdi, [ rsi + 0x8 ] -mov rdx, 0xfffffffffffff -and r12, rdx -adox rdi, r9 -adox rbp, r10 -mov rdx, [ rsi + 0x0 ] -mulx r10, r9, [ rax + 0x10 ] -shrd rcx, r13, 52 -xor rdx, rdx -adox r11, [ rsp - 0x30 ] -adox rbx, [ rsp - 0x38 ] -adcx rcx, rdi -adc rbp, 0x0 -test al, al -adox r11, r9 -adox r10, rbx -mov r13, 0x1000003d10 -mov rdx, r13 -mulx rdi, r13, r12 -adcx r13, rcx -adcx rbp, rdi -mov r12, r13 -shrd r12, rbp, 52 -xor r9, r9 -adox r12, r11 -adox r10, r9 -mulx rcx, rbx, r14 -adcx rbx, r12 -adcx r10, rcx -mov r14, 0x34 -bzhi r11, r13, r14 -mov rdi, rbx -shrd rdi, r10, 52 -mov r13, [ rsp - 0x50 ] -mov [ r13 + 0x8 ], r11 -mulx r12, rbp, r15 -add rdi, [ rsp - 0x8 ] -bzhi r15, rbx, r14 -mov [ r13 + 0x10 ], r15 -adox rbp, rdi -adox r12, r9 -mov rcx, rbp -shrd rcx, r12, 52 -bzhi rbx, rbp, r14 -mov [ r13 + 0x0 ], r8 -add rcx, [ rsp - 0x10 ] -mov [ r13 + 0x20 ], rcx -mov [ r13 + 0x18 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 0.9924 -; seed 3553878266742847 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1305849 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=194, initial num_batches=31): 88538 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06780110104613933 -; number reverted permutation / tried permutation: 68123 / 90354 =75.396% -; number reverted decision / tried decision: 37192 / 89645 =41.488% -; validated in 0.39s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000187885082_ratio10923.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000187885082_ratio10923.asm deleted file mode 100644 index 23f7f7b774..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000187885082_ratio10923.asm +++ /dev/null @@ -1,211 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x10 ] -mulx r11, r10, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx r8, rcx, [ rax + 0x0 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x8 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x20 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x8 ] -mov rdx, r13 -shrd rdx, r14, 52 -mov r14, rdx -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], r8 -mov [ rsp - 0x40 ], rcx -mulx rcx, r8, [ rsi + 0x0 ] -test al, al -adox rbp, r15 -adox rdi, r12 -adcx rbp, r10 -adcx r11, rdi -mov rdx, [ rax + 0x18 ] -mulx r12, r10, [ rsi + 0x8 ] -mov rdx, [ rax + 0x8 ] -mulx rdi, r15, [ rsi + 0x10 ] -xor rdx, rdx -adox rbp, r10 -adox r12, r11 -mov rdx, [ rsi + 0x18 ] -mulx r10, r11, [ rax + 0x0 ] -adcx r11, r15 -adcx rdi, r10 -mov rdx, 0xfffffffffffff -and r13, rdx -mov rdx, [ rax + 0x20 ] -mulx r10, r15, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x38 ], rcx -mov [ rsp - 0x30 ], r8 -mulx r8, rcx, [ rax + 0x18 ] -adox r11, r9 -adox rbx, rdi -adcx r11, rcx -adcx r8, rbx -mov rdx, 0x1000003d10 -mulx rdi, r9, r13 -test al, al -adox r9, r11 -adox r8, rdi -mov r13, r9 -shrd r13, r8, 52 -test al, al -adox rbp, r15 -adox r10, r12 -adcx r13, rbp -adc r10, 0x0 -mulx r15, r12, r14 -add r12, r13 -adcx r10, r15 -mov r14, 0x34 -bzhi rcx, r9, r14 -bzhi rbx, r12, r14 -shrd r12, r10, 52 -mov rdx, [ rsi + 0x20 ] -mulx rdi, r11, [ rax + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mulx r8, r9, [ rax + 0x10 ] -add r11, r9 -adcx r8, rdi -mov rdx, [ rsi + 0x10 ] -mulx r13, rbp, [ rax + 0x18 ] -xor rdx, rdx -adox r11, rbp -adox r13, r8 -mov rdx, [ rsi + 0x8 ] -mulx r10, r15, [ rax + 0x20 ] -adcx r11, r15 -adcx r10, r13 -xor rdx, rdx -adox r12, r11 -adox r10, rdx -mov rdi, 0x30 -bzhi r9, rbx, rdi -bzhi r8, r12, r14 -shrd r12, r10, 52 -mov rdx, [ rax + 0x20 ] -mulx r13, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mulx r11, r15, [ rax + 0x20 ] -mov rdx, [ rax + 0x18 ] -mulx rdi, r10, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x28 ], r9 -mulx r9, r14, [ rsi + 0x20 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x20 ], rcx -mov [ rsp - 0x18 ], r11 -mulx r11, rcx, [ rsi + 0x20 ] -shr rbx, 48 -shl r8, 4 -xor rdx, rdx -adox r14, r10 -adox rdi, r9 -adcx r14, rbp -adcx r13, rdi -lea r8, [ r8 + rbx ] -add r12, r14 -adc r13, 0x0 -mov rbp, 0x34 -bzhi r10, r12, rbp -mov rdx, [ rsi + 0x10 ] -mulx rbx, r9, [ rax + 0x0 ] -adox rcx, r15 -adox r11, [ rsp - 0x18 ] -mov rdx, 0x1000003d10 -mulx rdi, r15, r10 -shrd r12, r13, 52 -mov rdx, [ rax + 0x0 ] -mulx r13, r14, [ rsi + 0x0 ] -add r12, rcx -adc r11, 0x0 -mov rdx, 0x1000003d1 -mulx rcx, r10, r8 -test al, al -adox r10, r14 -adox r13, rcx -mov rdx, [ rax + 0x8 ] -mulx r14, r8, [ rsi + 0x0 ] -mov rdx, r8 -adcx rdx, [ rsp - 0x40 ] -adcx r14, [ rsp - 0x48 ] -mov rcx, r10 -shrd rcx, r13, 52 -test al, al -adox rcx, rdx -mov r13, 0x0 -adox r14, r13 -mov rdx, [ rax + 0x8 ] -mulx r13, r8, [ rsi + 0x8 ] -bzhi rdx, r12, rbp -adox r15, rcx -adox r14, rdi -mov rdi, 0x1000003d10 -mulx rbp, rcx, rdi -mov rdx, 0x34 -bzhi rdi, r15, rdx -adox r9, r8 -adox r13, rbx -xor rbx, rbx -adox r9, [ rsp - 0x30 ] -adox r13, [ rsp - 0x38 ] -shrd r15, r14, 52 -test al, al -adox r15, r9 -adox r13, rbx -adcx rcx, r15 -adcx r13, rbp -mov r8, rcx -shrd r8, r13, 52 -add r8, [ rsp - 0x20 ] -shrd r12, r11, 52 -mov r11, 0x1000003d10 -mov rdx, r12 -mulx r14, r12, r11 -xor rbp, rbp -adox r12, r8 -adox r14, rbp -mov rbx, 0x34 -bzhi r9, r12, rbx -shrd r12, r14, 52 -add r12, [ rsp - 0x28 ] -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x20 ], r12 -bzhi r13, r10, rbx -bzhi r10, rcx, rbx -mov [ r15 + 0x8 ], rdi -mov [ r15 + 0x10 ], r10 -mov [ r15 + 0x0 ], r13 -mov [ r15 + 0x18 ], r9 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0923 -; seed 3062198780316455 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 2242656 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=179, initial num_batches=31): 141861 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06325580026539959 -; number reverted permutation / tried permutation: 70698 / 90171 =78.404% -; number reverted decision / tried decision: 52413 / 89828 =58.348% -; validated in 0.519s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000207903621_ratio10975.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000207903621_ratio10975.asm deleted file mode 100644 index 3b7565bf6a..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000207903621_ratio10975.asm +++ /dev/null @@ -1,210 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x20 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x18 ] -mulx r8, rcx, [ rsi + 0x8 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -add r13, r9 -adcx rbx, r14 -mov rdx, [ rax + 0x18 ] -mulx r14, r9, [ rsi + 0x0 ] -test al, al -adox r13, r15 -adox rdi, rbx -mov rdx, [ rsi + 0x0 ] -mulx rbx, r15, [ rax + 0x8 ] -adcx r13, r9 -adcx r14, rdi -mov rdx, [ rsi + 0x10 ] -mulx rdi, r9, [ rax + 0x10 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r15 -mulx r15, rbx, [ rsi + 0x20 ] -test al, al -adox rbx, rbp -adox r12, r15 -adcx rbx, r9 -adcx rdi, r12 -mov rdx, [ rax + 0x20 ] -mulx r9, rbp, [ rsi + 0x0 ] -mov rdx, r10 -shrd rdx, r11, 52 -mov r11, 0x1000003d10 -mulx r12, r15, r11 -add rbx, rcx -adcx r8, rdi -mov rcx, 0xfffffffffffff -and r10, rcx -mov rdx, r11 -mulx rdi, r11, r10 -adox r11, r13 -adox r14, rdi -adcx rbx, rbp -adcx r9, r8 -mov r13, r11 -shrd r13, r14, 52 -mov rdx, [ rsi + 0x18 ] -mulx r8, rbp, [ rax + 0x10 ] -add r13, rbx -adc r9, 0x0 -mov rdx, [ rsi + 0x20 ] -mulx rdi, r10, [ rax + 0x8 ] -xor rdx, rdx -adox r15, r13 -adox r9, r12 -mov rdx, [ rsi + 0x20 ] -mulx r14, r12, [ rax + 0x10 ] -mov rdx, r15 -shrd rdx, r9, 52 -mov rbx, rdx -mov rdx, [ rax + 0x20 ] -mulx r9, r13, [ rsi + 0x8 ] -test al, al -adox r10, rbp -adox r8, rdi -mov rdx, [ rsi + 0x10 ] -mulx rdi, rbp, [ rax + 0x18 ] -adcx r10, rbp -adcx rdi, r8 -and r15, rcx -adox r10, r13 -adox r9, rdi -mov rdx, [ rsi + 0x18 ] -mulx r8, r13, [ rax + 0x18 ] -mov rdx, 0x30 -bzhi rbp, r15, rdx -adox r12, r13 -adox r8, r14 -xor r14, r14 -adox rbx, r10 -adox r9, r14 -mov rdx, [ rsi + 0x10 ] -mulx r10, rdi, [ rax + 0x20 ] -mov rdx, rbx -and rdx, rcx -shl rdx, 4 -shr r15, 48 -lea rdx, [ rdx + r15 ] -shrd rbx, r9, 52 -mov r13, rdx -mov rdx, [ rax + 0x0 ] -mulx r15, r9, [ rsi + 0x8 ] -mov rdx, 0x1000003d1 -mulx rcx, r14, r13 -xor r13, r13 -adox r12, rdi -adox r10, r8 -adcx rbx, r12 -adc r10, 0x0 -mov r8, rbx -shrd r8, r10, 52 -mov rdx, [ rax + 0x0 ] -mulx r12, rdi, [ rsi + 0x0 ] -add r14, rdi -adcx r12, rcx -mov rdx, 0xfffffffffffff -mov rcx, r14 -and rcx, rdx -mov rdx, [ rsi + 0x10 ] -mulx rdi, r10, [ rax + 0x0 ] -shrd r14, r12, 52 -mov rdx, [ rsi + 0x20 ] -mulx r13, r12, [ rax + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x38 ], rcx -mov [ rsp - 0x30 ], rbp -mulx rbp, rcx, [ rax + 0x20 ] -add r12, rcx -adcx rbp, r13 -mov rdx, 0xfffffffffffff -and rbx, rdx -adox r8, r12 -mov r13, 0x0 -adox rbp, r13 -mov rdx, [ rax + 0x8 ] -mulx r12, rcx, [ rsi + 0x8 ] -adcx r10, rcx -adcx r12, rdi -test al, al -adox r9, [ rsp - 0x40 ] -adox r15, [ rsp - 0x48 ] -mov rdx, 0x1000003d10 -mulx rcx, rdi, rbx -adcx r14, r9 -adc r15, 0x0 -add rdi, r14 -adcx r15, rcx -mov rdx, [ rax + 0x10 ] -mulx r9, rbx, [ rsi + 0x0 ] -test al, al -adox r10, rbx -adox r9, r12 -mov rdx, 0x34 -bzhi r12, r8, rdx -bzhi rcx, rdi, rdx -mov r14, [ rsp - 0x50 ] -mov [ r14 + 0x8 ], rcx -mov rbx, 0x1000003d10 -mov rdx, rbx -mulx rcx, rbx, r12 -shrd rdi, r15, 52 -xor r15, r15 -adox rdi, r10 -adox r9, r15 -adcx rbx, rdi -adcx r9, rcx -mov r13, rbx -shrd r13, r9, 52 -mov r10, 0x34 -bzhi r12, r11, r10 -shrd r8, rbp, 52 -bzhi r11, rbx, r10 -lea r12, [ r12 + r13 ] -mulx rcx, rbp, r8 -adox rbp, r12 -adox rcx, r15 -mov rdi, rbp -shrd rdi, rcx, 52 -bzhi rbx, rbp, r10 -mov [ r14 + 0x18 ], rbx -add rdi, [ rsp - 0x30 ] -mov r9, [ rsp - 0x38 ] -mov [ r14 + 0x0 ], r9 -mov [ r14 + 0x20 ], rdi -mov [ r14 + 0x10 ], r11 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0975 -; seed 3669198900705881 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 2174500 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=174, initial num_batches=31): 140731 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06471878592779949 -; number reverted permutation / tried permutation: 71553 / 90056 =79.454% -; number reverted decision / tried decision: 52204 / 89943 =58.041% -; validated in 0.539s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000218287519_ratio10697.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000218287519_ratio10697.asm deleted file mode 100644 index d260056b82..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000218287519_ratio10697.asm +++ /dev/null @@ -1,212 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x10 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x18 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r9 -mulx r9, rbx, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x38 ], r9 -mov r9, rcx -and r9, rdx -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x30 ], rbx -mov [ rsp - 0x28 ], r12 -mulx r12, rbx, [ rsi + 0x18 ] -adox rbx, r10 -adox r11, r12 -adcx rbx, r15 -adcx rdi, r11 -test al, al -adox rbx, r13 -adox r14, rdi -shrd rcx, r8, 52 -mov rdx, [ rsi + 0x20 ] -mulx r8, r10, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mulx r15, r13, [ rax + 0x8 ] -add r10, r13 -adcx r15, r8 -mov rdx, [ rsi + 0x10 ] -mulx r11, r12, [ rax + 0x10 ] -mov rdx, 0x1000003d10 -mulx r8, rdi, r9 -mulx r13, r9, rcx -add rdi, rbx -adcx r14, r8 -add r10, r12 -adcx r11, r15 -mov rdx, [ rsi + 0x8 ] -mulx rcx, rbx, [ rax + 0x18 ] -test al, al -adox r10, rbx -adox rcx, r11 -mov rdx, 0x34 -bzhi r15, rdi, rdx -mov rdx, [ rax + 0x8 ] -mulx r8, r12, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx rbx, r11, [ rsi + 0x18 ] -adox r12, r11 -adox rbx, r8 -mov rdx, [ rsi + 0x10 ] -mulx r11, r8, [ rax + 0x18 ] -test al, al -adox r12, r8 -adox r11, rbx -shrd rdi, r14, 52 -xor rdx, rdx -adox r10, rbp -adox rcx, [ rsp - 0x28 ] -adcx rdi, r10 -adc rcx, 0x0 -mov rdx, [ rax + 0x20 ] -mulx r14, rbp, [ rsi + 0x8 ] -xor rdx, rdx -adox r9, rdi -adox rcx, r13 -mov r13, r9 -shrd r13, rcx, 52 -xor rbx, rbx -adox r12, rbp -adox r14, r11 -adcx r13, r12 -adc r14, 0x0 -mov rdx, r13 -shrd rdx, r14, 52 -mov r8, 0x34 -bzhi r11, r13, r8 -bzhi r10, r9, r8 -mov rdi, r10 -shr rdi, 48 -mov rbp, rdx -mov rdx, [ rsi + 0x18 ] -mulx rcx, r9, [ rax + 0x18 ] -shl r11, 4 -lea r11, [ r11 + rdi ] -mov rdx, 0x1000003d1 -mulx r13, r12, r11 -mov rdx, [ rsi + 0x0 ] -mulx rdi, r14, [ rax + 0x0 ] -test al, al -adox r12, r14 -adox rdi, r13 -mov rdx, [ rsi + 0x20 ] -mulx r13, r11, [ rax + 0x10 ] -adcx r11, r9 -adcx rcx, r13 -mov rdx, [ rsi + 0x10 ] -mulx r14, r9, [ rax + 0x20 ] -xor rdx, rdx -adox r11, r9 -adox r14, rcx -bzhi rbx, r12, r8 -shrd r12, rdi, 52 -xor rdi, rdi -adox rbp, r11 -adox r14, rdi -mov rdx, [ rsp - 0x50 ] -mov [ rdx + 0x0 ], rbx -bzhi r13, rbp, r8 -mov rcx, [ rsp - 0x30 ] -mov r9, rcx -adox r9, [ rsp - 0x40 ] -mov r11, [ rsp - 0x38 ] -adox r11, [ rsp - 0x48 ] -mov rcx, rdx -mov rdx, [ rsi + 0x0 ] -mulx rdi, rbx, [ rax + 0x8 ] -shrd rbp, r14, 52 -xor rdx, rdx -adox rbp, r9 -adox r11, rdx -bzhi r14, rbp, r8 -shrd rbp, r11, 52 -mov rdx, [ rax + 0x0 ] -mulx r11, r9, [ rsi + 0x8 ] -test al, al -adox r9, rbx -adox rdi, r11 -mov rdx, 0x1000003d10 -mulx r11, rbx, r13 -adcx r12, r9 -adc rdi, 0x0 -xor r13, r13 -adox rbx, r12 -adox rdi, r11 -mov rdx, [ rsi + 0x0 ] -mulx r11, r9, [ rax + 0x10 ] -mov rdx, [ rax + 0x0 ] -mulx r13, r12, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx rcx, r8, [ rax + 0x8 ] -adcx r12, r8 -adcx rcx, r13 -xor rdx, rdx -adox r12, r9 -adox r11, rcx -mov r9, rbx -shrd r9, rdi, 52 -xor rdi, rdi -adox r9, r12 -adox r11, rdi -mov rdx, 0x1000003d10 -mulx r8, r13, r14 -adcx r13, r9 -adcx r11, r8 -mov r14, 0x34 -bzhi rcx, r13, r14 -mulx r9, r12, rbp -shrd r13, r11, 52 -lea r15, [ r15 + r13 ] -add r12, r15 -adc r9, 0x0 -bzhi rbp, rbx, r14 -bzhi rbx, r12, r14 -mov r8, [ rsp - 0x50 ] -mov [ r8 + 0x18 ], rbx -mov r11, 0x30 -bzhi r13, r10, r11 -shrd r12, r9, 52 -lea r13, [ r13 + r12 ] -mov [ r8 + 0x20 ], r13 -mov [ r8 + 0x8 ], rbp -mov [ r8 + 0x10 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0697 -; seed 0757023763997057 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 2179788 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=152, initial num_batches=31): 140036 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06424294472673489 -; number reverted permutation / tried permutation: 71202 / 90172 =78.962% -; number reverted decision / tried decision: 52572 / 89827 =58.526% -; validated in 0.593s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000310070466_ratio10853.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000310070466_ratio10853.asm deleted file mode 100644 index 6f348edde4..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000310070466_ratio10853.asm +++ /dev/null @@ -1,214 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x10 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, 0x34 -bzhi r9, rcx, rdx -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rax + 0x10 ] -adox rbx, r10 -adox r11, rbp -mov rdx, [ rsi + 0x0 ] -mulx rbp, r10, [ rax + 0x10 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbp -mulx rbp, rdi, [ rsi + 0x8 ] -shrd rcx, r8, 52 -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x40 ], r10 -mulx r10, r8, [ rax + 0x18 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x38 ], rbp -mov [ rsp - 0x30 ], rdi -mulx rdi, rbp, [ rsi + 0x20 ] -add rbx, r14 -adcx r15, r11 -mov rdx, 0x1000003d10 -mulx r11, r14, r9 -xor r9, r9 -adox rbx, r8 -adox r10, r15 -adcx r14, rbx -adcx r10, r11 -mov r8, r14 -shrd r8, r10, 52 -mov r15, 0xfffffffffffff -and r14, r15 -mov rdx, [ rsi + 0x20 ] -mulx rbx, r11, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mulx r9, r10, [ rsi + 0x18 ] -adox r11, r10 -adox r9, rbx -mov rdx, [ rax + 0x10 ] -mulx r10, rbx, [ rsi + 0x10 ] -adcx r11, rbx -adcx r10, r9 -mov rdx, [ rsi + 0x8 ] -mulx rbx, r9, [ rax + 0x18 ] -xor rdx, rdx -adox r11, r9 -adox rbx, r10 -adcx r11, r12 -adcx r13, rbx -test al, al -adox r8, r11 -adox r13, rdx -mov r12, 0x1000003d10 -mov rdx, rcx -mulx r10, rcx, r12 -adcx rcx, r8 -adcx r13, r10 -mov rdx, [ rsi + 0x10 ] -mulx rbx, r9, [ rax + 0x18 ] -mov rdx, rcx -shrd rdx, r13, 52 -and rcx, r15 -mov r11, rdx -mov rdx, [ rsi + 0x20 ] -mulx r10, r8, [ rax + 0x8 ] -mov rdx, 0xffffffffffff -mov r13, rcx -and r13, rdx -mov rdx, [ rsi + 0x18 ] -mulx r12, r15, [ rax + 0x10 ] -adox r8, r15 -adox r12, r10 -mov rdx, [ rsi + 0x8 ] -mulx r15, r10, [ rax + 0x20 ] -shr rcx, 48 -xor rdx, rdx -adox r8, r9 -adox rbx, r12 -adcx r8, r10 -adcx r15, rbx -add r11, r8 -adc r15, 0x0 -mov rdx, [ rsi + 0x20 ] -mulx r12, r9, [ rax + 0x10 ] -mov rdx, 0x34 -bzhi r10, r11, rdx -mov rdx, [ rax + 0x18 ] -mulx r8, rbx, [ rsi + 0x18 ] -shl r10, 4 -test al, al -adox r9, rbx -adox r8, r12 -mov rdx, [ rsi + 0x10 ] -mulx rbx, r12, [ rax + 0x20 ] -adcx r9, r12 -adcx rbx, r8 -lea r10, [ r10 + rcx ] -shrd r11, r15, 52 -add r11, r9 -adc rbx, 0x0 -mov rdx, [ rsi + 0x18 ] -mulx r15, rcx, [ rax + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mulx r12, r8, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x28 ], r13 -mulx r13, r9, [ rsi + 0x0 ] -xor rdx, rdx -adox rbp, rcx -adox r15, rdi -mov rdi, r11 -shrd rdi, rbx, 52 -mov rbx, 0x1000003d1 -mov rdx, rbx -mulx rcx, rbx, r10 -test al, al -adox r8, [ rsp - 0x30 ] -adox r12, [ rsp - 0x38 ] -adcx rdi, rbp -adc r15, 0x0 -mov rdx, [ rsi + 0x0 ] -mulx rbp, r10, [ rax + 0x0 ] -xor rdx, rdx -adox rbx, r10 -adox rbp, rcx -mov rcx, rbx -shrd rcx, rbp, 52 -mov rdx, [ rsi + 0x8 ] -mulx rbp, r10, [ rax + 0x0 ] -mov rdx, 0x34 -mov [ rsp - 0x20 ], r14 -bzhi r14, r11, rdx -adox r10, r9 -adox r13, rbp -mov r11, 0x1000003d10 -mov rdx, r14 -mulx r9, r14, r11 -xor rbp, rbp -adox rcx, r10 -adox r13, rbp -adcx r14, rcx -adcx r13, r9 -mov rdx, 0x34 -bzhi r10, r14, rdx -bzhi r9, rdi, rdx -adox r8, [ rsp - 0x40 ] -adox r12, [ rsp - 0x48 ] -mov rcx, [ rsp - 0x50 ] -mov [ rcx + 0x8 ], r10 -shrd r14, r13, 52 -test al, al -adox r14, r8 -adox r12, rbp -mov rdx, r9 -mulx r13, r9, r11 -adcx r9, r14 -adcx r12, r13 -shrd rdi, r15, 52 -mov rdx, rdi -mulx r15, rdi, r11 -mov r10, 0xfffffffffffff -mov r8, r9 -and r8, r10 -mov [ rcx + 0x10 ], r8 -shrd r9, r12, 52 -add r9, [ rsp - 0x20 ] -xor r14, r14 -adox rdi, r9 -adox r15, r14 -mov rbp, rdi -and rbp, r10 -shrd rdi, r15, 52 -add rdi, [ rsp - 0x28 ] -mov [ rcx + 0x20 ], rdi -mov [ rcx + 0x18 ], rbp -and rbx, r10 -mov [ rcx + 0x0 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 1.0853 -; seed 2493674894606780 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 989516 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=175, initial num_batches=31): 72166 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07293060445712854 -; number reverted permutation / tried permutation: 68356 / 89776 =76.141% -; number reverted decision / tried decision: 46455 / 90223 =51.489% -; validated in 0.309s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000315781005_ratio10469.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000315781005_ratio10469.asm deleted file mode 100644 index 831c73dc86..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000315781005_ratio10469.asm +++ /dev/null @@ -1,218 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx r11, r10, [ rax + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, rcx -shrd rdx, r8, 52 -mov r8, rdx -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x18 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x48 ], r12 -mov [ rsp - 0x40 ], rbp -mulx rbp, r12, r8 -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x38 ], r11 -mulx r11, r8, [ rsi + 0x18 ] -test al, al -adox r8, r9 -adox rbx, r11 -mov rdx, [ rsi + 0x10 ] -mulx r11, r9, [ rax + 0x0 ] -adcx r9, r15 -adcx rdi, r11 -mov rdx, [ rsi + 0x8 ] -mulx r11, r15, [ rax + 0x10 ] -test al, al -adox r8, r15 -adox r11, rbx -mov rdx, [ rsi + 0x20 ] -mulx r15, rbx, [ rax + 0x0 ] -adcx rbx, r13 -adcx r14, r15 -mov rdx, [ rax + 0x18 ] -mulx r15, r13, [ rsi + 0x0 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x30 ], rdi -mov [ rsp - 0x28 ], r9 -mulx r9, rdi, [ rsi + 0x10 ] -xor rdx, rdx -adox r8, r13 -adox r15, r11 -mov rdx, [ rsi + 0x0 ] -mulx r13, r11, [ rax + 0x20 ] -adcx rbx, rdi -adcx r9, r14 -mov rdx, 0xfffffffffffff -and rcx, rdx -mov r14, 0x1000003d10 -mov rdx, rcx -mulx rdi, rcx, r14 -adox rcx, r8 -adox r15, rdi -mov rdx, [ rsi + 0x8 ] -mulx rdi, r8, [ rax + 0x18 ] -adcx rbx, r8 -adcx rdi, r9 -mov rdx, rcx -shrd rdx, r15, 52 -test al, al -adox rbx, r11 -adox r13, rdi -adcx rdx, rbx -adc r13, 0x0 -add r12, rdx -adcx r13, rbp -mov rdx, [ rax + 0x20 ] -mulx r11, rbp, [ rsi + 0x8 ] -mov rdx, [ rax + 0x10 ] -mulx r15, r9, [ rsi + 0x18 ] -mov rdx, [ rax + 0x8 ] -mulx rdi, r8, [ rsi + 0x20 ] -mov rdx, [ rax + 0x18 ] -mulx r14, rbx, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x20 ], r10 -mov [ rsp - 0x18 ], r13 -mulx r13, r10, [ rax + 0x18 ] -add r8, r9 -adcx r15, rdi -test al, al -adox r8, rbx -adox r14, r15 -adcx r8, rbp -adcx r11, r14 -mov rdx, [ rsp - 0x18 ] -mov rbp, r12 -shrd rbp, rdx, 52 -xor rdx, rdx -adox rbp, r8 -adox r11, rdx -mov r9, rbp -shrd r9, r11, 52 -mov rdx, [ rsi + 0x10 ] -mulx rbx, rdi, [ rax + 0x20 ] -mov rdx, r10 -add rdx, [ rsp - 0x20 ] -adcx r13, [ rsp - 0x38 ] -mov r10, 0xfffffffffffff -and rbp, r10 -adox rdx, rdi -adox rbx, r13 -adcx r9, rdx -adc rbx, 0x0 -and r12, r10 -mov r15, r12 -shr r15, 48 -shl rbp, 4 -lea rbp, [ rbp + r15 ] -mov r14, r9 -shrd r14, rbx, 52 -and r9, r10 -mov rdx, [ rsi + 0x20 ] -mulx r11, r8, [ rax + 0x18 ] -mov rdx, 0x1000003d1 -mulx r13, rdi, rbp -adox rdi, [ rsp - 0x40 ] -adox r13, [ rsp - 0x48 ] -mov rbx, rdi -and rbx, r10 -mov r15, 0xffffffffffff -and r12, r15 -mov rdx, [ rax + 0x20 ] -mulx r15, rbp, [ rsi + 0x18 ] -adox r8, rbp -adox r15, r11 -adcx r14, r8 -adc r15, 0x0 -mov rdx, r14 -shrd rdx, r15, 52 -mov r11, rdx -mov rdx, [ rax + 0x0 ] -mulx r8, rbp, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x0 ] -mulx r10, r15, [ rax + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x10 ], r12 -mov [ rsp - 0x8 ], rbx -mulx rbx, r12, r11 -mov r11, 0xfffffffffffff -and r14, r11 -adox rbp, r15 -adox r10, r8 -shrd rdi, r13, 52 -add rdi, rbp -adc r10, 0x0 -mov rdx, [ rsi + 0x0 ] -mulx r8, r13, [ rax + 0x10 ] -mov rdx, 0x1000003d10 -mulx rbp, r15, r9 -xor r9, r9 -adox r15, rdi -adox r10, rbp -mov rdi, r13 -adcx rdi, [ rsp - 0x28 ] -adcx r8, [ rsp - 0x30 ] -mov r13, r15 -shrd r13, r10, 52 -mulx r10, rbp, r14 -test al, al -adox r13, rdi -adox r8, r9 -adcx rbp, r13 -adcx r8, r10 -and rcx, r11 -mov r14, rbp -shrd r14, r8, 52 -lea rcx, [ rcx + r14 ] -xor rdi, rdi -adox r12, rcx -adox rbx, rdi -and rbp, r11 -mov r9, [ rsp - 0x50 ] -mov [ r9 + 0x10 ], rbp -mov r10, r12 -shrd r10, rbx, 52 -mov r13, [ rsp - 0x8 ] -mov [ r9 + 0x0 ], r13 -add r10, [ rsp - 0x10 ] -mov [ r9 + 0x20 ], r10 -and r15, r11 -and r12, r11 -mov [ r9 + 0x18 ], r12 -mov [ r9 + 0x8 ], r15 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 1.0469 -; seed 3714386728258788 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 993126 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=181, initial num_batches=31): 71864 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07236141234848348 -; number reverted permutation / tried permutation: 69222 / 90159 =76.778% -; number reverted decision / tried decision: 46813 / 89840 =52.107% -; validated in 0.312s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000321244957_ratio09782.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000321244957_ratio09782.asm deleted file mode 100644 index be3f01cce4..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000321244957_ratio09782.asm +++ /dev/null @@ -1,219 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 152 -mov rax, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r10, [ rax + 0x10 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, [ rax + 0x10 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x18 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x48 ], r8 -mov [ rsp - 0x40 ], rcx -mulx rcx, r8, [ rax + 0x20 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x38 ], rdi -mov [ rsp - 0x30 ], r15 -mulx r15, rdi, [ rsi + 0x18 ] -mov rdx, r8 -shrd rdx, rcx, 52 -mov rcx, 0x1000003d10 -mov [ rsp - 0x28 ], r15 -mov [ rsp - 0x20 ], rdi -mulx rdi, r15, rcx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x18 ], rdi -mulx rdi, rcx, [ rax + 0x8 ] -add r9, rcx -adcx rdi, rbx -mov rdx, [ rsi + 0x0 ] -mulx rcx, rbx, [ rax + 0x8 ] -xor rdx, rdx -adox r9, r10 -adox r11, rdi -mov r10, 0xfffffffffffff -and r8, r10 -mov rdi, 0x1000003d10 -mov rdx, rdi -mulx r10, rdi, r8 -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x10 ], rcx -mulx rcx, r8, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x8 ], rbx -mov [ rsp + 0x0 ], r15 -mulx r15, rbx, [ rax + 0x18 ] -adox r8, rbp -adox r12, rcx -adcx r9, rbx -adcx r15, r11 -add rdi, r9 -adcx r15, r10 -mov rdx, [ rsi + 0x0 ] -mulx r11, rbp, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mulx rcx, r10, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mulx r9, rbx, [ rsi + 0x10 ] -xor rdx, rdx -adox r8, rbx -adox r9, r12 -adcx r8, r10 -adcx rcx, r9 -add r8, rbp -adcx r11, rcx -mov r12, rdi -shrd r12, r15, 52 -xor r15, r15 -adox r12, r8 -adox r11, r15 -mov rdx, [ rax + 0x8 ] -mulx r10, rbp, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mulx r9, rbx, [ rax + 0x18 ] -mov rdx, [ rax + 0x18 ] -mulx r8, rcx, [ rsi + 0x10 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp + 0x8 ], r9 -mulx r9, r15, [ rsi + 0x8 ] -adcx rbp, r13 -adcx r14, r10 -mov rdx, r12 -xor r13, r13 -adox rdx, [ rsp + 0x0 ] -adox r11, [ rsp - 0x18 ] -adcx rbp, rcx -adcx r8, r14 -mov r12, 0x34 -bzhi r10, rdx, r12 -mov rcx, 0x30 -bzhi r14, r10, rcx -shrd rdx, r11, 52 -xor r11, r11 -adox rbp, r15 -adox r9, r8 -adcx rdx, rbp -adc r9, 0x0 -bzhi r13, rdx, r12 -mov r15, rdx -mov rdx, [ rsi + 0x0 ] -mulx rbp, r8, [ rax + 0x0 ] -shrd r15, r9, 52 -shl r13, 4 -shr r10, 48 -lea r13, [ r13 + r10 ] -mov rdx, 0x1000003d1 -mulx r10, r9, r13 -xor r13, r13 -adox r9, r8 -adox rbp, r10 -mov rdx, [ rsi + 0x10 ] -mulx r8, r11, [ rax + 0x20 ] -mov rdx, [ rsp - 0x30 ] -adcx rdx, [ rsp - 0x20 ] -mov r10, [ rsp - 0x38 ] -adcx r10, [ rsp - 0x28 ] -mov r13, r9 -shrd r13, rbp, 52 -xor rbp, rbp -adox rdx, r11 -adox r8, r10 -adcx r15, rdx -adc r8, 0x0 -bzhi r11, r15, r12 -shrd r15, r8, 52 -mov rdx, [ rsi + 0x8 ] -mulx r8, r10, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mulx rcx, rbp, [ rax + 0x20 ] -test al, al -adox rbx, rbp -adox rcx, [ rsp + 0x8 ] -adcx r15, rbx -adc rcx, 0x0 -mov rdx, [ rax + 0x0 ] -mulx rbx, rbp, [ rsi + 0x10 ] -bzhi rdx, r15, r12 -shrd r15, rcx, 52 -xor rcx, rcx -adox r10, [ rsp - 0x8 ] -adox r8, [ rsp - 0x10 ] -mov rcx, 0x1000003d10 -xchg rdx, rcx -mov [ rsp + 0x10 ], r14 -mulx r14, r12, r11 -adcx r13, r10 -adc r8, 0x0 -xor r11, r11 -adox r12, r13 -adox r8, r14 -mov r10, 0x34 -bzhi r14, r12, r10 -shrd r12, r8, 52 -mov rdx, [ rsi + 0x8 ] -mulx r8, r13, [ rax + 0x8 ] -xor rdx, rdx -adox rbp, r13 -adox r8, rbx -adcx rbp, [ rsp - 0x40 ] -adcx r8, [ rsp - 0x48 ] -xor r11, r11 -adox r12, rbp -adox r8, r11 -mov rdx, 0x1000003d10 -mulx r13, rbx, rcx -bzhi rcx, rdi, r10 -adox rbx, r12 -adox r8, r13 -mov rdi, rbx -shrd rdi, r8, 52 -bzhi rbp, rbx, r10 -lea rcx, [ rcx + rdi ] -mov r12, [ rsp - 0x50 ] -mov [ r12 + 0x10 ], rbp -mulx rbx, r13, r15 -adox r13, rcx -adox rbx, r11 -mov r15, r13 -shrd r15, rbx, 52 -add r15, [ rsp + 0x10 ] -mov [ r12 + 0x20 ], r15 -bzhi r8, r13, r10 -bzhi rdi, r9, r10 -mov [ r12 + 0x0 ], rdi -mov [ r12 + 0x18 ], r8 -mov [ r12 + 0x8 ], r14 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 152 -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 0.9782 -; seed 2769048008053590 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 999515 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=180, initial num_batches=31): 72471 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07250616549026277 -; number reverted permutation / tried permutation: 68435 / 90226 =75.848% -; number reverted decision / tried decision: 46348 / 89773 =51.628% -; validated in 0.315s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000410279163_ratio10651.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000410279163_ratio10651.asm deleted file mode 100644 index a4c1f27548..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000410279163_ratio10651.asm +++ /dev/null @@ -1,218 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 168 -mov rax, rdx -mov rdx, [ rdx + 0x8 ] -mulx r11, r10, [ rsi + 0x10 ] -mov rdx, [ rax + 0x10 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x8 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x48 ], r12 -mov [ rsp - 0x40 ], rbp -mulx rbp, r12, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x38 ], rbp -mov [ rsp - 0x30 ], r12 -mulx r12, rbp, [ rax + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x28 ], rbx -mov [ rsp - 0x20 ], r9 -mulx r9, rbx, [ rax + 0x0 ] -xor rdx, rdx -adox rbx, r13 -adox r14, r9 -mov r13, rbp -shrd r13, r12, 52 -mov rdx, [ rax + 0x10 ] -mulx r9, r12, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x18 ], r8 -mov [ rsp - 0x10 ], rcx -mulx rcx, r8, [ rax + 0x8 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x8 ], rcx -mov [ rsp + 0x0 ], r8 -mulx r8, rcx, [ rsi + 0x10 ] -xor rdx, rdx -adox rbx, r12 -adox r9, r14 -mov rdx, [ rax + 0x0 ] -mulx r12, r14, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp + 0x8 ], r8 -mov [ rsp + 0x10 ], rcx -mulx rcx, r8, [ rsi + 0x8 ] -adcx r14, r10 -adcx r11, r12 -xor rdx, rdx -adox r14, r8 -adox rcx, r11 -adcx r14, r15 -adcx rdi, rcx -mov r10, 0xfffffffffffff -and rbp, r10 -mov rdx, [ rsi + 0x0 ] -mulx r12, r15, [ rax + 0x20 ] -mov rdx, [ rax + 0x18 ] -mulx r11, r8, [ rsi + 0x8 ] -mov rdx, 0x1000003d10 -mulx r10, rcx, rbp -adox rcx, r14 -adox rdi, r10 -adcx rbx, r8 -adcx r11, r9 -mov r9, 0xfffffffffffff -mov r14, rcx -and r14, r9 -adox rbx, r15 -adox r12, r11 -shrd rcx, rdi, 52 -mulx r15, rbp, r13 -xor r13, r13 -adox rcx, rbx -adox r12, r13 -adcx rbp, rcx -adcx r12, r15 -mov r8, rbp -and r8, r9 -shrd rbp, r12, 52 -mov r10, r8 -shr r10, 48 -mov rdx, [ rax + 0x8 ] -mulx r11, rdi, [ rsi + 0x20 ] -xor rdx, rdx -adox rdi, [ rsp - 0x10 ] -adox r11, [ rsp - 0x18 ] -adcx rdi, [ rsp + 0x10 ] -adcx r11, [ rsp + 0x8 ] -mov rdx, [ rax + 0x10 ] -mulx rbx, r13, [ rsi + 0x20 ] -xor rdx, rdx -adox rdi, [ rsp - 0x20 ] -adox r11, [ rsp - 0x28 ] -mov rdx, [ rsi + 0x18 ] -mulx rcx, r15, [ rax + 0x18 ] -mov rdx, 0x30 -bzhi r12, r8, rdx -adox r13, r15 -adox rcx, rbx -test al, al -adox rbp, rdi -mov r8, 0x0 -adox r11, r8 -mov rbx, rbp -and rbx, r9 -mov rdx, [ rsi + 0x10 ] -mulx r15, rdi, [ rax + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mulx r9, r8, [ rax + 0x18 ] -shl rbx, 4 -lea rbx, [ rbx + r10 ] -add r13, rdi -adcx r15, rcx -shrd rbp, r11, 52 -add rbp, r13 -adc r15, 0x0 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r10, [ rax + 0x20 ] -mov rdx, 0x1000003d1 -mulx rdi, r11, rbx -mov rdx, [ rax + 0x0 ] -mulx r13, rbx, [ rsi + 0x8 ] -add r11, [ rsp - 0x40 ] -adcx rdi, [ rsp - 0x48 ] -mov rdx, 0xfffffffffffff -mov [ rsp + 0x18 ], r12 -mov r12, r11 -and r12, rdx -shrd r11, rdi, 52 -mov rdx, [ rsi + 0x10 ] -mov [ rsp + 0x20 ], r14 -mulx r14, rdi, [ rax + 0x0 ] -add rdi, [ rsp + 0x0 ] -adcx r14, [ rsp - 0x8 ] -xor rdx, rdx -adox r8, r10 -adox rcx, r9 -adcx rbx, [ rsp - 0x30 ] -adcx r13, [ rsp - 0x38 ] -mov r9, rbp -shrd r9, r15, 52 -mov r15, 0xfffffffffffff -and rbp, r15 -adox r9, r8 -adox rcx, rdx -mov rdx, [ rsi + 0x0 ] -mulx r8, r10, [ rax + 0x10 ] -adcx r11, rbx -adc r13, 0x0 -mov rdx, 0x1000003d10 -mulx r15, rbx, rbp -test al, al -adox rbx, r11 -adox r13, r15 -mov rbp, 0x34 -bzhi r11, rbx, rbp -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x8 ], r11 -shrd rbx, r13, 52 -xor r13, r13 -adox rdi, r10 -adox r8, r14 -adcx rbx, rdi -adc r8, 0x0 -mov [ r15 + 0x0 ], r12 -bzhi r12, r9, rbp -mulx r10, r14, r12 -adox r14, rbx -adox r8, r10 -bzhi r11, r14, rbp -shrd r14, r8, 52 -shrd r9, rcx, 52 -add r14, [ rsp + 0x20 ] -mulx rdi, rcx, r9 -xor rbx, rbx -adox rcx, r14 -adox rdi, rbx -mov r13, rcx -shrd r13, rdi, 52 -add r13, [ rsp + 0x18 ] -bzhi r12, rcx, rbp -mov [ r15 + 0x18 ], r12 -mov [ r15 + 0x20 ], r13 -mov [ r15 + 0x10 ], r11 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 168 -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0651 -; seed 4318526519264859 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1445342 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=182, initial num_batches=31): 91038 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06298716843487562 -; number reverted permutation / tried permutation: 70624 / 89934 =78.529% -; number reverted decision / tried decision: 52353 / 90065 =58.128% -; validated in 0.562s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000414447154_ratio10660.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000414447154_ratio10660.asm deleted file mode 100644 index e1941e2c19..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000414447154_ratio10660.asm +++ /dev/null @@ -1,216 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x18 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x8 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x20 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x20 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r9 -mulx r9, rbx, [ rax + 0x0 ] -add r10, r15 -adcx rdi, r11 -mov rdx, [ rsi + 0x18 ] -mulx r15, r11, [ rax + 0x10 ] -add r13, r11 -adcx r15, r14 -test al, al -adox rbx, rcx -adox r8, r9 -mov rdx, [ rsi + 0x10 ] -mulx r14, rcx, [ rax + 0x10 ] -adcx rbx, rcx -adcx r14, r8 -mov rdx, [ rax + 0x18 ] -mulx r11, r9, [ rsi + 0x8 ] -test al, al -adox rbx, r9 -adox r11, r14 -adcx rbx, rbp -adcx r12, r11 -mov rdx, [ rax + 0x8 ] -mulx r8, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mulx r14, rcx, [ rax + 0x20 ] -mov rdx, rcx -shrd rdx, r14, 52 -mov r9, 0x34 -bzhi r11, rcx, r9 -mov rcx, rbp -adox rcx, [ rsp - 0x40 ] -adox r8, [ rsp - 0x48 ] -mov rbp, rdx -mov rdx, [ rsi + 0x0 ] -mulx r9, r14, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x38 ], rdi -mov [ rsp - 0x30 ], r10 -mulx r10, rdi, [ rsi + 0x8 ] -add rcx, rdi -adcx r10, r8 -add rcx, r14 -adcx r9, r10 -mov rdx, 0x1000003d10 -mulx r14, r8, r11 -test al, al -adox r8, rcx -adox r9, r14 -mov r11, r8 -shrd r11, r9, 52 -xor rdi, rdi -adox r11, rbx -adox r12, rdi -mulx r10, rbx, rbp -adcx rbx, r11 -adcx r12, r10 -mov rbp, 0xfffffffffffff -and r8, rbp -mov rdx, [ rax + 0x18 ] -mulx r14, rcx, [ rsi + 0x10 ] -mov rdx, [ rax + 0x20 ] -mulx r11, r9, [ rsi + 0x8 ] -adox r13, rcx -adox r14, r15 -adcx r13, r9 -adcx r11, r14 -mov rdx, rbx -shrd rdx, r12, 52 -xor r15, r15 -adox rdx, r13 -adox r11, r15 -mov rdi, rdx -and rdi, rbp -and rbx, rbp -shl rdi, 4 -mov r10, rbx -shr r10, 48 -mov r12, rdx -mov rdx, [ rsi + 0x8 ] -mulx r9, rcx, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mulx r13, r14, [ rax + 0x8 ] -lea rdi, [ rdi + r10 ] -mov rdx, 0xffffffffffff -and rbx, rdx -adox rcx, r14 -adox r13, r9 -mov rdx, [ rax + 0x18 ] -mulx r9, r10, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mulx r15, r14, [ rax + 0x10 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x28 ], rbx -mulx rbx, rbp, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x20 ], r8 -mov [ rsp - 0x18 ], r13 -mulx r13, r8, [ rax + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x10 ], r13 -mov [ rsp - 0x8 ], r8 -mulx r8, r13, [ rax + 0x20 ] -adcx r14, r10 -adcx r9, r15 -mov rdx, 0x1000003d1 -mulx r15, r10, rdi -test al, al -adox r10, rbp -adox rbx, r15 -mov rdi, 0x34 -bzhi rbp, r10, rdi -shrd r10, rbx, 52 -xor r15, r15 -adox r10, rcx -mov rbx, [ rsp - 0x18 ] -adox rbx, r15 -shrd r12, r11, 52 -mov rdx, [ rax + 0x0 ] -mulx rcx, r11, [ rsi + 0x10 ] -xor rdx, rdx -adox r14, r13 -adox r8, r9 -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x0 ], rbp -mov rdx, [ rsi + 0x0 ] -mulx r9, r13, [ rax + 0x10 ] -adcx r12, r14 -adc r8, 0x0 -bzhi rdx, r12, rdi -mov rbp, 0x1000003d10 -mulx rdi, r14, rbp -shrd r12, r8, 52 -xor r8, r8 -adox r11, [ rsp - 0x8 ] -adox rcx, [ rsp - 0x10 ] -adcx r12, [ rsp - 0x30 ] -mov rdx, [ rsp - 0x38 ] -adc rdx, 0x0 -mov r8, 0x34 -bzhi rbp, r12, r8 -shrd r12, rdx, 52 -xor rdx, rdx -adox r14, r10 -adox rbx, rdi -adcx r11, r13 -adcx r9, rcx -bzhi r10, r14, r8 -shrd r14, rbx, 52 -mov r13, 0x1000003d10 -mov rdx, r13 -mulx rdi, r13, rbp -xor rcx, rcx -adox r14, r11 -adox r9, rcx -adcx r13, r14 -adcx r9, rdi -mov rbp, r13 -shrd rbp, r9, 52 -bzhi rbx, r13, r8 -add rbp, [ rsp - 0x20 ] -mulx rdi, r11, r12 -test al, al -adox r11, rbp -adox rdi, rcx -mov r12, r11 -shrd r12, rdi, 52 -add r12, [ rsp - 0x28 ] -bzhi r14, r11, r8 -mov [ r15 + 0x20 ], r12 -mov [ r15 + 0x18 ], r14 -mov [ r15 + 0x8 ], r10 -mov [ r15 + 0x10 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0660 -; seed 1184052693197515 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1467040 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=182, initial num_batches=31): 91374 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06228460028356418 -; number reverted permutation / tried permutation: 70402 / 90181 =78.067% -; number reverted decision / tried decision: 52292 / 89818 =58.220% -; validated in 0.538s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000418905233_ratio10632.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000418905233_ratio10632.asm deleted file mode 100644 index ad74bf6bb7..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000418905233_ratio10632.asm +++ /dev/null @@ -1,218 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x8 ] -mulx r11, r10, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x0 ] -test al, al -adox r13, r10 -adox r11, r14 -mov rdx, [ rsi + 0x10 ] -mulx r14, r10, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r14 -mov [ rsp - 0x40 ], r10 -mulx r10, r14, [ rax + 0x8 ] -adcx r15, r14 -adcx r10, rdi -mov rdx, 0xfffffffffffff -mov rdi, rcx -and rdi, rdx -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x38 ], rbx -mulx rbx, r14, [ rsi + 0x8 ] -adox r13, r14 -adox rbx, r11 -mov rdx, [ rsi + 0x0 ] -mulx r14, r11, [ rax + 0x18 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x30 ], r9 -mov [ rsp - 0x28 ], r12 -mulx r12, r9, rdi -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x20 ], rbp -mulx rbp, rdi, [ rax + 0x18 ] -adcx r13, r11 -adcx r14, rbx -add r9, r13 -adcx r14, r12 -mov rdx, 0x34 -bzhi rbx, r9, rdx -mov rdx, [ rsi + 0x18 ] -mulx r12, r11, [ rax + 0x10 ] -shrd r9, r14, 52 -mov rdx, [ rsi + 0x10 ] -mulx r14, r13, [ rax + 0x10 ] -test al, al -adox r15, r13 -adox r14, r10 -adcx r15, rdi -adcx rbp, r14 -xor rdx, rdx -adox r15, [ rsp - 0x20 ] -adox rbp, [ rsp - 0x28 ] -adcx r9, r15 -adc rbp, 0x0 -mov r10, r11 -add r10, [ rsp - 0x30 ] -adcx r12, [ rsp - 0x38 ] -mov rdx, [ rsi + 0x10 ] -mulx r11, rdi, [ rax + 0x18 ] -shrd rcx, r8, 52 -mov rdx, 0x1000003d10 -mulx r13, r8, rcx -add r8, r9 -adcx rbp, r13 -add r10, rdi -adcx r11, r12 -mov r14, 0x34 -bzhi r15, r8, r14 -mov r9, r15 -shr r9, 48 -mov rdx, [ rax + 0x10 ] -mulx rdi, r12, [ rsi + 0x20 ] -mov rdx, 0xffffffffffff -and r15, rdx -mov rdx, [ rsi + 0x18 ] -mulx r13, rcx, [ rax + 0x18 ] -adox r12, rcx -adox r13, rdi -mov rdx, [ rsi + 0x10 ] -mulx rcx, rdi, [ rax + 0x20 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x18 ], r15 -mulx r15, r14, [ rsi + 0x18 ] -adcx r12, rdi -adcx rcx, r13 -shrd r8, rbp, 52 -mov rdx, [ rax + 0x20 ] -mulx r13, rbp, [ rsi + 0x8 ] -test al, al -adox r10, rbp -adox r13, r11 -adcx r8, r10 -adc r13, 0x0 -mov rdx, [ rax + 0x18 ] -mulx rdi, r11, [ rsi + 0x20 ] -mov rdx, r8 -shrd rdx, r13, 52 -xor rbp, rbp -adox r11, r14 -adox r15, rdi -adcx rdx, r12 -adc rcx, 0x0 -mov r14, rdx -shrd r14, rcx, 52 -mov r12, 0x34 -bzhi r10, rdx, r12 -adox r14, r11 -adox r15, rbp -mov r13, 0x1000003d10 -mov rdx, r10 -mulx rdi, r10, r13 -mov r11, r14 -shrd r11, r15, 52 -bzhi rcx, r8, r12 -bzhi r8, r14, r12 -shl rcx, 4 -mov rdx, r8 -mulx r14, r8, r13 -mov rdx, [ rax + 0x0 ] -mulx rbp, r15, [ rsi + 0x8 ] -lea rcx, [ rcx + r9 ] -mov rdx, 0x1000003d1 -mulx r12, r9, rcx -mov rdx, [ rax + 0x8 ] -mulx r13, rcx, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x10 ], rbx -mov [ rsp - 0x8 ], r11 -mulx r11, rbx, [ rax + 0x0 ] -test al, al -adox r9, rbx -adox r11, r12 -mov rdx, 0x34 -bzhi r12, r9, rdx -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x0 ], r12 -shrd r9, r11, 52 -xor r11, r11 -adox r15, rcx -adox r13, rbp -adcx r9, r15 -adc r13, 0x0 -mov rdx, [ rsi + 0x8 ] -mulx rcx, rbp, [ rax + 0x8 ] -mov rdx, rbp -test al, al -adox rdx, [ rsp - 0x40 ] -adox rcx, [ rsp - 0x48 ] -mov r12, rdx -mov rdx, [ rax + 0x10 ] -mulx rbp, r15, [ rsi + 0x0 ] -adcx r10, r9 -adcx r13, rdi -add r12, r15 -adcx rbp, rcx -mov rdx, r10 -shrd rdx, r13, 52 -xor rdi, rdi -adox rdx, r12 -adox rbp, rdi -adcx r8, rdx -adcx rbp, r14 -mov r11, r8 -shrd r11, rbp, 52 -mov r14, 0x34 -bzhi r9, r8, r14 -mov rcx, 0x1000003d10 -mov rdx, rcx -mulx r15, rcx, [ rsp - 0x8 ] -add r11, [ rsp - 0x10 ] -xor r13, r13 -adox rcx, r11 -adox r15, r13 -mov rdi, rcx -shrd rdi, r15, 52 -bzhi r12, r10, r14 -mov [ rbx + 0x8 ], r12 -bzhi r10, rcx, r14 -mov [ rbx + 0x18 ], r10 -add rdi, [ rsp - 0x18 ] -mov [ rbx + 0x10 ], r9 -mov [ rbx + 0x20 ], rdi -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0632 -; seed 0800742874428658 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1417083 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=177, initial num_batches=31): 90849 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06410986512434345 -; number reverted permutation / tried permutation: 71428 / 89979 =79.383% -; number reverted decision / tried decision: 52316 / 90020 =58.116% -; validated in 0.559s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000444700045_ratio13742.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000444700045_ratio13742.asm deleted file mode 100644 index 010ba12c7d..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000444700045_ratio13742.asm +++ /dev/null @@ -1,210 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x0 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -xor rdx, rdx -adox rcx, r9 -adox rbx, r8 -mov rdx, [ rsi + 0x8 ] -mulx r9, r8, [ rax + 0x10 ] -adcx rcx, r8 -adcx r9, rbx -mov rdx, [ rsi + 0x0 ] -mulx r8, rbx, [ rax + 0x18 ] -test al, al -adox rcx, rbx -adox r8, r9 -mov rdx, [ rsi + 0x20 ] -mulx rbx, r9, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x78 ], rbp -mov rbp, r9 -and rbp, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, [ rax + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, rbp -adox r14, rcx -adox r8, r15 -adcx r10, r12 -adcx r13, r11 -mov rdx, [ rax + 0x10 ] -mulx rcx, r11, [ rsi + 0x10 ] -mov rdx, r14 -shrd rdx, r8, 52 -xor rbp, rbp -adox r10, r11 -adox rcx, r13 -mov r12, rdx -mov rdx, [ rax + 0x18 ] -mulx r8, r15, [ rsi + 0x8 ] -mov rdx, [ rax + 0x20 ] -mulx r11, r13, [ rsi + 0x0 ] -adcx r10, r15 -adcx r8, rcx -xor rdx, rdx -adox r10, r13 -adox r11, r8 -shrd r9, rbx, 52 -xor rbp, rbp -adox r12, r10 -adox r11, rbp -mov rdx, 0x1000003d10 -mulx rcx, rbx, r9 -mov rdx, [ rax + 0x8 ] -mulx r13, r15, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx r10, r8, [ rax + 0x10 ] -adcx rbx, r12 -adcx r11, rcx -mov rdx, 0xfffffffffffff -mov r9, rbx -and r9, rdx -adox r15, r8 -adox r10, r13 -mov rdx, [ rsi + 0x10 ] -mulx rcx, r12, [ rax + 0x18 ] -adcx r15, r12 -adcx rcx, r10 -mov rdx, [ rax + 0x20 ] -mulx r8, r13, [ rsi + 0x8 ] -add r15, r13 -adcx r8, rcx -mov rdx, 0xffffffffffff -mov r10, r9 -and r10, rdx -shrd rbx, r11, 52 -mov rdx, [ rsi + 0x20 ] -mulx r12, r11, [ rax + 0x10 ] -xor rdx, rdx -adox rbx, r15 -adox r8, rdx -mov rbp, 0xfffffffffffff -mov rcx, rbx -and rcx, rbp -shl rcx, 4 -shrd rbx, r8, 52 -mov rdx, [ rsi + 0x18 ] -mulx r15, r13, [ rax + 0x18 ] -test al, al -adox r11, r13 -adox r15, r12 -mov rdx, [ rsi + 0x10 ] -mulx r8, r12, [ rax + 0x20 ] -adcx r11, r12 -adcx r8, r15 -xor rdx, rdx -adox rbx, r11 -adox r8, rdx -shr r9, 48 -mov r13, rbx -shrd r13, r8, 52 -lea rcx, [ rcx + r9 ] -mov rdx, [ rax + 0x0 ] -mulx r12, r15, [ rsi + 0x0 ] -mov rdx, 0x1000003d1 -mulx r8, r11, rcx -xor r9, r9 -adox r11, r15 -adox r12, r8 -mov rcx, r11 -shrd rcx, r12, 52 -and r11, rbp -mov rdx, [ rsi + 0x10 ] -mulx r8, r15, [ rax + 0x0 ] -mov [ rdi + 0x0 ], r11 -mov rdx, [ rsi + 0x18 ] -mulx r11, r12, [ rax + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mulx rbp, r9, [ rax + 0x18 ] -adox r9, r12 -adox r11, rbp -mov rdx, [ rax + 0x8 ] -mulx rbp, r12, [ rsi + 0x8 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r10 -mulx r10, rdi, [ rsi + 0x8 ] -adcx r13, r9 -adc r11, 0x0 -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x40 ], r11 -mulx r11, r9, [ rsi + 0x0 ] -xor rdx, rdx -adox rdi, r9 -adox r11, r10 -mov rdx, [ rsi + 0x0 ] -mulx r9, r10, [ rax + 0x10 ] -adcx r15, r12 -adcx rbp, r8 -xor rdx, rdx -adox r15, r10 -adox r9, rbp -mov r8, 0xfffffffffffff -and rbx, r8 -adox rcx, rdi -adox r11, rdx -mov r12, 0x1000003d10 -mov rdx, r12 -mulx rdi, r12, rbx -adcx r12, rcx -adcx r11, rdi -mov r10, r12 -shrd r10, r11, 52 -and r12, r8 -mov rbp, [ rsp - 0x50 ] -mov [ rbp + 0x8 ], r12 -mov rbx, r13 -and rbx, r8 -mulx rdi, rcx, rbx -adox r10, r15 -mov r11, 0x0 -adox r9, r11 -adcx rcx, r10 -adcx r9, rdi -mov r15, rcx -and r15, r8 -mov [ rbp + 0x10 ], r15 -shrd rcx, r9, 52 -and r14, r8 -mov r12, [ rsp - 0x40 ] -shrd r13, r12, 52 -lea r14, [ r14 + rcx ] -mulx rbx, r12, r13 -add r12, r14 -adc rbx, 0x0 -mov rdi, r12 -shrd rdi, rbx, 52 -add rdi, [ rsp - 0x48 ] -and r12, r8 -mov [ rbp + 0x18 ], r12 -mov [ rbp + 0x20 ], rdi -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.3742 -; seed 3816970892045614 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 829187 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=307, initial num_batches=31): 79827 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09627140801773303 -; number reverted permutation / tried permutation: 72820 / 90532 =80.436% -; number reverted decision / tried decision: 52762 / 89467 =58.974% -; validated in 0.248s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000448264824_ratio13511.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000448264824_ratio13511.asm deleted file mode 100644 index 67671371c3..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000448264824_ratio13511.asm +++ /dev/null @@ -1,212 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r10, [ rax + 0x10 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x8 ] -test al, al -adox rbp, r13 -adox r14, r12 -adcx rcx, r9 -adcx rbx, r8 -mov rdx, [ rax + 0x10 ] -mulx r9, r8, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mulx r13, r12, [ rax + 0x20 ] -test al, al -adox rbp, r10 -adox r11, r14 -mov rdx, [ rax + 0x18 ] -mulx r14, r10, [ rsi + 0x0 ] -adcx rbp, r10 -adcx r14, r11 -mov rdx, 0xfffffffffffff -mov r11, r12 -and r11, rdx -mov r10, 0x1000003d10 -mov rdx, r10 -mov [ rsp - 0x58 ], r15 -mulx r15, r10, r11 -adox r10, rbp -adox r14, r15 -mov rbp, r10 -shrd rbp, r14, 52 -mov rdx, [ rsi + 0x8 ] -mulx r15, r11, [ rax + 0x18 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x50 ], rdi -mulx rdi, r14, [ rsi + 0x0 ] -shrd r12, r13, 52 -test al, al -adox rcx, r8 -adox r9, rbx -adcx rcx, r11 -adcx r15, r9 -xor rdx, rdx -adox rcx, r14 -adox rdi, r15 -adcx rbp, rcx -adc rdi, 0x0 -mov rbx, 0x1000003d10 -mov rdx, rbx -mulx r8, rbx, r12 -xor r13, r13 -adox rbx, rbp -adox rdi, r8 -mov r11, 0xfffffffffffff -mov r14, rbx -and r14, r11 -shrd rbx, rdi, 52 -mov r12, r14 -shr r12, 48 -mov rdx, [ rax + 0x8 ] -mulx r15, r9, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx rbp, rcx, [ rsi + 0x18 ] -add r9, rcx -adcx rbp, r15 -mov rdx, [ rax + 0x18 ] -mulx rdi, r8, [ rsi + 0x10 ] -xor rdx, rdx -adox r9, r8 -adox rdi, rbp -mov rdx, [ rax + 0x20 ] -mulx r15, r13, [ rsi + 0x8 ] -adcx r9, r13 -adcx r15, rdi -add rbx, r9 -adc r15, 0x0 -mov rdx, rbx -shrd rdx, r15, 52 -mov rcx, rdx -mov rdx, [ rsi + 0x20 ] -mulx r8, rbp, [ rax + 0x10 ] -mov rdx, [ rax + 0x20 ] -mulx r13, rdi, [ rsi + 0x10 ] -mov rdx, [ rax + 0x18 ] -mulx r15, r9, [ rsi + 0x18 ] -and rbx, r11 -shl rbx, 4 -lea rbx, [ rbx + r12 ] -mov rdx, [ rsi + 0x0 ] -mulx r11, r12, [ rax + 0x0 ] -mov rdx, 0xffffffffffff -and r14, rdx -adox rbp, r9 -adox r15, r8 -mov r8, 0x1000003d1 -mov rdx, r8 -mulx r9, r8, rbx -adcx r8, r12 -adcx r11, r9 -mov rdx, [ rsi + 0x20 ] -mulx r12, rbx, [ rax + 0x18 ] -mov rdx, r8 -shrd rdx, r11, 52 -test al, al -adox rbp, rdi -adox r13, r15 -mov rdi, rdx -mov rdx, [ rax + 0x20 ] -mulx r9, r15, [ rsi + 0x18 ] -adcx rcx, rbp -adc r13, 0x0 -mov rdx, 0xfffffffffffff -mov r11, rcx -and r11, rdx -adox rbx, r15 -adox r9, r12 -mov rdx, [ rax + 0x10 ] -mulx rbp, r12, [ rsi + 0x0 ] -shrd rcx, r13, 52 -xor rdx, rdx -adox rcx, rbx -adox r9, rdx -mov rdx, [ rsi + 0x8 ] -mulx r13, r15, [ rax + 0x0 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x48 ], r14 -mulx r14, rbx, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x40 ], rbp -mov [ rsp - 0x38 ], r12 -mulx r12, rbp, [ rax + 0x8 ] -adcx r15, rbp -adcx r12, r13 -mov rdx, [ rax + 0x8 ] -mulx rbp, r13, [ rsi + 0x8 ] -xor rdx, rdx -adox rbx, r13 -adox rbp, r14 -adcx rdi, r15 -adc r12, 0x0 -mov r14, 0x1000003d10 -mov rdx, r14 -mulx r15, r14, r11 -xor r11, r11 -adox r14, rdi -adox r12, r15 -mov r13, 0xfffffffffffff -mov rdi, r14 -and rdi, r13 -shrd r14, r12, 52 -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x8 ], rdi -mov r12, rcx -and r12, r13 -adox rbx, [ rsp - 0x38 ] -adox rbp, [ rsp - 0x40 ] -adcx r14, rbx -adc rbp, 0x0 -and r10, r13 -mulx rbx, rdi, r12 -adox rdi, r14 -adox rbp, rbx -mov r12, rdi -shrd r12, rbp, 52 -shrd rcx, r9, 52 -lea r10, [ r10 + r12 ] -and rdi, r13 -mulx r14, r9, rcx -mov [ r15 + 0x10 ], rdi -adox r9, r10 -adox r14, r11 -mov rbx, r9 -and rbx, r13 -and r8, r13 -shrd r9, r14, 52 -mov [ r15 + 0x18 ], rbx -add r9, [ rsp - 0x48 ] -mov [ r15 + 0x20 ], r9 -mov [ r15 + 0x0 ], r8 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.3511 -; seed 2953724408234328 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 814057 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=307, initial num_batches=31): 80371 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09872895878298449 -; number reverted permutation / tried permutation: 72174 / 89915 =80.269% -; number reverted decision / tried decision: 52844 / 90084 =58.661% -; validated in 0.25s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000451748095_ratio12970.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000451748095_ratio12970.asm deleted file mode 100644 index 26a24677a3..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000451748095_ratio12970.asm +++ /dev/null @@ -1,209 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x10 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rax + 0x10 ] -mulx r8, rcx, [ rsi + 0x8 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x18 ] -xor rdx, rdx -adox rbp, r10 -adox r11, r12 -mov rdx, [ rax + 0x18 ] -mulx r12, r10, [ rsi + 0x8 ] -adcx rbp, rcx -adcx r8, r11 -mov rdx, [ rax + 0x18 ] -mulx r11, rcx, [ rsi + 0x0 ] -add rbp, rcx -adcx r11, r8 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r8, [ rax + 0x8 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x68 ], r13 -mov r13, r9 -and r13, rdx -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rsi + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r12 -mulx r12, rdi, r13 -adox rdi, rbp -adox r11, r12 -mov rbp, rdi -shrd rbp, r11, 52 -add r14, r8 -adcx rcx, r15 -mov rdx, [ rax + 0x10 ] -mulx r13, r8, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x0 ] -mulx r12, r15, [ rax + 0x20 ] -test al, al -adox r14, r8 -adox r13, rcx -adcx r14, r10 -adcx r13, [ rsp - 0x48 ] -test al, al -adox r14, r15 -adox r12, r13 -adcx rbp, r14 -adc r12, 0x0 -shrd r9, rbx, 52 -mov rdx, 0x1000003d10 -mulx r10, rbx, r9 -add rbx, rbp -adcx r12, r10 -mov r11, rbx -shrd r11, r12, 52 -mov rdx, [ rsi + 0x18 ] -mulx r8, rcx, [ rax + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx r13, r15, [ rax + 0x20 ] -mov rdx, [ rax + 0x8 ] -mulx rbp, r14, [ rsi + 0x20 ] -test al, al -adox r14, rcx -adox r8, rbp -mov rdx, [ rax + 0x18 ] -mulx r10, r9, [ rsi + 0x10 ] -adcx r14, r9 -adcx r10, r8 -add r14, r15 -adcx r13, r10 -mov rdx, [ rax + 0x18 ] -mulx rcx, r12, [ rsi + 0x18 ] -xor rdx, rdx -adox r11, r14 -adox r13, rdx -mov r15, 0xfffffffffffff -mov rbp, r11 -and rbp, r15 -mov rdx, [ rax + 0x10 ] -mulx r9, r8, [ rsi + 0x20 ] -shl rbp, 4 -and rbx, r15 -adox r8, r12 -adox rcx, r9 -mov rdx, 0xffffffffffff -mov r10, rbx -and r10, rdx -mov rdx, [ rsi + 0x10 ] -mulx r12, r14, [ rax + 0x20 ] -shr rbx, 48 -lea rbp, [ rbp + rbx ] -mov rdx, 0x1000003d1 -mulx rbx, r9, rbp -mov rdx, [ rax + 0x8 ] -mulx r15, rbp, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x40 ], r10 -mov [ rsp - 0x38 ], r15 -mulx r15, r10, [ rax + 0x0 ] -shrd r11, r13, 52 -test al, al -adox r8, r14 -adox r12, rcx -adcx r11, r8 -adc r12, 0x0 -mov rdx, r11 -shrd rdx, r12, 52 -add r9, r10 -adcx r15, rbx -mov r13, r9 -shrd r13, r15, 52 -mov rcx, 0xfffffffffffff -and r11, rcx -mov r14, rdx -mov rdx, [ rax + 0x18 ] -mulx r10, rbx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx r12, r8, [ rax + 0x20 ] -adox rbx, r8 -adox r12, r10 -adcx r14, rbx -adc r12, 0x0 -mov rdx, [ rsi + 0x8 ] -mulx r10, r15, [ rax + 0x0 ] -mov rdx, 0x1000003d10 -mulx rbx, r8, r11 -mov r11, r14 -shrd r11, r12, 52 -xor r12, r12 -adox r15, rbp -adox r10, [ rsp - 0x38 ] -adcx r13, r15 -adc r10, 0x0 -add r8, r13 -adcx r10, rbx -mov rdx, [ rax + 0x0 ] -mulx rbx, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx r13, r15, [ rax + 0x8 ] -mov rdx, [ rax + 0x10 ] -mulx rcx, r12, [ rsi + 0x0 ] -xor rdx, rdx -adox rbp, r15 -adox r13, rbx -mov rbx, r8 -shrd rbx, r10, 52 -test al, al -adox rbp, r12 -adox rcx, r13 -adcx rbx, rbp -adc rcx, 0x0 -mov r10, 0xfffffffffffff -and r14, r10 -mov r15, 0x1000003d10 -mov rdx, r15 -mulx r12, r15, r14 -adox r15, rbx -adox rcx, r12 -mov r13, r15 -shrd r13, rcx, 52 -and r15, r10 -and rdi, r10 -lea rdi, [ rdi + r13 ] -mov rbp, [ rsp - 0x50 ] -mov [ rbp + 0x10 ], r15 -mulx r14, rbx, r11 -adox rbx, rdi -mov r11, 0x0 -adox r14, r11 -mov r12, rbx -shrd r12, r14, 52 -add r12, [ rsp - 0x40 ] -and r9, r10 -mov [ rbp + 0x0 ], r9 -and r8, r10 -and rbx, r10 -mov [ rbp + 0x8 ], r8 -mov [ rbp + 0x20 ], r12 -mov [ rbp + 0x18 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.2970 -; seed 1264522544272874 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 837498 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=325, initial num_batches=31): 80113 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.0956575418687567 -; number reverted permutation / tried permutation: 73615 / 89948 =81.842% -; number reverted decision / tried decision: 53670 / 90051 =59.600% -; validated in 0.248s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000460255063_ratio09429.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000460255063_ratio09429.asm deleted file mode 100644 index 2b88b6978b..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000460255063_ratio09429.asm +++ /dev/null @@ -1,218 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x20 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx r8, rcx, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x18 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x10 ] -mov rdx, 0x34 -mov [ rsp - 0x58 ], r15 -bzhi r15, r10, rdx -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbx -mulx rbx, rdi, [ rsi + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x40 ], r9 -mov [ rsp - 0x38 ], r8 -mulx r8, r9, r15 -adox rbp, r13 -adox r14, r12 -mov rdx, [ rsi + 0x0 ] -mulx r13, r12, [ rax + 0x10 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x30 ], r13 -mulx r13, r15, [ rax + 0x18 ] -test al, al -adox rbp, rdi -adox rbx, r14 -adcx rbp, r15 -adcx r13, rbx -mov rdx, [ rax + 0x8 ] -mulx r14, rdi, [ rsi + 0x18 ] -test al, al -adox r9, rbp -adox r13, r8 -mov rdx, [ rax + 0x0 ] -mulx r15, r8, [ rsi + 0x20 ] -adcx r8, rdi -adcx r14, r15 -mov rdx, r9 -shrd rdx, r13, 52 -mov rbx, rdx -mov rdx, [ rsi + 0x8 ] -mulx rdi, rbp, [ rax + 0x18 ] -xor rdx, rdx -adox r8, rcx -adox r14, [ rsp - 0x38 ] -adcx r8, rbp -adcx rdi, r14 -mov rdx, [ rsi + 0x0 ] -mulx r13, rcx, [ rax + 0x20 ] -xor rdx, rdx -adox r8, rcx -adox r13, rdi -adcx rbx, r8 -adc r13, 0x0 -shrd r10, r11, 52 -mov r11, 0x1000003d10 -mov rdx, r10 -mulx r15, r10, r11 -mov rdx, [ rax + 0x8 ] -mulx r14, rbp, [ rsi + 0x8 ] -test al, al -adox r10, rbx -adox r13, r15 -mov rdx, [ rsi + 0x18 ] -mulx rcx, rdi, [ rax + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mulx rbx, r8, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mulx r11, r15, [ rax + 0x8 ] -adcx r15, rdi -adcx rcx, r11 -mov rdx, [ rax + 0x18 ] -mulx r11, rdi, [ rsi + 0x10 ] -mov rdx, r10 -shrd rdx, r13, 52 -add r15, rdi -adcx r11, rcx -mov r13, rdx -mov rdx, [ rax + 0x20 ] -mulx rdi, rcx, [ rsi + 0x8 ] -xor rdx, rdx -adox r15, rcx -adox rdi, r11 -adcx r13, r15 -adc rdi, 0x0 -add r8, rbp -adcx r14, rbx -mov rdx, [ rax + 0x18 ] -mulx rbx, rbp, [ rsi + 0x20 ] -mov rdx, [ rax + 0x18 ] -mulx rcx, r11, [ rsi + 0x18 ] -xor rdx, rdx -adox r8, r12 -adox r14, [ rsp - 0x30 ] -mov r12, 0xfffffffffffff -and r10, r12 -mov r15, r13 -and r15, r12 -shl r15, 4 -mov rdx, 0xffffffffffff -mov r12, r10 -and r12, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x28 ], r12 -mov [ rsp - 0x20 ], r14 -mulx r14, r12, [ rax + 0x10 ] -shr r10, 48 -add rbp, [ rsp - 0x40 ] -adcx rbx, [ rsp - 0x48 ] -lea r15, [ r15 + r10 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x18 ], r8 -mulx r8, r10, [ rsi + 0x10 ] -mov rdx, 0x1000003d1 -mov [ rsp - 0x10 ], rbx -mov [ rsp - 0x8 ], rbp -mulx rbp, rbx, r15 -test al, al -adox r12, r11 -adox rcx, r14 -mov rdx, [ rax + 0x0 ] -mulx r14, r11, [ rsi + 0x0 ] -adcx rbx, r11 -adcx r14, rbp -shrd r13, rdi, 52 -test al, al -adox r12, r10 -adox r8, rcx -mov rdx, rbx -shrd rdx, r14, 52 -test al, al -adox r13, r12 -mov rdi, 0x0 -adox r8, rdi -mov r15, r13 -shrd r15, r8, 52 -add r15, [ rsp - 0x8 ] -mov r10, [ rsp - 0x10 ] -adc r10, 0x0 -mov rbp, r15 -shrd rbp, r10, 52 -mov rcx, rdx -mov rdx, [ rsi + 0x8 ] -mulx r14, r11, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, r12, [ rax + 0x8 ] -mov rdx, 0x1000003d10 -mulx rdi, r10, rbp -mov rbp, 0xfffffffffffff -and r13, rbp -adox r11, r12 -adox r8, r14 -adcx rcx, r11 -adc r8, 0x0 -and rbx, rbp -mulx r12, r14, r13 -adox r14, rcx -adox r8, r12 -mov r13, r14 -and r13, rbp -shrd r14, r8, 52 -mov r11, [ rsp - 0x50 ] -mov [ r11 + 0x0 ], rbx -and r15, rbp -adox r14, [ rsp - 0x18 ] -mov rcx, [ rsp - 0x20 ] -mov rbx, 0x0 -adox rcx, rbx -mulx r8, r12, r15 -adcx r12, r14 -adcx rcx, r8 -and r9, rbp -mov r15, r12 -shrd r15, rcx, 52 -lea r9, [ r9 + r15 ] -and r12, rbp -adox r10, r9 -adox rdi, rbx -mov r14, r10 -shrd r14, rdi, 52 -and r10, rbp -add r14, [ rsp - 0x28 ] -mov [ r11 + 0x20 ], r14 -mov [ r11 + 0x18 ], r10 -mov [ r11 + 0x8 ], r13 -mov [ r11 + 0x10 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.9429 -; seed 1630032793123719 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 2247943 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=122, initial num_batches=31): 129805 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.057743901869397936 -; number reverted permutation / tried permutation: 69392 / 90292 =76.853% -; number reverted decision / tried decision: 31909 / 89707 =35.570% -; validated in 0.511s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000481627505_ratio09368.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000481627505_ratio09368.asm deleted file mode 100644 index 29e99e79bc..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000481627505_ratio09368.asm +++ /dev/null @@ -1,233 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 232 -mov rax, rdx -mov rdx, [ rdx + 0x20 ] -mulx r11, r10, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, [ rax + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x8 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x48 ], rdi -mov [ rsp - 0x40 ], r15 -mulx r15, rdi, [ rax + 0x18 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x38 ], r8 -mov [ rsp - 0x30 ], rcx -mulx rcx, r8, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x28 ], r11 -mov [ rsp - 0x20 ], r10 -mulx r10, r11, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x18 ], r10 -mov [ rsp - 0x10 ], r11 -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x8 ], r11 -mov [ rsp + 0x0 ], r10 -mulx r10, r11, [ rax + 0x20 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp + 0x8 ], r15 -mov [ rsp + 0x10 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp + 0x18 ], r14 -mov [ rsp + 0x20 ], r13 -mulx r13, r14, [ rsi + 0x10 ] -mov rdx, 0xfffffffffffff -mov [ rsp + 0x28 ], r12 -mov r12, r11 -and r12, rdx -adox r8, r15 -adox rdi, rcx -adcx r9, r14 -adcx r13, rbx -xor rbx, rbx -adox r9, rbp -adox r13, [ rsp + 0x28 ] -mov rdx, [ rsi + 0x20 ] -mulx rcx, rbp, [ rax + 0x0 ] -adcx rbp, [ rsp + 0x20 ] -adcx rcx, [ rsp + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mulx r14, r15, [ rax + 0x10 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp + 0x30 ], rdi -mulx rdi, rbx, [ rax + 0x18 ] -test al, al -adox r9, rbx -adox rdi, r13 -adcx rbp, r15 -adcx r14, rcx -mov rdx, 0x1000003d10 -mulx rcx, r13, r12 -xor r12, r12 -adox rbp, [ rsp + 0x10 ] -adox r14, [ rsp + 0x8 ] -adcx r13, r9 -adcx rdi, rcx -xor r15, r15 -adox rbp, [ rsp - 0x20 ] -adox r14, [ rsp - 0x28 ] -mov rdx, [ rax + 0x8 ] -mulx rbx, r12, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx rcx, r9, [ rax + 0x10 ] -adcx r12, r9 -adcx rcx, rbx -add r12, [ rsp - 0x30 ] -adcx rcx, [ rsp - 0x38 ] -mov rdx, [ rsi + 0x8 ] -mulx r9, rbx, [ rax + 0x20 ] -add r12, rbx -adcx r9, rcx -mov rdx, 0x34 -bzhi rcx, r13, rdx -shrd r11, r10, 52 -mov r10, 0x1000003d10 -mov rdx, r11 -mulx rbx, r11, r10 -shrd r13, rdi, 52 -add r13, rbp -adc r14, 0x0 -mov rdx, [ rsi + 0x10 ] -mulx rbp, rdi, [ rax + 0x20 ] -add r11, r13 -adcx r14, rbx -mov rdx, 0x34 -bzhi rbx, r11, rdx -mov r13, rbx -shr r13, 48 -shrd r11, r14, 52 -xor r14, r14 -adox r11, r12 -adox r9, r14 -bzhi r15, r11, rdx -shl r15, 4 -shrd r11, r9, 52 -mov r12, [ rsp + 0x0 ] -test al, al -adox r12, [ rsp - 0x10 ] -mov r9, [ rsp - 0x8 ] -adox r9, [ rsp - 0x18 ] -adcx r12, rdi -adcx rbp, r9 -lea r15, [ r15 + r13 ] -mov rdx, [ rax + 0x18 ] -mulx r13, rdi, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx r14, r9, [ rax + 0x20 ] -mov rdx, 0x1000003d1 -mov [ rsp + 0x38 ], rcx -mulx rcx, r10, r15 -test al, al -adox rdi, r9 -adox r14, r13 -adcx r10, [ rsp - 0x40 ] -adcx rcx, [ rsp - 0x48 ] -mov r15, 0x34 -bzhi r13, r10, r15 -mov rdx, [ rax + 0x0 ] -mulx r15, r9, [ rsi + 0x8 ] -shrd r10, rcx, 52 -mov rdx, [ rax + 0x10 ] -mov [ rsp + 0x40 ], r8 -mulx r8, rcx, [ rsi + 0x0 ] -test al, al -adox r11, r12 -mov rdx, 0x0 -adox rbp, rdx -mov rdx, [ rax + 0x8 ] -mov [ rsp + 0x48 ], r8 -mulx r8, r12, [ rsi + 0x0 ] -mov rdx, 0x34 -mov [ rsp + 0x50 ], rcx -bzhi rcx, r11, rdx -mov rdx, 0x1000003d10 -mov [ rsp + 0x58 ], r14 -mov [ rsp + 0x60 ], rdi -mulx rdi, r14, rcx -adox r9, r12 -adox r8, r15 -test al, al -adox r10, r9 -mov r15, 0x0 -adox r8, r15 -mov r12, [ rsp - 0x50 ] -mov [ r12 + 0x0 ], r13 -adcx r14, r10 -adcx r8, rdi -shrd r11, rbp, 52 -add r11, [ rsp + 0x60 ] -mov r13, [ rsp + 0x58 ] -adc r13, 0x0 -mov rbp, 0xfffffffffffff -mov rcx, r11 -and rcx, rbp -mov rdi, [ rsp + 0x40 ] -adox rdi, [ rsp + 0x50 ] -mov r9, [ rsp + 0x30 ] -adox r9, [ rsp + 0x48 ] -mov r10, r14 -shrd r10, r8, 52 -mulx r15, r8, rcx -xor rcx, rcx -adox r10, rdi -adox r9, rcx -adcx r8, r10 -adcx r9, r15 -mov rdi, r8 -and rdi, rbp -shrd r11, r13, 52 -mulx r15, r13, r11 -mov [ r12 + 0x10 ], rdi -shrd r8, r9, 52 -add r8, [ rsp + 0x38 ] -xor r10, r10 -adox r13, r8 -adox r15, r10 -mov rcx, 0x30 -bzhi r9, rbx, rcx -mov rbx, r13 -shrd rbx, r15, 52 -lea r9, [ r9 + rbx ] -and r13, rbp -mov [ r12 + 0x18 ], r13 -and r14, rbp -mov [ r12 + 0x8 ], r14 -mov [ r12 + 0x20 ], r9 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 232 -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.9368 -; seed 1555829256233820 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 2317157 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=123, initial num_batches=31): 130787 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.05644287374571511 -; number reverted permutation / tried permutation: 67655 / 89932 =75.229% -; number reverted decision / tried decision: 31560 / 90067 =35.041% -; validated in 0.618s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000489048938_ratio10616.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000489048938_ratio10616.asm new file mode 100644 index 0000000000..bdc6407901 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000489048938_ratio10616.asm @@ -0,0 +1,214 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r11, r10, [ rax + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r8, rcx, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x0 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rsi + 0x18 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rax + 0x0 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x48 ], rbx; spilling x10036_1 to mem +mov [ rsp - 0x40 ], r9; spilling x10036_0 to mem +mulx r9, rbx, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mov [ rsp - 0x38 ], r12; spilling x10040_1 to mem +mov [ rsp - 0x30 ], rbp; spilling x10040_0 to mem +mulx rbp, r12, [ rax + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +xor rdx, rdx +adox r15, rbx +adox r9, rdi +mov rdi, 0x1000003d10 ; moving imm to reg +mov rdx, rdi; 0x1000003d10 to rdx +mulx rbx, rdi, r10; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x28 ], rbp; spilling x10026_1 to mem +mulx rbp, r10, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +adcx r13, r10 +adcx rbp, r14 +test al, al +adox r13, rcx +adox r8, rbp +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r14, rcx, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +adcx r13, rcx +adcx r14, r8 +xor rdx, rdx +adox rdi, r13 +adox r14, rbx +mov rbx, 0xfffffffffffff ; moving imm to reg +mov r10, rdi; +and r10, rbx; x6 <- x4_0&0xfffffffffffff +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r8, rbp, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +adox r15, rbp +adox r8, r9 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx rcx, r9, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx rbp, r13, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +adcx r15, r9 +adcx rcx, r8 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r9, r8, [ rax + 0x10 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x20 ], r10; spilling x6 to mem +mulx r10, rbx, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +test al, al +adox r15, r13 +adox rbp, rcx +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rcx, r13, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +adcx r13, r8 +adcx r9, rcx +shrd rdi, r14, 52; x5 <- x4_1||x4_0 >> 52 +add rdi, r15; could be done better, if r0 has been u8 as well +adc rbp, 0x0; add CF to r0's alloc +xor rdx, rdx +adox r13, rbx +adox r10, r9 +mov r14, 0x1000003d10000 ; moving imm to reg +mov rdx, r11; x2 to rdx +mulx r8, r11, r14; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +adcx r11, rdi +adcx rbp, r8 +mov rbx, r11; +shrd rbx, rbp, 52; x8 <- x7_1||x7_0 >> 52 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rcx, r15, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +mov rdx, 0xfffffffffffff ; moving imm to reg +and r11, rdx; x9 <- x7_0&0xfffffffffffff +adox r13, r15 +adox rcx, r10 +adcx rbx, r13 +adc rcx, 0x0; add CF to r0's alloc +mov r9, rbx; +and r9, rdx; x14 <- x12_0&0xfffffffffffff +shl r9, 4; x10027 <- x14<< 4 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r10, rdi, [ rax + 0x10 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx rbp, r8, [ rsi + 0x10 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r13, r15, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +test al, al +adox rdi, r15 +adox r13, r10 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r15, r10, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +adcx rdi, r8 +adcx rbp, r13 +mov rdx, r11; +shr rdx, 48; x10 <- x9>> 48 +mov r8, rdx; preserving value of x10 into a new reg +mov rdx, [ rsi + 0x0 ]; saving arg1[0] in rdx. +mulx r14, r13, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +lea r9, [ r9 + r8 ] +shrd rbx, rcx, 52; x13 <- x12_1||x12_0 >> 52 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r8, rcx, r9; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +xor r9, r9 +adox rcx, r12 +adox r8, [ rsp - 0x28 ] +mov r12, rcx; +shrd r12, r8, 52; x16 <- x15_1||x15_0 >> 52 +test al, al +adox rbx, rdi +adox rbp, r9 +adcx r10, [ rsp - 0x30 ] +adcx r15, [ rsp - 0x38 ] +mov rdi, rbx; +shrd rdi, rbp, 52; x19 <- x18_1||x18_0 >> 52 +test al, al +adox rdi, r10 +adox r15, r9 +mov r8, 0x1000003d10 ; moving imm to reg +mov rdx, r8; 0x1000003d10 to rdx +mulx rbp, r8, rdi; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +mov r10, r13; +adcx r10, [ rsp - 0x40 ] +adcx r14, [ rsp - 0x48 ] +test al, al +adox r12, r10 +adox r14, r9 +mov r13, 0xfffffffffffff ; moving imm to reg +and rcx, r13; x17 <- x15_0&0xfffffffffffff +mov rdi, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rdi + 0x0 ], rcx; out1[0] = x17 +and rbx, r13; x20 <- x18_0&0xfffffffffffff +mulx rcx, r10, rbx; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +adox r10, r12 +adox r14, rcx +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rbx, r12, [ rax + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, r10; +shrd rdx, r14, 52; x22 <- x21_1||x21_0 >> 52 +mov rcx, rdx; preserving value of x22 into a new reg +mov rdx, [ rsi + 0x0 ]; saving arg1[0] in rdx. +mulx r9, r14, [ rax + 0x10 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +and r10, r13; x23 <- x21_0&0xfffffffffffff +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx rdi, r13, [ rsi + 0x10 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +mov rdx, 0xffffffffffff ; moving imm to reg +and r11, rdx; x11 <- x9&0xffffffffffff +adox r13, r12 +adox rbx, rdi +adcx r13, r14 +adcx r9, rbx +add rcx, r13; could be done better, if r0 has been u8 as well +adc r9, 0x0; add CF to r0's alloc +xor r12, r12 +adox r8, rcx +adox r9, rbp +mov rbp, r8; +shrd rbp, r9, 52; x28 <- x27_1||x27_0 >> 52 +add rbp, [ rsp - 0x20 ] +mov r14, 0x1000003d10000 ; moving imm to reg +mov rdx, r14; 0x1000003d10000 to rdx +mulx rdi, r14, r15; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +xor rbx, rbx +adox r14, rbp +adox rdi, rbx +mov r12, 0xfffffffffffff ; moving imm to reg +mov r13, r14; +and r13, r12; x32 <- x30_0&0xfffffffffffff +shrd r14, rdi, 52; x31 <- x30_1||x30_0 >> 52 +and r8, r12; x29 <- x27_0&0xfffffffffffff +mov rcx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rcx + 0x10 ], r8; out1[2] = x29 +mov [ rcx + 0x18 ], r13; out1[3] = x32 +lea r11, [ r11 + r14 ] +mov [ rcx + 0x20 ], r11; out1[4] = x33 +mov [ rcx + 0x8 ], r10; out1[1] = x23 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 9 7950X 16-Core Processor +; ratio 1.0616 +; seed 1444059844171592 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1999346 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=176, initial num_batches=31): 112866 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.056451459627298126 +; number reverted permutation / tried permutation: 100989 / 135089 =74.757% +; number reverted decision / tried decision: 64123 / 134910 =47.530% +; validated in 0.337s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000535313018_ratio11423.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000535313018_ratio11423.asm new file mode 100644 index 0000000000..8c04eeebb8 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000535313018_ratio11423.asm @@ -0,0 +1,208 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mulx r11, r10, [ rax + 0x8 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r8, rcx, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rax + 0x0 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +xor rdx, rdx +adox rbp, r10 +adox r11, r12 +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r12, r10, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +adcx rbp, r10 +adcx r12, r11 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r10, r11, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +test al, al +adox rbp, rcx +adox r8, r12 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r12, rcx, r9; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +adcx rcx, rbp +adcx r8, r12 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rbp, r9, [ rax + 0x18 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +mov rdx, rcx; +shrd rdx, r8, 52; x5 <- x4_1||x4_0 >> 52 +mov r12, rdx; preserving value of x5 into a new reg +mov rdx, [ rax + 0x0 ]; saving arg2[0] in rdx. +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mulx r13, r8, [ rsi + 0x20 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r14, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], r10; spilling x10019_1 to mem +mulx r10, rdi, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +add r8, r14; could be done better, if r0 has been u8 as well +adcx r15, r13 +xor rdx, rdx +adox r8, rdi +adox r10, r15 +adcx r8, r9 +adcx rbp, r10 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r13, r9, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rdi, r14, [ rsi + 0x20 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +add r8, r9; could be done better, if r0 has been u8 as well +adcx r13, rbp +xor rdx, rdx +adox r12, r8 +adox r13, rdx +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r10, r15, [ rsi + 0x18 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r9, rbp, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +adcx r14, r15 +adcx r10, rdi +xor rdx, rdx +adox r14, rbp +adox r9, r10 +mov rdi, 0x1000003d10000 ; moving imm to reg +mov rdx, rbx; x2 to rdx +mulx r8, rbx, rdi; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +adcx rbx, r12 +adcx r13, r8 +mov r12, rbx; +shrd r12, r13, 52; x8 <- x7_1||x7_0 >> 52 +mov rdx, 0xfffffffffffff ; moving imm to reg +and rbx, rdx; x9 <- x7_0&0xfffffffffffff +mov r15, rbx; +shr r15, 48; x10 <- x9>> 48 +test al, al +adox r14, r11 +adox r9, [ rsp - 0x48 ] +adcx r12, r14 +adc r9, 0x0; add CF to r0's alloc +mov r11, r12; +and r11, rdx; x14 <- x12_0&0xfffffffffffff +shl r11, 4; x10027 <- x14<< 4 +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r10, rbp, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, 0xffffffffffff ; moving imm to reg +and rbx, rdx; x11 <- x9&0xffffffffffff +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r13, r8, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx rdi, r14, [ rsi + 0x10 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +shrd r12, r9, 52; x13 <- x12_1||x12_0 >> 52 +xor rdx, rdx +adox rbp, r8 +adox r13, r10 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r10, r9, [ rax + 0x20 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +adcx rbp, r9 +adcx r10, r13 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r13, r8, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x40 ], rbx; spilling x11 to mem +mulx rbx, r9, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +xor rdx, rdx +adox r12, rbp +adox r10, rdx +mov rbp, r12; +shrd rbp, r10, 52; x19 <- x18_1||x18_0 >> 52 +test al, al +adox r8, r9 +adox rbx, r13 +adcx rbp, r8 +adc rbx, 0x0; add CF to r0's alloc +lea r11, [ r11 + r15 ] +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r13, r15, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r10, r9, r11; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +xor r8, r8 +adox r14, r15 +adox r13, rdi +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r11, rdi, [ rax + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +adcx r9, rdi +adcx r11, r10 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r10, r15, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r8, rdi, rbp; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +mov rbp, 0xfffffffffffff ; moving imm to reg +and r12, rbp; x20 <- x18_0&0xfffffffffffff +mov rbp, r9; +shrd rbp, r11, 52; x16 <- x15_1||x15_0 >> 52 +mov [ rsp - 0x38 ], rbx; spilling x25 to mem +mulx rbx, r11, r12; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x30 ], r8; spilling x10049_1 to mem +mulx r8, r12, [ rsi + 0x0 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +xor rdx, rdx +adox r15, r12 +adox r8, r10 +adcx rbp, r15 +adc r8, 0x0; add CF to r0's alloc +xor r10, r10 +adox r11, rbp +adox r8, rbx +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r12, rbx, [ rax + 0x10 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +mov rdx, 0xfffffffffffff ; moving imm to reg +mov r15, r11; +and r15, rdx; x23 <- x21_0&0xfffffffffffff +and rcx, rdx; x6 <- x4_0&0xfffffffffffff +adox r14, rbx +adox r12, r13 +shrd r11, r8, 52; x22 <- x21_1||x21_0 >> 52 +xor r13, r13 +adox r11, r14 +adox r12, r13 +adcx rdi, r11 +adcx r12, [ rsp - 0x30 ] +mov r10, rdi; +shrd r10, r12, 52; x28 <- x27_1||x27_0 >> 52 +and rdi, rdx; x29 <- x27_0&0xfffffffffffff +mov rbp, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rbp + 0x10 ], rdi; out1[2] = x29 +lea rcx, [ rcx + r10 ] +mov r8, 0x1000003d10000 ; moving imm to reg +mov rdx, r8; 0x1000003d10000 to rdx +mulx rbx, r8, [ rsp - 0x38 ]; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +adox r8, rcx +adox rbx, r13 +mov r14, 0xfffffffffffff ; moving imm to reg +mov r11, r8; +and r11, r14; x32 <- x30_0&0xfffffffffffff +shrd r8, rbx, 52; x31 <- x30_1||x30_0 >> 52 +add r8, [ rsp - 0x40 ] +and r9, r14; x17 <- x15_0&0xfffffffffffff +mov [ rbp + 0x0 ], r9; out1[0] = x17 +mov [ rbp + 0x20 ], r8; out1[4] = x33 +mov [ rbp + 0x18 ], r11; out1[3] = x32 +mov [ rbp + 0x8 ], r15; out1[1] = x23 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.1423 +; seed 1104056933168302 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1488477 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=281, initial num_batches=31): 138241 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09287412570029634 +; number reverted permutation / tried permutation: 99088 / 135520 =73.117% +; number reverted decision / tried decision: 78262 / 134479 =58.196% +; validated in 0.291s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000546819615_ratio11457.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000546819615_ratio11457.asm new file mode 100644 index 0000000000..868fb1bdcb --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000546819615_ratio11457.asm @@ -0,0 +1,205 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x10 ]; saving arg2[2] in rdx. +mulx r11, r10, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r8, rcx, [ rax + 0x20 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x10 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rax + 0x8 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +xor rdx, rdx +adox rbp, r13 +adox r14, r12 +adcx rbp, r10 +adcx r11, r14 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r12, r10, [ rsi + 0x0 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +xor rdx, rdx +adox rbp, r10 +adox r12, r11 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r14, r13, [ rsi + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r10, r11, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rsi + 0x20 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x48 ], rbx; spilling x10043_1 to mem +mov [ rsp - 0x40 ], r9; spilling x10043_0 to mem +mulx r9, rbx, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +adcx r15, r11 +adcx r10, rdi +add r15, rbx; could be done better, if r0 has been u8 as well +adcx r9, r10 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx rdi, r11, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r10, rbx, r13; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +add rbx, rbp; could be done better, if r0 has been u8 as well +adcx r12, r10 +test al, al +adox r15, r11 +adox rdi, r9 +adcx r15, rcx +adcx r8, rdi +mov rcx, rbx; +shrd rcx, r12, 52; x5 <- x4_1||x4_0 >> 52 +xor rbp, rbp +adox rcx, r15 +adox r8, rbp +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r9, r13, [ rsi + 0x10 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r10, r11, r14; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +adcx r11, rcx +adcx r8, r10 +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rdi, r12, [ rsi + 0x20 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, 0xfffffffffffff ; moving imm to reg +mov r15, r11; +and r15, rdx; x9 <- x7_0&0xfffffffffffff +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rcx, r14, [ rax + 0x10 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +shrd r11, r8, 52; x8 <- x7_1||x7_0 >> 52 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r8, r10, [ rsi + 0x8 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +add r12, r14; could be done better, if r0 has been u8 as well +adcx rcx, rdi +test al, al +adox r12, r13 +adox r9, rcx +adcx r12, r10 +adcx r8, r9 +test al, al +adox r11, r12 +adox r8, rbp +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx rdi, r13, [ rsi + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, 0xfffffffffffff ; moving imm to reg +mov r14, r11; +and r14, rdx; x14 <- x12_0&0xfffffffffffff +shl r14, 4; x10027 <- x14<< 4 +shrd r11, r8, 52; x13 <- x12_1||x12_0 >> 52 +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx rcx, r10, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +add r10, r13; could be done better, if r0 has been u8 as well +adcx rdi, rcx +mov rdx, r15; +shr rdx, 48; x10 <- x9>> 48 +lea r14, [ r14 + rdx ] +mov r9, 0xffffffffffff ; moving imm to reg +and r15, r9; x11 <- x9&0xffffffffffff +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r8, r12, [ rax + 0x20 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +mov rdx, 0x1000003d1 ; moving imm to reg +mulx rcx, r13, r14; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +adox r10, r12 +adox r8, rdi +adcx r11, r10 +adc r8, 0x0; add CF to r0's alloc +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r14, rdi, [ rsi + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r10, r12, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +add r13, rdi; could be done better, if r0 has been u8 as well +adcx r14, rcx +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rdi, rcx, [ rax + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, r13; +shrd rdx, r14, 52; x16 <- x15_1||x15_0 >> 52 +mov r14, rdx; preserving value of x16 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r9, rbp, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +mov rdx, r11; +shrd rdx, r8, 52; x19 <- x18_1||x18_0 >> 52 +test al, al +adox rbp, r12 +adox r10, r9 +adcx rdx, rbp +adc r10, 0x0; add CF to r0's alloc +mov r8, rdx; preserving value of x24_0 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mulx r9, r12, [ rax + 0x0 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mov [ rsp - 0x38 ], r15; spilling x11 to mem +mulx r15, rbp, r10; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mov [ rsp - 0x30 ], r15; spilling x10051_1 to mem +mulx r15, r10, [ rax + 0x0 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +xor rdx, rdx +adox r12, rcx +adox rdi, r9 +mov rcx, 0xfffffffffffff ; moving imm to reg +and r13, rcx; x17 <- x15_0&0xfffffffffffff +and r11, rcx; x20 <- x18_0&0xfffffffffffff +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rcx, r9, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +adox r10, r9 +adox rcx, r15 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r9, r15, r11; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +mov r11, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r11 + 0x0 ], r13; out1[0] = x17 +adcx r14, r10 +adc rcx, 0x0; add CF to r0's alloc +xor r13, r13 +adox r15, r14 +adox rcx, r9 +mov r10, 0xfffffffffffff ; moving imm to reg +mov r9, r15; +and r9, r10; x23 <- x21_0&0xfffffffffffff +mov [ r11 + 0x8 ], r9; out1[1] = x23 +shrd r15, rcx, 52; x22 <- x21_1||x21_0 >> 52 +mulx rcx, r14, r8; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +test al, al +adox r12, [ rsp - 0x40 ] +adox rdi, [ rsp - 0x48 ] +adcx r15, r12 +adc rdi, 0x0; add CF to r0's alloc +and rbx, r10; x6 <- x4_0&0xfffffffffffff +adox r14, r15 +adox rdi, rcx +mov r9, r14; +shrd r9, rdi, 52; x28 <- x27_1||x27_0 >> 52 +and r14, r10; x29 <- x27_0&0xfffffffffffff +lea rbx, [ rbx + r9 ] +adox rbp, rbx +mov r8, [ rsp - 0x30 ]; +adox r8, r13 +mov rcx, rbp; +and rcx, r10; x32 <- x30_0&0xfffffffffffff +shrd rbp, r8, 52; x31 <- x30_1||x30_0 >> 52 +add rbp, [ rsp - 0x38 ] +mov [ r11 + 0x20 ], rbp; out1[4] = x33 +mov [ r11 + 0x18 ], rcx; out1[3] = x32 +mov [ r11 + 0x10 ], r14; out1[2] = x29 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.1457 +; seed 3723633933296103 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1524788 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=300, initial num_batches=31): 141202 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09260434893244175 +; number reverted permutation / tried permutation: 97325 / 135466 =71.845% +; number reverted decision / tried decision: 78133 / 134533 =58.077% +; validated in 0.276s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000555361062_ratio13085.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000555361062_ratio13085.asm deleted file mode 100644 index 6bb40b42d0..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000555361062_ratio13085.asm +++ /dev/null @@ -1,211 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x8 ] -mulx r11, r10, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x10 ] -test al, al -adox rbp, r13 -adox r14, r12 -mov rdx, [ rsi + 0x20 ] -mulx r13, r12, [ rax + 0x18 ] -adcx rcx, r10 -adcx r11, r8 -mov rdx, [ rsi + 0x0 ] -mulx r8, r10, [ rax + 0x10 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], r13 -mov [ rsp - 0x40 ], r12 -mulx r12, r13, [ rsi + 0x8 ] -test al, al -adox rcx, r10 -adox r8, r11 -mov rdx, [ rsi + 0x20 ] -mulx r10, r11, [ rax + 0x20 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x38 ], r8 -mov [ rsp - 0x30 ], rcx -mulx rcx, r8, [ rsi + 0x0 ] -adcx rbp, r13 -adcx r12, r14 -add rbp, r8 -adcx rcx, r12 -mov rdx, 0xfffffffffffff -mov r14, r11 -and r14, rdx -mov r13, 0x1000003d10 -mov rdx, r13 -mulx r8, r13, r14 -adox r13, rbp -adox rcx, r8 -mov rdx, [ rsi + 0x20 ] -mulx rbp, r12, [ rax + 0x0 ] -mov rdx, r13 -shrd rdx, rcx, 52 -xor r14, r14 -adox r12, r15 -adox rdi, rbp -mov r15, rdx -mov rdx, [ rsi + 0x10 ] -mulx rcx, r8, [ rax + 0x10 ] -adcx r12, r8 -adcx rcx, rdi -mov rdx, [ rsi + 0x8 ] -mulx rdi, rbp, [ rax + 0x18 ] -mov rdx, [ rax + 0x20 ] -mulx r14, r8, [ rsi + 0x0 ] -add r12, rbp -adcx rdi, rcx -test al, al -adox r12, r8 -adox r14, rdi -adcx r15, r12 -adc r14, 0x0 -shrd r11, r10, 52 -mov rdx, 0x1000003d10 -mulx rcx, r10, r11 -add r10, r15 -adcx r14, rcx -mov rbp, r10 -shrd rbp, r14, 52 -mov rdx, [ rax + 0x8 ] -mulx rdi, r8, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx r15, r12, [ rsi + 0x18 ] -xor rdx, rdx -adox r8, r12 -adox r15, rdi -mov rdx, [ rax + 0x18 ] -mulx rcx, r11, [ rsi + 0x10 ] -adcx r8, r11 -adcx rcx, r15 -mov rdx, [ rsi + 0x8 ] -mulx rdi, r14, [ rax + 0x20 ] -xor rdx, rdx -adox r8, r14 -adox rdi, rcx -adcx rbp, r8 -adc rdi, 0x0 -mov r12, 0xfffffffffffff -mov r15, rbp -and r15, r12 -shl r15, 4 -and r10, r12 -mov r11, r10 -shr r11, 48 -mov rcx, 0xffffffffffff -and r10, rcx -mov rdx, [ rsi + 0x20 ] -mulx r8, r14, [ rax + 0x10 ] -lea r15, [ r15 + r11 ] -adox r14, r9 -adox rbx, r8 -mov rdx, [ rsi + 0x10 ] -mulx r11, r9, [ rax + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx rcx, r8, [ rax + 0x20 ] -mov rdx, 0x1000003d1 -mov [ rsp - 0x28 ], r10 -mulx r10, r12, r15 -shrd rbp, rdi, 52 -xor rdi, rdi -adox r14, r9 -adox r11, rbx -mov rdx, [ rsi + 0x0 ] -mulx rbx, r15, [ rax + 0x0 ] -adcx r12, r15 -adcx rbx, r10 -mov rdx, [ rax + 0x0 ] -mulx r10, r9, [ rsi + 0x8 ] -xor rdx, rdx -adox rbp, r14 -adox r11, rdx -mov rdi, rbp -shrd rdi, r11, 52 -mov r14, r8 -add r14, [ rsp - 0x40 ] -adcx rcx, [ rsp - 0x48 ] -test al, al -adox rdi, r14 -adox rcx, rdx -mov r8, r12 -shrd r8, rbx, 52 -mov r15, 0xfffffffffffff -mov rbx, rdi -and rbx, r15 -mov rdx, [ rax + 0x8 ] -mulx r14, r11, [ rsi + 0x0 ] -and rbp, r15 -adox r9, r11 -adox r14, r10 -adcx r8, r9 -adc r14, 0x0 -mov rdx, 0x1000003d10 -mulx r11, r10, rbp -xor rbp, rbp -adox r10, r8 -adox r14, r11 -mov r9, r10 -shrd r9, r14, 52 -mulx r11, r8, rbx -and r10, r15 -and r13, r15 -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x8 ], r10 -adox r9, [ rsp - 0x30 ] -mov r14, [ rsp - 0x38 ] -adox r14, rbp -adcx r8, r9 -adcx r14, r11 -mov r11, r8 -and r11, r15 -shrd r8, r14, 52 -lea r13, [ r13 + r8 ] -mov [ rbx + 0x10 ], r11 -shrd rdi, rcx, 52 -and r12, r15 -mov [ rbx + 0x0 ], r12 -mulx r10, rcx, rdi -adox rcx, r13 -adox r10, rbp -mov r9, rcx -shrd r9, r10, 52 -add r9, [ rsp - 0x28 ] -and rcx, r15 -mov [ rbx + 0x18 ], rcx -mov [ rbx + 0x20 ], r9 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.3085 -; seed 3286769594682671 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 889878 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=260, initial num_batches=31): 80876 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09088436841904171 -; number reverted permutation / tried permutation: 73777 / 90129 =81.857% -; number reverted decision / tried decision: 53607 / 89870 =59.649% -; validated in 0.288s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000559080840_ratio13610.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000559080840_ratio13610.asm deleted file mode 100644 index c4d478910c..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000559080840_ratio13610.asm +++ /dev/null @@ -1,209 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x18 ] -mulx r11, r10, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, [ rax + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x78 ], rbp -mov rbp, r9 -and rbp, rdx -shrd r9, rbx, 52 -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x70 ], r12 -mulx r12, rbx, [ rsi + 0x10 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x8 ] -test al, al -adox r10, rbx -adox r12, r11 -adcx r10, r13 -adcx r14, r12 -test al, al -adox r10, rcx -adox r8, r14 -mov rdx, 0x1000003d10 -mulx rcx, r11, rbp -mov rdx, [ rax + 0x8 ] -mulx rbx, rbp, [ rsi + 0x18 ] -mov rdx, [ rax + 0x0 ] -mulx r12, r13, [ rsi + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r9 -adcx r11, r10 -adcx r8, rcx -xor r9, r9 -adox r13, rbp -adox rbx, r12 -mov rdx, [ rsi + 0x10 ] -mulx rcx, r10, [ rax + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx r12, rbp, [ rax + 0x18 ] -adcx r13, r10 -adcx rcx, rbx -add r13, rbp -adcx r12, rcx -mov rdx, [ rsi + 0x0 ] -mulx r10, rbx, [ rax + 0x20 ] -mov rdx, r11 -shrd rdx, r8, 52 -add r13, rbx -adcx r10, r12 -xor r8, r8 -adox rdx, r13 -adox r10, r8 -adcx r14, rdx -adcx r10, r15 -mov r9, r14 -shrd r9, r10, 52 -mov rdx, [ rax + 0x8 ] -mulx rbp, r15, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx r12, rcx, [ rsi + 0x18 ] -xor rdx, rdx -adox r15, rcx -adox r12, rbp -mov rdx, [ rsi + 0x10 ] -mulx rbx, r8, [ rax + 0x18 ] -adcx r15, r8 -adcx rbx, r12 -mov rdx, [ rax + 0x20 ] -mulx r10, r13, [ rsi + 0x8 ] -add r15, r13 -adcx r10, rbx -mov rdx, 0xfffffffffffff -and r14, rdx -adox r9, r15 -mov rbp, 0x0 -adox r10, rbp -mov rcx, r9 -and rcx, rdx -mov r12, 0xffffffffffff -mov r8, r14 -and r8, r12 -shl rcx, 4 -shrd r9, r10, 52 -mov rdx, [ rax + 0x18 ] -mulx r13, rbx, [ rsi + 0x18 ] -shr r14, 48 -mov rdx, [ rax + 0x20 ] -mulx r10, r15, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mulx r12, rbp, [ rax + 0x10 ] -xor rdx, rdx -adox rbp, rbx -adox r13, r12 -adcx rbp, r15 -adcx r10, r13 -lea rcx, [ rcx + r14 ] -xor rbx, rbx -adox r9, rbp -adox r10, rbx -mov rdx, 0x1000003d1 -mulx r15, r14, rcx -mov r12, r9 -shrd r12, r10, 52 -mov rdx, [ rax + 0x0 ] -mulx rbp, r13, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mulx r10, rcx, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x50 ], rdi -mulx rdi, rbx, [ rsi + 0x0 ] -test al, al -adox r14, r13 -adox rbp, r15 -mov rdx, r14 -shrd rdx, rbp, 52 -mov r15, rdx -mov rdx, [ rsi + 0x8 ] -mulx rbp, r13, [ rax + 0x8 ] -test al, al -adox rcx, rbx -adox rdi, r10 -mov rdx, [ rsi + 0x10 ] -mulx rbx, r10, [ rax + 0x0 ] -adcx r15, rcx -adc rdi, 0x0 -add r10, r13 -adcx rbp, rbx -mov rdx, [ rsi + 0x20 ] -mulx rcx, r13, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], r8 -mulx r8, rbx, [ rsi + 0x0 ] -mov rdx, 0xfffffffffffff -and r9, rdx -adox r10, rbx -adox r8, rbp -mov rdx, [ rsi + 0x18 ] -mulx rbx, rbp, [ rax + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x40 ], r8 -mov [ rsp - 0x38 ], r10 -mulx r10, r8, r9 -adcx r8, r15 -adcx rdi, r10 -add r13, rbp -adcx rbx, rcx -add r12, r13 -adc rbx, 0x0 -mov r15, 0xfffffffffffff -mov rcx, r12 -and rcx, r15 -shrd r12, rbx, 52 -mulx rbp, r9, rcx -mov r10, r8 -shrd r10, rdi, 52 -and r11, r15 -mulx r13, rdi, r12 -adox r10, [ rsp - 0x38 ] -mov rbx, [ rsp - 0x40 ] -mov rcx, 0x0 -adox rbx, rcx -adcx r9, r10 -adcx rbx, rbp -mov r12, r9 -shrd r12, rbx, 52 -lea r11, [ r11 + r12 ] -and r9, r15 -adox rdi, r11 -adox r13, rcx -mov rbp, rdi -shrd rbp, r13, 52 -add rbp, [ rsp - 0x48 ] -mov r10, [ rsp - 0x50 ] -mov [ r10 + 0x10 ], r9 -and rdi, r15 -mov [ r10 + 0x18 ], rdi -and r14, r15 -mov [ r10 + 0x0 ], r14 -and r8, r15 -mov [ r10 + 0x20 ], rbp -mov [ r10 + 0x8 ], r8 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.3610 -; seed 3833716287073554 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 892151 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=260, initial num_batches=31): 80726 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09048468252571594 -; number reverted permutation / tried permutation: 72622 / 90210 =80.503% -; number reverted decision / tried decision: 53957 / 89789 =60.093% -; validated in 0.283s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000562633940_ratio13177.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000562633940_ratio13177.asm deleted file mode 100644 index a4527d4b71..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000562633940_ratio13177.asm +++ /dev/null @@ -1,209 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r10, [ rax + 0x10 ] -mov rdx, [ rax + 0x20 ] -mulx r8, rcx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x68 ], r13 -mov r13, rcx -and r13, rdx -adox rbp, r9 -adox rbx, r12 -mov rdx, [ rsi + 0x0 ] -mulx r12, r9, [ rax + 0x18 ] -adcx rbp, r10 -adcx r11, rbx -test al, al -adox rbp, r9 -adox r12, r11 -mov rdx, [ rax + 0x0 ] -mulx rbx, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x8 ] -mulx r11, r9, [ rsi + 0x18 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r13 -adcx r10, r9 -adcx r11, rbx -mov rdx, [ rax + 0x18 ] -mulx rbx, r13, [ rsi + 0x8 ] -xor rdx, rdx -adox r14, rbp -adox r12, r15 -mov rbp, r14 -shrd rbp, r12, 52 -mov rdx, [ rax + 0x10 ] -mulx r15, r9, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x50 ], rdi -mulx rdi, r12, [ rax + 0x20 ] -add r10, r9 -adcx r15, r11 -test al, al -adox r10, r13 -adox rbx, r15 -adcx r10, r12 -adcx rdi, rbx -shrd rcx, r8, 52 -xor rdx, rdx -adox rbp, r10 -adox rdi, rdx -mov r8, 0x1000003d10 -mov rdx, r8 -mulx r11, r8, rcx -adcx r8, rbp -adcx rdi, r11 -mov r13, 0xfffffffffffff -mov r9, r8 -and r9, r13 -mov rdx, [ rsi + 0x10 ] -mulx r15, r12, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mulx r10, rbx, [ rsi + 0x18 ] -shrd r8, rdi, 52 -mov rdx, [ rsi + 0x20 ] -mulx rbp, rcx, [ rax + 0x8 ] -test al, al -adox rcx, rbx -adox r10, rbp -adcx rcx, r12 -adcx r15, r10 -mov rdx, [ rax + 0x20 ] -mulx rdi, r11, [ rsi + 0x8 ] -add rcx, r11 -adcx rdi, r15 -xor rdx, rdx -adox r8, rcx -adox rdi, rdx -mov r12, r8 -and r12, r13 -mov rdx, [ rax + 0x10 ] -mulx rbp, rbx, [ rsi + 0x20 ] -shl r12, 4 -mov rdx, [ rax + 0x18 ] -mulx r15, r10, [ rsi + 0x18 ] -xor rdx, rdx -adox rbx, r10 -adox r15, rbp -mov rdx, [ rax + 0x20 ] -mulx rcx, r11, [ rsi + 0x10 ] -adcx rbx, r11 -adcx rcx, r15 -shrd r8, rdi, 52 -mov rdx, [ rsi + 0x0 ] -mulx rbp, rdi, [ rax + 0x0 ] -mov rdx, [ rax + 0x18 ] -mulx r15, r10, [ rsi + 0x20 ] -mov rdx, r9 -shr rdx, 48 -lea r12, [ r12 + rdx ] -xor r11, r11 -adox r8, rbx -adox rcx, r11 -mov rbx, 0x1000003d1 -mov rdx, r12 -mulx r11, r12, rbx -mov rdx, r8 -shrd rdx, rcx, 52 -and r8, r13 -adox r12, rdi -adox rbp, r11 -mov rdi, r12 -shrd rdi, rbp, 52 -mov rcx, rdx -mov rdx, [ rax + 0x20 ] -mulx rbp, r11, [ rsi + 0x18 ] -xor rdx, rdx -adox r10, r11 -adox rbp, r15 -adcx rcx, r10 -adc rbp, 0x0 -mov r15, rcx -shrd r15, rbp, 52 -mov rdx, [ rsi + 0x8 ] -mulx r10, r11, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mulx rbx, rbp, [ rsi + 0x10 ] -xor rdx, rdx -adox rbp, r11 -adox r10, rbx -mov rdx, [ rsi + 0x8 ] -mulx rbx, r11, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x48 ], r15 -mulx r15, r13, [ rsi + 0x0 ] -adcx r11, r13 -adcx r15, rbx -xor rdx, rdx -adox rdi, r11 -adox r15, rdx -mov rdx, [ rax + 0x10 ] -mulx r13, rbx, [ rsi + 0x0 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x40 ], r10 -mulx r10, r11, r8 -adcx r11, rdi -adcx r15, r10 -mov r8, 0xfffffffffffff -and rcx, r8 -mulx r10, rdi, rcx -adox rbp, rbx -adox r13, [ rsp - 0x40 ] -mov rbx, r11 -shrd rbx, r15, 52 -xor r15, r15 -adox rbx, rbp -adox r13, r15 -adcx rdi, rbx -adcx r13, r10 -mov rcx, rdi -and rcx, r8 -shrd rdi, r13, 52 -and r11, r8 -mulx rbp, r10, [ rsp - 0x48 ] -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x10 ], rcx -and r14, r8 -lea r14, [ r14 + rdi ] -adox r10, r14 -adox rbp, r15 -mov r13, 0xffffffffffff -and r9, r13 -mov rcx, r10 -shrd rcx, rbp, 52 -lea r9, [ r9 + rcx ] -mov [ rbx + 0x20 ], r9 -mov [ rbx + 0x8 ], r11 -and r10, r8 -mov [ rbx + 0x18 ], r10 -and r12, r8 -mov [ rbx + 0x0 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.3177 -; seed 4301882922392617 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 899749 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=277, initial num_batches=31): 81184 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09022960847969823 -; number reverted permutation / tried permutation: 72963 / 89988 =81.081% -; number reverted decision / tried decision: 54126 / 90011 =60.133% -; validated in 0.278s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000567549713_ratio11444.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000567549713_ratio11444.asm new file mode 100644 index 0000000000..571be7ebd2 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000567549713_ratio11444.asm @@ -0,0 +1,208 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x0 ]; saving arg2[0] in rdx. +mulx r11, r10, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r8, rcx, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +xor rdx, rdx +adox r10, rcx +adox r8, r11 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r11, r9, [ rsi + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, rcx, [ rax + 0x8 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +adcx r10, r13 +adcx r14, r8 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r13, r8, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +test al, al +adox r10, r8 +adox r13, r14 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r8, r14, r9; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +adcx r14, r10 +adcx r13, r8 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r9, r10, [ rsi + 0x20 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +xor rdx, rdx +adox r10, rcx +adox rbx, r9 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r8, rcx, [ rax + 0x10 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r9, [ rax + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], r8; spilling x10043_1 to mem +mulx r8, rdi, [ rax + 0x20 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mov [ rsp - 0x40 ], rcx; spilling x10043_0 to mem +mov [ rsp - 0x38 ], r12; spilling x10031_1 to mem +mulx r12, rcx, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +adcx r10, r9 +adcx r15, rbx +add r10, rcx; could be done better, if r0 has been u8 as well +adcx r12, r15 +mov rdx, r14; +shrd rdx, r13, 52; x5 <- x4_1||x4_0 >> 52 +mov r13, 0xfffffffffffff ; moving imm to reg +and r14, r13; x6 <- x4_0&0xfffffffffffff +adox r10, rdi +adox r8, r12 +adcx rdx, r10 +adc r8, 0x0; add CF to r0's alloc +mov rbx, rdx; preserving value of x10017_0 into a new reg +mov rdx, [ rax + 0x10 ]; saving arg2[2] in rdx. +mulx rdi, r9, [ rsi + 0x18 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r15, rcx, r11; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +add rcx, rbx; could be done better, if r0 has been u8 as well +adcx r8, r15 +mov r11, rcx; +and r11, r13; x9 <- x7_0&0xfffffffffffff +shrd rcx, r8, 52; x8 <- x7_1||x7_0 >> 52 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r10, r12, [ rsi + 0x8 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r15, rbx, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +add rbx, r9; could be done better, if r0 has been u8 as well +adcx rdi, r15 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r8, r9, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +xor rdx, rdx +adox rbx, r9 +adox r8, rdi +adcx rbx, r12 +adcx r10, r8 +xor r12, r12 +adox rcx, rbx +adox r10, r12 +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx rdi, r15, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r8, r9, [ rsi + 0x10 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +mov rdx, rcx; +and rdx, r13; x14 <- x12_0&0xfffffffffffff +mov rbx, 0xffffffffffff ; moving imm to reg +mov r12, r11; +and r12, rbx; x11 <- x9&0xffffffffffff +shl rdx, 4; x10027 <- x14<< 4 +shrd rcx, r10, 52; x13 <- x12_1||x12_0 >> 52 +shr r11, 48; x10 <- x9>> 48 +mov r10, rdx; preserving value of x10027 into a new reg +mov rdx, [ rax + 0x0 ]; saving arg2[0] in rdx. +mulx r13, rbx, [ rsi + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x30 ], r12; spilling x11 to mem +mov [ rsp - 0x28 ], r14; spilling x6 to mem +mulx r14, r12, [ rsi + 0x18 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +lea r10, [ r10 + r11 ] +xor rdx, rdx +adox r15, rbp +adox rdi, [ rsp - 0x38 ] +adcx r15, r9 +adcx r8, rdi +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r9, rbp, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +xor rdx, rdx +adox rbp, r12 +adox r14, r9 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r12, r11, [ rsi + 0x10 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r9, rdi, r10; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +adcx rdi, rbx +adcx r13, r9 +add rcx, r15; could be done better, if r0 has been u8 as well +adc r8, 0x0; add CF to r0's alloc +mov rbx, rdi; +shrd rbx, r13, 52; x16 <- x15_1||x15_0 >> 52 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r15, r10, [ rax + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +mov rdx, rcx; +shrd rdx, r8, 52; x19 <- x18_1||x18_0 >> 52 +xor r9, r9 +adox rdx, rbp +adox r14, r9 +adcx r11, r10 +adcx r15, r12 +mov rbp, rdx; preserving value of x24_0 into a new reg +mov rdx, [ rax + 0x0 ]; saving arg2[0] in rdx. +mulx r13, r12, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +test al, al +adox r11, [ rsp - 0x40 ] +adox r15, [ rsp - 0x48 ] +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r10, r8, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x20 ], r15; spilling x10047_1 to mem +mulx r15, r9, rbp; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +adcx r12, r8 +adcx r10, r13 +xor r13, r13 +adox rbx, r12 +adox r10, r13 +mov rbp, 0xfffffffffffff ; moving imm to reg +and rcx, rbp; x20 <- x18_0&0xfffffffffffff +mulx r12, r8, rcx; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +adox r8, rbx +adox r10, r12 +mov rbx, r8; +shrd rbx, r10, 52; x22 <- x21_1||x21_0 >> 52 +and r8, rbp; x23 <- x21_0&0xfffffffffffff +adox rbx, r11 +mov rcx, [ rsp - 0x20 ]; +adox rcx, r13 +adcx r9, rbx +adcx rcx, r15 +mov r11, r9; +shrd r11, rcx, 52; x28 <- x27_1||x27_0 >> 52 +and r9, rbp; x29 <- x27_0&0xfffffffffffff +add r11, [ rsp - 0x28 ] +mov r15, 0x1000003d10000 ; moving imm to reg +mov rdx, r15; 0x1000003d10000 to rdx +mulx r12, r15, r14; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +xor r10, r10 +adox r15, r11 +adox r12, r10 +mov r13, r15; +shrd r13, r12, 52; x31 <- x30_1||x30_0 >> 52 +add r13, [ rsp - 0x30 ] +and rdi, rbp; x17 <- x15_0&0xfffffffffffff +mov rbx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rbx + 0x20 ], r13; out1[4] = x33 +mov [ rbx + 0x0 ], rdi; out1[0] = x17 +mov [ rbx + 0x10 ], r9; out1[2] = x29 +and r15, rbp; x32 <- x30_0&0xfffffffffffff +mov [ rbx + 0x8 ], r8; out1[1] = x23 +mov [ rbx + 0x18 ], r15; out1[3] = x32 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.1444 +; seed 2016940727727389 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1494164 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=288, initial num_batches=31): 140939 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.09432632562422867 +; number reverted permutation / tried permutation: 99139 / 135478 =73.177% +; number reverted decision / tried decision: 77995 / 134521 =57.980% +; validated in 0.294s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000662633942_ratio11215.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000662633942_ratio11215.asm deleted file mode 100644 index aef1e38d26..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000662633942_ratio11215.asm +++ /dev/null @@ -1,221 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x0 ] -mulx r11, r10, [ rsi + 0x18 ] -mov rdx, [ rax + 0x20 ] -mulx r8, rcx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x8 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x10 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r9 -mulx r9, rbx, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x38 ], rdi -mov [ rsp - 0x30 ], r15 -mulx r15, rdi, [ rsi + 0x20 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x28 ], r15 -mov [ rsp - 0x20 ], rdi -mulx rdi, r15, [ rsi + 0x20 ] -xor rdx, rdx -adox r15, rbx -adox r9, rdi -mov rbx, 0xfffffffffffff -mov rdi, rcx -and rdi, rbx -mov rdx, 0x1000003d10 -mov [ rsp - 0x18 ], r12 -mulx r12, rbx, rdi -adox r15, r13 -adox r14, r9 -shrd rcx, r8, 52 -mov rdx, [ rax + 0x8 ] -mulx r13, r8, [ rsi + 0x10 ] -test al, al -adox r10, r8 -adox r13, r11 -mov rdx, [ rax + 0x10 ] -mulx r9, r11, [ rsi + 0x8 ] -adcx r10, r11 -adcx r9, r13 -mov rdx, [ rax + 0x18 ] -mulx r8, rdi, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mulx r11, r13, [ rax + 0x0 ] -test al, al -adox r10, rdi -adox r8, r9 -mov rdx, [ rsi + 0x10 ] -mulx rdi, r9, [ rax + 0x10 ] -adcx rbx, r10 -adcx r8, r12 -mov rdx, [ rax + 0x18 ] -mulx r10, r12, [ rsi + 0x8 ] -mov rdx, rbx -shrd rdx, r8, 52 -add r13, rbp -adcx r11, [ rsp - 0x18 ] -xor rbp, rbp -adox r13, r9 -adox rdi, r11 -mov r9, rdx -mov rdx, [ rsi + 0x0 ] -mulx r11, r8, [ rax + 0x20 ] -adcx r13, r12 -adcx r10, rdi -test al, al -adox r13, r8 -adox r11, r10 -mov rdx, 0x1000003d10 -mulx rdi, r12, rcx -adcx r9, r13 -adc r11, 0x0 -xor rcx, rcx -adox r12, r9 -adox r11, rdi -mov rbp, r12 -shrd rbp, r11, 52 -mov r8, 0xfffffffffffff -and r12, r8 -mov rdx, [ rax + 0x20 ] -mulx r13, r10, [ rsi + 0x8 ] -mov rdx, r12 -shr rdx, 48 -xor rdi, rdi -adox r15, r10 -adox r13, r14 -adcx rbp, r15 -adc r13, 0x0 -mov rcx, rdx -mov rdx, [ rax + 0x18 ] -mulx r9, r14, [ rsi + 0x18 ] -mov rdx, rbp -shrd rdx, r13, 52 -mov r11, r14 -add r11, [ rsp - 0x20 ] -adcx r9, [ rsp - 0x28 ] -mov r10, rdx -mov rdx, [ rax + 0x20 ] -mulx r13, r15, [ rsi + 0x10 ] -xor rdx, rdx -adox r11, r15 -adox r13, r9 -adcx r10, r11 -adc r13, 0x0 -and rbp, r8 -shl rbp, 4 -mov rdx, [ rax + 0x0 ] -mulx r14, rdi, [ rsi + 0x0 ] -lea rbp, [ rbp + rcx ] -mov rdx, 0x1000003d1 -mulx r9, rcx, rbp -mov rdx, [ rax + 0x18 ] -mulx r11, r15, [ rsi + 0x20 ] -add rcx, rdi -adcx r14, r9 -mov rdx, r10 -and rdx, r8 -mov rdi, 0x1000003d10 -mulx r9, rbp, rdi -mov rdx, [ rsi + 0x18 ] -mulx r8, rdi, [ rax + 0x20 ] -shrd r10, r13, 52 -add r15, rdi -adcx r8, r11 -add r10, r15 -adc r8, 0x0 -mov rdx, [ rsi + 0x0 ] -mulx r11, r13, [ rax + 0x8 ] -mov rdx, rcx -shrd rdx, r14, 52 -mov r14, r13 -xor rdi, rdi -adox r14, [ rsp - 0x30 ] -adox r11, [ rsp - 0x38 ] -mov r15, r10 -shrd r15, r8, 52 -xor r8, r8 -adox rdx, r14 -adox r11, r8 -mov rdi, rdx -mov rdx, [ rsi + 0x8 ] -mulx r14, r13, [ rax + 0x8 ] -mov rdx, r13 -adcx rdx, [ rsp - 0x40 ] -adcx r14, [ rsp - 0x48 ] -mov r13, rdx -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x10 ], r15 -mulx r15, r8, [ rax + 0x10 ] -xor rdx, rdx -adox r13, r8 -adox r15, r14 -adcx rbp, rdi -adcx r11, r9 -mov r9, 0x34 -bzhi rdi, rbp, r9 -shrd rbp, r11, 52 -mov r14, [ rsp - 0x50 ] -mov [ r14 + 0x8 ], rdi -xor r8, r8 -adox rbp, r13 -adox r15, r8 -bzhi rdx, r10, r9 -mov r10, 0x1000003d10 -mulx r11, r13, r10 -adox r13, rbp -adox r15, r11 -mov rdi, r13 -shrd rdi, r15, 52 -bzhi rbp, rbx, r9 -mov rdx, [ rsp - 0x10 ] -mulx r11, rbx, r10 -lea rbp, [ rbp + rdi ] -mov rdx, 0x30 -bzhi r15, r12, rdx -adox rbx, rbp -adox r11, r8 -mov r12, rbx -shrd r12, r11, 52 -bzhi rdi, rbx, r9 -mov [ r14 + 0x18 ], rdi -lea r15, [ r15 + r12 ] -mov [ r14 + 0x20 ], r15 -bzhi rbp, rcx, r9 -bzhi rcx, r13, r9 -mov [ r14 + 0x10 ], rcx -mov [ r14 + 0x0 ], rbp -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.1215 -; seed 2397821302094452 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1203093 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=219, initial num_batches=31): 83659 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06953660273977157 -; number reverted permutation / tried permutation: 68443 / 89316 =76.630% -; number reverted decision / tried decision: 52223 / 90683 =57.589% -; validated in 0.495s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000666944134_ratio11480.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000666944134_ratio11480.asm deleted file mode 100644 index 37d820212e..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000666944134_ratio11480.asm +++ /dev/null @@ -1,213 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x18 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rsi + 0x8 ] -mulx r8, rcx, [ rax + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x20 ] -mov rdx, r15 -shrd rdx, rdi, 52 -mov rdi, rdx -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x48 ], r12 -mov [ rsp - 0x40 ], rbp -mulx rbp, r12, [ rsi + 0x8 ] -mov rdx, 0xfffffffffffff -and r15, rdx -adox r13, r12 -adox rbp, r14 -mov rdx, [ rax + 0x8 ] -mulx r12, r14, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x38 ], rbp -mov [ rsp - 0x30 ], r13 -mulx r13, rbp, [ rax + 0x0 ] -adcx rbp, r14 -adcx r12, r13 -xor rdx, rdx -adox r9, r10 -adox r11, rbx -mov rdx, [ rax + 0x18 ] -mulx rbx, r10, [ rsi + 0x0 ] -adcx rbp, rcx -adcx r8, r12 -add rbp, r10 -adcx rbx, r8 -mov rdx, 0x1000003d10 -mulx r14, rcx, r15 -xor r15, r15 -adox rcx, rbp -adox rbx, r14 -mov r13, rcx -shrd r13, rbx, 52 -mov rdx, [ rax + 0x18 ] -mulx r10, r12, [ rsi + 0x8 ] -mov rdx, 0x1000003d10 -mulx rbp, r8, rdi -xor rdi, rdi -adox r9, [ rsp - 0x40 ] -adox r11, [ rsp - 0x48 ] -adcx r9, r12 -adcx r10, r11 -mov rdx, [ rax + 0x20 ] -mulx r14, r15, [ rsi + 0x0 ] -xor rdx, rdx -adox r9, r15 -adox r14, r10 -adcx r13, r9 -adc r14, 0x0 -xor rdi, rdi -adox r8, r13 -adox r14, rbp -mov rdx, [ rax + 0x8 ] -mulx r12, rbx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mulx r11, rbp, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mulx r15, r10, [ rsi + 0x18 ] -adcx rbx, r10 -adcx r15, r12 -mov rdx, [ rsi + 0x8 ] -mulx r13, r9, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -and rcx, rdx -adox rbx, rbp -adox r11, r15 -adcx rbx, r9 -adcx r13, r11 -mov r12, r8 -shrd r12, r14, 52 -test al, al -adox r12, rbx -adox r13, rdi -mov r14, r12 -and r14, rdx -shrd r12, r13, 52 -and r8, rdx -mov rdx, [ rax + 0x18 ] -mulx r10, rbp, [ rsi + 0x18 ] -mov rdx, 0x30 -bzhi r15, r8, rdx -shr r8, 48 -mov rdx, [ rsi + 0x0 ] -mulx r11, r9, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mulx r13, rbx, [ rax + 0x10 ] -shl r14, 4 -lea r14, [ r14 + r8 ] -xor rdx, rdx -adox rbx, rbp -adox r10, r13 -mov rdx, [ rsi + 0x0 ] -mulx rbp, rdi, [ rax + 0x10 ] -mov rdx, 0x1000003d1 -mulx r13, r8, r14 -mov r14, rdi -adcx r14, [ rsp - 0x30 ] -adcx rbp, [ rsp - 0x38 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x28 ], r15 -mulx r15, rdi, [ rsi + 0x10 ] -xor rdx, rdx -adox rbx, rdi -adox r15, r10 -adcx r12, rbx -adc r15, 0x0 -mov r10, r12 -shrd r10, r15, 52 -mov rdx, [ rax + 0x0 ] -mulx rbx, rdi, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x20 ], rcx -mulx rcx, r15, [ rax + 0x20 ] -add r8, r9 -adcx r11, r13 -mov rdx, r8 -shrd rdx, r11, 52 -mov r9, rdx -mov rdx, [ rsi + 0x0 ] -mulx r11, r13, [ rax + 0x8 ] -test al, al -adox rdi, r13 -adox r11, rbx -adcx r9, rdi -adc r11, 0x0 -mov rdx, [ rsi + 0x20 ] -mulx r13, rbx, [ rax + 0x18 ] -xor rdx, rdx -adox rbx, r15 -adox rcx, r13 -adcx r10, rbx -adc rcx, 0x0 -mov r15, 0xfffffffffffff -mov rdi, r10 -and rdi, r15 -shrd r10, rcx, 52 -and r12, r15 -mov r13, 0x1000003d10 -mov rdx, r13 -mulx rbx, r13, r12 -mulx r12, rcx, rdi -adox r13, r9 -adox r11, rbx -mov r9, r13 -and r9, r15 -shrd r13, r11, 52 -and r8, r15 -mov rdi, [ rsp - 0x50 ] -mov [ rdi + 0x0 ], r8 -adox r13, r14 -mov rbx, 0x0 -adox rbp, rbx -adcx rcx, r13 -adcx rbp, r12 -mov r14, rcx -shrd r14, rbp, 52 -mulx r11, r12, r10 -mov [ rdi + 0x8 ], r9 -add r14, [ rsp - 0x20 ] -xor r10, r10 -adox r12, r14 -adox r11, r10 -and rcx, r15 -mov [ rdi + 0x10 ], rcx -mov rbx, r12 -shrd rbx, r11, 52 -add rbx, [ rsp - 0x28 ] -and r12, r15 -mov [ rdi + 0x18 ], r12 -mov [ rdi + 0x20 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.1480 -; seed 0344365453752609 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1229135 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=225, initial num_batches=31): 83922 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.06827728443173452 -; number reverted permutation / tried permutation: 70175 / 90389 =77.637% -; number reverted decision / tried decision: 52551 / 89610 =58.644% -; validated in 0.467s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000772484259_ratio10034.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000772484259_ratio10034.asm deleted file mode 100644 index 26d7123475..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000772484259_ratio10034.asm +++ /dev/null @@ -1,224 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x20 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x10 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x8 ] -mov rdx, 0x34 -mov [ rsp - 0x58 ], r15 -bzhi r15, r10, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbx -mulx rbx, rdi, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x40 ], r9 -mov [ rsp - 0x38 ], rbx -mulx rbx, r9, [ rsi + 0x10 ] -adox rcx, r9 -adox rbx, r8 -mov rdx, [ rax + 0x10 ] -mulx r9, r8, [ rsi + 0x0 ] -shrd r10, r11, 52 -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x30 ], r9 -mulx r9, r11, [ rsi + 0x8 ] -xor rdx, rdx -adox rcx, r11 -adox r9, rbx -mov rbx, 0x1000003d10 -mov rdx, r10 -mulx r11, r10, rbx -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x28 ], r8 -mulx r8, rbx, [ rsi + 0x0 ] -adcx rcx, rbx -adcx r8, r9 -mov rdx, 0x1000003d10 -mulx rbx, r9, r15 -test al, al -adox r9, rcx -adox r8, rbx -mov rdx, [ rsi + 0x18 ] -mulx rcx, r15, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x20 ], rdi -mulx rdi, rbx, [ rsi + 0x20 ] -adcx rbx, r15 -adcx rcx, rdi -test al, al -adox rbx, rbp -adox r12, rcx -adcx rbx, r13 -adcx r14, r12 -mov rdx, [ rax + 0x20 ] -mulx r13, rbp, [ rsi + 0x0 ] -test al, al -adox rbx, rbp -adox r13, r14 -mov rdx, [ rax + 0x10 ] -mulx rdi, r15, [ rsi + 0x18 ] -mov rdx, [ rax + 0x8 ] -mulx r12, rcx, [ rsi + 0x20 ] -mov rdx, r9 -shrd rdx, r8, 52 -test al, al -adox rcx, r15 -adox rdi, r12 -mov r8, rdx -mov rdx, [ rsi + 0x18 ] -mulx rbp, r14, [ rax + 0x18 ] -mov rdx, [ rax + 0x18 ] -mulx r12, r15, [ rsi + 0x10 ] -adcx r8, rbx -adc r13, 0x0 -test al, al -adox rcx, r15 -adox r12, rdi -mov rdx, [ rax + 0x20 ] -mulx rdi, rbx, [ rsi + 0x8 ] -adcx r10, r8 -adcx r13, r11 -mov rdx, r10 -shrd rdx, r13, 52 -mov r11, 0xfffffffffffff -and r10, r11 -mov r15, rdx -mov rdx, [ rax + 0x10 ] -mulx r13, r8, [ rsi + 0x20 ] -adox r8, r14 -adox rbp, r13 -mov rdx, [ rsi + 0x0 ] -mulx r13, r14, [ rax + 0x8 ] -adcx rcx, rbx -adcx rdi, r12 -mov rdx, [ rax + 0x0 ] -mulx rbx, r12, [ rsi + 0x0 ] -test al, al -adox r15, rcx -mov rdx, 0x0 -adox rdi, rdx -mov rcx, r15 -and rcx, r11 -shl rcx, 4 -mov rdx, r10 -shr rdx, 48 -lea rcx, [ rcx + rdx ] -mov rdx, 0x1000003d1 -mov [ rsp - 0x18 ], r13 -mulx r13, r11, rcx -xor rcx, rcx -adox r11, r12 -adox rbx, r13 -mov rdx, [ rsi + 0x10 ] -mulx r13, r12, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -mov rcx, r11 -and rcx, rdx -shrd r11, rbx, 52 -add r8, r12 -adcx r13, rbp -shrd r15, rdi, 52 -mov rdx, [ rax + 0x8 ] -mulx rdi, rbp, [ rsi + 0x8 ] -mov rdx, r14 -xor rbx, rbx -adox rdx, [ rsp - 0x20 ] -mov r12, [ rsp - 0x38 ] -adox r12, [ rsp - 0x18 ] -adcx r11, rdx -adc r12, 0x0 -test al, al -adox r15, r8 -adox r13, rbx -mov r14, 0x34 -bzhi r8, r15, r14 -shrd r15, r13, 52 -mov rdx, 0x1000003d10 -mulx rbx, r13, r8 -mov rdx, [ rax + 0x0 ] -mulx r14, r8, [ rsi + 0x10 ] -test al, al -adox r8, rbp -adox rdi, r14 -adcx r8, [ rsp - 0x28 ] -adcx rdi, [ rsp - 0x30 ] -test al, al -adox r13, r11 -adox r12, rbx -mov rdx, [ rax + 0x20 ] -mulx r11, rbp, [ rsi + 0x18 ] -mov rdx, rbp -adcx rdx, [ rsp - 0x40 ] -adcx r11, [ rsp - 0x48 ] -mov rbx, 0xfffffffffffff -mov r14, r13 -and r14, rbx -adox r15, rdx -mov rbp, 0x0 -adox r11, rbp -mov rdx, r15 -shrd rdx, r11, 52 -and r15, rbx -shrd r13, r12, 52 -test al, al -adox r13, r8 -adox rdi, rbp -mov r8, 0x1000003d10 -xchg rdx, r15 -mulx r11, r12, r8 -adcx r12, r13 -adcx rdi, r11 -and r9, rbx -mov rdx, r12 -shrd rdx, rdi, 52 -lea r9, [ r9 + rdx ] -mov rdx, r15 -mulx r13, r15, r8 -test al, al -adox r15, r9 -adox r13, rbp -mov rdx, 0xffffffffffff -and r10, rdx -mov r11, r15 -shrd r11, r13, 52 -and r15, rbx -mov rdi, [ rsp - 0x50 ] -mov [ rdi + 0x8 ], r14 -mov [ rdi + 0x0 ], rcx -and r12, rbx -lea r10, [ r10 + r11 ] -mov [ rdi + 0x18 ], r15 -mov [ rdi + 0x20 ], r10 -mov [ rdi + 0x10 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 1.0034 -; seed 0309980762122920 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1313279 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=210, initial num_batches=31): 95813 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07295707918880907 -; number reverted permutation / tried permutation: 66771 / 89664 =74.468% -; number reverted decision / tried decision: 37287 / 90335 =41.276% -; validated in 0.394s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000806416557_ratio10790.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000806416557_ratio10790.asm deleted file mode 100644 index 38b53f6fdc..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000806416557_ratio10790.asm +++ /dev/null @@ -1,216 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x10 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x0 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x48 ], r14 -mov [ rsp - 0x40 ], r13 -mulx r13, r14, [ rsi + 0x20 ] -xor rdx, rdx -adox r15, r10 -adox r11, rdi -mov r10, 0xfffffffffffff -mov rdi, r14 -and rdi, r10 -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x38 ], rbx -mulx rbx, r10, [ rsi + 0x8 ] -shrd r14, r13, 52 -xor rdx, rdx -adox r15, r10 -adox rbx, r11 -mov rdx, [ rsi + 0x18 ] -mulx r11, r13, [ rax + 0x8 ] -adcx rcx, r13 -adcx r11, r8 -mov rdx, [ rax + 0x18 ] -mulx r10, r8, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x30 ], r14 -mulx r14, r13, [ rax + 0x8 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x28 ], r14 -mov [ rsp - 0x20 ], r13 -mulx r13, r14, rdi -test al, al -adox r15, r8 -adox r10, rbx -adcx r14, r15 -adcx r10, r13 -mov rdi, r14 -shrd rdi, r10, 52 -mov rdx, [ rax + 0x10 ] -mulx r8, rbx, [ rsi + 0x18 ] -xor rdx, rdx -adox rcx, rbp -adox r12, r11 -mov rdx, [ rsi + 0x0 ] -mulx r11, rbp, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mulx r15, r13, [ rax + 0x18 ] -adcx rcx, r13 -adcx r15, r12 -xor rdx, rdx -adox rcx, rbp -adox r11, r15 -adcx r9, rbx -adcx r8, [ rsp - 0x38 ] -xor r10, r10 -adox rdi, rcx -adox r11, r10 -mov rdx, 0x1000003d10 -mulx r12, rbx, [ rsp - 0x30 ] -adcx r9, [ rsp - 0x40 ] -adcx r8, [ rsp - 0x48 ] -add rbx, rdi -adcx r11, r12 -mov rdx, [ rax + 0x20 ] -mulx r13, rbp, [ rsi + 0x8 ] -mov rdx, 0x34 -bzhi r15, rbx, rdx -mov rcx, r15 -shr rcx, 48 -shrd rbx, r11, 52 -test al, al -adox r9, rbp -adox r13, r8 -mov rdi, 0xffffffffffff -and r15, rdi -adox rbx, r9 -adox r13, r10 -bzhi r12, rbx, rdx -mov rdx, [ rax + 0x18 ] -mulx r11, r8, [ rsi + 0x18 ] -shl r12, 4 -shrd rbx, r13, 52 -mov rdx, [ rax + 0x20 ] -mulx r9, rbp, [ rsi + 0x10 ] -lea r12, [ r12 + rcx ] -mov rdx, [ rax + 0x10 ] -mulx r13, rcx, [ rsi + 0x20 ] -xor rdx, rdx -adox rcx, r8 -adox r11, r13 -adcx rcx, rbp -adcx r9, r11 -add rbx, rcx -adc r9, 0x0 -mov r10, rbx -shrd r10, r9, 52 -mov r8, 0xfffffffffffff -and rbx, r8 -mov rdx, [ rsi + 0x18 ] -mulx r13, rbp, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mulx rcx, r11, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mulx rdi, r9, [ rax + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x18 ], r15 -mulx r15, r8, [ rax + 0x18 ] -adox r8, rbp -adox r13, r15 -adcx r10, r8 -adc r13, 0x0 -mov rdx, r10 -shrd rdx, r13, 52 -mov rbp, rdx -mov rdx, [ rsi + 0x0 ] -mulx r8, r15, [ rax + 0x8 ] -mov rdx, 0x1000003d1 -mov [ rsp - 0x10 ], rbp -mulx rbp, r13, r12 -xor r12, r12 -adox r13, r9 -adox rdi, rbp -adcx r11, r15 -adcx r8, rcx -mov rcx, 0xfffffffffffff -mov r9, r13 -and r9, rcx -shrd r13, rdi, 52 -xor r15, r15 -adox r13, r11 -adox r8, r15 -mov r12, 0x1000003d10 -mov rdx, r12 -mulx rbp, r12, rbx -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x0 ], r9 -adcx r12, r13 -adcx r8, rbp -mov rdi, r12 -shrd rdi, r8, 52 -and r12, rcx -mov rdx, [ rsi + 0x10 ] -mulx r9, r11, [ rax + 0x0 ] -and r10, rcx -mov [ rbx + 0x8 ], r12 -mov rdx, 0x1000003d10 -mulx rbp, r13, r10 -adox r11, [ rsp - 0x20 ] -adox r9, [ rsp - 0x28 ] -mov rdx, [ rax + 0x10 ] -mulx r12, r8, [ rsi + 0x0 ] -adcx r11, r8 -adcx r12, r9 -xor rdx, rdx -adox rdi, r11 -adox r12, rdx -adcx r13, rdi -adcx r12, rbp -mov r15, r13 -shrd r15, r12, 52 -and r13, rcx -mov [ rbx + 0x10 ], r13 -mov r10, 0x1000003d10 -mov rdx, [ rsp - 0x10 ] -mulx r9, rbp, r10 -and r14, rcx -lea r14, [ r14 + r15 ] -adox rbp, r14 -mov rdx, 0x0 -adox r9, rdx -mov r8, rbp -shrd r8, r9, 52 -add r8, [ rsp - 0x18 ] -and rbp, rcx -mov [ rbx + 0x20 ], r8 -mov [ rbx + 0x18 ], rbp -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0790 -; seed 1500674875758632 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1971736 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=332, initial num_batches=31): 163633 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.08298930485622821 -; number reverted permutation / tried permutation: 71715 / 89887 =79.784% -; number reverted decision / tried decision: 52980 / 90112 =58.794% -; validated in 0.715s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000828129769_ratio12356.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000828129769_ratio12356.asm new file mode 100644 index 0000000000..d79c3a09af --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000828129769_ratio12356.asm @@ -0,0 +1,210 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r11, r10, [ rax + 0x10 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r8, rcx, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rsi + 0x20 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rax + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rax + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x48 ], rdi; spilling x10010_1 to mem +mov [ rsp - 0x40 ], r15; spilling x10010_0 to mem +mulx r15, rdi, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x38 ], r15; spilling x10008_1 to mem +mov [ rsp - 0x30 ], rdi; spilling x10008_0 to mem +mulx rdi, r15, [ rax + 0x10 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +test al, al +adox r9, r15 +adox rdi, rbx +adcx r10, rcx +adcx r8, r11 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx rcx, r11, [ rsi + 0x10 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +xor rdx, rdx +adox r9, r11 +adox rcx, rdi +mov rbx, 0x1000003d10000 ; moving imm to reg +mov rdx, rbx; 0x1000003d10000 to rdx +mulx r15, rbx, r12; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rdi, r12, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp - 0x28 ], r8; spilling x10033_1 to mem +mulx r8, r11, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x20 ], r10; spilling x10033_0 to mem +mov [ rsp - 0x18 ], rcx; spilling x10024_1 to mem +mulx rcx, r10, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +adcx r11, r12 +adcx rdi, r8 +test al, al +adox r11, r10 +adox rcx, rdi +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r8, r12, rbp; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r10, rbp, [ rsi + 0x0 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +adcx r11, rbp +adcx r10, rcx +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rcx, rdi, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +test al, al +adox r13, rdi +adox rcx, r14 +adcx r12, r11 +adcx r10, r8 +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mulx r8, r14, [ rsi + 0x8 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +test al, al +adox r13, [ rsp - 0x40 ] +adox rcx, [ rsp - 0x48 ] +mov rdx, r12; +shrd rdx, r10, 52; x5 <- x4_1||x4_0 >> 52 +test al, al +adox r13, r14 +adox r8, rcx +adcx r13, [ rsp - 0x30 ] +adcx r8, [ rsp - 0x38 ] +xor rbp, rbp +adox rdx, r13 +adox r8, rbp +adcx rbx, rdx +adcx r8, r15 +mov r15, rbx; +shrd r15, r8, 52; x8 <- x7_1||x7_0 >> 52 +mov r11, 0xfffffffffffff ; moving imm to reg +and rbx, r11; x9 <- x7_0&0xfffffffffffff +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r10, rdi, [ rsi + 0x8 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +mov rdx, rbx; +shr rdx, 48; x10 <- x9>> 48 +test al, al +adox r9, rdi +adox r10, [ rsp - 0x18 ] +adcx r15, r9 +adc r10, 0x0; add CF to r0's alloc +mov r14, r15; +shrd r14, r10, 52; x13 <- x12_1||x12_0 >> 52 +and r15, r11; x14 <- x12_0&0xfffffffffffff +and r12, r11; x6 <- x4_0&0xfffffffffffff +shl r15, 4; x10027 <- x14<< 4 +lea r15, [ r15 + rdx ] +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r13, rcx, [ rax + 0x20 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +mov rdx, rcx; +xor r8, r8 +adox rdx, [ rsp - 0x20 ] +adox r13, [ rsp - 0x28 ] +adcx r14, rdx +adc r13, 0x0; add CF to r0's alloc +mov rbp, r14; +shrd rbp, r13, 52; x19 <- x18_1||x18_0 >> 52 +and r14, r11; x20 <- x18_0&0xfffffffffffff +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r9, rdi, [ rax + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +mov rdx, 0x1000003d1 ; moving imm to reg +mulx rcx, r10, r15; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +adox r10, rdi +adox r9, rcx +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r13, r15, [ rsi + 0x0 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rcx, rdi, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r11, r8, r14; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +mov r14, r10; +shrd r14, r9, 52; x16 <- x15_1||x15_0 >> 52 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x10 ], r12; spilling x6 to mem +mulx r12, r9, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +test al, al +adox rdi, r9 +adox r12, rcx +adcx rbp, rdi +adc r12, 0x0; add CF to r0's alloc +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx r9, rcx, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +test al, al +adox rcx, r15 +adox r13, r9 +adcx r14, rcx +adc r13, 0x0; add CF to r0's alloc +xor rdx, rdx +adox r8, r14 +adox r13, r11 +mov r15, r8; +shrd r15, r13, 52; x22 <- x21_1||x21_0 >> 52 +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx rdi, r11, [ rsi + 0x10 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rcx, r9, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +test al, al +adox r11, r9 +adox rcx, rdi +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r13, r14, [ rsi + 0x0 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +adcx r11, r14 +adcx r13, rcx +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r9, rdi, rbp; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +xor rcx, rcx +adox r15, r11 +adox r13, rcx +adcx rdi, r15 +adcx r13, r9 +mov r14, 0x34 ; moving imm to reg +bzhi rbp, rdi, r14; x29 <- x27_0 (only least 0x34 bits) +shrd rdi, r13, 52; x28 <- x27_1||x27_0 >> 52 +add rdi, [ rsp - 0x10 ] +mov r11, 0x30 ; moving imm to reg +bzhi r9, rbx, r11; x11 <- x9 (only least 0x30 bits) +mov rbx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rbx + 0x10 ], rbp; out1[2] = x29 +mov r15, 0x1000003d10000 ; moving imm to reg +mov rdx, r15; 0x1000003d10000 to rdx +mulx r13, r15, r12; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +adox r15, rdi +adox r13, rcx +bzhi r12, r15, r14; x32 <- x30_0 (only least 0x34 bits) +shrd r15, r13, 52; x31 <- x30_1||x30_0 >> 52 +lea r9, [ r9 + r15 ] +bzhi rbp, r10, r14; x17 <- x15_0 (only least 0x34 bits) +mov [ rbx + 0x18 ], r12; out1[3] = x32 +bzhi r10, r8, r14; x23 <- x21_0 (only least 0x34 bits) +mov [ rbx + 0x8 ], r10; out1[1] = x23 +mov [ rbx + 0x20 ], r9; out1[4] = x33 +mov [ rbx + 0x0 ], rbp; out1[0] = x17 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 9 5950X 16-Core Processor +; ratio 1.2356 +; seed 2249846679398311 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 3339906 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=176, initial num_batches=31): 162832 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.048753467911971174 +; number reverted permutation / tried permutation: 94662 / 135107 =70.064% +; number reverted decision / tried decision: 52024 / 134892 =38.567% +; validated in 0.414s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000840064169_ratio13378.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000840064169_ratio13378.asm new file mode 100644 index 0000000000..e2ded3e98c --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000840064169_ratio13378.asm @@ -0,0 +1,211 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x8 ]; saving arg2[1] in rdx. +mulx r11, r10, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r8, rcx, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rax + 0x0 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rax + 0x18 ]; arg2[3] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rsi + 0x20 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +xor rdx, rdx +adox rbp, r10 +adox r11, r12 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r12, r10, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +adcx rbp, rcx +adcx r8, r11 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r11, rcx, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rsi + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +xor rdx, rdx +adox rbp, rcx +adox r11, r8 +mov r8, 0x1000003d10000 ; moving imm to reg +mov rdx, r8; 0x1000003d10000 to rdx +mulx rcx, r8, rdi; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mov [ rsp - 0x48 ], r14; spilling x10041_1 to mem +mulx r14, rdi, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x40 ], r13; spilling x10041_0 to mem +mov [ rsp - 0x38 ], r12; spilling x10031_1 to mem +mulx r12, r13, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x30 ], r10; spilling x10031_0 to mem +mov [ rsp - 0x28 ], rcx; spilling x10018_1 to mem +mulx rcx, r10, r15; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +adcx r10, rbp +adcx r11, rcx +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx rbp, r15, [ rsi + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +test al, al +adox r13, rdi +adox r14, r12 +adcx r13, r15 +adcx rbp, r14 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r12, rdi, [ rax + 0x20 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r15, rcx, [ rax + 0x18 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +xor rdx, rdx +adox r13, rcx +adox r15, rbp +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rbp, r14, [ rax + 0x10 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, r10; +shrd rdx, r11, 52; x5 <- x4_1||x4_0 >> 52 +test al, al +adox r9, r14 +adox rbp, rbx +adcx r13, rdi +adcx r12, r15 +test al, al +adox rdx, r13 +mov rbx, 0x0 ; moving imm to reg +adox r12, rbx +adcx r8, rdx +adcx r12, [ rsp - 0x28 ] +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rdi, r11, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +test al, al +adox r9, r11 +adox rdi, rbp +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r15, rcx, [ rsi + 0x8 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +adcx r9, rcx +adcx r15, rdi +mov rdx, r8; +shrd rdx, r12, 52; x8 <- x7_1||x7_0 >> 52 +xor r14, r14 +adox rdx, r9 +adox r15, r14 +mov rbx, rdx; +shrd rbx, r15, 52; x13 <- x12_1||x12_0 >> 52 +mov rbp, 0xfffffffffffff ; moving imm to reg +and r8, rbp; x9 <- x7_0&0xfffffffffffff +mov r13, r8; +shr r13, 48; x10 <- x9>> 48 +mov r12, rdx; preserving value of x12_0 into a new reg +mov rdx, [ rax + 0x10 ]; saving arg2[2] in rdx. +mulx rdi, r11, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +test al, al +adox r11, [ rsp - 0x30 ] +adox rdi, [ rsp - 0x38 ] +and r12, rbp; x14 <- x12_0&0xfffffffffffff +mov rdx, 0xffffffffffff ; moving imm to reg +and r8, rdx; x11 <- x9&0xffffffffffff +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r9, rcx, [ rax + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +shl r12, 4; x10027 <- x14<< 4 +lea r12, [ r12 + r13 ] +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r13, r15, r12; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r14, r12, [ rax + 0x20 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +xor rdx, rdx +adox r11, r12 +adox r14, rdi +adcx r15, rcx +adcx r9, r13 +mov rdi, r15; +shrd rdi, r9, 52; x16 <- x15_1||x15_0 >> 52 +test al, al +adox rbx, r11 +adox r14, rdx +mov rcx, rbx; +shrd rcx, r14, 52; x19 <- x18_1||x18_0 >> 52 +and rbx, rbp; x20 <- x18_0&0xfffffffffffff +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r12, r13, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r9, r11, [ rsi + 0x18 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +mov rdx, r11; +adox rdx, [ rsp - 0x40 ] +adox r9, [ rsp - 0x48 ] +adcx rcx, rdx +adc r9, 0x0; add CF to r0's alloc +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r11, r14, [ rax + 0x0 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x20 ], r8; spilling x11 to mem +mulx r8, rbp, rcx; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +xor rcx, rcx +adox r14, r13 +adox r12, r11 +adcx rdi, r14 +adc r12, 0x0; add CF to r0's alloc +mulx r11, r13, rbx; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +mov rbx, 0x34 ; moving imm to reg +bzhi r14, r10, rbx; x6 <- x4_0 (only least 0x34 bits) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rcx, r10, [ rax + 0x0 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +adox r13, rdi +adox r12, r11 +mov rdx, r13; +shrd rdx, r12, 52; x22 <- x21_1||x21_0 >> 52 +mov rdi, rdx; preserving value of x22 into a new reg +mov rdx, [ rax + 0x8 ]; saving arg2[1] in rdx. +mulx r12, r11, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +test al, al +adox r10, r11 +adox r12, rcx +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r11, rcx, [ rsi + 0x0 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +adcx r10, rcx +adcx r11, r12 +add rdi, r10; could be done better, if r0 has been u8 as well +adc r11, 0x0; add CF to r0's alloc +add rbp, rdi; could be done better, if r0 has been u8 as well +adcx r11, r8 +mov rdx, rbp; +shrd rdx, r11, 52; x28 <- x27_1||x27_0 >> 52 +mov r8, 0x1000003d10000 ; moving imm to reg +xchg rdx, r8; 0x1000003d10000, swapping with x28, which is currently in rdx +mulx rcx, r12, r9; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +lea r14, [ r14 + r8 ] +add r12, r14; could be done better, if r0 has been u8 as well +adc rcx, 0x0; add CF to r0's alloc +mov r10, r12; +shrd r10, rcx, 52; x31 <- x30_1||x30_0 >> 52 +add r10, [ rsp - 0x20 ] +bzhi rdi, r12, rbx; x32 <- x30_0 (only least 0x34 bits) +mov r9, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r9 + 0x20 ], r10; out1[4] = x33 +bzhi r11, r15, rbx; x17 <- x15_0 (only least 0x34 bits) +bzhi r15, rbp, rbx; x29 <- x27_0 (only least 0x34 bits) +mov [ r9 + 0x10 ], r15; out1[2] = x29 +mov [ r9 + 0x0 ], r11; out1[0] = x17 +bzhi rbp, r13, rbx; x23 <- x21_0 (only least 0x34 bits) +mov [ r9 + 0x8 ], rbp; out1[1] = x23 +mov [ r9 + 0x18 ], rdi; out1[3] = x32 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 9 5950X 16-Core Processor +; ratio 1.3378 +; seed 0017315411065161 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 3329101 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=168, initial num_batches=31): 163727 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.04918054453739914 +; number reverted permutation / tried permutation: 96324 / 135048 =71.326% +; number reverted decision / tried decision: 52273 / 134951 =38.735% +; validated in 0.426s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000843851796_ratio10725.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000843851796_ratio10725.asm deleted file mode 100644 index 779bdb44a1..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000843851796_ratio10725.asm +++ /dev/null @@ -1,216 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rdx + 0x10 ] -mulx r11, r10, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, [ rax + 0x8 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x18 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x8 ] -add r15, r10 -adcx r11, rdi -mov rdx, [ rsi + 0x10 ] -mulx rdi, r10, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], r14 -mov [ rsp - 0x40 ], r13 -mulx r13, r14, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x38 ], r13 -mov [ rsp - 0x30 ], r14 -mulx r14, r13, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x28 ], r8 -mov [ rsp - 0x20 ], rcx -mulx rcx, r8, [ rsi + 0x18 ] -xor rdx, rdx -adox r13, r8 -adox rcx, r14 -mov rdx, [ rsi + 0x10 ] -mulx r8, r14, [ rax + 0x10 ] -adcx r15, r10 -adcx rdi, r11 -mov rdx, [ rsi + 0x20 ] -mulx r10, r11, [ rax + 0x10 ] -add r13, r14 -adcx r8, rcx -mov rdx, [ rsi + 0x18 ] -mulx r14, rcx, [ rax + 0x18 ] -test al, al -adox r13, r9 -adox rbx, r8 -adcx r11, rcx -adcx r14, r10 -mov rdx, [ rsi + 0x20 ] -mulx r10, r9, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mulx rcx, r8, [ rax + 0x10 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x18 ], r14 -mov [ rsp - 0x10 ], r11 -mulx r11, r14, [ rsi + 0x10 ] -add rbp, r14 -adcx r11, r12 -xor rdx, rdx -adox rbp, r8 -adox rcx, r11 -mov r12, 0xfffffffffffff -mov r8, r9 -and r8, r12 -mov rdx, [ rax + 0x18 ] -mulx r11, r14, [ rsi + 0x0 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x8 ], rdi -mulx rdi, r12, r8 -adox rbp, r14 -adox r11, rcx -adcx r12, rbp -adcx r11, rdi -mov rcx, r12 -shrd rcx, r11, 52 -mov rdx, [ rax + 0x20 ] -mulx r14, r8, [ rsi + 0x0 ] -xor rdx, rdx -adox r13, r8 -adox r14, rbx -shrd r9, r10, 52 -add rcx, r13 -adc r14, 0x0 -mov rbx, 0x1000003d10 -mov rdx, rbx -mulx r10, rbx, r9 -test al, al -adox rbx, rcx -adox r14, r10 -mov rdi, 0xfffffffffffff -and r12, rdi -mov rbp, rbx -shrd rbp, r14, 52 -mov rdx, [ rsi + 0x8 ] -mulx r8, r11, [ rax + 0x20 ] -and rbx, rdi -adox r15, r11 -adox r8, [ rsp - 0x8 ] -mov rdx, 0xffffffffffff -mov r13, rbx -and r13, rdx -shr rbx, 48 -add rbp, r15 -adc r8, 0x0 -mov r9, rbp -and r9, rdi -shrd rbp, r8, 52 -mov rdx, [ rax + 0x20 ] -mulx r10, rcx, [ rsi + 0x10 ] -shl r9, 4 -lea r9, [ r9 + rbx ] -mov rdx, rcx -add rdx, [ rsp - 0x10 ] -adcx r10, [ rsp - 0x18 ] -mov r14, rdx -mov rdx, [ rax + 0x20 ] -mulx r15, r11, [ rsi + 0x18 ] -mov rdx, 0x1000003d1 -mulx r8, rbx, r9 -mov rdx, [ rsi + 0x0 ] -mulx r9, rcx, [ rax + 0x0 ] -xor rdx, rdx -adox rbp, r14 -adox r10, rdx -mov rdx, [ rax + 0x18 ] -mulx rdi, r14, [ rsi + 0x20 ] -adcx r14, r11 -adcx r15, rdi -mov rdx, 0x34 -bzhi r11, rbp, rdx -adox rbx, rcx -adox r9, r8 -shrd rbp, r10, 52 -bzhi r8, rbx, rdx -adox rbp, r14 -mov rcx, 0x0 -adox r15, rcx -mov rdx, [ rsi + 0x8 ] -mulx rdi, r10, [ rax + 0x0 ] -mov rdx, 0x1000003d10 -mulx rcx, r14, r11 -test al, al -adox r10, [ rsp - 0x20 ] -adox rdi, [ rsp - 0x28 ] -shrd rbx, r9, 52 -mov r11, rbp -shrd r11, r15, 52 -xor r9, r9 -adox rbx, r10 -adox rdi, r9 -adcx r14, rbx -adcx rdi, rcx -mov r15, r14 -shrd r15, rdi, 52 -mov rdx, [ rsi + 0x8 ] -mulx r10, rcx, [ rax + 0x8 ] -mov rdx, 0xfffffffffffff -and r14, rdx -mov rbx, 0x1000003d10 -mov rdx, rbx -mulx rdi, rbx, r11 -mov r11, rcx -adox r11, [ rsp - 0x40 ] -adox r10, [ rsp - 0x48 ] -mov rcx, 0x34 -bzhi r9, rbp, rcx -adox r11, [ rsp - 0x30 ] -adox r10, [ rsp - 0x38 ] -xor rbp, rbp -adox r15, r11 -adox r10, rbp -mulx rbp, r11, r9 -adcx r11, r15 -adcx r10, rbp -bzhi r9, r11, rcx -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x10 ], r9 -shrd r11, r10, 52 -lea r12, [ r12 + r11 ] -xor rbp, rbp -adox rbx, r12 -adox rdi, rbp -bzhi r10, rbx, rcx -mov [ r15 + 0x8 ], r14 -shrd rbx, rdi, 52 -lea r13, [ r13 + rbx ] -mov [ r15 + 0x0 ], r8 -mov [ r15 + 0x20 ], r13 -mov [ r15 + 0x18 ], r10 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0725 -; seed 1206382180236178 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1957870 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=339, initial num_batches=31): 164549 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.08404490594370413 -; number reverted permutation / tried permutation: 70311 / 90024 =78.103% -; number reverted decision / tried decision: 51961 / 89975 =57.750% -; validated in 0.713s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000868742192_ratio10756.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000868742192_ratio10756.asm deleted file mode 100644 index 48fa195884..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0000000868742192_ratio10756.asm +++ /dev/null @@ -1,216 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -mov rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx r11, r10, [ rax + 0x20 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, [ rax + 0x0 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x0 ] -mov rdx, r10 -shrd rdx, r11, 52 -mov r11, 0x1000003d10 -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, r11 -xor rdx, rdx -adox rbp, r9 -adox rbx, r12 -mov rdx, [ rsi + 0x20 ] -mulx r12, r9, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x58 ], r15 -mulx r11, r15, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r8 -mulx r8, rdi, [ rsi + 0x10 ] -adcx r9, r15 -adcx r11, r12 -add r9, rdi -adcx r8, r11 -mov rdx, [ rax + 0x10 ] -mulx r15, r12, [ rsi + 0x8 ] -test al, al -adox rbp, r12 -adox r15, rbx -mov rdx, 0xfffffffffffff -and r10, rdx -mov rbx, 0x1000003d10 -mov rdx, r10 -mulx rdi, r10, rbx -mov rdx, [ rsi + 0x0 ] -mulx r12, r11, [ rax + 0x18 ] -adox rbp, r11 -adox r12, r15 -adcx r10, rbp -adcx r12, rdi -mov rdx, r10 -shrd rdx, r12, 52 -mov r15, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, rdi, [ rax + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mulx r12, rbp, [ rax + 0x20 ] -xor rdx, rdx -adox r9, rdi -adox r11, r8 -adcx r9, rbp -adcx r12, r11 -xor r8, r8 -adox r15, r9 -adox r12, r8 -adcx r13, r15 -adcx r12, r14 -mov rdx, [ rax + 0x8 ] -mulx rdi, r14, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mulx r11, rbp, [ rsi + 0x18 ] -test al, al -adox r14, rbp -adox r11, rdi -mov rdx, 0xfffffffffffff -and r10, rdx -mov rdx, [ rsi + 0x10 ] -mulx r15, r9, [ rax + 0x18 ] -adox r14, r9 -adox r15, r11 -mov rdx, [ rsi + 0x8 ] -mulx rbp, rdi, [ rax + 0x20 ] -adcx r14, rdi -adcx rbp, r15 -mov rdx, [ rax + 0x20 ] -mulx r9, r11, [ rsi + 0x18 ] -mov rdx, r13 -shrd rdx, r12, 52 -mov r15, 0x34 -bzhi rdi, r13, r15 -mov r13, rdi -shr r13, 48 -mov r12, rdx -mov rdx, [ rsi + 0x18 ] -mulx r15, r8, [ rax + 0x18 ] -mov rdx, 0xffffffffffff -and rdi, rdx -adox r12, r14 -mov rdx, 0x0 -adox rbp, rdx -mov r14, r12 -shrd r14, rbp, 52 -mov rdx, [ rsi + 0x20 ] -mulx rbx, rbp, [ rax + 0x10 ] -xor rdx, rdx -adox rbp, r8 -adox r15, rbx -mov rdx, [ rax + 0x20 ] -mulx rbx, r8, [ rsi + 0x10 ] -adcx rbp, r8 -adcx rbx, r15 -xor rdx, rdx -adox r14, rbp -adox rbx, rdx -mov r15, 0x34 -bzhi r8, r14, r15 -bzhi rbp, r12, r15 -mov rdx, [ rsi + 0x20 ] -mulx r15, r12, [ rax + 0x18 ] -shl rbp, 4 -test al, al -adox r12, r11 -adox r9, r15 -lea rbp, [ rbp + r13 ] -mov rdx, 0x1000003d1 -mulx r13, r11, rbp -shrd r14, rbx, 52 -add r14, r12 -adc r9, 0x0 -mov rbx, 0x34 -bzhi r15, r14, rbx -mov r12, 0x1000003d10 -mov rdx, r12 -mulx rbp, r12, r15 -mov rdx, [ rsi + 0x8 ] -mulx rbx, r15, [ rax + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x40 ], rdi -mov [ rsp - 0x38 ], r10 -mulx r10, rdi, [ rax + 0x0 ] -adox rdi, r15 -adox rbx, r10 -test al, al -adox r11, rcx -adox r13, [ rsp - 0x48 ] -mov rdx, [ rax + 0x8 ] -mulx r15, rcx, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x30 ], rbp -mulx rbp, r10, [ rax + 0x10 ] -mov rdx, r11 -shrd rdx, r13, 52 -xor r13, r13 -adox rdi, r10 -adox rbp, rbx -mov rbx, rdx -mov rdx, [ rax + 0x0 ] -mulx r13, r10, [ rsi + 0x8 ] -adcx r10, rcx -adcx r15, r13 -add rbx, r10 -adc r15, 0x0 -mov rdx, 0x1000003d10 -mulx r13, rcx, r8 -add rcx, rbx -adcx r15, r13 -mov r8, rcx -shrd r8, r15, 52 -xor r10, r10 -adox r8, rdi -adox rbp, r10 -adcx r12, r8 -adcx rbp, [ rsp - 0x30 ] -mov rdi, 0xfffffffffffff -mov rbx, r12 -and rbx, rdi -shrd r12, rbp, 52 -add r12, [ rsp - 0x38 ] -shrd r14, r9, 52 -mulx r13, r9, r14 -xor r15, r15 -adox r9, r12 -adox r13, r15 -mov r10, r9 -shrd r10, r13, 52 -and r9, rdi -mov r8, [ rsp - 0x50 ] -mov [ r8 + 0x18 ], r9 -mov [ r8 + 0x10 ], rbx -add r10, [ rsp - 0x40 ] -mov [ r8 + 0x20 ], r10 -and r11, rdi -and rcx, rdi -mov [ r8 + 0x0 ], r11 -mov [ r8 + 0x8 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0756 -; seed 0092380458526573 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1998535 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=332, initial num_batches=31): 165049 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.08258499350774443 -; number reverted permutation / tried permutation: 67485 / 90083 =74.914% -; number reverted decision / tried decision: 51444 / 89916 =57.213% -; validated in 0.699s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0368642358329107_ratio09662.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0368642358329107_ratio09662.asm deleted file mode 100644 index 9482fad388..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0368642358329107_ratio09662.asm +++ /dev/null @@ -1,232 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 200 -mov rax, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x8 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x8 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r9 -mulx r9, rbx, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x38 ], r9 -mov [ rsp - 0x30 ], rbx -mulx rbx, r9, [ rax + 0x10 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x28 ], r14 -mov [ rsp - 0x20 ], r13 -mulx r13, r14, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x18 ], r13 -mov [ rsp - 0x10 ], r14 -mulx r14, r13, [ rax + 0x10 ] -test al, al -adox rbp, r15 -adox rdi, r12 -mov rdx, [ rsi + 0x20 ] -mulx r15, r12, [ rax + 0x20 ] -mov rdx, r12 -shrd rdx, r15, 52 -mov r15, 0xfffffffffffff -and r12, r15 -mov r15, 0x1000003d10 -xchg rdx, r15 -mov [ rsp - 0x8 ], rdi -mov [ rsp + 0x0 ], rbp -mulx rbp, rdi, r12 -mov [ rsp + 0x8 ], rbp -mulx rbp, r12, r15 -mov rdx, [ rax + 0x0 ] -mov [ rsp + 0x10 ], rbp -mulx rbp, r15, [ rsi + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp + 0x18 ], r12 -mov [ rsp + 0x20 ], rdi -mulx rdi, r12, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp + 0x28 ], rbx -mov [ rsp + 0x30 ], r9 -mulx r9, rbx, [ rax + 0x8 ] -adox rcx, r12 -adox rdi, r8 -adcx r15, rbx -adcx r9, rbp -mov rdx, [ rax + 0x18 ] -mulx rbp, r8, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mulx rbx, r12, [ rax + 0x0 ] -xor rdx, rdx -adox rcx, r8 -adox rbp, rdi -mov rdx, [ rsi + 0x8 ] -mulx r8, rdi, [ rax + 0x20 ] -adcx r12, r10 -adcx r11, rbx -xor rdx, rdx -adox rcx, rdi -adox r8, rbp -mov rdx, [ rsi + 0x0 ] -mulx rbx, r10, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mulx rdi, rbp, [ rsi + 0x20 ] -adcx r12, r13 -adcx r14, r11 -mov rdx, [ rsi + 0x20 ] -mulx r11, r13, [ rax + 0x0 ] -xor rdx, rdx -adox r15, [ rsp + 0x30 ] -adox r9, [ rsp + 0x28 ] -adcx r15, r10 -adcx rbx, r9 -mov rdx, [ rsi + 0x10 ] -mulx r9, r10, [ rax + 0x20 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp + 0x38 ], r14 -mov [ rsp + 0x40 ], r12 -mulx r12, r14, [ rsi + 0x18 ] -test al, al -adox r13, r14 -adox r12, r11 -adcx rbp, [ rsp - 0x20 ] -adcx rdi, [ rsp - 0x28 ] -mov rdx, r15 -xor r11, r11 -adox rdx, [ rsp + 0x20 ] -adox rbx, [ rsp + 0x8 ] -mov r15, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r14, [ rax + 0x18 ] -mov rdx, r15 -shrd rdx, rbx, 52 -mov rbx, 0xfffffffffffff -and r15, rbx -adox r13, [ rsp - 0x30 ] -adox r12, [ rsp - 0x38 ] -adcx r13, r14 -adcx r11, r12 -add r13, [ rsp - 0x40 ] -adcx r11, [ rsp - 0x48 ] -add rdx, r13 -adc r11, 0x0 -mov r14, rdx -test al, al -adox r14, [ rsp + 0x18 ] -adox r11, [ rsp + 0x10 ] -mov r12, r14 -and r12, rbx -shrd r14, r11, 52 -mov r13, r12 -shr r13, 48 -xor rdx, rdx -adox r14, rcx -adox r8, rdx -mov rcx, r14 -shrd rcx, r8, 52 -xor r11, r11 -adox rbp, r10 -adox r9, rdi -mov rdx, [ rax + 0x0 ] -mulx rdi, r10, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mulx r11, r8, [ rax + 0x20 ] -adcx rcx, rbp -adc r9, 0x0 -mov rdx, rcx -shrd rdx, r9, 52 -and r14, rbx -shl r14, 4 -mov rbp, r8 -test al, al -adox rbp, [ rsp - 0x10 ] -adox r11, [ rsp - 0x18 ] -adcx rdx, rbp -adc r11, 0x0 -mov r8, rdx -shrd r8, r11, 52 -and rdx, rbx -and rcx, rbx -lea r14, [ r14 + r13 ] -mov r13, 0x1000003d1 -xchg rdx, r13 -mulx rbp, r9, r14 -adox r9, r10 -adox rdi, rbp -mov r10, 0x1000003d10 -mov rdx, r10 -mulx r11, r10, r8 -mulx r14, r8, rcx -mov rcx, r9 -shrd rcx, rdi, 52 -and r9, rbx -adox rcx, [ rsp + 0x0 ] -mov rbp, [ rsp - 0x8 ] -mov rdi, 0x0 -adox rbp, rdi -adcx r8, rcx -adcx rbp, r14 -mov r14, r8 -and r14, rbx -shrd r8, rbp, 52 -mulx rbp, rcx, r13 -test al, al -adox r8, [ rsp + 0x40 ] -mov r13, [ rsp + 0x38 ] -adox r13, rdi -adcx rcx, r8 -adcx r13, rbp -mov rbp, rcx -and rbp, rbx -shrd rcx, r13, 52 -lea r15, [ r15 + rcx ] -xor r8, r8 -adox r10, r15 -adox r11, r8 -mov rdi, r10 -shrd rdi, r11, 52 -mov r13, [ rsp - 0x50 ] -mov [ r13 + 0x8 ], r14 -mov r14, 0xffffffffffff -and r12, r14 -lea r12, [ r12 + rdi ] -mov [ r13 + 0x20 ], r12 -mov [ r13 + 0x10 ], rbp -and r10, rbx -mov [ r13 + 0x18 ], r10 -mov [ r13 + 0x0 ], r9 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 200 -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 0.9662 -; seed 0368642358329107 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 9025 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=206, initial num_batches=31): 571 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.06326869806094183 -; number reverted permutation / tried permutation: 355 / 515 =68.932% -; number reverted decision / tried decision: 213 / 484 =44.008% -; validated in 0.474s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed0840662850038204_ratio12375.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0840662850038204_ratio12375.asm new file mode 100644 index 0000000000..c934a2b706 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_mul/seed0840662850038204_ratio12375.asm @@ -0,0 +1,220 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_mul +fiat_secp256k1_dettman_mul: +sub rsp, 144 +mov rax, rdx; preserving value of arg2 into a new reg +mov rdx, [ rdx + 0x10 ]; saving arg2[2] in rdx. +mulx r11, r10, [ rsi + 0x8 ]; x10001_1, x10001_0<- arg1[1] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mulx r8, rcx, [ rsi + 0x0 ]; x10043_1, x10043_0<- arg1[0] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, [ rsi + 0x18 ]; x10021_1, x10021_0<- arg1[3] * arg2[2] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, [ rax + 0x20 ]; x1_1, x1_0<- arg1[4] * arg2[4] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, [ rax + 0x18 ]; x10020_1, x10020_0<- arg1[2] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rax + 0x8 ]; x10022_1, x10022_0<- arg1[4] * arg2[1] (_0*_0) +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp - 0x48 ], r8; spilling x10043_1 to mem +mov [ rsp - 0x40 ], rcx; spilling x10043_0 to mem +mulx rcx, r8, [ rsi + 0x18 ]; x10003_1, x10003_0<- arg1[3] * arg2[0] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mov [ rsp - 0x38 ], r14; spilling x10020_1 to mem +mov [ rsp - 0x30 ], r13; spilling x10020_0 to mem +mulx r13, r14, [ rax + 0x8 ]; x10035_1, x10035_0<- arg1[0] * arg2[1] (_0*_0) +test al, al +adox r15, r9 +adox rbx, rdi +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rdi, r9, [ rsi + 0x10 ]; x10002_1, x10002_0<- arg1[2] * arg2[1] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x28 ], r13; spilling x10035_1 to mem +mov [ rsp - 0x20 ], r14; spilling x10035_0 to mem +mulx r14, r13, rbp; x10007_1, x10007_0<- x3 * 0x1000003d10 (_0*_0) +adcx r8, r9 +adcx rdi, rcx +xor rbp, rbp +adox r8, r10 +adox r11, rdi +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rcx, r10, [ rax + 0x18 ]; x10000_1, x10000_0<- arg1[0] * arg2[3] (_0*_0) +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx rdi, r9, [ rsi + 0x18 ]; x10011_1, x10011_0<- arg1[3] * arg2[1] (_0*_0) +adcx r8, r10 +adcx rcx, r11 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r10, r11, [ rax + 0x0 ]; x10012_1, x10012_0<- arg1[4] * arg2[0] (_0*_0) +xor rdx, rdx +adox r11, r9 +adox rdi, r10 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r9, rbp, [ rax + 0x18 ]; x10041_1, x10041_0<- arg1[4] * arg2[3] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x18 ], r9; spilling x10041_1 to mem +mulx r9, r10, [ rax + 0x10 ]; x10010_1, x10010_0<- arg1[2] * arg2[2] (_0*_0) +mov rdx, [ rax + 0x10 ]; arg2[2] to rdx +mov [ rsp - 0x10 ], rbp; spilling x10041_0 to mem +mov [ rsp - 0x8 ], rbx; spilling x10023_1 to mem +mulx rbx, rbp, [ rsi + 0x20 ]; x10032_1, x10032_0<- arg1[4] * arg2[2] (_0*_0) +adcx r11, r10 +adcx r9, rdi +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r10, rdi, [ rax + 0x18 ]; x10009_1, x10009_0<- arg1[1] * arg2[3] (_0*_0) +xor rdx, rdx +adox r13, r8 +adox rcx, r14 +adcx r11, rdi +adcx r10, r9 +mov r14, r13; +shrd r14, rcx, 52; x5 <- x4_1||x4_0 >> 52 +mov rdx, [ rax + 0x20 ]; arg2[4] to rdx +mulx r9, r8, [ rsi + 0x0 ]; x10008_1, x10008_0<- arg1[0] * arg2[4] (_0*_0) +xor rdx, rdx +adox r11, r8 +adox r9, r10 +adcx r15, [ rsp - 0x30 ] +mov rdi, [ rsp - 0x38 ]; load m64 x10020_1 to register64 +adcx rdi, [ rsp - 0x8 ] +mov rcx, 0x1000003d10000 ; moving imm to reg +mov rdx, r12; x2 to rdx +mulx r10, r12, rcx; x10018_1, x10018_0<- x2 * 0x1000003d10000 (_0*_0) +test al, al +adox r14, r11 +mov r8, 0x0 ; moving imm to reg +adox r9, r8 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r8, r11, [ rax + 0x0 ]; x10045_1, x10045_0<- arg1[2] * arg2[0] (_0*_0) +adcx r12, r14 +adcx r9, r10 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r14, r10, [ rax + 0x20 ]; x10019_1, x10019_0<- arg1[1] * arg2[4] (_0*_0) +mov rdx, 0x34 ; moving imm to reg +bzhi rcx, r12, rdx; x9 <- x7_0 (only least 0x34 bits) +shrd r12, r9, 52; x8 <- x7_1||x7_0 >> 52 +xor r9, r9 +adox r15, r10 +adox r14, rdi +mov rdx, [ rax + 0x8 ]; arg2[1] to rdx +mulx r10, rdi, [ rsi + 0x8 ]; x10044_1, x10044_0<- arg1[1] * arg2[1] (_0*_0) +adcx r11, rdi +adcx r10, r8 +mov rdx, 0xffffffffffff ; moving imm to reg +mov r8, rcx; +and r8, rdx; x11 <- x9&0xffffffffffff +adox r12, r15 +adox r14, r9 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rdi, r15, [ rax + 0x18 ]; x10031_1, x10031_0<- arg1[3] * arg2[3] (_0*_0) +mov rdx, r12; +shrd rdx, r14, 52; x13 <- x12_1||x12_0 >> 52 +mov r14, 0xfffffffffffff ; moving imm to reg +and r12, r14; x14 <- x12_0&0xfffffffffffff +adox rbp, r15 +adox rdi, rbx +mov rbx, rdx; preserving value of x13 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mulx r9, r15, [ rax + 0x20 ]; x10030_1, x10030_0<- arg1[2] * arg2[4] (_0*_0) +adcx rbp, r15 +adcx r9, rdi +xor rdx, rdx +adox rbx, rbp +adox r9, rdx +mov rdi, rbx; +shrd rdi, r9, 52; x19 <- x18_1||x18_0 >> 52 +shr rcx, 48; x10 <- x9>> 48 +test al, al +adox r11, [ rsp - 0x40 ] +adox r10, [ rsp - 0x48 ] +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mulx rbp, r15, [ rsi + 0x8 ]; x10036_1, x10036_0<- arg1[1] * arg2[0] (_0*_0) +shl r12, 4; x10027 <- x14<< 4 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r14, r9, [ rax + 0x20 ]; x10040_1, x10040_0<- arg1[3] * arg2[4] (_0*_0) +lea r12, [ r12 + rcx ] +mov rdx, 0x1000003d1 ; moving imm to reg +mov [ rsp + 0x0 ], r8; spilling x11 to mem +mulx r8, rcx, r12; x10029_1, x10029_0<- x10028 * 0x1000003d1 (_0*_0) +mov r12, r9; +xor rdx, rdx +adox r12, [ rsp - 0x10 ] +adox r14, [ rsp - 0x18 ] +mov rdx, [ rax + 0x0 ]; arg2[0] to rdx +mov [ rsp + 0x8 ], r10; spilling x10047_1 to mem +mulx r10, r9, [ rsi + 0x0 ]; x10026_1, x10026_0<- arg1[0] * arg2[0] (_0*_0) +adcx rdi, r12 +adc r14, 0x0; add CF to r0's alloc +mov rdx, 0xfffffffffffff ; moving imm to reg +and rbx, rdx; x20 <- x18_0&0xfffffffffffff +adox r15, [ rsp - 0x20 ] +adox rbp, [ rsp - 0x28 ] +adcx rcx, r9 +adcx r10, r8 +mov r8, rcx; +shrd r8, r10, 52; x16 <- x15_1||x15_0 >> 52 +mov r12, 0x1000003d10000 ; moving imm to reg +mov rdx, r14; x25 to rdx +mulx r9, r14, r12; x10051_1, x10051_0<- x25 * 0x1000003d10000 (_0*_0) +xor r10, r10 +adox r8, r15 +adox rbp, r10 +mov r15, 0x1000003d10 ; moving imm to reg +mov rdx, r15; 0x1000003d10 to rdx +mulx r10, r15, rbx; x10039_1, x10039_0<- x20 * 0x1000003d10 (_0*_0) +adcx r15, r8 +adcx rbp, r10 +mov rbx, 0xfffffffffffff ; moving imm to reg +and rcx, rbx; x17 <- x15_0&0xfffffffffffff +mov r8, r15; +and r8, rbx; x23 <- x21_0&0xfffffffffffff +and r13, rbx; x6 <- x4_0&0xfffffffffffff +mov r10, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r10 + 0x0 ], rcx; out1[0] = x17 +mov [ r10 + 0x8 ], r8; out1[1] = x23 +shrd r15, rbp, 52; x22 <- x21_1||x21_0 >> 52 +mulx rcx, rbp, rdi; x10049_1, x10049_0<- x26 * 0x1000003d10 (_0*_0) +xor r8, r8 +adox r15, r11 +mov rdi, [ rsp + 0x8 ]; +adox rdi, r8 +adcx rbp, r15 +adcx rdi, rcx +mov r11, rbp; +shrd r11, rdi, 52; x28 <- x27_1||x27_0 >> 52 +lea r13, [ r13 + r11 ] +add r14, r13; could be done better, if r0 has been u8 as well +adc r9, 0x0; add CF to r0's alloc +mov rcx, r14; +and rcx, rbx; x32 <- x30_0&0xfffffffffffff +and rbp, rbx; x29 <- x27_0&0xfffffffffffff +mov [ r10 + 0x10 ], rbp; out1[2] = x29 +shrd r14, r9, 52; x31 <- x30_1||x30_0 >> 52 +add r14, [ rsp + 0x0 ] +mov [ r10 + 0x18 ], rcx; out1[3] = x32 +mov [ r10 + 0x20 ], r14; out1[4] = x33 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +add rsp, 144 +ret +; cpu AMD Ryzen 9 5950X 16-Core Processor +; ratio 1.2375 +; seed 0840662850038204 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 20193 ms on 1500 evaluations. +; Time spent for assembling and measuring (initial batch_size=153, initial num_batches=31): 947 ms +; number of used evaluations: 1500 +; Ratio (time for assembling + measure)/(total runtime for 1500 evals): 0.0468974397068291 +; number reverted permutation / tried permutation: 450 / 717 =62.762% +; number reverted decision / tried decision: 323 / 782 =41.304% +; validated in 0.565s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed1731199642428425_ratio09263.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed1731199642428425_ratio09263.asm deleted file mode 100644 index 3252139c88..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed1731199642428425_ratio09263.asm +++ /dev/null @@ -1,237 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 200 -mov rax, rdx -mov rdx, [ rsi + 0x0 ] -mulx r11, r10, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x8 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x8 ] -add r13, r10 -adcx r11, r14 -mov rdx, [ rsi + 0x0 ] -mulx r14, r10, [ rax + 0x0 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x8 ] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x48 ], r11 -mov r11, r9 -and r11, rdx -adox rcx, rbp -adox r12, r8 -mov rdx, [ rax + 0x18 ] -mulx rbp, r8, [ rsi + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x40 ], r13 -mov [ rsp - 0x38 ], r14 -mulx r14, r13, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x30 ], r10 -mov [ rsp - 0x28 ], rbp -mulx rbp, r10, [ rax + 0x10 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x20 ], r8 -mov [ rsp - 0x18 ], r12 -mulx r12, r8, r11 -adcx r13, r10 -adcx rbp, r14 -test al, al -adox rcx, r15 -adox rdi, [ rsp - 0x18 ] -mov rdx, [ rax + 0x0 ] -mulx r11, r15, [ rsi + 0x10 ] -adcx rcx, [ rsp - 0x20 ] -adcx rdi, [ rsp - 0x28 ] -shrd r9, rbx, 52 -mov rdx, [ rsi + 0x20 ] -mulx r14, rbx, [ rax + 0x0 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x10 ], rbp -mulx rbp, r10, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x8 ], r13 -mov [ rsp + 0x0 ], r9 -mulx r9, r13, [ rax + 0x8 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp + 0x8 ], r11 -mov [ rsp + 0x10 ], r15 -mulx r15, r11, [ rsi + 0x18 ] -add rbx, r11 -adcx r15, r14 -mov rdx, [ rsi + 0x10 ] -mulx r11, r14, [ rax + 0x10 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp + 0x18 ], r9 -mov [ rsp + 0x20 ], r13 -mulx r13, r9, [ rsi + 0x8 ] -add rbx, r14 -adcx r11, r15 -add rbx, r9 -adcx r13, r11 -test al, al -adox rbx, r10 -adox rbp, r13 -mov rdx, [ rax + 0x18 ] -mulx r15, r10, [ rsi + 0x20 ] -mov rdx, [ rax + 0x20 ] -mulx r9, r14, [ rsi + 0x18 ] -adcx r10, r14 -adcx r9, r15 -mov rdx, [ rsi + 0x10 ] -mulx r13, r11, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mulx r14, r15, [ rsi + 0x0 ] -test al, al -adox r8, rcx -adox rdi, r12 -mov rdx, [ rsp + 0x20 ] -mov r12, rdx -adcx r12, [ rsp + 0x10 ] -mov rcx, [ rsp + 0x18 ] -adcx rcx, [ rsp + 0x8 ] -test al, al -adox r12, r15 -adox r14, rcx -mov rdx, r8 -shrd rdx, rdi, 52 -mov r15, 0x1000003d10 -xchg rdx, r15 -mulx rcx, rdi, [ rsp + 0x0 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp + 0x28 ], r14 -mov [ rsp + 0x30 ], r12 -mulx r12, r14, [ rsi + 0x10 ] -xor rdx, rdx -adox r15, rbx -adox rbp, rdx -mov rbx, r11 -adcx rbx, [ rsp - 0x8 ] -adcx r13, [ rsp - 0x10 ] -xor r11, r11 -adox rdi, r15 -adox rbp, rcx -mov rdx, [ rax + 0x20 ] -mulx r15, rcx, [ rsi + 0x8 ] -adcx rbx, rcx -adcx r15, r13 -mov rdx, 0xfffffffffffff -mov r13, rdi -and r13, rdx -mov rdx, [ rsi + 0x18 ] -mulx r11, rcx, [ rax + 0x18 ] -shrd rdi, rbp, 52 -mov rdx, r13 -shr rdx, 48 -mov rbp, rdx -mov rdx, [ rax + 0x10 ] -mov [ rsp + 0x38 ], r9 -mov [ rsp + 0x40 ], r10 -mulx r10, r9, [ rsi + 0x20 ] -test al, al -adox rdi, rbx -mov rdx, 0x0 -adox r15, rdx -mov rbx, 0xfffffffffffff -mov rdx, rdi -and rdx, rbx -shl rdx, 4 -test al, al -adox r9, rcx -adox r11, r10 -adcx r9, r14 -adcx r12, r11 -shrd rdi, r15, 52 -test al, al -adox rdi, r9 -mov r14, 0x0 -adox r12, r14 -mov rcx, rdi -shrd rcx, r12, 52 -and rdi, rbx -mov r10, 0x1000003d10 -xchg rdx, rdi -mulx r11, r15, r10 -adox rcx, [ rsp + 0x40 ] -mov r9, [ rsp + 0x38 ] -adox r9, r14 -mov r12, rcx -shrd r12, r9, 52 -lea rdi, [ rdi + rbp ] -mov rbp, 0x1000003d1 -mov rdx, rdi -mulx r9, rdi, rbp -add rdi, [ rsp - 0x30 ] -adcx r9, [ rsp - 0x38 ] -mov rdx, rdi -shrd rdx, r9, 52 -xor r9, r9 -adox rdx, [ rsp - 0x40 ] -mov r14, [ rsp - 0x48 ] -adox r14, r9 -adcx r15, rdx -adcx r14, r11 -mov r11, r15 -shrd r11, r14, 52 -and rdi, rbx -and r15, rbx -and rcx, rbx -mov rdx, [ rsp - 0x50 ] -mov [ rdx + 0x0 ], rdi -adox r11, [ rsp + 0x30 ] -mov r14, [ rsp + 0x28 ] -adox r14, r9 -xchg rdx, r10 -mulx r9, rdi, rcx -adcx rdi, r11 -adcx r14, r9 -mov rcx, rdi -shrd rcx, r14, 52 -mov r11, 0xffffffffffff -and r13, r11 -and r8, rbx -lea r8, [ r8 + rcx ] -and rdi, rbx -mulx r14, r9, r12 -adox r9, r8 -mov r12, 0x0 -adox r14, r12 -mov rcx, r9 -and rcx, rbx -shrd r9, r14, 52 -lea r13, [ r13 + r9 ] -mov [ r10 + 0x18 ], rcx -mov [ r10 + 0x8 ], r15 -mov [ r10 + 0x20 ], r13 -mov [ r10 + 0x10 ], rdi -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 200 -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.9263 -; seed 1731199642428425 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 14749 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=121, initial num_batches=31): 766 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.05193572445589532 -; number reverted permutation / tried permutation: 346 / 491 =70.468% -; number reverted decision / tried decision: 200 / 508 =39.370% -; validated in 0.595s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed3305037213716836_ratio09830.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed3305037213716836_ratio09830.asm deleted file mode 100644 index 71cb4d512c..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed3305037213716836_ratio09830.asm +++ /dev/null @@ -1,235 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 184 -mov rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx r11, r10, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mulx r8, rcx, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rax + 0x10 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x0 ] -mov rdx, r10 -shrd rdx, r11, 52 -mov r11, rdx -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x20 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x48 ], r14 -mov [ rsp - 0x40 ], r13 -mulx r13, r14, [ rsi + 0x18 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x38 ], rdi -mov [ rsp - 0x30 ], r15 -mulx r15, rdi, r11 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x28 ], r15 -mulx r15, r11, [ rax + 0x0 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x20 ], r15 -mov [ rsp - 0x18 ], r11 -mulx r11, r15, [ rsi + 0x20 ] -xor rdx, rdx -adox r15, rbp -adox r12, r11 -mov rdx, [ rax + 0x8 ] -mulx r11, rbp, [ rsi + 0x10 ] -adcx rcx, rbp -adcx r11, r8 -mov rdx, [ rax + 0x10 ] -mulx rbp, r8, [ rsi + 0x20 ] -xor rdx, rdx -adox r8, r14 -adox r13, rbp -mov rdx, [ rsi + 0x8 ] -mulx rbp, r14, [ rax + 0x10 ] -adcx rcx, r14 -adcx rbp, r11 -mov rdx, [ rax + 0x18 ] -mulx r14, r11, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x10 ], r13 -mov [ rsp - 0x8 ], r8 -mulx r8, r13, [ rax + 0x8 ] -test al, al -adox rcx, r11 -adox r14, rbp -mov rdx, 0xfffffffffffff -and r10, rdx -mov rdx, [ rax + 0x18 ] -mulx r11, rbp, [ rsi + 0x10 ] -mov rdx, 0x1000003d10 -mov [ rsp + 0x0 ], rdi -mov [ rsp + 0x8 ], r12 -mulx r12, rdi, r10 -adox rdi, rcx -adox r14, r12 -adcx r9, r13 -adcx r8, rbx -add r15, rbp -adcx r11, [ rsp + 0x8 ] -mov rbx, rdi -shrd rbx, r14, 52 -mov rdx, [ rax + 0x8 ] -mulx rcx, r13, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mulx rbp, r10, [ rax + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mulx r14, r12, [ rax + 0x10 ] -mov rdx, r13 -test al, al -adox rdx, [ rsp - 0x30 ] -adox rcx, [ rsp - 0x38 ] -mov r13, rdx -mov rdx, [ rax + 0x18 ] -mov [ rsp + 0x10 ], r11 -mov [ rsp + 0x18 ], r15 -mulx r15, r11, [ rsi + 0x8 ] -adcx r13, r12 -adcx r14, rcx -test al, al -adox r13, r11 -adox r15, r14 -adcx r9, [ rsp - 0x40 ] -adcx r8, [ rsp - 0x48 ] -mov rdx, [ rsi + 0x18 ] -mulx rcx, r12, [ rax + 0x20 ] -xor rdx, rdx -adox r13, r10 -adox rbp, r15 -mov rdx, [ rsi + 0x8 ] -mulx r11, r10, [ rax + 0x20 ] -adcx rbx, r13 -adc rbp, 0x0 -mov rdx, rbx -test al, al -adox rdx, [ rsp + 0x0 ] -adox rbp, [ rsp - 0x28 ] -mov r14, rdx -shrd r14, rbp, 52 -mov r15, rdx -mov rdx, [ rax + 0x20 ] -mulx rbx, r13, [ rsi + 0x10 ] -mov rdx, 0xfffffffffffff -and r15, rdx -mov rbp, r10 -adox rbp, [ rsp + 0x18 ] -adox r11, [ rsp + 0x10 ] -adcx r14, rbp -adc r11, 0x0 -mov r10, r14 -shrd r10, r11, 52 -mov rdx, [ rax + 0x18 ] -mulx r11, rbp, [ rsi + 0x20 ] -mov rdx, 0x34 -mov [ rsp + 0x20 ], r8 -bzhi r8, r14, rdx -adox rbp, r12 -adox rcx, r11 -mov r12, r13 -test al, al -adox r12, [ rsp - 0x8 ] -adox rbx, [ rsp - 0x10 ] -adcx r10, r12 -adc rbx, 0x0 -mov r13, r10 -shrd r13, rbx, 52 -xor r14, r14 -adox r13, rbp -adox rcx, r14 -bzhi r11, r10, rdx -mov rbp, 0x1000003d10 -mov rdx, r11 -mulx r12, r11, rbp -mov rdx, [ rax + 0x8 ] -mulx rbx, r10, [ rsi + 0x0 ] -mov rdx, r15 -shr rdx, 48 -mov r14, 0x30 -bzhi rbp, r15, r14 -mov r15, r13 -shrd r15, rcx, 52 -shl r8, 4 -lea r8, [ r8 + rdx ] -mov rdx, [ rsi + 0x0 ] -mulx r14, rcx, [ rax + 0x0 ] -mov rdx, 0x1000003d1 -mov [ rsp + 0x28 ], rbp -mov [ rsp + 0x30 ], r9 -mulx r9, rbp, r8 -xor r8, r8 -adox rbp, rcx -adox r14, r9 -mov rcx, rbp -shrd rcx, r14, 52 -mov r9, r10 -test al, al -adox r9, [ rsp - 0x18 ] -adox rbx, [ rsp - 0x20 ] -mov r10, 0xfffffffffffff -and rbp, r10 -mov r14, [ rsp - 0x50 ] -mov [ r14 + 0x0 ], rbp -adox rcx, r9 -adox rbx, r8 -adcx r11, rcx -adcx rbx, r12 -mov r12, r11 -and r12, r10 -shrd r11, rbx, 52 -mov r9, 0x1000003d10 -mov rdx, r15 -mulx rbp, r15, r9 -and r13, r10 -mov rdx, r9 -mulx rcx, r9, r13 -adox r11, [ rsp + 0x30 ] -mov rbx, [ rsp + 0x20 ] -adox rbx, r8 -mov [ r14 + 0x8 ], r12 -adcx r9, r11 -adcx rbx, rcx -mov r12, r9 -and r12, r10 -mov [ r14 + 0x10 ], r12 -and rdi, r10 -shrd r9, rbx, 52 -lea rdi, [ rdi + r9 ] -add r15, rdi -adc rbp, 0x0 -mov r13, r15 -shrd r13, rbp, 52 -add r13, [ rsp + 0x28 ] -mov [ r14 + 0x20 ], r13 -and r15, r10 -mov [ r14 + 0x18 ], r15 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 184 -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 0.9830 -; seed 3305037213716836 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 8716 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=206, initial num_batches=31): 564 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.06470858191831115 -; number reverted permutation / tried permutation: 328 / 491 =66.802% -; number reverted decision / tried decision: 207 / 508 =40.748% -; validated in 0.458s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed3940186205970135_ratio10721.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed3940186205970135_ratio10721.asm deleted file mode 100644 index 2373fe6591..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed3940186205970135_ratio10721.asm +++ /dev/null @@ -1,229 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 184 -mov rax, rdx -mov rdx, [ rdx + 0x0 ] -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rax + 0x0 ] -mov rdx, [ rax + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rax + 0x20 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x48 ], rdi -mov [ rsp - 0x40 ], r15 -mulx r15, rdi, [ rax + 0x18 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x38 ], r15 -mov [ rsp - 0x30 ], rdi -mulx rdi, r15, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x28 ], r14 -mov [ rsp - 0x20 ], r13 -mulx r13, r14, [ rax + 0x8 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x18 ], r12 -mov [ rsp - 0x10 ], rbp -mulx rbp, r12, [ rax + 0x20 ] -xor rdx, rdx -adox r9, r14 -adox r13, rbx -mov rdx, [ rax + 0x18 ] -mulx r14, rbx, [ rsi + 0x20 ] -mov rdx, [ rax + 0x20 ] -mov [ rsp - 0x8 ], rbp -mov [ rsp + 0x0 ], r12 -mulx r12, rbp, [ rsi + 0x20 ] -adcx rbx, rcx -adcx r8, r14 -xor rdx, rdx -adox r10, r15 -adox rdi, r11 -mov rdx, [ rax + 0x0 ] -mulx rcx, r11, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mulx r14, r15, [ rax + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp + 0x8 ], r8 -mov [ rsp + 0x10 ], rbx -mulx rbx, r8, [ rax + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp + 0x18 ], rdi -mov [ rsp + 0x20 ], r10 -mulx r10, rdi, [ rax + 0x8 ] -adcx r11, rdi -adcx r10, rcx -add r11, r8 -adcx rbx, r10 -xor rdx, rdx -adox r9, r15 -adox r14, r13 -mov rdx, [ rax + 0x10 ] -mulx rcx, r13, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, r15, [ rax + 0x8 ] -adcx r15, r13 -adcx rcx, r8 -mov rdx, [ rsi + 0x0 ] -mulx r10, rdi, [ rax + 0x18 ] -xor rdx, rdx -adox r11, rdi -adox r10, rbx -mov rbx, 0xfffffffffffff -mov r13, rbp -and r13, rbx -mov r8, 0x1000003d10 -mov rdx, r13 -mulx rdi, r13, r8 -adox r13, r11 -adox r10, rdi -mov r11, r13 -and r11, rbx -mov rdx, [ rsi + 0x0 ] -mulx r8, rdi, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp + 0x28 ], r11 -mulx r11, rbx, [ rsi + 0x8 ] -adox r15, [ rsp - 0x10 ] -adox rcx, [ rsp - 0x18 ] -shrd r13, r10, 52 -mov rdx, [ rsp - 0x20 ] -mov r10, rdx -test al, al -adox r10, [ rsp + 0x20 ] -mov [ rsp + 0x30 ], r14 -mov r14, [ rsp - 0x28 ] -adox r14, [ rsp + 0x18 ] -adcx r10, [ rsp - 0x30 ] -adcx r14, [ rsp - 0x38 ] -shrd rbp, r12, 52 -xor rdx, rdx -adox r10, rdi -adox r8, r14 -adcx r13, r10 -adc r8, 0x0 -mov r12, 0x1000003d10 -mov rdx, rbp -mulx rdi, rbp, r12 -xor r14, r14 -adox rbp, r13 -adox r8, rdi -mov rdx, rbp -shrd rdx, r8, 52 -mov r10, 0x34 -bzhi r13, rbp, r10 -mov rdi, rdx -mov rdx, [ rsi + 0x20 ] -mulx r8, rbp, [ rax + 0x10 ] -mov rdx, r13 -shr rdx, 48 -xor r10, r10 -adox r15, [ rsp + 0x0 ] -adox rcx, [ rsp - 0x8 ] -adcx rdi, r15 -adc rcx, 0x0 -mov r14, rdi -shrd r14, rcx, 52 -mov r15, 0x34 -bzhi r10, rdi, r15 -mov rdi, rdx -mov rdx, [ rsi + 0x18 ] -mulx r15, rcx, [ rax + 0x18 ] -shl r10, 4 -lea r10, [ r10 + rdi ] -xor rdx, rdx -adox rbp, rcx -adox r15, r8 -adcx rbp, [ rsp - 0x40 ] -adcx r15, [ rsp - 0x48 ] -mov r8, 0x30 -bzhi rdi, r13, r8 -adox r14, rbp -adox r15, rdx -mov rdx, [ rax + 0x8 ] -mulx rcx, r13, [ rsi + 0x0 ] -add rbx, r13 -adcx rcx, r11 -mov rdx, [ rax + 0x0 ] -mulx rbp, r11, [ rsi + 0x0 ] -mov rdx, 0x1000003d1 -mulx r8, r13, r10 -mov r10, 0x34 -bzhi rdx, r14, r10 -adox r13, r11 -adox rbp, r8 -bzhi r11, r13, r10 -shrd r13, rbp, 52 -test al, al -adox r13, rbx -mov r8, 0x0 -adox rcx, r8 -mulx rbp, rbx, r12 -adcx rbx, r13 -adcx rcx, rbp -bzhi rdx, rbx, r10 -shrd rbx, rcx, 52 -xor r13, r13 -adox rbx, r9 -mov r8, [ rsp + 0x30 ] -adox r8, r13 -mov r9, [ rsp - 0x50 ] -mov [ r9 + 0x8 ], rdx -shrd r14, r15, 52 -xor r15, r15 -adox r14, [ rsp + 0x10 ] -mov r13, [ rsp + 0x8 ] -adox r13, r15 -mov rbp, r14 -shrd rbp, r13, 52 -mov rdx, r12 -mulx rcx, r12, rbp -bzhi rbp, r14, r10 -mulx r13, r14, rbp -adox r14, rbx -adox r8, r13 -bzhi rbx, r14, r10 -mov [ r9 + 0x10 ], rbx -shrd r14, r8, 52 -add r14, [ rsp + 0x28 ] -add r12, r14 -adc rcx, 0x0 -mov rbp, r12 -shrd rbp, rcx, 52 -lea rdi, [ rdi + rbp ] -mov [ r9 + 0x20 ], rdi -bzhi r13, r12, r10 -mov [ r9 + 0x0 ], r11 -mov [ r9 + 0x18 ], r13 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 184 -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.0721 -; seed 3940186205970135 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 8437 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=220, initial num_batches=31): 491 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.05819604124688871 -; number reverted permutation / tried permutation: 353 / 487 =72.485% -; number reverted decision / tried decision: 318 / 512 =62.109% -; validated in 0.567s diff --git a/fiat-amd64/fiat_secp256k1_dettman_mul/seed4089020644677350_ratio09743.asm b/fiat-amd64/fiat_secp256k1_dettman_mul/seed4089020644677350_ratio09743.asm deleted file mode 100644 index cde9cf9e08..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_mul/seed4089020644677350_ratio09743.asm +++ /dev/null @@ -1,232 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_mul -fiat_secp256k1_dettman_mul: -sub rsp, 184 -mov rax, rdx -mov rdx, [ rdx + 0x18 ] -mulx r11, r10, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, [ rax + 0x20 ] -mov rdx, [ rax + 0x0 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, [ rsi + 0x0 ] -mov rdx, rcx -shrd rdx, r8, 52 -mov r8, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rax + 0x8 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r12 -mov [ rsp - 0x40 ], rbp -mulx rbp, r12, [ rax + 0x20 ] -mov rdx, 0xfffffffffffff -and rcx, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x38 ], rbp -mov [ rsp - 0x30 ], r12 -mulx r12, rbp, [ rax + 0x10 ] -adox rbp, r10 -adox r11, r12 -mov rdx, [ rsi + 0x18 ] -mulx r12, r10, [ rax + 0x8 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x28 ], r11 -mov [ rsp - 0x20 ], rbp -mulx rbp, r11, [ rax + 0x0 ] -adcx r9, r10 -adcx r12, rbx -xor rdx, rdx -adox r11, r15 -adox rdi, rbp -mov rdx, [ rax + 0x0 ] -mulx r15, rbx, [ rsi + 0x10 ] -adcx rbx, r13 -adcx r14, r15 -mov rdx, [ rsi + 0x10 ] -mulx r10, r13, [ rax + 0x10 ] -mov rdx, 0x1000003d10 -mulx r15, rbp, rcx -xor rcx, rcx -adox r9, r13 -adox r10, r12 -mulx r13, r12, r8 -mov rdx, [ rax + 0x18 ] -mulx rcx, r8, [ rsi + 0x20 ] -mov rdx, [ rax + 0x8 ] -mov [ rsp - 0x18 ], r14 -mov [ rsp - 0x10 ], rbx -mulx rbx, r14, [ rsi + 0x20 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp - 0x8 ], rdi -mov [ rsp + 0x0 ], r11 -mulx r11, rdi, [ rsi + 0x18 ] -adcx r14, rdi -adcx r11, rbx -mov rdx, [ rax + 0x8 ] -mulx rdi, rbx, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp + 0x8 ], r13 -mov [ rsp + 0x10 ], r12 -mulx r12, r13, [ rax + 0x18 ] -mov rdx, [ rax + 0x10 ] -mov [ rsp + 0x18 ], r15 -mov [ rsp + 0x20 ], rbp -mulx rbp, r15, [ rsi + 0x8 ] -test al, al -adox r14, r13 -adox r12, r11 -adcx r8, [ rsp - 0x30 ] -adcx rcx, [ rsp - 0x38 ] -mov rdx, [ rsi + 0x18 ] -mulx r13, r11, [ rax + 0x0 ] -xor rdx, rdx -adox r11, rbx -adox rdi, r13 -mov rdx, [ rax + 0x20 ] -mulx r13, rbx, [ rsi + 0x0 ] -mov rdx, [ rsi + 0x8 ] -mov [ rsp + 0x28 ], rcx -mov [ rsp + 0x30 ], r8 -mulx r8, rcx, [ rax + 0x18 ] -adcx r9, rcx -adcx r8, r10 -test al, al -adox r11, r15 -adox rbp, rdi -mov rdx, [ rax + 0x18 ] -mulx r15, r10, [ rsi + 0x0 ] -mov rdx, [ rax + 0x20 ] -mulx rcx, rdi, [ rsi + 0x8 ] -adcx r11, r10 -adcx r15, rbp -mov rdx, r11 -add rdx, [ rsp + 0x20 ] -adcx r15, [ rsp + 0x18 ] -mov rbp, rdx -shrd rbp, r15, 52 -xor r10, r10 -adox r9, rbx -adox r13, r8 -adcx rbp, r9 -adc r13, 0x0 -test al, al -adox r14, rdi -adox rcx, r12 -mov r12, rbp -adcx r12, [ rsp + 0x10 ] -adcx r13, [ rsp + 0x8 ] -mov rbx, 0xfffffffffffff -mov r8, r12 -and r8, rbx -shrd r12, r13, 52 -add r12, r14 -adc rcx, 0x0 -mov rdi, r12 -and rdi, rbx -mov r11, rdx -mov rdx, [ rax + 0x20 ] -mulx r9, r15, [ rsi + 0x10 ] -shl rdi, 4 -mov rdx, r15 -test al, al -adox rdx, [ rsp - 0x20 ] -adox r9, [ rsp - 0x28 ] -mov rbp, r8 -shr rbp, 48 -shrd r12, rcx, 52 -lea rdi, [ rdi + rbp ] -test al, al -adox r12, rdx -adox r9, r10 -mov r14, r12 -and r14, rbx -shrd r12, r9, 52 -mov rdx, [ rax + 0x0 ] -mulx rcx, r13, [ rsi + 0x0 ] -test al, al -adox r12, [ rsp + 0x30 ] -mov rdx, [ rsp + 0x28 ] -adox rdx, r10 -mov r15, 0x1000003d1 -xchg rdx, r15 -mulx r9, rbp, rdi -adcx rbp, r13 -adcx rcx, r9 -mov rdi, rbp -shrd rdi, rcx, 52 -mov r13, r12 -and r13, rbx -mov r9, 0x1000003d10 -mov rdx, r9 -mulx rcx, r9, r14 -adox rdi, [ rsp + 0x0 ] -mov r14, [ rsp - 0x8 ] -adox r14, r10 -adcx r9, rdi -adcx r14, rcx -and rbp, rbx -mov rcx, [ rsp - 0x50 ] -mov [ rcx + 0x0 ], rbp -mov rdi, [ rsp - 0x40 ] -mov rbp, rdi -adox rbp, [ rsp - 0x10 ] -mov rbx, [ rsp - 0x48 ] -adox rbx, [ rsp - 0x18 ] -mov rdi, r9 -shrd rdi, r14, 52 -xor r14, r14 -adox rdi, rbp -adox rbx, r14 -mov r10, 0xfffffffffffff -and r9, r10 -mov [ rcx + 0x8 ], r9 -mulx r9, rbp, r13 -adox rbp, rdi -adox rbx, r9 -mov r13, rbp -shrd r13, rbx, 52 -mov rdi, 0xffffffffffff -and r8, rdi -shrd r12, r15, 52 -mulx r9, r15, r12 -and r11, r10 -lea r11, [ r11 + r13 ] -adox r15, r11 -adox r9, r14 -mov rbx, r15 -and rbx, r10 -mov [ rcx + 0x18 ], rbx -shrd r15, r9, 52 -and rbp, r10 -mov [ rcx + 0x10 ], rbp -lea r8, [ r8 + r15 ] -mov [ rcx + 0x20 ], r8 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -add rsp, 184 -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 0.9743 -; seed 4089020644677350 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 8375 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=183, initial num_batches=31): 511 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.06101492537313433 -; number reverted permutation / tried permutation: 304 / 460 =66.087% -; number reverted decision / tried decision: 217 / 539 =40.260% -; validated in 0.452s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000028947467_ratio10562.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000028947467_ratio10562.asm new file mode 100644 index 0000000000..0c7f28f19c --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000028947467_ratio10562.asm @@ -0,0 +1,175 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +mov r10, rax; load m64 x4 to register64 +shl r10, 0x1; x4 <- arg1[0] * 0x2 +mov rax, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +lea r11, [rax + rax]; x3 <- arg1[1] * 2 +mov rax, 0x1 ; moving imm to reg +shlx rdx, [ rsi + 0x10 ], rax; x2 <- arg1[2] * 0x2 (shlx does not change the flags) +mov rcx, rdx; preserving value of x2 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r9, r8, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, r10; x4 to rdx +mulx rax, r10, [ rsi + 0x18 ]; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov rbx, rdx; preserving value of x4 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, rbx; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, rcx; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mov [ rsp - 0x48 ], rdi; spilling x10012_1 to mem +mov [ rsp - 0x40 ], r15; spilling x10012_0 to mem +mulx r15, rdi, rdx; x10026_1, x10026_0<- arg1[1]^2 +xor rdx, rdx +adox rdi, r13 +adox r14, r15 +mov rdx, r11; x3 to rdx +mulx r13, r11, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +adcx rbp, r11 +adcx r13, r12 +mulx r15, r12, [ rsi + 0x10 ]; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov r11, 0x1000003d10 ; moving imm to reg +xchg rdx, r8; x7, swapping with x3, which is currently in rdx +mov [ rsp - 0x38 ], r14; spilling x10027_1 to mem +mov [ rsp - 0x30 ], rdi; spilling x10027_0 to mem +mulx rdi, r14, r11; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +xor rdx, rdx +adox r12, r10 +adox rax, r15 +adcx r14, r12 +adcx rax, rdi +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r15, r10, rbx; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +xor rdx, rdx +adox rbp, r10 +adox r15, r13 +mov r13, r14; +shrd r13, rax, 52; x9 <- x8_1||x8_0 >> 52 +mov rdx, rcx; x2 to rdx +mulx rdi, rcx, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rax, r12, rdx; x10019_1, x10019_0<- arg1[3]^2 +xor rdx, rdx +adox r12, rcx +adox rdi, rax +adcx r13, rbp +adc r15, 0x0; add CF to r0's alloc +mov r10, 0x1000003d10000 ; moving imm to reg +mov rdx, r9; x6 to rdx +mulx rbp, r9, r10; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +test al, al +adox r9, r13 +adox r15, rbp +mov rdx, r9; +shrd rdx, r15, 52; x12 <- x11_1||x11_0 >> 52 +mov rcx, rdx; preserving value of x12 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r13, rax, r8; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov rdx, rax; +test al, al +adox rdx, [ rsp - 0x40 ] +adox r13, [ rsp - 0x48 ] +adcx rcx, rdx +adc r13, 0x0; add CF to r0's alloc +mov r8, [ rsi + 0x18 ]; load m64 arg1[3] to register64 +lea rbp, [r8 + r8]; x1 <- arg1[3] * 2 +mov r8, rcx; +shrd r8, r13, 52; x17 <- x16_1||x16_0 >> 52 +mov r15, 0xfffffffffffff ; moving imm to reg +and rcx, r15; x18 <- x16_0&0xfffffffffffff +shl rcx, 4; x10015 <- x18<< 4 +and r9, r15; x13 <- x11_0&0xfffffffffffff +mov rax, r9; +shr rax, 48; x14 <- x13>> 48 +xor rdx, rdx +adox r8, r12 +adox rdi, rdx +mov r12, r8; +shrd r12, rdi, 52; x23 <- x22_1||x22_0 >> 52 +mov rdx, rbp; x1 to rdx +mulx r13, rbp, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +lea rcx, [ rcx + rax ] +and r8, r15; x24 <- x22_0&0xfffffffffffff +adox r12, rbp +mov rdx, 0x0 ; moving imm to reg +adox r13, rdx +mov rax, 0x1000003d1 ; moving imm to reg +mov rdx, rax; 0x1000003d1 to rdx +mulx rdi, rax, rcx; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rcx, rbp, rdx; x10014_1, x10014_0<- arg1[0]^2 +adcx rax, rbp +adcx rcx, rdi +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rbp, rdi, rbx; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +mov rdx, rax; +and rdx, r15; x21 <- x19_0&0xfffffffffffff +shrd rax, rcx, 52; x20 <- x19_1||x19_0 >> 52 +xor rbx, rbx +adox rax, rdi +adox rbp, rbx +mov rcx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rcx + 0x0 ], rdx; out1[0] = x21 +mov rdx, r11; 0x1000003d10 to rdx +mulx rdi, r11, r8; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +adcx r11, rax +adcx rbp, rdi +mov r8, r11; +shrd r8, rbp, 52; x26 <- x25_1||x25_0 >> 52 +test al, al +adox r8, [ rsp - 0x30 ] +mov rax, [ rsp - 0x38 ]; +adox rax, rbx +and r14, r15; x10 <- x8_0&0xfffffffffffff +and r11, r15; x27 <- x25_0&0xfffffffffffff +mulx rbp, rdi, r12; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +adox rdi, r8 +adox rax, rbp +mov r12, rdi; +and r12, r15; x33 <- x31_0&0xfffffffffffff +shrd rdi, rax, 52; x32 <- x31_1||x31_0 >> 52 +mov rdx, r13; x29 to rdx +mulx r8, r13, r10; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +lea r14, [ r14 + rdi ] +test al, al +adox r13, r14 +adox r8, rbx +mov rdx, r13; +shrd rdx, r8, 52; x35 <- x34_1||x34_0 >> 52 +mov [ rcx + 0x10 ], r12; out1[2] = x33 +and r13, r15; x36 <- x34_0&0xfffffffffffff +mov rbp, 0x30 ; moving imm to reg +bzhi rax, r9, rbp; x15 <- x13 (only least 0x30 bits) +mov [ rcx + 0x18 ], r13; out1[3] = x36 +lea rax, [ rax + rdx ] +mov [ rcx + 0x8 ], r11; out1[1] = x27 +mov [ rcx + 0x20 ], rax; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 7 5800X 8-Core Processor +; ratio 1.0562 +; seed 2448470037697871 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1467878 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=239, initial num_batches=31): 125840 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.08572919547809832 +; number reverted permutation / tried permutation: 104159 / 134946 =77.186% +; number reverted decision / tried decision: 77313 / 135053 =57.246% +; validated in 0.269s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000036693438_ratio10222.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000036693438_ratio10222.asm deleted file mode 100644 index e8d80b4b63..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000036693438_ratio10222.asm +++ /dev/null @@ -1,170 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -imul r11, [ rsi + 0x8 ], 0x2 -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, rdx -imul rdx, [ rsi + 0x0 ], 0x2 -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov rbp, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, r11 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r11 -mov rdx, 0xfffffffffffff -mov [ rsp - 0x50 ], rdi -mov rdi, rax -and rdi, rdx -mov rdx, 0x1000003d10 -mov [ rsp - 0x48 ], r8 -mov [ rsp - 0x40 ], rcx -mulx rcx, r8, rdi -adox r12, r9 -adox rbx, r13 -shrd rax, r10, 52 -mov rdx, [ rsi + 0x10 ] -mulx r9, r10, rdx -test al, al -adox r10, r14 -adox r15, r9 -mov rdx, rbp -mulx r13, rbp, [ rsi + 0x20 ] -mov r14, 0x1000003d10 -xchg rdx, rax -mulx r9, rdi, r14 -adcx r8, r12 -adcx rbx, rcx -mov rcx, r8 -shrd rcx, rbx, 52 -add r10, rbp -adcx r13, r15 -xor r12, r12 -adox rcx, r10 -adox r13, r12 -adcx rdi, rcx -adcx r13, r9 -mov rdx, 0x34 -bzhi r15, rdi, rdx -mov rbp, r15 -shr rbp, 48 -mov rdx, [ rsi + 0x18 ] -mulx rbx, r9, rdx -mov rdx, 0x1 -shlx r10, [ rsi + 0x10 ], rdx -shrd rdi, r13, 52 -mov rdx, [ rsi + 0x20 ] -mulx r13, rcx, r10 -mov rdx, r10 -mulx r12, r10, [ rsi + 0x18 ] -add r9, rcx -adcx r13, rbx -mov rdx, r11 -mulx rbx, r11, [ rsi + 0x20 ] -add r10, r11 -adcx rbx, r12 -xor rdx, rdx -adox rdi, r10 -adox rbx, rdx -mov rcx, 0x34 -bzhi r12, rdi, rcx -shrd rdi, rbx, 52 -test al, al -adox rdi, r9 -adox r13, rdx -shl r12, 4 -lea r12, [ r12 + rbp ] -mov rbp, 0x1000003d1 -mov rdx, r12 -mulx r9, r12, rbp -xor r11, r11 -adox r12, [ rsp - 0x40 ] -adox r9, [ rsp - 0x48 ] -mov r10, r12 -shrd r10, r9, 52 -mov rbx, [ rsi + 0x18 ] -mov rdx, rbx -shl rdx, 0x1 -mulx r9, rbx, [ rsi + 0x20 ] -mov rdx, rdi -shrd rdx, r13, 52 -xor r13, r13 -adox rdx, rbx -adox r9, r13 -bzhi r11, r12, rcx -mov r12, rdx -mov rdx, [ rsi + 0x8 ] -mulx r13, rbx, rax -adox r10, rbx -mov rdx, 0x0 -adox r13, rdx -bzhi rbx, rdi, rcx -mov rdx, r14 -mulx rdi, r14, rbx -adox r14, r10 -adox r13, rdi -mov r10, r12 -shrd r10, r9, 52 -bzhi r9, r8, rcx -bzhi r8, r14, rcx -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x8 ], r8 -mov rdx, [ rsi + 0x8 ] -mulx r8, rdi, rdx -shrd r14, r13, 52 -mov rdx, rax -mulx r13, rax, [ rsi + 0x10 ] -bzhi rdx, r12, rcx -mov r12, 0x1000003d10 -mulx rbp, rcx, r12 -adox rdi, rax -adox r13, r8 -xor r8, r8 -adox r14, rdi -adox r13, r8 -adcx rcx, r14 -adcx r13, rbp -mov rax, 0xfffffffffffff -mov rdx, rcx -and rdx, rax -shrd rcx, r13, 52 -mov [ rbx + 0x10 ], rdx -mov rdx, r12 -mulx rbp, r12, r10 -lea r9, [ r9 + rcx ] -mov r10, 0x30 -bzhi rdi, r15, r10 -adox r12, r9 -adox rbp, r8 -mov r15, r12 -shrd r15, rbp, 52 -lea rdi, [ rdi + r15 ] -and r12, rax -mov [ rbx + 0x20 ], rdi -mov [ rbx + 0x0 ], r11 -mov [ rbx + 0x18 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0222 -; seed 2373067137062781 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1654251 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=225, initial num_batches=31): 131897 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07973215672833203 -; number reverted permutation / tried permutation: 73123 / 90035 =81.216% -; number reverted decision / tried decision: 63180 / 89964 =70.228% -; validated in 0.37s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000040691228_ratio13621.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000040691228_ratio13621.asm new file mode 100644 index 0000000000..58f6794bc9 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000040691228_ratio13621.asm @@ -0,0 +1,163 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +imul rax, [ rsi + 0x0 ], 0x2; x4 <- arg1[0] * 0x2 +imul r10, [ rsi + 0x8 ], 0x2; x3 <- arg1[1] * 0x2 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rcx, r11, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +lea r8, [rdx + rdx]; x2 <- arg1[2] * 2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, r10; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, r9; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +mov rdx, r8; x2 to rdx +mulx r9, r8, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov r15, rdx; preserving value of x2 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], r9; spilling x10012_1 to mem +mulx r9, rdi, rax; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +add rbp, rdi; could be done better, if r0 has been u8 as well +adcx r9, r12 +xor rdx, rdx +adox r13, rbp +adox r9, r14 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r14, r12, r10; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +adcx r11, r12 +adcx r14, rcx +mov rdx, r13; +shrd rdx, r9, 52; x9 <- x8_1||x8_0 >> 52 +mov rcx, rdx; preserving value of x9 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx rbp, rdi, rax; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +test al, al +adox r11, rdi +adox rbp, r14 +adcx rcx, r11 +adc rbp, 0x0; add CF to r0's alloc +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r12, r9, rbx; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +test al, al +adox r9, rcx +adox rbp, r12 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r14, rbx, r10; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov rdx, r9; +shrd rdx, rbp, 52; x12 <- x11_1||x11_0 >> 52 +xor r10, r10 +adox r8, rbx +adox r14, [ rsp - 0x48 ] +adcx rdx, r8 +adc r14, 0x0; add CF to r0's alloc +mov rdi, 0xfffffffffffff ; moving imm to reg +and r9, rdi; x13 <- x11_0&0xfffffffffffff +mov r11, rdx; preserving value of x16_0 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r12, rcx, r15; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov rdx, r11; +and rdx, rdi; x18 <- x16_0&0xfffffffffffff +mov r15, r9; +shr r15, 48; x14 <- x13>> 48 +shl rdx, 4; x10015 <- x18<< 4 +lea rdx, [ rdx + r15 ] +mov rbp, 0x1000003d1 ; moving imm to reg +mulx r8, rbx, rbp; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov r15, 0x1 ; moving imm to reg +shlx rdx, [ rsi + 0x18 ], r15; x1 <- arg1[3] * 0x2 (shlx does not change the flags) +mulx r15, r10, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rdi, rbp, rdx; x10014_1, x10014_0<- arg1[0]^2 +xor rdx, rdx +adox rbx, rbp +adox rdi, r8 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rbp, r8, rdx; x10019_1, x10019_0<- arg1[3]^2 +shrd r11, r14, 52; x17 <- x16_1||x16_0 >> 52 +xor rdx, rdx +adox r8, rcx +adox r12, rbp +adcx r11, r8 +adc r12, 0x0; add CF to r0's alloc +mov r14, 0xfffffffffffff ; moving imm to reg +mov rcx, r11; +and rcx, r14; x24 <- x22_0&0xfffffffffffff +shrd r11, r12, 52; x23 <- x22_1||x22_0 >> 52 +add r11, r10; could be done better, if r0 has been u8 as well +adc r15, 0x0; add CF to r0's alloc +mov r10, rbx; +shrd r10, rdi, 52; x20 <- x19_1||x19_0 >> 52 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rbp, rdi, rax; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r12, r8, rcx; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +xor rcx, rcx +adox r10, rdi +adox rbp, rcx +adcx r8, r10 +adcx rbp, r12 +mov rdi, r8; +shrd rdi, rbp, 52; x26 <- x25_1||x25_0 >> 52 +mov rdx, rax; x4 to rdx +mulx r12, rax, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +and r8, r14; x27 <- x25_0&0xfffffffffffff +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rbp, r10, rdx; x10026_1, x10026_0<- arg1[1]^2 +adox r10, rax +adox r12, rbp +adcx rdi, r10 +adc r12, 0x0; add CF to r0's alloc +mov rdx, 0x1000003d10 ; moving imm to reg +mulx rbp, rax, r11; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +and r13, r14; x10 <- x8_0&0xfffffffffffff +mov r10, 0xffffffffffff ; moving imm to reg +and r9, r10; x15 <- x13&0xffffffffffff +adox rax, rdi +adox r12, rbp +mov rdi, rax; +shrd rdi, r12, 52; x32 <- x31_1||x31_0 >> 52 +mov r11, 0x1000003d10000 ; moving imm to reg +mov rdx, r15; x29 to rdx +mulx rbp, r15, r11; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +and rax, r14; x33 <- x31_0&0xfffffffffffff +lea r13, [ r13 + rdi ] +adox r15, r13 +adox rbp, rcx +mov rdx, r15; +and rdx, r14; x36 <- x34_0&0xfffffffffffff +mov r12, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r12 + 0x18 ], rdx; out1[3] = x36 +and rbx, r14; x21 <- x19_0&0xfffffffffffff +shrd r15, rbp, 52; x35 <- x34_1||x34_0 >> 52 +lea r9, [ r9 + r15 ] +mov [ r12 + 0x8 ], r8; out1[1] = x27 +mov [ r12 + 0x0 ], rbx; out1[0] = x21 +mov [ r12 + 0x10 ], rax; out1[2] = x33 +mov [ r12 + 0x20 ], r9; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz +; ratio 1.3621 +; seed 1737016938714990 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1701813 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=167, initial num_batches=31): 124313 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.07304739122336003 +; number reverted permutation / tried permutation: 106670 / 134893 =79.077% +; number reverted decision / tried decision: 94546 / 135106 =69.979% +; validated in 0.367s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000047110845_ratio10399.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000047110845_ratio10399.asm deleted file mode 100644 index 6da04aa7e8..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000047110845_ratio10399.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -imul r11, [ rsi + 0x0 ], 0x2 -mov rdx, [ rsi + 0x18 ] -mulx r8, rcx, r11 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, 0x34 -mov [ rsp - 0x78 ], rbp -bzhi rbp, rax, rdx -mov [ rsp - 0x70 ], r12 -mov r12, 0x1 -mov [ rsp - 0x68 ], r13 -shlx r13, [ rsi + 0x8 ], r12 -mov r12, 0x1000003d10 -mov rdx, rbp -mov [ rsp - 0x60 ], r14 -mulx r14, rbp, r12 -mov rdx, r13 -mov [ rsp - 0x58 ], r15 -mulx r15, r13, [ rsi + 0x10 ] -adox r13, rcx -adox r8, r15 -mulx r15, rcx, [ rsi + 0x18 ] -mov r12, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbx -mulx rbx, rdi, rdx -add rbp, r13 -adcx r8, r14 -add rdi, rcx -adcx r15, rbx -mov rdx, [ rsi + 0x20 ] -mulx r13, r14, r11 -shrd rax, r10, 52 -mov rdx, 0x1000003d10 -mulx rcx, r10, rax -test al, al -adox rdi, r14 -adox r13, r15 -mov rbx, rbp -shrd rbx, r8, 52 -test al, al -adox rbx, rdi -mov r8, 0x0 -adox r13, r8 -adcx r10, rbx -adcx r13, rcx -imul r15, [ rsi + 0x10 ], 0x2 -mov rdx, r15 -mulx r14, r15, [ rsi + 0x20 ] -mulx rcx, rax, [ rsi + 0x18 ] -mov rdi, 0xfffffffffffff -mov rbx, r10 -and rbx, rdi -mov rdx, [ rsi + 0x20 ] -mulx rdi, r8, r12 -adox rax, r8 -adox rdi, rcx -shrd r10, r13, 52 -xor rdx, rdx -adox r10, rax -adox rdi, rdx -mov r12, 0xfffffffffffff -mov r13, r10 -and r13, r12 -shrd r10, rdi, 52 -shl r13, 4 -xor rcx, rcx -adox r9, r15 -adox r14, [ rsp - 0x48 ] -mov rdx, rbx -shr rdx, 48 -lea r13, [ r13 + rdx ] -mov r15, 0x1000003d1 -mov rdx, r15 -mulx r8, r15, r13 -mov rdx, [ rsi + 0x0 ] -mulx rdi, rax, rdx -xor rdx, rdx -adox r15, rax -adox rdi, r8 -adcx r10, r9 -adc r14, 0x0 -mov rcx, r15 -shrd rcx, rdi, 52 -mov r9, r10 -and r9, r12 -mov r13, 0x1000003d10 -mov rdx, r13 -mulx r8, r13, r9 -mov rdx, [ rsi + 0x8 ] -mulx rdi, rax, r11 -adox rcx, rax -mov rdx, 0x0 -adox rdi, rdx -adcx r13, rcx -adcx rdi, r8 -and r15, r12 -mov rdx, [ rsi + 0x8 ] -mulx r8, r9, rdx -mov rdx, [ rsi + 0x10 ] -mulx rcx, rax, r11 -adox r9, rax -adox rcx, r8 -mov rdx, r13 -and rdx, r12 -mov r11, [ rsp - 0x50 ] -mov [ r11 + 0x8 ], rdx -imul r8, [ rsi + 0x18 ], 0x2 -mov rdx, r8 -mulx rax, r8, [ rsi + 0x20 ] -shrd r13, rdi, 52 -shrd r10, r14, 52 -and rbp, r12 -adox r10, r8 -mov r14, 0x0 -adox rax, r14 -mov rdi, r10 -shrd rdi, rax, 52 -and r10, r12 -mov rdx, 0x1000003d10 -mulx rax, r8, r10 -adox r13, r9 -adox rcx, r14 -adcx r8, r13 -adcx rcx, rax -mov r9, r8 -and r9, r12 -shrd r8, rcx, 52 -mov r10, 0xffffffffffff -and rbx, r10 -mov [ r11 + 0x10 ], r9 -lea rbp, [ rbp + r8 ] -mulx r13, rax, rdi -adox rax, rbp -adox r13, r14 -mov rdi, rax -shrd rdi, r13, 52 -lea rbx, [ rbx + rdi ] -and rax, r12 -mov [ r11 + 0x18 ], rax -mov [ r11 + 0x20 ], rbx -mov [ r11 + 0x0 ], r15 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0399 -; seed 2502860573317286 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1661810 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=247, initial num_batches=31): 131895 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07936827916548823 -; number reverted permutation / tried permutation: 73528 / 89978 =81.718% -; number reverted decision / tried decision: 62986 / 90021 =69.968% -; validated in 0.342s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000056257707_ratio10503.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000056257707_ratio10503.asm new file mode 100644 index 0000000000..e0c1cf0fe5 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000056257707_ratio10503.asm @@ -0,0 +1,162 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +lea r10, [rax + rax]; x4 <- arg1[0] * 2 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r11, rax, rdx; x10026_1, x10026_0<- arg1[1]^2 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r8, rcx, rdx; x10019_1, x10019_0<- arg1[3]^2 +mov rdx, 0x1 ; moving imm to reg +shlx r9, [ rsi + 0x8 ], rdx; x3 <- arg1[1] * 0x2 (shlx does not change the flags) +imul rdx, [ rsi + 0x18 ], 0x2; x1 <- arg1[3] * 0x2 +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov rbx, rdx; preserving value of x1 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, r9; x3 to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mulx r13, r9, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r14, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], r11; spilling x10026_1 to mem +mulx r11, rdi, [ rsi + 0x10 ]; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mov [ rsp - 0x40 ], rax; spilling x10026_0 to mem +mov [ rsp - 0x38 ], rbx; spilling x1 to mem +mulx rbx, rax, r12; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x30 ], r13; spilling x10011_1 to mem +mulx r13, r12, r10; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +add rdi, r12; could be done better, if r0 has been u8 as well +adcx r13, r11 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r12, r11, rbp; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +xor rbp, rbp +adox r11, rdi +adox r13, r12 +mov rdi, 0x34 ; moving imm to reg +bzhi r12, r11, rdi; x10 <- x8_0 (only least 0x34 bits) +shrd r11, r13, 52; x9 <- x8_1||x8_0 >> 52 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rbp, r13, r10; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x28 ], r12; spilling x10 to mem +mulx r12, rdi, rdx; x10006_1, x10006_0<- arg1[2]^2 +test al, al +adox rdi, r14 +adox r15, r12 +adcx rdi, r13 +adcx rbp, r15 +imul rdx, [ rsi + 0x10 ], 0x2; x2 <- arg1[2] * 0x2 +mulx r13, r14, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +xor r12, r12 +adox r11, rdi +adox rbp, r12 +adcx rcx, r14 +adcx r13, r8 +mulx r15, r8, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +xor rdi, rdi +adox rax, r11 +adox rbp, rbx +mov r12, rax; +shrd r12, rbp, 52; x12 <- x11_1||x11_0 >> 52 +xor rbx, rbx +adox r8, r9 +adox r15, [ rsp - 0x30 ] +mov rdi, 0xfffffffffffff ; moving imm to reg +and rax, rdi; x13 <- x11_0&0xfffffffffffff +adox r12, r8 +adox r15, rbx +mov r9, r12; +shrd r9, r15, 52; x17 <- x16_1||x16_0 >> 52 +and r12, rdi; x18 <- x16_0&0xfffffffffffff +mov rdx, 0x30 ; moving imm to reg +bzhi r14, rax, rdx; x15 <- x13 (only least 0x30 bits) +adox r9, rcx +adox r13, rbx +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rcx, r11, r10; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, r9; +shrd rdx, r13, 52; x23 <- x22_1||x22_0 >> 52 +and r9, rdi; x24 <- x22_0&0xfffffffffffff +shl r12, 4; x10015 <- x18<< 4 +shr rax, 48; x14 <- x13>> 48 +lea r12, [ r12 + rax ] +mov rbp, rdx; preserving value of x23 into a new reg +mov rdx, [ rsp - 0x38 ]; saving x1 in rdx. +mulx r15, r8, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +xor rdx, rdx +adox rbp, r8 +adox r15, rdx +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r13, rbx, rdx; x10014_1, x10014_0<- arg1[0]^2 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r8, rax, r12; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +adcx rax, rbx +adcx r13, r8 +mov r12, rax; +shrd r12, r13, 52; x20 <- x19_1||x19_0 >> 52 +mov rbx, r11; +xor r8, r8 +adox rbx, [ rsp - 0x40 ] +adox rcx, [ rsp - 0x48 ] +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r13, r11, r10; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +and rax, rdi; x21 <- x19_0&0xfffffffffffff +adox r12, r11 +adox r13, r8 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r11, r10, r9; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +adcx r10, r12 +adcx r13, r11 +mov r9, r10; +shrd r9, r13, 52; x26 <- x25_1||x25_0 >> 52 +and r10, rdi; x27 <- x25_0&0xfffffffffffff +mulx r11, r12, rbp; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +adox r9, rbx +adox rcx, r8 +mov rbx, 0x1000003d10000 ; moving imm to reg +mov rdx, r15; x29 to rdx +mulx r13, r15, rbx; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +mov rbp, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rbp + 0x8 ], r10; out1[1] = x27 +adcx r12, r9 +adcx rcx, r11 +mov r10, r12; +shrd r10, rcx, 52; x32 <- x31_1||x31_0 >> 52 +add r10, [ rsp - 0x28 ] +xor r11, r11 +adox r15, r10 +adox r13, r11 +mov r8, r15; +and r8, rdi; x36 <- x34_0&0xfffffffffffff +shrd r15, r13, 52; x35 <- x34_1||x34_0 >> 52 +mov [ rbp + 0x0 ], rax; out1[0] = x21 +lea r14, [ r14 + r15 ] +and r12, rdi; x33 <- x31_0&0xfffffffffffff +mov [ rbp + 0x20 ], r14; out1[4] = x37 +mov [ rbp + 0x10 ], r12; out1[2] = x33 +mov [ rbp + 0x18 ], r8; out1[3] = x36 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz +; ratio 1.0503 +; seed 3853660286578150 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1722035 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=235, initial num_batches=31): 134165 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.0779107277145935 +; number reverted permutation / tried permutation: 110084 / 134906 =81.601% +; number reverted decision / tried decision: 97612 / 135093 =72.255% +; validated in 0.357s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000063664254_ratio09742.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000063664254_ratio09742.asm deleted file mode 100644 index fe1150ccba..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000063664254_ratio09742.asm +++ /dev/null @@ -1,175 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x8 ] -mov r10, rax -shl r10, 0x1 -mov rdx, [ rsi + 0x20 ] -mulx r11, rax, rdx -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x0 ] -lea r9, [rdx + rdx] -mov rdx, 0xfffffffffffff -mov [ rsp - 0x80 ], rbx -mov rbx, rax -and rbx, rdx -mov rdx, r9 -mov [ rsp - 0x78 ], rbp -mulx rbp, r9, [ rsi + 0x20 ] -mov [ rsp - 0x70 ], r12 -mov r12, 0x1000003d10 -xchg rdx, rbx -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, r12 -shrd rax, r11, 52 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mulx r15, r11, rbx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x50 ], rdi -mulx rdi, r12, r10 -xor rdx, rdx -adox r12, r11 -adox r15, rdi -adcx r13, r12 -adcx r15, r14 -mov rdx, [ rsi + 0x10 ] -mulx r11, r14, rbx -mov rdx, [ rsi + 0x8 ] -mulx r12, rdi, rdx -add rdi, r14 -adcx r11, r12 -mov rdx, r10 -mulx r14, r10, [ rsi + 0x18 ] -xor r12, r12 -adox rcx, r10 -adox r14, r8 -mov r8, 0x1 -shlx r10, [ rsi + 0x10 ], r8 -mov r12, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r11 -mulx r11, r8, r10 -adcx rcx, r9 -adcx rbp, r14 -mov rdx, 0xfffffffffffff -mov r9, r13 -and r9, rdx -mov r14, 0x1000003d10 -mov rdx, rax -mov [ rsp - 0x40 ], r9 -mulx r9, rax, r14 -shrd r13, r15, 52 -add r13, rcx -adc rbp, 0x0 -test al, al -adox rax, r13 -adox rbp, r9 -mov rdx, rax -shrd rdx, rbp, 52 -xchg rdx, r12 -mulx rcx, r15, [ rsi + 0x20 ] -xor rdx, rdx -adox r8, r15 -adox rcx, r11 -adcx r12, r8 -adc rcx, 0x0 -mov r11, 0xfffffffffffff -mov r9, r12 -and r9, r11 -shrd r12, rcx, 52 -and rax, r11 -mov r13, rax -shr r13, 48 -shl r9, 4 -mov rdx, [ rsi + 0x18 ] -mulx r15, rbp, rdx -mov rdx, 0xffffffffffff -and rax, rdx -mov rdx, r10 -mulx r8, r10, [ rsi + 0x20 ] -adox rbp, r10 -adox r8, r15 -mov rdx, [ rsi + 0x18 ] -mov rcx, rdx -shl rcx, 0x1 -lea r9, [ r9 + r13 ] -mov rdx, [ rsi + 0x0 ] -mulx r15, r13, rdx -mov rdx, 0x1000003d1 -mulx r14, r10, r9 -xor r9, r9 -adox r10, r13 -adox r15, r14 -mov r13, r10 -shrd r13, r15, 52 -test al, al -adox r12, rbp -adox r8, r9 -mov rbp, r12 -shrd rbp, r8, 52 -and r10, r11 -mov rdx, [ rsi + 0x8 ] -mulx r15, r14, rbx -adox r13, r14 -adox r15, r9 -and r12, r11 -mov rdx, [ rsi + 0x20 ] -mulx r8, rbx, rcx -adox rbp, rbx -adox r8, r9 -mov rdx, rbp -shrd rdx, r8, 52 -mov rcx, 0x1000003d10 -mulx rbx, r14, rcx -mov rdx, rcx -mulx r8, rcx, r12 -test al, al -adox rcx, r13 -adox r15, r8 -mov r13, rcx -shrd r13, r15, 52 -and rbp, r11 -mulx r8, r12, rbp -adox r13, rdi -mov r15, [ rsp - 0x48 ] -adox r15, r9 -adcx r12, r13 -adcx r15, r8 -mov rdi, [ rsp - 0x50 ] -mov [ rdi + 0x0 ], r10 -mov r10, r12 -shrd r10, r15, 52 -add r10, [ rsp - 0x40 ] -add r14, r10 -adc rbx, 0x0 -and r12, r11 -mov rbp, r14 -shrd rbp, rbx, 52 -and r14, r11 -mov [ rdi + 0x18 ], r14 -and rcx, r11 -lea rax, [ rax + rbp ] -mov [ rdi + 0x8 ], rcx -mov [ rdi + 0x20 ], rax -mov [ rdi + 0x10 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 0.9742 -; seed 3076211693309636 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 918299 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=252, initial num_batches=31): 81168 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.0883895114771986 -; number reverted permutation / tried permutation: 75974 / 89835 =84.571% -; number reverted decision / tried decision: 54417 / 90164 =60.353% -; validated in 0.253s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000112902737_ratio11823.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000112902737_ratio11823.asm new file mode 100644 index 0000000000..164c843241 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000112902737_ratio11823.asm @@ -0,0 +1,161 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +lea r10, [rax + rax]; x3 <- arg1[1] * 2 +mov rax, 0x1 ; moving imm to reg +shlx r11, [ rsi + 0x0 ], rax; x4 <- arg1[0] * 0x2 (shlx does not change the flags) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r8, rcx, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, r11; x4 to rdx +mulx r9, r11, [ rsi + 0x18 ]; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov rax, rdx; preserving value of x4 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, rbx, r10; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +xor rdx, rdx +adox rbx, r11 +adox r9, rbp +mov r11, 0x1000003d10 ; moving imm to reg +mov rdx, rcx; x7 to rdx +mulx rbp, rcx, r11; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +adcx rcx, rbx +adcx r9, rbp +mov rbx, rcx; +shrd rbx, r9, 52; x9 <- x8_1||x8_0 >> 52 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r9, rbp, r10; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mulx r13, r12, rdx; x10006_1, x10006_0<- arg1[2]^2 +xor rdx, rdx +adox r12, rbp +adox r9, r13 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r13, rbp, rax; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r14, r8; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +adcx r12, rbp +adcx r13, r9 +xor r9, r9 +adox rbx, r12 +adox r13, r9 +adcx r14, rbx +adcx r13, r15 +mov r8, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +mov rbp, r8; load m64 x2 to register64 +shl rbp, 0x1; x2 <- arg1[2] * 0x2 +mov r8, r14; +shrd r8, r13, 52; x12 <- x11_1||x11_0 >> 52 +mov rdx, r10; x3 to rdx +mulx r15, r10, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov rdx, rbp; x2 to rdx +mulx r12, rbp, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +add rbp, r10; could be done better, if r0 has been u8 as well +adcx r15, r12 +xor rbx, rbx +adox r8, rbp +adox r15, rbx +mov r9, r8; +shrd r9, r15, 52; x17 <- x16_1||x16_0 >> 52 +mov r13, 0xfffffffffffff ; moving imm to reg +and r8, r13; x18 <- x16_0&0xfffffffffffff +shl r8, 4; x10015 <- x18<< 4 +mov r10, rdx; preserving value of x2 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mulx rbp, r12, rdx; x10019_1, x10019_0<- arg1[3]^2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rbx, r15, r10; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +xor rdx, rdx +adox r12, r15 +adox rbx, rbp +and r14, r13; x13 <- x11_0&0xfffffffffffff +adox r9, r12 +adox rbx, rdx +mov r10, r14; +shr r10, 48; x14 <- x13>> 48 +lea r8, [ r8 + r10 ] +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r15, rbp, rdx; x10014_1, x10014_0<- arg1[0]^2 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r10, r12, r8; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +add r12, rbp; could be done better, if r0 has been u8 as well +adcx r15, r10 +mov r8, r12; +shrd r8, r15, 52; x20 <- x19_1||x19_0 >> 52 +and r12, r13; x21 <- x19_0&0xfffffffffffff +mov rbp, [ rsi + 0x18 ]; load m64 arg1[3] to register64 +lea r10, [rbp + rbp]; x1 <- arg1[3] * 2 +mov rdx, r10; x1 to rdx +mulx rbp, r10, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +mov [ rdi + 0x0 ], r12; out1[0] = x21 +mov r15, r9; +shrd r15, rbx, 52; x23 <- x22_1||x22_0 >> 52 +xor rbx, rbx +adox r15, r10 +adox rbp, rbx +and r9, r13; x24 <- x22_0&0xfffffffffffff +mov rdx, r9; x24 to rdx +mulx r12, r9, r11; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +mov rdx, rax; x4 to rdx +mulx r10, rax, [ rsi + 0x8 ]; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +adox r8, rax +adox r10, rbx +adcx r9, r8 +adcx r10, r12 +mov r12, r9; +and r12, r13; x27 <- x25_0&0xfffffffffffff +shrd r9, r10, 52; x26 <- x25_1||x25_0 >> 52 +mulx r8, rax, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov [ rdi + 0x8 ], r12; out1[1] = x27 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r12, r10, rdx; x10026_1, x10026_0<- arg1[1]^2 +test al, al +adox r10, rax +adox r8, r12 +adcx r9, r10 +adc r8, 0x0; add CF to r0's alloc +mov rdx, r15; x30 to rdx +mulx rax, r15, r11; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +add r15, r9; could be done better, if r0 has been u8 as well +adcx r8, rax +mov r12, r15; +shrd r12, r8, 52; x32 <- x31_1||x31_0 >> 52 +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r9, r10, rbp; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +and rcx, r13; x10 <- x8_0&0xfffffffffffff +lea rcx, [ rcx + r12 ] +adox r10, rcx +adox r9, rbx +mov rax, r10; +and rax, r13; x36 <- x34_0&0xfffffffffffff +shrd r10, r9, 52; x35 <- x34_1||x34_0 >> 52 +mov [ rdi + 0x18 ], rax; out1[3] = x36 +mov rbp, 0xffffffffffff ; moving imm to reg +and r14, rbp; x15 <- x13&0xffffffffffff +and r15, r13; x33 <- x31_0&0xfffffffffffff +mov [ rdi + 0x10 ], r15; out1[2] = x33 +lea r14, [ r14 + r10 ] +mov [ rdi + 0x20 ], r14; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.1823 +; seed 0612062176262815 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1107256 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=381, initial num_batches=31): 126977 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.1146771839574588 +; number reverted permutation / tried permutation: 105075 / 135426 =77.588% +; number reverted decision / tried decision: 98887 / 134573 =73.482% +; validated in 0.181s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000124204574_ratio11848.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000124204574_ratio11848.asm new file mode 100644 index 0000000000..84268fdf35 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000124204574_ratio11848.asm @@ -0,0 +1,160 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +lea r10, [rax + rax]; x4 <- arg1[0] * 2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r11, rax, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +lea rcx, [rdx + rdx]; x3 <- arg1[1] * 2 +mov rdx, r10; x4 to rdx +mulx r8, r10, [ rsi + 0x18 ]; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov r9, rdx; preserving value of x4 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, rbx, rcx; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +xor rdx, rdx +adox rbx, r10 +adox r8, rbp +mov r10, 0x1000003d10 ; moving imm to reg +mov rdx, rax; x7 to rdx +mulx rbp, rax, r10; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +adcx rax, rbx +adcx r8, rbp +mov rdx, rax; +shrd rdx, r8, 52; x9 <- x8_1||x8_0 >> 52 +mov rbx, rdx; preserving value of x9 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mulx r8, rbp, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mulx r13, r12, rcx; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r14, r9; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +add rbp, r12; could be done better, if r0 has been u8 as well +adcx r13, r8 +xor rdx, rdx +adox rbp, r14 +adox r15, r13 +imul r8, [ rsi + 0x10 ], 0x2; x2 <- arg1[2] * 0x2 +xor r12, r12 +adox rbx, rbp +adox r15, r12 +mov rdx, r8; x2 to rdx +mulx r14, r8, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +mulx rbp, r13, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r10, r12, r11; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +adcx r12, rbx +adcx r15, r10 +mov r11, r12; +shrd r11, r15, 52; x12 <- x11_1||x11_0 >> 52 +mov rbx, 0xfffffffffffff ; moving imm to reg +and r12, rbx; x13 <- x11_0&0xfffffffffffff +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r15, r10, rcx; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +adox r8, r10 +adox r15, r14 +adcx r11, r8 +adc r15, 0x0; add CF to r0's alloc +mov rdx, r11; +and rdx, rbx; x18 <- x16_0&0xfffffffffffff +mov rcx, rdx; preserving value of x18 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mulx r10, r14, rdx; x10019_1, x10019_0<- arg1[3]^2 +shrd r11, r15, 52; x17 <- x16_1||x16_0 >> 52 +shl rcx, 4; x10015 <- x18<< 4 +xor rdx, rdx +adox r14, r13 +adox rbp, r10 +adcx r11, r14 +adc rbp, 0x0; add CF to r0's alloc +mov r13, r11; +shrd r13, rbp, 52; x23 <- x22_1||x22_0 >> 52 +and r11, rbx; x24 <- x22_0&0xfffffffffffff +mov r8, r12; +shr r8, 48; x14 <- x13>> 48 +mov r15, 0x1 ; moving imm to reg +shlx r10, [ rsi + 0x18 ], r15; x1 <- arg1[3] * 0x2 (shlx does not change the flags) +lea rcx, [ rcx + r8 ] +mov r14, 0x1000003d1 ; moving imm to reg +mov rdx, r14; 0x1000003d1 to rdx +mulx rbp, r14, rcx; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov rdx, r10; x1 to rdx +mulx r8, r10, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +xor rdx, rdx +adox r13, r10 +adox r8, rdx +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r10, rcx, rdx; x10014_1, x10014_0<- arg1[0]^2 +adcx r14, rcx +adcx r10, rbp +mov rdx, r14; +and rdx, rbx; x21 <- x19_0&0xfffffffffffff +mov [ rdi + 0x0 ], rdx; out1[0] = x21 +mov rdx, r9; x4 to rdx +mulx rbp, r9, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +shrd r14, r10, 52; x20 <- x19_1||x19_0 >> 52 +mulx r10, rcx, [ rsi + 0x8 ]; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +xor rdx, rdx +adox r14, rcx +adox r10, rdx +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r15, rcx, rdx; x10026_1, x10026_0<- arg1[1]^2 +adcx rcx, r9 +adcx rbp, r15 +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r15, r9, r11; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +add r9, r14; could be done better, if r0 has been u8 as well +adcx r10, r15 +mov r11, r9; +shrd r11, r10, 52; x26 <- x25_1||x25_0 >> 52 +xor r14, r14 +adox r11, rcx +adox rbp, r14 +and r9, rbx; x27 <- x25_0&0xfffffffffffff +mulx r15, rcx, r13; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +mov [ rdi + 0x8 ], r9; out1[1] = x27 +and rax, rbx; x10 <- x8_0&0xfffffffffffff +adox rcx, r11 +adox rbp, r15 +mov r13, rcx; +shrd r13, rbp, 52; x32 <- x31_1||x31_0 >> 52 +and rcx, rbx; x33 <- x31_0&0xfffffffffffff +mov [ rdi + 0x10 ], rcx; out1[2] = x33 +mov r10, 0x1000003d10000 ; moving imm to reg +mov rdx, r10; 0x1000003d10000 to rdx +mulx r11, r10, r8; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +lea rax, [ rax + r13 ] +adox r10, rax +adox r11, r14 +mov r8, r10; +shrd r8, r11, 52; x35 <- x34_1||x34_0 >> 52 +and r10, rbx; x36 <- x34_0&0xfffffffffffff +mov [ rdi + 0x18 ], r10; out1[3] = x36 +mov r9, 0xffffffffffff ; moving imm to reg +and r12, r9; x15 <- x13&0xffffffffffff +lea r12, [ r12 + r8 ] +mov [ rdi + 0x20 ], r12; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.1848 +; seed 1144608591132494 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1095512 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=369, initial num_batches=31): 127993 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.11683395526475292 +; number reverted permutation / tried permutation: 106286 / 135006 =78.727% +; number reverted decision / tried decision: 99444 / 134993 =73.666% +; validated in 0.181s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000128593365_ratio10650.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000128593365_ratio10650.asm new file mode 100644 index 0000000000..495a1c7368 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000128593365_ratio10650.asm @@ -0,0 +1,172 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, 0x1 ; moving imm to reg +shlx r10, [ rsi + 0x10 ], rax; x2 <- arg1[2] * 0x2 (shlx does not change the flags) +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rcx, r11, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +mov r8, rdx; load m64 x4 to register64 +shl r8, 0x1; x4 <- arg1[0] * 0x2 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rax, r9, r8; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, rbx, r11; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, r11, rdx; x10026_1, x10026_0<- arg1[1]^2 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, r8; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +mov rdx, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +lea r15, [rdx + rdx]; x3 <- arg1[1] * 2 +mov rdx, r15; x3 to rdx +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, [ rsi + 0x10 ]; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov [ rsp - 0x48 ], r12; spilling x10026_1 to mem +xor r12, r12 +adox r15, r9 +adox rax, rdi +adcx rbx, r15 +adcx rax, rbp +mulx rbp, r9, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov rdi, rbx; +shrd rdi, rax, 52; x9 <- x8_1||x8_0 >> 52 +mov r15, rdx; preserving value of x3 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mulx r12, rax, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x40 ], r11; spilling x10026_0 to mem +mov [ rsp - 0x38 ], r14; spilling x10021_1 to mem +mulx r14, r11, r15; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +xor rdx, rdx +adox rax, r11 +adox r14, r12 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r12, r15, r8; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +adcx rax, r15 +adcx r12, r14 +xor rdx, rdx +adox rdi, rax +adox r12, rdx +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r14, r11, r10; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx rax, r15, rcx; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +adcx r15, rdi +adcx r12, rax +mov rcx, r15; +shrd rcx, r12, 52; x12 <- x11_1||x11_0 >> 52 +mov rdi, 0x34 ; moving imm to reg +bzhi rax, r15, rdi; x13 <- x11_0 (only least 0x34 bits) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r12, r15, rdx; x10019_1, x10019_0<- arg1[3]^2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x30 ], r13; spilling x10021_0 to mem +mulx r13, rdi, r10; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +adox r15, rdi +adox r13, r12 +xor rdx, rdx +adox r11, r9 +adox rbp, r14 +adcx rcx, r11 +adc rbp, 0x0; add CF to r0's alloc +mov r10, rcx; +shrd r10, rbp, 52; x17 <- x16_1||x16_0 >> 52 +mov r9, 0xfffffffffffff ; moving imm to reg +and rcx, r9; x18 <- x16_0&0xfffffffffffff +shl rcx, 4; x10015 <- x18<< 4 +mov r14, rax; +shr r14, 48; x14 <- x13>> 48 +xor r12, r12 +adox r10, r15 +adox r13, r12 +lea rcx, [ rcx + r14 ] +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r15, rdi, rcx; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov r11, r10; +shrd r11, r13, 52; x23 <- x22_1||x22_0 >> 52 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r14, rbp, rdx; x10014_1, x10014_0<- arg1[0]^2 +mov rdx, [ rsi + 0x18 ]; load m64 arg1[3] to register64 +lea r13, [rdx + rdx]; x1 <- arg1[3] * 2 +test al, al +adox rdi, rbp +adox r14, r15 +mov rdx, r13; x1 to rdx +mulx rcx, r13, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +adcx r11, r13 +adc rcx, 0x0; add CF to r0's alloc +mov r15, rdi; +shrd r15, r14, 52; x20 <- x19_1||x19_0 >> 52 +mov rbp, 0x1000003d10000 ; moving imm to reg +mov rdx, rcx; x29 to rdx +mulx r14, rcx, rbp; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +mov r13, 0x30 ; moving imm to reg +bzhi rdx, rax, r13; x15 <- x13 (only least 0x30 bits) +adox r15, [ rsp - 0x30 ] +mov rax, [ rsp - 0x38 ]; +adox rax, r12 +and r10, r9; x24 <- x22_0&0xfffffffffffff +and rdi, r9; x21 <- x19_0&0xfffffffffffff +xchg rdx, r8; x4, swapping with x15, which is currently in rdx +mulx r13, r12, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rdx + 0x0 ], rdi; out1[0] = x21 +mov rdi, r12; +adox rdi, [ rsp - 0x40 ] +adox r13, [ rsp - 0x48 ] +mov r12, 0x1000003d10 ; moving imm to reg +xchg rdx, r10; x24, swapping with out1, which is currently in rdx +mulx rbp, r9, r12; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +adcx r9, r15 +adcx rax, rbp +mov r15, r9; +shrd r15, rax, 52; x26 <- x25_1||x25_0 >> 52 +xor rdx, rdx +adox r15, rdi +adox r13, rdx +mov rdx, r12; 0x1000003d10 to rdx +mulx rdi, r12, r11; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +adcx r12, r15 +adcx r13, rdi +mov r11, 0xfffffffffffff ; moving imm to reg +mov rbp, r12; +and rbp, r11; x33 <- x31_0&0xfffffffffffff +and r9, r11; x27 <- x25_0&0xfffffffffffff +shrd r12, r13, 52; x32 <- x31_1||x31_0 >> 52 +and rbx, r11; x10 <- x8_0&0xfffffffffffff +lea rbx, [ rbx + r12 ] +mov [ r10 + 0x8 ], r9; out1[1] = x27 +mov [ r10 + 0x10 ], rbp; out1[2] = x33 +adox rcx, rbx +mov rax, 0x0 ; moving imm to reg +adox r14, rax +mov r15, rcx; +shrd r15, r14, 52; x35 <- x34_1||x34_0 >> 52 +lea r8, [ r8 + r15 ] +mov [ r10 + 0x20 ], r8; out1[4] = x37 +and rcx, r11; x36 <- x34_0&0xfffffffffffff +mov [ r10 + 0x18 ], rcx; out1[3] = x36 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 9 5950X 16-Core Processor +; ratio 1.0650 +; seed 2684978780257334 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 2274474 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=264, initial num_batches=31): 154929 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.06811640845311927 +; number reverted permutation / tried permutation: 107102 / 134739 =79.488% +; number reverted decision / tried decision: 80799 / 135260 =59.736% +; validated in 0.268s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000164663271_ratio12077.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000164663271_ratio12077.asm new file mode 100644 index 0000000000..c3f82a43e1 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000164663271_ratio12077.asm @@ -0,0 +1,161 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +lea r10, [rax + rax]; x3 <- arg1[1] * 2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r11, rax, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +mov rcx, rdx; load m64 x4 to register64 +shl rcx, 0x1; x4 <- arg1[0] * 0x2 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r9, r8, r10; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, rbx, rcx; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +xor rdx, rdx +adox r8, rbx +adox rbp, r9 +mov r9, 0x1000003d10 ; moving imm to reg +mov rdx, rax; x7 to rdx +mulx rbx, rax, r9; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +adcx rax, r8 +adcx rbp, rbx +mov r8, rax; +shrd r8, rbp, 52; x9 <- x8_1||x8_0 >> 52 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rbp, rbx, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, r10; x3 to rdx +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, r10, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +xor r13, r13 +adox rbx, r10 +adox r12, rbp +mov rbp, rdx; preserving value of x3 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r13, r10, rcx; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +adcx rbx, r10 +adcx r13, r12 +mov rdx, 0x1000003d10000 ; moving imm to reg +mulx r10, r12, r11; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +mov rdx, rbp; x3 to rdx +mulx r11, rbp, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +add r8, rbx; could be done better, if r0 has been u8 as well +adc r13, 0x0; add CF to r0's alloc +mov rdx, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +lea rbx, [rdx + rdx]; x2 <- arg1[2] * 2 +mov rdx, rbx; x2 to rdx +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, rbx, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +xor r15, r15 +adox r12, r8 +adox r13, r10 +mulx r8, r10, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +adcx r10, rbp +adcx r11, r8 +mov rbp, r12; +shrd rbp, r13, 52; x12 <- x11_1||x11_0 >> 52 +add rbp, r10; could be done better, if r0 has been u8 as well +adc r11, 0x0; add CF to r0's alloc +mov rdx, 0xfffffffffffff ; moving imm to reg +mov r13, rbp; +and r13, rdx; x18 <- x16_0&0xfffffffffffff +shl r13, 4; x10015 <- x18<< 4 +and r12, rdx; x13 <- x11_0&0xfffffffffffff +mov r8, r12; +shr r8, 48; x14 <- x13>> 48 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx r15, r10, rdx; x10019_1, x10019_0<- arg1[3]^2 +lea r13, [ r13 + r8 ] +shrd rbp, r11, 52; x17 <- x16_1||x16_0 >> 52 +xor rdx, rdx +adox r10, rbx +adox r14, r15 +adcx rbp, r10 +adc r14, 0x0; add CF to r0's alloc +imul rbx, [ rsi + 0x18 ], 0x2; x1 <- arg1[3] * 0x2 +mov r11, rbp; +shrd r11, r14, 52; x23 <- x22_1||x22_0 >> 52 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r15, r8, rdx; x10014_1, x10014_0<- arg1[0]^2 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r14, r10, r13; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov rdx, rbx; x1 to rdx +mulx r13, rbx, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +xor rdx, rdx +adox r11, rbx +adox r13, rdx +adcx r10, r8 +adcx r15, r14 +mov r8, 0xfffffffffffff ; moving imm to reg +and rbp, r8; x24 <- x22_0&0xfffffffffffff +mov rdx, rbp; x24 to rdx +mulx r14, rbp, r9; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +mov rbx, r10; +shrd rbx, r15, 52; x20 <- x19_1||x19_0 >> 52 +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r9, r15, rcx; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +add rbx, r15; could be done better, if r0 has been u8 as well +adc r9, 0x0; add CF to r0's alloc +xor rdx, rdx +adox rbp, rbx +adox r9, r14 +mov r14, rbp; +shrd r14, r9, 52; x26 <- x25_1||x25_0 >> 52 +mov rdx, rcx; x4 to rdx +mulx r15, rcx, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r9, rbx, rdx; x10026_1, x10026_0<- arg1[1]^2 +add rbx, rcx; could be done better, if r0 has been u8 as well +adcx r15, r9 +add r14, rbx; could be done better, if r0 has been u8 as well +adc r15, 0x0; add CF to r0's alloc +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r9, rcx, r11; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +xor r11, r11 +adox rcx, r14 +adox r15, r9 +mov rbx, rcx; +shrd rbx, r15, 52; x32 <- x31_1||x31_0 >> 52 +and rcx, r8; x33 <- x31_0&0xfffffffffffff +and rax, r8; x10 <- x8_0&0xfffffffffffff +mov [ rdi + 0x10 ], rcx; out1[2] = x33 +lea rax, [ rax + rbx ] +mov r14, 0xffffffffffff ; moving imm to reg +and r12, r14; x15 <- x13&0xffffffffffff +and rbp, r8; x27 <- x25_0&0xfffffffffffff +mov [ rdi + 0x8 ], rbp; out1[1] = x27 +mov r9, 0x1000003d10000 ; moving imm to reg +mov rdx, r9; 0x1000003d10000 to rdx +mulx r15, r9, r13; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +adox r9, rax +adox r15, r11 +and r10, r8; x21 <- x19_0&0xfffffffffffff +mov r13, r9; +shrd r13, r15, 52; x35 <- x34_1||x34_0 >> 52 +and r9, r8; x36 <- x34_0&0xfffffffffffff +lea r12, [ r12 + r13 ] +mov [ rdi + 0x20 ], r12; out1[4] = x37 +mov [ rdi + 0x0 ], r10; out1[0] = x21 +mov [ rdi + 0x18 ], r9; out1[3] = x36 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 12th Gen Intel(R) Core(TM) i9-12900KF +; ratio 1.2077 +; seed 2273745575360676 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 1103260 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=373, initial num_batches=31): 126292 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.11447165672642895 +; number reverted permutation / tried permutation: 106016 / 135090 =78.478% +; number reverted decision / tried decision: 99678 / 134909 =73.885% +; validated in 0.181s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000167123146_ratio09249.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000167123146_ratio09249.asm deleted file mode 100644 index 3fd044e609..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000167123146_ratio09249.asm +++ /dev/null @@ -1,173 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, 0x1 -shlx r10, [ rsi + 0x8 ], rax -shlx r11, [ rsi + 0x0 ], rax -shlx rdx, [ rsi + 0x18 ], rax -mov rcx, rdx -mov rdx, [ rsi + 0x18 ] -mulx r9, r8, r10 -mov rdx, [ rsi + 0x10 ] -lea rax, [rdx + rdx] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x70 ], r12 -mov r12, rbx -and r12, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, r10 -mov rdx, r11 -mov [ rsp - 0x48 ], r14 -mulx r14, r11, [ rsi + 0x18 ] -adox r15, r11 -adox r14, rdi -mov rdi, 0x1000003d10 -xchg rdx, r12 -mov [ rsp - 0x40 ], r13 -mulx r13, r11, rdi -adcx r11, r15 -adcx r14, r13 -mov rdx, r11 -shrd rdx, r14, 52 -mov r15, rdx -mov rdx, [ rsi + 0x10 ] -mulx r14, r13, rdx -test al, al -adox r13, r8 -adox r9, r14 -mov rdx, r12 -mulx r8, r12, [ rsi + 0x20 ] -adcx r13, r12 -adcx r8, r9 -test al, al -adox r15, r13 -mov r14, 0x0 -adox r8, r14 -shrd rbx, rbp, 52 -xchg rdx, rdi -mulx r9, rbp, rbx -add rbp, r15 -adcx r8, r9 -mov r12, rbp -shrd r12, r8, 52 -mov rdx, [ rsi + 0x18 ] -mulx r15, r13, rax -mov rdx, [ rsi + 0x20 ] -mulx r9, rbx, r10 -test al, al -adox r13, rbx -adox r9, r15 -mov rdx, [ rsi + 0x18 ] -mulx r8, r10, rdx -adcx r12, r13 -adc r9, 0x0 -mov rdx, 0x34 -bzhi r15, r12, rdx -shl r15, 4 -mov rdx, rax -mulx rbx, rax, [ rsi + 0x20 ] -shrd r12, r9, 52 -xor rdx, rdx -adox r10, rax -adox rbx, r8 -mov r14, 0x34 -bzhi r13, rbp, r14 -mov rbp, r13 -shr rbp, 48 -lea r15, [ r15 + rbp ] -mov rdx, [ rsi + 0x0 ] -mulx r9, r8, rdx -mov rdx, 0x30 -bzhi rax, r13, rdx -mov r13, 0x1000003d1 -mov rdx, r13 -mulx rbp, r13, r15 -adox r13, r8 -adox r9, rbp -bzhi r15, r13, r14 -shrd r13, r9, 52 -xor r8, r8 -adox r12, r10 -adox rbx, r8 -mov rdx, [ rsi + 0x8 ] -mulx rbp, r10, rdi -mov rdx, rcx -mulx r9, rcx, [ rsi + 0x20 ] -bzhi rdx, r12, r14 -adox r13, r10 -adox rbp, r8 -mov r10, 0x1000003d10 -mulx r14, r8, r10 -test al, al -adox r8, r13 -adox rbp, r14 -shrd r12, rbx, 52 -mov rbx, r8 -shrd rbx, rbp, 52 -test al, al -adox r12, rcx -mov rdx, 0x0 -adox r9, rdx -mov rdx, [ rsi + 0x10 ] -mulx r13, rcx, rdi -mov rdx, rcx -adcx rdx, [ rsp - 0x40 ] -adcx r13, [ rsp - 0x48 ] -mov rdi, 0xfffffffffffff -mov r14, r12 -and r14, rdi -xchg rdx, r10 -mulx rcx, rbp, r14 -adox rbx, r10 -mov r14, 0x0 -adox r13, r14 -adcx rbp, rbx -adcx r13, rcx -mov r10, rbp -and r10, rdi -shrd rbp, r13, 52 -shrd r12, r9, 52 -mulx rcx, r9, r12 -and r11, rdi -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x10 ], r10 -lea r11, [ r11 + rbp ] -adox r9, r11 -adox rcx, r14 -mov r13, r9 -and r13, rdi -shrd r9, rcx, 52 -lea rax, [ rax + r9 ] -mov [ rbx + 0x0 ], r15 -mov [ rbx + 0x20 ], rax -and r8, rdi -mov [ rbx + 0x18 ], r13 -mov [ rbx + 0x8 ], r8 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.9249 -; seed 1611997365195876 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1383305 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=155, initial num_batches=31): 106567 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.0770379634281666 -; number reverted permutation / tried permutation: 81867 / 90088 =90.874% -; number reverted decision / tried decision: 55343 / 89911 =61.553% -; validated in 0.331s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000188982661_ratio09261.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000188982661_ratio09261.asm deleted file mode 100644 index 150b759e45..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000188982661_ratio09261.asm +++ /dev/null @@ -1,177 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x8 ] -mov r10, rax -shl r10, 0x1 -mov rdx, [ rsi + 0x20 ] -mulx r11, rax, rdx -mov rdx, 0xfffffffffffff -mov rcx, rax -and rcx, rdx -mov rdx, r10 -mulx r8, r10, [ rsi + 0x10 ] -mov r9, 0x1000003d10 -xchg rdx, r9 -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, rcx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -mulx r12, rcx, rdx -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -lea r13, [rdx + rdx] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r13 -adox r10, r14 -adox r15, r8 -adcx rbx, r10 -adcx r15, rbp -mov rdx, r9 -mulx r8, r9, [ rsi + 0x18 ] -xor rbp, rbp -adox rcx, r9 -adox r8, r12 -mov r12, rdx -mov rdx, [ rsi + 0x18 ] -mulx r10, r14, rdx -mov rdx, rbx -shrd rdx, r15, 52 -mov r15, [ rsi + 0x10 ] -mov r9, r15 -shl r9, 0x1 -xchg rdx, r13 -mulx rbp, r15, [ rsi + 0x20 ] -add rcx, r15 -adcx rbp, r8 -xor r8, r8 -adox r13, rcx -adox rbp, r8 -shrd rax, r11, 52 -mov r11, 0x1000003d10 -xchg rdx, r11 -mulx rcx, r15, rax -mov rax, 0x34 -bzhi r8, rbx, rax -adox r15, r13 -adox rbp, rcx -mov rdx, r9 -mulx rbx, r9, [ rsi + 0x18 ] -xchg rdx, r12 -mulx rcx, r13, [ rsi + 0x20 ] -mov rdx, r15 -shrd rdx, rbp, 52 -test al, al -adox r9, r13 -adox rcx, rbx -adcx rdx, r9 -adc rcx, 0x0 -bzhi rbp, rdx, rax -bzhi rbx, r15, rax -mov r15, rbx -shr r15, 48 -shrd rdx, rcx, 52 -mov r13, 0xffffffffffff -and rbx, r13 -shl rbp, 4 -lea rbp, [ rbp + r15 ] -mov r9, rdx -mov rdx, [ rsi + 0x20 ] -mulx r15, rcx, r12 -mov rdx, [ rsi + 0x0 ] -mulx rax, r12, rdx -mov rdx, 0x1000003d1 -mov [ rsp - 0x50 ], rdi -mulx rdi, r13, rbp -xor rbp, rbp -adox r14, rcx -adox r15, r10 -adcx r9, r14 -adc r15, 0x0 -xor r10, r10 -adox r13, r12 -adox rax, rdi -mov rbp, r9 -shrd rbp, r15, 52 -mov rcx, r13 -shrd rcx, rax, 52 -mov r12, 0xfffffffffffff -and r9, r12 -mov rdx, [ rsi + 0x8 ] -mulx r14, rdi, r11 -mov rdx, 0x1000003d10 -mulx rax, r15, r9 -mov r9, [ rsi + 0x18 ] -lea r10, [r9 + r9] -and r13, r12 -mov rdx, [ rsi + 0x20 ] -mulx r12, r9, r10 -mov rdx, [ rsp - 0x50 ] -mov [ rdx + 0x0 ], r13 -xchg rdx, r11 -mulx r13, r10, [ rsi + 0x10 ] -adox rcx, rdi -mov rdx, 0x0 -adox r14, rdx -adcx rbp, r9 -adc r12, 0x0 -xor rdi, rdi -adox r15, rcx -adox r14, rax -mov rdx, 0x34 -bzhi rax, rbp, rdx -mov r9, 0x1000003d10 -mov rdx, r9 -mulx rcx, r9, rax -mov rdx, [ rsi + 0x8 ] -mulx rdi, rax, rdx -adox rax, r10 -adox r13, rdi -mov rdx, r15 -shrd rdx, r14, 52 -xor r10, r10 -adox rdx, rax -adox r13, r10 -adcx r9, rdx -adcx r13, rcx -mov r14, r9 -shrd r14, r13, 52 -lea r8, [ r8 + r14 ] -shrd rbp, r12, 52 -mov r12, 0x1000003d10 -mov rdx, rbp -mulx rcx, rbp, r12 -add rbp, r8 -adc rcx, 0x0 -mov rdi, 0xfffffffffffff -mov rax, rbp -and rax, rdi -mov [ r11 + 0x18 ], rax -shrd rbp, rcx, 52 -and r15, rdi -lea rbx, [ rbx + rbp ] -mov [ r11 + 0x8 ], r15 -and r9, rdi -mov [ r11 + 0x10 ], r9 -mov [ r11 + 0x20 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.9261 -; seed 2111706479582779 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1462543 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=161, initial num_batches=31): 112291 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.07677791353826861 -; number reverted permutation / tried permutation: 78830 / 90026 =87.564% -; number reverted decision / tried decision: 54022 / 89973 =60.042% -; validated in 0.342s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000225267441_ratio09530.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000225267441_ratio09530.asm deleted file mode 100644 index adf5ed25f9..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000225267441_ratio09530.asm +++ /dev/null @@ -1,174 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x0 ] -lea rdx, [r11 + r11] -mov r11, rdx -mov rdx, [ rsi + 0x18 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, r11 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x78 ], rbp -mov rbp, rdx -shl rbp, 0x1 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, rbp -test al, al -adox r12, r9 -adox rbx, r13 -mov rdx, rax -shrd rdx, r10, 52 -mov r10, 0xfffffffffffff -and rax, r10 -xchg rdx, rbp -mulx r13, r9, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov r14, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mulx r10, r15, rdx -adox r15, r9 -adox r13, r10 -mov rdx, [ rsi + 0x20 ] -mulx r10, r9, r11 -adcx r15, r9 -adcx r10, r13 -mov rdx, 0x1000003d10 -mulx r9, r13, rax -test al, al -adox r13, r12 -adox rbx, r9 -mov r12, r13 -shrd r12, rbx, 52 -add r12, r15 -adc r10, 0x0 -mulx r15, rax, rbp -xor rbp, rbp -adox rax, r12 -adox r10, r15 -mov r9, 0x1 -shlx rbx, [ rsi + 0x10 ], r9 -mov r12, rax -shrd r12, r10, 52 -mov rdx, [ rsi + 0x18 ] -mulx r10, r15, rbx -mov rdx, [ rsi + 0x20 ] -mulx r9, rbp, r14 -xor rdx, rdx -adox r15, rbp -adox r9, r10 -mov r14, 0x34 -bzhi r10, r13, r14 -adox r12, r15 -adox r9, rdx -bzhi r13, r12, r14 -shrd r12, r9, 52 -bzhi rbp, rax, r14 -shl r13, 4 -mov rax, 0xffffffffffff -mov r15, rbp -and r15, rax -mov rdx, [ rsi + 0x20 ] -mulx r14, r9, rbx -adox rcx, r9 -adox r14, r8 -shr rbp, 48 -mov rdx, [ rsi + 0x18 ] -mov r8, rdx -shl r8, 0x1 -lea r13, [ r13 + rbp ] -xor rdx, rdx -adox r12, rcx -adox r14, rdx -mov rdx, [ rsi + 0x0 ] -mulx r9, rbx, rdx -mov rdx, r8 -mulx rcx, r8, [ rsi + 0x20 ] -mov rbp, r12 -shrd rbp, r14, 52 -test al, al -adox rbp, r8 -mov rdx, 0x0 -adox rcx, rdx -mov r14, 0x1000003d1 -mov rdx, r13 -mulx r8, r13, r14 -mov rdx, [ rsi + 0x8 ] -mulx rax, r14, rdx -adcx r13, rbx -adcx r9, r8 -mov rdx, rbp -shrd rdx, rcx, 52 -mov rbx, 0xfffffffffffff -mov rcx, r13 -and rcx, rbx -mov r8, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x50 ], rdi -mulx rdi, rbx, r11 -adox r14, rbx -adox rdi, rax -mov rdx, [ rsi + 0x8 ] -mulx rbx, rax, r11 -mov rdx, 0xfffffffffffff -and r12, rdx -mov r11, [ rsp - 0x50 ] -mov [ r11 + 0x0 ], rcx -mov rcx, 0x1000003d10 -mov rdx, rcx -mulx r11, rcx, r12 -shrd r13, r9, 52 -xor r9, r9 -adox r13, rax -adox rbx, r9 -adcx rcx, r13 -adcx rbx, r11 -mov rax, 0x34 -bzhi r12, rbp, rax -bzhi rbp, rcx, rax -shrd rcx, rbx, 52 -mulx r13, r11, r12 -add rcx, r14 -adc rdi, 0x0 -add r11, rcx -adcx rdi, r13 -mov r14, r11 -shrd r14, rdi, 52 -bzhi rbx, r11, rax -mov r12, [ rsp - 0x50 ] -mov [ r12 + 0x10 ], rbx -lea r10, [ r10 + r14 ] -mulx rcx, r13, r8 -adox r13, r10 -adox rcx, r9 -mov r8, r13 -shrd r8, rcx, 52 -lea r15, [ r15 + r8 ] -mov [ r12 + 0x20 ], r15 -bzhi r11, r13, rax -mov [ r12 + 0x8 ], rbp -mov [ r12 + 0x18 ], r11 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 0.9530 -; seed 2351914705828844 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 696387 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=243, initial num_batches=31): 67405 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09679244443104193 -; number reverted permutation / tried permutation: 74949 / 89949 =83.324% -; number reverted decision / tried decision: 60622 / 90050 =67.320% -; validated in 0.199s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000236131603_ratio10227.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000236131603_ratio10227.asm deleted file mode 100644 index efef7a7840..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000236131603_ratio10227.asm +++ /dev/null @@ -1,186 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x8 ] -lea r10, [rax + rax] -mov rdx, [ rsi + 0x18 ] -mulx r11, rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, r10 -mov [ rsp - 0x78 ], rbp -mulx rbp, r10, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -mov r12, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -mov r13, r12 -shl r13, 0x1 -mov r12, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r13 -mov rdx, rcx -shrd rdx, r8, 52 -mov r8, 0x1000003d10 -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r11 -mulx r11, rdi, r8 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x40 ], rax -mulx rax, r8, r13 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x38 ], rax -mov [ rsp - 0x30 ], r8 -mulx r8, rax, rdx -add r10, r14 -adcx r15, rbp -mov rdx, 0x34 -bzhi rbp, rcx, rdx -mov rcx, 0x1000003d10 -mov rdx, rcx -mulx r14, rcx, rbp -mov rdx, r12 -mulx rbp, r12, [ rsi + 0x18 ] -adox rcx, r10 -adox r15, r14 -test al, al -adox r9, r12 -adox rbp, rbx -mov rbx, rdx -mov rdx, [ rsi + 0x20 ] -mulx r14, r10, r13 -adcx r9, r10 -adcx r14, rbp -mov rdx, rcx -shrd rdx, r15, 52 -imul r12, [ rsi + 0x10 ], 0x2 -test al, al -adox rdx, r9 -mov r15, 0x0 -adox r14, r15 -mov rbp, rdx -mov rdx, [ rsi + 0x20 ] -mulx r9, r10, r12 -adcx rdi, rbp -adcx r14, r11 -mov rdx, [ rsi + 0x20 ] -mulx rbp, r11, rbx -mov rdx, r12 -mulx rbx, r12, [ rsi + 0x18 ] -mov rdx, rdi -shrd rdx, r14, 52 -test al, al -adox r12, r11 -adox rbp, rbx -adcx rdx, r12 -adc rbp, 0x0 -mov r14, 0x34 -bzhi r11, rdx, r14 -mov rbx, rdx -mov rdx, [ rsi + 0x0 ] -mulx r15, r12, rdx -bzhi rdx, rdi, r14 -mov rdi, rdx -shr rdi, 48 -shl r11, 4 -lea r11, [ r11 + rdi ] -mov rdi, 0x1000003d1 -xchg rdx, r11 -mov [ rsp - 0x28 ], r8 -mulx r8, r14, rdi -test al, al -adox r14, r12 -adox r15, r8 -mov r12, 0xfffffffffffff -mov rdx, r14 -and rdx, r12 -shrd r14, r15, 52 -mov r8, r10 -test al, al -adox r8, [ rsp - 0x40 ] -adox r9, [ rsp - 0x48 ] -adcx r14, [ rsp - 0x30 ] -mov r10, [ rsp - 0x38 ] -adc r10, 0x0 -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x0 ], rdx -mov rdx, [ rsi + 0x18 ] -mov rdi, rdx -shl rdi, 0x1 -shrd rbx, rbp, 52 -test al, al -adox rbx, r8 -mov rdx, 0x0 -adox r9, rdx -mov rbp, rbx -shrd rbp, r9, 52 -mov rdx, [ rsi + 0x20 ] -mulx r9, r8, rdi -test al, al -adox rbp, r8 -mov rdx, 0x0 -adox r9, rdx -mov rdx, r13 -mulx rdi, r13, [ rsi + 0x10 ] -mov rdx, rbp -shrd rdx, r9, 52 -and rbx, r12 -adox rax, r13 -adox rdi, [ rsp - 0x28 ] -mov r8, 0x1000003d10 -xchg rdx, rbx -mulx r13, r9, r8 -adcx r9, r14 -adcx r10, r13 -mov r14, r9 -shrd r14, r10, 52 -and rcx, r12 -and rbp, r12 -mov rdx, rbp -mulx r13, rbp, r8 -adox r14, rax -mov r10, 0x0 -adox rdi, r10 -adcx rbp, r14 -adcx rdi, r13 -mov rax, rbp -shrd rax, rdi, 52 -and rbp, r12 -lea rcx, [ rcx + rax ] -mov [ r15 + 0x10 ], rbp -mov rdx, 0xffffffffffff -and r11, rdx -mov rdx, rbx -mulx r13, rbx, r8 -adox rbx, rcx -adox r13, r10 -mov rdx, rbx -shrd rdx, r13, 52 -lea r11, [ r11 + rdx ] -mov [ r15 + 0x20 ], r11 -and rbx, r12 -and r9, r12 -mov [ r15 + 0x8 ], r9 -mov [ r15 + 0x18 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 1.0227 -; seed 0457920433625596 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 715661 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=230, initial num_batches=31): 66393 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09277157760448033 -; number reverted permutation / tried permutation: 75092 / 89951 =83.481% -; number reverted decision / tried decision: 61214 / 90048 =67.979% -; validated in 0.199s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000315680831_ratio10448.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000315680831_ratio10448.asm deleted file mode 100644 index c3a5493397..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000315680831_ratio10448.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x8 ] -mulx r10, rax, rdx -imul r11, [ rsi + 0x0 ], 0x2 -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x78 ], rbp -mov rbp, rcx -and rbp, rdx -mov [ rsp - 0x70 ], r12 -mov r12, 0x1000003d10 -mov rdx, r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, rbp -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x60 ], r14 -mulx r14, rbp, r11 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x58 ], r15 -mov r15, rdx -shl r15, 0x1 -mov rdx, r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r10 -mov [ rsp - 0x40 ], rax -mulx rax, r10, [ rsi + 0x20 ] -add r9, r15 -adcx rdi, rbx -mulx r15, rbx, [ rsi + 0x10 ] -mov rdx, r11 -mov [ rsp - 0x38 ], r14 -mulx r14, r11, [ rsi + 0x18 ] -add rbx, r11 -adcx r14, r15 -mulx r11, r15, [ rsi + 0x20 ] -mov [ rsp - 0x30 ], rbp -xor rbp, rbp -adox r9, r15 -adox r11, rdi -mulx r15, rdi, [ rsi + 0x10 ] -adcx r12, rbx -adcx r14, r13 -shrd rcx, r8, 52 -mov rdx, 0x34 -bzhi r8, r12, rdx -shrd r12, r14, 52 -mov r13, 0x1000003d10 -mov rdx, rcx -mulx rbx, rcx, r13 -test al, al -adox r12, r9 -adox r11, rbp -adcx rcx, r12 -adcx r11, rbx -mov r9, 0xfffffffffffff -mov r14, rcx -and r14, r9 -mov rdx, [ rsi + 0x10 ] -lea rbx, [rdx + rdx] -mov rdx, [ rsi + 0x18 ] -mulx rbp, r12, rbx -adox r12, r10 -adox rax, rbp -shrd rcx, r11, 52 -xor rdx, rdx -adox rcx, r12 -adox rax, rdx -mov r10, rcx -and r10, r9 -shl r10, 4 -mov r11, r14 -shr r11, 48 -lea r10, [ r10 + r11 ] -mov rdx, [ rsi + 0x0 ] -mulx r12, rbp, rdx -mov rdx, 0x1000003d1 -mulx r13, r11, r10 -add r11, rbp -adcx r12, r13 -mov rdx, [ rsi + 0x18 ] -mulx rbp, r10, rdx -mov rdx, 0xffffffffffff -and r14, rdx -mov rdx, [ rsi + 0x20 ] -mulx r9, r13, rbx -adox r10, r13 -adox r9, rbp -shrd rcx, rax, 52 -xor rdx, rdx -adox rcx, r10 -adox r9, rdx -mov rbx, 0x34 -bzhi rax, rcx, rbx -imul rbp, [ rsi + 0x18 ], 0x2 -mov r13, 0x1000003d10 -mov rdx, r13 -mulx r10, r13, rax -shrd rcx, r9, 52 -mov rdx, rbp -mulx r9, rbp, [ rsi + 0x20 ] -xor rax, rax -adox rcx, rbp -adox r9, rax -bzhi rdx, rcx, rbx -shrd rcx, r9, 52 -mov rbp, r11 -shrd rbp, r12, 52 -add rbp, [ rsp - 0x30 ] -mov r12, [ rsp - 0x38 ] -adc r12, 0x0 -test al, al -adox r13, rbp -adox r12, r10 -mov r10, 0x1000003d10 -mulx rbp, r9, r10 -mov rdx, rdi -adcx rdx, [ rsp - 0x40 ] -adcx r15, [ rsp - 0x48 ] -bzhi rdi, r13, rbx -shrd r13, r12, 52 -test al, al -adox r13, rdx -adox r15, rax -adcx r9, r13 -adcx r15, rbp -bzhi r12, r9, rbx -shrd r9, r15, 52 -lea r8, [ r8 + r9 ] -mov rbp, [ rsp - 0x50 ] -mov [ rbp + 0x10 ], r12 -mov rdx, r10 -mulx r13, r10, rcx -bzhi rcx, r11, rbx -adox r10, r8 -adox r13, rax -bzhi r11, r10, rbx -mov [ rbp + 0x18 ], r11 -shrd r10, r13, 52 -lea r14, [ r14 + r10 ] -mov [ rbp + 0x8 ], rdi -mov [ rbp + 0x0 ], rcx -mov [ rbp + 0x20 ], r14 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0448 -; seed 2742055397354950 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1058552 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=245, initial num_batches=31): 84811 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.08011982406154823 -; number reverted permutation / tried permutation: 75647 / 90030 =84.024% -; number reverted decision / tried decision: 64458 / 89969 =71.645% -; validated in 0.343s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000376311432_ratio12018.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000376311432_ratio12018.asm deleted file mode 100644 index 4f1baa2719..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000376311432_ratio12018.asm +++ /dev/null @@ -1,164 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x8 ] -lea rdx, [r11 + r11] -mov r11, [ rsi + 0x0 ] -lea rcx, [r11 + r11] -mov r11, 0xfffffffffffff -mov r8, rax -and r8, r11 -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov rbp, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, rcx -adox r9, r12 -adox r13, rbx -mov rdx, 0x1000003d10 -mulx r12, rbx, r8 -adcx rbx, r9 -adcx r13, r12 -mov rdx, [ rsi + 0x18 ] -mulx r9, r8, rbp -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x60 ], r14 -mulx r14, r12, rdx -shrd rax, r10, 52 -xor rdx, rdx -adox r12, r8 -adox r9, r14 -mov rdx, [ rsi + 0x20 ] -mulx r8, r10, rcx -mov rdx, 0x1000003d10 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, rax -mov rax, [ rsi + 0x10 ] -mov rdx, rax -shl rdx, 0x1 -mov rax, rbx -shrd rax, r13, 52 -xor r13, r13 -adox r12, r10 -adox r8, r9 -adcx rax, r12 -adc r8, 0x0 -xor r9, r9 -adox r14, rax -adox r8, r15 -mov r13, r14 -shrd r13, r8, 52 -mulx r15, r10, [ rsi + 0x20 ] -mulx rax, r12, [ rsi + 0x18 ] -mov rdx, rbp -mulx r8, rbp, [ rsi + 0x20 ] -and r14, r11 -adox r12, rbp -adox r8, rax -adcx r13, r12 -adc r8, 0x0 -mov rdx, r13 -and rdx, r11 -shl rdx, 4 -shrd r13, r8, 52 -mov rax, rdx -mov rdx, [ rsi + 0x18 ] -mulx r12, rbp, rdx -xor rdx, rdx -adox rbp, r10 -adox r15, r12 -mov r9, r14 -shr r9, 48 -lea rax, [ rax + r9 ] -mov r10, 0x1000003d1 -mov rdx, r10 -mulx r8, r10, rax -xor r12, r12 -adox r13, rbp -adox r15, r12 -mov rbp, r13 -and rbp, r11 -imul r9, [ rsi + 0x18 ], 0x2 -mov rdx, r9 -mulx rax, r9, [ rsi + 0x20 ] -shrd r13, r15, 52 -add r13, r9 -adc rax, 0x0 -mov rdx, [ rsi + 0x0 ] -mulx r9, r15, rdx -xor rdx, rdx -adox r10, r15 -adox r9, r8 -mov r12, r10 -and r12, r11 -shrd r10, r9, 52 -mov rdx, [ rsi + 0x10 ] -mulx r15, r8, rcx -mov rdx, rcx -mulx r9, rcx, [ rsi + 0x8 ] -xor rdx, rdx -adox r10, rcx -adox r9, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, rcx, rdx -adcx rcx, r8 -adcx r15, r11 -mov rdx, 0x1000003d10 -mulx r11, r8, rbp -add r8, r10 -adcx r9, r11 -mov rbp, r8 -shrd rbp, r9, 52 -mov [ rdi + 0x0 ], r12 -xor r12, r12 -adox rbp, rcx -adox r15, r12 -mov r10, 0xfffffffffffff -mov rcx, r13 -and rcx, r10 -mulx r9, r11, rcx -adox r11, rbp -adox r15, r9 -and r8, r10 -mov [ rdi + 0x8 ], r8 -mov rbp, r11 -shrd rbp, r15, 52 -and rbx, r10 -lea rbx, [ rbx + rbp ] -shrd r13, rax, 52 -mulx rcx, rax, r13 -add rax, rbx -adc rcx, 0x0 -and r11, r10 -mov [ rdi + 0x10 ], r11 -mov r9, rax -shrd r9, rcx, 52 -mov r15, 0xffffffffffff -and r14, r15 -lea r14, [ r14 + r9 ] -mov [ rdi + 0x20 ], r14 -and rax, r10 -mov [ rdi + 0x18 ], rax -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.2018 -; seed 0171085932788745 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 650350 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=451, initial num_batches=31): 78591 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.12084416083647267 -; number reverted permutation / tried permutation: 76718 / 89987 =85.255% -; number reverted decision / tried decision: 67604 / 90012 =75.106% -; validated in 0.163s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000381222304_ratio11625.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000381222304_ratio11625.asm deleted file mode 100644 index 0ab5552d20..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000381222304_ratio11625.asm +++ /dev/null @@ -1,169 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x0 ] -lea r10, [rax + rax] -mov rax, [ rsi + 0x8 ] -lea r11, [rax + rax] -mov rdx, [ rsi + 0x20 ] -mulx rcx, rax, rdx -mov rdx, 0xfffffffffffff -mov r8, rax -and r8, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, r10 -mov [ rsp - 0x78 ], rbp -mulx rbp, r10, [ rsi + 0x18 ] -mov [ rsp - 0x70 ], r12 -mov r12, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, r11 -adox r13, r10 -adox rbp, r14 -mov rdx, 0x1000003d10 -mulx r14, r10, r8 -adcx r10, r13 -adcx rbp, r14 -mov r8, r10 -shrd r8, rbp, 52 -mov rdx, [ rsi + 0x10 ] -mulx r14, r13, rdx -mov rdx, r11 -mulx rbp, r11, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mov r15, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbx -mulx rbx, rdi, r12 -add r13, r11 -adcx rbp, r14 -shrd rax, rcx, 52 -xor rdx, rdx -adox r13, rdi -adox rbx, rbp -adcx r8, r13 -adc rbx, 0x0 -mov rcx, 0x1000003d10 -mov rdx, rax -mulx r14, rax, rcx -mov rdx, r15 -mulx r11, r15, [ rsi + 0x20 ] -xor rdx, rdx -adox rax, r8 -adox rbx, r14 -mov rdi, rax -shrd rdi, rbx, 52 -mov rbp, 0xfffffffffffff -and rax, rbp -mov r13, 0x1 -shlx r8, [ rsi + 0x10 ], r13 -mov rdx, r8 -mulx r14, r8, [ rsi + 0x18 ] -adox r8, r15 -adox r11, r14 -adcx rdi, r8 -adc r11, 0x0 -mov r15, rdi -shrd r15, r11, 52 -and rdi, rbp -shl rdi, 4 -mov rbx, rax -shr rbx, 48 -lea rdi, [ rdi + rbx ] -mulx r8, r14, [ rsi + 0x20 ] -mov rdx, 0x1000003d1 -mulx rbx, r11, rdi -xor rdi, rdi -adox r9, r14 -adox r8, [ rsp - 0x48 ] -adcx r15, r9 -adc r8, 0x0 -mov r14, r15 -shrd r14, r8, 52 -and r15, rbp -mov rdx, rcx -mulx r9, rcx, r15 -mov rdx, [ rsi + 0x0 ] -mulx r15, r8, rdx -adox r11, r8 -adox r15, rbx -mov rdx, r11 -shrd rdx, r15, 52 -mov rbx, rdx -mov rdx, [ rsi + 0x8 ] -mulx r15, r8, r12 -mov rdx, 0xffffffffffff -and rax, rdx -imul r13, [ rsi + 0x18 ], 0x2 -xor rdx, rdx -adox rbx, r8 -adox r15, rdx -adcx rcx, rbx -adcx r15, r9 -mov rdi, rcx -shrd rdi, r15, 52 -mov rdx, [ rsi + 0x8 ] -mulx r8, r9, rdx -mov rdx, [ rsi + 0x20 ] -mulx r15, rbx, r13 -mov rdx, r12 -mulx r13, r12, [ rsi + 0x10 ] -xor rdx, rdx -adox r14, rbx -adox r15, rdx -mov rbx, r14 -shrd rbx, r15, 52 -and r14, rbp -and r10, rbp -adox r9, r12 -adox r13, r8 -and r11, rbp -mov r8, 0x1000003d10 -mov rdx, r8 -mulx r12, r8, r14 -adox rdi, r9 -mov r15, 0x0 -adox r13, r15 -adcx r8, rdi -adcx r13, r12 -mov r14, [ rsp - 0x50 ] -mov [ r14 + 0x0 ], r11 -mov r9, r8 -shrd r9, r13, 52 -lea r10, [ r10 + r9 ] -and rcx, rbp -and r8, rbp -mov [ r14 + 0x8 ], rcx -mov [ r14 + 0x10 ], r8 -mulx r12, r11, rbx -adox r11, r10 -adox r12, r15 -mov rbx, r11 -shrd rbx, r12, 52 -lea rax, [ rax + rbx ] -mov [ r14 + 0x20 ], rax -and r11, rbp -mov [ r14 + 0x18 ], r11 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.1625 -; seed 2935319977919574 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 626361 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=450, initial num_batches=31): 78223 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.12488485074900896 -; number reverted permutation / tried permutation: 76846 / 90260 =85.138% -; number reverted decision / tried decision: 67294 / 89739 =74.989% -; validated in 0.166s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000384758604_ratio11428.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000384758604_ratio11428.asm deleted file mode 100644 index 07f4253ff7..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000384758604_ratio11428.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x8 ] -lea r10, [rax + rax] -mov rdx, [ rsi + 0x18 ] -mulx r11, rax, r10 -mov rdx, [ rsi + 0x20 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x78 ], rbp -mov rbp, rcx -and rbp, rdx -mov [ rsp - 0x70 ], r12 -mov r12, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -lea r13, [r12 + r12] -adox r9, rax -adox r11, rbx -mov rdx, r13 -mulx r13, r12, [ rsi + 0x20 ] -adcx r9, r12 -adcx r13, r11 -mulx rbx, rax, [ rsi + 0x8 ] -mulx r12, r11, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov r14, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, r10 -mov rdx, 0x1000003d10 -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], rax -mulx rax, rbx, rbp -xor rbp, rbp -adox r15, r11 -adox r12, rdi -adcx rbx, r15 -adcx r12, rax -mov r11, rbx -shrd r11, r12, 52 -shrd rcx, r8, 52 -mulx rdi, r8, rcx -xor rax, rax -adox r11, r9 -adox r13, rax -mov rbp, 0xfffffffffffff -and rbx, rbp -adox r8, r11 -adox r13, rdi -mov r9, [ rsi + 0x10 ] -mov r15, r9 -shl r15, 0x1 -mov rdx, r15 -mulx r15, r9, [ rsi + 0x18 ] -mov r12, r8 -and r12, rbp -mulx rdi, rcx, [ rsi + 0x20 ] -shrd r8, r13, 52 -mov r11, r12 -shr r11, 48 -mov rdx, r10 -mulx r13, r10, [ rsi + 0x20 ] -test al, al -adox r9, r10 -adox r13, r15 -adcx r8, r9 -adc r13, 0x0 -mov rdx, r8 -shrd rdx, r13, 52 -and r8, rbp -shl r8, 4 -lea r8, [ r8 + r11 ] -mov r15, rdx -mov rdx, [ rsi + 0x18 ] -mulx r10, r11, rdx -xor rdx, rdx -adox r11, rcx -adox rdi, r10 -mov rdx, [ rsi + 0x0 ] -mulx rcx, rax, rdx -mov rdx, 0x1000003d1 -mulx r13, r9, r8 -adcx r9, rax -adcx rcx, r13 -add r15, r11 -adc rdi, 0x0 -mov r8, r15 -and r8, rbp -shrd r15, rdi, 52 -mov r10, 0x1000003d10 -mov rdx, r10 -mulx r11, r10, r8 -mov rax, r9 -and rax, rbp -mov r13, [ rsi + 0x18 ] -lea rdi, [r13 + r13] -mov rdx, rdi -mulx r13, rdi, [ rsi + 0x20 ] -shrd r9, rcx, 52 -mov rcx, [ rsp - 0x50 ] -mov [ rcx + 0x0 ], rax -xor r8, r8 -adox r15, rdi -adox r13, r8 -adcx r9, [ rsp - 0x40 ] -mov rax, [ rsp - 0x48 ] -adc rax, 0x0 -add r10, r9 -adcx rax, r11 -mov r11, r15 -shrd r11, r13, 52 -mov rdx, r14 -mulx rdi, r14, [ rsi + 0x10 ] -mov rdx, r10 -and rdx, rbp -mov [ rcx + 0x8 ], rdx -shrd r10, rax, 52 -mov rdx, [ rsi + 0x8 ] -mulx r9, r13, rdx -add r13, r14 -adcx rdi, r9 -add r10, r13 -adc rdi, 0x0 -and r15, rbp -mov rdx, 0x1000003d10 -mulx r14, rax, r15 -adox rax, r10 -adox rdi, r14 -mov r9, rax -shrd r9, rdi, 52 -and rax, rbp -mov [ rcx + 0x10 ], rax -mulx r10, r13, r11 -lea rbx, [ rbx + r9 ] -adox r13, rbx -adox r10, r8 -mov r11, r13 -and r11, rbp -mov [ rcx + 0x18 ], r11 -shrd r13, r10, 52 -mov r15, 0xffffffffffff -and r12, r15 -lea r12, [ r12 + r13 ] -mov [ rcx + 0x20 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 13th Gen Intel(R) Core(TM) i9-13900KF -; ratio 1.1428 -; seed 0869701317201844 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 626326 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=450, initial num_batches=31): 79063 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.12623298410093145 -; number reverted permutation / tried permutation: 75689 / 90057 =84.046% -; number reverted decision / tried decision: 66956 / 89942 =74.444% -; validated in 0.168s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000498539251_ratio12252.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000498539251_ratio12252.asm deleted file mode 100644 index e97a2fcf2a..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000498539251_ratio12252.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, 0xfffffffffffff -mov rdx, rax -and rdx, r11 -mov rcx, 0x1000003d10 -mulx r9, r8, rcx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x80 ], rbx -lea rbx, [rdx + rdx] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, rbx -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -lea r13, [rdx + rdx] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, r13 -adox rbp, r14 -adox r15, r12 -adcx r8, rbp -adcx r15, r9 -mov rdx, r8 -shrd rdx, r15, 52 -mov r9, rdx -mov rdx, [ rsi + 0x10 ] -mulx r14, r12, rdx -mov rdx, rbx -mulx rbp, rbx, [ rsi + 0x18 ] -xor r15, r15 -adox r12, rbx -adox rbp, r14 -mov r14, rdx -mov rdx, [ rsi + 0x20 ] -mulx r15, rbx, r13 -adcx r12, rbx -adcx r15, rbp -xor rdx, rdx -adox r9, r12 -adox r15, rdx -shrd rax, r10, 52 -mov rdx, rcx -mulx r10, rcx, rax -xor rbp, rbp -adox rcx, r9 -adox r15, r10 -mov rbx, rcx -and rbx, r11 -mov r12, [ rsi + 0x10 ] -lea r9, [r12 + r12] -mov rdx, r14 -mulx r14, r12, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mulx r10, rax, r9 -shrd rcx, r15, 52 -xor rdx, rdx -adox rax, r12 -adox r14, r10 -adcx rcx, rax -adc r14, 0x0 -mov rbp, rcx -shrd rbp, r14, 52 -and rcx, r11 -mov r15, rbx -shr r15, 48 -mov rdx, [ rsi + 0x18 ] -mulx r10, r12, rdx -shl rcx, 4 -lea rcx, [ rcx + r15 ] -mov rdx, r9 -mulx rax, r9, [ rsi + 0x20 ] -xor rdx, rdx -adox r12, r9 -adox rax, r10 -adcx rbp, r12 -adc rax, 0x0 -mov rdx, [ rsi + 0x8 ] -mulx r15, r14, r13 -mov rdx, 0x1000003d1 -mulx r9, r10, rcx -mov rdx, [ rsi + 0x0 ] -mulx r12, rcx, rdx -xor rdx, rdx -adox r10, rcx -adox r12, r9 -mov r9, rbp -and r9, r11 -mov rcx, 0x1000003d10 -mov rdx, r9 -mulx r11, r9, rcx -mov rdx, r10 -shrd rdx, r12, 52 -add rdx, r14 -adc r15, 0x0 -add r9, rdx -adcx r15, r11 -mov r14, r9 -shrd r14, r15, 52 -mov r12, [ rsi + 0x18 ] -lea r11, [r12 + r12] -mov r12, 0xfffffffffffff -and r10, r12 -and r9, r12 -mov [ rdi + 0x0 ], r10 -mov rdx, r11 -mulx r15, r11, [ rsi + 0x20 ] -mov [ rdi + 0x8 ], r9 -shrd rbp, rax, 52 -add rbp, r11 -adc r15, 0x0 -mov rdx, r13 -mulx rax, r13, [ rsi + 0x10 ] -mov rdx, rbp -shrd rdx, r15, 52 -mov r10, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r9, rdx -and r8, r12 -adox r9, r13 -adox rax, r11 -adcx r14, r9 -adc rax, 0x0 -and rbp, r12 -mov rdx, rcx -mulx r15, rcx, rbp -adox rcx, r14 -adox rax, r15 -mov r13, rcx -and r13, r12 -mov [ rdi + 0x10 ], r13 -mulx r9, r11, r10 -shrd rcx, rax, 52 -lea r8, [ r8 + rcx ] -add r11, r8 -adc r9, 0x0 -mov r10, r11 -shrd r10, r9, 52 -and r11, r12 -mov [ rdi + 0x18 ], r11 -mov r14, 0xffffffffffff -and rbx, r14 -lea rbx, [ rbx + r10 ] -mov [ rdi + 0x20 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.2252 -; seed 3106282983519293 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 682214 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=367, initial num_batches=31): 77307 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.1133178152309979 -; number reverted permutation / tried permutation: 75313 / 89835 =83.835% -; number reverted decision / tried decision: 67233 / 90164 =74.567% -; validated in 0.191s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000501708072_ratio12114.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000501708072_ratio12114.asm deleted file mode 100644 index 95b60c7d64..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000501708072_ratio12114.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x0 ] -mov rdx, r11 -shl rdx, 0x1 -mulx rcx, r11, [ rsi + 0x18 ] -mov r8, rax -shrd r8, r10, 52 -mov r9, [ rsi + 0x8 ] -mov r10, r9 -shl r10, 0x1 -mov r9, 0xfffffffffffff -and rax, r9 -mov [ rsp - 0x80 ], rbx -mov rbx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, r10 -adox rbp, r11 -adox rcx, r12 -mov rdx, 0x1000003d10 -mulx r12, r11, rax -adcx r11, rbp -adcx rcx, r12 -mov rax, r11 -and rax, r9 -mov rdx, [ rsi + 0x10 ] -mulx r12, rbp, rdx -mov rdx, r10 -mov [ rsp - 0x68 ], r13 -mulx r13, r10, [ rsi + 0x18 ] -shrd r11, rcx, 52 -xor rcx, rcx -adox rbp, r10 -adox r13, r12 -mov r12, rdx -mov rdx, [ rsi + 0x20 ] -mulx rcx, r10, rbx -adcx rbp, r10 -adcx rcx, r13 -mov rdx, 0x1000003d10 -mulx r10, r13, r8 -xor r8, r8 -adox r11, rbp -adox rcx, r8 -adcx r13, r11 -adcx rcx, r10 -mov rbp, r13 -shrd rbp, rcx, 52 -mov r10, [ rsi + 0x10 ] -mov r11, r10 -shl r11, 0x1 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r10, r11 -mov rdx, r12 -mulx r8, r12, [ rsi + 0x20 ] -xor rdx, rdx -adox r10, r12 -adox r8, rcx -adcx rbp, r10 -adc r8, 0x0 -and r13, r9 -mov rcx, rbp -shrd rcx, r8, 52 -mov r12, r13 -shr r12, 48 -and rbp, r9 -shl rbp, 4 -lea rbp, [ rbp + r12 ] -mov rdx, [ rsi + 0x18 ] -mulx r8, r10, rdx -mov rdx, r11 -mulx r12, r11, [ rsi + 0x20 ] -mov rdx, 0x1000003d1 -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, rbp -add r10, r11 -adcx r12, r8 -add rcx, r10 -adc r12, 0x0 -mov rbp, [ rsi + 0x18 ] -mov r8, rbp -shl r8, 0x1 -mov rdx, [ rsi + 0x20 ] -mulx r11, rbp, r8 -mov rdx, [ rsi + 0x0 ] -mulx r8, r10, rdx -mov rdx, rcx -and rdx, r9 -shrd rcx, r12, 52 -test al, al -adox r14, r10 -adox r8, r15 -adcx rcx, rbp -adc r11, 0x0 -mov r15, r14 -shrd r15, r8, 52 -mov r12, rcx -shrd r12, r11, 52 -mov rbp, rdx -mov rdx, [ rsi + 0x8 ] -mulx r8, r10, rbx -add r15, r10 -adc r8, 0x0 -and r14, r9 -mov rdx, 0x1000003d10 -mulx r10, r11, rbp -adox r11, r15 -adox r8, r10 -mov rbp, r11 -shrd rbp, r8, 52 -and r11, r9 -mov rdx, rbx -mulx r15, rbx, [ rsi + 0x10 ] -mov rdx, [ rsi + 0x8 ] -mulx r8, r10, rdx -adox r10, rbx -adox r15, r8 -mov [ rdi + 0x0 ], r14 -adcx rbp, r10 -adc r15, 0x0 -and rcx, r9 -mov rdx, 0x1000003d10 -mulx rbx, r14, rcx -adox r14, rbp -adox r15, rbx -mov r8, r14 -shrd r8, r15, 52 -mulx rbp, r10, r12 -and r14, r9 -mov [ rdi + 0x10 ], r14 -lea rax, [ rax + r8 ] -adox r10, rax -mov r12, 0x0 -adox rbp, r12 -mov rcx, r10 -shrd rcx, rbp, 52 -and r10, r9 -mov [ rdi + 0x18 ], r10 -mov rbx, 0xffffffffffff -and r13, rbx -lea r13, [ r13 + rcx ] -mov [ rdi + 0x8 ], r11 -mov [ rdi + 0x20 ], r13 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.2114 -; seed 0062082873495733 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 662823 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=367, initial num_batches=31): 76150 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.11488738320788507 -; number reverted permutation / tried permutation: 78345 / 90284 =86.776% -; number reverted decision / tried decision: 69422 / 89715 =77.381% -; validated in 0.187s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000583341977_ratio11387.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000583341977_ratio11387.asm deleted file mode 100644 index e8dd0bfe4d..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000583341977_ratio11387.asm +++ /dev/null @@ -1,175 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, 0x1 -shlx r10, [ rsi + 0x8 ], rax -mov rdx, [ rsi + 0x20 ] -mulx rcx, r11, rdx -mov rdx, r11 -shrd rdx, rcx, 52 -mov r8, 0x1000003d10 -mulx rcx, r9, r8 -shlx rdx, [ rsi + 0x10 ], rax -mov rax, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, rdx -mov rdx, 0x34 -mov [ rsp - 0x70 ], r12 -bzhi r12, r11, rdx -mov r11, [ rsi + 0x0 ] -mov [ rsp - 0x68 ], r13 -lea r13, [r11 + r11] -mov rdx, r13 -mulx r13, r11, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov r14, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mulx r8, r15, r10 -adox r15, r11 -adox r13, r8 -mov rdx, [ rsi + 0x18 ] -mulx r8, r11, r10 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], rbp -mulx rbp, rdi, rdx -xor rdx, rdx -adox rdi, r11 -adox r8, rbp -mov r11, 0x1000003d10 -mov rdx, r11 -mulx rbp, r11, r12 -adcx r11, r15 -adcx r13, rbp -mov rdx, r14 -mulx r12, r14, [ rsi + 0x20 ] -mov r15, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x40 ], rbx -mulx rbx, rbp, rax -xor rdx, rdx -adox rdi, r14 -adox r12, r8 -mov rdx, [ rsi + 0x20 ] -mulx r14, r8, r10 -adcx rbp, r8 -adcx r14, rbx -mov rdx, r11 -shrd rdx, r13, 52 -add rdx, rdi -adc r12, 0x0 -xor r10, r10 -adox r9, rdx -adox r12, rcx -mov rcx, r9 -shrd rcx, r12, 52 -mov rdx, [ rsi + 0x20 ] -mulx rbx, r13, rax -add rcx, rbp -adc r14, 0x0 -mov rdx, rcx -shrd rdx, r14, 52 -mov rax, r13 -xor rdi, rdi -adox rax, [ rsp - 0x40 ] -adox rbx, [ rsp - 0x48 ] -adcx rdx, rax -adc rbx, 0x0 -mov r10, rdx -shrd r10, rbx, 52 -mov r8, 0x34 -bzhi rbp, r9, r8 -mov r9, rbp -shr r9, 48 -mov r12, [ rsi + 0x18 ] -lea r13, [r12 + r12] -mov r12, 0x30 -bzhi r14, rbp, r12 -mov rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx rbp, rbx, r13 -adox r10, rbx -adox rbp, rdi -bzhi rdx, rcx, r8 -shl rdx, 4 -lea rdx, [ rdx + r9 ] -mov rcx, r10 -shrd rcx, rbp, 52 -bzhi r9, rax, r8 -mov rax, 0x1000003d1 -mulx rbx, r13, rax -mov rdx, [ rsi + 0x0 ] -mulx rdi, rbp, rdx -mov rdx, 0x1000003d10 -mulx r8, r12, r9 -adox r13, rbp -adox rdi, rbx -mov r9, r13 -shrd r9, rdi, 52 -mov rdx, [ rsi + 0x8 ] -mulx rbp, rbx, r15 -add r9, rbx -adc rbp, 0x0 -xor rdx, rdx -adox r12, r9 -adox rbp, r8 -mov rdx, [ rsi + 0x8 ] -mulx rdi, r8, rdx -mov rdx, [ rsi + 0x10 ] -mulx r9, rbx, r15 -adcx r8, rbx -adcx r9, rdi -mov rdx, 0xfffffffffffff -and r13, rdx -mov r15, [ rsp - 0x50 ] -mov [ r15 + 0x0 ], r13 -mov rdi, r12 -shrd rdi, rbp, 52 -and r11, rdx -adox rdi, r8 -mov rbp, 0x0 -adox r9, rbp -and r10, rdx -mov rbx, 0x1000003d10 -mov rdx, r10 -mulx r8, r10, rbx -adox r10, rdi -adox r9, r8 -mov r13, 0x34 -bzhi rdi, r10, r13 -shrd r10, r9, 52 -lea r11, [ r11 + r10 ] -mov rdx, rcx -mulx r8, rcx, rbx -add rcx, r11 -adc r8, 0x0 -mov rdx, rcx -shrd rdx, r8, 52 -lea r14, [ r14 + rdx ] -mov [ r15 + 0x20 ], r14 -bzhi r9, rcx, r13 -mov [ r15 + 0x18 ], r9 -mov [ r15 + 0x10 ], rdi -bzhi rdi, r12, r13 -mov [ r15 + 0x8 ], rdi -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.1387 -; seed 3566223694906793 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 936820 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=284, initial num_batches=31): 77550 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.08278004312461305 -; number reverted permutation / tried permutation: 74935 / 89702 =83.538% -; number reverted decision / tried decision: 64943 / 90297 =71.922% -; validated in 0.302s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000606061798_ratio09932.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000606061798_ratio09932.asm deleted file mode 100644 index 584455b30c..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000606061798_ratio09932.asm +++ /dev/null @@ -1,177 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x0 ] -lea rdx, [r11 + r11] -mov r11, [ rsi + 0x8 ] -lea rcx, [r11 + r11] -mov r11, rdx -mov rdx, [ rsi + 0x0 ] -mulx r9, r8, rdx -mov rdx, rax -shrd rdx, r10, 52 -mov r10, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, r11 -mov rdx, 0x1000003d10 -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, r10 -mov r10, 0x34 -mov [ rsp - 0x60 ], r14 -bzhi r14, rax, r10 -mov [ rsp - 0x58 ], r15 -mulx r15, rax, r14 -mov rdx, [ rsi + 0x10 ] -mulx r10, r14, rcx -mov rdx, rcx -mov [ rsp - 0x50 ], rdi -mulx rdi, rcx, [ rsi + 0x20 ] -mov [ rsp - 0x48 ], r9 -mov [ rsp - 0x40 ], r8 -mulx r8, r9, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x38 ], r13 -mov [ rsp - 0x30 ], r12 -mulx r12, r13, rdx -adox r14, rbx -adox rbp, r10 -xor rdx, rdx -adox r13, r9 -adox r8, r12 -adcx rax, r14 -adcx rbp, r15 -mov rbx, rax -shrd rbx, rbp, 52 -mov rdx, r11 -mulx r15, r11, [ rsi + 0x20 ] -mov r10, [ rsi + 0x10 ] -mov r9, r10 -shl r9, 0x1 -xchg rdx, r9 -mulx r12, r10, [ rsi + 0x18 ] -xor r14, r14 -adox r10, rcx -adox rdi, r12 -mulx rbp, rcx, [ rsi + 0x20 ] -adcx r13, r11 -adcx r15, r8 -test al, al -adox rbx, r13 -adox r15, r14 -mov r8, rbx -adcx r8, [ rsp - 0x30 ] -adcx r15, [ rsp - 0x38 ] -mov r11, r8 -shrd r11, r15, 52 -add r11, r10 -adc rdi, 0x0 -mov rdx, 0xfffffffffffff -and r8, rdx -mov r12, r11 -and r12, rdx -shl r12, 4 -mov rdx, [ rsi + 0x18 ] -mulx r13, r10, rdx -shrd r11, rdi, 52 -add r10, rcx -adcx rbp, r13 -test al, al -adox r11, r10 -adox rbp, r14 -mov rdx, 0xfffffffffffff -mov rcx, r11 -and rcx, rdx -shrd r11, rbp, 52 -mov rbx, [ rsi + 0x18 ] -lea r15, [rbx + rbx] -mov rbx, 0xffffffffffff -mov rdi, r8 -and rdi, rbx -shr r8, 48 -lea r12, [ r12 + r8 ] -mov r13, 0x1000003d10 -mov rdx, rcx -mulx r10, rcx, r13 -mov rdx, [ rsi + 0x8 ] -mulx r8, rbp, r9 -mov rdx, 0x1000003d1 -mulx r13, r14, r12 -test al, al -adox r14, [ rsp - 0x40 ] -adox r13, [ rsp - 0x48 ] -mov rdx, [ rsi + 0x20 ] -mulx rbx, r12, r15 -adcx r11, r12 -adc rbx, 0x0 -mov rdx, r11 -shrd rdx, rbx, 52 -mov r15, r14 -shrd r15, r13, 52 -mov r13, 0xfffffffffffff -and r11, r13 -adox r15, rbp -mov r12, 0x0 -adox r8, r12 -adcx rcx, r15 -adcx r8, r10 -mov r10, rcx -and r10, r13 -and r14, r13 -mov rbp, [ rsp - 0x50 ] -mov [ rbp + 0x0 ], r14 -mov rbx, rdx -mov rdx, [ rsi + 0x10 ] -mulx r14, r15, r9 -mov rdx, [ rsi + 0x8 ] -mulx r12, r9, rdx -shrd rcx, r8, 52 -xor rdx, rdx -adox r9, r15 -adox r14, r12 -mov [ rbp + 0x8 ], r10 -adcx rcx, r9 -adc r14, 0x0 -mov r8, 0x1000003d10 -mov rdx, r8 -mulx r10, r8, r11 -and rax, r13 -adox r8, rcx -adox r14, r10 -mov r11, r8 -shrd r11, r14, 52 -lea rax, [ rax + r11 ] -and r8, r13 -mulx r12, r15, rbx -adox r15, rax -mov rbx, 0x0 -adox r12, rbx -mov [ rbp + 0x10 ], r8 -mov r9, r15 -shrd r9, r12, 52 -and r15, r13 -mov [ rbp + 0x18 ], r15 -lea rdi, [ rdi + r9 ] -mov [ rbp + 0x20 ], rdi -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 0.9932 -; seed 3599198233748203 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 935342 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=271, initial num_batches=31): 89077 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09523468421176426 -; number reverted permutation / tried permutation: 73795 / 89776 =82.199% -; number reverted decision / tried decision: 53560 / 90223 =59.364% -; validated in 0.261s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000611338417_ratio10317.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000611338417_ratio10317.asm deleted file mode 100644 index fa1f329eef..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000611338417_ratio10317.asm +++ /dev/null @@ -1,170 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -imul rax, [ rsi + 0x8 ], 0x2 -mov rdx, [ rsi + 0x20 ] -mulx r11, r10, rdx -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, rax -mov rdx, r10 -shrd rdx, r11, 52 -xchg rdx, rax -mulx r11, r9, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mov rbx, [ rsi + 0x0 ] -mov [ rsp - 0x78 ], rbp -mov rbp, rbx -shl rbp, 0x1 -mov rbx, 0x34 -mov [ rsp - 0x70 ], r12 -bzhi r12, r10, rbx -mov r10, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, rdx -mov rdx, 0x1000003d10 -mov [ rsp - 0x58 ], r15 -mulx rbx, r15, rax -adox r13, r9 -adox r11, r14 -mov rdx, [ rsi + 0x10 ] -mulx r9, rax, rbp -mov rdx, rbp -mulx r14, rbp, [ rsi + 0x18 ] -mov [ rsp - 0x50 ], rdi -mov rdi, 0x1000003d10 -xchg rdx, r12 -mov [ rsp - 0x48 ], r9 -mov [ rsp - 0x40 ], rax -mulx rax, r9, rdi -xor rdx, rdx -adox rcx, rbp -adox r14, r8 -adcx r9, rcx -adcx r14, rax -mov rdx, r12 -mulx r8, r12, [ rsi + 0x20 ] -mov rbp, r9 -shrd rbp, r14, 52 -test al, al -adox r13, r12 -adox r8, r11 -adcx rbp, r13 -adc r8, 0x0 -xor r11, r11 -adox r15, rbp -adox r8, rbx -mov rbx, r15 -shrd rbx, r8, 52 -mov rax, 0xfffffffffffff -and r15, rax -mov rcx, r15 -shr rcx, 48 -xchg rdx, r10 -mulx r12, r14, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x10 ] -mov r13, rdx -shl r13, 0x1 -mov rdx, [ rsi + 0x0 ] -mulx r8, rbp, rdx -mov rdx, r13 -mulx r11, r13, [ rsi + 0x18 ] -xor rdi, rdi -adox r13, r14 -adox r12, r11 -adcx rbx, r13 -adc r12, 0x0 -mov r14, rbx -and r14, rax -shl r14, 4 -mulx r13, r11, [ rsi + 0x20 ] -shrd rbx, r12, 52 -lea r14, [ r14 + rcx ] -mov rcx, 0x1000003d1 -mov rdx, rcx -mulx r12, rcx, r14 -test al, al -adox rcx, rbp -adox r8, r12 -mov rbp, rcx -and rbp, rax -shrd rcx, r8, 52 -mov rdx, [ rsi + 0x18 ] -mulx r12, r14, rdx -test al, al -adox r14, r11 -adox r13, r12 -adcx rbx, r14 -adc r13, 0x0 -imul rdx, [ rsi + 0x18 ], 0x2 -mov r11, rbx -shrd r11, r13, 52 -mulx r12, r8, [ rsi + 0x20 ] -add r11, r8 -adc r12, 0x0 -mov r14, r11 -shrd r14, r12, 52 -mov r13, [ rsp - 0x50 ] -mov [ r13 + 0x0 ], rbp -and r11, rax -and rbx, rax -mov rdx, r10 -mulx rbp, r10, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x8 ] -mulx r12, r8, rdx -mov rdx, 0x1000003d10 -mulx rax, rdi, rbx -adox rcx, r10 -mov rbx, 0x0 -adox rbp, rbx -adcx rdi, rcx -adcx rbp, rax -mov r10, 0xfffffffffffff -mov rax, rdi -and rax, r10 -shrd rdi, rbp, 52 -mov [ r13 + 0x8 ], rax -add r8, [ rsp - 0x40 ] -adcx r12, [ rsp - 0x48 ] -add rdi, r8 -adc r12, 0x0 -mulx rbp, rcx, r11 -add rcx, rdi -adcx r12, rbp -and r9, r10 -mov r11, 0x30 -bzhi rax, r15, r11 -mulx r8, r15, r14 -mov r14, rcx -shrd r14, r12, 52 -lea r9, [ r9 + r14 ] -xor rdi, rdi -adox r15, r9 -adox r8, rdi -mov rbx, r15 -shrd rbx, r8, 52 -and r15, r10 -mov [ r13 + 0x18 ], r15 -and rcx, r10 -lea rax, [ rax + rbx ] -mov [ r13 + 0x10 ], rcx -mov [ r13 + 0x20 ], rax -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 1.0317 -; seed 3157305429317542 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 940169 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=278, initial num_batches=31): 88670 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.09431283099102396 -; number reverted permutation / tried permutation: 76875 / 90143 =85.281% -; number reverted decision / tried decision: 54819 / 89856 =61.008% -; validated in 0.254s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000658460606_ratio10113.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000658460606_ratio10113.asm deleted file mode 100644 index fecde08151..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000658460606_ratio10113.asm +++ /dev/null @@ -1,167 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -imul rax, [ rsi + 0x10 ], 0x2 -imul r10, [ rsi + 0x0 ], 0x2 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r11, r10 -imul rdx, [ rsi + 0x8 ], 0x2 -mulx r9, r8, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -xor r12, r12 -adox rbx, r11 -adox rcx, rbp -mulx rbp, r11, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x68 ], r13 -mulx r13, r12, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, rdx -adcx r14, r8 -adcx r9, r15 -mov rdx, 0xfffffffffffff -mov r8, r12 -and r8, rdx -mov r15, 0x1000003d10 -mov rdx, r8 -mov [ rsp - 0x50 ], rdi -mulx rdi, r8, r15 -shrd r12, r13, 52 -add r8, rbx -adcx rcx, rdi -mov rbx, r8 -shrd rbx, rcx, 52 -mov rdx, r10 -mulx r13, r10, [ rsi + 0x20 ] -test al, al -adox r14, r10 -adox r13, r9 -adcx rbx, r14 -adc r13, 0x0 -mov r9, 0xfffffffffffff -and r8, r9 -mov rdi, rdx -mov rdx, [ rsi + 0x18 ] -mulx r10, rcx, rax -mov rdx, r12 -mulx r14, r12, r15 -adox r12, rbx -adox r13, r14 -mov rdx, r12 -shrd rdx, r13, 52 -mov rbx, rdx -mov rdx, [ rsi + 0x20 ] -mulx r13, r14, rax -xor rdx, rdx -adox rcx, r11 -adox rbp, r10 -adcx rbx, rcx -adc rbp, 0x0 -and r12, r9 -mov rax, r12 -shr rax, 48 -mov r11, rbx -and r11, r9 -shl r11, 4 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r10, rdx -lea r11, [ r11 + rax ] -mov rdx, 0x1000003d1 -mulx r15, rax, r11 -shrd rbx, rbp, 52 -xor rbp, rbp -adox r10, r14 -adox r13, rcx -adcx rbx, r10 -adc r13, 0x0 -imul r14, [ rsi + 0x18 ], 0x2 -mov rdx, [ rsi + 0x20 ] -mulx r11, rcx, r14 -mov rdx, 0x30 -bzhi r10, r12, rdx -mov r12, rbx -and r12, r9 -mov rdx, [ rsi + 0x0 ] -mulx rbp, r14, rdx -shrd rbx, r13, 52 -xor rdx, rdx -adox rbx, rcx -adox r11, rdx -adcx rax, r14 -adcx rbp, r15 -mov r15, rax -shrd r15, rbp, 52 -mov rdx, rdi -mulx r13, rdi, [ rsi + 0x8 ] -and rax, r9 -mov rcx, rbx -and rcx, r9 -shrd rbx, r11, 52 -mov r14, [ rsp - 0x50 ] -mov [ r14 + 0x0 ], rax -mov r11, rdx -mov rdx, [ rsi + 0x8 ] -mulx rax, rbp, rdx -mov rdx, 0x1000003d10 -mulx r14, r9, rbx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x48 ], r10 -mulx r10, rbx, r11 -test al, al -adox rbp, rbx -adox r10, rax -mov rdx, 0x1000003d10 -mulx rax, r11, r12 -adcx r15, rdi -adc r13, 0x0 -test al, al -adox r11, r15 -adox r13, rax -mov r12, 0xfffffffffffff -mov rdi, r11 -and rdi, r12 -shrd r11, r13, 52 -xor rbx, rbx -adox r11, rbp -adox r10, rbx -mulx rax, rbp, rcx -adcx rbp, r11 -adcx r10, rax -mov rcx, rbp -shrd rcx, r10, 52 -lea r8, [ r8 + rcx ] -add r9, r8 -adc r14, 0x0 -mov r15, r9 -and r15, r12 -mov r13, [ rsp - 0x50 ] -mov [ r13 + 0x18 ], r15 -shrd r9, r14, 52 -and rbp, r12 -mov [ r13 + 0x10 ], rbp -add r9, [ rsp - 0x48 ] -mov [ r13 + 0x8 ], rdi -mov [ r13 + 0x20 ], r9 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0113 -; seed 1369983670599547 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1490246 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=457, initial num_batches=31): 158183 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.10614556254470739 -; number reverted permutation / tried permutation: 74865 / 89767 =83.399% -; number reverted decision / tried decision: 64192 / 90232 =71.141% -; validated in 0.444s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000715772546_ratio10136.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000715772546_ratio10136.asm deleted file mode 100644 index 05d038c42e..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000715772546_ratio10136.asm +++ /dev/null @@ -1,168 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, 0x1 -shlx r10, [ rsi + 0x8 ], rax -mov rdx, [ rsi + 0x20 ] -mulx rcx, r11, rdx -mov rdx, [ rsi + 0x18 ] -mulx r9, r8, r10 -mov rdx, r11 -shrd rdx, rcx, 52 -mov rcx, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, rax, r10 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -lea rbp, [rdx + rdx] -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, rdx -imul rdx, [ rsi + 0x0 ], 0x2 -mov [ rsp - 0x60 ], r14 -mov r14, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov r15, r14 -shl r15, 0x1 -mov [ rsp - 0x50 ], rdi -mulx rdi, r14, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r13 -mov r13, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x40 ], r12 -mov [ rsp - 0x38 ], rbp -mulx rbp, r12, rdx -xor rdx, rdx -adox r12, r8 -adox r9, rbp -mov rdx, [ rsi + 0x20 ] -mulx rbp, r8, r13 -mov rdx, r10 -mov [ rsp - 0x30 ], rbx -mulx rbx, r10, [ rsi + 0x10 ] -adcx r12, r8 -adcx rbp, r9 -mov rdx, 0xfffffffffffff -and r11, rdx -mov r9, 0x1000003d10 -mov rdx, r9 -mulx r8, r9, r11 -adox r10, r14 -adox rdi, rbx -adcx r9, r10 -adcx rdi, r8 -mulx rbx, r14, rcx -mov rdx, r15 -mulx rcx, r15, [ rsi + 0x18 ] -add r15, rax -adcx rcx, [ rsp - 0x30 ] -mov rax, r9 -shrd rax, rdi, 52 -xor r11, r11 -adox rax, r12 -adox rbp, r11 -adcx r14, rax -adcx rbp, rbx -mov r12, 0x34 -bzhi r8, r14, r12 -shrd r14, rbp, 52 -xor r10, r10 -adox r14, r15 -adox rcx, r10 -mov r11, r14 -shrd r11, rcx, 52 -bzhi rdi, r14, r12 -mov rbx, rdx -mov rdx, [ rsi + 0x18 ] -mulx rax, r15, rdx -mov rdx, rbx -mulx rbp, rbx, [ rsi + 0x20 ] -adox r15, rbx -adox rbp, rax -mov rdx, 0xffffffffffff -mov r14, r8 -and r14, rdx -adox r11, r15 -adox rbp, r10 -shr r8, 48 -shl rdi, 4 -lea rdi, [ rdi + r8 ] -mov rdx, [ rsi + 0x0 ] -mulx rax, rcx, rdx -mov rdx, [ rsi + 0x20 ] -mulx r15, rbx, [ rsp - 0x38 ] -mov rdx, 0x1000003d1 -mulx r10, r8, rdi -mov rdi, r11 -shrd rdi, rbp, 52 -test al, al -adox r8, rcx -adox rax, r10 -adcx rdi, rbx -adc r15, 0x0 -bzhi rbp, rdi, r12 -mov rcx, r8 -shrd rcx, rax, 52 -mov rdx, r13 -mulx rbx, r13, [ rsi + 0x8 ] -xor r10, r10 -adox rcx, r13 -adox rbx, r10 -bzhi rax, r11, r12 -mulx r13, r11, [ rsi + 0x10 ] -mov rdx, 0x1000003d10 -mulx r12, r10, rax -adox r10, rcx -adox rbx, r12 -mov rcx, r11 -test al, al -adox rcx, [ rsp - 0x40 ] -adox r13, [ rsp - 0x48 ] -mov rax, 0x34 -bzhi r11, r10, rax -shrd r10, rbx, 52 -xor r12, r12 -adox r10, rcx -adox r13, r12 -mulx rcx, rbx, rbp -adcx rbx, r10 -adcx r13, rcx -bzhi rbp, rbx, rax -shrd rdi, r15, 52 -mulx r10, r15, rdi -bzhi rcx, r9, rax -mov r9, [ rsp - 0x50 ] -mov [ r9 + 0x10 ], rbp -shrd rbx, r13, 52 -lea rcx, [ rcx + rbx ] -xor r13, r13 -adox r15, rcx -adox r10, r13 -bzhi r12, r8, rax -bzhi r8, r15, rax -mov [ r9 + 0x18 ], r8 -shrd r15, r10, 52 -lea r14, [ r14 + r15 ] -mov [ r9 + 0x0 ], r12 -mov [ r9 + 0x8 ], r11 -mov [ r9 + 0x20 ], r14 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0136 -; seed 2337486353719921 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 1452010 ms on 180000 evaluations. -; Time spent for assembling and measuring (initial batch_size=457, initial num_batches=31): 156359 ms -; number of used evaluations: 180000 -; Ratio (time for assembling + measure)/(total runtime for 180000 evals): 0.10768452007906282 -; number reverted permutation / tried permutation: 75043 / 89811 =83.557% -; number reverted decision / tried decision: 64081 / 90188 =71.053% -; validated in 0.445s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000965885279_ratio12004.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000965885279_ratio12004.asm new file mode 100644 index 0000000000..26f1dd32fa --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed0000000965885279_ratio12004.asm @@ -0,0 +1,160 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rax, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +lea r10, [rax + rax]; x3 <- arg1[1] * 2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r11, rax, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x0 ]; load m64 arg1[0] to register64 +lea rcx, [rdx + rdx]; x4 <- arg1[0] * 2 +mov rdx, rcx; x4 to rdx +mulx r8, rcx, [ rsi + 0x18 ]; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov r9, rdx; preserving value of x4 into a new reg +mov rdx, [ rsi + 0x10 ]; saving arg1[2] in rdx. +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, rbx, r10; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mulx r13, r12, rax; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +xor rax, rax +adox rbx, rcx +adox r8, rbp +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx rbp, rcx, rdx; x10006_1, x10006_0<- arg1[2]^2 +adcx r12, rbx +adcx r8, r13 +mov rdx, r10; x3 to rdx +mulx r13, r10, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +add rcx, r10; could be done better, if r0 has been u8 as well +adcx r13, rbp +mov rbx, r12; +shrd rbx, r8, 52; x9 <- x8_1||x8_0 >> 52 +mov rbp, rdx; preserving value of x3 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r10, r8, r9; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +xor rdx, rdx +adox rcx, r8 +adox r10, r13 +mov rax, 0x1000003d10000 ; moving imm to reg +mov rdx, rax; 0x1000003d10000 to rdx +mulx r13, rax, r11; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +adcx rbx, rcx +adc r10, 0x0; add CF to r0's alloc +add rax, rbx; could be done better, if r0 has been u8 as well +adcx r10, r13 +mov r8, rax; +shrd r8, r10, 52; x12 <- x11_1||x11_0 >> 52 +mov r11, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +lea rcx, [r11 + r11]; x2 <- arg1[2] * 2 +mov r11, 0xfffffffffffff ; moving imm to reg +and rax, r11; x13 <- x11_0&0xfffffffffffff +mov rdx, rcx; x2 to rdx +mulx r13, rcx, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mulx r10, rbx, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +mov rdx, rbp; x3 to rdx +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, rbp, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +adox rbx, rbp +adox r14, r10 +adcx r8, rbx +adc r14, 0x0; add CF to r0's alloc +mov rdx, r8; +shrd rdx, r14, 52; x17 <- x16_1||x16_0 >> 52 +and r8, r11; x18 <- x16_0&0xfffffffffffff +shl r8, 4; x10015 <- x18<< 4 +mov r10, rax; +shr r10, 48; x14 <- x13>> 48 +mov rbp, rdx; preserving value of x17 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mulx r14, rbx, rdx; x10019_1, x10019_0<- arg1[3]^2 +lea r8, [ r8 + r10 ] +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r10, rdx; x10014_1, x10014_0<- arg1[0]^2 +add rbx, rcx; could be done better, if r0 has been u8 as well +adcx r13, r14 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx r14, rcx, r8; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +xor r8, r8 +adox rcx, r10 +adox r15, r14 +mov r10, rcx; +shrd r10, r15, 52; x20 <- x19_1||x19_0 >> 52 +and rcx, r11; x21 <- x19_0&0xfffffffffffff +adox rbp, rbx +adox r13, r8 +mov [ rdi + 0x0 ], rcx; out1[0] = x21 +mov rbx, rbp; +and rbx, r11; x24 <- x22_0&0xfffffffffffff +mov r14, 0x1000003d10 ; moving imm to reg +mov rdx, rbx; x24 to rdx +mulx r15, rbx, r14; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +mov rdx, r9; x4 to rdx +mulx rcx, r9, [ rsi + 0x8 ]; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +adox r10, r9 +adox rcx, r8 +adcx rbx, r10 +adcx rcx, r15 +mov r15, rbx; +shrd r15, rcx, 52; x26 <- x25_1||x25_0 >> 52 +mulx r10, r9, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +and rbx, r11; x27 <- x25_0&0xfffffffffffff +shrd rbp, r13, 52; x23 <- x22_1||x22_0 >> 52 +mov [ rdi + 0x8 ], rbx; out1[1] = x27 +imul rdx, [ rsi + 0x18 ], 0x2; x1 <- arg1[3] * 0x2 +mov r13, rdx; preserving value of x1 into a new reg +mov rdx, [ rsi + 0x8 ]; saving arg1[1] in rdx. +mulx rbx, rcx, rdx; x10026_1, x10026_0<- arg1[1]^2 +xor rdx, rdx +adox rcx, r9 +adox r10, rbx +mov rdx, r13; x1 to rdx +mulx r13, r8, [ rsi + 0x20 ]; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +adcx rbp, r8 +adc r13, 0x0; add CF to r0's alloc +xor r9, r9 +adox r15, rcx +adox r10, r9 +mov rdx, r14; 0x1000003d10 to rdx +mulx rbx, r14, rbp; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +mov rcx, 0xffffffffffff ; moving imm to reg +and rax, rcx; x15 <- x13&0xffffffffffff +adox r14, r15 +adox r10, rbx +mov r8, r14; +shrd r8, r10, 52; x32 <- x31_1||x31_0 >> 52 +and r12, r11; x10 <- x8_0&0xfffffffffffff +lea r12, [ r12 + r8 ] +mov rbp, 0x1000003d10000 ; moving imm to reg +mov rdx, rbp; 0x1000003d10000 to rdx +mulx r15, rbp, r13; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +adox rbp, r12 +adox r15, r9 +mov r13, rbp; +shrd r13, r15, 52; x35 <- x34_1||x34_0 >> 52 +lea rax, [ rax + r13 ] +and rbp, r11; x36 <- x34_0&0xfffffffffffff +and r14, r11; x33 <- x31_0&0xfffffffffffff +mov [ rdi + 0x10 ], r14; out1[2] = x33 +mov [ rdi + 0x18 ], rbp; out1[3] = x36 +mov [ rdi + 0x20 ], rax; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu 13th Gen Intel(R) Core(TM) i9-13900KF +; ratio 1.2004 +; seed 0570095454324679 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 949699 ms on 270000 evaluations. +; Time spent for assembling and measuring (initial batch_size=479, initial num_batches=31): 117428 ms +; number of used evaluations: 270000 +; Ratio (time for assembling + measure)/(total runtime for 270000 evals): 0.12364759781783491 +; number reverted permutation / tried permutation: 105572 / 134882 =78.270% +; number reverted decision / tried decision: 98845 / 135117 =73.155% +; validated in 0.159s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0083163082569707_ratio10092.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0083163082569707_ratio10092.asm deleted file mode 100644 index 19532466da..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0083163082569707_ratio10092.asm +++ /dev/null @@ -1,172 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -imul rax, [ rsi + 0x10 ], 0x2 -mov r10, [ rsi + 0x0 ] -lea r11, [r10 + r10] -mov rdx, [ rsi + 0x18 ] -mulx rcx, r10, rdx -mov rdx, [ rsi + 0x8 ] -lea r8, [rdx + rdx] -mov rdx, 0x1 -shlx r9, [ rsi + 0x18 ], rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, rdx -mov rdx, r8 -mov [ rsp - 0x70 ], r12 -mulx r12, r8, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mov r13, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, rdx -test al, al -adox r14, r8 -adox r12, r15 -mov rdx, [ rsi + 0x20 ] -mulx r15, r8, r11 -mov rdx, r11 -mov [ rsp - 0x50 ], rdi -mulx rdi, r11, [ rsi + 0x10 ] -mov [ rsp - 0x48 ], rdi -mov [ rsp - 0x40 ], r11 -mulx r11, rdi, [ rsi + 0x18 ] -adcx r14, r8 -adcx r15, r12 -mulx r8, r12, [ rsi + 0x8 ] -mov rdx, r13 -mov [ rsp - 0x38 ], r8 -mulx r8, r13, [ rsi + 0x10 ] -mov [ rsp - 0x30 ], r12 -mov [ rsp - 0x28 ], r9 -mulx r9, r12, [ rsi + 0x20 ] -xor rdx, rdx -adox r13, rdi -adox r11, r8 -mov rdx, [ rsi + 0x18 ] -mulx r8, rdi, rax -adcx rdi, r12 -adcx r9, r8 -mov rdx, [ rsi + 0x8 ] -mulx r8, r12, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x20 ], r8 -mov r8, rbx -and r8, rdx -mov rdx, 0x1000003d10 -mov [ rsp - 0x18 ], r12 -mov [ rsp - 0x10 ], r9 -mulx r9, r12, r8 -mov rdx, rax -mulx r8, rax, [ rsi + 0x20 ] -adox r10, rax -adox r8, rcx -shrd rbx, rbp, 52 -mov rdx, 0x1000003d10 -mulx rbp, rcx, rbx -xor rax, rax -adox r12, r13 -adox r11, r9 -mov r13, r12 -shrd r13, r11, 52 -xor r9, r9 -adox r13, r14 -adox r15, r9 -adcx rcx, r13 -adcx r15, rbp -mov rax, 0x34 -bzhi r14, rcx, rax -mov rbx, 0x30 -bzhi rbp, r14, rbx -shrd rcx, r15, 52 -xor r11, r11 -adox rcx, rdi -mov r9, [ rsp - 0x10 ] -adox r9, r11 -bzhi rdi, rcx, rax -shl rdi, 4 -bzhi r13, r12, rax -shrd rcx, r9, 52 -xor r12, r12 -adox rcx, r10 -adox r8, r12 -mov r11, rcx -shrd r11, r8, 52 -shr r14, 48 -mov rdx, [ rsi + 0x0 ] -mulx r15, r10, rdx -lea rdi, [ rdi + r14 ] -mov rdx, 0x1000003d1 -mulx r8, r9, rdi -add r9, r10 -adcx r15, r8 -mov rdx, [ rsi + 0x20 ] -mulx r10, r14, [ rsp - 0x28 ] -add r11, r14 -adc r10, 0x0 -bzhi rdx, rcx, rax -bzhi rcx, r9, rax -mov rdi, [ rsp - 0x50 ] -mov [ rdi + 0x0 ], rcx -bzhi r8, r11, rax -shrd r9, r15, 52 -mov r15, 0x1000003d10 -mulx rcx, r14, r15 -xor rdx, rdx -adox r9, [ rsp - 0x30 ] -mov r12, [ rsp - 0x38 ] -adox r12, rdx -mov rbx, [ rsp - 0x18 ] -adcx rbx, [ rsp - 0x40 ] -mov rax, [ rsp - 0x20 ] -adcx rax, [ rsp - 0x48 ] -shrd r11, r10, 52 -mov rdx, r15 -mulx r10, r15, r11 -add r14, r9 -adcx r12, rcx -mov rcx, r14 -shrd rcx, r12, 52 -mulx r11, r9, r8 -add rcx, rbx -adc rax, 0x0 -xor r8, r8 -adox r9, rcx -adox rax, r11 -mov rbx, r9 -shrd rbx, rax, 52 -lea r13, [ r13 + rbx ] -mov r11, 0x34 -bzhi rcx, r14, r11 -bzhi r14, r9, r11 -mov [ rdi + 0x8 ], rcx -adox r15, r13 -adox r10, r8 -mov r12, r15 -shrd r12, r10, 52 -lea rbp, [ rbp + r12 ] -mov [ rdi + 0x10 ], r14 -bzhi r9, r15, r11 -mov [ rdi + 0x18 ], r9 -mov [ rdi + 0x20 ], rbp -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0092 -; seed 0083163082569707 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 6420 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=244, initial num_batches=31): 469 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.07305295950155763 -; number reverted permutation / tried permutation: 432 / 502 =86.056% -; number reverted decision / tried decision: 377 / 497 =75.855% -; validated in 0.353s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0230724527438160_ratio10059.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0230724527438160_ratio10059.asm deleted file mode 100644 index 5a39397989..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0230724527438160_ratio10059.asm +++ /dev/null @@ -1,171 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x8 ] -mulx r10, rax, rdx -imul r11, [ rsi + 0x0 ], 0x2 -mov rdx, [ rsi + 0x0 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov rbp, rdx -shl rbp, 0x1 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, r11 -imul rdx, [ rsi + 0x8 ], 0x2 -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rsi + 0x18 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r8 -mulx r8, rdi, [ rsi + 0x10 ] -mov [ rsp - 0x40 ], rcx -mov [ rsp - 0x38 ], rbp -mulx rbp, rcx, [ rsi + 0x20 ] -xor rdx, rdx -adox rax, r12 -adox r13, r10 -mov rdx, [ rsi + 0x20 ] -mulx r12, r10, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x30 ], r13 -mov r13, r10 -and r13, rdx -mov rdx, r11 -mov [ rsp - 0x28 ], rax -mulx rax, r11, [ rsi + 0x18 ] -adox rdi, r11 -adox rax, r8 -shrd r10, r12, 52 -xor r8, r8 -adox r9, r14 -adox r15, rbx -mov rbx, rdx -mov rdx, [ rsi + 0x18 ] -mulx r12, r14, [ rsp - 0x38 ] -mov rdx, [ rsi + 0x20 ] -mulx r8, r11, rbx -adcx r9, r11 -adcx r8, r15 -mov rdx, rbx -mulx r15, rbx, [ rsi + 0x8 ] -xor rdx, rdx -adox r14, rcx -adox rbp, r12 -mov rcx, 0x1000003d10 -mov rdx, rcx -mulx r12, rcx, r13 -adcx rcx, rdi -adcx rax, r12 -mov r13, rcx -shrd r13, rax, 52 -xor rdi, rdi -adox r13, r9 -adox r8, rdi -mulx r9, r11, r10 -adcx r11, r13 -adcx r8, r9 -mov rdx, [ rsi + 0x18 ] -mulx r12, r10, rdx -mov rdx, [ rsi + 0x20 ] -mulx r13, rax, [ rsp - 0x38 ] -mov rdx, r11 -shrd rdx, r8, 52 -add r10, rax -adcx r13, r12 -xor r9, r9 -adox rdx, r14 -adox rbp, r9 -mov rdi, 0xfffffffffffff -mov r14, rdx -and r14, rdi -shrd rdx, rbp, 52 -test al, al -adox rdx, r10 -adox r13, r9 -and r11, rdi -mov r8, rdx -shrd r8, r13, 52 -mov r12, r11 -shr r12, 48 -mov rax, 0x30 -bzhi r10, r11, rax -shl r14, 4 -and rdx, rdi -mov rbp, 0x1000003d10 -mulx r11, r13, rbp -mov rdx, [ rsi + 0x18 ] -lea r9, [rdx + rdx] -lea r14, [ r14 + r12 ] -mov rdx, 0x1000003d1 -mulx rax, r12, r14 -mov rdx, r9 -mulx r14, r9, [ rsi + 0x20 ] -adox r8, r9 -mov rdx, 0x0 -adox r14, rdx -adcx r12, [ rsp - 0x40 ] -adcx rax, [ rsp - 0x48 ] -mov r9, r12 -and r9, rdi -shrd r12, rax, 52 -test al, al -adox r12, rbx -adox r15, rdx -adcx r13, r12 -adcx r15, r11 -mov rbx, r8 -shrd rbx, r14, 52 -and r8, rdi -mov rdx, rbp -mulx r11, rbp, r8 -mulx rax, r14, rbx -mov r12, r13 -and r12, rdi -shrd r13, r15, 52 -and rcx, rdi -adox r13, [ rsp - 0x28 ] -mov r15, [ rsp - 0x30 ] -mov rbx, 0x0 -adox r15, rbx -mov r8, [ rsp - 0x50 ] -mov [ r8 + 0x0 ], r9 -adcx rbp, r13 -adcx r15, r11 -mov r9, rbp -shrd r9, r15, 52 -lea rcx, [ rcx + r9 ] -add r14, rcx -adc rax, 0x0 -mov r11, r14 -and r11, rdi -and rbp, rdi -mov [ r8 + 0x8 ], r12 -shrd r14, rax, 52 -mov [ r8 + 0x10 ], rbp -mov [ r8 + 0x18 ], r11 -lea r10, [ r10 + r14 ] -mov [ r8 + 0x20 ], r10 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz -; ratio 1.0059 -; seed 0230724527438160 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 9260 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=465, initial num_batches=31): 935 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.1009719222462203 -; number reverted permutation / tried permutation: 377 / 480 =78.542% -; number reverted decision / tried decision: 348 / 519 =67.052% -; validated in 0.448s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed0238950055575944_ratio08976.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed0238950055575944_ratio08976.asm deleted file mode 100644 index 4b13a14ace..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed0238950055575944_ratio08976.asm +++ /dev/null @@ -1,180 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x8 ] -mov rdx, r11 -shl rdx, 0x1 -mov r11, rdx -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, rdx -mov rdx, 0x34 -bzhi r9, rax, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, r11 -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x70 ], r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, r11 -mov rdx, 0x1 -mov [ rsp - 0x60 ], r14 -shlx r14, [ rsi + 0x0 ], rdx -mov rdx, r11 -mov [ rsp - 0x58 ], r15 -mulx r15, r11, [ rsi + 0x18 ] -mov rdx, r14 -mov [ rsp - 0x50 ], rdi -mulx rdi, r14, [ rsi + 0x10 ] -shrd rax, r10, 52 -mov r10, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x48 ], r13 -mov [ rsp - 0x40 ], r12 -mulx r12, r13, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x38 ], rax -mov [ rsp - 0x30 ], r9 -mulx r9, rax, rdx -xor rdx, rdx -adox r13, r14 -adox rdi, r12 -adcx rcx, r11 -adcx r15, r8 -mov r8, [ rsi + 0x18 ] -lea r11, [r8 + r8] -mov rdx, r10 -mulx r8, r10, [ rsi + 0x20 ] -xchg rdx, r11 -mulx r12, r14, [ rsi + 0x20 ] -add rcx, r10 -adcx r8, r15 -mov rdx, r11 -mulx r15, r11, [ rsi + 0x18 ] -test al, al -adox rbx, r11 -adox r15, rbp -mov rbp, [ rsi + 0x10 ] -lea r10, [rbp + rbp] -mov rbp, 0x1000003d10 -xchg rdx, rbp -mov [ rsp - 0x28 ], rdi -mulx rdi, r11, [ rsp - 0x30 ] -adcx r11, rbx -adcx r15, rdi -mov rdx, [ rsi + 0x18 ] -mulx rdi, rbx, r10 -mov rdx, r11 -shrd rdx, r15, 52 -mov r15, 0x1000003d10 -xchg rdx, r15 -mov [ rsp - 0x20 ], r13 -mov [ rsp - 0x18 ], r12 -mulx r12, r13, [ rsp - 0x38 ] -xor rdx, rdx -adox r15, rcx -adox r8, rdx -adcx r13, r15 -adcx r8, r12 -mov rcx, 0x34 -bzhi r12, r11, rcx -adox rbx, [ rsp - 0x40 ] -adox rdi, [ rsp - 0x48 ] -mov rdx, r10 -mulx r11, r10, [ rsi + 0x20 ] -mov rdx, r13 -shrd rdx, r8, 52 -add rdx, rbx -adc rdi, 0x0 -test al, al -adox rax, r10 -adox r11, r9 -bzhi r9, r13, rcx -mov r15, r9 -shr r15, 48 -bzhi r13, rdx, rcx -shl r13, 4 -shrd rdx, rdi, 52 -mov r8, 0xffffffffffff -and r9, r8 -lea r13, [ r13 + r15 ] -xchg rdx, rbp -mulx r10, rbx, [ rsi + 0x8 ] -adox rbp, rax -mov rdx, 0x0 -adox r11, rdx -mov rdi, 0x1000003d1 -mov rdx, rdi -mulx rax, rdi, r13 -bzhi r15, rbp, rcx -mov rdx, [ rsi + 0x0 ] -mulx rcx, r13, rdx -mov rdx, 0x1000003d10 -mov [ rsp - 0x10 ], r9 -mulx r9, r8, r15 -adox rdi, r13 -adox rcx, rax -shrd rbp, r11, 52 -mov r11, rdi -shrd r11, rcx, 52 -xor rax, rax -adox r11, rbx -adox r10, rax -adcx r8, r11 -adcx r10, r9 -add rbp, r14 -mov rbx, [ rsp - 0x18 ] -adc rbx, 0x0 -mov r14, 0xfffffffffffff -mov r15, rbp -and r15, r14 -mov r13, r8 -shrd r13, r10, 52 -xor r9, r9 -adox r13, [ rsp - 0x20 ] -mov rax, [ rsp - 0x28 ] -adox rax, r9 -and rdi, r14 -mov rcx, [ rsp - 0x50 ] -mov [ rcx + 0x0 ], rdi -shrd rbp, rbx, 52 -mulx r10, r11, r15 -mulx r15, rbx, rbp -and r8, r14 -adox r11, r13 -adox rax, r10 -mov r13, r11 -shrd r13, rax, 52 -mov [ rcx + 0x8 ], r8 -lea r12, [ r12 + r13 ] -xor rdi, rdi -adox rbx, r12 -adox r15, rdi -mov r9, rbx -shrd r9, r15, 52 -and r11, r14 -mov [ rcx + 0x10 ], r11 -add r9, [ rsp - 0x10 ] -mov [ rcx + 0x20 ], r9 -and rbx, r14 -mov [ rcx + 0x18 ], rbx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen Threadripper 1900X 8-Core Processor -; ratio 0.8976 -; seed 0238950055575944 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 9274 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=161, initial num_batches=31): 648 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.0698727625620013 -; number reverted permutation / tried permutation: 422 / 468 =90.171% -; number reverted decision / tried decision: 322 / 531 =60.640% -; validated in 0.354s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed1170714404961826_ratio09785.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed1170714404961826_ratio09785.asm deleted file mode 100644 index 7127f9baa4..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed1170714404961826_ratio09785.asm +++ /dev/null @@ -1,180 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x10 ] -mulx r10, rax, rdx -mov r11, 0x1 -shlx rdx, [ rsi + 0x8 ], r11 -mulx r8, rcx, [ rsi + 0x10 ] -mov r9, [ rsi + 0x10 ] -mov r11, r9 -shl r11, 0x1 -mov r9, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, rdx -mov rdx, r11 -mov [ rsp - 0x70 ], r12 -mulx r12, r11, [ rsi + 0x20 ] -mov [ rsp - 0x68 ], r13 -mov r13, rbx -shrd r13, rbp, 52 -mov rbp, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov r14, rbp -shl r14, 0x1 -mov rbp, [ rsi + 0x0 ] -mov [ rsp - 0x58 ], r15 -lea r15, [rbp + rbp] -mov rbp, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r14 -mulx r14, rdi, r15 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x40 ], r14 -mov [ rsp - 0x38 ], rdi -mulx rdi, r14, r9 -xor rdx, rdx -adox rax, r14 -adox rdi, r10 -mov rdx, [ rsi + 0x20 ] -mulx r14, r10, r15 -mov rdx, 0x1000003d10 -mov [ rsp - 0x30 ], r12 -mov [ rsp - 0x28 ], r11 -mulx r11, r12, r13 -adcx rax, r10 -adcx r14, rdi -mov rdx, r15 -mulx r13, r15, [ rsi + 0x18 ] -mov rdi, 0xfffffffffffff -and rbx, rdi -mov r10, 0x1000003d10 -xchg rdx, rbx -mov [ rsp - 0x20 ], r11 -mulx r11, rdi, r10 -adox rcx, r15 -adox r13, r8 -mov rdx, [ rsi + 0x10 ] -mulx r15, r8, rbx -adcx rdi, rcx -adcx r13, r11 -mov rdx, [ rsi + 0x8 ] -mulx r11, rbx, rdx -mov rdx, r9 -mulx rcx, r9, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x18 ], r12 -mulx r12, r10, rbp -xor rdx, rdx -adox r10, r9 -adox rcx, r12 -adcx rbx, r8 -adcx r15, r11 -mov rbp, rdi -shrd rbp, r13, 52 -xor r8, r8 -adox rbp, rax -adox r14, r8 -mov rdx, 0xfffffffffffff -and rdi, rdx -mov rdx, [ rsi + 0x18 ] -mulx r13, rax, rdx -adox rax, [ rsp - 0x28 ] -adox r13, [ rsp - 0x30 ] -mov rdx, rbp -adcx rdx, [ rsp - 0x18 ] -adcx r14, [ rsp - 0x20 ] -mov r11, 0x34 -bzhi r9, rdx, r11 -shrd rdx, r14, 52 -add rdx, r10 -adc rcx, 0x0 -mov r12, r9 -shr r12, 48 -bzhi r10, rdx, r11 -shrd rdx, rcx, 52 -add rdx, rax -adc r13, 0x0 -mov rbp, rdx -mov rdx, [ rsp - 0x48 ] -mulx r14, rax, [ rsi + 0x20 ] -mov rdx, rbp -shrd rdx, r13, 52 -shl r10, 4 -add rdx, rax -adc r14, 0x0 -mov rcx, rdx -shrd rcx, r14, 52 -bzhi rax, rbp, r11 -bzhi rbp, rdx, r11 -mov r13, 0x1000003d10 -mov rdx, r13 -mulx r14, r13, rax -mov rdx, [ rsi + 0x0 ] -mulx r8, rax, rdx -lea r10, [ r10 + r12 ] -mov rdx, 0x1000003d1 -mulx r11, r12, r10 -adox r12, rax -adox r8, r11 -mov rax, 0x30 -bzhi r10, r9, rax -mov r9, 0xfffffffffffff -mov r11, r12 -and r11, r9 -mov rax, [ rsp - 0x50 ] -mov [ rax + 0x0 ], r11 -shrd r12, r8, 52 -add r12, [ rsp - 0x38 ] -mov r8, [ rsp - 0x40 ] -adc r8, 0x0 -mov r11, 0x1000003d10 -mov rdx, rbp -mulx r9, rbp, r11 -add r13, r12 -adcx r8, r14 -mov rdx, r13 -shrd rdx, r8, 52 -mov r14, 0x34 -bzhi r12, r13, r14 -adox rdx, rbx -mov r13, 0x0 -adox r15, r13 -test al, al -adox rbp, rdx -adox r15, r9 -bzhi rbx, rbp, r14 -mov rdx, r11 -mulx r9, r11, rcx -shrd rbp, r15, 52 -lea rdi, [ rdi + rbp ] -add r11, rdi -adc r9, 0x0 -mov [ rax + 0x10 ], rbx -bzhi rcx, r11, r14 -shrd r11, r9, 52 -lea r10, [ r10 + r11 ] -mov [ rax + 0x20 ], r10 -mov [ rax + 0x18 ], rcx -mov [ rax + 0x8 ], r12 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 7950X 16-Core Processor -; ratio 0.9785 -; seed 1170714404961826 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 4154 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=237, initial num_batches=31): 371 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.08931150698122292 -; number reverted permutation / tried permutation: 403 / 485 =83.093% -; number reverted decision / tried decision: 349 / 514 =67.899% -; validated in 0.206s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed2596661856072031_ratio10107.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed2596661856072031_ratio10107.asm deleted file mode 100644 index 447eaf9180..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed2596661856072031_ratio10107.asm +++ /dev/null @@ -1,174 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x18 ] -mulx r10, rax, rdx -mov rdx, [ rsi + 0x20 ] -mulx rcx, r11, rdx -mov rdx, [ rsi + 0x8 ] -mov r8, rdx -shl r8, 0x1 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, r8 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, rdx -mov rdx, 0x1 -mov [ rsp - 0x68 ], r13 -shlx r13, [ rsi + 0x0 ], rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x60 ], r14 -mov r14, r11 -and r14, rdx -mov rdx, r13 -mov [ rsp - 0x58 ], r15 -mulx r15, r13, [ rsi + 0x10 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r10 -mulx r10, rdi, [ rsi + 0x20 ] -adox rbp, r9 -adox rbx, r12 -mulx r12, r9, [ rsi + 0x18 ] -adcx rbp, rdi -adcx r10, rbx -mulx rbx, rdi, [ rsi + 0x8 ] -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x40 ], rbx -mov [ rsp - 0x38 ], rdi -mulx rdi, rbx, r8 -xor rdx, rdx -adox rbx, r9 -adox r12, rdi -mov rdx, [ rsi + 0x8 ] -mulx rdi, r9, rdx -adcx r9, r13 -adcx r15, rdi -mov rdx, 0x1000003d10 -mulx rdi, r13, r14 -test al, al -adox r13, rbx -adox r12, rdi -mov r14, r13 -shrd r14, r12, 52 -add r14, rbp -adc r10, 0x0 -mov rbp, [ rsi + 0x10 ] -mov rbx, rbp -shl rbx, 0x1 -mov rdx, [ rsi + 0x18 ] -mulx rdi, rbp, rbx -mov rdx, 0xfffffffffffff -and r13, rdx -shrd r11, rcx, 52 -mov rdx, rbx -mulx rcx, rbx, [ rsi + 0x20 ] -test al, al -adox rax, rbx -adox rcx, [ rsp - 0x48 ] -mov rdx, r8 -mulx r12, r8, [ rsi + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x30 ], r13 -mulx r13, rbx, r11 -adcx rbx, r14 -adcx r10, r13 -mov rdx, [ rsi + 0x0 ] -mulx r11, r14, rdx -mov rdx, 0xfffffffffffff -mov r13, rbx -and r13, rdx -adox rbp, r8 -adox r12, rdi -shrd rbx, r10, 52 -add rbx, rbp -adc r12, 0x0 -mov rdi, r13 -shr rdi, 48 -mov r8, rbx -and r8, rdx -shl r8, 4 -lea r8, [ r8 + rdi ] -mov r10, 0x1000003d1 -mov rdx, r10 -mulx rbp, r10, r8 -xor rdi, rdi -adox r10, r14 -adox r11, rbp -mov r14, 0xffffffffffff -and r13, r14 -imul r8, [ rsi + 0x18 ], 0x2 -shrd rbx, r12, 52 -mov rdx, [ rsi + 0x20 ] -mulx rbp, r12, r8 -xor rdx, rdx -adox rbx, rax -adox rcx, rdx -mov rdi, rbx -shrd rdi, rcx, 52 -test al, al -adox rdi, r12 -adox rbp, rdx -mov rax, 0xfffffffffffff -mov r8, rdi -and r8, rax -shrd rdi, rbp, 52 -mov r12, 0x1000003d10 -mov rdx, r12 -mulx rcx, r12, r8 -mov rbp, r10 -and rbp, rax -and rbx, rax -mov r8, [ rsp - 0x50 ] -mov [ r8 + 0x0 ], rbp -shrd r10, r11, 52 -test al, al -adox r10, [ rsp - 0x38 ] -mov r11, [ rsp - 0x40 ] -mov rbp, 0x0 -adox r11, rbp -mulx r14, rbp, rbx -adcx rbp, r10 -adcx r11, r14 -mov rbx, rbp -shrd rbx, r11, 52 -xor r10, r10 -adox rbx, r9 -adox r15, r10 -adcx r12, rbx -adcx r15, rcx -mov r9, r12 -shrd r9, r15, 52 -mulx r14, rcx, rdi -add r9, [ rsp - 0x30 ] -and r12, rax -adox rcx, r9 -adox r14, r10 -mov [ r8 + 0x10 ], r12 -mov rdi, rcx -shrd rdi, r14, 52 -and rbp, rax -and rcx, rax -mov [ r8 + 0x18 ], rcx -lea r13, [ r13 + rdi ] -mov [ r8 + 0x8 ], rbp -mov [ r8 + 0x20 ], r13 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz -; ratio 1.0107 -; seed 2596661856072031 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 6291 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=243, initial num_batches=31): 466 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.07407407407407407 -; number reverted permutation / tried permutation: 410 / 513 =79.922% -; number reverted decision / tried decision: 337 / 486 =69.342% -; validated in 0.352s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed2625400661231680_ratio11844.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed2625400661231680_ratio11844.asm deleted file mode 100644 index 5a22f3daaf..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed2625400661231680_ratio11844.asm +++ /dev/null @@ -1,174 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x8 ] -lea r10, [rax + rax] -mov rax, [ rsi + 0x0 ] -mov r11, rax -shl r11, 0x1 -mov rdx, [ rsi + 0x20 ] -mulx rcx, rax, rdx -mov rdx, r11 -mulx r8, r11, [ rsi + 0x18 ] -mov r9, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, r10 -mov rdx, r10 -mov [ rsp - 0x70 ], r12 -mulx r12, r10, [ rsi + 0x10 ] -mov [ rsp - 0x68 ], r13 -xor r13, r13 -adox r10, r11 -adox r8, r12 -mov r11, [ rsi + 0x10 ] -lea r12, [r11 + r11] -mov r11, 0xfffffffffffff -mov r13, rax -and r13, r11 -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rsi + 0x20 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x50 ], rdi -mulx rdi, r11, r13 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x48 ], r15 -mulx r15, r13, rdx -adox r11, r10 -adox r8, rdi -shrd rax, rcx, 52 -mov rdx, [ rsi + 0x20 ] -mulx r10, rcx, r9 -mov rdx, 0x1000003d10 -mov [ rsp - 0x40 ], r14 -mulx r14, rdi, rax -add r13, rbx -adcx rbp, r15 -mov rbx, r11 -shrd rbx, r8, 52 -xor r15, r15 -adox r13, rcx -adox r10, rbp -mov rdx, [ rsi + 0x8 ] -mulx rax, r8, rdx -mov rdx, [ rsi + 0x18 ] -mov rcx, rdx -shl rcx, 0x1 -mov rdx, r12 -mulx rbp, r12, [ rsi + 0x18 ] -mov r15, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x38 ], rax -mov [ rsp - 0x30 ], r8 -mulx r8, rax, rcx -xor rdx, rdx -adox r12, [ rsp - 0x40 ] -adox rbp, [ rsp - 0x48 ] -adcx rbx, r13 -adc r10, 0x0 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r13, rdx -add rdi, rbx -adcx r10, r14 -mov rdx, [ rsi + 0x20 ] -mulx rbx, r14, r15 -xor rdx, rdx -adox r13, r14 -adox rbx, rcx -mov r15, 0xfffffffffffff -mov rcx, rdi -and rcx, r15 -shrd rdi, r10, 52 -add rdi, r12 -adc rbp, 0x0 -mov r12, rdi -shrd r12, rbp, 52 -and rdi, r15 -adox r12, r13 -adox rbx, rdx -mov r10, 0xffffffffffff -mov r14, rcx -and r14, r10 -shl rdi, 4 -shr rcx, 48 -mov r13, r12 -shrd r13, rbx, 52 -lea rdi, [ rdi + rcx ] -and r12, r15 -adox r13, rax -adox r8, rdx -mov rax, 0x1000003d10 -mov rdx, rax -mulx rbp, rax, r12 -mov rbx, r13 -and rbx, r15 -shrd r13, r8, 52 -mulx r12, rcx, rbx -mulx rbx, r8, r13 -mov rdx, [ rsi + 0x0 ] -mulx r10, r13, rdx -mov rdx, 0x1000003d1 -mov [ rsp - 0x28 ], r14 -mulx r14, r15, rdi -xor rdi, rdi -adox r15, r13 -adox r10, r14 -mov r13, r15 -shrd r13, r10, 52 -mov rdx, r9 -mulx r14, r9, [ rsi + 0x8 ] -mov r10, 0xfffffffffffff -and r15, r10 -adox r13, r9 -adox r14, rdi -adcx rax, r13 -adcx r14, rbp -mov rbp, rax -shrd rbp, r14, 52 -and rax, r10 -mov r9, [ rsp - 0x50 ] -mov [ r9 + 0x0 ], r15 -mulx r13, r15, [ rsi + 0x10 ] -mov [ r9 + 0x8 ], rax -and r11, r10 -mov rdx, r15 -adox rdx, [ rsp - 0x30 ] -adox r13, [ rsp - 0x38 ] -adcx rbp, rdx -adc r13, 0x0 -xor r14, r14 -adox rcx, rbp -adox r13, r12 -mov rdi, rcx -shrd rdi, r13, 52 -and rcx, r10 -lea r11, [ r11 + rdi ] -adox r8, r11 -adox rbx, r14 -mov r12, r8 -shrd r12, rbx, 52 -add r12, [ rsp - 0x28 ] -and r8, r10 -mov [ r9 + 0x18 ], r8 -mov [ r9 + 0x20 ], r12 -mov [ r9 + 0x10 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 12th Gen Intel(R) Core(TM) i9-12900KF -; ratio 1.1844 -; seed 2625400661231680 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 4420 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=367, initial num_batches=31): 446 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.10090497737556561 -; number reverted permutation / tried permutation: 369 / 483 =76.398% -; number reverted decision / tried decision: 351 / 516 =68.023% -; validated in 0.197s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed2716647052398798_ratio11133.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed2716647052398798_ratio11133.asm deleted file mode 100644 index c1d3746b90..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed2716647052398798_ratio11133.asm +++ /dev/null @@ -1,179 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x10 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x18 ] -lea rdx, [r11 + r11] -mov r11, 0x1 -shlx rcx, [ rsi + 0x10 ], r11 -mov r8, rdx -mov rdx, [ rsi + 0x20 ] -mulx r11, r9, rdx -mov rdx, rcx -mov [ rsp - 0x80 ], rbx -mulx rbx, rcx, [ rsi + 0x18 ] -mov [ rsp - 0x78 ], rbp -mov rbp, 0x34 -mov [ rsp - 0x70 ], r12 -bzhi r12, r9, rbp -mov [ rsp - 0x68 ], r13 -mov r13, [ rsi + 0x8 ] -mov [ rsp - 0x60 ], r14 -mov r14, r13 -shl r14, 0x1 -shrd r9, r11, 52 -mov r13, [ rsi + 0x0 ] -mov r11, r13 -shl r11, 0x1 -mov r13, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mulx rbp, r15, r14 -mov rdx, r11 -mov [ rsp - 0x50 ], rdi -mulx rdi, r11, [ rsi + 0x18 ] -mov [ rsp - 0x48 ], r9 -mov [ rsp - 0x40 ], r8 -mulx r8, r9, [ rsi + 0x10 ] -mov [ rsp - 0x38 ], r8 -mov r8, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x30 ], r9 -mov [ rsp - 0x28 ], rbx -mulx rbx, r9, r14 -xor rdx, rdx -adox r9, r11 -adox rdi, rbx -adcx rax, r15 -adcx rbp, r10 -mov rdx, r8 -mulx r10, r8, [ rsi + 0x20 ] -mov r15, rdx -mov rdx, [ rsi + 0x20 ] -mulx rbx, r11, r13 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x20 ], rbp -mulx rbp, r13, rdx -xor rdx, rdx -adox r13, r11 -adox rbx, rbp -mov r11, 0x1000003d10 -mov rdx, r12 -mulx rbp, r12, r11 -adcx r12, r9 -adcx rdi, rbp -mov rdx, [ rsi + 0x20 ] -mulx rbp, r9, r14 -xor rdx, rdx -adox rcx, r9 -adox rbp, [ rsp - 0x28 ] -mov r14, r12 -shrd r14, rdi, 52 -add rax, r8 -adcx r10, [ rsp - 0x20 ] -mov rdx, [ rsp - 0x40 ] -mulx rdi, r8, [ rsi + 0x20 ] -xor rdx, rdx -adox r14, rax -adox r10, rdx -mov rdx, [ rsp - 0x48 ] -mulx rax, r9, r11 -adcx r9, r14 -adcx r10, rax -mov rdx, 0xfffffffffffff -mov r14, r9 -and r14, rdx -and r12, rdx -shrd r9, r10, 52 -xor rax, rax -adox r9, rcx -adox rbp, rax -mov rcx, r9 -shrd rcx, rbp, 52 -mov r10, r14 -shr r10, 48 -mov rbp, 0xffffffffffff -and r14, rbp -adox rcx, r13 -adox rbx, rax -mov rdx, [ rsi + 0x0 ] -mulx rax, r13, rdx -mov rdx, 0xfffffffffffff -mov rbp, rcx -and rbp, rdx -and r9, rdx -shl r9, 4 -lea r9, [ r9 + r10 ] -shrd rcx, rbx, 52 -mov r10, 0x1000003d1 -mov rdx, r10 -mulx rbx, r10, r9 -xor r9, r9 -adox r10, r13 -adox rax, rbx -adcx rcx, r8 -adc rdi, 0x0 -mov r8, 0x34 -bzhi r13, r10, r8 -mov rbx, [ rsp - 0x50 ] -mov [ rbx + 0x0 ], r13 -mov rdx, [ rsi + 0x8 ] -mulx r9, r13, rdx -mov rdx, [ rsi + 0x8 ] -mulx r11, r8, r15 -adox r13, [ rsp - 0x30 ] -adox r9, [ rsp - 0x38 ] -mov rdx, 0x1000003d10 -mulx rbx, r15, rbp -shrd r10, rax, 52 -mov rbp, rcx -shrd rbp, rdi, 52 -xor rax, rax -adox r10, r8 -adox r11, rax -adcx r15, r10 -adcx r11, rbx -mov rdi, r15 -shrd rdi, r11, 52 -test al, al -adox rdi, r13 -adox r9, rax -mulx r13, r8, rbp -mov rbx, 0x34 -bzhi rbp, rcx, rbx -mulx r10, rcx, rbp -adox rcx, rdi -adox r9, r10 -bzhi r11, rcx, rbx -shrd rcx, r9, 52 -mov rdi, [ rsp - 0x50 ] -mov [ rdi + 0x10 ], r11 -lea r12, [ r12 + rcx ] -add r8, r12 -adc r13, 0x0 -bzhi rbp, r8, rbx -mov [ rdi + 0x18 ], rbp -shrd r8, r13, 52 -lea r14, [ r14 + r8 ] -bzhi r10, r15, rbx -mov [ rdi + 0x8 ], r10 -mov [ rdi + 0x20 ], r14 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.1133 -; seed 2716647052398798 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 5474 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=280, initial num_batches=31): 458 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.08366824990865912 -; number reverted permutation / tried permutation: 427 / 527 =81.025% -; number reverted decision / tried decision: 320 / 472 =67.797% -; validated in 0.31s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed2811747862207902_ratio11362.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed2811747862207902_ratio11362.asm deleted file mode 100644 index eb9dc100b2..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed2811747862207902_ratio11362.asm +++ /dev/null @@ -1,173 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, 0x1 -shlx r10, [ rsi + 0x8 ], rax -mov rdx, [ rsi + 0x20 ] -mulx rcx, r11, rdx -mov rdx, [ rsi + 0x10 ] -mulx r9, r8, rdx -mov rdx, [ rsi + 0x10 ] -lea rax, [rdx + rdx] -mov rdx, 0x34 -mov [ rsp - 0x80 ], rbx -bzhi rbx, r11, rdx -mov [ rsp - 0x78 ], rbp -mov rbp, 0x1000003d10 -mov rdx, rbx -mov [ rsp - 0x70 ], r12 -mulx r12, rbx, rbp -shrd r11, rcx, 52 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x68 ], r13 -mulx r13, rcx, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -lea r14, [rdx + rdx] -mov rdx, r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rsi + 0x20 ] -mov rdx, [ rsi + 0x0 ] -mov rbp, rdx -shl rbp, 0x1 -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r15 -mulx r15, rdi, r10 -mov rdx, rbp -mov [ rsp - 0x40 ], r14 -mulx r14, rbp, [ rsi + 0x18 ] -mov [ rsp - 0x38 ], r13 -mov r13, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x30 ], rcx -mov [ rsp - 0x28 ], r15 -mulx r15, rcx, r10 -test al, al -adox rcx, rbp -adox r14, r15 -adcx rbx, rcx -adcx r14, r12 -mov rdx, r10 -mulx r12, r10, [ rsi + 0x18 ] -mov rdx, 0x1000003d10 -mulx r15, rbp, r11 -mov rdx, [ rsi + 0x8 ] -mulx rcx, r11, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x20 ], rcx -mov [ rsp - 0x18 ], r11 -mulx r11, rcx, r13 -xor rdx, rdx -adox r8, r10 -adox r12, r9 -adcx r8, rcx -adcx r11, r12 -mov r9, 0x34 -bzhi r10, rbx, r9 -shrd rbx, r14, 52 -add rbx, r8 -adc r11, 0x0 -mov rdx, [ rsi + 0x18 ] -mulx rcx, r14, rax -xor rdx, rdx -adox rbp, rbx -adox r11, r15 -bzhi r15, rbp, r9 -shrd rbp, r11, 52 -add r14, rdi -adcx rcx, [ rsp - 0x28 ] -xor rdi, rdi -adox rbp, r14 -adox rcx, rdi -mov rdx, r15 -shr rdx, 48 -mov r12, rdx -mov rdx, [ rsi + 0x20 ] -mulx rbx, r8, rax -mov rdx, r8 -test al, al -adox rdx, [ rsp - 0x30 ] -adox rbx, [ rsp - 0x38 ] -bzhi rax, rbp, r9 -mov r11, 0x30 -bzhi r14, r15, r11 -shl rax, 4 -shrd rbp, rcx, 52 -xor r15, r15 -adox rbp, rdx -adox rbx, r15 -mov rdi, rbp -shrd rdi, rbx, 52 -bzhi rcx, rbp, r9 -lea rax, [ rax + r12 ] -mov rdx, [ rsi + 0x0 ] -mulx r8, r12, rdx -mov rdx, 0x1000003d1 -mulx rbx, rbp, rax -adox rbp, r12 -adox r8, rbx -bzhi rax, rbp, r9 -adox rdi, [ rsp - 0x40 ] -mov r12, [ rsp - 0x48 ] -adox r12, r15 -bzhi rbx, rdi, r9 -mov rdx, r13 -mulx r15, r13, [ rsi + 0x8 ] -mov r11, [ rsp - 0x50 ] -mov [ r11 + 0x0 ], rax -shrd rbp, r8, 52 -shrd rdi, r12, 52 -xor r8, r8 -adox rbp, r13 -adox r15, r8 -mulx r12, rax, [ rsi + 0x10 ] -mov rdx, 0x1000003d10 -mulx r8, r13, rcx -adcx r13, rbp -adcx r15, r8 -mov rcx, rax -xor rbp, rbp -adox rcx, [ rsp - 0x18 ] -adox r12, [ rsp - 0x20 ] -bzhi rax, r13, r9 -shrd r13, r15, 52 -mulx r15, r8, rbx -mov [ r11 + 0x8 ], rax -xor rbx, rbx -adox r13, rcx -adox r12, rbx -adcx r8, r13 -adcx r12, r15 -mov rbp, r8 -shrd rbp, r12, 52 -bzhi rcx, r8, r9 -mulx r15, rax, rdi -lea r10, [ r10 + rbp ] -adox rax, r10 -adox r15, rbx -mov rdi, rax -shrd rdi, r15, 52 -bzhi r13, rax, r9 -mov [ r11 + 0x18 ], r13 -lea r14, [ r14 + rdi ] -mov [ r11 + 0x20 ], r14 -mov [ r11 + 0x10 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu 11th Gen Intel(R) Core(TM) i7-11700KF @ 3.60GHz -; ratio 1.1362 -; seed 2811747862207902 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 5790 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=280, initial num_batches=31): 426 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.07357512953367876 -; number reverted permutation / tried permutation: 387 / 491 =78.819% -; number reverted decision / tried decision: 349 / 508 =68.701% -; validated in 0.312s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed3093611607776169_ratio09742.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed3093611607776169_ratio09742.asm deleted file mode 100644 index f8e564221a..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed3093611607776169_ratio09742.asm +++ /dev/null @@ -1,176 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x10 ] -lea rdx, [r11 + r11] -mulx rcx, r11, [ rsi + 0x20 ] -mov r8, rax -shrd r8, r10, 52 -mulx r10, r9, [ rsi + 0x18 ] -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x80 ], rbx -lea rbx, [rdx + rdx] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x78 ], rbp -mov [ rsp - 0x70 ], r12 -mulx r12, rbp, rbx -mov rdx, rbx -mov [ rsp - 0x68 ], r13 -mulx r13, rbx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov r14, [ rsi + 0x18 ] -mov [ rsp - 0x58 ], r15 -mov r15, r14 -shl r15, 0x1 -imul r14, [ rsi + 0x8 ], 0x2 -xchg rdx, r14 -mov [ rsp - 0x50 ], rdi -mov [ rsp - 0x48 ], r15 -mulx r15, rdi, [ rsi + 0x10 ] -mov [ rsp - 0x40 ], r8 -xor r8, r8 -adox rdi, rbx -adox r13, r15 -mov rbx, 0x34 -bzhi r15, rax, rbx -mov rax, 0x1000003d10 -xchg rdx, r15 -mulx rbx, r8, rax -mov rdx, r14 -mulx rax, r14, [ rsi + 0x10 ] -mov [ rsp - 0x38 ], rax -mov rax, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x30 ], r14 -mov [ rsp - 0x28 ], r12 -mulx r12, r14, rdx -adox r14, r11 -adox rcx, r12 -mov rdx, [ rsi + 0x8 ] -mulx r12, r11, rdx -test al, al -adox r8, rdi -adox r13, rbx -mov rdx, [ rsi + 0x20 ] -mulx rbx, rdi, r15 -mov rdx, 0xfffffffffffff -mov [ rsp - 0x20 ], r12 -mov r12, r8 -and r12, rdx -adox r9, rdi -adox rbx, r10 -mov rdx, [ rsi + 0x10 ] -mulx rdi, r10, rdx -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x18 ], r12 -mov [ rsp - 0x10 ], r11 -mulx r11, r12, r15 -adcx r10, r12 -adcx r11, rdi -xor rdx, rdx -adox r10, rbp -adox r11, [ rsp - 0x28 ] -shrd r8, r13, 52 -mov rbp, 0x1000003d10 -mov rdx, [ rsp - 0x40 ] -mulx r13, r15, rbp -xor rdx, rdx -adox r8, r10 -adox r11, rdx -adcx r15, r8 -adcx r11, r13 -mov rdi, r15 -shrd rdi, r11, 52 -mov r12, 0xfffffffffffff -and r15, r12 -adox rdi, r9 -adox rbx, rdx -mov r9, rdi -shrd r9, rbx, 52 -and rdi, r12 -shl rdi, 4 -mov r10, r15 -shr r10, 48 -mov rdx, [ rsi + 0x0 ] -mulx r8, r13, rdx -lea rdi, [ rdi + r10 ] -mov rdx, 0x1000003d1 -mulx rbx, r11, rdi -mov r10, 0xffffffffffff -and r15, r10 -mov rdx, [ rsi + 0x8 ] -mulx r10, rdi, rax -adox r9, r14 -mov rdx, 0x0 -adox rcx, rdx -adcx r11, r13 -adcx r8, rbx -mov rax, r11 -and rax, r12 -mov r14, r9 -shrd r14, rcx, 52 -mov r13, [ rsp - 0x50 ] -mov [ r13 + 0x0 ], rax -and r9, r12 -mov rdx, [ rsi + 0x20 ] -mulx rcx, rbx, [ rsp - 0x48 ] -mov rdx, rbp -mulx rax, rbp, r9 -shrd r11, r8, 52 -add r14, rbx -adc rcx, 0x0 -mov r8, r14 -and r8, r12 -mov r9, [ rsp - 0x10 ] -adox r9, [ rsp - 0x30 ] -mov rbx, [ rsp - 0x20 ] -adox rbx, [ rsp - 0x38 ] -adcx r11, rdi -adc r10, 0x0 -add rbp, r11 -adcx r10, rax -mulx rax, rdi, r8 -mov r8, rbp -and r8, r12 -shrd r14, rcx, 52 -shrd rbp, r10, 52 -mov [ r13 + 0x8 ], r8 -xor rcx, rcx -adox rbp, r9 -adox rbx, rcx -mulx r11, r9, r14 -adcx rdi, rbp -adcx rbx, rax -mov r10, rdi -shrd r10, rbx, 52 -add r10, [ rsp - 0x18 ] -add r9, r10 -adc r11, 0x0 -mov rax, r9 -and rax, r12 -and rdi, r12 -shrd r9, r11, 52 -lea r15, [ r15 + r9 ] -mov [ r13 + 0x20 ], r15 -mov [ r13 + 0x10 ], rdi -mov [ r13 + 0x18 ], rax -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 0.9742 -; seed 3093611607776169 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 5798 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=244, initial num_batches=31): 445 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.07675060365643326 -; number reverted permutation / tried permutation: 405 / 496 =81.653% -; number reverted decision / tried decision: 313 / 503 =62.227% -; validated in 0.27s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed3353910002713579_ratio10198.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed3353910002713579_ratio10198.asm deleted file mode 100644 index 3d9c4216cf..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed3353910002713579_ratio10198.asm +++ /dev/null @@ -1,171 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x20 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x8 ] -mov rdx, r11 -shl rdx, 0x1 -mov r11, rdx -mov rdx, [ rsi + 0x10 ] -mulx r8, rcx, rdx -mov rdx, [ rsi + 0x0 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r9, rdx -mov rdx, 0xfffffffffffff -mov [ rsp - 0x78 ], rbp -mov rbp, rax -and rbp, rdx -mov [ rsp - 0x70 ], r12 -mov r12, 0x1 -mov [ rsp - 0x68 ], r13 -shlx r13, [ rsi + 0x10 ], r12 -mov rdx, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mulx r14, r12, rdx -mov rdx, r13 -mov [ rsp - 0x58 ], r15 -mulx r15, r13, [ rsi + 0x20 ] -shrd rax, r10, 52 -mov [ rsp - 0x50 ], rdi -mulx rdi, r10, [ rsi + 0x18 ] -mov rdx, 0x1000003d10 -mov [ rsp - 0x48 ], rbx -mov [ rsp - 0x40 ], r9 -mulx r9, rbx, rbp -mov rdx, r11 -mulx rbp, r11, [ rsi + 0x10 ] -mov [ rsp - 0x38 ], rax -mov rax, [ rsi + 0x0 ] -mov [ rsp - 0x30 ], r9 -lea r9, [rax + rax] -xor rax, rax -adox r12, r13 -adox r15, r14 -mulx r13, r14, [ rsi + 0x20 ] -adcx r10, r14 -adcx r13, rdi -mulx r14, rdi, [ rsi + 0x18 ] -test al, al -adox rcx, rdi -adox r14, r8 -mov rdx, r9 -mulx r8, r9, [ rsi + 0x18 ] -adcx r11, r9 -adcx r8, rbp -add rbx, r11 -adcx r8, [ rsp - 0x30 ] -mulx rdi, rbp, [ rsi + 0x10 ] -mov r9, 0x34 -bzhi r11, rbx, r9 -mov rax, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x28 ], r11 -mulx r11, r9, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x20 ], r15 -mov [ rsp - 0x18 ], r12 -mulx r12, r15, rax -shrd rbx, r8, 52 -add rcx, r15 -adcx r12, r14 -add r9, rbp -adcx rdi, r11 -xor rdx, rdx -adox rbx, rcx -adox r12, rdx -mov r14, 0x1000003d10 -mov rdx, r14 -mulx r8, r14, [ rsp - 0x38 ] -adcx r14, rbx -adcx r12, r8 -mov rbp, r14 -shrd rbp, r12, 52 -mov r11, 0x34 -bzhi r15, r14, r11 -imul rcx, [ rsi + 0x18 ], 0x2 -xor rbx, rbx -adox rbp, r10 -adox r13, rbx -bzhi r10, rbp, r11 -shrd rbp, r13, 52 -add rbp, [ rsp - 0x18 ] -mov r8, [ rsp - 0x20 ] -adc r8, 0x0 -mov r14, rbp -shrd r14, r8, 52 -mov rdx, rcx -mulx r12, rcx, [ rsi + 0x20 ] -mov rdx, 0x30 -bzhi r13, r15, rdx -adox r14, rcx -adox r12, rbx -bzhi r8, r14, r11 -shr r15, 48 -shl r10, 4 -lea r10, [ r10 + r15 ] -mov rdx, rax -mulx rcx, rax, [ rsi + 0x8 ] -mov rdx, 0x1000003d1 -mulx rbx, r15, r10 -test al, al -adox r15, [ rsp - 0x40 ] -adox rbx, [ rsp - 0x48 ] -mov r10, r15 -shrd r10, rbx, 52 -bzhi rdx, r15, r11 -adox r10, rax -mov r15, 0x0 -adox rcx, r15 -mov rax, [ rsp - 0x50 ] -mov [ rax + 0x0 ], rdx -shrd r14, r12, 52 -mov r12, 0x1000003d10 -mov rdx, r12 -mulx rbx, r12, r14 -bzhi r14, rbp, r11 -mulx r15, rbp, r14 -mulx r11, r14, r8 -adox rbp, r10 -adox rcx, r15 -mov r8, 0xfffffffffffff -mov r10, rbp -and r10, r8 -mov [ rax + 0x8 ], r10 -shrd rbp, rcx, 52 -xor r15, r15 -adox rbp, r9 -adox rdi, r15 -adcx r14, rbp -adcx rdi, r11 -mov r9, r14 -shrd r9, rdi, 52 -add r9, [ rsp - 0x28 ] -and r14, r8 -mov [ rax + 0x10 ], r14 -adox r12, r9 -adox rbx, r15 -mov r11, r12 -and r11, r8 -mov [ rax + 0x18 ], r11 -shrd r12, rbx, 52 -lea r13, [ r13 + r12 ] -mov [ rax + 0x20 ], r13 -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu Intel(R) Core(TM) i7-6770HQ CPU @ 2.60GHz -; ratio 1.0198 -; seed 3353910002713579 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 10348 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=223, initial num_batches=31): 762 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.07363741785852339 -; number reverted permutation / tried permutation: 440 / 510 =86.275% -; number reverted decision / tried decision: 343 / 489 =70.143% -; validated in 0.389s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed3939486227538568_ratio09910.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed3939486227538568_ratio09910.asm new file mode 100644 index 0000000000..8a5161f9e1 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed3939486227538568_ratio09910.asm @@ -0,0 +1,176 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r10, rax, rdx; x10006_1, x10006_0<- arg1[2]^2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx rcx, r11, rdx; x5_1, x5_0<- arg1[4]^2 +mov rdx, [ rsi + 0x8 ]; load m64 arg1[1] to register64 +mov r8, rdx; load m64 x3 to register64 +shl r8, 0x1; x3 <- arg1[1] * 0x2 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +mulx rbx, r9, r8; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +mov rdx, r8; x3 to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mulx rbp, r8, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +add rax, r8; could be done better, if r0 has been u8 as well +adcx rbp, r10 +mov r10, 0x1000003d10 ; moving imm to reg +xchg rdx, r11; x7, swapping with x3, which is currently in rdx +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, r8, r10; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +mov rdx, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov r13, rdx; load m64 x2 to register64 +shl r13, 0x1; x2 <- arg1[2] * 0x2 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mulx r15, r14, r13; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov rdx, 0x1 ; moving imm to reg +shlx r10, [ rsi + 0x0 ], rdx; x4 <- arg1[0] * 0x2 (shlx does not change the flags) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mov [ rsp - 0x48 ], rcx; spilling x6 to mem +mulx rcx, rdi, rdx; x10019_1, x10019_0<- arg1[3]^2 +xor rdx, rdx +adox rdi, r14 +adox r15, rcx +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rcx, r14, r10; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x40 ], rcx; spilling x10021_1 to mem +mov [ rsp - 0x38 ], r14; spilling x10021_0 to mem +mulx r14, rcx, r10; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +adcx r9, rcx +adcx r14, rbx +xor rdx, rdx +adox r8, r9 +adox r14, r12 +mov rbx, r8; +shrd rbx, r14, 52; x9 <- x8_1||x8_0 >> 52 +mov rdx, r11; x3 to rdx +mulx r12, r11, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov rdx, r10; x4 to rdx +mulx rcx, r10, [ rsi + 0x20 ]; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +xor r9, r9 +adox rax, r10 +adox rcx, rbp +adcx rbx, rax +adc rcx, 0x0; add CF to r0's alloc +mov rbp, rdx; preserving value of x4 into a new reg +mov rdx, [ rsi + 0x18 ]; saving arg1[3] in rdx. +mulx r10, r14, r13; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +xor rdx, rdx +adox r14, r11 +adox r12, r10 +mov r9, 0x1000003d10000 ; moving imm to reg +mov rdx, r9; 0x1000003d10000 to rdx +mulx r13, r9, [ rsp - 0x48 ]; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx rax, r11, rdx; x10026_1, x10026_0<- arg1[1]^2 +adcx r9, rbx +adcx rcx, r13 +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mulx r10, rbx, rbp; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, r9; +shrd rdx, rcx, 52; x12 <- x11_1||x11_0 >> 52 +add r11, rbx; could be done better, if r0 has been u8 as well +adcx r10, rax +mov rbp, 0xfffffffffffff ; moving imm to reg +and r8, rbp; x10 <- x8_0&0xfffffffffffff +adox rdx, r14 +mov r13, 0x0 ; moving imm to reg +adox r12, r13 +mov r14, rdx; +and r14, rbp; x18 <- x16_0&0xfffffffffffff +shrd rdx, r12, 52; x17 <- x16_1||x16_0 >> 52 +xor rax, rax +adox rdx, rdi +adox r15, rax +mov r13, rdx; +shrd r13, r15, 52; x23 <- x22_1||x22_0 >> 52 +shl r14, 4; x10015 <- x18<< 4 +mov rdi, [ rsi + 0x18 ]; load m64 arg1[3] to register64 +mov rcx, rdi; load m64 x1 to register64 +shl rcx, 0x1; x1 <- arg1[3] * 0x2 +mov rdi, rdx; preserving value of x22_0 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r12, rbx, rcx; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +and rdi, rbp; x24 <- x22_0&0xfffffffffffff +adox r13, rbx +adox r12, rax +and r9, rbp; x13 <- x11_0&0xfffffffffffff +mov rdx, r9; +shr rdx, 48; x14 <- x13>> 48 +lea r14, [ r14 + rdx ] +mov r15, 0x1000003d1 ; moving imm to reg +mov rdx, r14; x10016 to rdx +mulx rcx, r14, r15; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx rax, rbx, rdx; x10014_1, x10014_0<- arg1[0]^2 +xor rdx, rdx +adox r14, rbx +adox rax, rcx +mov rcx, r14; +and rcx, rbp; x21 <- x19_0&0xfffffffffffff +shrd r14, rax, 52; x20 <- x19_1||x19_0 >> 52 +mov rbx, 0x1000003d10 ; moving imm to reg +mov rdx, r13; x30 to rdx +mulx rax, r13, rbx; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +mov rdx, rdi; x24 to rdx +mulx r15, rdi, rbx; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +xor rdx, rdx +adox r14, [ rsp - 0x38 ] +mov rbx, [ rsp - 0x40 ]; +adox rbx, rdx +adcx rdi, r14 +adcx rbx, r15 +mov r15, rdi; +shrd r15, rbx, 52; x26 <- x25_1||x25_0 >> 52 +and rdi, rbp; x27 <- x25_0&0xfffffffffffff +mov r14, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ r14 + 0x8 ], rdi; out1[1] = x27 +adox r15, r11 +adox r10, rdx +adcx r13, r15 +adcx r10, rax +mov r11, r13; +and r11, rbp; x33 <- x31_0&0xfffffffffffff +mov rax, 0x1000003d10000 ; moving imm to reg +mov rdx, rax; 0x1000003d10000 to rdx +mulx rbx, rax, r12; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +shrd r13, r10, 52; x32 <- x31_1||x31_0 >> 52 +lea r8, [ r8 + r13 ] +mov [ r14 + 0x10 ], r11; out1[2] = x33 +xor rdi, rdi +adox rax, r8 +adox rbx, rdi +mov r15, rax; +and r15, rbp; x36 <- x34_0&0xfffffffffffff +mov r10, 0xffffffffffff ; moving imm to reg +and r9, r10; x15 <- x13&0xffffffffffff +mov [ r14 + 0x18 ], r15; out1[3] = x36 +mov [ r14 + 0x0 ], rcx; out1[0] = x21 +shrd rax, rbx, 52; x35 <- x34_1||x34_0 >> 52 +lea r9, [ r9 + rax ] +mov [ r14 + 0x20 ], r9; out1[4] = x37 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu AMD Ryzen 9 7950X 16-Core Processor +; ratio 0.9910 +; seed 3939486227538568 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 9302 ms on 1500 evaluations. +; Time spent for assembling and measuring (initial batch_size=244, initial num_batches=31): 646 ms +; number of used evaluations: 1500 +; Ratio (time for assembling + measure)/(total runtime for 1500 evals): 0.0694474306600731 +; number reverted permutation / tried permutation: 579 / 764 =75.785% +; number reverted decision / tried decision: 453 / 735 =61.633% +; validated in 0.22s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed4086124786706180_ratio10393.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed4086124786706180_ratio10393.asm new file mode 100644 index 0000000000..edf1d72617 --- /dev/null +++ b/fiat-amd64/fiat_secp256k1_dettman_square/seed4086124786706180_ratio10393.asm @@ -0,0 +1,159 @@ +SECTION .text + GLOBAL fiat_secp256k1_dettman_square +fiat_secp256k1_dettman_square: +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r10, rax, rdx; x5_1, x5_0<- arg1[4]^2 +imul r11, [ rsi + 0x8 ], 0x2; x3 <- arg1[1] * 0x2 +mov rdx, [ rsi + 0x0 ]; arg1[0] to rdx +mulx r8, rcx, rdx; x10014_1, x10014_0<- arg1[0]^2 +mov rdx, [ rsi + 0x10 ]; load m64 arg1[2] to register64 +lea r9, [rdx + rdx]; x2 <- arg1[2] * 2 +mov rdx, 0x1 ; moving imm to reg +mov [ rsp - 0x80 ], rbx; spilling calSv-rbx to mem +shlx rbx, [ rsi + 0x0 ], rdx; x4 <- arg1[0] * 0x2 (shlx does not change the flags) +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mov [ rsp - 0x78 ], rbp; spilling calSv-rbp to mem +mov [ rsp - 0x70 ], r12; spilling calSv-r12 to mem +mulx r12, rbp, rbx; x10000_1, x10000_0<- x4 * arg1[3] (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x68 ], r13; spilling calSv-r13 to mem +mov [ rsp - 0x60 ], r14; spilling calSv-r14 to mem +mulx r14, r13, r11; x10001_1, x10001_0<- x3 * arg1[2] (_0*_0) +xor rdx, rdx +adox r13, rbp +adox r12, r14 +mov rdx, [ rsi + 0x20 ]; arg1[4] to rdx +mulx r14, rbp, rbx; x10004_1, x10004_0<- x4 * arg1[4] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mov [ rsp - 0x58 ], r15; spilling calSv-r15 to mem +mov [ rsp - 0x50 ], rdi; spilling out1 to mem +mulx rdi, r15, rax; x10003_1, x10003_0<- x7 * 0x1000003d10 (_0*_0) +mov rdx, [ rsi + 0x10 ]; arg1[2] to rdx +mov [ rsp - 0x48 ], r8; spilling x10014_1 to mem +mulx r8, rax, rdx; x10006_1, x10006_0<- arg1[2]^2 +adcx r15, r13 +adcx r12, rdi +mov rdx, r11; x3 to rdx +mulx r13, r11, [ rsi + 0x20 ]; x10011_1, x10011_0<- x3 * arg1[4] (_0*_0) +mov [ rsp - 0x40 ], rcx; spilling x10014_0 to mem +mulx rcx, rdi, [ rsi + 0x18 ]; x10005_1, x10005_0<- x3 * arg1[3] (_0*_0) +xor rdx, rdx +adox rax, rdi +adox rcx, r8 +adcx rax, rbp +adcx r14, rcx +mov rbp, 0x1000003d10000 ; moving imm to reg +mov rdx, r10; x6 to rdx +mulx r8, r10, rbp; x10010_1, x10010_0<- x6 * 0x1000003d10000 (_0*_0) +mov rdx, r15; +shrd rdx, r12, 52; x9 <- x8_1||x8_0 >> 52 +add rdx, rax; could be done better, if r0 has been u8 as well +adc r14, 0x0; add CF to r0's alloc +xor r12, r12 +adox r10, rdx +adox r14, r8 +mov rdx, [ rsi + 0x18 ]; arg1[3] to rdx +mulx rcx, rdi, rdx; x10019_1, x10019_0<- arg1[3]^2 +mov rdx, r9; x2 to rdx +mulx rax, r9, [ rsi + 0x20 ]; x10018_1, x10018_0<- x2 * arg1[4] (_0*_0) +mov r8, 0x34 ; moving imm to reg +bzhi r12, r10, r8; x13 <- x11_0 (only least 0x34 bits) +adox rdi, r9 +adox rax, rcx +mulx r9, rcx, [ rsi + 0x18 ]; x10012_1, x10012_0<- x2 * arg1[3] (_0*_0) +add rcx, r11; could be done better, if r0 has been u8 as well +adcx r13, r9 +mov rdx, r12; +shr rdx, 48; x14 <- x13>> 48 +mov r11, 0xffffffffffff ; moving imm to reg +and r12, r11; x15 <- x13&0xffffffffffff +shrd r10, r14, 52; x12 <- x11_1||x11_0 >> 52 +add r10, rcx; could be done better, if r0 has been u8 as well +adc r13, 0x0; add CF to r0's alloc +bzhi r14, r10, r8; x18 <- x16_0 (only least 0x34 bits) +shrd r10, r13, 52; x17 <- x16_1||x16_0 >> 52 +add r10, rdi; could be done better, if r0 has been u8 as well +adc rax, 0x0; add CF to r0's alloc +mov rdi, [ rsi + 0x18 ]; load m64 arg1[3] to register64 +lea r9, [rdi + rdi]; x1 <- arg1[3] * 2 +mov rdi, rdx; preserving value of x14 into a new reg +mov rdx, [ rsi + 0x20 ]; saving arg1[4] in rdx. +mulx r13, rcx, r9; x10024_1, x10024_0<- x1 * arg1[4] (_0*_0) +shl r14, 4; x10015 <- x18<< 4 +lea r14, [ r14 + rdi ] +bzhi rdx, r10, r8; x24 <- x22_0 (only least 0x34 bits) +shrd r10, rax, 52; x23 <- x22_1||x22_0 >> 52 +mov rdi, 0x1000003d10 ; moving imm to reg +mulx r9, rax, rdi; x10023_1, x10023_0<- x24 * 0x1000003d10 (_0*_0) +add r10, rcx; could be done better, if r0 has been u8 as well +adc r13, 0x0; add CF to r0's alloc +mov rdx, [ rsi + 0x8 ]; arg1[1] to rdx +mulx r8, rcx, rdx; x10026_1, x10026_0<- arg1[1]^2 +mov rdx, 0x1000003d1 ; moving imm to reg +mulx rbp, r11, r14; x10017_1, x10017_0<- x10016 * 0x1000003d1 (_0*_0) +add r11, [ rsp - 0x40 ]; could be done better, if r0 has been u8 as well +adcx rbp, [ rsp - 0x48 ] +mov r14, 0x34 ; moving imm to reg +bzhi rdx, r11, r14; x21 <- x19_0 (only least 0x34 bits) +mov r14, 0x1000003d10000 ; moving imm to reg +xchg rdx, r14; 0x1000003d10000, swapping with x21, which is currently in rdx +mov [ rsp - 0x38 ], r14; spilling x21 to mem +mulx r14, rdi, r13; x10031_1, x10031_0<- x29 * 0x1000003d10000 (_0*_0) +shrd r11, rbp, 52; x20 <- x19_1||x19_0 >> 52 +mov rdx, rbx; x4 to rdx +mulx rbp, rbx, [ rsi + 0x8 ]; x10021_1, x10021_0<- x4 * arg1[1] (_0*_0) +xor r13, r13 +adox r11, rbx +adox rbp, r13 +adcx rax, r11 +adcx rbp, r9 +mov r9, rax; +shrd r9, rbp, 52; x26 <- x25_1||x25_0 >> 52 +mulx r11, rbx, [ rsi + 0x10 ]; x10025_1, x10025_0<- x4 * arg1[2] (_0*_0) +mov rdx, 0x1000003d10 ; moving imm to reg +mulx r13, rbp, r10; x10029_1, x10029_0<- x30 * 0x1000003d10 (_0*_0) +add rcx, rbx; could be done better, if r0 has been u8 as well +adcx r11, r8 +xor r10, r10 +adox r9, rcx +adox r11, r10 +adcx rbp, r9 +adcx r11, r13 +mov r8, rbp; +shrd r8, r11, 52; x32 <- x31_1||x31_0 >> 52 +mov rbx, 0xfffffffffffff ; moving imm to reg +and r15, rbx; x10 <- x8_0&0xfffffffffffff +and rax, rbx; x27 <- x25_0&0xfffffffffffff +lea r15, [ r15 + r8 ] +adox rdi, r15 +adox r14, r10 +mov r13, rdi; +and r13, rbx; x36 <- x34_0&0xfffffffffffff +shrd rdi, r14, 52; x35 <- x34_1||x34_0 >> 52 +lea r12, [ r12 + rdi ] +mov rcx, [ rsp - 0x50 ]; load m64 out1 to register64 +mov [ rcx + 0x20 ], r12; out1[4] = x37 +mov r9, [ rsp - 0x38 ]; load m64 x21 to register64 +mov [ rcx + 0x0 ], r9; out1[0] = x21 +and rbp, rbx; x33 <- x31_0&0xfffffffffffff +mov [ rcx + 0x10 ], rbp; out1[2] = x33 +mov [ rcx + 0x18 ], r13; out1[3] = x36 +mov [ rcx + 0x8 ], rax; out1[1] = x27 +mov rbx, [ rsp - 0x80 ]; pop +mov rbp, [ rsp - 0x78 ]; pop +mov r12, [ rsp - 0x70 ]; pop +mov r13, [ rsp - 0x68 ]; pop +mov r14, [ rsp - 0x60 ]; pop +mov r15, [ rsp - 0x58 ]; pop +ret +; cpu Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz +; ratio 1.0393 +; seed 4086124786706180 +; CC / CFLAGS clang / -march=native -mtune=native -O3 +; time needed: 15046 ms on 1500 evaluations. +; Time spent for assembling and measuring (initial batch_size=399, initial num_batches=31): 1392 ms +; number of used evaluations: 1500 +; Ratio (time for assembling + measure)/(total runtime for 1500 evals): 0.09251628339758075 +; number reverted permutation / tried permutation: 618 / 782 =79.028% +; number reverted decision / tried decision: 515 / 717 =71.827% +; validated in 0.511s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed4165422984695448_ratio09805.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed4165422984695448_ratio09805.asm deleted file mode 100644 index ca02b60633..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed4165422984695448_ratio09805.asm +++ /dev/null @@ -1,181 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rax, [ rsi + 0x0 ] -mov r10, rax -shl r10, 0x1 -mov rdx, [ rsi + 0x18 ] -mulx r11, rax, rdx -mov rdx, 0x1 -shlx rcx, [ rsi + 0x18 ], rdx -mov rdx, [ rsi + 0x18 ] -mulx r9, r8, r10 -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x80 ], rbx -mov [ rsp - 0x78 ], rbp -mulx rbp, rbx, r10 -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x70 ], r12 -lea r12, [rdx + rdx] -mov rdx, r12 -mov [ rsp - 0x68 ], r13 -mulx r13, r12, [ rsi + 0x18 ] -mov [ rsp - 0x60 ], r14 -mov [ rsp - 0x58 ], r15 -mulx r15, r14, [ rsi + 0x20 ] -xor rdx, rdx -adox rax, r14 -adox r15, r11 -mov rdx, [ rsi + 0x20 ] -mulx r14, r11, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x50 ], rdi -lea rdi, [rdx + rdx] -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x48 ], rbp -mov [ rsp - 0x40 ], rbx -mulx rbx, rbp, rcx -mov rdx, 0xfffffffffffff -mov rcx, r11 -and rcx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x38 ], rbx -mov [ rsp - 0x30 ], rbp -mulx rbp, rbx, rdi -mov rdx, 0x1000003d10 -mov [ rsp - 0x28 ], r15 -mov [ rsp - 0x20 ], rax -mulx rax, r15, rcx -adox rbx, r8 -adox r9, rbp -mov rdx, rdi -mulx r8, rdi, [ rsi + 0x20 ] -adcx r12, rdi -adcx r8, r13 -shrd r11, r14, 52 -mulx r14, r13, [ rsi + 0x18 ] -mov rdx, 0x1000003d10 -mulx rbp, rcx, r11 -xor rdi, rdi -adox r15, rbx -adox r9, rax -mov rdx, [ rsi + 0x10 ] -mulx rbx, rax, rdx -mov rdx, r10 -mulx r11, r10, [ rsi + 0x20 ] -adcx rax, r13 -adcx r14, rbx -mov r13, r15 -shrd r13, r9, 52 -xor r9, r9 -adox rax, r10 -adox r11, r14 -adcx r13, rax -adc r11, 0x0 -xor rdi, rdi -adox rcx, r13 -adox r11, rbp -mov r9, rcx -shrd r9, r11, 52 -mov rbp, 0xfffffffffffff -and r15, rbp -and rcx, rbp -adox r9, r12 -adox r8, rdi -mov r12, rcx -shr r12, 48 -mov rbx, 0xffffffffffff -and rcx, rbx -mov r10, r9 -and r10, rbp -shl r10, 4 -lea r10, [ r10 + r12 ] -mulx rax, r14, [ rsi + 0x10 ] -shrd r9, r8, 52 -add r9, [ rsp - 0x20 ] -mov rdx, [ rsp - 0x28 ] -adc rdx, 0x0 -mov r13, r9 -and r13, rbp -shrd r9, rdx, 52 -mov rdx, [ rsi + 0x8 ] -mulx r8, r11, rdx -xor rdx, rdx -adox r9, [ rsp - 0x30 ] -mov rdi, [ rsp - 0x38 ] -adox rdi, rdx -mov r12, r9 -shrd r12, rdi, 52 -test al, al -adox r11, r14 -adox rax, r8 -mov r14, 0x1000003d10 -mov rdx, r12 -mulx r8, r12, r14 -mov rdx, [ rsi + 0x0 ] -mulx rbx, rdi, rdx -mov rdx, 0x1000003d1 -mulx rbp, r14, r10 -adcx r14, rdi -adcx rbx, rbp -mov r10, r14 -shrd r10, rbx, 52 -test al, al -adox r10, [ rsp - 0x40 ] -mov rdi, [ rsp - 0x48 ] -mov rbp, 0x0 -adox rdi, rbp -mov rbx, 0x1000003d10 -mov rdx, r13 -mulx rbp, r13, rbx -adcx r13, r10 -adcx rdi, rbp -mov rdx, 0x34 -bzhi r10, r13, rdx -shrd r13, rdi, 52 -bzhi rbp, r14, rdx -bzhi r14, r9, rdx -adox r13, r11 -mov r9, 0x0 -adox rax, r9 -mov rdx, rbx -mulx r11, rbx, r14 -xor rdi, rdi -adox rbx, r13 -adox rax, r11 -mov r9, rbx -shrd r9, rax, 52 -lea r15, [ r15 + r9 ] -test al, al -adox r12, r15 -adox r8, rdi -mov r14, r12 -shrd r14, r8, 52 -lea rcx, [ rcx + r14 ] -mov r13, 0xfffffffffffff -and rbx, r13 -mov r11, [ rsp - 0x50 ] -mov [ r11 + 0x10 ], rbx -and r12, r13 -mov [ r11 + 0x18 ], r12 -mov [ r11 + 0x0 ], rbp -mov [ r11 + 0x8 ], r10 -mov [ r11 + 0x20 ], rcx -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 9 5950X 16-Core Processor -; ratio 0.9805 -; seed 4165422984695448 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 5971 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=270, initial num_batches=31): 504 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.08440797186400938 -; number reverted permutation / tried permutation: 413 / 500 =82.600% -; number reverted decision / tried decision: 314 / 499 =62.926% -; validated in 0.271s diff --git a/fiat-amd64/fiat_secp256k1_dettman_square/seed4430124589542693_ratio09814.asm b/fiat-amd64/fiat_secp256k1_dettman_square/seed4430124589542693_ratio09814.asm deleted file mode 100644 index c8ee5ffbe7..0000000000 --- a/fiat-amd64/fiat_secp256k1_dettman_square/seed4430124589542693_ratio09814.asm +++ /dev/null @@ -1,183 +0,0 @@ -SECTION .text - GLOBAL fiat_secp256k1_dettman_square -fiat_secp256k1_dettman_square: -mov rdx, [ rsi + 0x18 ] -mulx r10, rax, rdx -mov r11, [ rsi + 0x18 ] -lea rdx, [r11 + r11] -mov r11, 0x1 -shlx rcx, [ rsi + 0x8 ], r11 -mov r8, [ rsi + 0x0 ] -lea r9, [r8 + r8] -mov r8, rdx -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x80 ], rbx -mulx rbx, r11, rdx -mov rdx, 0x34 -mov [ rsp - 0x78 ], rbp -bzhi rbp, r11, rdx -mov rdx, r9 -mov [ rsp - 0x70 ], r12 -mulx r12, r9, [ rsi + 0x18 ] -xchg rdx, rcx -mov [ rsp - 0x68 ], r13 -mov [ rsp - 0x60 ], r14 -mulx r14, r13, [ rsi + 0x20 ] -shrd r11, rbx, 52 -mov rbx, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x58 ], r15 -mov [ rsp - 0x50 ], rdi -mulx rdi, r15, rdx -mov rdx, [ rsi + 0x10 ] -mov [ rsp - 0x48 ], r8 -mov r8, rdx -shl r8, 0x1 -mov rdx, [ rsi + 0x20 ] -mov [ rsp - 0x40 ], r11 -mov [ rsp - 0x38 ], r12 -mulx r12, r11, r8 -mov rdx, r8 -mov [ rsp - 0x30 ], r9 -mulx r9, r8, [ rsi + 0x18 ] -add r8, r13 -adcx r14, r9 -test al, al -adox rax, r11 -adox r12, r10 -mov rdx, [ rsi + 0x18 ] -mulx r13, r10, rbx -adcx r15, r10 -adcx r13, rdi -mov rdx, 0x1000003d10 -mulx r11, rdi, rbp -mov rdx, [ rsi + 0x10 ] -mulx r9, rbp, rbx -add rbp, [ rsp - 0x30 ] -adcx r9, [ rsp - 0x38 ] -test al, al -adox rdi, rbp -adox r9, r11 -mov rdx, rdi -shrd rdx, r9, 52 -mov rbx, rdx -mov rdx, [ rsi + 0x10 ] -mulx r11, r10, rcx -mov rdx, 0xfffffffffffff -and rdi, rdx -mov rdx, rcx -mulx rbp, rcx, [ rsi + 0x20 ] -mov r9, rdx -mov rdx, [ rsi + 0x8 ] -mov [ rsp - 0x28 ], rdi -mov [ rsp - 0x20 ], r11 -mulx r11, rdi, rdx -adox r15, rcx -adox rbp, r13 -adcx rbx, r15 -adc rbp, 0x0 -mov rdx, 0x1000003d10 -mulx rcx, r13, [ rsp - 0x40 ] -test al, al -adox r13, rbx -adox rbp, rcx -mov r15, r13 -shrd r15, rbp, 52 -mov rbx, 0x34 -bzhi rcx, r13, rbx -mov r13, rcx -shr r13, 48 -xor rbp, rbp -adox r15, r8 -adox r14, rbp -bzhi r8, r15, rbx -shl r8, 4 -lea r8, [ r8 + r13 ] -shrd r15, r14, 52 -mov r13, 0x1000003d1 -mov rdx, r13 -mulx r14, r13, r8 -xor r8, r8 -adox r15, rax -adox r12, r8 -mov rdx, [ rsp - 0x48 ] -mulx rax, rbp, [ rsi + 0x20 ] -bzhi rdx, r15, rbx -shrd r15, r12, 52 -add r15, rbp -adc rax, 0x0 -mov r12, rdx -mov rdx, [ rsi + 0x0 ] -mulx r8, rbp, rdx -bzhi rdx, r15, rbx -adox r13, rbp -adox r8, r14 -shrd r15, rax, 52 -mov r14, 0x1000003d10 -mulx rbp, rax, r14 -mov rdx, r14 -mulx rbx, r14, r15 -mov r15, 0xfffffffffffff -mov rdx, r13 -and rdx, r15 -adox rdi, r10 -adox r11, [ rsp - 0x20 ] -shrd r13, r8, 52 -mov r10, rdx -mov rdx, [ rsi + 0x8 ] -mulx r15, r8, r9 -xor rdx, rdx -adox r13, r8 -adox r15, rdx -mov r9, 0x1000003d10 -mov rdx, r9 -mulx r8, r9, r12 -adcx r9, r13 -adcx r15, r8 -mov r12, [ rsp - 0x50 ] -mov [ r12 + 0x0 ], r10 -mov r10, r9 -shrd r10, r15, 52 -add r10, rdi -adc r11, 0x0 -test al, al -adox rax, r10 -adox r11, rbp -mov rbp, rax -shrd rbp, r11, 52 -mov rdi, 0xfffffffffffff -and r9, rdi -mov [ r12 + 0x8 ], r9 -add rbp, [ rsp - 0x28 ] -test al, al -adox r14, rbp -mov r13, 0x0 -adox rbx, r13 -mov r8, 0x30 -bzhi r15, rcx, r8 -mov rcx, r14 -and rcx, rdi -mov [ r12 + 0x18 ], rcx -shrd r14, rbx, 52 -lea r15, [ r15 + r14 ] -and rax, rdi -mov [ r12 + 0x20 ], r15 -mov [ r12 + 0x10 ], rax -mov rbx, [ rsp - 0x80 ] -mov rbp, [ rsp - 0x78 ] -mov r12, [ rsp - 0x70 ] -mov r13, [ rsp - 0x68 ] -mov r14, [ rsp - 0x60 ] -mov r15, [ rsp - 0x58 ] -ret -; cpu AMD Ryzen 7 5800X 8-Core Processor -; ratio 0.9814 -; seed 4430124589542693 -; CC / CFLAGS clang / -march=native -mtune=native -O3 -; time needed: 5806 ms on 1000 evaluations. -; Time spent for assembling and measuring (initial batch_size=244, initial num_batches=31): 484 ms -; number of used evaluations: 1000 -; Ratio (time for assembling + measure)/(total runtime for 1000 evals): 0.08336203926972098 -; number reverted permutation / tried permutation: 406 / 498 =81.526% -; number reverted decision / tried decision: 330 / 501 =65.868% -; validated in 0.268s From 4f7cb6817df469aa703c2766dea33e7b795e918b Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Thu, 4 May 2023 02:22:22 -0400 Subject: [PATCH 16/27] rewrote the rewriting rule. generated C code is unchanged. --- src/Rewriter/Rules.v | 7 +++++-- src/Rewriter/RulesProofs.v | 11 ++++++++--- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index 5046493f76..c25485cebb 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -335,8 +335,11 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) ; (forall rland rm1 rv v, - (rv <= rland)%zrange -> -1 ∈ rm1 - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rv v) + (rv <= r[rland.(lower) ~> rland.(upper) - 1])%zrange + -> (rland.(upper) - 1) ∈ rm1 + -> (rland.(upper) = 2^Z.log2 rland.(upper)) + -> (0 <= rland.(lower)) + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('(rland.(upper) - 1)))) = cstZ rv v) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rm1 ('-1)) (cstZ rv v)) = cstZ rv v) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index 1b5f5db1f2..a82d6188b7 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -567,10 +567,15 @@ Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) : PrimitiveHList.hlist (@snd bool Prop) (arith_with_casts_rewrite_rulesT adc_no_carry_to_add). Proof using Type. start_proof; auto; intros; try lia. - all: repeat interp_good_t_step_related. - all: repeat interp_good_t_step_arith. + all: repeat interp_good_t_step_related. + all: repeat interp_good_t_step_arith. Search (_ mod _). all: remove_casts; try fin_with_nia. - all: try (reflect_hyps; lia). + all: try (reflect_hyps; lia). rewrite Z.mod_small. + apply ident.cast_in_bounds. unfold is_bounded_by_bool. rewrite Bool.andb_true_iff. + split. apply Zle_imp_le_bool. cbv [is_tighter_than_bool] in H. simpl in H. + cbv [is_bounded_by_bool] in H3. simpl in H3. lia. cbv [is_bounded_by_bool] in H4. simpl in H4. + lia. cbv [is_bounded_by_bool] in H3. simpl in H3. cbv [is_bounded_by_bool] in H4. simpl in H4. + lia. Qed. Lemma strip_literal_casts_rewrite_rules_proofs From 19cdc419cb5b9363abacab8ab6009ea9db9e5b5f Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Fri, 5 May 2023 14:46:52 -0400 Subject: [PATCH 17/27] trying new version of rewrite rule --- src/Rewriter/Rules.v | 11 +++++----- src/Rewriter/RulesProofs.v | 44 ++++++++++++++++++++++++++++++-------- 2 files changed, 41 insertions(+), 14 deletions(-) diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index c25485cebb..c95789f0cf 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -335,11 +335,12 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) ; (forall rland rm1 rv v, - (rv <= r[rland.(lower) ~> rland.(upper) - 1])%zrange - -> (rland.(upper) - 1) ∈ rm1 - -> (rland.(upper) = 2^Z.log2 rland.(upper)) - -> (0 <= rland.(lower)) - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('(rland.(upper) - 1)))) = cstZ rv v) + (rland <= rv)%zrange + -> rland.(upper) ∈ rm1 + -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) + -> (0 = rland.(lower)) + -> v ∈ rv + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rm1 ('-1)) (cstZ rv v)) = cstZ rv v) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index a82d6188b7..e7fad74508 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -273,6 +273,7 @@ Local Ltac interp_good_t_step_arith := | H : is_bounded_by_bool _ _ = true |- _ => apply unfold_is_bounded_by_bool in H; cbn [upper lower] in H + (*| H : _ |- _ => fail*) end; try apply Z.lt_succ_r; eauto using Z.log2_le_mono with lia) @@ -547,7 +548,7 @@ Local Ltac do_clear_nia x y r H H' := => let H0 := find_H x0 in let H1 := find_H x1 in let m0 := lazymatch type of H0 with 0 <= _ <= ?m => m end in - let m1 := lazymatch type of H1 with 0 <= _ <= ?m => m end in + let m1 := lazymatch type of H1 with 0 <= _ <= ?m => m end in let H := fresh in let __ := lazymatch goal with | _ => assert (H : -m1 <= x <= m0) by (clear -H0 H1; lia) @@ -567,15 +568,40 @@ Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) : PrimitiveHList.hlist (@snd bool Prop) (arith_with_casts_rewrite_rulesT adc_no_carry_to_add). Proof using Type. start_proof; auto; intros; try lia. - all: repeat interp_good_t_step_related. - all: repeat interp_good_t_step_arith. Search (_ mod _). + all: repeat interp_good_t_step_related. + 11: { interp_good_t_step_arith. interp_good_t_step_arith. interp_good_t_step_arith. + rewrite Z.land_ones. + - Check ident.cast_out_of_bounds_simple_0_mod. + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + + rewrite <- ident.cast_out_of_bounds_simple_0_mod. + -- destruct rland. simpl in H2. subst. apply ident.cast_idempotent. + -- rewrite H1. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. + + remember (Z.log2 _) as x. rewrite H1. subst. rewrite Z.ones_equiv. lia. + - remember (Z.log2_nonneg (upper rland)). lia. + } + (*cbv [Z.succ]. Check Z.ones_equiv. rewrite <- ident.cast_out_of_bounds_simple_0_mod. + Search (Z.ones (Z.succ _)). rewrite Z.ones_equiv. + rewrite Z.land_ones. + - + all: repeat interp_good_t_step_arith. + Search (Z.land _ (Z.ones _)). rewrite Z.land_ones. + + Search (ident.cast _ _ = _ mod _). cbv [Z.succ]. replace (2^(Z.log2 (upper rland) + 1)) with ((upper rland) + 1). + -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. + ++ Search (ident.cast _ (ident.cast _ _)). + replace r[0~>upper rland]%zrange with rland. + --- rewrite ident.cast_idempotent. rep apply ident.cast_idempotent. + --- reflect_hyps. destruct rland. simpl in *. subst. reflexivity. + ++ reflect_hyps. simpl in *. Search (0 <= Z.ones _). rewrite H1. + apply Ones.Z.ones_nonneg. Search (0 <= Z.log2 _). remember (Z.log2_nonneg (upper rland)). lia. + -- remember (Z.log2 _) as x. rewrite H1. subst. Search Z.ones. rewrite Z.ones_equiv. cbv [Z.succ Z.pred]. lia. + + remember (Z.log2_nonneg (upper rland)). lia. + - Check Ones.Z.ones_succ. remember (Ones.Z.ones_nonneg (Z.succ (Z.l lia. + interp_good_t_step_arith. + all: repeat interp_good_t_step_arith. assert (is_bounded_by_bool v rland = true). + { reflect_hyps. cbv [is_bounded_by_bool]. lia. } Search is_tighter_than_bool. reflect_hyps.*) + all: repeat interp_good_t_step_arith. all: remove_casts; try fin_with_nia. - all: try (reflect_hyps; lia). rewrite Z.mod_small. - apply ident.cast_in_bounds. unfold is_bounded_by_bool. rewrite Bool.andb_true_iff. - split. apply Zle_imp_le_bool. cbv [is_tighter_than_bool] in H. simpl in H. - cbv [is_bounded_by_bool] in H3. simpl in H3. lia. cbv [is_bounded_by_bool] in H4. simpl in H4. - lia. cbv [is_bounded_by_bool] in H3. simpl in H3. cbv [is_bounded_by_bool] in H4. simpl in H4. - lia. + all: try (reflect_hyps; lia). Qed. Lemma strip_literal_casts_rewrite_rules_proofs From 43f2f3de0f33509e420f38f96bb6f9bc66f65b28 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Fri, 5 May 2023 19:33:46 -0400 Subject: [PATCH 18/27] tried out another draft of the rewrite rule. this one successfully eliminated the unnecessary 64-bit mask, but it also caused weird stuff to happen and killed off a bunch of 52-bit masks. Where'd they go? idk. --- fiat-c/src/secp256k1_dettman_64.c | 184 +++++++----------- .../DettmanMultiplication.v | 9 +- src/Rewriter/Rules.v | 12 +- src/Rewriter/RulesProofs.v | 15 +- 4 files changed, 91 insertions(+), 129 deletions(-) diff --git a/fiat-c/src/secp256k1_dettman_64.c b/fiat-c/src/secp256k1_dettman_64.c index 8e25f88b06..e38a2e6d36 100644 --- a/fiat-c/src/secp256k1_dettman_64.c +++ b/fiat-c/src/secp256k1_dettman_64.c @@ -38,80 +38,58 @@ FIAT_SECP256K1_DETTMAN_FIAT_EXTENSION typedef unsigned __int128 fiat_secp256k1_d * arg1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * arg2: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * Output Bounds: - * out1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x17fffffffffff]] + * out1: Some [None, None, None, None, None] */ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64_t out1[5], const uint64_t arg1[5], const uint64_t arg2[5]) { fiat_secp256k1_dettman_uint128 x1; uint64_t x2; - uint64_t x3; - fiat_secp256k1_dettman_uint128 x4; - uint64_t x5; + fiat_secp256k1_dettman_uint128 x3; + uint64_t x4; + fiat_secp256k1_dettman_uint128 x5; uint64_t x6; - fiat_secp256k1_dettman_uint128 x7; - uint64_t x8; + fiat_secp256k1_dettman_uint4 x7; + fiat_secp256k1_dettman_uint128 x8; uint64_t x9; - uint64_t x10; + fiat_secp256k1_dettman_uint128 x10; uint64_t x11; fiat_secp256k1_dettman_uint128 x12; uint64_t x13; - uint64_t x14; - fiat_secp256k1_dettman_uint128 x15; - uint64_t x16; + fiat_secp256k1_dettman_uint128 x14; + uint64_t x15; + fiat_secp256k1_dettman_uint128 x16; uint64_t x17; fiat_secp256k1_dettman_uint128 x18; uint64_t x19; - uint64_t x20; - fiat_secp256k1_dettman_uint128 x21; + fiat_secp256k1_dettman_uint128 x20; + uint64_t x21; uint64_t x22; - uint64_t x23; - fiat_secp256k1_dettman_uint128 x24; - uint64_t x25; - uint64_t x26; - fiat_secp256k1_dettman_uint128 x27; - uint64_t x28; - uint64_t x29; - fiat_secp256k1_dettman_uint128 x30; - uint64_t x31; - uint64_t x32; - uint64_t x33; x1 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[4])); x2 = (uint64_t)(x1 >> 64); - x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x4 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)x3 * UINT64_C(0x1000003d10))); - x5 = (uint64_t)(x4 >> 52); - x6 = (uint64_t)(x4 & UINT64_C(0xfffffffffffff)); - x7 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x5) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); - x8 = (uint64_t)(x7 >> 52); - x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); - x10 = (x9 >> 48); - x11 = (x9 & UINT64_C(0xffffffffffff)); - x12 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x8); + x3 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x1 * UINT64_C(0x1000003d10))); + x4 = (uint64_t)(x3 >> 52); + x5 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x4) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); + x6 = (uint64_t)(x5 >> 52); + x7 = (fiat_secp256k1_dettman_uint4)((uint64_t)x5 >> 48); + x8 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x6); + x9 = (uint64_t)(x8 >> 52); + x10 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)(((uint64_t)x8 << 4) + (uint64_t)x7) * UINT64_C(0x1000003d1))); + x11 = (uint64_t)(x10 >> 52); + x12 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x9); x13 = (uint64_t)(x12 >> 52); - x14 = (uint64_t)(x12 & UINT64_C(0xfffffffffffff)); - x15 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x14 << 4) + x10) * UINT64_C(0x1000003d1))); - x16 = (uint64_t)(x15 >> 52); - x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); - x18 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x13); + x14 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x11) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x12 * UINT64_C(0x1000003d10))); + x15 = (uint64_t)(x14 >> 52); + x16 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x13); + x17 = (uint64_t)(x16 >> 64); + x18 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x15) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x16 * UINT64_C(0x1000003d10))); x19 = (uint64_t)(x18 >> 52); - x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); - x21 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x16) + ((fiat_secp256k1_dettman_uint128)x20 * UINT64_C(0x1000003d10))); - x22 = (uint64_t)(x21 >> 52); - x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); - x24 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x19); - x25 = (uint64_t)(x24 >> 64); - x26 = (uint64_t)(x24 & UINT64_C(0xffffffffffffffff)); - x27 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x22) + ((fiat_secp256k1_dettman_uint128)x26 * UINT64_C(0x1000003d10))); - x28 = (uint64_t)(x27 >> 52); - x29 = (uint64_t)(x27 & UINT64_C(0xfffffffffffff)); - x30 = ((x6 + x28) + ((fiat_secp256k1_dettman_uint128)x25 * UINT64_C(0x1000003d10000))); - x31 = (uint64_t)(x30 >> 52); - x32 = (uint64_t)(x30 & UINT64_C(0xfffffffffffff)); - x33 = (x11 + x31); - out1[0] = x17; - out1[1] = x23; - out1[2] = x29; - out1[3] = x32; - out1[4] = x33; + x20 = (((uint64_t)x3 + x19) + ((fiat_secp256k1_dettman_uint128)x17 * UINT64_C(0x1000003d10000))); + x21 = (uint64_t)(x20 >> 52); + x22 = ((uint64_t)x5 + x21); + out1[0] = (uint64_t)x10; + out1[1] = (uint64_t)x14; + out1[2] = (uint64_t)x18; + out1[3] = (uint64_t)x20; + out1[4] = x22; } /* @@ -123,7 +101,7 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 * Input Bounds: * arg1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * Output Bounds: - * out1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x17fffffffffff]] + * out1: Some [None, None, None, None, None] */ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uint64_t out1[5], const uint64_t arg1[5]) { uint64_t x1; @@ -132,77 +110,55 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin uint64_t x4; fiat_secp256k1_dettman_uint128 x5; uint64_t x6; - uint64_t x7; - fiat_secp256k1_dettman_uint128 x8; - uint64_t x9; + fiat_secp256k1_dettman_uint128 x7; + uint64_t x8; + fiat_secp256k1_dettman_uint128 x9; uint64_t x10; - fiat_secp256k1_dettman_uint128 x11; - uint64_t x12; + fiat_secp256k1_dettman_uint4 x11; + fiat_secp256k1_dettman_uint128 x12; uint64_t x13; - uint64_t x14; + fiat_secp256k1_dettman_uint128 x14; uint64_t x15; fiat_secp256k1_dettman_uint128 x16; uint64_t x17; - uint64_t x18; - fiat_secp256k1_dettman_uint128 x19; - uint64_t x20; + fiat_secp256k1_dettman_uint128 x18; + uint64_t x19; + fiat_secp256k1_dettman_uint128 x20; uint64_t x21; fiat_secp256k1_dettman_uint128 x22; uint64_t x23; - uint64_t x24; - fiat_secp256k1_dettman_uint128 x25; + fiat_secp256k1_dettman_uint128 x24; + uint64_t x25; uint64_t x26; - uint64_t x27; - fiat_secp256k1_dettman_uint128 x28; - uint64_t x29; - uint64_t x30; - fiat_secp256k1_dettman_uint128 x31; - uint64_t x32; - uint64_t x33; - fiat_secp256k1_dettman_uint128 x34; - uint64_t x35; - uint64_t x36; - uint64_t x37; x1 = ((arg1[3]) * 0x2); x2 = ((arg1[2]) * 0x2); x3 = ((arg1[1]) * 0x2); x4 = ((arg1[0]) * 0x2); x5 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg1[4])); x6 = (uint64_t)(x5 >> 64); - x7 = (uint64_t)(x5 & UINT64_C(0xffffffffffffffff)); - x8 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)x7 * UINT64_C(0x1000003d10))); - x9 = (uint64_t)(x8 >> 52); - x10 = (uint64_t)(x8 & UINT64_C(0xfffffffffffff)); - x11 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x9) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); - x12 = (uint64_t)(x11 >> 52); - x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); - x14 = (x13 >> 48); - x15 = (x13 & UINT64_C(0xffffffffffff)); - x16 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x12); + x7 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x5 * UINT64_C(0x1000003d10))); + x8 = (uint64_t)(x7 >> 52); + x9 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x8) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); + x10 = (uint64_t)(x9 >> 52); + x11 = (fiat_secp256k1_dettman_uint4)((uint64_t)x9 >> 48); + x12 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x10); + x13 = (uint64_t)(x12 >> 52); + x14 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)(((uint64_t)x12 << 4) + (uint64_t)x11) * UINT64_C(0x1000003d1))); + x15 = (uint64_t)(x14 >> 52); + x16 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x13); x17 = (uint64_t)(x16 >> 52); - x18 = (uint64_t)(x16 & UINT64_C(0xfffffffffffff)); - x19 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x18 << 4) + x14) * UINT64_C(0x1000003d1))); - x20 = (uint64_t)(x19 >> 52); - x21 = (uint64_t)(x19 & UINT64_C(0xfffffffffffff)); - x22 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x17); + x18 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x15) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x16 * UINT64_C(0x1000003d10))); + x19 = (uint64_t)(x18 >> 52); + x20 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x17); + x21 = (uint64_t)(x20 >> 64); + x22 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x19) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x20 * UINT64_C(0x1000003d10))); x23 = (uint64_t)(x22 >> 52); - x24 = (uint64_t)(x22 & UINT64_C(0xfffffffffffff)); - x25 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x20) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10))); - x26 = (uint64_t)(x25 >> 52); - x27 = (uint64_t)(x25 & UINT64_C(0xfffffffffffff)); - x28 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x23); - x29 = (uint64_t)(x28 >> 64); - x30 = (uint64_t)(x28 & UINT64_C(0xffffffffffffffff)); - x31 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x26) + ((fiat_secp256k1_dettman_uint128)x30 * UINT64_C(0x1000003d10))); - x32 = (uint64_t)(x31 >> 52); - x33 = (uint64_t)(x31 & UINT64_C(0xfffffffffffff)); - x34 = ((x10 + x32) + ((fiat_secp256k1_dettman_uint128)x29 * UINT64_C(0x1000003d10000))); - x35 = (uint64_t)(x34 >> 52); - x36 = (uint64_t)(x34 & UINT64_C(0xfffffffffffff)); - x37 = (x15 + x35); - out1[0] = x21; - out1[1] = x27; - out1[2] = x33; - out1[3] = x36; - out1[4] = x37; + x24 = (((uint64_t)x7 + x23) + ((fiat_secp256k1_dettman_uint128)x21 * UINT64_C(0x1000003d10000))); + x25 = (uint64_t)(x24 >> 52); + x26 = ((uint64_t)x9 + x25); + out1[0] = (uint64_t)x14; + out1[1] = (uint64_t)x18; + out1[2] = (uint64_t)x22; + out1[3] = (uint64_t)x24; + out1[4] = x26; } diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index 08a4e0b382..e6505e31ee 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -104,10 +104,15 @@ Section __. Definition input_bounds : list (ZRange.type.option.interp base.type.Z) := fold_left (fun l i => Some r[0 ~> Qceiling (2 * input_magnitude * ((weightf (i + 1) / weightf i) - 1))]%zrange :: l) (seq 0 (n - 1)) [] ++ [Some r[0 ~> Qceiling (2 * input_magnitude * (2^last_limb_width - 1))]%zrange]. - Definition output_bounds : list (ZRange.type.option.interp base.type.Z) + (*Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := fold_left (fun l i => Some r[0 ~> Qceiling (2 * output_magnitude_first_limbs * ((weightf (i + 1) / weightf i) - 1))]%zrange :: l) (seq 0 (n - 1)) [] ++ [Some r[0 ~> Qceiling (2 * output_magnitude_last_limb * (2^last_limb_width - 1))]%zrange]. - + *) + Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := + match inbounds_multiplier with + | Some _ => [None; None; None; None; None] + | None => [None; None; None; None; None] + end. Local Existing Instance default_translate_to_fancy. Local Instance no_select_size : no_select_size_opt := no_select_size_of_no_select machine_wordsize. Local Instance split_mul_to : split_mul_to_opt := split_mul_to_of_should_split_mul machine_wordsize possible_values. diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index c95789f0cf..266887f303 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -335,12 +335,16 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) ; (forall rland rm1 rv v, - (rland <= rv)%zrange - -> rland.(upper) ∈ rm1 + rland.(upper) ∈ rm1 -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) -> (0 = rland.(lower)) - -> v ∈ rv - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland (cstZ rv v)) + ; (forall rland rm1 rv v, + (rv <= rland)%zrange -> -1 ∈ rm1 + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rv v) + (*; (forall rland rm1 rv v, + (rm1 <= rland)%zrange -> -1 ∈ rm1 + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rland (cstZ rv v))*) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rm1 ('-1)) (cstZ rv v)) = cstZ rv v) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index e7fad74508..d2227e35e7 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -569,16 +569,13 @@ Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) Proof using Type. start_proof; auto; intros; try lia. all: repeat interp_good_t_step_related. - 11: { interp_good_t_step_arith. interp_good_t_step_arith. interp_good_t_step_arith. - rewrite Z.land_ones. - - Check ident.cast_out_of_bounds_simple_0_mod. - replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + 11: { interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + - replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + rewrite <- ident.cast_out_of_bounds_simple_0_mod. - -- destruct rland. simpl in H2. subst. apply ident.cast_idempotent. - -- rewrite H1. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. - + remember (Z.log2 _) as x. rewrite H1. subst. rewrite Z.ones_equiv. lia. - - remember (Z.log2_nonneg (upper rland)). lia. - } + -- destruct rland. simpl in H1. subst. apply ident.cast_idempotent. + -- rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. + + remember (Z.log2 _) as x. rewrite H0. subst. rewrite Z.ones_equiv. lia. + - remember (Z.log2_nonneg (upper rland)). lia. } (*cbv [Z.succ]. Check Z.ones_equiv. rewrite <- ident.cast_out_of_bounds_simple_0_mod. Search (Z.ones (Z.succ _)). rewrite Z.ones_equiv. rewrite Z.land_ones. From 21441958b773f7313e5cf74054aaed9c5e9da5cf Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Mon, 15 May 2023 17:07:17 -0400 Subject: [PATCH 19/27] new version of rewrite rule (without the double cast) --- fiat-c/src/secp256k1_dettman_64.c | 172 ++++++++++++++++++------------ src/BoundsPipeline.v | 1 + src/Rewriter/Rules.v | 10 +- src/Rewriter/RulesProofs.v | 36 +++++-- 4 files changed, 139 insertions(+), 80 deletions(-) diff --git a/fiat-c/src/secp256k1_dettman_64.c b/fiat-c/src/secp256k1_dettman_64.c index e38a2e6d36..2964c2c940 100644 --- a/fiat-c/src/secp256k1_dettman_64.c +++ b/fiat-c/src/secp256k1_dettman_64.c @@ -43,53 +43,69 @@ FIAT_SECP256K1_DETTMAN_FIAT_EXTENSION typedef unsigned __int128 fiat_secp256k1_d static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64_t out1[5], const uint64_t arg1[5], const uint64_t arg2[5]) { fiat_secp256k1_dettman_uint128 x1; uint64_t x2; - fiat_secp256k1_dettman_uint128 x3; - uint64_t x4; - fiat_secp256k1_dettman_uint128 x5; + uint64_t x3; + fiat_secp256k1_dettman_uint128 x4; + uint64_t x5; uint64_t x6; - fiat_secp256k1_dettman_uint4 x7; - fiat_secp256k1_dettman_uint128 x8; + fiat_secp256k1_dettman_uint128 x7; + uint64_t x8; uint64_t x9; - fiat_secp256k1_dettman_uint128 x10; - uint64_t x11; - fiat_secp256k1_dettman_uint128 x12; + uint64_t x10; + fiat_secp256k1_dettman_uint128 x11; + uint64_t x12; uint64_t x13; fiat_secp256k1_dettman_uint128 x14; uint64_t x15; - fiat_secp256k1_dettman_uint128 x16; - uint64_t x17; - fiat_secp256k1_dettman_uint128 x18; + uint64_t x16; + fiat_secp256k1_dettman_uint128 x17; + uint64_t x18; uint64_t x19; fiat_secp256k1_dettman_uint128 x20; uint64_t x21; - uint64_t x22; + fiat_secp256k1_dettman_uint128 x22; + uint64_t x23; + uint64_t x24; + fiat_secp256k1_dettman_uint128 x25; + uint64_t x26; + fiat_secp256k1_dettman_uint128 x27; + uint64_t x28; + uint64_t x29; + uint64_t x30; x1 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[4])); x2 = (uint64_t)(x1 >> 64); - x3 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x1 * UINT64_C(0x1000003d10))); - x4 = (uint64_t)(x3 >> 52); - x5 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x4) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); - x6 = (uint64_t)(x5 >> 52); - x7 = (fiat_secp256k1_dettman_uint4)((uint64_t)x5 >> 48); - x8 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x6); - x9 = (uint64_t)(x8 >> 52); - x10 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)(((uint64_t)x8 << 4) + (uint64_t)x7) * UINT64_C(0x1000003d1))); - x11 = (uint64_t)(x10 >> 52); - x12 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x9); - x13 = (uint64_t)(x12 >> 52); - x14 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x11) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x12 * UINT64_C(0x1000003d10))); + x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); + x4 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)x3 * UINT64_C(0x1000003d10))); + x5 = (uint64_t)(x4 >> 52); + x6 = (uint64_t)(x4 & UINT64_C(0xfffffffffffff)); + x7 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x5) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); + x8 = (uint64_t)(x7 >> 52); + x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); + x10 = (x9 >> 48); + x11 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x8); + x12 = (uint64_t)(x11 >> 52); + x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); + x14 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x13 << 4) + x10) * UINT64_C(0x1000003d1))); x15 = (uint64_t)(x14 >> 52); - x16 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x13); - x17 = (uint64_t)(x16 >> 64); - x18 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x15) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x16 * UINT64_C(0x1000003d10))); - x19 = (uint64_t)(x18 >> 52); - x20 = (((uint64_t)x3 + x19) + ((fiat_secp256k1_dettman_uint128)x17 * UINT64_C(0x1000003d10000))); + x16 = (uint64_t)(x14 & UINT64_C(0xfffffffffffff)); + x17 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x12); + x18 = (uint64_t)(x17 >> 52); + x19 = (uint64_t)(x17 & UINT64_C(0xfffffffffffff)); + x20 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x15) + ((fiat_secp256k1_dettman_uint128)x19 * UINT64_C(0x1000003d10))); x21 = (uint64_t)(x20 >> 52); - x22 = ((uint64_t)x5 + x21); - out1[0] = (uint64_t)x10; - out1[1] = (uint64_t)x14; - out1[2] = (uint64_t)x18; - out1[3] = (uint64_t)x20; - out1[4] = x22; + x22 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x18); + x23 = (uint64_t)(x22 >> 64); + x24 = (uint64_t)(x22 & UINT64_C(0xffffffffffffffff)); + x25 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x21) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10))); + x26 = (uint64_t)(x25 >> 52); + x27 = ((x6 + x26) + ((fiat_secp256k1_dettman_uint128)x23 * UINT64_C(0x1000003d10000))); + x28 = (uint64_t)(x27 >> 52); + x29 = (uint64_t)(x27 & UINT64_C(0xfffffffffffff)); + x30 = (x9 + x28); + out1[0] = x16; + out1[1] = (uint64_t)x20; + out1[2] = (uint64_t)x25; + out1[3] = x29; + out1[4] = x30; } /* @@ -110,55 +126,71 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin uint64_t x4; fiat_secp256k1_dettman_uint128 x5; uint64_t x6; - fiat_secp256k1_dettman_uint128 x7; - uint64_t x8; - fiat_secp256k1_dettman_uint128 x9; + uint64_t x7; + fiat_secp256k1_dettman_uint128 x8; + uint64_t x9; uint64_t x10; - fiat_secp256k1_dettman_uint4 x11; - fiat_secp256k1_dettman_uint128 x12; + fiat_secp256k1_dettman_uint128 x11; + uint64_t x12; uint64_t x13; - fiat_secp256k1_dettman_uint128 x14; - uint64_t x15; - fiat_secp256k1_dettman_uint128 x16; + uint64_t x14; + fiat_secp256k1_dettman_uint128 x15; + uint64_t x16; uint64_t x17; fiat_secp256k1_dettman_uint128 x18; uint64_t x19; - fiat_secp256k1_dettman_uint128 x20; - uint64_t x21; - fiat_secp256k1_dettman_uint128 x22; + uint64_t x20; + fiat_secp256k1_dettman_uint128 x21; + uint64_t x22; uint64_t x23; fiat_secp256k1_dettman_uint128 x24; uint64_t x25; - uint64_t x26; + fiat_secp256k1_dettman_uint128 x26; + uint64_t x27; + uint64_t x28; + fiat_secp256k1_dettman_uint128 x29; + uint64_t x30; + fiat_secp256k1_dettman_uint128 x31; + uint64_t x32; + uint64_t x33; + uint64_t x34; x1 = ((arg1[3]) * 0x2); x2 = ((arg1[2]) * 0x2); x3 = ((arg1[1]) * 0x2); x4 = ((arg1[0]) * 0x2); x5 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg1[4])); x6 = (uint64_t)(x5 >> 64); - x7 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x5 * UINT64_C(0x1000003d10))); - x8 = (uint64_t)(x7 >> 52); - x9 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x8) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); - x10 = (uint64_t)(x9 >> 52); - x11 = (fiat_secp256k1_dettman_uint4)((uint64_t)x9 >> 48); - x12 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x10); - x13 = (uint64_t)(x12 >> 52); - x14 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)(((uint64_t)x12 << 4) + (uint64_t)x11) * UINT64_C(0x1000003d1))); - x15 = (uint64_t)(x14 >> 52); - x16 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x13); - x17 = (uint64_t)(x16 >> 52); - x18 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x15) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x16 * UINT64_C(0x1000003d10))); + x7 = (uint64_t)(x5 & UINT64_C(0xffffffffffffffff)); + x8 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)x7 * UINT64_C(0x1000003d10))); + x9 = (uint64_t)(x8 >> 52); + x10 = (uint64_t)(x8 & UINT64_C(0xfffffffffffff)); + x11 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x9) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); + x12 = (uint64_t)(x11 >> 52); + x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); + x14 = (x13 >> 48); + x15 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x12); + x16 = (uint64_t)(x15 >> 52); + x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); + x18 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x17 << 4) + x14) * UINT64_C(0x1000003d1))); x19 = (uint64_t)(x18 >> 52); - x20 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x17); - x21 = (uint64_t)(x20 >> 64); - x22 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x19) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x20 * UINT64_C(0x1000003d10))); - x23 = (uint64_t)(x22 >> 52); - x24 = (((uint64_t)x7 + x23) + ((fiat_secp256k1_dettman_uint128)x21 * UINT64_C(0x1000003d10000))); + x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); + x21 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x16); + x22 = (uint64_t)(x21 >> 52); + x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); + x24 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x19) + ((fiat_secp256k1_dettman_uint128)x23 * UINT64_C(0x1000003d10))); x25 = (uint64_t)(x24 >> 52); - x26 = ((uint64_t)x9 + x25); - out1[0] = (uint64_t)x14; - out1[1] = (uint64_t)x18; - out1[2] = (uint64_t)x22; - out1[3] = (uint64_t)x24; - out1[4] = x26; + x26 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x22); + x27 = (uint64_t)(x26 >> 64); + x28 = (uint64_t)(x26 & UINT64_C(0xffffffffffffffff)); + x29 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x25) + ((fiat_secp256k1_dettman_uint128)x28 * UINT64_C(0x1000003d10))); + x30 = (uint64_t)(x29 >> 52); + x31 = ((x10 + x30) + ((fiat_secp256k1_dettman_uint128)x27 * UINT64_C(0x1000003d10000))); + x32 = (uint64_t)(x31 >> 52); + x33 = (uint64_t)(x31 & UINT64_C(0xfffffffffffff)); + x34 = (x13 + x32); + out1[0] = x20; + out1[1] = (uint64_t)x24; + out1[2] = (uint64_t)x29; + out1[3] = x33; + out1[4] = x34; } diff --git a/src/BoundsPipeline.v b/src/BoundsPipeline.v index b398e3f021..2590de9ab1 100644 --- a/src/BoundsPipeline.v +++ b/src/BoundsPipeline.v @@ -804,6 +804,7 @@ Module Pipeline. | inr v => Debug.ret (inr v) end; match E' with + (* rewrites after bounds relaxation---add a new one named arithWithRelaxedCasts or something. *) | inl E => (E <- match split_mul_to with | Some (max_bitwidth, lgcarrymax) diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index 266887f303..cffe96e37b 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -45,6 +45,8 @@ Local Notation "x <= y <= z" := (andb (is_tighter_than_bool (ZRange.normalize x) Local Notation litZZ x := (ident.literal (fst x), ident.literal (snd x)) (only parsing). Local Notation n r := (ZRange.normalize r) (only parsing). +Print ident.cast. Search ident.cast. + (* N.B. [ident.eagerly] does not play well with [do_again] *) Definition nbe_rewrite_rulesT : list (bool * Prop) := Eval cbv [myapp mymap myflatten] in @@ -334,11 +336,15 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( ; (forall rland r0 rv v, 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) + (* try to use lower bounds = 0, rland.upper divides rv.upper to remove double cast. *) ; (forall rland rm1 rv v, rland.(upper) ∈ rm1 -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) - -> (0 = rland.(lower)) - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland (cstZ rv v)) + -> 0 = rland.(lower) + -> 0 = rv.(lower) + -> 0 <= rv.(upper) + -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rv v) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index d2227e35e7..6d88ca4f75 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -564,19 +564,39 @@ Local Ltac do_clear_nia x y r H H' := => clear -Hx Hy Hm Hr H' H; nia end. +Search ident.cast. Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) : PrimitiveHList.hlist (@snd bool Prop) (arith_with_casts_rewrite_rulesT adc_no_carry_to_add). Proof using Type. start_proof; auto; intros; try lia. all: repeat interp_good_t_step_related. - 11: { interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. - - replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). - + rewrite <- ident.cast_out_of_bounds_simple_0_mod. - -- destruct rland. simpl in H1. subst. apply ident.cast_idempotent. - -- rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. - + remember (Z.log2 _) as x. rewrite H0. subst. rewrite Z.ones_equiv. lia. - - remember (Z.log2_nonneg (upper rland)). lia. } - (*cbv [Z.succ]. Check Z.ones_equiv. rewrite <- ident.cast_out_of_bounds_simple_0_mod. + 11: { replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). + - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. + ++ destruct rland. simpl in H1. subst. apply ident.cast_idempotent. + ++ rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. + -- remember (Z.log2 _) as x. rewrite H0. subst. rewrite Z.ones_equiv. lia. + + remember (Z.log2_nonneg (upper rland)). lia. + - Search ident.cast. destruct rland. destruct rv. simpl in *. subst. + (*Search ident.cast. Search ZRange.normalize. + repeat rewrite <- (ident.cast_normalize r[0~>upper]). + repeat rewrite <- (ident.cast_normalize r[0~>upper0]).*) + Check ident.cast_out_of_bounds_simple_0_mod. + repeat rewrite ident.cast_out_of_bounds_simple_0_mod. + + Search ((_ mod _) mod _). rewrite <- Z.mod_div_mod_full. + -- reflexivity. + -- Search Z.divide. rewrite <- Z.mod_divide_full. assumption. + + Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. + remember (Z.log2_nonneg (upper)). lia. + + lia. + + Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. + remember (Z.log2_nonneg (upper)). lia. + } + (* Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. + remember (Z.log2_nonneg (upper)). lia. + } + cbv [Z.succ]. Check Z.ones_equiv. rewrite <- ident.cast_out_of_bounds_simple_0_mod. Search (Z.ones (Z.succ _)). rewrite Z.ones_equiv. rewrite Z.land_ones. - From a559efddff517d5a511aee6c337ea421e7f35e85 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Tue, 16 May 2023 22:28:09 -0400 Subject: [PATCH 20/27] wrote a version of the rewrite rule that works! need to put it in its own pass now. --- fiat-c/src/secp256k1_dettman_64.c | 156 ++++++++++-------- .../DettmanMultiplication.v | 7 +- src/Rewriter/Rules.v | 16 +- src/Rewriter/RulesProofs.v | 28 +++- 4 files changed, 126 insertions(+), 81 deletions(-) diff --git a/fiat-c/src/secp256k1_dettman_64.c b/fiat-c/src/secp256k1_dettman_64.c index 2964c2c940..8e25f88b06 100644 --- a/fiat-c/src/secp256k1_dettman_64.c +++ b/fiat-c/src/secp256k1_dettman_64.c @@ -38,7 +38,7 @@ FIAT_SECP256K1_DETTMAN_FIAT_EXTENSION typedef unsigned __int128 fiat_secp256k1_d * arg1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * arg2: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * Output Bounds: - * out1: Some [None, None, None, None, None] + * out1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x17fffffffffff]] */ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64_t out1[5], const uint64_t arg1[5], const uint64_t arg2[5]) { fiat_secp256k1_dettman_uint128 x1; @@ -51,26 +51,29 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 uint64_t x8; uint64_t x9; uint64_t x10; - fiat_secp256k1_dettman_uint128 x11; - uint64_t x12; + uint64_t x11; + fiat_secp256k1_dettman_uint128 x12; uint64_t x13; - fiat_secp256k1_dettman_uint128 x14; - uint64_t x15; + uint64_t x14; + fiat_secp256k1_dettman_uint128 x15; uint64_t x16; - fiat_secp256k1_dettman_uint128 x17; - uint64_t x18; + uint64_t x17; + fiat_secp256k1_dettman_uint128 x18; uint64_t x19; - fiat_secp256k1_dettman_uint128 x20; - uint64_t x21; - fiat_secp256k1_dettman_uint128 x22; + uint64_t x20; + fiat_secp256k1_dettman_uint128 x21; + uint64_t x22; uint64_t x23; - uint64_t x24; - fiat_secp256k1_dettman_uint128 x25; + fiat_secp256k1_dettman_uint128 x24; + uint64_t x25; uint64_t x26; fiat_secp256k1_dettman_uint128 x27; uint64_t x28; uint64_t x29; - uint64_t x30; + fiat_secp256k1_dettman_uint128 x30; + uint64_t x31; + uint64_t x32; + uint64_t x33; x1 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[4])); x2 = (uint64_t)(x1 >> 64); x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); @@ -81,31 +84,34 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 x8 = (uint64_t)(x7 >> 52); x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); x10 = (x9 >> 48); - x11 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x8); - x12 = (uint64_t)(x11 >> 52); - x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); - x14 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x13 << 4) + x10) * UINT64_C(0x1000003d1))); - x15 = (uint64_t)(x14 >> 52); - x16 = (uint64_t)(x14 & UINT64_C(0xfffffffffffff)); - x17 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x12); - x18 = (uint64_t)(x17 >> 52); - x19 = (uint64_t)(x17 & UINT64_C(0xfffffffffffff)); - x20 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x15) + ((fiat_secp256k1_dettman_uint128)x19 * UINT64_C(0x1000003d10))); - x21 = (uint64_t)(x20 >> 52); - x22 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x18); - x23 = (uint64_t)(x22 >> 64); - x24 = (uint64_t)(x22 & UINT64_C(0xffffffffffffffff)); - x25 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x21) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10))); - x26 = (uint64_t)(x25 >> 52); - x27 = ((x6 + x26) + ((fiat_secp256k1_dettman_uint128)x23 * UINT64_C(0x1000003d10000))); + x11 = (x9 & UINT64_C(0xffffffffffff)); + x12 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x8); + x13 = (uint64_t)(x12 >> 52); + x14 = (uint64_t)(x12 & UINT64_C(0xfffffffffffff)); + x15 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x14 << 4) + x10) * UINT64_C(0x1000003d1))); + x16 = (uint64_t)(x15 >> 52); + x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); + x18 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x13); + x19 = (uint64_t)(x18 >> 52); + x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); + x21 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x16) + ((fiat_secp256k1_dettman_uint128)x20 * UINT64_C(0x1000003d10))); + x22 = (uint64_t)(x21 >> 52); + x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); + x24 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x19); + x25 = (uint64_t)(x24 >> 64); + x26 = (uint64_t)(x24 & UINT64_C(0xffffffffffffffff)); + x27 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x22) + ((fiat_secp256k1_dettman_uint128)x26 * UINT64_C(0x1000003d10))); x28 = (uint64_t)(x27 >> 52); x29 = (uint64_t)(x27 & UINT64_C(0xfffffffffffff)); - x30 = (x9 + x28); - out1[0] = x16; - out1[1] = (uint64_t)x20; - out1[2] = (uint64_t)x25; - out1[3] = x29; - out1[4] = x30; + x30 = ((x6 + x28) + ((fiat_secp256k1_dettman_uint128)x25 * UINT64_C(0x1000003d10000))); + x31 = (uint64_t)(x30 >> 52); + x32 = (uint64_t)(x30 & UINT64_C(0xfffffffffffff)); + x33 = (x11 + x31); + out1[0] = x17; + out1[1] = x23; + out1[2] = x29; + out1[3] = x32; + out1[4] = x33; } /* @@ -117,7 +123,7 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64 * Input Bounds: * arg1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1fffffffffffe]] * Output Bounds: - * out1: Some [None, None, None, None, None] + * out1: [[0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x1ffffffffffffe], [0x0 ~> 0x17fffffffffff]] */ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uint64_t out1[5], const uint64_t arg1[5]) { uint64_t x1; @@ -134,26 +140,29 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin uint64_t x12; uint64_t x13; uint64_t x14; - fiat_secp256k1_dettman_uint128 x15; - uint64_t x16; + uint64_t x15; + fiat_secp256k1_dettman_uint128 x16; uint64_t x17; - fiat_secp256k1_dettman_uint128 x18; - uint64_t x19; + uint64_t x18; + fiat_secp256k1_dettman_uint128 x19; uint64_t x20; - fiat_secp256k1_dettman_uint128 x21; - uint64_t x22; + uint64_t x21; + fiat_secp256k1_dettman_uint128 x22; uint64_t x23; - fiat_secp256k1_dettman_uint128 x24; - uint64_t x25; - fiat_secp256k1_dettman_uint128 x26; + uint64_t x24; + fiat_secp256k1_dettman_uint128 x25; + uint64_t x26; uint64_t x27; - uint64_t x28; - fiat_secp256k1_dettman_uint128 x29; + fiat_secp256k1_dettman_uint128 x28; + uint64_t x29; uint64_t x30; fiat_secp256k1_dettman_uint128 x31; uint64_t x32; uint64_t x33; - uint64_t x34; + fiat_secp256k1_dettman_uint128 x34; + uint64_t x35; + uint64_t x36; + uint64_t x37; x1 = ((arg1[3]) * 0x2); x2 = ((arg1[2]) * 0x2); x3 = ((arg1[1]) * 0x2); @@ -168,29 +177,32 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin x12 = (uint64_t)(x11 >> 52); x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); x14 = (x13 >> 48); - x15 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x12); - x16 = (uint64_t)(x15 >> 52); - x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); - x18 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x17 << 4) + x14) * UINT64_C(0x1000003d1))); - x19 = (uint64_t)(x18 >> 52); - x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); - x21 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x16); - x22 = (uint64_t)(x21 >> 52); - x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); - x24 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x19) + ((fiat_secp256k1_dettman_uint128)x23 * UINT64_C(0x1000003d10))); - x25 = (uint64_t)(x24 >> 52); - x26 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x22); - x27 = (uint64_t)(x26 >> 64); - x28 = (uint64_t)(x26 & UINT64_C(0xffffffffffffffff)); - x29 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x25) + ((fiat_secp256k1_dettman_uint128)x28 * UINT64_C(0x1000003d10))); - x30 = (uint64_t)(x29 >> 52); - x31 = ((x10 + x30) + ((fiat_secp256k1_dettman_uint128)x27 * UINT64_C(0x1000003d10000))); + x15 = (x13 & UINT64_C(0xffffffffffff)); + x16 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x12); + x17 = (uint64_t)(x16 >> 52); + x18 = (uint64_t)(x16 & UINT64_C(0xfffffffffffff)); + x19 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x18 << 4) + x14) * UINT64_C(0x1000003d1))); + x20 = (uint64_t)(x19 >> 52); + x21 = (uint64_t)(x19 & UINT64_C(0xfffffffffffff)); + x22 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x17); + x23 = (uint64_t)(x22 >> 52); + x24 = (uint64_t)(x22 & UINT64_C(0xfffffffffffff)); + x25 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x20) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10))); + x26 = (uint64_t)(x25 >> 52); + x27 = (uint64_t)(x25 & UINT64_C(0xfffffffffffff)); + x28 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x23); + x29 = (uint64_t)(x28 >> 64); + x30 = (uint64_t)(x28 & UINT64_C(0xffffffffffffffff)); + x31 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x26) + ((fiat_secp256k1_dettman_uint128)x30 * UINT64_C(0x1000003d10))); x32 = (uint64_t)(x31 >> 52); x33 = (uint64_t)(x31 & UINT64_C(0xfffffffffffff)); - x34 = (x13 + x32); - out1[0] = x20; - out1[1] = (uint64_t)x24; - out1[2] = (uint64_t)x29; - out1[3] = x33; - out1[4] = x34; + x34 = ((x10 + x32) + ((fiat_secp256k1_dettman_uint128)x29 * UINT64_C(0x1000003d10000))); + x35 = (uint64_t)(x34 >> 52); + x36 = (uint64_t)(x34 & UINT64_C(0xfffffffffffff)); + x37 = (x15 + x35); + out1[0] = x21; + out1[1] = x27; + out1[2] = x33; + out1[3] = x36; + out1[4] = x37; } diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index e6505e31ee..948bce7aba 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -104,15 +104,14 @@ Section __. Definition input_bounds : list (ZRange.type.option.interp base.type.Z) := fold_left (fun l i => Some r[0 ~> Qceiling (2 * input_magnitude * ((weightf (i + 1) / weightf i) - 1))]%zrange :: l) (seq 0 (n - 1)) [] ++ [Some r[0 ~> Qceiling (2 * input_magnitude * (2^last_limb_width - 1))]%zrange]. - (*Definition output_bounds : list (ZRange.type.option.interp base.type.Z) + Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := fold_left (fun l i => Some r[0 ~> Qceiling (2 * output_magnitude_first_limbs * ((weightf (i + 1) / weightf i) - 1))]%zrange :: l) (seq 0 (n - 1)) [] ++ [Some r[0 ~> Qceiling (2 * output_magnitude_last_limb * (2^last_limb_width - 1))]%zrange]. - *) - Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := + (*Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := match inbounds_multiplier with | Some _ => [None; None; None; None; None] | None => [None; None; None; None; None] - end. + end.*) Local Existing Instance default_translate_to_fancy. Local Instance no_select_size : no_select_size_opt := no_select_size_of_no_select machine_wordsize. Local Instance split_mul_to : split_mul_to_opt := split_mul_to_of_should_split_mul machine_wordsize possible_values. diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index cffe96e37b..33ee22858b 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -337,14 +337,14 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) (* try to use lower bounds = 0, rland.upper divides rv.upper to remove double cast. *) - ; (forall rland rm1 rv v, + (*; (forall rland rm1 rv v, rland.(upper) ∈ rm1 -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) -> 0 = rland.(lower) -> 0 = rv.(lower) -> 0 <= rv.(upper) -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v)*) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rv v) @@ -1060,7 +1060,17 @@ Section with_bitwidth. [mymap dont_do_again [] ; mymap do_again - [(forall A B x y, @fst A B (x, y) = x) + [ + (* owen put this here, and he needs to remove it. *) + (forall rland rm1 rv v, + rland.(upper) ∈ rm1 + -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) + -> 0 = rland.(lower) + -> 0 = rv.(lower) + -> 0 <= rv.(upper) + -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) + ; (forall A B x y, @fst A B (x, y) = x) ; (forall A B x y, @snd A B (x, y) = y) (** In order to avoid tautological compares, we need to deal with carry/borrows being 0 *) ; (forall r0 s x y r1 r2, diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index 6d88ca4f75..8edff0131f 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -570,7 +570,7 @@ Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) Proof using Type. start_proof; auto; intros; try lia. all: repeat interp_good_t_step_related. - 11: { replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). + (*11: { replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. @@ -592,7 +592,7 @@ Proof using Type. + lia. + Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper)). lia. - } + }*) (* Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper)). lia. } @@ -861,6 +861,30 @@ Proof using Type. by (intros; apply Z.pow_gt_lin_r; auto with zarith). start_proof; auto; intros; try lia. + 1: { + replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). + - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. + ++ destruct rland. simpl in *. subst. apply ident.cast_idempotent. + ++ rewrite H2. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. + -- remember (Z.log2 _) as x. rewrite H2. subst. rewrite Z.ones_equiv. lia. + + remember (Z.log2_nonneg (upper rland)). lia. + - Search ident.cast. destruct rland. destruct rv. simpl in *. subst. + (*Search ident.cast. Search ZRange.normalize. + repeat rewrite <- (ident.cast_normalize r[0~>upper]). + repeat rewrite <- (ident.cast_normalize r[0~>upper0]).*) + Check ident.cast_out_of_bounds_simple_0_mod. + repeat rewrite ident.cast_out_of_bounds_simple_0_mod. + + Search ((_ mod _) mod _). rewrite <- Z.mod_div_mod_full. + -- reflexivity. + -- Search Z.divide. rewrite <- Z.mod_divide_full. assumption. + + Search Z.ones. rewrite H2. apply Ones.Z.ones_nonneg. + remember (Z.log2_nonneg (upper)). lia. + + lia. + + Search Z.ones. rewrite H2. apply Ones.Z.ones_nonneg. + remember (Z.log2_nonneg (upper)). lia. + } all: repeat interp_good_t_step_related. all: systematically_handle_casts; autorewrite with zsimplify_fast; try reflexivity. all: subst; rewrite !ident.platform_specific_cast_0_is_mod, ?Z.sub_add, ?Z.mod_mod by lia; try reflexivity. From a70781b0f3b8d019dfbbd297ffa3e240b1ee402f Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Tue, 16 May 2023 23:38:40 -0400 Subject: [PATCH 21/27] put the new rewrite rule in its own pass --- fiat-c/src/secp256k1_dettman_64.c | 216 ++++++++++---------- src/BoundsPipeline.v | 3 +- src/Rewriter/All.v | 3 + src/Rewriter/Passes/ArithWithRelaxedCasts.v | 43 ++++ src/Rewriter/Rules.v | 36 +++- src/Rewriter/RulesProofs.v | 107 ++++------ 6 files changed, 213 insertions(+), 195 deletions(-) create mode 100644 src/Rewriter/Passes/ArithWithRelaxedCasts.v diff --git a/fiat-c/src/secp256k1_dettman_64.c b/fiat-c/src/secp256k1_dettman_64.c index 8e25f88b06..10a8d67764 100644 --- a/fiat-c/src/secp256k1_dettman_64.c +++ b/fiat-c/src/secp256k1_dettman_64.c @@ -43,75 +43,71 @@ FIAT_SECP256K1_DETTMAN_FIAT_EXTENSION typedef unsigned __int128 fiat_secp256k1_d static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_mul(uint64_t out1[5], const uint64_t arg1[5], const uint64_t arg2[5]) { fiat_secp256k1_dettman_uint128 x1; uint64_t x2; - uint64_t x3; - fiat_secp256k1_dettman_uint128 x4; + fiat_secp256k1_dettman_uint128 x3; + uint64_t x4; uint64_t x5; - uint64_t x6; - fiat_secp256k1_dettman_uint128 x7; + fiat_secp256k1_dettman_uint128 x6; + uint64_t x7; uint64_t x8; uint64_t x9; uint64_t x10; - uint64_t x11; - fiat_secp256k1_dettman_uint128 x12; + fiat_secp256k1_dettman_uint128 x11; + uint64_t x12; uint64_t x13; - uint64_t x14; - fiat_secp256k1_dettman_uint128 x15; + fiat_secp256k1_dettman_uint128 x14; + uint64_t x15; uint64_t x16; - uint64_t x17; - fiat_secp256k1_dettman_uint128 x18; + fiat_secp256k1_dettman_uint128 x17; + uint64_t x18; uint64_t x19; - uint64_t x20; - fiat_secp256k1_dettman_uint128 x21; + fiat_secp256k1_dettman_uint128 x20; + uint64_t x21; uint64_t x22; - uint64_t x23; - fiat_secp256k1_dettman_uint128 x24; - uint64_t x25; + fiat_secp256k1_dettman_uint128 x23; + uint64_t x24; + fiat_secp256k1_dettman_uint128 x25; uint64_t x26; - fiat_secp256k1_dettman_uint128 x27; - uint64_t x28; + uint64_t x27; + fiat_secp256k1_dettman_uint128 x28; uint64_t x29; - fiat_secp256k1_dettman_uint128 x30; + uint64_t x30; uint64_t x31; - uint64_t x32; - uint64_t x33; x1 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[4])); x2 = (uint64_t)(x1 >> 64); - x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x4 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)x3 * UINT64_C(0x1000003d10))); - x5 = (uint64_t)(x4 >> 52); - x6 = (uint64_t)(x4 & UINT64_C(0xfffffffffffff)); - x7 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x5) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); - x8 = (uint64_t)(x7 >> 52); - x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); - x10 = (x9 >> 48); - x11 = (x9 & UINT64_C(0xffffffffffff)); - x12 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x8); - x13 = (uint64_t)(x12 >> 52); - x14 = (uint64_t)(x12 & UINT64_C(0xfffffffffffff)); - x15 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x14 << 4) + x10) * UINT64_C(0x1000003d1))); - x16 = (uint64_t)(x15 >> 52); - x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); - x18 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x13); - x19 = (uint64_t)(x18 >> 52); - x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); - x21 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x16) + ((fiat_secp256k1_dettman_uint128)x20 * UINT64_C(0x1000003d10))); - x22 = (uint64_t)(x21 >> 52); - x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); - x24 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x19); - x25 = (uint64_t)(x24 >> 64); - x26 = (uint64_t)(x24 & UINT64_C(0xffffffffffffffff)); - x27 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x22) + ((fiat_secp256k1_dettman_uint128)x26 * UINT64_C(0x1000003d10))); - x28 = (uint64_t)(x27 >> 52); - x29 = (uint64_t)(x27 & UINT64_C(0xfffffffffffff)); - x30 = ((x6 + x28) + ((fiat_secp256k1_dettman_uint128)x25 * UINT64_C(0x1000003d10000))); - x31 = (uint64_t)(x30 >> 52); - x32 = (uint64_t)(x30 & UINT64_C(0xfffffffffffff)); - x33 = (x11 + x31); - out1[0] = x17; - out1[1] = x23; - out1[2] = x29; - out1[3] = x32; - out1[4] = x33; + x3 = ((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[0]))))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x1 * UINT64_C(0x1000003d10))); + x4 = (uint64_t)(x3 >> 52); + x5 = (uint64_t)(x3 & UINT64_C(0xfffffffffffff)); + x6 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[0])))))) + x4) + ((fiat_secp256k1_dettman_uint128)x2 * UINT64_C(0x1000003d10000))); + x7 = (uint64_t)(x6 >> 52); + x8 = (uint64_t)(x6 & UINT64_C(0xfffffffffffff)); + x9 = (x8 >> 48); + x10 = (x8 & UINT64_C(0xffffffffffff)); + x11 = ((((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[3])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[1]))))) + x7); + x12 = (uint64_t)(x11 >> 52); + x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); + x14 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[0])) + ((fiat_secp256k1_dettman_uint128)((x13 << 4) + x9) * UINT64_C(0x1000003d1))); + x15 = (uint64_t)(x14 >> 52); + x16 = (uint64_t)(x14 & UINT64_C(0xfffffffffffff)); + x17 = ((((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[4])) + (((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[2])))) + x12); + x18 = (uint64_t)(x17 >> 52); + x19 = (uint64_t)(x17 & UINT64_C(0xfffffffffffff)); + x20 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[0]))) + x15) + ((fiat_secp256k1_dettman_uint128)x19 * UINT64_C(0x1000003d10))); + x21 = (uint64_t)(x20 >> 52); + x22 = (uint64_t)(x20 & UINT64_C(0xfffffffffffff)); + x23 = ((((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg2[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg2[3]))) + x18); + x24 = (uint64_t)(x23 >> 64); + x25 = (((((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg2[2])) + (((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg2[1])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg2[0])))) + x21) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x23 * UINT64_C(0x1000003d10))); + x26 = (uint64_t)(x25 >> 52); + x27 = (uint64_t)(x25 & UINT64_C(0xfffffffffffff)); + x28 = ((x5 + x26) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10000))); + x29 = (uint64_t)(x28 >> 52); + x30 = (uint64_t)(x28 & UINT64_C(0xfffffffffffff)); + x31 = (x10 + x29); + out1[0] = x16; + out1[1] = x22; + out1[2] = x27; + out1[3] = x30; + out1[4] = x31; } /* @@ -132,77 +128,73 @@ static FIAT_SECP256K1_DETTMAN_FIAT_INLINE void fiat_secp256k1_dettman_square(uin uint64_t x4; fiat_secp256k1_dettman_uint128 x5; uint64_t x6; - uint64_t x7; - fiat_secp256k1_dettman_uint128 x8; + fiat_secp256k1_dettman_uint128 x7; + uint64_t x8; uint64_t x9; - uint64_t x10; - fiat_secp256k1_dettman_uint128 x11; + fiat_secp256k1_dettman_uint128 x10; + uint64_t x11; uint64_t x12; uint64_t x13; uint64_t x14; - uint64_t x15; - fiat_secp256k1_dettman_uint128 x16; + fiat_secp256k1_dettman_uint128 x15; + uint64_t x16; uint64_t x17; - uint64_t x18; - fiat_secp256k1_dettman_uint128 x19; + fiat_secp256k1_dettman_uint128 x18; + uint64_t x19; uint64_t x20; - uint64_t x21; - fiat_secp256k1_dettman_uint128 x22; + fiat_secp256k1_dettman_uint128 x21; + uint64_t x22; uint64_t x23; - uint64_t x24; - fiat_secp256k1_dettman_uint128 x25; + fiat_secp256k1_dettman_uint128 x24; + uint64_t x25; uint64_t x26; - uint64_t x27; - fiat_secp256k1_dettman_uint128 x28; - uint64_t x29; + fiat_secp256k1_dettman_uint128 x27; + uint64_t x28; + fiat_secp256k1_dettman_uint128 x29; uint64_t x30; - fiat_secp256k1_dettman_uint128 x31; - uint64_t x32; + uint64_t x31; + fiat_secp256k1_dettman_uint128 x32; uint64_t x33; - fiat_secp256k1_dettman_uint128 x34; + uint64_t x34; uint64_t x35; - uint64_t x36; - uint64_t x37; x1 = ((arg1[3]) * 0x2); x2 = ((arg1[2]) * 0x2); x3 = ((arg1[1]) * 0x2); x4 = ((arg1[0]) * 0x2); x5 = ((fiat_secp256k1_dettman_uint128)(arg1[4]) * (arg1[4])); x6 = (uint64_t)(x5 >> 64); - x7 = (uint64_t)(x5 & UINT64_C(0xffffffffffffffff)); - x8 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)x7 * UINT64_C(0x1000003d10))); - x9 = (uint64_t)(x8 >> 52); - x10 = (uint64_t)(x8 & UINT64_C(0xfffffffffffff)); - x11 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x9) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); - x12 = (uint64_t)(x11 >> 52); - x13 = (uint64_t)(x11 & UINT64_C(0xfffffffffffff)); - x14 = (x13 >> 48); - x15 = (x13 & UINT64_C(0xffffffffffff)); - x16 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x12); - x17 = (uint64_t)(x16 >> 52); - x18 = (uint64_t)(x16 & UINT64_C(0xfffffffffffff)); - x19 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x18 << 4) + x14) * UINT64_C(0x1000003d1))); - x20 = (uint64_t)(x19 >> 52); - x21 = (uint64_t)(x19 & UINT64_C(0xfffffffffffff)); - x22 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x17); - x23 = (uint64_t)(x22 >> 52); - x24 = (uint64_t)(x22 & UINT64_C(0xfffffffffffff)); - x25 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x20) + ((fiat_secp256k1_dettman_uint128)x24 * UINT64_C(0x1000003d10))); - x26 = (uint64_t)(x25 >> 52); - x27 = (uint64_t)(x25 & UINT64_C(0xfffffffffffff)); - x28 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x23); - x29 = (uint64_t)(x28 >> 64); - x30 = (uint64_t)(x28 & UINT64_C(0xffffffffffffffff)); - x31 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x26) + ((fiat_secp256k1_dettman_uint128)x30 * UINT64_C(0x1000003d10))); - x32 = (uint64_t)(x31 >> 52); - x33 = (uint64_t)(x31 & UINT64_C(0xfffffffffffff)); - x34 = ((x10 + x32) + ((fiat_secp256k1_dettman_uint128)x29 * UINT64_C(0x1000003d10000))); - x35 = (uint64_t)(x34 >> 52); - x36 = (uint64_t)(x34 & UINT64_C(0xfffffffffffff)); - x37 = (x15 + x35); - out1[0] = x21; - out1[1] = x27; - out1[2] = x33; - out1[3] = x36; - out1[4] = x37; + x7 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)x3 * (arg1[2]))) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x5 * UINT64_C(0x1000003d10))); + x8 = (uint64_t)(x7 >> 52); + x9 = (uint64_t)(x7 & UINT64_C(0xfffffffffffff)); + x10 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[4])) + (((fiat_secp256k1_dettman_uint128)x3 * (arg1[3])) + ((fiat_secp256k1_dettman_uint128)(arg1[2]) * (arg1[2])))) + x8) + ((fiat_secp256k1_dettman_uint128)x6 * UINT64_C(0x1000003d10000))); + x11 = (uint64_t)(x10 >> 52); + x12 = (uint64_t)(x10 & UINT64_C(0xfffffffffffff)); + x13 = (x12 >> 48); + x14 = (x12 & UINT64_C(0xffffffffffff)); + x15 = ((((fiat_secp256k1_dettman_uint128)x3 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)x2 * (arg1[3]))) + x11); + x16 = (uint64_t)(x15 >> 52); + x17 = (uint64_t)(x15 & UINT64_C(0xfffffffffffff)); + x18 = (((fiat_secp256k1_dettman_uint128)(arg1[0]) * (arg1[0])) + ((fiat_secp256k1_dettman_uint128)((x17 << 4) + x13) * UINT64_C(0x1000003d1))); + x19 = (uint64_t)(x18 >> 52); + x20 = (uint64_t)(x18 & UINT64_C(0xfffffffffffff)); + x21 = ((((fiat_secp256k1_dettman_uint128)x2 * (arg1[4])) + ((fiat_secp256k1_dettman_uint128)(arg1[3]) * (arg1[3]))) + x16); + x22 = (uint64_t)(x21 >> 52); + x23 = (uint64_t)(x21 & UINT64_C(0xfffffffffffff)); + x24 = ((((fiat_secp256k1_dettman_uint128)x4 * (arg1[1])) + x19) + ((fiat_secp256k1_dettman_uint128)x23 * UINT64_C(0x1000003d10))); + x25 = (uint64_t)(x24 >> 52); + x26 = (uint64_t)(x24 & UINT64_C(0xfffffffffffff)); + x27 = (((fiat_secp256k1_dettman_uint128)x1 * (arg1[4])) + x22); + x28 = (uint64_t)(x27 >> 64); + x29 = (((((fiat_secp256k1_dettman_uint128)x4 * (arg1[2])) + ((fiat_secp256k1_dettman_uint128)(arg1[1]) * (arg1[1]))) + x25) + ((fiat_secp256k1_dettman_uint128)(uint64_t)x27 * UINT64_C(0x1000003d10))); + x30 = (uint64_t)(x29 >> 52); + x31 = (uint64_t)(x29 & UINT64_C(0xfffffffffffff)); + x32 = ((x9 + x30) + ((fiat_secp256k1_dettman_uint128)x28 * UINT64_C(0x1000003d10000))); + x33 = (uint64_t)(x32 >> 52); + x34 = (uint64_t)(x32 & UINT64_C(0xfffffffffffff)); + x35 = (x14 + x33); + out1[0] = x20; + out1[1] = x26; + out1[2] = x31; + out1[3] = x34; + out1[4] = x35; } diff --git a/src/BoundsPipeline.v b/src/BoundsPipeline.v index 2590de9ab1..bfbc990359 100644 --- a/src/BoundsPipeline.v +++ b/src/BoundsPipeline.v @@ -806,7 +806,8 @@ Module Pipeline. match E' with (* rewrites after bounds relaxation---add a new one named arithWithRelaxedCasts or something. *) | inl E - => (E <- match split_mul_to with + => (E <- RewriteAndEliminateDeadAndInline "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) with_dead_code_elimination with_subst01 with_let_bind_return E; + E <- match split_mul_to with | Some (max_bitwidth, lgcarrymax) => wrap_debug_rewrite "RewriteMulSplit" (RewriteRules.RewriteMulSplit max_bitwidth lgcarrymax opts) E | None => Debug.ret E diff --git a/src/Rewriter/All.v b/src/Rewriter/All.v index b4159ffb28..1ef44882b7 100644 --- a/src/Rewriter/All.v +++ b/src/Rewriter/All.v @@ -2,6 +2,7 @@ Require Import Crypto.Rewriter.Passes.NBE. Require Import Crypto.Rewriter.Passes.AddAssocLeft. Require Import Crypto.Rewriter.Passes.Arith. Require Import Crypto.Rewriter.Passes.ArithWithCasts. +Require Import Crypto.Rewriter.Passes.ArithWithRelaxedCasts. Require Import Crypto.Rewriter.Passes.StripLiteralCasts. Require Import Crypto.Rewriter.Passes.FlattenThunkedRects. Require Import Crypto.Rewriter.Passes.MulSplit. @@ -17,6 +18,7 @@ Module Compilers. Export AddAssocLeft.Compilers. Export Arith.Compilers. Export ArithWithCasts.Compilers. + Export ArithWithRelaxedCasts.Compilers. Export StripLiteralCasts.Compilers. Export FlattenThunkedRects.Compilers. Export MulSplit.Compilers. @@ -32,6 +34,7 @@ Module Compilers. Export AddAssocLeft.Compilers.RewriteRules. Export Arith.Compilers.RewriteRules. Export ArithWithCasts.Compilers.RewriteRules. + Export ArithWithRelaxedCasts.Compilers.RewriteRules. Export StripLiteralCasts.Compilers.RewriteRules. Export FlattenThunkedRects.Compilers.RewriteRules. Export MulSplit.Compilers.RewriteRules. diff --git a/src/Rewriter/Passes/ArithWithRelaxedCasts.v b/src/Rewriter/Passes/ArithWithRelaxedCasts.v new file mode 100644 index 0000000000..7c56f6b212 --- /dev/null +++ b/src/Rewriter/Passes/ArithWithRelaxedCasts.v @@ -0,0 +1,43 @@ +Require Import Rewriter.Language.Language. +Require Import Crypto.Language.API. +Require Import Rewriter.Language.Wf. +Require Import Crypto.Language.WfExtra. +Require Import Crypto.Rewriter.AllTacticsExtra. +Require Import Crypto.Rewriter.RulesProofs. + +Module Compilers. + Import Language.Compilers. + Import Language.API.Compilers. + Import Language.Wf.Compilers. + Import Language.WfExtra.Compilers. + Import Rewriter.AllTacticsExtra.Compilers.RewriteRules.GoalType. + Import Rewriter.AllTactics.Compilers.RewriteRules.Tactic. + Import Compilers.Classes. + + Module Import RewriteRules. + Section __. + Definition VerifiedRewriterArithWithRelaxedCasts : VerifiedRewriter_with_args false false true arith_with_relaxed_casts_rewrite_rules_proofs. + Proof using All. make_rewriter. Defined. + + Definition default_opts := Eval hnf in @default_opts VerifiedRewriterArithWithRelaxedCasts. + Let optsT := Eval hnf in optsT VerifiedRewriterArithWithRelaxedCasts. + + Definition RewriteArithWithRelaxedCasts (opts : optsT) {t : API.type} := Eval hnf in @Rewrite VerifiedRewriterArithWithRelaxedCasts opts t. + + Lemma Wf_RewriteArithWithRelaxedCasts opts {t} e (Hwf : Wf e) : Wf (@RewriteArithWithRelaxedCasts opts t e). + Proof. now apply VerifiedRewriterArithWithRelaxedCasts. Qed. + + Lemma Interp_RewriteArithWithRelaxedCasts opts {t} e (Hwf : Wf e) : API.Interp (@RewriteArithWithRelaxedCasts opts t e) == API.Interp e. + Proof. now apply VerifiedRewriterArithWithRelaxedCasts. Qed. + End __. + End RewriteRules. + + Module Export Hints. +#[global] + Hint Resolve Wf_RewriteArithWithRelaxedCasts : wf wf_extra. +#[global] + Hint Opaque RewriteArithWithRelaxedCasts : wf wf_extra interp interp_extra rewrite. +#[global] + Hint Rewrite @Interp_RewriteArithWithRelaxedCasts : interp interp_extra. + End Hints. +End Compilers. diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index 33ee22858b..0ce2464d76 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -561,6 +561,30 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( ] ]%Z%zrange. +Definition arith_with_relaxed_casts_rewrite_rulesT : list (bool * Prop) + := Eval cbv [myapp mymap myflatten] in + myflatten + [mymap + dont_do_again + [(forall rland rm1 rv v, + rland.(upper) ∈ rm1 + -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) + -> 0 = rland.(lower) + -> 0 = rv.(lower) + -> 0 <= rv.(upper) + -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 + -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) + ; (forall rland rm1 rv v, + rland.(upper) ∈ rm1 + -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) + -> 0 = rland.(lower) + -> 0 = rv.(lower) + -> 0 <= rv.(upper) + -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 + -> cstZ rland (Z.land (cstZ rm1 ('rland.(upper))) (cstZ rv v)) = cstZ rland v) + ] + ]%Z%zrange. + Definition strip_literal_casts_rewrite_rulesT : list (bool * Prop) := [dont_do_again (forall rx x, x ∈ rx -> cstZ rx ('x) = 'x)]%Z%zrange. @@ -1060,17 +1084,7 @@ Section with_bitwidth. [mymap dont_do_again [] ; mymap do_again - [ - (* owen put this here, and he needs to remove it. *) - (forall rland rm1 rv v, - rland.(upper) ∈ rm1 - -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) - -> 0 = rland.(lower) - -> 0 = rv.(lower) - -> 0 <= rv.(upper) - -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v) - ; (forall A B x y, @fst A B (x, y) = x) + [(forall A B x y, @fst A B (x, y) = x) ; (forall A B x y, @snd A B (x, y) = y) (** In order to avoid tautological compares, we need to deal with carry/borrows being 0 *) ; (forall r0 s x y r1 r2, diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index 8edff0131f..1029eb9b55 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -564,63 +564,52 @@ Local Ltac do_clear_nia x y r H H' := => clear -Hx Hy Hm Hr H' H; nia end. -Search ident.cast. Lemma arith_with_casts_rewrite_rules_proofs (adc_no_carry_to_add : bool) : PrimitiveHList.hlist (@snd bool Prop) (arith_with_casts_rewrite_rulesT adc_no_carry_to_add). Proof using Type. start_proof; auto; intros; try lia. all: repeat interp_good_t_step_related. - (*11: { replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). - - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. - + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). - -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. - ++ destruct rland. simpl in H1. subst. apply ident.cast_idempotent. - ++ rewrite H0. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. - -- remember (Z.log2 _) as x. rewrite H0. subst. rewrite Z.ones_equiv. lia. - + remember (Z.log2_nonneg (upper rland)). lia. - - Search ident.cast. destruct rland. destruct rv. simpl in *. subst. - (*Search ident.cast. Search ZRange.normalize. - repeat rewrite <- (ident.cast_normalize r[0~>upper]). - repeat rewrite <- (ident.cast_normalize r[0~>upper0]).*) - Check ident.cast_out_of_bounds_simple_0_mod. - repeat rewrite ident.cast_out_of_bounds_simple_0_mod. - + Search ((_ mod _) mod _). rewrite <- Z.mod_div_mod_full. - -- reflexivity. - -- Search Z.divide. rewrite <- Z.mod_divide_full. assumption. - + Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. - remember (Z.log2_nonneg (upper)). lia. - + lia. - + Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. - remember (Z.log2_nonneg (upper)). lia. - }*) - (* Search Z.ones. rewrite H0. apply Ones.Z.ones_nonneg. - remember (Z.log2_nonneg (upper)). lia. - } - cbv [Z.succ]. Check Z.ones_equiv. rewrite <- ident.cast_out_of_bounds_simple_0_mod. - Search (Z.ones (Z.succ _)). rewrite Z.ones_equiv. - rewrite Z.land_ones. - - - all: repeat interp_good_t_step_arith. - Search (Z.land _ (Z.ones _)). rewrite Z.land_ones. - + Search (ident.cast _ _ = _ mod _). cbv [Z.succ]. replace (2^(Z.log2 (upper rland) + 1)) with ((upper rland) + 1). - -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. - ++ Search (ident.cast _ (ident.cast _ _)). - replace r[0~>upper rland]%zrange with rland. - --- rewrite ident.cast_idempotent. rep apply ident.cast_idempotent. - --- reflect_hyps. destruct rland. simpl in *. subst. reflexivity. - ++ reflect_hyps. simpl in *. Search (0 <= Z.ones _). rewrite H1. - apply Ones.Z.ones_nonneg. Search (0 <= Z.log2 _). remember (Z.log2_nonneg (upper rland)). lia. - -- remember (Z.log2 _) as x. rewrite H1. subst. Search Z.ones. rewrite Z.ones_equiv. cbv [Z.succ Z.pred]. lia. - + remember (Z.log2_nonneg (upper rland)). lia. - - Check Ones.Z.ones_succ. remember (Ones.Z.ones_nonneg (Z.succ (Z.l lia. - interp_good_t_step_arith. - all: repeat interp_good_t_step_arith. assert (is_bounded_by_bool v rland = true). - { reflect_hyps. cbv [is_bounded_by_bool]. lia. } Search is_tighter_than_bool. reflect_hyps.*) all: repeat interp_good_t_step_arith. all: remove_casts; try fin_with_nia. all: try (reflect_hyps; lia). Qed. +Lemma relaxed_rules_work rland rm1 rv v : + is_bounded_by_bool (upper rland) (ZRange.normalize rm1) = true -> + upper rland = Z.ones (Z.succ (Z.log2 (upper rland))) -> + 0 = lower rland -> + 0 = lower rv -> + 0 <= upper rv -> + (upper rv + 1) mod (upper rland + 1) = 0 -> + ident.cast rland (ident.cast rv v &' ident.cast rm1 (upper rland)) = ident.cast rland v. +Proof. + intros H1 H2 H3 H4 H5 H6. + replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). + - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). + -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. + ++ destruct rland. simpl in *. subst. apply ident.cast_idempotent. + ++ rewrite H2. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. + -- remember (Z.log2 _) as x. rewrite H2. subst. rewrite Z.ones_equiv. lia. + + remember (Z.log2_nonneg (upper rland)). lia. + - destruct rland. destruct rv. simpl in *. subst. + repeat rewrite ident.cast_out_of_bounds_simple_0_mod. + + rewrite <- Z.mod_div_mod_full. + -- reflexivity. + -- rewrite <- Z.mod_divide_full. assumption. + + rewrite H2. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper)). lia. + + lia. + + rewrite H2. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper)). lia. +Qed. + +Lemma arith_with_relaxed_casts_rewrite_rules_proofs + : PrimitiveHList.hlist (@snd bool Prop) arith_with_relaxed_casts_rewrite_rulesT. +Proof using Type. + start_proof; auto; intros; try lia. + - apply relaxed_rules_work; assumption. + - rewrite Z.land_comm. apply relaxed_rules_work; assumption. +Qed. + Lemma strip_literal_casts_rewrite_rules_proofs : PrimitiveHList.hlist (@snd bool Prop) strip_literal_casts_rewrite_rulesT. Proof using Type. @@ -861,30 +850,6 @@ Proof using Type. by (intros; apply Z.pow_gt_lin_r; auto with zarith). start_proof; auto; intros; try lia. - 1: { - replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). - - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. - + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). - -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. - ++ destruct rland. simpl in *. subst. apply ident.cast_idempotent. - ++ rewrite H2. apply Ones.Z.ones_nonneg. remember (Z.log2_nonneg (upper rland)). lia. - -- remember (Z.log2 _) as x. rewrite H2. subst. rewrite Z.ones_equiv. lia. - + remember (Z.log2_nonneg (upper rland)). lia. - - Search ident.cast. destruct rland. destruct rv. simpl in *. subst. - (*Search ident.cast. Search ZRange.normalize. - repeat rewrite <- (ident.cast_normalize r[0~>upper]). - repeat rewrite <- (ident.cast_normalize r[0~>upper0]).*) - Check ident.cast_out_of_bounds_simple_0_mod. - repeat rewrite ident.cast_out_of_bounds_simple_0_mod. - + Search ((_ mod _) mod _). rewrite <- Z.mod_div_mod_full. - -- reflexivity. - -- Search Z.divide. rewrite <- Z.mod_divide_full. assumption. - + Search Z.ones. rewrite H2. apply Ones.Z.ones_nonneg. - remember (Z.log2_nonneg (upper)). lia. - + lia. - + Search Z.ones. rewrite H2. apply Ones.Z.ones_nonneg. - remember (Z.log2_nonneg (upper)). lia. - } all: repeat interp_good_t_step_related. all: systematically_handle_casts; autorewrite with zsimplify_fast; try reflexivity. all: subst; rewrite !ident.platform_specific_cast_0_is_mod, ?Z.sub_add, ?Z.mod_mod by lia; try reflexivity. From 799c2124533a06897dc04415cc981c737d5261e6 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 17 May 2023 00:08:35 -0400 Subject: [PATCH 22/27] cleaning up small things--fixed comments and whitespace --- src/Arithmetic/DettmanMultiplication.v | 4 ++-- src/BoundsPipeline.v | 1 - src/PushButtonSynthesis/DettmanMultiplication.v | 5 ----- src/Rewriter/Rules.v | 14 -------------- src/Rewriter/RulesProofs.v | 3 +-- 5 files changed, 3 insertions(+), 24 deletions(-) diff --git a/src/Arithmetic/DettmanMultiplication.v b/src/Arithmetic/DettmanMultiplication.v index b0092ed9a7..e1bd4e85cb 100644 --- a/src/Arithmetic/DettmanMultiplication.v +++ b/src/Arithmetic/DettmanMultiplication.v @@ -267,7 +267,7 @@ Module DettmanMultiplication. Lemma eval_reduce_carry_borrow r0 : (Positional.eval weight limbs (reduce_carry_borrow r0)) mod (s - c) = (Associational.eval r0) mod (s - c). - Proof. + Proof. cbv [reduce_carry_borrow carry' reduce']. autorewrite with push_eval; auto with arith. all: try apply weight_div_nz; try lia. all: try apply weight_mod_quotient_zero; try lia. @@ -460,7 +460,7 @@ Module dettman_multiplication_mod_ops. rewrite <- Zle_Qle. lia. + replace 0%Q with (inject_Z 0) by reflexivity. rewrite <- Zle_Qle. lia. Qed. - + Definition eval_mulmod := eval_mulmod s c register_width n weight p_nz n_gteq_4 s_small s_big weight_lt_width wprops. Definition eval_squaremod := eval_squaremod s c register_width n weight p_nz n_gteq_4 s_small s_big weight_lt_width wprops. End dettman_multiplication_mod_ops. diff --git a/src/BoundsPipeline.v b/src/BoundsPipeline.v index bfbc990359..6cd04025c8 100644 --- a/src/BoundsPipeline.v +++ b/src/BoundsPipeline.v @@ -804,7 +804,6 @@ Module Pipeline. | inr v => Debug.ret (inr v) end; match E' with - (* rewrites after bounds relaxation---add a new one named arithWithRelaxedCasts or something. *) | inl E => (E <- RewriteAndEliminateDeadAndInline "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) with_dead_code_elimination with_subst01 with_let_bind_return E; E <- match split_mul_to with diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index 948bce7aba..1472e28982 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -107,11 +107,6 @@ Section __. Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := fold_left (fun l i => Some r[0 ~> Qceiling (2 * output_magnitude_first_limbs * ((weightf (i + 1) / weightf i) - 1))]%zrange :: l) (seq 0 (n - 1)) [] ++ [Some r[0 ~> Qceiling (2 * output_magnitude_last_limb * (2^last_limb_width - 1))]%zrange]. - (*Definition output_bounds : list (ZRange.type.option.interp base.type.Z) := - match inbounds_multiplier with - | Some _ => [None; None; None; None; None] - | None => [None; None; None; None; None] - end.*) Local Existing Instance default_translate_to_fancy. Local Instance no_select_size : no_select_size_opt := no_select_size_of_no_select machine_wordsize. Local Instance split_mul_to : split_mul_to_opt := split_mul_to_of_should_split_mul machine_wordsize possible_values. diff --git a/src/Rewriter/Rules.v b/src/Rewriter/Rules.v index 0ce2464d76..dee627c741 100644 --- a/src/Rewriter/Rules.v +++ b/src/Rewriter/Rules.v @@ -45,8 +45,6 @@ Local Notation "x <= y <= z" := (andb (is_tighter_than_bool (ZRange.normalize x) Local Notation litZZ x := (ident.literal (fst x), ident.literal (snd x)) (only parsing). Local Notation n r := (ZRange.normalize r) (only parsing). -Print ident.cast. Search ident.cast. - (* N.B. [ident.eagerly] does not play well with [do_again] *) Definition nbe_rewrite_rulesT : list (bool * Prop) := Eval cbv [myapp mymap myflatten] in @@ -336,21 +334,9 @@ Definition arith_with_casts_rewrite_rulesT (adc_no_carry_to_add : bool) : list ( ; (forall rland r0 rv v, 0 ∈ rland -> 0 ∈ r0 -> cstZ rland (Z.land (cstZ r0 ('0)) (cstZ rv v)) = cstZ r0 ('0)) - (* try to use lower bounds = 0, rland.upper divides rv.upper to remove double cast. *) - (*; (forall rland rm1 rv v, - rland.(upper) ∈ rm1 - -> rland.(upper) = Z.ones (Z.succ (Z.log2 rland.(upper))) - -> 0 = rland.(lower) - -> 0 = rv.(lower) - -> 0 <= rv.(upper) - -> (rv.(upper) + 1) mod (rland.(upper) + 1) = 0 - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('rland.(upper)))) = cstZ rland v)*) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rv v) - (*; (forall rland rm1 rv v, - (rm1 <= rland)%zrange -> -1 ∈ rm1 - -> cstZ rland (Z.land (cstZ rv v) (cstZ rm1 ('-1))) = cstZ rland (cstZ rv v))*) ; (forall rland rm1 rv v, (rv <= rland)%zrange -> -1 ∈ rm1 -> cstZ rland (Z.land (cstZ rm1 ('-1)) (cstZ rv v)) = cstZ rv v) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index 1029eb9b55..5d6bcac9d6 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -273,7 +273,6 @@ Local Ltac interp_good_t_step_arith := | H : is_bounded_by_bool _ _ = true |- _ => apply unfold_is_bounded_by_bool in H; cbn [upper lower] in H - (*| H : _ |- _ => fail*) end; try apply Z.lt_succ_r; eauto using Z.log2_le_mono with lia) @@ -548,7 +547,7 @@ Local Ltac do_clear_nia x y r H H' := => let H0 := find_H x0 in let H1 := find_H x1 in let m0 := lazymatch type of H0 with 0 <= _ <= ?m => m end in - let m1 := lazymatch type of H1 with 0 <= _ <= ?m => m end in + let m1 := lazymatch type of H1 with 0 <= _ <= ?m => m end in let H := fresh in let __ := lazymatch goal with | _ => assert (H : -m1 <= x <= m0) by (clear -H0 H1; lia) From 6e951d0f9d4e2b2d0473a48b298da15304e9c1bc Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Wed, 17 May 2023 14:59:19 -0400 Subject: [PATCH 23/27] I moved the new rewriting pass (ArithWithRelaxedCasts) that I added. It now comes later in the rewriting process. Apparently it's important that it comes after the fancy stuff. For reasons that I don't understand, proofs in Barrett256 and Montgomery256 break if I put it before. --- src/BoundsPipeline.v | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/BoundsPipeline.v b/src/BoundsPipeline.v index 6cd04025c8..12625628a3 100644 --- a/src/BoundsPipeline.v +++ b/src/BoundsPipeline.v @@ -805,8 +805,7 @@ Module Pipeline. end; match E' with | inl E - => (E <- RewriteAndEliminateDeadAndInline "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) with_dead_code_elimination with_subst01 with_let_bind_return E; - E <- match split_mul_to with + => (E <- match split_mul_to with | Some (max_bitwidth, lgcarrymax) => wrap_debug_rewrite "RewriteMulSplit" (RewriteRules.RewriteMulSplit max_bitwidth lgcarrymax opts) E | None => Debug.ret E @@ -839,6 +838,7 @@ Module Pipeline. => wrap_debug_rewrite "RewriteNoSelect" (RewriteRules.RewriteNoSelect bitwidth opts) E | None => Debug.ret E end; + E <- RewriteAndEliminateDeadAndInline "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) with_dead_code_elimination with_subst01 with_let_bind_return E; E <- wrap_debug_rewrite "RewriteStripLiteralCasts" (RewriteRules.RewriteStripLiteralCasts opts) E; M.ret E) | inr (inl (b, E)) From aa4babdb6d67ac5a5dd142b4453fad85763e05ba Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Thu, 18 May 2023 02:18:26 -0400 Subject: [PATCH 24/27] fixed error with generating C code I think? In this commit, I just removed the bit about dead code elimination that I added in BoundsPipeline.v. The C code synthesizes without error now, at least. I haven't built everything yet, so we'll see if things actually work nicely. --- src/BoundsPipeline.v | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/BoundsPipeline.v b/src/BoundsPipeline.v index 12625628a3..17c093280d 100644 --- a/src/BoundsPipeline.v +++ b/src/BoundsPipeline.v @@ -838,7 +838,7 @@ Module Pipeline. => wrap_debug_rewrite "RewriteNoSelect" (RewriteRules.RewriteNoSelect bitwidth opts) E | None => Debug.ret E end; - E <- RewriteAndEliminateDeadAndInline "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) with_dead_code_elimination with_subst01 with_let_bind_return E; + E <- wrap_debug_rewrite "RewriteArithWithRelaxedCasts" (RewriteRules.RewriteArithWithRelaxedCasts opts) E; E <- wrap_debug_rewrite "RewriteStripLiteralCasts" (RewriteRules.RewriteStripLiteralCasts opts) E; M.ret E) | inr (inl (b, E)) From 822615fca330cb87d16789d29fb77dd8bd4df87c Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Thu, 18 May 2023 03:35:47 -0400 Subject: [PATCH 25/27] ran make after [fixing the redundant-land-removing rewrite pass by removing the dead-code-elimination thing] --- fiat-c/src/curve25519_32.c | 242 +- fiat-c/src/curve25519_64.c | 240 +- fiat-c/src/curve25519_scalar_32.c | 498 ++- fiat-c/src/curve25519_scalar_64.c | 386 +-- fiat-c/src/curve25519_solinas_64.c | 18 +- fiat-c/src/p224_32.c | 448 ++- fiat-c/src/p224_64.c | 366 +-- fiat-c/src/p256_32.c | 504 ++- fiat-c/src/p256_64.c | 386 +-- fiat-c/src/p256_scalar_32.c | 498 ++- fiat-c/src/p256_scalar_64.c | 386 +-- fiat-c/src/p384_32.c | 722 ++--- fiat-c/src/p384_64.c | 554 ++-- fiat-c/src/p384_scalar_32.c | 722 ++--- fiat-c/src/p384_scalar_64.c | 554 ++-- fiat-c/src/p434_64.c | 634 ++-- fiat-c/src/p448_solinas_32.c | 380 +-- fiat-c/src/p448_solinas_64.c | 360 +-- fiat-c/src/p521_32.c | 520 ++- fiat-c/src/p521_64.c | 468 +-- fiat-c/src/poly1305_32.c | 122 +- fiat-c/src/poly1305_64.c | 120 +- fiat-c/src/secp256k1_montgomery_32.c | 498 ++- fiat-c/src/secp256k1_montgomery_64.c | 386 +-- fiat-c/src/secp256k1_montgomery_scalar_32.c | 498 ++- fiat-c/src/secp256k1_montgomery_scalar_64.c | 386 +-- fiat-go/32/curve25519/curve25519.go | 170 +- .../32/curve25519scalar/curve25519scalar.go | 337 +- fiat-go/32/p224/p224.go | 304 +- fiat-go/32/p256/p256.go | 343 +- fiat-go/32/p256scalar/p256scalar.go | 337 +- fiat-go/32/p384/p384.go | 493 ++- fiat-go/32/p384scalar/p384scalar.go | 493 ++- fiat-go/32/p521/p521.go | 353 +-- fiat-go/32/poly1305/poly1305.go | 85 +- .../secp256k1montgomery.go | 337 +- .../secp256k1montgomeryscalar.go | 337 +- fiat-go/64/curve25519/curve25519.go | 165 +- .../64/curve25519scalar/curve25519scalar.go | 261 +- fiat-go/64/p224/p224.go | 247 +- fiat-go/64/p256/p256.go | 261 +- fiat-go/64/p256scalar/p256scalar.go | 261 +- fiat-go/64/p384/p384.go | 379 +-- fiat-go/64/p384scalar/p384scalar.go | 379 +-- fiat-go/64/p434/p434.go | 433 ++- fiat-go/64/p448solinas/p448solinas.go | 256 +- fiat-go/64/p521/p521.go | 333 +- fiat-go/64/poly1305/poly1305.go | 86 +- .../secp256k1montgomery.go | 261 +- .../secp256k1montgomeryscalar.go | 261 +- fiat-java/src/FiatCurve25519Scalar.java | 14 +- fiat-java/src/FiatP224.java | 14 +- fiat-java/src/FiatP256.java | 14 +- fiat-java/src/FiatP256Scalar.java | 14 +- fiat-java/src/FiatP384.java | 14 +- fiat-java/src/FiatP384Scalar.java | 14 +- fiat-java/src/FiatSecp256K1Montgomery.java | 14 +- .../src/FiatSecp256K1MontgomeryScalar.java | 14 +- fiat-json/src/curve25519_32.json | 1158 ++----- fiat-json/src/curve25519_64.json | 1306 +++----- fiat-json/src/curve25519_scalar_32.json | 1579 ++++------ fiat-json/src/curve25519_scalar_64.json | 1467 +++------ fiat-json/src/curve25519_solinas_64.json | 68 +- fiat-json/src/p224_32.json | 1448 ++++----- fiat-json/src/p224_64.json | 1364 +++----- fiat-json/src/p256_32.json | 1630 ++++------ fiat-json/src/p256_64.json | 1467 +++------ fiat-json/src/p256_scalar_32.json | 1579 ++++------ fiat-json/src/p256_scalar_64.json | 1455 +++------ fiat-json/src/p384_32.json | 2583 ++++++--------- fiat-json/src/p384_64.json | 2797 ++++++----------- fiat-json/src/p384_scalar_32.json | 2583 ++++++--------- fiat-json/src/p384_scalar_64.json | 2797 ++++++----------- fiat-json/src/p434_64.json | 2483 +++++---------- fiat-json/src/p448_solinas_32.json | 2112 ++++--------- fiat-json/src/p448_solinas_64.json | 1892 +++-------- fiat-json/src/p521_32.json | 2640 +++++----------- fiat-json/src/p521_64.json | 2644 +++++----------- fiat-json/src/poly1305_32.json | 566 +--- fiat-json/src/poly1305_64.json | 544 +--- fiat-json/src/secp256k1_dettman_64.json | 404 +-- fiat-json/src/secp256k1_montgomery_32.json | 1579 ++++------ fiat-json/src/secp256k1_montgomery_64.json | 1455 +++------ .../src/secp256k1_montgomery_scalar_32.json | 1579 ++++------ .../src/secp256k1_montgomery_scalar_64.json | 1455 +++------ fiat-rust/src/curve25519_32.rs | 170 +- fiat-rust/src/curve25519_64.rs | 165 +- fiat-rust/src/curve25519_scalar_32.rs | 453 ++- fiat-rust/src/curve25519_scalar_64.rs | 329 +- fiat-rust/src/curve25519_solinas_64.rs | 14 +- fiat-rust/src/p224_32.rs | 408 ++- fiat-rust/src/p224_64.rs | 315 +- fiat-rust/src/p256_32.rs | 459 ++- fiat-rust/src/p256_64.rs | 329 +- fiat-rust/src/p256_scalar_32.rs | 453 ++- fiat-rust/src/p256_scalar_64.rs | 329 +- fiat-rust/src/p384_32.rs | 657 ++-- fiat-rust/src/p384_64.rs | 471 ++- fiat-rust/src/p384_scalar_32.rs | 657 ++-- fiat-rust/src/p384_scalar_64.rs | 471 ++- fiat-rust/src/p434_64.rs | 537 ++-- fiat-rust/src/p448_solinas_32.rs | 272 +- fiat-rust/src/p448_solinas_64.rs | 256 +- fiat-rust/src/p521_32.rs | 353 +-- fiat-rust/src/p521_64.rs | 333 +- fiat-rust/src/poly1305_32.rs | 85 +- fiat-rust/src/poly1305_64.rs | 86 +- fiat-rust/src/secp256k1_dettman_64.rs | 140 +- fiat-rust/src/secp256k1_montgomery_32.rs | 453 ++- fiat-rust/src/secp256k1_montgomery_64.rs | 329 +- .../src/secp256k1_montgomery_scalar_32.rs | 453 ++- .../src/secp256k1_montgomery_scalar_64.rs | 329 +- fiat-zig/src/curve25519_32.zig | 170 +- fiat-zig/src/curve25519_64.zig | 165 +- fiat-zig/src/curve25519_scalar_32.zig | 453 ++- fiat-zig/src/curve25519_scalar_64.zig | 329 +- fiat-zig/src/curve25519_solinas_64.zig | 14 +- fiat-zig/src/p224_32.zig | 408 ++- fiat-zig/src/p224_64.zig | 315 +- fiat-zig/src/p256_32.zig | 459 ++- fiat-zig/src/p256_64.zig | 329 +- fiat-zig/src/p256_scalar_32.zig | 453 ++- fiat-zig/src/p256_scalar_64.zig | 329 +- fiat-zig/src/p384_32.zig | 657 ++-- fiat-zig/src/p384_64.zig | 471 ++- fiat-zig/src/p384_scalar_32.zig | 657 ++-- fiat-zig/src/p384_scalar_64.zig | 471 ++- fiat-zig/src/p434_64.zig | 537 ++-- fiat-zig/src/p448_solinas_32.zig | 272 +- fiat-zig/src/p448_solinas_64.zig | 256 +- fiat-zig/src/p521_32.zig | 353 +-- fiat-zig/src/p521_64.zig | 333 +- fiat-zig/src/poly1305_32.zig | 85 +- fiat-zig/src/poly1305_64.zig | 86 +- fiat-zig/src/secp256k1_dettman_64.zig | 140 +- fiat-zig/src/secp256k1_montgomery_32.zig | 453 ++- fiat-zig/src/secp256k1_montgomery_64.zig | 329 +- .../src/secp256k1_montgomery_scalar_32.zig | 453 ++- .../src/secp256k1_montgomery_scalar_64.zig | 329 +- 139 files changed, 31236 insertions(+), 50190 deletions(-) diff --git a/fiat-c/src/curve25519_32.c b/fiat-c/src/curve25519_32.c index 427259b84c..c5b723e235 100644 --- a/fiat-c/src/curve25519_32.c +++ b/fiat-c/src/curve25519_32.c @@ -1033,74 +1033,44 @@ static FIAT_25519_FIAT_INLINE void fiat_25519_to_bytes(uint8_t out1[32], const f uint32_t x47; uint32_t x48; uint32_t x49; - uint8_t x50; + uint32_t x50; uint32_t x51; uint8_t x52; uint32_t x53; - uint8_t x54; - uint8_t x55; - uint32_t x56; - uint8_t x57; + uint32_t x54; + uint32_t x55; + uint8_t x56; + uint32_t x57; uint32_t x58; - uint8_t x59; - uint32_t x60; - uint8_t x61; - uint8_t x62; + uint32_t x59; + uint8_t x60; + uint32_t x61; + uint32_t x62; uint32_t x63; uint8_t x64; uint32_t x65; - uint8_t x66; + uint32_t x66; uint32_t x67; uint8_t x68; - uint8_t x69; + uint32_t x69; uint32_t x70; - uint8_t x71; + fiat_25519_uint1 x71; uint32_t x72; - uint8_t x73; + uint32_t x73; uint32_t x74; uint8_t x75; - uint8_t x76; + uint32_t x76; uint32_t x77; - uint8_t x78; - uint32_t x79; - uint8_t x80; + uint32_t x78; + uint8_t x79; + uint32_t x80; uint32_t x81; - uint8_t x82; + uint32_t x82; uint8_t x83; - uint8_t x84; + uint32_t x84; uint32_t x85; - uint8_t x86; - uint32_t x87; - uint8_t x88; - fiat_25519_uint1 x89; - uint32_t x90; - uint8_t x91; - uint32_t x92; - uint8_t x93; - uint32_t x94; - uint8_t x95; - uint8_t x96; - uint32_t x97; - uint8_t x98; - uint32_t x99; - uint8_t x100; - uint32_t x101; - uint8_t x102; - uint8_t x103; - uint32_t x104; - uint8_t x105; - uint32_t x106; - uint8_t x107; - uint32_t x108; - uint8_t x109; - uint8_t x110; - uint32_t x111; - uint8_t x112; - uint32_t x113; - uint8_t x114; - uint32_t x115; - uint8_t x116; - uint8_t x117; + uint32_t x86; + uint8_t x87; fiat_25519_subborrowx_u26(&x1, &x2, 0x0, (arg1[0]), UINT32_C(0x3ffffed)); fiat_25519_subborrowx_u25(&x3, &x4, x2, (arg1[1]), UINT32_C(0x1ffffff)); fiat_25519_subborrowx_u26(&x5, &x6, x4, (arg1[2]), UINT32_C(0x3ffffff)); @@ -1130,106 +1100,76 @@ static FIAT_25519_FIAT_INLINE void fiat_25519_to_bytes(uint8_t out1[32], const f x47 = (x28 << 5); x48 = (x26 << 3); x49 = (x24 << 2); - x50 = (uint8_t)(x22 & UINT8_C(0xff)); - x51 = (x22 >> 8); - x52 = (uint8_t)(x51 & UINT8_C(0xff)); - x53 = (x51 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (uint8_t)(x53 >> 8); - x56 = (x49 + (uint32_t)x55); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (x58 >> 8); - x61 = (uint8_t)(x60 & UINT8_C(0xff)); - x62 = (uint8_t)(x60 >> 8); - x63 = (x48 + (uint32_t)x62); - x64 = (uint8_t)(x63 & UINT8_C(0xff)); - x65 = (x63 >> 8); - x66 = (uint8_t)(x65 & UINT8_C(0xff)); - x67 = (x65 >> 8); - x68 = (uint8_t)(x67 & UINT8_C(0xff)); - x69 = (uint8_t)(x67 >> 8); - x70 = (x47 + (uint32_t)x69); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (x70 >> 8); - x73 = (uint8_t)(x72 & UINT8_C(0xff)); - x74 = (x72 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (uint8_t)(x74 >> 8); - x77 = (x46 + (uint32_t)x76); - x78 = (uint8_t)(x77 & UINT8_C(0xff)); - x79 = (x77 >> 8); - x80 = (uint8_t)(x79 & UINT8_C(0xff)); - x81 = (x79 >> 8); - x82 = (uint8_t)(x81 & UINT8_C(0xff)); - x83 = (uint8_t)(x81 >> 8); - x84 = (uint8_t)(x32 & UINT8_C(0xff)); - x85 = (x32 >> 8); - x86 = (uint8_t)(x85 & UINT8_C(0xff)); - x87 = (x85 >> 8); - x88 = (uint8_t)(x87 & UINT8_C(0xff)); - x89 = (fiat_25519_uint1)(x87 >> 8); - x90 = (x45 + (uint32_t)x89); - x91 = (uint8_t)(x90 & UINT8_C(0xff)); - x92 = (x90 >> 8); - x93 = (uint8_t)(x92 & UINT8_C(0xff)); - x94 = (x92 >> 8); - x95 = (uint8_t)(x94 & UINT8_C(0xff)); - x96 = (uint8_t)(x94 >> 8); - x97 = (x44 + (uint32_t)x96); - x98 = (uint8_t)(x97 & UINT8_C(0xff)); - x99 = (x97 >> 8); - x100 = (uint8_t)(x99 & UINT8_C(0xff)); - x101 = (x99 >> 8); - x102 = (uint8_t)(x101 & UINT8_C(0xff)); - x103 = (uint8_t)(x101 >> 8); - x104 = (x43 + (uint32_t)x103); - x105 = (uint8_t)(x104 & UINT8_C(0xff)); - x106 = (x104 >> 8); - x107 = (uint8_t)(x106 & UINT8_C(0xff)); - x108 = (x106 >> 8); - x109 = (uint8_t)(x108 & UINT8_C(0xff)); - x110 = (uint8_t)(x108 >> 8); - x111 = (x42 + (uint32_t)x110); - x112 = (uint8_t)(x111 & UINT8_C(0xff)); - x113 = (x111 >> 8); - x114 = (uint8_t)(x113 & UINT8_C(0xff)); - x115 = (x113 >> 8); - x116 = (uint8_t)(x115 & UINT8_C(0xff)); - x117 = (uint8_t)(x115 >> 8); - out1[0] = x50; - out1[1] = x52; - out1[2] = x54; - out1[3] = x57; - out1[4] = x59; - out1[5] = x61; - out1[6] = x64; - out1[7] = x66; - out1[8] = x68; - out1[9] = x71; - out1[10] = x73; - out1[11] = x75; - out1[12] = x78; - out1[13] = x80; - out1[14] = x82; - out1[15] = x83; - out1[16] = x84; - out1[17] = x86; - out1[18] = x88; - out1[19] = x91; - out1[20] = x93; - out1[21] = x95; - out1[22] = x98; - out1[23] = x100; - out1[24] = x102; - out1[25] = x105; - out1[26] = x107; - out1[27] = x109; - out1[28] = x112; - out1[29] = x114; - out1[30] = x116; - out1[31] = x117; + x50 = (x22 >> 8); + x51 = (x50 >> 8); + x52 = (uint8_t)(x51 >> 8); + x53 = (x49 + (uint32_t)x52); + x54 = (x53 >> 8); + x55 = (x54 >> 8); + x56 = (uint8_t)(x55 >> 8); + x57 = (x48 + (uint32_t)x56); + x58 = (x57 >> 8); + x59 = (x58 >> 8); + x60 = (uint8_t)(x59 >> 8); + x61 = (x47 + (uint32_t)x60); + x62 = (x61 >> 8); + x63 = (x62 >> 8); + x64 = (uint8_t)(x63 >> 8); + x65 = (x46 + (uint32_t)x64); + x66 = (x65 >> 8); + x67 = (x66 >> 8); + x68 = (uint8_t)(x67 >> 8); + x69 = (x32 >> 8); + x70 = (x69 >> 8); + x71 = (fiat_25519_uint1)(x70 >> 8); + x72 = (x45 + (uint32_t)x71); + x73 = (x72 >> 8); + x74 = (x73 >> 8); + x75 = (uint8_t)(x74 >> 8); + x76 = (x44 + (uint32_t)x75); + x77 = (x76 >> 8); + x78 = (x77 >> 8); + x79 = (uint8_t)(x78 >> 8); + x80 = (x43 + (uint32_t)x79); + x81 = (x80 >> 8); + x82 = (x81 >> 8); + x83 = (uint8_t)(x82 >> 8); + x84 = (x42 + (uint32_t)x83); + x85 = (x84 >> 8); + x86 = (x85 >> 8); + x87 = (uint8_t)(x86 >> 8); + out1[0] = (uint8_t)x22; + out1[1] = (uint8_t)x50; + out1[2] = (uint8_t)x51; + out1[3] = (uint8_t)x53; + out1[4] = (uint8_t)x54; + out1[5] = (uint8_t)x55; + out1[6] = (uint8_t)x57; + out1[7] = (uint8_t)x58; + out1[8] = (uint8_t)x59; + out1[9] = (uint8_t)x61; + out1[10] = (uint8_t)x62; + out1[11] = (uint8_t)x63; + out1[12] = (uint8_t)x65; + out1[13] = (uint8_t)x66; + out1[14] = (uint8_t)x67; + out1[15] = x68; + out1[16] = (uint8_t)x32; + out1[17] = (uint8_t)x69; + out1[18] = (uint8_t)x70; + out1[19] = (uint8_t)x72; + out1[20] = (uint8_t)x73; + out1[21] = (uint8_t)x74; + out1[22] = (uint8_t)x76; + out1[23] = (uint8_t)x77; + out1[24] = (uint8_t)x78; + out1[25] = (uint8_t)x80; + out1[26] = (uint8_t)x81; + out1[27] = (uint8_t)x82; + out1[28] = (uint8_t)x84; + out1[29] = (uint8_t)x85; + out1[30] = (uint8_t)x86; + out1[31] = x87; } /* diff --git a/fiat-c/src/curve25519_64.c b/fiat-c/src/curve25519_64.c index 20de6c6422..1e6db1b5d1 100644 --- a/fiat-c/src/curve25519_64.c +++ b/fiat-c/src/curve25519_64.c @@ -537,72 +537,41 @@ static FIAT_25519_FIAT_INLINE void fiat_25519_to_bytes(uint8_t out1[32], const f uint64_t x23; uint64_t x24; uint64_t x25; - uint8_t x26; + uint64_t x26; uint64_t x27; - uint8_t x28; + uint64_t x28; uint64_t x29; - uint8_t x30; - uint64_t x31; - uint8_t x32; + uint64_t x30; + uint8_t x31; + uint64_t x32; uint64_t x33; - uint8_t x34; + uint64_t x34; uint64_t x35; - uint8_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; + uint64_t x36; + uint64_t x37; + uint8_t x38; + uint64_t x39; uint64_t x40; - uint8_t x41; + uint64_t x41; uint64_t x42; - uint8_t x43; + uint64_t x43; uint64_t x44; - uint8_t x45; - uint64_t x46; - uint8_t x47; + uint64_t x45; + fiat_25519_uint1 x46; + uint64_t x47; uint64_t x48; - uint8_t x49; - uint8_t x50; + uint64_t x49; + uint64_t x50; uint64_t x51; - uint8_t x52; - uint64_t x53; - uint8_t x54; + uint64_t x52; + uint8_t x53; + uint64_t x54; uint64_t x55; - uint8_t x56; + uint64_t x56; uint64_t x57; - uint8_t x58; + uint64_t x58; uint64_t x59; uint8_t x60; - uint64_t x61; - uint8_t x62; - uint64_t x63; - uint8_t x64; - fiat_25519_uint1 x65; - uint64_t x66; - uint8_t x67; - uint64_t x68; - uint8_t x69; - uint64_t x70; - uint8_t x71; - uint64_t x72; - uint8_t x73; - uint64_t x74; - uint8_t x75; - uint64_t x76; - uint8_t x77; - uint8_t x78; - uint64_t x79; - uint8_t x80; - uint64_t x81; - uint8_t x82; - uint64_t x83; - uint8_t x84; - uint64_t x85; - uint8_t x86; - uint64_t x87; - uint8_t x88; - uint64_t x89; - uint8_t x90; - uint8_t x91; fiat_25519_subborrowx_u51(&x1, &x2, 0x0, (arg1[0]), UINT64_C(0x7ffffffffffed)); fiat_25519_subborrowx_u51(&x3, &x4, x2, (arg1[1]), UINT64_C(0x7ffffffffffff)); fiat_25519_subborrowx_u51(&x5, &x6, x4, (arg1[2]), UINT64_C(0x7ffffffffffff)); @@ -618,104 +587,73 @@ static FIAT_25519_FIAT_INLINE void fiat_25519_to_bytes(uint8_t out1[32], const f x23 = (x18 * (uint64_t)0x2); x24 = (x16 << 6); x25 = (x14 << 3); - x26 = (uint8_t)(x12 & UINT8_C(0xff)); - x27 = (x12 >> 8); - x28 = (uint8_t)(x27 & UINT8_C(0xff)); - x29 = (x27 >> 8); - x30 = (uint8_t)(x29 & UINT8_C(0xff)); - x31 = (x29 >> 8); - x32 = (uint8_t)(x31 & UINT8_C(0xff)); - x33 = (x31 >> 8); - x34 = (uint8_t)(x33 & UINT8_C(0xff)); - x35 = (x33 >> 8); - x36 = (uint8_t)(x35 & UINT8_C(0xff)); - x37 = (uint8_t)(x35 >> 8); - x38 = (x25 + (uint64_t)x37); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (x44 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (x24 + (uint64_t)x50); - x52 = (uint8_t)(x51 & UINT8_C(0xff)); - x53 = (x51 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (x53 >> 8); - x56 = (uint8_t)(x55 & UINT8_C(0xff)); - x57 = (x55 >> 8); - x58 = (uint8_t)(x57 & UINT8_C(0xff)); - x59 = (x57 >> 8); - x60 = (uint8_t)(x59 & UINT8_C(0xff)); - x61 = (x59 >> 8); - x62 = (uint8_t)(x61 & UINT8_C(0xff)); - x63 = (x61 >> 8); - x64 = (uint8_t)(x63 & UINT8_C(0xff)); - x65 = (fiat_25519_uint1)(x63 >> 8); - x66 = (x23 + (uint64_t)x65); - x67 = (uint8_t)(x66 & UINT8_C(0xff)); - x68 = (x66 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (x70 >> 8); - x73 = (uint8_t)(x72 & UINT8_C(0xff)); - x74 = (x72 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (x74 >> 8); - x77 = (uint8_t)(x76 & UINT8_C(0xff)); - x78 = (uint8_t)(x76 >> 8); - x79 = (x22 + (uint64_t)x78); - x80 = (uint8_t)(x79 & UINT8_C(0xff)); - x81 = (x79 >> 8); - x82 = (uint8_t)(x81 & UINT8_C(0xff)); - x83 = (x81 >> 8); - x84 = (uint8_t)(x83 & UINT8_C(0xff)); - x85 = (x83 >> 8); - x86 = (uint8_t)(x85 & UINT8_C(0xff)); - x87 = (x85 >> 8); - x88 = (uint8_t)(x87 & UINT8_C(0xff)); - x89 = (x87 >> 8); - x90 = (uint8_t)(x89 & UINT8_C(0xff)); - x91 = (uint8_t)(x89 >> 8); - out1[0] = x26; - out1[1] = x28; - out1[2] = x30; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x45; - out1[10] = x47; - out1[11] = x49; - out1[12] = x52; - out1[13] = x54; - out1[14] = x56; - out1[15] = x58; - out1[16] = x60; - out1[17] = x62; - out1[18] = x64; - out1[19] = x67; - out1[20] = x69; - out1[21] = x71; - out1[22] = x73; - out1[23] = x75; - out1[24] = x77; - out1[25] = x80; - out1[26] = x82; - out1[27] = x84; - out1[28] = x86; - out1[29] = x88; - out1[30] = x90; - out1[31] = x91; + x26 = (x12 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (uint8_t)(x30 >> 8); + x32 = (x25 + (uint64_t)x31); + x33 = (x32 >> 8); + x34 = (x33 >> 8); + x35 = (x34 >> 8); + x36 = (x35 >> 8); + x37 = (x36 >> 8); + x38 = (uint8_t)(x37 >> 8); + x39 = (x24 + (uint64_t)x38); + x40 = (x39 >> 8); + x41 = (x40 >> 8); + x42 = (x41 >> 8); + x43 = (x42 >> 8); + x44 = (x43 >> 8); + x45 = (x44 >> 8); + x46 = (fiat_25519_uint1)(x45 >> 8); + x47 = (x23 + (uint64_t)x46); + x48 = (x47 >> 8); + x49 = (x48 >> 8); + x50 = (x49 >> 8); + x51 = (x50 >> 8); + x52 = (x51 >> 8); + x53 = (uint8_t)(x52 >> 8); + x54 = (x22 + (uint64_t)x53); + x55 = (x54 >> 8); + x56 = (x55 >> 8); + x57 = (x56 >> 8); + x58 = (x57 >> 8); + x59 = (x58 >> 8); + x60 = (uint8_t)(x59 >> 8); + out1[0] = (uint8_t)x12; + out1[1] = (uint8_t)x26; + out1[2] = (uint8_t)x27; + out1[3] = (uint8_t)x28; + out1[4] = (uint8_t)x29; + out1[5] = (uint8_t)x30; + out1[6] = (uint8_t)x32; + out1[7] = (uint8_t)x33; + out1[8] = (uint8_t)x34; + out1[9] = (uint8_t)x35; + out1[10] = (uint8_t)x36; + out1[11] = (uint8_t)x37; + out1[12] = (uint8_t)x39; + out1[13] = (uint8_t)x40; + out1[14] = (uint8_t)x41; + out1[15] = (uint8_t)x42; + out1[16] = (uint8_t)x43; + out1[17] = (uint8_t)x44; + out1[18] = (uint8_t)x45; + out1[19] = (uint8_t)x47; + out1[20] = (uint8_t)x48; + out1[21] = (uint8_t)x49; + out1[22] = (uint8_t)x50; + out1[23] = (uint8_t)x51; + out1[24] = (uint8_t)x52; + out1[25] = (uint8_t)x54; + out1[26] = (uint8_t)x55; + out1[27] = (uint8_t)x56; + out1[28] = (uint8_t)x57; + out1[29] = (uint8_t)x58; + out1[30] = (uint8_t)x59; + out1[31] = x60; } /* diff --git a/fiat-c/src/curve25519_scalar_32.c b/fiat-c/src/curve25519_scalar_32.c index 867cb7cea0..b9bf91acb4 100644 --- a/fiat-c/src/curve25519_scalar_32.c +++ b/fiat-c/src/curve25519_scalar_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_25519_scalar_value_barrier_u32(uint32_t a) { */ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_addcarryx_u32(uint32_t* out1, fiat_25519_scalar_uint1* out2, fiat_25519_scalar_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_25519_scalar_uint1 x3; + fiat_25519_scalar_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_25519_scalar_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_25519_scalar_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_subborrowx_u32(uint3 static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -4251,54 +4247,30 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_to_bytes(uint8_t out uint32_t x6; uint32_t x7; uint32_t x8; - uint8_t x9; + uint32_t x9; uint32_t x10; uint8_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint8_t x14; - uint8_t x15; + uint32_t x15; uint32_t x16; uint8_t x17; uint32_t x18; - uint8_t x19; + uint32_t x19; uint8_t x20; - uint8_t x21; + uint32_t x21; uint32_t x22; uint8_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint8_t x26; - uint8_t x27; + uint32_t x27; uint32_t x28; uint8_t x29; uint32_t x30; - uint8_t x31; + uint32_t x31; uint8_t x32; - uint8_t x33; - uint32_t x34; - uint8_t x35; - uint32_t x36; - uint8_t x37; - uint8_t x38; - uint8_t x39; - uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint8_t x45; - uint32_t x46; - uint8_t x47; - uint32_t x48; - uint8_t x49; - uint8_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint32_t x54; - uint8_t x55; - uint8_t x56; x1 = (arg1[7]); x2 = (arg1[6]); x3 = (arg1[5]); @@ -4307,86 +4279,62 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_to_bytes(uint8_t out x6 = (arg1[2]); x7 = (arg1[1]); x8 = (arg1[0]); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (uint8_t)(x12 >> 8); - x15 = (uint8_t)(x7 & UINT8_C(0xff)); - x16 = (x7 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x6 & UINT8_C(0xff)); - x22 = (x6 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (uint8_t)(x24 >> 8); - x27 = (uint8_t)(x5 & UINT8_C(0xff)); - x28 = (x5 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x4 & UINT8_C(0xff)); - x34 = (x4 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (uint8_t)(x36 >> 8); - x39 = (uint8_t)(x3 & UINT8_C(0xff)); - x40 = (x3 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (uint8_t)(x2 & UINT8_C(0xff)); - x46 = (x2 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (uint8_t)(x1 & UINT8_C(0xff)); - x52 = (x1 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (uint8_t)(x54 >> 8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x7 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (uint8_t)(x16 >> 8); + x18 = (x5 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (uint8_t)(x22 >> 8); + x24 = (x3 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x2 >> 8); + x28 = (x27 >> 8); + x29 = (uint8_t)(x28 >> 8); + x30 = (x1 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x9; + out1[2] = (uint8_t)x10; + out1[3] = x11; + out1[4] = (uint8_t)x7; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = x17; + out1[12] = (uint8_t)x5; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = x23; + out1[20] = (uint8_t)x3; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x25; + out1[23] = x26; + out1[24] = (uint8_t)x2; + out1[25] = (uint8_t)x27; + out1[26] = (uint8_t)x28; + out1[27] = x29; + out1[28] = (uint8_t)x1; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -4731,7 +4679,7 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou uint32_t x131; uint32_t x132; uint32_t x133; - fiat_25519_scalar_uint1 x134; + uint32_t x134; uint32_t x135; uint32_t x136; uint32_t x137; @@ -4741,24 +4689,24 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou uint32_t x141; uint32_t x142; uint32_t x143; - uint32_t x144; - fiat_25519_scalar_uint1 x145; - uint32_t x146; - fiat_25519_scalar_uint1 x147; - uint32_t x148; - fiat_25519_scalar_uint1 x149; - uint32_t x150; - fiat_25519_scalar_uint1 x151; - uint32_t x152; - fiat_25519_scalar_uint1 x153; - uint32_t x154; - fiat_25519_scalar_uint1 x155; - uint32_t x156; - fiat_25519_scalar_uint1 x157; - uint32_t x158; - fiat_25519_scalar_uint1 x159; - uint32_t x160; - fiat_25519_scalar_uint1 x161; + fiat_25519_scalar_uint1 x144; + uint32_t x145; + fiat_25519_scalar_uint1 x146; + uint32_t x147; + fiat_25519_scalar_uint1 x148; + uint32_t x149; + fiat_25519_scalar_uint1 x150; + uint32_t x151; + fiat_25519_scalar_uint1 x152; + uint32_t x153; + fiat_25519_scalar_uint1 x154; + uint32_t x155; + fiat_25519_scalar_uint1 x156; + uint32_t x157; + fiat_25519_scalar_uint1 x158; + uint32_t x159; + fiat_25519_scalar_uint1 x160; + uint32_t x161; uint32_t x162; uint32_t x163; uint32_t x164; @@ -4767,42 +4715,42 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou uint32_t x167; uint32_t x168; uint32_t x169; - uint32_t x170; - fiat_25519_scalar_uint1 x171; - uint32_t x172; - fiat_25519_scalar_uint1 x173; - uint32_t x174; - fiat_25519_scalar_uint1 x175; - uint32_t x176; - fiat_25519_scalar_uint1 x177; - uint32_t x178; - fiat_25519_scalar_uint1 x179; - uint32_t x180; - fiat_25519_scalar_uint1 x181; - uint32_t x182; - fiat_25519_scalar_uint1 x183; - uint32_t x184; - fiat_25519_scalar_uint1 x185; - uint32_t x186; - fiat_25519_scalar_uint1 x187; - uint32_t x188; - fiat_25519_scalar_uint1 x189; - uint32_t x190; - fiat_25519_scalar_uint1 x191; - uint32_t x192; - fiat_25519_scalar_uint1 x193; - uint32_t x194; - fiat_25519_scalar_uint1 x195; - uint32_t x196; - fiat_25519_scalar_uint1 x197; - uint32_t x198; - fiat_25519_scalar_uint1 x199; - uint32_t x200; - fiat_25519_scalar_uint1 x201; - uint32_t x202; - fiat_25519_scalar_uint1 x203; - uint32_t x204; - fiat_25519_scalar_uint1 x205; + fiat_25519_scalar_uint1 x170; + uint32_t x171; + fiat_25519_scalar_uint1 x172; + uint32_t x173; + fiat_25519_scalar_uint1 x174; + uint32_t x175; + fiat_25519_scalar_uint1 x176; + uint32_t x177; + fiat_25519_scalar_uint1 x178; + uint32_t x179; + fiat_25519_scalar_uint1 x180; + uint32_t x181; + fiat_25519_scalar_uint1 x182; + uint32_t x183; + fiat_25519_scalar_uint1 x184; + uint32_t x185; + fiat_25519_scalar_uint1 x186; + uint32_t x187; + fiat_25519_scalar_uint1 x188; + uint32_t x189; + fiat_25519_scalar_uint1 x190; + uint32_t x191; + fiat_25519_scalar_uint1 x192; + uint32_t x193; + fiat_25519_scalar_uint1 x194; + uint32_t x195; + fiat_25519_scalar_uint1 x196; + uint32_t x197; + fiat_25519_scalar_uint1 x198; + uint32_t x199; + fiat_25519_scalar_uint1 x200; + uint32_t x201; + fiat_25519_scalar_uint1 x202; + uint32_t x203; + fiat_25519_scalar_uint1 x204; + uint32_t x205; uint32_t x206; uint32_t x207; uint32_t x208; @@ -4827,9 +4775,8 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou uint32_t x227; uint32_t x228; uint32_t x229; - uint32_t x230; fiat_25519_scalar_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_25519_scalar_uint1)((fiat_25519_scalar_uint1)(x1 >> 31) & (fiat_25519_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_25519_scalar_uint1)((fiat_25519_scalar_uint1)(x1 >> 31) & (fiat_25519_scalar_uint1)(arg3[0])); fiat_25519_scalar_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_25519_scalar_cmovznz_u32(&x6, x3, arg1, x4); fiat_25519_scalar_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -4917,77 +4864,76 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou fiat_25519_scalar_cmovznz_u32(&x131, x3, (arg5[5]), x120); fiat_25519_scalar_cmovznz_u32(&x132, x3, (arg5[6]), x122); fiat_25519_scalar_cmovznz_u32(&x133, x3, (arg5[7]), x124); - x134 = (fiat_25519_scalar_uint1)(x34 & 0x1); - fiat_25519_scalar_cmovznz_u32(&x135, x134, 0x0, x7); - fiat_25519_scalar_cmovznz_u32(&x136, x134, 0x0, x8); - fiat_25519_scalar_cmovznz_u32(&x137, x134, 0x0, x9); - fiat_25519_scalar_cmovznz_u32(&x138, x134, 0x0, x10); - fiat_25519_scalar_cmovznz_u32(&x139, x134, 0x0, x11); - fiat_25519_scalar_cmovznz_u32(&x140, x134, 0x0, x12); - fiat_25519_scalar_cmovznz_u32(&x141, x134, 0x0, x13); - fiat_25519_scalar_cmovznz_u32(&x142, x134, 0x0, x14); - fiat_25519_scalar_cmovznz_u32(&x143, x134, 0x0, x15); - fiat_25519_scalar_addcarryx_u32(&x144, &x145, 0x0, x34, x135); - fiat_25519_scalar_addcarryx_u32(&x146, &x147, x145, x35, x136); - fiat_25519_scalar_addcarryx_u32(&x148, &x149, x147, x36, x137); - fiat_25519_scalar_addcarryx_u32(&x150, &x151, x149, x37, x138); - fiat_25519_scalar_addcarryx_u32(&x152, &x153, x151, x38, x139); - fiat_25519_scalar_addcarryx_u32(&x154, &x155, x153, x39, x140); - fiat_25519_scalar_addcarryx_u32(&x156, &x157, x155, x40, x141); - fiat_25519_scalar_addcarryx_u32(&x158, &x159, x157, x41, x142); - fiat_25519_scalar_addcarryx_u32(&x160, &x161, x159, x42, x143); - fiat_25519_scalar_cmovznz_u32(&x162, x134, 0x0, x43); - fiat_25519_scalar_cmovznz_u32(&x163, x134, 0x0, x44); - fiat_25519_scalar_cmovznz_u32(&x164, x134, 0x0, x45); - fiat_25519_scalar_cmovznz_u32(&x165, x134, 0x0, x46); - fiat_25519_scalar_cmovznz_u32(&x166, x134, 0x0, x47); - fiat_25519_scalar_cmovznz_u32(&x167, x134, 0x0, x48); - fiat_25519_scalar_cmovznz_u32(&x168, x134, 0x0, x49); - fiat_25519_scalar_cmovznz_u32(&x169, x134, 0x0, x50); - fiat_25519_scalar_addcarryx_u32(&x170, &x171, 0x0, x126, x162); - fiat_25519_scalar_addcarryx_u32(&x172, &x173, x171, x127, x163); - fiat_25519_scalar_addcarryx_u32(&x174, &x175, x173, x128, x164); - fiat_25519_scalar_addcarryx_u32(&x176, &x177, x175, x129, x165); - fiat_25519_scalar_addcarryx_u32(&x178, &x179, x177, x130, x166); - fiat_25519_scalar_addcarryx_u32(&x180, &x181, x179, x131, x167); - fiat_25519_scalar_addcarryx_u32(&x182, &x183, x181, x132, x168); - fiat_25519_scalar_addcarryx_u32(&x184, &x185, x183, x133, x169); - fiat_25519_scalar_subborrowx_u32(&x186, &x187, 0x0, x170, UINT32_C(0x5cf5d3ed)); - fiat_25519_scalar_subborrowx_u32(&x188, &x189, x187, x172, UINT32_C(0x5812631a)); - fiat_25519_scalar_subborrowx_u32(&x190, &x191, x189, x174, UINT32_C(0xa2f79cd6)); - fiat_25519_scalar_subborrowx_u32(&x192, &x193, x191, x176, UINT32_C(0x14def9de)); - fiat_25519_scalar_subborrowx_u32(&x194, &x195, x193, x178, 0x0); - fiat_25519_scalar_subborrowx_u32(&x196, &x197, x195, x180, 0x0); - fiat_25519_scalar_subborrowx_u32(&x198, &x199, x197, x182, 0x0); - fiat_25519_scalar_subborrowx_u32(&x200, &x201, x199, x184, UINT32_C(0x10000000)); - fiat_25519_scalar_subborrowx_u32(&x202, &x203, x201, x185, 0x0); - fiat_25519_scalar_addcarryx_u32(&x204, &x205, 0x0, x6, 0x1); - x206 = ((x144 >> 1) | ((x146 << 31) & UINT32_C(0xffffffff))); - x207 = ((x146 >> 1) | ((x148 << 31) & UINT32_C(0xffffffff))); - x208 = ((x148 >> 1) | ((x150 << 31) & UINT32_C(0xffffffff))); - x209 = ((x150 >> 1) | ((x152 << 31) & UINT32_C(0xffffffff))); - x210 = ((x152 >> 1) | ((x154 << 31) & UINT32_C(0xffffffff))); - x211 = ((x154 >> 1) | ((x156 << 31) & UINT32_C(0xffffffff))); - x212 = ((x156 >> 1) | ((x158 << 31) & UINT32_C(0xffffffff))); - x213 = ((x158 >> 1) | ((x160 << 31) & UINT32_C(0xffffffff))); - x214 = ((x160 & UINT32_C(0x80000000)) | (x160 >> 1)); - fiat_25519_scalar_cmovznz_u32(&x215, x84, x67, x51); - fiat_25519_scalar_cmovznz_u32(&x216, x84, x69, x53); - fiat_25519_scalar_cmovznz_u32(&x217, x84, x71, x55); - fiat_25519_scalar_cmovznz_u32(&x218, x84, x73, x57); - fiat_25519_scalar_cmovznz_u32(&x219, x84, x75, x59); - fiat_25519_scalar_cmovznz_u32(&x220, x84, x77, x61); - fiat_25519_scalar_cmovznz_u32(&x221, x84, x79, x63); - fiat_25519_scalar_cmovznz_u32(&x222, x84, x81, x65); - fiat_25519_scalar_cmovznz_u32(&x223, x203, x186, x170); - fiat_25519_scalar_cmovznz_u32(&x224, x203, x188, x172); - fiat_25519_scalar_cmovznz_u32(&x225, x203, x190, x174); - fiat_25519_scalar_cmovznz_u32(&x226, x203, x192, x176); - fiat_25519_scalar_cmovznz_u32(&x227, x203, x194, x178); - fiat_25519_scalar_cmovznz_u32(&x228, x203, x196, x180); - fiat_25519_scalar_cmovznz_u32(&x229, x203, x198, x182); - fiat_25519_scalar_cmovznz_u32(&x230, x203, x200, x184); - *out1 = x204; + fiat_25519_scalar_cmovznz_u32(&x134, (fiat_25519_scalar_uint1)x34, 0x0, x7); + fiat_25519_scalar_cmovznz_u32(&x135, (fiat_25519_scalar_uint1)x34, 0x0, x8); + fiat_25519_scalar_cmovznz_u32(&x136, (fiat_25519_scalar_uint1)x34, 0x0, x9); + fiat_25519_scalar_cmovznz_u32(&x137, (fiat_25519_scalar_uint1)x34, 0x0, x10); + fiat_25519_scalar_cmovznz_u32(&x138, (fiat_25519_scalar_uint1)x34, 0x0, x11); + fiat_25519_scalar_cmovznz_u32(&x139, (fiat_25519_scalar_uint1)x34, 0x0, x12); + fiat_25519_scalar_cmovznz_u32(&x140, (fiat_25519_scalar_uint1)x34, 0x0, x13); + fiat_25519_scalar_cmovznz_u32(&x141, (fiat_25519_scalar_uint1)x34, 0x0, x14); + fiat_25519_scalar_cmovznz_u32(&x142, (fiat_25519_scalar_uint1)x34, 0x0, x15); + fiat_25519_scalar_addcarryx_u32(&x143, &x144, 0x0, x34, x134); + fiat_25519_scalar_addcarryx_u32(&x145, &x146, x144, x35, x135); + fiat_25519_scalar_addcarryx_u32(&x147, &x148, x146, x36, x136); + fiat_25519_scalar_addcarryx_u32(&x149, &x150, x148, x37, x137); + fiat_25519_scalar_addcarryx_u32(&x151, &x152, x150, x38, x138); + fiat_25519_scalar_addcarryx_u32(&x153, &x154, x152, x39, x139); + fiat_25519_scalar_addcarryx_u32(&x155, &x156, x154, x40, x140); + fiat_25519_scalar_addcarryx_u32(&x157, &x158, x156, x41, x141); + fiat_25519_scalar_addcarryx_u32(&x159, &x160, x158, x42, x142); + fiat_25519_scalar_cmovznz_u32(&x161, (fiat_25519_scalar_uint1)x34, 0x0, x43); + fiat_25519_scalar_cmovznz_u32(&x162, (fiat_25519_scalar_uint1)x34, 0x0, x44); + fiat_25519_scalar_cmovznz_u32(&x163, (fiat_25519_scalar_uint1)x34, 0x0, x45); + fiat_25519_scalar_cmovznz_u32(&x164, (fiat_25519_scalar_uint1)x34, 0x0, x46); + fiat_25519_scalar_cmovznz_u32(&x165, (fiat_25519_scalar_uint1)x34, 0x0, x47); + fiat_25519_scalar_cmovznz_u32(&x166, (fiat_25519_scalar_uint1)x34, 0x0, x48); + fiat_25519_scalar_cmovznz_u32(&x167, (fiat_25519_scalar_uint1)x34, 0x0, x49); + fiat_25519_scalar_cmovznz_u32(&x168, (fiat_25519_scalar_uint1)x34, 0x0, x50); + fiat_25519_scalar_addcarryx_u32(&x169, &x170, 0x0, x126, x161); + fiat_25519_scalar_addcarryx_u32(&x171, &x172, x170, x127, x162); + fiat_25519_scalar_addcarryx_u32(&x173, &x174, x172, x128, x163); + fiat_25519_scalar_addcarryx_u32(&x175, &x176, x174, x129, x164); + fiat_25519_scalar_addcarryx_u32(&x177, &x178, x176, x130, x165); + fiat_25519_scalar_addcarryx_u32(&x179, &x180, x178, x131, x166); + fiat_25519_scalar_addcarryx_u32(&x181, &x182, x180, x132, x167); + fiat_25519_scalar_addcarryx_u32(&x183, &x184, x182, x133, x168); + fiat_25519_scalar_subborrowx_u32(&x185, &x186, 0x0, x169, UINT32_C(0x5cf5d3ed)); + fiat_25519_scalar_subborrowx_u32(&x187, &x188, x186, x171, UINT32_C(0x5812631a)); + fiat_25519_scalar_subborrowx_u32(&x189, &x190, x188, x173, UINT32_C(0xa2f79cd6)); + fiat_25519_scalar_subborrowx_u32(&x191, &x192, x190, x175, UINT32_C(0x14def9de)); + fiat_25519_scalar_subborrowx_u32(&x193, &x194, x192, x177, 0x0); + fiat_25519_scalar_subborrowx_u32(&x195, &x196, x194, x179, 0x0); + fiat_25519_scalar_subborrowx_u32(&x197, &x198, x196, x181, 0x0); + fiat_25519_scalar_subborrowx_u32(&x199, &x200, x198, x183, UINT32_C(0x10000000)); + fiat_25519_scalar_subborrowx_u32(&x201, &x202, x200, x184, 0x0); + fiat_25519_scalar_addcarryx_u32(&x203, &x204, 0x0, x6, 0x1); + x205 = ((x143 >> 1) | ((x145 << 31) & UINT32_C(0xffffffff))); + x206 = ((x145 >> 1) | ((x147 << 31) & UINT32_C(0xffffffff))); + x207 = ((x147 >> 1) | ((x149 << 31) & UINT32_C(0xffffffff))); + x208 = ((x149 >> 1) | ((x151 << 31) & UINT32_C(0xffffffff))); + x209 = ((x151 >> 1) | ((x153 << 31) & UINT32_C(0xffffffff))); + x210 = ((x153 >> 1) | ((x155 << 31) & UINT32_C(0xffffffff))); + x211 = ((x155 >> 1) | ((x157 << 31) & UINT32_C(0xffffffff))); + x212 = ((x157 >> 1) | ((x159 << 31) & UINT32_C(0xffffffff))); + x213 = ((x159 & UINT32_C(0x80000000)) | (x159 >> 1)); + fiat_25519_scalar_cmovznz_u32(&x214, x84, x67, x51); + fiat_25519_scalar_cmovznz_u32(&x215, x84, x69, x53); + fiat_25519_scalar_cmovznz_u32(&x216, x84, x71, x55); + fiat_25519_scalar_cmovznz_u32(&x217, x84, x73, x57); + fiat_25519_scalar_cmovznz_u32(&x218, x84, x75, x59); + fiat_25519_scalar_cmovznz_u32(&x219, x84, x77, x61); + fiat_25519_scalar_cmovznz_u32(&x220, x84, x79, x63); + fiat_25519_scalar_cmovznz_u32(&x221, x84, x81, x65); + fiat_25519_scalar_cmovznz_u32(&x222, x202, x185, x169); + fiat_25519_scalar_cmovznz_u32(&x223, x202, x187, x171); + fiat_25519_scalar_cmovznz_u32(&x224, x202, x189, x173); + fiat_25519_scalar_cmovznz_u32(&x225, x202, x191, x175); + fiat_25519_scalar_cmovznz_u32(&x226, x202, x193, x177); + fiat_25519_scalar_cmovznz_u32(&x227, x202, x195, x179); + fiat_25519_scalar_cmovznz_u32(&x228, x202, x197, x181); + fiat_25519_scalar_cmovznz_u32(&x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4997,31 +4943,31 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint32_t* ou out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /* diff --git a/fiat-c/src/curve25519_scalar_64.c b/fiat-c/src/curve25519_scalar_64.c index c710b84621..511416374e 100644 --- a/fiat-c/src/curve25519_scalar_64.c +++ b/fiat-c/src/curve25519_scalar_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_25519_scalar_value_barrier_u64(uint64_t a) { */ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_addcarryx_u64(uint64_t* out1, fiat_25519_scalar_uint1* out2, fiat_25519_scalar_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_25519_scalar_uint128 x1; - uint64_t x2; - fiat_25519_scalar_uint1 x3; + fiat_25519_scalar_uint1 x2; x1 = ((arg1 + (fiat_25519_scalar_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_25519_scalar_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_25519_scalar_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_subborrowx_u64(uint6 static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_25519_scalar_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_25519_scalar_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -1442,154 +1438,98 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_to_bytes(uint8_t out uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint8_t x60; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = (uint8_t)x28; + out1[28] = (uint8_t)x29; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -1870,46 +1810,46 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint64_t* ou uint64_t x71; uint64_t x72; uint64_t x73; - fiat_25519_scalar_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_25519_scalar_uint1 x81; - uint64_t x82; - fiat_25519_scalar_uint1 x83; - uint64_t x84; - fiat_25519_scalar_uint1 x85; - uint64_t x86; - fiat_25519_scalar_uint1 x87; - uint64_t x88; - fiat_25519_scalar_uint1 x89; + fiat_25519_scalar_uint1 x80; + uint64_t x81; + fiat_25519_scalar_uint1 x82; + uint64_t x83; + fiat_25519_scalar_uint1 x84; + uint64_t x85; + fiat_25519_scalar_uint1 x86; + uint64_t x87; + fiat_25519_scalar_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_25519_scalar_uint1 x95; - uint64_t x96; - fiat_25519_scalar_uint1 x97; - uint64_t x98; - fiat_25519_scalar_uint1 x99; - uint64_t x100; - fiat_25519_scalar_uint1 x101; - uint64_t x102; - fiat_25519_scalar_uint1 x103; - uint64_t x104; - fiat_25519_scalar_uint1 x105; - uint64_t x106; - fiat_25519_scalar_uint1 x107; - uint64_t x108; - fiat_25519_scalar_uint1 x109; - uint64_t x110; - fiat_25519_scalar_uint1 x111; - uint64_t x112; - fiat_25519_scalar_uint1 x113; + fiat_25519_scalar_uint1 x94; + uint64_t x95; + fiat_25519_scalar_uint1 x96; + uint64_t x97; + fiat_25519_scalar_uint1 x98; + uint64_t x99; + fiat_25519_scalar_uint1 x100; + uint64_t x101; + fiat_25519_scalar_uint1 x102; + uint64_t x103; + fiat_25519_scalar_uint1 x104; + uint64_t x105; + fiat_25519_scalar_uint1 x106; + uint64_t x107; + fiat_25519_scalar_uint1 x108; + uint64_t x109; + fiat_25519_scalar_uint1 x110; + uint64_t x111; + fiat_25519_scalar_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -1922,9 +1862,8 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint64_t* ou uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_25519_scalar_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_25519_scalar_uint1)((fiat_25519_scalar_uint1)(x1 >> 63) & (fiat_25519_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_25519_scalar_uint1)((fiat_25519_scalar_uint1)(x1 >> 63) & (fiat_25519_scalar_uint1)(arg3[0])); fiat_25519_scalar_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_25519_scalar_cmovznz_u64(&x6, x3, arg1, x4); fiat_25519_scalar_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -1972,63 +1911,62 @@ static FIAT_25519_SCALAR_FIAT_INLINE void fiat_25519_scalar_divstep(uint64_t* ou fiat_25519_scalar_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_25519_scalar_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_25519_scalar_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_25519_scalar_uint1)(x22 & 0x1); - fiat_25519_scalar_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_25519_scalar_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_25519_scalar_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_25519_scalar_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_25519_scalar_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_25519_scalar_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_25519_scalar_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_25519_scalar_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_25519_scalar_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_25519_scalar_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_25519_scalar_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_25519_scalar_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_25519_scalar_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_25519_scalar_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_25519_scalar_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_25519_scalar_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_25519_scalar_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_25519_scalar_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_25519_scalar_subborrowx_u64(&x102, &x103, 0x0, x94, UINT64_C(0x5812631a5cf5d3ed)); - fiat_25519_scalar_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0x14def9dea2f79cd6)); - fiat_25519_scalar_subborrowx_u64(&x106, &x107, x105, x98, 0x0); - fiat_25519_scalar_subborrowx_u64(&x108, &x109, x107, x100, UINT64_C(0x1000000000000000)); - fiat_25519_scalar_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_25519_scalar_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_25519_scalar_cmovznz_u64(&x119, x48, x39, x31); - fiat_25519_scalar_cmovznz_u64(&x120, x48, x41, x33); - fiat_25519_scalar_cmovznz_u64(&x121, x48, x43, x35); - fiat_25519_scalar_cmovznz_u64(&x122, x48, x45, x37); - fiat_25519_scalar_cmovznz_u64(&x123, x111, x102, x94); - fiat_25519_scalar_cmovznz_u64(&x124, x111, x104, x96); - fiat_25519_scalar_cmovznz_u64(&x125, x111, x106, x98); - fiat_25519_scalar_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_25519_scalar_cmovznz_u64(&x74, (fiat_25519_scalar_uint1)x22, 0x0, x7); + fiat_25519_scalar_cmovznz_u64(&x75, (fiat_25519_scalar_uint1)x22, 0x0, x8); + fiat_25519_scalar_cmovznz_u64(&x76, (fiat_25519_scalar_uint1)x22, 0x0, x9); + fiat_25519_scalar_cmovznz_u64(&x77, (fiat_25519_scalar_uint1)x22, 0x0, x10); + fiat_25519_scalar_cmovznz_u64(&x78, (fiat_25519_scalar_uint1)x22, 0x0, x11); + fiat_25519_scalar_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_25519_scalar_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_25519_scalar_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_25519_scalar_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_25519_scalar_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_25519_scalar_cmovznz_u64(&x89, (fiat_25519_scalar_uint1)x22, 0x0, x27); + fiat_25519_scalar_cmovznz_u64(&x90, (fiat_25519_scalar_uint1)x22, 0x0, x28); + fiat_25519_scalar_cmovznz_u64(&x91, (fiat_25519_scalar_uint1)x22, 0x0, x29); + fiat_25519_scalar_cmovznz_u64(&x92, (fiat_25519_scalar_uint1)x22, 0x0, x30); + fiat_25519_scalar_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_25519_scalar_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_25519_scalar_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_25519_scalar_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_25519_scalar_subborrowx_u64(&x101, &x102, 0x0, x93, UINT64_C(0x5812631a5cf5d3ed)); + fiat_25519_scalar_subborrowx_u64(&x103, &x104, x102, x95, UINT64_C(0x14def9dea2f79cd6)); + fiat_25519_scalar_subborrowx_u64(&x105, &x106, x104, x97, 0x0); + fiat_25519_scalar_subborrowx_u64(&x107, &x108, x106, x99, UINT64_C(0x1000000000000000)); + fiat_25519_scalar_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_25519_scalar_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_25519_scalar_cmovznz_u64(&x118, x48, x39, x31); + fiat_25519_scalar_cmovznz_u64(&x119, x48, x41, x33); + fiat_25519_scalar_cmovznz_u64(&x120, x48, x43, x35); + fiat_25519_scalar_cmovznz_u64(&x121, x48, x45, x37); + fiat_25519_scalar_cmovznz_u64(&x122, x110, x101, x93); + fiat_25519_scalar_cmovznz_u64(&x123, x110, x103, x95); + fiat_25519_scalar_cmovznz_u64(&x124, x110, x105, x97); + fiat_25519_scalar_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-c/src/curve25519_solinas_64.c b/fiat-c/src/curve25519_solinas_64.c index 3448f17d51..491d859ec1 100644 --- a/fiat-c/src/curve25519_solinas_64.c +++ b/fiat-c/src/curve25519_solinas_64.c @@ -52,13 +52,11 @@ static __inline__ uint64_t fiat_curve25519_solinas_value_barrier_u64(uint64_t a) */ static FIAT_CURVE25519_SOLINAS_FIAT_INLINE void fiat_curve25519_solinas_addcarryx_u64(uint64_t* out1, fiat_curve25519_solinas_uint1* out2, fiat_curve25519_solinas_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_curve25519_solinas_uint128 x1; - uint64_t x2; - fiat_curve25519_solinas_uint1 x3; + fiat_curve25519_solinas_uint1 x2; x1 = ((arg1 + (fiat_curve25519_solinas_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_curve25519_solinas_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_curve25519_solinas_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -104,12 +102,10 @@ static FIAT_CURVE25519_SOLINAS_FIAT_INLINE void fiat_curve25519_solinas_subborro static FIAT_CURVE25519_SOLINAS_FIAT_INLINE void fiat_curve25519_solinas_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_curve25519_solinas_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_curve25519_solinas_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* diff --git a/fiat-c/src/p224_32.c b/fiat-c/src/p224_32.c index f6b4ea711c..6f8d86b73a 100644 --- a/fiat-c/src/p224_32.c +++ b/fiat-c/src/p224_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_p224_value_barrier_u32(uint32_t a) { */ static FIAT_P224_FIAT_INLINE void fiat_p224_addcarryx_u32(uint32_t* out1, fiat_p224_uint1* out2, fiat_p224_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_p224_uint1 x3; + fiat_p224_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_p224_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p224_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_subborrowx_u32(uint32_t* out1, fiat_ static FIAT_P224_FIAT_INLINE void fiat_p224_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -2008,7 +2004,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_sub(fiat_p224_montgomery_domain_fiel fiat_p224_subborrowx_u32(&x11, &x12, x10, (arg1[5]), (arg2[5])); fiat_p224_subborrowx_u32(&x13, &x14, x12, (arg1[6]), (arg2[6])); fiat_p224_cmovznz_u32(&x15, x14, 0x0, UINT32_C(0xffffffff)); - fiat_p224_addcarryx_u32(&x16, &x17, 0x0, x1, (fiat_p224_uint1)(x15 & 0x1)); + fiat_p224_addcarryx_u32(&x16, &x17, 0x0, x1, (fiat_p224_uint1)x15); fiat_p224_addcarryx_u32(&x18, &x19, x17, x3, 0x0); fiat_p224_addcarryx_u32(&x20, &x21, x19, x5, 0x0); fiat_p224_addcarryx_u32(&x22, &x23, x21, x7, x15); @@ -2072,7 +2068,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_opp(fiat_p224_montgomery_domain_fiel fiat_p224_subborrowx_u32(&x11, &x12, x10, 0x0, (arg1[5])); fiat_p224_subborrowx_u32(&x13, &x14, x12, 0x0, (arg1[6])); fiat_p224_cmovznz_u32(&x15, x14, 0x0, UINT32_C(0xffffffff)); - fiat_p224_addcarryx_u32(&x16, &x17, 0x0, x1, (fiat_p224_uint1)(x15 & 0x1)); + fiat_p224_addcarryx_u32(&x16, &x17, 0x0, x1, (fiat_p224_uint1)x15); fiat_p224_addcarryx_u32(&x18, &x19, x17, x3, 0x0); fiat_p224_addcarryx_u32(&x20, &x21, x19, x5, 0x0); fiat_p224_addcarryx_u32(&x22, &x23, x21, x7, x15); @@ -3263,48 +3259,27 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_to_bytes(uint8_t out1[28], const uin uint32_t x5; uint32_t x6; uint32_t x7; - uint8_t x8; + uint32_t x8; uint32_t x9; uint8_t x10; uint32_t x11; - uint8_t x12; + uint32_t x12; uint8_t x13; - uint8_t x14; + uint32_t x14; uint32_t x15; uint8_t x16; uint32_t x17; - uint8_t x18; + uint32_t x18; uint8_t x19; - uint8_t x20; + uint32_t x20; uint32_t x21; uint8_t x22; uint32_t x23; - uint8_t x24; + uint32_t x24; uint8_t x25; - uint8_t x26; + uint32_t x26; uint32_t x27; uint8_t x28; - uint32_t x29; - uint8_t x30; - uint8_t x31; - uint8_t x32; - uint32_t x33; - uint8_t x34; - uint32_t x35; - uint8_t x36; - uint8_t x37; - uint8_t x38; - uint32_t x39; - uint8_t x40; - uint32_t x41; - uint8_t x42; - uint8_t x43; - uint8_t x44; - uint32_t x45; - uint8_t x46; - uint32_t x47; - uint8_t x48; - uint8_t x49; x1 = (arg1[6]); x2 = (arg1[5]); x3 = (arg1[4]); @@ -3312,76 +3287,55 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_to_bytes(uint8_t out1[28], const uin x5 = (arg1[2]); x6 = (arg1[1]); x7 = (arg1[0]); - x8 = (uint8_t)(x7 & UINT8_C(0xff)); - x9 = (x7 >> 8); - x10 = (uint8_t)(x9 & UINT8_C(0xff)); - x11 = (x9 >> 8); - x12 = (uint8_t)(x11 & UINT8_C(0xff)); - x13 = (uint8_t)(x11 >> 8); - x14 = (uint8_t)(x6 & UINT8_C(0xff)); - x15 = (x6 >> 8); - x16 = (uint8_t)(x15 & UINT8_C(0xff)); - x17 = (x15 >> 8); - x18 = (uint8_t)(x17 & UINT8_C(0xff)); - x19 = (uint8_t)(x17 >> 8); - x20 = (uint8_t)(x5 & UINT8_C(0xff)); - x21 = (x5 >> 8); - x22 = (uint8_t)(x21 & UINT8_C(0xff)); - x23 = (x21 >> 8); - x24 = (uint8_t)(x23 & UINT8_C(0xff)); - x25 = (uint8_t)(x23 >> 8); - x26 = (uint8_t)(x4 & UINT8_C(0xff)); - x27 = (x4 >> 8); - x28 = (uint8_t)(x27 & UINT8_C(0xff)); - x29 = (x27 >> 8); - x30 = (uint8_t)(x29 & UINT8_C(0xff)); - x31 = (uint8_t)(x29 >> 8); - x32 = (uint8_t)(x3 & UINT8_C(0xff)); - x33 = (x3 >> 8); - x34 = (uint8_t)(x33 & UINT8_C(0xff)); - x35 = (x33 >> 8); - x36 = (uint8_t)(x35 & UINT8_C(0xff)); - x37 = (uint8_t)(x35 >> 8); - x38 = (uint8_t)(x2 & UINT8_C(0xff)); - x39 = (x2 >> 8); - x40 = (uint8_t)(x39 & UINT8_C(0xff)); - x41 = (x39 >> 8); - x42 = (uint8_t)(x41 & UINT8_C(0xff)); - x43 = (uint8_t)(x41 >> 8); - x44 = (uint8_t)(x1 & UINT8_C(0xff)); - x45 = (x1 >> 8); - x46 = (uint8_t)(x45 & UINT8_C(0xff)); - x47 = (x45 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (uint8_t)(x47 >> 8); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x13; - out1[4] = x14; - out1[5] = x16; - out1[6] = x18; - out1[7] = x19; - out1[8] = x20; - out1[9] = x22; - out1[10] = x24; - out1[11] = x25; - out1[12] = x26; - out1[13] = x28; - out1[14] = x30; - out1[15] = x31; - out1[16] = x32; - out1[17] = x34; - out1[18] = x36; - out1[19] = x37; - out1[20] = x38; - out1[21] = x40; - out1[22] = x42; - out1[23] = x43; - out1[24] = x44; - out1[25] = x46; - out1[26] = x48; - out1[27] = x49; + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (uint8_t)(x9 >> 8); + x11 = (x6 >> 8); + x12 = (x11 >> 8); + x13 = (uint8_t)(x12 >> 8); + x14 = (x5 >> 8); + x15 = (x14 >> 8); + x16 = (uint8_t)(x15 >> 8); + x17 = (x4 >> 8); + x18 = (x17 >> 8); + x19 = (uint8_t)(x18 >> 8); + x20 = (x3 >> 8); + x21 = (x20 >> 8); + x22 = (uint8_t)(x21 >> 8); + x23 = (x2 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (uint8_t)(x27 >> 8); + out1[0] = (uint8_t)x7; + out1[1] = (uint8_t)x8; + out1[2] = (uint8_t)x9; + out1[3] = x10; + out1[4] = (uint8_t)x6; + out1[5] = (uint8_t)x11; + out1[6] = (uint8_t)x12; + out1[7] = x13; + out1[8] = (uint8_t)x5; + out1[9] = (uint8_t)x14; + out1[10] = (uint8_t)x15; + out1[11] = x16; + out1[12] = (uint8_t)x4; + out1[13] = (uint8_t)x17; + out1[14] = (uint8_t)x18; + out1[15] = x19; + out1[16] = (uint8_t)x3; + out1[17] = (uint8_t)x20; + out1[18] = (uint8_t)x21; + out1[19] = x22; + out1[20] = (uint8_t)x2; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = x28; } /* @@ -3694,7 +3648,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out uint32_t x116; uint32_t x117; uint32_t x118; - fiat_p224_uint1 x119; + uint32_t x119; uint32_t x120; uint32_t x121; uint32_t x122; @@ -3703,22 +3657,22 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out uint32_t x125; uint32_t x126; uint32_t x127; - uint32_t x128; - fiat_p224_uint1 x129; - uint32_t x130; - fiat_p224_uint1 x131; - uint32_t x132; - fiat_p224_uint1 x133; - uint32_t x134; - fiat_p224_uint1 x135; - uint32_t x136; - fiat_p224_uint1 x137; - uint32_t x138; - fiat_p224_uint1 x139; - uint32_t x140; - fiat_p224_uint1 x141; - uint32_t x142; - fiat_p224_uint1 x143; + fiat_p224_uint1 x128; + uint32_t x129; + fiat_p224_uint1 x130; + uint32_t x131; + fiat_p224_uint1 x132; + uint32_t x133; + fiat_p224_uint1 x134; + uint32_t x135; + fiat_p224_uint1 x136; + uint32_t x137; + fiat_p224_uint1 x138; + uint32_t x139; + fiat_p224_uint1 x140; + uint32_t x141; + fiat_p224_uint1 x142; + uint32_t x143; uint32_t x144; uint32_t x145; uint32_t x146; @@ -3726,38 +3680,38 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out uint32_t x148; uint32_t x149; uint32_t x150; - uint32_t x151; - fiat_p224_uint1 x152; - uint32_t x153; - fiat_p224_uint1 x154; - uint32_t x155; - fiat_p224_uint1 x156; - uint32_t x157; - fiat_p224_uint1 x158; - uint32_t x159; - fiat_p224_uint1 x160; - uint32_t x161; - fiat_p224_uint1 x162; - uint32_t x163; - fiat_p224_uint1 x164; - uint32_t x165; - fiat_p224_uint1 x166; - uint32_t x167; - fiat_p224_uint1 x168; - uint32_t x169; - fiat_p224_uint1 x170; - uint32_t x171; - fiat_p224_uint1 x172; - uint32_t x173; - fiat_p224_uint1 x174; - uint32_t x175; - fiat_p224_uint1 x176; - uint32_t x177; - fiat_p224_uint1 x178; - uint32_t x179; - fiat_p224_uint1 x180; - uint32_t x181; - fiat_p224_uint1 x182; + fiat_p224_uint1 x151; + uint32_t x152; + fiat_p224_uint1 x153; + uint32_t x154; + fiat_p224_uint1 x155; + uint32_t x156; + fiat_p224_uint1 x157; + uint32_t x158; + fiat_p224_uint1 x159; + uint32_t x160; + fiat_p224_uint1 x161; + uint32_t x162; + fiat_p224_uint1 x163; + uint32_t x164; + fiat_p224_uint1 x165; + uint32_t x166; + fiat_p224_uint1 x167; + uint32_t x168; + fiat_p224_uint1 x169; + uint32_t x170; + fiat_p224_uint1 x171; + uint32_t x172; + fiat_p224_uint1 x173; + uint32_t x174; + fiat_p224_uint1 x175; + uint32_t x176; + fiat_p224_uint1 x177; + uint32_t x178; + fiat_p224_uint1 x179; + uint32_t x180; + fiat_p224_uint1 x181; + uint32_t x182; uint32_t x183; uint32_t x184; uint32_t x185; @@ -3779,9 +3733,8 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out uint32_t x201; uint32_t x202; uint32_t x203; - uint32_t x204; fiat_p224_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p224_uint1)((fiat_p224_uint1)(x1 >> 31) & (fiat_p224_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p224_uint1)((fiat_p224_uint1)(x1 >> 31) & (fiat_p224_uint1)(arg3[0])); fiat_p224_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p224_cmovznz_u32(&x6, x3, arg1, x4); fiat_p224_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -3845,7 +3798,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out fiat_p224_subborrowx_u32(&x93, &x94, x92, 0x0, x77); fiat_p224_subborrowx_u32(&x95, &x96, x94, 0x0, x76); fiat_p224_cmovznz_u32(&x97, x96, 0x0, UINT32_C(0xffffffff)); - fiat_p224_addcarryx_u32(&x98, &x99, 0x0, x83, (fiat_p224_uint1)(x97 & 0x1)); + fiat_p224_addcarryx_u32(&x98, &x99, 0x0, x83, (fiat_p224_uint1)x97); fiat_p224_addcarryx_u32(&x100, &x101, x99, x85, 0x0); fiat_p224_addcarryx_u32(&x102, &x103, x101, x87, 0x0); fiat_p224_addcarryx_u32(&x104, &x105, x103, x89, x97); @@ -3859,69 +3812,68 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out fiat_p224_cmovznz_u32(&x116, x3, (arg5[4]), x106); fiat_p224_cmovznz_u32(&x117, x3, (arg5[5]), x108); fiat_p224_cmovznz_u32(&x118, x3, (arg5[6]), x110); - x119 = (fiat_p224_uint1)(x31 & 0x1); - fiat_p224_cmovznz_u32(&x120, x119, 0x0, x7); - fiat_p224_cmovznz_u32(&x121, x119, 0x0, x8); - fiat_p224_cmovznz_u32(&x122, x119, 0x0, x9); - fiat_p224_cmovznz_u32(&x123, x119, 0x0, x10); - fiat_p224_cmovznz_u32(&x124, x119, 0x0, x11); - fiat_p224_cmovznz_u32(&x125, x119, 0x0, x12); - fiat_p224_cmovznz_u32(&x126, x119, 0x0, x13); - fiat_p224_cmovznz_u32(&x127, x119, 0x0, x14); - fiat_p224_addcarryx_u32(&x128, &x129, 0x0, x31, x120); - fiat_p224_addcarryx_u32(&x130, &x131, x129, x32, x121); - fiat_p224_addcarryx_u32(&x132, &x133, x131, x33, x122); - fiat_p224_addcarryx_u32(&x134, &x135, x133, x34, x123); - fiat_p224_addcarryx_u32(&x136, &x137, x135, x35, x124); - fiat_p224_addcarryx_u32(&x138, &x139, x137, x36, x125); - fiat_p224_addcarryx_u32(&x140, &x141, x139, x37, x126); - fiat_p224_addcarryx_u32(&x142, &x143, x141, x38, x127); - fiat_p224_cmovznz_u32(&x144, x119, 0x0, x39); - fiat_p224_cmovznz_u32(&x145, x119, 0x0, x40); - fiat_p224_cmovznz_u32(&x146, x119, 0x0, x41); - fiat_p224_cmovznz_u32(&x147, x119, 0x0, x42); - fiat_p224_cmovznz_u32(&x148, x119, 0x0, x43); - fiat_p224_cmovznz_u32(&x149, x119, 0x0, x44); - fiat_p224_cmovznz_u32(&x150, x119, 0x0, x45); - fiat_p224_addcarryx_u32(&x151, &x152, 0x0, x112, x144); - fiat_p224_addcarryx_u32(&x153, &x154, x152, x113, x145); - fiat_p224_addcarryx_u32(&x155, &x156, x154, x114, x146); - fiat_p224_addcarryx_u32(&x157, &x158, x156, x115, x147); - fiat_p224_addcarryx_u32(&x159, &x160, x158, x116, x148); - fiat_p224_addcarryx_u32(&x161, &x162, x160, x117, x149); - fiat_p224_addcarryx_u32(&x163, &x164, x162, x118, x150); - fiat_p224_subborrowx_u32(&x165, &x166, 0x0, x151, 0x1); - fiat_p224_subborrowx_u32(&x167, &x168, x166, x153, 0x0); - fiat_p224_subborrowx_u32(&x169, &x170, x168, x155, 0x0); - fiat_p224_subborrowx_u32(&x171, &x172, x170, x157, UINT32_C(0xffffffff)); - fiat_p224_subborrowx_u32(&x173, &x174, x172, x159, UINT32_C(0xffffffff)); - fiat_p224_subborrowx_u32(&x175, &x176, x174, x161, UINT32_C(0xffffffff)); - fiat_p224_subborrowx_u32(&x177, &x178, x176, x163, UINT32_C(0xffffffff)); - fiat_p224_subborrowx_u32(&x179, &x180, x178, x164, 0x0); - fiat_p224_addcarryx_u32(&x181, &x182, 0x0, x6, 0x1); - x183 = ((x128 >> 1) | ((x130 << 31) & UINT32_C(0xffffffff))); - x184 = ((x130 >> 1) | ((x132 << 31) & UINT32_C(0xffffffff))); - x185 = ((x132 >> 1) | ((x134 << 31) & UINT32_C(0xffffffff))); - x186 = ((x134 >> 1) | ((x136 << 31) & UINT32_C(0xffffffff))); - x187 = ((x136 >> 1) | ((x138 << 31) & UINT32_C(0xffffffff))); - x188 = ((x138 >> 1) | ((x140 << 31) & UINT32_C(0xffffffff))); - x189 = ((x140 >> 1) | ((x142 << 31) & UINT32_C(0xffffffff))); - x190 = ((x142 & UINT32_C(0x80000000)) | (x142 >> 1)); - fiat_p224_cmovznz_u32(&x191, x75, x60, x46); - fiat_p224_cmovznz_u32(&x192, x75, x62, x48); - fiat_p224_cmovznz_u32(&x193, x75, x64, x50); - fiat_p224_cmovznz_u32(&x194, x75, x66, x52); - fiat_p224_cmovznz_u32(&x195, x75, x68, x54); - fiat_p224_cmovznz_u32(&x196, x75, x70, x56); - fiat_p224_cmovznz_u32(&x197, x75, x72, x58); - fiat_p224_cmovznz_u32(&x198, x180, x165, x151); - fiat_p224_cmovznz_u32(&x199, x180, x167, x153); - fiat_p224_cmovznz_u32(&x200, x180, x169, x155); - fiat_p224_cmovznz_u32(&x201, x180, x171, x157); - fiat_p224_cmovznz_u32(&x202, x180, x173, x159); - fiat_p224_cmovznz_u32(&x203, x180, x175, x161); - fiat_p224_cmovznz_u32(&x204, x180, x177, x163); - *out1 = x181; + fiat_p224_cmovznz_u32(&x119, (fiat_p224_uint1)x31, 0x0, x7); + fiat_p224_cmovznz_u32(&x120, (fiat_p224_uint1)x31, 0x0, x8); + fiat_p224_cmovznz_u32(&x121, (fiat_p224_uint1)x31, 0x0, x9); + fiat_p224_cmovznz_u32(&x122, (fiat_p224_uint1)x31, 0x0, x10); + fiat_p224_cmovznz_u32(&x123, (fiat_p224_uint1)x31, 0x0, x11); + fiat_p224_cmovznz_u32(&x124, (fiat_p224_uint1)x31, 0x0, x12); + fiat_p224_cmovznz_u32(&x125, (fiat_p224_uint1)x31, 0x0, x13); + fiat_p224_cmovznz_u32(&x126, (fiat_p224_uint1)x31, 0x0, x14); + fiat_p224_addcarryx_u32(&x127, &x128, 0x0, x31, x119); + fiat_p224_addcarryx_u32(&x129, &x130, x128, x32, x120); + fiat_p224_addcarryx_u32(&x131, &x132, x130, x33, x121); + fiat_p224_addcarryx_u32(&x133, &x134, x132, x34, x122); + fiat_p224_addcarryx_u32(&x135, &x136, x134, x35, x123); + fiat_p224_addcarryx_u32(&x137, &x138, x136, x36, x124); + fiat_p224_addcarryx_u32(&x139, &x140, x138, x37, x125); + fiat_p224_addcarryx_u32(&x141, &x142, x140, x38, x126); + fiat_p224_cmovznz_u32(&x143, (fiat_p224_uint1)x31, 0x0, x39); + fiat_p224_cmovznz_u32(&x144, (fiat_p224_uint1)x31, 0x0, x40); + fiat_p224_cmovznz_u32(&x145, (fiat_p224_uint1)x31, 0x0, x41); + fiat_p224_cmovznz_u32(&x146, (fiat_p224_uint1)x31, 0x0, x42); + fiat_p224_cmovznz_u32(&x147, (fiat_p224_uint1)x31, 0x0, x43); + fiat_p224_cmovznz_u32(&x148, (fiat_p224_uint1)x31, 0x0, x44); + fiat_p224_cmovznz_u32(&x149, (fiat_p224_uint1)x31, 0x0, x45); + fiat_p224_addcarryx_u32(&x150, &x151, 0x0, x112, x143); + fiat_p224_addcarryx_u32(&x152, &x153, x151, x113, x144); + fiat_p224_addcarryx_u32(&x154, &x155, x153, x114, x145); + fiat_p224_addcarryx_u32(&x156, &x157, x155, x115, x146); + fiat_p224_addcarryx_u32(&x158, &x159, x157, x116, x147); + fiat_p224_addcarryx_u32(&x160, &x161, x159, x117, x148); + fiat_p224_addcarryx_u32(&x162, &x163, x161, x118, x149); + fiat_p224_subborrowx_u32(&x164, &x165, 0x0, x150, 0x1); + fiat_p224_subborrowx_u32(&x166, &x167, x165, x152, 0x0); + fiat_p224_subborrowx_u32(&x168, &x169, x167, x154, 0x0); + fiat_p224_subborrowx_u32(&x170, &x171, x169, x156, UINT32_C(0xffffffff)); + fiat_p224_subborrowx_u32(&x172, &x173, x171, x158, UINT32_C(0xffffffff)); + fiat_p224_subborrowx_u32(&x174, &x175, x173, x160, UINT32_C(0xffffffff)); + fiat_p224_subborrowx_u32(&x176, &x177, x175, x162, UINT32_C(0xffffffff)); + fiat_p224_subborrowx_u32(&x178, &x179, x177, x163, 0x0); + fiat_p224_addcarryx_u32(&x180, &x181, 0x0, x6, 0x1); + x182 = ((x127 >> 1) | ((x129 << 31) & UINT32_C(0xffffffff))); + x183 = ((x129 >> 1) | ((x131 << 31) & UINT32_C(0xffffffff))); + x184 = ((x131 >> 1) | ((x133 << 31) & UINT32_C(0xffffffff))); + x185 = ((x133 >> 1) | ((x135 << 31) & UINT32_C(0xffffffff))); + x186 = ((x135 >> 1) | ((x137 << 31) & UINT32_C(0xffffffff))); + x187 = ((x137 >> 1) | ((x139 << 31) & UINT32_C(0xffffffff))); + x188 = ((x139 >> 1) | ((x141 << 31) & UINT32_C(0xffffffff))); + x189 = ((x141 & UINT32_C(0x80000000)) | (x141 >> 1)); + fiat_p224_cmovznz_u32(&x190, x75, x60, x46); + fiat_p224_cmovznz_u32(&x191, x75, x62, x48); + fiat_p224_cmovznz_u32(&x192, x75, x64, x50); + fiat_p224_cmovznz_u32(&x193, x75, x66, x52); + fiat_p224_cmovznz_u32(&x194, x75, x68, x54); + fiat_p224_cmovznz_u32(&x195, x75, x70, x56); + fiat_p224_cmovznz_u32(&x196, x75, x72, x58); + fiat_p224_cmovznz_u32(&x197, x179, x164, x150); + fiat_p224_cmovznz_u32(&x198, x179, x166, x152); + fiat_p224_cmovznz_u32(&x199, x179, x168, x154); + fiat_p224_cmovznz_u32(&x200, x179, x170, x156); + fiat_p224_cmovznz_u32(&x201, x179, x172, x158); + fiat_p224_cmovznz_u32(&x202, x179, x174, x160); + fiat_p224_cmovznz_u32(&x203, x179, x176, x162); + *out1 = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3930,28 +3882,28 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint32_t* out1, uint32_t out out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /* diff --git a/fiat-c/src/p224_64.c b/fiat-c/src/p224_64.c index 9c27b6640c..f2094ae3ac 100644 --- a/fiat-c/src/p224_64.c +++ b/fiat-c/src/p224_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p224_value_barrier_u64(uint64_t a) { */ static FIAT_P224_FIAT_INLINE void fiat_p224_addcarryx_u64(uint64_t* out1, fiat_p224_uint1* out2, fiat_p224_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p224_uint128 x1; - uint64_t x2; - fiat_p224_uint1 x3; + fiat_p224_uint1 x2; x1 = ((arg1 + (fiat_p224_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p224_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p224_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_subborrowx_u64(uint64_t* out1, fiat_ static FIAT_P224_FIAT_INLINE void fiat_p224_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p224_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p224_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -903,7 +899,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_sub(fiat_p224_montgomery_domain_fiel fiat_p224_subborrowx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2])); fiat_p224_subborrowx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3])); fiat_p224_cmovznz_u64(&x9, x8, 0x0, UINT64_C(0xffffffffffffffff)); - fiat_p224_addcarryx_u64(&x10, &x11, 0x0, x1, (fiat_p224_uint1)(x9 & 0x1)); + fiat_p224_addcarryx_u64(&x10, &x11, 0x0, x1, (fiat_p224_uint1)x9); fiat_p224_addcarryx_u64(&x12, &x13, x11, x3, (x9 & UINT64_C(0xffffffff00000000))); fiat_p224_addcarryx_u64(&x14, &x15, x13, x5, x9); fiat_p224_addcarryx_u64(&x16, &x17, x15, x7, (x9 & UINT32_C(0xffffffff))); @@ -946,7 +942,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_opp(fiat_p224_montgomery_domain_fiel fiat_p224_subborrowx_u64(&x5, &x6, x4, 0x0, (arg1[2])); fiat_p224_subborrowx_u64(&x7, &x8, x6, 0x0, (arg1[3])); fiat_p224_cmovznz_u64(&x9, x8, 0x0, UINT64_C(0xffffffffffffffff)); - fiat_p224_addcarryx_u64(&x10, &x11, 0x0, x1, (fiat_p224_uint1)(x9 & 0x1)); + fiat_p224_addcarryx_u64(&x10, &x11, 0x0, x1, (fiat_p224_uint1)x9); fiat_p224_addcarryx_u64(&x12, &x13, x11, x3, (x9 & UINT64_C(0xffffffff00000000))); fiat_p224_addcarryx_u64(&x14, &x15, x13, x5, x9); fiat_p224_addcarryx_u64(&x16, &x17, x15, x7, (x9 & UINT32_C(0xffffffff))); @@ -1502,134 +1498,86 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_to_bytes(uint8_t out1[28], const uin uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; - uint64_t x28; - uint8_t x29; - uint64_t x30; - uint8_t x31; - uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint8_t x52; + uint64_t x27; + uint8_t x28; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (uint8_t)(x50 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x52; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (uint8_t)(x27 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = x28; } /* @@ -1894,46 +1842,46 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint64_t* out1, uint64_t out uint64_t x71; uint64_t x72; uint64_t x73; - fiat_p224_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_p224_uint1 x81; - uint64_t x82; - fiat_p224_uint1 x83; - uint64_t x84; - fiat_p224_uint1 x85; - uint64_t x86; - fiat_p224_uint1 x87; - uint64_t x88; - fiat_p224_uint1 x89; + fiat_p224_uint1 x80; + uint64_t x81; + fiat_p224_uint1 x82; + uint64_t x83; + fiat_p224_uint1 x84; + uint64_t x85; + fiat_p224_uint1 x86; + uint64_t x87; + fiat_p224_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_p224_uint1 x95; - uint64_t x96; - fiat_p224_uint1 x97; - uint64_t x98; - fiat_p224_uint1 x99; - uint64_t x100; - fiat_p224_uint1 x101; - uint64_t x102; - fiat_p224_uint1 x103; - uint64_t x104; - fiat_p224_uint1 x105; - uint64_t x106; - fiat_p224_uint1 x107; - uint64_t x108; - fiat_p224_uint1 x109; - uint64_t x110; - fiat_p224_uint1 x111; - uint64_t x112; - fiat_p224_uint1 x113; + fiat_p224_uint1 x94; + uint64_t x95; + fiat_p224_uint1 x96; + uint64_t x97; + fiat_p224_uint1 x98; + uint64_t x99; + fiat_p224_uint1 x100; + uint64_t x101; + fiat_p224_uint1 x102; + uint64_t x103; + fiat_p224_uint1 x104; + uint64_t x105; + fiat_p224_uint1 x106; + uint64_t x107; + fiat_p224_uint1 x108; + uint64_t x109; + fiat_p224_uint1 x110; + uint64_t x111; + fiat_p224_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -1946,9 +1894,8 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint64_t* out1, uint64_t out uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_p224_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p224_uint1)((fiat_p224_uint1)(x1 >> 63) & (fiat_p224_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p224_uint1)((fiat_p224_uint1)(x1 >> 63) & (fiat_p224_uint1)(arg3[0])); fiat_p224_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p224_cmovznz_u64(&x6, x3, arg1, x4); fiat_p224_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -1988,7 +1935,7 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint64_t* out1, uint64_t out fiat_p224_subborrowx_u64(&x57, &x58, x56, 0x0, x50); fiat_p224_subborrowx_u64(&x59, &x60, x58, 0x0, x49); fiat_p224_cmovznz_u64(&x61, x60, 0x0, UINT64_C(0xffffffffffffffff)); - fiat_p224_addcarryx_u64(&x62, &x63, 0x0, x53, (fiat_p224_uint1)(x61 & 0x1)); + fiat_p224_addcarryx_u64(&x62, &x63, 0x0, x53, (fiat_p224_uint1)x61); fiat_p224_addcarryx_u64(&x64, &x65, x63, x55, (x61 & UINT64_C(0xffffffff00000000))); fiat_p224_addcarryx_u64(&x66, &x67, x65, x57, x61); fiat_p224_addcarryx_u64(&x68, &x69, x67, x59, (x61 & UINT32_C(0xffffffff))); @@ -1996,63 +1943,62 @@ static FIAT_P224_FIAT_INLINE void fiat_p224_divstep(uint64_t* out1, uint64_t out fiat_p224_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_p224_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_p224_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_p224_uint1)(x22 & 0x1); - fiat_p224_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_p224_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_p224_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_p224_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_p224_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_p224_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_p224_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_p224_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_p224_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_p224_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_p224_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_p224_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_p224_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_p224_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_p224_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_p224_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_p224_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_p224_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_p224_subborrowx_u64(&x102, &x103, 0x0, x94, 0x1); - fiat_p224_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0xffffffff00000000)); - fiat_p224_subborrowx_u64(&x106, &x107, x105, x98, UINT64_C(0xffffffffffffffff)); - fiat_p224_subborrowx_u64(&x108, &x109, x107, x100, UINT32_C(0xffffffff)); - fiat_p224_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_p224_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_p224_cmovznz_u64(&x119, x48, x39, x31); - fiat_p224_cmovznz_u64(&x120, x48, x41, x33); - fiat_p224_cmovznz_u64(&x121, x48, x43, x35); - fiat_p224_cmovznz_u64(&x122, x48, x45, x37); - fiat_p224_cmovznz_u64(&x123, x111, x102, x94); - fiat_p224_cmovznz_u64(&x124, x111, x104, x96); - fiat_p224_cmovznz_u64(&x125, x111, x106, x98); - fiat_p224_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_p224_cmovznz_u64(&x74, (fiat_p224_uint1)x22, 0x0, x7); + fiat_p224_cmovznz_u64(&x75, (fiat_p224_uint1)x22, 0x0, x8); + fiat_p224_cmovznz_u64(&x76, (fiat_p224_uint1)x22, 0x0, x9); + fiat_p224_cmovznz_u64(&x77, (fiat_p224_uint1)x22, 0x0, x10); + fiat_p224_cmovznz_u64(&x78, (fiat_p224_uint1)x22, 0x0, x11); + fiat_p224_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_p224_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_p224_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_p224_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_p224_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_p224_cmovznz_u64(&x89, (fiat_p224_uint1)x22, 0x0, x27); + fiat_p224_cmovznz_u64(&x90, (fiat_p224_uint1)x22, 0x0, x28); + fiat_p224_cmovznz_u64(&x91, (fiat_p224_uint1)x22, 0x0, x29); + fiat_p224_cmovznz_u64(&x92, (fiat_p224_uint1)x22, 0x0, x30); + fiat_p224_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_p224_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_p224_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_p224_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_p224_subborrowx_u64(&x101, &x102, 0x0, x93, 0x1); + fiat_p224_subborrowx_u64(&x103, &x104, x102, x95, UINT64_C(0xffffffff00000000)); + fiat_p224_subborrowx_u64(&x105, &x106, x104, x97, UINT64_C(0xffffffffffffffff)); + fiat_p224_subborrowx_u64(&x107, &x108, x106, x99, UINT32_C(0xffffffff)); + fiat_p224_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_p224_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_p224_cmovznz_u64(&x118, x48, x39, x31); + fiat_p224_cmovznz_u64(&x119, x48, x41, x33); + fiat_p224_cmovznz_u64(&x120, x48, x43, x35); + fiat_p224_cmovznz_u64(&x121, x48, x45, x37); + fiat_p224_cmovznz_u64(&x122, x110, x101, x93); + fiat_p224_cmovznz_u64(&x123, x110, x103, x95); + fiat_p224_cmovznz_u64(&x124, x110, x105, x97); + fiat_p224_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-c/src/p256_32.c b/fiat-c/src/p256_32.c index 3b5fb9a7c0..215f5451fe 100644 --- a/fiat-c/src/p256_32.c +++ b/fiat-c/src/p256_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_p256_value_barrier_u32(uint32_t a) { */ static FIAT_P256_FIAT_INLINE void fiat_p256_addcarryx_u32(uint32_t* out1, fiat_p256_uint1* out2, fiat_p256_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_p256_uint1 x3; + fiat_p256_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_p256_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p256_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_subborrowx_u32(uint32_t* out1, fiat_ static FIAT_P256_FIAT_INLINE void fiat_p256_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -2368,7 +2364,7 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_sub(fiat_p256_montgomery_domain_fiel fiat_p256_addcarryx_u32(&x24, &x25, x23, x7, 0x0); fiat_p256_addcarryx_u32(&x26, &x27, x25, x9, 0x0); fiat_p256_addcarryx_u32(&x28, &x29, x27, x11, 0x0); - fiat_p256_addcarryx_u32(&x30, &x31, x29, x13, (fiat_p256_uint1)(x17 & 0x1)); + fiat_p256_addcarryx_u32(&x30, &x31, x29, x13, (fiat_p256_uint1)x17); fiat_p256_addcarryx_u32(&x32, &x33, x31, x15, x17); out1[0] = x18; out1[1] = x20; @@ -2439,7 +2435,7 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_opp(fiat_p256_montgomery_domain_fiel fiat_p256_addcarryx_u32(&x24, &x25, x23, x7, 0x0); fiat_p256_addcarryx_u32(&x26, &x27, x25, x9, 0x0); fiat_p256_addcarryx_u32(&x28, &x29, x27, x11, 0x0); - fiat_p256_addcarryx_u32(&x30, &x31, x29, x13, (fiat_p256_uint1)(x17 & 0x1)); + fiat_p256_addcarryx_u32(&x30, &x31, x29, x13, (fiat_p256_uint1)x17); fiat_p256_addcarryx_u32(&x32, &x33, x31, x15, x17); out1[0] = x18; out1[1] = x20; @@ -3965,54 +3961,30 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_to_bytes(uint8_t out1[32], const uin uint32_t x6; uint32_t x7; uint32_t x8; - uint8_t x9; + uint32_t x9; uint32_t x10; uint8_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint8_t x14; - uint8_t x15; + uint32_t x15; uint32_t x16; uint8_t x17; uint32_t x18; - uint8_t x19; + uint32_t x19; uint8_t x20; - uint8_t x21; + uint32_t x21; uint32_t x22; uint8_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint8_t x26; - uint8_t x27; + uint32_t x27; uint32_t x28; uint8_t x29; uint32_t x30; - uint8_t x31; + uint32_t x31; uint8_t x32; - uint8_t x33; - uint32_t x34; - uint8_t x35; - uint32_t x36; - uint8_t x37; - uint8_t x38; - uint8_t x39; - uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint8_t x45; - uint32_t x46; - uint8_t x47; - uint32_t x48; - uint8_t x49; - uint8_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint32_t x54; - uint8_t x55; - uint8_t x56; x1 = (arg1[7]); x2 = (arg1[6]); x3 = (arg1[5]); @@ -4021,86 +3993,62 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_to_bytes(uint8_t out1[32], const uin x6 = (arg1[2]); x7 = (arg1[1]); x8 = (arg1[0]); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (uint8_t)(x12 >> 8); - x15 = (uint8_t)(x7 & UINT8_C(0xff)); - x16 = (x7 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x6 & UINT8_C(0xff)); - x22 = (x6 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (uint8_t)(x24 >> 8); - x27 = (uint8_t)(x5 & UINT8_C(0xff)); - x28 = (x5 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x4 & UINT8_C(0xff)); - x34 = (x4 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (uint8_t)(x36 >> 8); - x39 = (uint8_t)(x3 & UINT8_C(0xff)); - x40 = (x3 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (uint8_t)(x2 & UINT8_C(0xff)); - x46 = (x2 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (uint8_t)(x1 & UINT8_C(0xff)); - x52 = (x1 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (uint8_t)(x54 >> 8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x7 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (uint8_t)(x16 >> 8); + x18 = (x5 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (uint8_t)(x22 >> 8); + x24 = (x3 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x2 >> 8); + x28 = (x27 >> 8); + x29 = (uint8_t)(x28 >> 8); + x30 = (x1 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x9; + out1[2] = (uint8_t)x10; + out1[3] = x11; + out1[4] = (uint8_t)x7; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = x17; + out1[12] = (uint8_t)x5; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = x23; + out1[20] = (uint8_t)x3; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x25; + out1[23] = x26; + out1[24] = (uint8_t)x2; + out1[25] = (uint8_t)x27; + out1[26] = (uint8_t)x28; + out1[27] = x29; + out1[28] = (uint8_t)x1; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -4445,7 +4393,7 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out uint32_t x131; uint32_t x132; uint32_t x133; - fiat_p256_uint1 x134; + uint32_t x134; uint32_t x135; uint32_t x136; uint32_t x137; @@ -4455,24 +4403,24 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out uint32_t x141; uint32_t x142; uint32_t x143; - uint32_t x144; - fiat_p256_uint1 x145; - uint32_t x146; - fiat_p256_uint1 x147; - uint32_t x148; - fiat_p256_uint1 x149; - uint32_t x150; - fiat_p256_uint1 x151; - uint32_t x152; - fiat_p256_uint1 x153; - uint32_t x154; - fiat_p256_uint1 x155; - uint32_t x156; - fiat_p256_uint1 x157; - uint32_t x158; - fiat_p256_uint1 x159; - uint32_t x160; - fiat_p256_uint1 x161; + fiat_p256_uint1 x144; + uint32_t x145; + fiat_p256_uint1 x146; + uint32_t x147; + fiat_p256_uint1 x148; + uint32_t x149; + fiat_p256_uint1 x150; + uint32_t x151; + fiat_p256_uint1 x152; + uint32_t x153; + fiat_p256_uint1 x154; + uint32_t x155; + fiat_p256_uint1 x156; + uint32_t x157; + fiat_p256_uint1 x158; + uint32_t x159; + fiat_p256_uint1 x160; + uint32_t x161; uint32_t x162; uint32_t x163; uint32_t x164; @@ -4481,42 +4429,42 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out uint32_t x167; uint32_t x168; uint32_t x169; - uint32_t x170; - fiat_p256_uint1 x171; - uint32_t x172; - fiat_p256_uint1 x173; - uint32_t x174; - fiat_p256_uint1 x175; - uint32_t x176; - fiat_p256_uint1 x177; - uint32_t x178; - fiat_p256_uint1 x179; - uint32_t x180; - fiat_p256_uint1 x181; - uint32_t x182; - fiat_p256_uint1 x183; - uint32_t x184; - fiat_p256_uint1 x185; - uint32_t x186; - fiat_p256_uint1 x187; - uint32_t x188; - fiat_p256_uint1 x189; - uint32_t x190; - fiat_p256_uint1 x191; - uint32_t x192; - fiat_p256_uint1 x193; - uint32_t x194; - fiat_p256_uint1 x195; - uint32_t x196; - fiat_p256_uint1 x197; - uint32_t x198; - fiat_p256_uint1 x199; - uint32_t x200; - fiat_p256_uint1 x201; - uint32_t x202; - fiat_p256_uint1 x203; - uint32_t x204; - fiat_p256_uint1 x205; + fiat_p256_uint1 x170; + uint32_t x171; + fiat_p256_uint1 x172; + uint32_t x173; + fiat_p256_uint1 x174; + uint32_t x175; + fiat_p256_uint1 x176; + uint32_t x177; + fiat_p256_uint1 x178; + uint32_t x179; + fiat_p256_uint1 x180; + uint32_t x181; + fiat_p256_uint1 x182; + uint32_t x183; + fiat_p256_uint1 x184; + uint32_t x185; + fiat_p256_uint1 x186; + uint32_t x187; + fiat_p256_uint1 x188; + uint32_t x189; + fiat_p256_uint1 x190; + uint32_t x191; + fiat_p256_uint1 x192; + uint32_t x193; + fiat_p256_uint1 x194; + uint32_t x195; + fiat_p256_uint1 x196; + uint32_t x197; + fiat_p256_uint1 x198; + uint32_t x199; + fiat_p256_uint1 x200; + uint32_t x201; + fiat_p256_uint1 x202; + uint32_t x203; + fiat_p256_uint1 x204; + uint32_t x205; uint32_t x206; uint32_t x207; uint32_t x208; @@ -4541,9 +4489,8 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out uint32_t x227; uint32_t x228; uint32_t x229; - uint32_t x230; fiat_p256_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p256_uint1)((fiat_p256_uint1)(x1 >> 31) & (fiat_p256_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p256_uint1)((fiat_p256_uint1)(x1 >> 31) & (fiat_p256_uint1)(arg3[0])); fiat_p256_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p256_cmovznz_u32(&x6, x3, arg1, x4); fiat_p256_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -4621,7 +4568,7 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out fiat_p256_addcarryx_u32(&x116, &x117, x115, x99, 0x0); fiat_p256_addcarryx_u32(&x118, &x119, x117, x101, 0x0); fiat_p256_addcarryx_u32(&x120, &x121, x119, x103, 0x0); - fiat_p256_addcarryx_u32(&x122, &x123, x121, x105, (fiat_p256_uint1)(x109 & 0x1)); + fiat_p256_addcarryx_u32(&x122, &x123, x121, x105, (fiat_p256_uint1)x109); fiat_p256_addcarryx_u32(&x124, &x125, x123, x107, x109); fiat_p256_cmovznz_u32(&x126, x3, (arg5[0]), x110); fiat_p256_cmovznz_u32(&x127, x3, (arg5[1]), x112); @@ -4631,77 +4578,76 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out fiat_p256_cmovznz_u32(&x131, x3, (arg5[5]), x120); fiat_p256_cmovznz_u32(&x132, x3, (arg5[6]), x122); fiat_p256_cmovznz_u32(&x133, x3, (arg5[7]), x124); - x134 = (fiat_p256_uint1)(x34 & 0x1); - fiat_p256_cmovznz_u32(&x135, x134, 0x0, x7); - fiat_p256_cmovznz_u32(&x136, x134, 0x0, x8); - fiat_p256_cmovznz_u32(&x137, x134, 0x0, x9); - fiat_p256_cmovznz_u32(&x138, x134, 0x0, x10); - fiat_p256_cmovznz_u32(&x139, x134, 0x0, x11); - fiat_p256_cmovznz_u32(&x140, x134, 0x0, x12); - fiat_p256_cmovznz_u32(&x141, x134, 0x0, x13); - fiat_p256_cmovznz_u32(&x142, x134, 0x0, x14); - fiat_p256_cmovznz_u32(&x143, x134, 0x0, x15); - fiat_p256_addcarryx_u32(&x144, &x145, 0x0, x34, x135); - fiat_p256_addcarryx_u32(&x146, &x147, x145, x35, x136); - fiat_p256_addcarryx_u32(&x148, &x149, x147, x36, x137); - fiat_p256_addcarryx_u32(&x150, &x151, x149, x37, x138); - fiat_p256_addcarryx_u32(&x152, &x153, x151, x38, x139); - fiat_p256_addcarryx_u32(&x154, &x155, x153, x39, x140); - fiat_p256_addcarryx_u32(&x156, &x157, x155, x40, x141); - fiat_p256_addcarryx_u32(&x158, &x159, x157, x41, x142); - fiat_p256_addcarryx_u32(&x160, &x161, x159, x42, x143); - fiat_p256_cmovznz_u32(&x162, x134, 0x0, x43); - fiat_p256_cmovznz_u32(&x163, x134, 0x0, x44); - fiat_p256_cmovznz_u32(&x164, x134, 0x0, x45); - fiat_p256_cmovznz_u32(&x165, x134, 0x0, x46); - fiat_p256_cmovznz_u32(&x166, x134, 0x0, x47); - fiat_p256_cmovznz_u32(&x167, x134, 0x0, x48); - fiat_p256_cmovznz_u32(&x168, x134, 0x0, x49); - fiat_p256_cmovznz_u32(&x169, x134, 0x0, x50); - fiat_p256_addcarryx_u32(&x170, &x171, 0x0, x126, x162); - fiat_p256_addcarryx_u32(&x172, &x173, x171, x127, x163); - fiat_p256_addcarryx_u32(&x174, &x175, x173, x128, x164); - fiat_p256_addcarryx_u32(&x176, &x177, x175, x129, x165); - fiat_p256_addcarryx_u32(&x178, &x179, x177, x130, x166); - fiat_p256_addcarryx_u32(&x180, &x181, x179, x131, x167); - fiat_p256_addcarryx_u32(&x182, &x183, x181, x132, x168); - fiat_p256_addcarryx_u32(&x184, &x185, x183, x133, x169); - fiat_p256_subborrowx_u32(&x186, &x187, 0x0, x170, UINT32_C(0xffffffff)); - fiat_p256_subborrowx_u32(&x188, &x189, x187, x172, UINT32_C(0xffffffff)); - fiat_p256_subborrowx_u32(&x190, &x191, x189, x174, UINT32_C(0xffffffff)); - fiat_p256_subborrowx_u32(&x192, &x193, x191, x176, 0x0); - fiat_p256_subborrowx_u32(&x194, &x195, x193, x178, 0x0); - fiat_p256_subborrowx_u32(&x196, &x197, x195, x180, 0x0); - fiat_p256_subborrowx_u32(&x198, &x199, x197, x182, 0x1); - fiat_p256_subborrowx_u32(&x200, &x201, x199, x184, UINT32_C(0xffffffff)); - fiat_p256_subborrowx_u32(&x202, &x203, x201, x185, 0x0); - fiat_p256_addcarryx_u32(&x204, &x205, 0x0, x6, 0x1); - x206 = ((x144 >> 1) | ((x146 << 31) & UINT32_C(0xffffffff))); - x207 = ((x146 >> 1) | ((x148 << 31) & UINT32_C(0xffffffff))); - x208 = ((x148 >> 1) | ((x150 << 31) & UINT32_C(0xffffffff))); - x209 = ((x150 >> 1) | ((x152 << 31) & UINT32_C(0xffffffff))); - x210 = ((x152 >> 1) | ((x154 << 31) & UINT32_C(0xffffffff))); - x211 = ((x154 >> 1) | ((x156 << 31) & UINT32_C(0xffffffff))); - x212 = ((x156 >> 1) | ((x158 << 31) & UINT32_C(0xffffffff))); - x213 = ((x158 >> 1) | ((x160 << 31) & UINT32_C(0xffffffff))); - x214 = ((x160 & UINT32_C(0x80000000)) | (x160 >> 1)); - fiat_p256_cmovznz_u32(&x215, x84, x67, x51); - fiat_p256_cmovznz_u32(&x216, x84, x69, x53); - fiat_p256_cmovznz_u32(&x217, x84, x71, x55); - fiat_p256_cmovznz_u32(&x218, x84, x73, x57); - fiat_p256_cmovznz_u32(&x219, x84, x75, x59); - fiat_p256_cmovznz_u32(&x220, x84, x77, x61); - fiat_p256_cmovznz_u32(&x221, x84, x79, x63); - fiat_p256_cmovznz_u32(&x222, x84, x81, x65); - fiat_p256_cmovznz_u32(&x223, x203, x186, x170); - fiat_p256_cmovznz_u32(&x224, x203, x188, x172); - fiat_p256_cmovznz_u32(&x225, x203, x190, x174); - fiat_p256_cmovznz_u32(&x226, x203, x192, x176); - fiat_p256_cmovznz_u32(&x227, x203, x194, x178); - fiat_p256_cmovznz_u32(&x228, x203, x196, x180); - fiat_p256_cmovznz_u32(&x229, x203, x198, x182); - fiat_p256_cmovznz_u32(&x230, x203, x200, x184); - *out1 = x204; + fiat_p256_cmovznz_u32(&x134, (fiat_p256_uint1)x34, 0x0, x7); + fiat_p256_cmovznz_u32(&x135, (fiat_p256_uint1)x34, 0x0, x8); + fiat_p256_cmovznz_u32(&x136, (fiat_p256_uint1)x34, 0x0, x9); + fiat_p256_cmovznz_u32(&x137, (fiat_p256_uint1)x34, 0x0, x10); + fiat_p256_cmovznz_u32(&x138, (fiat_p256_uint1)x34, 0x0, x11); + fiat_p256_cmovznz_u32(&x139, (fiat_p256_uint1)x34, 0x0, x12); + fiat_p256_cmovznz_u32(&x140, (fiat_p256_uint1)x34, 0x0, x13); + fiat_p256_cmovznz_u32(&x141, (fiat_p256_uint1)x34, 0x0, x14); + fiat_p256_cmovznz_u32(&x142, (fiat_p256_uint1)x34, 0x0, x15); + fiat_p256_addcarryx_u32(&x143, &x144, 0x0, x34, x134); + fiat_p256_addcarryx_u32(&x145, &x146, x144, x35, x135); + fiat_p256_addcarryx_u32(&x147, &x148, x146, x36, x136); + fiat_p256_addcarryx_u32(&x149, &x150, x148, x37, x137); + fiat_p256_addcarryx_u32(&x151, &x152, x150, x38, x138); + fiat_p256_addcarryx_u32(&x153, &x154, x152, x39, x139); + fiat_p256_addcarryx_u32(&x155, &x156, x154, x40, x140); + fiat_p256_addcarryx_u32(&x157, &x158, x156, x41, x141); + fiat_p256_addcarryx_u32(&x159, &x160, x158, x42, x142); + fiat_p256_cmovznz_u32(&x161, (fiat_p256_uint1)x34, 0x0, x43); + fiat_p256_cmovznz_u32(&x162, (fiat_p256_uint1)x34, 0x0, x44); + fiat_p256_cmovznz_u32(&x163, (fiat_p256_uint1)x34, 0x0, x45); + fiat_p256_cmovznz_u32(&x164, (fiat_p256_uint1)x34, 0x0, x46); + fiat_p256_cmovznz_u32(&x165, (fiat_p256_uint1)x34, 0x0, x47); + fiat_p256_cmovznz_u32(&x166, (fiat_p256_uint1)x34, 0x0, x48); + fiat_p256_cmovznz_u32(&x167, (fiat_p256_uint1)x34, 0x0, x49); + fiat_p256_cmovznz_u32(&x168, (fiat_p256_uint1)x34, 0x0, x50); + fiat_p256_addcarryx_u32(&x169, &x170, 0x0, x126, x161); + fiat_p256_addcarryx_u32(&x171, &x172, x170, x127, x162); + fiat_p256_addcarryx_u32(&x173, &x174, x172, x128, x163); + fiat_p256_addcarryx_u32(&x175, &x176, x174, x129, x164); + fiat_p256_addcarryx_u32(&x177, &x178, x176, x130, x165); + fiat_p256_addcarryx_u32(&x179, &x180, x178, x131, x166); + fiat_p256_addcarryx_u32(&x181, &x182, x180, x132, x167); + fiat_p256_addcarryx_u32(&x183, &x184, x182, x133, x168); + fiat_p256_subborrowx_u32(&x185, &x186, 0x0, x169, UINT32_C(0xffffffff)); + fiat_p256_subborrowx_u32(&x187, &x188, x186, x171, UINT32_C(0xffffffff)); + fiat_p256_subborrowx_u32(&x189, &x190, x188, x173, UINT32_C(0xffffffff)); + fiat_p256_subborrowx_u32(&x191, &x192, x190, x175, 0x0); + fiat_p256_subborrowx_u32(&x193, &x194, x192, x177, 0x0); + fiat_p256_subborrowx_u32(&x195, &x196, x194, x179, 0x0); + fiat_p256_subborrowx_u32(&x197, &x198, x196, x181, 0x1); + fiat_p256_subborrowx_u32(&x199, &x200, x198, x183, UINT32_C(0xffffffff)); + fiat_p256_subborrowx_u32(&x201, &x202, x200, x184, 0x0); + fiat_p256_addcarryx_u32(&x203, &x204, 0x0, x6, 0x1); + x205 = ((x143 >> 1) | ((x145 << 31) & UINT32_C(0xffffffff))); + x206 = ((x145 >> 1) | ((x147 << 31) & UINT32_C(0xffffffff))); + x207 = ((x147 >> 1) | ((x149 << 31) & UINT32_C(0xffffffff))); + x208 = ((x149 >> 1) | ((x151 << 31) & UINT32_C(0xffffffff))); + x209 = ((x151 >> 1) | ((x153 << 31) & UINT32_C(0xffffffff))); + x210 = ((x153 >> 1) | ((x155 << 31) & UINT32_C(0xffffffff))); + x211 = ((x155 >> 1) | ((x157 << 31) & UINT32_C(0xffffffff))); + x212 = ((x157 >> 1) | ((x159 << 31) & UINT32_C(0xffffffff))); + x213 = ((x159 & UINT32_C(0x80000000)) | (x159 >> 1)); + fiat_p256_cmovznz_u32(&x214, x84, x67, x51); + fiat_p256_cmovznz_u32(&x215, x84, x69, x53); + fiat_p256_cmovznz_u32(&x216, x84, x71, x55); + fiat_p256_cmovznz_u32(&x217, x84, x73, x57); + fiat_p256_cmovznz_u32(&x218, x84, x75, x59); + fiat_p256_cmovznz_u32(&x219, x84, x77, x61); + fiat_p256_cmovznz_u32(&x220, x84, x79, x63); + fiat_p256_cmovznz_u32(&x221, x84, x81, x65); + fiat_p256_cmovznz_u32(&x222, x202, x185, x169); + fiat_p256_cmovznz_u32(&x223, x202, x187, x171); + fiat_p256_cmovznz_u32(&x224, x202, x189, x173); + fiat_p256_cmovznz_u32(&x225, x202, x191, x175); + fiat_p256_cmovznz_u32(&x226, x202, x193, x177); + fiat_p256_cmovznz_u32(&x227, x202, x195, x179); + fiat_p256_cmovznz_u32(&x228, x202, x197, x181); + fiat_p256_cmovznz_u32(&x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4711,31 +4657,31 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint32_t* out1, uint32_t out out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /* diff --git a/fiat-c/src/p256_64.c b/fiat-c/src/p256_64.c index cdb4b48877..a3c9da9985 100644 --- a/fiat-c/src/p256_64.c +++ b/fiat-c/src/p256_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p256_value_barrier_u64(uint64_t a) { */ static FIAT_P256_FIAT_INLINE void fiat_p256_addcarryx_u64(uint64_t* out1, fiat_p256_uint1* out2, fiat_p256_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p256_uint128 x1; - uint64_t x2; - fiat_p256_uint1 x3; + fiat_p256_uint1 x2; x1 = ((arg1 + (fiat_p256_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p256_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p256_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_subborrowx_u64(uint64_t* out1, fiat_ static FIAT_P256_FIAT_INLINE void fiat_p256_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p256_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p256_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -1404,154 +1400,98 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_to_bytes(uint8_t out1[32], const uin uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint8_t x60; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = (uint8_t)x28; + out1[28] = (uint8_t)x29; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -1832,46 +1772,46 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint64_t* out1, uint64_t out uint64_t x71; uint64_t x72; uint64_t x73; - fiat_p256_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_p256_uint1 x81; - uint64_t x82; - fiat_p256_uint1 x83; - uint64_t x84; - fiat_p256_uint1 x85; - uint64_t x86; - fiat_p256_uint1 x87; - uint64_t x88; - fiat_p256_uint1 x89; + fiat_p256_uint1 x80; + uint64_t x81; + fiat_p256_uint1 x82; + uint64_t x83; + fiat_p256_uint1 x84; + uint64_t x85; + fiat_p256_uint1 x86; + uint64_t x87; + fiat_p256_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_p256_uint1 x95; - uint64_t x96; - fiat_p256_uint1 x97; - uint64_t x98; - fiat_p256_uint1 x99; - uint64_t x100; - fiat_p256_uint1 x101; - uint64_t x102; - fiat_p256_uint1 x103; - uint64_t x104; - fiat_p256_uint1 x105; - uint64_t x106; - fiat_p256_uint1 x107; - uint64_t x108; - fiat_p256_uint1 x109; - uint64_t x110; - fiat_p256_uint1 x111; - uint64_t x112; - fiat_p256_uint1 x113; + fiat_p256_uint1 x94; + uint64_t x95; + fiat_p256_uint1 x96; + uint64_t x97; + fiat_p256_uint1 x98; + uint64_t x99; + fiat_p256_uint1 x100; + uint64_t x101; + fiat_p256_uint1 x102; + uint64_t x103; + fiat_p256_uint1 x104; + uint64_t x105; + fiat_p256_uint1 x106; + uint64_t x107; + fiat_p256_uint1 x108; + uint64_t x109; + fiat_p256_uint1 x110; + uint64_t x111; + fiat_p256_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -1884,9 +1824,8 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint64_t* out1, uint64_t out uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_p256_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p256_uint1)((fiat_p256_uint1)(x1 >> 63) & (fiat_p256_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p256_uint1)((fiat_p256_uint1)(x1 >> 63) & (fiat_p256_uint1)(arg3[0])); fiat_p256_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p256_cmovznz_u64(&x6, x3, arg1, x4); fiat_p256_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -1934,63 +1873,62 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_divstep(uint64_t* out1, uint64_t out fiat_p256_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_p256_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_p256_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_p256_uint1)(x22 & 0x1); - fiat_p256_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_p256_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_p256_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_p256_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_p256_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_p256_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_p256_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_p256_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_p256_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_p256_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_p256_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_p256_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_p256_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_p256_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_p256_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_p256_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_p256_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_p256_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_p256_subborrowx_u64(&x102, &x103, 0x0, x94, UINT64_C(0xffffffffffffffff)); - fiat_p256_subborrowx_u64(&x104, &x105, x103, x96, UINT32_C(0xffffffff)); - fiat_p256_subborrowx_u64(&x106, &x107, x105, x98, 0x0); - fiat_p256_subborrowx_u64(&x108, &x109, x107, x100, UINT64_C(0xffffffff00000001)); - fiat_p256_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_p256_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_p256_cmovznz_u64(&x119, x48, x39, x31); - fiat_p256_cmovznz_u64(&x120, x48, x41, x33); - fiat_p256_cmovznz_u64(&x121, x48, x43, x35); - fiat_p256_cmovznz_u64(&x122, x48, x45, x37); - fiat_p256_cmovznz_u64(&x123, x111, x102, x94); - fiat_p256_cmovznz_u64(&x124, x111, x104, x96); - fiat_p256_cmovznz_u64(&x125, x111, x106, x98); - fiat_p256_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_p256_cmovznz_u64(&x74, (fiat_p256_uint1)x22, 0x0, x7); + fiat_p256_cmovznz_u64(&x75, (fiat_p256_uint1)x22, 0x0, x8); + fiat_p256_cmovznz_u64(&x76, (fiat_p256_uint1)x22, 0x0, x9); + fiat_p256_cmovznz_u64(&x77, (fiat_p256_uint1)x22, 0x0, x10); + fiat_p256_cmovznz_u64(&x78, (fiat_p256_uint1)x22, 0x0, x11); + fiat_p256_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_p256_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_p256_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_p256_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_p256_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_p256_cmovznz_u64(&x89, (fiat_p256_uint1)x22, 0x0, x27); + fiat_p256_cmovznz_u64(&x90, (fiat_p256_uint1)x22, 0x0, x28); + fiat_p256_cmovznz_u64(&x91, (fiat_p256_uint1)x22, 0x0, x29); + fiat_p256_cmovznz_u64(&x92, (fiat_p256_uint1)x22, 0x0, x30); + fiat_p256_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_p256_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_p256_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_p256_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_p256_subborrowx_u64(&x101, &x102, 0x0, x93, UINT64_C(0xffffffffffffffff)); + fiat_p256_subborrowx_u64(&x103, &x104, x102, x95, UINT32_C(0xffffffff)); + fiat_p256_subborrowx_u64(&x105, &x106, x104, x97, 0x0); + fiat_p256_subborrowx_u64(&x107, &x108, x106, x99, UINT64_C(0xffffffff00000001)); + fiat_p256_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_p256_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_p256_cmovznz_u64(&x118, x48, x39, x31); + fiat_p256_cmovznz_u64(&x119, x48, x41, x33); + fiat_p256_cmovznz_u64(&x120, x48, x43, x35); + fiat_p256_cmovznz_u64(&x121, x48, x45, x37); + fiat_p256_cmovznz_u64(&x122, x110, x101, x93); + fiat_p256_cmovznz_u64(&x123, x110, x103, x95); + fiat_p256_cmovznz_u64(&x124, x110, x105, x97); + fiat_p256_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-c/src/p256_scalar_32.c b/fiat-c/src/p256_scalar_32.c index 78c43786fe..784cfc36bd 100644 --- a/fiat-c/src/p256_scalar_32.c +++ b/fiat-c/src/p256_scalar_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_p256_scalar_value_barrier_u32(uint32_t a) { */ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_addcarryx_u32(uint32_t* out1, fiat_p256_scalar_uint1* out2, fiat_p256_scalar_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_p256_scalar_uint1 x3; + fiat_p256_scalar_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_p256_scalar_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p256_scalar_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_subborrowx_u32(uint32_ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -4763,54 +4759,30 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_to_bytes(uint8_t out1[ uint32_t x6; uint32_t x7; uint32_t x8; - uint8_t x9; + uint32_t x9; uint32_t x10; uint8_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint8_t x14; - uint8_t x15; + uint32_t x15; uint32_t x16; uint8_t x17; uint32_t x18; - uint8_t x19; + uint32_t x19; uint8_t x20; - uint8_t x21; + uint32_t x21; uint32_t x22; uint8_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint8_t x26; - uint8_t x27; + uint32_t x27; uint32_t x28; uint8_t x29; uint32_t x30; - uint8_t x31; + uint32_t x31; uint8_t x32; - uint8_t x33; - uint32_t x34; - uint8_t x35; - uint32_t x36; - uint8_t x37; - uint8_t x38; - uint8_t x39; - uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint8_t x45; - uint32_t x46; - uint8_t x47; - uint32_t x48; - uint8_t x49; - uint8_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint32_t x54; - uint8_t x55; - uint8_t x56; x1 = (arg1[7]); x2 = (arg1[6]); x3 = (arg1[5]); @@ -4819,86 +4791,62 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_to_bytes(uint8_t out1[ x6 = (arg1[2]); x7 = (arg1[1]); x8 = (arg1[0]); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (uint8_t)(x12 >> 8); - x15 = (uint8_t)(x7 & UINT8_C(0xff)); - x16 = (x7 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x6 & UINT8_C(0xff)); - x22 = (x6 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (uint8_t)(x24 >> 8); - x27 = (uint8_t)(x5 & UINT8_C(0xff)); - x28 = (x5 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x4 & UINT8_C(0xff)); - x34 = (x4 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (uint8_t)(x36 >> 8); - x39 = (uint8_t)(x3 & UINT8_C(0xff)); - x40 = (x3 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (uint8_t)(x2 & UINT8_C(0xff)); - x46 = (x2 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (uint8_t)(x1 & UINT8_C(0xff)); - x52 = (x1 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (uint8_t)(x54 >> 8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x7 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (uint8_t)(x16 >> 8); + x18 = (x5 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (uint8_t)(x22 >> 8); + x24 = (x3 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x2 >> 8); + x28 = (x27 >> 8); + x29 = (uint8_t)(x28 >> 8); + x30 = (x1 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x9; + out1[2] = (uint8_t)x10; + out1[3] = x11; + out1[4] = (uint8_t)x7; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = x17; + out1[12] = (uint8_t)x5; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = x23; + out1[20] = (uint8_t)x3; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x25; + out1[23] = x26; + out1[24] = (uint8_t)x2; + out1[25] = (uint8_t)x27; + out1[26] = (uint8_t)x28; + out1[27] = x29; + out1[28] = (uint8_t)x1; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -5243,7 +5191,7 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 uint32_t x131; uint32_t x132; uint32_t x133; - fiat_p256_scalar_uint1 x134; + uint32_t x134; uint32_t x135; uint32_t x136; uint32_t x137; @@ -5253,24 +5201,24 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 uint32_t x141; uint32_t x142; uint32_t x143; - uint32_t x144; - fiat_p256_scalar_uint1 x145; - uint32_t x146; - fiat_p256_scalar_uint1 x147; - uint32_t x148; - fiat_p256_scalar_uint1 x149; - uint32_t x150; - fiat_p256_scalar_uint1 x151; - uint32_t x152; - fiat_p256_scalar_uint1 x153; - uint32_t x154; - fiat_p256_scalar_uint1 x155; - uint32_t x156; - fiat_p256_scalar_uint1 x157; - uint32_t x158; - fiat_p256_scalar_uint1 x159; - uint32_t x160; - fiat_p256_scalar_uint1 x161; + fiat_p256_scalar_uint1 x144; + uint32_t x145; + fiat_p256_scalar_uint1 x146; + uint32_t x147; + fiat_p256_scalar_uint1 x148; + uint32_t x149; + fiat_p256_scalar_uint1 x150; + uint32_t x151; + fiat_p256_scalar_uint1 x152; + uint32_t x153; + fiat_p256_scalar_uint1 x154; + uint32_t x155; + fiat_p256_scalar_uint1 x156; + uint32_t x157; + fiat_p256_scalar_uint1 x158; + uint32_t x159; + fiat_p256_scalar_uint1 x160; + uint32_t x161; uint32_t x162; uint32_t x163; uint32_t x164; @@ -5279,42 +5227,42 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 uint32_t x167; uint32_t x168; uint32_t x169; - uint32_t x170; - fiat_p256_scalar_uint1 x171; - uint32_t x172; - fiat_p256_scalar_uint1 x173; - uint32_t x174; - fiat_p256_scalar_uint1 x175; - uint32_t x176; - fiat_p256_scalar_uint1 x177; - uint32_t x178; - fiat_p256_scalar_uint1 x179; - uint32_t x180; - fiat_p256_scalar_uint1 x181; - uint32_t x182; - fiat_p256_scalar_uint1 x183; - uint32_t x184; - fiat_p256_scalar_uint1 x185; - uint32_t x186; - fiat_p256_scalar_uint1 x187; - uint32_t x188; - fiat_p256_scalar_uint1 x189; - uint32_t x190; - fiat_p256_scalar_uint1 x191; - uint32_t x192; - fiat_p256_scalar_uint1 x193; - uint32_t x194; - fiat_p256_scalar_uint1 x195; - uint32_t x196; - fiat_p256_scalar_uint1 x197; - uint32_t x198; - fiat_p256_scalar_uint1 x199; - uint32_t x200; - fiat_p256_scalar_uint1 x201; - uint32_t x202; - fiat_p256_scalar_uint1 x203; - uint32_t x204; - fiat_p256_scalar_uint1 x205; + fiat_p256_scalar_uint1 x170; + uint32_t x171; + fiat_p256_scalar_uint1 x172; + uint32_t x173; + fiat_p256_scalar_uint1 x174; + uint32_t x175; + fiat_p256_scalar_uint1 x176; + uint32_t x177; + fiat_p256_scalar_uint1 x178; + uint32_t x179; + fiat_p256_scalar_uint1 x180; + uint32_t x181; + fiat_p256_scalar_uint1 x182; + uint32_t x183; + fiat_p256_scalar_uint1 x184; + uint32_t x185; + fiat_p256_scalar_uint1 x186; + uint32_t x187; + fiat_p256_scalar_uint1 x188; + uint32_t x189; + fiat_p256_scalar_uint1 x190; + uint32_t x191; + fiat_p256_scalar_uint1 x192; + uint32_t x193; + fiat_p256_scalar_uint1 x194; + uint32_t x195; + fiat_p256_scalar_uint1 x196; + uint32_t x197; + fiat_p256_scalar_uint1 x198; + uint32_t x199; + fiat_p256_scalar_uint1 x200; + uint32_t x201; + fiat_p256_scalar_uint1 x202; + uint32_t x203; + fiat_p256_scalar_uint1 x204; + uint32_t x205; uint32_t x206; uint32_t x207; uint32_t x208; @@ -5339,9 +5287,8 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 uint32_t x227; uint32_t x228; uint32_t x229; - uint32_t x230; fiat_p256_scalar_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p256_scalar_uint1)((fiat_p256_scalar_uint1)(x1 >> 31) & (fiat_p256_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p256_scalar_uint1)((fiat_p256_scalar_uint1)(x1 >> 31) & (fiat_p256_scalar_uint1)(arg3[0])); fiat_p256_scalar_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p256_scalar_cmovznz_u32(&x6, x3, arg1, x4); fiat_p256_scalar_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -5429,77 +5376,76 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 fiat_p256_scalar_cmovznz_u32(&x131, x3, (arg5[5]), x120); fiat_p256_scalar_cmovznz_u32(&x132, x3, (arg5[6]), x122); fiat_p256_scalar_cmovznz_u32(&x133, x3, (arg5[7]), x124); - x134 = (fiat_p256_scalar_uint1)(x34 & 0x1); - fiat_p256_scalar_cmovznz_u32(&x135, x134, 0x0, x7); - fiat_p256_scalar_cmovznz_u32(&x136, x134, 0x0, x8); - fiat_p256_scalar_cmovznz_u32(&x137, x134, 0x0, x9); - fiat_p256_scalar_cmovznz_u32(&x138, x134, 0x0, x10); - fiat_p256_scalar_cmovznz_u32(&x139, x134, 0x0, x11); - fiat_p256_scalar_cmovznz_u32(&x140, x134, 0x0, x12); - fiat_p256_scalar_cmovznz_u32(&x141, x134, 0x0, x13); - fiat_p256_scalar_cmovznz_u32(&x142, x134, 0x0, x14); - fiat_p256_scalar_cmovznz_u32(&x143, x134, 0x0, x15); - fiat_p256_scalar_addcarryx_u32(&x144, &x145, 0x0, x34, x135); - fiat_p256_scalar_addcarryx_u32(&x146, &x147, x145, x35, x136); - fiat_p256_scalar_addcarryx_u32(&x148, &x149, x147, x36, x137); - fiat_p256_scalar_addcarryx_u32(&x150, &x151, x149, x37, x138); - fiat_p256_scalar_addcarryx_u32(&x152, &x153, x151, x38, x139); - fiat_p256_scalar_addcarryx_u32(&x154, &x155, x153, x39, x140); - fiat_p256_scalar_addcarryx_u32(&x156, &x157, x155, x40, x141); - fiat_p256_scalar_addcarryx_u32(&x158, &x159, x157, x41, x142); - fiat_p256_scalar_addcarryx_u32(&x160, &x161, x159, x42, x143); - fiat_p256_scalar_cmovznz_u32(&x162, x134, 0x0, x43); - fiat_p256_scalar_cmovznz_u32(&x163, x134, 0x0, x44); - fiat_p256_scalar_cmovznz_u32(&x164, x134, 0x0, x45); - fiat_p256_scalar_cmovznz_u32(&x165, x134, 0x0, x46); - fiat_p256_scalar_cmovznz_u32(&x166, x134, 0x0, x47); - fiat_p256_scalar_cmovznz_u32(&x167, x134, 0x0, x48); - fiat_p256_scalar_cmovznz_u32(&x168, x134, 0x0, x49); - fiat_p256_scalar_cmovznz_u32(&x169, x134, 0x0, x50); - fiat_p256_scalar_addcarryx_u32(&x170, &x171, 0x0, x126, x162); - fiat_p256_scalar_addcarryx_u32(&x172, &x173, x171, x127, x163); - fiat_p256_scalar_addcarryx_u32(&x174, &x175, x173, x128, x164); - fiat_p256_scalar_addcarryx_u32(&x176, &x177, x175, x129, x165); - fiat_p256_scalar_addcarryx_u32(&x178, &x179, x177, x130, x166); - fiat_p256_scalar_addcarryx_u32(&x180, &x181, x179, x131, x167); - fiat_p256_scalar_addcarryx_u32(&x182, &x183, x181, x132, x168); - fiat_p256_scalar_addcarryx_u32(&x184, &x185, x183, x133, x169); - fiat_p256_scalar_subborrowx_u32(&x186, &x187, 0x0, x170, UINT32_C(0xfc632551)); - fiat_p256_scalar_subborrowx_u32(&x188, &x189, x187, x172, UINT32_C(0xf3b9cac2)); - fiat_p256_scalar_subborrowx_u32(&x190, &x191, x189, x174, UINT32_C(0xa7179e84)); - fiat_p256_scalar_subborrowx_u32(&x192, &x193, x191, x176, UINT32_C(0xbce6faad)); - fiat_p256_scalar_subborrowx_u32(&x194, &x195, x193, x178, UINT32_C(0xffffffff)); - fiat_p256_scalar_subborrowx_u32(&x196, &x197, x195, x180, UINT32_C(0xffffffff)); - fiat_p256_scalar_subborrowx_u32(&x198, &x199, x197, x182, 0x0); - fiat_p256_scalar_subborrowx_u32(&x200, &x201, x199, x184, UINT32_C(0xffffffff)); - fiat_p256_scalar_subborrowx_u32(&x202, &x203, x201, x185, 0x0); - fiat_p256_scalar_addcarryx_u32(&x204, &x205, 0x0, x6, 0x1); - x206 = ((x144 >> 1) | ((x146 << 31) & UINT32_C(0xffffffff))); - x207 = ((x146 >> 1) | ((x148 << 31) & UINT32_C(0xffffffff))); - x208 = ((x148 >> 1) | ((x150 << 31) & UINT32_C(0xffffffff))); - x209 = ((x150 >> 1) | ((x152 << 31) & UINT32_C(0xffffffff))); - x210 = ((x152 >> 1) | ((x154 << 31) & UINT32_C(0xffffffff))); - x211 = ((x154 >> 1) | ((x156 << 31) & UINT32_C(0xffffffff))); - x212 = ((x156 >> 1) | ((x158 << 31) & UINT32_C(0xffffffff))); - x213 = ((x158 >> 1) | ((x160 << 31) & UINT32_C(0xffffffff))); - x214 = ((x160 & UINT32_C(0x80000000)) | (x160 >> 1)); - fiat_p256_scalar_cmovznz_u32(&x215, x84, x67, x51); - fiat_p256_scalar_cmovznz_u32(&x216, x84, x69, x53); - fiat_p256_scalar_cmovznz_u32(&x217, x84, x71, x55); - fiat_p256_scalar_cmovznz_u32(&x218, x84, x73, x57); - fiat_p256_scalar_cmovznz_u32(&x219, x84, x75, x59); - fiat_p256_scalar_cmovznz_u32(&x220, x84, x77, x61); - fiat_p256_scalar_cmovznz_u32(&x221, x84, x79, x63); - fiat_p256_scalar_cmovznz_u32(&x222, x84, x81, x65); - fiat_p256_scalar_cmovznz_u32(&x223, x203, x186, x170); - fiat_p256_scalar_cmovznz_u32(&x224, x203, x188, x172); - fiat_p256_scalar_cmovznz_u32(&x225, x203, x190, x174); - fiat_p256_scalar_cmovznz_u32(&x226, x203, x192, x176); - fiat_p256_scalar_cmovznz_u32(&x227, x203, x194, x178); - fiat_p256_scalar_cmovznz_u32(&x228, x203, x196, x180); - fiat_p256_scalar_cmovznz_u32(&x229, x203, x198, x182); - fiat_p256_scalar_cmovznz_u32(&x230, x203, x200, x184); - *out1 = x204; + fiat_p256_scalar_cmovznz_u32(&x134, (fiat_p256_scalar_uint1)x34, 0x0, x7); + fiat_p256_scalar_cmovznz_u32(&x135, (fiat_p256_scalar_uint1)x34, 0x0, x8); + fiat_p256_scalar_cmovznz_u32(&x136, (fiat_p256_scalar_uint1)x34, 0x0, x9); + fiat_p256_scalar_cmovznz_u32(&x137, (fiat_p256_scalar_uint1)x34, 0x0, x10); + fiat_p256_scalar_cmovznz_u32(&x138, (fiat_p256_scalar_uint1)x34, 0x0, x11); + fiat_p256_scalar_cmovznz_u32(&x139, (fiat_p256_scalar_uint1)x34, 0x0, x12); + fiat_p256_scalar_cmovznz_u32(&x140, (fiat_p256_scalar_uint1)x34, 0x0, x13); + fiat_p256_scalar_cmovznz_u32(&x141, (fiat_p256_scalar_uint1)x34, 0x0, x14); + fiat_p256_scalar_cmovznz_u32(&x142, (fiat_p256_scalar_uint1)x34, 0x0, x15); + fiat_p256_scalar_addcarryx_u32(&x143, &x144, 0x0, x34, x134); + fiat_p256_scalar_addcarryx_u32(&x145, &x146, x144, x35, x135); + fiat_p256_scalar_addcarryx_u32(&x147, &x148, x146, x36, x136); + fiat_p256_scalar_addcarryx_u32(&x149, &x150, x148, x37, x137); + fiat_p256_scalar_addcarryx_u32(&x151, &x152, x150, x38, x138); + fiat_p256_scalar_addcarryx_u32(&x153, &x154, x152, x39, x139); + fiat_p256_scalar_addcarryx_u32(&x155, &x156, x154, x40, x140); + fiat_p256_scalar_addcarryx_u32(&x157, &x158, x156, x41, x141); + fiat_p256_scalar_addcarryx_u32(&x159, &x160, x158, x42, x142); + fiat_p256_scalar_cmovznz_u32(&x161, (fiat_p256_scalar_uint1)x34, 0x0, x43); + fiat_p256_scalar_cmovznz_u32(&x162, (fiat_p256_scalar_uint1)x34, 0x0, x44); + fiat_p256_scalar_cmovznz_u32(&x163, (fiat_p256_scalar_uint1)x34, 0x0, x45); + fiat_p256_scalar_cmovznz_u32(&x164, (fiat_p256_scalar_uint1)x34, 0x0, x46); + fiat_p256_scalar_cmovznz_u32(&x165, (fiat_p256_scalar_uint1)x34, 0x0, x47); + fiat_p256_scalar_cmovznz_u32(&x166, (fiat_p256_scalar_uint1)x34, 0x0, x48); + fiat_p256_scalar_cmovznz_u32(&x167, (fiat_p256_scalar_uint1)x34, 0x0, x49); + fiat_p256_scalar_cmovznz_u32(&x168, (fiat_p256_scalar_uint1)x34, 0x0, x50); + fiat_p256_scalar_addcarryx_u32(&x169, &x170, 0x0, x126, x161); + fiat_p256_scalar_addcarryx_u32(&x171, &x172, x170, x127, x162); + fiat_p256_scalar_addcarryx_u32(&x173, &x174, x172, x128, x163); + fiat_p256_scalar_addcarryx_u32(&x175, &x176, x174, x129, x164); + fiat_p256_scalar_addcarryx_u32(&x177, &x178, x176, x130, x165); + fiat_p256_scalar_addcarryx_u32(&x179, &x180, x178, x131, x166); + fiat_p256_scalar_addcarryx_u32(&x181, &x182, x180, x132, x167); + fiat_p256_scalar_addcarryx_u32(&x183, &x184, x182, x133, x168); + fiat_p256_scalar_subborrowx_u32(&x185, &x186, 0x0, x169, UINT32_C(0xfc632551)); + fiat_p256_scalar_subborrowx_u32(&x187, &x188, x186, x171, UINT32_C(0xf3b9cac2)); + fiat_p256_scalar_subborrowx_u32(&x189, &x190, x188, x173, UINT32_C(0xa7179e84)); + fiat_p256_scalar_subborrowx_u32(&x191, &x192, x190, x175, UINT32_C(0xbce6faad)); + fiat_p256_scalar_subborrowx_u32(&x193, &x194, x192, x177, UINT32_C(0xffffffff)); + fiat_p256_scalar_subborrowx_u32(&x195, &x196, x194, x179, UINT32_C(0xffffffff)); + fiat_p256_scalar_subborrowx_u32(&x197, &x198, x196, x181, 0x0); + fiat_p256_scalar_subborrowx_u32(&x199, &x200, x198, x183, UINT32_C(0xffffffff)); + fiat_p256_scalar_subborrowx_u32(&x201, &x202, x200, x184, 0x0); + fiat_p256_scalar_addcarryx_u32(&x203, &x204, 0x0, x6, 0x1); + x205 = ((x143 >> 1) | ((x145 << 31) & UINT32_C(0xffffffff))); + x206 = ((x145 >> 1) | ((x147 << 31) & UINT32_C(0xffffffff))); + x207 = ((x147 >> 1) | ((x149 << 31) & UINT32_C(0xffffffff))); + x208 = ((x149 >> 1) | ((x151 << 31) & UINT32_C(0xffffffff))); + x209 = ((x151 >> 1) | ((x153 << 31) & UINT32_C(0xffffffff))); + x210 = ((x153 >> 1) | ((x155 << 31) & UINT32_C(0xffffffff))); + x211 = ((x155 >> 1) | ((x157 << 31) & UINT32_C(0xffffffff))); + x212 = ((x157 >> 1) | ((x159 << 31) & UINT32_C(0xffffffff))); + x213 = ((x159 & UINT32_C(0x80000000)) | (x159 >> 1)); + fiat_p256_scalar_cmovznz_u32(&x214, x84, x67, x51); + fiat_p256_scalar_cmovznz_u32(&x215, x84, x69, x53); + fiat_p256_scalar_cmovznz_u32(&x216, x84, x71, x55); + fiat_p256_scalar_cmovznz_u32(&x217, x84, x73, x57); + fiat_p256_scalar_cmovznz_u32(&x218, x84, x75, x59); + fiat_p256_scalar_cmovznz_u32(&x219, x84, x77, x61); + fiat_p256_scalar_cmovznz_u32(&x220, x84, x79, x63); + fiat_p256_scalar_cmovznz_u32(&x221, x84, x81, x65); + fiat_p256_scalar_cmovznz_u32(&x222, x202, x185, x169); + fiat_p256_scalar_cmovznz_u32(&x223, x202, x187, x171); + fiat_p256_scalar_cmovznz_u32(&x224, x202, x189, x173); + fiat_p256_scalar_cmovznz_u32(&x225, x202, x191, x175); + fiat_p256_scalar_cmovznz_u32(&x226, x202, x193, x177); + fiat_p256_scalar_cmovznz_u32(&x227, x202, x195, x179); + fiat_p256_scalar_cmovznz_u32(&x228, x202, x197, x181); + fiat_p256_scalar_cmovznz_u32(&x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5509,31 +5455,31 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint32_t* out1 out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /* diff --git a/fiat-c/src/p256_scalar_64.c b/fiat-c/src/p256_scalar_64.c index 97dcaca63c..959a5e9d37 100644 --- a/fiat-c/src/p256_scalar_64.c +++ b/fiat-c/src/p256_scalar_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p256_scalar_value_barrier_u64(uint64_t a) { */ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_addcarryx_u64(uint64_t* out1, fiat_p256_scalar_uint1* out2, fiat_p256_scalar_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p256_scalar_uint128 x1; - uint64_t x2; - fiat_p256_scalar_uint1 x3; + fiat_p256_scalar_uint1 x2; x1 = ((arg1 + (fiat_p256_scalar_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p256_scalar_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p256_scalar_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_subborrowx_u64(uint64_ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p256_scalar_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p256_scalar_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -1608,154 +1604,98 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_to_bytes(uint8_t out1[ uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint8_t x60; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = (uint8_t)x28; + out1[28] = (uint8_t)x29; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -2036,46 +1976,46 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint64_t* out1 uint64_t x71; uint64_t x72; uint64_t x73; - fiat_p256_scalar_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_p256_scalar_uint1 x81; - uint64_t x82; - fiat_p256_scalar_uint1 x83; - uint64_t x84; - fiat_p256_scalar_uint1 x85; - uint64_t x86; - fiat_p256_scalar_uint1 x87; - uint64_t x88; - fiat_p256_scalar_uint1 x89; + fiat_p256_scalar_uint1 x80; + uint64_t x81; + fiat_p256_scalar_uint1 x82; + uint64_t x83; + fiat_p256_scalar_uint1 x84; + uint64_t x85; + fiat_p256_scalar_uint1 x86; + uint64_t x87; + fiat_p256_scalar_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_p256_scalar_uint1 x95; - uint64_t x96; - fiat_p256_scalar_uint1 x97; - uint64_t x98; - fiat_p256_scalar_uint1 x99; - uint64_t x100; - fiat_p256_scalar_uint1 x101; - uint64_t x102; - fiat_p256_scalar_uint1 x103; - uint64_t x104; - fiat_p256_scalar_uint1 x105; - uint64_t x106; - fiat_p256_scalar_uint1 x107; - uint64_t x108; - fiat_p256_scalar_uint1 x109; - uint64_t x110; - fiat_p256_scalar_uint1 x111; - uint64_t x112; - fiat_p256_scalar_uint1 x113; + fiat_p256_scalar_uint1 x94; + uint64_t x95; + fiat_p256_scalar_uint1 x96; + uint64_t x97; + fiat_p256_scalar_uint1 x98; + uint64_t x99; + fiat_p256_scalar_uint1 x100; + uint64_t x101; + fiat_p256_scalar_uint1 x102; + uint64_t x103; + fiat_p256_scalar_uint1 x104; + uint64_t x105; + fiat_p256_scalar_uint1 x106; + uint64_t x107; + fiat_p256_scalar_uint1 x108; + uint64_t x109; + fiat_p256_scalar_uint1 x110; + uint64_t x111; + fiat_p256_scalar_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -2088,9 +2028,8 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint64_t* out1 uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_p256_scalar_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p256_scalar_uint1)((fiat_p256_scalar_uint1)(x1 >> 63) & (fiat_p256_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p256_scalar_uint1)((fiat_p256_scalar_uint1)(x1 >> 63) & (fiat_p256_scalar_uint1)(arg3[0])); fiat_p256_scalar_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p256_scalar_cmovznz_u64(&x6, x3, arg1, x4); fiat_p256_scalar_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -2138,63 +2077,62 @@ static FIAT_P256_SCALAR_FIAT_INLINE void fiat_p256_scalar_divstep(uint64_t* out1 fiat_p256_scalar_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_p256_scalar_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_p256_scalar_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_p256_scalar_uint1)(x22 & 0x1); - fiat_p256_scalar_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_p256_scalar_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_p256_scalar_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_p256_scalar_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_p256_scalar_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_p256_scalar_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_p256_scalar_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_p256_scalar_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_p256_scalar_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_p256_scalar_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_p256_scalar_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_p256_scalar_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_p256_scalar_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_p256_scalar_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_p256_scalar_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_p256_scalar_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_p256_scalar_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_p256_scalar_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_p256_scalar_subborrowx_u64(&x102, &x103, 0x0, x94, UINT64_C(0xf3b9cac2fc632551)); - fiat_p256_scalar_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0xbce6faada7179e84)); - fiat_p256_scalar_subborrowx_u64(&x106, &x107, x105, x98, UINT64_C(0xffffffffffffffff)); - fiat_p256_scalar_subborrowx_u64(&x108, &x109, x107, x100, UINT64_C(0xffffffff00000000)); - fiat_p256_scalar_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_p256_scalar_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_p256_scalar_cmovznz_u64(&x119, x48, x39, x31); - fiat_p256_scalar_cmovznz_u64(&x120, x48, x41, x33); - fiat_p256_scalar_cmovznz_u64(&x121, x48, x43, x35); - fiat_p256_scalar_cmovznz_u64(&x122, x48, x45, x37); - fiat_p256_scalar_cmovznz_u64(&x123, x111, x102, x94); - fiat_p256_scalar_cmovznz_u64(&x124, x111, x104, x96); - fiat_p256_scalar_cmovznz_u64(&x125, x111, x106, x98); - fiat_p256_scalar_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_p256_scalar_cmovznz_u64(&x74, (fiat_p256_scalar_uint1)x22, 0x0, x7); + fiat_p256_scalar_cmovznz_u64(&x75, (fiat_p256_scalar_uint1)x22, 0x0, x8); + fiat_p256_scalar_cmovznz_u64(&x76, (fiat_p256_scalar_uint1)x22, 0x0, x9); + fiat_p256_scalar_cmovznz_u64(&x77, (fiat_p256_scalar_uint1)x22, 0x0, x10); + fiat_p256_scalar_cmovznz_u64(&x78, (fiat_p256_scalar_uint1)x22, 0x0, x11); + fiat_p256_scalar_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_p256_scalar_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_p256_scalar_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_p256_scalar_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_p256_scalar_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_p256_scalar_cmovznz_u64(&x89, (fiat_p256_scalar_uint1)x22, 0x0, x27); + fiat_p256_scalar_cmovznz_u64(&x90, (fiat_p256_scalar_uint1)x22, 0x0, x28); + fiat_p256_scalar_cmovznz_u64(&x91, (fiat_p256_scalar_uint1)x22, 0x0, x29); + fiat_p256_scalar_cmovznz_u64(&x92, (fiat_p256_scalar_uint1)x22, 0x0, x30); + fiat_p256_scalar_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_p256_scalar_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_p256_scalar_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_p256_scalar_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_p256_scalar_subborrowx_u64(&x101, &x102, 0x0, x93, UINT64_C(0xf3b9cac2fc632551)); + fiat_p256_scalar_subborrowx_u64(&x103, &x104, x102, x95, UINT64_C(0xbce6faada7179e84)); + fiat_p256_scalar_subborrowx_u64(&x105, &x106, x104, x97, UINT64_C(0xffffffffffffffff)); + fiat_p256_scalar_subborrowx_u64(&x107, &x108, x106, x99, UINT64_C(0xffffffff00000000)); + fiat_p256_scalar_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_p256_scalar_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_p256_scalar_cmovznz_u64(&x118, x48, x39, x31); + fiat_p256_scalar_cmovznz_u64(&x119, x48, x41, x33); + fiat_p256_scalar_cmovznz_u64(&x120, x48, x43, x35); + fiat_p256_scalar_cmovznz_u64(&x121, x48, x45, x37); + fiat_p256_scalar_cmovznz_u64(&x122, x110, x101, x93); + fiat_p256_scalar_cmovznz_u64(&x123, x110, x103, x95); + fiat_p256_scalar_cmovznz_u64(&x124, x110, x105, x97); + fiat_p256_scalar_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-c/src/p384_32.c b/fiat-c/src/p384_32.c index 3e51955e84..6a4c6448bb 100644 --- a/fiat-c/src/p384_32.c +++ b/fiat-c/src/p384_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_p384_value_barrier_u32(uint32_t a) { */ static FIAT_P384_FIAT_INLINE void fiat_p384_addcarryx_u32(uint32_t* out1, fiat_p384_uint1* out2, fiat_p384_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_p384_uint1 x3; + fiat_p384_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_p384_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p384_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_subborrowx_u32(uint32_t* out1, fiat_ static FIAT_P384_FIAT_INLINE void fiat_p384_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -9014,78 +9010,42 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_to_bytes(uint8_t out1[48], const uin uint32_t x10; uint32_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint32_t x14; uint8_t x15; uint32_t x16; - uint8_t x17; + uint32_t x17; uint8_t x18; - uint8_t x19; + uint32_t x19; uint32_t x20; uint8_t x21; uint32_t x22; - uint8_t x23; + uint32_t x23; uint8_t x24; - uint8_t x25; + uint32_t x25; uint32_t x26; uint8_t x27; uint32_t x28; - uint8_t x29; + uint32_t x29; uint8_t x30; - uint8_t x31; + uint32_t x31; uint32_t x32; uint8_t x33; uint32_t x34; - uint8_t x35; + uint32_t x35; uint8_t x36; - uint8_t x37; + uint32_t x37; uint32_t x38; uint8_t x39; uint32_t x40; - uint8_t x41; + uint32_t x41; uint8_t x42; - uint8_t x43; + uint32_t x43; uint32_t x44; uint8_t x45; uint32_t x46; - uint8_t x47; + uint32_t x47; uint8_t x48; - uint8_t x49; - uint32_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint8_t x54; - uint8_t x55; - uint32_t x56; - uint8_t x57; - uint32_t x58; - uint8_t x59; - uint8_t x60; - uint8_t x61; - uint32_t x62; - uint8_t x63; - uint32_t x64; - uint8_t x65; - uint8_t x66; - uint8_t x67; - uint32_t x68; - uint8_t x69; - uint32_t x70; - uint8_t x71; - uint8_t x72; - uint8_t x73; - uint32_t x74; - uint8_t x75; - uint32_t x76; - uint8_t x77; - uint8_t x78; - uint8_t x79; - uint32_t x80; - uint8_t x81; - uint32_t x82; - uint8_t x83; - uint8_t x84; x1 = (arg1[11]); x2 = (arg1[10]); x3 = (arg1[9]); @@ -9098,126 +9058,90 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_to_bytes(uint8_t out1[48], const uin x10 = (arg1[2]); x11 = (arg1[1]); x12 = (arg1[0]); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x11 & UINT8_C(0xff)); - x20 = (x11 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (uint8_t)(x22 >> 8); - x25 = (uint8_t)(x10 & UINT8_C(0xff)); - x26 = (x10 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (uint8_t)(x28 >> 8); - x31 = (uint8_t)(x9 & UINT8_C(0xff)); - x32 = (x9 >> 8); - x33 = (uint8_t)(x32 & UINT8_C(0xff)); - x34 = (x32 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (uint8_t)(x34 >> 8); - x37 = (uint8_t)(x8 & UINT8_C(0xff)); - x38 = (x8 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (uint8_t)(x40 >> 8); - x43 = (uint8_t)(x7 & UINT8_C(0xff)); - x44 = (x7 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (x44 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (uint8_t)(x46 >> 8); - x49 = (uint8_t)(x6 & UINT8_C(0xff)); - x50 = (x6 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (uint8_t)(x52 >> 8); - x55 = (uint8_t)(x5 & UINT8_C(0xff)); - x56 = (x5 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - x61 = (uint8_t)(x4 & UINT8_C(0xff)); - x62 = (x4 >> 8); - x63 = (uint8_t)(x62 & UINT8_C(0xff)); - x64 = (x62 >> 8); - x65 = (uint8_t)(x64 & UINT8_C(0xff)); - x66 = (uint8_t)(x64 >> 8); - x67 = (uint8_t)(x3 & UINT8_C(0xff)); - x68 = (x3 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (uint8_t)(x70 >> 8); - x73 = (uint8_t)(x2 & UINT8_C(0xff)); - x74 = (x2 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (x74 >> 8); - x77 = (uint8_t)(x76 & UINT8_C(0xff)); - x78 = (uint8_t)(x76 >> 8); - x79 = (uint8_t)(x1 & UINT8_C(0xff)); - x80 = (x1 >> 8); - x81 = (uint8_t)(x80 & UINT8_C(0xff)); - x82 = (x80 >> 8); - x83 = (uint8_t)(x82 & UINT8_C(0xff)); - x84 = (uint8_t)(x82 >> 8); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (uint8_t)(x14 >> 8); + x16 = (x11 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x10 >> 8); + x20 = (x19 >> 8); + x21 = (uint8_t)(x20 >> 8); + x22 = (x9 >> 8); + x23 = (x22 >> 8); + x24 = (uint8_t)(x23 >> 8); + x25 = (x8 >> 8); + x26 = (x25 >> 8); + x27 = (uint8_t)(x26 >> 8); + x28 = (x7 >> 8); + x29 = (x28 >> 8); + x30 = (uint8_t)(x29 >> 8); + x31 = (x6 >> 8); + x32 = (x31 >> 8); + x33 = (uint8_t)(x32 >> 8); + x34 = (x5 >> 8); + x35 = (x34 >> 8); + x36 = (uint8_t)(x35 >> 8); + x37 = (x4 >> 8); + x38 = (x37 >> 8); + x39 = (uint8_t)(x38 >> 8); + x40 = (x3 >> 8); + x41 = (x40 >> 8); + x42 = (uint8_t)(x41 >> 8); + x43 = (x2 >> 8); + x44 = (x43 >> 8); + x45 = (uint8_t)(x44 >> 8); + x46 = (x1 >> 8); + x47 = (x46 >> 8); + x48 = (uint8_t)(x47 >> 8); + out1[0] = (uint8_t)x12; + out1[1] = (uint8_t)x13; + out1[2] = (uint8_t)x14; + out1[3] = x15; + out1[4] = (uint8_t)x11; + out1[5] = (uint8_t)x16; + out1[6] = (uint8_t)x17; + out1[7] = x18; + out1[8] = (uint8_t)x10; + out1[9] = (uint8_t)x19; + out1[10] = (uint8_t)x20; + out1[11] = x21; + out1[12] = (uint8_t)x9; + out1[13] = (uint8_t)x22; + out1[14] = (uint8_t)x23; + out1[15] = x24; + out1[16] = (uint8_t)x8; + out1[17] = (uint8_t)x25; + out1[18] = (uint8_t)x26; + out1[19] = x27; + out1[20] = (uint8_t)x7; + out1[21] = (uint8_t)x28; + out1[22] = (uint8_t)x29; + out1[23] = x30; + out1[24] = (uint8_t)x6; + out1[25] = (uint8_t)x31; + out1[26] = (uint8_t)x32; + out1[27] = x33; + out1[28] = (uint8_t)x5; + out1[29] = (uint8_t)x34; + out1[30] = (uint8_t)x35; + out1[31] = x36; + out1[32] = (uint8_t)x4; + out1[33] = (uint8_t)x37; + out1[34] = (uint8_t)x38; + out1[35] = x39; + out1[36] = (uint8_t)x3; + out1[37] = (uint8_t)x40; + out1[38] = (uint8_t)x41; + out1[39] = x42; + out1[40] = (uint8_t)x2; + out1[41] = (uint8_t)x43; + out1[42] = (uint8_t)x44; + out1[43] = x45; + out1[44] = (uint8_t)x1; + out1[45] = (uint8_t)x46; + out1[46] = (uint8_t)x47; + out1[47] = x48; } /* @@ -9690,7 +9614,7 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out uint32_t x191; uint32_t x192; uint32_t x193; - fiat_p384_uint1 x194; + uint32_t x194; uint32_t x195; uint32_t x196; uint32_t x197; @@ -9704,32 +9628,32 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out uint32_t x205; uint32_t x206; uint32_t x207; - uint32_t x208; - fiat_p384_uint1 x209; - uint32_t x210; - fiat_p384_uint1 x211; - uint32_t x212; - fiat_p384_uint1 x213; - uint32_t x214; - fiat_p384_uint1 x215; - uint32_t x216; - fiat_p384_uint1 x217; - uint32_t x218; - fiat_p384_uint1 x219; - uint32_t x220; - fiat_p384_uint1 x221; - uint32_t x222; - fiat_p384_uint1 x223; - uint32_t x224; - fiat_p384_uint1 x225; - uint32_t x226; - fiat_p384_uint1 x227; - uint32_t x228; - fiat_p384_uint1 x229; - uint32_t x230; - fiat_p384_uint1 x231; - uint32_t x232; - fiat_p384_uint1 x233; + fiat_p384_uint1 x208; + uint32_t x209; + fiat_p384_uint1 x210; + uint32_t x211; + fiat_p384_uint1 x212; + uint32_t x213; + fiat_p384_uint1 x214; + uint32_t x215; + fiat_p384_uint1 x216; + uint32_t x217; + fiat_p384_uint1 x218; + uint32_t x219; + fiat_p384_uint1 x220; + uint32_t x221; + fiat_p384_uint1 x222; + uint32_t x223; + fiat_p384_uint1 x224; + uint32_t x225; + fiat_p384_uint1 x226; + uint32_t x227; + fiat_p384_uint1 x228; + uint32_t x229; + fiat_p384_uint1 x230; + uint32_t x231; + fiat_p384_uint1 x232; + uint32_t x233; uint32_t x234; uint32_t x235; uint32_t x236; @@ -9742,58 +9666,58 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out uint32_t x243; uint32_t x244; uint32_t x245; - uint32_t x246; - fiat_p384_uint1 x247; - uint32_t x248; - fiat_p384_uint1 x249; - uint32_t x250; - fiat_p384_uint1 x251; - uint32_t x252; - fiat_p384_uint1 x253; - uint32_t x254; - fiat_p384_uint1 x255; - uint32_t x256; - fiat_p384_uint1 x257; - uint32_t x258; - fiat_p384_uint1 x259; - uint32_t x260; - fiat_p384_uint1 x261; - uint32_t x262; - fiat_p384_uint1 x263; - uint32_t x264; - fiat_p384_uint1 x265; - uint32_t x266; - fiat_p384_uint1 x267; - uint32_t x268; - fiat_p384_uint1 x269; - uint32_t x270; - fiat_p384_uint1 x271; - uint32_t x272; - fiat_p384_uint1 x273; - uint32_t x274; - fiat_p384_uint1 x275; - uint32_t x276; - fiat_p384_uint1 x277; - uint32_t x278; - fiat_p384_uint1 x279; - uint32_t x280; - fiat_p384_uint1 x281; - uint32_t x282; - fiat_p384_uint1 x283; - uint32_t x284; - fiat_p384_uint1 x285; - uint32_t x286; - fiat_p384_uint1 x287; - uint32_t x288; - fiat_p384_uint1 x289; - uint32_t x290; - fiat_p384_uint1 x291; - uint32_t x292; - fiat_p384_uint1 x293; - uint32_t x294; - fiat_p384_uint1 x295; - uint32_t x296; - fiat_p384_uint1 x297; + fiat_p384_uint1 x246; + uint32_t x247; + fiat_p384_uint1 x248; + uint32_t x249; + fiat_p384_uint1 x250; + uint32_t x251; + fiat_p384_uint1 x252; + uint32_t x253; + fiat_p384_uint1 x254; + uint32_t x255; + fiat_p384_uint1 x256; + uint32_t x257; + fiat_p384_uint1 x258; + uint32_t x259; + fiat_p384_uint1 x260; + uint32_t x261; + fiat_p384_uint1 x262; + uint32_t x263; + fiat_p384_uint1 x264; + uint32_t x265; + fiat_p384_uint1 x266; + uint32_t x267; + fiat_p384_uint1 x268; + uint32_t x269; + fiat_p384_uint1 x270; + uint32_t x271; + fiat_p384_uint1 x272; + uint32_t x273; + fiat_p384_uint1 x274; + uint32_t x275; + fiat_p384_uint1 x276; + uint32_t x277; + fiat_p384_uint1 x278; + uint32_t x279; + fiat_p384_uint1 x280; + uint32_t x281; + fiat_p384_uint1 x282; + uint32_t x283; + fiat_p384_uint1 x284; + uint32_t x285; + fiat_p384_uint1 x286; + uint32_t x287; + fiat_p384_uint1 x288; + uint32_t x289; + fiat_p384_uint1 x290; + uint32_t x291; + fiat_p384_uint1 x292; + uint32_t x293; + fiat_p384_uint1 x294; + uint32_t x295; + fiat_p384_uint1 x296; + uint32_t x297; uint32_t x298; uint32_t x299; uint32_t x300; @@ -9830,9 +9754,8 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out uint32_t x331; uint32_t x332; uint32_t x333; - uint32_t x334; fiat_p384_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p384_uint1)((fiat_p384_uint1)(x1 >> 31) & (fiat_p384_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p384_uint1)((fiat_p384_uint1)(x1 >> 31) & (fiat_p384_uint1)(arg3[0])); fiat_p384_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p384_cmovznz_u32(&x6, x3, arg1, x4); fiat_p384_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -9960,109 +9883,108 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out fiat_p384_cmovznz_u32(&x191, x3, (arg5[9]), x176); fiat_p384_cmovznz_u32(&x192, x3, (arg5[10]), x178); fiat_p384_cmovznz_u32(&x193, x3, (arg5[11]), x180); - x194 = (fiat_p384_uint1)(x46 & 0x1); - fiat_p384_cmovznz_u32(&x195, x194, 0x0, x7); - fiat_p384_cmovznz_u32(&x196, x194, 0x0, x8); - fiat_p384_cmovznz_u32(&x197, x194, 0x0, x9); - fiat_p384_cmovznz_u32(&x198, x194, 0x0, x10); - fiat_p384_cmovznz_u32(&x199, x194, 0x0, x11); - fiat_p384_cmovznz_u32(&x200, x194, 0x0, x12); - fiat_p384_cmovznz_u32(&x201, x194, 0x0, x13); - fiat_p384_cmovznz_u32(&x202, x194, 0x0, x14); - fiat_p384_cmovznz_u32(&x203, x194, 0x0, x15); - fiat_p384_cmovznz_u32(&x204, x194, 0x0, x16); - fiat_p384_cmovznz_u32(&x205, x194, 0x0, x17); - fiat_p384_cmovznz_u32(&x206, x194, 0x0, x18); - fiat_p384_cmovznz_u32(&x207, x194, 0x0, x19); - fiat_p384_addcarryx_u32(&x208, &x209, 0x0, x46, x195); - fiat_p384_addcarryx_u32(&x210, &x211, x209, x47, x196); - fiat_p384_addcarryx_u32(&x212, &x213, x211, x48, x197); - fiat_p384_addcarryx_u32(&x214, &x215, x213, x49, x198); - fiat_p384_addcarryx_u32(&x216, &x217, x215, x50, x199); - fiat_p384_addcarryx_u32(&x218, &x219, x217, x51, x200); - fiat_p384_addcarryx_u32(&x220, &x221, x219, x52, x201); - fiat_p384_addcarryx_u32(&x222, &x223, x221, x53, x202); - fiat_p384_addcarryx_u32(&x224, &x225, x223, x54, x203); - fiat_p384_addcarryx_u32(&x226, &x227, x225, x55, x204); - fiat_p384_addcarryx_u32(&x228, &x229, x227, x56, x205); - fiat_p384_addcarryx_u32(&x230, &x231, x229, x57, x206); - fiat_p384_addcarryx_u32(&x232, &x233, x231, x58, x207); - fiat_p384_cmovznz_u32(&x234, x194, 0x0, x59); - fiat_p384_cmovznz_u32(&x235, x194, 0x0, x60); - fiat_p384_cmovznz_u32(&x236, x194, 0x0, x61); - fiat_p384_cmovznz_u32(&x237, x194, 0x0, x62); - fiat_p384_cmovznz_u32(&x238, x194, 0x0, x63); - fiat_p384_cmovznz_u32(&x239, x194, 0x0, x64); - fiat_p384_cmovznz_u32(&x240, x194, 0x0, x65); - fiat_p384_cmovznz_u32(&x241, x194, 0x0, x66); - fiat_p384_cmovznz_u32(&x242, x194, 0x0, x67); - fiat_p384_cmovznz_u32(&x243, x194, 0x0, x68); - fiat_p384_cmovznz_u32(&x244, x194, 0x0, x69); - fiat_p384_cmovznz_u32(&x245, x194, 0x0, x70); - fiat_p384_addcarryx_u32(&x246, &x247, 0x0, x182, x234); - fiat_p384_addcarryx_u32(&x248, &x249, x247, x183, x235); - fiat_p384_addcarryx_u32(&x250, &x251, x249, x184, x236); - fiat_p384_addcarryx_u32(&x252, &x253, x251, x185, x237); - fiat_p384_addcarryx_u32(&x254, &x255, x253, x186, x238); - fiat_p384_addcarryx_u32(&x256, &x257, x255, x187, x239); - fiat_p384_addcarryx_u32(&x258, &x259, x257, x188, x240); - fiat_p384_addcarryx_u32(&x260, &x261, x259, x189, x241); - fiat_p384_addcarryx_u32(&x262, &x263, x261, x190, x242); - fiat_p384_addcarryx_u32(&x264, &x265, x263, x191, x243); - fiat_p384_addcarryx_u32(&x266, &x267, x265, x192, x244); - fiat_p384_addcarryx_u32(&x268, &x269, x267, x193, x245); - fiat_p384_subborrowx_u32(&x270, &x271, 0x0, x246, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x272, &x273, x271, x248, 0x0); - fiat_p384_subborrowx_u32(&x274, &x275, x273, x250, 0x0); - fiat_p384_subborrowx_u32(&x276, &x277, x275, x252, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x278, &x279, x277, x254, UINT32_C(0xfffffffe)); - fiat_p384_subborrowx_u32(&x280, &x281, x279, x256, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x282, &x283, x281, x258, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x284, &x285, x283, x260, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x286, &x287, x285, x262, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x288, &x289, x287, x264, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x290, &x291, x289, x266, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x292, &x293, x291, x268, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u32(&x294, &x295, x293, x269, 0x0); - fiat_p384_addcarryx_u32(&x296, &x297, 0x0, x6, 0x1); - x298 = ((x208 >> 1) | ((x210 << 31) & UINT32_C(0xffffffff))); - x299 = ((x210 >> 1) | ((x212 << 31) & UINT32_C(0xffffffff))); - x300 = ((x212 >> 1) | ((x214 << 31) & UINT32_C(0xffffffff))); - x301 = ((x214 >> 1) | ((x216 << 31) & UINT32_C(0xffffffff))); - x302 = ((x216 >> 1) | ((x218 << 31) & UINT32_C(0xffffffff))); - x303 = ((x218 >> 1) | ((x220 << 31) & UINT32_C(0xffffffff))); - x304 = ((x220 >> 1) | ((x222 << 31) & UINT32_C(0xffffffff))); - x305 = ((x222 >> 1) | ((x224 << 31) & UINT32_C(0xffffffff))); - x306 = ((x224 >> 1) | ((x226 << 31) & UINT32_C(0xffffffff))); - x307 = ((x226 >> 1) | ((x228 << 31) & UINT32_C(0xffffffff))); - x308 = ((x228 >> 1) | ((x230 << 31) & UINT32_C(0xffffffff))); - x309 = ((x230 >> 1) | ((x232 << 31) & UINT32_C(0xffffffff))); - x310 = ((x232 & UINT32_C(0x80000000)) | (x232 >> 1)); - fiat_p384_cmovznz_u32(&x311, x120, x95, x71); - fiat_p384_cmovznz_u32(&x312, x120, x97, x73); - fiat_p384_cmovznz_u32(&x313, x120, x99, x75); - fiat_p384_cmovznz_u32(&x314, x120, x101, x77); - fiat_p384_cmovznz_u32(&x315, x120, x103, x79); - fiat_p384_cmovznz_u32(&x316, x120, x105, x81); - fiat_p384_cmovznz_u32(&x317, x120, x107, x83); - fiat_p384_cmovznz_u32(&x318, x120, x109, x85); - fiat_p384_cmovznz_u32(&x319, x120, x111, x87); - fiat_p384_cmovznz_u32(&x320, x120, x113, x89); - fiat_p384_cmovznz_u32(&x321, x120, x115, x91); - fiat_p384_cmovznz_u32(&x322, x120, x117, x93); - fiat_p384_cmovznz_u32(&x323, x295, x270, x246); - fiat_p384_cmovznz_u32(&x324, x295, x272, x248); - fiat_p384_cmovznz_u32(&x325, x295, x274, x250); - fiat_p384_cmovznz_u32(&x326, x295, x276, x252); - fiat_p384_cmovznz_u32(&x327, x295, x278, x254); - fiat_p384_cmovznz_u32(&x328, x295, x280, x256); - fiat_p384_cmovznz_u32(&x329, x295, x282, x258); - fiat_p384_cmovznz_u32(&x330, x295, x284, x260); - fiat_p384_cmovznz_u32(&x331, x295, x286, x262); - fiat_p384_cmovznz_u32(&x332, x295, x288, x264); - fiat_p384_cmovznz_u32(&x333, x295, x290, x266); - fiat_p384_cmovznz_u32(&x334, x295, x292, x268); - *out1 = x296; + fiat_p384_cmovznz_u32(&x194, (fiat_p384_uint1)x46, 0x0, x7); + fiat_p384_cmovznz_u32(&x195, (fiat_p384_uint1)x46, 0x0, x8); + fiat_p384_cmovznz_u32(&x196, (fiat_p384_uint1)x46, 0x0, x9); + fiat_p384_cmovznz_u32(&x197, (fiat_p384_uint1)x46, 0x0, x10); + fiat_p384_cmovznz_u32(&x198, (fiat_p384_uint1)x46, 0x0, x11); + fiat_p384_cmovznz_u32(&x199, (fiat_p384_uint1)x46, 0x0, x12); + fiat_p384_cmovznz_u32(&x200, (fiat_p384_uint1)x46, 0x0, x13); + fiat_p384_cmovznz_u32(&x201, (fiat_p384_uint1)x46, 0x0, x14); + fiat_p384_cmovznz_u32(&x202, (fiat_p384_uint1)x46, 0x0, x15); + fiat_p384_cmovznz_u32(&x203, (fiat_p384_uint1)x46, 0x0, x16); + fiat_p384_cmovznz_u32(&x204, (fiat_p384_uint1)x46, 0x0, x17); + fiat_p384_cmovznz_u32(&x205, (fiat_p384_uint1)x46, 0x0, x18); + fiat_p384_cmovznz_u32(&x206, (fiat_p384_uint1)x46, 0x0, x19); + fiat_p384_addcarryx_u32(&x207, &x208, 0x0, x46, x194); + fiat_p384_addcarryx_u32(&x209, &x210, x208, x47, x195); + fiat_p384_addcarryx_u32(&x211, &x212, x210, x48, x196); + fiat_p384_addcarryx_u32(&x213, &x214, x212, x49, x197); + fiat_p384_addcarryx_u32(&x215, &x216, x214, x50, x198); + fiat_p384_addcarryx_u32(&x217, &x218, x216, x51, x199); + fiat_p384_addcarryx_u32(&x219, &x220, x218, x52, x200); + fiat_p384_addcarryx_u32(&x221, &x222, x220, x53, x201); + fiat_p384_addcarryx_u32(&x223, &x224, x222, x54, x202); + fiat_p384_addcarryx_u32(&x225, &x226, x224, x55, x203); + fiat_p384_addcarryx_u32(&x227, &x228, x226, x56, x204); + fiat_p384_addcarryx_u32(&x229, &x230, x228, x57, x205); + fiat_p384_addcarryx_u32(&x231, &x232, x230, x58, x206); + fiat_p384_cmovznz_u32(&x233, (fiat_p384_uint1)x46, 0x0, x59); + fiat_p384_cmovznz_u32(&x234, (fiat_p384_uint1)x46, 0x0, x60); + fiat_p384_cmovznz_u32(&x235, (fiat_p384_uint1)x46, 0x0, x61); + fiat_p384_cmovznz_u32(&x236, (fiat_p384_uint1)x46, 0x0, x62); + fiat_p384_cmovznz_u32(&x237, (fiat_p384_uint1)x46, 0x0, x63); + fiat_p384_cmovznz_u32(&x238, (fiat_p384_uint1)x46, 0x0, x64); + fiat_p384_cmovznz_u32(&x239, (fiat_p384_uint1)x46, 0x0, x65); + fiat_p384_cmovznz_u32(&x240, (fiat_p384_uint1)x46, 0x0, x66); + fiat_p384_cmovznz_u32(&x241, (fiat_p384_uint1)x46, 0x0, x67); + fiat_p384_cmovznz_u32(&x242, (fiat_p384_uint1)x46, 0x0, x68); + fiat_p384_cmovznz_u32(&x243, (fiat_p384_uint1)x46, 0x0, x69); + fiat_p384_cmovznz_u32(&x244, (fiat_p384_uint1)x46, 0x0, x70); + fiat_p384_addcarryx_u32(&x245, &x246, 0x0, x182, x233); + fiat_p384_addcarryx_u32(&x247, &x248, x246, x183, x234); + fiat_p384_addcarryx_u32(&x249, &x250, x248, x184, x235); + fiat_p384_addcarryx_u32(&x251, &x252, x250, x185, x236); + fiat_p384_addcarryx_u32(&x253, &x254, x252, x186, x237); + fiat_p384_addcarryx_u32(&x255, &x256, x254, x187, x238); + fiat_p384_addcarryx_u32(&x257, &x258, x256, x188, x239); + fiat_p384_addcarryx_u32(&x259, &x260, x258, x189, x240); + fiat_p384_addcarryx_u32(&x261, &x262, x260, x190, x241); + fiat_p384_addcarryx_u32(&x263, &x264, x262, x191, x242); + fiat_p384_addcarryx_u32(&x265, &x266, x264, x192, x243); + fiat_p384_addcarryx_u32(&x267, &x268, x266, x193, x244); + fiat_p384_subborrowx_u32(&x269, &x270, 0x0, x245, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x271, &x272, x270, x247, 0x0); + fiat_p384_subborrowx_u32(&x273, &x274, x272, x249, 0x0); + fiat_p384_subborrowx_u32(&x275, &x276, x274, x251, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x277, &x278, x276, x253, UINT32_C(0xfffffffe)); + fiat_p384_subborrowx_u32(&x279, &x280, x278, x255, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x281, &x282, x280, x257, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x283, &x284, x282, x259, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x285, &x286, x284, x261, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x287, &x288, x286, x263, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x289, &x290, x288, x265, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x291, &x292, x290, x267, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u32(&x293, &x294, x292, x268, 0x0); + fiat_p384_addcarryx_u32(&x295, &x296, 0x0, x6, 0x1); + x297 = ((x207 >> 1) | ((x209 << 31) & UINT32_C(0xffffffff))); + x298 = ((x209 >> 1) | ((x211 << 31) & UINT32_C(0xffffffff))); + x299 = ((x211 >> 1) | ((x213 << 31) & UINT32_C(0xffffffff))); + x300 = ((x213 >> 1) | ((x215 << 31) & UINT32_C(0xffffffff))); + x301 = ((x215 >> 1) | ((x217 << 31) & UINT32_C(0xffffffff))); + x302 = ((x217 >> 1) | ((x219 << 31) & UINT32_C(0xffffffff))); + x303 = ((x219 >> 1) | ((x221 << 31) & UINT32_C(0xffffffff))); + x304 = ((x221 >> 1) | ((x223 << 31) & UINT32_C(0xffffffff))); + x305 = ((x223 >> 1) | ((x225 << 31) & UINT32_C(0xffffffff))); + x306 = ((x225 >> 1) | ((x227 << 31) & UINT32_C(0xffffffff))); + x307 = ((x227 >> 1) | ((x229 << 31) & UINT32_C(0xffffffff))); + x308 = ((x229 >> 1) | ((x231 << 31) & UINT32_C(0xffffffff))); + x309 = ((x231 & UINT32_C(0x80000000)) | (x231 >> 1)); + fiat_p384_cmovznz_u32(&x310, x120, x95, x71); + fiat_p384_cmovznz_u32(&x311, x120, x97, x73); + fiat_p384_cmovznz_u32(&x312, x120, x99, x75); + fiat_p384_cmovznz_u32(&x313, x120, x101, x77); + fiat_p384_cmovznz_u32(&x314, x120, x103, x79); + fiat_p384_cmovznz_u32(&x315, x120, x105, x81); + fiat_p384_cmovznz_u32(&x316, x120, x107, x83); + fiat_p384_cmovznz_u32(&x317, x120, x109, x85); + fiat_p384_cmovznz_u32(&x318, x120, x111, x87); + fiat_p384_cmovznz_u32(&x319, x120, x113, x89); + fiat_p384_cmovznz_u32(&x320, x120, x115, x91); + fiat_p384_cmovznz_u32(&x321, x120, x117, x93); + fiat_p384_cmovznz_u32(&x322, x294, x269, x245); + fiat_p384_cmovznz_u32(&x323, x294, x271, x247); + fiat_p384_cmovznz_u32(&x324, x294, x273, x249); + fiat_p384_cmovznz_u32(&x325, x294, x275, x251); + fiat_p384_cmovznz_u32(&x326, x294, x277, x253); + fiat_p384_cmovznz_u32(&x327, x294, x279, x255); + fiat_p384_cmovznz_u32(&x328, x294, x281, x257); + fiat_p384_cmovznz_u32(&x329, x294, x283, x259); + fiat_p384_cmovznz_u32(&x330, x294, x285, x261); + fiat_p384_cmovznz_u32(&x331, x294, x287, x263); + fiat_p384_cmovznz_u32(&x332, x294, x289, x265); + fiat_p384_cmovznz_u32(&x333, x294, x291, x267); + *out1 = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -10076,43 +9998,43 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint32_t* out1, uint32_t out out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /* diff --git a/fiat-c/src/p384_64.c b/fiat-c/src/p384_64.c index d9e5242eae..a7d06fb486 100644 --- a/fiat-c/src/p384_64.c +++ b/fiat-c/src/p384_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p384_value_barrier_u64(uint64_t a) { */ static FIAT_P384_FIAT_INLINE void fiat_p384_addcarryx_u64(uint64_t* out1, fiat_p384_uint1* out2, fiat_p384_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p384_uint128 x1; - uint64_t x2; - fiat_p384_uint1 x3; + fiat_p384_uint1 x2; x1 = ((arg1 + (fiat_p384_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p384_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p384_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_subborrowx_u64(uint64_t* out1, fiat_ static FIAT_P384_FIAT_INLINE void fiat_p384_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p384_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p384_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -3025,228 +3021,144 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_to_bytes(uint8_t out1[48], const uin uint64_t x4; uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; - uint8_t x11; + uint64_t x11; uint64_t x12; uint8_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint64_t x18; - uint8_t x19; + uint64_t x19; uint8_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; - uint8_t x25; + uint64_t x25; uint64_t x26; uint8_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint64_t x32; - uint8_t x33; + uint64_t x33; uint8_t x34; - uint8_t x35; + uint64_t x35; uint64_t x36; - uint8_t x37; + uint64_t x37; uint64_t x38; - uint8_t x39; + uint64_t x39; uint64_t x40; uint8_t x41; uint64_t x42; - uint8_t x43; + uint64_t x43; uint64_t x44; - uint8_t x45; + uint64_t x45; uint64_t x46; - uint8_t x47; + uint64_t x47; uint8_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint64_t x60; - uint8_t x61; - uint8_t x62; - uint8_t x63; - uint64_t x64; - uint8_t x65; - uint64_t x66; - uint8_t x67; - uint64_t x68; - uint8_t x69; - uint64_t x70; - uint8_t x71; - uint64_t x72; - uint8_t x73; - uint64_t x74; - uint8_t x75; - uint8_t x76; - uint8_t x77; - uint64_t x78; - uint8_t x79; - uint64_t x80; - uint8_t x81; - uint64_t x82; - uint8_t x83; - uint64_t x84; - uint8_t x85; - uint64_t x86; - uint8_t x87; - uint64_t x88; - uint8_t x89; - uint8_t x90; x1 = (arg1[5]); x2 = (arg1[4]); x3 = (arg1[3]); x4 = (arg1[2]); x5 = (arg1[1]); x6 = (arg1[0]); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x5 & UINT8_C(0xff)); - x22 = (x5 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (x30 >> 8); - x33 = (uint8_t)(x32 & UINT8_C(0xff)); - x34 = (uint8_t)(x32 >> 8); - x35 = (uint8_t)(x4 & UINT8_C(0xff)); - x36 = (x4 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (x44 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (uint8_t)(x46 >> 8); - x49 = (uint8_t)(x3 & UINT8_C(0xff)); - x50 = (x3 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (x58 >> 8); - x61 = (uint8_t)(x60 & UINT8_C(0xff)); - x62 = (uint8_t)(x60 >> 8); - x63 = (uint8_t)(x2 & UINT8_C(0xff)); - x64 = (x2 >> 8); - x65 = (uint8_t)(x64 & UINT8_C(0xff)); - x66 = (x64 >> 8); - x67 = (uint8_t)(x66 & UINT8_C(0xff)); - x68 = (x66 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (x70 >> 8); - x73 = (uint8_t)(x72 & UINT8_C(0xff)); - x74 = (x72 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (uint8_t)(x74 >> 8); - x77 = (uint8_t)(x1 & UINT8_C(0xff)); - x78 = (x1 >> 8); - x79 = (uint8_t)(x78 & UINT8_C(0xff)); - x80 = (x78 >> 8); - x81 = (uint8_t)(x80 & UINT8_C(0xff)); - x82 = (x80 >> 8); - x83 = (uint8_t)(x82 & UINT8_C(0xff)); - x84 = (x82 >> 8); - x85 = (uint8_t)(x84 & UINT8_C(0xff)); - x86 = (x84 >> 8); - x87 = (uint8_t)(x86 & UINT8_C(0xff)); - x88 = (x86 >> 8); - x89 = (uint8_t)(x88 & UINT8_C(0xff)); - x90 = (uint8_t)(x88 >> 8); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (x10 >> 8); + x12 = (x11 >> 8); + x13 = (uint8_t)(x12 >> 8); + x14 = (x5 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (x17 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (x24 >> 8); + x26 = (x25 >> 8); + x27 = (uint8_t)(x26 >> 8); + x28 = (x3 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (x31 >> 8); + x33 = (x32 >> 8); + x34 = (uint8_t)(x33 >> 8); + x35 = (x2 >> 8); + x36 = (x35 >> 8); + x37 = (x36 >> 8); + x38 = (x37 >> 8); + x39 = (x38 >> 8); + x40 = (x39 >> 8); + x41 = (uint8_t)(x40 >> 8); + x42 = (x1 >> 8); + x43 = (x42 >> 8); + x44 = (x43 >> 8); + x45 = (x44 >> 8); + x46 = (x45 >> 8); + x47 = (x46 >> 8); + x48 = (uint8_t)(x47 >> 8); + out1[0] = (uint8_t)x6; + out1[1] = (uint8_t)x7; + out1[2] = (uint8_t)x8; + out1[3] = (uint8_t)x9; + out1[4] = (uint8_t)x10; + out1[5] = (uint8_t)x11; + out1[6] = (uint8_t)x12; + out1[7] = x13; + out1[8] = (uint8_t)x5; + out1[9] = (uint8_t)x14; + out1[10] = (uint8_t)x15; + out1[11] = (uint8_t)x16; + out1[12] = (uint8_t)x17; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = (uint8_t)x23; + out1[20] = (uint8_t)x24; + out1[21] = (uint8_t)x25; + out1[22] = (uint8_t)x26; + out1[23] = x27; + out1[24] = (uint8_t)x3; + out1[25] = (uint8_t)x28; + out1[26] = (uint8_t)x29; + out1[27] = (uint8_t)x30; + out1[28] = (uint8_t)x31; + out1[29] = (uint8_t)x32; + out1[30] = (uint8_t)x33; + out1[31] = x34; + out1[32] = (uint8_t)x2; + out1[33] = (uint8_t)x35; + out1[34] = (uint8_t)x36; + out1[35] = (uint8_t)x37; + out1[36] = (uint8_t)x38; + out1[37] = (uint8_t)x39; + out1[38] = (uint8_t)x40; + out1[39] = x41; + out1[40] = (uint8_t)x1; + out1[41] = (uint8_t)x42; + out1[42] = (uint8_t)x43; + out1[43] = (uint8_t)x44; + out1[44] = (uint8_t)x45; + out1[45] = (uint8_t)x46; + out1[46] = (uint8_t)x47; + out1[47] = x48; } /* @@ -3623,7 +3535,7 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint64_t* out1, uint64_t out uint64_t x101; uint64_t x102; uint64_t x103; - fiat_p384_uint1 x104; + uint64_t x104; uint64_t x105; uint64_t x106; uint64_t x107; @@ -3631,54 +3543,54 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint64_t* out1, uint64_t out uint64_t x109; uint64_t x110; uint64_t x111; - uint64_t x112; - fiat_p384_uint1 x113; - uint64_t x114; - fiat_p384_uint1 x115; - uint64_t x116; - fiat_p384_uint1 x117; - uint64_t x118; - fiat_p384_uint1 x119; - uint64_t x120; - fiat_p384_uint1 x121; - uint64_t x122; - fiat_p384_uint1 x123; - uint64_t x124; - fiat_p384_uint1 x125; + fiat_p384_uint1 x112; + uint64_t x113; + fiat_p384_uint1 x114; + uint64_t x115; + fiat_p384_uint1 x116; + uint64_t x117; + fiat_p384_uint1 x118; + uint64_t x119; + fiat_p384_uint1 x120; + uint64_t x121; + fiat_p384_uint1 x122; + uint64_t x123; + fiat_p384_uint1 x124; + uint64_t x125; uint64_t x126; uint64_t x127; uint64_t x128; uint64_t x129; uint64_t x130; uint64_t x131; - uint64_t x132; - fiat_p384_uint1 x133; - uint64_t x134; - fiat_p384_uint1 x135; - uint64_t x136; - fiat_p384_uint1 x137; - uint64_t x138; - fiat_p384_uint1 x139; - uint64_t x140; - fiat_p384_uint1 x141; - uint64_t x142; - fiat_p384_uint1 x143; - uint64_t x144; - fiat_p384_uint1 x145; - uint64_t x146; - fiat_p384_uint1 x147; - uint64_t x148; - fiat_p384_uint1 x149; - uint64_t x150; - fiat_p384_uint1 x151; - uint64_t x152; - fiat_p384_uint1 x153; - uint64_t x154; - fiat_p384_uint1 x155; - uint64_t x156; - fiat_p384_uint1 x157; - uint64_t x158; - fiat_p384_uint1 x159; + fiat_p384_uint1 x132; + uint64_t x133; + fiat_p384_uint1 x134; + uint64_t x135; + fiat_p384_uint1 x136; + uint64_t x137; + fiat_p384_uint1 x138; + uint64_t x139; + fiat_p384_uint1 x140; + uint64_t x141; + fiat_p384_uint1 x142; + uint64_t x143; + fiat_p384_uint1 x144; + uint64_t x145; + fiat_p384_uint1 x146; + uint64_t x147; + fiat_p384_uint1 x148; + uint64_t x149; + fiat_p384_uint1 x150; + uint64_t x151; + fiat_p384_uint1 x152; + uint64_t x153; + fiat_p384_uint1 x154; + uint64_t x155; + fiat_p384_uint1 x156; + uint64_t x157; + fiat_p384_uint1 x158; + uint64_t x159; uint64_t x160; uint64_t x161; uint64_t x162; @@ -3697,9 +3609,8 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint64_t* out1, uint64_t out uint64_t x175; uint64_t x176; uint64_t x177; - uint64_t x178; fiat_p384_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p384_uint1)((fiat_p384_uint1)(x1 >> 63) & (fiat_p384_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p384_uint1)((fiat_p384_uint1)(x1 >> 63) & (fiat_p384_uint1)(arg3[0])); fiat_p384_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p384_cmovznz_u64(&x6, x3, arg1, x4); fiat_p384_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -3767,61 +3678,60 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint64_t* out1, uint64_t out fiat_p384_cmovznz_u64(&x101, x3, (arg5[3]), x92); fiat_p384_cmovznz_u64(&x102, x3, (arg5[4]), x94); fiat_p384_cmovznz_u64(&x103, x3, (arg5[5]), x96); - x104 = (fiat_p384_uint1)(x28 & 0x1); - fiat_p384_cmovznz_u64(&x105, x104, 0x0, x7); - fiat_p384_cmovznz_u64(&x106, x104, 0x0, x8); - fiat_p384_cmovznz_u64(&x107, x104, 0x0, x9); - fiat_p384_cmovznz_u64(&x108, x104, 0x0, x10); - fiat_p384_cmovznz_u64(&x109, x104, 0x0, x11); - fiat_p384_cmovznz_u64(&x110, x104, 0x0, x12); - fiat_p384_cmovznz_u64(&x111, x104, 0x0, x13); - fiat_p384_addcarryx_u64(&x112, &x113, 0x0, x28, x105); - fiat_p384_addcarryx_u64(&x114, &x115, x113, x29, x106); - fiat_p384_addcarryx_u64(&x116, &x117, x115, x30, x107); - fiat_p384_addcarryx_u64(&x118, &x119, x117, x31, x108); - fiat_p384_addcarryx_u64(&x120, &x121, x119, x32, x109); - fiat_p384_addcarryx_u64(&x122, &x123, x121, x33, x110); - fiat_p384_addcarryx_u64(&x124, &x125, x123, x34, x111); - fiat_p384_cmovznz_u64(&x126, x104, 0x0, x35); - fiat_p384_cmovznz_u64(&x127, x104, 0x0, x36); - fiat_p384_cmovznz_u64(&x128, x104, 0x0, x37); - fiat_p384_cmovznz_u64(&x129, x104, 0x0, x38); - fiat_p384_cmovznz_u64(&x130, x104, 0x0, x39); - fiat_p384_cmovznz_u64(&x131, x104, 0x0, x40); - fiat_p384_addcarryx_u64(&x132, &x133, 0x0, x98, x126); - fiat_p384_addcarryx_u64(&x134, &x135, x133, x99, x127); - fiat_p384_addcarryx_u64(&x136, &x137, x135, x100, x128); - fiat_p384_addcarryx_u64(&x138, &x139, x137, x101, x129); - fiat_p384_addcarryx_u64(&x140, &x141, x139, x102, x130); - fiat_p384_addcarryx_u64(&x142, &x143, x141, x103, x131); - fiat_p384_subborrowx_u64(&x144, &x145, 0x0, x132, UINT32_C(0xffffffff)); - fiat_p384_subborrowx_u64(&x146, &x147, x145, x134, UINT64_C(0xffffffff00000000)); - fiat_p384_subborrowx_u64(&x148, &x149, x147, x136, UINT64_C(0xfffffffffffffffe)); - fiat_p384_subborrowx_u64(&x150, &x151, x149, x138, UINT64_C(0xffffffffffffffff)); - fiat_p384_subborrowx_u64(&x152, &x153, x151, x140, UINT64_C(0xffffffffffffffff)); - fiat_p384_subborrowx_u64(&x154, &x155, x153, x142, UINT64_C(0xffffffffffffffff)); - fiat_p384_subborrowx_u64(&x156, &x157, x155, x143, 0x0); - fiat_p384_addcarryx_u64(&x158, &x159, 0x0, x6, 0x1); - x160 = ((x112 >> 1) | ((x114 << 63) & UINT64_C(0xffffffffffffffff))); - x161 = ((x114 >> 1) | ((x116 << 63) & UINT64_C(0xffffffffffffffff))); - x162 = ((x116 >> 1) | ((x118 << 63) & UINT64_C(0xffffffffffffffff))); - x163 = ((x118 >> 1) | ((x120 << 63) & UINT64_C(0xffffffffffffffff))); - x164 = ((x120 >> 1) | ((x122 << 63) & UINT64_C(0xffffffffffffffff))); - x165 = ((x122 >> 1) | ((x124 << 63) & UINT64_C(0xffffffffffffffff))); - x166 = ((x124 & UINT64_C(0x8000000000000000)) | (x124 >> 1)); - fiat_p384_cmovznz_u64(&x167, x66, x53, x41); - fiat_p384_cmovznz_u64(&x168, x66, x55, x43); - fiat_p384_cmovznz_u64(&x169, x66, x57, x45); - fiat_p384_cmovznz_u64(&x170, x66, x59, x47); - fiat_p384_cmovznz_u64(&x171, x66, x61, x49); - fiat_p384_cmovznz_u64(&x172, x66, x63, x51); - fiat_p384_cmovznz_u64(&x173, x157, x144, x132); - fiat_p384_cmovznz_u64(&x174, x157, x146, x134); - fiat_p384_cmovznz_u64(&x175, x157, x148, x136); - fiat_p384_cmovznz_u64(&x176, x157, x150, x138); - fiat_p384_cmovznz_u64(&x177, x157, x152, x140); - fiat_p384_cmovznz_u64(&x178, x157, x154, x142); - *out1 = x158; + fiat_p384_cmovznz_u64(&x104, (fiat_p384_uint1)x28, 0x0, x7); + fiat_p384_cmovznz_u64(&x105, (fiat_p384_uint1)x28, 0x0, x8); + fiat_p384_cmovznz_u64(&x106, (fiat_p384_uint1)x28, 0x0, x9); + fiat_p384_cmovznz_u64(&x107, (fiat_p384_uint1)x28, 0x0, x10); + fiat_p384_cmovznz_u64(&x108, (fiat_p384_uint1)x28, 0x0, x11); + fiat_p384_cmovznz_u64(&x109, (fiat_p384_uint1)x28, 0x0, x12); + fiat_p384_cmovznz_u64(&x110, (fiat_p384_uint1)x28, 0x0, x13); + fiat_p384_addcarryx_u64(&x111, &x112, 0x0, x28, x104); + fiat_p384_addcarryx_u64(&x113, &x114, x112, x29, x105); + fiat_p384_addcarryx_u64(&x115, &x116, x114, x30, x106); + fiat_p384_addcarryx_u64(&x117, &x118, x116, x31, x107); + fiat_p384_addcarryx_u64(&x119, &x120, x118, x32, x108); + fiat_p384_addcarryx_u64(&x121, &x122, x120, x33, x109); + fiat_p384_addcarryx_u64(&x123, &x124, x122, x34, x110); + fiat_p384_cmovznz_u64(&x125, (fiat_p384_uint1)x28, 0x0, x35); + fiat_p384_cmovznz_u64(&x126, (fiat_p384_uint1)x28, 0x0, x36); + fiat_p384_cmovznz_u64(&x127, (fiat_p384_uint1)x28, 0x0, x37); + fiat_p384_cmovznz_u64(&x128, (fiat_p384_uint1)x28, 0x0, x38); + fiat_p384_cmovznz_u64(&x129, (fiat_p384_uint1)x28, 0x0, x39); + fiat_p384_cmovznz_u64(&x130, (fiat_p384_uint1)x28, 0x0, x40); + fiat_p384_addcarryx_u64(&x131, &x132, 0x0, x98, x125); + fiat_p384_addcarryx_u64(&x133, &x134, x132, x99, x126); + fiat_p384_addcarryx_u64(&x135, &x136, x134, x100, x127); + fiat_p384_addcarryx_u64(&x137, &x138, x136, x101, x128); + fiat_p384_addcarryx_u64(&x139, &x140, x138, x102, x129); + fiat_p384_addcarryx_u64(&x141, &x142, x140, x103, x130); + fiat_p384_subborrowx_u64(&x143, &x144, 0x0, x131, UINT32_C(0xffffffff)); + fiat_p384_subborrowx_u64(&x145, &x146, x144, x133, UINT64_C(0xffffffff00000000)); + fiat_p384_subborrowx_u64(&x147, &x148, x146, x135, UINT64_C(0xfffffffffffffffe)); + fiat_p384_subborrowx_u64(&x149, &x150, x148, x137, UINT64_C(0xffffffffffffffff)); + fiat_p384_subborrowx_u64(&x151, &x152, x150, x139, UINT64_C(0xffffffffffffffff)); + fiat_p384_subborrowx_u64(&x153, &x154, x152, x141, UINT64_C(0xffffffffffffffff)); + fiat_p384_subborrowx_u64(&x155, &x156, x154, x142, 0x0); + fiat_p384_addcarryx_u64(&x157, &x158, 0x0, x6, 0x1); + x159 = ((x111 >> 1) | ((x113 << 63) & UINT64_C(0xffffffffffffffff))); + x160 = ((x113 >> 1) | ((x115 << 63) & UINT64_C(0xffffffffffffffff))); + x161 = ((x115 >> 1) | ((x117 << 63) & UINT64_C(0xffffffffffffffff))); + x162 = ((x117 >> 1) | ((x119 << 63) & UINT64_C(0xffffffffffffffff))); + x163 = ((x119 >> 1) | ((x121 << 63) & UINT64_C(0xffffffffffffffff))); + x164 = ((x121 >> 1) | ((x123 << 63) & UINT64_C(0xffffffffffffffff))); + x165 = ((x123 & UINT64_C(0x8000000000000000)) | (x123 >> 1)); + fiat_p384_cmovznz_u64(&x166, x66, x53, x41); + fiat_p384_cmovznz_u64(&x167, x66, x55, x43); + fiat_p384_cmovznz_u64(&x168, x66, x57, x45); + fiat_p384_cmovznz_u64(&x169, x66, x59, x47); + fiat_p384_cmovznz_u64(&x170, x66, x61, x49); + fiat_p384_cmovznz_u64(&x171, x66, x63, x51); + fiat_p384_cmovznz_u64(&x172, x156, x143, x131); + fiat_p384_cmovznz_u64(&x173, x156, x145, x133); + fiat_p384_cmovznz_u64(&x174, x156, x147, x135); + fiat_p384_cmovznz_u64(&x175, x156, x149, x137); + fiat_p384_cmovznz_u64(&x176, x156, x151, x139); + fiat_p384_cmovznz_u64(&x177, x156, x153, x141); + *out1 = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3829,25 +3739,25 @@ static FIAT_P384_FIAT_INLINE void fiat_p384_divstep(uint64_t* out1, uint64_t out out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /* diff --git a/fiat-c/src/p384_scalar_32.c b/fiat-c/src/p384_scalar_32.c index d110884adf..d2e7e3d70f 100644 --- a/fiat-c/src/p384_scalar_32.c +++ b/fiat-c/src/p384_scalar_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_p384_scalar_value_barrier_u32(uint32_t a) { */ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_addcarryx_u32(uint32_t* out1, fiat_p384_scalar_uint1* out2, fiat_p384_scalar_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_p384_scalar_uint1 x3; + fiat_p384_scalar_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_p384_scalar_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p384_scalar_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_subborrowx_u32(uint32_ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -10598,78 +10594,42 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_to_bytes(uint8_t out1[ uint32_t x10; uint32_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint32_t x14; uint8_t x15; uint32_t x16; - uint8_t x17; + uint32_t x17; uint8_t x18; - uint8_t x19; + uint32_t x19; uint32_t x20; uint8_t x21; uint32_t x22; - uint8_t x23; + uint32_t x23; uint8_t x24; - uint8_t x25; + uint32_t x25; uint32_t x26; uint8_t x27; uint32_t x28; - uint8_t x29; + uint32_t x29; uint8_t x30; - uint8_t x31; + uint32_t x31; uint32_t x32; uint8_t x33; uint32_t x34; - uint8_t x35; + uint32_t x35; uint8_t x36; - uint8_t x37; + uint32_t x37; uint32_t x38; uint8_t x39; uint32_t x40; - uint8_t x41; + uint32_t x41; uint8_t x42; - uint8_t x43; + uint32_t x43; uint32_t x44; uint8_t x45; uint32_t x46; - uint8_t x47; + uint32_t x47; uint8_t x48; - uint8_t x49; - uint32_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint8_t x54; - uint8_t x55; - uint32_t x56; - uint8_t x57; - uint32_t x58; - uint8_t x59; - uint8_t x60; - uint8_t x61; - uint32_t x62; - uint8_t x63; - uint32_t x64; - uint8_t x65; - uint8_t x66; - uint8_t x67; - uint32_t x68; - uint8_t x69; - uint32_t x70; - uint8_t x71; - uint8_t x72; - uint8_t x73; - uint32_t x74; - uint8_t x75; - uint32_t x76; - uint8_t x77; - uint8_t x78; - uint8_t x79; - uint32_t x80; - uint8_t x81; - uint32_t x82; - uint8_t x83; - uint8_t x84; x1 = (arg1[11]); x2 = (arg1[10]); x3 = (arg1[9]); @@ -10682,126 +10642,90 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_to_bytes(uint8_t out1[ x10 = (arg1[2]); x11 = (arg1[1]); x12 = (arg1[0]); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x11 & UINT8_C(0xff)); - x20 = (x11 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (uint8_t)(x22 >> 8); - x25 = (uint8_t)(x10 & UINT8_C(0xff)); - x26 = (x10 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (uint8_t)(x28 >> 8); - x31 = (uint8_t)(x9 & UINT8_C(0xff)); - x32 = (x9 >> 8); - x33 = (uint8_t)(x32 & UINT8_C(0xff)); - x34 = (x32 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (uint8_t)(x34 >> 8); - x37 = (uint8_t)(x8 & UINT8_C(0xff)); - x38 = (x8 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (uint8_t)(x40 >> 8); - x43 = (uint8_t)(x7 & UINT8_C(0xff)); - x44 = (x7 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (x44 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (uint8_t)(x46 >> 8); - x49 = (uint8_t)(x6 & UINT8_C(0xff)); - x50 = (x6 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (uint8_t)(x52 >> 8); - x55 = (uint8_t)(x5 & UINT8_C(0xff)); - x56 = (x5 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - x61 = (uint8_t)(x4 & UINT8_C(0xff)); - x62 = (x4 >> 8); - x63 = (uint8_t)(x62 & UINT8_C(0xff)); - x64 = (x62 >> 8); - x65 = (uint8_t)(x64 & UINT8_C(0xff)); - x66 = (uint8_t)(x64 >> 8); - x67 = (uint8_t)(x3 & UINT8_C(0xff)); - x68 = (x3 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (uint8_t)(x70 >> 8); - x73 = (uint8_t)(x2 & UINT8_C(0xff)); - x74 = (x2 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (x74 >> 8); - x77 = (uint8_t)(x76 & UINT8_C(0xff)); - x78 = (uint8_t)(x76 >> 8); - x79 = (uint8_t)(x1 & UINT8_C(0xff)); - x80 = (x1 >> 8); - x81 = (uint8_t)(x80 & UINT8_C(0xff)); - x82 = (x80 >> 8); - x83 = (uint8_t)(x82 & UINT8_C(0xff)); - x84 = (uint8_t)(x82 >> 8); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (uint8_t)(x14 >> 8); + x16 = (x11 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x10 >> 8); + x20 = (x19 >> 8); + x21 = (uint8_t)(x20 >> 8); + x22 = (x9 >> 8); + x23 = (x22 >> 8); + x24 = (uint8_t)(x23 >> 8); + x25 = (x8 >> 8); + x26 = (x25 >> 8); + x27 = (uint8_t)(x26 >> 8); + x28 = (x7 >> 8); + x29 = (x28 >> 8); + x30 = (uint8_t)(x29 >> 8); + x31 = (x6 >> 8); + x32 = (x31 >> 8); + x33 = (uint8_t)(x32 >> 8); + x34 = (x5 >> 8); + x35 = (x34 >> 8); + x36 = (uint8_t)(x35 >> 8); + x37 = (x4 >> 8); + x38 = (x37 >> 8); + x39 = (uint8_t)(x38 >> 8); + x40 = (x3 >> 8); + x41 = (x40 >> 8); + x42 = (uint8_t)(x41 >> 8); + x43 = (x2 >> 8); + x44 = (x43 >> 8); + x45 = (uint8_t)(x44 >> 8); + x46 = (x1 >> 8); + x47 = (x46 >> 8); + x48 = (uint8_t)(x47 >> 8); + out1[0] = (uint8_t)x12; + out1[1] = (uint8_t)x13; + out1[2] = (uint8_t)x14; + out1[3] = x15; + out1[4] = (uint8_t)x11; + out1[5] = (uint8_t)x16; + out1[6] = (uint8_t)x17; + out1[7] = x18; + out1[8] = (uint8_t)x10; + out1[9] = (uint8_t)x19; + out1[10] = (uint8_t)x20; + out1[11] = x21; + out1[12] = (uint8_t)x9; + out1[13] = (uint8_t)x22; + out1[14] = (uint8_t)x23; + out1[15] = x24; + out1[16] = (uint8_t)x8; + out1[17] = (uint8_t)x25; + out1[18] = (uint8_t)x26; + out1[19] = x27; + out1[20] = (uint8_t)x7; + out1[21] = (uint8_t)x28; + out1[22] = (uint8_t)x29; + out1[23] = x30; + out1[24] = (uint8_t)x6; + out1[25] = (uint8_t)x31; + out1[26] = (uint8_t)x32; + out1[27] = x33; + out1[28] = (uint8_t)x5; + out1[29] = (uint8_t)x34; + out1[30] = (uint8_t)x35; + out1[31] = x36; + out1[32] = (uint8_t)x4; + out1[33] = (uint8_t)x37; + out1[34] = (uint8_t)x38; + out1[35] = x39; + out1[36] = (uint8_t)x3; + out1[37] = (uint8_t)x40; + out1[38] = (uint8_t)x41; + out1[39] = x42; + out1[40] = (uint8_t)x2; + out1[41] = (uint8_t)x43; + out1[42] = (uint8_t)x44; + out1[43] = x45; + out1[44] = (uint8_t)x1; + out1[45] = (uint8_t)x46; + out1[46] = (uint8_t)x47; + out1[47] = x48; } /* @@ -11274,7 +11198,7 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 uint32_t x191; uint32_t x192; uint32_t x193; - fiat_p384_scalar_uint1 x194; + uint32_t x194; uint32_t x195; uint32_t x196; uint32_t x197; @@ -11288,32 +11212,32 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 uint32_t x205; uint32_t x206; uint32_t x207; - uint32_t x208; - fiat_p384_scalar_uint1 x209; - uint32_t x210; - fiat_p384_scalar_uint1 x211; - uint32_t x212; - fiat_p384_scalar_uint1 x213; - uint32_t x214; - fiat_p384_scalar_uint1 x215; - uint32_t x216; - fiat_p384_scalar_uint1 x217; - uint32_t x218; - fiat_p384_scalar_uint1 x219; - uint32_t x220; - fiat_p384_scalar_uint1 x221; - uint32_t x222; - fiat_p384_scalar_uint1 x223; - uint32_t x224; - fiat_p384_scalar_uint1 x225; - uint32_t x226; - fiat_p384_scalar_uint1 x227; - uint32_t x228; - fiat_p384_scalar_uint1 x229; - uint32_t x230; - fiat_p384_scalar_uint1 x231; - uint32_t x232; - fiat_p384_scalar_uint1 x233; + fiat_p384_scalar_uint1 x208; + uint32_t x209; + fiat_p384_scalar_uint1 x210; + uint32_t x211; + fiat_p384_scalar_uint1 x212; + uint32_t x213; + fiat_p384_scalar_uint1 x214; + uint32_t x215; + fiat_p384_scalar_uint1 x216; + uint32_t x217; + fiat_p384_scalar_uint1 x218; + uint32_t x219; + fiat_p384_scalar_uint1 x220; + uint32_t x221; + fiat_p384_scalar_uint1 x222; + uint32_t x223; + fiat_p384_scalar_uint1 x224; + uint32_t x225; + fiat_p384_scalar_uint1 x226; + uint32_t x227; + fiat_p384_scalar_uint1 x228; + uint32_t x229; + fiat_p384_scalar_uint1 x230; + uint32_t x231; + fiat_p384_scalar_uint1 x232; + uint32_t x233; uint32_t x234; uint32_t x235; uint32_t x236; @@ -11326,58 +11250,58 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 uint32_t x243; uint32_t x244; uint32_t x245; - uint32_t x246; - fiat_p384_scalar_uint1 x247; - uint32_t x248; - fiat_p384_scalar_uint1 x249; - uint32_t x250; - fiat_p384_scalar_uint1 x251; - uint32_t x252; - fiat_p384_scalar_uint1 x253; - uint32_t x254; - fiat_p384_scalar_uint1 x255; - uint32_t x256; - fiat_p384_scalar_uint1 x257; - uint32_t x258; - fiat_p384_scalar_uint1 x259; - uint32_t x260; - fiat_p384_scalar_uint1 x261; - uint32_t x262; - fiat_p384_scalar_uint1 x263; - uint32_t x264; - fiat_p384_scalar_uint1 x265; - uint32_t x266; - fiat_p384_scalar_uint1 x267; - uint32_t x268; - fiat_p384_scalar_uint1 x269; - uint32_t x270; - fiat_p384_scalar_uint1 x271; - uint32_t x272; - fiat_p384_scalar_uint1 x273; - uint32_t x274; - fiat_p384_scalar_uint1 x275; - uint32_t x276; - fiat_p384_scalar_uint1 x277; - uint32_t x278; - fiat_p384_scalar_uint1 x279; - uint32_t x280; - fiat_p384_scalar_uint1 x281; - uint32_t x282; - fiat_p384_scalar_uint1 x283; - uint32_t x284; - fiat_p384_scalar_uint1 x285; - uint32_t x286; - fiat_p384_scalar_uint1 x287; - uint32_t x288; - fiat_p384_scalar_uint1 x289; - uint32_t x290; - fiat_p384_scalar_uint1 x291; - uint32_t x292; - fiat_p384_scalar_uint1 x293; - uint32_t x294; - fiat_p384_scalar_uint1 x295; - uint32_t x296; - fiat_p384_scalar_uint1 x297; + fiat_p384_scalar_uint1 x246; + uint32_t x247; + fiat_p384_scalar_uint1 x248; + uint32_t x249; + fiat_p384_scalar_uint1 x250; + uint32_t x251; + fiat_p384_scalar_uint1 x252; + uint32_t x253; + fiat_p384_scalar_uint1 x254; + uint32_t x255; + fiat_p384_scalar_uint1 x256; + uint32_t x257; + fiat_p384_scalar_uint1 x258; + uint32_t x259; + fiat_p384_scalar_uint1 x260; + uint32_t x261; + fiat_p384_scalar_uint1 x262; + uint32_t x263; + fiat_p384_scalar_uint1 x264; + uint32_t x265; + fiat_p384_scalar_uint1 x266; + uint32_t x267; + fiat_p384_scalar_uint1 x268; + uint32_t x269; + fiat_p384_scalar_uint1 x270; + uint32_t x271; + fiat_p384_scalar_uint1 x272; + uint32_t x273; + fiat_p384_scalar_uint1 x274; + uint32_t x275; + fiat_p384_scalar_uint1 x276; + uint32_t x277; + fiat_p384_scalar_uint1 x278; + uint32_t x279; + fiat_p384_scalar_uint1 x280; + uint32_t x281; + fiat_p384_scalar_uint1 x282; + uint32_t x283; + fiat_p384_scalar_uint1 x284; + uint32_t x285; + fiat_p384_scalar_uint1 x286; + uint32_t x287; + fiat_p384_scalar_uint1 x288; + uint32_t x289; + fiat_p384_scalar_uint1 x290; + uint32_t x291; + fiat_p384_scalar_uint1 x292; + uint32_t x293; + fiat_p384_scalar_uint1 x294; + uint32_t x295; + fiat_p384_scalar_uint1 x296; + uint32_t x297; uint32_t x298; uint32_t x299; uint32_t x300; @@ -11414,9 +11338,8 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 uint32_t x331; uint32_t x332; uint32_t x333; - uint32_t x334; fiat_p384_scalar_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p384_scalar_uint1)((fiat_p384_scalar_uint1)(x1 >> 31) & (fiat_p384_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p384_scalar_uint1)((fiat_p384_scalar_uint1)(x1 >> 31) & (fiat_p384_scalar_uint1)(arg3[0])); fiat_p384_scalar_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p384_scalar_cmovznz_u32(&x6, x3, arg1, x4); fiat_p384_scalar_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -11544,109 +11467,108 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 fiat_p384_scalar_cmovznz_u32(&x191, x3, (arg5[9]), x176); fiat_p384_scalar_cmovznz_u32(&x192, x3, (arg5[10]), x178); fiat_p384_scalar_cmovznz_u32(&x193, x3, (arg5[11]), x180); - x194 = (fiat_p384_scalar_uint1)(x46 & 0x1); - fiat_p384_scalar_cmovznz_u32(&x195, x194, 0x0, x7); - fiat_p384_scalar_cmovznz_u32(&x196, x194, 0x0, x8); - fiat_p384_scalar_cmovznz_u32(&x197, x194, 0x0, x9); - fiat_p384_scalar_cmovznz_u32(&x198, x194, 0x0, x10); - fiat_p384_scalar_cmovznz_u32(&x199, x194, 0x0, x11); - fiat_p384_scalar_cmovznz_u32(&x200, x194, 0x0, x12); - fiat_p384_scalar_cmovznz_u32(&x201, x194, 0x0, x13); - fiat_p384_scalar_cmovznz_u32(&x202, x194, 0x0, x14); - fiat_p384_scalar_cmovznz_u32(&x203, x194, 0x0, x15); - fiat_p384_scalar_cmovznz_u32(&x204, x194, 0x0, x16); - fiat_p384_scalar_cmovznz_u32(&x205, x194, 0x0, x17); - fiat_p384_scalar_cmovznz_u32(&x206, x194, 0x0, x18); - fiat_p384_scalar_cmovznz_u32(&x207, x194, 0x0, x19); - fiat_p384_scalar_addcarryx_u32(&x208, &x209, 0x0, x46, x195); - fiat_p384_scalar_addcarryx_u32(&x210, &x211, x209, x47, x196); - fiat_p384_scalar_addcarryx_u32(&x212, &x213, x211, x48, x197); - fiat_p384_scalar_addcarryx_u32(&x214, &x215, x213, x49, x198); - fiat_p384_scalar_addcarryx_u32(&x216, &x217, x215, x50, x199); - fiat_p384_scalar_addcarryx_u32(&x218, &x219, x217, x51, x200); - fiat_p384_scalar_addcarryx_u32(&x220, &x221, x219, x52, x201); - fiat_p384_scalar_addcarryx_u32(&x222, &x223, x221, x53, x202); - fiat_p384_scalar_addcarryx_u32(&x224, &x225, x223, x54, x203); - fiat_p384_scalar_addcarryx_u32(&x226, &x227, x225, x55, x204); - fiat_p384_scalar_addcarryx_u32(&x228, &x229, x227, x56, x205); - fiat_p384_scalar_addcarryx_u32(&x230, &x231, x229, x57, x206); - fiat_p384_scalar_addcarryx_u32(&x232, &x233, x231, x58, x207); - fiat_p384_scalar_cmovznz_u32(&x234, x194, 0x0, x59); - fiat_p384_scalar_cmovznz_u32(&x235, x194, 0x0, x60); - fiat_p384_scalar_cmovznz_u32(&x236, x194, 0x0, x61); - fiat_p384_scalar_cmovznz_u32(&x237, x194, 0x0, x62); - fiat_p384_scalar_cmovznz_u32(&x238, x194, 0x0, x63); - fiat_p384_scalar_cmovznz_u32(&x239, x194, 0x0, x64); - fiat_p384_scalar_cmovznz_u32(&x240, x194, 0x0, x65); - fiat_p384_scalar_cmovznz_u32(&x241, x194, 0x0, x66); - fiat_p384_scalar_cmovznz_u32(&x242, x194, 0x0, x67); - fiat_p384_scalar_cmovznz_u32(&x243, x194, 0x0, x68); - fiat_p384_scalar_cmovznz_u32(&x244, x194, 0x0, x69); - fiat_p384_scalar_cmovznz_u32(&x245, x194, 0x0, x70); - fiat_p384_scalar_addcarryx_u32(&x246, &x247, 0x0, x182, x234); - fiat_p384_scalar_addcarryx_u32(&x248, &x249, x247, x183, x235); - fiat_p384_scalar_addcarryx_u32(&x250, &x251, x249, x184, x236); - fiat_p384_scalar_addcarryx_u32(&x252, &x253, x251, x185, x237); - fiat_p384_scalar_addcarryx_u32(&x254, &x255, x253, x186, x238); - fiat_p384_scalar_addcarryx_u32(&x256, &x257, x255, x187, x239); - fiat_p384_scalar_addcarryx_u32(&x258, &x259, x257, x188, x240); - fiat_p384_scalar_addcarryx_u32(&x260, &x261, x259, x189, x241); - fiat_p384_scalar_addcarryx_u32(&x262, &x263, x261, x190, x242); - fiat_p384_scalar_addcarryx_u32(&x264, &x265, x263, x191, x243); - fiat_p384_scalar_addcarryx_u32(&x266, &x267, x265, x192, x244); - fiat_p384_scalar_addcarryx_u32(&x268, &x269, x267, x193, x245); - fiat_p384_scalar_subborrowx_u32(&x270, &x271, 0x0, x246, UINT32_C(0xccc52973)); - fiat_p384_scalar_subborrowx_u32(&x272, &x273, x271, x248, UINT32_C(0xecec196a)); - fiat_p384_scalar_subborrowx_u32(&x274, &x275, x273, x250, UINT32_C(0x48b0a77a)); - fiat_p384_scalar_subborrowx_u32(&x276, &x277, x275, x252, UINT32_C(0x581a0db2)); - fiat_p384_scalar_subborrowx_u32(&x278, &x279, x277, x254, UINT32_C(0xf4372ddf)); - fiat_p384_scalar_subborrowx_u32(&x280, &x281, x279, x256, UINT32_C(0xc7634d81)); - fiat_p384_scalar_subborrowx_u32(&x282, &x283, x281, x258, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x284, &x285, x283, x260, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x286, &x287, x285, x262, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x288, &x289, x287, x264, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x290, &x291, x289, x266, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x292, &x293, x291, x268, UINT32_C(0xffffffff)); - fiat_p384_scalar_subborrowx_u32(&x294, &x295, x293, x269, 0x0); - fiat_p384_scalar_addcarryx_u32(&x296, &x297, 0x0, x6, 0x1); - x298 = ((x208 >> 1) | ((x210 << 31) & UINT32_C(0xffffffff))); - x299 = ((x210 >> 1) | ((x212 << 31) & UINT32_C(0xffffffff))); - x300 = ((x212 >> 1) | ((x214 << 31) & UINT32_C(0xffffffff))); - x301 = ((x214 >> 1) | ((x216 << 31) & UINT32_C(0xffffffff))); - x302 = ((x216 >> 1) | ((x218 << 31) & UINT32_C(0xffffffff))); - x303 = ((x218 >> 1) | ((x220 << 31) & UINT32_C(0xffffffff))); - x304 = ((x220 >> 1) | ((x222 << 31) & UINT32_C(0xffffffff))); - x305 = ((x222 >> 1) | ((x224 << 31) & UINT32_C(0xffffffff))); - x306 = ((x224 >> 1) | ((x226 << 31) & UINT32_C(0xffffffff))); - x307 = ((x226 >> 1) | ((x228 << 31) & UINT32_C(0xffffffff))); - x308 = ((x228 >> 1) | ((x230 << 31) & UINT32_C(0xffffffff))); - x309 = ((x230 >> 1) | ((x232 << 31) & UINT32_C(0xffffffff))); - x310 = ((x232 & UINT32_C(0x80000000)) | (x232 >> 1)); - fiat_p384_scalar_cmovznz_u32(&x311, x120, x95, x71); - fiat_p384_scalar_cmovznz_u32(&x312, x120, x97, x73); - fiat_p384_scalar_cmovznz_u32(&x313, x120, x99, x75); - fiat_p384_scalar_cmovznz_u32(&x314, x120, x101, x77); - fiat_p384_scalar_cmovznz_u32(&x315, x120, x103, x79); - fiat_p384_scalar_cmovznz_u32(&x316, x120, x105, x81); - fiat_p384_scalar_cmovznz_u32(&x317, x120, x107, x83); - fiat_p384_scalar_cmovznz_u32(&x318, x120, x109, x85); - fiat_p384_scalar_cmovznz_u32(&x319, x120, x111, x87); - fiat_p384_scalar_cmovznz_u32(&x320, x120, x113, x89); - fiat_p384_scalar_cmovznz_u32(&x321, x120, x115, x91); - fiat_p384_scalar_cmovznz_u32(&x322, x120, x117, x93); - fiat_p384_scalar_cmovznz_u32(&x323, x295, x270, x246); - fiat_p384_scalar_cmovznz_u32(&x324, x295, x272, x248); - fiat_p384_scalar_cmovznz_u32(&x325, x295, x274, x250); - fiat_p384_scalar_cmovznz_u32(&x326, x295, x276, x252); - fiat_p384_scalar_cmovznz_u32(&x327, x295, x278, x254); - fiat_p384_scalar_cmovznz_u32(&x328, x295, x280, x256); - fiat_p384_scalar_cmovznz_u32(&x329, x295, x282, x258); - fiat_p384_scalar_cmovznz_u32(&x330, x295, x284, x260); - fiat_p384_scalar_cmovznz_u32(&x331, x295, x286, x262); - fiat_p384_scalar_cmovznz_u32(&x332, x295, x288, x264); - fiat_p384_scalar_cmovznz_u32(&x333, x295, x290, x266); - fiat_p384_scalar_cmovznz_u32(&x334, x295, x292, x268); - *out1 = x296; + fiat_p384_scalar_cmovznz_u32(&x194, (fiat_p384_scalar_uint1)x46, 0x0, x7); + fiat_p384_scalar_cmovznz_u32(&x195, (fiat_p384_scalar_uint1)x46, 0x0, x8); + fiat_p384_scalar_cmovznz_u32(&x196, (fiat_p384_scalar_uint1)x46, 0x0, x9); + fiat_p384_scalar_cmovznz_u32(&x197, (fiat_p384_scalar_uint1)x46, 0x0, x10); + fiat_p384_scalar_cmovznz_u32(&x198, (fiat_p384_scalar_uint1)x46, 0x0, x11); + fiat_p384_scalar_cmovznz_u32(&x199, (fiat_p384_scalar_uint1)x46, 0x0, x12); + fiat_p384_scalar_cmovznz_u32(&x200, (fiat_p384_scalar_uint1)x46, 0x0, x13); + fiat_p384_scalar_cmovznz_u32(&x201, (fiat_p384_scalar_uint1)x46, 0x0, x14); + fiat_p384_scalar_cmovznz_u32(&x202, (fiat_p384_scalar_uint1)x46, 0x0, x15); + fiat_p384_scalar_cmovznz_u32(&x203, (fiat_p384_scalar_uint1)x46, 0x0, x16); + fiat_p384_scalar_cmovznz_u32(&x204, (fiat_p384_scalar_uint1)x46, 0x0, x17); + fiat_p384_scalar_cmovznz_u32(&x205, (fiat_p384_scalar_uint1)x46, 0x0, x18); + fiat_p384_scalar_cmovznz_u32(&x206, (fiat_p384_scalar_uint1)x46, 0x0, x19); + fiat_p384_scalar_addcarryx_u32(&x207, &x208, 0x0, x46, x194); + fiat_p384_scalar_addcarryx_u32(&x209, &x210, x208, x47, x195); + fiat_p384_scalar_addcarryx_u32(&x211, &x212, x210, x48, x196); + fiat_p384_scalar_addcarryx_u32(&x213, &x214, x212, x49, x197); + fiat_p384_scalar_addcarryx_u32(&x215, &x216, x214, x50, x198); + fiat_p384_scalar_addcarryx_u32(&x217, &x218, x216, x51, x199); + fiat_p384_scalar_addcarryx_u32(&x219, &x220, x218, x52, x200); + fiat_p384_scalar_addcarryx_u32(&x221, &x222, x220, x53, x201); + fiat_p384_scalar_addcarryx_u32(&x223, &x224, x222, x54, x202); + fiat_p384_scalar_addcarryx_u32(&x225, &x226, x224, x55, x203); + fiat_p384_scalar_addcarryx_u32(&x227, &x228, x226, x56, x204); + fiat_p384_scalar_addcarryx_u32(&x229, &x230, x228, x57, x205); + fiat_p384_scalar_addcarryx_u32(&x231, &x232, x230, x58, x206); + fiat_p384_scalar_cmovznz_u32(&x233, (fiat_p384_scalar_uint1)x46, 0x0, x59); + fiat_p384_scalar_cmovznz_u32(&x234, (fiat_p384_scalar_uint1)x46, 0x0, x60); + fiat_p384_scalar_cmovznz_u32(&x235, (fiat_p384_scalar_uint1)x46, 0x0, x61); + fiat_p384_scalar_cmovznz_u32(&x236, (fiat_p384_scalar_uint1)x46, 0x0, x62); + fiat_p384_scalar_cmovznz_u32(&x237, (fiat_p384_scalar_uint1)x46, 0x0, x63); + fiat_p384_scalar_cmovznz_u32(&x238, (fiat_p384_scalar_uint1)x46, 0x0, x64); + fiat_p384_scalar_cmovznz_u32(&x239, (fiat_p384_scalar_uint1)x46, 0x0, x65); + fiat_p384_scalar_cmovznz_u32(&x240, (fiat_p384_scalar_uint1)x46, 0x0, x66); + fiat_p384_scalar_cmovznz_u32(&x241, (fiat_p384_scalar_uint1)x46, 0x0, x67); + fiat_p384_scalar_cmovznz_u32(&x242, (fiat_p384_scalar_uint1)x46, 0x0, x68); + fiat_p384_scalar_cmovznz_u32(&x243, (fiat_p384_scalar_uint1)x46, 0x0, x69); + fiat_p384_scalar_cmovznz_u32(&x244, (fiat_p384_scalar_uint1)x46, 0x0, x70); + fiat_p384_scalar_addcarryx_u32(&x245, &x246, 0x0, x182, x233); + fiat_p384_scalar_addcarryx_u32(&x247, &x248, x246, x183, x234); + fiat_p384_scalar_addcarryx_u32(&x249, &x250, x248, x184, x235); + fiat_p384_scalar_addcarryx_u32(&x251, &x252, x250, x185, x236); + fiat_p384_scalar_addcarryx_u32(&x253, &x254, x252, x186, x237); + fiat_p384_scalar_addcarryx_u32(&x255, &x256, x254, x187, x238); + fiat_p384_scalar_addcarryx_u32(&x257, &x258, x256, x188, x239); + fiat_p384_scalar_addcarryx_u32(&x259, &x260, x258, x189, x240); + fiat_p384_scalar_addcarryx_u32(&x261, &x262, x260, x190, x241); + fiat_p384_scalar_addcarryx_u32(&x263, &x264, x262, x191, x242); + fiat_p384_scalar_addcarryx_u32(&x265, &x266, x264, x192, x243); + fiat_p384_scalar_addcarryx_u32(&x267, &x268, x266, x193, x244); + fiat_p384_scalar_subborrowx_u32(&x269, &x270, 0x0, x245, UINT32_C(0xccc52973)); + fiat_p384_scalar_subborrowx_u32(&x271, &x272, x270, x247, UINT32_C(0xecec196a)); + fiat_p384_scalar_subborrowx_u32(&x273, &x274, x272, x249, UINT32_C(0x48b0a77a)); + fiat_p384_scalar_subborrowx_u32(&x275, &x276, x274, x251, UINT32_C(0x581a0db2)); + fiat_p384_scalar_subborrowx_u32(&x277, &x278, x276, x253, UINT32_C(0xf4372ddf)); + fiat_p384_scalar_subborrowx_u32(&x279, &x280, x278, x255, UINT32_C(0xc7634d81)); + fiat_p384_scalar_subborrowx_u32(&x281, &x282, x280, x257, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x283, &x284, x282, x259, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x285, &x286, x284, x261, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x287, &x288, x286, x263, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x289, &x290, x288, x265, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x291, &x292, x290, x267, UINT32_C(0xffffffff)); + fiat_p384_scalar_subborrowx_u32(&x293, &x294, x292, x268, 0x0); + fiat_p384_scalar_addcarryx_u32(&x295, &x296, 0x0, x6, 0x1); + x297 = ((x207 >> 1) | ((x209 << 31) & UINT32_C(0xffffffff))); + x298 = ((x209 >> 1) | ((x211 << 31) & UINT32_C(0xffffffff))); + x299 = ((x211 >> 1) | ((x213 << 31) & UINT32_C(0xffffffff))); + x300 = ((x213 >> 1) | ((x215 << 31) & UINT32_C(0xffffffff))); + x301 = ((x215 >> 1) | ((x217 << 31) & UINT32_C(0xffffffff))); + x302 = ((x217 >> 1) | ((x219 << 31) & UINT32_C(0xffffffff))); + x303 = ((x219 >> 1) | ((x221 << 31) & UINT32_C(0xffffffff))); + x304 = ((x221 >> 1) | ((x223 << 31) & UINT32_C(0xffffffff))); + x305 = ((x223 >> 1) | ((x225 << 31) & UINT32_C(0xffffffff))); + x306 = ((x225 >> 1) | ((x227 << 31) & UINT32_C(0xffffffff))); + x307 = ((x227 >> 1) | ((x229 << 31) & UINT32_C(0xffffffff))); + x308 = ((x229 >> 1) | ((x231 << 31) & UINT32_C(0xffffffff))); + x309 = ((x231 & UINT32_C(0x80000000)) | (x231 >> 1)); + fiat_p384_scalar_cmovznz_u32(&x310, x120, x95, x71); + fiat_p384_scalar_cmovznz_u32(&x311, x120, x97, x73); + fiat_p384_scalar_cmovznz_u32(&x312, x120, x99, x75); + fiat_p384_scalar_cmovznz_u32(&x313, x120, x101, x77); + fiat_p384_scalar_cmovznz_u32(&x314, x120, x103, x79); + fiat_p384_scalar_cmovznz_u32(&x315, x120, x105, x81); + fiat_p384_scalar_cmovznz_u32(&x316, x120, x107, x83); + fiat_p384_scalar_cmovznz_u32(&x317, x120, x109, x85); + fiat_p384_scalar_cmovznz_u32(&x318, x120, x111, x87); + fiat_p384_scalar_cmovznz_u32(&x319, x120, x113, x89); + fiat_p384_scalar_cmovznz_u32(&x320, x120, x115, x91); + fiat_p384_scalar_cmovznz_u32(&x321, x120, x117, x93); + fiat_p384_scalar_cmovznz_u32(&x322, x294, x269, x245); + fiat_p384_scalar_cmovznz_u32(&x323, x294, x271, x247); + fiat_p384_scalar_cmovznz_u32(&x324, x294, x273, x249); + fiat_p384_scalar_cmovznz_u32(&x325, x294, x275, x251); + fiat_p384_scalar_cmovznz_u32(&x326, x294, x277, x253); + fiat_p384_scalar_cmovznz_u32(&x327, x294, x279, x255); + fiat_p384_scalar_cmovznz_u32(&x328, x294, x281, x257); + fiat_p384_scalar_cmovznz_u32(&x329, x294, x283, x259); + fiat_p384_scalar_cmovznz_u32(&x330, x294, x285, x261); + fiat_p384_scalar_cmovznz_u32(&x331, x294, x287, x263); + fiat_p384_scalar_cmovznz_u32(&x332, x294, x289, x265); + fiat_p384_scalar_cmovznz_u32(&x333, x294, x291, x267); + *out1 = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -11660,43 +11582,43 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint32_t* out1 out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /* diff --git a/fiat-c/src/p384_scalar_64.c b/fiat-c/src/p384_scalar_64.c index eb84893334..06398f1ece 100644 --- a/fiat-c/src/p384_scalar_64.c +++ b/fiat-c/src/p384_scalar_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p384_scalar_value_barrier_u64(uint64_t a) { */ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_addcarryx_u64(uint64_t* out1, fiat_p384_scalar_uint1* out2, fiat_p384_scalar_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p384_scalar_uint128 x1; - uint64_t x2; - fiat_p384_scalar_uint1 x3; + fiat_p384_scalar_uint1 x2; x1 = ((arg1 + (fiat_p384_scalar_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p384_scalar_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p384_scalar_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_subborrowx_u64(uint64_ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p384_scalar_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p384_scalar_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -3079,228 +3075,144 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_to_bytes(uint8_t out1[ uint64_t x4; uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; - uint8_t x11; + uint64_t x11; uint64_t x12; uint8_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint64_t x18; - uint8_t x19; + uint64_t x19; uint8_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; - uint8_t x25; + uint64_t x25; uint64_t x26; uint8_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint64_t x32; - uint8_t x33; + uint64_t x33; uint8_t x34; - uint8_t x35; + uint64_t x35; uint64_t x36; - uint8_t x37; + uint64_t x37; uint64_t x38; - uint8_t x39; + uint64_t x39; uint64_t x40; uint8_t x41; uint64_t x42; - uint8_t x43; + uint64_t x43; uint64_t x44; - uint8_t x45; + uint64_t x45; uint64_t x46; - uint8_t x47; + uint64_t x47; uint8_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint64_t x60; - uint8_t x61; - uint8_t x62; - uint8_t x63; - uint64_t x64; - uint8_t x65; - uint64_t x66; - uint8_t x67; - uint64_t x68; - uint8_t x69; - uint64_t x70; - uint8_t x71; - uint64_t x72; - uint8_t x73; - uint64_t x74; - uint8_t x75; - uint8_t x76; - uint8_t x77; - uint64_t x78; - uint8_t x79; - uint64_t x80; - uint8_t x81; - uint64_t x82; - uint8_t x83; - uint64_t x84; - uint8_t x85; - uint64_t x86; - uint8_t x87; - uint64_t x88; - uint8_t x89; - uint8_t x90; x1 = (arg1[5]); x2 = (arg1[4]); x3 = (arg1[3]); x4 = (arg1[2]); x5 = (arg1[1]); x6 = (arg1[0]); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x5 & UINT8_C(0xff)); - x22 = (x5 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (x30 >> 8); - x33 = (uint8_t)(x32 & UINT8_C(0xff)); - x34 = (uint8_t)(x32 >> 8); - x35 = (uint8_t)(x4 & UINT8_C(0xff)); - x36 = (x4 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (x44 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (uint8_t)(x46 >> 8); - x49 = (uint8_t)(x3 & UINT8_C(0xff)); - x50 = (x3 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (x58 >> 8); - x61 = (uint8_t)(x60 & UINT8_C(0xff)); - x62 = (uint8_t)(x60 >> 8); - x63 = (uint8_t)(x2 & UINT8_C(0xff)); - x64 = (x2 >> 8); - x65 = (uint8_t)(x64 & UINT8_C(0xff)); - x66 = (x64 >> 8); - x67 = (uint8_t)(x66 & UINT8_C(0xff)); - x68 = (x66 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (x70 >> 8); - x73 = (uint8_t)(x72 & UINT8_C(0xff)); - x74 = (x72 >> 8); - x75 = (uint8_t)(x74 & UINT8_C(0xff)); - x76 = (uint8_t)(x74 >> 8); - x77 = (uint8_t)(x1 & UINT8_C(0xff)); - x78 = (x1 >> 8); - x79 = (uint8_t)(x78 & UINT8_C(0xff)); - x80 = (x78 >> 8); - x81 = (uint8_t)(x80 & UINT8_C(0xff)); - x82 = (x80 >> 8); - x83 = (uint8_t)(x82 & UINT8_C(0xff)); - x84 = (x82 >> 8); - x85 = (uint8_t)(x84 & UINT8_C(0xff)); - x86 = (x84 >> 8); - x87 = (uint8_t)(x86 & UINT8_C(0xff)); - x88 = (x86 >> 8); - x89 = (uint8_t)(x88 & UINT8_C(0xff)); - x90 = (uint8_t)(x88 >> 8); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (x10 >> 8); + x12 = (x11 >> 8); + x13 = (uint8_t)(x12 >> 8); + x14 = (x5 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (x17 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (x24 >> 8); + x26 = (x25 >> 8); + x27 = (uint8_t)(x26 >> 8); + x28 = (x3 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (x31 >> 8); + x33 = (x32 >> 8); + x34 = (uint8_t)(x33 >> 8); + x35 = (x2 >> 8); + x36 = (x35 >> 8); + x37 = (x36 >> 8); + x38 = (x37 >> 8); + x39 = (x38 >> 8); + x40 = (x39 >> 8); + x41 = (uint8_t)(x40 >> 8); + x42 = (x1 >> 8); + x43 = (x42 >> 8); + x44 = (x43 >> 8); + x45 = (x44 >> 8); + x46 = (x45 >> 8); + x47 = (x46 >> 8); + x48 = (uint8_t)(x47 >> 8); + out1[0] = (uint8_t)x6; + out1[1] = (uint8_t)x7; + out1[2] = (uint8_t)x8; + out1[3] = (uint8_t)x9; + out1[4] = (uint8_t)x10; + out1[5] = (uint8_t)x11; + out1[6] = (uint8_t)x12; + out1[7] = x13; + out1[8] = (uint8_t)x5; + out1[9] = (uint8_t)x14; + out1[10] = (uint8_t)x15; + out1[11] = (uint8_t)x16; + out1[12] = (uint8_t)x17; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = (uint8_t)x23; + out1[20] = (uint8_t)x24; + out1[21] = (uint8_t)x25; + out1[22] = (uint8_t)x26; + out1[23] = x27; + out1[24] = (uint8_t)x3; + out1[25] = (uint8_t)x28; + out1[26] = (uint8_t)x29; + out1[27] = (uint8_t)x30; + out1[28] = (uint8_t)x31; + out1[29] = (uint8_t)x32; + out1[30] = (uint8_t)x33; + out1[31] = x34; + out1[32] = (uint8_t)x2; + out1[33] = (uint8_t)x35; + out1[34] = (uint8_t)x36; + out1[35] = (uint8_t)x37; + out1[36] = (uint8_t)x38; + out1[37] = (uint8_t)x39; + out1[38] = (uint8_t)x40; + out1[39] = x41; + out1[40] = (uint8_t)x1; + out1[41] = (uint8_t)x42; + out1[42] = (uint8_t)x43; + out1[43] = (uint8_t)x44; + out1[44] = (uint8_t)x45; + out1[45] = (uint8_t)x46; + out1[46] = (uint8_t)x47; + out1[47] = x48; } /* @@ -3677,7 +3589,7 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint64_t* out1 uint64_t x101; uint64_t x102; uint64_t x103; - fiat_p384_scalar_uint1 x104; + uint64_t x104; uint64_t x105; uint64_t x106; uint64_t x107; @@ -3685,54 +3597,54 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint64_t* out1 uint64_t x109; uint64_t x110; uint64_t x111; - uint64_t x112; - fiat_p384_scalar_uint1 x113; - uint64_t x114; - fiat_p384_scalar_uint1 x115; - uint64_t x116; - fiat_p384_scalar_uint1 x117; - uint64_t x118; - fiat_p384_scalar_uint1 x119; - uint64_t x120; - fiat_p384_scalar_uint1 x121; - uint64_t x122; - fiat_p384_scalar_uint1 x123; - uint64_t x124; - fiat_p384_scalar_uint1 x125; + fiat_p384_scalar_uint1 x112; + uint64_t x113; + fiat_p384_scalar_uint1 x114; + uint64_t x115; + fiat_p384_scalar_uint1 x116; + uint64_t x117; + fiat_p384_scalar_uint1 x118; + uint64_t x119; + fiat_p384_scalar_uint1 x120; + uint64_t x121; + fiat_p384_scalar_uint1 x122; + uint64_t x123; + fiat_p384_scalar_uint1 x124; + uint64_t x125; uint64_t x126; uint64_t x127; uint64_t x128; uint64_t x129; uint64_t x130; uint64_t x131; - uint64_t x132; - fiat_p384_scalar_uint1 x133; - uint64_t x134; - fiat_p384_scalar_uint1 x135; - uint64_t x136; - fiat_p384_scalar_uint1 x137; - uint64_t x138; - fiat_p384_scalar_uint1 x139; - uint64_t x140; - fiat_p384_scalar_uint1 x141; - uint64_t x142; - fiat_p384_scalar_uint1 x143; - uint64_t x144; - fiat_p384_scalar_uint1 x145; - uint64_t x146; - fiat_p384_scalar_uint1 x147; - uint64_t x148; - fiat_p384_scalar_uint1 x149; - uint64_t x150; - fiat_p384_scalar_uint1 x151; - uint64_t x152; - fiat_p384_scalar_uint1 x153; - uint64_t x154; - fiat_p384_scalar_uint1 x155; - uint64_t x156; - fiat_p384_scalar_uint1 x157; - uint64_t x158; - fiat_p384_scalar_uint1 x159; + fiat_p384_scalar_uint1 x132; + uint64_t x133; + fiat_p384_scalar_uint1 x134; + uint64_t x135; + fiat_p384_scalar_uint1 x136; + uint64_t x137; + fiat_p384_scalar_uint1 x138; + uint64_t x139; + fiat_p384_scalar_uint1 x140; + uint64_t x141; + fiat_p384_scalar_uint1 x142; + uint64_t x143; + fiat_p384_scalar_uint1 x144; + uint64_t x145; + fiat_p384_scalar_uint1 x146; + uint64_t x147; + fiat_p384_scalar_uint1 x148; + uint64_t x149; + fiat_p384_scalar_uint1 x150; + uint64_t x151; + fiat_p384_scalar_uint1 x152; + uint64_t x153; + fiat_p384_scalar_uint1 x154; + uint64_t x155; + fiat_p384_scalar_uint1 x156; + uint64_t x157; + fiat_p384_scalar_uint1 x158; + uint64_t x159; uint64_t x160; uint64_t x161; uint64_t x162; @@ -3751,9 +3663,8 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint64_t* out1 uint64_t x175; uint64_t x176; uint64_t x177; - uint64_t x178; fiat_p384_scalar_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p384_scalar_uint1)((fiat_p384_scalar_uint1)(x1 >> 63) & (fiat_p384_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p384_scalar_uint1)((fiat_p384_scalar_uint1)(x1 >> 63) & (fiat_p384_scalar_uint1)(arg3[0])); fiat_p384_scalar_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p384_scalar_cmovznz_u64(&x6, x3, arg1, x4); fiat_p384_scalar_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -3821,61 +3732,60 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint64_t* out1 fiat_p384_scalar_cmovznz_u64(&x101, x3, (arg5[3]), x92); fiat_p384_scalar_cmovznz_u64(&x102, x3, (arg5[4]), x94); fiat_p384_scalar_cmovznz_u64(&x103, x3, (arg5[5]), x96); - x104 = (fiat_p384_scalar_uint1)(x28 & 0x1); - fiat_p384_scalar_cmovznz_u64(&x105, x104, 0x0, x7); - fiat_p384_scalar_cmovznz_u64(&x106, x104, 0x0, x8); - fiat_p384_scalar_cmovznz_u64(&x107, x104, 0x0, x9); - fiat_p384_scalar_cmovznz_u64(&x108, x104, 0x0, x10); - fiat_p384_scalar_cmovznz_u64(&x109, x104, 0x0, x11); - fiat_p384_scalar_cmovznz_u64(&x110, x104, 0x0, x12); - fiat_p384_scalar_cmovznz_u64(&x111, x104, 0x0, x13); - fiat_p384_scalar_addcarryx_u64(&x112, &x113, 0x0, x28, x105); - fiat_p384_scalar_addcarryx_u64(&x114, &x115, x113, x29, x106); - fiat_p384_scalar_addcarryx_u64(&x116, &x117, x115, x30, x107); - fiat_p384_scalar_addcarryx_u64(&x118, &x119, x117, x31, x108); - fiat_p384_scalar_addcarryx_u64(&x120, &x121, x119, x32, x109); - fiat_p384_scalar_addcarryx_u64(&x122, &x123, x121, x33, x110); - fiat_p384_scalar_addcarryx_u64(&x124, &x125, x123, x34, x111); - fiat_p384_scalar_cmovznz_u64(&x126, x104, 0x0, x35); - fiat_p384_scalar_cmovznz_u64(&x127, x104, 0x0, x36); - fiat_p384_scalar_cmovznz_u64(&x128, x104, 0x0, x37); - fiat_p384_scalar_cmovznz_u64(&x129, x104, 0x0, x38); - fiat_p384_scalar_cmovznz_u64(&x130, x104, 0x0, x39); - fiat_p384_scalar_cmovznz_u64(&x131, x104, 0x0, x40); - fiat_p384_scalar_addcarryx_u64(&x132, &x133, 0x0, x98, x126); - fiat_p384_scalar_addcarryx_u64(&x134, &x135, x133, x99, x127); - fiat_p384_scalar_addcarryx_u64(&x136, &x137, x135, x100, x128); - fiat_p384_scalar_addcarryx_u64(&x138, &x139, x137, x101, x129); - fiat_p384_scalar_addcarryx_u64(&x140, &x141, x139, x102, x130); - fiat_p384_scalar_addcarryx_u64(&x142, &x143, x141, x103, x131); - fiat_p384_scalar_subborrowx_u64(&x144, &x145, 0x0, x132, UINT64_C(0xecec196accc52973)); - fiat_p384_scalar_subborrowx_u64(&x146, &x147, x145, x134, UINT64_C(0x581a0db248b0a77a)); - fiat_p384_scalar_subborrowx_u64(&x148, &x149, x147, x136, UINT64_C(0xc7634d81f4372ddf)); - fiat_p384_scalar_subborrowx_u64(&x150, &x151, x149, x138, UINT64_C(0xffffffffffffffff)); - fiat_p384_scalar_subborrowx_u64(&x152, &x153, x151, x140, UINT64_C(0xffffffffffffffff)); - fiat_p384_scalar_subborrowx_u64(&x154, &x155, x153, x142, UINT64_C(0xffffffffffffffff)); - fiat_p384_scalar_subborrowx_u64(&x156, &x157, x155, x143, 0x0); - fiat_p384_scalar_addcarryx_u64(&x158, &x159, 0x0, x6, 0x1); - x160 = ((x112 >> 1) | ((x114 << 63) & UINT64_C(0xffffffffffffffff))); - x161 = ((x114 >> 1) | ((x116 << 63) & UINT64_C(0xffffffffffffffff))); - x162 = ((x116 >> 1) | ((x118 << 63) & UINT64_C(0xffffffffffffffff))); - x163 = ((x118 >> 1) | ((x120 << 63) & UINT64_C(0xffffffffffffffff))); - x164 = ((x120 >> 1) | ((x122 << 63) & UINT64_C(0xffffffffffffffff))); - x165 = ((x122 >> 1) | ((x124 << 63) & UINT64_C(0xffffffffffffffff))); - x166 = ((x124 & UINT64_C(0x8000000000000000)) | (x124 >> 1)); - fiat_p384_scalar_cmovznz_u64(&x167, x66, x53, x41); - fiat_p384_scalar_cmovznz_u64(&x168, x66, x55, x43); - fiat_p384_scalar_cmovznz_u64(&x169, x66, x57, x45); - fiat_p384_scalar_cmovznz_u64(&x170, x66, x59, x47); - fiat_p384_scalar_cmovznz_u64(&x171, x66, x61, x49); - fiat_p384_scalar_cmovznz_u64(&x172, x66, x63, x51); - fiat_p384_scalar_cmovznz_u64(&x173, x157, x144, x132); - fiat_p384_scalar_cmovznz_u64(&x174, x157, x146, x134); - fiat_p384_scalar_cmovznz_u64(&x175, x157, x148, x136); - fiat_p384_scalar_cmovznz_u64(&x176, x157, x150, x138); - fiat_p384_scalar_cmovznz_u64(&x177, x157, x152, x140); - fiat_p384_scalar_cmovznz_u64(&x178, x157, x154, x142); - *out1 = x158; + fiat_p384_scalar_cmovznz_u64(&x104, (fiat_p384_scalar_uint1)x28, 0x0, x7); + fiat_p384_scalar_cmovznz_u64(&x105, (fiat_p384_scalar_uint1)x28, 0x0, x8); + fiat_p384_scalar_cmovznz_u64(&x106, (fiat_p384_scalar_uint1)x28, 0x0, x9); + fiat_p384_scalar_cmovznz_u64(&x107, (fiat_p384_scalar_uint1)x28, 0x0, x10); + fiat_p384_scalar_cmovznz_u64(&x108, (fiat_p384_scalar_uint1)x28, 0x0, x11); + fiat_p384_scalar_cmovznz_u64(&x109, (fiat_p384_scalar_uint1)x28, 0x0, x12); + fiat_p384_scalar_cmovznz_u64(&x110, (fiat_p384_scalar_uint1)x28, 0x0, x13); + fiat_p384_scalar_addcarryx_u64(&x111, &x112, 0x0, x28, x104); + fiat_p384_scalar_addcarryx_u64(&x113, &x114, x112, x29, x105); + fiat_p384_scalar_addcarryx_u64(&x115, &x116, x114, x30, x106); + fiat_p384_scalar_addcarryx_u64(&x117, &x118, x116, x31, x107); + fiat_p384_scalar_addcarryx_u64(&x119, &x120, x118, x32, x108); + fiat_p384_scalar_addcarryx_u64(&x121, &x122, x120, x33, x109); + fiat_p384_scalar_addcarryx_u64(&x123, &x124, x122, x34, x110); + fiat_p384_scalar_cmovznz_u64(&x125, (fiat_p384_scalar_uint1)x28, 0x0, x35); + fiat_p384_scalar_cmovznz_u64(&x126, (fiat_p384_scalar_uint1)x28, 0x0, x36); + fiat_p384_scalar_cmovznz_u64(&x127, (fiat_p384_scalar_uint1)x28, 0x0, x37); + fiat_p384_scalar_cmovznz_u64(&x128, (fiat_p384_scalar_uint1)x28, 0x0, x38); + fiat_p384_scalar_cmovznz_u64(&x129, (fiat_p384_scalar_uint1)x28, 0x0, x39); + fiat_p384_scalar_cmovznz_u64(&x130, (fiat_p384_scalar_uint1)x28, 0x0, x40); + fiat_p384_scalar_addcarryx_u64(&x131, &x132, 0x0, x98, x125); + fiat_p384_scalar_addcarryx_u64(&x133, &x134, x132, x99, x126); + fiat_p384_scalar_addcarryx_u64(&x135, &x136, x134, x100, x127); + fiat_p384_scalar_addcarryx_u64(&x137, &x138, x136, x101, x128); + fiat_p384_scalar_addcarryx_u64(&x139, &x140, x138, x102, x129); + fiat_p384_scalar_addcarryx_u64(&x141, &x142, x140, x103, x130); + fiat_p384_scalar_subborrowx_u64(&x143, &x144, 0x0, x131, UINT64_C(0xecec196accc52973)); + fiat_p384_scalar_subborrowx_u64(&x145, &x146, x144, x133, UINT64_C(0x581a0db248b0a77a)); + fiat_p384_scalar_subborrowx_u64(&x147, &x148, x146, x135, UINT64_C(0xc7634d81f4372ddf)); + fiat_p384_scalar_subborrowx_u64(&x149, &x150, x148, x137, UINT64_C(0xffffffffffffffff)); + fiat_p384_scalar_subborrowx_u64(&x151, &x152, x150, x139, UINT64_C(0xffffffffffffffff)); + fiat_p384_scalar_subborrowx_u64(&x153, &x154, x152, x141, UINT64_C(0xffffffffffffffff)); + fiat_p384_scalar_subborrowx_u64(&x155, &x156, x154, x142, 0x0); + fiat_p384_scalar_addcarryx_u64(&x157, &x158, 0x0, x6, 0x1); + x159 = ((x111 >> 1) | ((x113 << 63) & UINT64_C(0xffffffffffffffff))); + x160 = ((x113 >> 1) | ((x115 << 63) & UINT64_C(0xffffffffffffffff))); + x161 = ((x115 >> 1) | ((x117 << 63) & UINT64_C(0xffffffffffffffff))); + x162 = ((x117 >> 1) | ((x119 << 63) & UINT64_C(0xffffffffffffffff))); + x163 = ((x119 >> 1) | ((x121 << 63) & UINT64_C(0xffffffffffffffff))); + x164 = ((x121 >> 1) | ((x123 << 63) & UINT64_C(0xffffffffffffffff))); + x165 = ((x123 & UINT64_C(0x8000000000000000)) | (x123 >> 1)); + fiat_p384_scalar_cmovznz_u64(&x166, x66, x53, x41); + fiat_p384_scalar_cmovznz_u64(&x167, x66, x55, x43); + fiat_p384_scalar_cmovznz_u64(&x168, x66, x57, x45); + fiat_p384_scalar_cmovznz_u64(&x169, x66, x59, x47); + fiat_p384_scalar_cmovznz_u64(&x170, x66, x61, x49); + fiat_p384_scalar_cmovznz_u64(&x171, x66, x63, x51); + fiat_p384_scalar_cmovznz_u64(&x172, x156, x143, x131); + fiat_p384_scalar_cmovznz_u64(&x173, x156, x145, x133); + fiat_p384_scalar_cmovznz_u64(&x174, x156, x147, x135); + fiat_p384_scalar_cmovznz_u64(&x175, x156, x149, x137); + fiat_p384_scalar_cmovznz_u64(&x176, x156, x151, x139); + fiat_p384_scalar_cmovznz_u64(&x177, x156, x153, x141); + *out1 = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3883,25 +3793,25 @@ static FIAT_P384_SCALAR_FIAT_INLINE void fiat_p384_scalar_divstep(uint64_t* out1 out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /* diff --git a/fiat-c/src/p434_64.c b/fiat-c/src/p434_64.c index b88a56a3c9..508956520e 100644 --- a/fiat-c/src/p434_64.c +++ b/fiat-c/src/p434_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_p434_value_barrier_u64(uint64_t a) { */ static FIAT_P434_FIAT_INLINE void fiat_p434_addcarryx_u64(uint64_t* out1, fiat_p434_uint1* out2, fiat_p434_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_p434_uint128 x1; - uint64_t x2; - fiat_p434_uint1 x3; + fiat_p434_uint1 x2; x1 = ((arg1 + (fiat_p434_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_p434_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_p434_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_subborrowx_u64(uint64_t* out1, fiat_ static FIAT_P434_FIAT_INLINE void fiat_p434_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_p434_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_p434_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -3863,102 +3859,54 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_to_bytes(uint8_t out1[55], const uin uint64_t x5; uint64_t x6; uint64_t x7; - uint8_t x8; + uint64_t x8; uint64_t x9; - uint8_t x10; + uint64_t x10; uint64_t x11; - uint8_t x12; + uint64_t x12; uint64_t x13; uint8_t x14; uint64_t x15; - uint8_t x16; + uint64_t x16; uint64_t x17; - uint8_t x18; + uint64_t x18; uint64_t x19; - uint8_t x20; + uint64_t x20; uint8_t x21; - uint8_t x22; + uint64_t x22; uint64_t x23; - uint8_t x24; + uint64_t x24; uint64_t x25; - uint8_t x26; + uint64_t x26; uint64_t x27; uint8_t x28; uint64_t x29; - uint8_t x30; + uint64_t x30; uint64_t x31; - uint8_t x32; + uint64_t x32; uint64_t x33; - uint8_t x34; + uint64_t x34; uint8_t x35; - uint8_t x36; + uint64_t x36; uint64_t x37; - uint8_t x38; + uint64_t x38; uint64_t x39; - uint8_t x40; + uint64_t x40; uint64_t x41; uint8_t x42; uint64_t x43; - uint8_t x44; + uint64_t x44; uint64_t x45; - uint8_t x46; + uint64_t x46; uint64_t x47; - uint8_t x48; + uint64_t x48; uint8_t x49; - uint8_t x50; + uint64_t x50; uint64_t x51; - uint8_t x52; + uint64_t x52; uint64_t x53; - uint8_t x54; - uint64_t x55; - uint8_t x56; - uint64_t x57; - uint8_t x58; - uint64_t x59; - uint8_t x60; - uint64_t x61; - uint8_t x62; - uint8_t x63; - uint8_t x64; - uint64_t x65; - uint8_t x66; - uint64_t x67; - uint8_t x68; - uint64_t x69; - uint8_t x70; - uint64_t x71; - uint8_t x72; - uint64_t x73; - uint8_t x74; - uint64_t x75; - uint8_t x76; - uint8_t x77; - uint8_t x78; - uint64_t x79; - uint8_t x80; - uint64_t x81; - uint8_t x82; - uint64_t x83; - uint8_t x84; - uint64_t x85; - uint8_t x86; - uint64_t x87; - uint8_t x88; - uint64_t x89; - uint8_t x90; - uint8_t x91; - uint8_t x92; - uint64_t x93; - uint8_t x94; - uint64_t x95; - uint8_t x96; - uint64_t x97; - uint8_t x98; - uint64_t x99; - uint8_t x100; - uint64_t x101; - uint8_t x102; - uint8_t x103; + uint64_t x54; + uint8_t x55; x1 = (arg1[6]); x2 = (arg1[5]); x3 = (arg1[4]); @@ -3966,157 +3914,109 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_to_bytes(uint8_t out1[55], const uin x5 = (arg1[2]); x6 = (arg1[1]); x7 = (arg1[0]); - x8 = (uint8_t)(x7 & UINT8_C(0xff)); - x9 = (x7 >> 8); - x10 = (uint8_t)(x9 & UINT8_C(0xff)); - x11 = (x9 >> 8); - x12 = (uint8_t)(x11 & UINT8_C(0xff)); - x13 = (x11 >> 8); - x14 = (uint8_t)(x13 & UINT8_C(0xff)); - x15 = (x13 >> 8); - x16 = (uint8_t)(x15 & UINT8_C(0xff)); - x17 = (x15 >> 8); - x18 = (uint8_t)(x17 & UINT8_C(0xff)); - x19 = (x17 >> 8); - x20 = (uint8_t)(x19 & UINT8_C(0xff)); - x21 = (uint8_t)(x19 >> 8); - x22 = (uint8_t)(x6 & UINT8_C(0xff)); - x23 = (x6 >> 8); - x24 = (uint8_t)(x23 & UINT8_C(0xff)); - x25 = (x23 >> 8); - x26 = (uint8_t)(x25 & UINT8_C(0xff)); - x27 = (x25 >> 8); - x28 = (uint8_t)(x27 & UINT8_C(0xff)); - x29 = (x27 >> 8); - x30 = (uint8_t)(x29 & UINT8_C(0xff)); - x31 = (x29 >> 8); - x32 = (uint8_t)(x31 & UINT8_C(0xff)); - x33 = (x31 >> 8); - x34 = (uint8_t)(x33 & UINT8_C(0xff)); - x35 = (uint8_t)(x33 >> 8); - x36 = (uint8_t)(x5 & UINT8_C(0xff)); - x37 = (x5 >> 8); - x38 = (uint8_t)(x37 & UINT8_C(0xff)); - x39 = (x37 >> 8); - x40 = (uint8_t)(x39 & UINT8_C(0xff)); - x41 = (x39 >> 8); - x42 = (uint8_t)(x41 & UINT8_C(0xff)); - x43 = (x41 >> 8); - x44 = (uint8_t)(x43 & UINT8_C(0xff)); - x45 = (x43 >> 8); - x46 = (uint8_t)(x45 & UINT8_C(0xff)); - x47 = (x45 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (uint8_t)(x47 >> 8); - x50 = (uint8_t)(x4 & UINT8_C(0xff)); - x51 = (x4 >> 8); - x52 = (uint8_t)(x51 & UINT8_C(0xff)); - x53 = (x51 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (x53 >> 8); - x56 = (uint8_t)(x55 & UINT8_C(0xff)); - x57 = (x55 >> 8); - x58 = (uint8_t)(x57 & UINT8_C(0xff)); - x59 = (x57 >> 8); - x60 = (uint8_t)(x59 & UINT8_C(0xff)); - x61 = (x59 >> 8); - x62 = (uint8_t)(x61 & UINT8_C(0xff)); - x63 = (uint8_t)(x61 >> 8); - x64 = (uint8_t)(x3 & UINT8_C(0xff)); - x65 = (x3 >> 8); - x66 = (uint8_t)(x65 & UINT8_C(0xff)); - x67 = (x65 >> 8); - x68 = (uint8_t)(x67 & UINT8_C(0xff)); - x69 = (x67 >> 8); - x70 = (uint8_t)(x69 & UINT8_C(0xff)); - x71 = (x69 >> 8); - x72 = (uint8_t)(x71 & UINT8_C(0xff)); - x73 = (x71 >> 8); - x74 = (uint8_t)(x73 & UINT8_C(0xff)); - x75 = (x73 >> 8); - x76 = (uint8_t)(x75 & UINT8_C(0xff)); - x77 = (uint8_t)(x75 >> 8); - x78 = (uint8_t)(x2 & UINT8_C(0xff)); - x79 = (x2 >> 8); - x80 = (uint8_t)(x79 & UINT8_C(0xff)); - x81 = (x79 >> 8); - x82 = (uint8_t)(x81 & UINT8_C(0xff)); - x83 = (x81 >> 8); - x84 = (uint8_t)(x83 & UINT8_C(0xff)); - x85 = (x83 >> 8); - x86 = (uint8_t)(x85 & UINT8_C(0xff)); - x87 = (x85 >> 8); - x88 = (uint8_t)(x87 & UINT8_C(0xff)); - x89 = (x87 >> 8); - x90 = (uint8_t)(x89 & UINT8_C(0xff)); - x91 = (uint8_t)(x89 >> 8); - x92 = (uint8_t)(x1 & UINT8_C(0xff)); - x93 = (x1 >> 8); - x94 = (uint8_t)(x93 & UINT8_C(0xff)); - x95 = (x93 >> 8); - x96 = (uint8_t)(x95 & UINT8_C(0xff)); - x97 = (x95 >> 8); - x98 = (uint8_t)(x97 & UINT8_C(0xff)); - x99 = (x97 >> 8); - x100 = (uint8_t)(x99 & UINT8_C(0xff)); - x101 = (x99 >> 8); - x102 = (uint8_t)(x101 & UINT8_C(0xff)); - x103 = (uint8_t)(x101 >> 8); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x14; - out1[4] = x16; - out1[5] = x18; - out1[6] = x20; - out1[7] = x21; - out1[8] = x22; - out1[9] = x24; - out1[10] = x26; - out1[11] = x28; - out1[12] = x30; - out1[13] = x32; - out1[14] = x34; - out1[15] = x35; - out1[16] = x36; - out1[17] = x38; - out1[18] = x40; - out1[19] = x42; - out1[20] = x44; - out1[21] = x46; - out1[22] = x48; - out1[23] = x49; - out1[24] = x50; - out1[25] = x52; - out1[26] = x54; - out1[27] = x56; - out1[28] = x58; - out1[29] = x60; - out1[30] = x62; - out1[31] = x63; - out1[32] = x64; - out1[33] = x66; - out1[34] = x68; - out1[35] = x70; - out1[36] = x72; - out1[37] = x74; - out1[38] = x76; - out1[39] = x77; - out1[40] = x78; - out1[41] = x80; - out1[42] = x82; - out1[43] = x84; - out1[44] = x86; - out1[45] = x88; - out1[46] = x90; - out1[47] = x91; - out1[48] = x92; - out1[49] = x94; - out1[50] = x96; - out1[51] = x98; - out1[52] = x100; - out1[53] = x102; - out1[54] = x103; + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (x10 >> 8); + x12 = (x11 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (x17 >> 8); + x19 = (x18 >> 8); + x20 = (x19 >> 8); + x21 = (uint8_t)(x20 >> 8); + x22 = (x5 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (x24 >> 8); + x26 = (x25 >> 8); + x27 = (x26 >> 8); + x28 = (uint8_t)(x27 >> 8); + x29 = (x4 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (x31 >> 8); + x33 = (x32 >> 8); + x34 = (x33 >> 8); + x35 = (uint8_t)(x34 >> 8); + x36 = (x3 >> 8); + x37 = (x36 >> 8); + x38 = (x37 >> 8); + x39 = (x38 >> 8); + x40 = (x39 >> 8); + x41 = (x40 >> 8); + x42 = (uint8_t)(x41 >> 8); + x43 = (x2 >> 8); + x44 = (x43 >> 8); + x45 = (x44 >> 8); + x46 = (x45 >> 8); + x47 = (x46 >> 8); + x48 = (x47 >> 8); + x49 = (uint8_t)(x48 >> 8); + x50 = (x1 >> 8); + x51 = (x50 >> 8); + x52 = (x51 >> 8); + x53 = (x52 >> 8); + x54 = (x53 >> 8); + x55 = (uint8_t)(x54 >> 8); + out1[0] = (uint8_t)x7; + out1[1] = (uint8_t)x8; + out1[2] = (uint8_t)x9; + out1[3] = (uint8_t)x10; + out1[4] = (uint8_t)x11; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = (uint8_t)x17; + out1[12] = (uint8_t)x18; + out1[13] = (uint8_t)x19; + out1[14] = (uint8_t)x20; + out1[15] = x21; + out1[16] = (uint8_t)x5; + out1[17] = (uint8_t)x22; + out1[18] = (uint8_t)x23; + out1[19] = (uint8_t)x24; + out1[20] = (uint8_t)x25; + out1[21] = (uint8_t)x26; + out1[22] = (uint8_t)x27; + out1[23] = x28; + out1[24] = (uint8_t)x4; + out1[25] = (uint8_t)x29; + out1[26] = (uint8_t)x30; + out1[27] = (uint8_t)x31; + out1[28] = (uint8_t)x32; + out1[29] = (uint8_t)x33; + out1[30] = (uint8_t)x34; + out1[31] = x35; + out1[32] = (uint8_t)x3; + out1[33] = (uint8_t)x36; + out1[34] = (uint8_t)x37; + out1[35] = (uint8_t)x38; + out1[36] = (uint8_t)x39; + out1[37] = (uint8_t)x40; + out1[38] = (uint8_t)x41; + out1[39] = x42; + out1[40] = (uint8_t)x2; + out1[41] = (uint8_t)x43; + out1[42] = (uint8_t)x44; + out1[43] = (uint8_t)x45; + out1[44] = (uint8_t)x46; + out1[45] = (uint8_t)x47; + out1[46] = (uint8_t)x48; + out1[47] = x49; + out1[48] = (uint8_t)x1; + out1[49] = (uint8_t)x50; + out1[50] = (uint8_t)x51; + out1[51] = (uint8_t)x52; + out1[52] = (uint8_t)x53; + out1[53] = (uint8_t)x54; + out1[54] = x55; } /* @@ -4537,7 +4437,7 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out uint64_t x116; uint64_t x117; uint64_t x118; - fiat_p434_uint1 x119; + uint64_t x119; uint64_t x120; uint64_t x121; uint64_t x122; @@ -4546,22 +4446,22 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out uint64_t x125; uint64_t x126; uint64_t x127; - uint64_t x128; - fiat_p434_uint1 x129; - uint64_t x130; - fiat_p434_uint1 x131; - uint64_t x132; - fiat_p434_uint1 x133; - uint64_t x134; - fiat_p434_uint1 x135; - uint64_t x136; - fiat_p434_uint1 x137; - uint64_t x138; - fiat_p434_uint1 x139; - uint64_t x140; - fiat_p434_uint1 x141; - uint64_t x142; - fiat_p434_uint1 x143; + fiat_p434_uint1 x128; + uint64_t x129; + fiat_p434_uint1 x130; + uint64_t x131; + fiat_p434_uint1 x132; + uint64_t x133; + fiat_p434_uint1 x134; + uint64_t x135; + fiat_p434_uint1 x136; + uint64_t x137; + fiat_p434_uint1 x138; + uint64_t x139; + fiat_p434_uint1 x140; + uint64_t x141; + fiat_p434_uint1 x142; + uint64_t x143; uint64_t x144; uint64_t x145; uint64_t x146; @@ -4569,38 +4469,38 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out uint64_t x148; uint64_t x149; uint64_t x150; - uint64_t x151; - fiat_p434_uint1 x152; - uint64_t x153; - fiat_p434_uint1 x154; - uint64_t x155; - fiat_p434_uint1 x156; - uint64_t x157; - fiat_p434_uint1 x158; - uint64_t x159; - fiat_p434_uint1 x160; - uint64_t x161; - fiat_p434_uint1 x162; - uint64_t x163; - fiat_p434_uint1 x164; - uint64_t x165; - fiat_p434_uint1 x166; - uint64_t x167; - fiat_p434_uint1 x168; - uint64_t x169; - fiat_p434_uint1 x170; - uint64_t x171; - fiat_p434_uint1 x172; - uint64_t x173; - fiat_p434_uint1 x174; - uint64_t x175; - fiat_p434_uint1 x176; - uint64_t x177; - fiat_p434_uint1 x178; - uint64_t x179; - fiat_p434_uint1 x180; - uint64_t x181; - fiat_p434_uint1 x182; + fiat_p434_uint1 x151; + uint64_t x152; + fiat_p434_uint1 x153; + uint64_t x154; + fiat_p434_uint1 x155; + uint64_t x156; + fiat_p434_uint1 x157; + uint64_t x158; + fiat_p434_uint1 x159; + uint64_t x160; + fiat_p434_uint1 x161; + uint64_t x162; + fiat_p434_uint1 x163; + uint64_t x164; + fiat_p434_uint1 x165; + uint64_t x166; + fiat_p434_uint1 x167; + uint64_t x168; + fiat_p434_uint1 x169; + uint64_t x170; + fiat_p434_uint1 x171; + uint64_t x172; + fiat_p434_uint1 x173; + uint64_t x174; + fiat_p434_uint1 x175; + uint64_t x176; + fiat_p434_uint1 x177; + uint64_t x178; + fiat_p434_uint1 x179; + uint64_t x180; + fiat_p434_uint1 x181; + uint64_t x182; uint64_t x183; uint64_t x184; uint64_t x185; @@ -4622,9 +4522,8 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out uint64_t x201; uint64_t x202; uint64_t x203; - uint64_t x204; fiat_p434_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_p434_uint1)((fiat_p434_uint1)(x1 >> 63) & (fiat_p434_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_p434_uint1)((fiat_p434_uint1)(x1 >> 63) & (fiat_p434_uint1)(arg3[0])); fiat_p434_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_p434_cmovznz_u64(&x6, x3, arg1, x4); fiat_p434_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -4702,69 +4601,68 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out fiat_p434_cmovznz_u64(&x116, x3, (arg5[4]), x106); fiat_p434_cmovznz_u64(&x117, x3, (arg5[5]), x108); fiat_p434_cmovznz_u64(&x118, x3, (arg5[6]), x110); - x119 = (fiat_p434_uint1)(x31 & 0x1); - fiat_p434_cmovznz_u64(&x120, x119, 0x0, x7); - fiat_p434_cmovznz_u64(&x121, x119, 0x0, x8); - fiat_p434_cmovznz_u64(&x122, x119, 0x0, x9); - fiat_p434_cmovznz_u64(&x123, x119, 0x0, x10); - fiat_p434_cmovznz_u64(&x124, x119, 0x0, x11); - fiat_p434_cmovznz_u64(&x125, x119, 0x0, x12); - fiat_p434_cmovznz_u64(&x126, x119, 0x0, x13); - fiat_p434_cmovznz_u64(&x127, x119, 0x0, x14); - fiat_p434_addcarryx_u64(&x128, &x129, 0x0, x31, x120); - fiat_p434_addcarryx_u64(&x130, &x131, x129, x32, x121); - fiat_p434_addcarryx_u64(&x132, &x133, x131, x33, x122); - fiat_p434_addcarryx_u64(&x134, &x135, x133, x34, x123); - fiat_p434_addcarryx_u64(&x136, &x137, x135, x35, x124); - fiat_p434_addcarryx_u64(&x138, &x139, x137, x36, x125); - fiat_p434_addcarryx_u64(&x140, &x141, x139, x37, x126); - fiat_p434_addcarryx_u64(&x142, &x143, x141, x38, x127); - fiat_p434_cmovznz_u64(&x144, x119, 0x0, x39); - fiat_p434_cmovznz_u64(&x145, x119, 0x0, x40); - fiat_p434_cmovznz_u64(&x146, x119, 0x0, x41); - fiat_p434_cmovznz_u64(&x147, x119, 0x0, x42); - fiat_p434_cmovznz_u64(&x148, x119, 0x0, x43); - fiat_p434_cmovznz_u64(&x149, x119, 0x0, x44); - fiat_p434_cmovznz_u64(&x150, x119, 0x0, x45); - fiat_p434_addcarryx_u64(&x151, &x152, 0x0, x112, x144); - fiat_p434_addcarryx_u64(&x153, &x154, x152, x113, x145); - fiat_p434_addcarryx_u64(&x155, &x156, x154, x114, x146); - fiat_p434_addcarryx_u64(&x157, &x158, x156, x115, x147); - fiat_p434_addcarryx_u64(&x159, &x160, x158, x116, x148); - fiat_p434_addcarryx_u64(&x161, &x162, x160, x117, x149); - fiat_p434_addcarryx_u64(&x163, &x164, x162, x118, x150); - fiat_p434_subborrowx_u64(&x165, &x166, 0x0, x151, UINT64_C(0xffffffffffffffff)); - fiat_p434_subborrowx_u64(&x167, &x168, x166, x153, UINT64_C(0xffffffffffffffff)); - fiat_p434_subborrowx_u64(&x169, &x170, x168, x155, UINT64_C(0xffffffffffffffff)); - fiat_p434_subborrowx_u64(&x171, &x172, x170, x157, UINT64_C(0xfdc1767ae2ffffff)); - fiat_p434_subborrowx_u64(&x173, &x174, x172, x159, UINT64_C(0x7bc65c783158aea3)); - fiat_p434_subborrowx_u64(&x175, &x176, x174, x161, UINT64_C(0x6cfc5fd681c52056)); - fiat_p434_subborrowx_u64(&x177, &x178, x176, x163, UINT64_C(0x2341f27177344)); - fiat_p434_subborrowx_u64(&x179, &x180, x178, x164, 0x0); - fiat_p434_addcarryx_u64(&x181, &x182, 0x0, x6, 0x1); - x183 = ((x128 >> 1) | ((x130 << 63) & UINT64_C(0xffffffffffffffff))); - x184 = ((x130 >> 1) | ((x132 << 63) & UINT64_C(0xffffffffffffffff))); - x185 = ((x132 >> 1) | ((x134 << 63) & UINT64_C(0xffffffffffffffff))); - x186 = ((x134 >> 1) | ((x136 << 63) & UINT64_C(0xffffffffffffffff))); - x187 = ((x136 >> 1) | ((x138 << 63) & UINT64_C(0xffffffffffffffff))); - x188 = ((x138 >> 1) | ((x140 << 63) & UINT64_C(0xffffffffffffffff))); - x189 = ((x140 >> 1) | ((x142 << 63) & UINT64_C(0xffffffffffffffff))); - x190 = ((x142 & UINT64_C(0x8000000000000000)) | (x142 >> 1)); - fiat_p434_cmovznz_u64(&x191, x75, x60, x46); - fiat_p434_cmovznz_u64(&x192, x75, x62, x48); - fiat_p434_cmovznz_u64(&x193, x75, x64, x50); - fiat_p434_cmovznz_u64(&x194, x75, x66, x52); - fiat_p434_cmovznz_u64(&x195, x75, x68, x54); - fiat_p434_cmovznz_u64(&x196, x75, x70, x56); - fiat_p434_cmovznz_u64(&x197, x75, x72, x58); - fiat_p434_cmovznz_u64(&x198, x180, x165, x151); - fiat_p434_cmovznz_u64(&x199, x180, x167, x153); - fiat_p434_cmovznz_u64(&x200, x180, x169, x155); - fiat_p434_cmovznz_u64(&x201, x180, x171, x157); - fiat_p434_cmovznz_u64(&x202, x180, x173, x159); - fiat_p434_cmovznz_u64(&x203, x180, x175, x161); - fiat_p434_cmovznz_u64(&x204, x180, x177, x163); - *out1 = x181; + fiat_p434_cmovznz_u64(&x119, (fiat_p434_uint1)x31, 0x0, x7); + fiat_p434_cmovznz_u64(&x120, (fiat_p434_uint1)x31, 0x0, x8); + fiat_p434_cmovznz_u64(&x121, (fiat_p434_uint1)x31, 0x0, x9); + fiat_p434_cmovznz_u64(&x122, (fiat_p434_uint1)x31, 0x0, x10); + fiat_p434_cmovznz_u64(&x123, (fiat_p434_uint1)x31, 0x0, x11); + fiat_p434_cmovznz_u64(&x124, (fiat_p434_uint1)x31, 0x0, x12); + fiat_p434_cmovznz_u64(&x125, (fiat_p434_uint1)x31, 0x0, x13); + fiat_p434_cmovznz_u64(&x126, (fiat_p434_uint1)x31, 0x0, x14); + fiat_p434_addcarryx_u64(&x127, &x128, 0x0, x31, x119); + fiat_p434_addcarryx_u64(&x129, &x130, x128, x32, x120); + fiat_p434_addcarryx_u64(&x131, &x132, x130, x33, x121); + fiat_p434_addcarryx_u64(&x133, &x134, x132, x34, x122); + fiat_p434_addcarryx_u64(&x135, &x136, x134, x35, x123); + fiat_p434_addcarryx_u64(&x137, &x138, x136, x36, x124); + fiat_p434_addcarryx_u64(&x139, &x140, x138, x37, x125); + fiat_p434_addcarryx_u64(&x141, &x142, x140, x38, x126); + fiat_p434_cmovznz_u64(&x143, (fiat_p434_uint1)x31, 0x0, x39); + fiat_p434_cmovznz_u64(&x144, (fiat_p434_uint1)x31, 0x0, x40); + fiat_p434_cmovznz_u64(&x145, (fiat_p434_uint1)x31, 0x0, x41); + fiat_p434_cmovznz_u64(&x146, (fiat_p434_uint1)x31, 0x0, x42); + fiat_p434_cmovznz_u64(&x147, (fiat_p434_uint1)x31, 0x0, x43); + fiat_p434_cmovznz_u64(&x148, (fiat_p434_uint1)x31, 0x0, x44); + fiat_p434_cmovznz_u64(&x149, (fiat_p434_uint1)x31, 0x0, x45); + fiat_p434_addcarryx_u64(&x150, &x151, 0x0, x112, x143); + fiat_p434_addcarryx_u64(&x152, &x153, x151, x113, x144); + fiat_p434_addcarryx_u64(&x154, &x155, x153, x114, x145); + fiat_p434_addcarryx_u64(&x156, &x157, x155, x115, x146); + fiat_p434_addcarryx_u64(&x158, &x159, x157, x116, x147); + fiat_p434_addcarryx_u64(&x160, &x161, x159, x117, x148); + fiat_p434_addcarryx_u64(&x162, &x163, x161, x118, x149); + fiat_p434_subborrowx_u64(&x164, &x165, 0x0, x150, UINT64_C(0xffffffffffffffff)); + fiat_p434_subborrowx_u64(&x166, &x167, x165, x152, UINT64_C(0xffffffffffffffff)); + fiat_p434_subborrowx_u64(&x168, &x169, x167, x154, UINT64_C(0xffffffffffffffff)); + fiat_p434_subborrowx_u64(&x170, &x171, x169, x156, UINT64_C(0xfdc1767ae2ffffff)); + fiat_p434_subborrowx_u64(&x172, &x173, x171, x158, UINT64_C(0x7bc65c783158aea3)); + fiat_p434_subborrowx_u64(&x174, &x175, x173, x160, UINT64_C(0x6cfc5fd681c52056)); + fiat_p434_subborrowx_u64(&x176, &x177, x175, x162, UINT64_C(0x2341f27177344)); + fiat_p434_subborrowx_u64(&x178, &x179, x177, x163, 0x0); + fiat_p434_addcarryx_u64(&x180, &x181, 0x0, x6, 0x1); + x182 = ((x127 >> 1) | ((x129 << 63) & UINT64_C(0xffffffffffffffff))); + x183 = ((x129 >> 1) | ((x131 << 63) & UINT64_C(0xffffffffffffffff))); + x184 = ((x131 >> 1) | ((x133 << 63) & UINT64_C(0xffffffffffffffff))); + x185 = ((x133 >> 1) | ((x135 << 63) & UINT64_C(0xffffffffffffffff))); + x186 = ((x135 >> 1) | ((x137 << 63) & UINT64_C(0xffffffffffffffff))); + x187 = ((x137 >> 1) | ((x139 << 63) & UINT64_C(0xffffffffffffffff))); + x188 = ((x139 >> 1) | ((x141 << 63) & UINT64_C(0xffffffffffffffff))); + x189 = ((x141 & UINT64_C(0x8000000000000000)) | (x141 >> 1)); + fiat_p434_cmovznz_u64(&x190, x75, x60, x46); + fiat_p434_cmovznz_u64(&x191, x75, x62, x48); + fiat_p434_cmovznz_u64(&x192, x75, x64, x50); + fiat_p434_cmovznz_u64(&x193, x75, x66, x52); + fiat_p434_cmovznz_u64(&x194, x75, x68, x54); + fiat_p434_cmovznz_u64(&x195, x75, x70, x56); + fiat_p434_cmovznz_u64(&x196, x75, x72, x58); + fiat_p434_cmovznz_u64(&x197, x179, x164, x150); + fiat_p434_cmovznz_u64(&x198, x179, x166, x152); + fiat_p434_cmovznz_u64(&x199, x179, x168, x154); + fiat_p434_cmovznz_u64(&x200, x179, x170, x156); + fiat_p434_cmovznz_u64(&x201, x179, x172, x158); + fiat_p434_cmovznz_u64(&x202, x179, x174, x160); + fiat_p434_cmovznz_u64(&x203, x179, x176, x162); + *out1 = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4773,28 +4671,28 @@ static FIAT_P434_FIAT_INLINE void fiat_p434_divstep(uint64_t* out1, uint64_t out out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /* diff --git a/fiat-c/src/p448_solinas_32.c b/fiat-c/src/p448_solinas_32.c index 6cb486f5e4..4cbec0e2fb 100644 --- a/fiat-c/src/p448_solinas_32.c +++ b/fiat-c/src/p448_solinas_32.c @@ -2240,110 +2240,62 @@ static FIAT_P448_FIAT_INLINE void fiat_p448_to_bytes(uint8_t out1[56], const fia uint32_t x71; uint32_t x72; uint32_t x73; - uint8_t x74; + uint32_t x74; uint32_t x75; uint8_t x76; uint32_t x77; - uint8_t x78; - uint8_t x79; - uint32_t x80; - uint8_t x81; + uint32_t x78; + uint32_t x79; + uint8_t x80; + uint32_t x81; uint32_t x82; uint8_t x83; uint32_t x84; - uint8_t x85; - uint8_t x86; + uint32_t x85; + uint32_t x86; uint8_t x87; uint32_t x88; - uint8_t x89; - uint32_t x90; - uint8_t x91; - uint8_t x92; + uint32_t x89; + uint8_t x90; + uint32_t x91; + uint32_t x92; uint32_t x93; uint8_t x94; uint32_t x95; - uint8_t x96; - uint32_t x97; - uint8_t x98; - uint8_t x99; - uint8_t x100; - uint32_t x101; - uint8_t x102; + uint32_t x96; + uint8_t x97; + uint32_t x98; + uint32_t x99; + uint32_t x100; + uint8_t x101; + uint32_t x102; uint32_t x103; uint8_t x104; - uint8_t x105; + uint32_t x105; uint32_t x106; - uint8_t x107; - uint32_t x108; - uint8_t x109; + uint32_t x107; + uint8_t x108; + uint32_t x109; uint32_t x110; uint8_t x111; - uint8_t x112; - uint8_t x113; + uint32_t x112; + uint32_t x113; uint32_t x114; uint8_t x115; uint32_t x116; - uint8_t x117; + uint32_t x117; uint8_t x118; uint32_t x119; - uint8_t x120; + uint32_t x120; uint32_t x121; uint8_t x122; uint32_t x123; - uint8_t x124; + uint32_t x124; uint8_t x125; - uint8_t x126; + uint32_t x126; uint32_t x127; - uint8_t x128; - uint32_t x129; - uint8_t x130; - uint8_t x131; - uint32_t x132; - uint8_t x133; - uint32_t x134; - uint8_t x135; - uint32_t x136; - uint8_t x137; - uint8_t x138; - uint8_t x139; - uint32_t x140; - uint8_t x141; - uint32_t x142; - uint8_t x143; - uint8_t x144; - uint32_t x145; - uint8_t x146; - uint32_t x147; - uint8_t x148; - uint32_t x149; - uint8_t x150; - uint8_t x151; - uint8_t x152; - uint32_t x153; - uint8_t x154; - uint32_t x155; - uint8_t x156; - uint8_t x157; - uint32_t x158; - uint8_t x159; - uint32_t x160; - uint8_t x161; - uint32_t x162; - uint8_t x163; - uint8_t x164; - uint8_t x165; - uint32_t x166; - uint8_t x167; - uint32_t x168; - uint8_t x169; - uint8_t x170; - uint32_t x171; - uint8_t x172; - uint32_t x173; - uint8_t x174; - uint32_t x175; - uint8_t x176; - uint8_t x177; + uint32_t x128; + uint8_t x129; fiat_p448_subborrowx_u28(&x1, &x2, 0x0, (arg1[0]), UINT32_C(0xfffffff)); fiat_p448_subborrowx_u28(&x3, &x4, x2, (arg1[1]), UINT32_C(0xfffffff)); fiat_p448_subborrowx_u28(&x5, &x6, x4, (arg1[2]), UINT32_C(0xfffffff)); @@ -2385,166 +2337,118 @@ static FIAT_P448_FIAT_INLINE void fiat_p448_to_bytes(uint8_t out1[56], const fia x71 = (x44 << 4); x72 = (x40 << 4); x73 = (x36 << 4); - x74 = (uint8_t)(x34 & UINT8_C(0xff)); - x75 = (x34 >> 8); - x76 = (uint8_t)(x75 & UINT8_C(0xff)); - x77 = (x75 >> 8); - x78 = (uint8_t)(x77 & UINT8_C(0xff)); - x79 = (uint8_t)(x77 >> 8); - x80 = (x73 + (uint32_t)x79); - x81 = (uint8_t)(x80 & UINT8_C(0xff)); - x82 = (x80 >> 8); - x83 = (uint8_t)(x82 & UINT8_C(0xff)); - x84 = (x82 >> 8); - x85 = (uint8_t)(x84 & UINT8_C(0xff)); - x86 = (uint8_t)(x84 >> 8); - x87 = (uint8_t)(x38 & UINT8_C(0xff)); - x88 = (x38 >> 8); - x89 = (uint8_t)(x88 & UINT8_C(0xff)); - x90 = (x88 >> 8); - x91 = (uint8_t)(x90 & UINT8_C(0xff)); - x92 = (uint8_t)(x90 >> 8); - x93 = (x72 + (uint32_t)x92); - x94 = (uint8_t)(x93 & UINT8_C(0xff)); - x95 = (x93 >> 8); - x96 = (uint8_t)(x95 & UINT8_C(0xff)); - x97 = (x95 >> 8); - x98 = (uint8_t)(x97 & UINT8_C(0xff)); - x99 = (uint8_t)(x97 >> 8); - x100 = (uint8_t)(x42 & UINT8_C(0xff)); - x101 = (x42 >> 8); - x102 = (uint8_t)(x101 & UINT8_C(0xff)); - x103 = (x101 >> 8); - x104 = (uint8_t)(x103 & UINT8_C(0xff)); - x105 = (uint8_t)(x103 >> 8); - x106 = (x71 + (uint32_t)x105); - x107 = (uint8_t)(x106 & UINT8_C(0xff)); - x108 = (x106 >> 8); - x109 = (uint8_t)(x108 & UINT8_C(0xff)); - x110 = (x108 >> 8); - x111 = (uint8_t)(x110 & UINT8_C(0xff)); - x112 = (uint8_t)(x110 >> 8); - x113 = (uint8_t)(x46 & UINT8_C(0xff)); - x114 = (x46 >> 8); - x115 = (uint8_t)(x114 & UINT8_C(0xff)); - x116 = (x114 >> 8); - x117 = (uint8_t)(x116 & UINT8_C(0xff)); - x118 = (uint8_t)(x116 >> 8); - x119 = (x70 + (uint32_t)x118); - x120 = (uint8_t)(x119 & UINT8_C(0xff)); - x121 = (x119 >> 8); - x122 = (uint8_t)(x121 & UINT8_C(0xff)); - x123 = (x121 >> 8); - x124 = (uint8_t)(x123 & UINT8_C(0xff)); - x125 = (uint8_t)(x123 >> 8); - x126 = (uint8_t)(x50 & UINT8_C(0xff)); - x127 = (x50 >> 8); - x128 = (uint8_t)(x127 & UINT8_C(0xff)); - x129 = (x127 >> 8); - x130 = (uint8_t)(x129 & UINT8_C(0xff)); - x131 = (uint8_t)(x129 >> 8); - x132 = (x69 + (uint32_t)x131); - x133 = (uint8_t)(x132 & UINT8_C(0xff)); - x134 = (x132 >> 8); - x135 = (uint8_t)(x134 & UINT8_C(0xff)); - x136 = (x134 >> 8); - x137 = (uint8_t)(x136 & UINT8_C(0xff)); - x138 = (uint8_t)(x136 >> 8); - x139 = (uint8_t)(x54 & UINT8_C(0xff)); - x140 = (x54 >> 8); - x141 = (uint8_t)(x140 & UINT8_C(0xff)); - x142 = (x140 >> 8); - x143 = (uint8_t)(x142 & UINT8_C(0xff)); - x144 = (uint8_t)(x142 >> 8); - x145 = (x68 + (uint32_t)x144); - x146 = (uint8_t)(x145 & UINT8_C(0xff)); - x147 = (x145 >> 8); - x148 = (uint8_t)(x147 & UINT8_C(0xff)); - x149 = (x147 >> 8); - x150 = (uint8_t)(x149 & UINT8_C(0xff)); - x151 = (uint8_t)(x149 >> 8); - x152 = (uint8_t)(x58 & UINT8_C(0xff)); - x153 = (x58 >> 8); - x154 = (uint8_t)(x153 & UINT8_C(0xff)); - x155 = (x153 >> 8); - x156 = (uint8_t)(x155 & UINT8_C(0xff)); - x157 = (uint8_t)(x155 >> 8); - x158 = (x67 + (uint32_t)x157); - x159 = (uint8_t)(x158 & UINT8_C(0xff)); - x160 = (x158 >> 8); - x161 = (uint8_t)(x160 & UINT8_C(0xff)); - x162 = (x160 >> 8); - x163 = (uint8_t)(x162 & UINT8_C(0xff)); - x164 = (uint8_t)(x162 >> 8); - x165 = (uint8_t)(x62 & UINT8_C(0xff)); - x166 = (x62 >> 8); - x167 = (uint8_t)(x166 & UINT8_C(0xff)); - x168 = (x166 >> 8); - x169 = (uint8_t)(x168 & UINT8_C(0xff)); - x170 = (uint8_t)(x168 >> 8); - x171 = (x66 + (uint32_t)x170); - x172 = (uint8_t)(x171 & UINT8_C(0xff)); - x173 = (x171 >> 8); - x174 = (uint8_t)(x173 & UINT8_C(0xff)); - x175 = (x173 >> 8); - x176 = (uint8_t)(x175 & UINT8_C(0xff)); - x177 = (uint8_t)(x175 >> 8); - out1[0] = x74; - out1[1] = x76; - out1[2] = x78; - out1[3] = x81; - out1[4] = x83; - out1[5] = x85; - out1[6] = x86; - out1[7] = x87; - out1[8] = x89; - out1[9] = x91; - out1[10] = x94; - out1[11] = x96; - out1[12] = x98; - out1[13] = x99; - out1[14] = x100; - out1[15] = x102; - out1[16] = x104; - out1[17] = x107; - out1[18] = x109; - out1[19] = x111; - out1[20] = x112; - out1[21] = x113; - out1[22] = x115; - out1[23] = x117; - out1[24] = x120; - out1[25] = x122; - out1[26] = x124; - out1[27] = x125; - out1[28] = x126; - out1[29] = x128; - out1[30] = x130; - out1[31] = x133; - out1[32] = x135; - out1[33] = x137; - out1[34] = x138; - out1[35] = x139; - out1[36] = x141; - out1[37] = x143; - out1[38] = x146; - out1[39] = x148; - out1[40] = x150; - out1[41] = x151; - out1[42] = x152; - out1[43] = x154; - out1[44] = x156; - out1[45] = x159; - out1[46] = x161; - out1[47] = x163; - out1[48] = x164; - out1[49] = x165; - out1[50] = x167; - out1[51] = x169; - out1[52] = x172; - out1[53] = x174; - out1[54] = x176; - out1[55] = x177; + x74 = (x34 >> 8); + x75 = (x74 >> 8); + x76 = (uint8_t)(x75 >> 8); + x77 = (x73 + (uint32_t)x76); + x78 = (x77 >> 8); + x79 = (x78 >> 8); + x80 = (uint8_t)(x79 >> 8); + x81 = (x38 >> 8); + x82 = (x81 >> 8); + x83 = (uint8_t)(x82 >> 8); + x84 = (x72 + (uint32_t)x83); + x85 = (x84 >> 8); + x86 = (x85 >> 8); + x87 = (uint8_t)(x86 >> 8); + x88 = (x42 >> 8); + x89 = (x88 >> 8); + x90 = (uint8_t)(x89 >> 8); + x91 = (x71 + (uint32_t)x90); + x92 = (x91 >> 8); + x93 = (x92 >> 8); + x94 = (uint8_t)(x93 >> 8); + x95 = (x46 >> 8); + x96 = (x95 >> 8); + x97 = (uint8_t)(x96 >> 8); + x98 = (x70 + (uint32_t)x97); + x99 = (x98 >> 8); + x100 = (x99 >> 8); + x101 = (uint8_t)(x100 >> 8); + x102 = (x50 >> 8); + x103 = (x102 >> 8); + x104 = (uint8_t)(x103 >> 8); + x105 = (x69 + (uint32_t)x104); + x106 = (x105 >> 8); + x107 = (x106 >> 8); + x108 = (uint8_t)(x107 >> 8); + x109 = (x54 >> 8); + x110 = (x109 >> 8); + x111 = (uint8_t)(x110 >> 8); + x112 = (x68 + (uint32_t)x111); + x113 = (x112 >> 8); + x114 = (x113 >> 8); + x115 = (uint8_t)(x114 >> 8); + x116 = (x58 >> 8); + x117 = (x116 >> 8); + x118 = (uint8_t)(x117 >> 8); + x119 = (x67 + (uint32_t)x118); + x120 = (x119 >> 8); + x121 = (x120 >> 8); + x122 = (uint8_t)(x121 >> 8); + x123 = (x62 >> 8); + x124 = (x123 >> 8); + x125 = (uint8_t)(x124 >> 8); + x126 = (x66 + (uint32_t)x125); + x127 = (x126 >> 8); + x128 = (x127 >> 8); + x129 = (uint8_t)(x128 >> 8); + out1[0] = (uint8_t)x34; + out1[1] = (uint8_t)x74; + out1[2] = (uint8_t)x75; + out1[3] = (uint8_t)x77; + out1[4] = (uint8_t)x78; + out1[5] = (uint8_t)x79; + out1[6] = x80; + out1[7] = (uint8_t)x38; + out1[8] = (uint8_t)x81; + out1[9] = (uint8_t)x82; + out1[10] = (uint8_t)x84; + out1[11] = (uint8_t)x85; + out1[12] = (uint8_t)x86; + out1[13] = x87; + out1[14] = (uint8_t)x42; + out1[15] = (uint8_t)x88; + out1[16] = (uint8_t)x89; + out1[17] = (uint8_t)x91; + out1[18] = (uint8_t)x92; + out1[19] = (uint8_t)x93; + out1[20] = x94; + out1[21] = (uint8_t)x46; + out1[22] = (uint8_t)x95; + out1[23] = (uint8_t)x96; + out1[24] = (uint8_t)x98; + out1[25] = (uint8_t)x99; + out1[26] = (uint8_t)x100; + out1[27] = x101; + out1[28] = (uint8_t)x50; + out1[29] = (uint8_t)x102; + out1[30] = (uint8_t)x103; + out1[31] = (uint8_t)x105; + out1[32] = (uint8_t)x106; + out1[33] = (uint8_t)x107; + out1[34] = x108; + out1[35] = (uint8_t)x54; + out1[36] = (uint8_t)x109; + out1[37] = (uint8_t)x110; + out1[38] = (uint8_t)x112; + out1[39] = (uint8_t)x113; + out1[40] = (uint8_t)x114; + out1[41] = x115; + out1[42] = (uint8_t)x58; + out1[43] = (uint8_t)x116; + out1[44] = (uint8_t)x117; + out1[45] = (uint8_t)x119; + out1[46] = (uint8_t)x120; + out1[47] = (uint8_t)x121; + out1[48] = x122; + out1[49] = (uint8_t)x62; + out1[50] = (uint8_t)x123; + out1[51] = (uint8_t)x124; + out1[52] = (uint8_t)x126; + out1[53] = (uint8_t)x127; + out1[54] = (uint8_t)x128; + out1[55] = x129; } /* diff --git a/fiat-c/src/p448_solinas_64.c b/fiat-c/src/p448_solinas_64.c index 2601f44bcf..c66456a75f 100644 --- a/fiat-c/src/p448_solinas_64.c +++ b/fiat-c/src/p448_solinas_64.c @@ -940,102 +940,54 @@ static FIAT_P448_FIAT_INLINE void fiat_p448_to_bytes(uint8_t out1[56], const fia fiat_p448_uint1 x31; uint64_t x32; fiat_p448_uint1 x33; - uint8_t x34; + uint64_t x34; uint64_t x35; - uint8_t x36; + uint64_t x36; uint64_t x37; - uint8_t x38; - uint64_t x39; - uint8_t x40; + uint64_t x38; + uint8_t x39; + uint64_t x40; uint64_t x41; - uint8_t x42; + uint64_t x42; uint64_t x43; - uint8_t x44; + uint64_t x44; uint8_t x45; - uint8_t x46; + uint64_t x46; uint64_t x47; - uint8_t x48; + uint64_t x48; uint64_t x49; - uint8_t x50; - uint64_t x51; - uint8_t x52; + uint64_t x50; + uint8_t x51; + uint64_t x52; uint64_t x53; - uint8_t x54; + uint64_t x54; uint64_t x55; - uint8_t x56; + uint64_t x56; uint8_t x57; - uint8_t x58; + uint64_t x58; uint64_t x59; - uint8_t x60; + uint64_t x60; uint64_t x61; - uint8_t x62; - uint64_t x63; - uint8_t x64; + uint64_t x62; + uint8_t x63; + uint64_t x64; uint64_t x65; - uint8_t x66; + uint64_t x66; uint64_t x67; - uint8_t x68; + uint64_t x68; uint8_t x69; - uint8_t x70; + uint64_t x70; uint64_t x71; - uint8_t x72; + uint64_t x72; uint64_t x73; - uint8_t x74; - uint64_t x75; - uint8_t x76; + uint64_t x74; + uint8_t x75; + uint64_t x76; uint64_t x77; - uint8_t x78; + uint64_t x78; uint64_t x79; - uint8_t x80; + uint64_t x80; uint8_t x81; - uint8_t x82; - uint64_t x83; - uint8_t x84; - uint64_t x85; - uint8_t x86; - uint64_t x87; - uint8_t x88; - uint64_t x89; - uint8_t x90; - uint64_t x91; - uint8_t x92; - uint8_t x93; - uint8_t x94; - uint64_t x95; - uint8_t x96; - uint64_t x97; - uint8_t x98; - uint64_t x99; - uint8_t x100; - uint64_t x101; - uint8_t x102; - uint64_t x103; - uint8_t x104; - uint8_t x105; - uint8_t x106; - uint64_t x107; - uint8_t x108; - uint64_t x109; - uint8_t x110; - uint64_t x111; - uint8_t x112; - uint64_t x113; - uint8_t x114; - uint64_t x115; - uint8_t x116; - uint8_t x117; - uint8_t x118; - uint64_t x119; - uint8_t x120; - uint64_t x121; - uint8_t x122; - uint64_t x123; - uint8_t x124; - uint64_t x125; - uint8_t x126; - uint64_t x127; - uint8_t x128; - uint8_t x129; fiat_p448_subborrowx_u56(&x1, &x2, 0x0, (arg1[0]), UINT64_C(0xffffffffffffff)); fiat_p448_subborrowx_u56(&x3, &x4, x2, (arg1[1]), UINT64_C(0xffffffffffffff)); fiat_p448_subborrowx_u56(&x5, &x6, x4, (arg1[2]), UINT64_C(0xffffffffffffff)); @@ -1053,158 +1005,110 @@ static FIAT_P448_FIAT_INLINE void fiat_p448_to_bytes(uint8_t out1[56], const fia fiat_p448_addcarryx_u56(&x28, &x29, x27, x11, (x17 & UINT64_C(0xffffffffffffff))); fiat_p448_addcarryx_u56(&x30, &x31, x29, x13, (x17 & UINT64_C(0xffffffffffffff))); fiat_p448_addcarryx_u56(&x32, &x33, x31, x15, (x17 & UINT64_C(0xffffffffffffff))); - x34 = (uint8_t)(x18 & UINT8_C(0xff)); - x35 = (x18 >> 8); - x36 = (uint8_t)(x35 & UINT8_C(0xff)); - x37 = (x35 >> 8); - x38 = (uint8_t)(x37 & UINT8_C(0xff)); - x39 = (x37 >> 8); - x40 = (uint8_t)(x39 & UINT8_C(0xff)); - x41 = (x39 >> 8); - x42 = (uint8_t)(x41 & UINT8_C(0xff)); - x43 = (x41 >> 8); - x44 = (uint8_t)(x43 & UINT8_C(0xff)); - x45 = (uint8_t)(x43 >> 8); - x46 = (uint8_t)(x20 & UINT8_C(0xff)); - x47 = (x20 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (x47 >> 8); - x50 = (uint8_t)(x49 & UINT8_C(0xff)); - x51 = (x49 >> 8); - x52 = (uint8_t)(x51 & UINT8_C(0xff)); - x53 = (x51 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (x53 >> 8); - x56 = (uint8_t)(x55 & UINT8_C(0xff)); - x57 = (uint8_t)(x55 >> 8); - x58 = (uint8_t)(x22 & UINT8_C(0xff)); - x59 = (x22 >> 8); - x60 = (uint8_t)(x59 & UINT8_C(0xff)); - x61 = (x59 >> 8); - x62 = (uint8_t)(x61 & UINT8_C(0xff)); - x63 = (x61 >> 8); - x64 = (uint8_t)(x63 & UINT8_C(0xff)); - x65 = (x63 >> 8); - x66 = (uint8_t)(x65 & UINT8_C(0xff)); - x67 = (x65 >> 8); - x68 = (uint8_t)(x67 & UINT8_C(0xff)); - x69 = (uint8_t)(x67 >> 8); - x70 = (uint8_t)(x24 & UINT8_C(0xff)); - x71 = (x24 >> 8); - x72 = (uint8_t)(x71 & UINT8_C(0xff)); - x73 = (x71 >> 8); - x74 = (uint8_t)(x73 & UINT8_C(0xff)); - x75 = (x73 >> 8); - x76 = (uint8_t)(x75 & UINT8_C(0xff)); - x77 = (x75 >> 8); - x78 = (uint8_t)(x77 & UINT8_C(0xff)); - x79 = (x77 >> 8); - x80 = (uint8_t)(x79 & UINT8_C(0xff)); - x81 = (uint8_t)(x79 >> 8); - x82 = (uint8_t)(x26 & UINT8_C(0xff)); - x83 = (x26 >> 8); - x84 = (uint8_t)(x83 & UINT8_C(0xff)); - x85 = (x83 >> 8); - x86 = (uint8_t)(x85 & UINT8_C(0xff)); - x87 = (x85 >> 8); - x88 = (uint8_t)(x87 & UINT8_C(0xff)); - x89 = (x87 >> 8); - x90 = (uint8_t)(x89 & UINT8_C(0xff)); - x91 = (x89 >> 8); - x92 = (uint8_t)(x91 & UINT8_C(0xff)); - x93 = (uint8_t)(x91 >> 8); - x94 = (uint8_t)(x28 & UINT8_C(0xff)); - x95 = (x28 >> 8); - x96 = (uint8_t)(x95 & UINT8_C(0xff)); - x97 = (x95 >> 8); - x98 = (uint8_t)(x97 & UINT8_C(0xff)); - x99 = (x97 >> 8); - x100 = (uint8_t)(x99 & UINT8_C(0xff)); - x101 = (x99 >> 8); - x102 = (uint8_t)(x101 & UINT8_C(0xff)); - x103 = (x101 >> 8); - x104 = (uint8_t)(x103 & UINT8_C(0xff)); - x105 = (uint8_t)(x103 >> 8); - x106 = (uint8_t)(x30 & UINT8_C(0xff)); - x107 = (x30 >> 8); - x108 = (uint8_t)(x107 & UINT8_C(0xff)); - x109 = (x107 >> 8); - x110 = (uint8_t)(x109 & UINT8_C(0xff)); - x111 = (x109 >> 8); - x112 = (uint8_t)(x111 & UINT8_C(0xff)); - x113 = (x111 >> 8); - x114 = (uint8_t)(x113 & UINT8_C(0xff)); - x115 = (x113 >> 8); - x116 = (uint8_t)(x115 & UINT8_C(0xff)); - x117 = (uint8_t)(x115 >> 8); - x118 = (uint8_t)(x32 & UINT8_C(0xff)); - x119 = (x32 >> 8); - x120 = (uint8_t)(x119 & UINT8_C(0xff)); - x121 = (x119 >> 8); - x122 = (uint8_t)(x121 & UINT8_C(0xff)); - x123 = (x121 >> 8); - x124 = (uint8_t)(x123 & UINT8_C(0xff)); - x125 = (x123 >> 8); - x126 = (uint8_t)(x125 & UINT8_C(0xff)); - x127 = (x125 >> 8); - x128 = (uint8_t)(x127 & UINT8_C(0xff)); - x129 = (uint8_t)(x127 >> 8); - out1[0] = x34; - out1[1] = x36; - out1[2] = x38; - out1[3] = x40; - out1[4] = x42; - out1[5] = x44; - out1[6] = x45; - out1[7] = x46; - out1[8] = x48; - out1[9] = x50; - out1[10] = x52; - out1[11] = x54; - out1[12] = x56; - out1[13] = x57; - out1[14] = x58; - out1[15] = x60; - out1[16] = x62; - out1[17] = x64; - out1[18] = x66; - out1[19] = x68; - out1[20] = x69; - out1[21] = x70; - out1[22] = x72; - out1[23] = x74; - out1[24] = x76; - out1[25] = x78; - out1[26] = x80; - out1[27] = x81; - out1[28] = x82; - out1[29] = x84; - out1[30] = x86; - out1[31] = x88; - out1[32] = x90; - out1[33] = x92; - out1[34] = x93; - out1[35] = x94; - out1[36] = x96; - out1[37] = x98; - out1[38] = x100; - out1[39] = x102; - out1[40] = x104; - out1[41] = x105; - out1[42] = x106; - out1[43] = x108; - out1[44] = x110; - out1[45] = x112; - out1[46] = x114; - out1[47] = x116; - out1[48] = x117; - out1[49] = x118; - out1[50] = x120; - out1[51] = x122; - out1[52] = x124; - out1[53] = x126; - out1[54] = x128; - out1[55] = x129; + x34 = (x18 >> 8); + x35 = (x34 >> 8); + x36 = (x35 >> 8); + x37 = (x36 >> 8); + x38 = (x37 >> 8); + x39 = (uint8_t)(x38 >> 8); + x40 = (x20 >> 8); + x41 = (x40 >> 8); + x42 = (x41 >> 8); + x43 = (x42 >> 8); + x44 = (x43 >> 8); + x45 = (uint8_t)(x44 >> 8); + x46 = (x22 >> 8); + x47 = (x46 >> 8); + x48 = (x47 >> 8); + x49 = (x48 >> 8); + x50 = (x49 >> 8); + x51 = (uint8_t)(x50 >> 8); + x52 = (x24 >> 8); + x53 = (x52 >> 8); + x54 = (x53 >> 8); + x55 = (x54 >> 8); + x56 = (x55 >> 8); + x57 = (uint8_t)(x56 >> 8); + x58 = (x26 >> 8); + x59 = (x58 >> 8); + x60 = (x59 >> 8); + x61 = (x60 >> 8); + x62 = (x61 >> 8); + x63 = (uint8_t)(x62 >> 8); + x64 = (x28 >> 8); + x65 = (x64 >> 8); + x66 = (x65 >> 8); + x67 = (x66 >> 8); + x68 = (x67 >> 8); + x69 = (uint8_t)(x68 >> 8); + x70 = (x30 >> 8); + x71 = (x70 >> 8); + x72 = (x71 >> 8); + x73 = (x72 >> 8); + x74 = (x73 >> 8); + x75 = (uint8_t)(x74 >> 8); + x76 = (x32 >> 8); + x77 = (x76 >> 8); + x78 = (x77 >> 8); + x79 = (x78 >> 8); + x80 = (x79 >> 8); + x81 = (uint8_t)(x80 >> 8); + out1[0] = (uint8_t)x18; + out1[1] = (uint8_t)x34; + out1[2] = (uint8_t)x35; + out1[3] = (uint8_t)x36; + out1[4] = (uint8_t)x37; + out1[5] = (uint8_t)x38; + out1[6] = x39; + out1[7] = (uint8_t)x20; + out1[8] = (uint8_t)x40; + out1[9] = (uint8_t)x41; + out1[10] = (uint8_t)x42; + out1[11] = (uint8_t)x43; + out1[12] = (uint8_t)x44; + out1[13] = x45; + out1[14] = (uint8_t)x22; + out1[15] = (uint8_t)x46; + out1[16] = (uint8_t)x47; + out1[17] = (uint8_t)x48; + out1[18] = (uint8_t)x49; + out1[19] = (uint8_t)x50; + out1[20] = x51; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x52; + out1[23] = (uint8_t)x53; + out1[24] = (uint8_t)x54; + out1[25] = (uint8_t)x55; + out1[26] = (uint8_t)x56; + out1[27] = x57; + out1[28] = (uint8_t)x26; + out1[29] = (uint8_t)x58; + out1[30] = (uint8_t)x59; + out1[31] = (uint8_t)x60; + out1[32] = (uint8_t)x61; + out1[33] = (uint8_t)x62; + out1[34] = x63; + out1[35] = (uint8_t)x28; + out1[36] = (uint8_t)x64; + out1[37] = (uint8_t)x65; + out1[38] = (uint8_t)x66; + out1[39] = (uint8_t)x67; + out1[40] = (uint8_t)x68; + out1[41] = x69; + out1[42] = (uint8_t)x30; + out1[43] = (uint8_t)x70; + out1[44] = (uint8_t)x71; + out1[45] = (uint8_t)x72; + out1[46] = (uint8_t)x73; + out1[47] = (uint8_t)x74; + out1[48] = x75; + out1[49] = (uint8_t)x32; + out1[50] = (uint8_t)x76; + out1[51] = (uint8_t)x77; + out1[52] = (uint8_t)x78; + out1[53] = (uint8_t)x79; + out1[54] = (uint8_t)x80; + out1[55] = x81; } /* diff --git a/fiat-c/src/p521_32.c b/fiat-c/src/p521_32.c index 7b1250690e..caeada13f3 100644 --- a/fiat-c/src/p521_32.c +++ b/fiat-c/src/p521_32.c @@ -2216,148 +2216,85 @@ static FIAT_P521_FIAT_INLINE void fiat_p521_to_bytes(uint8_t out1[66], const fia uint32_t x91; uint64_t x92; uint32_t x93; - uint8_t x94; + uint32_t x94; uint32_t x95; uint8_t x96; uint32_t x97; - uint8_t x98; - uint8_t x99; - uint32_t x100; - uint8_t x101; + uint32_t x98; + uint32_t x99; + uint8_t x100; + uint64_t x101; uint32_t x102; - uint8_t x103; + uint32_t x103; uint32_t x104; uint8_t x105; - uint8_t x106; - uint64_t x107; - uint8_t x108; - uint32_t x109; - uint8_t x110; + uint32_t x106; + uint32_t x107; + uint32_t x108; + uint8_t x109; + uint64_t x110; uint32_t x111; - uint8_t x112; + uint32_t x112; uint32_t x113; uint8_t x114; - uint8_t x115; + uint32_t x115; uint32_t x116; - uint8_t x117; - uint32_t x118; - uint8_t x119; + uint32_t x117; + uint8_t x118; + uint32_t x119; uint32_t x120; - uint8_t x121; + uint32_t x121; uint8_t x122; - uint64_t x123; - uint8_t x124; - uint32_t x125; - uint8_t x126; + uint32_t x123; + uint32_t x124; + uint8_t x125; + uint32_t x126; uint32_t x127; - uint8_t x128; - uint32_t x129; - uint8_t x130; - uint8_t x131; + uint32_t x128; + uint8_t x129; + uint64_t x130; + uint32_t x131; uint32_t x132; - uint8_t x133; - uint32_t x134; - uint8_t x135; + uint32_t x133; + uint8_t x134; + uint32_t x135; uint32_t x136; - uint8_t x137; + uint32_t x137; uint8_t x138; - uint32_t x139; - uint8_t x140; + uint64_t x139; + uint32_t x140; uint32_t x141; - uint8_t x142; - uint32_t x143; - uint8_t x144; - uint8_t x145; - uint8_t x146; - uint32_t x147; - uint8_t x148; + uint32_t x142; + uint8_t x143; + uint32_t x144; + uint32_t x145; + uint32_t x146; + uint8_t x147; + uint32_t x148; uint32_t x149; - uint8_t x150; + uint32_t x150; uint8_t x151; uint32_t x152; - uint8_t x153; - uint32_t x154; - uint8_t x155; + uint32_t x153; + uint8_t x154; + uint32_t x155; uint32_t x156; - uint8_t x157; + uint32_t x157; uint8_t x158; uint64_t x159; - uint8_t x160; + uint32_t x160; uint32_t x161; - uint8_t x162; - uint32_t x163; - uint8_t x164; + uint32_t x162; + uint8_t x163; + uint32_t x164; uint32_t x165; - uint8_t x166; + uint32_t x166; uint8_t x167; - uint32_t x168; - uint8_t x169; + uint64_t x168; + uint32_t x169; uint32_t x170; - uint8_t x171; - uint32_t x172; - uint8_t x173; - uint8_t x174; - uint64_t x175; - uint8_t x176; - uint32_t x177; - uint8_t x178; - uint32_t x179; - uint8_t x180; - uint32_t x181; - uint8_t x182; - uint8_t x183; - uint32_t x184; - uint8_t x185; - uint32_t x186; - uint8_t x187; - uint32_t x188; - uint8_t x189; - uint8_t x190; - uint32_t x191; - uint8_t x192; - uint32_t x193; - uint8_t x194; - uint32_t x195; - uint8_t x196; - uint8_t x197; - uint8_t x198; - uint32_t x199; - uint8_t x200; - uint32_t x201; - uint8_t x202; - uint8_t x203; - uint32_t x204; - uint8_t x205; - uint32_t x206; - uint8_t x207; - uint32_t x208; - uint8_t x209; - uint8_t x210; - uint64_t x211; - uint8_t x212; - uint32_t x213; - uint8_t x214; - uint32_t x215; - uint8_t x216; - uint32_t x217; - uint8_t x218; - uint8_t x219; - uint32_t x220; - uint8_t x221; - uint32_t x222; - uint8_t x223; - uint32_t x224; - uint8_t x225; - uint8_t x226; - uint64_t x227; - uint8_t x228; - uint32_t x229; - uint8_t x230; - uint32_t x231; - uint8_t x232; - uint32_t x233; - uint8_t x234; - fiat_p521_uint1 x235; + uint32_t x171; + fiat_p521_uint1 x172; fiat_p521_subborrowx_u28(&x1, &x2, 0x0, (arg1[0]), UINT32_C(0xfffffff)); fiat_p521_subborrowx_u27(&x3, &x4, x2, (arg1[1]), UINT32_C(0x7ffffff)); fiat_p521_subborrowx_u28(&x5, &x6, x4, (arg1[2]), UINT32_C(0xfffffff)); @@ -2413,214 +2350,151 @@ static FIAT_P521_FIAT_INLINE void fiat_p521_to_bytes(uint8_t out1[66], const fia x91 = (x46 << 3); x92 = ((uint64_t)x44 << 7); x93 = (x42 << 4); - x94 = (uint8_t)(x40 & UINT8_C(0xff)); - x95 = (x40 >> 8); - x96 = (uint8_t)(x95 & UINT8_C(0xff)); - x97 = (x95 >> 8); - x98 = (uint8_t)(x97 & UINT8_C(0xff)); - x99 = (uint8_t)(x97 >> 8); - x100 = (x93 + (uint32_t)x99); - x101 = (uint8_t)(x100 & UINT8_C(0xff)); - x102 = (x100 >> 8); - x103 = (uint8_t)(x102 & UINT8_C(0xff)); - x104 = (x102 >> 8); - x105 = (uint8_t)(x104 & UINT8_C(0xff)); - x106 = (uint8_t)(x104 >> 8); - x107 = (x92 + (uint64_t)x106); - x108 = (uint8_t)(x107 & UINT8_C(0xff)); - x109 = (uint32_t)(x107 >> 8); - x110 = (uint8_t)(x109 & UINT8_C(0xff)); - x111 = (x109 >> 8); - x112 = (uint8_t)(x111 & UINT8_C(0xff)); - x113 = (x111 >> 8); - x114 = (uint8_t)(x113 & UINT8_C(0xff)); - x115 = (uint8_t)(x113 >> 8); - x116 = (x91 + (uint32_t)x115); - x117 = (uint8_t)(x116 & UINT8_C(0xff)); - x118 = (x116 >> 8); - x119 = (uint8_t)(x118 & UINT8_C(0xff)); - x120 = (x118 >> 8); - x121 = (uint8_t)(x120 & UINT8_C(0xff)); - x122 = (uint8_t)(x120 >> 8); - x123 = (x90 + (uint64_t)x122); - x124 = (uint8_t)(x123 & UINT8_C(0xff)); - x125 = (uint32_t)(x123 >> 8); - x126 = (uint8_t)(x125 & UINT8_C(0xff)); - x127 = (x125 >> 8); - x128 = (uint8_t)(x127 & UINT8_C(0xff)); - x129 = (x127 >> 8); - x130 = (uint8_t)(x129 & UINT8_C(0xff)); - x131 = (uint8_t)(x129 >> 8); - x132 = (x89 + (uint32_t)x131); - x133 = (uint8_t)(x132 & UINT8_C(0xff)); - x134 = (x132 >> 8); - x135 = (uint8_t)(x134 & UINT8_C(0xff)); - x136 = (x134 >> 8); - x137 = (uint8_t)(x136 & UINT8_C(0xff)); - x138 = (uint8_t)(x136 >> 8); - x139 = (x88 + (uint32_t)x138); - x140 = (uint8_t)(x139 & UINT8_C(0xff)); - x141 = (x139 >> 8); - x142 = (uint8_t)(x141 & UINT8_C(0xff)); - x143 = (x141 >> 8); - x144 = (uint8_t)(x143 & UINT8_C(0xff)); - x145 = (uint8_t)(x143 >> 8); - x146 = (uint8_t)(x54 & UINT8_C(0xff)); - x147 = (x54 >> 8); - x148 = (uint8_t)(x147 & UINT8_C(0xff)); - x149 = (x147 >> 8); - x150 = (uint8_t)(x149 & UINT8_C(0xff)); - x151 = (uint8_t)(x149 >> 8); - x152 = (x87 + (uint32_t)x151); - x153 = (uint8_t)(x152 & UINT8_C(0xff)); - x154 = (x152 >> 8); - x155 = (uint8_t)(x154 & UINT8_C(0xff)); - x156 = (x154 >> 8); - x157 = (uint8_t)(x156 & UINT8_C(0xff)); - x158 = (uint8_t)(x156 >> 8); - x159 = (x86 + (uint64_t)x158); - x160 = (uint8_t)(x159 & UINT8_C(0xff)); - x161 = (uint32_t)(x159 >> 8); - x162 = (uint8_t)(x161 & UINT8_C(0xff)); - x163 = (x161 >> 8); - x164 = (uint8_t)(x163 & UINT8_C(0xff)); - x165 = (x163 >> 8); - x166 = (uint8_t)(x165 & UINT8_C(0xff)); - x167 = (uint8_t)(x165 >> 8); - x168 = (x85 + (uint32_t)x167); - x169 = (uint8_t)(x168 & UINT8_C(0xff)); - x170 = (x168 >> 8); - x171 = (uint8_t)(x170 & UINT8_C(0xff)); - x172 = (x170 >> 8); - x173 = (uint8_t)(x172 & UINT8_C(0xff)); - x174 = (uint8_t)(x172 >> 8); - x175 = (x84 + (uint64_t)x174); - x176 = (uint8_t)(x175 & UINT8_C(0xff)); - x177 = (uint32_t)(x175 >> 8); - x178 = (uint8_t)(x177 & UINT8_C(0xff)); - x179 = (x177 >> 8); - x180 = (uint8_t)(x179 & UINT8_C(0xff)); - x181 = (x179 >> 8); - x182 = (uint8_t)(x181 & UINT8_C(0xff)); - x183 = (uint8_t)(x181 >> 8); - x184 = (x83 + (uint32_t)x183); - x185 = (uint8_t)(x184 & UINT8_C(0xff)); - x186 = (x184 >> 8); - x187 = (uint8_t)(x186 & UINT8_C(0xff)); - x188 = (x186 >> 8); - x189 = (uint8_t)(x188 & UINT8_C(0xff)); - x190 = (uint8_t)(x188 >> 8); - x191 = (x82 + (uint32_t)x190); - x192 = (uint8_t)(x191 & UINT8_C(0xff)); - x193 = (x191 >> 8); - x194 = (uint8_t)(x193 & UINT8_C(0xff)); - x195 = (x193 >> 8); - x196 = (uint8_t)(x195 & UINT8_C(0xff)); - x197 = (uint8_t)(x195 >> 8); - x198 = (uint8_t)(x68 & UINT8_C(0xff)); - x199 = (x68 >> 8); - x200 = (uint8_t)(x199 & UINT8_C(0xff)); - x201 = (x199 >> 8); - x202 = (uint8_t)(x201 & UINT8_C(0xff)); - x203 = (uint8_t)(x201 >> 8); - x204 = (x81 + (uint32_t)x203); - x205 = (uint8_t)(x204 & UINT8_C(0xff)); - x206 = (x204 >> 8); - x207 = (uint8_t)(x206 & UINT8_C(0xff)); - x208 = (x206 >> 8); - x209 = (uint8_t)(x208 & UINT8_C(0xff)); - x210 = (uint8_t)(x208 >> 8); - x211 = (x80 + (uint64_t)x210); - x212 = (uint8_t)(x211 & UINT8_C(0xff)); - x213 = (uint32_t)(x211 >> 8); - x214 = (uint8_t)(x213 & UINT8_C(0xff)); - x215 = (x213 >> 8); - x216 = (uint8_t)(x215 & UINT8_C(0xff)); - x217 = (x215 >> 8); - x218 = (uint8_t)(x217 & UINT8_C(0xff)); - x219 = (uint8_t)(x217 >> 8); - x220 = (x79 + (uint32_t)x219); - x221 = (uint8_t)(x220 & UINT8_C(0xff)); - x222 = (x220 >> 8); - x223 = (uint8_t)(x222 & UINT8_C(0xff)); - x224 = (x222 >> 8); - x225 = (uint8_t)(x224 & UINT8_C(0xff)); - x226 = (uint8_t)(x224 >> 8); - x227 = (x78 + (uint64_t)x226); - x228 = (uint8_t)(x227 & UINT8_C(0xff)); - x229 = (uint32_t)(x227 >> 8); - x230 = (uint8_t)(x229 & UINT8_C(0xff)); - x231 = (x229 >> 8); - x232 = (uint8_t)(x231 & UINT8_C(0xff)); - x233 = (x231 >> 8); - x234 = (uint8_t)(x233 & UINT8_C(0xff)); - x235 = (fiat_p521_uint1)(x233 >> 8); - out1[0] = x94; - out1[1] = x96; - out1[2] = x98; - out1[3] = x101; - out1[4] = x103; - out1[5] = x105; - out1[6] = x108; - out1[7] = x110; - out1[8] = x112; - out1[9] = x114; - out1[10] = x117; - out1[11] = x119; - out1[12] = x121; - out1[13] = x124; - out1[14] = x126; - out1[15] = x128; - out1[16] = x130; - out1[17] = x133; - out1[18] = x135; - out1[19] = x137; - out1[20] = x140; - out1[21] = x142; - out1[22] = x144; - out1[23] = x145; - out1[24] = x146; - out1[25] = x148; - out1[26] = x150; - out1[27] = x153; - out1[28] = x155; - out1[29] = x157; - out1[30] = x160; - out1[31] = x162; - out1[32] = x164; - out1[33] = x166; - out1[34] = x169; - out1[35] = x171; - out1[36] = x173; - out1[37] = x176; - out1[38] = x178; - out1[39] = x180; - out1[40] = x182; - out1[41] = x185; - out1[42] = x187; - out1[43] = x189; - out1[44] = x192; - out1[45] = x194; - out1[46] = x196; - out1[47] = x197; - out1[48] = x198; - out1[49] = x200; - out1[50] = x202; - out1[51] = x205; - out1[52] = x207; - out1[53] = x209; - out1[54] = x212; - out1[55] = x214; - out1[56] = x216; - out1[57] = x218; - out1[58] = x221; - out1[59] = x223; - out1[60] = x225; - out1[61] = x228; - out1[62] = x230; - out1[63] = x232; - out1[64] = x234; - out1[65] = x235; + x94 = (x40 >> 8); + x95 = (x94 >> 8); + x96 = (uint8_t)(x95 >> 8); + x97 = (x93 + (uint32_t)x96); + x98 = (x97 >> 8); + x99 = (x98 >> 8); + x100 = (uint8_t)(x99 >> 8); + x101 = (x92 + (uint64_t)x100); + x102 = (uint32_t)(x101 >> 8); + x103 = (x102 >> 8); + x104 = (x103 >> 8); + x105 = (uint8_t)(x104 >> 8); + x106 = (x91 + (uint32_t)x105); + x107 = (x106 >> 8); + x108 = (x107 >> 8); + x109 = (uint8_t)(x108 >> 8); + x110 = (x90 + (uint64_t)x109); + x111 = (uint32_t)(x110 >> 8); + x112 = (x111 >> 8); + x113 = (x112 >> 8); + x114 = (uint8_t)(x113 >> 8); + x115 = (x89 + (uint32_t)x114); + x116 = (x115 >> 8); + x117 = (x116 >> 8); + x118 = (uint8_t)(x117 >> 8); + x119 = (x88 + (uint32_t)x118); + x120 = (x119 >> 8); + x121 = (x120 >> 8); + x122 = (uint8_t)(x121 >> 8); + x123 = (x54 >> 8); + x124 = (x123 >> 8); + x125 = (uint8_t)(x124 >> 8); + x126 = (x87 + (uint32_t)x125); + x127 = (x126 >> 8); + x128 = (x127 >> 8); + x129 = (uint8_t)(x128 >> 8); + x130 = (x86 + (uint64_t)x129); + x131 = (uint32_t)(x130 >> 8); + x132 = (x131 >> 8); + x133 = (x132 >> 8); + x134 = (uint8_t)(x133 >> 8); + x135 = (x85 + (uint32_t)x134); + x136 = (x135 >> 8); + x137 = (x136 >> 8); + x138 = (uint8_t)(x137 >> 8); + x139 = (x84 + (uint64_t)x138); + x140 = (uint32_t)(x139 >> 8); + x141 = (x140 >> 8); + x142 = (x141 >> 8); + x143 = (uint8_t)(x142 >> 8); + x144 = (x83 + (uint32_t)x143); + x145 = (x144 >> 8); + x146 = (x145 >> 8); + x147 = (uint8_t)(x146 >> 8); + x148 = (x82 + (uint32_t)x147); + x149 = (x148 >> 8); + x150 = (x149 >> 8); + x151 = (uint8_t)(x150 >> 8); + x152 = (x68 >> 8); + x153 = (x152 >> 8); + x154 = (uint8_t)(x153 >> 8); + x155 = (x81 + (uint32_t)x154); + x156 = (x155 >> 8); + x157 = (x156 >> 8); + x158 = (uint8_t)(x157 >> 8); + x159 = (x80 + (uint64_t)x158); + x160 = (uint32_t)(x159 >> 8); + x161 = (x160 >> 8); + x162 = (x161 >> 8); + x163 = (uint8_t)(x162 >> 8); + x164 = (x79 + (uint32_t)x163); + x165 = (x164 >> 8); + x166 = (x165 >> 8); + x167 = (uint8_t)(x166 >> 8); + x168 = (x78 + (uint64_t)x167); + x169 = (uint32_t)(x168 >> 8); + x170 = (x169 >> 8); + x171 = (x170 >> 8); + x172 = (fiat_p521_uint1)(x171 >> 8); + out1[0] = (uint8_t)x40; + out1[1] = (uint8_t)x94; + out1[2] = (uint8_t)x95; + out1[3] = (uint8_t)x97; + out1[4] = (uint8_t)x98; + out1[5] = (uint8_t)x99; + out1[6] = (uint8_t)x101; + out1[7] = (uint8_t)x102; + out1[8] = (uint8_t)x103; + out1[9] = (uint8_t)x104; + out1[10] = (uint8_t)x106; + out1[11] = (uint8_t)x107; + out1[12] = (uint8_t)x108; + out1[13] = (uint8_t)x110; + out1[14] = (uint8_t)x111; + out1[15] = (uint8_t)x112; + out1[16] = (uint8_t)x113; + out1[17] = (uint8_t)x115; + out1[18] = (uint8_t)x116; + out1[19] = (uint8_t)x117; + out1[20] = (uint8_t)x119; + out1[21] = (uint8_t)x120; + out1[22] = (uint8_t)x121; + out1[23] = x122; + out1[24] = (uint8_t)x54; + out1[25] = (uint8_t)x123; + out1[26] = (uint8_t)x124; + out1[27] = (uint8_t)x126; + out1[28] = (uint8_t)x127; + out1[29] = (uint8_t)x128; + out1[30] = (uint8_t)x130; + out1[31] = (uint8_t)x131; + out1[32] = (uint8_t)x132; + out1[33] = (uint8_t)x133; + out1[34] = (uint8_t)x135; + out1[35] = (uint8_t)x136; + out1[36] = (uint8_t)x137; + out1[37] = (uint8_t)x139; + out1[38] = (uint8_t)x140; + out1[39] = (uint8_t)x141; + out1[40] = (uint8_t)x142; + out1[41] = (uint8_t)x144; + out1[42] = (uint8_t)x145; + out1[43] = (uint8_t)x146; + out1[44] = (uint8_t)x148; + out1[45] = (uint8_t)x149; + out1[46] = (uint8_t)x150; + out1[47] = x151; + out1[48] = (uint8_t)x68; + out1[49] = (uint8_t)x152; + out1[50] = (uint8_t)x153; + out1[51] = (uint8_t)x155; + out1[52] = (uint8_t)x156; + out1[53] = (uint8_t)x157; + out1[54] = (uint8_t)x159; + out1[55] = (uint8_t)x160; + out1[56] = (uint8_t)x161; + out1[57] = (uint8_t)x162; + out1[58] = (uint8_t)x164; + out1[59] = (uint8_t)x165; + out1[60] = (uint8_t)x166; + out1[61] = (uint8_t)x168; + out1[62] = (uint8_t)x169; + out1[63] = (uint8_t)x170; + out1[64] = (uint8_t)x171; + out1[65] = x172; } /* diff --git a/fiat-c/src/p521_64.c b/fiat-c/src/p521_64.c index 43b049c20a..fe86e5d717 100644 --- a/fiat-c/src/p521_64.c +++ b/fiat-c/src/p521_64.c @@ -931,138 +931,75 @@ static FIAT_P521_FIAT_INLINE void fiat_p521_to_bytes(uint8_t out1[66], const fia uint64_t x41; uint64_t x42; uint64_t x43; - uint8_t x44; + uint64_t x44; uint64_t x45; - uint8_t x46; + uint64_t x46; uint64_t x47; - uint8_t x48; + uint64_t x48; uint64_t x49; uint8_t x50; uint64_t x51; - uint8_t x52; + uint64_t x52; uint64_t x53; - uint8_t x54; + uint64_t x54; uint64_t x55; - uint8_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; + uint64_t x56; + uint64_t x57; + uint8_t x58; + uint64_t x59; uint64_t x60; - uint8_t x61; + uint64_t x61; uint64_t x62; - uint8_t x63; + uint64_t x63; uint64_t x64; - uint8_t x65; - uint64_t x66; - uint8_t x67; + uint64_t x65; + uint8_t x66; + uint64_t x67; uint64_t x68; - uint8_t x69; + uint64_t x69; uint64_t x70; - uint8_t x71; - uint8_t x72; + uint64_t x71; + uint64_t x72; uint64_t x73; uint8_t x74; uint64_t x75; - uint8_t x76; + uint64_t x76; uint64_t x77; - uint8_t x78; + uint64_t x78; uint64_t x79; - uint8_t x80; - uint64_t x81; - uint8_t x82; + uint64_t x80; + uint8_t x81; + uint64_t x82; uint64_t x83; - uint8_t x84; + uint64_t x84; uint64_t x85; - uint8_t x86; - uint8_t x87; + uint64_t x86; + uint64_t x87; uint64_t x88; uint8_t x89; uint64_t x90; - uint8_t x91; + uint64_t x91; uint64_t x92; - uint8_t x93; + uint64_t x93; uint64_t x94; - uint8_t x95; + uint64_t x95; uint64_t x96; uint8_t x97; uint64_t x98; - uint8_t x99; + uint64_t x99; uint64_t x100; - uint8_t x101; - uint8_t x102; - uint8_t x103; + uint64_t x101; + uint64_t x102; + uint64_t x103; uint64_t x104; uint8_t x105; uint64_t x106; - uint8_t x107; + uint64_t x107; uint64_t x108; - uint8_t x109; + uint64_t x109; uint64_t x110; - uint8_t x111; - uint64_t x112; - uint8_t x113; - uint64_t x114; - uint8_t x115; - uint8_t x116; - uint64_t x117; - uint8_t x118; - uint64_t x119; - uint8_t x120; - uint64_t x121; - uint8_t x122; - uint64_t x123; - uint8_t x124; - uint64_t x125; - uint8_t x126; - uint64_t x127; - uint8_t x128; - uint64_t x129; - uint8_t x130; - uint8_t x131; - uint64_t x132; - uint8_t x133; - uint64_t x134; - uint8_t x135; - uint64_t x136; - uint8_t x137; - uint64_t x138; - uint8_t x139; - uint64_t x140; - uint8_t x141; - uint64_t x142; - uint8_t x143; - uint64_t x144; - uint8_t x145; - uint8_t x146; - uint64_t x147; - uint8_t x148; - uint64_t x149; - uint8_t x150; - uint64_t x151; - uint8_t x152; - uint64_t x153; - uint8_t x154; - uint64_t x155; - uint8_t x156; - uint64_t x157; - uint8_t x158; - uint64_t x159; - uint8_t x160; - uint8_t x161; - uint8_t x162; - uint64_t x163; - uint8_t x164; - uint64_t x165; - uint8_t x166; - uint64_t x167; - uint8_t x168; - uint64_t x169; - uint8_t x170; - uint64_t x171; - uint8_t x172; - uint64_t x173; - uint8_t x174; - fiat_p521_uint1 x175; + uint64_t x111; + fiat_p521_uint1 x112; fiat_p521_subborrowx_u58(&x1, &x2, 0x0, (arg1[0]), UINT64_C(0x3ffffffffffffff)); fiat_p521_subborrowx_u58(&x3, &x4, x2, (arg1[1]), UINT64_C(0x3ffffffffffffff)); fiat_p521_subborrowx_u58(&x5, &x6, x4, (arg1[2]), UINT64_C(0x3ffffffffffffff)); @@ -1088,204 +1025,141 @@ static FIAT_P521_FIAT_INLINE void fiat_p521_to_bytes(uint8_t out1[66], const fia x41 = (x26 << 6); x42 = (x24 << 4); x43 = (x22 << 2); - x44 = (uint8_t)(x20 & UINT8_C(0xff)); - x45 = (x20 >> 8); - x46 = (uint8_t)(x45 & UINT8_C(0xff)); - x47 = (x45 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (x47 >> 8); - x50 = (uint8_t)(x49 & UINT8_C(0xff)); - x51 = (x49 >> 8); - x52 = (uint8_t)(x51 & UINT8_C(0xff)); - x53 = (x51 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (x53 >> 8); - x56 = (uint8_t)(x55 & UINT8_C(0xff)); - x57 = (uint8_t)(x55 >> 8); - x58 = (x43 + (uint64_t)x57); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (x58 >> 8); - x61 = (uint8_t)(x60 & UINT8_C(0xff)); - x62 = (x60 >> 8); - x63 = (uint8_t)(x62 & UINT8_C(0xff)); - x64 = (x62 >> 8); - x65 = (uint8_t)(x64 & UINT8_C(0xff)); - x66 = (x64 >> 8); - x67 = (uint8_t)(x66 & UINT8_C(0xff)); - x68 = (x66 >> 8); - x69 = (uint8_t)(x68 & UINT8_C(0xff)); - x70 = (x68 >> 8); - x71 = (uint8_t)(x70 & UINT8_C(0xff)); - x72 = (uint8_t)(x70 >> 8); - x73 = (x42 + (uint64_t)x72); - x74 = (uint8_t)(x73 & UINT8_C(0xff)); - x75 = (x73 >> 8); - x76 = (uint8_t)(x75 & UINT8_C(0xff)); - x77 = (x75 >> 8); - x78 = (uint8_t)(x77 & UINT8_C(0xff)); - x79 = (x77 >> 8); - x80 = (uint8_t)(x79 & UINT8_C(0xff)); - x81 = (x79 >> 8); - x82 = (uint8_t)(x81 & UINT8_C(0xff)); - x83 = (x81 >> 8); - x84 = (uint8_t)(x83 & UINT8_C(0xff)); - x85 = (x83 >> 8); - x86 = (uint8_t)(x85 & UINT8_C(0xff)); - x87 = (uint8_t)(x85 >> 8); - x88 = (x41 + (uint64_t)x87); - x89 = (uint8_t)(x88 & UINT8_C(0xff)); - x90 = (x88 >> 8); - x91 = (uint8_t)(x90 & UINT8_C(0xff)); - x92 = (x90 >> 8); - x93 = (uint8_t)(x92 & UINT8_C(0xff)); - x94 = (x92 >> 8); - x95 = (uint8_t)(x94 & UINT8_C(0xff)); - x96 = (x94 >> 8); - x97 = (uint8_t)(x96 & UINT8_C(0xff)); - x98 = (x96 >> 8); - x99 = (uint8_t)(x98 & UINT8_C(0xff)); - x100 = (x98 >> 8); - x101 = (uint8_t)(x100 & UINT8_C(0xff)); - x102 = (uint8_t)(x100 >> 8); - x103 = (uint8_t)(x28 & UINT8_C(0xff)); - x104 = (x28 >> 8); - x105 = (uint8_t)(x104 & UINT8_C(0xff)); - x106 = (x104 >> 8); - x107 = (uint8_t)(x106 & UINT8_C(0xff)); - x108 = (x106 >> 8); - x109 = (uint8_t)(x108 & UINT8_C(0xff)); - x110 = (x108 >> 8); - x111 = (uint8_t)(x110 & UINT8_C(0xff)); - x112 = (x110 >> 8); - x113 = (uint8_t)(x112 & UINT8_C(0xff)); - x114 = (x112 >> 8); - x115 = (uint8_t)(x114 & UINT8_C(0xff)); - x116 = (uint8_t)(x114 >> 8); - x117 = (x40 + (uint64_t)x116); - x118 = (uint8_t)(x117 & UINT8_C(0xff)); - x119 = (x117 >> 8); - x120 = (uint8_t)(x119 & UINT8_C(0xff)); - x121 = (x119 >> 8); - x122 = (uint8_t)(x121 & UINT8_C(0xff)); - x123 = (x121 >> 8); - x124 = (uint8_t)(x123 & UINT8_C(0xff)); - x125 = (x123 >> 8); - x126 = (uint8_t)(x125 & UINT8_C(0xff)); - x127 = (x125 >> 8); - x128 = (uint8_t)(x127 & UINT8_C(0xff)); - x129 = (x127 >> 8); - x130 = (uint8_t)(x129 & UINT8_C(0xff)); - x131 = (uint8_t)(x129 >> 8); - x132 = (x39 + (uint64_t)x131); - x133 = (uint8_t)(x132 & UINT8_C(0xff)); - x134 = (x132 >> 8); - x135 = (uint8_t)(x134 & UINT8_C(0xff)); - x136 = (x134 >> 8); - x137 = (uint8_t)(x136 & UINT8_C(0xff)); - x138 = (x136 >> 8); - x139 = (uint8_t)(x138 & UINT8_C(0xff)); - x140 = (x138 >> 8); - x141 = (uint8_t)(x140 & UINT8_C(0xff)); - x142 = (x140 >> 8); - x143 = (uint8_t)(x142 & UINT8_C(0xff)); - x144 = (x142 >> 8); - x145 = (uint8_t)(x144 & UINT8_C(0xff)); - x146 = (uint8_t)(x144 >> 8); - x147 = (x38 + (uint64_t)x146); - x148 = (uint8_t)(x147 & UINT8_C(0xff)); - x149 = (x147 >> 8); - x150 = (uint8_t)(x149 & UINT8_C(0xff)); - x151 = (x149 >> 8); - x152 = (uint8_t)(x151 & UINT8_C(0xff)); - x153 = (x151 >> 8); - x154 = (uint8_t)(x153 & UINT8_C(0xff)); - x155 = (x153 >> 8); - x156 = (uint8_t)(x155 & UINT8_C(0xff)); - x157 = (x155 >> 8); - x158 = (uint8_t)(x157 & UINT8_C(0xff)); - x159 = (x157 >> 8); - x160 = (uint8_t)(x159 & UINT8_C(0xff)); - x161 = (uint8_t)(x159 >> 8); - x162 = (uint8_t)(x36 & UINT8_C(0xff)); - x163 = (x36 >> 8); - x164 = (uint8_t)(x163 & UINT8_C(0xff)); - x165 = (x163 >> 8); - x166 = (uint8_t)(x165 & UINT8_C(0xff)); - x167 = (x165 >> 8); - x168 = (uint8_t)(x167 & UINT8_C(0xff)); - x169 = (x167 >> 8); - x170 = (uint8_t)(x169 & UINT8_C(0xff)); - x171 = (x169 >> 8); - x172 = (uint8_t)(x171 & UINT8_C(0xff)); - x173 = (x171 >> 8); - x174 = (uint8_t)(x173 & UINT8_C(0xff)); - x175 = (fiat_p521_uint1)(x173 >> 8); - out1[0] = x44; - out1[1] = x46; - out1[2] = x48; - out1[3] = x50; - out1[4] = x52; - out1[5] = x54; - out1[6] = x56; - out1[7] = x59; - out1[8] = x61; - out1[9] = x63; - out1[10] = x65; - out1[11] = x67; - out1[12] = x69; - out1[13] = x71; - out1[14] = x74; - out1[15] = x76; - out1[16] = x78; - out1[17] = x80; - out1[18] = x82; - out1[19] = x84; - out1[20] = x86; - out1[21] = x89; - out1[22] = x91; - out1[23] = x93; - out1[24] = x95; - out1[25] = x97; - out1[26] = x99; - out1[27] = x101; - out1[28] = x102; - out1[29] = x103; - out1[30] = x105; - out1[31] = x107; - out1[32] = x109; - out1[33] = x111; - out1[34] = x113; - out1[35] = x115; - out1[36] = x118; - out1[37] = x120; - out1[38] = x122; - out1[39] = x124; - out1[40] = x126; - out1[41] = x128; - out1[42] = x130; - out1[43] = x133; - out1[44] = x135; - out1[45] = x137; - out1[46] = x139; - out1[47] = x141; - out1[48] = x143; - out1[49] = x145; - out1[50] = x148; - out1[51] = x150; - out1[52] = x152; - out1[53] = x154; - out1[54] = x156; - out1[55] = x158; - out1[56] = x160; - out1[57] = x161; - out1[58] = x162; - out1[59] = x164; - out1[60] = x166; - out1[61] = x168; - out1[62] = x170; - out1[63] = x172; - out1[64] = x174; - out1[65] = x175; + x44 = (x20 >> 8); + x45 = (x44 >> 8); + x46 = (x45 >> 8); + x47 = (x46 >> 8); + x48 = (x47 >> 8); + x49 = (x48 >> 8); + x50 = (uint8_t)(x49 >> 8); + x51 = (x43 + (uint64_t)x50); + x52 = (x51 >> 8); + x53 = (x52 >> 8); + x54 = (x53 >> 8); + x55 = (x54 >> 8); + x56 = (x55 >> 8); + x57 = (x56 >> 8); + x58 = (uint8_t)(x57 >> 8); + x59 = (x42 + (uint64_t)x58); + x60 = (x59 >> 8); + x61 = (x60 >> 8); + x62 = (x61 >> 8); + x63 = (x62 >> 8); + x64 = (x63 >> 8); + x65 = (x64 >> 8); + x66 = (uint8_t)(x65 >> 8); + x67 = (x41 + (uint64_t)x66); + x68 = (x67 >> 8); + x69 = (x68 >> 8); + x70 = (x69 >> 8); + x71 = (x70 >> 8); + x72 = (x71 >> 8); + x73 = (x72 >> 8); + x74 = (uint8_t)(x73 >> 8); + x75 = (x28 >> 8); + x76 = (x75 >> 8); + x77 = (x76 >> 8); + x78 = (x77 >> 8); + x79 = (x78 >> 8); + x80 = (x79 >> 8); + x81 = (uint8_t)(x80 >> 8); + x82 = (x40 + (uint64_t)x81); + x83 = (x82 >> 8); + x84 = (x83 >> 8); + x85 = (x84 >> 8); + x86 = (x85 >> 8); + x87 = (x86 >> 8); + x88 = (x87 >> 8); + x89 = (uint8_t)(x88 >> 8); + x90 = (x39 + (uint64_t)x89); + x91 = (x90 >> 8); + x92 = (x91 >> 8); + x93 = (x92 >> 8); + x94 = (x93 >> 8); + x95 = (x94 >> 8); + x96 = (x95 >> 8); + x97 = (uint8_t)(x96 >> 8); + x98 = (x38 + (uint64_t)x97); + x99 = (x98 >> 8); + x100 = (x99 >> 8); + x101 = (x100 >> 8); + x102 = (x101 >> 8); + x103 = (x102 >> 8); + x104 = (x103 >> 8); + x105 = (uint8_t)(x104 >> 8); + x106 = (x36 >> 8); + x107 = (x106 >> 8); + x108 = (x107 >> 8); + x109 = (x108 >> 8); + x110 = (x109 >> 8); + x111 = (x110 >> 8); + x112 = (fiat_p521_uint1)(x111 >> 8); + out1[0] = (uint8_t)x20; + out1[1] = (uint8_t)x44; + out1[2] = (uint8_t)x45; + out1[3] = (uint8_t)x46; + out1[4] = (uint8_t)x47; + out1[5] = (uint8_t)x48; + out1[6] = (uint8_t)x49; + out1[7] = (uint8_t)x51; + out1[8] = (uint8_t)x52; + out1[9] = (uint8_t)x53; + out1[10] = (uint8_t)x54; + out1[11] = (uint8_t)x55; + out1[12] = (uint8_t)x56; + out1[13] = (uint8_t)x57; + out1[14] = (uint8_t)x59; + out1[15] = (uint8_t)x60; + out1[16] = (uint8_t)x61; + out1[17] = (uint8_t)x62; + out1[18] = (uint8_t)x63; + out1[19] = (uint8_t)x64; + out1[20] = (uint8_t)x65; + out1[21] = (uint8_t)x67; + out1[22] = (uint8_t)x68; + out1[23] = (uint8_t)x69; + out1[24] = (uint8_t)x70; + out1[25] = (uint8_t)x71; + out1[26] = (uint8_t)x72; + out1[27] = (uint8_t)x73; + out1[28] = x74; + out1[29] = (uint8_t)x28; + out1[30] = (uint8_t)x75; + out1[31] = (uint8_t)x76; + out1[32] = (uint8_t)x77; + out1[33] = (uint8_t)x78; + out1[34] = (uint8_t)x79; + out1[35] = (uint8_t)x80; + out1[36] = (uint8_t)x82; + out1[37] = (uint8_t)x83; + out1[38] = (uint8_t)x84; + out1[39] = (uint8_t)x85; + out1[40] = (uint8_t)x86; + out1[41] = (uint8_t)x87; + out1[42] = (uint8_t)x88; + out1[43] = (uint8_t)x90; + out1[44] = (uint8_t)x91; + out1[45] = (uint8_t)x92; + out1[46] = (uint8_t)x93; + out1[47] = (uint8_t)x94; + out1[48] = (uint8_t)x95; + out1[49] = (uint8_t)x96; + out1[50] = (uint8_t)x98; + out1[51] = (uint8_t)x99; + out1[52] = (uint8_t)x100; + out1[53] = (uint8_t)x101; + out1[54] = (uint8_t)x102; + out1[55] = (uint8_t)x103; + out1[56] = (uint8_t)x104; + out1[57] = x105; + out1[58] = (uint8_t)x36; + out1[59] = (uint8_t)x106; + out1[60] = (uint8_t)x107; + out1[61] = (uint8_t)x108; + out1[62] = (uint8_t)x109; + out1[63] = (uint8_t)x110; + out1[64] = (uint8_t)x111; + out1[65] = x112; } /* diff --git a/fiat-c/src/poly1305_32.c b/fiat-c/src/poly1305_32.c index 9811d84a1a..b6ac4210e1 100644 --- a/fiat-c/src/poly1305_32.c +++ b/fiat-c/src/poly1305_32.c @@ -531,39 +531,24 @@ static FIAT_POLY1305_FIAT_INLINE void fiat_poly1305_to_bytes(uint8_t out1[17], c uint32_t x22; uint32_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint32_t x26; uint8_t x27; uint32_t x28; - uint8_t x29; - uint8_t x30; - uint32_t x31; - uint8_t x32; + uint32_t x29; + uint32_t x30; + uint8_t x31; + uint32_t x32; uint32_t x33; - uint8_t x34; - uint32_t x35; - uint8_t x36; - uint8_t x37; + uint32_t x34; + uint8_t x35; + uint32_t x36; + uint32_t x37; uint32_t x38; uint8_t x39; uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint32_t x45; - uint8_t x46; - uint32_t x47; - uint8_t x48; - uint32_t x49; - uint8_t x50; - uint8_t x51; - uint8_t x52; - uint32_t x53; - uint8_t x54; - uint32_t x55; - uint8_t x56; - uint8_t x57; + uint32_t x41; + uint8_t x42; fiat_poly1305_subborrowx_u26(&x1, &x2, 0x0, (arg1[0]), UINT32_C(0x3fffffb)); fiat_poly1305_subborrowx_u26(&x3, &x4, x2, (arg1[1]), UINT32_C(0x3ffffff)); fiat_poly1305_subborrowx_u26(&x5, &x6, x4, (arg1[2]), UINT32_C(0x3ffffff)); @@ -578,56 +563,41 @@ static FIAT_POLY1305_FIAT_INLINE void fiat_poly1305_to_bytes(uint8_t out1[17], c x22 = (x18 << 6); x23 = (x16 << 4); x24 = (x14 << 2); - x25 = (uint8_t)(x12 & UINT8_C(0xff)); - x26 = (x12 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (uint8_t)(x28 >> 8); - x31 = (x24 + (uint32_t)x30); - x32 = (uint8_t)(x31 & UINT8_C(0xff)); - x33 = (x31 >> 8); - x34 = (uint8_t)(x33 & UINT8_C(0xff)); - x35 = (x33 >> 8); - x36 = (uint8_t)(x35 & UINT8_C(0xff)); - x37 = (uint8_t)(x35 >> 8); - x38 = (x23 + (uint32_t)x37); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (x22 + (uint32_t)x44); - x46 = (uint8_t)(x45 & UINT8_C(0xff)); - x47 = (x45 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (x47 >> 8); - x50 = (uint8_t)(x49 & UINT8_C(0xff)); - x51 = (uint8_t)(x49 >> 8); - x52 = (uint8_t)(x20 & UINT8_C(0xff)); - x53 = (x20 >> 8); - x54 = (uint8_t)(x53 & UINT8_C(0xff)); - x55 = (x53 >> 8); - x56 = (uint8_t)(x55 & UINT8_C(0xff)); - x57 = (uint8_t)(x55 >> 8); - out1[0] = x25; - out1[1] = x27; - out1[2] = x29; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x46; - out1[10] = x48; - out1[11] = x50; - out1[12] = x51; - out1[13] = x52; - out1[14] = x54; - out1[15] = x56; - out1[16] = x57; + x25 = (x12 >> 8); + x26 = (x25 >> 8); + x27 = (uint8_t)(x26 >> 8); + x28 = (x24 + (uint32_t)x27); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (uint8_t)(x30 >> 8); + x32 = (x23 + (uint32_t)x31); + x33 = (x32 >> 8); + x34 = (x33 >> 8); + x35 = (uint8_t)(x34 >> 8); + x36 = (x22 + (uint32_t)x35); + x37 = (x36 >> 8); + x38 = (x37 >> 8); + x39 = (uint8_t)(x38 >> 8); + x40 = (x20 >> 8); + x41 = (x40 >> 8); + x42 = (uint8_t)(x41 >> 8); + out1[0] = (uint8_t)x12; + out1[1] = (uint8_t)x25; + out1[2] = (uint8_t)x26; + out1[3] = (uint8_t)x28; + out1[4] = (uint8_t)x29; + out1[5] = (uint8_t)x30; + out1[6] = (uint8_t)x32; + out1[7] = (uint8_t)x33; + out1[8] = (uint8_t)x34; + out1[9] = (uint8_t)x36; + out1[10] = (uint8_t)x37; + out1[11] = (uint8_t)x38; + out1[12] = x39; + out1[13] = (uint8_t)x20; + out1[14] = (uint8_t)x40; + out1[15] = (uint8_t)x41; + out1[16] = x42; } /* diff --git a/fiat-c/src/poly1305_64.c b/fiat-c/src/poly1305_64.c index ca9097170e..f82be3b685 100644 --- a/fiat-c/src/poly1305_64.c +++ b/fiat-c/src/poly1305_64.c @@ -451,40 +451,24 @@ static FIAT_POLY1305_FIAT_INLINE void fiat_poly1305_to_bytes(uint8_t out1[17], c fiat_poly1305_uint1 x13; uint64_t x14; uint64_t x15; - uint8_t x16; + uint64_t x16; uint64_t x17; - uint8_t x18; + uint64_t x18; uint64_t x19; uint8_t x20; uint64_t x21; - uint8_t x22; + uint64_t x22; uint64_t x23; - uint8_t x24; - uint8_t x25; - uint64_t x26; - uint8_t x27; + uint64_t x24; + uint64_t x25; + uint8_t x26; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint64_t x32; uint8_t x33; - uint64_t x34; - uint8_t x35; - uint8_t x36; - uint64_t x37; - uint8_t x38; - uint64_t x39; - uint8_t x40; - uint64_t x41; - uint8_t x42; - uint64_t x43; - uint8_t x44; - uint64_t x45; - uint8_t x46; - uint64_t x47; - uint8_t x48; - uint8_t x49; fiat_poly1305_subborrowx_u44(&x1, &x2, 0x0, (arg1[0]), UINT64_C(0xffffffffffb)); fiat_poly1305_subborrowx_u43(&x3, &x4, x2, (arg1[1]), UINT64_C(0x7ffffffffff)); fiat_poly1305_subborrowx_u43(&x5, &x6, x4, (arg1[2]), UINT64_C(0x7ffffffffff)); @@ -494,57 +478,41 @@ static FIAT_POLY1305_FIAT_INLINE void fiat_poly1305_to_bytes(uint8_t out1[17], c fiat_poly1305_addcarryx_u43(&x12, &x13, x11, x5, (x7 & UINT64_C(0x7ffffffffff))); x14 = (x12 << 7); x15 = (x10 << 4); - x16 = (uint8_t)(x8 & UINT8_C(0xff)); - x17 = (x8 >> 8); - x18 = (uint8_t)(x17 & UINT8_C(0xff)); - x19 = (x17 >> 8); - x20 = (uint8_t)(x19 & UINT8_C(0xff)); - x21 = (x19 >> 8); - x22 = (uint8_t)(x21 & UINT8_C(0xff)); - x23 = (x21 >> 8); - x24 = (uint8_t)(x23 & UINT8_C(0xff)); - x25 = (uint8_t)(x23 >> 8); - x26 = (x15 + (uint64_t)x25); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (x30 >> 8); - x33 = (uint8_t)(x32 & UINT8_C(0xff)); - x34 = (x32 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (uint8_t)(x34 >> 8); - x37 = (x14 + (uint64_t)x36); - x38 = (uint8_t)(x37 & UINT8_C(0xff)); - x39 = (x37 >> 8); - x40 = (uint8_t)(x39 & UINT8_C(0xff)); - x41 = (x39 >> 8); - x42 = (uint8_t)(x41 & UINT8_C(0xff)); - x43 = (x41 >> 8); - x44 = (uint8_t)(x43 & UINT8_C(0xff)); - x45 = (x43 >> 8); - x46 = (uint8_t)(x45 & UINT8_C(0xff)); - x47 = (x45 >> 8); - x48 = (uint8_t)(x47 & UINT8_C(0xff)); - x49 = (uint8_t)(x47 >> 8); - out1[0] = x16; - out1[1] = x18; - out1[2] = x20; - out1[3] = x22; - out1[4] = x24; - out1[5] = x27; - out1[6] = x29; - out1[7] = x31; - out1[8] = x33; - out1[9] = x35; - out1[10] = x38; - out1[11] = x40; - out1[12] = x42; - out1[13] = x44; - out1[14] = x46; - out1[15] = x48; - out1[16] = x49; + x16 = (x8 >> 8); + x17 = (x16 >> 8); + x18 = (x17 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x15 + (uint64_t)x20); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x14 + (uint64_t)x26); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (x31 >> 8); + x33 = (uint8_t)(x32 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x16; + out1[2] = (uint8_t)x17; + out1[3] = (uint8_t)x18; + out1[4] = (uint8_t)x19; + out1[5] = (uint8_t)x21; + out1[6] = (uint8_t)x22; + out1[7] = (uint8_t)x23; + out1[8] = (uint8_t)x24; + out1[9] = (uint8_t)x25; + out1[10] = (uint8_t)x27; + out1[11] = (uint8_t)x28; + out1[12] = (uint8_t)x29; + out1[13] = (uint8_t)x30; + out1[14] = (uint8_t)x31; + out1[15] = (uint8_t)x32; + out1[16] = x33; } /* diff --git a/fiat-c/src/secp256k1_montgomery_32.c b/fiat-c/src/secp256k1_montgomery_32.c index d78d7a090a..038c7cb956 100644 --- a/fiat-c/src/secp256k1_montgomery_32.c +++ b/fiat-c/src/secp256k1_montgomery_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_secp256k1_montgomery_value_barrier_u32(uint32_t */ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_addcarryx_u32(uint32_t* out1, fiat_secp256k1_montgomery_uint1* out2, fiat_secp256k1_montgomery_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_secp256k1_montgomery_uint1 x3; + fiat_secp256k1_montgomery_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_secp256k1_montgomery_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_secp256k1_montgomery_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_subb static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -4790,54 +4786,30 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_to_b uint32_t x6; uint32_t x7; uint32_t x8; - uint8_t x9; + uint32_t x9; uint32_t x10; uint8_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint8_t x14; - uint8_t x15; + uint32_t x15; uint32_t x16; uint8_t x17; uint32_t x18; - uint8_t x19; + uint32_t x19; uint8_t x20; - uint8_t x21; + uint32_t x21; uint32_t x22; uint8_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint8_t x26; - uint8_t x27; + uint32_t x27; uint32_t x28; uint8_t x29; uint32_t x30; - uint8_t x31; + uint32_t x31; uint8_t x32; - uint8_t x33; - uint32_t x34; - uint8_t x35; - uint32_t x36; - uint8_t x37; - uint8_t x38; - uint8_t x39; - uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint8_t x45; - uint32_t x46; - uint8_t x47; - uint32_t x48; - uint8_t x49; - uint8_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint32_t x54; - uint8_t x55; - uint8_t x56; x1 = (arg1[7]); x2 = (arg1[6]); x3 = (arg1[5]); @@ -4846,86 +4818,62 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_to_b x6 = (arg1[2]); x7 = (arg1[1]); x8 = (arg1[0]); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (uint8_t)(x12 >> 8); - x15 = (uint8_t)(x7 & UINT8_C(0xff)); - x16 = (x7 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x6 & UINT8_C(0xff)); - x22 = (x6 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (uint8_t)(x24 >> 8); - x27 = (uint8_t)(x5 & UINT8_C(0xff)); - x28 = (x5 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x4 & UINT8_C(0xff)); - x34 = (x4 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (uint8_t)(x36 >> 8); - x39 = (uint8_t)(x3 & UINT8_C(0xff)); - x40 = (x3 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (uint8_t)(x2 & UINT8_C(0xff)); - x46 = (x2 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (uint8_t)(x1 & UINT8_C(0xff)); - x52 = (x1 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (uint8_t)(x54 >> 8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x7 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (uint8_t)(x16 >> 8); + x18 = (x5 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (uint8_t)(x22 >> 8); + x24 = (x3 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x2 >> 8); + x28 = (x27 >> 8); + x29 = (uint8_t)(x28 >> 8); + x30 = (x1 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x9; + out1[2] = (uint8_t)x10; + out1[3] = x11; + out1[4] = (uint8_t)x7; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = x17; + out1[12] = (uint8_t)x5; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = x23; + out1[20] = (uint8_t)x3; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x25; + out1[23] = x26; + out1[24] = (uint8_t)x2; + out1[25] = (uint8_t)x27; + out1[26] = (uint8_t)x28; + out1[27] = x29; + out1[28] = (uint8_t)x1; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -5270,7 +5218,7 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint32_t x131; uint32_t x132; uint32_t x133; - fiat_secp256k1_montgomery_uint1 x134; + uint32_t x134; uint32_t x135; uint32_t x136; uint32_t x137; @@ -5280,24 +5228,24 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint32_t x141; uint32_t x142; uint32_t x143; - uint32_t x144; - fiat_secp256k1_montgomery_uint1 x145; - uint32_t x146; - fiat_secp256k1_montgomery_uint1 x147; - uint32_t x148; - fiat_secp256k1_montgomery_uint1 x149; - uint32_t x150; - fiat_secp256k1_montgomery_uint1 x151; - uint32_t x152; - fiat_secp256k1_montgomery_uint1 x153; - uint32_t x154; - fiat_secp256k1_montgomery_uint1 x155; - uint32_t x156; - fiat_secp256k1_montgomery_uint1 x157; - uint32_t x158; - fiat_secp256k1_montgomery_uint1 x159; - uint32_t x160; - fiat_secp256k1_montgomery_uint1 x161; + fiat_secp256k1_montgomery_uint1 x144; + uint32_t x145; + fiat_secp256k1_montgomery_uint1 x146; + uint32_t x147; + fiat_secp256k1_montgomery_uint1 x148; + uint32_t x149; + fiat_secp256k1_montgomery_uint1 x150; + uint32_t x151; + fiat_secp256k1_montgomery_uint1 x152; + uint32_t x153; + fiat_secp256k1_montgomery_uint1 x154; + uint32_t x155; + fiat_secp256k1_montgomery_uint1 x156; + uint32_t x157; + fiat_secp256k1_montgomery_uint1 x158; + uint32_t x159; + fiat_secp256k1_montgomery_uint1 x160; + uint32_t x161; uint32_t x162; uint32_t x163; uint32_t x164; @@ -5306,42 +5254,42 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint32_t x167; uint32_t x168; uint32_t x169; - uint32_t x170; - fiat_secp256k1_montgomery_uint1 x171; - uint32_t x172; - fiat_secp256k1_montgomery_uint1 x173; - uint32_t x174; - fiat_secp256k1_montgomery_uint1 x175; - uint32_t x176; - fiat_secp256k1_montgomery_uint1 x177; - uint32_t x178; - fiat_secp256k1_montgomery_uint1 x179; - uint32_t x180; - fiat_secp256k1_montgomery_uint1 x181; - uint32_t x182; - fiat_secp256k1_montgomery_uint1 x183; - uint32_t x184; - fiat_secp256k1_montgomery_uint1 x185; - uint32_t x186; - fiat_secp256k1_montgomery_uint1 x187; - uint32_t x188; - fiat_secp256k1_montgomery_uint1 x189; - uint32_t x190; - fiat_secp256k1_montgomery_uint1 x191; - uint32_t x192; - fiat_secp256k1_montgomery_uint1 x193; - uint32_t x194; - fiat_secp256k1_montgomery_uint1 x195; - uint32_t x196; - fiat_secp256k1_montgomery_uint1 x197; - uint32_t x198; - fiat_secp256k1_montgomery_uint1 x199; - uint32_t x200; - fiat_secp256k1_montgomery_uint1 x201; - uint32_t x202; - fiat_secp256k1_montgomery_uint1 x203; - uint32_t x204; - fiat_secp256k1_montgomery_uint1 x205; + fiat_secp256k1_montgomery_uint1 x170; + uint32_t x171; + fiat_secp256k1_montgomery_uint1 x172; + uint32_t x173; + fiat_secp256k1_montgomery_uint1 x174; + uint32_t x175; + fiat_secp256k1_montgomery_uint1 x176; + uint32_t x177; + fiat_secp256k1_montgomery_uint1 x178; + uint32_t x179; + fiat_secp256k1_montgomery_uint1 x180; + uint32_t x181; + fiat_secp256k1_montgomery_uint1 x182; + uint32_t x183; + fiat_secp256k1_montgomery_uint1 x184; + uint32_t x185; + fiat_secp256k1_montgomery_uint1 x186; + uint32_t x187; + fiat_secp256k1_montgomery_uint1 x188; + uint32_t x189; + fiat_secp256k1_montgomery_uint1 x190; + uint32_t x191; + fiat_secp256k1_montgomery_uint1 x192; + uint32_t x193; + fiat_secp256k1_montgomery_uint1 x194; + uint32_t x195; + fiat_secp256k1_montgomery_uint1 x196; + uint32_t x197; + fiat_secp256k1_montgomery_uint1 x198; + uint32_t x199; + fiat_secp256k1_montgomery_uint1 x200; + uint32_t x201; + fiat_secp256k1_montgomery_uint1 x202; + uint32_t x203; + fiat_secp256k1_montgomery_uint1 x204; + uint32_t x205; uint32_t x206; uint32_t x207; uint32_t x208; @@ -5366,9 +5314,8 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint32_t x227; uint32_t x228; uint32_t x229; - uint32_t x230; fiat_secp256k1_montgomery_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_secp256k1_montgomery_uint1)((fiat_secp256k1_montgomery_uint1)(x1 >> 31) & (fiat_secp256k1_montgomery_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_secp256k1_montgomery_uint1)((fiat_secp256k1_montgomery_uint1)(x1 >> 31) & (fiat_secp256k1_montgomery_uint1)(arg3[0])); fiat_secp256k1_montgomery_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_secp256k1_montgomery_cmovznz_u32(&x6, x3, arg1, x4); fiat_secp256k1_montgomery_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -5456,77 +5403,76 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs fiat_secp256k1_montgomery_cmovznz_u32(&x131, x3, (arg5[5]), x120); fiat_secp256k1_montgomery_cmovznz_u32(&x132, x3, (arg5[6]), x122); fiat_secp256k1_montgomery_cmovznz_u32(&x133, x3, (arg5[7]), x124); - x134 = (fiat_secp256k1_montgomery_uint1)(x34 & 0x1); - fiat_secp256k1_montgomery_cmovznz_u32(&x135, x134, 0x0, x7); - fiat_secp256k1_montgomery_cmovznz_u32(&x136, x134, 0x0, x8); - fiat_secp256k1_montgomery_cmovznz_u32(&x137, x134, 0x0, x9); - fiat_secp256k1_montgomery_cmovznz_u32(&x138, x134, 0x0, x10); - fiat_secp256k1_montgomery_cmovznz_u32(&x139, x134, 0x0, x11); - fiat_secp256k1_montgomery_cmovznz_u32(&x140, x134, 0x0, x12); - fiat_secp256k1_montgomery_cmovznz_u32(&x141, x134, 0x0, x13); - fiat_secp256k1_montgomery_cmovznz_u32(&x142, x134, 0x0, x14); - fiat_secp256k1_montgomery_cmovznz_u32(&x143, x134, 0x0, x15); - fiat_secp256k1_montgomery_addcarryx_u32(&x144, &x145, 0x0, x34, x135); - fiat_secp256k1_montgomery_addcarryx_u32(&x146, &x147, x145, x35, x136); - fiat_secp256k1_montgomery_addcarryx_u32(&x148, &x149, x147, x36, x137); - fiat_secp256k1_montgomery_addcarryx_u32(&x150, &x151, x149, x37, x138); - fiat_secp256k1_montgomery_addcarryx_u32(&x152, &x153, x151, x38, x139); - fiat_secp256k1_montgomery_addcarryx_u32(&x154, &x155, x153, x39, x140); - fiat_secp256k1_montgomery_addcarryx_u32(&x156, &x157, x155, x40, x141); - fiat_secp256k1_montgomery_addcarryx_u32(&x158, &x159, x157, x41, x142); - fiat_secp256k1_montgomery_addcarryx_u32(&x160, &x161, x159, x42, x143); - fiat_secp256k1_montgomery_cmovznz_u32(&x162, x134, 0x0, x43); - fiat_secp256k1_montgomery_cmovznz_u32(&x163, x134, 0x0, x44); - fiat_secp256k1_montgomery_cmovznz_u32(&x164, x134, 0x0, x45); - fiat_secp256k1_montgomery_cmovznz_u32(&x165, x134, 0x0, x46); - fiat_secp256k1_montgomery_cmovznz_u32(&x166, x134, 0x0, x47); - fiat_secp256k1_montgomery_cmovznz_u32(&x167, x134, 0x0, x48); - fiat_secp256k1_montgomery_cmovznz_u32(&x168, x134, 0x0, x49); - fiat_secp256k1_montgomery_cmovznz_u32(&x169, x134, 0x0, x50); - fiat_secp256k1_montgomery_addcarryx_u32(&x170, &x171, 0x0, x126, x162); - fiat_secp256k1_montgomery_addcarryx_u32(&x172, &x173, x171, x127, x163); - fiat_secp256k1_montgomery_addcarryx_u32(&x174, &x175, x173, x128, x164); - fiat_secp256k1_montgomery_addcarryx_u32(&x176, &x177, x175, x129, x165); - fiat_secp256k1_montgomery_addcarryx_u32(&x178, &x179, x177, x130, x166); - fiat_secp256k1_montgomery_addcarryx_u32(&x180, &x181, x179, x131, x167); - fiat_secp256k1_montgomery_addcarryx_u32(&x182, &x183, x181, x132, x168); - fiat_secp256k1_montgomery_addcarryx_u32(&x184, &x185, x183, x133, x169); - fiat_secp256k1_montgomery_subborrowx_u32(&x186, &x187, 0x0, x170, UINT32_C(0xfffffc2f)); - fiat_secp256k1_montgomery_subborrowx_u32(&x188, &x189, x187, x172, UINT32_C(0xfffffffe)); - fiat_secp256k1_montgomery_subborrowx_u32(&x190, &x191, x189, x174, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x192, &x193, x191, x176, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x194, &x195, x193, x178, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x196, &x197, x195, x180, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x198, &x199, x197, x182, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x200, &x201, x199, x184, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_subborrowx_u32(&x202, &x203, x201, x185, 0x0); - fiat_secp256k1_montgomery_addcarryx_u32(&x204, &x205, 0x0, x6, 0x1); - x206 = ((x144 >> 1) | ((x146 << 31) & UINT32_C(0xffffffff))); - x207 = ((x146 >> 1) | ((x148 << 31) & UINT32_C(0xffffffff))); - x208 = ((x148 >> 1) | ((x150 << 31) & UINT32_C(0xffffffff))); - x209 = ((x150 >> 1) | ((x152 << 31) & UINT32_C(0xffffffff))); - x210 = ((x152 >> 1) | ((x154 << 31) & UINT32_C(0xffffffff))); - x211 = ((x154 >> 1) | ((x156 << 31) & UINT32_C(0xffffffff))); - x212 = ((x156 >> 1) | ((x158 << 31) & UINT32_C(0xffffffff))); - x213 = ((x158 >> 1) | ((x160 << 31) & UINT32_C(0xffffffff))); - x214 = ((x160 & UINT32_C(0x80000000)) | (x160 >> 1)); - fiat_secp256k1_montgomery_cmovznz_u32(&x215, x84, x67, x51); - fiat_secp256k1_montgomery_cmovznz_u32(&x216, x84, x69, x53); - fiat_secp256k1_montgomery_cmovznz_u32(&x217, x84, x71, x55); - fiat_secp256k1_montgomery_cmovznz_u32(&x218, x84, x73, x57); - fiat_secp256k1_montgomery_cmovznz_u32(&x219, x84, x75, x59); - fiat_secp256k1_montgomery_cmovznz_u32(&x220, x84, x77, x61); - fiat_secp256k1_montgomery_cmovznz_u32(&x221, x84, x79, x63); - fiat_secp256k1_montgomery_cmovznz_u32(&x222, x84, x81, x65); - fiat_secp256k1_montgomery_cmovznz_u32(&x223, x203, x186, x170); - fiat_secp256k1_montgomery_cmovznz_u32(&x224, x203, x188, x172); - fiat_secp256k1_montgomery_cmovznz_u32(&x225, x203, x190, x174); - fiat_secp256k1_montgomery_cmovznz_u32(&x226, x203, x192, x176); - fiat_secp256k1_montgomery_cmovznz_u32(&x227, x203, x194, x178); - fiat_secp256k1_montgomery_cmovznz_u32(&x228, x203, x196, x180); - fiat_secp256k1_montgomery_cmovznz_u32(&x229, x203, x198, x182); - fiat_secp256k1_montgomery_cmovznz_u32(&x230, x203, x200, x184); - *out1 = x204; + fiat_secp256k1_montgomery_cmovznz_u32(&x134, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x7); + fiat_secp256k1_montgomery_cmovznz_u32(&x135, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x8); + fiat_secp256k1_montgomery_cmovznz_u32(&x136, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x9); + fiat_secp256k1_montgomery_cmovznz_u32(&x137, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x10); + fiat_secp256k1_montgomery_cmovznz_u32(&x138, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x11); + fiat_secp256k1_montgomery_cmovznz_u32(&x139, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x12); + fiat_secp256k1_montgomery_cmovznz_u32(&x140, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x13); + fiat_secp256k1_montgomery_cmovznz_u32(&x141, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x14); + fiat_secp256k1_montgomery_cmovznz_u32(&x142, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x15); + fiat_secp256k1_montgomery_addcarryx_u32(&x143, &x144, 0x0, x34, x134); + fiat_secp256k1_montgomery_addcarryx_u32(&x145, &x146, x144, x35, x135); + fiat_secp256k1_montgomery_addcarryx_u32(&x147, &x148, x146, x36, x136); + fiat_secp256k1_montgomery_addcarryx_u32(&x149, &x150, x148, x37, x137); + fiat_secp256k1_montgomery_addcarryx_u32(&x151, &x152, x150, x38, x138); + fiat_secp256k1_montgomery_addcarryx_u32(&x153, &x154, x152, x39, x139); + fiat_secp256k1_montgomery_addcarryx_u32(&x155, &x156, x154, x40, x140); + fiat_secp256k1_montgomery_addcarryx_u32(&x157, &x158, x156, x41, x141); + fiat_secp256k1_montgomery_addcarryx_u32(&x159, &x160, x158, x42, x142); + fiat_secp256k1_montgomery_cmovznz_u32(&x161, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x43); + fiat_secp256k1_montgomery_cmovznz_u32(&x162, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x44); + fiat_secp256k1_montgomery_cmovznz_u32(&x163, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x45); + fiat_secp256k1_montgomery_cmovznz_u32(&x164, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x46); + fiat_secp256k1_montgomery_cmovznz_u32(&x165, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x47); + fiat_secp256k1_montgomery_cmovznz_u32(&x166, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x48); + fiat_secp256k1_montgomery_cmovznz_u32(&x167, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x49); + fiat_secp256k1_montgomery_cmovznz_u32(&x168, (fiat_secp256k1_montgomery_uint1)x34, 0x0, x50); + fiat_secp256k1_montgomery_addcarryx_u32(&x169, &x170, 0x0, x126, x161); + fiat_secp256k1_montgomery_addcarryx_u32(&x171, &x172, x170, x127, x162); + fiat_secp256k1_montgomery_addcarryx_u32(&x173, &x174, x172, x128, x163); + fiat_secp256k1_montgomery_addcarryx_u32(&x175, &x176, x174, x129, x164); + fiat_secp256k1_montgomery_addcarryx_u32(&x177, &x178, x176, x130, x165); + fiat_secp256k1_montgomery_addcarryx_u32(&x179, &x180, x178, x131, x166); + fiat_secp256k1_montgomery_addcarryx_u32(&x181, &x182, x180, x132, x167); + fiat_secp256k1_montgomery_addcarryx_u32(&x183, &x184, x182, x133, x168); + fiat_secp256k1_montgomery_subborrowx_u32(&x185, &x186, 0x0, x169, UINT32_C(0xfffffc2f)); + fiat_secp256k1_montgomery_subborrowx_u32(&x187, &x188, x186, x171, UINT32_C(0xfffffffe)); + fiat_secp256k1_montgomery_subborrowx_u32(&x189, &x190, x188, x173, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x191, &x192, x190, x175, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x193, &x194, x192, x177, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x195, &x196, x194, x179, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x197, &x198, x196, x181, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x199, &x200, x198, x183, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_subborrowx_u32(&x201, &x202, x200, x184, 0x0); + fiat_secp256k1_montgomery_addcarryx_u32(&x203, &x204, 0x0, x6, 0x1); + x205 = ((x143 >> 1) | ((x145 << 31) & UINT32_C(0xffffffff))); + x206 = ((x145 >> 1) | ((x147 << 31) & UINT32_C(0xffffffff))); + x207 = ((x147 >> 1) | ((x149 << 31) & UINT32_C(0xffffffff))); + x208 = ((x149 >> 1) | ((x151 << 31) & UINT32_C(0xffffffff))); + x209 = ((x151 >> 1) | ((x153 << 31) & UINT32_C(0xffffffff))); + x210 = ((x153 >> 1) | ((x155 << 31) & UINT32_C(0xffffffff))); + x211 = ((x155 >> 1) | ((x157 << 31) & UINT32_C(0xffffffff))); + x212 = ((x157 >> 1) | ((x159 << 31) & UINT32_C(0xffffffff))); + x213 = ((x159 & UINT32_C(0x80000000)) | (x159 >> 1)); + fiat_secp256k1_montgomery_cmovznz_u32(&x214, x84, x67, x51); + fiat_secp256k1_montgomery_cmovznz_u32(&x215, x84, x69, x53); + fiat_secp256k1_montgomery_cmovznz_u32(&x216, x84, x71, x55); + fiat_secp256k1_montgomery_cmovznz_u32(&x217, x84, x73, x57); + fiat_secp256k1_montgomery_cmovznz_u32(&x218, x84, x75, x59); + fiat_secp256k1_montgomery_cmovznz_u32(&x219, x84, x77, x61); + fiat_secp256k1_montgomery_cmovznz_u32(&x220, x84, x79, x63); + fiat_secp256k1_montgomery_cmovznz_u32(&x221, x84, x81, x65); + fiat_secp256k1_montgomery_cmovznz_u32(&x222, x202, x185, x169); + fiat_secp256k1_montgomery_cmovznz_u32(&x223, x202, x187, x171); + fiat_secp256k1_montgomery_cmovznz_u32(&x224, x202, x189, x173); + fiat_secp256k1_montgomery_cmovznz_u32(&x225, x202, x191, x175); + fiat_secp256k1_montgomery_cmovznz_u32(&x226, x202, x193, x177); + fiat_secp256k1_montgomery_cmovznz_u32(&x227, x202, x195, x179); + fiat_secp256k1_montgomery_cmovznz_u32(&x228, x202, x197, x181); + fiat_secp256k1_montgomery_cmovznz_u32(&x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5536,31 +5482,31 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /* diff --git a/fiat-c/src/secp256k1_montgomery_64.c b/fiat-c/src/secp256k1_montgomery_64.c index 5582fea34d..3724d80734 100644 --- a/fiat-c/src/secp256k1_montgomery_64.c +++ b/fiat-c/src/secp256k1_montgomery_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_secp256k1_montgomery_value_barrier_u64(uint64_t */ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_addcarryx_u64(uint64_t* out1, fiat_secp256k1_montgomery_uint1* out2, fiat_secp256k1_montgomery_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_secp256k1_montgomery_uint128 x1; - uint64_t x2; - fiat_secp256k1_montgomery_uint1 x3; + fiat_secp256k1_montgomery_uint1 x2; x1 = ((arg1 + (fiat_secp256k1_montgomery_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_secp256k1_montgomery_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_secp256k1_montgomery_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_subb static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_secp256k1_montgomery_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_secp256k1_montgomery_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -1567,154 +1563,98 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_to_b uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint8_t x60; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = (uint8_t)x28; + out1[28] = (uint8_t)x29; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -1995,46 +1935,46 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint64_t x71; uint64_t x72; uint64_t x73; - fiat_secp256k1_montgomery_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_secp256k1_montgomery_uint1 x81; - uint64_t x82; - fiat_secp256k1_montgomery_uint1 x83; - uint64_t x84; - fiat_secp256k1_montgomery_uint1 x85; - uint64_t x86; - fiat_secp256k1_montgomery_uint1 x87; - uint64_t x88; - fiat_secp256k1_montgomery_uint1 x89; + fiat_secp256k1_montgomery_uint1 x80; + uint64_t x81; + fiat_secp256k1_montgomery_uint1 x82; + uint64_t x83; + fiat_secp256k1_montgomery_uint1 x84; + uint64_t x85; + fiat_secp256k1_montgomery_uint1 x86; + uint64_t x87; + fiat_secp256k1_montgomery_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_secp256k1_montgomery_uint1 x95; - uint64_t x96; - fiat_secp256k1_montgomery_uint1 x97; - uint64_t x98; - fiat_secp256k1_montgomery_uint1 x99; - uint64_t x100; - fiat_secp256k1_montgomery_uint1 x101; - uint64_t x102; - fiat_secp256k1_montgomery_uint1 x103; - uint64_t x104; - fiat_secp256k1_montgomery_uint1 x105; - uint64_t x106; - fiat_secp256k1_montgomery_uint1 x107; - uint64_t x108; - fiat_secp256k1_montgomery_uint1 x109; - uint64_t x110; - fiat_secp256k1_montgomery_uint1 x111; - uint64_t x112; - fiat_secp256k1_montgomery_uint1 x113; + fiat_secp256k1_montgomery_uint1 x94; + uint64_t x95; + fiat_secp256k1_montgomery_uint1 x96; + uint64_t x97; + fiat_secp256k1_montgomery_uint1 x98; + uint64_t x99; + fiat_secp256k1_montgomery_uint1 x100; + uint64_t x101; + fiat_secp256k1_montgomery_uint1 x102; + uint64_t x103; + fiat_secp256k1_montgomery_uint1 x104; + uint64_t x105; + fiat_secp256k1_montgomery_uint1 x106; + uint64_t x107; + fiat_secp256k1_montgomery_uint1 x108; + uint64_t x109; + fiat_secp256k1_montgomery_uint1 x110; + uint64_t x111; + fiat_secp256k1_montgomery_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -2047,9 +1987,8 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_secp256k1_montgomery_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_secp256k1_montgomery_uint1)((fiat_secp256k1_montgomery_uint1)(x1 >> 63) & (fiat_secp256k1_montgomery_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_secp256k1_montgomery_uint1)((fiat_secp256k1_montgomery_uint1)(x1 >> 63) & (fiat_secp256k1_montgomery_uint1)(arg3[0])); fiat_secp256k1_montgomery_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_secp256k1_montgomery_cmovznz_u64(&x6, x3, arg1, x4); fiat_secp256k1_montgomery_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -2097,63 +2036,62 @@ static FIAT_SECP256K1_MONTGOMERY_FIAT_INLINE void fiat_secp256k1_montgomery_divs fiat_secp256k1_montgomery_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_secp256k1_montgomery_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_secp256k1_montgomery_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_secp256k1_montgomery_uint1)(x22 & 0x1); - fiat_secp256k1_montgomery_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_secp256k1_montgomery_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_secp256k1_montgomery_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_secp256k1_montgomery_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_secp256k1_montgomery_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_secp256k1_montgomery_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_secp256k1_montgomery_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_secp256k1_montgomery_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_secp256k1_montgomery_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_secp256k1_montgomery_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_secp256k1_montgomery_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_secp256k1_montgomery_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_secp256k1_montgomery_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_secp256k1_montgomery_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_secp256k1_montgomery_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_secp256k1_montgomery_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_secp256k1_montgomery_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_secp256k1_montgomery_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_secp256k1_montgomery_subborrowx_u64(&x102, &x103, 0x0, x94, UINT64_C(0xfffffffefffffc2f)); - fiat_secp256k1_montgomery_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0xffffffffffffffff)); - fiat_secp256k1_montgomery_subborrowx_u64(&x106, &x107, x105, x98, UINT64_C(0xffffffffffffffff)); - fiat_secp256k1_montgomery_subborrowx_u64(&x108, &x109, x107, x100, UINT64_C(0xffffffffffffffff)); - fiat_secp256k1_montgomery_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_secp256k1_montgomery_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_secp256k1_montgomery_cmovznz_u64(&x119, x48, x39, x31); - fiat_secp256k1_montgomery_cmovznz_u64(&x120, x48, x41, x33); - fiat_secp256k1_montgomery_cmovznz_u64(&x121, x48, x43, x35); - fiat_secp256k1_montgomery_cmovznz_u64(&x122, x48, x45, x37); - fiat_secp256k1_montgomery_cmovznz_u64(&x123, x111, x102, x94); - fiat_secp256k1_montgomery_cmovznz_u64(&x124, x111, x104, x96); - fiat_secp256k1_montgomery_cmovznz_u64(&x125, x111, x106, x98); - fiat_secp256k1_montgomery_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_secp256k1_montgomery_cmovznz_u64(&x74, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x7); + fiat_secp256k1_montgomery_cmovznz_u64(&x75, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x8); + fiat_secp256k1_montgomery_cmovznz_u64(&x76, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x9); + fiat_secp256k1_montgomery_cmovznz_u64(&x77, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x10); + fiat_secp256k1_montgomery_cmovznz_u64(&x78, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x11); + fiat_secp256k1_montgomery_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_secp256k1_montgomery_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_secp256k1_montgomery_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_secp256k1_montgomery_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_secp256k1_montgomery_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_secp256k1_montgomery_cmovznz_u64(&x89, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x27); + fiat_secp256k1_montgomery_cmovznz_u64(&x90, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x28); + fiat_secp256k1_montgomery_cmovznz_u64(&x91, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x29); + fiat_secp256k1_montgomery_cmovznz_u64(&x92, (fiat_secp256k1_montgomery_uint1)x22, 0x0, x30); + fiat_secp256k1_montgomery_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_secp256k1_montgomery_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_secp256k1_montgomery_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_secp256k1_montgomery_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_secp256k1_montgomery_subborrowx_u64(&x101, &x102, 0x0, x93, UINT64_C(0xfffffffefffffc2f)); + fiat_secp256k1_montgomery_subborrowx_u64(&x103, &x104, x102, x95, UINT64_C(0xffffffffffffffff)); + fiat_secp256k1_montgomery_subborrowx_u64(&x105, &x106, x104, x97, UINT64_C(0xffffffffffffffff)); + fiat_secp256k1_montgomery_subborrowx_u64(&x107, &x108, x106, x99, UINT64_C(0xffffffffffffffff)); + fiat_secp256k1_montgomery_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_secp256k1_montgomery_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_secp256k1_montgomery_cmovznz_u64(&x118, x48, x39, x31); + fiat_secp256k1_montgomery_cmovznz_u64(&x119, x48, x41, x33); + fiat_secp256k1_montgomery_cmovznz_u64(&x120, x48, x43, x35); + fiat_secp256k1_montgomery_cmovznz_u64(&x121, x48, x45, x37); + fiat_secp256k1_montgomery_cmovznz_u64(&x122, x110, x101, x93); + fiat_secp256k1_montgomery_cmovznz_u64(&x123, x110, x103, x95); + fiat_secp256k1_montgomery_cmovznz_u64(&x124, x110, x105, x97); + fiat_secp256k1_montgomery_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-c/src/secp256k1_montgomery_scalar_32.c b/fiat-c/src/secp256k1_montgomery_scalar_32.c index f3bb2dc386..3a6333f21b 100644 --- a/fiat-c/src/secp256k1_montgomery_scalar_32.c +++ b/fiat-c/src/secp256k1_montgomery_scalar_32.c @@ -65,13 +65,11 @@ static __inline__ uint32_t fiat_secp256k1_montgomery_scalar_value_barrier_u32(ui */ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgomery_scalar_addcarryx_u32(uint32_t* out1, fiat_secp256k1_montgomery_scalar_uint1* out2, fiat_secp256k1_montgomery_scalar_uint1 arg1, uint32_t arg2, uint32_t arg3) { uint64_t x1; - uint32_t x2; - fiat_secp256k1_montgomery_scalar_uint1 x3; + fiat_secp256k1_montgomery_scalar_uint1 x2; x1 = ((arg1 + (uint64_t)arg2) + arg3); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -117,12 +115,10 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgomery_scalar_mulx_u32(uint32_t* out1, uint32_t* out2, uint32_t arg1, uint32_t arg2) { uint64_t x1; uint32_t x2; - uint32_t x3; x1 = ((uint64_t)arg1 * arg2); - x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); - x3 = (uint32_t)(x1 >> 32); - *out1 = x2; - *out2 = x3; + x2 = (uint32_t)(x1 >> 32); + *out1 = (uint32_t)x1; + *out2 = x2; } /* @@ -5054,54 +5050,30 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint32_t x6; uint32_t x7; uint32_t x8; - uint8_t x9; + uint32_t x9; uint32_t x10; uint8_t x11; uint32_t x12; - uint8_t x13; + uint32_t x13; uint8_t x14; - uint8_t x15; + uint32_t x15; uint32_t x16; uint8_t x17; uint32_t x18; - uint8_t x19; + uint32_t x19; uint8_t x20; - uint8_t x21; + uint32_t x21; uint32_t x22; uint8_t x23; uint32_t x24; - uint8_t x25; + uint32_t x25; uint8_t x26; - uint8_t x27; + uint32_t x27; uint32_t x28; uint8_t x29; uint32_t x30; - uint8_t x31; + uint32_t x31; uint8_t x32; - uint8_t x33; - uint32_t x34; - uint8_t x35; - uint32_t x36; - uint8_t x37; - uint8_t x38; - uint8_t x39; - uint32_t x40; - uint8_t x41; - uint32_t x42; - uint8_t x43; - uint8_t x44; - uint8_t x45; - uint32_t x46; - uint8_t x47; - uint32_t x48; - uint8_t x49; - uint8_t x50; - uint8_t x51; - uint32_t x52; - uint8_t x53; - uint32_t x54; - uint8_t x55; - uint8_t x56; x1 = (arg1[7]); x2 = (arg1[6]); x3 = (arg1[5]); @@ -5110,86 +5082,62 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome x6 = (arg1[2]); x7 = (arg1[1]); x8 = (arg1[0]); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (uint8_t)(x12 >> 8); - x15 = (uint8_t)(x7 & UINT8_C(0xff)); - x16 = (x7 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (x16 >> 8); - x19 = (uint8_t)(x18 & UINT8_C(0xff)); - x20 = (uint8_t)(x18 >> 8); - x21 = (uint8_t)(x6 & UINT8_C(0xff)); - x22 = (x6 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (uint8_t)(x24 >> 8); - x27 = (uint8_t)(x5 & UINT8_C(0xff)); - x28 = (x5 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x4 & UINT8_C(0xff)); - x34 = (x4 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (uint8_t)(x36 >> 8); - x39 = (uint8_t)(x3 & UINT8_C(0xff)); - x40 = (x3 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (uint8_t)(x42 >> 8); - x45 = (uint8_t)(x2 & UINT8_C(0xff)); - x46 = (x2 >> 8); - x47 = (uint8_t)(x46 & UINT8_C(0xff)); - x48 = (x46 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (uint8_t)(x48 >> 8); - x51 = (uint8_t)(x1 & UINT8_C(0xff)); - x52 = (x1 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (uint8_t)(x54 >> 8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x7 >> 8); + x13 = (x12 >> 8); + x14 = (uint8_t)(x13 >> 8); + x15 = (x6 >> 8); + x16 = (x15 >> 8); + x17 = (uint8_t)(x16 >> 8); + x18 = (x5 >> 8); + x19 = (x18 >> 8); + x20 = (uint8_t)(x19 >> 8); + x21 = (x4 >> 8); + x22 = (x21 >> 8); + x23 = (uint8_t)(x22 >> 8); + x24 = (x3 >> 8); + x25 = (x24 >> 8); + x26 = (uint8_t)(x25 >> 8); + x27 = (x2 >> 8); + x28 = (x27 >> 8); + x29 = (uint8_t)(x28 >> 8); + x30 = (x1 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x8; + out1[1] = (uint8_t)x9; + out1[2] = (uint8_t)x10; + out1[3] = x11; + out1[4] = (uint8_t)x7; + out1[5] = (uint8_t)x12; + out1[6] = (uint8_t)x13; + out1[7] = x14; + out1[8] = (uint8_t)x6; + out1[9] = (uint8_t)x15; + out1[10] = (uint8_t)x16; + out1[11] = x17; + out1[12] = (uint8_t)x5; + out1[13] = (uint8_t)x18; + out1[14] = (uint8_t)x19; + out1[15] = x20; + out1[16] = (uint8_t)x4; + out1[17] = (uint8_t)x21; + out1[18] = (uint8_t)x22; + out1[19] = x23; + out1[20] = (uint8_t)x3; + out1[21] = (uint8_t)x24; + out1[22] = (uint8_t)x25; + out1[23] = x26; + out1[24] = (uint8_t)x2; + out1[25] = (uint8_t)x27; + out1[26] = (uint8_t)x28; + out1[27] = x29; + out1[28] = (uint8_t)x1; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -5534,7 +5482,7 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint32_t x131; uint32_t x132; uint32_t x133; - fiat_secp256k1_montgomery_scalar_uint1 x134; + uint32_t x134; uint32_t x135; uint32_t x136; uint32_t x137; @@ -5544,24 +5492,24 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint32_t x141; uint32_t x142; uint32_t x143; - uint32_t x144; - fiat_secp256k1_montgomery_scalar_uint1 x145; - uint32_t x146; - fiat_secp256k1_montgomery_scalar_uint1 x147; - uint32_t x148; - fiat_secp256k1_montgomery_scalar_uint1 x149; - uint32_t x150; - fiat_secp256k1_montgomery_scalar_uint1 x151; - uint32_t x152; - fiat_secp256k1_montgomery_scalar_uint1 x153; - uint32_t x154; - fiat_secp256k1_montgomery_scalar_uint1 x155; - uint32_t x156; - fiat_secp256k1_montgomery_scalar_uint1 x157; - uint32_t x158; - fiat_secp256k1_montgomery_scalar_uint1 x159; - uint32_t x160; - fiat_secp256k1_montgomery_scalar_uint1 x161; + fiat_secp256k1_montgomery_scalar_uint1 x144; + uint32_t x145; + fiat_secp256k1_montgomery_scalar_uint1 x146; + uint32_t x147; + fiat_secp256k1_montgomery_scalar_uint1 x148; + uint32_t x149; + fiat_secp256k1_montgomery_scalar_uint1 x150; + uint32_t x151; + fiat_secp256k1_montgomery_scalar_uint1 x152; + uint32_t x153; + fiat_secp256k1_montgomery_scalar_uint1 x154; + uint32_t x155; + fiat_secp256k1_montgomery_scalar_uint1 x156; + uint32_t x157; + fiat_secp256k1_montgomery_scalar_uint1 x158; + uint32_t x159; + fiat_secp256k1_montgomery_scalar_uint1 x160; + uint32_t x161; uint32_t x162; uint32_t x163; uint32_t x164; @@ -5570,42 +5518,42 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint32_t x167; uint32_t x168; uint32_t x169; - uint32_t x170; - fiat_secp256k1_montgomery_scalar_uint1 x171; - uint32_t x172; - fiat_secp256k1_montgomery_scalar_uint1 x173; - uint32_t x174; - fiat_secp256k1_montgomery_scalar_uint1 x175; - uint32_t x176; - fiat_secp256k1_montgomery_scalar_uint1 x177; - uint32_t x178; - fiat_secp256k1_montgomery_scalar_uint1 x179; - uint32_t x180; - fiat_secp256k1_montgomery_scalar_uint1 x181; - uint32_t x182; - fiat_secp256k1_montgomery_scalar_uint1 x183; - uint32_t x184; - fiat_secp256k1_montgomery_scalar_uint1 x185; - uint32_t x186; - fiat_secp256k1_montgomery_scalar_uint1 x187; - uint32_t x188; - fiat_secp256k1_montgomery_scalar_uint1 x189; - uint32_t x190; - fiat_secp256k1_montgomery_scalar_uint1 x191; - uint32_t x192; - fiat_secp256k1_montgomery_scalar_uint1 x193; - uint32_t x194; - fiat_secp256k1_montgomery_scalar_uint1 x195; - uint32_t x196; - fiat_secp256k1_montgomery_scalar_uint1 x197; - uint32_t x198; - fiat_secp256k1_montgomery_scalar_uint1 x199; - uint32_t x200; - fiat_secp256k1_montgomery_scalar_uint1 x201; - uint32_t x202; - fiat_secp256k1_montgomery_scalar_uint1 x203; - uint32_t x204; - fiat_secp256k1_montgomery_scalar_uint1 x205; + fiat_secp256k1_montgomery_scalar_uint1 x170; + uint32_t x171; + fiat_secp256k1_montgomery_scalar_uint1 x172; + uint32_t x173; + fiat_secp256k1_montgomery_scalar_uint1 x174; + uint32_t x175; + fiat_secp256k1_montgomery_scalar_uint1 x176; + uint32_t x177; + fiat_secp256k1_montgomery_scalar_uint1 x178; + uint32_t x179; + fiat_secp256k1_montgomery_scalar_uint1 x180; + uint32_t x181; + fiat_secp256k1_montgomery_scalar_uint1 x182; + uint32_t x183; + fiat_secp256k1_montgomery_scalar_uint1 x184; + uint32_t x185; + fiat_secp256k1_montgomery_scalar_uint1 x186; + uint32_t x187; + fiat_secp256k1_montgomery_scalar_uint1 x188; + uint32_t x189; + fiat_secp256k1_montgomery_scalar_uint1 x190; + uint32_t x191; + fiat_secp256k1_montgomery_scalar_uint1 x192; + uint32_t x193; + fiat_secp256k1_montgomery_scalar_uint1 x194; + uint32_t x195; + fiat_secp256k1_montgomery_scalar_uint1 x196; + uint32_t x197; + fiat_secp256k1_montgomery_scalar_uint1 x198; + uint32_t x199; + fiat_secp256k1_montgomery_scalar_uint1 x200; + uint32_t x201; + fiat_secp256k1_montgomery_scalar_uint1 x202; + uint32_t x203; + fiat_secp256k1_montgomery_scalar_uint1 x204; + uint32_t x205; uint32_t x206; uint32_t x207; uint32_t x208; @@ -5630,9 +5578,8 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint32_t x227; uint32_t x228; uint32_t x229; - uint32_t x230; fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_secp256k1_montgomery_scalar_uint1)((fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 31) & (fiat_secp256k1_montgomery_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_secp256k1_montgomery_scalar_uint1)((fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 31) & (fiat_secp256k1_montgomery_scalar_uint1)(arg3[0])); fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x4, &x5, 0x0, (~arg1), 0x1); fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x6, x3, arg1, x4); fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x7, x3, (arg2[0]), (arg3[0])); @@ -5720,77 +5667,76 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x131, x3, (arg5[5]), x120); fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x132, x3, (arg5[6]), x122); fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x133, x3, (arg5[7]), x124); - x134 = (fiat_secp256k1_montgomery_scalar_uint1)(x34 & 0x1); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x135, x134, 0x0, x7); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x136, x134, 0x0, x8); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x137, x134, 0x0, x9); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x138, x134, 0x0, x10); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x139, x134, 0x0, x11); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x140, x134, 0x0, x12); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x141, x134, 0x0, x13); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x142, x134, 0x0, x14); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x143, x134, 0x0, x15); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x144, &x145, 0x0, x34, x135); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x146, &x147, x145, x35, x136); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x148, &x149, x147, x36, x137); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x150, &x151, x149, x37, x138); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x152, &x153, x151, x38, x139); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x154, &x155, x153, x39, x140); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x156, &x157, x155, x40, x141); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x158, &x159, x157, x41, x142); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x160, &x161, x159, x42, x143); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x162, x134, 0x0, x43); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x163, x134, 0x0, x44); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x164, x134, 0x0, x45); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x165, x134, 0x0, x46); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x166, x134, 0x0, x47); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x167, x134, 0x0, x48); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x168, x134, 0x0, x49); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x169, x134, 0x0, x50); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x170, &x171, 0x0, x126, x162); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x172, &x173, x171, x127, x163); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x174, &x175, x173, x128, x164); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x176, &x177, x175, x129, x165); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x178, &x179, x177, x130, x166); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x180, &x181, x179, x131, x167); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x182, &x183, x181, x132, x168); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x184, &x185, x183, x133, x169); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x186, &x187, 0x0, x170, UINT32_C(0xd0364141)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x188, &x189, x187, x172, UINT32_C(0xbfd25e8c)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x190, &x191, x189, x174, UINT32_C(0xaf48a03b)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x192, &x193, x191, x176, UINT32_C(0xbaaedce6)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x194, &x195, x193, x178, UINT32_C(0xfffffffe)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x196, &x197, x195, x180, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x198, &x199, x197, x182, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x200, &x201, x199, x184, UINT32_C(0xffffffff)); - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x202, &x203, x201, x185, 0x0); - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x204, &x205, 0x0, x6, 0x1); - x206 = ((x144 >> 1) | ((x146 << 31) & UINT32_C(0xffffffff))); - x207 = ((x146 >> 1) | ((x148 << 31) & UINT32_C(0xffffffff))); - x208 = ((x148 >> 1) | ((x150 << 31) & UINT32_C(0xffffffff))); - x209 = ((x150 >> 1) | ((x152 << 31) & UINT32_C(0xffffffff))); - x210 = ((x152 >> 1) | ((x154 << 31) & UINT32_C(0xffffffff))); - x211 = ((x154 >> 1) | ((x156 << 31) & UINT32_C(0xffffffff))); - x212 = ((x156 >> 1) | ((x158 << 31) & UINT32_C(0xffffffff))); - x213 = ((x158 >> 1) | ((x160 << 31) & UINT32_C(0xffffffff))); - x214 = ((x160 & UINT32_C(0x80000000)) | (x160 >> 1)); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x215, x84, x67, x51); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x216, x84, x69, x53); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x217, x84, x71, x55); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x218, x84, x73, x57); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x219, x84, x75, x59); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x220, x84, x77, x61); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x221, x84, x79, x63); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x222, x84, x81, x65); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x223, x203, x186, x170); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x224, x203, x188, x172); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x225, x203, x190, x174); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x226, x203, x192, x176); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x227, x203, x194, x178); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x228, x203, x196, x180); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x229, x203, x198, x182); - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x230, x203, x200, x184); - *out1 = x204; + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x134, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x7); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x135, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x8); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x136, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x9); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x137, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x10); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x138, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x11); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x139, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x12); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x140, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x13); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x141, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x14); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x142, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x15); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x143, &x144, 0x0, x34, x134); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x145, &x146, x144, x35, x135); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x147, &x148, x146, x36, x136); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x149, &x150, x148, x37, x137); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x151, &x152, x150, x38, x138); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x153, &x154, x152, x39, x139); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x155, &x156, x154, x40, x140); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x157, &x158, x156, x41, x141); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x159, &x160, x158, x42, x142); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x161, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x43); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x162, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x44); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x163, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x45); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x164, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x46); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x165, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x47); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x166, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x48); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x167, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x49); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x168, (fiat_secp256k1_montgomery_scalar_uint1)x34, 0x0, x50); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x169, &x170, 0x0, x126, x161); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x171, &x172, x170, x127, x162); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x173, &x174, x172, x128, x163); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x175, &x176, x174, x129, x164); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x177, &x178, x176, x130, x165); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x179, &x180, x178, x131, x166); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x181, &x182, x180, x132, x167); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x183, &x184, x182, x133, x168); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x185, &x186, 0x0, x169, UINT32_C(0xd0364141)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x187, &x188, x186, x171, UINT32_C(0xbfd25e8c)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x189, &x190, x188, x173, UINT32_C(0xaf48a03b)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x191, &x192, x190, x175, UINT32_C(0xbaaedce6)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x193, &x194, x192, x177, UINT32_C(0xfffffffe)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x195, &x196, x194, x179, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x197, &x198, x196, x181, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x199, &x200, x198, x183, UINT32_C(0xffffffff)); + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&x201, &x202, x200, x184, 0x0); + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&x203, &x204, 0x0, x6, 0x1); + x205 = ((x143 >> 1) | ((x145 << 31) & UINT32_C(0xffffffff))); + x206 = ((x145 >> 1) | ((x147 << 31) & UINT32_C(0xffffffff))); + x207 = ((x147 >> 1) | ((x149 << 31) & UINT32_C(0xffffffff))); + x208 = ((x149 >> 1) | ((x151 << 31) & UINT32_C(0xffffffff))); + x209 = ((x151 >> 1) | ((x153 << 31) & UINT32_C(0xffffffff))); + x210 = ((x153 >> 1) | ((x155 << 31) & UINT32_C(0xffffffff))); + x211 = ((x155 >> 1) | ((x157 << 31) & UINT32_C(0xffffffff))); + x212 = ((x157 >> 1) | ((x159 << 31) & UINT32_C(0xffffffff))); + x213 = ((x159 & UINT32_C(0x80000000)) | (x159 >> 1)); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x214, x84, x67, x51); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x215, x84, x69, x53); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x216, x84, x71, x55); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x217, x84, x73, x57); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x218, x84, x75, x59); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x219, x84, x77, x61); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x220, x84, x79, x63); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x221, x84, x81, x65); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x222, x202, x185, x169); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x223, x202, x187, x171); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x224, x202, x189, x173); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x225, x202, x191, x175); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x226, x202, x193, x177); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x227, x202, x195, x179); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x228, x202, x197, x181); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5800,31 +5746,31 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /* diff --git a/fiat-c/src/secp256k1_montgomery_scalar_64.c b/fiat-c/src/secp256k1_montgomery_scalar_64.c index 053e7785e3..0bd33b0843 100644 --- a/fiat-c/src/secp256k1_montgomery_scalar_64.c +++ b/fiat-c/src/secp256k1_montgomery_scalar_64.c @@ -70,13 +70,11 @@ static __inline__ uint64_t fiat_secp256k1_montgomery_scalar_value_barrier_u64(ui */ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgomery_scalar_addcarryx_u64(uint64_t* out1, fiat_secp256k1_montgomery_scalar_uint1* out2, fiat_secp256k1_montgomery_scalar_uint1 arg1, uint64_t arg2, uint64_t arg3) { fiat_secp256k1_montgomery_scalar_uint128 x1; - uint64_t x2; - fiat_secp256k1_montgomery_scalar_uint1 x3; + fiat_secp256k1_montgomery_scalar_uint1 x2; x1 = ((arg1 + (fiat_secp256k1_montgomery_scalar_uint128)arg2) + arg3); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -122,12 +120,10 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgomery_scalar_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { fiat_secp256k1_montgomery_scalar_uint128 x1; uint64_t x2; - uint64_t x3; x1 = ((fiat_secp256k1_montgomery_scalar_uint128)arg1 * arg2); - x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; + x2 = (uint64_t)(x1 >> 64); + *out1 = (uint64_t)x1; + *out2 = x2; } /* @@ -1627,154 +1623,98 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint64_t x2; uint64_t x3; uint64_t x4; - uint8_t x5; + uint64_t x5; uint64_t x6; - uint8_t x7; + uint64_t x7; uint64_t x8; - uint8_t x9; + uint64_t x9; uint64_t x10; uint8_t x11; uint64_t x12; - uint8_t x13; + uint64_t x13; uint64_t x14; - uint8_t x15; + uint64_t x15; uint64_t x16; - uint8_t x17; + uint64_t x17; uint8_t x18; - uint8_t x19; + uint64_t x19; uint64_t x20; - uint8_t x21; + uint64_t x21; uint64_t x22; - uint8_t x23; + uint64_t x23; uint64_t x24; uint8_t x25; uint64_t x26; - uint8_t x27; + uint64_t x27; uint64_t x28; - uint8_t x29; + uint64_t x29; uint64_t x30; - uint8_t x31; + uint64_t x31; uint8_t x32; - uint8_t x33; - uint64_t x34; - uint8_t x35; - uint64_t x36; - uint8_t x37; - uint64_t x38; - uint8_t x39; - uint64_t x40; - uint8_t x41; - uint64_t x42; - uint8_t x43; - uint64_t x44; - uint8_t x45; - uint8_t x46; - uint8_t x47; - uint64_t x48; - uint8_t x49; - uint64_t x50; - uint8_t x51; - uint64_t x52; - uint8_t x53; - uint64_t x54; - uint8_t x55; - uint64_t x56; - uint8_t x57; - uint64_t x58; - uint8_t x59; - uint8_t x60; x1 = (arg1[3]); x2 = (arg1[2]); x3 = (arg1[1]); x4 = (arg1[0]); - x5 = (uint8_t)(x4 & UINT8_C(0xff)); - x6 = (x4 >> 8); - x7 = (uint8_t)(x6 & UINT8_C(0xff)); - x8 = (x6 >> 8); - x9 = (uint8_t)(x8 & UINT8_C(0xff)); - x10 = (x8 >> 8); - x11 = (uint8_t)(x10 & UINT8_C(0xff)); - x12 = (x10 >> 8); - x13 = (uint8_t)(x12 & UINT8_C(0xff)); - x14 = (x12 >> 8); - x15 = (uint8_t)(x14 & UINT8_C(0xff)); - x16 = (x14 >> 8); - x17 = (uint8_t)(x16 & UINT8_C(0xff)); - x18 = (uint8_t)(x16 >> 8); - x19 = (uint8_t)(x3 & UINT8_C(0xff)); - x20 = (x3 >> 8); - x21 = (uint8_t)(x20 & UINT8_C(0xff)); - x22 = (x20 >> 8); - x23 = (uint8_t)(x22 & UINT8_C(0xff)); - x24 = (x22 >> 8); - x25 = (uint8_t)(x24 & UINT8_C(0xff)); - x26 = (x24 >> 8); - x27 = (uint8_t)(x26 & UINT8_C(0xff)); - x28 = (x26 >> 8); - x29 = (uint8_t)(x28 & UINT8_C(0xff)); - x30 = (x28 >> 8); - x31 = (uint8_t)(x30 & UINT8_C(0xff)); - x32 = (uint8_t)(x30 >> 8); - x33 = (uint8_t)(x2 & UINT8_C(0xff)); - x34 = (x2 >> 8); - x35 = (uint8_t)(x34 & UINT8_C(0xff)); - x36 = (x34 >> 8); - x37 = (uint8_t)(x36 & UINT8_C(0xff)); - x38 = (x36 >> 8); - x39 = (uint8_t)(x38 & UINT8_C(0xff)); - x40 = (x38 >> 8); - x41 = (uint8_t)(x40 & UINT8_C(0xff)); - x42 = (x40 >> 8); - x43 = (uint8_t)(x42 & UINT8_C(0xff)); - x44 = (x42 >> 8); - x45 = (uint8_t)(x44 & UINT8_C(0xff)); - x46 = (uint8_t)(x44 >> 8); - x47 = (uint8_t)(x1 & UINT8_C(0xff)); - x48 = (x1 >> 8); - x49 = (uint8_t)(x48 & UINT8_C(0xff)); - x50 = (x48 >> 8); - x51 = (uint8_t)(x50 & UINT8_C(0xff)); - x52 = (x50 >> 8); - x53 = (uint8_t)(x52 & UINT8_C(0xff)); - x54 = (x52 >> 8); - x55 = (uint8_t)(x54 & UINT8_C(0xff)); - x56 = (x54 >> 8); - x57 = (uint8_t)(x56 & UINT8_C(0xff)); - x58 = (x56 >> 8); - x59 = (uint8_t)(x58 & UINT8_C(0xff)); - x60 = (uint8_t)(x58 >> 8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + x5 = (x4 >> 8); + x6 = (x5 >> 8); + x7 = (x6 >> 8); + x8 = (x7 >> 8); + x9 = (x8 >> 8); + x10 = (x9 >> 8); + x11 = (uint8_t)(x10 >> 8); + x12 = (x3 >> 8); + x13 = (x12 >> 8); + x14 = (x13 >> 8); + x15 = (x14 >> 8); + x16 = (x15 >> 8); + x17 = (x16 >> 8); + x18 = (uint8_t)(x17 >> 8); + x19 = (x2 >> 8); + x20 = (x19 >> 8); + x21 = (x20 >> 8); + x22 = (x21 >> 8); + x23 = (x22 >> 8); + x24 = (x23 >> 8); + x25 = (uint8_t)(x24 >> 8); + x26 = (x1 >> 8); + x27 = (x26 >> 8); + x28 = (x27 >> 8); + x29 = (x28 >> 8); + x30 = (x29 >> 8); + x31 = (x30 >> 8); + x32 = (uint8_t)(x31 >> 8); + out1[0] = (uint8_t)x4; + out1[1] = (uint8_t)x5; + out1[2] = (uint8_t)x6; + out1[3] = (uint8_t)x7; + out1[4] = (uint8_t)x8; + out1[5] = (uint8_t)x9; + out1[6] = (uint8_t)x10; + out1[7] = x11; + out1[8] = (uint8_t)x3; + out1[9] = (uint8_t)x12; + out1[10] = (uint8_t)x13; + out1[11] = (uint8_t)x14; + out1[12] = (uint8_t)x15; + out1[13] = (uint8_t)x16; + out1[14] = (uint8_t)x17; + out1[15] = x18; + out1[16] = (uint8_t)x2; + out1[17] = (uint8_t)x19; + out1[18] = (uint8_t)x20; + out1[19] = (uint8_t)x21; + out1[20] = (uint8_t)x22; + out1[21] = (uint8_t)x23; + out1[22] = (uint8_t)x24; + out1[23] = x25; + out1[24] = (uint8_t)x1; + out1[25] = (uint8_t)x26; + out1[26] = (uint8_t)x27; + out1[27] = (uint8_t)x28; + out1[28] = (uint8_t)x29; + out1[29] = (uint8_t)x30; + out1[30] = (uint8_t)x31; + out1[31] = x32; } /* @@ -2055,46 +1995,46 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint64_t x71; uint64_t x72; uint64_t x73; - fiat_secp256k1_montgomery_scalar_uint1 x74; + uint64_t x74; uint64_t x75; uint64_t x76; uint64_t x77; uint64_t x78; uint64_t x79; - uint64_t x80; - fiat_secp256k1_montgomery_scalar_uint1 x81; - uint64_t x82; - fiat_secp256k1_montgomery_scalar_uint1 x83; - uint64_t x84; - fiat_secp256k1_montgomery_scalar_uint1 x85; - uint64_t x86; - fiat_secp256k1_montgomery_scalar_uint1 x87; - uint64_t x88; - fiat_secp256k1_montgomery_scalar_uint1 x89; + fiat_secp256k1_montgomery_scalar_uint1 x80; + uint64_t x81; + fiat_secp256k1_montgomery_scalar_uint1 x82; + uint64_t x83; + fiat_secp256k1_montgomery_scalar_uint1 x84; + uint64_t x85; + fiat_secp256k1_montgomery_scalar_uint1 x86; + uint64_t x87; + fiat_secp256k1_montgomery_scalar_uint1 x88; + uint64_t x89; uint64_t x90; uint64_t x91; uint64_t x92; uint64_t x93; - uint64_t x94; - fiat_secp256k1_montgomery_scalar_uint1 x95; - uint64_t x96; - fiat_secp256k1_montgomery_scalar_uint1 x97; - uint64_t x98; - fiat_secp256k1_montgomery_scalar_uint1 x99; - uint64_t x100; - fiat_secp256k1_montgomery_scalar_uint1 x101; - uint64_t x102; - fiat_secp256k1_montgomery_scalar_uint1 x103; - uint64_t x104; - fiat_secp256k1_montgomery_scalar_uint1 x105; - uint64_t x106; - fiat_secp256k1_montgomery_scalar_uint1 x107; - uint64_t x108; - fiat_secp256k1_montgomery_scalar_uint1 x109; - uint64_t x110; - fiat_secp256k1_montgomery_scalar_uint1 x111; - uint64_t x112; - fiat_secp256k1_montgomery_scalar_uint1 x113; + fiat_secp256k1_montgomery_scalar_uint1 x94; + uint64_t x95; + fiat_secp256k1_montgomery_scalar_uint1 x96; + uint64_t x97; + fiat_secp256k1_montgomery_scalar_uint1 x98; + uint64_t x99; + fiat_secp256k1_montgomery_scalar_uint1 x100; + uint64_t x101; + fiat_secp256k1_montgomery_scalar_uint1 x102; + uint64_t x103; + fiat_secp256k1_montgomery_scalar_uint1 x104; + uint64_t x105; + fiat_secp256k1_montgomery_scalar_uint1 x106; + uint64_t x107; + fiat_secp256k1_montgomery_scalar_uint1 x108; + uint64_t x109; + fiat_secp256k1_montgomery_scalar_uint1 x110; + uint64_t x111; + fiat_secp256k1_montgomery_scalar_uint1 x112; + uint64_t x113; uint64_t x114; uint64_t x115; uint64_t x116; @@ -2107,9 +2047,8 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome uint64_t x123; uint64_t x124; uint64_t x125; - uint64_t x126; fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - x3 = (fiat_secp256k1_montgomery_scalar_uint1)((fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 63) & (fiat_secp256k1_montgomery_scalar_uint1)((arg3[0]) & 0x1)); + x3 = (fiat_secp256k1_montgomery_scalar_uint1)((fiat_secp256k1_montgomery_scalar_uint1)(x1 >> 63) & (fiat_secp256k1_montgomery_scalar_uint1)(arg3[0])); fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x6, x3, arg1, x4); fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); @@ -2157,63 +2096,62 @@ static FIAT_SECP256K1_MONTGOMERY_SCALAR_FIAT_INLINE void fiat_secp256k1_montgome fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x71, x3, (arg5[1]), x64); fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x72, x3, (arg5[2]), x66); fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x73, x3, (arg5[3]), x68); - x74 = (fiat_secp256k1_montgomery_scalar_uint1)(x22 & 0x1); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x75, x74, 0x0, x7); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x76, x74, 0x0, x8); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x77, x74, 0x0, x9); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x78, x74, 0x0, x10); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x79, x74, 0x0, x11); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x80, &x81, 0x0, x22, x75); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x82, &x83, x81, x23, x76); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x84, &x85, x83, x24, x77); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x86, &x87, x85, x25, x78); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x88, &x89, x87, x26, x79); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x90, x74, 0x0, x27); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x91, x74, 0x0, x28); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x92, x74, 0x0, x29); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x93, x74, 0x0, x30); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x94, &x95, 0x0, x70, x90); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x96, &x97, x95, x71, x91); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x98, &x99, x97, x72, x92); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x100, &x101, x99, x73, x93); - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x102, &x103, 0x0, x94, UINT64_C(0xbfd25e8cd0364141)); - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0xbaaedce6af48a03b)); - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x106, &x107, x105, x98, UINT64_C(0xfffffffffffffffe)); - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x108, &x109, x107, x100, UINT64_C(0xffffffffffffffff)); - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x110, &x111, x109, x101, 0x0); - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x112, &x113, 0x0, x6, 0x1); - x114 = ((x80 >> 1) | ((x82 << 63) & UINT64_C(0xffffffffffffffff))); - x115 = ((x82 >> 1) | ((x84 << 63) & UINT64_C(0xffffffffffffffff))); - x116 = ((x84 >> 1) | ((x86 << 63) & UINT64_C(0xffffffffffffffff))); - x117 = ((x86 >> 1) | ((x88 << 63) & UINT64_C(0xffffffffffffffff))); - x118 = ((x88 & UINT64_C(0x8000000000000000)) | (x88 >> 1)); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x119, x48, x39, x31); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x120, x48, x41, x33); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x121, x48, x43, x35); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x122, x48, x45, x37); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x123, x111, x102, x94); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x124, x111, x104, x96); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x125, x111, x106, x98); - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x126, x111, x108, x100); - *out1 = x112; + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x74, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x7); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x75, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x8); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x76, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x9); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x77, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x10); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x78, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x11); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x79, &x80, 0x0, x22, x74); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x81, &x82, x80, x23, x75); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x83, &x84, x82, x24, x76); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x85, &x86, x84, x25, x77); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x87, &x88, x86, x26, x78); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x89, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x27); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x90, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x28); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x91, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x29); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x92, (fiat_secp256k1_montgomery_scalar_uint1)x22, 0x0, x30); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x93, &x94, 0x0, x70, x89); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x95, &x96, x94, x71, x90); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x97, &x98, x96, x72, x91); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x99, &x100, x98, x73, x92); + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x101, &x102, 0x0, x93, UINT64_C(0xbfd25e8cd0364141)); + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x103, &x104, x102, x95, UINT64_C(0xbaaedce6af48a03b)); + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x105, &x106, x104, x97, UINT64_C(0xfffffffffffffffe)); + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x107, &x108, x106, x99, UINT64_C(0xffffffffffffffff)); + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&x109, &x110, x108, x100, 0x0); + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&x111, &x112, 0x0, x6, 0x1); + x113 = ((x79 >> 1) | ((x81 << 63) & UINT64_C(0xffffffffffffffff))); + x114 = ((x81 >> 1) | ((x83 << 63) & UINT64_C(0xffffffffffffffff))); + x115 = ((x83 >> 1) | ((x85 << 63) & UINT64_C(0xffffffffffffffff))); + x116 = ((x85 >> 1) | ((x87 << 63) & UINT64_C(0xffffffffffffffff))); + x117 = ((x87 & UINT64_C(0x8000000000000000)) | (x87 >> 1)); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x118, x48, x39, x31); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x119, x48, x41, x33); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x120, x48, x43, x35); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x121, x48, x45, x37); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x122, x110, x101, x93); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x123, x110, x103, x95); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x124, x110, x105, x97); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /* diff --git a/fiat-go/32/curve25519/curve25519.go b/fiat-go/32/curve25519/curve25519.go index 3921eb0d87..2ddd00eec4 100644 --- a/fiat-go/32/curve25519/curve25519.go +++ b/fiat-go/32/curve25519/curve25519.go @@ -694,106 +694,76 @@ func ToBytes(out1 *[32]uint8, arg1 *TightFieldElement) { x47 := (x28 << 5) x48 := (x26 << 3) x49 := (x24 << 2) - x50 := (uint8(x22) & 0xff) - x51 := (x22 >> 8) - x52 := (uint8(x51) & 0xff) - x53 := (x51 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := uint8((x53 >> 8)) - x56 := (x49 + uint32(x55)) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := (x58 >> 8) - x61 := (uint8(x60) & 0xff) - x62 := uint8((x60 >> 8)) - x63 := (x48 + uint32(x62)) - x64 := (uint8(x63) & 0xff) - x65 := (x63 >> 8) - x66 := (uint8(x65) & 0xff) - x67 := (x65 >> 8) - x68 := (uint8(x67) & 0xff) - x69 := uint8((x67 >> 8)) - x70 := (x47 + uint32(x69)) - x71 := (uint8(x70) & 0xff) - x72 := (x70 >> 8) - x73 := (uint8(x72) & 0xff) - x74 := (x72 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := uint8((x74 >> 8)) - x77 := (x46 + uint32(x76)) - x78 := (uint8(x77) & 0xff) - x79 := (x77 >> 8) - x80 := (uint8(x79) & 0xff) - x81 := (x79 >> 8) - x82 := (uint8(x81) & 0xff) - x83 := uint8((x81 >> 8)) - x84 := (uint8(x32) & 0xff) - x85 := (x32 >> 8) - x86 := (uint8(x85) & 0xff) - x87 := (x85 >> 8) - x88 := (uint8(x87) & 0xff) - x89 := uint1((x87 >> 8)) - x90 := (x45 + uint32(x89)) - x91 := (uint8(x90) & 0xff) - x92 := (x90 >> 8) - x93 := (uint8(x92) & 0xff) - x94 := (x92 >> 8) - x95 := (uint8(x94) & 0xff) - x96 := uint8((x94 >> 8)) - x97 := (x44 + uint32(x96)) - x98 := (uint8(x97) & 0xff) - x99 := (x97 >> 8) - x100 := (uint8(x99) & 0xff) - x101 := (x99 >> 8) - x102 := (uint8(x101) & 0xff) - x103 := uint8((x101 >> 8)) - x104 := (x43 + uint32(x103)) - x105 := (uint8(x104) & 0xff) - x106 := (x104 >> 8) - x107 := (uint8(x106) & 0xff) - x108 := (x106 >> 8) - x109 := (uint8(x108) & 0xff) - x110 := uint8((x108 >> 8)) - x111 := (x42 + uint32(x110)) - x112 := (uint8(x111) & 0xff) - x113 := (x111 >> 8) - x114 := (uint8(x113) & 0xff) - x115 := (x113 >> 8) - x116 := (uint8(x115) & 0xff) - x117 := uint8((x115 >> 8)) - out1[0] = x50 - out1[1] = x52 - out1[2] = x54 - out1[3] = x57 - out1[4] = x59 - out1[5] = x61 - out1[6] = x64 - out1[7] = x66 - out1[8] = x68 - out1[9] = x71 - out1[10] = x73 - out1[11] = x75 - out1[12] = x78 - out1[13] = x80 - out1[14] = x82 - out1[15] = x83 - out1[16] = x84 - out1[17] = x86 - out1[18] = x88 - out1[19] = x91 - out1[20] = x93 - out1[21] = x95 - out1[22] = x98 - out1[23] = x100 - out1[24] = x102 - out1[25] = x105 - out1[26] = x107 - out1[27] = x109 - out1[28] = x112 - out1[29] = x114 - out1[30] = x116 - out1[31] = x117 + x50 := (x22 >> 8) + x51 := (x50 >> 8) + x52 := uint8((x51 >> 8)) + x53 := (x49 + uint32(x52)) + x54 := (x53 >> 8) + x55 := (x54 >> 8) + x56 := uint8((x55 >> 8)) + x57 := (x48 + uint32(x56)) + x58 := (x57 >> 8) + x59 := (x58 >> 8) + x60 := uint8((x59 >> 8)) + x61 := (x47 + uint32(x60)) + x62 := (x61 >> 8) + x63 := (x62 >> 8) + x64 := uint8((x63 >> 8)) + x65 := (x46 + uint32(x64)) + x66 := (x65 >> 8) + x67 := (x66 >> 8) + x68 := uint8((x67 >> 8)) + x69 := (x32 >> 8) + x70 := (x69 >> 8) + x71 := uint1((x70 >> 8)) + x72 := (x45 + uint32(x71)) + x73 := (x72 >> 8) + x74 := (x73 >> 8) + x75 := uint8((x74 >> 8)) + x76 := (x44 + uint32(x75)) + x77 := (x76 >> 8) + x78 := (x77 >> 8) + x79 := uint8((x78 >> 8)) + x80 := (x43 + uint32(x79)) + x81 := (x80 >> 8) + x82 := (x81 >> 8) + x83 := uint8((x82 >> 8)) + x84 := (x42 + uint32(x83)) + x85 := (x84 >> 8) + x86 := (x85 >> 8) + x87 := uint8((x86 >> 8)) + out1[0] = uint8(x22) + out1[1] = uint8(x50) + out1[2] = uint8(x51) + out1[3] = uint8(x53) + out1[4] = uint8(x54) + out1[5] = uint8(x55) + out1[6] = uint8(x57) + out1[7] = uint8(x58) + out1[8] = uint8(x59) + out1[9] = uint8(x61) + out1[10] = uint8(x62) + out1[11] = uint8(x63) + out1[12] = uint8(x65) + out1[13] = uint8(x66) + out1[14] = uint8(x67) + out1[15] = x68 + out1[16] = uint8(x32) + out1[17] = uint8(x69) + out1[18] = uint8(x70) + out1[19] = uint8(x72) + out1[20] = uint8(x73) + out1[21] = uint8(x74) + out1[22] = uint8(x76) + out1[23] = uint8(x77) + out1[24] = uint8(x78) + out1[25] = uint8(x80) + out1[26] = uint8(x81) + out1[27] = uint8(x82) + out1[28] = uint8(x84) + out1[29] = uint8(x85) + out1[30] = uint8(x86) + out1[31] = x87 } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/32/curve25519scalar/curve25519scalar.go b/fiat-go/32/curve25519scalar/curve25519scalar.go index c2124f0054..dc17d92b73 100644 --- a/fiat-go/32/curve25519scalar/curve25519scalar.go +++ b/fiat-go/32/curve25519scalar/curve25519scalar.go @@ -4011,86 +4011,62 @@ func ToBytes(out1 *[32]uint8, arg1 *[8]uint32) { x6 := arg1[2] x7 := arg1[1] x8 := arg1[0] - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := uint8((x12 >> 8)) - x15 := (uint8(x7) & 0xff) - x16 := (x7 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x6) & 0xff) - x22 := (x6 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := uint8((x24 >> 8)) - x27 := (uint8(x5) & 0xff) - x28 := (x5 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x4) & 0xff) - x34 := (x4 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := uint8((x36 >> 8)) - x39 := (uint8(x3) & 0xff) - x40 := (x3 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (uint8(x2) & 0xff) - x46 := (x2 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (uint8(x1) & 0xff) - x52 := (x1 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := uint8((x54 >> 8)) - out1[0] = x9 - out1[1] = x11 - out1[2] = x13 - out1[3] = x14 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x26 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x38 - out1[20] = x39 - out1[21] = x41 - out1[22] = x43 - out1[23] = x44 - out1[24] = x45 - out1[25] = x47 - out1[26] = x49 - out1[27] = x50 - out1[28] = x51 - out1[29] = x53 - out1[30] = x55 - out1[31] = x56 + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x7 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := uint8((x16 >> 8)) + x18 := (x5 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := uint8((x22 >> 8)) + x24 := (x3 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x2 >> 8) + x28 := (x27 >> 8) + x29 := uint8((x28 >> 8)) + x30 := (x1 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x9) + out1[2] = uint8(x10) + out1[3] = x11 + out1[4] = uint8(x7) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = x17 + out1[12] = uint8(x5) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = x23 + out1[20] = uint8(x3) + out1[21] = uint8(x24) + out1[22] = uint8(x25) + out1[23] = x26 + out1[24] = uint8(x2) + out1[25] = uint8(x27) + out1[26] = uint8(x28) + out1[27] = x29 + out1[28] = uint8(x1) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4240,7 +4216,7 @@ func Msat(out1 *[9]uint32) { func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, out5 *[8]uint32, arg1 uint32, arg2 *[9]uint32, arg3 *[9]uint32, arg4 *[8]uint32, arg5 *[8]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -4446,161 +4422,160 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou cmovznzU32(&x132, x3, arg5[6], x122) var x133 uint32 cmovznzU32(&x133, x3, arg5[7], x124) - x134 := (uint1(x34) & 0x1) + var x134 uint32 + cmovznzU32(&x134, uint1(x34), uint32(0x0), x7) var x135 uint32 - cmovznzU32(&x135, x134, uint32(0x0), x7) + cmovznzU32(&x135, uint1(x34), uint32(0x0), x8) var x136 uint32 - cmovznzU32(&x136, x134, uint32(0x0), x8) + cmovznzU32(&x136, uint1(x34), uint32(0x0), x9) var x137 uint32 - cmovznzU32(&x137, x134, uint32(0x0), x9) + cmovznzU32(&x137, uint1(x34), uint32(0x0), x10) var x138 uint32 - cmovznzU32(&x138, x134, uint32(0x0), x10) + cmovznzU32(&x138, uint1(x34), uint32(0x0), x11) var x139 uint32 - cmovznzU32(&x139, x134, uint32(0x0), x11) + cmovznzU32(&x139, uint1(x34), uint32(0x0), x12) var x140 uint32 - cmovznzU32(&x140, x134, uint32(0x0), x12) + cmovznzU32(&x140, uint1(x34), uint32(0x0), x13) var x141 uint32 - cmovznzU32(&x141, x134, uint32(0x0), x13) + cmovznzU32(&x141, uint1(x34), uint32(0x0), x14) var x142 uint32 - cmovznzU32(&x142, x134, uint32(0x0), x14) + cmovznzU32(&x142, uint1(x34), uint32(0x0), x15) var x143 uint32 - cmovznzU32(&x143, x134, uint32(0x0), x15) var x144 uint32 + x143, x144 = bits.Add32(x34, x134, uint32(0x0)) var x145 uint32 - x144, x145 = bits.Add32(x34, x135, uint32(0x0)) var x146 uint32 + x145, x146 = bits.Add32(x35, x135, uint32(uint1(x144))) var x147 uint32 - x146, x147 = bits.Add32(x35, x136, uint32(uint1(x145))) var x148 uint32 + x147, x148 = bits.Add32(x36, x136, uint32(uint1(x146))) var x149 uint32 - x148, x149 = bits.Add32(x36, x137, uint32(uint1(x147))) var x150 uint32 + x149, x150 = bits.Add32(x37, x137, uint32(uint1(x148))) var x151 uint32 - x150, x151 = bits.Add32(x37, x138, uint32(uint1(x149))) var x152 uint32 + x151, x152 = bits.Add32(x38, x138, uint32(uint1(x150))) var x153 uint32 - x152, x153 = bits.Add32(x38, x139, uint32(uint1(x151))) var x154 uint32 + x153, x154 = bits.Add32(x39, x139, uint32(uint1(x152))) var x155 uint32 - x154, x155 = bits.Add32(x39, x140, uint32(uint1(x153))) var x156 uint32 + x155, x156 = bits.Add32(x40, x140, uint32(uint1(x154))) var x157 uint32 - x156, x157 = bits.Add32(x40, x141, uint32(uint1(x155))) var x158 uint32 + x157, x158 = bits.Add32(x41, x141, uint32(uint1(x156))) var x159 uint32 - x158, x159 = bits.Add32(x41, x142, uint32(uint1(x157))) - var x160 uint32 - x160, _ = bits.Add32(x42, x143, uint32(uint1(x159))) + x159, _ = bits.Add32(x42, x142, uint32(uint1(x158))) + var x161 uint32 + cmovznzU32(&x161, uint1(x34), uint32(0x0), x43) var x162 uint32 - cmovznzU32(&x162, x134, uint32(0x0), x43) + cmovznzU32(&x162, uint1(x34), uint32(0x0), x44) var x163 uint32 - cmovznzU32(&x163, x134, uint32(0x0), x44) + cmovznzU32(&x163, uint1(x34), uint32(0x0), x45) var x164 uint32 - cmovznzU32(&x164, x134, uint32(0x0), x45) + cmovznzU32(&x164, uint1(x34), uint32(0x0), x46) var x165 uint32 - cmovznzU32(&x165, x134, uint32(0x0), x46) + cmovznzU32(&x165, uint1(x34), uint32(0x0), x47) var x166 uint32 - cmovznzU32(&x166, x134, uint32(0x0), x47) + cmovznzU32(&x166, uint1(x34), uint32(0x0), x48) var x167 uint32 - cmovznzU32(&x167, x134, uint32(0x0), x48) + cmovznzU32(&x167, uint1(x34), uint32(0x0), x49) var x168 uint32 - cmovznzU32(&x168, x134, uint32(0x0), x49) + cmovznzU32(&x168, uint1(x34), uint32(0x0), x50) var x169 uint32 - cmovznzU32(&x169, x134, uint32(0x0), x50) var x170 uint32 + x169, x170 = bits.Add32(x126, x161, uint32(0x0)) var x171 uint32 - x170, x171 = bits.Add32(x126, x162, uint32(0x0)) var x172 uint32 + x171, x172 = bits.Add32(x127, x162, uint32(uint1(x170))) var x173 uint32 - x172, x173 = bits.Add32(x127, x163, uint32(uint1(x171))) var x174 uint32 + x173, x174 = bits.Add32(x128, x163, uint32(uint1(x172))) var x175 uint32 - x174, x175 = bits.Add32(x128, x164, uint32(uint1(x173))) var x176 uint32 + x175, x176 = bits.Add32(x129, x164, uint32(uint1(x174))) var x177 uint32 - x176, x177 = bits.Add32(x129, x165, uint32(uint1(x175))) var x178 uint32 + x177, x178 = bits.Add32(x130, x165, uint32(uint1(x176))) var x179 uint32 - x178, x179 = bits.Add32(x130, x166, uint32(uint1(x177))) var x180 uint32 + x179, x180 = bits.Add32(x131, x166, uint32(uint1(x178))) var x181 uint32 - x180, x181 = bits.Add32(x131, x167, uint32(uint1(x179))) var x182 uint32 + x181, x182 = bits.Add32(x132, x167, uint32(uint1(x180))) var x183 uint32 - x182, x183 = bits.Add32(x132, x168, uint32(uint1(x181))) var x184 uint32 + x183, x184 = bits.Add32(x133, x168, uint32(uint1(x182))) var x185 uint32 - x184, x185 = bits.Add32(x133, x169, uint32(uint1(x183))) var x186 uint32 + x185, x186 = bits.Sub32(x169, 0x5cf5d3ed, uint32(0x0)) var x187 uint32 - x186, x187 = bits.Sub32(x170, 0x5cf5d3ed, uint32(0x0)) var x188 uint32 + x187, x188 = bits.Sub32(x171, 0x5812631a, uint32(uint1(x186))) var x189 uint32 - x188, x189 = bits.Sub32(x172, 0x5812631a, uint32(uint1(x187))) var x190 uint32 + x189, x190 = bits.Sub32(x173, 0xa2f79cd6, uint32(uint1(x188))) var x191 uint32 - x190, x191 = bits.Sub32(x174, 0xa2f79cd6, uint32(uint1(x189))) var x192 uint32 + x191, x192 = bits.Sub32(x175, 0x14def9de, uint32(uint1(x190))) var x193 uint32 - x192, x193 = bits.Sub32(x176, 0x14def9de, uint32(uint1(x191))) var x194 uint32 + x193, x194 = bits.Sub32(x177, uint32(0x0), uint32(uint1(x192))) var x195 uint32 - x194, x195 = bits.Sub32(x178, uint32(0x0), uint32(uint1(x193))) var x196 uint32 + x195, x196 = bits.Sub32(x179, uint32(0x0), uint32(uint1(x194))) var x197 uint32 - x196, x197 = bits.Sub32(x180, uint32(0x0), uint32(uint1(x195))) var x198 uint32 + x197, x198 = bits.Sub32(x181, uint32(0x0), uint32(uint1(x196))) var x199 uint32 - x198, x199 = bits.Sub32(x182, uint32(0x0), uint32(uint1(x197))) var x200 uint32 - var x201 uint32 - x200, x201 = bits.Sub32(x184, 0x10000000, uint32(uint1(x199))) + x199, x200 = bits.Sub32(x183, 0x10000000, uint32(uint1(x198))) + var x202 uint32 + _, x202 = bits.Sub32(uint32(uint1(x184)), uint32(0x0), uint32(uint1(x200))) var x203 uint32 - _, x203 = bits.Sub32(uint32(uint1(x185)), uint32(0x0), uint32(uint1(x201))) - var x204 uint32 - x204, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x206 := ((x144 >> 1) | ((x146 << 31) & 0xffffffff)) - x207 := ((x146 >> 1) | ((x148 << 31) & 0xffffffff)) - x208 := ((x148 >> 1) | ((x150 << 31) & 0xffffffff)) - x209 := ((x150 >> 1) | ((x152 << 31) & 0xffffffff)) - x210 := ((x152 >> 1) | ((x154 << 31) & 0xffffffff)) - x211 := ((x154 >> 1) | ((x156 << 31) & 0xffffffff)) - x212 := ((x156 >> 1) | ((x158 << 31) & 0xffffffff)) - x213 := ((x158 >> 1) | ((x160 << 31) & 0xffffffff)) - x214 := ((x160 & 0x80000000) | (x160 >> 1)) + x203, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x205 := ((x143 >> 1) | ((x145 << 31) & 0xffffffff)) + x206 := ((x145 >> 1) | ((x147 << 31) & 0xffffffff)) + x207 := ((x147 >> 1) | ((x149 << 31) & 0xffffffff)) + x208 := ((x149 >> 1) | ((x151 << 31) & 0xffffffff)) + x209 := ((x151 >> 1) | ((x153 << 31) & 0xffffffff)) + x210 := ((x153 >> 1) | ((x155 << 31) & 0xffffffff)) + x211 := ((x155 >> 1) | ((x157 << 31) & 0xffffffff)) + x212 := ((x157 >> 1) | ((x159 << 31) & 0xffffffff)) + x213 := ((x159 & 0x80000000) | (x159 >> 1)) + var x214 uint32 + cmovznzU32(&x214, uint1(x84), x67, x51) var x215 uint32 - cmovznzU32(&x215, uint1(x84), x67, x51) + cmovznzU32(&x215, uint1(x84), x69, x53) var x216 uint32 - cmovznzU32(&x216, uint1(x84), x69, x53) + cmovznzU32(&x216, uint1(x84), x71, x55) var x217 uint32 - cmovznzU32(&x217, uint1(x84), x71, x55) + cmovznzU32(&x217, uint1(x84), x73, x57) var x218 uint32 - cmovznzU32(&x218, uint1(x84), x73, x57) + cmovznzU32(&x218, uint1(x84), x75, x59) var x219 uint32 - cmovznzU32(&x219, uint1(x84), x75, x59) + cmovznzU32(&x219, uint1(x84), x77, x61) var x220 uint32 - cmovznzU32(&x220, uint1(x84), x77, x61) + cmovznzU32(&x220, uint1(x84), x79, x63) var x221 uint32 - cmovznzU32(&x221, uint1(x84), x79, x63) + cmovznzU32(&x221, uint1(x84), x81, x65) var x222 uint32 - cmovznzU32(&x222, uint1(x84), x81, x65) + cmovznzU32(&x222, uint1(x202), x185, x169) var x223 uint32 - cmovznzU32(&x223, uint1(x203), x186, x170) + cmovznzU32(&x223, uint1(x202), x187, x171) var x224 uint32 - cmovznzU32(&x224, uint1(x203), x188, x172) + cmovznzU32(&x224, uint1(x202), x189, x173) var x225 uint32 - cmovznzU32(&x225, uint1(x203), x190, x174) + cmovznzU32(&x225, uint1(x202), x191, x175) var x226 uint32 - cmovznzU32(&x226, uint1(x203), x192, x176) + cmovznzU32(&x226, uint1(x202), x193, x177) var x227 uint32 - cmovznzU32(&x227, uint1(x203), x194, x178) + cmovznzU32(&x227, uint1(x202), x195, x179) var x228 uint32 - cmovznzU32(&x228, uint1(x203), x196, x180) + cmovznzU32(&x228, uint1(x202), x197, x181) var x229 uint32 - cmovznzU32(&x229, uint1(x203), x198, x182) - var x230 uint32 - cmovznzU32(&x230, uint1(x203), x200, x184) - *out1 = x204 + cmovznzU32(&x229, uint1(x202), x199, x183) + *out1 = x203 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -4610,31 +4585,31 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou out2[6] = x13 out2[7] = x14 out2[8] = x15 - out3[0] = x206 - out3[1] = x207 - out3[2] = x208 - out3[3] = x209 - out3[4] = x210 - out3[5] = x211 - out3[6] = x212 - out3[7] = x213 - out3[8] = x214 - out4[0] = x215 - out4[1] = x216 - out4[2] = x217 - out4[3] = x218 - out4[4] = x219 - out4[5] = x220 - out4[6] = x221 - out4[7] = x222 - out5[0] = x223 - out5[1] = x224 - out5[2] = x225 - out5[3] = x226 - out5[4] = x227 - out5[5] = x228 - out5[6] = x229 - out5[7] = x230 + out3[0] = x205 + out3[1] = x206 + out3[2] = x207 + out3[3] = x208 + out3[4] = x209 + out3[5] = x210 + out3[6] = x211 + out3[7] = x212 + out3[8] = x213 + out4[0] = x214 + out4[1] = x215 + out4[2] = x216 + out4[3] = x217 + out4[4] = x218 + out4[5] = x219 + out4[6] = x220 + out4[7] = x221 + out5[0] = x222 + out5[1] = x223 + out5[2] = x224 + out5[3] = x225 + out5[4] = x226 + out5[5] = x227 + out5[6] = x228 + out5[7] = x229 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p224/p224.go b/fiat-go/32/p224/p224.go index 9ada950e6d..0462b889a5 100644 --- a/fiat-go/32/p224/p224.go +++ b/fiat-go/32/p224/p224.go @@ -1828,7 +1828,7 @@ func Sub(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement, cmovznzU32(&x15, uint1(x14), uint32(0x0), 0xffffffff) var x16 uint32 var x17 uint32 - x16, x17 = bits.Add32(x1, uint32((uint1(x15) & 0x1)), uint32(0x0)) + x16, x17 = bits.Add32(x1, uint32(uint1(x15)), uint32(0x0)) var x18 uint32 var x19 uint32 x18, x19 = bits.Add32(x3, uint32(0x0), uint32(uint1(x17))) @@ -1889,7 +1889,7 @@ func Opp(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement) cmovznzU32(&x15, uint1(x14), uint32(0x0), 0xffffffff) var x16 uint32 var x17 uint32 - x16, x17 = bits.Add32(x1, uint32((uint1(x15) & 0x1)), uint32(0x0)) + x16, x17 = bits.Add32(x1, uint32(uint1(x15)), uint32(0x0)) var x18 uint32 var x19 uint32 x18, x19 = bits.Add32(x3, uint32(0x0), uint32(uint1(x17))) @@ -3042,76 +3042,55 @@ func ToBytes(out1 *[28]uint8, arg1 *[7]uint32) { x5 := arg1[2] x6 := arg1[1] x7 := arg1[0] - x8 := (uint8(x7) & 0xff) - x9 := (x7 >> 8) - x10 := (uint8(x9) & 0xff) - x11 := (x9 >> 8) - x12 := (uint8(x11) & 0xff) - x13 := uint8((x11 >> 8)) - x14 := (uint8(x6) & 0xff) - x15 := (x6 >> 8) - x16 := (uint8(x15) & 0xff) - x17 := (x15 >> 8) - x18 := (uint8(x17) & 0xff) - x19 := uint8((x17 >> 8)) - x20 := (uint8(x5) & 0xff) - x21 := (x5 >> 8) - x22 := (uint8(x21) & 0xff) - x23 := (x21 >> 8) - x24 := (uint8(x23) & 0xff) - x25 := uint8((x23 >> 8)) - x26 := (uint8(x4) & 0xff) - x27 := (x4 >> 8) - x28 := (uint8(x27) & 0xff) - x29 := (x27 >> 8) - x30 := (uint8(x29) & 0xff) - x31 := uint8((x29 >> 8)) - x32 := (uint8(x3) & 0xff) - x33 := (x3 >> 8) - x34 := (uint8(x33) & 0xff) - x35 := (x33 >> 8) - x36 := (uint8(x35) & 0xff) - x37 := uint8((x35 >> 8)) - x38 := (uint8(x2) & 0xff) - x39 := (x2 >> 8) - x40 := (uint8(x39) & 0xff) - x41 := (x39 >> 8) - x42 := (uint8(x41) & 0xff) - x43 := uint8((x41 >> 8)) - x44 := (uint8(x1) & 0xff) - x45 := (x1 >> 8) - x46 := (uint8(x45) & 0xff) - x47 := (x45 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := uint8((x47 >> 8)) - out1[0] = x8 - out1[1] = x10 - out1[2] = x12 - out1[3] = x13 - out1[4] = x14 - out1[5] = x16 - out1[6] = x18 - out1[7] = x19 - out1[8] = x20 - out1[9] = x22 - out1[10] = x24 - out1[11] = x25 - out1[12] = x26 - out1[13] = x28 - out1[14] = x30 - out1[15] = x31 - out1[16] = x32 - out1[17] = x34 - out1[18] = x36 - out1[19] = x37 - out1[20] = x38 - out1[21] = x40 - out1[22] = x42 - out1[23] = x43 - out1[24] = x44 - out1[25] = x46 - out1[26] = x48 - out1[27] = x49 + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := uint8((x9 >> 8)) + x11 := (x6 >> 8) + x12 := (x11 >> 8) + x13 := uint8((x12 >> 8)) + x14 := (x5 >> 8) + x15 := (x14 >> 8) + x16 := uint8((x15 >> 8)) + x17 := (x4 >> 8) + x18 := (x17 >> 8) + x19 := uint8((x18 >> 8)) + x20 := (x3 >> 8) + x21 := (x20 >> 8) + x22 := uint8((x21 >> 8)) + x23 := (x2 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := uint8((x27 >> 8)) + out1[0] = uint8(x7) + out1[1] = uint8(x8) + out1[2] = uint8(x9) + out1[3] = x10 + out1[4] = uint8(x6) + out1[5] = uint8(x11) + out1[6] = uint8(x12) + out1[7] = x13 + out1[8] = uint8(x5) + out1[9] = uint8(x14) + out1[10] = uint8(x15) + out1[11] = x16 + out1[12] = uint8(x4) + out1[13] = uint8(x17) + out1[14] = uint8(x18) + out1[15] = x19 + out1[16] = uint8(x3) + out1[17] = uint8(x20) + out1[18] = uint8(x21) + out1[19] = x22 + out1[20] = uint8(x2) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = x28 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3251,7 +3230,7 @@ func Msat(out1 *[8]uint32) { func Divstep(out1 *uint32, out2 *[8]uint32, out3 *[8]uint32, out4 *[7]uint32, out5 *[7]uint32, arg1 uint32, arg2 *[8]uint32, arg3 *[8]uint32, arg4 *[7]uint32, arg5 *[7]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -3401,7 +3380,7 @@ func Divstep(out1 *uint32, out2 *[8]uint32, out3 *[8]uint32, out4 *[7]uint32, ou cmovznzU32(&x97, uint1(x96), uint32(0x0), 0xffffffff) var x98 uint32 var x99 uint32 - x98, x99 = bits.Add32(x83, uint32((uint1(x97) & 0x1)), uint32(0x0)) + x98, x99 = bits.Add32(x83, uint32(uint1(x97)), uint32(0x0)) var x100 uint32 var x101 uint32 x100, x101 = bits.Add32(x85, uint32(0x0), uint32(uint1(x99))) @@ -3433,143 +3412,142 @@ func Divstep(out1 *uint32, out2 *[8]uint32, out3 *[8]uint32, out4 *[7]uint32, ou cmovznzU32(&x117, x3, arg5[5], x108) var x118 uint32 cmovznzU32(&x118, x3, arg5[6], x110) - x119 := (uint1(x31) & 0x1) + var x119 uint32 + cmovznzU32(&x119, uint1(x31), uint32(0x0), x7) var x120 uint32 - cmovznzU32(&x120, x119, uint32(0x0), x7) + cmovznzU32(&x120, uint1(x31), uint32(0x0), x8) var x121 uint32 - cmovznzU32(&x121, x119, uint32(0x0), x8) + cmovznzU32(&x121, uint1(x31), uint32(0x0), x9) var x122 uint32 - cmovznzU32(&x122, x119, uint32(0x0), x9) + cmovznzU32(&x122, uint1(x31), uint32(0x0), x10) var x123 uint32 - cmovznzU32(&x123, x119, uint32(0x0), x10) + cmovznzU32(&x123, uint1(x31), uint32(0x0), x11) var x124 uint32 - cmovznzU32(&x124, x119, uint32(0x0), x11) + cmovznzU32(&x124, uint1(x31), uint32(0x0), x12) var x125 uint32 - cmovznzU32(&x125, x119, uint32(0x0), x12) + cmovznzU32(&x125, uint1(x31), uint32(0x0), x13) var x126 uint32 - cmovznzU32(&x126, x119, uint32(0x0), x13) + cmovznzU32(&x126, uint1(x31), uint32(0x0), x14) var x127 uint32 - cmovznzU32(&x127, x119, uint32(0x0), x14) var x128 uint32 + x127, x128 = bits.Add32(x31, x119, uint32(0x0)) var x129 uint32 - x128, x129 = bits.Add32(x31, x120, uint32(0x0)) var x130 uint32 + x129, x130 = bits.Add32(x32, x120, uint32(uint1(x128))) var x131 uint32 - x130, x131 = bits.Add32(x32, x121, uint32(uint1(x129))) var x132 uint32 + x131, x132 = bits.Add32(x33, x121, uint32(uint1(x130))) var x133 uint32 - x132, x133 = bits.Add32(x33, x122, uint32(uint1(x131))) var x134 uint32 + x133, x134 = bits.Add32(x34, x122, uint32(uint1(x132))) var x135 uint32 - x134, x135 = bits.Add32(x34, x123, uint32(uint1(x133))) var x136 uint32 + x135, x136 = bits.Add32(x35, x123, uint32(uint1(x134))) var x137 uint32 - x136, x137 = bits.Add32(x35, x124, uint32(uint1(x135))) var x138 uint32 + x137, x138 = bits.Add32(x36, x124, uint32(uint1(x136))) var x139 uint32 - x138, x139 = bits.Add32(x36, x125, uint32(uint1(x137))) var x140 uint32 + x139, x140 = bits.Add32(x37, x125, uint32(uint1(x138))) var x141 uint32 - x140, x141 = bits.Add32(x37, x126, uint32(uint1(x139))) - var x142 uint32 - x142, _ = bits.Add32(x38, x127, uint32(uint1(x141))) + x141, _ = bits.Add32(x38, x126, uint32(uint1(x140))) + var x143 uint32 + cmovznzU32(&x143, uint1(x31), uint32(0x0), x39) var x144 uint32 - cmovznzU32(&x144, x119, uint32(0x0), x39) + cmovznzU32(&x144, uint1(x31), uint32(0x0), x40) var x145 uint32 - cmovznzU32(&x145, x119, uint32(0x0), x40) + cmovznzU32(&x145, uint1(x31), uint32(0x0), x41) var x146 uint32 - cmovznzU32(&x146, x119, uint32(0x0), x41) + cmovznzU32(&x146, uint1(x31), uint32(0x0), x42) var x147 uint32 - cmovznzU32(&x147, x119, uint32(0x0), x42) + cmovznzU32(&x147, uint1(x31), uint32(0x0), x43) var x148 uint32 - cmovznzU32(&x148, x119, uint32(0x0), x43) + cmovznzU32(&x148, uint1(x31), uint32(0x0), x44) var x149 uint32 - cmovznzU32(&x149, x119, uint32(0x0), x44) + cmovznzU32(&x149, uint1(x31), uint32(0x0), x45) var x150 uint32 - cmovznzU32(&x150, x119, uint32(0x0), x45) var x151 uint32 + x150, x151 = bits.Add32(x112, x143, uint32(0x0)) var x152 uint32 - x151, x152 = bits.Add32(x112, x144, uint32(0x0)) var x153 uint32 + x152, x153 = bits.Add32(x113, x144, uint32(uint1(x151))) var x154 uint32 - x153, x154 = bits.Add32(x113, x145, uint32(uint1(x152))) var x155 uint32 + x154, x155 = bits.Add32(x114, x145, uint32(uint1(x153))) var x156 uint32 - x155, x156 = bits.Add32(x114, x146, uint32(uint1(x154))) var x157 uint32 + x156, x157 = bits.Add32(x115, x146, uint32(uint1(x155))) var x158 uint32 - x157, x158 = bits.Add32(x115, x147, uint32(uint1(x156))) var x159 uint32 + x158, x159 = bits.Add32(x116, x147, uint32(uint1(x157))) var x160 uint32 - x159, x160 = bits.Add32(x116, x148, uint32(uint1(x158))) var x161 uint32 + x160, x161 = bits.Add32(x117, x148, uint32(uint1(x159))) var x162 uint32 - x161, x162 = bits.Add32(x117, x149, uint32(uint1(x160))) var x163 uint32 + x162, x163 = bits.Add32(x118, x149, uint32(uint1(x161))) var x164 uint32 - x163, x164 = bits.Add32(x118, x150, uint32(uint1(x162))) var x165 uint32 + x164, x165 = bits.Sub32(x150, uint32(0x1), uint32(0x0)) var x166 uint32 - x165, x166 = bits.Sub32(x151, uint32(0x1), uint32(0x0)) var x167 uint32 + x166, x167 = bits.Sub32(x152, uint32(0x0), uint32(uint1(x165))) var x168 uint32 - x167, x168 = bits.Sub32(x153, uint32(0x0), uint32(uint1(x166))) var x169 uint32 + x168, x169 = bits.Sub32(x154, uint32(0x0), uint32(uint1(x167))) var x170 uint32 - x169, x170 = bits.Sub32(x155, uint32(0x0), uint32(uint1(x168))) var x171 uint32 + x170, x171 = bits.Sub32(x156, 0xffffffff, uint32(uint1(x169))) var x172 uint32 - x171, x172 = bits.Sub32(x157, 0xffffffff, uint32(uint1(x170))) var x173 uint32 + x172, x173 = bits.Sub32(x158, 0xffffffff, uint32(uint1(x171))) var x174 uint32 - x173, x174 = bits.Sub32(x159, 0xffffffff, uint32(uint1(x172))) var x175 uint32 + x174, x175 = bits.Sub32(x160, 0xffffffff, uint32(uint1(x173))) var x176 uint32 - x175, x176 = bits.Sub32(x161, 0xffffffff, uint32(uint1(x174))) var x177 uint32 - var x178 uint32 - x177, x178 = bits.Sub32(x163, 0xffffffff, uint32(uint1(x176))) + x176, x177 = bits.Sub32(x162, 0xffffffff, uint32(uint1(x175))) + var x179 uint32 + _, x179 = bits.Sub32(uint32(uint1(x163)), uint32(0x0), uint32(uint1(x177))) var x180 uint32 - _, x180 = bits.Sub32(uint32(uint1(x164)), uint32(0x0), uint32(uint1(x178))) - var x181 uint32 - x181, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x183 := ((x128 >> 1) | ((x130 << 31) & 0xffffffff)) - x184 := ((x130 >> 1) | ((x132 << 31) & 0xffffffff)) - x185 := ((x132 >> 1) | ((x134 << 31) & 0xffffffff)) - x186 := ((x134 >> 1) | ((x136 << 31) & 0xffffffff)) - x187 := ((x136 >> 1) | ((x138 << 31) & 0xffffffff)) - x188 := ((x138 >> 1) | ((x140 << 31) & 0xffffffff)) - x189 := ((x140 >> 1) | ((x142 << 31) & 0xffffffff)) - x190 := ((x142 & 0x80000000) | (x142 >> 1)) + x180, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x182 := ((x127 >> 1) | ((x129 << 31) & 0xffffffff)) + x183 := ((x129 >> 1) | ((x131 << 31) & 0xffffffff)) + x184 := ((x131 >> 1) | ((x133 << 31) & 0xffffffff)) + x185 := ((x133 >> 1) | ((x135 << 31) & 0xffffffff)) + x186 := ((x135 >> 1) | ((x137 << 31) & 0xffffffff)) + x187 := ((x137 >> 1) | ((x139 << 31) & 0xffffffff)) + x188 := ((x139 >> 1) | ((x141 << 31) & 0xffffffff)) + x189 := ((x141 & 0x80000000) | (x141 >> 1)) + var x190 uint32 + cmovznzU32(&x190, uint1(x75), x60, x46) var x191 uint32 - cmovznzU32(&x191, uint1(x75), x60, x46) + cmovznzU32(&x191, uint1(x75), x62, x48) var x192 uint32 - cmovznzU32(&x192, uint1(x75), x62, x48) + cmovznzU32(&x192, uint1(x75), x64, x50) var x193 uint32 - cmovznzU32(&x193, uint1(x75), x64, x50) + cmovznzU32(&x193, uint1(x75), x66, x52) var x194 uint32 - cmovznzU32(&x194, uint1(x75), x66, x52) + cmovznzU32(&x194, uint1(x75), x68, x54) var x195 uint32 - cmovznzU32(&x195, uint1(x75), x68, x54) + cmovznzU32(&x195, uint1(x75), x70, x56) var x196 uint32 - cmovznzU32(&x196, uint1(x75), x70, x56) + cmovznzU32(&x196, uint1(x75), x72, x58) var x197 uint32 - cmovznzU32(&x197, uint1(x75), x72, x58) + cmovznzU32(&x197, uint1(x179), x164, x150) var x198 uint32 - cmovznzU32(&x198, uint1(x180), x165, x151) + cmovznzU32(&x198, uint1(x179), x166, x152) var x199 uint32 - cmovznzU32(&x199, uint1(x180), x167, x153) + cmovznzU32(&x199, uint1(x179), x168, x154) var x200 uint32 - cmovznzU32(&x200, uint1(x180), x169, x155) + cmovznzU32(&x200, uint1(x179), x170, x156) var x201 uint32 - cmovznzU32(&x201, uint1(x180), x171, x157) + cmovznzU32(&x201, uint1(x179), x172, x158) var x202 uint32 - cmovznzU32(&x202, uint1(x180), x173, x159) + cmovznzU32(&x202, uint1(x179), x174, x160) var x203 uint32 - cmovznzU32(&x203, uint1(x180), x175, x161) - var x204 uint32 - cmovznzU32(&x204, uint1(x180), x177, x163) - *out1 = x181 + cmovznzU32(&x203, uint1(x179), x176, x162) + *out1 = x180 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -3578,28 +3556,28 @@ func Divstep(out1 *uint32, out2 *[8]uint32, out3 *[8]uint32, out4 *[7]uint32, ou out2[5] = x12 out2[6] = x13 out2[7] = x14 - out3[0] = x183 - out3[1] = x184 - out3[2] = x185 - out3[3] = x186 - out3[4] = x187 - out3[5] = x188 - out3[6] = x189 - out3[7] = x190 - out4[0] = x191 - out4[1] = x192 - out4[2] = x193 - out4[3] = x194 - out4[4] = x195 - out4[5] = x196 - out4[6] = x197 - out5[0] = x198 - out5[1] = x199 - out5[2] = x200 - out5[3] = x201 - out5[4] = x202 - out5[5] = x203 - out5[6] = x204 + out3[0] = x182 + out3[1] = x183 + out3[2] = x184 + out3[3] = x185 + out3[4] = x186 + out3[5] = x187 + out3[6] = x188 + out3[7] = x189 + out4[0] = x190 + out4[1] = x191 + out4[2] = x192 + out4[3] = x193 + out4[4] = x194 + out4[5] = x195 + out4[6] = x196 + out5[0] = x197 + out5[1] = x198 + out5[2] = x199 + out5[3] = x200 + out5[4] = x201 + out5[5] = x202 + out5[6] = x203 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p256/p256.go b/fiat-go/32/p256/p256.go index de78760cf3..77cd2c7cf6 100644 --- a/fiat-go/32/p256/p256.go +++ b/fiat-go/32/p256/p256.go @@ -2202,7 +2202,7 @@ func Sub(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement, x28, x29 = bits.Add32(x11, uint32(0x0), uint32(uint1(x27))) var x30 uint32 var x31 uint32 - x30, x31 = bits.Add32(x13, uint32((uint1(x17) & 0x1)), uint32(uint1(x29))) + x30, x31 = bits.Add32(x13, uint32(uint1(x17)), uint32(uint1(x29))) var x32 uint32 x32, _ = bits.Add32(x15, x17, uint32(uint1(x31))) out1[0] = x18 @@ -2270,7 +2270,7 @@ func Opp(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement) x28, x29 = bits.Add32(x11, uint32(0x0), uint32(uint1(x27))) var x30 uint32 var x31 uint32 - x30, x31 = bits.Add32(x13, uint32((uint1(x17) & 0x1)), uint32(uint1(x29))) + x30, x31 = bits.Add32(x13, uint32(uint1(x17)), uint32(uint1(x29))) var x32 uint32 x32, _ = bits.Add32(x15, x17, uint32(uint1(x31))) out1[0] = x18 @@ -3759,86 +3759,62 @@ func ToBytes(out1 *[32]uint8, arg1 *[8]uint32) { x6 := arg1[2] x7 := arg1[1] x8 := arg1[0] - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := uint8((x12 >> 8)) - x15 := (uint8(x7) & 0xff) - x16 := (x7 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x6) & 0xff) - x22 := (x6 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := uint8((x24 >> 8)) - x27 := (uint8(x5) & 0xff) - x28 := (x5 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x4) & 0xff) - x34 := (x4 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := uint8((x36 >> 8)) - x39 := (uint8(x3) & 0xff) - x40 := (x3 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (uint8(x2) & 0xff) - x46 := (x2 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (uint8(x1) & 0xff) - x52 := (x1 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := uint8((x54 >> 8)) - out1[0] = x9 - out1[1] = x11 - out1[2] = x13 - out1[3] = x14 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x26 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x38 - out1[20] = x39 - out1[21] = x41 - out1[22] = x43 - out1[23] = x44 - out1[24] = x45 - out1[25] = x47 - out1[26] = x49 - out1[27] = x50 - out1[28] = x51 - out1[29] = x53 - out1[30] = x55 - out1[31] = x56 + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x7 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := uint8((x16 >> 8)) + x18 := (x5 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := uint8((x22 >> 8)) + x24 := (x3 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x2 >> 8) + x28 := (x27 >> 8) + x29 := uint8((x28 >> 8)) + x30 := (x1 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x9) + out1[2] = uint8(x10) + out1[3] = x11 + out1[4] = uint8(x7) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = x17 + out1[12] = uint8(x5) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = x23 + out1[20] = uint8(x3) + out1[21] = uint8(x24) + out1[22] = uint8(x25) + out1[23] = x26 + out1[24] = uint8(x2) + out1[25] = uint8(x27) + out1[26] = uint8(x28) + out1[27] = x29 + out1[28] = uint8(x1) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3988,7 +3964,7 @@ func Msat(out1 *[9]uint32) { func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, out5 *[8]uint32, arg1 uint32, arg2 *[9]uint32, arg3 *[9]uint32, arg4 *[8]uint32, arg5 *[8]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -4175,7 +4151,7 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou x120, x121 = bits.Add32(x103, uint32(0x0), uint32(uint1(x119))) var x122 uint32 var x123 uint32 - x122, x123 = bits.Add32(x105, uint32((uint1(x109) & 0x1)), uint32(uint1(x121))) + x122, x123 = bits.Add32(x105, uint32(uint1(x109)), uint32(uint1(x121))) var x124 uint32 x124, _ = bits.Add32(x107, x109, uint32(uint1(x123))) var x126 uint32 @@ -4194,161 +4170,160 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou cmovznzU32(&x132, x3, arg5[6], x122) var x133 uint32 cmovznzU32(&x133, x3, arg5[7], x124) - x134 := (uint1(x34) & 0x1) + var x134 uint32 + cmovznzU32(&x134, uint1(x34), uint32(0x0), x7) var x135 uint32 - cmovznzU32(&x135, x134, uint32(0x0), x7) + cmovznzU32(&x135, uint1(x34), uint32(0x0), x8) var x136 uint32 - cmovznzU32(&x136, x134, uint32(0x0), x8) + cmovznzU32(&x136, uint1(x34), uint32(0x0), x9) var x137 uint32 - cmovznzU32(&x137, x134, uint32(0x0), x9) + cmovznzU32(&x137, uint1(x34), uint32(0x0), x10) var x138 uint32 - cmovznzU32(&x138, x134, uint32(0x0), x10) + cmovznzU32(&x138, uint1(x34), uint32(0x0), x11) var x139 uint32 - cmovznzU32(&x139, x134, uint32(0x0), x11) + cmovznzU32(&x139, uint1(x34), uint32(0x0), x12) var x140 uint32 - cmovznzU32(&x140, x134, uint32(0x0), x12) + cmovznzU32(&x140, uint1(x34), uint32(0x0), x13) var x141 uint32 - cmovznzU32(&x141, x134, uint32(0x0), x13) + cmovznzU32(&x141, uint1(x34), uint32(0x0), x14) var x142 uint32 - cmovznzU32(&x142, x134, uint32(0x0), x14) + cmovznzU32(&x142, uint1(x34), uint32(0x0), x15) var x143 uint32 - cmovznzU32(&x143, x134, uint32(0x0), x15) var x144 uint32 + x143, x144 = bits.Add32(x34, x134, uint32(0x0)) var x145 uint32 - x144, x145 = bits.Add32(x34, x135, uint32(0x0)) var x146 uint32 + x145, x146 = bits.Add32(x35, x135, uint32(uint1(x144))) var x147 uint32 - x146, x147 = bits.Add32(x35, x136, uint32(uint1(x145))) var x148 uint32 + x147, x148 = bits.Add32(x36, x136, uint32(uint1(x146))) var x149 uint32 - x148, x149 = bits.Add32(x36, x137, uint32(uint1(x147))) var x150 uint32 + x149, x150 = bits.Add32(x37, x137, uint32(uint1(x148))) var x151 uint32 - x150, x151 = bits.Add32(x37, x138, uint32(uint1(x149))) var x152 uint32 + x151, x152 = bits.Add32(x38, x138, uint32(uint1(x150))) var x153 uint32 - x152, x153 = bits.Add32(x38, x139, uint32(uint1(x151))) var x154 uint32 + x153, x154 = bits.Add32(x39, x139, uint32(uint1(x152))) var x155 uint32 - x154, x155 = bits.Add32(x39, x140, uint32(uint1(x153))) var x156 uint32 + x155, x156 = bits.Add32(x40, x140, uint32(uint1(x154))) var x157 uint32 - x156, x157 = bits.Add32(x40, x141, uint32(uint1(x155))) var x158 uint32 + x157, x158 = bits.Add32(x41, x141, uint32(uint1(x156))) var x159 uint32 - x158, x159 = bits.Add32(x41, x142, uint32(uint1(x157))) - var x160 uint32 - x160, _ = bits.Add32(x42, x143, uint32(uint1(x159))) + x159, _ = bits.Add32(x42, x142, uint32(uint1(x158))) + var x161 uint32 + cmovznzU32(&x161, uint1(x34), uint32(0x0), x43) var x162 uint32 - cmovznzU32(&x162, x134, uint32(0x0), x43) + cmovznzU32(&x162, uint1(x34), uint32(0x0), x44) var x163 uint32 - cmovznzU32(&x163, x134, uint32(0x0), x44) + cmovznzU32(&x163, uint1(x34), uint32(0x0), x45) var x164 uint32 - cmovznzU32(&x164, x134, uint32(0x0), x45) + cmovznzU32(&x164, uint1(x34), uint32(0x0), x46) var x165 uint32 - cmovznzU32(&x165, x134, uint32(0x0), x46) + cmovznzU32(&x165, uint1(x34), uint32(0x0), x47) var x166 uint32 - cmovznzU32(&x166, x134, uint32(0x0), x47) + cmovznzU32(&x166, uint1(x34), uint32(0x0), x48) var x167 uint32 - cmovznzU32(&x167, x134, uint32(0x0), x48) + cmovznzU32(&x167, uint1(x34), uint32(0x0), x49) var x168 uint32 - cmovznzU32(&x168, x134, uint32(0x0), x49) + cmovznzU32(&x168, uint1(x34), uint32(0x0), x50) var x169 uint32 - cmovznzU32(&x169, x134, uint32(0x0), x50) var x170 uint32 + x169, x170 = bits.Add32(x126, x161, uint32(0x0)) var x171 uint32 - x170, x171 = bits.Add32(x126, x162, uint32(0x0)) var x172 uint32 + x171, x172 = bits.Add32(x127, x162, uint32(uint1(x170))) var x173 uint32 - x172, x173 = bits.Add32(x127, x163, uint32(uint1(x171))) var x174 uint32 + x173, x174 = bits.Add32(x128, x163, uint32(uint1(x172))) var x175 uint32 - x174, x175 = bits.Add32(x128, x164, uint32(uint1(x173))) var x176 uint32 + x175, x176 = bits.Add32(x129, x164, uint32(uint1(x174))) var x177 uint32 - x176, x177 = bits.Add32(x129, x165, uint32(uint1(x175))) var x178 uint32 + x177, x178 = bits.Add32(x130, x165, uint32(uint1(x176))) var x179 uint32 - x178, x179 = bits.Add32(x130, x166, uint32(uint1(x177))) var x180 uint32 + x179, x180 = bits.Add32(x131, x166, uint32(uint1(x178))) var x181 uint32 - x180, x181 = bits.Add32(x131, x167, uint32(uint1(x179))) var x182 uint32 + x181, x182 = bits.Add32(x132, x167, uint32(uint1(x180))) var x183 uint32 - x182, x183 = bits.Add32(x132, x168, uint32(uint1(x181))) var x184 uint32 + x183, x184 = bits.Add32(x133, x168, uint32(uint1(x182))) var x185 uint32 - x184, x185 = bits.Add32(x133, x169, uint32(uint1(x183))) var x186 uint32 + x185, x186 = bits.Sub32(x169, 0xffffffff, uint32(0x0)) var x187 uint32 - x186, x187 = bits.Sub32(x170, 0xffffffff, uint32(0x0)) var x188 uint32 + x187, x188 = bits.Sub32(x171, 0xffffffff, uint32(uint1(x186))) var x189 uint32 - x188, x189 = bits.Sub32(x172, 0xffffffff, uint32(uint1(x187))) var x190 uint32 + x189, x190 = bits.Sub32(x173, 0xffffffff, uint32(uint1(x188))) var x191 uint32 - x190, x191 = bits.Sub32(x174, 0xffffffff, uint32(uint1(x189))) var x192 uint32 + x191, x192 = bits.Sub32(x175, uint32(0x0), uint32(uint1(x190))) var x193 uint32 - x192, x193 = bits.Sub32(x176, uint32(0x0), uint32(uint1(x191))) var x194 uint32 + x193, x194 = bits.Sub32(x177, uint32(0x0), uint32(uint1(x192))) var x195 uint32 - x194, x195 = bits.Sub32(x178, uint32(0x0), uint32(uint1(x193))) var x196 uint32 + x195, x196 = bits.Sub32(x179, uint32(0x0), uint32(uint1(x194))) var x197 uint32 - x196, x197 = bits.Sub32(x180, uint32(0x0), uint32(uint1(x195))) var x198 uint32 + x197, x198 = bits.Sub32(x181, uint32(0x1), uint32(uint1(x196))) var x199 uint32 - x198, x199 = bits.Sub32(x182, uint32(0x1), uint32(uint1(x197))) var x200 uint32 - var x201 uint32 - x200, x201 = bits.Sub32(x184, 0xffffffff, uint32(uint1(x199))) + x199, x200 = bits.Sub32(x183, 0xffffffff, uint32(uint1(x198))) + var x202 uint32 + _, x202 = bits.Sub32(uint32(uint1(x184)), uint32(0x0), uint32(uint1(x200))) var x203 uint32 - _, x203 = bits.Sub32(uint32(uint1(x185)), uint32(0x0), uint32(uint1(x201))) - var x204 uint32 - x204, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x206 := ((x144 >> 1) | ((x146 << 31) & 0xffffffff)) - x207 := ((x146 >> 1) | ((x148 << 31) & 0xffffffff)) - x208 := ((x148 >> 1) | ((x150 << 31) & 0xffffffff)) - x209 := ((x150 >> 1) | ((x152 << 31) & 0xffffffff)) - x210 := ((x152 >> 1) | ((x154 << 31) & 0xffffffff)) - x211 := ((x154 >> 1) | ((x156 << 31) & 0xffffffff)) - x212 := ((x156 >> 1) | ((x158 << 31) & 0xffffffff)) - x213 := ((x158 >> 1) | ((x160 << 31) & 0xffffffff)) - x214 := ((x160 & 0x80000000) | (x160 >> 1)) + x203, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x205 := ((x143 >> 1) | ((x145 << 31) & 0xffffffff)) + x206 := ((x145 >> 1) | ((x147 << 31) & 0xffffffff)) + x207 := ((x147 >> 1) | ((x149 << 31) & 0xffffffff)) + x208 := ((x149 >> 1) | ((x151 << 31) & 0xffffffff)) + x209 := ((x151 >> 1) | ((x153 << 31) & 0xffffffff)) + x210 := ((x153 >> 1) | ((x155 << 31) & 0xffffffff)) + x211 := ((x155 >> 1) | ((x157 << 31) & 0xffffffff)) + x212 := ((x157 >> 1) | ((x159 << 31) & 0xffffffff)) + x213 := ((x159 & 0x80000000) | (x159 >> 1)) + var x214 uint32 + cmovznzU32(&x214, uint1(x84), x67, x51) var x215 uint32 - cmovznzU32(&x215, uint1(x84), x67, x51) + cmovznzU32(&x215, uint1(x84), x69, x53) var x216 uint32 - cmovznzU32(&x216, uint1(x84), x69, x53) + cmovznzU32(&x216, uint1(x84), x71, x55) var x217 uint32 - cmovznzU32(&x217, uint1(x84), x71, x55) + cmovznzU32(&x217, uint1(x84), x73, x57) var x218 uint32 - cmovznzU32(&x218, uint1(x84), x73, x57) + cmovznzU32(&x218, uint1(x84), x75, x59) var x219 uint32 - cmovznzU32(&x219, uint1(x84), x75, x59) + cmovznzU32(&x219, uint1(x84), x77, x61) var x220 uint32 - cmovznzU32(&x220, uint1(x84), x77, x61) + cmovznzU32(&x220, uint1(x84), x79, x63) var x221 uint32 - cmovznzU32(&x221, uint1(x84), x79, x63) + cmovznzU32(&x221, uint1(x84), x81, x65) var x222 uint32 - cmovznzU32(&x222, uint1(x84), x81, x65) + cmovznzU32(&x222, uint1(x202), x185, x169) var x223 uint32 - cmovznzU32(&x223, uint1(x203), x186, x170) + cmovznzU32(&x223, uint1(x202), x187, x171) var x224 uint32 - cmovznzU32(&x224, uint1(x203), x188, x172) + cmovznzU32(&x224, uint1(x202), x189, x173) var x225 uint32 - cmovznzU32(&x225, uint1(x203), x190, x174) + cmovznzU32(&x225, uint1(x202), x191, x175) var x226 uint32 - cmovznzU32(&x226, uint1(x203), x192, x176) + cmovznzU32(&x226, uint1(x202), x193, x177) var x227 uint32 - cmovznzU32(&x227, uint1(x203), x194, x178) + cmovznzU32(&x227, uint1(x202), x195, x179) var x228 uint32 - cmovznzU32(&x228, uint1(x203), x196, x180) + cmovznzU32(&x228, uint1(x202), x197, x181) var x229 uint32 - cmovznzU32(&x229, uint1(x203), x198, x182) - var x230 uint32 - cmovznzU32(&x230, uint1(x203), x200, x184) - *out1 = x204 + cmovznzU32(&x229, uint1(x202), x199, x183) + *out1 = x203 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -4358,31 +4333,31 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou out2[6] = x13 out2[7] = x14 out2[8] = x15 - out3[0] = x206 - out3[1] = x207 - out3[2] = x208 - out3[3] = x209 - out3[4] = x210 - out3[5] = x211 - out3[6] = x212 - out3[7] = x213 - out3[8] = x214 - out4[0] = x215 - out4[1] = x216 - out4[2] = x217 - out4[3] = x218 - out4[4] = x219 - out4[5] = x220 - out4[6] = x221 - out4[7] = x222 - out5[0] = x223 - out5[1] = x224 - out5[2] = x225 - out5[3] = x226 - out5[4] = x227 - out5[5] = x228 - out5[6] = x229 - out5[7] = x230 + out3[0] = x205 + out3[1] = x206 + out3[2] = x207 + out3[3] = x208 + out3[4] = x209 + out3[5] = x210 + out3[6] = x211 + out3[7] = x212 + out3[8] = x213 + out4[0] = x214 + out4[1] = x215 + out4[2] = x216 + out4[3] = x217 + out4[4] = x218 + out4[5] = x219 + out4[6] = x220 + out4[7] = x221 + out5[0] = x222 + out5[1] = x223 + out5[2] = x224 + out5[3] = x225 + out5[4] = x226 + out5[5] = x227 + out5[6] = x228 + out5[7] = x229 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p256scalar/p256scalar.go b/fiat-go/32/p256scalar/p256scalar.go index 94306c8bfa..aa9f81cb88 100644 --- a/fiat-go/32/p256scalar/p256scalar.go +++ b/fiat-go/32/p256scalar/p256scalar.go @@ -4525,86 +4525,62 @@ func ToBytes(out1 *[32]uint8, arg1 *[8]uint32) { x6 := arg1[2] x7 := arg1[1] x8 := arg1[0] - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := uint8((x12 >> 8)) - x15 := (uint8(x7) & 0xff) - x16 := (x7 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x6) & 0xff) - x22 := (x6 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := uint8((x24 >> 8)) - x27 := (uint8(x5) & 0xff) - x28 := (x5 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x4) & 0xff) - x34 := (x4 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := uint8((x36 >> 8)) - x39 := (uint8(x3) & 0xff) - x40 := (x3 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (uint8(x2) & 0xff) - x46 := (x2 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (uint8(x1) & 0xff) - x52 := (x1 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := uint8((x54 >> 8)) - out1[0] = x9 - out1[1] = x11 - out1[2] = x13 - out1[3] = x14 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x26 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x38 - out1[20] = x39 - out1[21] = x41 - out1[22] = x43 - out1[23] = x44 - out1[24] = x45 - out1[25] = x47 - out1[26] = x49 - out1[27] = x50 - out1[28] = x51 - out1[29] = x53 - out1[30] = x55 - out1[31] = x56 + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x7 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := uint8((x16 >> 8)) + x18 := (x5 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := uint8((x22 >> 8)) + x24 := (x3 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x2 >> 8) + x28 := (x27 >> 8) + x29 := uint8((x28 >> 8)) + x30 := (x1 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x9) + out1[2] = uint8(x10) + out1[3] = x11 + out1[4] = uint8(x7) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = x17 + out1[12] = uint8(x5) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = x23 + out1[20] = uint8(x3) + out1[21] = uint8(x24) + out1[22] = uint8(x25) + out1[23] = x26 + out1[24] = uint8(x2) + out1[25] = uint8(x27) + out1[26] = uint8(x28) + out1[27] = x29 + out1[28] = uint8(x1) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4754,7 +4730,7 @@ func Msat(out1 *[9]uint32) { func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, out5 *[8]uint32, arg1 uint32, arg2 *[9]uint32, arg3 *[9]uint32, arg4 *[8]uint32, arg5 *[8]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -4960,161 +4936,160 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou cmovznzU32(&x132, x3, arg5[6], x122) var x133 uint32 cmovznzU32(&x133, x3, arg5[7], x124) - x134 := (uint1(x34) & 0x1) + var x134 uint32 + cmovznzU32(&x134, uint1(x34), uint32(0x0), x7) var x135 uint32 - cmovznzU32(&x135, x134, uint32(0x0), x7) + cmovznzU32(&x135, uint1(x34), uint32(0x0), x8) var x136 uint32 - cmovznzU32(&x136, x134, uint32(0x0), x8) + cmovznzU32(&x136, uint1(x34), uint32(0x0), x9) var x137 uint32 - cmovznzU32(&x137, x134, uint32(0x0), x9) + cmovznzU32(&x137, uint1(x34), uint32(0x0), x10) var x138 uint32 - cmovznzU32(&x138, x134, uint32(0x0), x10) + cmovznzU32(&x138, uint1(x34), uint32(0x0), x11) var x139 uint32 - cmovznzU32(&x139, x134, uint32(0x0), x11) + cmovznzU32(&x139, uint1(x34), uint32(0x0), x12) var x140 uint32 - cmovznzU32(&x140, x134, uint32(0x0), x12) + cmovznzU32(&x140, uint1(x34), uint32(0x0), x13) var x141 uint32 - cmovznzU32(&x141, x134, uint32(0x0), x13) + cmovznzU32(&x141, uint1(x34), uint32(0x0), x14) var x142 uint32 - cmovznzU32(&x142, x134, uint32(0x0), x14) + cmovznzU32(&x142, uint1(x34), uint32(0x0), x15) var x143 uint32 - cmovznzU32(&x143, x134, uint32(0x0), x15) var x144 uint32 + x143, x144 = bits.Add32(x34, x134, uint32(0x0)) var x145 uint32 - x144, x145 = bits.Add32(x34, x135, uint32(0x0)) var x146 uint32 + x145, x146 = bits.Add32(x35, x135, uint32(uint1(x144))) var x147 uint32 - x146, x147 = bits.Add32(x35, x136, uint32(uint1(x145))) var x148 uint32 + x147, x148 = bits.Add32(x36, x136, uint32(uint1(x146))) var x149 uint32 - x148, x149 = bits.Add32(x36, x137, uint32(uint1(x147))) var x150 uint32 + x149, x150 = bits.Add32(x37, x137, uint32(uint1(x148))) var x151 uint32 - x150, x151 = bits.Add32(x37, x138, uint32(uint1(x149))) var x152 uint32 + x151, x152 = bits.Add32(x38, x138, uint32(uint1(x150))) var x153 uint32 - x152, x153 = bits.Add32(x38, x139, uint32(uint1(x151))) var x154 uint32 + x153, x154 = bits.Add32(x39, x139, uint32(uint1(x152))) var x155 uint32 - x154, x155 = bits.Add32(x39, x140, uint32(uint1(x153))) var x156 uint32 + x155, x156 = bits.Add32(x40, x140, uint32(uint1(x154))) var x157 uint32 - x156, x157 = bits.Add32(x40, x141, uint32(uint1(x155))) var x158 uint32 + x157, x158 = bits.Add32(x41, x141, uint32(uint1(x156))) var x159 uint32 - x158, x159 = bits.Add32(x41, x142, uint32(uint1(x157))) - var x160 uint32 - x160, _ = bits.Add32(x42, x143, uint32(uint1(x159))) + x159, _ = bits.Add32(x42, x142, uint32(uint1(x158))) + var x161 uint32 + cmovznzU32(&x161, uint1(x34), uint32(0x0), x43) var x162 uint32 - cmovznzU32(&x162, x134, uint32(0x0), x43) + cmovznzU32(&x162, uint1(x34), uint32(0x0), x44) var x163 uint32 - cmovznzU32(&x163, x134, uint32(0x0), x44) + cmovznzU32(&x163, uint1(x34), uint32(0x0), x45) var x164 uint32 - cmovznzU32(&x164, x134, uint32(0x0), x45) + cmovznzU32(&x164, uint1(x34), uint32(0x0), x46) var x165 uint32 - cmovznzU32(&x165, x134, uint32(0x0), x46) + cmovznzU32(&x165, uint1(x34), uint32(0x0), x47) var x166 uint32 - cmovznzU32(&x166, x134, uint32(0x0), x47) + cmovznzU32(&x166, uint1(x34), uint32(0x0), x48) var x167 uint32 - cmovznzU32(&x167, x134, uint32(0x0), x48) + cmovznzU32(&x167, uint1(x34), uint32(0x0), x49) var x168 uint32 - cmovznzU32(&x168, x134, uint32(0x0), x49) + cmovznzU32(&x168, uint1(x34), uint32(0x0), x50) var x169 uint32 - cmovznzU32(&x169, x134, uint32(0x0), x50) var x170 uint32 + x169, x170 = bits.Add32(x126, x161, uint32(0x0)) var x171 uint32 - x170, x171 = bits.Add32(x126, x162, uint32(0x0)) var x172 uint32 + x171, x172 = bits.Add32(x127, x162, uint32(uint1(x170))) var x173 uint32 - x172, x173 = bits.Add32(x127, x163, uint32(uint1(x171))) var x174 uint32 + x173, x174 = bits.Add32(x128, x163, uint32(uint1(x172))) var x175 uint32 - x174, x175 = bits.Add32(x128, x164, uint32(uint1(x173))) var x176 uint32 + x175, x176 = bits.Add32(x129, x164, uint32(uint1(x174))) var x177 uint32 - x176, x177 = bits.Add32(x129, x165, uint32(uint1(x175))) var x178 uint32 + x177, x178 = bits.Add32(x130, x165, uint32(uint1(x176))) var x179 uint32 - x178, x179 = bits.Add32(x130, x166, uint32(uint1(x177))) var x180 uint32 + x179, x180 = bits.Add32(x131, x166, uint32(uint1(x178))) var x181 uint32 - x180, x181 = bits.Add32(x131, x167, uint32(uint1(x179))) var x182 uint32 + x181, x182 = bits.Add32(x132, x167, uint32(uint1(x180))) var x183 uint32 - x182, x183 = bits.Add32(x132, x168, uint32(uint1(x181))) var x184 uint32 + x183, x184 = bits.Add32(x133, x168, uint32(uint1(x182))) var x185 uint32 - x184, x185 = bits.Add32(x133, x169, uint32(uint1(x183))) var x186 uint32 + x185, x186 = bits.Sub32(x169, 0xfc632551, uint32(0x0)) var x187 uint32 - x186, x187 = bits.Sub32(x170, 0xfc632551, uint32(0x0)) var x188 uint32 + x187, x188 = bits.Sub32(x171, 0xf3b9cac2, uint32(uint1(x186))) var x189 uint32 - x188, x189 = bits.Sub32(x172, 0xf3b9cac2, uint32(uint1(x187))) var x190 uint32 + x189, x190 = bits.Sub32(x173, 0xa7179e84, uint32(uint1(x188))) var x191 uint32 - x190, x191 = bits.Sub32(x174, 0xa7179e84, uint32(uint1(x189))) var x192 uint32 + x191, x192 = bits.Sub32(x175, 0xbce6faad, uint32(uint1(x190))) var x193 uint32 - x192, x193 = bits.Sub32(x176, 0xbce6faad, uint32(uint1(x191))) var x194 uint32 + x193, x194 = bits.Sub32(x177, 0xffffffff, uint32(uint1(x192))) var x195 uint32 - x194, x195 = bits.Sub32(x178, 0xffffffff, uint32(uint1(x193))) var x196 uint32 + x195, x196 = bits.Sub32(x179, 0xffffffff, uint32(uint1(x194))) var x197 uint32 - x196, x197 = bits.Sub32(x180, 0xffffffff, uint32(uint1(x195))) var x198 uint32 + x197, x198 = bits.Sub32(x181, uint32(0x0), uint32(uint1(x196))) var x199 uint32 - x198, x199 = bits.Sub32(x182, uint32(0x0), uint32(uint1(x197))) var x200 uint32 - var x201 uint32 - x200, x201 = bits.Sub32(x184, 0xffffffff, uint32(uint1(x199))) + x199, x200 = bits.Sub32(x183, 0xffffffff, uint32(uint1(x198))) + var x202 uint32 + _, x202 = bits.Sub32(uint32(uint1(x184)), uint32(0x0), uint32(uint1(x200))) var x203 uint32 - _, x203 = bits.Sub32(uint32(uint1(x185)), uint32(0x0), uint32(uint1(x201))) - var x204 uint32 - x204, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x206 := ((x144 >> 1) | ((x146 << 31) & 0xffffffff)) - x207 := ((x146 >> 1) | ((x148 << 31) & 0xffffffff)) - x208 := ((x148 >> 1) | ((x150 << 31) & 0xffffffff)) - x209 := ((x150 >> 1) | ((x152 << 31) & 0xffffffff)) - x210 := ((x152 >> 1) | ((x154 << 31) & 0xffffffff)) - x211 := ((x154 >> 1) | ((x156 << 31) & 0xffffffff)) - x212 := ((x156 >> 1) | ((x158 << 31) & 0xffffffff)) - x213 := ((x158 >> 1) | ((x160 << 31) & 0xffffffff)) - x214 := ((x160 & 0x80000000) | (x160 >> 1)) + x203, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x205 := ((x143 >> 1) | ((x145 << 31) & 0xffffffff)) + x206 := ((x145 >> 1) | ((x147 << 31) & 0xffffffff)) + x207 := ((x147 >> 1) | ((x149 << 31) & 0xffffffff)) + x208 := ((x149 >> 1) | ((x151 << 31) & 0xffffffff)) + x209 := ((x151 >> 1) | ((x153 << 31) & 0xffffffff)) + x210 := ((x153 >> 1) | ((x155 << 31) & 0xffffffff)) + x211 := ((x155 >> 1) | ((x157 << 31) & 0xffffffff)) + x212 := ((x157 >> 1) | ((x159 << 31) & 0xffffffff)) + x213 := ((x159 & 0x80000000) | (x159 >> 1)) + var x214 uint32 + cmovznzU32(&x214, uint1(x84), x67, x51) var x215 uint32 - cmovznzU32(&x215, uint1(x84), x67, x51) + cmovznzU32(&x215, uint1(x84), x69, x53) var x216 uint32 - cmovznzU32(&x216, uint1(x84), x69, x53) + cmovznzU32(&x216, uint1(x84), x71, x55) var x217 uint32 - cmovznzU32(&x217, uint1(x84), x71, x55) + cmovznzU32(&x217, uint1(x84), x73, x57) var x218 uint32 - cmovznzU32(&x218, uint1(x84), x73, x57) + cmovznzU32(&x218, uint1(x84), x75, x59) var x219 uint32 - cmovznzU32(&x219, uint1(x84), x75, x59) + cmovznzU32(&x219, uint1(x84), x77, x61) var x220 uint32 - cmovznzU32(&x220, uint1(x84), x77, x61) + cmovznzU32(&x220, uint1(x84), x79, x63) var x221 uint32 - cmovznzU32(&x221, uint1(x84), x79, x63) + cmovznzU32(&x221, uint1(x84), x81, x65) var x222 uint32 - cmovznzU32(&x222, uint1(x84), x81, x65) + cmovznzU32(&x222, uint1(x202), x185, x169) var x223 uint32 - cmovznzU32(&x223, uint1(x203), x186, x170) + cmovznzU32(&x223, uint1(x202), x187, x171) var x224 uint32 - cmovznzU32(&x224, uint1(x203), x188, x172) + cmovznzU32(&x224, uint1(x202), x189, x173) var x225 uint32 - cmovznzU32(&x225, uint1(x203), x190, x174) + cmovznzU32(&x225, uint1(x202), x191, x175) var x226 uint32 - cmovznzU32(&x226, uint1(x203), x192, x176) + cmovznzU32(&x226, uint1(x202), x193, x177) var x227 uint32 - cmovznzU32(&x227, uint1(x203), x194, x178) + cmovznzU32(&x227, uint1(x202), x195, x179) var x228 uint32 - cmovznzU32(&x228, uint1(x203), x196, x180) + cmovznzU32(&x228, uint1(x202), x197, x181) var x229 uint32 - cmovznzU32(&x229, uint1(x203), x198, x182) - var x230 uint32 - cmovznzU32(&x230, uint1(x203), x200, x184) - *out1 = x204 + cmovznzU32(&x229, uint1(x202), x199, x183) + *out1 = x203 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -5124,31 +5099,31 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou out2[6] = x13 out2[7] = x14 out2[8] = x15 - out3[0] = x206 - out3[1] = x207 - out3[2] = x208 - out3[3] = x209 - out3[4] = x210 - out3[5] = x211 - out3[6] = x212 - out3[7] = x213 - out3[8] = x214 - out4[0] = x215 - out4[1] = x216 - out4[2] = x217 - out4[3] = x218 - out4[4] = x219 - out4[5] = x220 - out4[6] = x221 - out4[7] = x222 - out5[0] = x223 - out5[1] = x224 - out5[2] = x225 - out5[3] = x226 - out5[4] = x227 - out5[5] = x228 - out5[6] = x229 - out5[7] = x230 + out3[0] = x205 + out3[1] = x206 + out3[2] = x207 + out3[3] = x208 + out3[4] = x209 + out3[5] = x210 + out3[6] = x211 + out3[7] = x212 + out3[8] = x213 + out4[0] = x214 + out4[1] = x215 + out4[2] = x216 + out4[3] = x217 + out4[4] = x218 + out4[5] = x219 + out4[6] = x220 + out4[7] = x221 + out5[0] = x222 + out5[1] = x223 + out5[2] = x224 + out5[3] = x225 + out5[4] = x226 + out5[5] = x227 + out5[6] = x228 + out5[7] = x229 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p384/p384.go b/fiat-go/32/p384/p384.go index b9216da768..3ff90b45c3 100644 --- a/fiat-go/32/p384/p384.go +++ b/fiat-go/32/p384/p384.go @@ -8756,126 +8756,90 @@ func ToBytes(out1 *[48]uint8, arg1 *[12]uint32) { x10 := arg1[2] x11 := arg1[1] x12 := arg1[0] - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x11) & 0xff) - x20 := (x11 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := uint8((x22 >> 8)) - x25 := (uint8(x10) & 0xff) - x26 := (x10 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := uint8((x28 >> 8)) - x31 := (uint8(x9) & 0xff) - x32 := (x9 >> 8) - x33 := (uint8(x32) & 0xff) - x34 := (x32 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := uint8((x34 >> 8)) - x37 := (uint8(x8) & 0xff) - x38 := (x8 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := uint8((x40 >> 8)) - x43 := (uint8(x7) & 0xff) - x44 := (x7 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := (x44 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := uint8((x46 >> 8)) - x49 := (uint8(x6) & 0xff) - x50 := (x6 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := uint8((x52 >> 8)) - x55 := (uint8(x5) & 0xff) - x56 := (x5 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - x61 := (uint8(x4) & 0xff) - x62 := (x4 >> 8) - x63 := (uint8(x62) & 0xff) - x64 := (x62 >> 8) - x65 := (uint8(x64) & 0xff) - x66 := uint8((x64 >> 8)) - x67 := (uint8(x3) & 0xff) - x68 := (x3 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := uint8((x70 >> 8)) - x73 := (uint8(x2) & 0xff) - x74 := (x2 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := (x74 >> 8) - x77 := (uint8(x76) & 0xff) - x78 := uint8((x76 >> 8)) - x79 := (uint8(x1) & 0xff) - x80 := (x1 >> 8) - x81 := (uint8(x80) & 0xff) - x82 := (x80 >> 8) - x83 := (uint8(x82) & 0xff) - x84 := uint8((x82 >> 8)) - out1[0] = x13 - out1[1] = x15 - out1[2] = x17 - out1[3] = x18 - out1[4] = x19 - out1[5] = x21 - out1[6] = x23 - out1[7] = x24 - out1[8] = x25 - out1[9] = x27 - out1[10] = x29 - out1[11] = x30 - out1[12] = x31 - out1[13] = x33 - out1[14] = x35 - out1[15] = x36 - out1[16] = x37 - out1[17] = x39 - out1[18] = x41 - out1[19] = x42 - out1[20] = x43 - out1[21] = x45 - out1[22] = x47 - out1[23] = x48 - out1[24] = x49 - out1[25] = x51 - out1[26] = x53 - out1[27] = x54 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 - out1[32] = x61 - out1[33] = x63 - out1[34] = x65 - out1[35] = x66 - out1[36] = x67 - out1[37] = x69 - out1[38] = x71 - out1[39] = x72 - out1[40] = x73 - out1[41] = x75 - out1[42] = x77 - out1[43] = x78 - out1[44] = x79 - out1[45] = x81 - out1[46] = x83 - out1[47] = x84 + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := uint8((x14 >> 8)) + x16 := (x11 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x10 >> 8) + x20 := (x19 >> 8) + x21 := uint8((x20 >> 8)) + x22 := (x9 >> 8) + x23 := (x22 >> 8) + x24 := uint8((x23 >> 8)) + x25 := (x8 >> 8) + x26 := (x25 >> 8) + x27 := uint8((x26 >> 8)) + x28 := (x7 >> 8) + x29 := (x28 >> 8) + x30 := uint8((x29 >> 8)) + x31 := (x6 >> 8) + x32 := (x31 >> 8) + x33 := uint8((x32 >> 8)) + x34 := (x5 >> 8) + x35 := (x34 >> 8) + x36 := uint8((x35 >> 8)) + x37 := (x4 >> 8) + x38 := (x37 >> 8) + x39 := uint8((x38 >> 8)) + x40 := (x3 >> 8) + x41 := (x40 >> 8) + x42 := uint8((x41 >> 8)) + x43 := (x2 >> 8) + x44 := (x43 >> 8) + x45 := uint8((x44 >> 8)) + x46 := (x1 >> 8) + x47 := (x46 >> 8) + x48 := uint8((x47 >> 8)) + out1[0] = uint8(x12) + out1[1] = uint8(x13) + out1[2] = uint8(x14) + out1[3] = x15 + out1[4] = uint8(x11) + out1[5] = uint8(x16) + out1[6] = uint8(x17) + out1[7] = x18 + out1[8] = uint8(x10) + out1[9] = uint8(x19) + out1[10] = uint8(x20) + out1[11] = x21 + out1[12] = uint8(x9) + out1[13] = uint8(x22) + out1[14] = uint8(x23) + out1[15] = x24 + out1[16] = uint8(x8) + out1[17] = uint8(x25) + out1[18] = uint8(x26) + out1[19] = x27 + out1[20] = uint8(x7) + out1[21] = uint8(x28) + out1[22] = uint8(x29) + out1[23] = x30 + out1[24] = uint8(x6) + out1[25] = uint8(x31) + out1[26] = uint8(x32) + out1[27] = x33 + out1[28] = uint8(x5) + out1[29] = uint8(x34) + out1[30] = uint8(x35) + out1[31] = x36 + out1[32] = uint8(x4) + out1[33] = uint8(x37) + out1[34] = uint8(x38) + out1[35] = x39 + out1[36] = uint8(x3) + out1[37] = uint8(x40) + out1[38] = uint8(x41) + out1[39] = x42 + out1[40] = uint8(x2) + out1[41] = uint8(x43) + out1[42] = uint8(x44) + out1[43] = x45 + out1[44] = uint8(x1) + out1[45] = uint8(x46) + out1[46] = uint8(x47) + out1[47] = x48 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -9065,7 +9029,7 @@ func Msat(out1 *[13]uint32) { func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, out5 *[12]uint32, arg1 uint32, arg2 *[13]uint32, arg3 *[13]uint32, arg4 *[12]uint32, arg5 *[12]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -9367,233 +9331,232 @@ func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, cmovznzU32(&x192, x3, arg5[10], x178) var x193 uint32 cmovznzU32(&x193, x3, arg5[11], x180) - x194 := (uint1(x46) & 0x1) + var x194 uint32 + cmovznzU32(&x194, uint1(x46), uint32(0x0), x7) var x195 uint32 - cmovznzU32(&x195, x194, uint32(0x0), x7) + cmovznzU32(&x195, uint1(x46), uint32(0x0), x8) var x196 uint32 - cmovznzU32(&x196, x194, uint32(0x0), x8) + cmovznzU32(&x196, uint1(x46), uint32(0x0), x9) var x197 uint32 - cmovznzU32(&x197, x194, uint32(0x0), x9) + cmovznzU32(&x197, uint1(x46), uint32(0x0), x10) var x198 uint32 - cmovznzU32(&x198, x194, uint32(0x0), x10) + cmovznzU32(&x198, uint1(x46), uint32(0x0), x11) var x199 uint32 - cmovznzU32(&x199, x194, uint32(0x0), x11) + cmovznzU32(&x199, uint1(x46), uint32(0x0), x12) var x200 uint32 - cmovznzU32(&x200, x194, uint32(0x0), x12) + cmovznzU32(&x200, uint1(x46), uint32(0x0), x13) var x201 uint32 - cmovznzU32(&x201, x194, uint32(0x0), x13) + cmovznzU32(&x201, uint1(x46), uint32(0x0), x14) var x202 uint32 - cmovznzU32(&x202, x194, uint32(0x0), x14) + cmovznzU32(&x202, uint1(x46), uint32(0x0), x15) var x203 uint32 - cmovznzU32(&x203, x194, uint32(0x0), x15) + cmovznzU32(&x203, uint1(x46), uint32(0x0), x16) var x204 uint32 - cmovznzU32(&x204, x194, uint32(0x0), x16) + cmovznzU32(&x204, uint1(x46), uint32(0x0), x17) var x205 uint32 - cmovznzU32(&x205, x194, uint32(0x0), x17) + cmovznzU32(&x205, uint1(x46), uint32(0x0), x18) var x206 uint32 - cmovznzU32(&x206, x194, uint32(0x0), x18) + cmovznzU32(&x206, uint1(x46), uint32(0x0), x19) var x207 uint32 - cmovznzU32(&x207, x194, uint32(0x0), x19) var x208 uint32 + x207, x208 = bits.Add32(x46, x194, uint32(0x0)) var x209 uint32 - x208, x209 = bits.Add32(x46, x195, uint32(0x0)) var x210 uint32 + x209, x210 = bits.Add32(x47, x195, uint32(uint1(x208))) var x211 uint32 - x210, x211 = bits.Add32(x47, x196, uint32(uint1(x209))) var x212 uint32 + x211, x212 = bits.Add32(x48, x196, uint32(uint1(x210))) var x213 uint32 - x212, x213 = bits.Add32(x48, x197, uint32(uint1(x211))) var x214 uint32 + x213, x214 = bits.Add32(x49, x197, uint32(uint1(x212))) var x215 uint32 - x214, x215 = bits.Add32(x49, x198, uint32(uint1(x213))) var x216 uint32 + x215, x216 = bits.Add32(x50, x198, uint32(uint1(x214))) var x217 uint32 - x216, x217 = bits.Add32(x50, x199, uint32(uint1(x215))) var x218 uint32 + x217, x218 = bits.Add32(x51, x199, uint32(uint1(x216))) var x219 uint32 - x218, x219 = bits.Add32(x51, x200, uint32(uint1(x217))) var x220 uint32 + x219, x220 = bits.Add32(x52, x200, uint32(uint1(x218))) var x221 uint32 - x220, x221 = bits.Add32(x52, x201, uint32(uint1(x219))) var x222 uint32 + x221, x222 = bits.Add32(x53, x201, uint32(uint1(x220))) var x223 uint32 - x222, x223 = bits.Add32(x53, x202, uint32(uint1(x221))) var x224 uint32 + x223, x224 = bits.Add32(x54, x202, uint32(uint1(x222))) var x225 uint32 - x224, x225 = bits.Add32(x54, x203, uint32(uint1(x223))) var x226 uint32 + x225, x226 = bits.Add32(x55, x203, uint32(uint1(x224))) var x227 uint32 - x226, x227 = bits.Add32(x55, x204, uint32(uint1(x225))) var x228 uint32 + x227, x228 = bits.Add32(x56, x204, uint32(uint1(x226))) var x229 uint32 - x228, x229 = bits.Add32(x56, x205, uint32(uint1(x227))) var x230 uint32 + x229, x230 = bits.Add32(x57, x205, uint32(uint1(x228))) var x231 uint32 - x230, x231 = bits.Add32(x57, x206, uint32(uint1(x229))) - var x232 uint32 - x232, _ = bits.Add32(x58, x207, uint32(uint1(x231))) + x231, _ = bits.Add32(x58, x206, uint32(uint1(x230))) + var x233 uint32 + cmovznzU32(&x233, uint1(x46), uint32(0x0), x59) var x234 uint32 - cmovznzU32(&x234, x194, uint32(0x0), x59) + cmovznzU32(&x234, uint1(x46), uint32(0x0), x60) var x235 uint32 - cmovznzU32(&x235, x194, uint32(0x0), x60) + cmovznzU32(&x235, uint1(x46), uint32(0x0), x61) var x236 uint32 - cmovznzU32(&x236, x194, uint32(0x0), x61) + cmovznzU32(&x236, uint1(x46), uint32(0x0), x62) var x237 uint32 - cmovznzU32(&x237, x194, uint32(0x0), x62) + cmovznzU32(&x237, uint1(x46), uint32(0x0), x63) var x238 uint32 - cmovznzU32(&x238, x194, uint32(0x0), x63) + cmovznzU32(&x238, uint1(x46), uint32(0x0), x64) var x239 uint32 - cmovznzU32(&x239, x194, uint32(0x0), x64) + cmovznzU32(&x239, uint1(x46), uint32(0x0), x65) var x240 uint32 - cmovznzU32(&x240, x194, uint32(0x0), x65) + cmovznzU32(&x240, uint1(x46), uint32(0x0), x66) var x241 uint32 - cmovznzU32(&x241, x194, uint32(0x0), x66) + cmovznzU32(&x241, uint1(x46), uint32(0x0), x67) var x242 uint32 - cmovznzU32(&x242, x194, uint32(0x0), x67) + cmovznzU32(&x242, uint1(x46), uint32(0x0), x68) var x243 uint32 - cmovznzU32(&x243, x194, uint32(0x0), x68) + cmovznzU32(&x243, uint1(x46), uint32(0x0), x69) var x244 uint32 - cmovznzU32(&x244, x194, uint32(0x0), x69) + cmovznzU32(&x244, uint1(x46), uint32(0x0), x70) var x245 uint32 - cmovznzU32(&x245, x194, uint32(0x0), x70) var x246 uint32 + x245, x246 = bits.Add32(x182, x233, uint32(0x0)) var x247 uint32 - x246, x247 = bits.Add32(x182, x234, uint32(0x0)) var x248 uint32 + x247, x248 = bits.Add32(x183, x234, uint32(uint1(x246))) var x249 uint32 - x248, x249 = bits.Add32(x183, x235, uint32(uint1(x247))) var x250 uint32 + x249, x250 = bits.Add32(x184, x235, uint32(uint1(x248))) var x251 uint32 - x250, x251 = bits.Add32(x184, x236, uint32(uint1(x249))) var x252 uint32 + x251, x252 = bits.Add32(x185, x236, uint32(uint1(x250))) var x253 uint32 - x252, x253 = bits.Add32(x185, x237, uint32(uint1(x251))) var x254 uint32 + x253, x254 = bits.Add32(x186, x237, uint32(uint1(x252))) var x255 uint32 - x254, x255 = bits.Add32(x186, x238, uint32(uint1(x253))) var x256 uint32 + x255, x256 = bits.Add32(x187, x238, uint32(uint1(x254))) var x257 uint32 - x256, x257 = bits.Add32(x187, x239, uint32(uint1(x255))) var x258 uint32 + x257, x258 = bits.Add32(x188, x239, uint32(uint1(x256))) var x259 uint32 - x258, x259 = bits.Add32(x188, x240, uint32(uint1(x257))) var x260 uint32 + x259, x260 = bits.Add32(x189, x240, uint32(uint1(x258))) var x261 uint32 - x260, x261 = bits.Add32(x189, x241, uint32(uint1(x259))) var x262 uint32 + x261, x262 = bits.Add32(x190, x241, uint32(uint1(x260))) var x263 uint32 - x262, x263 = bits.Add32(x190, x242, uint32(uint1(x261))) var x264 uint32 + x263, x264 = bits.Add32(x191, x242, uint32(uint1(x262))) var x265 uint32 - x264, x265 = bits.Add32(x191, x243, uint32(uint1(x263))) var x266 uint32 + x265, x266 = bits.Add32(x192, x243, uint32(uint1(x264))) var x267 uint32 - x266, x267 = bits.Add32(x192, x244, uint32(uint1(x265))) var x268 uint32 + x267, x268 = bits.Add32(x193, x244, uint32(uint1(x266))) var x269 uint32 - x268, x269 = bits.Add32(x193, x245, uint32(uint1(x267))) var x270 uint32 + x269, x270 = bits.Sub32(x245, 0xffffffff, uint32(0x0)) var x271 uint32 - x270, x271 = bits.Sub32(x246, 0xffffffff, uint32(0x0)) var x272 uint32 + x271, x272 = bits.Sub32(x247, uint32(0x0), uint32(uint1(x270))) var x273 uint32 - x272, x273 = bits.Sub32(x248, uint32(0x0), uint32(uint1(x271))) var x274 uint32 + x273, x274 = bits.Sub32(x249, uint32(0x0), uint32(uint1(x272))) var x275 uint32 - x274, x275 = bits.Sub32(x250, uint32(0x0), uint32(uint1(x273))) var x276 uint32 + x275, x276 = bits.Sub32(x251, 0xffffffff, uint32(uint1(x274))) var x277 uint32 - x276, x277 = bits.Sub32(x252, 0xffffffff, uint32(uint1(x275))) var x278 uint32 + x277, x278 = bits.Sub32(x253, 0xfffffffe, uint32(uint1(x276))) var x279 uint32 - x278, x279 = bits.Sub32(x254, 0xfffffffe, uint32(uint1(x277))) var x280 uint32 + x279, x280 = bits.Sub32(x255, 0xffffffff, uint32(uint1(x278))) var x281 uint32 - x280, x281 = bits.Sub32(x256, 0xffffffff, uint32(uint1(x279))) var x282 uint32 + x281, x282 = bits.Sub32(x257, 0xffffffff, uint32(uint1(x280))) var x283 uint32 - x282, x283 = bits.Sub32(x258, 0xffffffff, uint32(uint1(x281))) var x284 uint32 + x283, x284 = bits.Sub32(x259, 0xffffffff, uint32(uint1(x282))) var x285 uint32 - x284, x285 = bits.Sub32(x260, 0xffffffff, uint32(uint1(x283))) var x286 uint32 + x285, x286 = bits.Sub32(x261, 0xffffffff, uint32(uint1(x284))) var x287 uint32 - x286, x287 = bits.Sub32(x262, 0xffffffff, uint32(uint1(x285))) var x288 uint32 + x287, x288 = bits.Sub32(x263, 0xffffffff, uint32(uint1(x286))) var x289 uint32 - x288, x289 = bits.Sub32(x264, 0xffffffff, uint32(uint1(x287))) var x290 uint32 + x289, x290 = bits.Sub32(x265, 0xffffffff, uint32(uint1(x288))) var x291 uint32 - x290, x291 = bits.Sub32(x266, 0xffffffff, uint32(uint1(x289))) var x292 uint32 - var x293 uint32 - x292, x293 = bits.Sub32(x268, 0xffffffff, uint32(uint1(x291))) + x291, x292 = bits.Sub32(x267, 0xffffffff, uint32(uint1(x290))) + var x294 uint32 + _, x294 = bits.Sub32(uint32(uint1(x268)), uint32(0x0), uint32(uint1(x292))) var x295 uint32 - _, x295 = bits.Sub32(uint32(uint1(x269)), uint32(0x0), uint32(uint1(x293))) - var x296 uint32 - x296, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x298 := ((x208 >> 1) | ((x210 << 31) & 0xffffffff)) - x299 := ((x210 >> 1) | ((x212 << 31) & 0xffffffff)) - x300 := ((x212 >> 1) | ((x214 << 31) & 0xffffffff)) - x301 := ((x214 >> 1) | ((x216 << 31) & 0xffffffff)) - x302 := ((x216 >> 1) | ((x218 << 31) & 0xffffffff)) - x303 := ((x218 >> 1) | ((x220 << 31) & 0xffffffff)) - x304 := ((x220 >> 1) | ((x222 << 31) & 0xffffffff)) - x305 := ((x222 >> 1) | ((x224 << 31) & 0xffffffff)) - x306 := ((x224 >> 1) | ((x226 << 31) & 0xffffffff)) - x307 := ((x226 >> 1) | ((x228 << 31) & 0xffffffff)) - x308 := ((x228 >> 1) | ((x230 << 31) & 0xffffffff)) - x309 := ((x230 >> 1) | ((x232 << 31) & 0xffffffff)) - x310 := ((x232 & 0x80000000) | (x232 >> 1)) + x295, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x297 := ((x207 >> 1) | ((x209 << 31) & 0xffffffff)) + x298 := ((x209 >> 1) | ((x211 << 31) & 0xffffffff)) + x299 := ((x211 >> 1) | ((x213 << 31) & 0xffffffff)) + x300 := ((x213 >> 1) | ((x215 << 31) & 0xffffffff)) + x301 := ((x215 >> 1) | ((x217 << 31) & 0xffffffff)) + x302 := ((x217 >> 1) | ((x219 << 31) & 0xffffffff)) + x303 := ((x219 >> 1) | ((x221 << 31) & 0xffffffff)) + x304 := ((x221 >> 1) | ((x223 << 31) & 0xffffffff)) + x305 := ((x223 >> 1) | ((x225 << 31) & 0xffffffff)) + x306 := ((x225 >> 1) | ((x227 << 31) & 0xffffffff)) + x307 := ((x227 >> 1) | ((x229 << 31) & 0xffffffff)) + x308 := ((x229 >> 1) | ((x231 << 31) & 0xffffffff)) + x309 := ((x231 & 0x80000000) | (x231 >> 1)) + var x310 uint32 + cmovznzU32(&x310, uint1(x120), x95, x71) var x311 uint32 - cmovznzU32(&x311, uint1(x120), x95, x71) + cmovznzU32(&x311, uint1(x120), x97, x73) var x312 uint32 - cmovznzU32(&x312, uint1(x120), x97, x73) + cmovznzU32(&x312, uint1(x120), x99, x75) var x313 uint32 - cmovznzU32(&x313, uint1(x120), x99, x75) + cmovznzU32(&x313, uint1(x120), x101, x77) var x314 uint32 - cmovznzU32(&x314, uint1(x120), x101, x77) + cmovznzU32(&x314, uint1(x120), x103, x79) var x315 uint32 - cmovznzU32(&x315, uint1(x120), x103, x79) + cmovznzU32(&x315, uint1(x120), x105, x81) var x316 uint32 - cmovznzU32(&x316, uint1(x120), x105, x81) + cmovznzU32(&x316, uint1(x120), x107, x83) var x317 uint32 - cmovznzU32(&x317, uint1(x120), x107, x83) + cmovznzU32(&x317, uint1(x120), x109, x85) var x318 uint32 - cmovznzU32(&x318, uint1(x120), x109, x85) + cmovznzU32(&x318, uint1(x120), x111, x87) var x319 uint32 - cmovznzU32(&x319, uint1(x120), x111, x87) + cmovznzU32(&x319, uint1(x120), x113, x89) var x320 uint32 - cmovznzU32(&x320, uint1(x120), x113, x89) + cmovznzU32(&x320, uint1(x120), x115, x91) var x321 uint32 - cmovznzU32(&x321, uint1(x120), x115, x91) + cmovznzU32(&x321, uint1(x120), x117, x93) var x322 uint32 - cmovznzU32(&x322, uint1(x120), x117, x93) + cmovznzU32(&x322, uint1(x294), x269, x245) var x323 uint32 - cmovznzU32(&x323, uint1(x295), x270, x246) + cmovznzU32(&x323, uint1(x294), x271, x247) var x324 uint32 - cmovznzU32(&x324, uint1(x295), x272, x248) + cmovznzU32(&x324, uint1(x294), x273, x249) var x325 uint32 - cmovznzU32(&x325, uint1(x295), x274, x250) + cmovznzU32(&x325, uint1(x294), x275, x251) var x326 uint32 - cmovznzU32(&x326, uint1(x295), x276, x252) + cmovznzU32(&x326, uint1(x294), x277, x253) var x327 uint32 - cmovznzU32(&x327, uint1(x295), x278, x254) + cmovznzU32(&x327, uint1(x294), x279, x255) var x328 uint32 - cmovznzU32(&x328, uint1(x295), x280, x256) + cmovznzU32(&x328, uint1(x294), x281, x257) var x329 uint32 - cmovznzU32(&x329, uint1(x295), x282, x258) + cmovznzU32(&x329, uint1(x294), x283, x259) var x330 uint32 - cmovznzU32(&x330, uint1(x295), x284, x260) + cmovznzU32(&x330, uint1(x294), x285, x261) var x331 uint32 - cmovznzU32(&x331, uint1(x295), x286, x262) + cmovznzU32(&x331, uint1(x294), x287, x263) var x332 uint32 - cmovznzU32(&x332, uint1(x295), x288, x264) + cmovznzU32(&x332, uint1(x294), x289, x265) var x333 uint32 - cmovznzU32(&x333, uint1(x295), x290, x266) - var x334 uint32 - cmovznzU32(&x334, uint1(x295), x292, x268) - *out1 = x296 + cmovznzU32(&x333, uint1(x294), x291, x267) + *out1 = x295 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -9607,43 +9570,43 @@ func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, out2[10] = x17 out2[11] = x18 out2[12] = x19 - out3[0] = x298 - out3[1] = x299 - out3[2] = x300 - out3[3] = x301 - out3[4] = x302 - out3[5] = x303 - out3[6] = x304 - out3[7] = x305 - out3[8] = x306 - out3[9] = x307 - out3[10] = x308 - out3[11] = x309 - out3[12] = x310 - out4[0] = x311 - out4[1] = x312 - out4[2] = x313 - out4[3] = x314 - out4[4] = x315 - out4[5] = x316 - out4[6] = x317 - out4[7] = x318 - out4[8] = x319 - out4[9] = x320 - out4[10] = x321 - out4[11] = x322 - out5[0] = x323 - out5[1] = x324 - out5[2] = x325 - out5[3] = x326 - out5[4] = x327 - out5[5] = x328 - out5[6] = x329 - out5[7] = x330 - out5[8] = x331 - out5[9] = x332 - out5[10] = x333 - out5[11] = x334 + out3[0] = x297 + out3[1] = x298 + out3[2] = x299 + out3[3] = x300 + out3[4] = x301 + out3[5] = x302 + out3[6] = x303 + out3[7] = x304 + out3[8] = x305 + out3[9] = x306 + out3[10] = x307 + out3[11] = x308 + out3[12] = x309 + out4[0] = x310 + out4[1] = x311 + out4[2] = x312 + out4[3] = x313 + out4[4] = x314 + out4[5] = x315 + out4[6] = x316 + out4[7] = x317 + out4[8] = x318 + out4[9] = x319 + out4[10] = x320 + out4[11] = x321 + out5[0] = x322 + out5[1] = x323 + out5[2] = x324 + out5[3] = x325 + out5[4] = x326 + out5[5] = x327 + out5[6] = x328 + out5[7] = x329 + out5[8] = x330 + out5[9] = x331 + out5[10] = x332 + out5[11] = x333 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p384scalar/p384scalar.go b/fiat-go/32/p384scalar/p384scalar.go index f567181972..43367d69d7 100644 --- a/fiat-go/32/p384scalar/p384scalar.go +++ b/fiat-go/32/p384scalar/p384scalar.go @@ -10292,126 +10292,90 @@ func ToBytes(out1 *[48]uint8, arg1 *[12]uint32) { x10 := arg1[2] x11 := arg1[1] x12 := arg1[0] - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x11) & 0xff) - x20 := (x11 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := uint8((x22 >> 8)) - x25 := (uint8(x10) & 0xff) - x26 := (x10 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := uint8((x28 >> 8)) - x31 := (uint8(x9) & 0xff) - x32 := (x9 >> 8) - x33 := (uint8(x32) & 0xff) - x34 := (x32 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := uint8((x34 >> 8)) - x37 := (uint8(x8) & 0xff) - x38 := (x8 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := uint8((x40 >> 8)) - x43 := (uint8(x7) & 0xff) - x44 := (x7 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := (x44 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := uint8((x46 >> 8)) - x49 := (uint8(x6) & 0xff) - x50 := (x6 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := uint8((x52 >> 8)) - x55 := (uint8(x5) & 0xff) - x56 := (x5 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - x61 := (uint8(x4) & 0xff) - x62 := (x4 >> 8) - x63 := (uint8(x62) & 0xff) - x64 := (x62 >> 8) - x65 := (uint8(x64) & 0xff) - x66 := uint8((x64 >> 8)) - x67 := (uint8(x3) & 0xff) - x68 := (x3 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := uint8((x70 >> 8)) - x73 := (uint8(x2) & 0xff) - x74 := (x2 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := (x74 >> 8) - x77 := (uint8(x76) & 0xff) - x78 := uint8((x76 >> 8)) - x79 := (uint8(x1) & 0xff) - x80 := (x1 >> 8) - x81 := (uint8(x80) & 0xff) - x82 := (x80 >> 8) - x83 := (uint8(x82) & 0xff) - x84 := uint8((x82 >> 8)) - out1[0] = x13 - out1[1] = x15 - out1[2] = x17 - out1[3] = x18 - out1[4] = x19 - out1[5] = x21 - out1[6] = x23 - out1[7] = x24 - out1[8] = x25 - out1[9] = x27 - out1[10] = x29 - out1[11] = x30 - out1[12] = x31 - out1[13] = x33 - out1[14] = x35 - out1[15] = x36 - out1[16] = x37 - out1[17] = x39 - out1[18] = x41 - out1[19] = x42 - out1[20] = x43 - out1[21] = x45 - out1[22] = x47 - out1[23] = x48 - out1[24] = x49 - out1[25] = x51 - out1[26] = x53 - out1[27] = x54 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 - out1[32] = x61 - out1[33] = x63 - out1[34] = x65 - out1[35] = x66 - out1[36] = x67 - out1[37] = x69 - out1[38] = x71 - out1[39] = x72 - out1[40] = x73 - out1[41] = x75 - out1[42] = x77 - out1[43] = x78 - out1[44] = x79 - out1[45] = x81 - out1[46] = x83 - out1[47] = x84 + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := uint8((x14 >> 8)) + x16 := (x11 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x10 >> 8) + x20 := (x19 >> 8) + x21 := uint8((x20 >> 8)) + x22 := (x9 >> 8) + x23 := (x22 >> 8) + x24 := uint8((x23 >> 8)) + x25 := (x8 >> 8) + x26 := (x25 >> 8) + x27 := uint8((x26 >> 8)) + x28 := (x7 >> 8) + x29 := (x28 >> 8) + x30 := uint8((x29 >> 8)) + x31 := (x6 >> 8) + x32 := (x31 >> 8) + x33 := uint8((x32 >> 8)) + x34 := (x5 >> 8) + x35 := (x34 >> 8) + x36 := uint8((x35 >> 8)) + x37 := (x4 >> 8) + x38 := (x37 >> 8) + x39 := uint8((x38 >> 8)) + x40 := (x3 >> 8) + x41 := (x40 >> 8) + x42 := uint8((x41 >> 8)) + x43 := (x2 >> 8) + x44 := (x43 >> 8) + x45 := uint8((x44 >> 8)) + x46 := (x1 >> 8) + x47 := (x46 >> 8) + x48 := uint8((x47 >> 8)) + out1[0] = uint8(x12) + out1[1] = uint8(x13) + out1[2] = uint8(x14) + out1[3] = x15 + out1[4] = uint8(x11) + out1[5] = uint8(x16) + out1[6] = uint8(x17) + out1[7] = x18 + out1[8] = uint8(x10) + out1[9] = uint8(x19) + out1[10] = uint8(x20) + out1[11] = x21 + out1[12] = uint8(x9) + out1[13] = uint8(x22) + out1[14] = uint8(x23) + out1[15] = x24 + out1[16] = uint8(x8) + out1[17] = uint8(x25) + out1[18] = uint8(x26) + out1[19] = x27 + out1[20] = uint8(x7) + out1[21] = uint8(x28) + out1[22] = uint8(x29) + out1[23] = x30 + out1[24] = uint8(x6) + out1[25] = uint8(x31) + out1[26] = uint8(x32) + out1[27] = x33 + out1[28] = uint8(x5) + out1[29] = uint8(x34) + out1[30] = uint8(x35) + out1[31] = x36 + out1[32] = uint8(x4) + out1[33] = uint8(x37) + out1[34] = uint8(x38) + out1[35] = x39 + out1[36] = uint8(x3) + out1[37] = uint8(x40) + out1[38] = uint8(x41) + out1[39] = x42 + out1[40] = uint8(x2) + out1[41] = uint8(x43) + out1[42] = uint8(x44) + out1[43] = x45 + out1[44] = uint8(x1) + out1[45] = uint8(x46) + out1[46] = uint8(x47) + out1[47] = x48 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -10601,7 +10565,7 @@ func Msat(out1 *[13]uint32) { func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, out5 *[12]uint32, arg1 uint32, arg2 *[13]uint32, arg3 *[13]uint32, arg4 *[12]uint32, arg5 *[12]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -10903,233 +10867,232 @@ func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, cmovznzU32(&x192, x3, arg5[10], x178) var x193 uint32 cmovznzU32(&x193, x3, arg5[11], x180) - x194 := (uint1(x46) & 0x1) + var x194 uint32 + cmovznzU32(&x194, uint1(x46), uint32(0x0), x7) var x195 uint32 - cmovznzU32(&x195, x194, uint32(0x0), x7) + cmovznzU32(&x195, uint1(x46), uint32(0x0), x8) var x196 uint32 - cmovznzU32(&x196, x194, uint32(0x0), x8) + cmovznzU32(&x196, uint1(x46), uint32(0x0), x9) var x197 uint32 - cmovznzU32(&x197, x194, uint32(0x0), x9) + cmovznzU32(&x197, uint1(x46), uint32(0x0), x10) var x198 uint32 - cmovznzU32(&x198, x194, uint32(0x0), x10) + cmovznzU32(&x198, uint1(x46), uint32(0x0), x11) var x199 uint32 - cmovznzU32(&x199, x194, uint32(0x0), x11) + cmovznzU32(&x199, uint1(x46), uint32(0x0), x12) var x200 uint32 - cmovznzU32(&x200, x194, uint32(0x0), x12) + cmovznzU32(&x200, uint1(x46), uint32(0x0), x13) var x201 uint32 - cmovznzU32(&x201, x194, uint32(0x0), x13) + cmovznzU32(&x201, uint1(x46), uint32(0x0), x14) var x202 uint32 - cmovznzU32(&x202, x194, uint32(0x0), x14) + cmovznzU32(&x202, uint1(x46), uint32(0x0), x15) var x203 uint32 - cmovznzU32(&x203, x194, uint32(0x0), x15) + cmovznzU32(&x203, uint1(x46), uint32(0x0), x16) var x204 uint32 - cmovznzU32(&x204, x194, uint32(0x0), x16) + cmovznzU32(&x204, uint1(x46), uint32(0x0), x17) var x205 uint32 - cmovznzU32(&x205, x194, uint32(0x0), x17) + cmovznzU32(&x205, uint1(x46), uint32(0x0), x18) var x206 uint32 - cmovznzU32(&x206, x194, uint32(0x0), x18) + cmovznzU32(&x206, uint1(x46), uint32(0x0), x19) var x207 uint32 - cmovznzU32(&x207, x194, uint32(0x0), x19) var x208 uint32 + x207, x208 = bits.Add32(x46, x194, uint32(0x0)) var x209 uint32 - x208, x209 = bits.Add32(x46, x195, uint32(0x0)) var x210 uint32 + x209, x210 = bits.Add32(x47, x195, uint32(uint1(x208))) var x211 uint32 - x210, x211 = bits.Add32(x47, x196, uint32(uint1(x209))) var x212 uint32 + x211, x212 = bits.Add32(x48, x196, uint32(uint1(x210))) var x213 uint32 - x212, x213 = bits.Add32(x48, x197, uint32(uint1(x211))) var x214 uint32 + x213, x214 = bits.Add32(x49, x197, uint32(uint1(x212))) var x215 uint32 - x214, x215 = bits.Add32(x49, x198, uint32(uint1(x213))) var x216 uint32 + x215, x216 = bits.Add32(x50, x198, uint32(uint1(x214))) var x217 uint32 - x216, x217 = bits.Add32(x50, x199, uint32(uint1(x215))) var x218 uint32 + x217, x218 = bits.Add32(x51, x199, uint32(uint1(x216))) var x219 uint32 - x218, x219 = bits.Add32(x51, x200, uint32(uint1(x217))) var x220 uint32 + x219, x220 = bits.Add32(x52, x200, uint32(uint1(x218))) var x221 uint32 - x220, x221 = bits.Add32(x52, x201, uint32(uint1(x219))) var x222 uint32 + x221, x222 = bits.Add32(x53, x201, uint32(uint1(x220))) var x223 uint32 - x222, x223 = bits.Add32(x53, x202, uint32(uint1(x221))) var x224 uint32 + x223, x224 = bits.Add32(x54, x202, uint32(uint1(x222))) var x225 uint32 - x224, x225 = bits.Add32(x54, x203, uint32(uint1(x223))) var x226 uint32 + x225, x226 = bits.Add32(x55, x203, uint32(uint1(x224))) var x227 uint32 - x226, x227 = bits.Add32(x55, x204, uint32(uint1(x225))) var x228 uint32 + x227, x228 = bits.Add32(x56, x204, uint32(uint1(x226))) var x229 uint32 - x228, x229 = bits.Add32(x56, x205, uint32(uint1(x227))) var x230 uint32 + x229, x230 = bits.Add32(x57, x205, uint32(uint1(x228))) var x231 uint32 - x230, x231 = bits.Add32(x57, x206, uint32(uint1(x229))) - var x232 uint32 - x232, _ = bits.Add32(x58, x207, uint32(uint1(x231))) + x231, _ = bits.Add32(x58, x206, uint32(uint1(x230))) + var x233 uint32 + cmovznzU32(&x233, uint1(x46), uint32(0x0), x59) var x234 uint32 - cmovznzU32(&x234, x194, uint32(0x0), x59) + cmovznzU32(&x234, uint1(x46), uint32(0x0), x60) var x235 uint32 - cmovznzU32(&x235, x194, uint32(0x0), x60) + cmovznzU32(&x235, uint1(x46), uint32(0x0), x61) var x236 uint32 - cmovznzU32(&x236, x194, uint32(0x0), x61) + cmovznzU32(&x236, uint1(x46), uint32(0x0), x62) var x237 uint32 - cmovznzU32(&x237, x194, uint32(0x0), x62) + cmovznzU32(&x237, uint1(x46), uint32(0x0), x63) var x238 uint32 - cmovznzU32(&x238, x194, uint32(0x0), x63) + cmovznzU32(&x238, uint1(x46), uint32(0x0), x64) var x239 uint32 - cmovznzU32(&x239, x194, uint32(0x0), x64) + cmovznzU32(&x239, uint1(x46), uint32(0x0), x65) var x240 uint32 - cmovznzU32(&x240, x194, uint32(0x0), x65) + cmovznzU32(&x240, uint1(x46), uint32(0x0), x66) var x241 uint32 - cmovznzU32(&x241, x194, uint32(0x0), x66) + cmovznzU32(&x241, uint1(x46), uint32(0x0), x67) var x242 uint32 - cmovznzU32(&x242, x194, uint32(0x0), x67) + cmovznzU32(&x242, uint1(x46), uint32(0x0), x68) var x243 uint32 - cmovznzU32(&x243, x194, uint32(0x0), x68) + cmovznzU32(&x243, uint1(x46), uint32(0x0), x69) var x244 uint32 - cmovznzU32(&x244, x194, uint32(0x0), x69) + cmovznzU32(&x244, uint1(x46), uint32(0x0), x70) var x245 uint32 - cmovznzU32(&x245, x194, uint32(0x0), x70) var x246 uint32 + x245, x246 = bits.Add32(x182, x233, uint32(0x0)) var x247 uint32 - x246, x247 = bits.Add32(x182, x234, uint32(0x0)) var x248 uint32 + x247, x248 = bits.Add32(x183, x234, uint32(uint1(x246))) var x249 uint32 - x248, x249 = bits.Add32(x183, x235, uint32(uint1(x247))) var x250 uint32 + x249, x250 = bits.Add32(x184, x235, uint32(uint1(x248))) var x251 uint32 - x250, x251 = bits.Add32(x184, x236, uint32(uint1(x249))) var x252 uint32 + x251, x252 = bits.Add32(x185, x236, uint32(uint1(x250))) var x253 uint32 - x252, x253 = bits.Add32(x185, x237, uint32(uint1(x251))) var x254 uint32 + x253, x254 = bits.Add32(x186, x237, uint32(uint1(x252))) var x255 uint32 - x254, x255 = bits.Add32(x186, x238, uint32(uint1(x253))) var x256 uint32 + x255, x256 = bits.Add32(x187, x238, uint32(uint1(x254))) var x257 uint32 - x256, x257 = bits.Add32(x187, x239, uint32(uint1(x255))) var x258 uint32 + x257, x258 = bits.Add32(x188, x239, uint32(uint1(x256))) var x259 uint32 - x258, x259 = bits.Add32(x188, x240, uint32(uint1(x257))) var x260 uint32 + x259, x260 = bits.Add32(x189, x240, uint32(uint1(x258))) var x261 uint32 - x260, x261 = bits.Add32(x189, x241, uint32(uint1(x259))) var x262 uint32 + x261, x262 = bits.Add32(x190, x241, uint32(uint1(x260))) var x263 uint32 - x262, x263 = bits.Add32(x190, x242, uint32(uint1(x261))) var x264 uint32 + x263, x264 = bits.Add32(x191, x242, uint32(uint1(x262))) var x265 uint32 - x264, x265 = bits.Add32(x191, x243, uint32(uint1(x263))) var x266 uint32 + x265, x266 = bits.Add32(x192, x243, uint32(uint1(x264))) var x267 uint32 - x266, x267 = bits.Add32(x192, x244, uint32(uint1(x265))) var x268 uint32 + x267, x268 = bits.Add32(x193, x244, uint32(uint1(x266))) var x269 uint32 - x268, x269 = bits.Add32(x193, x245, uint32(uint1(x267))) var x270 uint32 + x269, x270 = bits.Sub32(x245, 0xccc52973, uint32(0x0)) var x271 uint32 - x270, x271 = bits.Sub32(x246, 0xccc52973, uint32(0x0)) var x272 uint32 + x271, x272 = bits.Sub32(x247, 0xecec196a, uint32(uint1(x270))) var x273 uint32 - x272, x273 = bits.Sub32(x248, 0xecec196a, uint32(uint1(x271))) var x274 uint32 + x273, x274 = bits.Sub32(x249, 0x48b0a77a, uint32(uint1(x272))) var x275 uint32 - x274, x275 = bits.Sub32(x250, 0x48b0a77a, uint32(uint1(x273))) var x276 uint32 + x275, x276 = bits.Sub32(x251, 0x581a0db2, uint32(uint1(x274))) var x277 uint32 - x276, x277 = bits.Sub32(x252, 0x581a0db2, uint32(uint1(x275))) var x278 uint32 + x277, x278 = bits.Sub32(x253, 0xf4372ddf, uint32(uint1(x276))) var x279 uint32 - x278, x279 = bits.Sub32(x254, 0xf4372ddf, uint32(uint1(x277))) var x280 uint32 + x279, x280 = bits.Sub32(x255, 0xc7634d81, uint32(uint1(x278))) var x281 uint32 - x280, x281 = bits.Sub32(x256, 0xc7634d81, uint32(uint1(x279))) var x282 uint32 + x281, x282 = bits.Sub32(x257, 0xffffffff, uint32(uint1(x280))) var x283 uint32 - x282, x283 = bits.Sub32(x258, 0xffffffff, uint32(uint1(x281))) var x284 uint32 + x283, x284 = bits.Sub32(x259, 0xffffffff, uint32(uint1(x282))) var x285 uint32 - x284, x285 = bits.Sub32(x260, 0xffffffff, uint32(uint1(x283))) var x286 uint32 + x285, x286 = bits.Sub32(x261, 0xffffffff, uint32(uint1(x284))) var x287 uint32 - x286, x287 = bits.Sub32(x262, 0xffffffff, uint32(uint1(x285))) var x288 uint32 + x287, x288 = bits.Sub32(x263, 0xffffffff, uint32(uint1(x286))) var x289 uint32 - x288, x289 = bits.Sub32(x264, 0xffffffff, uint32(uint1(x287))) var x290 uint32 + x289, x290 = bits.Sub32(x265, 0xffffffff, uint32(uint1(x288))) var x291 uint32 - x290, x291 = bits.Sub32(x266, 0xffffffff, uint32(uint1(x289))) var x292 uint32 - var x293 uint32 - x292, x293 = bits.Sub32(x268, 0xffffffff, uint32(uint1(x291))) + x291, x292 = bits.Sub32(x267, 0xffffffff, uint32(uint1(x290))) + var x294 uint32 + _, x294 = bits.Sub32(uint32(uint1(x268)), uint32(0x0), uint32(uint1(x292))) var x295 uint32 - _, x295 = bits.Sub32(uint32(uint1(x269)), uint32(0x0), uint32(uint1(x293))) - var x296 uint32 - x296, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x298 := ((x208 >> 1) | ((x210 << 31) & 0xffffffff)) - x299 := ((x210 >> 1) | ((x212 << 31) & 0xffffffff)) - x300 := ((x212 >> 1) | ((x214 << 31) & 0xffffffff)) - x301 := ((x214 >> 1) | ((x216 << 31) & 0xffffffff)) - x302 := ((x216 >> 1) | ((x218 << 31) & 0xffffffff)) - x303 := ((x218 >> 1) | ((x220 << 31) & 0xffffffff)) - x304 := ((x220 >> 1) | ((x222 << 31) & 0xffffffff)) - x305 := ((x222 >> 1) | ((x224 << 31) & 0xffffffff)) - x306 := ((x224 >> 1) | ((x226 << 31) & 0xffffffff)) - x307 := ((x226 >> 1) | ((x228 << 31) & 0xffffffff)) - x308 := ((x228 >> 1) | ((x230 << 31) & 0xffffffff)) - x309 := ((x230 >> 1) | ((x232 << 31) & 0xffffffff)) - x310 := ((x232 & 0x80000000) | (x232 >> 1)) + x295, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x297 := ((x207 >> 1) | ((x209 << 31) & 0xffffffff)) + x298 := ((x209 >> 1) | ((x211 << 31) & 0xffffffff)) + x299 := ((x211 >> 1) | ((x213 << 31) & 0xffffffff)) + x300 := ((x213 >> 1) | ((x215 << 31) & 0xffffffff)) + x301 := ((x215 >> 1) | ((x217 << 31) & 0xffffffff)) + x302 := ((x217 >> 1) | ((x219 << 31) & 0xffffffff)) + x303 := ((x219 >> 1) | ((x221 << 31) & 0xffffffff)) + x304 := ((x221 >> 1) | ((x223 << 31) & 0xffffffff)) + x305 := ((x223 >> 1) | ((x225 << 31) & 0xffffffff)) + x306 := ((x225 >> 1) | ((x227 << 31) & 0xffffffff)) + x307 := ((x227 >> 1) | ((x229 << 31) & 0xffffffff)) + x308 := ((x229 >> 1) | ((x231 << 31) & 0xffffffff)) + x309 := ((x231 & 0x80000000) | (x231 >> 1)) + var x310 uint32 + cmovznzU32(&x310, uint1(x120), x95, x71) var x311 uint32 - cmovznzU32(&x311, uint1(x120), x95, x71) + cmovznzU32(&x311, uint1(x120), x97, x73) var x312 uint32 - cmovznzU32(&x312, uint1(x120), x97, x73) + cmovznzU32(&x312, uint1(x120), x99, x75) var x313 uint32 - cmovznzU32(&x313, uint1(x120), x99, x75) + cmovznzU32(&x313, uint1(x120), x101, x77) var x314 uint32 - cmovznzU32(&x314, uint1(x120), x101, x77) + cmovznzU32(&x314, uint1(x120), x103, x79) var x315 uint32 - cmovznzU32(&x315, uint1(x120), x103, x79) + cmovznzU32(&x315, uint1(x120), x105, x81) var x316 uint32 - cmovznzU32(&x316, uint1(x120), x105, x81) + cmovznzU32(&x316, uint1(x120), x107, x83) var x317 uint32 - cmovznzU32(&x317, uint1(x120), x107, x83) + cmovznzU32(&x317, uint1(x120), x109, x85) var x318 uint32 - cmovznzU32(&x318, uint1(x120), x109, x85) + cmovznzU32(&x318, uint1(x120), x111, x87) var x319 uint32 - cmovznzU32(&x319, uint1(x120), x111, x87) + cmovznzU32(&x319, uint1(x120), x113, x89) var x320 uint32 - cmovznzU32(&x320, uint1(x120), x113, x89) + cmovznzU32(&x320, uint1(x120), x115, x91) var x321 uint32 - cmovznzU32(&x321, uint1(x120), x115, x91) + cmovznzU32(&x321, uint1(x120), x117, x93) var x322 uint32 - cmovznzU32(&x322, uint1(x120), x117, x93) + cmovznzU32(&x322, uint1(x294), x269, x245) var x323 uint32 - cmovznzU32(&x323, uint1(x295), x270, x246) + cmovznzU32(&x323, uint1(x294), x271, x247) var x324 uint32 - cmovznzU32(&x324, uint1(x295), x272, x248) + cmovznzU32(&x324, uint1(x294), x273, x249) var x325 uint32 - cmovznzU32(&x325, uint1(x295), x274, x250) + cmovznzU32(&x325, uint1(x294), x275, x251) var x326 uint32 - cmovznzU32(&x326, uint1(x295), x276, x252) + cmovznzU32(&x326, uint1(x294), x277, x253) var x327 uint32 - cmovznzU32(&x327, uint1(x295), x278, x254) + cmovznzU32(&x327, uint1(x294), x279, x255) var x328 uint32 - cmovznzU32(&x328, uint1(x295), x280, x256) + cmovznzU32(&x328, uint1(x294), x281, x257) var x329 uint32 - cmovznzU32(&x329, uint1(x295), x282, x258) + cmovznzU32(&x329, uint1(x294), x283, x259) var x330 uint32 - cmovznzU32(&x330, uint1(x295), x284, x260) + cmovznzU32(&x330, uint1(x294), x285, x261) var x331 uint32 - cmovznzU32(&x331, uint1(x295), x286, x262) + cmovznzU32(&x331, uint1(x294), x287, x263) var x332 uint32 - cmovznzU32(&x332, uint1(x295), x288, x264) + cmovznzU32(&x332, uint1(x294), x289, x265) var x333 uint32 - cmovznzU32(&x333, uint1(x295), x290, x266) - var x334 uint32 - cmovznzU32(&x334, uint1(x295), x292, x268) - *out1 = x296 + cmovznzU32(&x333, uint1(x294), x291, x267) + *out1 = x295 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -11143,43 +11106,43 @@ func Divstep(out1 *uint32, out2 *[13]uint32, out3 *[13]uint32, out4 *[12]uint32, out2[10] = x17 out2[11] = x18 out2[12] = x19 - out3[0] = x298 - out3[1] = x299 - out3[2] = x300 - out3[3] = x301 - out3[4] = x302 - out3[5] = x303 - out3[6] = x304 - out3[7] = x305 - out3[8] = x306 - out3[9] = x307 - out3[10] = x308 - out3[11] = x309 - out3[12] = x310 - out4[0] = x311 - out4[1] = x312 - out4[2] = x313 - out4[3] = x314 - out4[4] = x315 - out4[5] = x316 - out4[6] = x317 - out4[7] = x318 - out4[8] = x319 - out4[9] = x320 - out4[10] = x321 - out4[11] = x322 - out5[0] = x323 - out5[1] = x324 - out5[2] = x325 - out5[3] = x326 - out5[4] = x327 - out5[5] = x328 - out5[6] = x329 - out5[7] = x330 - out5[8] = x331 - out5[9] = x332 - out5[10] = x333 - out5[11] = x334 + out3[0] = x297 + out3[1] = x298 + out3[2] = x299 + out3[3] = x300 + out3[4] = x301 + out3[5] = x302 + out3[6] = x303 + out3[7] = x304 + out3[8] = x305 + out3[9] = x306 + out3[10] = x307 + out3[11] = x308 + out3[12] = x309 + out4[0] = x310 + out4[1] = x311 + out4[2] = x312 + out4[3] = x313 + out4[4] = x314 + out4[5] = x315 + out4[6] = x316 + out4[7] = x317 + out4[8] = x318 + out4[9] = x319 + out4[10] = x320 + out4[11] = x321 + out5[0] = x322 + out5[1] = x323 + out5[2] = x324 + out5[3] = x325 + out5[4] = x326 + out5[5] = x327 + out5[6] = x328 + out5[7] = x329 + out5[8] = x330 + out5[9] = x331 + out5[10] = x332 + out5[11] = x333 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/p521/p521.go b/fiat-go/32/p521/p521.go index c6433ac5cc..c074a4f504 100644 --- a/fiat-go/32/p521/p521.go +++ b/fiat-go/32/p521/p521.go @@ -1366,214 +1366,151 @@ func ToBytes(out1 *[66]uint8, arg1 *TightFieldElement) { x91 := (x46 << 3) x92 := (uint64(x44) << 7) x93 := (x42 << 4) - x94 := (uint8(x40) & 0xff) - x95 := (x40 >> 8) - x96 := (uint8(x95) & 0xff) - x97 := (x95 >> 8) - x98 := (uint8(x97) & 0xff) - x99 := uint8((x97 >> 8)) - x100 := (x93 + uint32(x99)) - x101 := (uint8(x100) & 0xff) - x102 := (x100 >> 8) - x103 := (uint8(x102) & 0xff) - x104 := (x102 >> 8) - x105 := (uint8(x104) & 0xff) - x106 := uint8((x104 >> 8)) - x107 := (x92 + uint64(x106)) - x108 := (uint8(x107) & 0xff) - x109 := uint32((x107 >> 8)) - x110 := (uint8(x109) & 0xff) - x111 := (x109 >> 8) - x112 := (uint8(x111) & 0xff) - x113 := (x111 >> 8) - x114 := (uint8(x113) & 0xff) - x115 := uint8((x113 >> 8)) - x116 := (x91 + uint32(x115)) - x117 := (uint8(x116) & 0xff) - x118 := (x116 >> 8) - x119 := (uint8(x118) & 0xff) - x120 := (x118 >> 8) - x121 := (uint8(x120) & 0xff) - x122 := uint8((x120 >> 8)) - x123 := (x90 + uint64(x122)) - x124 := (uint8(x123) & 0xff) - x125 := uint32((x123 >> 8)) - x126 := (uint8(x125) & 0xff) - x127 := (x125 >> 8) - x128 := (uint8(x127) & 0xff) - x129 := (x127 >> 8) - x130 := (uint8(x129) & 0xff) - x131 := uint8((x129 >> 8)) - x132 := (x89 + uint32(x131)) - x133 := (uint8(x132) & 0xff) - x134 := (x132 >> 8) - x135 := (uint8(x134) & 0xff) - x136 := (x134 >> 8) - x137 := (uint8(x136) & 0xff) - x138 := uint8((x136 >> 8)) - x139 := (x88 + uint32(x138)) - x140 := (uint8(x139) & 0xff) - x141 := (x139 >> 8) - x142 := (uint8(x141) & 0xff) - x143 := (x141 >> 8) - x144 := (uint8(x143) & 0xff) - x145 := uint8((x143 >> 8)) - x146 := (uint8(x54) & 0xff) - x147 := (x54 >> 8) - x148 := (uint8(x147) & 0xff) - x149 := (x147 >> 8) - x150 := (uint8(x149) & 0xff) - x151 := uint8((x149 >> 8)) - x152 := (x87 + uint32(x151)) - x153 := (uint8(x152) & 0xff) - x154 := (x152 >> 8) - x155 := (uint8(x154) & 0xff) - x156 := (x154 >> 8) - x157 := (uint8(x156) & 0xff) - x158 := uint8((x156 >> 8)) - x159 := (x86 + uint64(x158)) - x160 := (uint8(x159) & 0xff) - x161 := uint32((x159 >> 8)) - x162 := (uint8(x161) & 0xff) - x163 := (x161 >> 8) - x164 := (uint8(x163) & 0xff) - x165 := (x163 >> 8) - x166 := (uint8(x165) & 0xff) - x167 := uint8((x165 >> 8)) - x168 := (x85 + uint32(x167)) - x169 := (uint8(x168) & 0xff) - x170 := (x168 >> 8) - x171 := (uint8(x170) & 0xff) - x172 := (x170 >> 8) - x173 := (uint8(x172) & 0xff) - x174 := uint8((x172 >> 8)) - x175 := (x84 + uint64(x174)) - x176 := (uint8(x175) & 0xff) - x177 := uint32((x175 >> 8)) - x178 := (uint8(x177) & 0xff) - x179 := (x177 >> 8) - x180 := (uint8(x179) & 0xff) - x181 := (x179 >> 8) - x182 := (uint8(x181) & 0xff) - x183 := uint8((x181 >> 8)) - x184 := (x83 + uint32(x183)) - x185 := (uint8(x184) & 0xff) - x186 := (x184 >> 8) - x187 := (uint8(x186) & 0xff) - x188 := (x186 >> 8) - x189 := (uint8(x188) & 0xff) - x190 := uint8((x188 >> 8)) - x191 := (x82 + uint32(x190)) - x192 := (uint8(x191) & 0xff) - x193 := (x191 >> 8) - x194 := (uint8(x193) & 0xff) - x195 := (x193 >> 8) - x196 := (uint8(x195) & 0xff) - x197 := uint8((x195 >> 8)) - x198 := (uint8(x68) & 0xff) - x199 := (x68 >> 8) - x200 := (uint8(x199) & 0xff) - x201 := (x199 >> 8) - x202 := (uint8(x201) & 0xff) - x203 := uint8((x201 >> 8)) - x204 := (x81 + uint32(x203)) - x205 := (uint8(x204) & 0xff) - x206 := (x204 >> 8) - x207 := (uint8(x206) & 0xff) - x208 := (x206 >> 8) - x209 := (uint8(x208) & 0xff) - x210 := uint8((x208 >> 8)) - x211 := (x80 + uint64(x210)) - x212 := (uint8(x211) & 0xff) - x213 := uint32((x211 >> 8)) - x214 := (uint8(x213) & 0xff) - x215 := (x213 >> 8) - x216 := (uint8(x215) & 0xff) - x217 := (x215 >> 8) - x218 := (uint8(x217) & 0xff) - x219 := uint8((x217 >> 8)) - x220 := (x79 + uint32(x219)) - x221 := (uint8(x220) & 0xff) - x222 := (x220 >> 8) - x223 := (uint8(x222) & 0xff) - x224 := (x222 >> 8) - x225 := (uint8(x224) & 0xff) - x226 := uint8((x224 >> 8)) - x227 := (x78 + uint64(x226)) - x228 := (uint8(x227) & 0xff) - x229 := uint32((x227 >> 8)) - x230 := (uint8(x229) & 0xff) - x231 := (x229 >> 8) - x232 := (uint8(x231) & 0xff) - x233 := (x231 >> 8) - x234 := (uint8(x233) & 0xff) - x235 := uint1((x233 >> 8)) - out1[0] = x94 - out1[1] = x96 - out1[2] = x98 - out1[3] = x101 - out1[4] = x103 - out1[5] = x105 - out1[6] = x108 - out1[7] = x110 - out1[8] = x112 - out1[9] = x114 - out1[10] = x117 - out1[11] = x119 - out1[12] = x121 - out1[13] = x124 - out1[14] = x126 - out1[15] = x128 - out1[16] = x130 - out1[17] = x133 - out1[18] = x135 - out1[19] = x137 - out1[20] = x140 - out1[21] = x142 - out1[22] = x144 - out1[23] = x145 - out1[24] = x146 - out1[25] = x148 - out1[26] = x150 - out1[27] = x153 - out1[28] = x155 - out1[29] = x157 - out1[30] = x160 - out1[31] = x162 - out1[32] = x164 - out1[33] = x166 - out1[34] = x169 - out1[35] = x171 - out1[36] = x173 - out1[37] = x176 - out1[38] = x178 - out1[39] = x180 - out1[40] = x182 - out1[41] = x185 - out1[42] = x187 - out1[43] = x189 - out1[44] = x192 - out1[45] = x194 - out1[46] = x196 - out1[47] = x197 - out1[48] = x198 - out1[49] = x200 - out1[50] = x202 - out1[51] = x205 - out1[52] = x207 - out1[53] = x209 - out1[54] = x212 - out1[55] = x214 - out1[56] = x216 - out1[57] = x218 - out1[58] = x221 - out1[59] = x223 - out1[60] = x225 - out1[61] = x228 - out1[62] = x230 - out1[63] = x232 - out1[64] = x234 - out1[65] = uint8(x235) + x94 := (x40 >> 8) + x95 := (x94 >> 8) + x96 := uint8((x95 >> 8)) + x97 := (x93 + uint32(x96)) + x98 := (x97 >> 8) + x99 := (x98 >> 8) + x100 := uint8((x99 >> 8)) + x101 := (x92 + uint64(x100)) + x102 := uint32((x101 >> 8)) + x103 := (x102 >> 8) + x104 := (x103 >> 8) + x105 := uint8((x104 >> 8)) + x106 := (x91 + uint32(x105)) + x107 := (x106 >> 8) + x108 := (x107 >> 8) + x109 := uint8((x108 >> 8)) + x110 := (x90 + uint64(x109)) + x111 := uint32((x110 >> 8)) + x112 := (x111 >> 8) + x113 := (x112 >> 8) + x114 := uint8((x113 >> 8)) + x115 := (x89 + uint32(x114)) + x116 := (x115 >> 8) + x117 := (x116 >> 8) + x118 := uint8((x117 >> 8)) + x119 := (x88 + uint32(x118)) + x120 := (x119 >> 8) + x121 := (x120 >> 8) + x122 := uint8((x121 >> 8)) + x123 := (x54 >> 8) + x124 := (x123 >> 8) + x125 := uint8((x124 >> 8)) + x126 := (x87 + uint32(x125)) + x127 := (x126 >> 8) + x128 := (x127 >> 8) + x129 := uint8((x128 >> 8)) + x130 := (x86 + uint64(x129)) + x131 := uint32((x130 >> 8)) + x132 := (x131 >> 8) + x133 := (x132 >> 8) + x134 := uint8((x133 >> 8)) + x135 := (x85 + uint32(x134)) + x136 := (x135 >> 8) + x137 := (x136 >> 8) + x138 := uint8((x137 >> 8)) + x139 := (x84 + uint64(x138)) + x140 := uint32((x139 >> 8)) + x141 := (x140 >> 8) + x142 := (x141 >> 8) + x143 := uint8((x142 >> 8)) + x144 := (x83 + uint32(x143)) + x145 := (x144 >> 8) + x146 := (x145 >> 8) + x147 := uint8((x146 >> 8)) + x148 := (x82 + uint32(x147)) + x149 := (x148 >> 8) + x150 := (x149 >> 8) + x151 := uint8((x150 >> 8)) + x152 := (x68 >> 8) + x153 := (x152 >> 8) + x154 := uint8((x153 >> 8)) + x155 := (x81 + uint32(x154)) + x156 := (x155 >> 8) + x157 := (x156 >> 8) + x158 := uint8((x157 >> 8)) + x159 := (x80 + uint64(x158)) + x160 := uint32((x159 >> 8)) + x161 := (x160 >> 8) + x162 := (x161 >> 8) + x163 := uint8((x162 >> 8)) + x164 := (x79 + uint32(x163)) + x165 := (x164 >> 8) + x166 := (x165 >> 8) + x167 := uint8((x166 >> 8)) + x168 := (x78 + uint64(x167)) + x169 := uint32((x168 >> 8)) + x170 := (x169 >> 8) + x171 := (x170 >> 8) + x172 := uint1((x171 >> 8)) + out1[0] = uint8(x40) + out1[1] = uint8(x94) + out1[2] = uint8(x95) + out1[3] = uint8(x97) + out1[4] = uint8(x98) + out1[5] = uint8(x99) + out1[6] = uint8(x101) + out1[7] = uint8(x102) + out1[8] = uint8(x103) + out1[9] = uint8(x104) + out1[10] = uint8(x106) + out1[11] = uint8(x107) + out1[12] = uint8(x108) + out1[13] = uint8(x110) + out1[14] = uint8(x111) + out1[15] = uint8(x112) + out1[16] = uint8(x113) + out1[17] = uint8(x115) + out1[18] = uint8(x116) + out1[19] = uint8(x117) + out1[20] = uint8(x119) + out1[21] = uint8(x120) + out1[22] = uint8(x121) + out1[23] = x122 + out1[24] = uint8(x54) + out1[25] = uint8(x123) + out1[26] = uint8(x124) + out1[27] = uint8(x126) + out1[28] = uint8(x127) + out1[29] = uint8(x128) + out1[30] = uint8(x130) + out1[31] = uint8(x131) + out1[32] = uint8(x132) + out1[33] = uint8(x133) + out1[34] = uint8(x135) + out1[35] = uint8(x136) + out1[36] = uint8(x137) + out1[37] = uint8(x139) + out1[38] = uint8(x140) + out1[39] = uint8(x141) + out1[40] = uint8(x142) + out1[41] = uint8(x144) + out1[42] = uint8(x145) + out1[43] = uint8(x146) + out1[44] = uint8(x148) + out1[45] = uint8(x149) + out1[46] = uint8(x150) + out1[47] = x151 + out1[48] = uint8(x68) + out1[49] = uint8(x152) + out1[50] = uint8(x153) + out1[51] = uint8(x155) + out1[52] = uint8(x156) + out1[53] = uint8(x157) + out1[54] = uint8(x159) + out1[55] = uint8(x160) + out1[56] = uint8(x161) + out1[57] = uint8(x162) + out1[58] = uint8(x164) + out1[59] = uint8(x165) + out1[60] = uint8(x166) + out1[61] = uint8(x168) + out1[62] = uint8(x169) + out1[63] = uint8(x170) + out1[64] = uint8(x171) + out1[65] = uint8(x172) } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/32/poly1305/poly1305.go b/fiat-go/32/poly1305/poly1305.go index 6232d4f6f5..0b8df826c3 100644 --- a/fiat-go/32/poly1305/poly1305.go +++ b/fiat-go/32/poly1305/poly1305.go @@ -382,56 +382,41 @@ func ToBytes(out1 *[17]uint8, arg1 *TightFieldElement) { x22 := (x18 << 6) x23 := (x16 << 4) x24 := (x14 << 2) - x25 := (uint8(x12) & 0xff) - x26 := (x12 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := uint8((x28 >> 8)) - x31 := (x24 + uint32(x30)) - x32 := (uint8(x31) & 0xff) - x33 := (x31 >> 8) - x34 := (uint8(x33) & 0xff) - x35 := (x33 >> 8) - x36 := (uint8(x35) & 0xff) - x37 := uint8((x35 >> 8)) - x38 := (x23 + uint32(x37)) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (x22 + uint32(x44)) - x46 := (uint8(x45) & 0xff) - x47 := (x45 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := (x47 >> 8) - x50 := (uint8(x49) & 0xff) - x51 := uint8((x49 >> 8)) - x52 := (uint8(x20) & 0xff) - x53 := (x20 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := (x53 >> 8) - x56 := (uint8(x55) & 0xff) - x57 := uint8((x55 >> 8)) - out1[0] = x25 - out1[1] = x27 - out1[2] = x29 - out1[3] = x32 - out1[4] = x34 - out1[5] = x36 - out1[6] = x39 - out1[7] = x41 - out1[8] = x43 - out1[9] = x46 - out1[10] = x48 - out1[11] = x50 - out1[12] = x51 - out1[13] = x52 - out1[14] = x54 - out1[15] = x56 - out1[16] = x57 + x25 := (x12 >> 8) + x26 := (x25 >> 8) + x27 := uint8((x26 >> 8)) + x28 := (x24 + uint32(x27)) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := uint8((x30 >> 8)) + x32 := (x23 + uint32(x31)) + x33 := (x32 >> 8) + x34 := (x33 >> 8) + x35 := uint8((x34 >> 8)) + x36 := (x22 + uint32(x35)) + x37 := (x36 >> 8) + x38 := (x37 >> 8) + x39 := uint8((x38 >> 8)) + x40 := (x20 >> 8) + x41 := (x40 >> 8) + x42 := uint8((x41 >> 8)) + out1[0] = uint8(x12) + out1[1] = uint8(x25) + out1[2] = uint8(x26) + out1[3] = uint8(x28) + out1[4] = uint8(x29) + out1[5] = uint8(x30) + out1[6] = uint8(x32) + out1[7] = uint8(x33) + out1[8] = uint8(x34) + out1[9] = uint8(x36) + out1[10] = uint8(x37) + out1[11] = uint8(x38) + out1[12] = x39 + out1[13] = uint8(x20) + out1[14] = uint8(x40) + out1[15] = uint8(x41) + out1[16] = x42 } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/32/secp256k1montgomery/secp256k1montgomery.go b/fiat-go/32/secp256k1montgomery/secp256k1montgomery.go index 33c63e7b3e..e6a596474f 100644 --- a/fiat-go/32/secp256k1montgomery/secp256k1montgomery.go +++ b/fiat-go/32/secp256k1montgomery/secp256k1montgomery.go @@ -4552,86 +4552,62 @@ func ToBytes(out1 *[32]uint8, arg1 *[8]uint32) { x6 := arg1[2] x7 := arg1[1] x8 := arg1[0] - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := uint8((x12 >> 8)) - x15 := (uint8(x7) & 0xff) - x16 := (x7 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x6) & 0xff) - x22 := (x6 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := uint8((x24 >> 8)) - x27 := (uint8(x5) & 0xff) - x28 := (x5 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x4) & 0xff) - x34 := (x4 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := uint8((x36 >> 8)) - x39 := (uint8(x3) & 0xff) - x40 := (x3 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (uint8(x2) & 0xff) - x46 := (x2 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (uint8(x1) & 0xff) - x52 := (x1 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := uint8((x54 >> 8)) - out1[0] = x9 - out1[1] = x11 - out1[2] = x13 - out1[3] = x14 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x26 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x38 - out1[20] = x39 - out1[21] = x41 - out1[22] = x43 - out1[23] = x44 - out1[24] = x45 - out1[25] = x47 - out1[26] = x49 - out1[27] = x50 - out1[28] = x51 - out1[29] = x53 - out1[30] = x55 - out1[31] = x56 + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x7 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := uint8((x16 >> 8)) + x18 := (x5 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := uint8((x22 >> 8)) + x24 := (x3 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x2 >> 8) + x28 := (x27 >> 8) + x29 := uint8((x28 >> 8)) + x30 := (x1 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x9) + out1[2] = uint8(x10) + out1[3] = x11 + out1[4] = uint8(x7) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = x17 + out1[12] = uint8(x5) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = x23 + out1[20] = uint8(x3) + out1[21] = uint8(x24) + out1[22] = uint8(x25) + out1[23] = x26 + out1[24] = uint8(x2) + out1[25] = uint8(x27) + out1[26] = uint8(x28) + out1[27] = x29 + out1[28] = uint8(x1) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4781,7 +4757,7 @@ func Msat(out1 *[9]uint32) { func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, out5 *[8]uint32, arg1 uint32, arg2 *[9]uint32, arg3 *[9]uint32, arg4 *[8]uint32, arg5 *[8]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -4987,161 +4963,160 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou cmovznzU32(&x132, x3, arg5[6], x122) var x133 uint32 cmovznzU32(&x133, x3, arg5[7], x124) - x134 := (uint1(x34) & 0x1) + var x134 uint32 + cmovznzU32(&x134, uint1(x34), uint32(0x0), x7) var x135 uint32 - cmovznzU32(&x135, x134, uint32(0x0), x7) + cmovznzU32(&x135, uint1(x34), uint32(0x0), x8) var x136 uint32 - cmovznzU32(&x136, x134, uint32(0x0), x8) + cmovznzU32(&x136, uint1(x34), uint32(0x0), x9) var x137 uint32 - cmovznzU32(&x137, x134, uint32(0x0), x9) + cmovznzU32(&x137, uint1(x34), uint32(0x0), x10) var x138 uint32 - cmovznzU32(&x138, x134, uint32(0x0), x10) + cmovznzU32(&x138, uint1(x34), uint32(0x0), x11) var x139 uint32 - cmovznzU32(&x139, x134, uint32(0x0), x11) + cmovznzU32(&x139, uint1(x34), uint32(0x0), x12) var x140 uint32 - cmovznzU32(&x140, x134, uint32(0x0), x12) + cmovznzU32(&x140, uint1(x34), uint32(0x0), x13) var x141 uint32 - cmovznzU32(&x141, x134, uint32(0x0), x13) + cmovznzU32(&x141, uint1(x34), uint32(0x0), x14) var x142 uint32 - cmovznzU32(&x142, x134, uint32(0x0), x14) + cmovznzU32(&x142, uint1(x34), uint32(0x0), x15) var x143 uint32 - cmovznzU32(&x143, x134, uint32(0x0), x15) var x144 uint32 + x143, x144 = bits.Add32(x34, x134, uint32(0x0)) var x145 uint32 - x144, x145 = bits.Add32(x34, x135, uint32(0x0)) var x146 uint32 + x145, x146 = bits.Add32(x35, x135, uint32(uint1(x144))) var x147 uint32 - x146, x147 = bits.Add32(x35, x136, uint32(uint1(x145))) var x148 uint32 + x147, x148 = bits.Add32(x36, x136, uint32(uint1(x146))) var x149 uint32 - x148, x149 = bits.Add32(x36, x137, uint32(uint1(x147))) var x150 uint32 + x149, x150 = bits.Add32(x37, x137, uint32(uint1(x148))) var x151 uint32 - x150, x151 = bits.Add32(x37, x138, uint32(uint1(x149))) var x152 uint32 + x151, x152 = bits.Add32(x38, x138, uint32(uint1(x150))) var x153 uint32 - x152, x153 = bits.Add32(x38, x139, uint32(uint1(x151))) var x154 uint32 + x153, x154 = bits.Add32(x39, x139, uint32(uint1(x152))) var x155 uint32 - x154, x155 = bits.Add32(x39, x140, uint32(uint1(x153))) var x156 uint32 + x155, x156 = bits.Add32(x40, x140, uint32(uint1(x154))) var x157 uint32 - x156, x157 = bits.Add32(x40, x141, uint32(uint1(x155))) var x158 uint32 + x157, x158 = bits.Add32(x41, x141, uint32(uint1(x156))) var x159 uint32 - x158, x159 = bits.Add32(x41, x142, uint32(uint1(x157))) - var x160 uint32 - x160, _ = bits.Add32(x42, x143, uint32(uint1(x159))) + x159, _ = bits.Add32(x42, x142, uint32(uint1(x158))) + var x161 uint32 + cmovznzU32(&x161, uint1(x34), uint32(0x0), x43) var x162 uint32 - cmovznzU32(&x162, x134, uint32(0x0), x43) + cmovznzU32(&x162, uint1(x34), uint32(0x0), x44) var x163 uint32 - cmovznzU32(&x163, x134, uint32(0x0), x44) + cmovznzU32(&x163, uint1(x34), uint32(0x0), x45) var x164 uint32 - cmovznzU32(&x164, x134, uint32(0x0), x45) + cmovznzU32(&x164, uint1(x34), uint32(0x0), x46) var x165 uint32 - cmovznzU32(&x165, x134, uint32(0x0), x46) + cmovznzU32(&x165, uint1(x34), uint32(0x0), x47) var x166 uint32 - cmovznzU32(&x166, x134, uint32(0x0), x47) + cmovznzU32(&x166, uint1(x34), uint32(0x0), x48) var x167 uint32 - cmovznzU32(&x167, x134, uint32(0x0), x48) + cmovznzU32(&x167, uint1(x34), uint32(0x0), x49) var x168 uint32 - cmovznzU32(&x168, x134, uint32(0x0), x49) + cmovznzU32(&x168, uint1(x34), uint32(0x0), x50) var x169 uint32 - cmovznzU32(&x169, x134, uint32(0x0), x50) var x170 uint32 + x169, x170 = bits.Add32(x126, x161, uint32(0x0)) var x171 uint32 - x170, x171 = bits.Add32(x126, x162, uint32(0x0)) var x172 uint32 + x171, x172 = bits.Add32(x127, x162, uint32(uint1(x170))) var x173 uint32 - x172, x173 = bits.Add32(x127, x163, uint32(uint1(x171))) var x174 uint32 + x173, x174 = bits.Add32(x128, x163, uint32(uint1(x172))) var x175 uint32 - x174, x175 = bits.Add32(x128, x164, uint32(uint1(x173))) var x176 uint32 + x175, x176 = bits.Add32(x129, x164, uint32(uint1(x174))) var x177 uint32 - x176, x177 = bits.Add32(x129, x165, uint32(uint1(x175))) var x178 uint32 + x177, x178 = bits.Add32(x130, x165, uint32(uint1(x176))) var x179 uint32 - x178, x179 = bits.Add32(x130, x166, uint32(uint1(x177))) var x180 uint32 + x179, x180 = bits.Add32(x131, x166, uint32(uint1(x178))) var x181 uint32 - x180, x181 = bits.Add32(x131, x167, uint32(uint1(x179))) var x182 uint32 + x181, x182 = bits.Add32(x132, x167, uint32(uint1(x180))) var x183 uint32 - x182, x183 = bits.Add32(x132, x168, uint32(uint1(x181))) var x184 uint32 + x183, x184 = bits.Add32(x133, x168, uint32(uint1(x182))) var x185 uint32 - x184, x185 = bits.Add32(x133, x169, uint32(uint1(x183))) var x186 uint32 + x185, x186 = bits.Sub32(x169, 0xfffffc2f, uint32(0x0)) var x187 uint32 - x186, x187 = bits.Sub32(x170, 0xfffffc2f, uint32(0x0)) var x188 uint32 + x187, x188 = bits.Sub32(x171, 0xfffffffe, uint32(uint1(x186))) var x189 uint32 - x188, x189 = bits.Sub32(x172, 0xfffffffe, uint32(uint1(x187))) var x190 uint32 + x189, x190 = bits.Sub32(x173, 0xffffffff, uint32(uint1(x188))) var x191 uint32 - x190, x191 = bits.Sub32(x174, 0xffffffff, uint32(uint1(x189))) var x192 uint32 + x191, x192 = bits.Sub32(x175, 0xffffffff, uint32(uint1(x190))) var x193 uint32 - x192, x193 = bits.Sub32(x176, 0xffffffff, uint32(uint1(x191))) var x194 uint32 + x193, x194 = bits.Sub32(x177, 0xffffffff, uint32(uint1(x192))) var x195 uint32 - x194, x195 = bits.Sub32(x178, 0xffffffff, uint32(uint1(x193))) var x196 uint32 + x195, x196 = bits.Sub32(x179, 0xffffffff, uint32(uint1(x194))) var x197 uint32 - x196, x197 = bits.Sub32(x180, 0xffffffff, uint32(uint1(x195))) var x198 uint32 + x197, x198 = bits.Sub32(x181, 0xffffffff, uint32(uint1(x196))) var x199 uint32 - x198, x199 = bits.Sub32(x182, 0xffffffff, uint32(uint1(x197))) var x200 uint32 - var x201 uint32 - x200, x201 = bits.Sub32(x184, 0xffffffff, uint32(uint1(x199))) + x199, x200 = bits.Sub32(x183, 0xffffffff, uint32(uint1(x198))) + var x202 uint32 + _, x202 = bits.Sub32(uint32(uint1(x184)), uint32(0x0), uint32(uint1(x200))) var x203 uint32 - _, x203 = bits.Sub32(uint32(uint1(x185)), uint32(0x0), uint32(uint1(x201))) - var x204 uint32 - x204, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x206 := ((x144 >> 1) | ((x146 << 31) & 0xffffffff)) - x207 := ((x146 >> 1) | ((x148 << 31) & 0xffffffff)) - x208 := ((x148 >> 1) | ((x150 << 31) & 0xffffffff)) - x209 := ((x150 >> 1) | ((x152 << 31) & 0xffffffff)) - x210 := ((x152 >> 1) | ((x154 << 31) & 0xffffffff)) - x211 := ((x154 >> 1) | ((x156 << 31) & 0xffffffff)) - x212 := ((x156 >> 1) | ((x158 << 31) & 0xffffffff)) - x213 := ((x158 >> 1) | ((x160 << 31) & 0xffffffff)) - x214 := ((x160 & 0x80000000) | (x160 >> 1)) + x203, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x205 := ((x143 >> 1) | ((x145 << 31) & 0xffffffff)) + x206 := ((x145 >> 1) | ((x147 << 31) & 0xffffffff)) + x207 := ((x147 >> 1) | ((x149 << 31) & 0xffffffff)) + x208 := ((x149 >> 1) | ((x151 << 31) & 0xffffffff)) + x209 := ((x151 >> 1) | ((x153 << 31) & 0xffffffff)) + x210 := ((x153 >> 1) | ((x155 << 31) & 0xffffffff)) + x211 := ((x155 >> 1) | ((x157 << 31) & 0xffffffff)) + x212 := ((x157 >> 1) | ((x159 << 31) & 0xffffffff)) + x213 := ((x159 & 0x80000000) | (x159 >> 1)) + var x214 uint32 + cmovznzU32(&x214, uint1(x84), x67, x51) var x215 uint32 - cmovznzU32(&x215, uint1(x84), x67, x51) + cmovznzU32(&x215, uint1(x84), x69, x53) var x216 uint32 - cmovznzU32(&x216, uint1(x84), x69, x53) + cmovznzU32(&x216, uint1(x84), x71, x55) var x217 uint32 - cmovznzU32(&x217, uint1(x84), x71, x55) + cmovznzU32(&x217, uint1(x84), x73, x57) var x218 uint32 - cmovznzU32(&x218, uint1(x84), x73, x57) + cmovznzU32(&x218, uint1(x84), x75, x59) var x219 uint32 - cmovznzU32(&x219, uint1(x84), x75, x59) + cmovznzU32(&x219, uint1(x84), x77, x61) var x220 uint32 - cmovznzU32(&x220, uint1(x84), x77, x61) + cmovznzU32(&x220, uint1(x84), x79, x63) var x221 uint32 - cmovznzU32(&x221, uint1(x84), x79, x63) + cmovznzU32(&x221, uint1(x84), x81, x65) var x222 uint32 - cmovznzU32(&x222, uint1(x84), x81, x65) + cmovznzU32(&x222, uint1(x202), x185, x169) var x223 uint32 - cmovznzU32(&x223, uint1(x203), x186, x170) + cmovznzU32(&x223, uint1(x202), x187, x171) var x224 uint32 - cmovznzU32(&x224, uint1(x203), x188, x172) + cmovznzU32(&x224, uint1(x202), x189, x173) var x225 uint32 - cmovznzU32(&x225, uint1(x203), x190, x174) + cmovznzU32(&x225, uint1(x202), x191, x175) var x226 uint32 - cmovznzU32(&x226, uint1(x203), x192, x176) + cmovznzU32(&x226, uint1(x202), x193, x177) var x227 uint32 - cmovznzU32(&x227, uint1(x203), x194, x178) + cmovznzU32(&x227, uint1(x202), x195, x179) var x228 uint32 - cmovznzU32(&x228, uint1(x203), x196, x180) + cmovznzU32(&x228, uint1(x202), x197, x181) var x229 uint32 - cmovznzU32(&x229, uint1(x203), x198, x182) - var x230 uint32 - cmovznzU32(&x230, uint1(x203), x200, x184) - *out1 = x204 + cmovznzU32(&x229, uint1(x202), x199, x183) + *out1 = x203 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -5151,31 +5126,31 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou out2[6] = x13 out2[7] = x14 out2[8] = x15 - out3[0] = x206 - out3[1] = x207 - out3[2] = x208 - out3[3] = x209 - out3[4] = x210 - out3[5] = x211 - out3[6] = x212 - out3[7] = x213 - out3[8] = x214 - out4[0] = x215 - out4[1] = x216 - out4[2] = x217 - out4[3] = x218 - out4[4] = x219 - out4[5] = x220 - out4[6] = x221 - out4[7] = x222 - out5[0] = x223 - out5[1] = x224 - out5[2] = x225 - out5[3] = x226 - out5[4] = x227 - out5[5] = x228 - out5[6] = x229 - out5[7] = x230 + out3[0] = x205 + out3[1] = x206 + out3[2] = x207 + out3[3] = x208 + out3[4] = x209 + out3[5] = x210 + out3[6] = x211 + out3[7] = x212 + out3[8] = x213 + out4[0] = x214 + out4[1] = x215 + out4[2] = x216 + out4[3] = x217 + out4[4] = x218 + out4[5] = x219 + out4[6] = x220 + out4[7] = x221 + out5[0] = x222 + out5[1] = x223 + out5[2] = x224 + out5[3] = x225 + out5[4] = x226 + out5[5] = x227 + out5[6] = x228 + out5[7] = x229 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/32/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go b/fiat-go/32/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go index adfcc44283..c7d923ebef 100644 --- a/fiat-go/32/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go +++ b/fiat-go/32/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go @@ -4816,86 +4816,62 @@ func ToBytes(out1 *[32]uint8, arg1 *[8]uint32) { x6 := arg1[2] x7 := arg1[1] x8 := arg1[0] - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := uint8((x12 >> 8)) - x15 := (uint8(x7) & 0xff) - x16 := (x7 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x6) & 0xff) - x22 := (x6 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := uint8((x24 >> 8)) - x27 := (uint8(x5) & 0xff) - x28 := (x5 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x4) & 0xff) - x34 := (x4 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := uint8((x36 >> 8)) - x39 := (uint8(x3) & 0xff) - x40 := (x3 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := uint8((x42 >> 8)) - x45 := (uint8(x2) & 0xff) - x46 := (x2 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (uint8(x1) & 0xff) - x52 := (x1 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := uint8((x54 >> 8)) - out1[0] = x9 - out1[1] = x11 - out1[2] = x13 - out1[3] = x14 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x26 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x38 - out1[20] = x39 - out1[21] = x41 - out1[22] = x43 - out1[23] = x44 - out1[24] = x45 - out1[25] = x47 - out1[26] = x49 - out1[27] = x50 - out1[28] = x51 - out1[29] = x53 - out1[30] = x55 - out1[31] = x56 + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x7 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := uint8((x16 >> 8)) + x18 := (x5 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := uint8((x22 >> 8)) + x24 := (x3 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x2 >> 8) + x28 := (x27 >> 8) + x29 := uint8((x28 >> 8)) + x30 := (x1 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x9) + out1[2] = uint8(x10) + out1[3] = x11 + out1[4] = uint8(x7) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = x17 + out1[12] = uint8(x5) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = x23 + out1[20] = uint8(x3) + out1[21] = uint8(x24) + out1[22] = uint8(x25) + out1[23] = x26 + out1[24] = uint8(x2) + out1[25] = uint8(x27) + out1[26] = uint8(x28) + out1[27] = x29 + out1[28] = uint8(x1) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -5045,7 +5021,7 @@ func Msat(out1 *[9]uint32) { func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, out5 *[8]uint32, arg1 uint32, arg2 *[9]uint32, arg3 *[9]uint32, arg4 *[8]uint32, arg5 *[8]uint32) { var x1 uint32 x1, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) - x3 := (uint1((x1 >> 31)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 31)) & uint1(arg3[0])) var x4 uint32 x4, _ = bits.Add32((^arg1), uint32(0x1), uint32(0x0)) var x6 uint32 @@ -5251,161 +5227,160 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou cmovznzU32(&x132, x3, arg5[6], x122) var x133 uint32 cmovznzU32(&x133, x3, arg5[7], x124) - x134 := (uint1(x34) & 0x1) + var x134 uint32 + cmovznzU32(&x134, uint1(x34), uint32(0x0), x7) var x135 uint32 - cmovznzU32(&x135, x134, uint32(0x0), x7) + cmovznzU32(&x135, uint1(x34), uint32(0x0), x8) var x136 uint32 - cmovznzU32(&x136, x134, uint32(0x0), x8) + cmovznzU32(&x136, uint1(x34), uint32(0x0), x9) var x137 uint32 - cmovznzU32(&x137, x134, uint32(0x0), x9) + cmovznzU32(&x137, uint1(x34), uint32(0x0), x10) var x138 uint32 - cmovznzU32(&x138, x134, uint32(0x0), x10) + cmovznzU32(&x138, uint1(x34), uint32(0x0), x11) var x139 uint32 - cmovznzU32(&x139, x134, uint32(0x0), x11) + cmovznzU32(&x139, uint1(x34), uint32(0x0), x12) var x140 uint32 - cmovznzU32(&x140, x134, uint32(0x0), x12) + cmovznzU32(&x140, uint1(x34), uint32(0x0), x13) var x141 uint32 - cmovznzU32(&x141, x134, uint32(0x0), x13) + cmovznzU32(&x141, uint1(x34), uint32(0x0), x14) var x142 uint32 - cmovznzU32(&x142, x134, uint32(0x0), x14) + cmovznzU32(&x142, uint1(x34), uint32(0x0), x15) var x143 uint32 - cmovznzU32(&x143, x134, uint32(0x0), x15) var x144 uint32 + x143, x144 = bits.Add32(x34, x134, uint32(0x0)) var x145 uint32 - x144, x145 = bits.Add32(x34, x135, uint32(0x0)) var x146 uint32 + x145, x146 = bits.Add32(x35, x135, uint32(uint1(x144))) var x147 uint32 - x146, x147 = bits.Add32(x35, x136, uint32(uint1(x145))) var x148 uint32 + x147, x148 = bits.Add32(x36, x136, uint32(uint1(x146))) var x149 uint32 - x148, x149 = bits.Add32(x36, x137, uint32(uint1(x147))) var x150 uint32 + x149, x150 = bits.Add32(x37, x137, uint32(uint1(x148))) var x151 uint32 - x150, x151 = bits.Add32(x37, x138, uint32(uint1(x149))) var x152 uint32 + x151, x152 = bits.Add32(x38, x138, uint32(uint1(x150))) var x153 uint32 - x152, x153 = bits.Add32(x38, x139, uint32(uint1(x151))) var x154 uint32 + x153, x154 = bits.Add32(x39, x139, uint32(uint1(x152))) var x155 uint32 - x154, x155 = bits.Add32(x39, x140, uint32(uint1(x153))) var x156 uint32 + x155, x156 = bits.Add32(x40, x140, uint32(uint1(x154))) var x157 uint32 - x156, x157 = bits.Add32(x40, x141, uint32(uint1(x155))) var x158 uint32 + x157, x158 = bits.Add32(x41, x141, uint32(uint1(x156))) var x159 uint32 - x158, x159 = bits.Add32(x41, x142, uint32(uint1(x157))) - var x160 uint32 - x160, _ = bits.Add32(x42, x143, uint32(uint1(x159))) + x159, _ = bits.Add32(x42, x142, uint32(uint1(x158))) + var x161 uint32 + cmovznzU32(&x161, uint1(x34), uint32(0x0), x43) var x162 uint32 - cmovznzU32(&x162, x134, uint32(0x0), x43) + cmovznzU32(&x162, uint1(x34), uint32(0x0), x44) var x163 uint32 - cmovznzU32(&x163, x134, uint32(0x0), x44) + cmovznzU32(&x163, uint1(x34), uint32(0x0), x45) var x164 uint32 - cmovznzU32(&x164, x134, uint32(0x0), x45) + cmovznzU32(&x164, uint1(x34), uint32(0x0), x46) var x165 uint32 - cmovznzU32(&x165, x134, uint32(0x0), x46) + cmovznzU32(&x165, uint1(x34), uint32(0x0), x47) var x166 uint32 - cmovznzU32(&x166, x134, uint32(0x0), x47) + cmovznzU32(&x166, uint1(x34), uint32(0x0), x48) var x167 uint32 - cmovznzU32(&x167, x134, uint32(0x0), x48) + cmovznzU32(&x167, uint1(x34), uint32(0x0), x49) var x168 uint32 - cmovznzU32(&x168, x134, uint32(0x0), x49) + cmovznzU32(&x168, uint1(x34), uint32(0x0), x50) var x169 uint32 - cmovznzU32(&x169, x134, uint32(0x0), x50) var x170 uint32 + x169, x170 = bits.Add32(x126, x161, uint32(0x0)) var x171 uint32 - x170, x171 = bits.Add32(x126, x162, uint32(0x0)) var x172 uint32 + x171, x172 = bits.Add32(x127, x162, uint32(uint1(x170))) var x173 uint32 - x172, x173 = bits.Add32(x127, x163, uint32(uint1(x171))) var x174 uint32 + x173, x174 = bits.Add32(x128, x163, uint32(uint1(x172))) var x175 uint32 - x174, x175 = bits.Add32(x128, x164, uint32(uint1(x173))) var x176 uint32 + x175, x176 = bits.Add32(x129, x164, uint32(uint1(x174))) var x177 uint32 - x176, x177 = bits.Add32(x129, x165, uint32(uint1(x175))) var x178 uint32 + x177, x178 = bits.Add32(x130, x165, uint32(uint1(x176))) var x179 uint32 - x178, x179 = bits.Add32(x130, x166, uint32(uint1(x177))) var x180 uint32 + x179, x180 = bits.Add32(x131, x166, uint32(uint1(x178))) var x181 uint32 - x180, x181 = bits.Add32(x131, x167, uint32(uint1(x179))) var x182 uint32 + x181, x182 = bits.Add32(x132, x167, uint32(uint1(x180))) var x183 uint32 - x182, x183 = bits.Add32(x132, x168, uint32(uint1(x181))) var x184 uint32 + x183, x184 = bits.Add32(x133, x168, uint32(uint1(x182))) var x185 uint32 - x184, x185 = bits.Add32(x133, x169, uint32(uint1(x183))) var x186 uint32 + x185, x186 = bits.Sub32(x169, 0xd0364141, uint32(0x0)) var x187 uint32 - x186, x187 = bits.Sub32(x170, 0xd0364141, uint32(0x0)) var x188 uint32 + x187, x188 = bits.Sub32(x171, 0xbfd25e8c, uint32(uint1(x186))) var x189 uint32 - x188, x189 = bits.Sub32(x172, 0xbfd25e8c, uint32(uint1(x187))) var x190 uint32 + x189, x190 = bits.Sub32(x173, 0xaf48a03b, uint32(uint1(x188))) var x191 uint32 - x190, x191 = bits.Sub32(x174, 0xaf48a03b, uint32(uint1(x189))) var x192 uint32 + x191, x192 = bits.Sub32(x175, 0xbaaedce6, uint32(uint1(x190))) var x193 uint32 - x192, x193 = bits.Sub32(x176, 0xbaaedce6, uint32(uint1(x191))) var x194 uint32 + x193, x194 = bits.Sub32(x177, 0xfffffffe, uint32(uint1(x192))) var x195 uint32 - x194, x195 = bits.Sub32(x178, 0xfffffffe, uint32(uint1(x193))) var x196 uint32 + x195, x196 = bits.Sub32(x179, 0xffffffff, uint32(uint1(x194))) var x197 uint32 - x196, x197 = bits.Sub32(x180, 0xffffffff, uint32(uint1(x195))) var x198 uint32 + x197, x198 = bits.Sub32(x181, 0xffffffff, uint32(uint1(x196))) var x199 uint32 - x198, x199 = bits.Sub32(x182, 0xffffffff, uint32(uint1(x197))) var x200 uint32 - var x201 uint32 - x200, x201 = bits.Sub32(x184, 0xffffffff, uint32(uint1(x199))) + x199, x200 = bits.Sub32(x183, 0xffffffff, uint32(uint1(x198))) + var x202 uint32 + _, x202 = bits.Sub32(uint32(uint1(x184)), uint32(0x0), uint32(uint1(x200))) var x203 uint32 - _, x203 = bits.Sub32(uint32(uint1(x185)), uint32(0x0), uint32(uint1(x201))) - var x204 uint32 - x204, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) - x206 := ((x144 >> 1) | ((x146 << 31) & 0xffffffff)) - x207 := ((x146 >> 1) | ((x148 << 31) & 0xffffffff)) - x208 := ((x148 >> 1) | ((x150 << 31) & 0xffffffff)) - x209 := ((x150 >> 1) | ((x152 << 31) & 0xffffffff)) - x210 := ((x152 >> 1) | ((x154 << 31) & 0xffffffff)) - x211 := ((x154 >> 1) | ((x156 << 31) & 0xffffffff)) - x212 := ((x156 >> 1) | ((x158 << 31) & 0xffffffff)) - x213 := ((x158 >> 1) | ((x160 << 31) & 0xffffffff)) - x214 := ((x160 & 0x80000000) | (x160 >> 1)) + x203, _ = bits.Add32(x6, uint32(0x1), uint32(0x0)) + x205 := ((x143 >> 1) | ((x145 << 31) & 0xffffffff)) + x206 := ((x145 >> 1) | ((x147 << 31) & 0xffffffff)) + x207 := ((x147 >> 1) | ((x149 << 31) & 0xffffffff)) + x208 := ((x149 >> 1) | ((x151 << 31) & 0xffffffff)) + x209 := ((x151 >> 1) | ((x153 << 31) & 0xffffffff)) + x210 := ((x153 >> 1) | ((x155 << 31) & 0xffffffff)) + x211 := ((x155 >> 1) | ((x157 << 31) & 0xffffffff)) + x212 := ((x157 >> 1) | ((x159 << 31) & 0xffffffff)) + x213 := ((x159 & 0x80000000) | (x159 >> 1)) + var x214 uint32 + cmovznzU32(&x214, uint1(x84), x67, x51) var x215 uint32 - cmovznzU32(&x215, uint1(x84), x67, x51) + cmovznzU32(&x215, uint1(x84), x69, x53) var x216 uint32 - cmovznzU32(&x216, uint1(x84), x69, x53) + cmovznzU32(&x216, uint1(x84), x71, x55) var x217 uint32 - cmovznzU32(&x217, uint1(x84), x71, x55) + cmovznzU32(&x217, uint1(x84), x73, x57) var x218 uint32 - cmovznzU32(&x218, uint1(x84), x73, x57) + cmovznzU32(&x218, uint1(x84), x75, x59) var x219 uint32 - cmovznzU32(&x219, uint1(x84), x75, x59) + cmovznzU32(&x219, uint1(x84), x77, x61) var x220 uint32 - cmovznzU32(&x220, uint1(x84), x77, x61) + cmovznzU32(&x220, uint1(x84), x79, x63) var x221 uint32 - cmovznzU32(&x221, uint1(x84), x79, x63) + cmovznzU32(&x221, uint1(x84), x81, x65) var x222 uint32 - cmovznzU32(&x222, uint1(x84), x81, x65) + cmovznzU32(&x222, uint1(x202), x185, x169) var x223 uint32 - cmovznzU32(&x223, uint1(x203), x186, x170) + cmovznzU32(&x223, uint1(x202), x187, x171) var x224 uint32 - cmovznzU32(&x224, uint1(x203), x188, x172) + cmovznzU32(&x224, uint1(x202), x189, x173) var x225 uint32 - cmovznzU32(&x225, uint1(x203), x190, x174) + cmovznzU32(&x225, uint1(x202), x191, x175) var x226 uint32 - cmovznzU32(&x226, uint1(x203), x192, x176) + cmovznzU32(&x226, uint1(x202), x193, x177) var x227 uint32 - cmovznzU32(&x227, uint1(x203), x194, x178) + cmovznzU32(&x227, uint1(x202), x195, x179) var x228 uint32 - cmovznzU32(&x228, uint1(x203), x196, x180) + cmovznzU32(&x228, uint1(x202), x197, x181) var x229 uint32 - cmovznzU32(&x229, uint1(x203), x198, x182) - var x230 uint32 - cmovznzU32(&x230, uint1(x203), x200, x184) - *out1 = x204 + cmovznzU32(&x229, uint1(x202), x199, x183) + *out1 = x203 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -5415,31 +5390,31 @@ func Divstep(out1 *uint32, out2 *[9]uint32, out3 *[9]uint32, out4 *[8]uint32, ou out2[6] = x13 out2[7] = x14 out2[8] = x15 - out3[0] = x206 - out3[1] = x207 - out3[2] = x208 - out3[3] = x209 - out3[4] = x210 - out3[5] = x211 - out3[6] = x212 - out3[7] = x213 - out3[8] = x214 - out4[0] = x215 - out4[1] = x216 - out4[2] = x217 - out4[3] = x218 - out4[4] = x219 - out4[5] = x220 - out4[6] = x221 - out4[7] = x222 - out5[0] = x223 - out5[1] = x224 - out5[2] = x225 - out5[3] = x226 - out5[4] = x227 - out5[5] = x228 - out5[6] = x229 - out5[7] = x230 + out3[0] = x205 + out3[1] = x206 + out3[2] = x207 + out3[3] = x208 + out3[4] = x209 + out3[5] = x210 + out3[6] = x211 + out3[7] = x212 + out3[8] = x213 + out4[0] = x214 + out4[1] = x215 + out4[2] = x216 + out4[3] = x217 + out4[4] = x218 + out4[5] = x219 + out4[6] = x220 + out4[7] = x221 + out5[0] = x222 + out5[1] = x223 + out5[2] = x224 + out5[3] = x225 + out5[4] = x226 + out5[5] = x227 + out5[6] = x228 + out5[7] = x229 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/curve25519/curve25519.go b/fiat-go/64/curve25519/curve25519.go index 03020cbcd5..e459b024a0 100644 --- a/fiat-go/64/curve25519/curve25519.go +++ b/fiat-go/64/curve25519/curve25519.go @@ -629,104 +629,73 @@ func ToBytes(out1 *[32]uint8, arg1 *TightFieldElement) { x23 := (x18 * uint64(0x2)) x24 := (x16 << 6) x25 := (x14 << 3) - x26 := (uint8(x12) & 0xff) - x27 := (x12 >> 8) - x28 := (uint8(x27) & 0xff) - x29 := (x27 >> 8) - x30 := (uint8(x29) & 0xff) - x31 := (x29 >> 8) - x32 := (uint8(x31) & 0xff) - x33 := (x31 >> 8) - x34 := (uint8(x33) & 0xff) - x35 := (x33 >> 8) - x36 := (uint8(x35) & 0xff) - x37 := uint8((x35 >> 8)) - x38 := (x25 + uint64(x37)) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := (x44 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := (x46 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := uint8((x48 >> 8)) - x51 := (x24 + uint64(x50)) - x52 := (uint8(x51) & 0xff) - x53 := (x51 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := (x53 >> 8) - x56 := (uint8(x55) & 0xff) - x57 := (x55 >> 8) - x58 := (uint8(x57) & 0xff) - x59 := (x57 >> 8) - x60 := (uint8(x59) & 0xff) - x61 := (x59 >> 8) - x62 := (uint8(x61) & 0xff) - x63 := (x61 >> 8) - x64 := (uint8(x63) & 0xff) - x65 := uint1((x63 >> 8)) - x66 := (x23 + uint64(x65)) - x67 := (uint8(x66) & 0xff) - x68 := (x66 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := (x70 >> 8) - x73 := (uint8(x72) & 0xff) - x74 := (x72 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := (x74 >> 8) - x77 := (uint8(x76) & 0xff) - x78 := uint8((x76 >> 8)) - x79 := (x22 + uint64(x78)) - x80 := (uint8(x79) & 0xff) - x81 := (x79 >> 8) - x82 := (uint8(x81) & 0xff) - x83 := (x81 >> 8) - x84 := (uint8(x83) & 0xff) - x85 := (x83 >> 8) - x86 := (uint8(x85) & 0xff) - x87 := (x85 >> 8) - x88 := (uint8(x87) & 0xff) - x89 := (x87 >> 8) - x90 := (uint8(x89) & 0xff) - x91 := uint8((x89 >> 8)) - out1[0] = x26 - out1[1] = x28 - out1[2] = x30 - out1[3] = x32 - out1[4] = x34 - out1[5] = x36 - out1[6] = x39 - out1[7] = x41 - out1[8] = x43 - out1[9] = x45 - out1[10] = x47 - out1[11] = x49 - out1[12] = x52 - out1[13] = x54 - out1[14] = x56 - out1[15] = x58 - out1[16] = x60 - out1[17] = x62 - out1[18] = x64 - out1[19] = x67 - out1[20] = x69 - out1[21] = x71 - out1[22] = x73 - out1[23] = x75 - out1[24] = x77 - out1[25] = x80 - out1[26] = x82 - out1[27] = x84 - out1[28] = x86 - out1[29] = x88 - out1[30] = x90 - out1[31] = x91 + x26 := (x12 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := uint8((x30 >> 8)) + x32 := (x25 + uint64(x31)) + x33 := (x32 >> 8) + x34 := (x33 >> 8) + x35 := (x34 >> 8) + x36 := (x35 >> 8) + x37 := (x36 >> 8) + x38 := uint8((x37 >> 8)) + x39 := (x24 + uint64(x38)) + x40 := (x39 >> 8) + x41 := (x40 >> 8) + x42 := (x41 >> 8) + x43 := (x42 >> 8) + x44 := (x43 >> 8) + x45 := (x44 >> 8) + x46 := uint1((x45 >> 8)) + x47 := (x23 + uint64(x46)) + x48 := (x47 >> 8) + x49 := (x48 >> 8) + x50 := (x49 >> 8) + x51 := (x50 >> 8) + x52 := (x51 >> 8) + x53 := uint8((x52 >> 8)) + x54 := (x22 + uint64(x53)) + x55 := (x54 >> 8) + x56 := (x55 >> 8) + x57 := (x56 >> 8) + x58 := (x57 >> 8) + x59 := (x58 >> 8) + x60 := uint8((x59 >> 8)) + out1[0] = uint8(x12) + out1[1] = uint8(x26) + out1[2] = uint8(x27) + out1[3] = uint8(x28) + out1[4] = uint8(x29) + out1[5] = uint8(x30) + out1[6] = uint8(x32) + out1[7] = uint8(x33) + out1[8] = uint8(x34) + out1[9] = uint8(x35) + out1[10] = uint8(x36) + out1[11] = uint8(x37) + out1[12] = uint8(x39) + out1[13] = uint8(x40) + out1[14] = uint8(x41) + out1[15] = uint8(x42) + out1[16] = uint8(x43) + out1[17] = uint8(x44) + out1[18] = uint8(x45) + out1[19] = uint8(x47) + out1[20] = uint8(x48) + out1[21] = uint8(x49) + out1[22] = uint8(x50) + out1[23] = uint8(x51) + out1[24] = uint8(x52) + out1[25] = uint8(x54) + out1[26] = uint8(x55) + out1[27] = uint8(x56) + out1[28] = uint8(x57) + out1[29] = uint8(x58) + out1[30] = uint8(x59) + out1[31] = x60 } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/64/curve25519scalar/curve25519scalar.go b/fiat-go/64/curve25519scalar/curve25519scalar.go index 1526a7f149..b3e70bbc4c 100644 --- a/fiat-go/64/curve25519scalar/curve25519scalar.go +++ b/fiat-go/64/curve25519scalar/curve25519scalar.go @@ -1265,94 +1265,66 @@ func ToBytes(out1 *[32]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x53 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = uint8(x28) + out1[28] = uint8(x29) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1494,7 +1466,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1604,107 +1576,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, 0x5812631a5cf5d3ed, uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, 0x5812631a5cf5d3ed, uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0x14def9dea2f79cd6, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0x14def9dea2f79cd6, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, uint64(0x0), uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, uint64(0x0), uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0x1000000000000000, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0x1000000000000000, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p224/p224.go b/fiat-go/64/p224/p224.go index e58badf835..42a61e1293 100644 --- a/fiat-go/64/p224/p224.go +++ b/fiat-go/64/p224/p224.go @@ -760,7 +760,7 @@ func Sub(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement, cmovznzU64(&x9, uint1(x8), uint64(0x0), 0xffffffffffffffff) var x10 uint64 var x11 uint64 - x10, x11 = bits.Add64(x1, uint64((uint1(x9) & 0x1)), uint64(0x0)) + x10, x11 = bits.Add64(x1, uint64(uint1(x9)), uint64(0x0)) var x12 uint64 var x13 uint64 x12, x13 = bits.Add64(x3, (x9 & 0xffffffff00000000), uint64(uint1(x11))) @@ -800,7 +800,7 @@ func Opp(out1 *MontgomeryDomainFieldElement, arg1 *MontgomeryDomainFieldElement) cmovznzU64(&x9, uint1(x8), uint64(0x0), 0xffffffffffffffff) var x10 uint64 var x11 uint64 - x10, x11 = bits.Add64(x1, uint64((uint1(x9) & 0x1)), uint64(0x0)) + x10, x11 = bits.Add64(x1, uint64(uint1(x9)), uint64(0x0)) var x12 uint64 var x13 uint64 x12, x13 = bits.Add64(x3, (x9 & 0xffffffff00000000), uint64(uint1(x11))) @@ -1325,82 +1325,58 @@ func ToBytes(out1 *[28]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := uint8((x50 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x52 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := uint8((x27 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = x28 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1534,7 +1510,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1627,7 +1603,7 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x61, uint1(x60), uint64(0x0), 0xffffffffffffffff) var x62 uint64 var x63 uint64 - x62, x63 = bits.Add64(x53, uint64((uint1(x61) & 0x1)), uint64(0x0)) + x62, x63 = bits.Add64(x53, uint64(uint1(x61)), uint64(0x0)) var x64 uint64 var x65 uint64 x64, x65 = bits.Add64(x55, (x61 & 0xffffffff00000000), uint64(uint1(x63))) @@ -1644,107 +1620,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, uint64(0x1), uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, uint64(0x1), uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0xffffffff00000000, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0xffffffff00000000, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, 0xffffffffffffffff, uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, 0xffffffffffffffff, uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0xffffffff, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0xffffffff, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p256/p256.go b/fiat-go/64/p256/p256.go index fb0b16a787..f7e2bf5937 100644 --- a/fiat-go/64/p256/p256.go +++ b/fiat-go/64/p256/p256.go @@ -1244,94 +1244,66 @@ func ToBytes(out1 *[32]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x53 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = uint8(x28) + out1[28] = uint8(x29) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1473,7 +1445,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1583,107 +1555,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, 0xffffffffffffffff, uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, 0xffffffffffffffff, uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0xffffffff, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0xffffffff, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, uint64(0x0), uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, uint64(0x0), uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0xffffffff00000001, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0xffffffff00000001, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p256scalar/p256scalar.go b/fiat-go/64/p256scalar/p256scalar.go index fd94528e7e..fbcc36f61f 100644 --- a/fiat-go/64/p256scalar/p256scalar.go +++ b/fiat-go/64/p256scalar/p256scalar.go @@ -1432,94 +1432,66 @@ func ToBytes(out1 *[32]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x53 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = uint8(x28) + out1[28] = uint8(x29) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1661,7 +1633,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1771,107 +1743,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, 0xf3b9cac2fc632551, uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, 0xf3b9cac2fc632551, uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0xbce6faada7179e84, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0xbce6faada7179e84, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, 0xffffffffffffffff, uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, 0xffffffffffffffff, uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0xffffffff00000000, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0xffffffff00000000, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p384/p384.go b/fiat-go/64/p384/p384.go index 86ac85ec41..380411f11d 100644 --- a/fiat-go/64/p384/p384.go +++ b/fiat-go/64/p384/p384.go @@ -2816,138 +2816,96 @@ func ToBytes(out1 *[48]uint8, arg1 *[6]uint64) { x4 := arg1[2] x5 := arg1[1] x6 := arg1[0] - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x5) & 0xff) - x22 := (x5 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := (x30 >> 8) - x33 := (uint8(x32) & 0xff) - x34 := uint8((x32 >> 8)) - x35 := (uint8(x4) & 0xff) - x36 := (x4 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := (x44 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := uint8((x46 >> 8)) - x49 := (uint8(x3) & 0xff) - x50 := (x3 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := (x58 >> 8) - x61 := (uint8(x60) & 0xff) - x62 := uint8((x60 >> 8)) - x63 := (uint8(x2) & 0xff) - x64 := (x2 >> 8) - x65 := (uint8(x64) & 0xff) - x66 := (x64 >> 8) - x67 := (uint8(x66) & 0xff) - x68 := (x66 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := (x70 >> 8) - x73 := (uint8(x72) & 0xff) - x74 := (x72 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := uint8((x74 >> 8)) - x77 := (uint8(x1) & 0xff) - x78 := (x1 >> 8) - x79 := (uint8(x78) & 0xff) - x80 := (x78 >> 8) - x81 := (uint8(x80) & 0xff) - x82 := (x80 >> 8) - x83 := (uint8(x82) & 0xff) - x84 := (x82 >> 8) - x85 := (uint8(x84) & 0xff) - x86 := (x84 >> 8) - x87 := (uint8(x86) & 0xff) - x88 := (x86 >> 8) - x89 := (uint8(x88) & 0xff) - x90 := uint8((x88 >> 8)) - out1[0] = x7 - out1[1] = x9 - out1[2] = x11 - out1[3] = x13 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x27 - out1[12] = x29 - out1[13] = x31 - out1[14] = x33 - out1[15] = x34 - out1[16] = x35 - out1[17] = x37 - out1[18] = x39 - out1[19] = x41 - out1[20] = x43 - out1[21] = x45 - out1[22] = x47 - out1[23] = x48 - out1[24] = x49 - out1[25] = x51 - out1[26] = x53 - out1[27] = x55 - out1[28] = x57 - out1[29] = x59 - out1[30] = x61 - out1[31] = x62 - out1[32] = x63 - out1[33] = x65 - out1[34] = x67 - out1[35] = x69 - out1[36] = x71 - out1[37] = x73 - out1[38] = x75 - out1[39] = x76 - out1[40] = x77 - out1[41] = x79 - out1[42] = x81 - out1[43] = x83 - out1[44] = x85 - out1[45] = x87 - out1[46] = x89 - out1[47] = x90 + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := (x10 >> 8) + x12 := (x11 >> 8) + x13 := uint8((x12 >> 8)) + x14 := (x5 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := (x17 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := (x24 >> 8) + x26 := (x25 >> 8) + x27 := uint8((x26 >> 8)) + x28 := (x3 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := (x31 >> 8) + x33 := (x32 >> 8) + x34 := uint8((x33 >> 8)) + x35 := (x2 >> 8) + x36 := (x35 >> 8) + x37 := (x36 >> 8) + x38 := (x37 >> 8) + x39 := (x38 >> 8) + x40 := (x39 >> 8) + x41 := uint8((x40 >> 8)) + x42 := (x1 >> 8) + x43 := (x42 >> 8) + x44 := (x43 >> 8) + x45 := (x44 >> 8) + x46 := (x45 >> 8) + x47 := (x46 >> 8) + x48 := uint8((x47 >> 8)) + out1[0] = uint8(x6) + out1[1] = uint8(x7) + out1[2] = uint8(x8) + out1[3] = uint8(x9) + out1[4] = uint8(x10) + out1[5] = uint8(x11) + out1[6] = uint8(x12) + out1[7] = x13 + out1[8] = uint8(x5) + out1[9] = uint8(x14) + out1[10] = uint8(x15) + out1[11] = uint8(x16) + out1[12] = uint8(x17) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = uint8(x23) + out1[20] = uint8(x24) + out1[21] = uint8(x25) + out1[22] = uint8(x26) + out1[23] = x27 + out1[24] = uint8(x3) + out1[25] = uint8(x28) + out1[26] = uint8(x29) + out1[27] = uint8(x30) + out1[28] = uint8(x31) + out1[29] = uint8(x32) + out1[30] = uint8(x33) + out1[31] = x34 + out1[32] = uint8(x2) + out1[33] = uint8(x35) + out1[34] = uint8(x36) + out1[35] = uint8(x37) + out1[36] = uint8(x38) + out1[37] = uint8(x39) + out1[38] = uint8(x40) + out1[39] = x41 + out1[40] = uint8(x1) + out1[41] = uint8(x42) + out1[42] = uint8(x43) + out1[43] = uint8(x44) + out1[44] = uint8(x45) + out1[45] = uint8(x46) + out1[46] = uint8(x47) + out1[47] = x48 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3125,7 +3083,7 @@ func Msat(out1 *[7]uint64) { func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, out5 *[6]uint64, arg1 uint64, arg2 *[7]uint64, arg3 *[7]uint64, arg4 *[6]uint64, arg5 *[6]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -3283,125 +3241,124 @@ func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, ou cmovznzU64(&x102, x3, arg5[4], x94) var x103 uint64 cmovznzU64(&x103, x3, arg5[5], x96) - x104 := (uint1(x28) & 0x1) + var x104 uint64 + cmovznzU64(&x104, uint1(x28), uint64(0x0), x7) var x105 uint64 - cmovznzU64(&x105, x104, uint64(0x0), x7) + cmovznzU64(&x105, uint1(x28), uint64(0x0), x8) var x106 uint64 - cmovznzU64(&x106, x104, uint64(0x0), x8) + cmovznzU64(&x106, uint1(x28), uint64(0x0), x9) var x107 uint64 - cmovznzU64(&x107, x104, uint64(0x0), x9) + cmovznzU64(&x107, uint1(x28), uint64(0x0), x10) var x108 uint64 - cmovznzU64(&x108, x104, uint64(0x0), x10) + cmovznzU64(&x108, uint1(x28), uint64(0x0), x11) var x109 uint64 - cmovznzU64(&x109, x104, uint64(0x0), x11) + cmovznzU64(&x109, uint1(x28), uint64(0x0), x12) var x110 uint64 - cmovznzU64(&x110, x104, uint64(0x0), x12) + cmovznzU64(&x110, uint1(x28), uint64(0x0), x13) var x111 uint64 - cmovznzU64(&x111, x104, uint64(0x0), x13) var x112 uint64 + x111, x112 = bits.Add64(x28, x104, uint64(0x0)) var x113 uint64 - x112, x113 = bits.Add64(x28, x105, uint64(0x0)) var x114 uint64 + x113, x114 = bits.Add64(x29, x105, uint64(uint1(x112))) var x115 uint64 - x114, x115 = bits.Add64(x29, x106, uint64(uint1(x113))) var x116 uint64 + x115, x116 = bits.Add64(x30, x106, uint64(uint1(x114))) var x117 uint64 - x116, x117 = bits.Add64(x30, x107, uint64(uint1(x115))) var x118 uint64 + x117, x118 = bits.Add64(x31, x107, uint64(uint1(x116))) var x119 uint64 - x118, x119 = bits.Add64(x31, x108, uint64(uint1(x117))) var x120 uint64 + x119, x120 = bits.Add64(x32, x108, uint64(uint1(x118))) var x121 uint64 - x120, x121 = bits.Add64(x32, x109, uint64(uint1(x119))) var x122 uint64 + x121, x122 = bits.Add64(x33, x109, uint64(uint1(x120))) var x123 uint64 - x122, x123 = bits.Add64(x33, x110, uint64(uint1(x121))) - var x124 uint64 - x124, _ = bits.Add64(x34, x111, uint64(uint1(x123))) + x123, _ = bits.Add64(x34, x110, uint64(uint1(x122))) + var x125 uint64 + cmovznzU64(&x125, uint1(x28), uint64(0x0), x35) var x126 uint64 - cmovznzU64(&x126, x104, uint64(0x0), x35) + cmovznzU64(&x126, uint1(x28), uint64(0x0), x36) var x127 uint64 - cmovznzU64(&x127, x104, uint64(0x0), x36) + cmovznzU64(&x127, uint1(x28), uint64(0x0), x37) var x128 uint64 - cmovznzU64(&x128, x104, uint64(0x0), x37) + cmovznzU64(&x128, uint1(x28), uint64(0x0), x38) var x129 uint64 - cmovznzU64(&x129, x104, uint64(0x0), x38) + cmovznzU64(&x129, uint1(x28), uint64(0x0), x39) var x130 uint64 - cmovznzU64(&x130, x104, uint64(0x0), x39) + cmovznzU64(&x130, uint1(x28), uint64(0x0), x40) var x131 uint64 - cmovznzU64(&x131, x104, uint64(0x0), x40) var x132 uint64 + x131, x132 = bits.Add64(x98, x125, uint64(0x0)) var x133 uint64 - x132, x133 = bits.Add64(x98, x126, uint64(0x0)) var x134 uint64 + x133, x134 = bits.Add64(x99, x126, uint64(uint1(x132))) var x135 uint64 - x134, x135 = bits.Add64(x99, x127, uint64(uint1(x133))) var x136 uint64 + x135, x136 = bits.Add64(x100, x127, uint64(uint1(x134))) var x137 uint64 - x136, x137 = bits.Add64(x100, x128, uint64(uint1(x135))) var x138 uint64 + x137, x138 = bits.Add64(x101, x128, uint64(uint1(x136))) var x139 uint64 - x138, x139 = bits.Add64(x101, x129, uint64(uint1(x137))) var x140 uint64 + x139, x140 = bits.Add64(x102, x129, uint64(uint1(x138))) var x141 uint64 - x140, x141 = bits.Add64(x102, x130, uint64(uint1(x139))) var x142 uint64 + x141, x142 = bits.Add64(x103, x130, uint64(uint1(x140))) var x143 uint64 - x142, x143 = bits.Add64(x103, x131, uint64(uint1(x141))) var x144 uint64 + x143, x144 = bits.Sub64(x131, 0xffffffff, uint64(0x0)) var x145 uint64 - x144, x145 = bits.Sub64(x132, 0xffffffff, uint64(0x0)) var x146 uint64 + x145, x146 = bits.Sub64(x133, 0xffffffff00000000, uint64(uint1(x144))) var x147 uint64 - x146, x147 = bits.Sub64(x134, 0xffffffff00000000, uint64(uint1(x145))) var x148 uint64 + x147, x148 = bits.Sub64(x135, 0xfffffffffffffffe, uint64(uint1(x146))) var x149 uint64 - x148, x149 = bits.Sub64(x136, 0xfffffffffffffffe, uint64(uint1(x147))) var x150 uint64 + x149, x150 = bits.Sub64(x137, 0xffffffffffffffff, uint64(uint1(x148))) var x151 uint64 - x150, x151 = bits.Sub64(x138, 0xffffffffffffffff, uint64(uint1(x149))) var x152 uint64 + x151, x152 = bits.Sub64(x139, 0xffffffffffffffff, uint64(uint1(x150))) var x153 uint64 - x152, x153 = bits.Sub64(x140, 0xffffffffffffffff, uint64(uint1(x151))) var x154 uint64 - var x155 uint64 - x154, x155 = bits.Sub64(x142, 0xffffffffffffffff, uint64(uint1(x153))) + x153, x154 = bits.Sub64(x141, 0xffffffffffffffff, uint64(uint1(x152))) + var x156 uint64 + _, x156 = bits.Sub64(uint64(uint1(x142)), uint64(0x0), uint64(uint1(x154))) var x157 uint64 - _, x157 = bits.Sub64(uint64(uint1(x143)), uint64(0x0), uint64(uint1(x155))) - var x158 uint64 - x158, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x160 := ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)) - x161 := ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)) - x162 := ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)) - x163 := ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)) - x164 := ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)) - x165 := ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)) - x166 := ((x124 & 0x8000000000000000) | (x124 >> 1)) + x157, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x159 := ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)) + x160 := ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)) + x161 := ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)) + x162 := ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)) + x163 := ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)) + x164 := ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)) + x165 := ((x123 & 0x8000000000000000) | (x123 >> 1)) + var x166 uint64 + cmovznzU64(&x166, uint1(x66), x53, x41) var x167 uint64 - cmovznzU64(&x167, uint1(x66), x53, x41) + cmovznzU64(&x167, uint1(x66), x55, x43) var x168 uint64 - cmovznzU64(&x168, uint1(x66), x55, x43) + cmovznzU64(&x168, uint1(x66), x57, x45) var x169 uint64 - cmovznzU64(&x169, uint1(x66), x57, x45) + cmovznzU64(&x169, uint1(x66), x59, x47) var x170 uint64 - cmovznzU64(&x170, uint1(x66), x59, x47) + cmovznzU64(&x170, uint1(x66), x61, x49) var x171 uint64 - cmovznzU64(&x171, uint1(x66), x61, x49) + cmovznzU64(&x171, uint1(x66), x63, x51) var x172 uint64 - cmovznzU64(&x172, uint1(x66), x63, x51) + cmovznzU64(&x172, uint1(x156), x143, x131) var x173 uint64 - cmovznzU64(&x173, uint1(x157), x144, x132) + cmovznzU64(&x173, uint1(x156), x145, x133) var x174 uint64 - cmovznzU64(&x174, uint1(x157), x146, x134) + cmovznzU64(&x174, uint1(x156), x147, x135) var x175 uint64 - cmovznzU64(&x175, uint1(x157), x148, x136) + cmovznzU64(&x175, uint1(x156), x149, x137) var x176 uint64 - cmovznzU64(&x176, uint1(x157), x150, x138) + cmovznzU64(&x176, uint1(x156), x151, x139) var x177 uint64 - cmovznzU64(&x177, uint1(x157), x152, x140) - var x178 uint64 - cmovznzU64(&x178, uint1(x157), x154, x142) - *out1 = x158 + cmovznzU64(&x177, uint1(x156), x153, x141) + *out1 = x157 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -3409,25 +3366,25 @@ func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, ou out2[4] = x11 out2[5] = x12 out2[6] = x13 - out3[0] = x160 - out3[1] = x161 - out3[2] = x162 - out3[3] = x163 - out3[4] = x164 - out3[5] = x165 - out3[6] = x166 - out4[0] = x167 - out4[1] = x168 - out4[2] = x169 - out4[3] = x170 - out4[4] = x171 - out4[5] = x172 - out5[0] = x173 - out5[1] = x174 - out5[2] = x175 - out5[3] = x176 - out5[4] = x177 - out5[5] = x178 + out3[0] = x159 + out3[1] = x160 + out3[2] = x161 + out3[3] = x162 + out3[4] = x163 + out3[5] = x164 + out3[6] = x165 + out4[0] = x166 + out4[1] = x167 + out4[2] = x168 + out4[3] = x169 + out4[4] = x170 + out4[5] = x171 + out5[0] = x172 + out5[1] = x173 + out5[2] = x174 + out5[3] = x175 + out5[4] = x176 + out5[5] = x177 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p384scalar/p384scalar.go b/fiat-go/64/p384scalar/p384scalar.go index 2c3b673fdb..41cccf05b7 100644 --- a/fiat-go/64/p384scalar/p384scalar.go +++ b/fiat-go/64/p384scalar/p384scalar.go @@ -2870,138 +2870,96 @@ func ToBytes(out1 *[48]uint8, arg1 *[6]uint64) { x4 := arg1[2] x5 := arg1[1] x6 := arg1[0] - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := (x16 >> 8) - x19 := (uint8(x18) & 0xff) - x20 := uint8((x18 >> 8)) - x21 := (uint8(x5) & 0xff) - x22 := (x5 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := (x30 >> 8) - x33 := (uint8(x32) & 0xff) - x34 := uint8((x32 >> 8)) - x35 := (uint8(x4) & 0xff) - x36 := (x4 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := (x44 >> 8) - x47 := (uint8(x46) & 0xff) - x48 := uint8((x46 >> 8)) - x49 := (uint8(x3) & 0xff) - x50 := (x3 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := (x58 >> 8) - x61 := (uint8(x60) & 0xff) - x62 := uint8((x60 >> 8)) - x63 := (uint8(x2) & 0xff) - x64 := (x2 >> 8) - x65 := (uint8(x64) & 0xff) - x66 := (x64 >> 8) - x67 := (uint8(x66) & 0xff) - x68 := (x66 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := (x70 >> 8) - x73 := (uint8(x72) & 0xff) - x74 := (x72 >> 8) - x75 := (uint8(x74) & 0xff) - x76 := uint8((x74 >> 8)) - x77 := (uint8(x1) & 0xff) - x78 := (x1 >> 8) - x79 := (uint8(x78) & 0xff) - x80 := (x78 >> 8) - x81 := (uint8(x80) & 0xff) - x82 := (x80 >> 8) - x83 := (uint8(x82) & 0xff) - x84 := (x82 >> 8) - x85 := (uint8(x84) & 0xff) - x86 := (x84 >> 8) - x87 := (uint8(x86) & 0xff) - x88 := (x86 >> 8) - x89 := (uint8(x88) & 0xff) - x90 := uint8((x88 >> 8)) - out1[0] = x7 - out1[1] = x9 - out1[2] = x11 - out1[3] = x13 - out1[4] = x15 - out1[5] = x17 - out1[6] = x19 - out1[7] = x20 - out1[8] = x21 - out1[9] = x23 - out1[10] = x25 - out1[11] = x27 - out1[12] = x29 - out1[13] = x31 - out1[14] = x33 - out1[15] = x34 - out1[16] = x35 - out1[17] = x37 - out1[18] = x39 - out1[19] = x41 - out1[20] = x43 - out1[21] = x45 - out1[22] = x47 - out1[23] = x48 - out1[24] = x49 - out1[25] = x51 - out1[26] = x53 - out1[27] = x55 - out1[28] = x57 - out1[29] = x59 - out1[30] = x61 - out1[31] = x62 - out1[32] = x63 - out1[33] = x65 - out1[34] = x67 - out1[35] = x69 - out1[36] = x71 - out1[37] = x73 - out1[38] = x75 - out1[39] = x76 - out1[40] = x77 - out1[41] = x79 - out1[42] = x81 - out1[43] = x83 - out1[44] = x85 - out1[45] = x87 - out1[46] = x89 - out1[47] = x90 + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := (x10 >> 8) + x12 := (x11 >> 8) + x13 := uint8((x12 >> 8)) + x14 := (x5 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := (x17 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x4 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := (x24 >> 8) + x26 := (x25 >> 8) + x27 := uint8((x26 >> 8)) + x28 := (x3 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := (x31 >> 8) + x33 := (x32 >> 8) + x34 := uint8((x33 >> 8)) + x35 := (x2 >> 8) + x36 := (x35 >> 8) + x37 := (x36 >> 8) + x38 := (x37 >> 8) + x39 := (x38 >> 8) + x40 := (x39 >> 8) + x41 := uint8((x40 >> 8)) + x42 := (x1 >> 8) + x43 := (x42 >> 8) + x44 := (x43 >> 8) + x45 := (x44 >> 8) + x46 := (x45 >> 8) + x47 := (x46 >> 8) + x48 := uint8((x47 >> 8)) + out1[0] = uint8(x6) + out1[1] = uint8(x7) + out1[2] = uint8(x8) + out1[3] = uint8(x9) + out1[4] = uint8(x10) + out1[5] = uint8(x11) + out1[6] = uint8(x12) + out1[7] = x13 + out1[8] = uint8(x5) + out1[9] = uint8(x14) + out1[10] = uint8(x15) + out1[11] = uint8(x16) + out1[12] = uint8(x17) + out1[13] = uint8(x18) + out1[14] = uint8(x19) + out1[15] = x20 + out1[16] = uint8(x4) + out1[17] = uint8(x21) + out1[18] = uint8(x22) + out1[19] = uint8(x23) + out1[20] = uint8(x24) + out1[21] = uint8(x25) + out1[22] = uint8(x26) + out1[23] = x27 + out1[24] = uint8(x3) + out1[25] = uint8(x28) + out1[26] = uint8(x29) + out1[27] = uint8(x30) + out1[28] = uint8(x31) + out1[29] = uint8(x32) + out1[30] = uint8(x33) + out1[31] = x34 + out1[32] = uint8(x2) + out1[33] = uint8(x35) + out1[34] = uint8(x36) + out1[35] = uint8(x37) + out1[36] = uint8(x38) + out1[37] = uint8(x39) + out1[38] = uint8(x40) + out1[39] = x41 + out1[40] = uint8(x1) + out1[41] = uint8(x42) + out1[42] = uint8(x43) + out1[43] = uint8(x44) + out1[44] = uint8(x45) + out1[45] = uint8(x46) + out1[46] = uint8(x47) + out1[47] = x48 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3179,7 +3137,7 @@ func Msat(out1 *[7]uint64) { func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, out5 *[6]uint64, arg1 uint64, arg2 *[7]uint64, arg3 *[7]uint64, arg4 *[6]uint64, arg5 *[6]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -3337,125 +3295,124 @@ func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, ou cmovznzU64(&x102, x3, arg5[4], x94) var x103 uint64 cmovznzU64(&x103, x3, arg5[5], x96) - x104 := (uint1(x28) & 0x1) + var x104 uint64 + cmovznzU64(&x104, uint1(x28), uint64(0x0), x7) var x105 uint64 - cmovznzU64(&x105, x104, uint64(0x0), x7) + cmovznzU64(&x105, uint1(x28), uint64(0x0), x8) var x106 uint64 - cmovznzU64(&x106, x104, uint64(0x0), x8) + cmovznzU64(&x106, uint1(x28), uint64(0x0), x9) var x107 uint64 - cmovznzU64(&x107, x104, uint64(0x0), x9) + cmovznzU64(&x107, uint1(x28), uint64(0x0), x10) var x108 uint64 - cmovznzU64(&x108, x104, uint64(0x0), x10) + cmovznzU64(&x108, uint1(x28), uint64(0x0), x11) var x109 uint64 - cmovznzU64(&x109, x104, uint64(0x0), x11) + cmovznzU64(&x109, uint1(x28), uint64(0x0), x12) var x110 uint64 - cmovznzU64(&x110, x104, uint64(0x0), x12) + cmovznzU64(&x110, uint1(x28), uint64(0x0), x13) var x111 uint64 - cmovznzU64(&x111, x104, uint64(0x0), x13) var x112 uint64 + x111, x112 = bits.Add64(x28, x104, uint64(0x0)) var x113 uint64 - x112, x113 = bits.Add64(x28, x105, uint64(0x0)) var x114 uint64 + x113, x114 = bits.Add64(x29, x105, uint64(uint1(x112))) var x115 uint64 - x114, x115 = bits.Add64(x29, x106, uint64(uint1(x113))) var x116 uint64 + x115, x116 = bits.Add64(x30, x106, uint64(uint1(x114))) var x117 uint64 - x116, x117 = bits.Add64(x30, x107, uint64(uint1(x115))) var x118 uint64 + x117, x118 = bits.Add64(x31, x107, uint64(uint1(x116))) var x119 uint64 - x118, x119 = bits.Add64(x31, x108, uint64(uint1(x117))) var x120 uint64 + x119, x120 = bits.Add64(x32, x108, uint64(uint1(x118))) var x121 uint64 - x120, x121 = bits.Add64(x32, x109, uint64(uint1(x119))) var x122 uint64 + x121, x122 = bits.Add64(x33, x109, uint64(uint1(x120))) var x123 uint64 - x122, x123 = bits.Add64(x33, x110, uint64(uint1(x121))) - var x124 uint64 - x124, _ = bits.Add64(x34, x111, uint64(uint1(x123))) + x123, _ = bits.Add64(x34, x110, uint64(uint1(x122))) + var x125 uint64 + cmovznzU64(&x125, uint1(x28), uint64(0x0), x35) var x126 uint64 - cmovznzU64(&x126, x104, uint64(0x0), x35) + cmovznzU64(&x126, uint1(x28), uint64(0x0), x36) var x127 uint64 - cmovznzU64(&x127, x104, uint64(0x0), x36) + cmovznzU64(&x127, uint1(x28), uint64(0x0), x37) var x128 uint64 - cmovznzU64(&x128, x104, uint64(0x0), x37) + cmovznzU64(&x128, uint1(x28), uint64(0x0), x38) var x129 uint64 - cmovznzU64(&x129, x104, uint64(0x0), x38) + cmovznzU64(&x129, uint1(x28), uint64(0x0), x39) var x130 uint64 - cmovznzU64(&x130, x104, uint64(0x0), x39) + cmovznzU64(&x130, uint1(x28), uint64(0x0), x40) var x131 uint64 - cmovznzU64(&x131, x104, uint64(0x0), x40) var x132 uint64 + x131, x132 = bits.Add64(x98, x125, uint64(0x0)) var x133 uint64 - x132, x133 = bits.Add64(x98, x126, uint64(0x0)) var x134 uint64 + x133, x134 = bits.Add64(x99, x126, uint64(uint1(x132))) var x135 uint64 - x134, x135 = bits.Add64(x99, x127, uint64(uint1(x133))) var x136 uint64 + x135, x136 = bits.Add64(x100, x127, uint64(uint1(x134))) var x137 uint64 - x136, x137 = bits.Add64(x100, x128, uint64(uint1(x135))) var x138 uint64 + x137, x138 = bits.Add64(x101, x128, uint64(uint1(x136))) var x139 uint64 - x138, x139 = bits.Add64(x101, x129, uint64(uint1(x137))) var x140 uint64 + x139, x140 = bits.Add64(x102, x129, uint64(uint1(x138))) var x141 uint64 - x140, x141 = bits.Add64(x102, x130, uint64(uint1(x139))) var x142 uint64 + x141, x142 = bits.Add64(x103, x130, uint64(uint1(x140))) var x143 uint64 - x142, x143 = bits.Add64(x103, x131, uint64(uint1(x141))) var x144 uint64 + x143, x144 = bits.Sub64(x131, 0xecec196accc52973, uint64(0x0)) var x145 uint64 - x144, x145 = bits.Sub64(x132, 0xecec196accc52973, uint64(0x0)) var x146 uint64 + x145, x146 = bits.Sub64(x133, 0x581a0db248b0a77a, uint64(uint1(x144))) var x147 uint64 - x146, x147 = bits.Sub64(x134, 0x581a0db248b0a77a, uint64(uint1(x145))) var x148 uint64 + x147, x148 = bits.Sub64(x135, 0xc7634d81f4372ddf, uint64(uint1(x146))) var x149 uint64 - x148, x149 = bits.Sub64(x136, 0xc7634d81f4372ddf, uint64(uint1(x147))) var x150 uint64 + x149, x150 = bits.Sub64(x137, 0xffffffffffffffff, uint64(uint1(x148))) var x151 uint64 - x150, x151 = bits.Sub64(x138, 0xffffffffffffffff, uint64(uint1(x149))) var x152 uint64 + x151, x152 = bits.Sub64(x139, 0xffffffffffffffff, uint64(uint1(x150))) var x153 uint64 - x152, x153 = bits.Sub64(x140, 0xffffffffffffffff, uint64(uint1(x151))) var x154 uint64 - var x155 uint64 - x154, x155 = bits.Sub64(x142, 0xffffffffffffffff, uint64(uint1(x153))) + x153, x154 = bits.Sub64(x141, 0xffffffffffffffff, uint64(uint1(x152))) + var x156 uint64 + _, x156 = bits.Sub64(uint64(uint1(x142)), uint64(0x0), uint64(uint1(x154))) var x157 uint64 - _, x157 = bits.Sub64(uint64(uint1(x143)), uint64(0x0), uint64(uint1(x155))) - var x158 uint64 - x158, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x160 := ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)) - x161 := ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)) - x162 := ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)) - x163 := ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)) - x164 := ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)) - x165 := ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)) - x166 := ((x124 & 0x8000000000000000) | (x124 >> 1)) + x157, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x159 := ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)) + x160 := ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)) + x161 := ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)) + x162 := ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)) + x163 := ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)) + x164 := ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)) + x165 := ((x123 & 0x8000000000000000) | (x123 >> 1)) + var x166 uint64 + cmovznzU64(&x166, uint1(x66), x53, x41) var x167 uint64 - cmovznzU64(&x167, uint1(x66), x53, x41) + cmovznzU64(&x167, uint1(x66), x55, x43) var x168 uint64 - cmovznzU64(&x168, uint1(x66), x55, x43) + cmovznzU64(&x168, uint1(x66), x57, x45) var x169 uint64 - cmovznzU64(&x169, uint1(x66), x57, x45) + cmovznzU64(&x169, uint1(x66), x59, x47) var x170 uint64 - cmovznzU64(&x170, uint1(x66), x59, x47) + cmovznzU64(&x170, uint1(x66), x61, x49) var x171 uint64 - cmovznzU64(&x171, uint1(x66), x61, x49) + cmovznzU64(&x171, uint1(x66), x63, x51) var x172 uint64 - cmovznzU64(&x172, uint1(x66), x63, x51) + cmovznzU64(&x172, uint1(x156), x143, x131) var x173 uint64 - cmovznzU64(&x173, uint1(x157), x144, x132) + cmovznzU64(&x173, uint1(x156), x145, x133) var x174 uint64 - cmovznzU64(&x174, uint1(x157), x146, x134) + cmovznzU64(&x174, uint1(x156), x147, x135) var x175 uint64 - cmovznzU64(&x175, uint1(x157), x148, x136) + cmovznzU64(&x175, uint1(x156), x149, x137) var x176 uint64 - cmovznzU64(&x176, uint1(x157), x150, x138) + cmovznzU64(&x176, uint1(x156), x151, x139) var x177 uint64 - cmovznzU64(&x177, uint1(x157), x152, x140) - var x178 uint64 - cmovznzU64(&x178, uint1(x157), x154, x142) - *out1 = x158 + cmovznzU64(&x177, uint1(x156), x153, x141) + *out1 = x157 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -3463,25 +3420,25 @@ func Divstep(out1 *uint64, out2 *[7]uint64, out3 *[7]uint64, out4 *[6]uint64, ou out2[4] = x11 out2[5] = x12 out2[6] = x13 - out3[0] = x160 - out3[1] = x161 - out3[2] = x162 - out3[3] = x163 - out3[4] = x164 - out3[5] = x165 - out3[6] = x166 - out4[0] = x167 - out4[1] = x168 - out4[2] = x169 - out4[3] = x170 - out4[4] = x171 - out4[5] = x172 - out5[0] = x173 - out5[1] = x174 - out5[2] = x175 - out5[3] = x176 - out5[4] = x177 - out5[5] = x178 + out3[0] = x159 + out3[1] = x160 + out3[2] = x161 + out3[3] = x162 + out3[4] = x163 + out3[5] = x164 + out3[6] = x165 + out4[0] = x166 + out4[1] = x167 + out4[2] = x168 + out4[3] = x169 + out4[4] = x170 + out4[5] = x171 + out5[0] = x172 + out5[1] = x173 + out5[2] = x174 + out5[3] = x175 + out5[4] = x176 + out5[5] = x177 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p434/p434.go b/fiat-go/64/p434/p434.go index 57877e79c6..3e3a82a813 100644 --- a/fiat-go/64/p434/p434.go +++ b/fiat-go/64/p434/p434.go @@ -3663,157 +3663,109 @@ func ToBytes(out1 *[55]uint8, arg1 *[7]uint64) { x5 := arg1[2] x6 := arg1[1] x7 := arg1[0] - x8 := (uint8(x7) & 0xff) - x9 := (x7 >> 8) - x10 := (uint8(x9) & 0xff) - x11 := (x9 >> 8) - x12 := (uint8(x11) & 0xff) - x13 := (x11 >> 8) - x14 := (uint8(x13) & 0xff) - x15 := (x13 >> 8) - x16 := (uint8(x15) & 0xff) - x17 := (x15 >> 8) - x18 := (uint8(x17) & 0xff) - x19 := (x17 >> 8) - x20 := (uint8(x19) & 0xff) - x21 := uint8((x19 >> 8)) - x22 := (uint8(x6) & 0xff) - x23 := (x6 >> 8) - x24 := (uint8(x23) & 0xff) - x25 := (x23 >> 8) - x26 := (uint8(x25) & 0xff) - x27 := (x25 >> 8) - x28 := (uint8(x27) & 0xff) - x29 := (x27 >> 8) - x30 := (uint8(x29) & 0xff) - x31 := (x29 >> 8) - x32 := (uint8(x31) & 0xff) - x33 := (x31 >> 8) - x34 := (uint8(x33) & 0xff) - x35 := uint8((x33 >> 8)) - x36 := (uint8(x5) & 0xff) - x37 := (x5 >> 8) - x38 := (uint8(x37) & 0xff) - x39 := (x37 >> 8) - x40 := (uint8(x39) & 0xff) - x41 := (x39 >> 8) - x42 := (uint8(x41) & 0xff) - x43 := (x41 >> 8) - x44 := (uint8(x43) & 0xff) - x45 := (x43 >> 8) - x46 := (uint8(x45) & 0xff) - x47 := (x45 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := uint8((x47 >> 8)) - x50 := (uint8(x4) & 0xff) - x51 := (x4 >> 8) - x52 := (uint8(x51) & 0xff) - x53 := (x51 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := (x53 >> 8) - x56 := (uint8(x55) & 0xff) - x57 := (x55 >> 8) - x58 := (uint8(x57) & 0xff) - x59 := (x57 >> 8) - x60 := (uint8(x59) & 0xff) - x61 := (x59 >> 8) - x62 := (uint8(x61) & 0xff) - x63 := uint8((x61 >> 8)) - x64 := (uint8(x3) & 0xff) - x65 := (x3 >> 8) - x66 := (uint8(x65) & 0xff) - x67 := (x65 >> 8) - x68 := (uint8(x67) & 0xff) - x69 := (x67 >> 8) - x70 := (uint8(x69) & 0xff) - x71 := (x69 >> 8) - x72 := (uint8(x71) & 0xff) - x73 := (x71 >> 8) - x74 := (uint8(x73) & 0xff) - x75 := (x73 >> 8) - x76 := (uint8(x75) & 0xff) - x77 := uint8((x75 >> 8)) - x78 := (uint8(x2) & 0xff) - x79 := (x2 >> 8) - x80 := (uint8(x79) & 0xff) - x81 := (x79 >> 8) - x82 := (uint8(x81) & 0xff) - x83 := (x81 >> 8) - x84 := (uint8(x83) & 0xff) - x85 := (x83 >> 8) - x86 := (uint8(x85) & 0xff) - x87 := (x85 >> 8) - x88 := (uint8(x87) & 0xff) - x89 := (x87 >> 8) - x90 := (uint8(x89) & 0xff) - x91 := uint8((x89 >> 8)) - x92 := (uint8(x1) & 0xff) - x93 := (x1 >> 8) - x94 := (uint8(x93) & 0xff) - x95 := (x93 >> 8) - x96 := (uint8(x95) & 0xff) - x97 := (x95 >> 8) - x98 := (uint8(x97) & 0xff) - x99 := (x97 >> 8) - x100 := (uint8(x99) & 0xff) - x101 := (x99 >> 8) - x102 := (uint8(x101) & 0xff) - x103 := uint8((x101 >> 8)) - out1[0] = x8 - out1[1] = x10 - out1[2] = x12 - out1[3] = x14 - out1[4] = x16 - out1[5] = x18 - out1[6] = x20 - out1[7] = x21 - out1[8] = x22 - out1[9] = x24 - out1[10] = x26 - out1[11] = x28 - out1[12] = x30 - out1[13] = x32 - out1[14] = x34 - out1[15] = x35 - out1[16] = x36 - out1[17] = x38 - out1[18] = x40 - out1[19] = x42 - out1[20] = x44 - out1[21] = x46 - out1[22] = x48 - out1[23] = x49 - out1[24] = x50 - out1[25] = x52 - out1[26] = x54 - out1[27] = x56 - out1[28] = x58 - out1[29] = x60 - out1[30] = x62 - out1[31] = x63 - out1[32] = x64 - out1[33] = x66 - out1[34] = x68 - out1[35] = x70 - out1[36] = x72 - out1[37] = x74 - out1[38] = x76 - out1[39] = x77 - out1[40] = x78 - out1[41] = x80 - out1[42] = x82 - out1[43] = x84 - out1[44] = x86 - out1[45] = x88 - out1[46] = x90 - out1[47] = x91 - out1[48] = x92 - out1[49] = x94 - out1[50] = x96 - out1[51] = x98 - out1[52] = x100 - out1[53] = x102 - out1[54] = x103 + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := (x10 >> 8) + x12 := (x11 >> 8) + x13 := (x12 >> 8) + x14 := uint8((x13 >> 8)) + x15 := (x6 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := (x17 >> 8) + x19 := (x18 >> 8) + x20 := (x19 >> 8) + x21 := uint8((x20 >> 8)) + x22 := (x5 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := (x24 >> 8) + x26 := (x25 >> 8) + x27 := (x26 >> 8) + x28 := uint8((x27 >> 8)) + x29 := (x4 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := (x31 >> 8) + x33 := (x32 >> 8) + x34 := (x33 >> 8) + x35 := uint8((x34 >> 8)) + x36 := (x3 >> 8) + x37 := (x36 >> 8) + x38 := (x37 >> 8) + x39 := (x38 >> 8) + x40 := (x39 >> 8) + x41 := (x40 >> 8) + x42 := uint8((x41 >> 8)) + x43 := (x2 >> 8) + x44 := (x43 >> 8) + x45 := (x44 >> 8) + x46 := (x45 >> 8) + x47 := (x46 >> 8) + x48 := (x47 >> 8) + x49 := uint8((x48 >> 8)) + x50 := (x1 >> 8) + x51 := (x50 >> 8) + x52 := (x51 >> 8) + x53 := (x52 >> 8) + x54 := (x53 >> 8) + x55 := uint8((x54 >> 8)) + out1[0] = uint8(x7) + out1[1] = uint8(x8) + out1[2] = uint8(x9) + out1[3] = uint8(x10) + out1[4] = uint8(x11) + out1[5] = uint8(x12) + out1[6] = uint8(x13) + out1[7] = x14 + out1[8] = uint8(x6) + out1[9] = uint8(x15) + out1[10] = uint8(x16) + out1[11] = uint8(x17) + out1[12] = uint8(x18) + out1[13] = uint8(x19) + out1[14] = uint8(x20) + out1[15] = x21 + out1[16] = uint8(x5) + out1[17] = uint8(x22) + out1[18] = uint8(x23) + out1[19] = uint8(x24) + out1[20] = uint8(x25) + out1[21] = uint8(x26) + out1[22] = uint8(x27) + out1[23] = x28 + out1[24] = uint8(x4) + out1[25] = uint8(x29) + out1[26] = uint8(x30) + out1[27] = uint8(x31) + out1[28] = uint8(x32) + out1[29] = uint8(x33) + out1[30] = uint8(x34) + out1[31] = x35 + out1[32] = uint8(x3) + out1[33] = uint8(x36) + out1[34] = uint8(x37) + out1[35] = uint8(x38) + out1[36] = uint8(x39) + out1[37] = uint8(x40) + out1[38] = uint8(x41) + out1[39] = x42 + out1[40] = uint8(x2) + out1[41] = uint8(x43) + out1[42] = uint8(x44) + out1[43] = uint8(x45) + out1[44] = uint8(x46) + out1[45] = uint8(x47) + out1[46] = uint8(x48) + out1[47] = x49 + out1[48] = uint8(x1) + out1[49] = uint8(x50) + out1[50] = uint8(x51) + out1[51] = uint8(x52) + out1[52] = uint8(x53) + out1[53] = uint8(x54) + out1[54] = x55 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4007,7 +3959,7 @@ func Msat(out1 *[8]uint64) { func Divstep(out1 *uint64, out2 *[8]uint64, out3 *[8]uint64, out4 *[7]uint64, out5 *[7]uint64, arg1 uint64, arg2 *[8]uint64, arg3 *[8]uint64, arg4 *[7]uint64, arg5 *[7]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -4189,143 +4141,142 @@ func Divstep(out1 *uint64, out2 *[8]uint64, out3 *[8]uint64, out4 *[7]uint64, ou cmovznzU64(&x117, x3, arg5[5], x108) var x118 uint64 cmovznzU64(&x118, x3, arg5[6], x110) - x119 := (uint1(x31) & 0x1) + var x119 uint64 + cmovznzU64(&x119, uint1(x31), uint64(0x0), x7) var x120 uint64 - cmovznzU64(&x120, x119, uint64(0x0), x7) + cmovznzU64(&x120, uint1(x31), uint64(0x0), x8) var x121 uint64 - cmovznzU64(&x121, x119, uint64(0x0), x8) + cmovznzU64(&x121, uint1(x31), uint64(0x0), x9) var x122 uint64 - cmovznzU64(&x122, x119, uint64(0x0), x9) + cmovznzU64(&x122, uint1(x31), uint64(0x0), x10) var x123 uint64 - cmovznzU64(&x123, x119, uint64(0x0), x10) + cmovznzU64(&x123, uint1(x31), uint64(0x0), x11) var x124 uint64 - cmovznzU64(&x124, x119, uint64(0x0), x11) + cmovznzU64(&x124, uint1(x31), uint64(0x0), x12) var x125 uint64 - cmovznzU64(&x125, x119, uint64(0x0), x12) + cmovznzU64(&x125, uint1(x31), uint64(0x0), x13) var x126 uint64 - cmovznzU64(&x126, x119, uint64(0x0), x13) + cmovznzU64(&x126, uint1(x31), uint64(0x0), x14) var x127 uint64 - cmovznzU64(&x127, x119, uint64(0x0), x14) var x128 uint64 + x127, x128 = bits.Add64(x31, x119, uint64(0x0)) var x129 uint64 - x128, x129 = bits.Add64(x31, x120, uint64(0x0)) var x130 uint64 + x129, x130 = bits.Add64(x32, x120, uint64(uint1(x128))) var x131 uint64 - x130, x131 = bits.Add64(x32, x121, uint64(uint1(x129))) var x132 uint64 + x131, x132 = bits.Add64(x33, x121, uint64(uint1(x130))) var x133 uint64 - x132, x133 = bits.Add64(x33, x122, uint64(uint1(x131))) var x134 uint64 + x133, x134 = bits.Add64(x34, x122, uint64(uint1(x132))) var x135 uint64 - x134, x135 = bits.Add64(x34, x123, uint64(uint1(x133))) var x136 uint64 + x135, x136 = bits.Add64(x35, x123, uint64(uint1(x134))) var x137 uint64 - x136, x137 = bits.Add64(x35, x124, uint64(uint1(x135))) var x138 uint64 + x137, x138 = bits.Add64(x36, x124, uint64(uint1(x136))) var x139 uint64 - x138, x139 = bits.Add64(x36, x125, uint64(uint1(x137))) var x140 uint64 + x139, x140 = bits.Add64(x37, x125, uint64(uint1(x138))) var x141 uint64 - x140, x141 = bits.Add64(x37, x126, uint64(uint1(x139))) - var x142 uint64 - x142, _ = bits.Add64(x38, x127, uint64(uint1(x141))) + x141, _ = bits.Add64(x38, x126, uint64(uint1(x140))) + var x143 uint64 + cmovznzU64(&x143, uint1(x31), uint64(0x0), x39) var x144 uint64 - cmovznzU64(&x144, x119, uint64(0x0), x39) + cmovznzU64(&x144, uint1(x31), uint64(0x0), x40) var x145 uint64 - cmovznzU64(&x145, x119, uint64(0x0), x40) + cmovznzU64(&x145, uint1(x31), uint64(0x0), x41) var x146 uint64 - cmovznzU64(&x146, x119, uint64(0x0), x41) + cmovznzU64(&x146, uint1(x31), uint64(0x0), x42) var x147 uint64 - cmovznzU64(&x147, x119, uint64(0x0), x42) + cmovznzU64(&x147, uint1(x31), uint64(0x0), x43) var x148 uint64 - cmovznzU64(&x148, x119, uint64(0x0), x43) + cmovznzU64(&x148, uint1(x31), uint64(0x0), x44) var x149 uint64 - cmovznzU64(&x149, x119, uint64(0x0), x44) + cmovznzU64(&x149, uint1(x31), uint64(0x0), x45) var x150 uint64 - cmovznzU64(&x150, x119, uint64(0x0), x45) var x151 uint64 + x150, x151 = bits.Add64(x112, x143, uint64(0x0)) var x152 uint64 - x151, x152 = bits.Add64(x112, x144, uint64(0x0)) var x153 uint64 + x152, x153 = bits.Add64(x113, x144, uint64(uint1(x151))) var x154 uint64 - x153, x154 = bits.Add64(x113, x145, uint64(uint1(x152))) var x155 uint64 + x154, x155 = bits.Add64(x114, x145, uint64(uint1(x153))) var x156 uint64 - x155, x156 = bits.Add64(x114, x146, uint64(uint1(x154))) var x157 uint64 + x156, x157 = bits.Add64(x115, x146, uint64(uint1(x155))) var x158 uint64 - x157, x158 = bits.Add64(x115, x147, uint64(uint1(x156))) var x159 uint64 + x158, x159 = bits.Add64(x116, x147, uint64(uint1(x157))) var x160 uint64 - x159, x160 = bits.Add64(x116, x148, uint64(uint1(x158))) var x161 uint64 + x160, x161 = bits.Add64(x117, x148, uint64(uint1(x159))) var x162 uint64 - x161, x162 = bits.Add64(x117, x149, uint64(uint1(x160))) var x163 uint64 + x162, x163 = bits.Add64(x118, x149, uint64(uint1(x161))) var x164 uint64 - x163, x164 = bits.Add64(x118, x150, uint64(uint1(x162))) var x165 uint64 + x164, x165 = bits.Sub64(x150, 0xffffffffffffffff, uint64(0x0)) var x166 uint64 - x165, x166 = bits.Sub64(x151, 0xffffffffffffffff, uint64(0x0)) var x167 uint64 + x166, x167 = bits.Sub64(x152, 0xffffffffffffffff, uint64(uint1(x165))) var x168 uint64 - x167, x168 = bits.Sub64(x153, 0xffffffffffffffff, uint64(uint1(x166))) var x169 uint64 + x168, x169 = bits.Sub64(x154, 0xffffffffffffffff, uint64(uint1(x167))) var x170 uint64 - x169, x170 = bits.Sub64(x155, 0xffffffffffffffff, uint64(uint1(x168))) var x171 uint64 + x170, x171 = bits.Sub64(x156, 0xfdc1767ae2ffffff, uint64(uint1(x169))) var x172 uint64 - x171, x172 = bits.Sub64(x157, 0xfdc1767ae2ffffff, uint64(uint1(x170))) var x173 uint64 + x172, x173 = bits.Sub64(x158, 0x7bc65c783158aea3, uint64(uint1(x171))) var x174 uint64 - x173, x174 = bits.Sub64(x159, 0x7bc65c783158aea3, uint64(uint1(x172))) var x175 uint64 + x174, x175 = bits.Sub64(x160, 0x6cfc5fd681c52056, uint64(uint1(x173))) var x176 uint64 - x175, x176 = bits.Sub64(x161, 0x6cfc5fd681c52056, uint64(uint1(x174))) var x177 uint64 - var x178 uint64 - x177, x178 = bits.Sub64(x163, 0x2341f27177344, uint64(uint1(x176))) + x176, x177 = bits.Sub64(x162, 0x2341f27177344, uint64(uint1(x175))) + var x179 uint64 + _, x179 = bits.Sub64(uint64(uint1(x163)), uint64(0x0), uint64(uint1(x177))) var x180 uint64 - _, x180 = bits.Sub64(uint64(uint1(x164)), uint64(0x0), uint64(uint1(x178))) - var x181 uint64 - x181, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x183 := ((x128 >> 1) | ((x130 << 63) & 0xffffffffffffffff)) - x184 := ((x130 >> 1) | ((x132 << 63) & 0xffffffffffffffff)) - x185 := ((x132 >> 1) | ((x134 << 63) & 0xffffffffffffffff)) - x186 := ((x134 >> 1) | ((x136 << 63) & 0xffffffffffffffff)) - x187 := ((x136 >> 1) | ((x138 << 63) & 0xffffffffffffffff)) - x188 := ((x138 >> 1) | ((x140 << 63) & 0xffffffffffffffff)) - x189 := ((x140 >> 1) | ((x142 << 63) & 0xffffffffffffffff)) - x190 := ((x142 & 0x8000000000000000) | (x142 >> 1)) + x180, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x182 := ((x127 >> 1) | ((x129 << 63) & 0xffffffffffffffff)) + x183 := ((x129 >> 1) | ((x131 << 63) & 0xffffffffffffffff)) + x184 := ((x131 >> 1) | ((x133 << 63) & 0xffffffffffffffff)) + x185 := ((x133 >> 1) | ((x135 << 63) & 0xffffffffffffffff)) + x186 := ((x135 >> 1) | ((x137 << 63) & 0xffffffffffffffff)) + x187 := ((x137 >> 1) | ((x139 << 63) & 0xffffffffffffffff)) + x188 := ((x139 >> 1) | ((x141 << 63) & 0xffffffffffffffff)) + x189 := ((x141 & 0x8000000000000000) | (x141 >> 1)) + var x190 uint64 + cmovznzU64(&x190, uint1(x75), x60, x46) var x191 uint64 - cmovznzU64(&x191, uint1(x75), x60, x46) + cmovznzU64(&x191, uint1(x75), x62, x48) var x192 uint64 - cmovznzU64(&x192, uint1(x75), x62, x48) + cmovznzU64(&x192, uint1(x75), x64, x50) var x193 uint64 - cmovznzU64(&x193, uint1(x75), x64, x50) + cmovznzU64(&x193, uint1(x75), x66, x52) var x194 uint64 - cmovznzU64(&x194, uint1(x75), x66, x52) + cmovznzU64(&x194, uint1(x75), x68, x54) var x195 uint64 - cmovznzU64(&x195, uint1(x75), x68, x54) + cmovznzU64(&x195, uint1(x75), x70, x56) var x196 uint64 - cmovznzU64(&x196, uint1(x75), x70, x56) + cmovznzU64(&x196, uint1(x75), x72, x58) var x197 uint64 - cmovznzU64(&x197, uint1(x75), x72, x58) + cmovznzU64(&x197, uint1(x179), x164, x150) var x198 uint64 - cmovznzU64(&x198, uint1(x180), x165, x151) + cmovznzU64(&x198, uint1(x179), x166, x152) var x199 uint64 - cmovznzU64(&x199, uint1(x180), x167, x153) + cmovznzU64(&x199, uint1(x179), x168, x154) var x200 uint64 - cmovznzU64(&x200, uint1(x180), x169, x155) + cmovznzU64(&x200, uint1(x179), x170, x156) var x201 uint64 - cmovznzU64(&x201, uint1(x180), x171, x157) + cmovznzU64(&x201, uint1(x179), x172, x158) var x202 uint64 - cmovznzU64(&x202, uint1(x180), x173, x159) + cmovznzU64(&x202, uint1(x179), x174, x160) var x203 uint64 - cmovznzU64(&x203, uint1(x180), x175, x161) - var x204 uint64 - cmovznzU64(&x204, uint1(x180), x177, x163) - *out1 = x181 + cmovznzU64(&x203, uint1(x179), x176, x162) + *out1 = x180 out2[0] = x7 out2[1] = x8 out2[2] = x9 @@ -4334,28 +4285,28 @@ func Divstep(out1 *uint64, out2 *[8]uint64, out3 *[8]uint64, out4 *[7]uint64, ou out2[5] = x12 out2[6] = x13 out2[7] = x14 - out3[0] = x183 - out3[1] = x184 - out3[2] = x185 - out3[3] = x186 - out3[4] = x187 - out3[5] = x188 - out3[6] = x189 - out3[7] = x190 - out4[0] = x191 - out4[1] = x192 - out4[2] = x193 - out4[3] = x194 - out4[4] = x195 - out4[5] = x196 - out4[6] = x197 - out5[0] = x198 - out5[1] = x199 - out5[2] = x200 - out5[3] = x201 - out5[4] = x202 - out5[5] = x203 - out5[6] = x204 + out3[0] = x182 + out3[1] = x183 + out3[2] = x184 + out3[3] = x185 + out3[4] = x186 + out3[5] = x187 + out3[6] = x188 + out3[7] = x189 + out4[0] = x190 + out4[1] = x191 + out4[2] = x192 + out4[3] = x193 + out4[4] = x194 + out4[5] = x195 + out4[6] = x196 + out5[0] = x197 + out5[1] = x198 + out5[2] = x199 + out5[3] = x200 + out5[4] = x201 + out5[5] = x202 + out5[6] = x203 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/p448solinas/p448solinas.go b/fiat-go/64/p448solinas/p448solinas.go index e3a442a38f..dc7c21d823 100644 --- a/fiat-go/64/p448solinas/p448solinas.go +++ b/fiat-go/64/p448solinas/p448solinas.go @@ -1634,158 +1634,110 @@ func ToBytes(out1 *[56]uint8, arg1 *TightFieldElement) { var x32 uint64 var x33 uint1 addcarryxU56(&x32, &x33, x31, x15, (x17 & 0xffffffffffffff)) - x34 := (uint8(x18) & 0xff) - x35 := (x18 >> 8) - x36 := (uint8(x35) & 0xff) - x37 := (x35 >> 8) - x38 := (uint8(x37) & 0xff) - x39 := (x37 >> 8) - x40 := (uint8(x39) & 0xff) - x41 := (x39 >> 8) - x42 := (uint8(x41) & 0xff) - x43 := (x41 >> 8) - x44 := (uint8(x43) & 0xff) - x45 := uint8((x43 >> 8)) - x46 := (uint8(x20) & 0xff) - x47 := (x20 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := (x47 >> 8) - x50 := (uint8(x49) & 0xff) - x51 := (x49 >> 8) - x52 := (uint8(x51) & 0xff) - x53 := (x51 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := (x53 >> 8) - x56 := (uint8(x55) & 0xff) - x57 := uint8((x55 >> 8)) - x58 := (uint8(x22) & 0xff) - x59 := (x22 >> 8) - x60 := (uint8(x59) & 0xff) - x61 := (x59 >> 8) - x62 := (uint8(x61) & 0xff) - x63 := (x61 >> 8) - x64 := (uint8(x63) & 0xff) - x65 := (x63 >> 8) - x66 := (uint8(x65) & 0xff) - x67 := (x65 >> 8) - x68 := (uint8(x67) & 0xff) - x69 := uint8((x67 >> 8)) - x70 := (uint8(x24) & 0xff) - x71 := (x24 >> 8) - x72 := (uint8(x71) & 0xff) - x73 := (x71 >> 8) - x74 := (uint8(x73) & 0xff) - x75 := (x73 >> 8) - x76 := (uint8(x75) & 0xff) - x77 := (x75 >> 8) - x78 := (uint8(x77) & 0xff) - x79 := (x77 >> 8) - x80 := (uint8(x79) & 0xff) - x81 := uint8((x79 >> 8)) - x82 := (uint8(x26) & 0xff) - x83 := (x26 >> 8) - x84 := (uint8(x83) & 0xff) - x85 := (x83 >> 8) - x86 := (uint8(x85) & 0xff) - x87 := (x85 >> 8) - x88 := (uint8(x87) & 0xff) - x89 := (x87 >> 8) - x90 := (uint8(x89) & 0xff) - x91 := (x89 >> 8) - x92 := (uint8(x91) & 0xff) - x93 := uint8((x91 >> 8)) - x94 := (uint8(x28) & 0xff) - x95 := (x28 >> 8) - x96 := (uint8(x95) & 0xff) - x97 := (x95 >> 8) - x98 := (uint8(x97) & 0xff) - x99 := (x97 >> 8) - x100 := (uint8(x99) & 0xff) - x101 := (x99 >> 8) - x102 := (uint8(x101) & 0xff) - x103 := (x101 >> 8) - x104 := (uint8(x103) & 0xff) - x105 := uint8((x103 >> 8)) - x106 := (uint8(x30) & 0xff) - x107 := (x30 >> 8) - x108 := (uint8(x107) & 0xff) - x109 := (x107 >> 8) - x110 := (uint8(x109) & 0xff) - x111 := (x109 >> 8) - x112 := (uint8(x111) & 0xff) - x113 := (x111 >> 8) - x114 := (uint8(x113) & 0xff) - x115 := (x113 >> 8) - x116 := (uint8(x115) & 0xff) - x117 := uint8((x115 >> 8)) - x118 := (uint8(x32) & 0xff) - x119 := (x32 >> 8) - x120 := (uint8(x119) & 0xff) - x121 := (x119 >> 8) - x122 := (uint8(x121) & 0xff) - x123 := (x121 >> 8) - x124 := (uint8(x123) & 0xff) - x125 := (x123 >> 8) - x126 := (uint8(x125) & 0xff) - x127 := (x125 >> 8) - x128 := (uint8(x127) & 0xff) - x129 := uint8((x127 >> 8)) - out1[0] = x34 - out1[1] = x36 - out1[2] = x38 - out1[3] = x40 - out1[4] = x42 - out1[5] = x44 - out1[6] = x45 - out1[7] = x46 - out1[8] = x48 - out1[9] = x50 - out1[10] = x52 - out1[11] = x54 - out1[12] = x56 - out1[13] = x57 - out1[14] = x58 - out1[15] = x60 - out1[16] = x62 - out1[17] = x64 - out1[18] = x66 - out1[19] = x68 - out1[20] = x69 - out1[21] = x70 - out1[22] = x72 - out1[23] = x74 - out1[24] = x76 - out1[25] = x78 - out1[26] = x80 - out1[27] = x81 - out1[28] = x82 - out1[29] = x84 - out1[30] = x86 - out1[31] = x88 - out1[32] = x90 - out1[33] = x92 - out1[34] = x93 - out1[35] = x94 - out1[36] = x96 - out1[37] = x98 - out1[38] = x100 - out1[39] = x102 - out1[40] = x104 - out1[41] = x105 - out1[42] = x106 - out1[43] = x108 - out1[44] = x110 - out1[45] = x112 - out1[46] = x114 - out1[47] = x116 - out1[48] = x117 - out1[49] = x118 - out1[50] = x120 - out1[51] = x122 - out1[52] = x124 - out1[53] = x126 - out1[54] = x128 - out1[55] = x129 + x34 := (x18 >> 8) + x35 := (x34 >> 8) + x36 := (x35 >> 8) + x37 := (x36 >> 8) + x38 := (x37 >> 8) + x39 := uint8((x38 >> 8)) + x40 := (x20 >> 8) + x41 := (x40 >> 8) + x42 := (x41 >> 8) + x43 := (x42 >> 8) + x44 := (x43 >> 8) + x45 := uint8((x44 >> 8)) + x46 := (x22 >> 8) + x47 := (x46 >> 8) + x48 := (x47 >> 8) + x49 := (x48 >> 8) + x50 := (x49 >> 8) + x51 := uint8((x50 >> 8)) + x52 := (x24 >> 8) + x53 := (x52 >> 8) + x54 := (x53 >> 8) + x55 := (x54 >> 8) + x56 := (x55 >> 8) + x57 := uint8((x56 >> 8)) + x58 := (x26 >> 8) + x59 := (x58 >> 8) + x60 := (x59 >> 8) + x61 := (x60 >> 8) + x62 := (x61 >> 8) + x63 := uint8((x62 >> 8)) + x64 := (x28 >> 8) + x65 := (x64 >> 8) + x66 := (x65 >> 8) + x67 := (x66 >> 8) + x68 := (x67 >> 8) + x69 := uint8((x68 >> 8)) + x70 := (x30 >> 8) + x71 := (x70 >> 8) + x72 := (x71 >> 8) + x73 := (x72 >> 8) + x74 := (x73 >> 8) + x75 := uint8((x74 >> 8)) + x76 := (x32 >> 8) + x77 := (x76 >> 8) + x78 := (x77 >> 8) + x79 := (x78 >> 8) + x80 := (x79 >> 8) + x81 := uint8((x80 >> 8)) + out1[0] = uint8(x18) + out1[1] = uint8(x34) + out1[2] = uint8(x35) + out1[3] = uint8(x36) + out1[4] = uint8(x37) + out1[5] = uint8(x38) + out1[6] = x39 + out1[7] = uint8(x20) + out1[8] = uint8(x40) + out1[9] = uint8(x41) + out1[10] = uint8(x42) + out1[11] = uint8(x43) + out1[12] = uint8(x44) + out1[13] = x45 + out1[14] = uint8(x22) + out1[15] = uint8(x46) + out1[16] = uint8(x47) + out1[17] = uint8(x48) + out1[18] = uint8(x49) + out1[19] = uint8(x50) + out1[20] = x51 + out1[21] = uint8(x24) + out1[22] = uint8(x52) + out1[23] = uint8(x53) + out1[24] = uint8(x54) + out1[25] = uint8(x55) + out1[26] = uint8(x56) + out1[27] = x57 + out1[28] = uint8(x26) + out1[29] = uint8(x58) + out1[30] = uint8(x59) + out1[31] = uint8(x60) + out1[32] = uint8(x61) + out1[33] = uint8(x62) + out1[34] = x63 + out1[35] = uint8(x28) + out1[36] = uint8(x64) + out1[37] = uint8(x65) + out1[38] = uint8(x66) + out1[39] = uint8(x67) + out1[40] = uint8(x68) + out1[41] = x69 + out1[42] = uint8(x30) + out1[43] = uint8(x70) + out1[44] = uint8(x71) + out1[45] = uint8(x72) + out1[46] = uint8(x73) + out1[47] = uint8(x74) + out1[48] = x75 + out1[49] = uint8(x32) + out1[50] = uint8(x76) + out1[51] = uint8(x77) + out1[52] = uint8(x78) + out1[53] = uint8(x79) + out1[54] = uint8(x80) + out1[55] = x81 } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/64/p521/p521.go b/fiat-go/64/p521/p521.go index 55c5cd2a14..dcf449335b 100644 --- a/fiat-go/64/p521/p521.go +++ b/fiat-go/64/p521/p521.go @@ -1495,204 +1495,141 @@ func ToBytes(out1 *[66]uint8, arg1 *TightFieldElement) { x41 := (x26 << 6) x42 := (x24 << 4) x43 := (x22 << 2) - x44 := (uint8(x20) & 0xff) - x45 := (x20 >> 8) - x46 := (uint8(x45) & 0xff) - x47 := (x45 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := (x47 >> 8) - x50 := (uint8(x49) & 0xff) - x51 := (x49 >> 8) - x52 := (uint8(x51) & 0xff) - x53 := (x51 >> 8) - x54 := (uint8(x53) & 0xff) - x55 := (x53 >> 8) - x56 := (uint8(x55) & 0xff) - x57 := uint8((x55 >> 8)) - x58 := (x43 + uint64(x57)) - x59 := (uint8(x58) & 0xff) - x60 := (x58 >> 8) - x61 := (uint8(x60) & 0xff) - x62 := (x60 >> 8) - x63 := (uint8(x62) & 0xff) - x64 := (x62 >> 8) - x65 := (uint8(x64) & 0xff) - x66 := (x64 >> 8) - x67 := (uint8(x66) & 0xff) - x68 := (x66 >> 8) - x69 := (uint8(x68) & 0xff) - x70 := (x68 >> 8) - x71 := (uint8(x70) & 0xff) - x72 := uint8((x70 >> 8)) - x73 := (x42 + uint64(x72)) - x74 := (uint8(x73) & 0xff) - x75 := (x73 >> 8) - x76 := (uint8(x75) & 0xff) - x77 := (x75 >> 8) - x78 := (uint8(x77) & 0xff) - x79 := (x77 >> 8) - x80 := (uint8(x79) & 0xff) - x81 := (x79 >> 8) - x82 := (uint8(x81) & 0xff) - x83 := (x81 >> 8) - x84 := (uint8(x83) & 0xff) - x85 := (x83 >> 8) - x86 := (uint8(x85) & 0xff) - x87 := uint8((x85 >> 8)) - x88 := (x41 + uint64(x87)) - x89 := (uint8(x88) & 0xff) - x90 := (x88 >> 8) - x91 := (uint8(x90) & 0xff) - x92 := (x90 >> 8) - x93 := (uint8(x92) & 0xff) - x94 := (x92 >> 8) - x95 := (uint8(x94) & 0xff) - x96 := (x94 >> 8) - x97 := (uint8(x96) & 0xff) - x98 := (x96 >> 8) - x99 := (uint8(x98) & 0xff) - x100 := (x98 >> 8) - x101 := (uint8(x100) & 0xff) - x102 := uint8((x100 >> 8)) - x103 := (uint8(x28) & 0xff) - x104 := (x28 >> 8) - x105 := (uint8(x104) & 0xff) - x106 := (x104 >> 8) - x107 := (uint8(x106) & 0xff) - x108 := (x106 >> 8) - x109 := (uint8(x108) & 0xff) - x110 := (x108 >> 8) - x111 := (uint8(x110) & 0xff) - x112 := (x110 >> 8) - x113 := (uint8(x112) & 0xff) - x114 := (x112 >> 8) - x115 := (uint8(x114) & 0xff) - x116 := uint8((x114 >> 8)) - x117 := (x40 + uint64(x116)) - x118 := (uint8(x117) & 0xff) - x119 := (x117 >> 8) - x120 := (uint8(x119) & 0xff) - x121 := (x119 >> 8) - x122 := (uint8(x121) & 0xff) - x123 := (x121 >> 8) - x124 := (uint8(x123) & 0xff) - x125 := (x123 >> 8) - x126 := (uint8(x125) & 0xff) - x127 := (x125 >> 8) - x128 := (uint8(x127) & 0xff) - x129 := (x127 >> 8) - x130 := (uint8(x129) & 0xff) - x131 := uint8((x129 >> 8)) - x132 := (x39 + uint64(x131)) - x133 := (uint8(x132) & 0xff) - x134 := (x132 >> 8) - x135 := (uint8(x134) & 0xff) - x136 := (x134 >> 8) - x137 := (uint8(x136) & 0xff) - x138 := (x136 >> 8) - x139 := (uint8(x138) & 0xff) - x140 := (x138 >> 8) - x141 := (uint8(x140) & 0xff) - x142 := (x140 >> 8) - x143 := (uint8(x142) & 0xff) - x144 := (x142 >> 8) - x145 := (uint8(x144) & 0xff) - x146 := uint8((x144 >> 8)) - x147 := (x38 + uint64(x146)) - x148 := (uint8(x147) & 0xff) - x149 := (x147 >> 8) - x150 := (uint8(x149) & 0xff) - x151 := (x149 >> 8) - x152 := (uint8(x151) & 0xff) - x153 := (x151 >> 8) - x154 := (uint8(x153) & 0xff) - x155 := (x153 >> 8) - x156 := (uint8(x155) & 0xff) - x157 := (x155 >> 8) - x158 := (uint8(x157) & 0xff) - x159 := (x157 >> 8) - x160 := (uint8(x159) & 0xff) - x161 := uint8((x159 >> 8)) - x162 := (uint8(x36) & 0xff) - x163 := (x36 >> 8) - x164 := (uint8(x163) & 0xff) - x165 := (x163 >> 8) - x166 := (uint8(x165) & 0xff) - x167 := (x165 >> 8) - x168 := (uint8(x167) & 0xff) - x169 := (x167 >> 8) - x170 := (uint8(x169) & 0xff) - x171 := (x169 >> 8) - x172 := (uint8(x171) & 0xff) - x173 := (x171 >> 8) - x174 := (uint8(x173) & 0xff) - x175 := uint1((x173 >> 8)) - out1[0] = x44 - out1[1] = x46 - out1[2] = x48 - out1[3] = x50 - out1[4] = x52 - out1[5] = x54 - out1[6] = x56 - out1[7] = x59 - out1[8] = x61 - out1[9] = x63 - out1[10] = x65 - out1[11] = x67 - out1[12] = x69 - out1[13] = x71 - out1[14] = x74 - out1[15] = x76 - out1[16] = x78 - out1[17] = x80 - out1[18] = x82 - out1[19] = x84 - out1[20] = x86 - out1[21] = x89 - out1[22] = x91 - out1[23] = x93 - out1[24] = x95 - out1[25] = x97 - out1[26] = x99 - out1[27] = x101 - out1[28] = x102 - out1[29] = x103 - out1[30] = x105 - out1[31] = x107 - out1[32] = x109 - out1[33] = x111 - out1[34] = x113 - out1[35] = x115 - out1[36] = x118 - out1[37] = x120 - out1[38] = x122 - out1[39] = x124 - out1[40] = x126 - out1[41] = x128 - out1[42] = x130 - out1[43] = x133 - out1[44] = x135 - out1[45] = x137 - out1[46] = x139 - out1[47] = x141 - out1[48] = x143 - out1[49] = x145 - out1[50] = x148 - out1[51] = x150 - out1[52] = x152 - out1[53] = x154 - out1[54] = x156 - out1[55] = x158 - out1[56] = x160 - out1[57] = x161 - out1[58] = x162 - out1[59] = x164 - out1[60] = x166 - out1[61] = x168 - out1[62] = x170 - out1[63] = x172 - out1[64] = x174 - out1[65] = uint8(x175) + x44 := (x20 >> 8) + x45 := (x44 >> 8) + x46 := (x45 >> 8) + x47 := (x46 >> 8) + x48 := (x47 >> 8) + x49 := (x48 >> 8) + x50 := uint8((x49 >> 8)) + x51 := (x43 + uint64(x50)) + x52 := (x51 >> 8) + x53 := (x52 >> 8) + x54 := (x53 >> 8) + x55 := (x54 >> 8) + x56 := (x55 >> 8) + x57 := (x56 >> 8) + x58 := uint8((x57 >> 8)) + x59 := (x42 + uint64(x58)) + x60 := (x59 >> 8) + x61 := (x60 >> 8) + x62 := (x61 >> 8) + x63 := (x62 >> 8) + x64 := (x63 >> 8) + x65 := (x64 >> 8) + x66 := uint8((x65 >> 8)) + x67 := (x41 + uint64(x66)) + x68 := (x67 >> 8) + x69 := (x68 >> 8) + x70 := (x69 >> 8) + x71 := (x70 >> 8) + x72 := (x71 >> 8) + x73 := (x72 >> 8) + x74 := uint8((x73 >> 8)) + x75 := (x28 >> 8) + x76 := (x75 >> 8) + x77 := (x76 >> 8) + x78 := (x77 >> 8) + x79 := (x78 >> 8) + x80 := (x79 >> 8) + x81 := uint8((x80 >> 8)) + x82 := (x40 + uint64(x81)) + x83 := (x82 >> 8) + x84 := (x83 >> 8) + x85 := (x84 >> 8) + x86 := (x85 >> 8) + x87 := (x86 >> 8) + x88 := (x87 >> 8) + x89 := uint8((x88 >> 8)) + x90 := (x39 + uint64(x89)) + x91 := (x90 >> 8) + x92 := (x91 >> 8) + x93 := (x92 >> 8) + x94 := (x93 >> 8) + x95 := (x94 >> 8) + x96 := (x95 >> 8) + x97 := uint8((x96 >> 8)) + x98 := (x38 + uint64(x97)) + x99 := (x98 >> 8) + x100 := (x99 >> 8) + x101 := (x100 >> 8) + x102 := (x101 >> 8) + x103 := (x102 >> 8) + x104 := (x103 >> 8) + x105 := uint8((x104 >> 8)) + x106 := (x36 >> 8) + x107 := (x106 >> 8) + x108 := (x107 >> 8) + x109 := (x108 >> 8) + x110 := (x109 >> 8) + x111 := (x110 >> 8) + x112 := uint1((x111 >> 8)) + out1[0] = uint8(x20) + out1[1] = uint8(x44) + out1[2] = uint8(x45) + out1[3] = uint8(x46) + out1[4] = uint8(x47) + out1[5] = uint8(x48) + out1[6] = uint8(x49) + out1[7] = uint8(x51) + out1[8] = uint8(x52) + out1[9] = uint8(x53) + out1[10] = uint8(x54) + out1[11] = uint8(x55) + out1[12] = uint8(x56) + out1[13] = uint8(x57) + out1[14] = uint8(x59) + out1[15] = uint8(x60) + out1[16] = uint8(x61) + out1[17] = uint8(x62) + out1[18] = uint8(x63) + out1[19] = uint8(x64) + out1[20] = uint8(x65) + out1[21] = uint8(x67) + out1[22] = uint8(x68) + out1[23] = uint8(x69) + out1[24] = uint8(x70) + out1[25] = uint8(x71) + out1[26] = uint8(x72) + out1[27] = uint8(x73) + out1[28] = x74 + out1[29] = uint8(x28) + out1[30] = uint8(x75) + out1[31] = uint8(x76) + out1[32] = uint8(x77) + out1[33] = uint8(x78) + out1[34] = uint8(x79) + out1[35] = uint8(x80) + out1[36] = uint8(x82) + out1[37] = uint8(x83) + out1[38] = uint8(x84) + out1[39] = uint8(x85) + out1[40] = uint8(x86) + out1[41] = uint8(x87) + out1[42] = uint8(x88) + out1[43] = uint8(x90) + out1[44] = uint8(x91) + out1[45] = uint8(x92) + out1[46] = uint8(x93) + out1[47] = uint8(x94) + out1[48] = uint8(x95) + out1[49] = uint8(x96) + out1[50] = uint8(x98) + out1[51] = uint8(x99) + out1[52] = uint8(x100) + out1[53] = uint8(x101) + out1[54] = uint8(x102) + out1[55] = uint8(x103) + out1[56] = uint8(x104) + out1[57] = x105 + out1[58] = uint8(x36) + out1[59] = uint8(x106) + out1[60] = uint8(x107) + out1[61] = uint8(x108) + out1[62] = uint8(x109) + out1[63] = uint8(x110) + out1[64] = uint8(x111) + out1[65] = uint8(x112) } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/64/poly1305/poly1305.go b/fiat-go/64/poly1305/poly1305.go index 21bfaa6024..c04ec4527e 100644 --- a/fiat-go/64/poly1305/poly1305.go +++ b/fiat-go/64/poly1305/poly1305.go @@ -421,57 +421,41 @@ func ToBytes(out1 *[17]uint8, arg1 *TightFieldElement) { addcarryxU43(&x12, &x13, x11, x5, (x7 & 0x7ffffffffff)) x14 := (x12 << 7) x15 := (x10 << 4) - x16 := (uint8(x8) & 0xff) - x17 := (x8 >> 8) - x18 := (uint8(x17) & 0xff) - x19 := (x17 >> 8) - x20 := (uint8(x19) & 0xff) - x21 := (x19 >> 8) - x22 := (uint8(x21) & 0xff) - x23 := (x21 >> 8) - x24 := (uint8(x23) & 0xff) - x25 := uint8((x23 >> 8)) - x26 := (x15 + uint64(x25)) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := (x30 >> 8) - x33 := (uint8(x32) & 0xff) - x34 := (x32 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := uint8((x34 >> 8)) - x37 := (x14 + uint64(x36)) - x38 := (uint8(x37) & 0xff) - x39 := (x37 >> 8) - x40 := (uint8(x39) & 0xff) - x41 := (x39 >> 8) - x42 := (uint8(x41) & 0xff) - x43 := (x41 >> 8) - x44 := (uint8(x43) & 0xff) - x45 := (x43 >> 8) - x46 := (uint8(x45) & 0xff) - x47 := (x45 >> 8) - x48 := (uint8(x47) & 0xff) - x49 := uint8((x47 >> 8)) - out1[0] = x16 - out1[1] = x18 - out1[2] = x20 - out1[3] = x22 - out1[4] = x24 - out1[5] = x27 - out1[6] = x29 - out1[7] = x31 - out1[8] = x33 - out1[9] = x35 - out1[10] = x38 - out1[11] = x40 - out1[12] = x42 - out1[13] = x44 - out1[14] = x46 - out1[15] = x48 - out1[16] = x49 + x16 := (x8 >> 8) + x17 := (x16 >> 8) + x18 := (x17 >> 8) + x19 := (x18 >> 8) + x20 := uint8((x19 >> 8)) + x21 := (x15 + uint64(x20)) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := (x24 >> 8) + x26 := uint8((x25 >> 8)) + x27 := (x14 + uint64(x26)) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := (x31 >> 8) + x33 := uint8((x32 >> 8)) + out1[0] = uint8(x8) + out1[1] = uint8(x16) + out1[2] = uint8(x17) + out1[3] = uint8(x18) + out1[4] = uint8(x19) + out1[5] = uint8(x21) + out1[6] = uint8(x22) + out1[7] = uint8(x23) + out1[8] = uint8(x24) + out1[9] = uint8(x25) + out1[10] = uint8(x27) + out1[11] = uint8(x28) + out1[12] = uint8(x29) + out1[13] = uint8(x30) + out1[14] = uint8(x31) + out1[15] = uint8(x32) + out1[16] = x33 } // FromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-go/64/secp256k1montgomery/secp256k1montgomery.go b/fiat-go/64/secp256k1montgomery/secp256k1montgomery.go index 4945694940..d85310ea22 100644 --- a/fiat-go/64/secp256k1montgomery/secp256k1montgomery.go +++ b/fiat-go/64/secp256k1montgomery/secp256k1montgomery.go @@ -1392,94 +1392,66 @@ func ToBytes(out1 *[32]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x53 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = uint8(x28) + out1[28] = uint8(x29) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1621,7 +1593,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1731,107 +1703,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, 0xfffffffefffffc2f, uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, 0xfffffffefffffc2f, uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0xffffffffffffffff, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0xffffffffffffffff, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, 0xffffffffffffffff, uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, 0xffffffffffffffff, uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0xffffffffffffffff, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0xffffffffffffffff, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-go/64/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go b/fiat-go/64/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go index c9ed5e3130..e7c65d2b42 100644 --- a/fiat-go/64/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go +++ b/fiat-go/64/secp256k1montgomeryscalar/secp256k1montgomeryscalar.go @@ -1452,94 +1452,66 @@ func ToBytes(out1 *[32]uint8, arg1 *[4]uint64) { x2 := arg1[2] x3 := arg1[1] x4 := arg1[0] - x5 := (uint8(x4) & 0xff) - x6 := (x4 >> 8) - x7 := (uint8(x6) & 0xff) - x8 := (x6 >> 8) - x9 := (uint8(x8) & 0xff) - x10 := (x8 >> 8) - x11 := (uint8(x10) & 0xff) - x12 := (x10 >> 8) - x13 := (uint8(x12) & 0xff) - x14 := (x12 >> 8) - x15 := (uint8(x14) & 0xff) - x16 := (x14 >> 8) - x17 := (uint8(x16) & 0xff) - x18 := uint8((x16 >> 8)) - x19 := (uint8(x3) & 0xff) - x20 := (x3 >> 8) - x21 := (uint8(x20) & 0xff) - x22 := (x20 >> 8) - x23 := (uint8(x22) & 0xff) - x24 := (x22 >> 8) - x25 := (uint8(x24) & 0xff) - x26 := (x24 >> 8) - x27 := (uint8(x26) & 0xff) - x28 := (x26 >> 8) - x29 := (uint8(x28) & 0xff) - x30 := (x28 >> 8) - x31 := (uint8(x30) & 0xff) - x32 := uint8((x30 >> 8)) - x33 := (uint8(x2) & 0xff) - x34 := (x2 >> 8) - x35 := (uint8(x34) & 0xff) - x36 := (x34 >> 8) - x37 := (uint8(x36) & 0xff) - x38 := (x36 >> 8) - x39 := (uint8(x38) & 0xff) - x40 := (x38 >> 8) - x41 := (uint8(x40) & 0xff) - x42 := (x40 >> 8) - x43 := (uint8(x42) & 0xff) - x44 := (x42 >> 8) - x45 := (uint8(x44) & 0xff) - x46 := uint8((x44 >> 8)) - x47 := (uint8(x1) & 0xff) - x48 := (x1 >> 8) - x49 := (uint8(x48) & 0xff) - x50 := (x48 >> 8) - x51 := (uint8(x50) & 0xff) - x52 := (x50 >> 8) - x53 := (uint8(x52) & 0xff) - x54 := (x52 >> 8) - x55 := (uint8(x54) & 0xff) - x56 := (x54 >> 8) - x57 := (uint8(x56) & 0xff) - x58 := (x56 >> 8) - x59 := (uint8(x58) & 0xff) - x60 := uint8((x58 >> 8)) - out1[0] = x5 - out1[1] = x7 - out1[2] = x9 - out1[3] = x11 - out1[4] = x13 - out1[5] = x15 - out1[6] = x17 - out1[7] = x18 - out1[8] = x19 - out1[9] = x21 - out1[10] = x23 - out1[11] = x25 - out1[12] = x27 - out1[13] = x29 - out1[14] = x31 - out1[15] = x32 - out1[16] = x33 - out1[17] = x35 - out1[18] = x37 - out1[19] = x39 - out1[20] = x41 - out1[21] = x43 - out1[22] = x45 - out1[23] = x46 - out1[24] = x47 - out1[25] = x49 - out1[26] = x51 - out1[27] = x53 - out1[28] = x55 - out1[29] = x57 - out1[30] = x59 - out1[31] = x60 + x5 := (x4 >> 8) + x6 := (x5 >> 8) + x7 := (x6 >> 8) + x8 := (x7 >> 8) + x9 := (x8 >> 8) + x10 := (x9 >> 8) + x11 := uint8((x10 >> 8)) + x12 := (x3 >> 8) + x13 := (x12 >> 8) + x14 := (x13 >> 8) + x15 := (x14 >> 8) + x16 := (x15 >> 8) + x17 := (x16 >> 8) + x18 := uint8((x17 >> 8)) + x19 := (x2 >> 8) + x20 := (x19 >> 8) + x21 := (x20 >> 8) + x22 := (x21 >> 8) + x23 := (x22 >> 8) + x24 := (x23 >> 8) + x25 := uint8((x24 >> 8)) + x26 := (x1 >> 8) + x27 := (x26 >> 8) + x28 := (x27 >> 8) + x29 := (x28 >> 8) + x30 := (x29 >> 8) + x31 := (x30 >> 8) + x32 := uint8((x31 >> 8)) + out1[0] = uint8(x4) + out1[1] = uint8(x5) + out1[2] = uint8(x6) + out1[3] = uint8(x7) + out1[4] = uint8(x8) + out1[5] = uint8(x9) + out1[6] = uint8(x10) + out1[7] = x11 + out1[8] = uint8(x3) + out1[9] = uint8(x12) + out1[10] = uint8(x13) + out1[11] = uint8(x14) + out1[12] = uint8(x15) + out1[13] = uint8(x16) + out1[14] = uint8(x17) + out1[15] = x18 + out1[16] = uint8(x2) + out1[17] = uint8(x19) + out1[18] = uint8(x20) + out1[19] = uint8(x21) + out1[20] = uint8(x22) + out1[21] = uint8(x23) + out1[22] = uint8(x24) + out1[23] = x25 + out1[24] = uint8(x1) + out1[25] = uint8(x26) + out1[26] = uint8(x27) + out1[27] = uint8(x28) + out1[28] = uint8(x29) + out1[29] = uint8(x30) + out1[30] = uint8(x31) + out1[31] = x32 } // FromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1681,7 +1653,7 @@ func Msat(out1 *[5]uint64) { func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, out5 *[4]uint64, arg1 uint64, arg2 *[5]uint64, arg3 *[5]uint64, arg4 *[4]uint64, arg5 *[4]uint64) { var x1 uint64 x1, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) - x3 := (uint1((x1 >> 63)) & (uint1(arg3[0]) & 0x1)) + x3 := (uint1((x1 >> 63)) & uint1(arg3[0])) var x4 uint64 x4, _ = bits.Add64((^arg1), uint64(0x1), uint64(0x0)) var x6 uint64 @@ -1791,107 +1763,106 @@ func Divstep(out1 *uint64, out2 *[5]uint64, out3 *[5]uint64, out4 *[4]uint64, ou cmovznzU64(&x72, x3, arg5[2], x66) var x73 uint64 cmovznzU64(&x73, x3, arg5[3], x68) - x74 := (uint1(x22) & 0x1) + var x74 uint64 + cmovznzU64(&x74, uint1(x22), uint64(0x0), x7) var x75 uint64 - cmovznzU64(&x75, x74, uint64(0x0), x7) + cmovznzU64(&x75, uint1(x22), uint64(0x0), x8) var x76 uint64 - cmovznzU64(&x76, x74, uint64(0x0), x8) + cmovznzU64(&x76, uint1(x22), uint64(0x0), x9) var x77 uint64 - cmovznzU64(&x77, x74, uint64(0x0), x9) + cmovznzU64(&x77, uint1(x22), uint64(0x0), x10) var x78 uint64 - cmovznzU64(&x78, x74, uint64(0x0), x10) + cmovznzU64(&x78, uint1(x22), uint64(0x0), x11) var x79 uint64 - cmovznzU64(&x79, x74, uint64(0x0), x11) var x80 uint64 + x79, x80 = bits.Add64(x22, x74, uint64(0x0)) var x81 uint64 - x80, x81 = bits.Add64(x22, x75, uint64(0x0)) var x82 uint64 + x81, x82 = bits.Add64(x23, x75, uint64(uint1(x80))) var x83 uint64 - x82, x83 = bits.Add64(x23, x76, uint64(uint1(x81))) var x84 uint64 + x83, x84 = bits.Add64(x24, x76, uint64(uint1(x82))) var x85 uint64 - x84, x85 = bits.Add64(x24, x77, uint64(uint1(x83))) var x86 uint64 + x85, x86 = bits.Add64(x25, x77, uint64(uint1(x84))) var x87 uint64 - x86, x87 = bits.Add64(x25, x78, uint64(uint1(x85))) - var x88 uint64 - x88, _ = bits.Add64(x26, x79, uint64(uint1(x87))) + x87, _ = bits.Add64(x26, x78, uint64(uint1(x86))) + var x89 uint64 + cmovznzU64(&x89, uint1(x22), uint64(0x0), x27) var x90 uint64 - cmovznzU64(&x90, x74, uint64(0x0), x27) + cmovznzU64(&x90, uint1(x22), uint64(0x0), x28) var x91 uint64 - cmovznzU64(&x91, x74, uint64(0x0), x28) + cmovznzU64(&x91, uint1(x22), uint64(0x0), x29) var x92 uint64 - cmovznzU64(&x92, x74, uint64(0x0), x29) + cmovznzU64(&x92, uint1(x22), uint64(0x0), x30) var x93 uint64 - cmovznzU64(&x93, x74, uint64(0x0), x30) var x94 uint64 + x93, x94 = bits.Add64(x70, x89, uint64(0x0)) var x95 uint64 - x94, x95 = bits.Add64(x70, x90, uint64(0x0)) var x96 uint64 + x95, x96 = bits.Add64(x71, x90, uint64(uint1(x94))) var x97 uint64 - x96, x97 = bits.Add64(x71, x91, uint64(uint1(x95))) var x98 uint64 + x97, x98 = bits.Add64(x72, x91, uint64(uint1(x96))) var x99 uint64 - x98, x99 = bits.Add64(x72, x92, uint64(uint1(x97))) var x100 uint64 + x99, x100 = bits.Add64(x73, x92, uint64(uint1(x98))) var x101 uint64 - x100, x101 = bits.Add64(x73, x93, uint64(uint1(x99))) var x102 uint64 + x101, x102 = bits.Sub64(x93, 0xbfd25e8cd0364141, uint64(0x0)) var x103 uint64 - x102, x103 = bits.Sub64(x94, 0xbfd25e8cd0364141, uint64(0x0)) var x104 uint64 + x103, x104 = bits.Sub64(x95, 0xbaaedce6af48a03b, uint64(uint1(x102))) var x105 uint64 - x104, x105 = bits.Sub64(x96, 0xbaaedce6af48a03b, uint64(uint1(x103))) var x106 uint64 + x105, x106 = bits.Sub64(x97, 0xfffffffffffffffe, uint64(uint1(x104))) var x107 uint64 - x106, x107 = bits.Sub64(x98, 0xfffffffffffffffe, uint64(uint1(x105))) var x108 uint64 - var x109 uint64 - x108, x109 = bits.Sub64(x100, 0xffffffffffffffff, uint64(uint1(x107))) + x107, x108 = bits.Sub64(x99, 0xffffffffffffffff, uint64(uint1(x106))) + var x110 uint64 + _, x110 = bits.Sub64(uint64(uint1(x100)), uint64(0x0), uint64(uint1(x108))) var x111 uint64 - _, x111 = bits.Sub64(uint64(uint1(x101)), uint64(0x0), uint64(uint1(x109))) - var x112 uint64 - x112, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) - x114 := ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)) - x115 := ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)) - x116 := ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)) - x117 := ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)) - x118 := ((x88 & 0x8000000000000000) | (x88 >> 1)) + x111, _ = bits.Add64(x6, uint64(0x1), uint64(0x0)) + x113 := ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)) + x114 := ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)) + x115 := ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)) + x116 := ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)) + x117 := ((x87 & 0x8000000000000000) | (x87 >> 1)) + var x118 uint64 + cmovznzU64(&x118, uint1(x48), x39, x31) var x119 uint64 - cmovznzU64(&x119, uint1(x48), x39, x31) + cmovznzU64(&x119, uint1(x48), x41, x33) var x120 uint64 - cmovznzU64(&x120, uint1(x48), x41, x33) + cmovznzU64(&x120, uint1(x48), x43, x35) var x121 uint64 - cmovznzU64(&x121, uint1(x48), x43, x35) + cmovznzU64(&x121, uint1(x48), x45, x37) var x122 uint64 - cmovznzU64(&x122, uint1(x48), x45, x37) + cmovznzU64(&x122, uint1(x110), x101, x93) var x123 uint64 - cmovznzU64(&x123, uint1(x111), x102, x94) + cmovznzU64(&x123, uint1(x110), x103, x95) var x124 uint64 - cmovznzU64(&x124, uint1(x111), x104, x96) + cmovznzU64(&x124, uint1(x110), x105, x97) var x125 uint64 - cmovznzU64(&x125, uint1(x111), x106, x98) - var x126 uint64 - cmovznzU64(&x126, uint1(x111), x108, x100) - *out1 = x112 + cmovznzU64(&x125, uint1(x110), x107, x99) + *out1 = x111 out2[0] = x7 out2[1] = x8 out2[2] = x9 out2[3] = x10 out2[4] = x11 - out3[0] = x114 - out3[1] = x115 - out3[2] = x116 - out3[3] = x117 - out3[4] = x118 - out4[0] = x119 - out4[1] = x120 - out4[2] = x121 - out4[3] = x122 - out5[0] = x123 - out5[1] = x124 - out5[2] = x125 - out5[3] = x126 + out3[0] = x113 + out3[1] = x114 + out3[2] = x115 + out3[3] = x116 + out3[4] = x117 + out4[0] = x118 + out4[1] = x119 + out4[2] = x120 + out4[3] = x121 + out5[0] = x122 + out5[1] = x123 + out5[2] = x124 + out5[3] = x125 } // DivstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-java/src/FiatCurve25519Scalar.java b/fiat-java/src/FiatCurve25519Scalar.java index cce1812b31..0ab69b2c18 100644 --- a/fiat-java/src/FiatCurve25519Scalar.java +++ b/fiat-java/src/FiatCurve25519Scalar.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_Curve25519Scalar_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_Curve25519Scalar_subborrowx_u32(Box out1, Box */ static void fiat_Curve25519Scalar_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatP224.java b/fiat-java/src/FiatP224.java index 105ed69bee..4ec46b6694 100644 --- a/fiat-java/src/FiatP224.java +++ b/fiat-java/src/FiatP224.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_P224_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_P224_subborrowx_u32(Box out1, Box out2, int a */ static void fiat_P224_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatP256.java b/fiat-java/src/FiatP256.java index 8b896b6527..4a58b7cf33 100644 --- a/fiat-java/src/FiatP256.java +++ b/fiat-java/src/FiatP256.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_P256_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_P256_subborrowx_u32(Box out1, Box out2, int a */ static void fiat_P256_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatP256Scalar.java b/fiat-java/src/FiatP256Scalar.java index 961c5066f9..2b2eeee3ba 100644 --- a/fiat-java/src/FiatP256Scalar.java +++ b/fiat-java/src/FiatP256Scalar.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_P256Scalar_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_P256Scalar_subborrowx_u32(Box out1, Box out2, */ static void fiat_P256Scalar_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatP384.java b/fiat-java/src/FiatP384.java index 23e02c1927..8ad52d15bc 100644 --- a/fiat-java/src/FiatP384.java +++ b/fiat-java/src/FiatP384.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_P384_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_P384_subborrowx_u32(Box out1, Box out2, int a */ static void fiat_P384_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatP384Scalar.java b/fiat-java/src/FiatP384Scalar.java index 20a8836814..1095804c22 100644 --- a/fiat-java/src/FiatP384Scalar.java +++ b/fiat-java/src/FiatP384Scalar.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_P384Scalar_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_P384Scalar_subborrowx_u32(Box out1, Box out2, */ static void fiat_P384Scalar_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatSecp256K1Montgomery.java b/fiat-java/src/FiatSecp256K1Montgomery.java index 07c5e5cd23..882f5fe4ac 100644 --- a/fiat-java/src/FiatSecp256K1Montgomery.java +++ b/fiat-java/src/FiatSecp256K1Montgomery.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_Secp256K1Montgomery_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_Secp256K1Montgomery_subborrowx_u32(Box out1, Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-java/src/FiatSecp256K1MontgomeryScalar.java b/fiat-java/src/FiatSecp256K1MontgomeryScalar.java index 6a4f4e5f5c..350b59567c 100644 --- a/fiat-java/src/FiatSecp256K1MontgomeryScalar.java +++ b/fiat-java/src/FiatSecp256K1MontgomeryScalar.java @@ -47,10 +47,9 @@ static class Box { */ static void fiat_Secp256K1MontgomeryScalar_addcarryx_u32(Box out1, Box out2, int arg1, int arg2, int arg3) { long x1 = (((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) + (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())) + (long) Integer.toUnsignedLong(((Number) (arg3)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** @@ -92,10 +91,9 @@ static void fiat_Secp256K1MontgomeryScalar_subborrowx_u32(Box out1, Box */ static void fiat_Secp256K1MontgomeryScalar_mulx_u32(Box out1, Box out2, int arg1, int arg2) { long x1 = ((long) Integer.toUnsignedLong(((Number) (arg1)).intValue()) * (long) Integer.toUnsignedLong(((Number) (arg2)).intValue())); - int x2 = ((int) Integer.toUnsignedLong(((Number) (x1)).intValue()) & 0xffffffff); - int x3 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); - out1.set(x2); - out2.set(x3); + int x2 = (int) Integer.toUnsignedLong(((Number) ((x1 >>> 32))).intValue()); + out1.set((int) Integer.toUnsignedLong(((Number) (x1)).intValue())); + out2.set(x2); } /** diff --git a/fiat-json/src/curve25519_32.json b/fiat-json/src/curve25519_32.json index 709d8daf12..ac0fe8b883 100644 --- a/fiat-json/src/curve25519_32.json +++ b/fiat-json/src/curve25519_32.json @@ -17434,16 +17434,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x50" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17460,7 +17460,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -17482,14 +17482,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - } + "x50" ] }, "8" @@ -17507,7 +17500,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17517,7 +17510,7 @@ "x51" ] }, - "0xff" + "8" ] } ] @@ -17532,32 +17525,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x51" + "x49" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x52" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x54" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17567,20 +17567,20 @@ "x53" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x55" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -17589,7 +17589,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x53" + "x54" ] }, "8" @@ -17598,58 +17598,58 @@ ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x56" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x49" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x55" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x57" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x56" + "x48" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x56" + ] + } ] } ] @@ -17671,7 +17671,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x56" + "x57" ] }, "8" @@ -17680,16 +17680,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x59" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17699,20 +17699,20 @@ "x58" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x60" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -17721,7 +17721,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x58" + "x59" ] }, "8" @@ -17730,39 +17730,46 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x61" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x60" + "x47" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x60" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x62" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -17771,7 +17778,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x60" + "x61" ] }, "8" @@ -17789,24 +17796,17 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x62" ] - } + }, + "8" ] } ] @@ -17821,7 +17821,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17831,7 +17831,7 @@ "x63" ] }, - "0xff" + "8" ] } ] @@ -17846,32 +17846,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x63" + "x46" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x64" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x66" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17881,7 +17888,7 @@ "x65" ] }, - "0xff" + "8" ] } ] @@ -17903,7 +17910,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x65" + "x66" ] }, "8" @@ -17921,7 +17928,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -17931,20 +17938,20 @@ "x67" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x69" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -17953,7 +17960,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, "8" @@ -17971,39 +17985,32 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x69" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u1", "name": [ "x71" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u1", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -18013,7 +18020,7 @@ "x70" ] }, - "0xff" + "8" ] } ] @@ -18028,42 +18035,24 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x70" + "x45" ] }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x73" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ - "x72" + "x71" ] - }, - "0xff" + } ] } ] @@ -18071,7 +18060,7 @@ { "datatype": "u32", "name": [ - "x74" + "x73" ], "operation": "static_cast", "arguments": [ @@ -18094,26 +18083,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x75" + "x74" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x74" + "x73" ] }, - "0xff" + "8" ] } ] @@ -18121,7 +18110,7 @@ { "datatype": "u8", "name": [ - "x76" + "x75" ], "operation": "static_cast", "arguments": [ @@ -18146,7 +18135,7 @@ { "datatype": "u32", "name": [ - "x77" + "x76" ], "operation": "static_cast", "arguments": [ @@ -18160,7 +18149,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x44" ] }, { @@ -18168,7 +18157,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -18176,26 +18165,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x78" + "x77" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] }, - "0xff" + "8" ] } ] @@ -18203,7 +18192,7 @@ { "datatype": "u32", "name": [ - "x79" + "x78" ], "operation": "static_cast", "arguments": [ @@ -18228,24 +18217,24 @@ { "datatype": "u8", "name": [ - "x80" + "x79" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] }, - "0xff" + "8" ] } ] @@ -18253,62 +18242,69 @@ { "datatype": "u32", "name": [ - "x81" + "x80" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x43" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x79" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x82" + "x81" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x83" + "x82" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -18328,31 +18324,24 @@ { "datatype": "u8", "name": [ - "x84" + "x83" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x32" - ] - } + "x82" ] }, - "0xff" + "8" ] } ] @@ -18360,56 +18349,56 @@ { "datatype": "u32", "name": [ - "x85" + "x84" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x32" - ] - } + "x42" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x83" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x86" + "x85" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] }, - "0xff" + "8" ] } ] @@ -18417,7 +18406,7 @@ { "datatype": "u32", "name": [ - "x87" + "x86" ], "operation": "static_cast", "arguments": [ @@ -18442,81 +18431,65 @@ { "datatype": "u8", "name": [ - "x88" + "x87" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u1", + "datatype": "u8", "name": [ - "x89" + "out1[0]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u1", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x22" ] - }, - "8" + } ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x90" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - } + "x50" ] } ] @@ -18524,49 +18497,33 @@ { "datatype": "u8", "name": [ - "x91" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x90" - ] - }, - "0xff" + "x51" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x92" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x90" - ] - }, - "8" + "x53" ] } ] @@ -18574,49 +18531,33 @@ { "datatype": "u8", "name": [ - "x93" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x92" - ] - }, - "0xff" + "x54" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x94" + "out1[5]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x92" - ] - }, - "8" + "x55" ] } ] @@ -18624,24 +18565,16 @@ { "datatype": "u8", "name": [ - "x95" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x94" - ] - }, - "0xff" + "x57" ] } ] @@ -18649,56 +18582,33 @@ { "datatype": "u8", "name": [ - "x96" + "out1[7]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x94" - ] - }, - "8" + "x58" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x97" + "out1[8]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x96" - ] - } + "x59" ] } ] @@ -18706,49 +18616,33 @@ { "datatype": "u8", "name": [ - "x98" + "out1[9]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x97" - ] - }, - "0xff" + "x61" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x99" + "out1[10]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x97" - ] - }, - "8" + "x62" ] } ] @@ -18756,49 +18650,33 @@ { "datatype": "u8", "name": [ - "x100" + "out1[11]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x99" - ] - }, - "0xff" + "x63" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x101" + "out1[12]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x99" - ] - }, - "8" + "x65" ] } ] @@ -18806,24 +18684,16 @@ { "datatype": "u8", "name": [ - "x102" + "out1[13]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "0xff" + "x66" ] } ] @@ -18831,54 +18701,48 @@ { "datatype": "u8", "name": [ - "x103" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "8" + "x67" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x104" + "out1[15]" + ], + "operation": "static_cast", + "arguments": [ + "x68" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[16]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x43" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x103" + "x32" ] } ] @@ -18888,49 +18752,33 @@ { "datatype": "u8", "name": [ - "x105" + "out1[17]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x104" - ] - }, - "0xff" + "x69" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x106" + "out1[18]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x104" - ] - }, - "8" + "x70" ] } ] @@ -18938,49 +18786,33 @@ { "datatype": "u8", "name": [ - "x107" + "out1[19]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x106" - ] - }, - "0xff" + "x72" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x108" + "out1[20]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x106" - ] - }, - "8" + "x73" ] } ] @@ -18988,24 +18820,16 @@ { "datatype": "u8", "name": [ - "x109" + "out1[21]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x108" - ] - }, - "0xff" + "x74" ] } ] @@ -19013,56 +18837,33 @@ { "datatype": "u8", "name": [ - "x110" + "out1[22]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x108" - ] - }, - "8" + "x76" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x111" + "out1[23]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x110" - ] - } + "x77" ] } ] @@ -19070,49 +18871,33 @@ { "datatype": "u8", "name": [ - "x112" + "out1[24]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x111" - ] - }, - "0xff" + "x78" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x113" + "out1[25]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x111" - ] - }, - "8" + "x80" ] } ] @@ -19120,49 +18905,33 @@ { "datatype": "u8", "name": [ - "x114" + "out1[26]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x113" - ] - }, - "0xff" + "x81" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x115" + "out1[27]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x113" - ] - }, - "8" + "x82" ] } ] @@ -19170,24 +18939,16 @@ { "datatype": "u8", "name": [ - "x116" + "out1[28]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x115" - ] - }, - "0xff" + "x84" ] } ] @@ -19195,328 +18956,20 @@ { "datatype": "u8", "name": [ - "x117" + "out1[29]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x115" - ] - }, - "8" + "x85" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x59" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x71" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x73" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x75" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x88" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x91" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x93" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x95" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x98" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x100" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x102" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[25]" - ], - "operation": "static_cast", - "arguments": [ - "x105" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[26]" - ], - "operation": "static_cast", - "arguments": [ - "x107" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[27]" - ], - "operation": "static_cast", - "arguments": [ - "x109" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[28]" - ], - "operation": "static_cast", - "arguments": [ - "x112" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[29]" - ], - "operation": "static_cast", - "arguments": [ - "x114" - ] - }, { "datatype": "u8", "name": [ @@ -19524,7 +18977,14 @@ ], "operation": "static_cast", "arguments": [ - "x116" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x86" + ] + } ] }, { @@ -19534,7 +18994,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x87" ] } ] diff --git a/fiat-json/src/curve25519_64.json b/fiat-json/src/curve25519_64.json index c05c561513..96f85eae38 100644 --- a/fiat-json/src/curve25519_64.json +++ b/fiat-json/src/curve25519_64.json @@ -6805,16 +6805,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x26" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -6831,7 +6831,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -6853,14 +6853,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - } + "x26" ] }, "8" @@ -6869,16 +6862,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x28" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -6888,7 +6881,7 @@ "x27" ] }, - "0xff" + "8" ] } ] @@ -6910,7 +6903,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x27" + "x28" ] }, "8" @@ -6919,16 +6912,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x30" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -6938,20 +6931,20 @@ "x29" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -6960,7 +6953,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x29" + "x30" ] }, "8" @@ -6969,26 +6962,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x25" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] } ] @@ -7010,7 +7010,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x32" ] }, "8" @@ -7019,16 +7019,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x34" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7038,7 +7038,7 @@ "x33" ] }, - "0xff" + "8" ] } ] @@ -7060,7 +7060,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x33" + "x34" ] }, "8" @@ -7069,16 +7069,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x36" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7088,20 +7088,20 @@ "x35" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -7110,7 +7110,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x36" ] }, "8" @@ -7119,58 +7119,58 @@ ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x38" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x25" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x37" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x39" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x24" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x38" + ] + } ] } ] @@ -7192,7 +7192,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x39" ] }, "8" @@ -7201,16 +7201,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x41" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7220,7 +7220,7 @@ "x40" ] }, - "0xff" + "8" ] } ] @@ -7242,7 +7242,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x41" ] }, "8" @@ -7251,16 +7251,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x43" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7270,7 +7270,7 @@ "x42" ] }, - "0xff" + "8" ] } ] @@ -7292,7 +7292,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x43" ] }, "8" @@ -7301,16 +7301,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x45" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7320,20 +7320,20 @@ "x44" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u1", "name": [ "x46" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": ">>", "arguments": [ @@ -7342,7 +7342,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x44" + "x45" ] }, "8" @@ -7351,26 +7351,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x47" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x23" ] }, - "0xff" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] } ] @@ -7392,7 +7399,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x47" ] }, "8" @@ -7401,16 +7408,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x49" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7420,20 +7427,20 @@ "x48" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x50" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -7442,7 +7449,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x49" ] }, "8" @@ -7460,39 +7467,32 @@ { "datatype": "u64", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x50" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x52" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7502,20 +7502,20 @@ "x51" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x53" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -7524,7 +7524,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x51" + "x52" ] }, "8" @@ -7533,26 +7533,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x54" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x53" + "x22" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x53" + ] + } ] } ] @@ -7574,7 +7581,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x53" + "x54" ] }, "8" @@ -7583,16 +7590,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x56" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7602,7 +7609,7 @@ "x55" ] }, - "0xff" + "8" ] } ] @@ -7624,7 +7631,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x55" + "x56" ] }, "8" @@ -7633,16 +7640,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x58" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7652,7 +7659,7 @@ "x57" ] }, - "0xff" + "8" ] } ] @@ -7674,7 +7681,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x57" + "x58" ] }, "8" @@ -7692,7 +7699,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -7702,32 +7709,31 @@ "x59" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x61" + "out1[0]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x59" + "x12" ] - }, - "8" + } ] } ] @@ -7735,787 +7741,20 @@ { "datatype": "u8", "name": [ - "x62" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x63" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x64" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x63" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u1", - "name": [ - "x65" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x63" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x66" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x23" - ] - }, - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x65" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x67" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x68" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x69" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x70" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x71" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x72" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x73" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x75" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x76" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x77" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x78" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x79" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x80" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x79" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x81" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x79" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x83" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x84" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x85" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x86" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x87" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x88" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x89" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x90" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x91" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "8" + "x26" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x26" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, { "datatype": "u8", "name": [ @@ -8523,7 +7762,14 @@ ], "operation": "static_cast", "arguments": [ - "x30" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -8533,7 +7779,14 @@ ], "operation": "static_cast", "arguments": [ - "x32" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -8543,7 +7796,14 @@ ], "operation": "static_cast", "arguments": [ - "x34" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -8553,7 +7813,14 @@ ], "operation": "static_cast", "arguments": [ - "x36" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -8563,7 +7830,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, { @@ -8573,7 +7847,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x33" + ] + } ] }, { @@ -8583,7 +7864,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, { @@ -8593,7 +7881,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x35" + ] + } ] }, { @@ -8603,7 +7898,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } ] }, { @@ -8613,7 +7915,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x37" + ] + } ] }, { @@ -8623,7 +7932,14 @@ ], "operation": "static_cast", "arguments": [ - "x52" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x39" + ] + } ] }, { @@ -8633,7 +7949,14 @@ ], "operation": "static_cast", "arguments": [ - "x54" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -8643,7 +7966,14 @@ ], "operation": "static_cast", "arguments": [ - "x56" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x41" + ] + } ] }, { @@ -8653,7 +7983,14 @@ ], "operation": "static_cast", "arguments": [ - "x58" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x42" + ] + } ] }, { @@ -8663,7 +8000,14 @@ ], "operation": "static_cast", "arguments": [ - "x60" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -8673,7 +8017,14 @@ ], "operation": "static_cast", "arguments": [ - "x62" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -8683,7 +8034,14 @@ ], "operation": "static_cast", "arguments": [ - "x64" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x45" + ] + } ] }, { @@ -8693,7 +8051,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -8703,7 +8068,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x48" + ] + } ] }, { @@ -8713,7 +8085,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x49" + ] + } ] }, { @@ -8723,7 +8102,14 @@ ], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x50" + ] + } ] }, { @@ -8733,7 +8119,14 @@ ], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x51" + ] + } ] }, { @@ -8743,7 +8136,14 @@ ], "operation": "static_cast", "arguments": [ - "x77" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x52" + ] + } ] }, { @@ -8753,7 +8153,14 @@ ], "operation": "static_cast", "arguments": [ - "x80" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, { @@ -8763,7 +8170,14 @@ ], "operation": "static_cast", "arguments": [ - "x82" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x55" + ] + } ] }, { @@ -8773,7 +8187,14 @@ ], "operation": "static_cast", "arguments": [ - "x84" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x56" + ] + } ] }, { @@ -8783,7 +8204,14 @@ ], "operation": "static_cast", "arguments": [ - "x86" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x57" + ] + } ] }, { @@ -8793,7 +8221,14 @@ ], "operation": "static_cast", "arguments": [ - "x88" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x58" + ] + } ] }, { @@ -8803,7 +8238,14 @@ ], "operation": "static_cast", "arguments": [ - "x90" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x59" + ] + } ] }, { @@ -8813,7 +8255,7 @@ ], "operation": "static_cast", "arguments": [ - "x91" + "x60" ] } ] diff --git a/fiat-json/src/curve25519_scalar_32.json b/fiat-json/src/curve25519_scalar_32.json index 31104c0165..e44233b1b4 100644 --- a/fiat-json/src/curve25519_scalar_32.json +++ b/fiat-json/src/curve25519_scalar_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -63419,35 +63383,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -63469,35 +63408,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x12" + "x10" ], "operation": "static_cast", "arguments": [ @@ -63511,7 +63425,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, "8" @@ -63522,32 +63436,7 @@ { "datatype": "u8", "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x14" + "x11" ], "operation": "static_cast", "arguments": [ @@ -63561,7 +63450,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x10" ] }, "8" @@ -63569,35 +63458,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x12" ], "operation": "static_cast", "arguments": [ @@ -63619,35 +63483,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x18" + "x13" ], "operation": "static_cast", "arguments": [ @@ -63661,7 +63500,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x12" ] }, "8" @@ -63672,32 +63511,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x14" ], "operation": "static_cast", "arguments": [ @@ -63711,7 +63525,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x13" ] }, "8" @@ -63719,35 +63533,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x15" ], "operation": "static_cast", "arguments": [ @@ -63769,35 +63558,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x24" + "x16" ], "operation": "static_cast", "arguments": [ @@ -63811,7 +63575,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x15" ] }, "8" @@ -63822,32 +63586,7 @@ { "datatype": "u8", "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x26" + "x17" ], "operation": "static_cast", "arguments": [ @@ -63861,7 +63600,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x16" ] }, "8" @@ -63869,35 +63608,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x27" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x28" + "x18" ], "operation": "static_cast", "arguments": [ @@ -63919,35 +63633,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x29" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x30" + "x19" ], "operation": "static_cast", "arguments": [ @@ -63961,7 +63650,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x18" ] }, "8" @@ -63972,32 +63661,7 @@ { "datatype": "u8", "name": [ - "x31" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x32" + "x20" ], "operation": "static_cast", "arguments": [ @@ -64011,7 +63675,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x19" ] }, "8" @@ -64019,35 +63683,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x34" + "x21" ], "operation": "static_cast", "arguments": [ @@ -64069,35 +63708,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x36" + "x22" ], "operation": "static_cast", "arguments": [ @@ -64111,7 +63725,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x21" ] }, "8" @@ -64122,32 +63736,7 @@ { "datatype": "u8", "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x38" + "x23" ], "operation": "static_cast", "arguments": [ @@ -64161,7 +63750,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x22" ] }, "8" @@ -64169,35 +63758,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x40" + "x24" ], "operation": "static_cast", "arguments": [ @@ -64219,35 +63783,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x42" + "x25" ], "operation": "static_cast", "arguments": [ @@ -64261,7 +63800,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x24" ] }, "8" @@ -64272,32 +63811,7 @@ { "datatype": "u8", "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x44" + "x26" ], "operation": "static_cast", "arguments": [ @@ -64311,7 +63825,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x25" ] }, "8" @@ -64319,35 +63833,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ @@ -64369,35 +63858,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x48" + "x28" ], "operation": "static_cast", "arguments": [ @@ -64411,7 +63875,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x27" ] }, "8" @@ -64422,32 +63886,7 @@ { "datatype": "u8", "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x50" + "x29" ], "operation": "static_cast", "arguments": [ @@ -64461,7 +63900,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x28" ] }, "8" @@ -64469,35 +63908,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x52" + "x30" ], "operation": "static_cast", "arguments": [ @@ -64520,39 +63934,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x53" + "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x30" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x54" + "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -64561,7 +63975,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x31" ] }, "8" @@ -64572,24 +63986,16 @@ { "datatype": "u8", "name": [ - "x55" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" + "x8" ] } ] @@ -64597,48 +64003,20 @@ { "datatype": "u8", "name": [ - "x56" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" + "x9" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, { "datatype": "u8", "name": [ @@ -64646,7 +64024,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -64656,7 +64041,7 @@ ], "operation": "static_cast", "arguments": [ - "x14" + "x11" ] }, { @@ -64666,7 +64051,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x7" + ] + } ] }, { @@ -64676,7 +64068,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -64686,7 +64085,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -64696,7 +64102,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x14" ] }, { @@ -64706,7 +64112,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -64716,7 +64129,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -64726,7 +64146,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -64736,7 +64163,7 @@ ], "operation": "static_cast", "arguments": [ - "x26" + "x17" ] }, { @@ -64746,7 +64173,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -64756,7 +64190,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -64766,7 +64207,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -64776,7 +64224,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x20" ] }, { @@ -64786,7 +64234,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -64796,7 +64251,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -64806,7 +64268,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -64816,7 +64285,7 @@ ], "operation": "static_cast", "arguments": [ - "x38" + "x23" ] }, { @@ -64826,7 +64295,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -64836,7 +64312,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -64846,7 +64329,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -64856,7 +64346,7 @@ ], "operation": "static_cast", "arguments": [ - "x44" + "x26" ] }, { @@ -64866,7 +64356,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -64876,7 +64373,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -64886,7 +64390,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -64896,7 +64407,7 @@ ], "operation": "static_cast", "arguments": [ - "x50" + "x29" ] }, { @@ -64906,7 +64417,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -64916,7 +64434,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -64926,7 +64451,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -64936,7 +64468,7 @@ ], "operation": "static_cast", "arguments": [ - "x56" + "x32" ] } ] @@ -67113,22 +66645,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -70455,43 +69972,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x134" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x34" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x135" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" + } ] }, "0x0", @@ -70508,7 +70007,7 @@ { "datatype": "u32", "name": [ - "x136" + "x135" ], "operation": "cmovznz", "arguments": [ @@ -70517,7 +70016,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70534,7 +70040,7 @@ { "datatype": "u32", "name": [ - "x137" + "x136" ], "operation": "cmovznz", "arguments": [ @@ -70543,7 +70049,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70560,7 +70073,7 @@ { "datatype": "u32", "name": [ - "x138" + "x137" ], "operation": "cmovznz", "arguments": [ @@ -70569,7 +70082,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70586,7 +70106,7 @@ { "datatype": "u32", "name": [ - "x139" + "x138" ], "operation": "cmovznz", "arguments": [ @@ -70595,7 +70115,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70612,7 +70139,7 @@ { "datatype": "u32", "name": [ - "x140" + "x139" ], "operation": "cmovznz", "arguments": [ @@ -70621,7 +70148,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70638,7 +70172,7 @@ { "datatype": "u32", "name": [ - "x141" + "x140" ], "operation": "cmovznz", "arguments": [ @@ -70647,7 +70181,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70664,7 +70205,7 @@ { "datatype": "u32", "name": [ - "x142" + "x141" ], "operation": "cmovznz", "arguments": [ @@ -70673,7 +70214,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70690,7 +70238,7 @@ { "datatype": "u32", "name": [ - "x143" + "x142" ], "operation": "cmovznz", "arguments": [ @@ -70699,7 +70247,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -70716,8 +70271,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "addcarryx", "parameters": { @@ -70738,7 +70293,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -70746,8 +70301,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "addcarryx", "parameters": { @@ -70764,7 +70319,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -70782,7 +70337,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -70790,8 +70345,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "addcarryx", "parameters": { @@ -70808,7 +70363,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -70826,7 +70381,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -70834,8 +70389,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "addcarryx", "parameters": { @@ -70852,7 +70407,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -70870,7 +70425,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -70878,8 +70433,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "addcarryx", "parameters": { @@ -70896,7 +70451,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -70914,7 +70469,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -70922,8 +70477,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "addcarryx", "parameters": { @@ -70940,7 +70495,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -70958,7 +70513,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -70966,8 +70521,8 @@ { "datatype": "(auto)", "name": [ - "x156", - "x157" + "x155", + "x156" ], "operation": "addcarryx", "parameters": { @@ -70984,7 +70539,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -71002,7 +70557,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -71010,8 +70565,8 @@ { "datatype": "(auto)", "name": [ - "x158", - "x159" + "x157", + "x158" ], "operation": "addcarryx", "parameters": { @@ -71028,7 +70583,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -71046,7 +70601,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -71054,7 +70609,7 @@ { "datatype": "(auto)", "name": [ - "x160", + "x159", "_" ], "operation": "addcarryx", @@ -71072,7 +70627,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -71090,7 +70645,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -71098,7 +70653,7 @@ { "datatype": "u32", "name": [ - "x162" + "x161" ], "operation": "cmovznz", "arguments": [ @@ -71107,7 +70662,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71124,7 +70686,7 @@ { "datatype": "u32", "name": [ - "x163" + "x162" ], "operation": "cmovznz", "arguments": [ @@ -71133,7 +70695,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71150,7 +70719,7 @@ { "datatype": "u32", "name": [ - "x164" + "x163" ], "operation": "cmovznz", "arguments": [ @@ -71159,7 +70728,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71176,7 +70752,7 @@ { "datatype": "u32", "name": [ - "x165" + "x164" ], "operation": "cmovznz", "arguments": [ @@ -71185,7 +70761,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71202,7 +70785,7 @@ { "datatype": "u32", "name": [ - "x166" + "x165" ], "operation": "cmovznz", "arguments": [ @@ -71211,7 +70794,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71228,7 +70818,7 @@ { "datatype": "u32", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -71237,7 +70827,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71254,7 +70851,7 @@ { "datatype": "u32", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -71263,7 +70860,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71280,7 +70884,7 @@ { "datatype": "u32", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -71289,7 +70893,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -71306,8 +70917,8 @@ { "datatype": "(auto)", "name": [ - "x170", - "x171" + "x169", + "x170" ], "operation": "addcarryx", "parameters": { @@ -71328,7 +70939,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -71336,8 +70947,8 @@ { "datatype": "(auto)", "name": [ - "x172", - "x173" + "x171", + "x172" ], "operation": "addcarryx", "parameters": { @@ -71354,7 +70965,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -71372,7 +70983,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -71380,8 +70991,8 @@ { "datatype": "(auto)", "name": [ - "x174", - "x175" + "x173", + "x174" ], "operation": "addcarryx", "parameters": { @@ -71398,7 +71009,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -71416,7 +71027,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -71424,8 +71035,8 @@ { "datatype": "(auto)", "name": [ - "x176", - "x177" + "x175", + "x176" ], "operation": "addcarryx", "parameters": { @@ -71442,7 +71053,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -71460,7 +71071,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -71468,8 +71079,8 @@ { "datatype": "(auto)", "name": [ - "x178", - "x179" + "x177", + "x178" ], "operation": "addcarryx", "parameters": { @@ -71486,7 +71097,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -71504,7 +71115,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -71512,8 +71123,8 @@ { "datatype": "(auto)", "name": [ - "x180", - "x181" + "x179", + "x180" ], "operation": "addcarryx", "parameters": { @@ -71530,7 +71141,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x179" + "x178" ] } ] @@ -71548,7 +71159,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -71556,8 +71167,8 @@ { "datatype": "(auto)", "name": [ - "x182", - "x183" + "x181", + "x182" ], "operation": "addcarryx", "parameters": { @@ -71574,7 +71185,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -71592,7 +71203,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -71600,8 +71211,8 @@ { "datatype": "(auto)", "name": [ - "x184", - "x185" + "x183", + "x184" ], "operation": "addcarryx", "parameters": { @@ -71618,7 +71229,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] } ] @@ -71636,7 +71247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -71644,8 +71255,8 @@ { "datatype": "(auto)", "name": [ - "x186", - "x187" + "x185", + "x186" ], "operation": "subborrowx", "parameters": { @@ -71663,7 +71274,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -71674,8 +71285,8 @@ { "datatype": "(auto)", "name": [ - "x188", - "x189" + "x187", + "x188" ], "operation": "subborrowx", "parameters": { @@ -71692,7 +71303,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] } ] @@ -71707,7 +71318,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -71718,8 +71329,8 @@ { "datatype": "(auto)", "name": [ - "x190", - "x191" + "x189", + "x190" ], "operation": "subborrowx", "parameters": { @@ -71736,7 +71347,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] } ] @@ -71751,7 +71362,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -71762,8 +71373,8 @@ { "datatype": "(auto)", "name": [ - "x192", - "x193" + "x191", + "x192" ], "operation": "subborrowx", "parameters": { @@ -71780,7 +71391,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] } ] @@ -71795,7 +71406,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -71806,8 +71417,8 @@ { "datatype": "(auto)", "name": [ - "x194", - "x195" + "x193", + "x194" ], "operation": "subborrowx", "parameters": { @@ -71824,7 +71435,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] } ] @@ -71839,7 +71450,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -71850,8 +71461,8 @@ { "datatype": "(auto)", "name": [ - "x196", - "x197" + "x195", + "x196" ], "operation": "subborrowx", "parameters": { @@ -71868,7 +71479,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -71883,7 +71494,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -71894,8 +71505,8 @@ { "datatype": "(auto)", "name": [ - "x198", - "x199" + "x197", + "x198" ], "operation": "subborrowx", "parameters": { @@ -71912,7 +71523,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -71927,7 +71538,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -71938,8 +71549,8 @@ { "datatype": "(auto)", "name": [ - "x200", - "x201" + "x199", + "x200" ], "operation": "subborrowx", "parameters": { @@ -71956,7 +71567,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -71971,7 +71582,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -71983,7 +71594,7 @@ "datatype": "(auto)", "name": [ "_", - "x203" + "x202" ], "operation": "subborrowx", "parameters": { @@ -72000,7 +71611,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -72015,7 +71626,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] } ] @@ -72026,7 +71637,7 @@ { "datatype": "(auto)", "name": [ - "x204", + "x203", "_" ], "operation": "addcarryx", @@ -72049,7 +71660,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "static_cast", "arguments": [ @@ -72078,7 +71689,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -72113,7 +71724,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -72133,7 +71744,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "static_cast", "arguments": [ @@ -72162,7 +71773,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -72197,7 +71808,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -72217,7 +71828,7 @@ { "datatype": "u32", "name": [ - "x208" + "x207" ], "operation": "static_cast", "arguments": [ @@ -72246,7 +71857,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -72281,7 +71892,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -72301,7 +71912,7 @@ { "datatype": "u32", "name": [ - "x209" + "x208" ], "operation": "static_cast", "arguments": [ @@ -72330,7 +71941,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -72365,7 +71976,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -72385,7 +71996,7 @@ { "datatype": "u32", "name": [ - "x210" + "x209" ], "operation": "static_cast", "arguments": [ @@ -72414,7 +72025,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -72449,7 +72060,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -72469,7 +72080,7 @@ { "datatype": "u32", "name": [ - "x211" + "x210" ], "operation": "static_cast", "arguments": [ @@ -72498,7 +72109,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -72533,7 +72144,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -72553,7 +72164,7 @@ { "datatype": "u32", "name": [ - "x212" + "x211" ], "operation": "static_cast", "arguments": [ @@ -72582,7 +72193,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -72617,7 +72228,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -72637,7 +72248,7 @@ { "datatype": "u32", "name": [ - "x213" + "x212" ], "operation": "static_cast", "arguments": [ @@ -72666,7 +72277,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -72701,7 +72312,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -72721,7 +72332,7 @@ { "datatype": "u32", "name": [ - "x214" + "x213" ], "operation": "static_cast", "arguments": [ @@ -72750,7 +72361,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -72780,7 +72391,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -72797,7 +72408,7 @@ { "datatype": "u32", "name": [ - "x215" + "x214" ], "operation": "cmovznz", "arguments": [ @@ -72851,7 +72462,7 @@ { "datatype": "u32", "name": [ - "x216" + "x215" ], "operation": "cmovznz", "arguments": [ @@ -72905,7 +72516,7 @@ { "datatype": "u32", "name": [ - "x217" + "x216" ], "operation": "cmovznz", "arguments": [ @@ -72959,7 +72570,7 @@ { "datatype": "u32", "name": [ - "x218" + "x217" ], "operation": "cmovznz", "arguments": [ @@ -73013,7 +72624,7 @@ { "datatype": "u32", "name": [ - "x219" + "x218" ], "operation": "cmovznz", "arguments": [ @@ -73067,7 +72678,7 @@ { "datatype": "u32", "name": [ - "x220" + "x219" ], "operation": "cmovznz", "arguments": [ @@ -73121,7 +72732,7 @@ { "datatype": "u32", "name": [ - "x221" + "x220" ], "operation": "cmovznz", "arguments": [ @@ -73175,7 +72786,7 @@ { "datatype": "u32", "name": [ - "x222" + "x221" ], "operation": "cmovznz", "arguments": [ @@ -73229,7 +72840,7 @@ { "datatype": "u32", "name": [ - "x223" + "x222" ], "operation": "cmovznz", "arguments": [ @@ -73243,7 +72854,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73258,7 +72869,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] } ] @@ -73273,7 +72884,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -73283,7 +72894,7 @@ { "datatype": "u32", "name": [ - "x224" + "x223" ], "operation": "cmovznz", "arguments": [ @@ -73297,7 +72908,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73312,7 +72923,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] } ] @@ -73327,7 +72938,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -73337,7 +72948,7 @@ { "datatype": "u32", "name": [ - "x225" + "x224" ], "operation": "cmovznz", "arguments": [ @@ -73351,7 +72962,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73366,7 +72977,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] } ] @@ -73381,7 +72992,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -73391,7 +73002,7 @@ { "datatype": "u32", "name": [ - "x226" + "x225" ], "operation": "cmovznz", "arguments": [ @@ -73405,7 +73016,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73420,7 +73031,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] } ] @@ -73435,7 +73046,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -73445,7 +73056,7 @@ { "datatype": "u32", "name": [ - "x227" + "x226" ], "operation": "cmovznz", "arguments": [ @@ -73459,7 +73070,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73474,7 +73085,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] } ] @@ -73489,7 +73100,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -73499,7 +73110,7 @@ { "datatype": "u32", "name": [ - "x228" + "x227" ], "operation": "cmovznz", "arguments": [ @@ -73513,7 +73124,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73528,7 +73139,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -73543,7 +73154,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -73553,7 +73164,7 @@ { "datatype": "u32", "name": [ - "x229" + "x228" ], "operation": "cmovznz", "arguments": [ @@ -73567,7 +73178,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73582,7 +73193,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -73597,7 +73208,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -73607,7 +73218,7 @@ { "datatype": "u32", "name": [ - "x230" + "x229" ], "operation": "cmovznz", "arguments": [ @@ -73621,7 +73232,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -73636,7 +73247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -73651,7 +73262,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -73670,7 +73281,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -73772,7 +73383,7 @@ ], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] }, { @@ -73782,7 +73393,7 @@ ], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] }, { @@ -73792,7 +73403,7 @@ ], "operation": "static_cast", "arguments": [ - "x208" + "x207" ] }, { @@ -73802,7 +73413,7 @@ ], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] }, { @@ -73812,7 +73423,7 @@ ], "operation": "static_cast", "arguments": [ - "x210" + "x209" ] }, { @@ -73822,7 +73433,7 @@ ], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] }, { @@ -73832,7 +73443,7 @@ ], "operation": "static_cast", "arguments": [ - "x212" + "x211" ] }, { @@ -73842,7 +73453,7 @@ ], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] }, { @@ -73852,7 +73463,7 @@ ], "operation": "static_cast", "arguments": [ - "x214" + "x213" ] }, { @@ -73862,7 +73473,7 @@ ], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] }, { @@ -73872,7 +73483,7 @@ ], "operation": "static_cast", "arguments": [ - "x216" + "x215" ] }, { @@ -73882,7 +73493,7 @@ ], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] }, { @@ -73892,7 +73503,7 @@ ], "operation": "static_cast", "arguments": [ - "x218" + "x217" ] }, { @@ -73902,7 +73513,7 @@ ], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] }, { @@ -73912,7 +73523,7 @@ ], "operation": "static_cast", "arguments": [ - "x220" + "x219" ] }, { @@ -73922,7 +73533,7 @@ ], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] }, { @@ -73932,7 +73543,7 @@ ], "operation": "static_cast", "arguments": [ - "x222" + "x221" ] }, { @@ -73942,7 +73553,7 @@ ], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] }, { @@ -73952,7 +73563,7 @@ ], "operation": "static_cast", "arguments": [ - "x224" + "x223" ] }, { @@ -73962,7 +73573,7 @@ ], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] }, { @@ -73972,7 +73583,7 @@ ], "operation": "static_cast", "arguments": [ - "x226" + "x225" ] }, { @@ -73982,7 +73593,7 @@ ], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] }, { @@ -73992,7 +73603,7 @@ ], "operation": "static_cast", "arguments": [ - "x228" + "x227" ] }, { @@ -74002,7 +73613,7 @@ ], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] }, { @@ -74012,7 +73623,7 @@ ], "operation": "static_cast", "arguments": [ - "x230" + "x229" ] } ] diff --git a/fiat-json/src/curve25519_scalar_64.json b/fiat-json/src/curve25519_scalar_64.json index c1edf1ab31..bc4e23d377 100644 --- a/fiat-json/src/curve25519_scalar_64.json +++ b/fiat-json/src/curve25519_scalar_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -18922,16 +18886,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18941,7 +18905,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -18963,7 +18927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -18972,16 +18936,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18991,7 +18955,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -19013,7 +18977,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -19022,16 +18986,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19041,7 +19005,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -19063,7 +19027,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -19081,7 +19045,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19091,7 +19055,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -19113,7 +19077,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -19122,16 +19086,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19141,7 +19105,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -19163,7 +19127,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -19172,16 +19136,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19191,7 +19155,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -19213,7 +19177,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -19222,16 +19186,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19241,7 +19205,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -19263,7 +19227,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -19272,26 +19236,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -19313,7 +19277,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -19322,16 +19286,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19341,7 +19305,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -19363,7 +19327,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -19372,16 +19336,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19391,7 +19355,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -19413,7 +19377,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -19431,7 +19395,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19441,7 +19405,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -19463,7 +19427,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -19472,16 +19436,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19491,7 +19455,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -19513,7 +19477,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -19522,16 +19486,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19541,7 +19505,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -19563,7 +19527,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -19572,16 +19536,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19591,7 +19555,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -19613,7 +19577,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -19624,49 +19588,33 @@ { "datatype": "u8", "name": [ - "x33" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x5" ] } ] @@ -19674,49 +19622,33 @@ { "datatype": "u8", "name": [ - "x35" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x36" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x7" ] } ] @@ -19724,651 +19656,18 @@ { "datatype": "u8", "name": [ - "x37" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x13" + "x8" + ] + } ] }, { @@ -20378,7 +19677,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -20388,7 +19694,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -20398,7 +19711,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -20408,7 +19721,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -20418,7 +19738,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -20428,7 +19755,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -20438,7 +19772,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -20448,7 +19789,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -20458,7 +19806,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -20468,7 +19823,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -20478,7 +19840,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -20488,7 +19850,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -20498,7 +19867,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -20508,7 +19884,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -20518,7 +19901,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -20528,7 +19918,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -20538,7 +19935,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -20548,7 +19952,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -20558,7 +19969,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -20568,7 +19979,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -20578,7 +19996,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -20588,7 +20013,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -20598,7 +20030,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -20608,7 +20047,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -20618,7 +20064,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -20628,7 +20081,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -20638,7 +20098,7 @@ ], "operation": "static_cast", "arguments": [ - "x60" + "x32" ] } ] @@ -22795,22 +22255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -24588,35 +24033,10 @@ } ] }, - { - "datatype": "u1", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0x1" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x75" + "x74" ], "operation": "cmovznz", "arguments": [ @@ -24625,7 +24045,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24642,7 +24069,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -24651,7 +24078,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24668,7 +24102,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -24677,7 +24111,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24694,7 +24135,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -24703,7 +24144,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24720,7 +24168,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -24729,7 +24177,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24746,8 +24201,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -24768,7 +24223,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -24776,8 +24231,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -24794,7 +24249,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -24812,7 +24267,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -24820,8 +24275,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -24838,7 +24293,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -24856,7 +24311,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -24864,8 +24319,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -24882,7 +24337,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -24900,7 +24355,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -24908,7 +24363,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -24926,7 +24381,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -24944,7 +24399,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -24952,7 +24407,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -24961,7 +24416,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24978,7 +24440,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -24987,7 +24449,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25004,7 +24473,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -25013,7 +24482,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25030,7 +24506,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -25039,7 +24515,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25056,8 +24539,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -25078,7 +24561,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -25086,8 +24569,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -25104,7 +24587,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -25122,7 +24605,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -25130,8 +24613,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -25148,7 +24631,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -25166,7 +24649,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -25174,8 +24657,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -25192,7 +24675,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -25210,7 +24693,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -25218,8 +24701,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -25237,7 +24720,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -25248,8 +24731,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -25266,7 +24749,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -25281,7 +24764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -25292,8 +24775,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -25310,7 +24793,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -25325,7 +24808,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -25336,8 +24819,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -25354,7 +24837,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -25369,7 +24852,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -25381,7 +24864,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -25398,7 +24881,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -25413,7 +24896,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -25424,7 +24907,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -25447,7 +24930,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -25476,7 +24959,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -25511,7 +24994,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -25531,7 +25014,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -25560,7 +25043,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -25595,7 +25078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -25615,7 +25098,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -25644,7 +25127,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -25679,7 +25162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -25699,7 +25182,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -25728,7 +25211,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -25763,7 +25246,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25783,7 +25266,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -25812,7 +25295,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25842,7 +25325,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25859,7 +25342,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -25913,7 +25396,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -25967,7 +25450,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -26021,7 +25504,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -26075,7 +25558,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -26089,7 +25572,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26104,7 +25587,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -26119,7 +25602,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -26129,7 +25612,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -26143,7 +25626,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26158,7 +25641,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -26173,7 +25656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -26183,7 +25666,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -26197,7 +25680,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26212,7 +25695,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -26227,7 +25710,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -26237,7 +25720,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -26251,7 +25734,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26266,7 +25749,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -26281,7 +25764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -26300,7 +25783,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -26362,7 +25845,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -26372,7 +25855,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -26382,7 +25865,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -26392,7 +25875,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -26402,7 +25885,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -26412,7 +25895,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -26422,7 +25905,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -26432,7 +25915,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -26442,7 +25925,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -26452,7 +25935,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -26462,7 +25945,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -26472,7 +25955,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -26482,7 +25965,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-json/src/curve25519_solinas_64.json b/fiat-json/src/curve25519_solinas_64.json index ca853b7dd8..de848dc3d3 100644 --- a/fiat-json/src/curve25519_solinas_64.json +++ b/fiat-json/src/curve25519_solinas_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] diff --git a/fiat-json/src/p224_32.json b/fiat-json/src/p224_32.json index 597e5dec56..cdf7143083 100644 --- a/fiat-json/src/p224_32.json +++ b/fiat-json/src/p224_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -28762,22 +28726,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - "0x1" - ] - } + "x15" ] } ] @@ -29549,22 +29498,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - "0x1" - ] - } + "x15" ] } ] @@ -47656,35 +47590,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x8" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x9" + "x8" ], "operation": "static_cast", "arguments": [ @@ -47706,35 +47615,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x10" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x11" + "x9" ], "operation": "static_cast", "arguments": [ @@ -47748,7 +47632,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x8" ] }, "8" @@ -47759,32 +47643,7 @@ { "datatype": "u8", "name": [ - "x12" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x13" + "x10" ], "operation": "static_cast", "arguments": [ @@ -47798,7 +47657,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x11" + "x9" ] }, "8" @@ -47806,35 +47665,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x14" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x15" + "x11" ], "operation": "static_cast", "arguments": [ @@ -47856,35 +47690,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x16" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x17" + "x12" ], "operation": "static_cast", "arguments": [ @@ -47898,7 +47707,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x15" + "x11" ] }, "8" @@ -47909,32 +47718,7 @@ { "datatype": "u8", "name": [ - "x18" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x19" + "x13" ], "operation": "static_cast", "arguments": [ @@ -47948,7 +47732,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x17" + "x12" ] }, "8" @@ -47956,35 +47740,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x20" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x21" + "x14" ], "operation": "static_cast", "arguments": [ @@ -48006,35 +47765,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x22" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x21" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x23" + "x15" ], "operation": "static_cast", "arguments": [ @@ -48048,7 +47782,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x21" + "x14" ] }, "8" @@ -48059,32 +47793,7 @@ { "datatype": "u8", "name": [ - "x24" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x23" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x25" + "x16" ], "operation": "static_cast", "arguments": [ @@ -48098,7 +47807,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x23" + "x15" ] }, "8" @@ -48106,35 +47815,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x26" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x27" + "x17" ], "operation": "static_cast", "arguments": [ @@ -48156,35 +47840,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x28" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x27" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x29" + "x18" ], "operation": "static_cast", "arguments": [ @@ -48198,7 +47857,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x27" + "x17" ] }, "8" @@ -48209,32 +47868,7 @@ { "datatype": "u8", "name": [ - "x30" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x29" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x31" + "x19" ], "operation": "static_cast", "arguments": [ @@ -48248,7 +47882,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x29" + "x18" ] }, "8" @@ -48256,35 +47890,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x32" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x33" + "x20" ], "operation": "static_cast", "arguments": [ @@ -48306,35 +47915,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x34" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x33" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x35" + "x21" ], "operation": "static_cast", "arguments": [ @@ -48348,7 +47932,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x33" + "x20" ] }, "8" @@ -48359,32 +47943,7 @@ { "datatype": "u8", "name": [ - "x36" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x35" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x37" + "x22" ], "operation": "static_cast", "arguments": [ @@ -48398,7 +47957,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x21" ] }, "8" @@ -48406,35 +47965,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x39" + "x23" ], "operation": "static_cast", "arguments": [ @@ -48456,35 +47990,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x41" + "x24" ], "operation": "static_cast", "arguments": [ @@ -48498,7 +48007,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x39" + "x23" ] }, "8" @@ -48509,32 +48018,7 @@ { "datatype": "u8", "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" + "x25" ], "operation": "static_cast", "arguments": [ @@ -48548,7 +48032,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x41" + "x24" ] }, "8" @@ -48556,35 +48040,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x45" + "x26" ], "operation": "static_cast", "arguments": [ @@ -48607,39 +48066,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x45" + "x26" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x47" + "x28" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48648,7 +48107,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x45" + "x27" ] }, "8" @@ -48659,24 +48118,16 @@ { "datatype": "u8", "name": [ - "x48" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "0xff" + "x7" ] } ] @@ -48684,48 +48135,20 @@ { "datatype": "u8", "name": [ - "x49" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "8" + "x8" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, { "datatype": "u8", "name": [ @@ -48733,7 +48156,14 @@ ], "operation": "static_cast", "arguments": [ - "x12" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -48743,7 +48173,7 @@ ], "operation": "static_cast", "arguments": [ - "x13" + "x10" ] }, { @@ -48753,7 +48183,14 @@ ], "operation": "static_cast", "arguments": [ - "x14" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -48763,7 +48200,14 @@ ], "operation": "static_cast", "arguments": [ - "x16" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x11" + ] + } ] }, { @@ -48773,7 +48217,14 @@ ], "operation": "static_cast", "arguments": [ - "x18" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -48783,7 +48234,7 @@ ], "operation": "static_cast", "arguments": [ - "x19" + "x13" ] }, { @@ -48793,7 +48244,14 @@ ], "operation": "static_cast", "arguments": [ - "x20" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -48803,7 +48261,14 @@ ], "operation": "static_cast", "arguments": [ - "x22" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -48813,7 +48278,14 @@ ], "operation": "static_cast", "arguments": [ - "x24" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -48823,7 +48295,7 @@ ], "operation": "static_cast", "arguments": [ - "x25" + "x16" ] }, { @@ -48833,7 +48305,14 @@ ], "operation": "static_cast", "arguments": [ - "x26" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -48843,7 +48322,14 @@ ], "operation": "static_cast", "arguments": [ - "x28" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -48853,7 +48339,14 @@ ], "operation": "static_cast", "arguments": [ - "x30" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -48863,7 +48356,7 @@ ], "operation": "static_cast", "arguments": [ - "x31" + "x19" ] }, { @@ -48873,7 +48366,14 @@ ], "operation": "static_cast", "arguments": [ - "x32" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -48883,7 +48383,14 @@ ], "operation": "static_cast", "arguments": [ - "x34" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -48893,7 +48400,14 @@ ], "operation": "static_cast", "arguments": [ - "x36" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -48903,7 +48417,7 @@ ], "operation": "static_cast", "arguments": [ - "x37" + "x22" ] }, { @@ -48913,7 +48427,14 @@ ], "operation": "static_cast", "arguments": [ - "x38" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -48923,7 +48444,14 @@ ], "operation": "static_cast", "arguments": [ - "x40" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -48933,7 +48461,14 @@ ], "operation": "static_cast", "arguments": [ - "x42" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -48943,7 +48478,7 @@ ], "operation": "static_cast", "arguments": [ - "x43" + "x25" ] }, { @@ -48953,7 +48488,14 @@ ], "operation": "static_cast", "arguments": [ - "x44" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -48963,7 +48505,14 @@ ], "operation": "static_cast", "arguments": [ - "x46" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -48973,7 +48522,14 @@ ], "operation": "static_cast", "arguments": [ - "x48" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -48983,7 +48539,7 @@ ], "operation": "static_cast", "arguments": [ - "x49" + "x28" ] } ] @@ -50919,22 +50475,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -53232,22 +52773,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x97" - ] - }, - "0x1" - ] - } + "x97" ] } ] @@ -53825,43 +53351,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x119" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x31" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x120" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" + } ] }, "0x0", @@ -53878,7 +53386,7 @@ { "datatype": "u32", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -53887,7 +53395,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -53904,7 +53419,7 @@ { "datatype": "u32", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -53913,7 +53428,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -53930,7 +53452,7 @@ { "datatype": "u32", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -53939,7 +53461,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -53956,7 +53485,7 @@ { "datatype": "u32", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -53965,7 +53494,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -53982,7 +53518,7 @@ { "datatype": "u32", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -53991,7 +53527,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54008,7 +53551,7 @@ { "datatype": "u32", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -54017,7 +53560,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54034,7 +53584,7 @@ { "datatype": "u32", "name": [ - "x127" + "x126" ], "operation": "cmovznz", "arguments": [ @@ -54043,7 +53593,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54060,8 +53617,8 @@ { "datatype": "(auto)", "name": [ - "x128", - "x129" + "x127", + "x128" ], "operation": "addcarryx", "parameters": { @@ -54082,7 +53639,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] } ] @@ -54090,8 +53647,8 @@ { "datatype": "(auto)", "name": [ - "x130", - "x131" + "x129", + "x130" ], "operation": "addcarryx", "parameters": { @@ -54108,7 +53665,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x128" ] } ] @@ -54126,7 +53683,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] } ] @@ -54134,8 +53691,8 @@ { "datatype": "(auto)", "name": [ - "x132", - "x133" + "x131", + "x132" ], "operation": "addcarryx", "parameters": { @@ -54152,7 +53709,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x131" + "x130" ] } ] @@ -54170,7 +53727,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] } ] @@ -54178,8 +53735,8 @@ { "datatype": "(auto)", "name": [ - "x134", - "x135" + "x133", + "x134" ], "operation": "addcarryx", "parameters": { @@ -54196,7 +53753,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x133" + "x132" ] } ] @@ -54214,7 +53771,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] } ] @@ -54222,8 +53779,8 @@ { "datatype": "(auto)", "name": [ - "x136", - "x137" + "x135", + "x136" ], "operation": "addcarryx", "parameters": { @@ -54240,7 +53797,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -54258,7 +53815,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -54266,8 +53823,8 @@ { "datatype": "(auto)", "name": [ - "x138", - "x139" + "x137", + "x138" ], "operation": "addcarryx", "parameters": { @@ -54284,7 +53841,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -54302,7 +53859,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] } ] @@ -54310,8 +53867,8 @@ { "datatype": "(auto)", "name": [ - "x140", - "x141" + "x139", + "x140" ], "operation": "addcarryx", "parameters": { @@ -54328,7 +53885,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -54346,7 +53903,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] @@ -54354,7 +53911,7 @@ { "datatype": "(auto)", "name": [ - "x142", + "x141", "_" ], "operation": "addcarryx", @@ -54372,7 +53929,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -54390,7 +53947,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x126" ] } ] @@ -54398,7 +53955,7 @@ { "datatype": "u32", "name": [ - "x144" + "x143" ], "operation": "cmovznz", "arguments": [ @@ -54407,7 +53964,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54424,7 +53988,7 @@ { "datatype": "u32", "name": [ - "x145" + "x144" ], "operation": "cmovznz", "arguments": [ @@ -54433,7 +53997,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54450,7 +54021,7 @@ { "datatype": "u32", "name": [ - "x146" + "x145" ], "operation": "cmovznz", "arguments": [ @@ -54459,7 +54030,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54476,7 +54054,7 @@ { "datatype": "u32", "name": [ - "x147" + "x146" ], "operation": "cmovznz", "arguments": [ @@ -54485,7 +54063,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54502,7 +54087,7 @@ { "datatype": "u32", "name": [ - "x148" + "x147" ], "operation": "cmovznz", "arguments": [ @@ -54511,7 +54096,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54528,7 +54120,7 @@ { "datatype": "u32", "name": [ - "x149" + "x148" ], "operation": "cmovznz", "arguments": [ @@ -54537,7 +54129,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54554,7 +54153,7 @@ { "datatype": "u32", "name": [ - "x150" + "x149" ], "operation": "cmovznz", "arguments": [ @@ -54563,7 +54162,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -54580,8 +54186,8 @@ { "datatype": "(auto)", "name": [ - "x151", - "x152" + "x150", + "x151" ], "operation": "addcarryx", "parameters": { @@ -54602,7 +54208,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -54610,8 +54216,8 @@ { "datatype": "(auto)", "name": [ - "x153", - "x154" + "x152", + "x153" ], "operation": "addcarryx", "parameters": { @@ -54628,7 +54234,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -54646,7 +54252,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -54654,8 +54260,8 @@ { "datatype": "(auto)", "name": [ - "x155", - "x156" + "x154", + "x155" ], "operation": "addcarryx", "parameters": { @@ -54672,7 +54278,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -54690,7 +54296,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -54698,8 +54304,8 @@ { "datatype": "(auto)", "name": [ - "x157", - "x158" + "x156", + "x157" ], "operation": "addcarryx", "parameters": { @@ -54716,7 +54322,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -54734,7 +54340,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -54742,8 +54348,8 @@ { "datatype": "(auto)", "name": [ - "x159", - "x160" + "x158", + "x159" ], "operation": "addcarryx", "parameters": { @@ -54760,7 +54366,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -54778,7 +54384,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -54786,8 +54392,8 @@ { "datatype": "(auto)", "name": [ - "x161", - "x162" + "x160", + "x161" ], "operation": "addcarryx", "parameters": { @@ -54804,7 +54410,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -54822,7 +54428,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -54830,8 +54436,8 @@ { "datatype": "(auto)", "name": [ - "x163", - "x164" + "x162", + "x163" ], "operation": "addcarryx", "parameters": { @@ -54848,7 +54454,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -54866,7 +54472,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -54874,8 +54480,8 @@ { "datatype": "(auto)", "name": [ - "x165", - "x166" + "x164", + "x165" ], "operation": "subborrowx", "parameters": { @@ -54893,7 +54499,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -54904,8 +54510,8 @@ { "datatype": "(auto)", "name": [ - "x167", - "x168" + "x166", + "x167" ], "operation": "subborrowx", "parameters": { @@ -54922,7 +54528,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -54937,7 +54543,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -54948,8 +54554,8 @@ { "datatype": "(auto)", "name": [ - "x169", - "x170" + "x168", + "x169" ], "operation": "subborrowx", "parameters": { @@ -54966,7 +54572,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -54981,7 +54587,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -54992,8 +54598,8 @@ { "datatype": "(auto)", "name": [ - "x171", - "x172" + "x170", + "x171" ], "operation": "subborrowx", "parameters": { @@ -55010,7 +54616,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -55025,7 +54631,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55036,8 +54642,8 @@ { "datatype": "(auto)", "name": [ - "x173", - "x174" + "x172", + "x173" ], "operation": "subborrowx", "parameters": { @@ -55054,7 +54660,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -55069,7 +54675,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -55080,8 +54686,8 @@ { "datatype": "(auto)", "name": [ - "x175", - "x176" + "x174", + "x175" ], "operation": "subborrowx", "parameters": { @@ -55098,7 +54704,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -55113,7 +54719,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] } ] @@ -55124,8 +54730,8 @@ { "datatype": "(auto)", "name": [ - "x177", - "x178" + "x176", + "x177" ], "operation": "subborrowx", "parameters": { @@ -55142,7 +54748,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -55157,7 +54763,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -55169,7 +54775,7 @@ "datatype": "(auto)", "name": [ "_", - "x180" + "x179" ], "operation": "subborrowx", "parameters": { @@ -55186,7 +54792,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -55201,7 +54807,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -55212,7 +54818,7 @@ { "datatype": "(auto)", "name": [ - "x181", + "x180", "_" ], "operation": "addcarryx", @@ -55235,7 +54841,7 @@ { "datatype": "u32", "name": [ - "x183" + "x182" ], "operation": "static_cast", "arguments": [ @@ -55264,7 +54870,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x128" + "x127" ] } ] @@ -55299,7 +54905,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -55319,7 +54925,7 @@ { "datatype": "u32", "name": [ - "x184" + "x183" ], "operation": "static_cast", "arguments": [ @@ -55348,7 +54954,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -55383,7 +54989,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -55403,7 +55009,7 @@ { "datatype": "u32", "name": [ - "x185" + "x184" ], "operation": "static_cast", "arguments": [ @@ -55432,7 +55038,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -55467,7 +55073,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -55487,7 +55093,7 @@ { "datatype": "u32", "name": [ - "x186" + "x185" ], "operation": "static_cast", "arguments": [ @@ -55516,7 +55122,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -55551,7 +55157,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -55571,7 +55177,7 @@ { "datatype": "u32", "name": [ - "x187" + "x186" ], "operation": "static_cast", "arguments": [ @@ -55600,7 +55206,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -55635,7 +55241,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -55655,7 +55261,7 @@ { "datatype": "u32", "name": [ - "x188" + "x187" ], "operation": "static_cast", "arguments": [ @@ -55684,7 +55290,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -55719,7 +55325,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -55739,7 +55345,7 @@ { "datatype": "u32", "name": [ - "x189" + "x188" ], "operation": "static_cast", "arguments": [ @@ -55768,7 +55374,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -55803,7 +55409,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -55823,7 +55429,7 @@ { "datatype": "u32", "name": [ - "x190" + "x189" ], "operation": "static_cast", "arguments": [ @@ -55852,7 +55458,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -55882,7 +55488,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -55899,7 +55505,7 @@ { "datatype": "u32", "name": [ - "x191" + "x190" ], "operation": "cmovznz", "arguments": [ @@ -55953,7 +55559,7 @@ { "datatype": "u32", "name": [ - "x192" + "x191" ], "operation": "cmovznz", "arguments": [ @@ -56007,7 +55613,7 @@ { "datatype": "u32", "name": [ - "x193" + "x192" ], "operation": "cmovznz", "arguments": [ @@ -56061,7 +55667,7 @@ { "datatype": "u32", "name": [ - "x194" + "x193" ], "operation": "cmovznz", "arguments": [ @@ -56115,7 +55721,7 @@ { "datatype": "u32", "name": [ - "x195" + "x194" ], "operation": "cmovznz", "arguments": [ @@ -56169,7 +55775,7 @@ { "datatype": "u32", "name": [ - "x196" + "x195" ], "operation": "cmovznz", "arguments": [ @@ -56223,7 +55829,7 @@ { "datatype": "u32", "name": [ - "x197" + "x196" ], "operation": "cmovznz", "arguments": [ @@ -56277,7 +55883,7 @@ { "datatype": "u32", "name": [ - "x198" + "x197" ], "operation": "cmovznz", "arguments": [ @@ -56291,7 +55897,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56306,7 +55912,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -56321,7 +55927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -56331,7 +55937,7 @@ { "datatype": "u32", "name": [ - "x199" + "x198" ], "operation": "cmovznz", "arguments": [ @@ -56345,7 +55951,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56360,7 +55966,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -56375,7 +55981,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -56385,7 +55991,7 @@ { "datatype": "u32", "name": [ - "x200" + "x199" ], "operation": "cmovznz", "arguments": [ @@ -56399,7 +56005,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56414,7 +56020,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -56429,7 +56035,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -56439,7 +56045,7 @@ { "datatype": "u32", "name": [ - "x201" + "x200" ], "operation": "cmovznz", "arguments": [ @@ -56453,7 +56059,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56468,7 +56074,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -56483,7 +56089,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -56493,7 +56099,7 @@ { "datatype": "u32", "name": [ - "x202" + "x201" ], "operation": "cmovznz", "arguments": [ @@ -56507,7 +56113,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56522,7 +56128,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -56537,7 +56143,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -56547,7 +56153,7 @@ { "datatype": "u32", "name": [ - "x203" + "x202" ], "operation": "cmovznz", "arguments": [ @@ -56561,7 +56167,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56576,7 +56182,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -56591,7 +56197,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] } ] @@ -56601,7 +56207,7 @@ { "datatype": "u32", "name": [ - "x204" + "x203" ], "operation": "cmovznz", "arguments": [ @@ -56615,7 +56221,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -56630,7 +56236,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -56645,7 +56251,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -56664,7 +56270,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -56756,7 +56362,7 @@ ], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] }, { @@ -56766,7 +56372,7 @@ ], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] }, { @@ -56776,7 +56382,7 @@ ], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] }, { @@ -56786,7 +56392,7 @@ ], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] }, { @@ -56796,7 +56402,7 @@ ], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] }, { @@ -56806,7 +56412,7 @@ ], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] }, { @@ -56816,7 +56422,7 @@ ], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] }, { @@ -56826,7 +56432,7 @@ ], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] }, { @@ -56836,7 +56442,7 @@ ], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] }, { @@ -56846,7 +56452,7 @@ ], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] }, { @@ -56856,7 +56462,7 @@ ], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] }, { @@ -56866,7 +56472,7 @@ ], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] }, { @@ -56876,7 +56482,7 @@ ], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] }, { @@ -56886,7 +56492,7 @@ ], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] }, { @@ -56896,7 +56502,7 @@ ], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] }, { @@ -56906,7 +56512,7 @@ ], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] }, { @@ -56916,7 +56522,7 @@ ], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] }, { @@ -56926,7 +56532,7 @@ ], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] }, { @@ -56936,7 +56542,7 @@ ], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] }, { @@ -56946,7 +56552,7 @@ ], "operation": "static_cast", "arguments": [ - "x202" + "x201" ] }, { @@ -56956,7 +56562,7 @@ ], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] }, { @@ -56966,7 +56572,7 @@ ], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] diff --git a/fiat-json/src/p224_64.json b/fiat-json/src/p224_64.json index e7f2770b27..f7454dcdf9 100644 --- a/fiat-json/src/p224_64.json +++ b/fiat-json/src/p224_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -11418,22 +11382,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - "0x1" - ] - } + "x9" ] } ] @@ -11922,22 +11871,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - "0x1" - ] - } + "x9" ] } ] @@ -20032,16 +19966,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20051,7 +19985,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -20073,7 +20007,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -20082,16 +20016,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20101,7 +20035,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -20123,7 +20057,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -20132,16 +20066,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20151,7 +20085,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -20173,7 +20107,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -20191,7 +20125,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20201,7 +20135,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -20223,7 +20157,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -20232,16 +20166,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20251,7 +20185,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -20273,7 +20207,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -20282,16 +20216,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20301,7 +20235,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -20323,7 +20257,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -20332,16 +20266,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20351,7 +20285,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -20373,7 +20307,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -20382,26 +20316,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -20423,7 +20357,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -20432,16 +20366,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20451,7 +20385,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -20473,7 +20407,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -20482,16 +20416,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20501,7 +20435,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -20523,7 +20457,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -20541,7 +20475,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20551,7 +20485,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -20573,7 +20507,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -20582,16 +20516,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20601,20 +20535,20 @@ "x26" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x28" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -20623,7 +20557,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -20634,49 +20568,33 @@ { "datatype": "u8", "name": [ - "x29" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x30" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "8" + "x5" ] } ] @@ -20684,24 +20602,16 @@ { "datatype": "u8", "name": [ - "x31" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" + "x6" ] } ] @@ -20709,566 +20619,18 @@ { "datatype": "u8", "name": [ - "x32" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x34" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x36" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" + "x7" + ] + } ] }, { @@ -21278,7 +20640,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x8" + ] + } ] }, { @@ -21288,7 +20657,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -21298,7 +20674,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -21308,7 +20691,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -21318,7 +20701,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -21328,7 +20718,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -21338,7 +20735,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -21348,7 +20752,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -21358,7 +20769,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -21368,7 +20786,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -21378,7 +20803,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -21388,7 +20820,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -21398,7 +20830,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -21408,7 +20847,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -21418,7 +20864,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -21428,7 +20881,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -21438,7 +20898,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -21448,7 +20915,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -21458,7 +20932,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -21468,7 +20949,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -21478,7 +20959,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -21488,7 +20976,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -21498,7 +20993,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -21508,7 +21010,7 @@ ], "operation": "static_cast", "arguments": [ - "x52" + "x28" ] } ] @@ -23429,22 +22931,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -24866,22 +24353,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - "0x1" - ] - } + "x61" ] } ] @@ -25230,43 +24702,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x74" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x22" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x75" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" + } ] }, "0x0", @@ -25283,7 +24737,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -25292,7 +24746,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25309,7 +24770,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -25318,7 +24779,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25335,7 +24803,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -25344,7 +24812,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25361,7 +24836,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -25370,7 +24845,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25387,8 +24869,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -25409,7 +24891,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -25417,8 +24899,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -25435,7 +24917,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -25453,7 +24935,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -25461,8 +24943,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -25479,7 +24961,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -25497,7 +24979,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -25505,8 +24987,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -25523,7 +25005,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -25541,7 +25023,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -25549,7 +25031,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -25567,7 +25049,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -25585,7 +25067,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -25593,7 +25075,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -25602,7 +25084,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25619,7 +25108,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -25628,7 +25117,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25645,7 +25141,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -25654,7 +25150,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25671,7 +25174,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -25680,7 +25183,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -25697,8 +25207,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -25719,7 +25229,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -25727,8 +25237,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -25745,7 +25255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -25763,7 +25273,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -25771,8 +25281,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -25789,7 +25299,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -25807,7 +25317,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -25815,8 +25325,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -25833,7 +25343,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -25851,7 +25361,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -25859,8 +25369,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -25878,7 +25388,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -25889,8 +25399,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -25907,7 +25417,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -25922,7 +25432,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -25933,8 +25443,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -25951,7 +25461,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -25966,7 +25476,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -25977,8 +25487,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -25995,7 +25505,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -26010,7 +25520,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -26022,7 +25532,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -26039,7 +25549,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -26054,7 +25564,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -26065,7 +25575,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -26088,7 +25598,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -26117,7 +25627,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -26152,7 +25662,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -26172,7 +25682,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -26201,7 +25711,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -26236,7 +25746,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -26256,7 +25766,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -26285,7 +25795,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -26320,7 +25830,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -26340,7 +25850,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -26369,7 +25879,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -26404,7 +25914,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -26424,7 +25934,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -26453,7 +25963,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -26483,7 +25993,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -26500,7 +26010,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -26554,7 +26064,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -26608,7 +26118,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -26662,7 +26172,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -26716,7 +26226,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -26730,7 +26240,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26745,7 +26255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -26760,7 +26270,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -26770,7 +26280,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -26784,7 +26294,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26799,7 +26309,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -26814,7 +26324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -26824,7 +26334,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -26838,7 +26348,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26853,7 +26363,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -26868,7 +26378,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -26878,7 +26388,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -26892,7 +26402,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -26907,7 +26417,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -26922,7 +26432,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -26941,7 +26451,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -27003,7 +26513,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -27013,7 +26523,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -27023,7 +26533,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -27033,7 +26543,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -27043,7 +26553,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -27053,7 +26563,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -27063,7 +26573,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -27073,7 +26583,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -27083,7 +26593,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -27093,7 +26603,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -27103,7 +26613,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -27113,7 +26623,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -27123,7 +26633,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-json/src/p256_32.json b/fiat-json/src/p256_32.json index 2e98a0da7f..3580c3d8de 100644 --- a/fiat-json/src/p256_32.json +++ b/fiat-json/src/p256_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -34903,22 +34867,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - "0x1" - ] - } + "x17" ] } ] @@ -35792,22 +35741,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - "0x1" - ] - } + "x17" ] } ] @@ -59323,35 +59257,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -59373,35 +59282,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x12" + "x10" ], "operation": "static_cast", "arguments": [ @@ -59415,7 +59299,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, "8" @@ -59426,32 +59310,7 @@ { "datatype": "u8", "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x14" + "x11" ], "operation": "static_cast", "arguments": [ @@ -59465,7 +59324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x10" ] }, "8" @@ -59473,35 +59332,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x12" ], "operation": "static_cast", "arguments": [ @@ -59523,35 +59357,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x18" + "x13" ], "operation": "static_cast", "arguments": [ @@ -59565,7 +59374,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x12" ] }, "8" @@ -59576,32 +59385,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x14" ], "operation": "static_cast", "arguments": [ @@ -59615,7 +59399,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x13" ] }, "8" @@ -59623,35 +59407,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x15" ], "operation": "static_cast", "arguments": [ @@ -59673,35 +59432,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x24" + "x16" ], "operation": "static_cast", "arguments": [ @@ -59715,7 +59449,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x15" ] }, "8" @@ -59726,32 +59460,7 @@ { "datatype": "u8", "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x26" + "x17" ], "operation": "static_cast", "arguments": [ @@ -59765,7 +59474,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x16" ] }, "8" @@ -59773,35 +59482,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x27" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x28" + "x18" ], "operation": "static_cast", "arguments": [ @@ -59823,35 +59507,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x29" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x30" + "x19" ], "operation": "static_cast", "arguments": [ @@ -59865,7 +59524,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x18" ] }, "8" @@ -59876,32 +59535,7 @@ { "datatype": "u8", "name": [ - "x31" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x32" + "x20" ], "operation": "static_cast", "arguments": [ @@ -59915,7 +59549,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x19" ] }, "8" @@ -59923,35 +59557,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x34" + "x21" ], "operation": "static_cast", "arguments": [ @@ -59973,35 +59582,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x36" + "x22" ], "operation": "static_cast", "arguments": [ @@ -60015,7 +59599,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x21" ] }, "8" @@ -60026,32 +59610,7 @@ { "datatype": "u8", "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x38" + "x23" ], "operation": "static_cast", "arguments": [ @@ -60065,7 +59624,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x22" ] }, "8" @@ -60073,35 +59632,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x40" + "x24" ], "operation": "static_cast", "arguments": [ @@ -60123,35 +59657,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x42" + "x25" ], "operation": "static_cast", "arguments": [ @@ -60165,7 +59674,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x24" ] }, "8" @@ -60176,32 +59685,7 @@ { "datatype": "u8", "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x44" + "x26" ], "operation": "static_cast", "arguments": [ @@ -60215,7 +59699,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x25" ] }, "8" @@ -60223,35 +59707,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ @@ -60273,35 +59732,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x48" + "x28" ], "operation": "static_cast", "arguments": [ @@ -60315,7 +59749,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x27" ] }, "8" @@ -60326,32 +59760,7 @@ { "datatype": "u8", "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x50" + "x29" ], "operation": "static_cast", "arguments": [ @@ -60365,7 +59774,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x28" ] }, "8" @@ -60373,35 +59782,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x52" + "x30" ], "operation": "static_cast", "arguments": [ @@ -60424,39 +59808,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x53" + "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x30" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x54" + "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -60465,7 +59849,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x31" ] }, "8" @@ -60476,24 +59860,16 @@ { "datatype": "u8", "name": [ - "x55" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" + "x8" ] } ] @@ -60501,48 +59877,20 @@ { "datatype": "u8", "name": [ - "x56" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" + "x9" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, { "datatype": "u8", "name": [ @@ -60550,7 +59898,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -60560,7 +59915,7 @@ ], "operation": "static_cast", "arguments": [ - "x14" + "x11" ] }, { @@ -60570,7 +59925,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x7" + ] + } ] }, { @@ -60580,7 +59942,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -60590,7 +59959,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -60600,7 +59976,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x14" ] }, { @@ -60610,7 +59986,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -60620,7 +60003,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -60630,7 +60020,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -60640,7 +60037,7 @@ ], "operation": "static_cast", "arguments": [ - "x26" + "x17" ] }, { @@ -60650,7 +60047,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -60660,7 +60064,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -60670,7 +60081,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -60680,7 +60098,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x20" ] }, { @@ -60690,7 +60108,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -60700,7 +60125,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -60710,7 +60142,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -60720,7 +60159,7 @@ ], "operation": "static_cast", "arguments": [ - "x38" + "x23" ] }, { @@ -60730,7 +60169,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -60740,7 +60186,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -60750,7 +60203,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -60760,7 +60220,7 @@ ], "operation": "static_cast", "arguments": [ - "x44" + "x26" ] }, { @@ -60770,7 +60230,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -60780,7 +60247,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -60790,7 +60264,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -60800,7 +60281,7 @@ ], "operation": "static_cast", "arguments": [ - "x50" + "x29" ] }, { @@ -60810,7 +60291,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -60820,7 +60308,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -60830,7 +60325,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -60840,7 +60342,7 @@ ], "operation": "static_cast", "arguments": [ - "x56" + "x32" ] } ] @@ -63017,22 +62519,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -65907,22 +65394,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x109" - ] - }, - "0x1" - ] - } + "x109" ] } ] @@ -66299,43 +65771,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x134" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x34" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x135" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" + } ] }, "0x0", @@ -66352,7 +65806,7 @@ { "datatype": "u32", "name": [ - "x136" + "x135" ], "operation": "cmovznz", "arguments": [ @@ -66361,7 +65815,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66378,7 +65839,7 @@ { "datatype": "u32", "name": [ - "x137" + "x136" ], "operation": "cmovznz", "arguments": [ @@ -66387,7 +65848,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66404,7 +65872,7 @@ { "datatype": "u32", "name": [ - "x138" + "x137" ], "operation": "cmovznz", "arguments": [ @@ -66413,7 +65881,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66430,7 +65905,7 @@ { "datatype": "u32", "name": [ - "x139" + "x138" ], "operation": "cmovznz", "arguments": [ @@ -66439,7 +65914,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66456,7 +65938,7 @@ { "datatype": "u32", "name": [ - "x140" + "x139" ], "operation": "cmovznz", "arguments": [ @@ -66465,7 +65947,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66482,7 +65971,7 @@ { "datatype": "u32", "name": [ - "x141" + "x140" ], "operation": "cmovznz", "arguments": [ @@ -66491,7 +65980,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66508,7 +66004,7 @@ { "datatype": "u32", "name": [ - "x142" + "x141" ], "operation": "cmovznz", "arguments": [ @@ -66517,7 +66013,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66534,7 +66037,7 @@ { "datatype": "u32", "name": [ - "x143" + "x142" ], "operation": "cmovznz", "arguments": [ @@ -66543,7 +66046,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66560,8 +66070,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "addcarryx", "parameters": { @@ -66582,7 +66092,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -66590,8 +66100,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "addcarryx", "parameters": { @@ -66608,7 +66118,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -66626,7 +66136,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -66634,8 +66144,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "addcarryx", "parameters": { @@ -66652,7 +66162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -66670,7 +66180,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -66678,8 +66188,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "addcarryx", "parameters": { @@ -66696,7 +66206,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -66714,7 +66224,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -66722,8 +66232,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "addcarryx", "parameters": { @@ -66740,7 +66250,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -66758,7 +66268,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -66766,8 +66276,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "addcarryx", "parameters": { @@ -66784,7 +66294,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -66802,7 +66312,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -66810,8 +66320,8 @@ { "datatype": "(auto)", "name": [ - "x156", - "x157" + "x155", + "x156" ], "operation": "addcarryx", "parameters": { @@ -66828,7 +66338,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -66846,7 +66356,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -66854,8 +66364,8 @@ { "datatype": "(auto)", "name": [ - "x158", - "x159" + "x157", + "x158" ], "operation": "addcarryx", "parameters": { @@ -66872,7 +66382,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -66890,7 +66400,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -66898,7 +66408,7 @@ { "datatype": "(auto)", "name": [ - "x160", + "x159", "_" ], "operation": "addcarryx", @@ -66916,7 +66426,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -66934,7 +66444,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -66942,7 +66452,7 @@ { "datatype": "u32", "name": [ - "x162" + "x161" ], "operation": "cmovznz", "arguments": [ @@ -66951,7 +66461,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66968,7 +66485,7 @@ { "datatype": "u32", "name": [ - "x163" + "x162" ], "operation": "cmovznz", "arguments": [ @@ -66977,7 +66494,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -66994,7 +66518,7 @@ { "datatype": "u32", "name": [ - "x164" + "x163" ], "operation": "cmovznz", "arguments": [ @@ -67003,7 +66527,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67020,7 +66551,7 @@ { "datatype": "u32", "name": [ - "x165" + "x164" ], "operation": "cmovznz", "arguments": [ @@ -67029,7 +66560,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67046,7 +66584,7 @@ { "datatype": "u32", "name": [ - "x166" + "x165" ], "operation": "cmovznz", "arguments": [ @@ -67055,7 +66593,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67072,7 +66617,7 @@ { "datatype": "u32", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -67081,7 +66626,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67098,7 +66650,7 @@ { "datatype": "u32", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -67107,7 +66659,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67124,7 +66683,7 @@ { "datatype": "u32", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -67133,7 +66692,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -67150,8 +66716,8 @@ { "datatype": "(auto)", "name": [ - "x170", - "x171" + "x169", + "x170" ], "operation": "addcarryx", "parameters": { @@ -67172,7 +66738,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -67180,8 +66746,8 @@ { "datatype": "(auto)", "name": [ - "x172", - "x173" + "x171", + "x172" ], "operation": "addcarryx", "parameters": { @@ -67198,7 +66764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -67216,7 +66782,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -67224,8 +66790,8 @@ { "datatype": "(auto)", "name": [ - "x174", - "x175" + "x173", + "x174" ], "operation": "addcarryx", "parameters": { @@ -67242,7 +66808,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -67260,7 +66826,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -67268,8 +66834,8 @@ { "datatype": "(auto)", "name": [ - "x176", - "x177" + "x175", + "x176" ], "operation": "addcarryx", "parameters": { @@ -67286,7 +66852,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -67304,7 +66870,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -67312,8 +66878,8 @@ { "datatype": "(auto)", "name": [ - "x178", - "x179" + "x177", + "x178" ], "operation": "addcarryx", "parameters": { @@ -67330,7 +66896,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -67348,7 +66914,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -67356,8 +66922,8 @@ { "datatype": "(auto)", "name": [ - "x180", - "x181" + "x179", + "x180" ], "operation": "addcarryx", "parameters": { @@ -67374,7 +66940,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x179" + "x178" ] } ] @@ -67392,7 +66958,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -67400,8 +66966,8 @@ { "datatype": "(auto)", "name": [ - "x182", - "x183" + "x181", + "x182" ], "operation": "addcarryx", "parameters": { @@ -67418,7 +66984,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -67436,7 +67002,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -67444,8 +67010,8 @@ { "datatype": "(auto)", "name": [ - "x184", - "x185" + "x183", + "x184" ], "operation": "addcarryx", "parameters": { @@ -67462,7 +67028,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] } ] @@ -67480,7 +67046,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -67488,8 +67054,8 @@ { "datatype": "(auto)", "name": [ - "x186", - "x187" + "x185", + "x186" ], "operation": "subborrowx", "parameters": { @@ -67507,7 +67073,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -67518,8 +67084,8 @@ { "datatype": "(auto)", "name": [ - "x188", - "x189" + "x187", + "x188" ], "operation": "subborrowx", "parameters": { @@ -67536,7 +67102,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] } ] @@ -67551,7 +67117,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -67562,8 +67128,8 @@ { "datatype": "(auto)", "name": [ - "x190", - "x191" + "x189", + "x190" ], "operation": "subborrowx", "parameters": { @@ -67580,7 +67146,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] } ] @@ -67595,7 +67161,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -67606,8 +67172,8 @@ { "datatype": "(auto)", "name": [ - "x192", - "x193" + "x191", + "x192" ], "operation": "subborrowx", "parameters": { @@ -67624,7 +67190,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] } ] @@ -67639,7 +67205,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -67650,8 +67216,8 @@ { "datatype": "(auto)", "name": [ - "x194", - "x195" + "x193", + "x194" ], "operation": "subborrowx", "parameters": { @@ -67668,7 +67234,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] } ] @@ -67683,7 +67249,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -67694,8 +67260,8 @@ { "datatype": "(auto)", "name": [ - "x196", - "x197" + "x195", + "x196" ], "operation": "subborrowx", "parameters": { @@ -67712,7 +67278,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -67727,7 +67293,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -67738,8 +67304,8 @@ { "datatype": "(auto)", "name": [ - "x198", - "x199" + "x197", + "x198" ], "operation": "subborrowx", "parameters": { @@ -67756,7 +67322,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -67771,7 +67337,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -67782,8 +67348,8 @@ { "datatype": "(auto)", "name": [ - "x200", - "x201" + "x199", + "x200" ], "operation": "subborrowx", "parameters": { @@ -67800,7 +67366,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -67815,7 +67381,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -67827,7 +67393,7 @@ "datatype": "(auto)", "name": [ "_", - "x203" + "x202" ], "operation": "subborrowx", "parameters": { @@ -67844,7 +67410,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -67859,7 +67425,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] } ] @@ -67870,7 +67436,7 @@ { "datatype": "(auto)", "name": [ - "x204", + "x203", "_" ], "operation": "addcarryx", @@ -67893,7 +67459,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "static_cast", "arguments": [ @@ -67922,7 +67488,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -67957,7 +67523,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -67977,7 +67543,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "static_cast", "arguments": [ @@ -68006,7 +67572,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -68041,7 +67607,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -68061,7 +67627,7 @@ { "datatype": "u32", "name": [ - "x208" + "x207" ], "operation": "static_cast", "arguments": [ @@ -68090,7 +67656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -68125,7 +67691,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -68145,7 +67711,7 @@ { "datatype": "u32", "name": [ - "x209" + "x208" ], "operation": "static_cast", "arguments": [ @@ -68174,7 +67740,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -68209,7 +67775,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -68229,7 +67795,7 @@ { "datatype": "u32", "name": [ - "x210" + "x209" ], "operation": "static_cast", "arguments": [ @@ -68258,7 +67824,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -68293,7 +67859,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -68313,7 +67879,7 @@ { "datatype": "u32", "name": [ - "x211" + "x210" ], "operation": "static_cast", "arguments": [ @@ -68342,7 +67908,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -68377,7 +67943,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -68397,7 +67963,7 @@ { "datatype": "u32", "name": [ - "x212" + "x211" ], "operation": "static_cast", "arguments": [ @@ -68426,7 +67992,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -68461,7 +68027,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -68481,7 +68047,7 @@ { "datatype": "u32", "name": [ - "x213" + "x212" ], "operation": "static_cast", "arguments": [ @@ -68510,7 +68076,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -68545,7 +68111,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -68565,7 +68131,7 @@ { "datatype": "u32", "name": [ - "x214" + "x213" ], "operation": "static_cast", "arguments": [ @@ -68594,7 +68160,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -68624,7 +68190,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -68641,7 +68207,7 @@ { "datatype": "u32", "name": [ - "x215" + "x214" ], "operation": "cmovznz", "arguments": [ @@ -68695,7 +68261,7 @@ { "datatype": "u32", "name": [ - "x216" + "x215" ], "operation": "cmovznz", "arguments": [ @@ -68749,7 +68315,7 @@ { "datatype": "u32", "name": [ - "x217" + "x216" ], "operation": "cmovznz", "arguments": [ @@ -68803,7 +68369,7 @@ { "datatype": "u32", "name": [ - "x218" + "x217" ], "operation": "cmovznz", "arguments": [ @@ -68857,7 +68423,7 @@ { "datatype": "u32", "name": [ - "x219" + "x218" ], "operation": "cmovznz", "arguments": [ @@ -68911,7 +68477,7 @@ { "datatype": "u32", "name": [ - "x220" + "x219" ], "operation": "cmovznz", "arguments": [ @@ -68965,7 +68531,7 @@ { "datatype": "u32", "name": [ - "x221" + "x220" ], "operation": "cmovznz", "arguments": [ @@ -69019,7 +68585,7 @@ { "datatype": "u32", "name": [ - "x222" + "x221" ], "operation": "cmovznz", "arguments": [ @@ -69073,7 +68639,7 @@ { "datatype": "u32", "name": [ - "x223" + "x222" ], "operation": "cmovznz", "arguments": [ @@ -69087,7 +68653,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69102,7 +68668,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] } ] @@ -69117,7 +68683,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -69127,7 +68693,7 @@ { "datatype": "u32", "name": [ - "x224" + "x223" ], "operation": "cmovznz", "arguments": [ @@ -69141,7 +68707,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69156,7 +68722,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] } ] @@ -69171,7 +68737,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -69181,7 +68747,7 @@ { "datatype": "u32", "name": [ - "x225" + "x224" ], "operation": "cmovznz", "arguments": [ @@ -69195,7 +68761,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69210,7 +68776,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] } ] @@ -69225,7 +68791,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -69235,7 +68801,7 @@ { "datatype": "u32", "name": [ - "x226" + "x225" ], "operation": "cmovznz", "arguments": [ @@ -69249,7 +68815,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69264,7 +68830,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] } ] @@ -69279,7 +68845,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -69289,7 +68855,7 @@ { "datatype": "u32", "name": [ - "x227" + "x226" ], "operation": "cmovznz", "arguments": [ @@ -69303,7 +68869,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69318,7 +68884,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] } ] @@ -69333,7 +68899,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -69343,7 +68909,7 @@ { "datatype": "u32", "name": [ - "x228" + "x227" ], "operation": "cmovznz", "arguments": [ @@ -69357,7 +68923,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69372,7 +68938,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -69387,7 +68953,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -69397,7 +68963,7 @@ { "datatype": "u32", "name": [ - "x229" + "x228" ], "operation": "cmovznz", "arguments": [ @@ -69411,7 +68977,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69426,7 +68992,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -69441,7 +69007,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -69451,7 +69017,7 @@ { "datatype": "u32", "name": [ - "x230" + "x229" ], "operation": "cmovznz", "arguments": [ @@ -69465,7 +69031,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -69480,7 +69046,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -69495,7 +69061,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -69514,7 +69080,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -69616,7 +69182,7 @@ ], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] }, { @@ -69626,7 +69192,7 @@ ], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] }, { @@ -69636,7 +69202,7 @@ ], "operation": "static_cast", "arguments": [ - "x208" + "x207" ] }, { @@ -69646,7 +69212,7 @@ ], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] }, { @@ -69656,7 +69222,7 @@ ], "operation": "static_cast", "arguments": [ - "x210" + "x209" ] }, { @@ -69666,7 +69232,7 @@ ], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] }, { @@ -69676,7 +69242,7 @@ ], "operation": "static_cast", "arguments": [ - "x212" + "x211" ] }, { @@ -69686,7 +69252,7 @@ ], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] }, { @@ -69696,7 +69262,7 @@ ], "operation": "static_cast", "arguments": [ - "x214" + "x213" ] }, { @@ -69706,7 +69272,7 @@ ], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] }, { @@ -69716,7 +69282,7 @@ ], "operation": "static_cast", "arguments": [ - "x216" + "x215" ] }, { @@ -69726,7 +69292,7 @@ ], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] }, { @@ -69736,7 +69302,7 @@ ], "operation": "static_cast", "arguments": [ - "x218" + "x217" ] }, { @@ -69746,7 +69312,7 @@ ], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] }, { @@ -69756,7 +69322,7 @@ ], "operation": "static_cast", "arguments": [ - "x220" + "x219" ] }, { @@ -69766,7 +69332,7 @@ ], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] }, { @@ -69776,7 +69342,7 @@ ], "operation": "static_cast", "arguments": [ - "x222" + "x221" ] }, { @@ -69786,7 +69352,7 @@ ], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] }, { @@ -69796,7 +69362,7 @@ ], "operation": "static_cast", "arguments": [ - "x224" + "x223" ] }, { @@ -69806,7 +69372,7 @@ ], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] }, { @@ -69816,7 +69382,7 @@ ], "operation": "static_cast", "arguments": [ - "x226" + "x225" ] }, { @@ -69826,7 +69392,7 @@ ], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] }, { @@ -69836,7 +69402,7 @@ ], "operation": "static_cast", "arguments": [ - "x228" + "x227" ] }, { @@ -69846,7 +69412,7 @@ ], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] }, { @@ -69856,7 +69422,7 @@ ], "operation": "static_cast", "arguments": [ - "x230" + "x229" ] } ] diff --git a/fiat-json/src/p256_64.json b/fiat-json/src/p256_64.json index c83b3c3d9e..034818a17d 100644 --- a/fiat-json/src/p256_64.json +++ b/fiat-json/src/p256_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -18512,16 +18476,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18531,7 +18495,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -18553,7 +18517,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -18562,16 +18526,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18581,7 +18545,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -18603,7 +18567,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -18612,16 +18576,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18631,7 +18595,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -18653,7 +18617,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -18671,7 +18635,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18681,7 +18645,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -18703,7 +18667,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -18712,16 +18676,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18731,7 +18695,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -18753,7 +18717,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -18762,16 +18726,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18781,7 +18745,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -18803,7 +18767,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -18812,16 +18776,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18831,7 +18795,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -18853,7 +18817,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -18862,26 +18826,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -18903,7 +18867,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -18912,16 +18876,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18931,7 +18895,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -18953,7 +18917,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -18962,16 +18926,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -18981,7 +18945,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -19003,7 +18967,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -19021,7 +18985,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19031,7 +18995,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -19053,7 +19017,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -19062,16 +19026,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19081,7 +19045,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -19103,7 +19067,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -19112,16 +19076,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19131,7 +19095,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -19153,7 +19117,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -19162,16 +19126,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -19181,7 +19145,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -19203,7 +19167,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -19214,49 +19178,33 @@ { "datatype": "u8", "name": [ - "x33" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x5" ] } ] @@ -19264,49 +19212,33 @@ { "datatype": "u8", "name": [ - "x35" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x36" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x7" ] } ] @@ -19314,651 +19246,18 @@ { "datatype": "u8", "name": [ - "x37" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x13" + "x8" + ] + } ] }, { @@ -19968,7 +19267,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -19978,7 +19284,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -19988,7 +19301,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -19998,7 +19311,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -20008,7 +19328,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -20018,7 +19345,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -20028,7 +19362,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -20038,7 +19379,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -20048,7 +19396,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -20058,7 +19413,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -20068,7 +19430,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -20078,7 +19440,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -20088,7 +19457,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -20098,7 +19474,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -20108,7 +19491,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -20118,7 +19508,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -20128,7 +19525,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -20138,7 +19542,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -20148,7 +19559,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -20158,7 +19569,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -20168,7 +19586,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -20178,7 +19603,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -20188,7 +19620,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -20198,7 +19637,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -20208,7 +19654,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -20218,7 +19671,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -20228,7 +19688,7 @@ ], "operation": "static_cast", "arguments": [ - "x60" + "x32" ] } ] @@ -22385,22 +21845,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -24163,35 +23608,10 @@ } ] }, - { - "datatype": "u1", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0x1" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x75" + "x74" ], "operation": "cmovznz", "arguments": [ @@ -24200,7 +23620,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24217,7 +23644,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -24226,7 +23653,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24243,7 +23677,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -24252,7 +23686,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24269,7 +23710,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -24278,7 +23719,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24295,7 +23743,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -24304,7 +23752,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24321,8 +23776,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -24343,7 +23798,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -24351,8 +23806,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -24369,7 +23824,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -24387,7 +23842,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -24395,8 +23850,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -24413,7 +23868,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -24431,7 +23886,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -24439,8 +23894,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -24457,7 +23912,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -24475,7 +23930,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -24483,7 +23938,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -24501,7 +23956,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -24519,7 +23974,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -24527,7 +23982,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -24536,7 +23991,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24553,7 +24015,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -24562,7 +24024,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24579,7 +24048,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -24588,7 +24057,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24605,7 +24081,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -24614,7 +24090,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -24631,8 +24114,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -24653,7 +24136,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -24661,8 +24144,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -24679,7 +24162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -24697,7 +24180,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -24705,8 +24188,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -24723,7 +24206,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -24741,7 +24224,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -24749,8 +24232,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -24767,7 +24250,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -24785,7 +24268,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -24793,8 +24276,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -24812,7 +24295,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -24823,8 +24306,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -24841,7 +24324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -24856,7 +24339,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -24867,8 +24350,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -24885,7 +24368,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -24900,7 +24383,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -24911,8 +24394,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -24929,7 +24412,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -24944,7 +24427,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -24956,7 +24439,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -24973,7 +24456,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -24988,7 +24471,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -24999,7 +24482,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -25022,7 +24505,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -25051,7 +24534,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -25086,7 +24569,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -25106,7 +24589,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -25135,7 +24618,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -25170,7 +24653,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -25190,7 +24673,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -25219,7 +24702,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -25254,7 +24737,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -25274,7 +24757,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -25303,7 +24786,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -25338,7 +24821,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25358,7 +24841,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -25387,7 +24870,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25417,7 +24900,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -25434,7 +24917,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -25488,7 +24971,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -25542,7 +25025,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -25596,7 +25079,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -25650,7 +25133,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -25664,7 +25147,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -25679,7 +25162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -25694,7 +25177,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -25704,7 +25187,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -25718,7 +25201,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -25733,7 +25216,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -25748,7 +25231,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -25758,7 +25241,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -25772,7 +25255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -25787,7 +25270,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -25802,7 +25285,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -25812,7 +25295,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -25826,7 +25309,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -25841,7 +25324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -25856,7 +25339,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -25875,7 +25358,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -25937,7 +25420,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -25947,7 +25430,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -25957,7 +25440,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -25967,7 +25450,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -25977,7 +25460,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -25987,7 +25470,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -25997,7 +25480,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -26007,7 +25490,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -26017,7 +25500,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -26027,7 +25510,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -26037,7 +25520,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -26047,7 +25530,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -26057,7 +25540,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-json/src/p256_scalar_32.json b/fiat-json/src/p256_scalar_32.json index 990f50c7cd..688b1d98b0 100644 --- a/fiat-json/src/p256_scalar_32.json +++ b/fiat-json/src/p256_scalar_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -71526,35 +71490,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -71576,35 +71515,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x12" + "x10" ], "operation": "static_cast", "arguments": [ @@ -71618,7 +71532,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, "8" @@ -71629,32 +71543,7 @@ { "datatype": "u8", "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x14" + "x11" ], "operation": "static_cast", "arguments": [ @@ -71668,7 +71557,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x10" ] }, "8" @@ -71676,35 +71565,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x12" ], "operation": "static_cast", "arguments": [ @@ -71726,35 +71590,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x18" + "x13" ], "operation": "static_cast", "arguments": [ @@ -71768,7 +71607,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x12" ] }, "8" @@ -71779,32 +71618,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x14" ], "operation": "static_cast", "arguments": [ @@ -71818,7 +71632,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x13" ] }, "8" @@ -71826,35 +71640,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x15" ], "operation": "static_cast", "arguments": [ @@ -71876,35 +71665,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x24" + "x16" ], "operation": "static_cast", "arguments": [ @@ -71918,7 +71682,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x15" ] }, "8" @@ -71929,32 +71693,7 @@ { "datatype": "u8", "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x26" + "x17" ], "operation": "static_cast", "arguments": [ @@ -71968,7 +71707,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x16" ] }, "8" @@ -71976,35 +71715,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x27" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x28" + "x18" ], "operation": "static_cast", "arguments": [ @@ -72026,35 +71740,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x29" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x30" + "x19" ], "operation": "static_cast", "arguments": [ @@ -72068,7 +71757,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x18" ] }, "8" @@ -72079,32 +71768,7 @@ { "datatype": "u8", "name": [ - "x31" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x32" + "x20" ], "operation": "static_cast", "arguments": [ @@ -72118,7 +71782,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x19" ] }, "8" @@ -72126,35 +71790,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x34" + "x21" ], "operation": "static_cast", "arguments": [ @@ -72176,35 +71815,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x36" + "x22" ], "operation": "static_cast", "arguments": [ @@ -72218,7 +71832,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x21" ] }, "8" @@ -72229,32 +71843,7 @@ { "datatype": "u8", "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x38" + "x23" ], "operation": "static_cast", "arguments": [ @@ -72268,7 +71857,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x22" ] }, "8" @@ -72276,35 +71865,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x40" + "x24" ], "operation": "static_cast", "arguments": [ @@ -72326,35 +71890,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x42" + "x25" ], "operation": "static_cast", "arguments": [ @@ -72368,7 +71907,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x24" ] }, "8" @@ -72379,32 +71918,7 @@ { "datatype": "u8", "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x44" + "x26" ], "operation": "static_cast", "arguments": [ @@ -72418,7 +71932,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x25" ] }, "8" @@ -72426,35 +71940,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ @@ -72476,35 +71965,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x48" + "x28" ], "operation": "static_cast", "arguments": [ @@ -72518,7 +71982,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x27" ] }, "8" @@ -72529,32 +71993,7 @@ { "datatype": "u8", "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x50" + "x29" ], "operation": "static_cast", "arguments": [ @@ -72568,7 +72007,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x28" ] }, "8" @@ -72576,35 +72015,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x52" + "x30" ], "operation": "static_cast", "arguments": [ @@ -72627,39 +72041,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x53" + "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x30" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x54" + "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -72668,7 +72082,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x31" ] }, "8" @@ -72679,24 +72093,16 @@ { "datatype": "u8", "name": [ - "x55" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" + "x8" ] } ] @@ -72704,48 +72110,20 @@ { "datatype": "u8", "name": [ - "x56" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" + "x9" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, { "datatype": "u8", "name": [ @@ -72753,7 +72131,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -72763,7 +72148,7 @@ ], "operation": "static_cast", "arguments": [ - "x14" + "x11" ] }, { @@ -72773,7 +72158,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x7" + ] + } ] }, { @@ -72783,7 +72175,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -72793,7 +72192,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -72803,7 +72209,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x14" ] }, { @@ -72813,7 +72219,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -72823,7 +72236,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -72833,7 +72253,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -72843,7 +72270,7 @@ ], "operation": "static_cast", "arguments": [ - "x26" + "x17" ] }, { @@ -72853,7 +72280,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -72863,7 +72297,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -72873,7 +72314,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -72883,7 +72331,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x20" ] }, { @@ -72893,7 +72341,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -72903,7 +72358,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -72913,7 +72375,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -72923,7 +72392,7 @@ ], "operation": "static_cast", "arguments": [ - "x38" + "x23" ] }, { @@ -72933,7 +72402,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -72943,7 +72419,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -72953,7 +72436,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -72963,7 +72453,7 @@ ], "operation": "static_cast", "arguments": [ - "x44" + "x26" ] }, { @@ -72973,7 +72463,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -72983,7 +72480,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -72993,7 +72497,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -73003,7 +72514,7 @@ ], "operation": "static_cast", "arguments": [ - "x50" + "x29" ] }, { @@ -73013,7 +72524,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -73023,7 +72541,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -73033,7 +72558,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -73043,7 +72575,7 @@ ], "operation": "static_cast", "arguments": [ - "x56" + "x32" ] } ] @@ -75220,22 +74752,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -78561,43 +78078,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x134" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x34" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x135" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" + } ] }, "0x0", @@ -78614,7 +78113,7 @@ { "datatype": "u32", "name": [ - "x136" + "x135" ], "operation": "cmovznz", "arguments": [ @@ -78623,7 +78122,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78640,7 +78146,7 @@ { "datatype": "u32", "name": [ - "x137" + "x136" ], "operation": "cmovznz", "arguments": [ @@ -78649,7 +78155,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78666,7 +78179,7 @@ { "datatype": "u32", "name": [ - "x138" + "x137" ], "operation": "cmovznz", "arguments": [ @@ -78675,7 +78188,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78692,7 +78212,7 @@ { "datatype": "u32", "name": [ - "x139" + "x138" ], "operation": "cmovznz", "arguments": [ @@ -78701,7 +78221,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78718,7 +78245,7 @@ { "datatype": "u32", "name": [ - "x140" + "x139" ], "operation": "cmovznz", "arguments": [ @@ -78727,7 +78254,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78744,7 +78278,7 @@ { "datatype": "u32", "name": [ - "x141" + "x140" ], "operation": "cmovznz", "arguments": [ @@ -78753,7 +78287,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78770,7 +78311,7 @@ { "datatype": "u32", "name": [ - "x142" + "x141" ], "operation": "cmovznz", "arguments": [ @@ -78779,7 +78320,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78796,7 +78344,7 @@ { "datatype": "u32", "name": [ - "x143" + "x142" ], "operation": "cmovznz", "arguments": [ @@ -78805,7 +78353,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78822,8 +78377,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "addcarryx", "parameters": { @@ -78844,7 +78399,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -78852,8 +78407,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "addcarryx", "parameters": { @@ -78870,7 +78425,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -78888,7 +78443,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -78896,8 +78451,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "addcarryx", "parameters": { @@ -78914,7 +78469,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -78932,7 +78487,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -78940,8 +78495,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "addcarryx", "parameters": { @@ -78958,7 +78513,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -78976,7 +78531,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -78984,8 +78539,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "addcarryx", "parameters": { @@ -79002,7 +78557,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -79020,7 +78575,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -79028,8 +78583,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "addcarryx", "parameters": { @@ -79046,7 +78601,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -79064,7 +78619,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -79072,8 +78627,8 @@ { "datatype": "(auto)", "name": [ - "x156", - "x157" + "x155", + "x156" ], "operation": "addcarryx", "parameters": { @@ -79090,7 +78645,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -79108,7 +78663,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -79116,8 +78671,8 @@ { "datatype": "(auto)", "name": [ - "x158", - "x159" + "x157", + "x158" ], "operation": "addcarryx", "parameters": { @@ -79134,7 +78689,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -79152,7 +78707,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -79160,7 +78715,7 @@ { "datatype": "(auto)", "name": [ - "x160", + "x159", "_" ], "operation": "addcarryx", @@ -79178,7 +78733,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -79196,7 +78751,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -79204,7 +78759,7 @@ { "datatype": "u32", "name": [ - "x162" + "x161" ], "operation": "cmovznz", "arguments": [ @@ -79213,7 +78768,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79230,7 +78792,7 @@ { "datatype": "u32", "name": [ - "x163" + "x162" ], "operation": "cmovznz", "arguments": [ @@ -79239,7 +78801,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79256,7 +78825,7 @@ { "datatype": "u32", "name": [ - "x164" + "x163" ], "operation": "cmovznz", "arguments": [ @@ -79265,7 +78834,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79282,7 +78858,7 @@ { "datatype": "u32", "name": [ - "x165" + "x164" ], "operation": "cmovznz", "arguments": [ @@ -79291,7 +78867,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79308,7 +78891,7 @@ { "datatype": "u32", "name": [ - "x166" + "x165" ], "operation": "cmovznz", "arguments": [ @@ -79317,7 +78900,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79334,7 +78924,7 @@ { "datatype": "u32", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -79343,7 +78933,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79360,7 +78957,7 @@ { "datatype": "u32", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -79369,7 +78966,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79386,7 +78990,7 @@ { "datatype": "u32", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -79395,7 +78999,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79412,8 +79023,8 @@ { "datatype": "(auto)", "name": [ - "x170", - "x171" + "x169", + "x170" ], "operation": "addcarryx", "parameters": { @@ -79434,7 +79045,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -79442,8 +79053,8 @@ { "datatype": "(auto)", "name": [ - "x172", - "x173" + "x171", + "x172" ], "operation": "addcarryx", "parameters": { @@ -79460,7 +79071,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -79478,7 +79089,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -79486,8 +79097,8 @@ { "datatype": "(auto)", "name": [ - "x174", - "x175" + "x173", + "x174" ], "operation": "addcarryx", "parameters": { @@ -79504,7 +79115,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -79522,7 +79133,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -79530,8 +79141,8 @@ { "datatype": "(auto)", "name": [ - "x176", - "x177" + "x175", + "x176" ], "operation": "addcarryx", "parameters": { @@ -79548,7 +79159,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -79566,7 +79177,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -79574,8 +79185,8 @@ { "datatype": "(auto)", "name": [ - "x178", - "x179" + "x177", + "x178" ], "operation": "addcarryx", "parameters": { @@ -79592,7 +79203,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -79610,7 +79221,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -79618,8 +79229,8 @@ { "datatype": "(auto)", "name": [ - "x180", - "x181" + "x179", + "x180" ], "operation": "addcarryx", "parameters": { @@ -79636,7 +79247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x179" + "x178" ] } ] @@ -79654,7 +79265,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -79662,8 +79273,8 @@ { "datatype": "(auto)", "name": [ - "x182", - "x183" + "x181", + "x182" ], "operation": "addcarryx", "parameters": { @@ -79680,7 +79291,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -79698,7 +79309,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -79706,8 +79317,8 @@ { "datatype": "(auto)", "name": [ - "x184", - "x185" + "x183", + "x184" ], "operation": "addcarryx", "parameters": { @@ -79724,7 +79335,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] } ] @@ -79742,7 +79353,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -79750,8 +79361,8 @@ { "datatype": "(auto)", "name": [ - "x186", - "x187" + "x185", + "x186" ], "operation": "subborrowx", "parameters": { @@ -79769,7 +79380,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -79780,8 +79391,8 @@ { "datatype": "(auto)", "name": [ - "x188", - "x189" + "x187", + "x188" ], "operation": "subborrowx", "parameters": { @@ -79798,7 +79409,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] } ] @@ -79813,7 +79424,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -79824,8 +79435,8 @@ { "datatype": "(auto)", "name": [ - "x190", - "x191" + "x189", + "x190" ], "operation": "subborrowx", "parameters": { @@ -79842,7 +79453,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] } ] @@ -79857,7 +79468,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -79868,8 +79479,8 @@ { "datatype": "(auto)", "name": [ - "x192", - "x193" + "x191", + "x192" ], "operation": "subborrowx", "parameters": { @@ -79886,7 +79497,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] } ] @@ -79901,7 +79512,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -79912,8 +79523,8 @@ { "datatype": "(auto)", "name": [ - "x194", - "x195" + "x193", + "x194" ], "operation": "subborrowx", "parameters": { @@ -79930,7 +79541,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] } ] @@ -79945,7 +79556,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -79956,8 +79567,8 @@ { "datatype": "(auto)", "name": [ - "x196", - "x197" + "x195", + "x196" ], "operation": "subborrowx", "parameters": { @@ -79974,7 +79585,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -79989,7 +79600,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -80000,8 +79611,8 @@ { "datatype": "(auto)", "name": [ - "x198", - "x199" + "x197", + "x198" ], "operation": "subborrowx", "parameters": { @@ -80018,7 +79629,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -80033,7 +79644,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -80044,8 +79655,8 @@ { "datatype": "(auto)", "name": [ - "x200", - "x201" + "x199", + "x200" ], "operation": "subborrowx", "parameters": { @@ -80062,7 +79673,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -80077,7 +79688,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -80089,7 +79700,7 @@ "datatype": "(auto)", "name": [ "_", - "x203" + "x202" ], "operation": "subborrowx", "parameters": { @@ -80106,7 +79717,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -80121,7 +79732,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] } ] @@ -80132,7 +79743,7 @@ { "datatype": "(auto)", "name": [ - "x204", + "x203", "_" ], "operation": "addcarryx", @@ -80155,7 +79766,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "static_cast", "arguments": [ @@ -80184,7 +79795,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -80219,7 +79830,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -80239,7 +79850,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "static_cast", "arguments": [ @@ -80268,7 +79879,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -80303,7 +79914,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -80323,7 +79934,7 @@ { "datatype": "u32", "name": [ - "x208" + "x207" ], "operation": "static_cast", "arguments": [ @@ -80352,7 +79963,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -80387,7 +79998,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -80407,7 +80018,7 @@ { "datatype": "u32", "name": [ - "x209" + "x208" ], "operation": "static_cast", "arguments": [ @@ -80436,7 +80047,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -80471,7 +80082,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -80491,7 +80102,7 @@ { "datatype": "u32", "name": [ - "x210" + "x209" ], "operation": "static_cast", "arguments": [ @@ -80520,7 +80131,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -80555,7 +80166,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -80575,7 +80186,7 @@ { "datatype": "u32", "name": [ - "x211" + "x210" ], "operation": "static_cast", "arguments": [ @@ -80604,7 +80215,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -80639,7 +80250,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -80659,7 +80270,7 @@ { "datatype": "u32", "name": [ - "x212" + "x211" ], "operation": "static_cast", "arguments": [ @@ -80688,7 +80299,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -80723,7 +80334,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -80743,7 +80354,7 @@ { "datatype": "u32", "name": [ - "x213" + "x212" ], "operation": "static_cast", "arguments": [ @@ -80772,7 +80383,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -80807,7 +80418,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -80827,7 +80438,7 @@ { "datatype": "u32", "name": [ - "x214" + "x213" ], "operation": "static_cast", "arguments": [ @@ -80856,7 +80467,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -80886,7 +80497,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -80903,7 +80514,7 @@ { "datatype": "u32", "name": [ - "x215" + "x214" ], "operation": "cmovznz", "arguments": [ @@ -80957,7 +80568,7 @@ { "datatype": "u32", "name": [ - "x216" + "x215" ], "operation": "cmovznz", "arguments": [ @@ -81011,7 +80622,7 @@ { "datatype": "u32", "name": [ - "x217" + "x216" ], "operation": "cmovznz", "arguments": [ @@ -81065,7 +80676,7 @@ { "datatype": "u32", "name": [ - "x218" + "x217" ], "operation": "cmovznz", "arguments": [ @@ -81119,7 +80730,7 @@ { "datatype": "u32", "name": [ - "x219" + "x218" ], "operation": "cmovznz", "arguments": [ @@ -81173,7 +80784,7 @@ { "datatype": "u32", "name": [ - "x220" + "x219" ], "operation": "cmovznz", "arguments": [ @@ -81227,7 +80838,7 @@ { "datatype": "u32", "name": [ - "x221" + "x220" ], "operation": "cmovznz", "arguments": [ @@ -81281,7 +80892,7 @@ { "datatype": "u32", "name": [ - "x222" + "x221" ], "operation": "cmovznz", "arguments": [ @@ -81335,7 +80946,7 @@ { "datatype": "u32", "name": [ - "x223" + "x222" ], "operation": "cmovznz", "arguments": [ @@ -81349,7 +80960,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81364,7 +80975,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] } ] @@ -81379,7 +80990,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -81389,7 +81000,7 @@ { "datatype": "u32", "name": [ - "x224" + "x223" ], "operation": "cmovznz", "arguments": [ @@ -81403,7 +81014,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81418,7 +81029,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] } ] @@ -81433,7 +81044,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -81443,7 +81054,7 @@ { "datatype": "u32", "name": [ - "x225" + "x224" ], "operation": "cmovznz", "arguments": [ @@ -81457,7 +81068,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81472,7 +81083,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] } ] @@ -81487,7 +81098,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -81497,7 +81108,7 @@ { "datatype": "u32", "name": [ - "x226" + "x225" ], "operation": "cmovznz", "arguments": [ @@ -81511,7 +81122,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81526,7 +81137,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] } ] @@ -81541,7 +81152,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -81551,7 +81162,7 @@ { "datatype": "u32", "name": [ - "x227" + "x226" ], "operation": "cmovznz", "arguments": [ @@ -81565,7 +81176,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81580,7 +81191,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] } ] @@ -81595,7 +81206,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -81605,7 +81216,7 @@ { "datatype": "u32", "name": [ - "x228" + "x227" ], "operation": "cmovznz", "arguments": [ @@ -81619,7 +81230,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81634,7 +81245,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -81649,7 +81260,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -81659,7 +81270,7 @@ { "datatype": "u32", "name": [ - "x229" + "x228" ], "operation": "cmovznz", "arguments": [ @@ -81673,7 +81284,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81688,7 +81299,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -81703,7 +81314,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -81713,7 +81324,7 @@ { "datatype": "u32", "name": [ - "x230" + "x229" ], "operation": "cmovznz", "arguments": [ @@ -81727,7 +81338,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81742,7 +81353,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -81757,7 +81368,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -81776,7 +81387,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -81878,7 +81489,7 @@ ], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] }, { @@ -81888,7 +81499,7 @@ ], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] }, { @@ -81898,7 +81509,7 @@ ], "operation": "static_cast", "arguments": [ - "x208" + "x207" ] }, { @@ -81908,7 +81519,7 @@ ], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] }, { @@ -81918,7 +81529,7 @@ ], "operation": "static_cast", "arguments": [ - "x210" + "x209" ] }, { @@ -81928,7 +81539,7 @@ ], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] }, { @@ -81938,7 +81549,7 @@ ], "operation": "static_cast", "arguments": [ - "x212" + "x211" ] }, { @@ -81948,7 +81559,7 @@ ], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] }, { @@ -81958,7 +81569,7 @@ ], "operation": "static_cast", "arguments": [ - "x214" + "x213" ] }, { @@ -81968,7 +81579,7 @@ ], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] }, { @@ -81978,7 +81589,7 @@ ], "operation": "static_cast", "arguments": [ - "x216" + "x215" ] }, { @@ -81988,7 +81599,7 @@ ], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] }, { @@ -81998,7 +81609,7 @@ ], "operation": "static_cast", "arguments": [ - "x218" + "x217" ] }, { @@ -82008,7 +81619,7 @@ ], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] }, { @@ -82018,7 +81629,7 @@ ], "operation": "static_cast", "arguments": [ - "x220" + "x219" ] }, { @@ -82028,7 +81639,7 @@ ], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] }, { @@ -82038,7 +81649,7 @@ ], "operation": "static_cast", "arguments": [ - "x222" + "x221" ] }, { @@ -82048,7 +81659,7 @@ ], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] }, { @@ -82058,7 +81669,7 @@ ], "operation": "static_cast", "arguments": [ - "x224" + "x223" ] }, { @@ -82068,7 +81679,7 @@ ], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] }, { @@ -82078,7 +81689,7 @@ ], "operation": "static_cast", "arguments": [ - "x226" + "x225" ] }, { @@ -82088,7 +81699,7 @@ ], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] }, { @@ -82098,7 +81709,7 @@ ], "operation": "static_cast", "arguments": [ - "x228" + "x227" ] }, { @@ -82108,7 +81719,7 @@ ], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] }, { @@ -82118,7 +81729,7 @@ ], "operation": "static_cast", "arguments": [ - "x230" + "x229" ] } ] diff --git a/fiat-json/src/p256_scalar_64.json b/fiat-json/src/p256_scalar_64.json index e4f40b1e6b..8d1672a5a4 100644 --- a/fiat-json/src/p256_scalar_64.json +++ b/fiat-json/src/p256_scalar_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -21530,16 +21494,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21549,7 +21513,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -21571,7 +21535,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -21580,16 +21544,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21599,7 +21563,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -21621,7 +21585,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -21630,16 +21594,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21649,7 +21613,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -21671,7 +21635,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -21689,7 +21653,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21699,7 +21663,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -21721,7 +21685,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -21730,16 +21694,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21749,7 +21713,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -21771,7 +21735,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -21780,16 +21744,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21799,7 +21763,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -21821,7 +21785,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -21830,16 +21794,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21849,7 +21813,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -21871,7 +21835,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -21880,26 +21844,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -21921,7 +21885,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -21930,16 +21894,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21949,7 +21913,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -21971,7 +21935,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -21980,16 +21944,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21999,7 +21963,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -22021,7 +21985,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -22039,7 +22003,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22049,7 +22013,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -22071,7 +22035,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -22080,16 +22044,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22099,7 +22063,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -22121,7 +22085,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -22130,16 +22094,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22149,7 +22113,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -22171,7 +22135,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -22180,16 +22144,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22199,7 +22163,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -22221,7 +22185,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -22232,49 +22196,33 @@ { "datatype": "u8", "name": [ - "x33" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x5" ] } ] @@ -22282,49 +22230,33 @@ { "datatype": "u8", "name": [ - "x35" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x36" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x7" ] } ] @@ -22332,653 +22264,20 @@ { "datatype": "u8", "name": [ - "x37" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" + "x8" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, { "datatype": "u8", "name": [ @@ -22986,7 +22285,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -22996,7 +22302,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -23006,7 +22319,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -23016,7 +22329,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -23026,7 +22346,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -23036,7 +22363,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -23046,7 +22380,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -23056,7 +22397,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -23066,7 +22414,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -23076,7 +22431,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -23086,7 +22448,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -23096,7 +22458,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -23106,7 +22475,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -23116,7 +22492,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -23126,7 +22509,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -23136,7 +22526,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -23146,7 +22543,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -23156,7 +22560,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -23166,7 +22577,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -23176,7 +22587,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -23186,7 +22604,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -23196,7 +22621,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -23206,7 +22638,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -23216,7 +22655,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -23226,7 +22672,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -23236,7 +22689,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -23246,7 +22706,7 @@ ], "operation": "static_cast", "arguments": [ - "x60" + "x32" ] } ] @@ -25403,22 +24863,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -27204,43 +26649,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x74" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x22" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x75" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" + } ] }, "0x0", @@ -27257,7 +26684,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -27266,7 +26693,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27283,7 +26717,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -27292,7 +26726,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27309,7 +26750,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -27318,7 +26759,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27335,7 +26783,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -27344,7 +26792,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27361,8 +26816,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -27383,7 +26838,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -27391,8 +26846,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -27409,7 +26864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -27427,7 +26882,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -27435,8 +26890,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -27453,7 +26908,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -27471,7 +26926,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -27479,8 +26934,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -27497,7 +26952,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -27515,7 +26970,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -27523,7 +26978,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -27541,7 +26996,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -27559,7 +27014,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -27567,7 +27022,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -27576,7 +27031,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27593,7 +27055,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -27602,7 +27064,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27619,7 +27088,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -27628,7 +27097,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27645,7 +27121,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -27654,7 +27130,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27671,8 +27154,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -27693,7 +27176,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -27701,8 +27184,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -27719,7 +27202,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -27737,7 +27220,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -27745,8 +27228,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -27763,7 +27246,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -27781,7 +27264,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -27789,8 +27272,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -27807,7 +27290,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -27825,7 +27308,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -27833,8 +27316,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -27852,7 +27335,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -27863,8 +27346,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -27881,7 +27364,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -27896,7 +27379,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -27907,8 +27390,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -27925,7 +27408,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -27940,7 +27423,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -27951,8 +27434,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -27969,7 +27452,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -27984,7 +27467,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -27996,7 +27479,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -28013,7 +27496,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -28028,7 +27511,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -28039,7 +27522,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -28062,7 +27545,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -28091,7 +27574,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -28126,7 +27609,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -28146,7 +27629,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -28175,7 +27658,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -28210,7 +27693,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -28230,7 +27713,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -28259,7 +27742,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -28294,7 +27777,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -28314,7 +27797,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -28343,7 +27826,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -28378,7 +27861,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28398,7 +27881,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -28427,7 +27910,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28457,7 +27940,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28474,7 +27957,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -28528,7 +28011,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -28582,7 +28065,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -28636,7 +28119,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -28690,7 +28173,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -28704,7 +28187,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28719,7 +28202,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -28734,7 +28217,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -28744,7 +28227,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -28758,7 +28241,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28773,7 +28256,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -28788,7 +28271,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -28798,7 +28281,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -28812,7 +28295,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28827,7 +28310,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -28842,7 +28325,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -28852,7 +28335,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -28866,7 +28349,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28881,7 +28364,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -28896,7 +28379,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -28915,7 +28398,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -28977,7 +28460,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -28987,7 +28470,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -28997,7 +28480,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -29007,7 +28490,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -29017,7 +28500,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -29027,7 +28510,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -29037,7 +28520,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -29047,7 +28530,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -29057,7 +28540,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -29067,7 +28550,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -29077,7 +28560,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -29087,7 +28570,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -29097,7 +28580,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-json/src/p384_32.json b/fiat-json/src/p384_32.json index fb44f4dfb4..4330a2db94 100644 --- a/fiat-json/src/p384_32.json +++ b/fiat-json/src/p384_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -139591,35 +139555,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x14" + "x13" ], "operation": "static_cast", "arguments": [ @@ -139641,35 +139580,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x14" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x14" ], "operation": "static_cast", "arguments": [ @@ -139683,7 +139597,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x13" ] }, "8" @@ -139694,32 +139608,7 @@ { "datatype": "u8", "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x18" + "x15" ], "operation": "static_cast", "arguments": [ @@ -139733,7 +139622,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x14" ] }, "8" @@ -139741,35 +139630,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x20" + "x16" ], "operation": "static_cast", "arguments": [ @@ -139791,35 +139655,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x17" ], "operation": "static_cast", "arguments": [ @@ -139833,7 +139672,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x16" ] }, "8" @@ -139844,32 +139683,7 @@ { "datatype": "u8", "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x24" + "x18" ], "operation": "static_cast", "arguments": [ @@ -139883,7 +139697,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x17" ] }, "8" @@ -139891,35 +139705,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x26" + "x19" ], "operation": "static_cast", "arguments": [ @@ -139941,6 +139730,181 @@ } ] }, + { + "datatype": "u32", + "name": [ + "x20" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u8", + "name": [ + "x21" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u8", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x22" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x23" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u8", + "name": [ + "x24" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u8", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x25" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x8" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x26" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + }, + "8" + ] + } + ] + }, { "datatype": "u8", "name": [ @@ -139951,7 +139915,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -139961,7 +139925,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -139983,7 +139947,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x7" ] }, "8" @@ -139992,16 +139956,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140011,7 +139975,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -140033,7 +139997,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -140042,26 +140006,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x6" ] }, - "0xff" + "8" ] } ] @@ -140083,7 +140047,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x31" ] }, "8" @@ -140101,7 +140065,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140111,7 +140075,7 @@ "x32" ] }, - "0xff" + "8" ] } ] @@ -140133,7 +140097,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x5" ] }, "8" @@ -140142,16 +140106,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x35" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140161,7 +140125,7 @@ "x34" ] }, - "0xff" + "8" ] } ] @@ -140183,7 +140147,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x35" ] }, "8" @@ -140192,26 +140156,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x4" ] }, - "0xff" + "8" ] } ] @@ -140233,7 +140197,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x37" ] }, "8" @@ -140251,7 +140215,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140261,7 +140225,7 @@ "x38" ] }, - "0xff" + "8" ] } ] @@ -140283,7 +140247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x3" ] }, "8" @@ -140292,16 +140256,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x41" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140311,7 +140275,7 @@ "x40" ] }, - "0xff" + "8" ] } ] @@ -140333,7 +140297,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x41" ] }, "8" @@ -140342,26 +140306,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x43" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x2" ] }, - "0xff" + "8" ] } ] @@ -140383,7 +140347,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x43" ] }, "8" @@ -140401,7 +140365,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140411,7 +140375,7 @@ "x44" ] }, - "0xff" + "8" ] } ] @@ -140433,7 +140397,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x44" + "x1" ] }, "8" @@ -140442,16 +140406,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x47" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -140461,7 +140425,7 @@ "x46" ] }, - "0xff" + "8" ] } ] @@ -140483,7 +140447,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x47" ] }, "8" @@ -140494,49 +140458,33 @@ { "datatype": "u8", "name": [ - "x49" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" + "x12" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x50" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "8" + "x13" ] } ] @@ -140544,74 +140492,43 @@ { "datatype": "u8", "name": [ - "x51" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" + "x14" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x52" + "out1[3]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } + "x15" ] }, { "datatype": "u8", "name": [ - "x53" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" + "x11" ] } ] @@ -140619,24 +140536,16 @@ { "datatype": "u8", "name": [ - "x54" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" + "x16" ] } ] @@ -140644,99 +140553,60 @@ { "datatype": "u8", "name": [ - "x55" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" + "x17" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x56" + "out1[7]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "8" - ] - } + "x18" ] }, { "datatype": "u8", "name": [ - "x57" + "out1[8]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" + "x10" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x58" + "out1[9]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" + "x19" ] } ] @@ -140744,24 +140614,16 @@ { "datatype": "u8", "name": [ - "x59" + "out1[10]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" + "x20" ] } ] @@ -140769,74 +140631,43 @@ { "datatype": "u8", "name": [ - "x60" + "out1[11]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } + "x21" ] }, { "datatype": "u8", "name": [ - "x61" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" + "x9" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x62" + "out1[13]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "8" + "x22" ] } ] @@ -140844,74 +140675,43 @@ { "datatype": "u8", "name": [ - "x63" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - }, - "0xff" + "x23" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x64" + "out1[15]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - }, - "8" - ] - } + "x24" ] }, { "datatype": "u8", "name": [ - "x65" + "out1[16]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "0xff" + "x8" ] } ] @@ -140919,24 +140719,16 @@ { "datatype": "u8", "name": [ - "x66" + "out1[17]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "8" + "x25" ] } ] @@ -140944,99 +140736,60 @@ { "datatype": "u8", "name": [ - "x67" + "out1[18]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" + "x26" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x68" + "out1[19]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "8" - ] - } + "x27" ] }, { "datatype": "u8", "name": [ - "x69" + "out1[20]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "0xff" + "x7" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x70" + "out1[21]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "8" + "x28" ] } ] @@ -141044,24 +140797,16 @@ { "datatype": "u8", "name": [ - "x71" + "out1[22]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "0xff" + "x29" ] } ] @@ -141069,74 +140814,43 @@ { "datatype": "u8", "name": [ - "x72" + "out1[23]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "8" - ] - } + "x30" ] }, { "datatype": "u8", "name": [ - "x73" + "out1[24]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x74" + "out1[25]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x31" ] } ] @@ -141144,74 +140858,43 @@ { "datatype": "u8", "name": [ - "x75" + "out1[26]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "0xff" + "x32" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x76" + "out1[27]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "8" - ] - } + "x33" ] }, { "datatype": "u8", "name": [ - "x77" + "out1[28]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "0xff" + "x5" ] } ] @@ -141219,24 +140902,16 @@ { "datatype": "u8", "name": [ - "x78" + "out1[29]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "8" + "x34" ] } ] @@ -141244,99 +140919,43 @@ { "datatype": "u8", "name": [ - "x79" + "out1[30]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" + "x35" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x80" + "out1[31]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } + "x36" ] }, { "datatype": "u8", "name": [ - "x81" + "out1[32]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "8" + "x4" ] } ] @@ -141344,24 +140963,16 @@ { "datatype": "u8", "name": [ - "x83" + "out1[33]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "0xff" + "x37" ] } ] @@ -141369,378 +140980,20 @@ { "datatype": "u8", "name": [ - "x84" + "out1[34]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "8" + "x38" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x19" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x21" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x23" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x25" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x27" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x29" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x31" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x33" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x35" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x37" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x49" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[25]" - ], - "operation": "static_cast", - "arguments": [ - "x51" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[26]" - ], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[27]" - ], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[28]" - ], - "operation": "static_cast", - "arguments": [ - "x55" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[29]" - ], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[30]" - ], - "operation": "static_cast", - "arguments": [ - "x59" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[31]" - ], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[32]" - ], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[33]" - ], - "operation": "static_cast", - "arguments": [ - "x63" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[34]" - ], - "operation": "static_cast", - "arguments": [ - "x65" - ] - }, { "datatype": "u8", "name": [ @@ -141748,7 +141001,7 @@ ], "operation": "static_cast", "arguments": [ - "x66" + "x39" ] }, { @@ -141758,7 +141011,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -141768,7 +141028,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -141778,7 +141045,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x41" + ] + } ] }, { @@ -141788,7 +141062,7 @@ ], "operation": "static_cast", "arguments": [ - "x72" + "x42" ] }, { @@ -141798,7 +141072,14 @@ ], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -141808,7 +141089,14 @@ ], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -141818,7 +141106,14 @@ ], "operation": "static_cast", "arguments": [ - "x77" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -141828,7 +141123,7 @@ ], "operation": "static_cast", "arguments": [ - "x78" + "x45" ] }, { @@ -141838,7 +141133,14 @@ ], "operation": "static_cast", "arguments": [ - "x79" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -141848,7 +141150,14 @@ ], "operation": "static_cast", "arguments": [ - "x81" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, { @@ -141858,7 +141167,14 @@ ], "operation": "static_cast", "arguments": [ - "x83" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -141868,7 +141184,7 @@ ], "operation": "static_cast", "arguments": [ - "x84" + "x48" ] } ] @@ -145009,22 +144325,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -149830,43 +149131,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x194" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x46" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x195" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x194" + } ] }, "0x0", @@ -149883,7 +149166,7 @@ { "datatype": "u32", "name": [ - "x196" + "x195" ], "operation": "cmovznz", "arguments": [ @@ -149892,7 +149175,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -149909,7 +149199,7 @@ { "datatype": "u32", "name": [ - "x197" + "x196" ], "operation": "cmovznz", "arguments": [ @@ -149918,7 +149208,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -149935,7 +149232,7 @@ { "datatype": "u32", "name": [ - "x198" + "x197" ], "operation": "cmovznz", "arguments": [ @@ -149944,7 +149241,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -149961,7 +149265,7 @@ { "datatype": "u32", "name": [ - "x199" + "x198" ], "operation": "cmovznz", "arguments": [ @@ -149970,7 +149274,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -149987,7 +149298,7 @@ { "datatype": "u32", "name": [ - "x200" + "x199" ], "operation": "cmovznz", "arguments": [ @@ -149996,7 +149307,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150013,7 +149331,7 @@ { "datatype": "u32", "name": [ - "x201" + "x200" ], "operation": "cmovznz", "arguments": [ @@ -150022,7 +149340,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150039,7 +149364,7 @@ { "datatype": "u32", "name": [ - "x202" + "x201" ], "operation": "cmovznz", "arguments": [ @@ -150048,7 +149373,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150065,7 +149397,7 @@ { "datatype": "u32", "name": [ - "x203" + "x202" ], "operation": "cmovznz", "arguments": [ @@ -150074,7 +149406,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150091,7 +149430,7 @@ { "datatype": "u32", "name": [ - "x204" + "x203" ], "operation": "cmovznz", "arguments": [ @@ -150100,7 +149439,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150117,7 +149463,7 @@ { "datatype": "u32", "name": [ - "x205" + "x204" ], "operation": "cmovznz", "arguments": [ @@ -150126,7 +149472,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150143,7 +149496,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "cmovznz", "arguments": [ @@ -150152,7 +149505,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150169,7 +149529,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "cmovznz", "arguments": [ @@ -150178,7 +149538,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150195,8 +149562,8 @@ { "datatype": "(auto)", "name": [ - "x208", - "x209" + "x207", + "x208" ], "operation": "addcarryx", "parameters": { @@ -150217,7 +149584,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -150225,8 +149592,8 @@ { "datatype": "(auto)", "name": [ - "x210", - "x211" + "x209", + "x210" ], "operation": "addcarryx", "parameters": { @@ -150243,7 +149610,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] } ] @@ -150261,7 +149628,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -150269,8 +149636,8 @@ { "datatype": "(auto)", "name": [ - "x212", - "x213" + "x211", + "x212" ], "operation": "addcarryx", "parameters": { @@ -150287,7 +149654,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] } ] @@ -150305,7 +149672,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -150313,8 +149680,8 @@ { "datatype": "(auto)", "name": [ - "x214", - "x215" + "x213", + "x214" ], "operation": "addcarryx", "parameters": { @@ -150331,7 +149698,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] } ] @@ -150349,7 +149716,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -150357,8 +149724,8 @@ { "datatype": "(auto)", "name": [ - "x216", - "x217" + "x215", + "x216" ], "operation": "addcarryx", "parameters": { @@ -150375,7 +149742,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] } ] @@ -150393,7 +149760,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -150401,8 +149768,8 @@ { "datatype": "(auto)", "name": [ - "x218", - "x219" + "x217", + "x218" ], "operation": "addcarryx", "parameters": { @@ -150419,7 +149786,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] } ] @@ -150437,7 +149804,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -150445,8 +149812,8 @@ { "datatype": "(auto)", "name": [ - "x220", - "x221" + "x219", + "x220" ], "operation": "addcarryx", "parameters": { @@ -150463,7 +149830,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] } ] @@ -150481,7 +149848,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -150489,8 +149856,8 @@ { "datatype": "(auto)", "name": [ - "x222", - "x223" + "x221", + "x222" ], "operation": "addcarryx", "parameters": { @@ -150507,7 +149874,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] } ] @@ -150525,7 +149892,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x202" + "x201" ] } ] @@ -150533,8 +149900,8 @@ { "datatype": "(auto)", "name": [ - "x224", - "x225" + "x223", + "x224" ], "operation": "addcarryx", "parameters": { @@ -150551,7 +149918,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] } ] @@ -150569,7 +149936,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -150577,8 +149944,8 @@ { "datatype": "(auto)", "name": [ - "x226", - "x227" + "x225", + "x226" ], "operation": "addcarryx", "parameters": { @@ -150595,7 +149962,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] } ] @@ -150613,7 +149980,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -150621,8 +149988,8 @@ { "datatype": "(auto)", "name": [ - "x228", - "x229" + "x227", + "x228" ], "operation": "addcarryx", "parameters": { @@ -150639,7 +150006,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] } ] @@ -150657,7 +150024,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x205" + "x204" ] } ] @@ -150665,8 +150032,8 @@ { "datatype": "(auto)", "name": [ - "x230", - "x231" + "x229", + "x230" ], "operation": "addcarryx", "parameters": { @@ -150683,7 +150050,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] } ] @@ -150701,7 +150068,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] } ] @@ -150709,7 +150076,7 @@ { "datatype": "(auto)", "name": [ - "x232", + "x231", "_" ], "operation": "addcarryx", @@ -150727,7 +150094,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x231" + "x230" ] } ] @@ -150745,7 +150112,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] } ] @@ -150753,7 +150120,7 @@ { "datatype": "u32", "name": [ - "x234" + "x233" ], "operation": "cmovznz", "arguments": [ @@ -150762,7 +150129,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150779,7 +150153,7 @@ { "datatype": "u32", "name": [ - "x235" + "x234" ], "operation": "cmovznz", "arguments": [ @@ -150788,7 +150162,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150805,7 +150186,7 @@ { "datatype": "u32", "name": [ - "x236" + "x235" ], "operation": "cmovznz", "arguments": [ @@ -150814,7 +150195,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150831,7 +150219,7 @@ { "datatype": "u32", "name": [ - "x237" + "x236" ], "operation": "cmovznz", "arguments": [ @@ -150840,7 +150228,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150857,7 +150252,7 @@ { "datatype": "u32", "name": [ - "x238" + "x237" ], "operation": "cmovznz", "arguments": [ @@ -150866,7 +150261,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150883,7 +150285,7 @@ { "datatype": "u32", "name": [ - "x239" + "x238" ], "operation": "cmovznz", "arguments": [ @@ -150892,7 +150294,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150909,7 +150318,7 @@ { "datatype": "u32", "name": [ - "x240" + "x239" ], "operation": "cmovznz", "arguments": [ @@ -150918,7 +150327,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150935,7 +150351,7 @@ { "datatype": "u32", "name": [ - "x241" + "x240" ], "operation": "cmovznz", "arguments": [ @@ -150944,7 +150360,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150961,7 +150384,7 @@ { "datatype": "u32", "name": [ - "x242" + "x241" ], "operation": "cmovznz", "arguments": [ @@ -150970,7 +150393,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -150987,7 +150417,7 @@ { "datatype": "u32", "name": [ - "x243" + "x242" ], "operation": "cmovznz", "arguments": [ @@ -150996,7 +150426,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -151013,7 +150450,7 @@ { "datatype": "u32", "name": [ - "x244" + "x243" ], "operation": "cmovznz", "arguments": [ @@ -151022,7 +150459,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -151039,7 +150483,7 @@ { "datatype": "u32", "name": [ - "x245" + "x244" ], "operation": "cmovznz", "arguments": [ @@ -151048,7 +150492,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -151065,8 +150516,8 @@ { "datatype": "(auto)", "name": [ - "x246", - "x247" + "x245", + "x246" ], "operation": "addcarryx", "parameters": { @@ -151087,7 +150538,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x234" + "x233" ] } ] @@ -151095,8 +150546,8 @@ { "datatype": "(auto)", "name": [ - "x248", - "x249" + "x247", + "x248" ], "operation": "addcarryx", "parameters": { @@ -151113,7 +150564,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x247" + "x246" ] } ] @@ -151131,7 +150582,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x235" + "x234" ] } ] @@ -151139,8 +150590,8 @@ { "datatype": "(auto)", "name": [ - "x250", - "x251" + "x249", + "x250" ], "operation": "addcarryx", "parameters": { @@ -151157,7 +150608,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x249" + "x248" ] } ] @@ -151175,7 +150626,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x236" + "x235" ] } ] @@ -151183,8 +150634,8 @@ { "datatype": "(auto)", "name": [ - "x252", - "x253" + "x251", + "x252" ], "operation": "addcarryx", "parameters": { @@ -151201,7 +150652,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x251" + "x250" ] } ] @@ -151219,7 +150670,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x237" + "x236" ] } ] @@ -151227,8 +150678,8 @@ { "datatype": "(auto)", "name": [ - "x254", - "x255" + "x253", + "x254" ], "operation": "addcarryx", "parameters": { @@ -151245,7 +150696,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x253" + "x252" ] } ] @@ -151263,7 +150714,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x238" + "x237" ] } ] @@ -151271,8 +150722,8 @@ { "datatype": "(auto)", "name": [ - "x256", - "x257" + "x255", + "x256" ], "operation": "addcarryx", "parameters": { @@ -151289,7 +150740,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x255" + "x254" ] } ] @@ -151307,7 +150758,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x239" + "x238" ] } ] @@ -151315,8 +150766,8 @@ { "datatype": "(auto)", "name": [ - "x258", - "x259" + "x257", + "x258" ], "operation": "addcarryx", "parameters": { @@ -151333,7 +150784,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x257" + "x256" ] } ] @@ -151351,7 +150802,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x240" + "x239" ] } ] @@ -151359,8 +150810,8 @@ { "datatype": "(auto)", "name": [ - "x260", - "x261" + "x259", + "x260" ], "operation": "addcarryx", "parameters": { @@ -151377,7 +150828,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x259" + "x258" ] } ] @@ -151395,7 +150846,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x241" + "x240" ] } ] @@ -151403,8 +150854,8 @@ { "datatype": "(auto)", "name": [ - "x262", - "x263" + "x261", + "x262" ], "operation": "addcarryx", "parameters": { @@ -151421,7 +150872,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x261" + "x260" ] } ] @@ -151439,7 +150890,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x242" + "x241" ] } ] @@ -151447,8 +150898,8 @@ { "datatype": "(auto)", "name": [ - "x264", - "x265" + "x263", + "x264" ], "operation": "addcarryx", "parameters": { @@ -151465,7 +150916,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x263" + "x262" ] } ] @@ -151483,7 +150934,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x243" + "x242" ] } ] @@ -151491,8 +150942,8 @@ { "datatype": "(auto)", "name": [ - "x266", - "x267" + "x265", + "x266" ], "operation": "addcarryx", "parameters": { @@ -151509,7 +150960,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x265" + "x264" ] } ] @@ -151527,7 +150978,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x244" + "x243" ] } ] @@ -151535,8 +150986,8 @@ { "datatype": "(auto)", "name": [ - "x268", - "x269" + "x267", + "x268" ], "operation": "addcarryx", "parameters": { @@ -151553,7 +151004,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x267" + "x266" ] } ] @@ -151571,7 +151022,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x245" + "x244" ] } ] @@ -151579,8 +151030,8 @@ { "datatype": "(auto)", "name": [ - "x270", - "x271" + "x269", + "x270" ], "operation": "subborrowx", "parameters": { @@ -151598,7 +151049,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x246" + "x245" ] } ] @@ -151609,8 +151060,8 @@ { "datatype": "(auto)", "name": [ - "x272", - "x273" + "x271", + "x272" ], "operation": "subborrowx", "parameters": { @@ -151627,7 +151078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x271" + "x270" ] } ] @@ -151642,7 +151093,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x248" + "x247" ] } ] @@ -151653,8 +151104,8 @@ { "datatype": "(auto)", "name": [ - "x274", - "x275" + "x273", + "x274" ], "operation": "subborrowx", "parameters": { @@ -151671,7 +151122,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x273" + "x272" ] } ] @@ -151686,7 +151137,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x250" + "x249" ] } ] @@ -151697,8 +151148,8 @@ { "datatype": "(auto)", "name": [ - "x276", - "x277" + "x275", + "x276" ], "operation": "subborrowx", "parameters": { @@ -151715,7 +151166,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x275" + "x274" ] } ] @@ -151730,7 +151181,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x252" + "x251" ] } ] @@ -151741,8 +151192,8 @@ { "datatype": "(auto)", "name": [ - "x278", - "x279" + "x277", + "x278" ], "operation": "subborrowx", "parameters": { @@ -151759,7 +151210,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x277" + "x276" ] } ] @@ -151774,7 +151225,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x254" + "x253" ] } ] @@ -151785,8 +151236,8 @@ { "datatype": "(auto)", "name": [ - "x280", - "x281" + "x279", + "x280" ], "operation": "subborrowx", "parameters": { @@ -151803,7 +151254,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x279" + "x278" ] } ] @@ -151818,7 +151269,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x256" + "x255" ] } ] @@ -151829,8 +151280,8 @@ { "datatype": "(auto)", "name": [ - "x282", - "x283" + "x281", + "x282" ], "operation": "subborrowx", "parameters": { @@ -151847,7 +151298,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x281" + "x280" ] } ] @@ -151862,7 +151313,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x258" + "x257" ] } ] @@ -151873,8 +151324,8 @@ { "datatype": "(auto)", "name": [ - "x284", - "x285" + "x283", + "x284" ], "operation": "subborrowx", "parameters": { @@ -151891,7 +151342,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x283" + "x282" ] } ] @@ -151906,7 +151357,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x260" + "x259" ] } ] @@ -151917,8 +151368,8 @@ { "datatype": "(auto)", "name": [ - "x286", - "x287" + "x285", + "x286" ], "operation": "subborrowx", "parameters": { @@ -151935,7 +151386,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x285" + "x284" ] } ] @@ -151950,7 +151401,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x262" + "x261" ] } ] @@ -151961,8 +151412,8 @@ { "datatype": "(auto)", "name": [ - "x288", - "x289" + "x287", + "x288" ], "operation": "subborrowx", "parameters": { @@ -151979,7 +151430,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x287" + "x286" ] } ] @@ -151994,7 +151445,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x264" + "x263" ] } ] @@ -152005,8 +151456,8 @@ { "datatype": "(auto)", "name": [ - "x290", - "x291" + "x289", + "x290" ], "operation": "subborrowx", "parameters": { @@ -152023,7 +151474,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x289" + "x288" ] } ] @@ -152038,7 +151489,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x266" + "x265" ] } ] @@ -152049,8 +151500,8 @@ { "datatype": "(auto)", "name": [ - "x292", - "x293" + "x291", + "x292" ], "operation": "subborrowx", "parameters": { @@ -152067,7 +151518,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x291" + "x290" ] } ] @@ -152082,7 +151533,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x268" + "x267" ] } ] @@ -152094,7 +151545,7 @@ "datatype": "(auto)", "name": [ "_", - "x295" + "x294" ], "operation": "subborrowx", "parameters": { @@ -152111,7 +151562,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x293" + "x292" ] } ] @@ -152126,7 +151577,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x269" + "x268" ] } ] @@ -152137,7 +151588,7 @@ { "datatype": "(auto)", "name": [ - "x296", + "x295", "_" ], "operation": "addcarryx", @@ -152157,6 +151608,90 @@ "0x1" ] }, + { + "datatype": "u32", + "name": [ + "x297" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x207" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x209" + ] + } + ] + }, + "31" + ] + }, + "0xffffffff" + ] + } + ] + } + ] + } + ] + }, { "datatype": "u32", "name": [ @@ -152189,7 +151724,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x208" + "x209" ] } ] @@ -152224,7 +151759,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x210" + "x211" ] } ] @@ -152273,7 +151808,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x210" + "x211" ] } ] @@ -152308,7 +151843,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x212" + "x213" ] } ] @@ -152357,7 +151892,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x212" + "x213" ] } ] @@ -152392,7 +151927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x214" + "x215" ] } ] @@ -152441,7 +151976,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x214" + "x215" ] } ] @@ -152476,7 +152011,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x216" + "x217" ] } ] @@ -152525,7 +152060,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x216" + "x217" ] } ] @@ -152560,7 +152095,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x218" + "x219" ] } ] @@ -152609,7 +152144,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x218" + "x219" ] } ] @@ -152644,7 +152179,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x220" + "x221" ] } ] @@ -152693,7 +152228,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x220" + "x221" ] } ] @@ -152728,7 +152263,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x222" + "x223" ] } ] @@ -152777,7 +152312,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x222" + "x223" ] } ] @@ -152812,7 +152347,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x224" + "x225" ] } ] @@ -152861,7 +152396,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x224" + "x225" ] } ] @@ -152896,7 +152431,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x226" + "x227" ] } ] @@ -152945,7 +152480,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x226" + "x227" ] } ] @@ -152980,7 +152515,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x228" + "x229" ] } ] @@ -153029,7 +152564,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x228" + "x229" ] } ] @@ -153064,7 +152599,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x230" + "x231" ] } ] @@ -153087,90 +152622,6 @@ "x309" ], "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x230" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x232" - ] - } - ] - }, - "31" - ] - }, - "0xffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x310" - ], - "operation": "static_cast", "arguments": [ { "datatype": "u32", @@ -153197,7 +152648,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x232" + "x231" ] } ] @@ -153227,7 +152678,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x232" + "x231" ] } ] @@ -153244,7 +152695,7 @@ { "datatype": "u32", "name": [ - "x311" + "x310" ], "operation": "cmovznz", "arguments": [ @@ -153298,7 +152749,7 @@ { "datatype": "u32", "name": [ - "x312" + "x311" ], "operation": "cmovznz", "arguments": [ @@ -153352,7 +152803,7 @@ { "datatype": "u32", "name": [ - "x313" + "x312" ], "operation": "cmovznz", "arguments": [ @@ -153406,7 +152857,7 @@ { "datatype": "u32", "name": [ - "x314" + "x313" ], "operation": "cmovznz", "arguments": [ @@ -153460,7 +152911,7 @@ { "datatype": "u32", "name": [ - "x315" + "x314" ], "operation": "cmovznz", "arguments": [ @@ -153514,7 +152965,7 @@ { "datatype": "u32", "name": [ - "x316" + "x315" ], "operation": "cmovznz", "arguments": [ @@ -153568,7 +153019,7 @@ { "datatype": "u32", "name": [ - "x317" + "x316" ], "operation": "cmovznz", "arguments": [ @@ -153622,7 +153073,7 @@ { "datatype": "u32", "name": [ - "x318" + "x317" ], "operation": "cmovznz", "arguments": [ @@ -153676,7 +153127,7 @@ { "datatype": "u32", "name": [ - "x319" + "x318" ], "operation": "cmovznz", "arguments": [ @@ -153730,7 +153181,7 @@ { "datatype": "u32", "name": [ - "x320" + "x319" ], "operation": "cmovznz", "arguments": [ @@ -153784,7 +153235,7 @@ { "datatype": "u32", "name": [ - "x321" + "x320" ], "operation": "cmovznz", "arguments": [ @@ -153838,7 +153289,7 @@ { "datatype": "u32", "name": [ - "x322" + "x321" ], "operation": "cmovznz", "arguments": [ @@ -153892,7 +153343,7 @@ { "datatype": "u32", "name": [ - "x323" + "x322" ], "operation": "cmovznz", "arguments": [ @@ -153906,7 +153357,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -153921,7 +153372,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x270" + "x269" ] } ] @@ -153936,7 +153387,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x246" + "x245" ] } ] @@ -153946,7 +153397,7 @@ { "datatype": "u32", "name": [ - "x324" + "x323" ], "operation": "cmovznz", "arguments": [ @@ -153960,7 +153411,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -153975,7 +153426,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x272" + "x271" ] } ] @@ -153990,7 +153441,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x248" + "x247" ] } ] @@ -154000,7 +153451,7 @@ { "datatype": "u32", "name": [ - "x325" + "x324" ], "operation": "cmovznz", "arguments": [ @@ -154014,7 +153465,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154029,7 +153480,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x274" + "x273" ] } ] @@ -154044,7 +153495,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x250" + "x249" ] } ] @@ -154054,7 +153505,7 @@ { "datatype": "u32", "name": [ - "x326" + "x325" ], "operation": "cmovznz", "arguments": [ @@ -154068,7 +153519,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154083,7 +153534,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x276" + "x275" ] } ] @@ -154098,7 +153549,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x252" + "x251" ] } ] @@ -154108,7 +153559,7 @@ { "datatype": "u32", "name": [ - "x327" + "x326" ], "operation": "cmovznz", "arguments": [ @@ -154122,7 +153573,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154137,7 +153588,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x278" + "x277" ] } ] @@ -154152,7 +153603,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x254" + "x253" ] } ] @@ -154162,7 +153613,7 @@ { "datatype": "u32", "name": [ - "x328" + "x327" ], "operation": "cmovznz", "arguments": [ @@ -154176,7 +153627,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154191,7 +153642,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x280" + "x279" ] } ] @@ -154206,7 +153657,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x256" + "x255" ] } ] @@ -154216,7 +153667,7 @@ { "datatype": "u32", "name": [ - "x329" + "x328" ], "operation": "cmovznz", "arguments": [ @@ -154230,7 +153681,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154245,7 +153696,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x282" + "x281" ] } ] @@ -154260,7 +153711,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x258" + "x257" ] } ] @@ -154270,7 +153721,7 @@ { "datatype": "u32", "name": [ - "x330" + "x329" ], "operation": "cmovznz", "arguments": [ @@ -154284,7 +153735,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154299,7 +153750,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x284" + "x283" ] } ] @@ -154314,7 +153765,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x260" + "x259" ] } ] @@ -154324,7 +153775,7 @@ { "datatype": "u32", "name": [ - "x331" + "x330" ], "operation": "cmovznz", "arguments": [ @@ -154338,7 +153789,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154353,7 +153804,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x286" + "x285" ] } ] @@ -154368,7 +153819,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x262" + "x261" ] } ] @@ -154378,7 +153829,7 @@ { "datatype": "u32", "name": [ - "x332" + "x331" ], "operation": "cmovznz", "arguments": [ @@ -154392,7 +153843,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154407,7 +153858,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x288" + "x287" ] } ] @@ -154422,7 +153873,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x264" + "x263" ] } ] @@ -154432,7 +153883,7 @@ { "datatype": "u32", "name": [ - "x333" + "x332" ], "operation": "cmovznz", "arguments": [ @@ -154446,7 +153897,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154461,7 +153912,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x290" + "x289" ] } ] @@ -154476,7 +153927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x266" + "x265" ] } ] @@ -154486,7 +153937,7 @@ { "datatype": "u32", "name": [ - "x334" + "x333" ], "operation": "cmovznz", "arguments": [ @@ -154500,7 +153951,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -154515,7 +153966,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x292" + "x291" ] } ] @@ -154530,7 +153981,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x268" + "x267" ] } ] @@ -154549,7 +154000,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x296" + "x295" ] } ] @@ -154691,7 +154142,7 @@ ], "operation": "static_cast", "arguments": [ - "x298" + "x297" ] }, { @@ -154701,7 +154152,7 @@ ], "operation": "static_cast", "arguments": [ - "x299" + "x298" ] }, { @@ -154711,7 +154162,7 @@ ], "operation": "static_cast", "arguments": [ - "x300" + "x299" ] }, { @@ -154721,7 +154172,7 @@ ], "operation": "static_cast", "arguments": [ - "x301" + "x300" ] }, { @@ -154731,7 +154182,7 @@ ], "operation": "static_cast", "arguments": [ - "x302" + "x301" ] }, { @@ -154741,7 +154192,7 @@ ], "operation": "static_cast", "arguments": [ - "x303" + "x302" ] }, { @@ -154751,7 +154202,7 @@ ], "operation": "static_cast", "arguments": [ - "x304" + "x303" ] }, { @@ -154761,7 +154212,7 @@ ], "operation": "static_cast", "arguments": [ - "x305" + "x304" ] }, { @@ -154771,7 +154222,7 @@ ], "operation": "static_cast", "arguments": [ - "x306" + "x305" ] }, { @@ -154781,7 +154232,7 @@ ], "operation": "static_cast", "arguments": [ - "x307" + "x306" ] }, { @@ -154791,7 +154242,7 @@ ], "operation": "static_cast", "arguments": [ - "x308" + "x307" ] }, { @@ -154801,7 +154252,7 @@ ], "operation": "static_cast", "arguments": [ - "x309" + "x308" ] }, { @@ -154811,7 +154262,7 @@ ], "operation": "static_cast", "arguments": [ - "x310" + "x309" ] }, { @@ -154821,7 +154272,7 @@ ], "operation": "static_cast", "arguments": [ - "x311" + "x310" ] }, { @@ -154831,7 +154282,7 @@ ], "operation": "static_cast", "arguments": [ - "x312" + "x311" ] }, { @@ -154841,7 +154292,7 @@ ], "operation": "static_cast", "arguments": [ - "x313" + "x312" ] }, { @@ -154851,7 +154302,7 @@ ], "operation": "static_cast", "arguments": [ - "x314" + "x313" ] }, { @@ -154861,7 +154312,7 @@ ], "operation": "static_cast", "arguments": [ - "x315" + "x314" ] }, { @@ -154871,7 +154322,7 @@ ], "operation": "static_cast", "arguments": [ - "x316" + "x315" ] }, { @@ -154881,7 +154332,7 @@ ], "operation": "static_cast", "arguments": [ - "x317" + "x316" ] }, { @@ -154891,7 +154342,7 @@ ], "operation": "static_cast", "arguments": [ - "x318" + "x317" ] }, { @@ -154901,7 +154352,7 @@ ], "operation": "static_cast", "arguments": [ - "x319" + "x318" ] }, { @@ -154911,7 +154362,7 @@ ], "operation": "static_cast", "arguments": [ - "x320" + "x319" ] }, { @@ -154921,7 +154372,7 @@ ], "operation": "static_cast", "arguments": [ - "x321" + "x320" ] }, { @@ -154931,7 +154382,7 @@ ], "operation": "static_cast", "arguments": [ - "x322" + "x321" ] }, { @@ -154941,7 +154392,7 @@ ], "operation": "static_cast", "arguments": [ - "x323" + "x322" ] }, { @@ -154951,7 +154402,7 @@ ], "operation": "static_cast", "arguments": [ - "x324" + "x323" ] }, { @@ -154961,7 +154412,7 @@ ], "operation": "static_cast", "arguments": [ - "x325" + "x324" ] }, { @@ -154971,7 +154422,7 @@ ], "operation": "static_cast", "arguments": [ - "x326" + "x325" ] }, { @@ -154981,7 +154432,7 @@ ], "operation": "static_cast", "arguments": [ - "x327" + "x326" ] }, { @@ -154991,7 +154442,7 @@ ], "operation": "static_cast", "arguments": [ - "x328" + "x327" ] }, { @@ -155001,7 +154452,7 @@ ], "operation": "static_cast", "arguments": [ - "x329" + "x328" ] }, { @@ -155011,7 +154462,7 @@ ], "operation": "static_cast", "arguments": [ - "x330" + "x329" ] }, { @@ -155021,7 +154472,7 @@ ], "operation": "static_cast", "arguments": [ - "x331" + "x330" ] }, { @@ -155031,7 +154482,7 @@ ], "operation": "static_cast", "arguments": [ - "x332" + "x331" ] }, { @@ -155041,7 +154492,7 @@ ], "operation": "static_cast", "arguments": [ - "x333" + "x332" ] }, { @@ -155051,7 +154502,7 @@ ], "operation": "static_cast", "arguments": [ - "x334" + "x333" ] } ] diff --git a/fiat-json/src/p384_64.json b/fiat-json/src/p384_64.json index 08fd2323f1..d3ce9dceed 100644 --- a/fiat-json/src/p384_64.json +++ b/fiat-json/src/p384_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -43821,35 +43785,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x7" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x8" + "x7" ], "operation": "static_cast", "arguments": [ @@ -43871,35 +43810,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x10" + "x8" ], "operation": "static_cast", "arguments": [ @@ -43913,7 +43827,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x7" ] }, "8" @@ -43921,35 +43835,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x12" + "x9" ], "operation": "static_cast", "arguments": [ @@ -43963,7 +43852,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x8" ] }, "8" @@ -43971,35 +43860,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x14" + "x10" ], "operation": "static_cast", "arguments": [ @@ -44013,7 +43877,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x9" ] }, "8" @@ -44021,35 +43885,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x14" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x16" + "x11" ], "operation": "static_cast", "arguments": [ @@ -44063,7 +43902,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x10" ] }, "8" @@ -44071,35 +43910,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x18" + "x12" ], "operation": "static_cast", "arguments": [ @@ -44113,7 +43927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x11" ] }, "8" @@ -44124,32 +43938,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x13" ], "operation": "static_cast", "arguments": [ @@ -44163,7 +43952,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x12" ] }, "8" @@ -44171,35 +43960,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x22" + "x14" ], "operation": "static_cast", "arguments": [ @@ -44221,17 +43985,217 @@ } ] }, + { + "datatype": "u64", + "name": [ + "x15" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x16" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x17" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x18" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x19" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + }, + "8" + ] + } + ] + }, { "datatype": "u8", "name": [ - "x23" + "x20" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x21" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x22" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x23" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44241,7 +44205,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -44263,7 +44227,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -44272,16 +44236,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x25" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44291,7 +44255,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -44313,7 +44277,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x25" ] }, "8" @@ -44331,7 +44295,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44341,7 +44305,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -44363,7 +44327,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x3" ] }, "8" @@ -44372,16 +44336,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44391,7 +44355,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -44413,7 +44377,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -44422,16 +44386,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44441,7 +44405,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -44463,7 +44427,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -44472,16 +44436,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x33" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44491,7 +44455,7 @@ "x32" ] }, - "0xff" + "8" ] } ] @@ -44513,7 +44477,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x33" ] }, "8" @@ -44522,26 +44486,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x35" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x2" ] }, - "0xff" + "8" ] } ] @@ -44563,7 +44527,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x35" ] }, "8" @@ -44572,16 +44536,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44591,7 +44555,7 @@ "x36" ] }, - "0xff" + "8" ] } ] @@ -44613,7 +44577,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x37" ] }, "8" @@ -44622,16 +44586,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x39" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44641,7 +44605,7 @@ "x38" ] }, - "0xff" + "8" ] } ] @@ -44663,7 +44627,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x39" ] }, "8" @@ -44681,7 +44645,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44691,7 +44655,7 @@ "x40" ] }, - "0xff" + "8" ] } ] @@ -44713,7 +44677,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x1" ] }, "8" @@ -44722,16 +44686,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x43" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44741,7 +44705,7 @@ "x42" ] }, - "0xff" + "8" ] } ] @@ -44763,7 +44727,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x43" ] }, "8" @@ -44772,16 +44736,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x45" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44791,7 +44755,7 @@ "x44" ] }, - "0xff" + "8" ] } ] @@ -44813,7 +44777,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x44" + "x45" ] }, "8" @@ -44822,16 +44786,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x47" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -44841,7 +44805,7 @@ "x46" ] }, - "0xff" + "8" ] } ] @@ -44863,910 +44827,27 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x61" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x62" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x63" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x64" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x65" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x66" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x67" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x68" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x69" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x70" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x71" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x72" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x73" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x75" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x76" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x77" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x78" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x79" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x80" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x81" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x83" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" + "x47" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x84" + "out1[0]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "8" + "x6" ] } ] @@ -45774,49 +44855,33 @@ { "datatype": "u8", "name": [ - "x85" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - "0xff" + "x7" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x86" + "out1[2]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - "8" + "x8" ] } ] @@ -45824,49 +44889,33 @@ { "datatype": "u8", "name": [ - "x87" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - "0xff" + "x9" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x88" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - "8" + "x10" ] } ] @@ -45874,24 +44923,16 @@ { "datatype": "u8", "name": [ - "x89" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x88" - ] - }, - "0xff" + "x11" ] } ] @@ -45899,98 +44940,20 @@ { "datatype": "u8", "name": [ - "x90" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x88" - ] - }, - "8" + "x12" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x19" - ] - }, { "datatype": "u8", "name": [ @@ -45998,7 +44961,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x13" ] }, { @@ -46008,7 +44971,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -46018,7 +44988,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -46028,7 +45005,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -46038,7 +45022,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -46048,7 +45039,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -46058,7 +45056,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -46068,7 +45073,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -46078,7 +45090,7 @@ ], "operation": "static_cast", "arguments": [ - "x34" + "x20" ] }, { @@ -46088,7 +45100,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -46098,7 +45117,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -46108,7 +45134,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -46118,7 +45151,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -46128,7 +45168,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -46138,7 +45185,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -46148,7 +45202,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -46158,7 +45219,7 @@ ], "operation": "static_cast", "arguments": [ - "x48" + "x27" ] }, { @@ -46168,7 +45229,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -46178,7 +45246,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -46188,7 +45263,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -46198,7 +45280,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -46208,7 +45297,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -46218,7 +45314,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, { @@ -46228,7 +45331,14 @@ ], "operation": "static_cast", "arguments": [ - "x61" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x33" + ] + } ] }, { @@ -46238,7 +45348,7 @@ ], "operation": "static_cast", "arguments": [ - "x62" + "x34" ] }, { @@ -46248,7 +45358,14 @@ ], "operation": "static_cast", "arguments": [ - "x63" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -46258,7 +45375,14 @@ ], "operation": "static_cast", "arguments": [ - "x65" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x35" + ] + } ] }, { @@ -46268,7 +45392,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } ] }, { @@ -46278,7 +45409,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x37" + ] + } ] }, { @@ -46288,7 +45426,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x38" + ] + } ] }, { @@ -46298,7 +45443,14 @@ ], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x39" + ] + } ] }, { @@ -46308,7 +45460,14 @@ ], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -46318,7 +45477,7 @@ ], "operation": "static_cast", "arguments": [ - "x76" + "x41" ] }, { @@ -46328,7 +45487,14 @@ ], "operation": "static_cast", "arguments": [ - "x77" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -46338,7 +45504,14 @@ ], "operation": "static_cast", "arguments": [ - "x79" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x42" + ] + } ] }, { @@ -46348,7 +45521,14 @@ ], "operation": "static_cast", "arguments": [ - "x81" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -46358,7 +45538,14 @@ ], "operation": "static_cast", "arguments": [ - "x83" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -46368,7 +45555,14 @@ ], "operation": "static_cast", "arguments": [ - "x85" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x45" + ] + } ] }, { @@ -46378,7 +45572,14 @@ ], "operation": "static_cast", "arguments": [ - "x87" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, { @@ -46388,7 +45589,14 @@ ], "operation": "static_cast", "arguments": [ - "x89" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -46398,7 +45606,7 @@ ], "operation": "static_cast", "arguments": [ - "x90" + "x48" ] } ] @@ -49509,22 +48717,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -52076,43 +51269,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x104" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x28" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x105" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x104" + } ] }, "0x0", @@ -52129,7 +51304,7 @@ { "datatype": "u64", "name": [ - "x106" + "x105" ], "operation": "cmovznz", "arguments": [ @@ -52138,7 +51313,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52155,7 +51337,7 @@ { "datatype": "u64", "name": [ - "x107" + "x106" ], "operation": "cmovznz", "arguments": [ @@ -52164,7 +51346,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52181,7 +51370,7 @@ { "datatype": "u64", "name": [ - "x108" + "x107" ], "operation": "cmovznz", "arguments": [ @@ -52190,7 +51379,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52207,7 +51403,7 @@ { "datatype": "u64", "name": [ - "x109" + "x108" ], "operation": "cmovznz", "arguments": [ @@ -52216,7 +51412,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52233,7 +51436,7 @@ { "datatype": "u64", "name": [ - "x110" + "x109" ], "operation": "cmovznz", "arguments": [ @@ -52242,7 +51445,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52259,7 +51469,7 @@ { "datatype": "u64", "name": [ - "x111" + "x110" ], "operation": "cmovznz", "arguments": [ @@ -52268,7 +51478,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52285,8 +51502,8 @@ { "datatype": "(auto)", "name": [ - "x112", - "x113" + "x111", + "x112" ], "operation": "addcarryx", "parameters": { @@ -52307,7 +51524,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -52315,8 +51532,8 @@ { "datatype": "(auto)", "name": [ - "x114", - "x115" + "x113", + "x114" ], "operation": "addcarryx", "parameters": { @@ -52333,7 +51550,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x113" + "x112" ] } ] @@ -52351,7 +51568,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -52359,8 +51576,8 @@ { "datatype": "(auto)", "name": [ - "x116", - "x117" + "x115", + "x116" ], "operation": "addcarryx", "parameters": { @@ -52377,7 +51594,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] } ] @@ -52395,7 +51612,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -52403,8 +51620,8 @@ { "datatype": "(auto)", "name": [ - "x118", - "x119" + "x117", + "x118" ], "operation": "addcarryx", "parameters": { @@ -52421,7 +51638,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] } ] @@ -52439,7 +51656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -52447,8 +51664,8 @@ { "datatype": "(auto)", "name": [ - "x120", - "x121" + "x119", + "x120" ], "operation": "addcarryx", "parameters": { @@ -52465,7 +51682,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] } ] @@ -52483,7 +51700,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -52491,8 +51708,8 @@ { "datatype": "(auto)", "name": [ - "x122", - "x123" + "x121", + "x122" ], "operation": "addcarryx", "parameters": { @@ -52509,7 +51726,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] } ] @@ -52527,7 +51744,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x110" + "x109" ] } ] @@ -52535,7 +51752,7 @@ { "datatype": "(auto)", "name": [ - "x124", + "x123", "_" ], "operation": "addcarryx", @@ -52553,7 +51770,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] } ] @@ -52571,7 +51788,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -52579,7 +51796,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -52588,7 +51805,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52605,7 +51829,7 @@ { "datatype": "u64", "name": [ - "x127" + "x126" ], "operation": "cmovznz", "arguments": [ @@ -52614,7 +51838,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52631,7 +51862,7 @@ { "datatype": "u64", "name": [ - "x128" + "x127" ], "operation": "cmovznz", "arguments": [ @@ -52640,7 +51871,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52657,7 +51895,7 @@ { "datatype": "u64", "name": [ - "x129" + "x128" ], "operation": "cmovznz", "arguments": [ @@ -52666,7 +51904,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52683,7 +51928,7 @@ { "datatype": "u64", "name": [ - "x130" + "x129" ], "operation": "cmovznz", "arguments": [ @@ -52692,7 +51937,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52709,7 +51961,7 @@ { "datatype": "u64", "name": [ - "x131" + "x130" ], "operation": "cmovznz", "arguments": [ @@ -52718,7 +51970,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -52735,8 +51994,8 @@ { "datatype": "(auto)", "name": [ - "x132", - "x133" + "x131", + "x132" ], "operation": "addcarryx", "parameters": { @@ -52757,7 +52016,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] @@ -52765,8 +52024,8 @@ { "datatype": "(auto)", "name": [ - "x134", - "x135" + "x133", + "x134" ], "operation": "addcarryx", "parameters": { @@ -52783,7 +52042,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x133" + "x132" ] } ] @@ -52801,7 +52060,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x126" ] } ] @@ -52809,8 +52068,8 @@ { "datatype": "(auto)", "name": [ - "x136", - "x137" + "x135", + "x136" ], "operation": "addcarryx", "parameters": { @@ -52827,7 +52086,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -52845,7 +52104,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x128" + "x127" ] } ] @@ -52853,8 +52112,8 @@ { "datatype": "(auto)", "name": [ - "x138", - "x139" + "x137", + "x138" ], "operation": "addcarryx", "parameters": { @@ -52871,7 +52130,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -52889,7 +52148,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x128" ] } ] @@ -52897,8 +52156,8 @@ { "datatype": "(auto)", "name": [ - "x140", - "x141" + "x139", + "x140" ], "operation": "addcarryx", "parameters": { @@ -52915,7 +52174,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -52933,7 +52192,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -52941,8 +52200,8 @@ { "datatype": "(auto)", "name": [ - "x142", - "x143" + "x141", + "x142" ], "operation": "addcarryx", "parameters": { @@ -52959,7 +52218,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -52977,7 +52236,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x131" + "x130" ] } ] @@ -52985,8 +52244,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "subborrowx", "parameters": { @@ -53004,7 +52263,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -53015,8 +52274,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "subborrowx", "parameters": { @@ -53033,7 +52292,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -53048,7 +52307,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -53059,8 +52318,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "subborrowx", "parameters": { @@ -53077,7 +52336,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -53092,7 +52351,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -53103,8 +52362,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "subborrowx", "parameters": { @@ -53121,7 +52380,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -53136,7 +52395,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -53147,8 +52406,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "subborrowx", "parameters": { @@ -53165,7 +52424,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -53180,7 +52439,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -53191,8 +52450,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "subborrowx", "parameters": { @@ -53209,7 +52468,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -53224,7 +52483,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -53236,7 +52495,7 @@ "datatype": "(auto)", "name": [ "_", - "x157" + "x156" ], "operation": "subborrowx", "parameters": { @@ -53253,7 +52512,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -53268,7 +52527,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -53279,7 +52538,7 @@ { "datatype": "(auto)", "name": [ - "x158", + "x157", "_" ], "operation": "addcarryx", @@ -53302,175 +52561,7 @@ { "datatype": "u64", "name": [ - "x160" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x112" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - } - ] - }, - "63" - ] - }, - "0xffffffffffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x161" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x116" - ] - } - ] - }, - "63" - ] - }, - "0xffffffffffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x162" + "x159" ], "operation": "static_cast", "arguments": [ @@ -53499,7 +52590,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x116" + "x111" ] } ] @@ -53534,7 +52625,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x113" ] } ] @@ -53554,7 +52645,7 @@ { "datatype": "u64", "name": [ - "x163" + "x160" ], "operation": "static_cast", "arguments": [ @@ -53583,7 +52674,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x113" ] } ] @@ -53618,7 +52709,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x115" ] } ] @@ -53638,7 +52729,7 @@ { "datatype": "u64", "name": [ - "x164" + "x161" ], "operation": "static_cast", "arguments": [ @@ -53667,7 +52758,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x115" ] } ] @@ -53702,7 +52793,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x117" ] } ] @@ -53722,7 +52813,7 @@ { "datatype": "u64", "name": [ - "x165" + "x162" ], "operation": "static_cast", "arguments": [ @@ -53751,7 +52842,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x117" ] } ] @@ -53786,7 +52877,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x119" ] } ] @@ -53806,7 +52897,175 @@ { "datatype": "u64", "name": [ - "x166" + "x163" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x119" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x121" + ] + } + ] + }, + "63" + ] + }, + "0xffffffffffffffff" + ] + } + ] + } + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x164" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x121" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x123" + ] + } + ] + }, + "63" + ] + }, + "0xffffffffffffffff" + ] + } + ] + } + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x165" ], "operation": "static_cast", "arguments": [ @@ -53835,7 +53094,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -53865,7 +53124,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -53882,7 +53141,7 @@ { "datatype": "u64", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -53936,7 +53195,7 @@ { "datatype": "u64", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -53990,7 +53249,7 @@ { "datatype": "u64", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -54044,7 +53303,7 @@ { "datatype": "u64", "name": [ - "x170" + "x169" ], "operation": "cmovznz", "arguments": [ @@ -54098,7 +53357,7 @@ { "datatype": "u64", "name": [ - "x171" + "x170" ], "operation": "cmovznz", "arguments": [ @@ -54152,7 +53411,7 @@ { "datatype": "u64", "name": [ - "x172" + "x171" ], "operation": "cmovznz", "arguments": [ @@ -54206,7 +53465,7 @@ { "datatype": "u64", "name": [ - "x173" + "x172" ], "operation": "cmovznz", "arguments": [ @@ -54220,7 +53479,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54235,7 +53494,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -54250,7 +53509,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -54260,7 +53519,7 @@ { "datatype": "u64", "name": [ - "x174" + "x173" ], "operation": "cmovznz", "arguments": [ @@ -54274,7 +53533,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54289,7 +53548,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -54304,7 +53563,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -54314,7 +53573,7 @@ { "datatype": "u64", "name": [ - "x175" + "x174" ], "operation": "cmovznz", "arguments": [ @@ -54328,7 +53587,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54343,7 +53602,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -54358,7 +53617,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -54368,7 +53627,7 @@ { "datatype": "u64", "name": [ - "x176" + "x175" ], "operation": "cmovznz", "arguments": [ @@ -54382,7 +53641,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54397,7 +53656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -54412,7 +53671,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -54422,7 +53681,7 @@ { "datatype": "u64", "name": [ - "x177" + "x176" ], "operation": "cmovznz", "arguments": [ @@ -54436,7 +53695,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54451,7 +53710,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -54466,7 +53725,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -54476,7 +53735,7 @@ { "datatype": "u64", "name": [ - "x178" + "x177" ], "operation": "cmovznz", "arguments": [ @@ -54490,7 +53749,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -54505,7 +53764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -54520,7 +53779,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -54539,7 +53798,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -54621,7 +53880,7 @@ ], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] }, { @@ -54631,7 +53890,7 @@ ], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] }, { @@ -54641,7 +53900,7 @@ ], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] }, { @@ -54651,7 +53910,7 @@ ], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] }, { @@ -54661,7 +53920,7 @@ ], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] }, { @@ -54671,7 +53930,7 @@ ], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] }, { @@ -54681,7 +53940,7 @@ ], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] }, { @@ -54691,7 +53950,7 @@ ], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] }, { @@ -54701,7 +53960,7 @@ ], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] }, { @@ -54711,7 +53970,7 @@ ], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] }, { @@ -54721,7 +53980,7 @@ ], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] }, { @@ -54731,7 +53990,7 @@ ], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] }, { @@ -54741,7 +54000,7 @@ ], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] }, { @@ -54751,7 +54010,7 @@ ], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] }, { @@ -54761,7 +54020,7 @@ ], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] }, { @@ -54771,7 +54030,7 @@ ], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] }, { @@ -54781,7 +54040,7 @@ ], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] }, { @@ -54791,7 +54050,7 @@ ], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] }, { @@ -54801,7 +54060,7 @@ ], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] diff --git a/fiat-json/src/p384_scalar_32.json b/fiat-json/src/p384_scalar_32.json index c0f04ee4fb..91941b1f4d 100644 --- a/fiat-json/src/p384_scalar_32.json +++ b/fiat-json/src/p384_scalar_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -164400,35 +164364,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x14" + "x13" ], "operation": "static_cast", "arguments": [ @@ -164450,35 +164389,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x14" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x14" ], "operation": "static_cast", "arguments": [ @@ -164492,7 +164406,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x13" ] }, "8" @@ -164503,32 +164417,7 @@ { "datatype": "u8", "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x18" + "x15" ], "operation": "static_cast", "arguments": [ @@ -164542,7 +164431,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x14" ] }, "8" @@ -164550,35 +164439,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x20" + "x16" ], "operation": "static_cast", "arguments": [ @@ -164600,35 +164464,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x17" ], "operation": "static_cast", "arguments": [ @@ -164642,7 +164481,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x16" ] }, "8" @@ -164653,32 +164492,7 @@ { "datatype": "u8", "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x24" + "x18" ], "operation": "static_cast", "arguments": [ @@ -164692,7 +164506,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x17" ] }, "8" @@ -164700,35 +164514,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x26" + "x19" ], "operation": "static_cast", "arguments": [ @@ -164750,6 +164539,181 @@ } ] }, + { + "datatype": "u32", + "name": [ + "x20" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u8", + "name": [ + "x21" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u8", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x22" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x23" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u8", + "name": [ + "x24" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u8", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x25" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x8" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u32", + "name": [ + "x26" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + }, + "8" + ] + } + ] + }, { "datatype": "u8", "name": [ @@ -164760,7 +164724,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -164770,7 +164734,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -164792,7 +164756,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x7" ] }, "8" @@ -164801,16 +164765,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -164820,7 +164784,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -164842,7 +164806,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -164851,26 +164815,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x6" ] }, - "0xff" + "8" ] } ] @@ -164892,7 +164856,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x31" ] }, "8" @@ -164910,7 +164874,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -164920,7 +164884,7 @@ "x32" ] }, - "0xff" + "8" ] } ] @@ -164942,7 +164906,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x5" ] }, "8" @@ -164951,16 +164915,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x35" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -164970,7 +164934,7 @@ "x34" ] }, - "0xff" + "8" ] } ] @@ -164992,7 +164956,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x35" ] }, "8" @@ -165001,26 +164965,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x4" ] }, - "0xff" + "8" ] } ] @@ -165042,7 +165006,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x37" ] }, "8" @@ -165060,7 +165024,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -165070,7 +165034,7 @@ "x38" ] }, - "0xff" + "8" ] } ] @@ -165092,7 +165056,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x3" ] }, "8" @@ -165101,16 +165065,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x41" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -165120,7 +165084,7 @@ "x40" ] }, - "0xff" + "8" ] } ] @@ -165142,7 +165106,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x41" ] }, "8" @@ -165151,26 +165115,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x43" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x2" ] }, - "0xff" + "8" ] } ] @@ -165192,7 +165156,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x43" ] }, "8" @@ -165210,7 +165174,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -165220,7 +165184,7 @@ "x44" ] }, - "0xff" + "8" ] } ] @@ -165242,7 +165206,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x44" + "x1" ] }, "8" @@ -165251,16 +165215,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x47" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -165270,7 +165234,7 @@ "x46" ] }, - "0xff" + "8" ] } ] @@ -165292,7 +165256,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x47" ] }, "8" @@ -165303,49 +165267,33 @@ { "datatype": "u8", "name": [ - "x49" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" + "x12" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x50" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "8" + "x13" ] } ] @@ -165353,74 +165301,43 @@ { "datatype": "u8", "name": [ - "x51" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" + "x14" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x52" + "out1[3]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } + "x15" ] }, { "datatype": "u8", "name": [ - "x53" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" + "x11" ] } ] @@ -165428,24 +165345,16 @@ { "datatype": "u8", "name": [ - "x54" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" + "x16" ] } ] @@ -165453,99 +165362,60 @@ { "datatype": "u8", "name": [ - "x55" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" + "x17" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x56" + "out1[7]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "8" - ] - } + "x18" ] }, { "datatype": "u8", "name": [ - "x57" + "out1[8]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" + "x10" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x58" + "out1[9]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" + "x19" ] } ] @@ -165553,24 +165423,16 @@ { "datatype": "u8", "name": [ - "x59" + "out1[10]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" + "x20" ] } ] @@ -165578,74 +165440,43 @@ { "datatype": "u8", "name": [ - "x60" + "out1[11]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } + "x21" ] }, { "datatype": "u8", "name": [ - "x61" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" + "x9" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x62" + "out1[13]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "8" + "x22" ] } ] @@ -165653,74 +165484,43 @@ { "datatype": "u8", "name": [ - "x63" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - }, - "0xff" + "x23" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x64" + "out1[15]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - }, - "8" - ] - } + "x24" ] }, { "datatype": "u8", "name": [ - "x65" + "out1[16]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "0xff" + "x8" ] } ] @@ -165728,24 +165528,16 @@ { "datatype": "u8", "name": [ - "x66" + "out1[17]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "8" + "x25" ] } ] @@ -165753,99 +165545,60 @@ { "datatype": "u8", "name": [ - "x67" + "out1[18]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" + "x26" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x68" + "out1[19]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "8" - ] - } + "x27" ] }, { "datatype": "u8", "name": [ - "x69" + "out1[20]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "0xff" + "x7" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x70" + "out1[21]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "8" + "x28" ] } ] @@ -165853,24 +165606,16 @@ { "datatype": "u8", "name": [ - "x71" + "out1[22]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "0xff" + "x29" ] } ] @@ -165878,74 +165623,43 @@ { "datatype": "u8", "name": [ - "x72" + "out1[23]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "8" - ] - } + "x30" ] }, { "datatype": "u8", "name": [ - "x73" + "out1[24]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x74" + "out1[25]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x31" ] } ] @@ -165953,74 +165667,43 @@ { "datatype": "u8", "name": [ - "x75" + "out1[26]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "0xff" + "x32" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x76" + "out1[27]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "8" - ] - } + "x33" ] }, { "datatype": "u8", "name": [ - "x77" + "out1[28]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "0xff" + "x5" ] } ] @@ -166028,24 +165711,16 @@ { "datatype": "u8", "name": [ - "x78" + "out1[29]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - "8" + "x34" ] } ] @@ -166053,99 +165728,43 @@ { "datatype": "u8", "name": [ - "x79" + "out1[30]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" + "x35" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x80" + "out1[31]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } + "x36" ] }, { "datatype": "u8", "name": [ - "x81" + "out1[32]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "8" + "x4" ] } ] @@ -166153,24 +165772,16 @@ { "datatype": "u8", "name": [ - "x83" + "out1[33]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "0xff" + "x37" ] } ] @@ -166178,378 +165789,20 @@ { "datatype": "u8", "name": [ - "x84" + "out1[34]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "8" + "x38" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x19" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x21" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x23" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x25" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x27" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x29" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x31" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x33" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x35" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x37" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x49" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[25]" - ], - "operation": "static_cast", - "arguments": [ - "x51" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[26]" - ], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[27]" - ], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[28]" - ], - "operation": "static_cast", - "arguments": [ - "x55" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[29]" - ], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[30]" - ], - "operation": "static_cast", - "arguments": [ - "x59" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[31]" - ], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[32]" - ], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[33]" - ], - "operation": "static_cast", - "arguments": [ - "x63" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[34]" - ], - "operation": "static_cast", - "arguments": [ - "x65" - ] - }, { "datatype": "u8", "name": [ @@ -166557,7 +165810,7 @@ ], "operation": "static_cast", "arguments": [ - "x66" + "x39" ] }, { @@ -166567,7 +165820,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -166577,7 +165837,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -166587,7 +165854,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x41" + ] + } ] }, { @@ -166597,7 +165871,7 @@ ], "operation": "static_cast", "arguments": [ - "x72" + "x42" ] }, { @@ -166607,7 +165881,14 @@ ], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -166617,7 +165898,14 @@ ], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -166627,7 +165915,14 @@ ], "operation": "static_cast", "arguments": [ - "x77" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -166637,7 +165932,7 @@ ], "operation": "static_cast", "arguments": [ - "x78" + "x45" ] }, { @@ -166647,7 +165942,14 @@ ], "operation": "static_cast", "arguments": [ - "x79" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -166657,7 +165959,14 @@ ], "operation": "static_cast", "arguments": [ - "x81" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, { @@ -166667,7 +165976,14 @@ ], "operation": "static_cast", "arguments": [ - "x83" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -166677,7 +165993,7 @@ ], "operation": "static_cast", "arguments": [ - "x84" + "x48" ] } ] @@ -169818,22 +169134,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -174728,43 +174029,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x194" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x46" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x195" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x194" + } ] }, "0x0", @@ -174781,7 +174064,7 @@ { "datatype": "u32", "name": [ - "x196" + "x195" ], "operation": "cmovznz", "arguments": [ @@ -174790,7 +174073,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174807,7 +174097,7 @@ { "datatype": "u32", "name": [ - "x197" + "x196" ], "operation": "cmovznz", "arguments": [ @@ -174816,7 +174106,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174833,7 +174130,7 @@ { "datatype": "u32", "name": [ - "x198" + "x197" ], "operation": "cmovznz", "arguments": [ @@ -174842,7 +174139,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174859,7 +174163,7 @@ { "datatype": "u32", "name": [ - "x199" + "x198" ], "operation": "cmovznz", "arguments": [ @@ -174868,7 +174172,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174885,7 +174196,7 @@ { "datatype": "u32", "name": [ - "x200" + "x199" ], "operation": "cmovznz", "arguments": [ @@ -174894,7 +174205,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174911,7 +174229,7 @@ { "datatype": "u32", "name": [ - "x201" + "x200" ], "operation": "cmovznz", "arguments": [ @@ -174920,7 +174238,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174937,7 +174262,7 @@ { "datatype": "u32", "name": [ - "x202" + "x201" ], "operation": "cmovznz", "arguments": [ @@ -174946,7 +174271,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174963,7 +174295,7 @@ { "datatype": "u32", "name": [ - "x203" + "x202" ], "operation": "cmovznz", "arguments": [ @@ -174972,7 +174304,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -174989,7 +174328,7 @@ { "datatype": "u32", "name": [ - "x204" + "x203" ], "operation": "cmovznz", "arguments": [ @@ -174998,7 +174337,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175015,7 +174361,7 @@ { "datatype": "u32", "name": [ - "x205" + "x204" ], "operation": "cmovznz", "arguments": [ @@ -175024,7 +174370,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175041,7 +174394,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "cmovznz", "arguments": [ @@ -175050,7 +174403,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175067,7 +174427,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "cmovznz", "arguments": [ @@ -175076,7 +174436,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175093,8 +174460,8 @@ { "datatype": "(auto)", "name": [ - "x208", - "x209" + "x207", + "x208" ], "operation": "addcarryx", "parameters": { @@ -175115,7 +174482,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -175123,8 +174490,8 @@ { "datatype": "(auto)", "name": [ - "x210", - "x211" + "x209", + "x210" ], "operation": "addcarryx", "parameters": { @@ -175141,7 +174508,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] } ] @@ -175159,7 +174526,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -175167,8 +174534,8 @@ { "datatype": "(auto)", "name": [ - "x212", - "x213" + "x211", + "x212" ], "operation": "addcarryx", "parameters": { @@ -175185,7 +174552,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] } ] @@ -175203,7 +174570,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -175211,8 +174578,8 @@ { "datatype": "(auto)", "name": [ - "x214", - "x215" + "x213", + "x214" ], "operation": "addcarryx", "parameters": { @@ -175229,7 +174596,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] } ] @@ -175247,7 +174614,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -175255,8 +174622,8 @@ { "datatype": "(auto)", "name": [ - "x216", - "x217" + "x215", + "x216" ], "operation": "addcarryx", "parameters": { @@ -175273,7 +174640,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] } ] @@ -175291,7 +174658,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -175299,8 +174666,8 @@ { "datatype": "(auto)", "name": [ - "x218", - "x219" + "x217", + "x218" ], "operation": "addcarryx", "parameters": { @@ -175317,7 +174684,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] } ] @@ -175335,7 +174702,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -175343,8 +174710,8 @@ { "datatype": "(auto)", "name": [ - "x220", - "x221" + "x219", + "x220" ], "operation": "addcarryx", "parameters": { @@ -175361,7 +174728,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] } ] @@ -175379,7 +174746,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -175387,8 +174754,8 @@ { "datatype": "(auto)", "name": [ - "x222", - "x223" + "x221", + "x222" ], "operation": "addcarryx", "parameters": { @@ -175405,7 +174772,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] } ] @@ -175423,7 +174790,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x202" + "x201" ] } ] @@ -175431,8 +174798,8 @@ { "datatype": "(auto)", "name": [ - "x224", - "x225" + "x223", + "x224" ], "operation": "addcarryx", "parameters": { @@ -175449,7 +174816,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] } ] @@ -175467,7 +174834,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -175475,8 +174842,8 @@ { "datatype": "(auto)", "name": [ - "x226", - "x227" + "x225", + "x226" ], "operation": "addcarryx", "parameters": { @@ -175493,7 +174860,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] } ] @@ -175511,7 +174878,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -175519,8 +174886,8 @@ { "datatype": "(auto)", "name": [ - "x228", - "x229" + "x227", + "x228" ], "operation": "addcarryx", "parameters": { @@ -175537,7 +174904,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] } ] @@ -175555,7 +174922,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x205" + "x204" ] } ] @@ -175563,8 +174930,8 @@ { "datatype": "(auto)", "name": [ - "x230", - "x231" + "x229", + "x230" ], "operation": "addcarryx", "parameters": { @@ -175581,7 +174948,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] } ] @@ -175599,7 +174966,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] } ] @@ -175607,7 +174974,7 @@ { "datatype": "(auto)", "name": [ - "x232", + "x231", "_" ], "operation": "addcarryx", @@ -175625,7 +174992,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x231" + "x230" ] } ] @@ -175643,7 +175010,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] } ] @@ -175651,7 +175018,7 @@ { "datatype": "u32", "name": [ - "x234" + "x233" ], "operation": "cmovznz", "arguments": [ @@ -175660,7 +175027,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175677,7 +175051,7 @@ { "datatype": "u32", "name": [ - "x235" + "x234" ], "operation": "cmovznz", "arguments": [ @@ -175686,7 +175060,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175703,7 +175084,7 @@ { "datatype": "u32", "name": [ - "x236" + "x235" ], "operation": "cmovznz", "arguments": [ @@ -175712,7 +175093,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175729,7 +175117,7 @@ { "datatype": "u32", "name": [ - "x237" + "x236" ], "operation": "cmovznz", "arguments": [ @@ -175738,7 +175126,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175755,7 +175150,7 @@ { "datatype": "u32", "name": [ - "x238" + "x237" ], "operation": "cmovznz", "arguments": [ @@ -175764,7 +175159,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175781,7 +175183,7 @@ { "datatype": "u32", "name": [ - "x239" + "x238" ], "operation": "cmovznz", "arguments": [ @@ -175790,7 +175192,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175807,7 +175216,7 @@ { "datatype": "u32", "name": [ - "x240" + "x239" ], "operation": "cmovznz", "arguments": [ @@ -175816,7 +175225,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175833,7 +175249,7 @@ { "datatype": "u32", "name": [ - "x241" + "x240" ], "operation": "cmovznz", "arguments": [ @@ -175842,7 +175258,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175859,7 +175282,7 @@ { "datatype": "u32", "name": [ - "x242" + "x241" ], "operation": "cmovznz", "arguments": [ @@ -175868,7 +175291,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175885,7 +175315,7 @@ { "datatype": "u32", "name": [ - "x243" + "x242" ], "operation": "cmovznz", "arguments": [ @@ -175894,7 +175324,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175911,7 +175348,7 @@ { "datatype": "u32", "name": [ - "x244" + "x243" ], "operation": "cmovznz", "arguments": [ @@ -175920,7 +175357,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175937,7 +175381,7 @@ { "datatype": "u32", "name": [ - "x245" + "x244" ], "operation": "cmovznz", "arguments": [ @@ -175946,7 +175390,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "0x0", @@ -175963,8 +175414,8 @@ { "datatype": "(auto)", "name": [ - "x246", - "x247" + "x245", + "x246" ], "operation": "addcarryx", "parameters": { @@ -175985,7 +175436,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x234" + "x233" ] } ] @@ -175993,8 +175444,8 @@ { "datatype": "(auto)", "name": [ - "x248", - "x249" + "x247", + "x248" ], "operation": "addcarryx", "parameters": { @@ -176011,7 +175462,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x247" + "x246" ] } ] @@ -176029,7 +175480,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x235" + "x234" ] } ] @@ -176037,8 +175488,8 @@ { "datatype": "(auto)", "name": [ - "x250", - "x251" + "x249", + "x250" ], "operation": "addcarryx", "parameters": { @@ -176055,7 +175506,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x249" + "x248" ] } ] @@ -176073,7 +175524,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x236" + "x235" ] } ] @@ -176081,8 +175532,8 @@ { "datatype": "(auto)", "name": [ - "x252", - "x253" + "x251", + "x252" ], "operation": "addcarryx", "parameters": { @@ -176099,7 +175550,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x251" + "x250" ] } ] @@ -176117,7 +175568,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x237" + "x236" ] } ] @@ -176125,8 +175576,8 @@ { "datatype": "(auto)", "name": [ - "x254", - "x255" + "x253", + "x254" ], "operation": "addcarryx", "parameters": { @@ -176143,7 +175594,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x253" + "x252" ] } ] @@ -176161,7 +175612,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x238" + "x237" ] } ] @@ -176169,8 +175620,8 @@ { "datatype": "(auto)", "name": [ - "x256", - "x257" + "x255", + "x256" ], "operation": "addcarryx", "parameters": { @@ -176187,7 +175638,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x255" + "x254" ] } ] @@ -176205,7 +175656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x239" + "x238" ] } ] @@ -176213,8 +175664,8 @@ { "datatype": "(auto)", "name": [ - "x258", - "x259" + "x257", + "x258" ], "operation": "addcarryx", "parameters": { @@ -176231,7 +175682,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x257" + "x256" ] } ] @@ -176249,7 +175700,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x240" + "x239" ] } ] @@ -176257,8 +175708,8 @@ { "datatype": "(auto)", "name": [ - "x260", - "x261" + "x259", + "x260" ], "operation": "addcarryx", "parameters": { @@ -176275,7 +175726,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x259" + "x258" ] } ] @@ -176293,7 +175744,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x241" + "x240" ] } ] @@ -176301,8 +175752,8 @@ { "datatype": "(auto)", "name": [ - "x262", - "x263" + "x261", + "x262" ], "operation": "addcarryx", "parameters": { @@ -176319,7 +175770,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x261" + "x260" ] } ] @@ -176337,7 +175788,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x242" + "x241" ] } ] @@ -176345,8 +175796,8 @@ { "datatype": "(auto)", "name": [ - "x264", - "x265" + "x263", + "x264" ], "operation": "addcarryx", "parameters": { @@ -176363,7 +175814,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x263" + "x262" ] } ] @@ -176381,7 +175832,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x243" + "x242" ] } ] @@ -176389,8 +175840,8 @@ { "datatype": "(auto)", "name": [ - "x266", - "x267" + "x265", + "x266" ], "operation": "addcarryx", "parameters": { @@ -176407,7 +175858,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x265" + "x264" ] } ] @@ -176425,7 +175876,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x244" + "x243" ] } ] @@ -176433,8 +175884,8 @@ { "datatype": "(auto)", "name": [ - "x268", - "x269" + "x267", + "x268" ], "operation": "addcarryx", "parameters": { @@ -176451,7 +175902,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x267" + "x266" ] } ] @@ -176469,7 +175920,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x245" + "x244" ] } ] @@ -176477,8 +175928,8 @@ { "datatype": "(auto)", "name": [ - "x270", - "x271" + "x269", + "x270" ], "operation": "subborrowx", "parameters": { @@ -176496,7 +175947,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x246" + "x245" ] } ] @@ -176507,8 +175958,8 @@ { "datatype": "(auto)", "name": [ - "x272", - "x273" + "x271", + "x272" ], "operation": "subborrowx", "parameters": { @@ -176525,7 +175976,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x271" + "x270" ] } ] @@ -176540,7 +175991,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x248" + "x247" ] } ] @@ -176551,8 +176002,8 @@ { "datatype": "(auto)", "name": [ - "x274", - "x275" + "x273", + "x274" ], "operation": "subborrowx", "parameters": { @@ -176569,7 +176020,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x273" + "x272" ] } ] @@ -176584,7 +176035,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x250" + "x249" ] } ] @@ -176595,8 +176046,8 @@ { "datatype": "(auto)", "name": [ - "x276", - "x277" + "x275", + "x276" ], "operation": "subborrowx", "parameters": { @@ -176613,7 +176064,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x275" + "x274" ] } ] @@ -176628,7 +176079,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x252" + "x251" ] } ] @@ -176639,8 +176090,8 @@ { "datatype": "(auto)", "name": [ - "x278", - "x279" + "x277", + "x278" ], "operation": "subborrowx", "parameters": { @@ -176657,7 +176108,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x277" + "x276" ] } ] @@ -176672,7 +176123,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x254" + "x253" ] } ] @@ -176683,8 +176134,8 @@ { "datatype": "(auto)", "name": [ - "x280", - "x281" + "x279", + "x280" ], "operation": "subborrowx", "parameters": { @@ -176701,7 +176152,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x279" + "x278" ] } ] @@ -176716,7 +176167,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x256" + "x255" ] } ] @@ -176727,8 +176178,8 @@ { "datatype": "(auto)", "name": [ - "x282", - "x283" + "x281", + "x282" ], "operation": "subborrowx", "parameters": { @@ -176745,7 +176196,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x281" + "x280" ] } ] @@ -176760,7 +176211,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x258" + "x257" ] } ] @@ -176771,8 +176222,8 @@ { "datatype": "(auto)", "name": [ - "x284", - "x285" + "x283", + "x284" ], "operation": "subborrowx", "parameters": { @@ -176789,7 +176240,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x283" + "x282" ] } ] @@ -176804,7 +176255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x260" + "x259" ] } ] @@ -176815,8 +176266,8 @@ { "datatype": "(auto)", "name": [ - "x286", - "x287" + "x285", + "x286" ], "operation": "subborrowx", "parameters": { @@ -176833,7 +176284,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x285" + "x284" ] } ] @@ -176848,7 +176299,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x262" + "x261" ] } ] @@ -176859,8 +176310,8 @@ { "datatype": "(auto)", "name": [ - "x288", - "x289" + "x287", + "x288" ], "operation": "subborrowx", "parameters": { @@ -176877,7 +176328,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x287" + "x286" ] } ] @@ -176892,7 +176343,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x264" + "x263" ] } ] @@ -176903,8 +176354,8 @@ { "datatype": "(auto)", "name": [ - "x290", - "x291" + "x289", + "x290" ], "operation": "subborrowx", "parameters": { @@ -176921,7 +176372,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x289" + "x288" ] } ] @@ -176936,7 +176387,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x266" + "x265" ] } ] @@ -176947,8 +176398,8 @@ { "datatype": "(auto)", "name": [ - "x292", - "x293" + "x291", + "x292" ], "operation": "subborrowx", "parameters": { @@ -176965,7 +176416,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x291" + "x290" ] } ] @@ -176980,7 +176431,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x268" + "x267" ] } ] @@ -176992,7 +176443,7 @@ "datatype": "(auto)", "name": [ "_", - "x295" + "x294" ], "operation": "subborrowx", "parameters": { @@ -177009,7 +176460,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x293" + "x292" ] } ] @@ -177024,7 +176475,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x269" + "x268" ] } ] @@ -177035,7 +176486,7 @@ { "datatype": "(auto)", "name": [ - "x296", + "x295", "_" ], "operation": "addcarryx", @@ -177055,6 +176506,90 @@ "0x1" ] }, + { + "datatype": "u32", + "name": [ + "x297" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x207" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x209" + ] + } + ] + }, + "31" + ] + }, + "0xffffffff" + ] + } + ] + } + ] + } + ] + }, { "datatype": "u32", "name": [ @@ -177087,7 +176622,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x208" + "x209" ] } ] @@ -177122,7 +176657,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x210" + "x211" ] } ] @@ -177171,7 +176706,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x210" + "x211" ] } ] @@ -177206,7 +176741,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x212" + "x213" ] } ] @@ -177255,7 +176790,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x212" + "x213" ] } ] @@ -177290,7 +176825,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x214" + "x215" ] } ] @@ -177339,7 +176874,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x214" + "x215" ] } ] @@ -177374,7 +176909,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x216" + "x217" ] } ] @@ -177423,7 +176958,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x216" + "x217" ] } ] @@ -177458,7 +176993,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x218" + "x219" ] } ] @@ -177507,7 +177042,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x218" + "x219" ] } ] @@ -177542,7 +177077,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x220" + "x221" ] } ] @@ -177591,7 +177126,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x220" + "x221" ] } ] @@ -177626,7 +177161,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x222" + "x223" ] } ] @@ -177675,7 +177210,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x222" + "x223" ] } ] @@ -177710,7 +177245,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x224" + "x225" ] } ] @@ -177759,7 +177294,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x224" + "x225" ] } ] @@ -177794,7 +177329,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x226" + "x227" ] } ] @@ -177843,7 +177378,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x226" + "x227" ] } ] @@ -177878,7 +177413,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x228" + "x229" ] } ] @@ -177927,7 +177462,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x228" + "x229" ] } ] @@ -177962,7 +177497,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x230" + "x231" ] } ] @@ -177985,90 +177520,6 @@ "x309" ], "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x230" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x232" - ] - } - ] - }, - "31" - ] - }, - "0xffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x310" - ], - "operation": "static_cast", "arguments": [ { "datatype": "u32", @@ -178095,7 +177546,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x232" + "x231" ] } ] @@ -178125,7 +177576,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x232" + "x231" ] } ] @@ -178142,7 +177593,7 @@ { "datatype": "u32", "name": [ - "x311" + "x310" ], "operation": "cmovznz", "arguments": [ @@ -178196,7 +177647,7 @@ { "datatype": "u32", "name": [ - "x312" + "x311" ], "operation": "cmovznz", "arguments": [ @@ -178250,7 +177701,7 @@ { "datatype": "u32", "name": [ - "x313" + "x312" ], "operation": "cmovznz", "arguments": [ @@ -178304,7 +177755,7 @@ { "datatype": "u32", "name": [ - "x314" + "x313" ], "operation": "cmovznz", "arguments": [ @@ -178358,7 +177809,7 @@ { "datatype": "u32", "name": [ - "x315" + "x314" ], "operation": "cmovznz", "arguments": [ @@ -178412,7 +177863,7 @@ { "datatype": "u32", "name": [ - "x316" + "x315" ], "operation": "cmovznz", "arguments": [ @@ -178466,7 +177917,7 @@ { "datatype": "u32", "name": [ - "x317" + "x316" ], "operation": "cmovznz", "arguments": [ @@ -178520,7 +177971,7 @@ { "datatype": "u32", "name": [ - "x318" + "x317" ], "operation": "cmovznz", "arguments": [ @@ -178574,7 +178025,7 @@ { "datatype": "u32", "name": [ - "x319" + "x318" ], "operation": "cmovznz", "arguments": [ @@ -178628,7 +178079,7 @@ { "datatype": "u32", "name": [ - "x320" + "x319" ], "operation": "cmovznz", "arguments": [ @@ -178682,7 +178133,7 @@ { "datatype": "u32", "name": [ - "x321" + "x320" ], "operation": "cmovznz", "arguments": [ @@ -178736,7 +178187,7 @@ { "datatype": "u32", "name": [ - "x322" + "x321" ], "operation": "cmovznz", "arguments": [ @@ -178790,7 +178241,7 @@ { "datatype": "u32", "name": [ - "x323" + "x322" ], "operation": "cmovznz", "arguments": [ @@ -178804,7 +178255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -178819,7 +178270,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x270" + "x269" ] } ] @@ -178834,7 +178285,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x246" + "x245" ] } ] @@ -178844,7 +178295,7 @@ { "datatype": "u32", "name": [ - "x324" + "x323" ], "operation": "cmovznz", "arguments": [ @@ -178858,7 +178309,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -178873,7 +178324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x272" + "x271" ] } ] @@ -178888,7 +178339,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x248" + "x247" ] } ] @@ -178898,7 +178349,7 @@ { "datatype": "u32", "name": [ - "x325" + "x324" ], "operation": "cmovznz", "arguments": [ @@ -178912,7 +178363,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -178927,7 +178378,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x274" + "x273" ] } ] @@ -178942,7 +178393,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x250" + "x249" ] } ] @@ -178952,7 +178403,7 @@ { "datatype": "u32", "name": [ - "x326" + "x325" ], "operation": "cmovznz", "arguments": [ @@ -178966,7 +178417,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -178981,7 +178432,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x276" + "x275" ] } ] @@ -178996,7 +178447,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x252" + "x251" ] } ] @@ -179006,7 +178457,7 @@ { "datatype": "u32", "name": [ - "x327" + "x326" ], "operation": "cmovznz", "arguments": [ @@ -179020,7 +178471,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179035,7 +178486,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x278" + "x277" ] } ] @@ -179050,7 +178501,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x254" + "x253" ] } ] @@ -179060,7 +178511,7 @@ { "datatype": "u32", "name": [ - "x328" + "x327" ], "operation": "cmovznz", "arguments": [ @@ -179074,7 +178525,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179089,7 +178540,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x280" + "x279" ] } ] @@ -179104,7 +178555,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x256" + "x255" ] } ] @@ -179114,7 +178565,7 @@ { "datatype": "u32", "name": [ - "x329" + "x328" ], "operation": "cmovznz", "arguments": [ @@ -179128,7 +178579,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179143,7 +178594,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x282" + "x281" ] } ] @@ -179158,7 +178609,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x258" + "x257" ] } ] @@ -179168,7 +178619,7 @@ { "datatype": "u32", "name": [ - "x330" + "x329" ], "operation": "cmovznz", "arguments": [ @@ -179182,7 +178633,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179197,7 +178648,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x284" + "x283" ] } ] @@ -179212,7 +178663,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x260" + "x259" ] } ] @@ -179222,7 +178673,7 @@ { "datatype": "u32", "name": [ - "x331" + "x330" ], "operation": "cmovznz", "arguments": [ @@ -179236,7 +178687,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179251,7 +178702,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x286" + "x285" ] } ] @@ -179266,7 +178717,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x262" + "x261" ] } ] @@ -179276,7 +178727,7 @@ { "datatype": "u32", "name": [ - "x332" + "x331" ], "operation": "cmovznz", "arguments": [ @@ -179290,7 +178741,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179305,7 +178756,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x288" + "x287" ] } ] @@ -179320,7 +178771,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x264" + "x263" ] } ] @@ -179330,7 +178781,7 @@ { "datatype": "u32", "name": [ - "x333" + "x332" ], "operation": "cmovznz", "arguments": [ @@ -179344,7 +178795,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179359,7 +178810,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x290" + "x289" ] } ] @@ -179374,7 +178825,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x266" + "x265" ] } ] @@ -179384,7 +178835,7 @@ { "datatype": "u32", "name": [ - "x334" + "x333" ], "operation": "cmovznz", "arguments": [ @@ -179398,7 +178849,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x295" + "x294" ] } ] @@ -179413,7 +178864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x292" + "x291" ] } ] @@ -179428,7 +178879,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x268" + "x267" ] } ] @@ -179447,7 +178898,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x296" + "x295" ] } ] @@ -179589,7 +179040,7 @@ ], "operation": "static_cast", "arguments": [ - "x298" + "x297" ] }, { @@ -179599,7 +179050,7 @@ ], "operation": "static_cast", "arguments": [ - "x299" + "x298" ] }, { @@ -179609,7 +179060,7 @@ ], "operation": "static_cast", "arguments": [ - "x300" + "x299" ] }, { @@ -179619,7 +179070,7 @@ ], "operation": "static_cast", "arguments": [ - "x301" + "x300" ] }, { @@ -179629,7 +179080,7 @@ ], "operation": "static_cast", "arguments": [ - "x302" + "x301" ] }, { @@ -179639,7 +179090,7 @@ ], "operation": "static_cast", "arguments": [ - "x303" + "x302" ] }, { @@ -179649,7 +179100,7 @@ ], "operation": "static_cast", "arguments": [ - "x304" + "x303" ] }, { @@ -179659,7 +179110,7 @@ ], "operation": "static_cast", "arguments": [ - "x305" + "x304" ] }, { @@ -179669,7 +179120,7 @@ ], "operation": "static_cast", "arguments": [ - "x306" + "x305" ] }, { @@ -179679,7 +179130,7 @@ ], "operation": "static_cast", "arguments": [ - "x307" + "x306" ] }, { @@ -179689,7 +179140,7 @@ ], "operation": "static_cast", "arguments": [ - "x308" + "x307" ] }, { @@ -179699,7 +179150,7 @@ ], "operation": "static_cast", "arguments": [ - "x309" + "x308" ] }, { @@ -179709,7 +179160,7 @@ ], "operation": "static_cast", "arguments": [ - "x310" + "x309" ] }, { @@ -179719,7 +179170,7 @@ ], "operation": "static_cast", "arguments": [ - "x311" + "x310" ] }, { @@ -179729,7 +179180,7 @@ ], "operation": "static_cast", "arguments": [ - "x312" + "x311" ] }, { @@ -179739,7 +179190,7 @@ ], "operation": "static_cast", "arguments": [ - "x313" + "x312" ] }, { @@ -179749,7 +179200,7 @@ ], "operation": "static_cast", "arguments": [ - "x314" + "x313" ] }, { @@ -179759,7 +179210,7 @@ ], "operation": "static_cast", "arguments": [ - "x315" + "x314" ] }, { @@ -179769,7 +179220,7 @@ ], "operation": "static_cast", "arguments": [ - "x316" + "x315" ] }, { @@ -179779,7 +179230,7 @@ ], "operation": "static_cast", "arguments": [ - "x317" + "x316" ] }, { @@ -179789,7 +179240,7 @@ ], "operation": "static_cast", "arguments": [ - "x318" + "x317" ] }, { @@ -179799,7 +179250,7 @@ ], "operation": "static_cast", "arguments": [ - "x319" + "x318" ] }, { @@ -179809,7 +179260,7 @@ ], "operation": "static_cast", "arguments": [ - "x320" + "x319" ] }, { @@ -179819,7 +179270,7 @@ ], "operation": "static_cast", "arguments": [ - "x321" + "x320" ] }, { @@ -179829,7 +179280,7 @@ ], "operation": "static_cast", "arguments": [ - "x322" + "x321" ] }, { @@ -179839,7 +179290,7 @@ ], "operation": "static_cast", "arguments": [ - "x323" + "x322" ] }, { @@ -179849,7 +179300,7 @@ ], "operation": "static_cast", "arguments": [ - "x324" + "x323" ] }, { @@ -179859,7 +179310,7 @@ ], "operation": "static_cast", "arguments": [ - "x325" + "x324" ] }, { @@ -179869,7 +179320,7 @@ ], "operation": "static_cast", "arguments": [ - "x326" + "x325" ] }, { @@ -179879,7 +179330,7 @@ ], "operation": "static_cast", "arguments": [ - "x327" + "x326" ] }, { @@ -179889,7 +179340,7 @@ ], "operation": "static_cast", "arguments": [ - "x328" + "x327" ] }, { @@ -179899,7 +179350,7 @@ ], "operation": "static_cast", "arguments": [ - "x329" + "x328" ] }, { @@ -179909,7 +179360,7 @@ ], "operation": "static_cast", "arguments": [ - "x330" + "x329" ] }, { @@ -179919,7 +179370,7 @@ ], "operation": "static_cast", "arguments": [ - "x331" + "x330" ] }, { @@ -179929,7 +179380,7 @@ ], "operation": "static_cast", "arguments": [ - "x332" + "x331" ] }, { @@ -179939,7 +179390,7 @@ ], "operation": "static_cast", "arguments": [ - "x333" + "x332" ] }, { @@ -179949,7 +179400,7 @@ ], "operation": "static_cast", "arguments": [ - "x334" + "x333" ] } ] diff --git a/fiat-json/src/p384_scalar_64.json b/fiat-json/src/p384_scalar_64.json index 32b3834af2..1b48d314e5 100644 --- a/fiat-json/src/p384_scalar_64.json +++ b/fiat-json/src/p384_scalar_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -44808,35 +44772,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x7" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x8" + "x7" ], "operation": "static_cast", "arguments": [ @@ -44858,35 +44797,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x10" + "x8" ], "operation": "static_cast", "arguments": [ @@ -44900,7 +44814,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x7" ] }, "8" @@ -44908,35 +44822,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x12" + "x9" ], "operation": "static_cast", "arguments": [ @@ -44950,7 +44839,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x8" ] }, "8" @@ -44958,35 +44847,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x14" + "x10" ], "operation": "static_cast", "arguments": [ @@ -45000,7 +44864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x9" ] }, "8" @@ -45008,35 +44872,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x14" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x16" + "x11" ], "operation": "static_cast", "arguments": [ @@ -45050,7 +44889,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x10" ] }, "8" @@ -45058,35 +44897,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x18" + "x12" ], "operation": "static_cast", "arguments": [ @@ -45100,7 +44914,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x11" ] }, "8" @@ -45111,32 +44925,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x13" ], "operation": "static_cast", "arguments": [ @@ -45150,7 +44939,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x12" ] }, "8" @@ -45158,35 +44947,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u64", "name": [ - "x22" + "x14" ], "operation": "static_cast", "arguments": [ @@ -45208,17 +44972,217 @@ } ] }, + { + "datatype": "u64", + "name": [ + "x15" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x16" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x17" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x18" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x19" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + }, + "8" + ] + } + ] + }, { "datatype": "u8", "name": [ - "x23" + "x20" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x21" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x22" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + }, + "8" + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x23" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45228,7 +45192,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -45250,7 +45214,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -45259,16 +45223,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x25" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45278,7 +45242,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -45300,7 +45264,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x25" ] }, "8" @@ -45318,7 +45282,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45328,7 +45292,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -45350,7 +45314,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x3" ] }, "8" @@ -45359,16 +45323,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45378,7 +45342,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -45400,7 +45364,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -45409,16 +45373,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45428,7 +45392,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -45450,7 +45414,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -45459,16 +45423,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x33" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45478,7 +45442,7 @@ "x32" ] }, - "0xff" + "8" ] } ] @@ -45500,7 +45464,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x33" ] }, "8" @@ -45509,26 +45473,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x35" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x2" ] }, - "0xff" + "8" ] } ] @@ -45550,7 +45514,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x35" ] }, "8" @@ -45559,16 +45523,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45578,7 +45542,7 @@ "x36" ] }, - "0xff" + "8" ] } ] @@ -45600,7 +45564,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x37" ] }, "8" @@ -45609,16 +45573,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x39" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45628,7 +45592,7 @@ "x38" ] }, - "0xff" + "8" ] } ] @@ -45650,7 +45614,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x39" ] }, "8" @@ -45668,7 +45632,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45678,7 +45642,7 @@ "x40" ] }, - "0xff" + "8" ] } ] @@ -45700,7 +45664,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x1" ] }, "8" @@ -45709,16 +45673,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x43" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45728,7 +45692,7 @@ "x42" ] }, - "0xff" + "8" ] } ] @@ -45750,7 +45714,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x43" ] }, "8" @@ -45759,16 +45723,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x45" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45778,7 +45742,7 @@ "x44" ] }, - "0xff" + "8" ] } ] @@ -45800,7 +45764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x44" + "x45" ] }, "8" @@ -45809,16 +45773,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x47" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -45828,7 +45792,7 @@ "x46" ] }, - "0xff" + "8" ] } ] @@ -45850,910 +45814,27 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x61" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x62" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x63" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x64" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x65" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x66" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x67" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x68" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x69" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x70" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x71" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x72" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x73" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x75" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x76" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x77" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x78" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x79" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x80" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x81" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x83" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" + "x47" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x84" + "out1[0]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - "8" + "x6" ] } ] @@ -46761,49 +45842,33 @@ { "datatype": "u8", "name": [ - "x85" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - "0xff" + "x7" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x86" + "out1[2]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - "8" + "x8" ] } ] @@ -46811,49 +45876,33 @@ { "datatype": "u8", "name": [ - "x87" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - "0xff" + "x9" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x88" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - "8" + "x10" ] } ] @@ -46861,24 +45910,16 @@ { "datatype": "u8", "name": [ - "x89" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x88" - ] - }, - "0xff" + "x11" ] } ] @@ -46886,98 +45927,20 @@ { "datatype": "u8", "name": [ - "x90" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x88" - ] - }, - "8" + "x12" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x17" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x19" - ] - }, { "datatype": "u8", "name": [ @@ -46985,7 +45948,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x13" ] }, { @@ -46995,7 +45958,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -47005,7 +45975,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -47015,7 +45992,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -47025,7 +46009,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -47035,7 +46026,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -47045,7 +46043,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -47055,7 +46060,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -47065,7 +46077,7 @@ ], "operation": "static_cast", "arguments": [ - "x34" + "x20" ] }, { @@ -47075,7 +46087,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -47085,7 +46104,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -47095,7 +46121,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -47105,7 +46138,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -47115,7 +46155,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -47125,7 +46172,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -47135,7 +46189,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -47145,7 +46206,7 @@ ], "operation": "static_cast", "arguments": [ - "x48" + "x27" ] }, { @@ -47155,7 +46216,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -47165,7 +46233,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -47175,7 +46250,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -47185,7 +46267,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -47195,7 +46284,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -47205,7 +46301,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, { @@ -47215,7 +46318,14 @@ ], "operation": "static_cast", "arguments": [ - "x61" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x33" + ] + } ] }, { @@ -47225,7 +46335,7 @@ ], "operation": "static_cast", "arguments": [ - "x62" + "x34" ] }, { @@ -47235,7 +46345,14 @@ ], "operation": "static_cast", "arguments": [ - "x63" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -47245,7 +46362,14 @@ ], "operation": "static_cast", "arguments": [ - "x65" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x35" + ] + } ] }, { @@ -47255,7 +46379,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } ] }, { @@ -47265,7 +46396,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x37" + ] + } ] }, { @@ -47275,7 +46413,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x38" + ] + } ] }, { @@ -47285,7 +46430,14 @@ ], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x39" + ] + } ] }, { @@ -47295,7 +46447,14 @@ ], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -47305,7 +46464,7 @@ ], "operation": "static_cast", "arguments": [ - "x76" + "x41" ] }, { @@ -47315,7 +46474,14 @@ ], "operation": "static_cast", "arguments": [ - "x77" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -47325,7 +46491,14 @@ ], "operation": "static_cast", "arguments": [ - "x79" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x42" + ] + } ] }, { @@ -47335,7 +46508,14 @@ ], "operation": "static_cast", "arguments": [ - "x81" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -47345,7 +46525,14 @@ ], "operation": "static_cast", "arguments": [ - "x83" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -47355,7 +46542,14 @@ ], "operation": "static_cast", "arguments": [ - "x85" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x45" + ] + } ] }, { @@ -47365,7 +46559,14 @@ ], "operation": "static_cast", "arguments": [ - "x87" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, { @@ -47375,7 +46576,14 @@ ], "operation": "static_cast", "arguments": [ - "x89" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -47385,7 +46593,7 @@ ], "operation": "static_cast", "arguments": [ - "x90" + "x48" ] } ] @@ -50496,22 +49704,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -53063,43 +52256,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x104" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x28" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x105" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x104" + } ] }, "0x0", @@ -53116,7 +52291,7 @@ { "datatype": "u64", "name": [ - "x106" + "x105" ], "operation": "cmovznz", "arguments": [ @@ -53125,7 +52300,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53142,7 +52324,7 @@ { "datatype": "u64", "name": [ - "x107" + "x106" ], "operation": "cmovznz", "arguments": [ @@ -53151,7 +52333,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53168,7 +52357,7 @@ { "datatype": "u64", "name": [ - "x108" + "x107" ], "operation": "cmovznz", "arguments": [ @@ -53177,7 +52366,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53194,7 +52390,7 @@ { "datatype": "u64", "name": [ - "x109" + "x108" ], "operation": "cmovznz", "arguments": [ @@ -53203,7 +52399,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53220,7 +52423,7 @@ { "datatype": "u64", "name": [ - "x110" + "x109" ], "operation": "cmovznz", "arguments": [ @@ -53229,7 +52432,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53246,7 +52456,7 @@ { "datatype": "u64", "name": [ - "x111" + "x110" ], "operation": "cmovznz", "arguments": [ @@ -53255,7 +52465,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53272,8 +52489,8 @@ { "datatype": "(auto)", "name": [ - "x112", - "x113" + "x111", + "x112" ], "operation": "addcarryx", "parameters": { @@ -53294,7 +52511,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -53302,8 +52519,8 @@ { "datatype": "(auto)", "name": [ - "x114", - "x115" + "x113", + "x114" ], "operation": "addcarryx", "parameters": { @@ -53320,7 +52537,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x113" + "x112" ] } ] @@ -53338,7 +52555,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -53346,8 +52563,8 @@ { "datatype": "(auto)", "name": [ - "x116", - "x117" + "x115", + "x116" ], "operation": "addcarryx", "parameters": { @@ -53364,7 +52581,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] } ] @@ -53382,7 +52599,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -53390,8 +52607,8 @@ { "datatype": "(auto)", "name": [ - "x118", - "x119" + "x117", + "x118" ], "operation": "addcarryx", "parameters": { @@ -53408,7 +52625,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] } ] @@ -53426,7 +52643,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -53434,8 +52651,8 @@ { "datatype": "(auto)", "name": [ - "x120", - "x121" + "x119", + "x120" ], "operation": "addcarryx", "parameters": { @@ -53452,7 +52669,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] } ] @@ -53470,7 +52687,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -53478,8 +52695,8 @@ { "datatype": "(auto)", "name": [ - "x122", - "x123" + "x121", + "x122" ], "operation": "addcarryx", "parameters": { @@ -53496,7 +52713,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] } ] @@ -53514,7 +52731,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x110" + "x109" ] } ] @@ -53522,7 +52739,7 @@ { "datatype": "(auto)", "name": [ - "x124", + "x123", "_" ], "operation": "addcarryx", @@ -53540,7 +52757,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] } ] @@ -53558,7 +52775,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -53566,7 +52783,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -53575,7 +52792,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53592,7 +52816,7 @@ { "datatype": "u64", "name": [ - "x127" + "x126" ], "operation": "cmovznz", "arguments": [ @@ -53601,7 +52825,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53618,7 +52849,7 @@ { "datatype": "u64", "name": [ - "x128" + "x127" ], "operation": "cmovznz", "arguments": [ @@ -53627,7 +52858,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53644,7 +52882,7 @@ { "datatype": "u64", "name": [ - "x129" + "x128" ], "operation": "cmovznz", "arguments": [ @@ -53653,7 +52891,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53670,7 +52915,7 @@ { "datatype": "u64", "name": [ - "x130" + "x129" ], "operation": "cmovznz", "arguments": [ @@ -53679,7 +52924,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53696,7 +52948,7 @@ { "datatype": "u64", "name": [ - "x131" + "x130" ], "operation": "cmovznz", "arguments": [ @@ -53705,7 +52957,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "0x0", @@ -53722,8 +52981,8 @@ { "datatype": "(auto)", "name": [ - "x132", - "x133" + "x131", + "x132" ], "operation": "addcarryx", "parameters": { @@ -53744,7 +53003,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] @@ -53752,8 +53011,8 @@ { "datatype": "(auto)", "name": [ - "x134", - "x135" + "x133", + "x134" ], "operation": "addcarryx", "parameters": { @@ -53770,7 +53029,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x133" + "x132" ] } ] @@ -53788,7 +53047,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x126" ] } ] @@ -53796,8 +53055,8 @@ { "datatype": "(auto)", "name": [ - "x136", - "x137" + "x135", + "x136" ], "operation": "addcarryx", "parameters": { @@ -53814,7 +53073,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -53832,7 +53091,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x128" + "x127" ] } ] @@ -53840,8 +53099,8 @@ { "datatype": "(auto)", "name": [ - "x138", - "x139" + "x137", + "x138" ], "operation": "addcarryx", "parameters": { @@ -53858,7 +53117,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -53876,7 +53135,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x128" ] } ] @@ -53884,8 +53143,8 @@ { "datatype": "(auto)", "name": [ - "x140", - "x141" + "x139", + "x140" ], "operation": "addcarryx", "parameters": { @@ -53902,7 +53161,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -53920,7 +53179,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -53928,8 +53187,8 @@ { "datatype": "(auto)", "name": [ - "x142", - "x143" + "x141", + "x142" ], "operation": "addcarryx", "parameters": { @@ -53946,7 +53205,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -53964,7 +53223,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x131" + "x130" ] } ] @@ -53972,8 +53231,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "subborrowx", "parameters": { @@ -53991,7 +53250,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -54002,8 +53261,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "subborrowx", "parameters": { @@ -54020,7 +53279,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -54035,7 +53294,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -54046,8 +53305,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "subborrowx", "parameters": { @@ -54064,7 +53323,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -54079,7 +53338,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -54090,8 +53349,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "subborrowx", "parameters": { @@ -54108,7 +53367,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -54123,7 +53382,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -54134,8 +53393,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "subborrowx", "parameters": { @@ -54152,7 +53411,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -54167,7 +53426,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -54178,8 +53437,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "subborrowx", "parameters": { @@ -54196,7 +53455,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -54211,7 +53470,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -54223,7 +53482,7 @@ "datatype": "(auto)", "name": [ "_", - "x157" + "x156" ], "operation": "subborrowx", "parameters": { @@ -54240,7 +53499,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -54255,7 +53514,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -54266,7 +53525,7 @@ { "datatype": "(auto)", "name": [ - "x158", + "x157", "_" ], "operation": "addcarryx", @@ -54289,175 +53548,7 @@ { "datatype": "u64", "name": [ - "x160" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x112" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - } - ] - }, - "63" - ] - }, - "0xffffffffffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x161" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "|", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - } - ] - }, - "1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "<<", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x116" - ] - } - ] - }, - "63" - ] - }, - "0xffffffffffffffff" - ] - } - ] - } - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x162" + "x159" ], "operation": "static_cast", "arguments": [ @@ -54486,7 +53577,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x116" + "x111" ] } ] @@ -54521,7 +53612,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x113" ] } ] @@ -54541,7 +53632,7 @@ { "datatype": "u64", "name": [ - "x163" + "x160" ], "operation": "static_cast", "arguments": [ @@ -54570,7 +53661,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x113" ] } ] @@ -54605,7 +53696,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x115" ] } ] @@ -54625,7 +53716,7 @@ { "datatype": "u64", "name": [ - "x164" + "x161" ], "operation": "static_cast", "arguments": [ @@ -54654,7 +53745,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x115" ] } ] @@ -54689,7 +53780,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x117" ] } ] @@ -54709,7 +53800,7 @@ { "datatype": "u64", "name": [ - "x165" + "x162" ], "operation": "static_cast", "arguments": [ @@ -54738,7 +53829,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x117" ] } ] @@ -54773,7 +53864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x119" ] } ] @@ -54793,7 +53884,175 @@ { "datatype": "u64", "name": [ - "x166" + "x163" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x119" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x121" + ] + } + ] + }, + "63" + ] + }, + "0xffffffffffffffff" + ] + } + ] + } + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x164" + ], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "|", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": ">>", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x121" + ] + } + ] + }, + "1" + ] + } + ] + }, + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "&", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "<<", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x123" + ] + } + ] + }, + "63" + ] + }, + "0xffffffffffffffff" + ] + } + ] + } + ] + } + ] + }, + { + "datatype": "u64", + "name": [ + "x165" ], "operation": "static_cast", "arguments": [ @@ -54822,7 +54081,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -54852,7 +54111,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -54869,7 +54128,7 @@ { "datatype": "u64", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -54923,7 +54182,7 @@ { "datatype": "u64", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -54977,7 +54236,7 @@ { "datatype": "u64", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -55031,7 +54290,7 @@ { "datatype": "u64", "name": [ - "x170" + "x169" ], "operation": "cmovznz", "arguments": [ @@ -55085,7 +54344,7 @@ { "datatype": "u64", "name": [ - "x171" + "x170" ], "operation": "cmovznz", "arguments": [ @@ -55139,7 +54398,7 @@ { "datatype": "u64", "name": [ - "x172" + "x171" ], "operation": "cmovznz", "arguments": [ @@ -55193,7 +54452,7 @@ { "datatype": "u64", "name": [ - "x173" + "x172" ], "operation": "cmovznz", "arguments": [ @@ -55207,7 +54466,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55222,7 +54481,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -55237,7 +54496,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -55247,7 +54506,7 @@ { "datatype": "u64", "name": [ - "x174" + "x173" ], "operation": "cmovznz", "arguments": [ @@ -55261,7 +54520,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55276,7 +54535,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -55291,7 +54550,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -55301,7 +54560,7 @@ { "datatype": "u64", "name": [ - "x175" + "x174" ], "operation": "cmovznz", "arguments": [ @@ -55315,7 +54574,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55330,7 +54589,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -55345,7 +54604,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -55355,7 +54614,7 @@ { "datatype": "u64", "name": [ - "x176" + "x175" ], "operation": "cmovznz", "arguments": [ @@ -55369,7 +54628,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55384,7 +54643,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -55399,7 +54658,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -55409,7 +54668,7 @@ { "datatype": "u64", "name": [ - "x177" + "x176" ], "operation": "cmovznz", "arguments": [ @@ -55423,7 +54682,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55438,7 +54697,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -55453,7 +54712,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -55463,7 +54722,7 @@ { "datatype": "u64", "name": [ - "x178" + "x177" ], "operation": "cmovznz", "arguments": [ @@ -55477,7 +54736,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -55492,7 +54751,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -55507,7 +54766,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -55526,7 +54785,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -55608,7 +54867,7 @@ ], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] }, { @@ -55618,7 +54877,7 @@ ], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] }, { @@ -55628,7 +54887,7 @@ ], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] }, { @@ -55638,7 +54897,7 @@ ], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] }, { @@ -55648,7 +54907,7 @@ ], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] }, { @@ -55658,7 +54917,7 @@ ], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] }, { @@ -55668,7 +54927,7 @@ ], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] }, { @@ -55678,7 +54937,7 @@ ], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] }, { @@ -55688,7 +54947,7 @@ ], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] }, { @@ -55698,7 +54957,7 @@ ], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] }, { @@ -55708,7 +54967,7 @@ ], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] }, { @@ -55718,7 +54977,7 @@ ], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] }, { @@ -55728,7 +54987,7 @@ ], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] }, { @@ -55738,7 +54997,7 @@ ], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] }, { @@ -55748,7 +55007,7 @@ ], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] }, { @@ -55758,7 +55017,7 @@ ], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] }, { @@ -55768,7 +55027,7 @@ ], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] }, { @@ -55778,7 +55037,7 @@ ], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] }, { @@ -55788,7 +55047,7 @@ ], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] diff --git a/fiat-json/src/p434_64.json b/fiat-json/src/p434_64.json index 537f94111e..2fb05accb8 100644 --- a/fiat-json/src/p434_64.json +++ b/fiat-json/src/p434_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -58007,16 +57971,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x8" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58026,7 +57990,7 @@ "x7" ] }, - "0xff" + "8" ] } ] @@ -58048,7 +58012,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x8" ] }, "8" @@ -58057,16 +58021,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x10" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58076,7 +58040,7 @@ "x9" ] }, - "0xff" + "8" ] } ] @@ -58098,7 +58062,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x10" ] }, "8" @@ -58107,16 +58071,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x12" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58126,7 +58090,7 @@ "x11" ] }, - "0xff" + "8" ] } ] @@ -58148,7 +58112,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x11" + "x12" ] }, "8" @@ -58166,7 +58130,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58176,7 +58140,7 @@ "x13" ] }, - "0xff" + "8" ] } ] @@ -58198,7 +58162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x13" + "x6" ] }, "8" @@ -58207,16 +58171,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x16" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58226,7 +58190,7 @@ "x15" ] }, - "0xff" + "8" ] } ] @@ -58248,7 +58212,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x15" + "x16" ] }, "8" @@ -58257,16 +58221,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x18" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58276,7 +58240,7 @@ "x17" ] }, - "0xff" + "8" ] } ] @@ -58298,7 +58262,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x17" + "x18" ] }, "8" @@ -58307,16 +58271,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x20" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58326,7 +58290,7 @@ "x19" ] }, - "0xff" + "8" ] } ] @@ -58348,7 +58312,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x19" + "x20" ] }, "8" @@ -58357,26 +58321,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x22" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x5" ] }, - "0xff" + "8" ] } ] @@ -58398,7 +58362,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x22" ] }, "8" @@ -58407,16 +58371,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x24" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58426,7 +58390,7 @@ "x23" ] }, - "0xff" + "8" ] } ] @@ -58448,7 +58412,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x23" + "x24" ] }, "8" @@ -58457,16 +58421,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x26" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58476,7 +58440,7 @@ "x25" ] }, - "0xff" + "8" ] } ] @@ -58498,7 +58462,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x25" + "x26" ] }, "8" @@ -58516,7 +58480,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58526,7 +58490,7 @@ "x27" ] }, - "0xff" + "8" ] } ] @@ -58548,7 +58512,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x27" + "x4" ] }, "8" @@ -58557,16 +58521,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x30" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58576,7 +58540,7 @@ "x29" ] }, - "0xff" + "8" ] } ] @@ -58598,7 +58562,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x29" + "x30" ] }, "8" @@ -58607,16 +58571,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58626,7 +58590,7 @@ "x31" ] }, - "0xff" + "8" ] } ] @@ -58648,7 +58612,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x32" ] }, "8" @@ -58657,16 +58621,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x34" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58676,7 +58640,7 @@ "x33" ] }, - "0xff" + "8" ] } ] @@ -58698,7 +58662,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x33" + "x34" ] }, "8" @@ -58707,26 +58671,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x36" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x5" + "x3" ] }, - "0xff" + "8" ] } ] @@ -58748,7 +58712,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x5" + "x36" ] }, "8" @@ -58757,16 +58721,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x38" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58776,7 +58740,7 @@ "x37" ] }, - "0xff" + "8" ] } ] @@ -58798,7 +58762,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x37" + "x38" ] }, "8" @@ -58807,16 +58771,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x40" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58826,7 +58790,7 @@ "x39" ] }, - "0xff" + "8" ] } ] @@ -58848,7 +58812,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x39" + "x40" ] }, "8" @@ -58866,7 +58830,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58876,7 +58840,7 @@ "x41" ] }, - "0xff" + "8" ] } ] @@ -58898,7 +58862,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x41" + "x2" ] }, "8" @@ -58907,16 +58871,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x44" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58926,7 +58890,7 @@ "x43" ] }, - "0xff" + "8" ] } ] @@ -58948,7 +58912,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x43" + "x44" ] }, "8" @@ -58957,16 +58921,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x46" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -58976,7 +58940,7 @@ "x45" ] }, - "0xff" + "8" ] } ] @@ -58998,7 +58962,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x45" + "x46" ] }, "8" @@ -59007,16 +58971,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x48" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -59026,7 +58990,7 @@ "x47" ] }, - "0xff" + "8" ] } ] @@ -59048,7 +59012,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x47" + "x48" ] }, "8" @@ -59057,26 +59021,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x50" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x1" ] }, - "0xff" + "8" ] } ] @@ -59098,1157 +59062,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x51" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x51" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x55" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x55" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x59" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x61" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x59" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x62" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x63" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x61" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x64" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x65" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x66" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x65" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x67" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x65" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x68" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x67" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x69" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x67" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x70" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x69" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x71" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x69" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x72" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x71" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x73" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x71" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x74" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x73" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x75" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x73" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x76" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x75" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x77" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x75" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x78" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x79" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x80" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x79" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x81" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x79" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x82" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x83" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x84" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x85" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x86" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x87" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x88" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x89" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x90" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x91" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x92" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x93" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x94" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x93" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x95" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x93" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x96" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x95" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x97" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x95" + "x50" ] }, "8" @@ -60257,26 +59071,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ - "x98" + "x52" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x51" ] }, - "0xff" + "8" ] } ] @@ -60284,7 +59098,7 @@ { "datatype": "u64", "name": [ - "x99" + "x53" ], "operation": "static_cast", "arguments": [ @@ -60298,7 +59112,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x52" ] }, "8" @@ -60307,39 +59121,39 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ - "x100" + "x54" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x53" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x101" + "x55" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -60348,7 +59162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x54" ] }, "8" @@ -60359,24 +59173,16 @@ { "datatype": "u8", "name": [ - "x102" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "0xff" + "x7" ] } ] @@ -60384,48 +59190,20 @@ { "datatype": "u8", "name": [ - "x103" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "8" + "x8" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, { "datatype": "u8", "name": [ @@ -60433,7 +59211,14 @@ ], "operation": "static_cast", "arguments": [ - "x12" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -60443,7 +59228,14 @@ ], "operation": "static_cast", "arguments": [ - "x14" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -60453,7 +59245,14 @@ ], "operation": "static_cast", "arguments": [ - "x16" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x11" + ] + } ] }, { @@ -60463,7 +59262,14 @@ ], "operation": "static_cast", "arguments": [ - "x18" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -60473,7 +59279,14 @@ ], "operation": "static_cast", "arguments": [ - "x20" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -60483,7 +59296,7 @@ ], "operation": "static_cast", "arguments": [ - "x21" + "x14" ] }, { @@ -60493,7 +59306,14 @@ ], "operation": "static_cast", "arguments": [ - "x22" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -60503,7 +59323,14 @@ ], "operation": "static_cast", "arguments": [ - "x24" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -60513,7 +59340,14 @@ ], "operation": "static_cast", "arguments": [ - "x26" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -60523,7 +59357,14 @@ ], "operation": "static_cast", "arguments": [ - "x28" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -60533,7 +59374,14 @@ ], "operation": "static_cast", "arguments": [ - "x30" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -60543,7 +59391,14 @@ ], "operation": "static_cast", "arguments": [ - "x32" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -60553,7 +59408,14 @@ ], "operation": "static_cast", "arguments": [ - "x34" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -60563,7 +59425,7 @@ ], "operation": "static_cast", "arguments": [ - "x35" + "x21" ] }, { @@ -60573,7 +59435,14 @@ ], "operation": "static_cast", "arguments": [ - "x36" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -60583,7 +59452,14 @@ ], "operation": "static_cast", "arguments": [ - "x38" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -60593,7 +59469,14 @@ ], "operation": "static_cast", "arguments": [ - "x40" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -60603,7 +59486,14 @@ ], "operation": "static_cast", "arguments": [ - "x42" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -60613,7 +59503,14 @@ ], "operation": "static_cast", "arguments": [ - "x44" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -60623,7 +59520,14 @@ ], "operation": "static_cast", "arguments": [ - "x46" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -60633,7 +59537,14 @@ ], "operation": "static_cast", "arguments": [ - "x48" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -60643,7 +59554,7 @@ ], "operation": "static_cast", "arguments": [ - "x49" + "x28" ] }, { @@ -60653,7 +59564,14 @@ ], "operation": "static_cast", "arguments": [ - "x50" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -60663,7 +59581,14 @@ ], "operation": "static_cast", "arguments": [ - "x52" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -60673,7 +59598,14 @@ ], "operation": "static_cast", "arguments": [ - "x54" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -60683,7 +59615,14 @@ ], "operation": "static_cast", "arguments": [ - "x56" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -60693,7 +59632,14 @@ ], "operation": "static_cast", "arguments": [ - "x58" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, { @@ -60703,7 +59649,14 @@ ], "operation": "static_cast", "arguments": [ - "x60" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x33" + ] + } ] }, { @@ -60713,7 +59666,14 @@ ], "operation": "static_cast", "arguments": [ - "x62" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, { @@ -60723,7 +59683,7 @@ ], "operation": "static_cast", "arguments": [ - "x63" + "x35" ] }, { @@ -60733,7 +59693,14 @@ ], "operation": "static_cast", "arguments": [ - "x64" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -60743,7 +59710,14 @@ ], "operation": "static_cast", "arguments": [ - "x66" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } ] }, { @@ -60753,7 +59727,14 @@ ], "operation": "static_cast", "arguments": [ - "x68" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x37" + ] + } ] }, { @@ -60763,7 +59744,14 @@ ], "operation": "static_cast", "arguments": [ - "x70" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x38" + ] + } ] }, { @@ -60773,7 +59761,14 @@ ], "operation": "static_cast", "arguments": [ - "x72" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x39" + ] + } ] }, { @@ -60783,7 +59778,14 @@ ], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x40" + ] + } ] }, { @@ -60793,7 +59795,14 @@ ], "operation": "static_cast", "arguments": [ - "x76" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x41" + ] + } ] }, { @@ -60803,7 +59812,7 @@ ], "operation": "static_cast", "arguments": [ - "x77" + "x42" ] }, { @@ -60813,7 +59822,14 @@ ], "operation": "static_cast", "arguments": [ - "x78" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -60823,7 +59839,14 @@ ], "operation": "static_cast", "arguments": [ - "x80" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x43" + ] + } ] }, { @@ -60833,7 +59856,14 @@ ], "operation": "static_cast", "arguments": [ - "x82" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x44" + ] + } ] }, { @@ -60843,7 +59873,14 @@ ], "operation": "static_cast", "arguments": [ - "x84" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x45" + ] + } ] }, { @@ -60853,7 +59890,14 @@ ], "operation": "static_cast", "arguments": [ - "x86" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, { @@ -60863,7 +59907,14 @@ ], "operation": "static_cast", "arguments": [ - "x88" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -60873,7 +59924,14 @@ ], "operation": "static_cast", "arguments": [ - "x90" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x48" + ] + } ] }, { @@ -60883,7 +59941,7 @@ ], "operation": "static_cast", "arguments": [ - "x91" + "x49" ] }, { @@ -60893,7 +59951,14 @@ ], "operation": "static_cast", "arguments": [ - "x92" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -60903,7 +59968,14 @@ ], "operation": "static_cast", "arguments": [ - "x94" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x50" + ] + } ] }, { @@ -60913,7 +59985,14 @@ ], "operation": "static_cast", "arguments": [ - "x96" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x51" + ] + } ] }, { @@ -60923,7 +60002,14 @@ ], "operation": "static_cast", "arguments": [ - "x98" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x52" + ] + } ] }, { @@ -60933,7 +60019,14 @@ ], "operation": "static_cast", "arguments": [ - "x100" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x53" + ] + } ] }, { @@ -60943,7 +60036,14 @@ ], "operation": "static_cast", "arguments": [ - "x102" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, { @@ -60953,7 +60053,7 @@ ], "operation": "static_cast", "arguments": [ - "x103" + "x55" ] } ] @@ -64482,22 +63582,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -67447,43 +66532,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x119" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x31" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x120" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" + } ] }, "0x0", @@ -67500,7 +66567,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -67509,7 +66576,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67526,7 +66600,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -67535,7 +66609,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67552,7 +66633,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -67561,7 +66642,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67578,7 +66666,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -67587,7 +66675,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67604,7 +66699,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -67613,7 +66708,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67630,7 +66732,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -67639,7 +66741,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67656,7 +66765,7 @@ { "datatype": "u64", "name": [ - "x127" + "x126" ], "operation": "cmovznz", "arguments": [ @@ -67665,7 +66774,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -67682,8 +66798,8 @@ { "datatype": "(auto)", "name": [ - "x128", - "x129" + "x127", + "x128" ], "operation": "addcarryx", "parameters": { @@ -67704,7 +66820,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] } ] @@ -67712,8 +66828,8 @@ { "datatype": "(auto)", "name": [ - "x130", - "x131" + "x129", + "x130" ], "operation": "addcarryx", "parameters": { @@ -67730,7 +66846,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x128" ] } ] @@ -67748,7 +66864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] } ] @@ -67756,8 +66872,8 @@ { "datatype": "(auto)", "name": [ - "x132", - "x133" + "x131", + "x132" ], "operation": "addcarryx", "parameters": { @@ -67774,7 +66890,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x131" + "x130" ] } ] @@ -67792,7 +66908,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] } ] @@ -67800,8 +66916,8 @@ { "datatype": "(auto)", "name": [ - "x134", - "x135" + "x133", + "x134" ], "operation": "addcarryx", "parameters": { @@ -67818,7 +66934,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x133" + "x132" ] } ] @@ -67836,7 +66952,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] } ] @@ -67844,8 +66960,8 @@ { "datatype": "(auto)", "name": [ - "x136", - "x137" + "x135", + "x136" ], "operation": "addcarryx", "parameters": { @@ -67862,7 +66978,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -67880,7 +66996,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] } ] @@ -67888,8 +67004,8 @@ { "datatype": "(auto)", "name": [ - "x138", - "x139" + "x137", + "x138" ], "operation": "addcarryx", "parameters": { @@ -67906,7 +67022,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -67924,7 +67040,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] } ] @@ -67932,8 +67048,8 @@ { "datatype": "(auto)", "name": [ - "x140", - "x141" + "x139", + "x140" ], "operation": "addcarryx", "parameters": { @@ -67950,7 +67066,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -67968,7 +67084,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] @@ -67976,7 +67092,7 @@ { "datatype": "(auto)", "name": [ - "x142", + "x141", "_" ], "operation": "addcarryx", @@ -67994,7 +67110,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -68012,7 +67128,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x126" ] } ] @@ -68020,7 +67136,7 @@ { "datatype": "u64", "name": [ - "x144" + "x143" ], "operation": "cmovznz", "arguments": [ @@ -68029,7 +67145,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68046,7 +67169,7 @@ { "datatype": "u64", "name": [ - "x145" + "x144" ], "operation": "cmovznz", "arguments": [ @@ -68055,7 +67178,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68072,7 +67202,7 @@ { "datatype": "u64", "name": [ - "x146" + "x145" ], "operation": "cmovznz", "arguments": [ @@ -68081,7 +67211,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68098,7 +67235,7 @@ { "datatype": "u64", "name": [ - "x147" + "x146" ], "operation": "cmovznz", "arguments": [ @@ -68107,7 +67244,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68124,7 +67268,7 @@ { "datatype": "u64", "name": [ - "x148" + "x147" ], "operation": "cmovznz", "arguments": [ @@ -68133,7 +67277,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68150,7 +67301,7 @@ { "datatype": "u64", "name": [ - "x149" + "x148" ], "operation": "cmovznz", "arguments": [ @@ -68159,7 +67310,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68176,7 +67334,7 @@ { "datatype": "u64", "name": [ - "x150" + "x149" ], "operation": "cmovznz", "arguments": [ @@ -68185,7 +67343,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, "0x0", @@ -68202,8 +67367,8 @@ { "datatype": "(auto)", "name": [ - "x151", - "x152" + "x150", + "x151" ], "operation": "addcarryx", "parameters": { @@ -68224,7 +67389,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -68232,8 +67397,8 @@ { "datatype": "(auto)", "name": [ - "x153", - "x154" + "x152", + "x153" ], "operation": "addcarryx", "parameters": { @@ -68250,7 +67415,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -68268,7 +67433,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -68276,8 +67441,8 @@ { "datatype": "(auto)", "name": [ - "x155", - "x156" + "x154", + "x155" ], "operation": "addcarryx", "parameters": { @@ -68294,7 +67459,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -68312,7 +67477,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -68320,8 +67485,8 @@ { "datatype": "(auto)", "name": [ - "x157", - "x158" + "x156", + "x157" ], "operation": "addcarryx", "parameters": { @@ -68338,7 +67503,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -68356,7 +67521,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -68364,8 +67529,8 @@ { "datatype": "(auto)", "name": [ - "x159", - "x160" + "x158", + "x159" ], "operation": "addcarryx", "parameters": { @@ -68382,7 +67547,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -68400,7 +67565,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -68408,8 +67573,8 @@ { "datatype": "(auto)", "name": [ - "x161", - "x162" + "x160", + "x161" ], "operation": "addcarryx", "parameters": { @@ -68426,7 +67591,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -68444,7 +67609,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -68452,8 +67617,8 @@ { "datatype": "(auto)", "name": [ - "x163", - "x164" + "x162", + "x163" ], "operation": "addcarryx", "parameters": { @@ -68470,7 +67635,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -68488,7 +67653,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -68496,8 +67661,8 @@ { "datatype": "(auto)", "name": [ - "x165", - "x166" + "x164", + "x165" ], "operation": "subborrowx", "parameters": { @@ -68515,7 +67680,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -68526,8 +67691,8 @@ { "datatype": "(auto)", "name": [ - "x167", - "x168" + "x166", + "x167" ], "operation": "subborrowx", "parameters": { @@ -68544,7 +67709,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -68559,7 +67724,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -68570,8 +67735,8 @@ { "datatype": "(auto)", "name": [ - "x169", - "x170" + "x168", + "x169" ], "operation": "subborrowx", "parameters": { @@ -68588,7 +67753,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -68603,7 +67768,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -68614,8 +67779,8 @@ { "datatype": "(auto)", "name": [ - "x171", - "x172" + "x170", + "x171" ], "operation": "subborrowx", "parameters": { @@ -68632,7 +67797,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -68647,7 +67812,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -68658,8 +67823,8 @@ { "datatype": "(auto)", "name": [ - "x173", - "x174" + "x172", + "x173" ], "operation": "subborrowx", "parameters": { @@ -68676,7 +67841,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -68691,7 +67856,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -68702,8 +67867,8 @@ { "datatype": "(auto)", "name": [ - "x175", - "x176" + "x174", + "x175" ], "operation": "subborrowx", "parameters": { @@ -68720,7 +67885,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -68735,7 +67900,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] } ] @@ -68746,8 +67911,8 @@ { "datatype": "(auto)", "name": [ - "x177", - "x178" + "x176", + "x177" ], "operation": "subborrowx", "parameters": { @@ -68764,7 +67929,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -68779,7 +67944,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -68791,7 +67956,7 @@ "datatype": "(auto)", "name": [ "_", - "x180" + "x179" ], "operation": "subborrowx", "parameters": { @@ -68808,7 +67973,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -68823,7 +67988,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -68834,7 +67999,7 @@ { "datatype": "(auto)", "name": [ - "x181", + "x180", "_" ], "operation": "addcarryx", @@ -68857,7 +68022,7 @@ { "datatype": "u64", "name": [ - "x183" + "x182" ], "operation": "static_cast", "arguments": [ @@ -68886,7 +68051,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x128" + "x127" ] } ] @@ -68921,7 +68086,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -68941,7 +68106,7 @@ { "datatype": "u64", "name": [ - "x184" + "x183" ], "operation": "static_cast", "arguments": [ @@ -68970,7 +68135,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x130" + "x129" ] } ] @@ -69005,7 +68170,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -69025,7 +68190,7 @@ { "datatype": "u64", "name": [ - "x185" + "x184" ], "operation": "static_cast", "arguments": [ @@ -69054,7 +68219,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x131" ] } ] @@ -69089,7 +68254,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -69109,7 +68274,7 @@ { "datatype": "u64", "name": [ - "x186" + "x185" ], "operation": "static_cast", "arguments": [ @@ -69138,7 +68303,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x133" ] } ] @@ -69173,7 +68338,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -69193,7 +68358,7 @@ { "datatype": "u64", "name": [ - "x187" + "x186" ], "operation": "static_cast", "arguments": [ @@ -69222,7 +68387,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -69257,7 +68422,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -69277,7 +68442,7 @@ { "datatype": "u64", "name": [ - "x188" + "x187" ], "operation": "static_cast", "arguments": [ @@ -69306,7 +68471,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -69341,7 +68506,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -69361,7 +68526,7 @@ { "datatype": "u64", "name": [ - "x189" + "x188" ], "operation": "static_cast", "arguments": [ @@ -69390,7 +68555,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -69425,7 +68590,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -69445,7 +68610,7 @@ { "datatype": "u64", "name": [ - "x190" + "x189" ], "operation": "static_cast", "arguments": [ @@ -69474,7 +68639,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -69504,7 +68669,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -69521,7 +68686,7 @@ { "datatype": "u64", "name": [ - "x191" + "x190" ], "operation": "cmovznz", "arguments": [ @@ -69575,7 +68740,7 @@ { "datatype": "u64", "name": [ - "x192" + "x191" ], "operation": "cmovznz", "arguments": [ @@ -69629,7 +68794,7 @@ { "datatype": "u64", "name": [ - "x193" + "x192" ], "operation": "cmovznz", "arguments": [ @@ -69683,7 +68848,7 @@ { "datatype": "u64", "name": [ - "x194" + "x193" ], "operation": "cmovznz", "arguments": [ @@ -69737,7 +68902,7 @@ { "datatype": "u64", "name": [ - "x195" + "x194" ], "operation": "cmovznz", "arguments": [ @@ -69791,7 +68956,7 @@ { "datatype": "u64", "name": [ - "x196" + "x195" ], "operation": "cmovznz", "arguments": [ @@ -69845,7 +69010,7 @@ { "datatype": "u64", "name": [ - "x197" + "x196" ], "operation": "cmovznz", "arguments": [ @@ -69899,7 +69064,7 @@ { "datatype": "u64", "name": [ - "x198" + "x197" ], "operation": "cmovznz", "arguments": [ @@ -69913,7 +69078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -69928,7 +69093,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -69943,7 +69108,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -69953,7 +69118,7 @@ { "datatype": "u64", "name": [ - "x199" + "x198" ], "operation": "cmovznz", "arguments": [ @@ -69967,7 +69132,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -69982,7 +69147,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -69997,7 +69162,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -70007,7 +69172,7 @@ { "datatype": "u64", "name": [ - "x200" + "x199" ], "operation": "cmovznz", "arguments": [ @@ -70021,7 +69186,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -70036,7 +69201,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -70051,7 +69216,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -70061,7 +69226,7 @@ { "datatype": "u64", "name": [ - "x201" + "x200" ], "operation": "cmovznz", "arguments": [ @@ -70075,7 +69240,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -70090,7 +69255,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -70105,7 +69270,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -70115,7 +69280,7 @@ { "datatype": "u64", "name": [ - "x202" + "x201" ], "operation": "cmovznz", "arguments": [ @@ -70129,7 +69294,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -70144,7 +69309,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -70159,7 +69324,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -70169,7 +69334,7 @@ { "datatype": "u64", "name": [ - "x203" + "x202" ], "operation": "cmovznz", "arguments": [ @@ -70183,7 +69348,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -70198,7 +69363,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -70213,7 +69378,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x161" + "x160" ] } ] @@ -70223,7 +69388,7 @@ { "datatype": "u64", "name": [ - "x204" + "x203" ], "operation": "cmovznz", "arguments": [ @@ -70237,7 +69402,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -70252,7 +69417,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -70267,7 +69432,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -70286,7 +69451,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -70378,7 +69543,7 @@ ], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] }, { @@ -70388,7 +69553,7 @@ ], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] }, { @@ -70398,7 +69563,7 @@ ], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] }, { @@ -70408,7 +69573,7 @@ ], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] }, { @@ -70418,7 +69583,7 @@ ], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] }, { @@ -70428,7 +69593,7 @@ ], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] }, { @@ -70438,7 +69603,7 @@ ], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] }, { @@ -70448,7 +69613,7 @@ ], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] }, { @@ -70458,7 +69623,7 @@ ], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] }, { @@ -70468,7 +69633,7 @@ ], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] }, { @@ -70478,7 +69643,7 @@ ], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] }, { @@ -70488,7 +69653,7 @@ ], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] }, { @@ -70498,7 +69663,7 @@ ], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] }, { @@ -70508,7 +69673,7 @@ ], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] }, { @@ -70518,7 +69683,7 @@ ], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] }, { @@ -70528,7 +69693,7 @@ ], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] }, { @@ -70538,7 +69703,7 @@ ], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] }, { @@ -70548,7 +69713,7 @@ ], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] }, { @@ -70558,7 +69723,7 @@ ], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] }, { @@ -70568,7 +69733,7 @@ ], "operation": "static_cast", "arguments": [ - "x202" + "x201" ] }, { @@ -70578,7 +69743,7 @@ ], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] }, { @@ -70588,7 +69753,7 @@ ], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] diff --git a/fiat-json/src/p448_solinas_32.json b/fiat-json/src/p448_solinas_32.json index 1de3eb4317..57724bc9f8 100644 --- a/fiat-json/src/p448_solinas_32.json +++ b/fiat-json/src/p448_solinas_32.json @@ -45575,16 +45575,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x74" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -45601,7 +45601,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -45623,14 +45623,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - } + "x74" ] }, "8" @@ -45648,7 +45641,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -45658,7 +45651,7 @@ "x75" ] }, - "0xff" + "8" ] } ] @@ -45673,32 +45666,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x73" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x76" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x78" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -45708,20 +45708,20 @@ "x77" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x79" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -45730,7 +45730,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x78" ] }, "8" @@ -45739,58 +45739,58 @@ ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x80" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x73" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x79" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x81" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x80" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x38" + ] + } ] }, - "0xff" + "8" ] } ] @@ -45812,7 +45812,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x81" ] }, "8" @@ -45830,7 +45830,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -45840,7 +45840,7 @@ "x82" ] }, - "0xff" + "8" ] } ] @@ -45855,32 +45855,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x72" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x83" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x85" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -45890,20 +45897,20 @@ "x84" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x86" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -45912,7 +45919,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x85" ] }, "8" @@ -45930,24 +45937,17 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - } + "x86" ] }, - "0xff" + "8" ] } ] @@ -45974,7 +45974,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + "x42" ] } ] @@ -45985,16 +45985,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x89" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46004,20 +46004,20 @@ "x88" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x90" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -46026,7 +46026,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x89" ] }, "8" @@ -46035,39 +46035,46 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x91" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x71" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x90" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x92" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -46076,7 +46083,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x91" ] }, "8" @@ -46094,24 +46101,17 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x92" ] - } + }, + "8" ] } ] @@ -46126,7 +46126,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46136,7 +46136,7 @@ "x93" ] }, - "0xff" + "8" ] } ] @@ -46158,7 +46158,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x46" + ] + } ] }, "8" @@ -46167,16 +46174,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x96" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46186,20 +46193,20 @@ "x95" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x97" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -46208,7 +46215,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x96" ] }, "8" @@ -46217,39 +46224,46 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x98" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x70" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x97" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x99" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -46258,7 +46272,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x98" ] }, "8" @@ -46267,46 +46281,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x100" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - } + "x99" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x101" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -46315,14 +46322,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - } + "x100" ] }, "8" @@ -46331,31 +46331,38 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x102" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x101" - ] - }, - "0xff" - ] - } - ] - }, - { + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x50" + ] + } + ] + }, + "8" + ] + } + ] + }, + { "datatype": "u32", "name": [ "x103" @@ -46372,7 +46379,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x102" ] }, "8" @@ -46390,7 +46397,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46400,32 +46407,39 @@ "x103" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x105" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x69" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x104" + ] + } ] } ] @@ -46440,39 +46454,32 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x71" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x105" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x107" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46482,20 +46489,20 @@ "x106" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x108" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -46504,7 +46511,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x107" ] }, "8" @@ -46513,26 +46520,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x109" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x108" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, - "0xff" + "8" ] } ] @@ -46554,7 +46568,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x109" ] }, "8" @@ -46572,7 +46586,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46582,64 +46596,64 @@ "x110" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x112" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x110" + "x68" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x111" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x113" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - } + "x112" ] }, - "0xff" + "8" ] } ] @@ -46661,14 +46675,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - } + "x113" ] }, "8" @@ -46686,7 +46693,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46696,7 +46703,7 @@ "x114" ] }, - "0xff" + "8" ] } ] @@ -46718,7 +46725,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x114" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x58" + ] + } ] }, "8" @@ -46727,16 +46741,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x117" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46746,7 +46760,7 @@ "x116" ] }, - "0xff" + "8" ] } ] @@ -46768,7 +46782,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x116" + "x117" ] }, "8" @@ -46793,7 +46807,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x70" + "x67" ] }, { @@ -46809,16 +46823,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x120" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46828,7 +46842,7 @@ "x119" ] }, - "0xff" + "8" ] } ] @@ -46850,7 +46864,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x119" + "x120" ] }, "8" @@ -46868,7 +46882,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46878,7 +46892,7 @@ "x121" ] }, - "0xff" + "8" ] } ] @@ -46900,7 +46914,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x121" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x62" + ] + } ] }, "8" @@ -46909,16 +46930,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x124" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -46928,7 +46949,7 @@ "x123" ] }, - "0xff" + "8" ] } ] @@ -46950,7 +46971,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x124" ] }, "8" @@ -46959,33 +46980,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x126" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - } + "x66" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x125" + ] + } ] } ] @@ -47007,14 +47028,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - } + "x126" ] }, "8" @@ -47023,16 +47037,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x128" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47042,20 +47056,20 @@ "x127" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x129" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -47064,7 +47078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x128" ] }, "8" @@ -47075,24 +47089,23 @@ { "datatype": "u8", "name": [ - "x130" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x34" ] - }, - "0xff" + } ] } ] @@ -47100,56 +47113,33 @@ { "datatype": "u8", "name": [ - "x131" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x129" - ] - }, - "8" + "x74" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x132" + "out1[2]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x69" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x131" - ] - } + "x75" ] } ] @@ -47157,49 +47147,33 @@ { "datatype": "u8", "name": [ - "x133" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x132" - ] - }, - "0xff" + "x77" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x134" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x132" - ] - }, - "8" + "x78" ] } ] @@ -47207,49 +47181,50 @@ { "datatype": "u8", "name": [ - "x135" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" - ] - }, - "0xff" + "x79" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x136" + "out1[6]" + ], + "operation": "static_cast", + "arguments": [ + "x80" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[7]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x38" ] - }, - "8" + } ] } ] @@ -47257,24 +47232,16 @@ { "datatype": "u8", "name": [ - "x137" + "out1[8]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x136" - ] - }, - "0xff" + "x81" ] } ] @@ -47282,24 +47249,16 @@ { "datatype": "u8", "name": [ - "x138" + "out1[9]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x136" - ] - }, - "8" + "x82" ] } ] @@ -47307,63 +47266,33 @@ { "datatype": "u8", "name": [ - "x139" + "out1[10]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - } - ] - }, - "0xff" + "x84" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x140" + "out1[11]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - } - ] - }, - "8" + "x85" ] } ] @@ -47371,49 +47300,50 @@ { "datatype": "u8", "name": [ - "x141" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x140" - ] - }, - "0xff" + "x86" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x142" + "out1[13]" + ], + "operation": "static_cast", + "arguments": [ + "x87" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[14]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x42" ] - }, - "8" + } ] } ] @@ -47421,24 +47351,16 @@ { "datatype": "u8", "name": [ - "x143" + "out1[15]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x142" - ] - }, - "0xff" + "x88" ] } ] @@ -47446,56 +47368,33 @@ { "datatype": "u8", "name": [ - "x144" + "out1[16]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x142" - ] - }, - "8" + "x89" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x145" + "out1[17]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x144" - ] - } + "x91" ] } ] @@ -47503,49 +47402,33 @@ { "datatype": "u8", "name": [ - "x146" + "out1[18]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x145" - ] - }, - "0xff" + "x92" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x147" + "out1[19]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x145" - ] - }, - "8" + "x93" ] } ] @@ -47553,238 +47436,50 @@ { "datatype": "u8", "name": [ - "x148" + "out1[20]" + ], + "operation": "static_cast", + "arguments": [ + "x94" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[21]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x46" ] - }, - "0xff" + } ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x149" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x147" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x150" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x149" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x151" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x149" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x152" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - } - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x153" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - } - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x154" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x153" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x155" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x153" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x156" + "out1[22]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x155" - ] - }, - "0xff" + "x95" ] } ] @@ -47792,56 +47487,16 @@ { "datatype": "u8", "name": [ - "x157" + "out1[23]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x155" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x158" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x67" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x157" - ] - } + "x96" ] } ] @@ -47849,747 +47504,18 @@ { "datatype": "u8", "name": [ - "x159" + "out1[24]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x158" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x160" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x158" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x161" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x160" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x162" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x160" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x163" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x162" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x164" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x162" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x165" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - } - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x166" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x62" - ] - } - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x167" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x166" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x168" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x166" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x169" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x168" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x170" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x168" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x171" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x170" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x172" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x171" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x173" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x171" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x174" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x173" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x175" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x173" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x176" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x175" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x177" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x175" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x76" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x86" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x91" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x94" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x96" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x98" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x99" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x100" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x102" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x104" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x107" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x109" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x111" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x112" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x113" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x115" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x117" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x120" + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x98" + ] + } ] }, { @@ -48599,7 +47525,14 @@ ], "operation": "static_cast", "arguments": [ - "x122" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x99" + ] + } ] }, { @@ -48609,7 +47542,14 @@ ], "operation": "static_cast", "arguments": [ - "x124" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x100" + ] + } ] }, { @@ -48619,7 +47559,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x101" ] }, { @@ -48629,7 +47569,21 @@ ], "operation": "static_cast", "arguments": [ - "x126" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x50" + ] + } + ] + } ] }, { @@ -48639,7 +47593,14 @@ ], "operation": "static_cast", "arguments": [ - "x128" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x102" + ] + } ] }, { @@ -48649,7 +47610,14 @@ ], "operation": "static_cast", "arguments": [ - "x130" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x103" + ] + } ] }, { @@ -48659,7 +47627,14 @@ ], "operation": "static_cast", "arguments": [ - "x133" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x105" + ] + } ] }, { @@ -48669,7 +47644,14 @@ ], "operation": "static_cast", "arguments": [ - "x135" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x106" + ] + } ] }, { @@ -48679,7 +47661,14 @@ ], "operation": "static_cast", "arguments": [ - "x137" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x107" + ] + } ] }, { @@ -48689,7 +47678,7 @@ ], "operation": "static_cast", "arguments": [ - "x138" + "x108" ] }, { @@ -48699,7 +47688,21 @@ ], "operation": "static_cast", "arguments": [ - "x139" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } + ] + } ] }, { @@ -48709,7 +47712,14 @@ ], "operation": "static_cast", "arguments": [ - "x141" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x109" + ] + } ] }, { @@ -48719,7 +47729,14 @@ ], "operation": "static_cast", "arguments": [ - "x143" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x110" + ] + } ] }, { @@ -48729,7 +47746,14 @@ ], "operation": "static_cast", "arguments": [ - "x146" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x112" + ] + } ] }, { @@ -48739,7 +47763,14 @@ ], "operation": "static_cast", "arguments": [ - "x148" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x113" + ] + } ] }, { @@ -48749,7 +47780,14 @@ ], "operation": "static_cast", "arguments": [ - "x150" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x114" + ] + } ] }, { @@ -48759,7 +47797,7 @@ ], "operation": "static_cast", "arguments": [ - "x151" + "x115" ] }, { @@ -48769,7 +47807,21 @@ ], "operation": "static_cast", "arguments": [ - "x152" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x58" + ] + } + ] + } ] }, { @@ -48779,7 +47831,14 @@ ], "operation": "static_cast", "arguments": [ - "x154" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x116" + ] + } ] }, { @@ -48789,7 +47848,14 @@ ], "operation": "static_cast", "arguments": [ - "x156" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x117" + ] + } ] }, { @@ -48799,7 +47865,14 @@ ], "operation": "static_cast", "arguments": [ - "x159" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x119" + ] + } ] }, { @@ -48809,7 +47882,14 @@ ], "operation": "static_cast", "arguments": [ - "x161" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x120" + ] + } ] }, { @@ -48819,7 +47899,14 @@ ], "operation": "static_cast", "arguments": [ - "x163" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x121" + ] + } ] }, { @@ -48829,7 +47916,7 @@ ], "operation": "static_cast", "arguments": [ - "x164" + "x122" ] }, { @@ -48839,7 +47926,21 @@ ], "operation": "static_cast", "arguments": [ - "x165" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x62" + ] + } + ] + } ] }, { @@ -48849,7 +47950,14 @@ ], "operation": "static_cast", "arguments": [ - "x167" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x123" + ] + } ] }, { @@ -48859,7 +47967,14 @@ ], "operation": "static_cast", "arguments": [ - "x169" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x124" + ] + } ] }, { @@ -48869,7 +47984,14 @@ ], "operation": "static_cast", "arguments": [ - "x172" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x126" + ] + } ] }, { @@ -48879,7 +48001,14 @@ ], "operation": "static_cast", "arguments": [ - "x174" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x127" + ] + } ] }, { @@ -48889,7 +48018,14 @@ ], "operation": "static_cast", "arguments": [ - "x176" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x128" + ] + } ] }, { @@ -48899,7 +48035,7 @@ ], "operation": "static_cast", "arguments": [ - "x177" + "x129" ] } ] diff --git a/fiat-json/src/p448_solinas_64.json b/fiat-json/src/p448_solinas_64.json index 33d51fc1c9..be707e8c75 100644 --- a/fiat-json/src/p448_solinas_64.json +++ b/fiat-json/src/p448_solinas_64.json @@ -15195,16 +15195,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x34" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15221,7 +15221,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -15243,14 +15243,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - } + "x34" ] }, "8" @@ -15259,16 +15252,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x36" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15278,7 +15271,7 @@ "x35" ] }, - "0xff" + "8" ] } ] @@ -15300,7 +15293,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x36" ] }, "8" @@ -15309,16 +15302,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x38" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15328,20 +15321,20 @@ "x37" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x39" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -15350,7 +15343,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x37" + "x38" ] }, "8" @@ -15359,26 +15352,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x40" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, - "0xff" + "8" ] } ] @@ -15400,7 +15400,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x39" + "x40" ] }, "8" @@ -15409,16 +15409,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x42" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15428,7 +15428,7 @@ "x41" ] }, - "0xff" + "8" ] } ] @@ -15450,7 +15450,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x41" + "x42" ] }, "8" @@ -15459,16 +15459,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x44" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15478,7 +15478,7 @@ "x43" ] }, - "0xff" + "8" ] } ] @@ -15500,7 +15500,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x43" + "x44" ] }, "8" @@ -15509,16 +15509,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x46" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15530,12 +15530,12 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x22" ] } ] }, - "0xff" + "8" ] } ] @@ -15557,14 +15557,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - } + "x46" ] }, "8" @@ -15573,16 +15566,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x48" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15592,7 +15585,7 @@ "x47" ] }, - "0xff" + "8" ] } ] @@ -15614,7 +15607,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x47" + "x48" ] }, "8" @@ -15623,16 +15616,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x50" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15642,20 +15635,20 @@ "x49" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x51" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -15664,7 +15657,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x49" + "x50" ] }, "8" @@ -15673,26 +15666,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x52" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, - "0xff" + "8" ] } ] @@ -15714,7 +15714,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x51" + "x52" ] }, "8" @@ -15723,16 +15723,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x54" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15742,7 +15742,7 @@ "x53" ] }, - "0xff" + "8" ] } ] @@ -15764,7 +15764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x53" + "x54" ] }, "8" @@ -15773,16 +15773,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x56" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15792,7 +15792,7 @@ "x55" ] }, - "0xff" + "8" ] } ] @@ -15814,7 +15814,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x55" + "x56" ] }, "8" @@ -15823,16 +15823,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x58" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15844,12 +15844,12 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x26" ] } ] }, - "0xff" + "8" ] } ] @@ -15871,14 +15871,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - } + "x58" ] }, "8" @@ -15887,16 +15880,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x60" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15906,7 +15899,7 @@ "x59" ] }, - "0xff" + "8" ] } ] @@ -15928,7 +15921,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x59" + "x60" ] }, "8" @@ -15937,16 +15930,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x62" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15956,20 +15949,20 @@ "x61" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x63" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -15978,7 +15971,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x61" + "x62" ] }, "8" @@ -15987,26 +15980,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x64" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x63" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, - "0xff" + "8" ] } ] @@ -16028,7 +16028,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x63" + "x64" ] }, "8" @@ -16037,16 +16037,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x66" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16056,7 +16056,7 @@ "x65" ] }, - "0xff" + "8" ] } ] @@ -16078,7 +16078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x65" + "x66" ] }, "8" @@ -16087,16 +16087,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x68" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16106,7 +16106,7 @@ "x67" ] }, - "0xff" + "8" ] } ] @@ -16128,7 +16128,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x67" + "x68" ] }, "8" @@ -16137,16 +16137,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x70" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16158,12 +16158,12 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x30" ] } ] }, - "0xff" + "8" ] } ] @@ -16185,14 +16185,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - } + "x70" ] }, "8" @@ -16201,16 +16194,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x72" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16220,7 +16213,7 @@ "x71" ] }, - "0xff" + "8" ] } ] @@ -16242,7 +16235,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x71" + "x72" ] }, "8" @@ -16251,16 +16244,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x74" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16270,20 +16263,20 @@ "x73" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x75" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -16292,7 +16285,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x73" + "x74" ] }, "8" @@ -16301,26 +16294,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x76" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x75" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } ] }, - "0xff" + "8" ] } ] @@ -16342,7 +16342,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x76" ] }, "8" @@ -16351,16 +16351,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x78" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16370,7 +16370,7 @@ "x77" ] }, - "0xff" + "8" ] } ] @@ -16392,7 +16392,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x78" ] }, "8" @@ -16401,16 +16401,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x80" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16420,7 +16420,7 @@ "x79" ] }, - "0xff" + "8" ] } ] @@ -16442,7 +16442,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x80" ] }, "8" @@ -16453,63 +16453,40 @@ { "datatype": "u8", "name": [ - "x82" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x26" - ] - } + "x18" ] - }, - "0xff" + } ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x83" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x26" - ] - } - ] - }, - "8" + "x34" ] } ] @@ -16517,49 +16494,33 @@ { "datatype": "u8", "name": [ - "x84" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "0xff" + "x35" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x85" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - "8" + "x36" ] } ] @@ -16567,49 +16528,33 @@ { "datatype": "u8", "name": [ - "x86" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "0xff" + "x37" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x87" + "out1[5]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x85" - ] - }, - "8" + "x38" ] } ] @@ -16617,49 +16562,50 @@ { "datatype": "u8", "name": [ - "x88" + "out1[6]" + ], + "operation": "static_cast", + "arguments": [ + "x39" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[7]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x20" ] - }, - "0xff" + } ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x89" + "out1[8]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x87" - ] - }, - "8" + "x40" ] } ] @@ -16667,49 +16613,33 @@ { "datatype": "u8", "name": [ - "x90" + "out1[9]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "0xff" + "x41" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x91" + "out1[10]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - "8" + "x42" ] } ] @@ -16717,24 +16647,16 @@ { "datatype": "u8", "name": [ - "x92" + "out1[11]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x91" - ] - }, - "0xff" + "x43" ] } ] @@ -16742,24 +16664,16 @@ { "datatype": "u8", "name": [ - "x93" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x91" - ] - }, - "8" + "x44" ] } ] @@ -16767,63 +16681,33 @@ { "datatype": "u8", "name": [ - "x94" + "out1[13]" + ], + "operation": "static_cast", + "arguments": [ + "x45" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - } + "x22" ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x95" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - } - ] - }, - "8" + } ] } ] @@ -16831,49 +16715,16 @@ { "datatype": "u8", "name": [ - "x96" + "out1[15]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x95" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x97" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x95" - ] - }, - "8" + "x46" ] } ] @@ -16881,49 +16732,16 @@ { "datatype": "u8", "name": [ - "x98" + "out1[16]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x97" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x99" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x97" - ] - }, - "8" + "x47" ] } ] @@ -16931,49 +16749,33 @@ { "datatype": "u8", "name": [ - "x100" + "out1[17]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x99" - ] - }, - "0xff" + "x48" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x101" + "out1[18]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x99" - ] - }, - "8" + "x49" ] } ] @@ -16981,74 +16783,50 @@ { "datatype": "u8", "name": [ - "x102" + "out1[19]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "0xff" + "x50" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x103" + "out1[20]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - "8" - ] - } + "x51" ] }, { "datatype": "u8", "name": [ - "x104" + "out1[21]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x24" ] - }, - "0xff" + } ] } ] @@ -17056,24 +16834,16 @@ { "datatype": "u8", "name": [ - "x105" + "out1[22]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x103" - ] - }, - "8" + "x52" ] } ] @@ -17081,63 +16851,16 @@ { "datatype": "u8", "name": [ - "x106" + "out1[23]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - } - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x107" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - } - ] - }, - "8" + "x53" ] } ] @@ -17145,815 +16868,18 @@ { "datatype": "u8", "name": [ - "x108" + "out1[24]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x107" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x109" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x107" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x110" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x109" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x111" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x109" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x112" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x111" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x113" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x111" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x114" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x113" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x115" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x113" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x116" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x115" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x117" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x115" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x118" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x32" - ] - } - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x119" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x32" - ] - } - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x120" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x121" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x122" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x121" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x123" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x121" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x124" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x123" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x125" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x123" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x126" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x125" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x127" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x125" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x128" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x127" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x129" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x127" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x57" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x60" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x62" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x64" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x66" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x68" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x69" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x70" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x72" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x74" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x76" + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, { @@ -17963,7 +16889,14 @@ ], "operation": "static_cast", "arguments": [ - "x78" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x55" + ] + } ] }, { @@ -17973,7 +16906,14 @@ ], "operation": "static_cast", "arguments": [ - "x80" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x56" + ] + } ] }, { @@ -17983,7 +16923,7 @@ ], "operation": "static_cast", "arguments": [ - "x81" + "x57" ] }, { @@ -17993,7 +16933,21 @@ ], "operation": "static_cast", "arguments": [ - "x82" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } + ] + } ] }, { @@ -18003,7 +16957,14 @@ ], "operation": "static_cast", "arguments": [ - "x84" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x58" + ] + } ] }, { @@ -18013,7 +16974,14 @@ ], "operation": "static_cast", "arguments": [ - "x86" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x59" + ] + } ] }, { @@ -18023,7 +16991,14 @@ ], "operation": "static_cast", "arguments": [ - "x88" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x60" + ] + } ] }, { @@ -18033,7 +17008,14 @@ ], "operation": "static_cast", "arguments": [ - "x90" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x61" + ] + } ] }, { @@ -18043,7 +17025,14 @@ ], "operation": "static_cast", "arguments": [ - "x92" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x62" + ] + } ] }, { @@ -18053,7 +17042,7 @@ ], "operation": "static_cast", "arguments": [ - "x93" + "x63" ] }, { @@ -18063,7 +17052,21 @@ ], "operation": "static_cast", "arguments": [ - "x94" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } + ] + } ] }, { @@ -18073,7 +17076,14 @@ ], "operation": "static_cast", "arguments": [ - "x96" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x64" + ] + } ] }, { @@ -18083,7 +17093,14 @@ ], "operation": "static_cast", "arguments": [ - "x98" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x65" + ] + } ] }, { @@ -18093,7 +17110,14 @@ ], "operation": "static_cast", "arguments": [ - "x100" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x66" + ] + } ] }, { @@ -18103,7 +17127,14 @@ ], "operation": "static_cast", "arguments": [ - "x102" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x67" + ] + } ] }, { @@ -18113,7 +17144,14 @@ ], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x68" + ] + } ] }, { @@ -18123,7 +17161,7 @@ ], "operation": "static_cast", "arguments": [ - "x105" + "x69" ] }, { @@ -18133,7 +17171,21 @@ ], "operation": "static_cast", "arguments": [ - "x106" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } + ] + } ] }, { @@ -18143,7 +17195,14 @@ ], "operation": "static_cast", "arguments": [ - "x108" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x70" + ] + } ] }, { @@ -18153,7 +17212,14 @@ ], "operation": "static_cast", "arguments": [ - "x110" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x71" + ] + } ] }, { @@ -18163,7 +17229,14 @@ ], "operation": "static_cast", "arguments": [ - "x112" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x72" + ] + } ] }, { @@ -18173,7 +17246,14 @@ ], "operation": "static_cast", "arguments": [ - "x114" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x73" + ] + } ] }, { @@ -18183,7 +17263,14 @@ ], "operation": "static_cast", "arguments": [ - "x116" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x74" + ] + } ] }, { @@ -18193,7 +17280,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x75" ] }, { @@ -18203,7 +17290,21 @@ ], "operation": "static_cast", "arguments": [ - "x118" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x32" + ] + } + ] + } ] }, { @@ -18213,7 +17314,14 @@ ], "operation": "static_cast", "arguments": [ - "x120" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x76" + ] + } ] }, { @@ -18223,7 +17331,14 @@ ], "operation": "static_cast", "arguments": [ - "x122" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x77" + ] + } ] }, { @@ -18233,7 +17348,14 @@ ], "operation": "static_cast", "arguments": [ - "x124" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x78" + ] + } ] }, { @@ -18243,7 +17365,14 @@ ], "operation": "static_cast", "arguments": [ - "x126" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x79" + ] + } ] }, { @@ -18253,7 +17382,14 @@ ], "operation": "static_cast", "arguments": [ - "x128" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x80" + ] + } ] }, { @@ -18263,7 +17399,7 @@ ], "operation": "static_cast", "arguments": [ - "x129" + "x81" ] } ] diff --git a/fiat-json/src/p521_32.json b/fiat-json/src/p521_32.json index 3449547592..7318a1206e 100644 --- a/fiat-json/src/p521_32.json +++ b/fiat-json/src/p521_32.json @@ -47297,16 +47297,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x94" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47323,7 +47323,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -47345,14 +47345,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - } + "x94" ] }, "8" @@ -47370,7 +47363,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47380,7 +47373,7 @@ "x95" ] }, - "0xff" + "8" ] } ] @@ -47395,32 +47388,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x93" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x96" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x98" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47430,20 +47430,20 @@ "x97" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x99" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -47452,7 +47452,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x98" ] }, "8" @@ -47461,58 +47461,58 @@ ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x100" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x93" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x99" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x101" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x92" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x100" + ] + } ] } ] @@ -47530,11 +47530,11 @@ "operation": ">>", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x101" ] }, "8" @@ -47543,16 +47543,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x103" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47562,7 +47562,7 @@ "x102" ] }, - "0xff" + "8" ] } ] @@ -47584,7 +47584,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x103" ] }, "8" @@ -47602,7 +47602,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47612,111 +47612,111 @@ "x104" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x106" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x91" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x105" + ] + } ] } ] }, { - "datatype": "u64", + "datatype": "u32", "name": [ "x107" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x92" - ] - }, - { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ "x106" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x108" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ "x107" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x109" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x108" ] }, "8" @@ -47725,26 +47725,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x110" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x90" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x109" + ] + } ] } ] @@ -47762,11 +47769,11 @@ "operation": ">>", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x110" ] }, "8" @@ -47775,16 +47782,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x112" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47794,7 +47801,7 @@ "x111" ] }, - "0xff" + "8" ] } ] @@ -47816,7 +47823,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x112" ] }, "8" @@ -47834,7 +47841,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47844,32 +47851,39 @@ "x113" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x115" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x113" + "x89" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x114" + ] + } ] } ] @@ -47884,39 +47898,32 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x91" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x115" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x117" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -47926,20 +47933,20 @@ "x116" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x118" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -47948,7 +47955,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x116" + "x117" ] }, "8" @@ -47957,26 +47964,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x119" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x88" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x118" + ] + } ] } ] @@ -47998,7 +48012,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x118" + "x119" ] }, "8" @@ -48007,16 +48021,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x121" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48026,7 +48040,7 @@ "x120" ] }, - "0xff" + "8" ] } ] @@ -48048,7 +48062,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x120" + "x121" ] }, "8" @@ -48057,80 +48071,80 @@ ] }, { - "datatype": "u64", + "datatype": "u32", "name": [ "x123" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x90" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x122" - ] - } + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x124" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ "x123" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x125" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x123" + "x124" ] }, "8" @@ -48139,26 +48153,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x126" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x125" + "x87" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x125" + ] + } ] } ] @@ -48180,7 +48201,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x125" + "x126" ] }, "8" @@ -48189,16 +48210,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x128" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48208,20 +48229,20 @@ "x127" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x129" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48230,7 +48251,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x127" + "x128" ] }, "8" @@ -48239,48 +48260,55 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x130" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x86" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x129" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x131" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x129" + "x130" ] }, "8" @@ -48298,39 +48326,32 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x89" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x131" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x133" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48340,20 +48361,20 @@ "x132" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x134" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48362,7 +48383,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x132" + "x133" ] }, "8" @@ -48371,26 +48392,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x135" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x85" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x134" + ] + } ] } ] @@ -48412,7 +48440,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + "x135" ] }, "8" @@ -48421,16 +48449,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x137" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48440,7 +48468,7 @@ "x136" ] }, - "0xff" + "8" ] } ] @@ -48462,7 +48490,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x137" ] }, "8" @@ -48471,23 +48499,23 @@ ] }, { - "datatype": "u32", + "datatype": "u64", "name": [ "x139" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "+", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x84" ] }, { @@ -48503,26 +48531,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x140" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ "x139" ] }, - "0xff" + "8" ] } ] @@ -48544,7 +48572,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x140" ] }, "8" @@ -48553,16 +48581,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x142" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48572,20 +48600,20 @@ "x141" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x143" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48594,7 +48622,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x142" ] }, "8" @@ -48603,39 +48631,46 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x144" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x83" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x143" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x145" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -48644,7 +48679,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x144" ] }, "8" @@ -48653,46 +48688,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x146" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - } + "x145" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x147" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48701,14 +48729,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - } + "x146" ] }, "8" @@ -48717,26 +48738,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x148" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x82" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x147" + ] + } ] } ] @@ -48758,7 +48786,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x148" ] }, "8" @@ -48767,16 +48795,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x150" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48786,7 +48814,7 @@ "x149" ] }, - "0xff" + "8" ] } ] @@ -48808,7 +48836,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x150" ] }, "8" @@ -48826,39 +48854,39 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x87" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x68" + ] + } ] }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x151" - ] - } + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x153" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48868,20 +48896,20 @@ "x152" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x154" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -48890,7 +48918,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x153" ] }, "8" @@ -48899,26 +48927,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x155" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x81" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x154" + ] + } ] } ] @@ -48940,7 +48975,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x155" ] }, "8" @@ -48949,16 +48984,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x157" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -48968,7 +49003,7 @@ "x156" ] }, - "0xff" + "8" ] } ] @@ -48990,7 +49025,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x157" ] }, "8" @@ -49015,7 +49050,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x80" ] }, { @@ -49031,16 +49066,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x160" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -49050,7 +49085,7 @@ "x159" ] }, - "0xff" + "8" ] } ] @@ -49068,11 +49103,11 @@ "operation": ">>", "arguments": [ { - "datatype": "u64", + "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x160" ] }, "8" @@ -49081,16 +49116,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x162" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -49100,20 +49135,20 @@ "x161" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x163" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -49122,7 +49157,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x161" + "x162" ] }, "8" @@ -49131,26 +49166,33 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x164" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x79" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x163" + ] + } ] } ] @@ -49172,7 +49214,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x164" ] }, "8" @@ -49181,16 +49223,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x166" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -49200,7 +49242,7 @@ "x165" ] }, - "0xff" + "8" ] } ] @@ -49222,7 +49264,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x166" ] }, "8" @@ -49231,23 +49273,23 @@ ] }, { - "datatype": "u32", + "datatype": "u64", "name": [ "x168" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "+", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x78" ] }, { @@ -49263,26 +49305,26 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x169" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { - "datatype": "u32", + "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ "x168" ] }, - "0xff" + "8" ] } ] @@ -49304,7 +49346,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x169" ] }, "8" @@ -49313,16 +49355,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x171" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -49332,20 +49374,20 @@ "x170" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u1", "name": [ "x172" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": ">>", "arguments": [ @@ -49354,7 +49396,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x171" ] }, "8" @@ -49365,24 +49407,23 @@ { "datatype": "u8", "name": [ - "x173" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x40" ] - }, - "0xff" + } ] } ] @@ -49390,56 +49431,33 @@ { "datatype": "u8", "name": [ - "x174" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x172" - ] - }, - "8" + "x94" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x175" + "out1[2]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x84" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x174" - ] - } + "x95" ] } ] @@ -49447,49 +49465,33 @@ { "datatype": "u8", "name": [ - "x176" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x175" - ] - }, - "0xff" + "x97" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x177" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x175" - ] - }, - "8" + "x98" ] } ] @@ -49497,49 +49499,33 @@ { "datatype": "u8", "name": [ - "x178" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x177" - ] - }, - "0xff" + "x99" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x179" + "out1[6]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x177" - ] - }, - "8" + "x101" ] } ] @@ -49547,49 +49533,33 @@ { "datatype": "u8", "name": [ - "x180" + "out1[7]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x179" - ] - }, - "0xff" + "x102" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x181" + "out1[8]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x179" - ] - }, - "8" + "x103" ] } ] @@ -49597,24 +49567,16 @@ { "datatype": "u8", "name": [ - "x182" + "out1[9]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x181" - ] - }, - "0xff" + "x104" ] } ] @@ -49622,56 +49584,33 @@ { "datatype": "u8", "name": [ - "x183" + "out1[10]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x181" - ] - }, - "8" + "x106" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x184" + "out1[11]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x83" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x183" - ] - } + "x107" ] } ] @@ -49679,49 +49618,33 @@ { "datatype": "u8", "name": [ - "x185" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x184" - ] - }, - "0xff" + "x108" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x186" + "out1[13]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x184" - ] - }, - "8" + "x110" ] } ] @@ -49729,49 +49652,33 @@ { "datatype": "u8", "name": [ - "x187" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x186" - ] - }, - "0xff" + "x111" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x188" + "out1[15]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x186" - ] - }, - "8" + "x112" ] } ] @@ -49779,24 +49686,16 @@ { "datatype": "u8", "name": [ - "x189" + "out1[16]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x188" - ] - }, - "0xff" + "x113" ] } ] @@ -49804,56 +49703,33 @@ { "datatype": "u8", "name": [ - "x190" + "out1[17]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x188" - ] - }, - "8" + "x115" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x191" + "out1[18]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x82" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x190" - ] - } + "x116" ] } ] @@ -49861,49 +49737,33 @@ { "datatype": "u8", "name": [ - "x192" + "out1[19]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x191" - ] - }, - "0xff" + "x117" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x193" + "out1[20]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x191" - ] - }, - "8" + "x119" ] } ] @@ -49911,49 +49771,33 @@ { "datatype": "u8", "name": [ - "x194" + "out1[21]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x193" - ] - }, - "0xff" + "x120" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x195" + "out1[22]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x193" - ] - }, - "8" + "x121" ] } ] @@ -49961,24 +49805,33 @@ { "datatype": "u8", "name": [ - "x196" + "out1[23]" + ], + "operation": "static_cast", + "arguments": [ + "x122" + ] + }, + { + "datatype": "u8", + "name": [ + "out1[24]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x54" ] - }, - "0xff" + } ] } ] @@ -49986,24 +49839,16 @@ { "datatype": "u8", "name": [ - "x197" + "out1[25]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x195" - ] - }, - "8" + "x123" ] } ] @@ -50011,113 +49856,33 @@ { "datatype": "u8", "name": [ - "x198" + "out1[26]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - } - ] - }, - "0xff" + "x124" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x199" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x68" - ] - } - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x200" + "out1[27]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x199" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x201" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x199" - ] - }, - "8" + "x126" ] } ] @@ -50125,24 +49890,16 @@ { "datatype": "u8", "name": [ - "x202" + "out1[28]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x201" - ] - }, - "0xff" + "x127" ] } ] @@ -50150,56 +49907,16 @@ { "datatype": "u8", "name": [ - "x203" + "out1[29]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x201" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x204" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x81" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x203" - ] - } + "x128" ] } ] @@ -50207,49 +49924,16 @@ { "datatype": "u8", "name": [ - "x205" + "out1[30]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x204" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x206" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x204" - ] - }, - "8" + "x130" ] } ] @@ -50257,49 +49941,16 @@ { "datatype": "u8", "name": [ - "x207" + "out1[31]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x206" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x208" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x206" - ] - }, - "8" + "x131" ] } ] @@ -50307,24 +49958,16 @@ { "datatype": "u8", "name": [ - "x209" + "out1[32]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x208" - ] - }, - "0xff" + "x132" ] } ] @@ -50332,1012 +49975,18 @@ { "datatype": "u8", "name": [ - "x210" + "out1[33]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x208" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x211" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x80" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x210" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x212" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x211" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x213" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x211" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x214" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x213" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x215" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x213" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x216" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x215" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x217" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x215" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x218" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x217" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x219" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x217" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x220" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x79" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x219" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x221" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x220" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x222" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x220" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x223" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x222" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x224" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x222" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x225" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x224" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x226" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x224" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x227" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x78" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x226" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x228" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x227" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x229" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x227" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x230" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x229" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x231" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x229" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x232" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x231" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x233" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x231" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x234" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x233" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u1", - "name": [ - "x235" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x233" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x94" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x96" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x98" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x101" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x103" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x105" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x108" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x110" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x112" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x114" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x117" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x119" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x121" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x124" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x126" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x128" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[16]" - ], - "operation": "static_cast", - "arguments": [ - "x130" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[17]" - ], - "operation": "static_cast", - "arguments": [ - "x133" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[18]" - ], - "operation": "static_cast", - "arguments": [ - "x135" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[19]" - ], - "operation": "static_cast", - "arguments": [ - "x137" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[20]" - ], - "operation": "static_cast", - "arguments": [ - "x140" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[21]" - ], - "operation": "static_cast", - "arguments": [ - "x142" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[22]" - ], - "operation": "static_cast", - "arguments": [ - "x144" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[23]" - ], - "operation": "static_cast", - "arguments": [ - "x145" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[24]" - ], - "operation": "static_cast", - "arguments": [ - "x146" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[25]" - ], - "operation": "static_cast", - "arguments": [ - "x148" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[26]" - ], - "operation": "static_cast", - "arguments": [ - "x150" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[27]" - ], - "operation": "static_cast", - "arguments": [ - "x153" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[28]" - ], - "operation": "static_cast", - "arguments": [ - "x155" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[29]" - ], - "operation": "static_cast", - "arguments": [ - "x157" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[30]" - ], - "operation": "static_cast", - "arguments": [ - "x160" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[31]" - ], - "operation": "static_cast", - "arguments": [ - "x162" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[32]" - ], - "operation": "static_cast", - "arguments": [ - "x164" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[33]" - ], - "operation": "static_cast", - "arguments": [ - "x166" + "operation": "static_cast", + "arguments": [ + "x133" + ] + } ] }, { @@ -51347,7 +49996,14 @@ ], "operation": "static_cast", "arguments": [ - "x169" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x135" + ] + } ] }, { @@ -51357,7 +50013,14 @@ ], "operation": "static_cast", "arguments": [ - "x171" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x136" + ] + } ] }, { @@ -51367,7 +50030,14 @@ ], "operation": "static_cast", "arguments": [ - "x173" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x137" + ] + } ] }, { @@ -51377,7 +50047,14 @@ ], "operation": "static_cast", "arguments": [ - "x176" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x139" + ] + } ] }, { @@ -51387,7 +50064,14 @@ ], "operation": "static_cast", "arguments": [ - "x178" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x140" + ] + } ] }, { @@ -51397,7 +50081,14 @@ ], "operation": "static_cast", "arguments": [ - "x180" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x141" + ] + } ] }, { @@ -51407,7 +50098,14 @@ ], "operation": "static_cast", "arguments": [ - "x182" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x142" + ] + } ] }, { @@ -51417,7 +50115,14 @@ ], "operation": "static_cast", "arguments": [ - "x185" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x144" + ] + } ] }, { @@ -51427,7 +50132,14 @@ ], "operation": "static_cast", "arguments": [ - "x187" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x145" + ] + } ] }, { @@ -51437,7 +50149,14 @@ ], "operation": "static_cast", "arguments": [ - "x189" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x146" + ] + } ] }, { @@ -51447,7 +50166,14 @@ ], "operation": "static_cast", "arguments": [ - "x192" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x148" + ] + } ] }, { @@ -51457,7 +50183,14 @@ ], "operation": "static_cast", "arguments": [ - "x194" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x149" + ] + } ] }, { @@ -51467,7 +50200,14 @@ ], "operation": "static_cast", "arguments": [ - "x196" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x150" + ] + } ] }, { @@ -51477,7 +50217,7 @@ ], "operation": "static_cast", "arguments": [ - "x197" + "x151" ] }, { @@ -51487,7 +50227,21 @@ ], "operation": "static_cast", "arguments": [ - "x198" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x68" + ] + } + ] + } ] }, { @@ -51497,7 +50251,14 @@ ], "operation": "static_cast", "arguments": [ - "x200" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x152" + ] + } ] }, { @@ -51507,7 +50268,14 @@ ], "operation": "static_cast", "arguments": [ - "x202" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x153" + ] + } ] }, { @@ -51517,7 +50285,14 @@ ], "operation": "static_cast", "arguments": [ - "x205" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x155" + ] + } ] }, { @@ -51527,7 +50302,14 @@ ], "operation": "static_cast", "arguments": [ - "x207" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x156" + ] + } ] }, { @@ -51537,7 +50319,14 @@ ], "operation": "static_cast", "arguments": [ - "x209" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x157" + ] + } ] }, { @@ -51547,7 +50336,14 @@ ], "operation": "static_cast", "arguments": [ - "x212" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x159" + ] + } ] }, { @@ -51557,7 +50353,14 @@ ], "operation": "static_cast", "arguments": [ - "x214" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x160" + ] + } ] }, { @@ -51567,7 +50370,14 @@ ], "operation": "static_cast", "arguments": [ - "x216" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x161" + ] + } ] }, { @@ -51577,7 +50387,14 @@ ], "operation": "static_cast", "arguments": [ - "x218" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x162" + ] + } ] }, { @@ -51587,7 +50404,14 @@ ], "operation": "static_cast", "arguments": [ - "x221" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x164" + ] + } ] }, { @@ -51597,7 +50421,14 @@ ], "operation": "static_cast", "arguments": [ - "x223" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x165" + ] + } ] }, { @@ -51607,7 +50438,14 @@ ], "operation": "static_cast", "arguments": [ - "x225" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x166" + ] + } ] }, { @@ -51617,7 +50455,14 @@ ], "operation": "static_cast", "arguments": [ - "x228" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x168" + ] + } ] }, { @@ -51627,7 +50472,14 @@ ], "operation": "static_cast", "arguments": [ - "x230" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x169" + ] + } ] }, { @@ -51637,7 +50489,14 @@ ], "operation": "static_cast", "arguments": [ - "x232" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x170" + ] + } ] }, { @@ -51647,7 +50506,14 @@ ], "operation": "static_cast", "arguments": [ - "x234" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x171" + ] + } ] }, { @@ -51657,7 +50523,7 @@ ], "operation": "static_cast", "arguments": [ - "x235" + "x172" ] } ] diff --git a/fiat-json/src/p521_64.json b/fiat-json/src/p521_64.json index c2adeefea9..0c33be6ae1 100644 --- a/fiat-json/src/p521_64.json +++ b/fiat-json/src/p521_64.json @@ -14927,16 +14927,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x44" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -14953,7 +14953,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -14975,14 +14975,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - } + "x44" ] }, "8" @@ -14991,16 +14984,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x46" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15010,7 +15003,7 @@ "x45" ] }, - "0xff" + "8" ] } ] @@ -15032,7 +15025,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x45" + "x46" ] }, "8" @@ -15041,16 +15034,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x48" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15060,7 +15053,7 @@ "x47" ] }, - "0xff" + "8" ] } ] @@ -15082,7 +15075,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x47" + "x48" ] }, "8" @@ -15100,7 +15093,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15110,7 +15103,7 @@ "x49" ] }, - "0xff" + "8" ] } ] @@ -15125,32 +15118,39 @@ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x49" + "x43" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x50" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x52" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15160,7 +15160,7 @@ "x51" ] }, - "0xff" + "8" ] } ] @@ -15182,7 +15182,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x51" + "x52" ] }, "8" @@ -15191,16 +15191,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x54" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15210,7 +15210,7 @@ "x53" ] }, - "0xff" + "8" ] } ] @@ -15232,7 +15232,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x53" + "x54" ] }, "8" @@ -15241,16 +15241,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x56" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15260,20 +15260,20 @@ "x55" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x57" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -15282,7 +15282,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x55" + "x56" ] }, "8" @@ -15291,58 +15291,58 @@ ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x58" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x57" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x59" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x58" + "x42" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x58" + ] + } ] } ] @@ -15364,7 +15364,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x58" + "x59" ] }, "8" @@ -15373,16 +15373,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x61" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15392,7 +15392,7 @@ "x60" ] }, - "0xff" + "8" ] } ] @@ -15414,7 +15414,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x60" + "x61" ] }, "8" @@ -15423,16 +15423,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x63" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15442,7 +15442,7 @@ "x62" ] }, - "0xff" + "8" ] } ] @@ -15464,7 +15464,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x62" + "x63" ] }, "8" @@ -15473,16 +15473,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x65" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15492,20 +15492,20 @@ "x64" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x66" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -15514,7 +15514,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x64" + "x65" ] }, "8" @@ -15523,26 +15523,33 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x67" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x66" + "x41" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x66" + ] + } ] } ] @@ -15564,7 +15571,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x66" + "x67" ] }, "8" @@ -15573,16 +15580,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x69" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15592,7 +15599,7 @@ "x68" ] }, - "0xff" + "8" ] } ] @@ -15614,7 +15621,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x68" + "x69" ] }, "8" @@ -15623,16 +15630,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x71" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15642,20 +15649,20 @@ "x70" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x72" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -15664,7 +15671,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x70" + "x71" ] }, "8" @@ -15682,24 +15689,17 @@ { "datatype": "u64", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x72" ] - } + }, + "8" ] } ] @@ -15714,7 +15714,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15724,7 +15724,7 @@ "x73" ] }, - "0xff" + "8" ] } ] @@ -15746,7 +15746,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x73" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, "8" @@ -15755,16 +15762,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x76" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15774,7 +15781,7 @@ "x75" ] }, - "0xff" + "8" ] } ] @@ -15796,7 +15803,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x76" ] }, "8" @@ -15805,16 +15812,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x78" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15824,7 +15831,7 @@ "x77" ] }, - "0xff" + "8" ] } ] @@ -15846,7 +15853,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x78" ] }, "8" @@ -15855,16 +15862,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x80" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15874,20 +15881,20 @@ "x79" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x81" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -15896,7 +15903,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x80" ] }, "8" @@ -15905,31 +15912,38 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x82" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x40" ] }, - "0xff" - ] - } - ] - }, - { + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x81" + ] + } + ] + } + ] + }, + { "datatype": "u64", "name": [ "x83" @@ -15946,7 +15960,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x82" ] }, "8" @@ -15955,16 +15969,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x84" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -15974,7 +15988,7 @@ "x83" ] }, - "0xff" + "8" ] } ] @@ -15996,7 +16010,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x84" ] }, "8" @@ -16005,16 +16019,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x86" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16024,20 +16038,20 @@ "x85" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x87" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -16046,7 +16060,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x86" ] }, "8" @@ -16064,24 +16078,17 @@ { "datatype": "u64", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x87" ] - } + }, + "8" ] } ] @@ -16096,7 +16103,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16106,7 +16113,7 @@ "x88" ] }, - "0xff" + "8" ] } ] @@ -16121,32 +16128,39 @@ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x39" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x89" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x91" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16156,7 +16170,7 @@ "x90" ] }, - "0xff" + "8" ] } ] @@ -16178,7 +16192,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x91" ] }, "8" @@ -16187,16 +16201,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x93" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16206,7 +16220,7 @@ "x92" ] }, - "0xff" + "8" ] } ] @@ -16228,7 +16242,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x93" ] }, "8" @@ -16237,16 +16251,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x95" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16256,7 +16270,7 @@ "x94" ] }, - "0xff" + "8" ] } ] @@ -16278,7 +16292,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x95" ] }, "8" @@ -16296,7 +16310,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16306,7 +16320,7 @@ "x96" ] }, - "0xff" + "8" ] } ] @@ -16321,32 +16335,39 @@ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x38" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x97" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x99" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16356,7 +16377,7 @@ "x98" ] }, - "0xff" + "8" ] } ] @@ -16378,7 +16399,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x99" ] }, "8" @@ -16387,16 +16408,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x101" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16406,20 +16427,20 @@ "x100" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x102" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -16428,7 +16449,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x101" ] }, "8" @@ -16437,33 +16458,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x103" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - } + "x102" ] }, - "0xff" + "8" ] } ] @@ -16485,14 +16499,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - } + "x103" ] }, "8" @@ -16510,7 +16517,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16520,7 +16527,7 @@ "x104" ] }, - "0xff" + "8" ] } ] @@ -16542,7 +16549,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } ] }, "8" @@ -16551,16 +16565,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x107" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16570,7 +16584,7 @@ "x106" ] }, - "0xff" + "8" ] } ] @@ -16592,7 +16606,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x107" ] }, "8" @@ -16601,16 +16615,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x109" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16620,7 +16634,7 @@ "x108" ] }, - "0xff" + "8" ] } ] @@ -16642,7 +16656,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x109" ] }, "8" @@ -16651,16 +16665,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x111" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -16670,20 +16684,20 @@ "x110" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u1", "name": [ "x112" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": ">>", "arguments": [ @@ -16692,7 +16706,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x110" + "x111" ] }, "8" @@ -16703,49 +16717,40 @@ { "datatype": "u8", "name": [ - "x113" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x20" ] - }, - "0xff" + } ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x114" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x112" - ] - }, - "8" + "x44" ] } ] @@ -16753,24 +16758,16 @@ { "datatype": "u8", "name": [ - "x115" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - }, - "0xff" + "x45" ] } ] @@ -16778,1586 +16775,35 @@ { "datatype": "u8", "name": [ - "x116" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x114" - ] - }, - "8" + "x46" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x117" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x116" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x118" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x117" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x119" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x117" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x120" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x121" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x119" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x122" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x121" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x123" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x121" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x124" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x123" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x125" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x123" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x126" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x125" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x127" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x125" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x128" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x127" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x129" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x127" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x130" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x129" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x131" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x129" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x132" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x131" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x133" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x132" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x134" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x132" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x135" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x136" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x137" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x136" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x138" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x136" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x139" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x138" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x140" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x138" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x141" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x140" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x142" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x140" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x143" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x142" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x144" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x142" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x145" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x144" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x146" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x144" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x147" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "+", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x146" - ] - } - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x148" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x147" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x149" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x147" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x150" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x149" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x151" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x149" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x152" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x151" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x153" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x151" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x154" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x153" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x155" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x153" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x156" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x155" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x157" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x155" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x158" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x157" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x159" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x157" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x160" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x159" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x161" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x159" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x162" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - } - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x163" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - } - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x164" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x163" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x165" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x163" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x166" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x165" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x167" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x165" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x168" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x167" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x169" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x167" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x170" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x169" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x171" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x169" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x172" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x171" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x173" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x171" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x174" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x173" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u1", - "name": [ - "x175" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x173" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x52" + "operation": "static_cast", + "arguments": [ + "x47" + ] + } ] }, { @@ -18367,7 +16813,14 @@ ], "operation": "static_cast", "arguments": [ - "x54" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x48" + ] + } ] }, { @@ -18377,7 +16830,14 @@ ], "operation": "static_cast", "arguments": [ - "x56" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x49" + ] + } ] }, { @@ -18387,7 +16847,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x51" + ] + } ] }, { @@ -18397,7 +16864,14 @@ ], "operation": "static_cast", "arguments": [ - "x61" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x52" + ] + } ] }, { @@ -18407,7 +16881,14 @@ ], "operation": "static_cast", "arguments": [ - "x63" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x53" + ] + } ] }, { @@ -18417,7 +16898,14 @@ ], "operation": "static_cast", "arguments": [ - "x65" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x54" + ] + } ] }, { @@ -18427,7 +16915,14 @@ ], "operation": "static_cast", "arguments": [ - "x67" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x55" + ] + } ] }, { @@ -18437,7 +16932,14 @@ ], "operation": "static_cast", "arguments": [ - "x69" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x56" + ] + } ] }, { @@ -18447,7 +16949,14 @@ ], "operation": "static_cast", "arguments": [ - "x71" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x57" + ] + } ] }, { @@ -18457,7 +16966,14 @@ ], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x59" + ] + } ] }, { @@ -18467,7 +16983,14 @@ ], "operation": "static_cast", "arguments": [ - "x76" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x60" + ] + } ] }, { @@ -18477,7 +17000,14 @@ ], "operation": "static_cast", "arguments": [ - "x78" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x61" + ] + } ] }, { @@ -18487,7 +17017,14 @@ ], "operation": "static_cast", "arguments": [ - "x80" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x62" + ] + } ] }, { @@ -18497,7 +17034,14 @@ ], "operation": "static_cast", "arguments": [ - "x82" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x63" + ] + } ] }, { @@ -18507,7 +17051,14 @@ ], "operation": "static_cast", "arguments": [ - "x84" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x64" + ] + } ] }, { @@ -18517,7 +17068,14 @@ ], "operation": "static_cast", "arguments": [ - "x86" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x65" + ] + } ] }, { @@ -18527,7 +17085,14 @@ ], "operation": "static_cast", "arguments": [ - "x89" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x67" + ] + } ] }, { @@ -18537,7 +17102,14 @@ ], "operation": "static_cast", "arguments": [ - "x91" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x68" + ] + } ] }, { @@ -18547,7 +17119,14 @@ ], "operation": "static_cast", "arguments": [ - "x93" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x69" + ] + } ] }, { @@ -18557,7 +17136,14 @@ ], "operation": "static_cast", "arguments": [ - "x95" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x70" + ] + } ] }, { @@ -18567,7 +17153,14 @@ ], "operation": "static_cast", "arguments": [ - "x97" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x71" + ] + } ] }, { @@ -18577,7 +17170,14 @@ ], "operation": "static_cast", "arguments": [ - "x99" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x72" + ] + } ] }, { @@ -18587,7 +17187,14 @@ ], "operation": "static_cast", "arguments": [ - "x101" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x73" + ] + } ] }, { @@ -18597,7 +17204,7 @@ ], "operation": "static_cast", "arguments": [ - "x102" + "x74" ] }, { @@ -18607,7 +17214,21 @@ ], "operation": "static_cast", "arguments": [ - "x103" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } + ] + } ] }, { @@ -18617,7 +17238,14 @@ ], "operation": "static_cast", "arguments": [ - "x105" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x75" + ] + } ] }, { @@ -18627,7 +17255,14 @@ ], "operation": "static_cast", "arguments": [ - "x107" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x76" + ] + } ] }, { @@ -18637,7 +17272,14 @@ ], "operation": "static_cast", "arguments": [ - "x109" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x77" + ] + } ] }, { @@ -18647,7 +17289,14 @@ ], "operation": "static_cast", "arguments": [ - "x111" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x78" + ] + } ] }, { @@ -18657,7 +17306,14 @@ ], "operation": "static_cast", "arguments": [ - "x113" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x79" + ] + } ] }, { @@ -18667,7 +17323,14 @@ ], "operation": "static_cast", "arguments": [ - "x115" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x80" + ] + } ] }, { @@ -18677,7 +17340,14 @@ ], "operation": "static_cast", "arguments": [ - "x118" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x82" + ] + } ] }, { @@ -18687,7 +17357,14 @@ ], "operation": "static_cast", "arguments": [ - "x120" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x83" + ] + } ] }, { @@ -18697,7 +17374,14 @@ ], "operation": "static_cast", "arguments": [ - "x122" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x84" + ] + } ] }, { @@ -18707,7 +17391,14 @@ ], "operation": "static_cast", "arguments": [ - "x124" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x85" + ] + } ] }, { @@ -18717,7 +17408,14 @@ ], "operation": "static_cast", "arguments": [ - "x126" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x86" + ] + } ] }, { @@ -18727,7 +17425,14 @@ ], "operation": "static_cast", "arguments": [ - "x128" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x87" + ] + } ] }, { @@ -18737,7 +17442,14 @@ ], "operation": "static_cast", "arguments": [ - "x130" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x88" + ] + } ] }, { @@ -18747,7 +17459,14 @@ ], "operation": "static_cast", "arguments": [ - "x133" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x90" + ] + } ] }, { @@ -18757,7 +17476,14 @@ ], "operation": "static_cast", "arguments": [ - "x135" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x91" + ] + } ] }, { @@ -18767,7 +17493,14 @@ ], "operation": "static_cast", "arguments": [ - "x137" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x92" + ] + } ] }, { @@ -18777,7 +17510,14 @@ ], "operation": "static_cast", "arguments": [ - "x139" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x93" + ] + } ] }, { @@ -18787,7 +17527,14 @@ ], "operation": "static_cast", "arguments": [ - "x141" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x94" + ] + } ] }, { @@ -18797,7 +17544,14 @@ ], "operation": "static_cast", "arguments": [ - "x143" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x95" + ] + } ] }, { @@ -18807,7 +17561,14 @@ ], "operation": "static_cast", "arguments": [ - "x145" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x96" + ] + } ] }, { @@ -18817,7 +17578,14 @@ ], "operation": "static_cast", "arguments": [ - "x148" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x98" + ] + } ] }, { @@ -18827,7 +17595,14 @@ ], "operation": "static_cast", "arguments": [ - "x150" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x99" + ] + } ] }, { @@ -18837,7 +17612,14 @@ ], "operation": "static_cast", "arguments": [ - "x152" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x100" + ] + } ] }, { @@ -18847,7 +17629,14 @@ ], "operation": "static_cast", "arguments": [ - "x154" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x101" + ] + } ] }, { @@ -18857,7 +17646,14 @@ ], "operation": "static_cast", "arguments": [ - "x156" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x102" + ] + } ] }, { @@ -18867,7 +17663,14 @@ ], "operation": "static_cast", "arguments": [ - "x158" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x103" + ] + } ] }, { @@ -18877,7 +17680,14 @@ ], "operation": "static_cast", "arguments": [ - "x160" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x104" + ] + } ] }, { @@ -18887,7 +17697,7 @@ ], "operation": "static_cast", "arguments": [ - "x161" + "x105" ] }, { @@ -18897,7 +17707,21 @@ ], "operation": "static_cast", "arguments": [ - "x162" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x36" + ] + } + ] + } ] }, { @@ -18907,7 +17731,14 @@ ], "operation": "static_cast", "arguments": [ - "x164" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x106" + ] + } ] }, { @@ -18917,7 +17748,14 @@ ], "operation": "static_cast", "arguments": [ - "x166" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x107" + ] + } ] }, { @@ -18927,7 +17765,14 @@ ], "operation": "static_cast", "arguments": [ - "x168" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x108" + ] + } ] }, { @@ -18937,7 +17782,14 @@ ], "operation": "static_cast", "arguments": [ - "x170" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x109" + ] + } ] }, { @@ -18947,7 +17799,14 @@ ], "operation": "static_cast", "arguments": [ - "x172" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x110" + ] + } ] }, { @@ -18957,7 +17816,14 @@ ], "operation": "static_cast", "arguments": [ - "x174" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x111" + ] + } ] }, { @@ -18967,7 +17833,7 @@ ], "operation": "static_cast", "arguments": [ - "x175" + "x112" ] } ] diff --git a/fiat-json/src/poly1305_32.json b/fiat-json/src/poly1305_32.json index 0e282d710f..ceb7a73b74 100644 --- a/fiat-json/src/poly1305_32.json +++ b/fiat-json/src/poly1305_32.json @@ -6743,16 +6743,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x25" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -6769,7 +6769,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -6791,14 +6791,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - } + "x25" ] }, "8" @@ -6816,7 +6809,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -6826,7 +6819,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -6841,32 +6834,39 @@ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x24" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -6876,20 +6876,20 @@ "x28" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x30" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -6898,7 +6898,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -6907,58 +6907,58 @@ ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x30" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x23" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] } ] @@ -6980,7 +6980,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x32" ] }, "8" @@ -6989,16 +6989,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x34" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -7008,20 +7008,20 @@ "x33" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x35" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -7030,7 +7030,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x33" + "x34" ] }, "8" @@ -7039,39 +7039,46 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x36" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x22" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x35" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x37" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], "operation": ">>", "arguments": [ @@ -7080,7 +7087,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x36" ] }, "8" @@ -7098,24 +7105,17 @@ { "datatype": "u32", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", - "arguments": [ - "x23" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x37" ] - } + }, + "8" ] } ] @@ -7130,7 +7130,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -7140,7 +7140,7 @@ "x38" ] }, - "0xff" + "8" ] } ] @@ -7162,7 +7162,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x38" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, "8" @@ -7171,16 +7178,16 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ "x41" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", @@ -7190,20 +7197,20 @@ "x40" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ "x42" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -7212,7 +7219,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x41" ] }, "8" @@ -7223,24 +7230,23 @@ { "datatype": "u8", "name": [ - "x43" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x12" ] - }, - "0xff" + } ] } ] @@ -7248,56 +7254,33 @@ { "datatype": "u8", "name": [ - "x44" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" + "x25" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x45" + "out1[2]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - } + "x26" ] } ] @@ -7305,49 +7288,33 @@ { "datatype": "u8", "name": [ - "x46" + "out1[3]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - "0xff" + "x28" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x47" + "out1[4]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - "8" + "x29" ] } ] @@ -7355,49 +7322,33 @@ { "datatype": "u8", "name": [ - "x48" + "out1[5]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "0xff" + "x30" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x49" + "out1[6]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "8" + "x32" ] } ] @@ -7405,24 +7356,16 @@ { "datatype": "u8", "name": [ - "x50" + "out1[7]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x49" - ] - }, - "0xff" + "x33" ] } ] @@ -7430,24 +7373,16 @@ { "datatype": "u8", "name": [ - "x51" + "out1[8]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x49" - ] - }, - "8" + "x34" ] } ] @@ -7455,63 +7390,33 @@ { "datatype": "u8", "name": [ - "x52" + "out1[9]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - } - ] - }, - "0xff" + "x36" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x53" + "out1[10]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x20" - ] - } - ] - }, - "8" + "x37" ] } ] @@ -7519,74 +7424,50 @@ { "datatype": "u8", "name": [ - "x54" + "out1[11]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - "0xff" + "x38" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x55" + "out1[12]" ], "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x53" - ] - }, - "8" - ] - } + "x39" ] }, { "datatype": "u8", "name": [ - "x56" + "out1[13]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x55" + "x20" ] - }, - "0xff" + } ] } ] @@ -7594,178 +7475,20 @@ { "datatype": "u8", "name": [ - "x57" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x55" - ] - }, - "8" + "x40" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x25" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x27" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x29" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x32" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x51" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, { "datatype": "u8", "name": [ @@ -7773,7 +7496,14 @@ ], "operation": "static_cast", "arguments": [ - "x56" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x41" + ] + } ] }, { @@ -7783,7 +7513,7 @@ ], "operation": "static_cast", "arguments": [ - "x57" + "x42" ] } ] diff --git a/fiat-json/src/poly1305_64.json b/fiat-json/src/poly1305_64.json index 368ee4c6d3..5251960f15 100644 --- a/fiat-json/src/poly1305_64.json +++ b/fiat-json/src/poly1305_64.json @@ -4422,16 +4422,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x16" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4448,7 +4448,7 @@ } ] }, - "0xff" + "8" ] } ] @@ -4470,14 +4470,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - } + "x16" ] }, "8" @@ -4486,16 +4479,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x18" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4505,7 +4498,7 @@ "x17" ] }, - "0xff" + "8" ] } ] @@ -4527,7 +4520,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x17" + "x18" ] }, "8" @@ -4545,7 +4538,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4555,7 +4548,7 @@ "x19" ] }, - "0xff" + "8" ] } ] @@ -4570,32 +4563,39 @@ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x19" + "x15" ] }, - "8" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x22" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4605,7 +4605,7 @@ "x21" ] }, - "0xff" + "8" ] } ] @@ -4627,7 +4627,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x21" + "x22" ] }, "8" @@ -4636,16 +4636,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x24" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4655,20 +4655,20 @@ "x23" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x25" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], "operation": ">>", "arguments": [ @@ -4677,7 +4677,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x23" + "x24" ] }, "8" @@ -4686,58 +4686,58 @@ ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ "x26" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", - "arguments": [ - "x15" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", "arguments": [ "x25" ] - } + }, + "8" ] } ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": "+", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x14" ] }, - "0xff" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] } ] @@ -4759,7 +4759,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -4768,16 +4768,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4787,7 +4787,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -4809,7 +4809,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -4818,16 +4818,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4837,7 +4837,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -4859,7 +4859,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -4877,7 +4877,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -4887,32 +4887,31 @@ "x32" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[0]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x8" ] - }, - "8" + } ] } ] @@ -4920,24 +4919,16 @@ { "datatype": "u8", "name": [ - "x35" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x16" ] } ] @@ -4945,56 +4936,33 @@ { "datatype": "u8", "name": [ - "x36" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x17" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x37" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": "+", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x14" - ] - }, - { - "datatype": "u8", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - } + "x18" ] } ] @@ -5002,49 +4970,33 @@ { "datatype": "u8", "name": [ - "x38" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x37" - ] - }, - "0xff" + "x19" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x39" + "out1[5]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x37" - ] - }, - "8" + "x21" ] } ] @@ -5052,49 +5004,33 @@ { "datatype": "u8", "name": [ - "x40" + "out1[6]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - "0xff" + "x22" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x41" + "out1[7]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x39" - ] - }, - "8" + "x23" ] } ] @@ -5102,49 +5038,33 @@ { "datatype": "u8", "name": [ - "x42" + "out1[8]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - "0xff" + "x24" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x43" + "out1[9]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x41" - ] - }, - "8" + "x25" ] } ] @@ -5152,49 +5072,33 @@ { "datatype": "u8", "name": [ - "x44" + "out1[10]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - "0xff" + "x27" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x45" + "out1[11]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x43" - ] - }, - "8" + "x28" ] } ] @@ -5202,49 +5106,33 @@ { "datatype": "u8", "name": [ - "x46" + "out1[12]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - "0xff" + "x29" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x47" + "out1[13]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x45" - ] - }, - "8" + "x30" ] } ] @@ -5252,24 +5140,16 @@ { "datatype": "u8", "name": [ - "x48" + "out1[14]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "0xff" + "x31" ] } ] @@ -5277,188 +5157,20 @@ { "datatype": "u8", "name": [ - "x49" + "out1[15]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x47" - ] - }, - "8" + "x32" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x20" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[5]" - ], - "operation": "static_cast", - "arguments": [ - "x27" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[6]" - ], - "operation": "static_cast", - "arguments": [ - "x29" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[7]" - ], - "operation": "static_cast", - "arguments": [ - "x31" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[8]" - ], - "operation": "static_cast", - "arguments": [ - "x33" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[9]" - ], - "operation": "static_cast", - "arguments": [ - "x35" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[10]" - ], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[11]" - ], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[12]" - ], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[13]" - ], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[14]" - ], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[15]" - ], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, { "datatype": "u8", "name": [ @@ -5466,7 +5178,7 @@ ], "operation": "static_cast", "arguments": [ - "x49" + "x33" ] } ] diff --git a/fiat-json/src/secp256k1_dettman_64.json b/fiat-json/src/secp256k1_dettman_64.json index c009c21655..0db2e9ee2a 100644 --- a/fiat-json/src/secp256k1_dettman_64.json +++ b/fiat-json/src/secp256k1_dettman_64.json @@ -117,35 +117,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x3" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u128", "name": [ - "x4" + "x3" ], "operation": "static_cast", "arguments": [ @@ -331,7 +306,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, "0x1000003d10" @@ -346,7 +328,7 @@ { "datatype": "u64", "name": [ - "x5" + "x4" ], "operation": "static_cast", "arguments": [ @@ -360,7 +342,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x3" ] }, "52" @@ -371,7 +353,7 @@ { "datatype": "u64", "name": [ - "x6" + "x5" ], "operation": "static_cast", "arguments": [ @@ -385,7 +367,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x3" ] }, "0xfffffffffffff" @@ -396,7 +378,7 @@ { "datatype": "u128", "name": [ - "x7" + "x6" ], "operation": "static_cast", "arguments": [ @@ -626,7 +608,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x5" + "x4" ] } ] @@ -663,7 +645,7 @@ { "datatype": "u64", "name": [ - "x8" + "x7" ], "operation": "static_cast", "arguments": [ @@ -677,7 +659,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x6" ] }, "52" @@ -688,7 +670,7 @@ { "datatype": "u64", "name": [ - "x9" + "x8" ], "operation": "static_cast", "arguments": [ @@ -702,7 +684,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + "x6" ] }, "0xfffffffffffff" @@ -713,7 +695,7 @@ { "datatype": "u64", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -727,7 +709,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x8" ] }, "48" @@ -738,7 +720,7 @@ { "datatype": "u64", "name": [ - "x11" + "x10" ], "operation": "static_cast", "arguments": [ @@ -752,7 +734,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x8" ] }, "0xffffffffffff" @@ -763,7 +745,7 @@ { "datatype": "u128", "name": [ - "x12" + "x11" ], "operation": "static_cast", "arguments": [ @@ -939,7 +921,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x7" ] } ] @@ -949,7 +931,7 @@ { "datatype": "u64", "name": [ - "x13" + "x12" ], "operation": "static_cast", "arguments": [ @@ -963,7 +945,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x11" ] }, "52" @@ -974,7 +956,7 @@ { "datatype": "u64", "name": [ - "x14" + "x13" ], "operation": "static_cast", "arguments": [ @@ -988,7 +970,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x11" ] }, "0xfffffffffffff" @@ -999,7 +981,7 @@ { "datatype": "u128", "name": [ - "x15" + "x14" ], "operation": "static_cast", "arguments": [ @@ -1073,7 +1055,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x13" ] }, "4" @@ -1086,7 +1068,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] } ] @@ -1105,7 +1087,7 @@ { "datatype": "u64", "name": [ - "x16" + "x15" ], "operation": "static_cast", "arguments": [ @@ -1119,7 +1101,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x15" + "x14" ] }, "52" @@ -1130,7 +1112,7 @@ { "datatype": "u64", "name": [ - "x17" + "x16" ], "operation": "static_cast", "arguments": [ @@ -1144,7 +1126,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x15" + "x14" ] }, "0xfffffffffffff" @@ -1155,7 +1137,7 @@ { "datatype": "u128", "name": [ - "x18" + "x17" ], "operation": "static_cast", "arguments": [ @@ -1287,7 +1269,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x13" + "x12" ] } ] @@ -1297,7 +1279,7 @@ { "datatype": "u64", "name": [ - "x19" + "x18" ], "operation": "static_cast", "arguments": [ @@ -1311,7 +1293,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x17" ] }, "52" @@ -1322,7 +1304,7 @@ { "datatype": "u64", "name": [ - "x20" + "x19" ], "operation": "static_cast", "arguments": [ @@ -1336,7 +1318,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x17" ] }, "0xfffffffffffff" @@ -1347,7 +1329,7 @@ { "datatype": "u128", "name": [ - "x21" + "x20" ], "operation": "static_cast", "arguments": [ @@ -1445,7 +1427,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x15" ] } ] @@ -1467,7 +1449,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x19" ] }, "0x1000003d10" @@ -1482,7 +1464,7 @@ { "datatype": "u64", "name": [ - "x22" + "x21" ], "operation": "static_cast", "arguments": [ @@ -1496,7 +1478,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x21" + "x20" ] }, "52" @@ -1507,7 +1489,7 @@ { "datatype": "u64", "name": [ - "x23" + "x22" ], "operation": "static_cast", "arguments": [ @@ -1521,7 +1503,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x21" + "x20" ] }, "0xfffffffffffff" @@ -1532,7 +1514,7 @@ { "datatype": "u128", "name": [ - "x24" + "x23" ], "operation": "static_cast", "arguments": [ @@ -1620,7 +1602,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x19" + "x18" ] } ] @@ -1630,7 +1612,7 @@ { "datatype": "u64", "name": [ - "x25" + "x24" ], "operation": "static_cast", "arguments": [ @@ -1644,7 +1626,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x23" ] }, "64" @@ -1652,35 +1634,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x26" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u128", "name": [ - "x27" + "x25" ], "operation": "static_cast", "arguments": [ @@ -1822,7 +1779,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x21" ] } ] @@ -1844,7 +1801,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, "0x1000003d10" @@ -1859,7 +1823,7 @@ { "datatype": "u64", "name": [ - "x28" + "x26" ], "operation": "static_cast", "arguments": [ @@ -1873,7 +1837,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x27" + "x25" ] }, "52" @@ -1884,7 +1848,7 @@ { "datatype": "u64", "name": [ - "x29" + "x27" ], "operation": "static_cast", "arguments": [ @@ -1898,7 +1862,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x27" + "x25" ] }, "0xfffffffffffff" @@ -1909,7 +1873,7 @@ { "datatype": "u128", "name": [ - "x30" + "x28" ], "operation": "static_cast", "arguments": [ @@ -1933,7 +1897,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x5" ] }, { @@ -1941,7 +1905,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x26" ] } ] @@ -1963,7 +1927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x25" + "x24" ] }, "0x1000003d10000" @@ -1978,7 +1942,7 @@ { "datatype": "u64", "name": [ - "x31" + "x29" ], "operation": "static_cast", "arguments": [ @@ -1992,7 +1956,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x28" ] }, "52" @@ -2003,7 +1967,7 @@ { "datatype": "u64", "name": [ - "x32" + "x30" ], "operation": "static_cast", "arguments": [ @@ -2017,7 +1981,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x28" ] }, "0xfffffffffffff" @@ -2028,7 +1992,7 @@ { "datatype": "u64", "name": [ - "x33" + "x31" ], "operation": "static_cast", "arguments": [ @@ -2042,7 +2006,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x11" + "x10" ] }, { @@ -2050,7 +2014,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x29" ] } ] @@ -2064,7 +2028,7 @@ ], "operation": "static_cast", "arguments": [ - "x17" + "x16" ] }, { @@ -2074,7 +2038,7 @@ ], "operation": "static_cast", "arguments": [ - "x23" + "x22" ] }, { @@ -2084,7 +2048,7 @@ ], "operation": "static_cast", "arguments": [ - "x29" + "x27" ] }, { @@ -2094,7 +2058,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x30" ] }, { @@ -2104,7 +2068,7 @@ ], "operation": "static_cast", "arguments": [ - "x33" + "x31" ] } ] @@ -2309,35 +2273,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x7" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u128", "name": [ - "x8" + "x7" ], "operation": "static_cast", "arguments": [ @@ -2435,7 +2374,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x7" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, "0x1000003d10" @@ -2450,7 +2396,7 @@ { "datatype": "u64", "name": [ - "x9" + "x8" ], "operation": "static_cast", "arguments": [ @@ -2464,7 +2410,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x7" ] }, "52" @@ -2475,7 +2421,7 @@ { "datatype": "u64", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -2489,7 +2435,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x7" ] }, "0xfffffffffffff" @@ -2500,7 +2446,7 @@ { "datatype": "u128", "name": [ - "x11" + "x10" ], "operation": "static_cast", "arguments": [ @@ -2642,7 +2588,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x9" + "x8" ] } ] @@ -2679,7 +2625,7 @@ { "datatype": "u64", "name": [ - "x12" + "x11" ], "operation": "static_cast", "arguments": [ @@ -2693,7 +2639,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x11" + "x10" ] }, "52" @@ -2704,7 +2650,7 @@ { "datatype": "u64", "name": [ - "x13" + "x12" ], "operation": "static_cast", "arguments": [ @@ -2718,7 +2664,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x11" + "x10" ] }, "0xfffffffffffff" @@ -2729,7 +2675,7 @@ { "datatype": "u64", "name": [ - "x14" + "x13" ], "operation": "static_cast", "arguments": [ @@ -2743,7 +2689,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x13" + "x12" ] }, "48" @@ -2754,7 +2700,7 @@ { "datatype": "u64", "name": [ - "x15" + "x14" ], "operation": "static_cast", "arguments": [ @@ -2768,7 +2714,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x13" + "x12" ] }, "0xffffffffffff" @@ -2779,7 +2725,7 @@ { "datatype": "u128", "name": [ - "x16" + "x15" ], "operation": "static_cast", "arguments": [ @@ -2867,7 +2813,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x11" ] } ] @@ -2877,7 +2823,7 @@ { "datatype": "u64", "name": [ - "x17" + "x16" ], "operation": "static_cast", "arguments": [ @@ -2891,7 +2837,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x15" ] }, "52" @@ -2902,7 +2848,7 @@ { "datatype": "u64", "name": [ - "x18" + "x17" ], "operation": "static_cast", "arguments": [ @@ -2916,7 +2862,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x15" ] }, "0xfffffffffffff" @@ -2927,7 +2873,7 @@ { "datatype": "u128", "name": [ - "x19" + "x18" ], "operation": "static_cast", "arguments": [ @@ -3001,7 +2947,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x17" ] }, "4" @@ -3014,7 +2960,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x13" ] } ] @@ -3033,7 +2979,7 @@ { "datatype": "u64", "name": [ - "x20" + "x19" ], "operation": "static_cast", "arguments": [ @@ -3047,7 +2993,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x19" + "x18" ] }, "52" @@ -3058,7 +3004,7 @@ { "datatype": "u64", "name": [ - "x21" + "x20" ], "operation": "static_cast", "arguments": [ @@ -3072,7 +3018,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x19" + "x18" ] }, "0xfffffffffffff" @@ -3083,7 +3029,7 @@ { "datatype": "u128", "name": [ - "x22" + "x21" ], "operation": "static_cast", "arguments": [ @@ -3171,7 +3117,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x17" + "x16" ] } ] @@ -3181,7 +3127,7 @@ { "datatype": "u64", "name": [ - "x23" + "x22" ], "operation": "static_cast", "arguments": [ @@ -3195,7 +3141,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x21" ] }, "52" @@ -3206,7 +3152,7 @@ { "datatype": "u64", "name": [ - "x24" + "x23" ], "operation": "static_cast", "arguments": [ @@ -3220,7 +3166,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x21" ] }, "0xfffffffffffff" @@ -3231,7 +3177,7 @@ { "datatype": "u128", "name": [ - "x25" + "x24" ], "operation": "static_cast", "arguments": [ @@ -3285,7 +3231,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x19" ] } ] @@ -3307,7 +3253,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x23" ] }, "0x1000003d10" @@ -3322,7 +3268,7 @@ { "datatype": "u64", "name": [ - "x26" + "x25" ], "operation": "static_cast", "arguments": [ @@ -3336,7 +3282,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x25" + "x24" ] }, "52" @@ -3347,7 +3293,7 @@ { "datatype": "u64", "name": [ - "x27" + "x26" ], "operation": "static_cast", "arguments": [ @@ -3361,7 +3307,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x25" + "x24" ] }, "0xfffffffffffff" @@ -3372,7 +3318,7 @@ { "datatype": "u128", "name": [ - "x28" + "x27" ], "operation": "static_cast", "arguments": [ @@ -3416,7 +3362,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x23" + "x22" ] } ] @@ -3426,7 +3372,7 @@ { "datatype": "u64", "name": [ - "x29" + "x28" ], "operation": "static_cast", "arguments": [ @@ -3440,7 +3386,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x27" ] }, "64" @@ -3448,35 +3394,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x30" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u128", "name": [ - "x31" + "x29" ], "operation": "static_cast", "arguments": [ @@ -3574,7 +3495,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x25" ] } ] @@ -3596,7 +3517,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, "0x1000003d10" @@ -3611,7 +3539,7 @@ { "datatype": "u64", "name": [ - "x32" + "x30" ], "operation": "static_cast", "arguments": [ @@ -3625,7 +3553,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x29" ] }, "52" @@ -3636,7 +3564,7 @@ { "datatype": "u64", "name": [ - "x33" + "x31" ], "operation": "static_cast", "arguments": [ @@ -3650,7 +3578,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x31" + "x29" ] }, "0xfffffffffffff" @@ -3661,7 +3589,7 @@ { "datatype": "u128", "name": [ - "x34" + "x32" ], "operation": "static_cast", "arguments": [ @@ -3685,7 +3613,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, { @@ -3693,7 +3621,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x32" + "x30" ] } ] @@ -3715,7 +3643,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x29" + "x28" ] }, "0x1000003d10000" @@ -3730,7 +3658,7 @@ { "datatype": "u64", "name": [ - "x35" + "x33" ], "operation": "static_cast", "arguments": [ @@ -3744,7 +3672,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x32" ] }, "52" @@ -3755,7 +3683,7 @@ { "datatype": "u64", "name": [ - "x36" + "x34" ], "operation": "static_cast", "arguments": [ @@ -3769,7 +3697,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x32" ] }, "0xfffffffffffff" @@ -3780,7 +3708,7 @@ { "datatype": "u64", "name": [ - "x37" + "x35" ], "operation": "static_cast", "arguments": [ @@ -3794,7 +3722,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x15" + "x14" ] }, { @@ -3802,7 +3730,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x35" + "x33" ] } ] @@ -3816,7 +3744,7 @@ ], "operation": "static_cast", "arguments": [ - "x21" + "x20" ] }, { @@ -3826,7 +3754,7 @@ ], "operation": "static_cast", "arguments": [ - "x27" + "x26" ] }, { @@ -3836,7 +3764,7 @@ ], "operation": "static_cast", "arguments": [ - "x33" + "x31" ] }, { @@ -3846,7 +3774,7 @@ ], "operation": "static_cast", "arguments": [ - "x36" + "x34" ] }, { @@ -3856,7 +3784,7 @@ ], "operation": "static_cast", "arguments": [ - "x37" + "x35" ] } ] diff --git a/fiat-json/src/secp256k1_montgomery_32.json b/fiat-json/src/secp256k1_montgomery_32.json index a81345772d..0b0ceb5e71 100644 --- a/fiat-json/src/secp256k1_montgomery_32.json +++ b/fiat-json/src/secp256k1_montgomery_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -71835,35 +71799,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -71885,35 +71824,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x12" + "x10" ], "operation": "static_cast", "arguments": [ @@ -71927,7 +71841,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, "8" @@ -71938,32 +71852,7 @@ { "datatype": "u8", "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x14" + "x11" ], "operation": "static_cast", "arguments": [ @@ -71977,7 +71866,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x10" ] }, "8" @@ -71985,35 +71874,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x12" ], "operation": "static_cast", "arguments": [ @@ -72035,35 +71899,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x18" + "x13" ], "operation": "static_cast", "arguments": [ @@ -72077,7 +71916,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x12" ] }, "8" @@ -72088,32 +71927,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x14" ], "operation": "static_cast", "arguments": [ @@ -72127,7 +71941,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x13" ] }, "8" @@ -72135,35 +71949,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x15" ], "operation": "static_cast", "arguments": [ @@ -72185,35 +71974,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x24" + "x16" ], "operation": "static_cast", "arguments": [ @@ -72227,7 +71991,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x15" ] }, "8" @@ -72238,32 +72002,7 @@ { "datatype": "u8", "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x26" + "x17" ], "operation": "static_cast", "arguments": [ @@ -72277,7 +72016,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x16" ] }, "8" @@ -72285,35 +72024,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x27" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x28" + "x18" ], "operation": "static_cast", "arguments": [ @@ -72335,35 +72049,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x29" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x30" + "x19" ], "operation": "static_cast", "arguments": [ @@ -72377,7 +72066,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x18" ] }, "8" @@ -72388,32 +72077,7 @@ { "datatype": "u8", "name": [ - "x31" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x32" + "x20" ], "operation": "static_cast", "arguments": [ @@ -72427,7 +72091,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x19" ] }, "8" @@ -72435,35 +72099,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x34" + "x21" ], "operation": "static_cast", "arguments": [ @@ -72485,35 +72124,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x36" + "x22" ], "operation": "static_cast", "arguments": [ @@ -72527,7 +72141,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x21" ] }, "8" @@ -72538,32 +72152,7 @@ { "datatype": "u8", "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x38" + "x23" ], "operation": "static_cast", "arguments": [ @@ -72577,7 +72166,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x22" ] }, "8" @@ -72585,35 +72174,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x40" + "x24" ], "operation": "static_cast", "arguments": [ @@ -72635,35 +72199,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x42" + "x25" ], "operation": "static_cast", "arguments": [ @@ -72677,7 +72216,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x24" ] }, "8" @@ -72688,32 +72227,7 @@ { "datatype": "u8", "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x44" + "x26" ], "operation": "static_cast", "arguments": [ @@ -72727,7 +72241,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x25" ] }, "8" @@ -72735,35 +72249,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ @@ -72785,35 +72274,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x48" + "x28" ], "operation": "static_cast", "arguments": [ @@ -72827,7 +72291,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x27" ] }, "8" @@ -72838,32 +72302,7 @@ { "datatype": "u8", "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x50" + "x29" ], "operation": "static_cast", "arguments": [ @@ -72877,7 +72316,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x28" ] }, "8" @@ -72885,35 +72324,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x52" + "x30" ], "operation": "static_cast", "arguments": [ @@ -72936,39 +72350,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x53" + "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x30" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x54" + "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -72977,7 +72391,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x31" ] }, "8" @@ -72988,24 +72402,16 @@ { "datatype": "u8", "name": [ - "x55" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" + "x8" ] } ] @@ -73013,48 +72419,20 @@ { "datatype": "u8", "name": [ - "x56" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" + "x9" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, { "datatype": "u8", "name": [ @@ -73062,7 +72440,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -73072,7 +72457,7 @@ ], "operation": "static_cast", "arguments": [ - "x14" + "x11" ] }, { @@ -73082,7 +72467,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x7" + ] + } ] }, { @@ -73092,7 +72484,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -73102,7 +72501,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -73112,7 +72518,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x14" ] }, { @@ -73122,7 +72528,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -73132,7 +72545,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -73142,7 +72562,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -73152,7 +72579,7 @@ ], "operation": "static_cast", "arguments": [ - "x26" + "x17" ] }, { @@ -73162,7 +72589,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -73172,7 +72606,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -73182,7 +72623,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -73192,7 +72640,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x20" ] }, { @@ -73202,7 +72650,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -73212,7 +72667,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -73222,7 +72684,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -73232,7 +72701,7 @@ ], "operation": "static_cast", "arguments": [ - "x38" + "x23" ] }, { @@ -73242,7 +72711,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -73252,7 +72728,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -73262,7 +72745,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -73272,7 +72762,7 @@ ], "operation": "static_cast", "arguments": [ - "x44" + "x26" ] }, { @@ -73282,7 +72772,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -73292,7 +72789,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -73302,7 +72806,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -73312,7 +72823,7 @@ ], "operation": "static_cast", "arguments": [ - "x50" + "x29" ] }, { @@ -73322,7 +72833,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -73332,7 +72850,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -73342,7 +72867,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -73352,7 +72884,7 @@ ], "operation": "static_cast", "arguments": [ - "x56" + "x32" ] } ] @@ -75529,22 +75061,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -78847,43 +78364,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x134" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x34" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x135" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" + } ] }, "0x0", @@ -78900,7 +78399,7 @@ { "datatype": "u32", "name": [ - "x136" + "x135" ], "operation": "cmovznz", "arguments": [ @@ -78909,7 +78408,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78926,7 +78432,7 @@ { "datatype": "u32", "name": [ - "x137" + "x136" ], "operation": "cmovznz", "arguments": [ @@ -78935,7 +78441,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78952,7 +78465,7 @@ { "datatype": "u32", "name": [ - "x138" + "x137" ], "operation": "cmovznz", "arguments": [ @@ -78961,7 +78474,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -78978,7 +78498,7 @@ { "datatype": "u32", "name": [ - "x139" + "x138" ], "operation": "cmovznz", "arguments": [ @@ -78987,7 +78507,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79004,7 +78531,7 @@ { "datatype": "u32", "name": [ - "x140" + "x139" ], "operation": "cmovznz", "arguments": [ @@ -79013,7 +78540,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79030,7 +78564,7 @@ { "datatype": "u32", "name": [ - "x141" + "x140" ], "operation": "cmovznz", "arguments": [ @@ -79039,7 +78573,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79056,7 +78597,7 @@ { "datatype": "u32", "name": [ - "x142" + "x141" ], "operation": "cmovznz", "arguments": [ @@ -79065,7 +78606,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79082,7 +78630,7 @@ { "datatype": "u32", "name": [ - "x143" + "x142" ], "operation": "cmovznz", "arguments": [ @@ -79091,7 +78639,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79108,8 +78663,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "addcarryx", "parameters": { @@ -79130,7 +78685,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -79138,8 +78693,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "addcarryx", "parameters": { @@ -79156,7 +78711,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -79174,7 +78729,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -79182,8 +78737,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "addcarryx", "parameters": { @@ -79200,7 +78755,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -79218,7 +78773,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -79226,8 +78781,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "addcarryx", "parameters": { @@ -79244,7 +78799,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -79262,7 +78817,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -79270,8 +78825,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "addcarryx", "parameters": { @@ -79288,7 +78843,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -79306,7 +78861,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -79314,8 +78869,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "addcarryx", "parameters": { @@ -79332,7 +78887,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -79350,7 +78905,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -79358,8 +78913,8 @@ { "datatype": "(auto)", "name": [ - "x156", - "x157" + "x155", + "x156" ], "operation": "addcarryx", "parameters": { @@ -79376,7 +78931,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -79394,7 +78949,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -79402,8 +78957,8 @@ { "datatype": "(auto)", "name": [ - "x158", - "x159" + "x157", + "x158" ], "operation": "addcarryx", "parameters": { @@ -79420,7 +78975,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -79438,7 +78993,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -79446,7 +79001,7 @@ { "datatype": "(auto)", "name": [ - "x160", + "x159", "_" ], "operation": "addcarryx", @@ -79464,7 +79019,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -79482,7 +79037,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -79490,7 +79045,7 @@ { "datatype": "u32", "name": [ - "x162" + "x161" ], "operation": "cmovznz", "arguments": [ @@ -79499,7 +79054,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79516,7 +79078,7 @@ { "datatype": "u32", "name": [ - "x163" + "x162" ], "operation": "cmovznz", "arguments": [ @@ -79525,7 +79087,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79542,7 +79111,7 @@ { "datatype": "u32", "name": [ - "x164" + "x163" ], "operation": "cmovznz", "arguments": [ @@ -79551,7 +79120,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79568,7 +79144,7 @@ { "datatype": "u32", "name": [ - "x165" + "x164" ], "operation": "cmovznz", "arguments": [ @@ -79577,7 +79153,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79594,7 +79177,7 @@ { "datatype": "u32", "name": [ - "x166" + "x165" ], "operation": "cmovznz", "arguments": [ @@ -79603,7 +79186,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79620,7 +79210,7 @@ { "datatype": "u32", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -79629,7 +79219,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79646,7 +79243,7 @@ { "datatype": "u32", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -79655,7 +79252,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79672,7 +79276,7 @@ { "datatype": "u32", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -79681,7 +79285,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -79698,8 +79309,8 @@ { "datatype": "(auto)", "name": [ - "x170", - "x171" + "x169", + "x170" ], "operation": "addcarryx", "parameters": { @@ -79720,7 +79331,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -79728,8 +79339,8 @@ { "datatype": "(auto)", "name": [ - "x172", - "x173" + "x171", + "x172" ], "operation": "addcarryx", "parameters": { @@ -79746,7 +79357,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -79764,7 +79375,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -79772,8 +79383,8 @@ { "datatype": "(auto)", "name": [ - "x174", - "x175" + "x173", + "x174" ], "operation": "addcarryx", "parameters": { @@ -79790,7 +79401,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -79808,7 +79419,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -79816,8 +79427,8 @@ { "datatype": "(auto)", "name": [ - "x176", - "x177" + "x175", + "x176" ], "operation": "addcarryx", "parameters": { @@ -79834,7 +79445,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -79852,7 +79463,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -79860,8 +79471,8 @@ { "datatype": "(auto)", "name": [ - "x178", - "x179" + "x177", + "x178" ], "operation": "addcarryx", "parameters": { @@ -79878,7 +79489,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -79896,7 +79507,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -79904,8 +79515,8 @@ { "datatype": "(auto)", "name": [ - "x180", - "x181" + "x179", + "x180" ], "operation": "addcarryx", "parameters": { @@ -79922,7 +79533,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x179" + "x178" ] } ] @@ -79940,7 +79551,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -79948,8 +79559,8 @@ { "datatype": "(auto)", "name": [ - "x182", - "x183" + "x181", + "x182" ], "operation": "addcarryx", "parameters": { @@ -79966,7 +79577,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -79984,7 +79595,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -79992,8 +79603,8 @@ { "datatype": "(auto)", "name": [ - "x184", - "x185" + "x183", + "x184" ], "operation": "addcarryx", "parameters": { @@ -80010,7 +79621,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] } ] @@ -80028,7 +79639,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -80036,8 +79647,8 @@ { "datatype": "(auto)", "name": [ - "x186", - "x187" + "x185", + "x186" ], "operation": "subborrowx", "parameters": { @@ -80055,7 +79666,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -80066,8 +79677,8 @@ { "datatype": "(auto)", "name": [ - "x188", - "x189" + "x187", + "x188" ], "operation": "subborrowx", "parameters": { @@ -80084,7 +79695,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] } ] @@ -80099,7 +79710,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -80110,8 +79721,8 @@ { "datatype": "(auto)", "name": [ - "x190", - "x191" + "x189", + "x190" ], "operation": "subborrowx", "parameters": { @@ -80128,7 +79739,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] } ] @@ -80143,7 +79754,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -80154,8 +79765,8 @@ { "datatype": "(auto)", "name": [ - "x192", - "x193" + "x191", + "x192" ], "operation": "subborrowx", "parameters": { @@ -80172,7 +79783,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] } ] @@ -80187,7 +79798,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -80198,8 +79809,8 @@ { "datatype": "(auto)", "name": [ - "x194", - "x195" + "x193", + "x194" ], "operation": "subborrowx", "parameters": { @@ -80216,7 +79827,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] } ] @@ -80231,7 +79842,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -80242,8 +79853,8 @@ { "datatype": "(auto)", "name": [ - "x196", - "x197" + "x195", + "x196" ], "operation": "subborrowx", "parameters": { @@ -80260,7 +79871,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -80275,7 +79886,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -80286,8 +79897,8 @@ { "datatype": "(auto)", "name": [ - "x198", - "x199" + "x197", + "x198" ], "operation": "subborrowx", "parameters": { @@ -80304,7 +79915,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -80319,7 +79930,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -80330,8 +79941,8 @@ { "datatype": "(auto)", "name": [ - "x200", - "x201" + "x199", + "x200" ], "operation": "subborrowx", "parameters": { @@ -80348,7 +79959,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -80363,7 +79974,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -80375,7 +79986,7 @@ "datatype": "(auto)", "name": [ "_", - "x203" + "x202" ], "operation": "subborrowx", "parameters": { @@ -80392,7 +80003,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -80407,7 +80018,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] } ] @@ -80418,7 +80029,7 @@ { "datatype": "(auto)", "name": [ - "x204", + "x203", "_" ], "operation": "addcarryx", @@ -80441,7 +80052,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "static_cast", "arguments": [ @@ -80470,7 +80081,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -80505,7 +80116,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -80525,7 +80136,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "static_cast", "arguments": [ @@ -80554,7 +80165,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -80589,7 +80200,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -80609,7 +80220,7 @@ { "datatype": "u32", "name": [ - "x208" + "x207" ], "operation": "static_cast", "arguments": [ @@ -80638,7 +80249,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -80673,7 +80284,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -80693,7 +80304,7 @@ { "datatype": "u32", "name": [ - "x209" + "x208" ], "operation": "static_cast", "arguments": [ @@ -80722,7 +80333,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -80757,7 +80368,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -80777,7 +80388,7 @@ { "datatype": "u32", "name": [ - "x210" + "x209" ], "operation": "static_cast", "arguments": [ @@ -80806,7 +80417,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -80841,7 +80452,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -80861,7 +80472,7 @@ { "datatype": "u32", "name": [ - "x211" + "x210" ], "operation": "static_cast", "arguments": [ @@ -80890,7 +80501,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -80925,7 +80536,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -80945,7 +80556,7 @@ { "datatype": "u32", "name": [ - "x212" + "x211" ], "operation": "static_cast", "arguments": [ @@ -80974,7 +80585,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -81009,7 +80620,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -81029,7 +80640,7 @@ { "datatype": "u32", "name": [ - "x213" + "x212" ], "operation": "static_cast", "arguments": [ @@ -81058,7 +80669,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -81093,7 +80704,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -81113,7 +80724,7 @@ { "datatype": "u32", "name": [ - "x214" + "x213" ], "operation": "static_cast", "arguments": [ @@ -81142,7 +80753,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -81172,7 +80783,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -81189,7 +80800,7 @@ { "datatype": "u32", "name": [ - "x215" + "x214" ], "operation": "cmovznz", "arguments": [ @@ -81243,7 +80854,7 @@ { "datatype": "u32", "name": [ - "x216" + "x215" ], "operation": "cmovznz", "arguments": [ @@ -81297,7 +80908,7 @@ { "datatype": "u32", "name": [ - "x217" + "x216" ], "operation": "cmovznz", "arguments": [ @@ -81351,7 +80962,7 @@ { "datatype": "u32", "name": [ - "x218" + "x217" ], "operation": "cmovznz", "arguments": [ @@ -81405,7 +81016,7 @@ { "datatype": "u32", "name": [ - "x219" + "x218" ], "operation": "cmovznz", "arguments": [ @@ -81459,7 +81070,7 @@ { "datatype": "u32", "name": [ - "x220" + "x219" ], "operation": "cmovznz", "arguments": [ @@ -81513,7 +81124,7 @@ { "datatype": "u32", "name": [ - "x221" + "x220" ], "operation": "cmovznz", "arguments": [ @@ -81567,7 +81178,7 @@ { "datatype": "u32", "name": [ - "x222" + "x221" ], "operation": "cmovznz", "arguments": [ @@ -81621,7 +81232,7 @@ { "datatype": "u32", "name": [ - "x223" + "x222" ], "operation": "cmovznz", "arguments": [ @@ -81635,7 +81246,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81650,7 +81261,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] } ] @@ -81665,7 +81276,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -81675,7 +81286,7 @@ { "datatype": "u32", "name": [ - "x224" + "x223" ], "operation": "cmovznz", "arguments": [ @@ -81689,7 +81300,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81704,7 +81315,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] } ] @@ -81719,7 +81330,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -81729,7 +81340,7 @@ { "datatype": "u32", "name": [ - "x225" + "x224" ], "operation": "cmovznz", "arguments": [ @@ -81743,7 +81354,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81758,7 +81369,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] } ] @@ -81773,7 +81384,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -81783,7 +81394,7 @@ { "datatype": "u32", "name": [ - "x226" + "x225" ], "operation": "cmovznz", "arguments": [ @@ -81797,7 +81408,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81812,7 +81423,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] } ] @@ -81827,7 +81438,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -81837,7 +81448,7 @@ { "datatype": "u32", "name": [ - "x227" + "x226" ], "operation": "cmovznz", "arguments": [ @@ -81851,7 +81462,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81866,7 +81477,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] } ] @@ -81881,7 +81492,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -81891,7 +81502,7 @@ { "datatype": "u32", "name": [ - "x228" + "x227" ], "operation": "cmovznz", "arguments": [ @@ -81905,7 +81516,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81920,7 +81531,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -81935,7 +81546,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -81945,7 +81556,7 @@ { "datatype": "u32", "name": [ - "x229" + "x228" ], "operation": "cmovznz", "arguments": [ @@ -81959,7 +81570,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -81974,7 +81585,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -81989,7 +81600,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -81999,7 +81610,7 @@ { "datatype": "u32", "name": [ - "x230" + "x229" ], "operation": "cmovznz", "arguments": [ @@ -82013,7 +81624,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -82028,7 +81639,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -82043,7 +81654,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -82062,7 +81673,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -82164,7 +81775,7 @@ ], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] }, { @@ -82174,7 +81785,7 @@ ], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] }, { @@ -82184,7 +81795,7 @@ ], "operation": "static_cast", "arguments": [ - "x208" + "x207" ] }, { @@ -82194,7 +81805,7 @@ ], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] }, { @@ -82204,7 +81815,7 @@ ], "operation": "static_cast", "arguments": [ - "x210" + "x209" ] }, { @@ -82214,7 +81825,7 @@ ], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] }, { @@ -82224,7 +81835,7 @@ ], "operation": "static_cast", "arguments": [ - "x212" + "x211" ] }, { @@ -82234,7 +81845,7 @@ ], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] }, { @@ -82244,7 +81855,7 @@ ], "operation": "static_cast", "arguments": [ - "x214" + "x213" ] }, { @@ -82254,7 +81865,7 @@ ], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] }, { @@ -82264,7 +81875,7 @@ ], "operation": "static_cast", "arguments": [ - "x216" + "x215" ] }, { @@ -82274,7 +81885,7 @@ ], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] }, { @@ -82284,7 +81895,7 @@ ], "operation": "static_cast", "arguments": [ - "x218" + "x217" ] }, { @@ -82294,7 +81905,7 @@ ], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] }, { @@ -82304,7 +81915,7 @@ ], "operation": "static_cast", "arguments": [ - "x220" + "x219" ] }, { @@ -82314,7 +81925,7 @@ ], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] }, { @@ -82324,7 +81935,7 @@ ], "operation": "static_cast", "arguments": [ - "x222" + "x221" ] }, { @@ -82334,7 +81945,7 @@ ], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] }, { @@ -82344,7 +81955,7 @@ ], "operation": "static_cast", "arguments": [ - "x224" + "x223" ] }, { @@ -82354,7 +81965,7 @@ ], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] }, { @@ -82364,7 +81975,7 @@ ], "operation": "static_cast", "arguments": [ - "x226" + "x225" ] }, { @@ -82374,7 +81985,7 @@ ], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] }, { @@ -82384,7 +81995,7 @@ ], "operation": "static_cast", "arguments": [ - "x228" + "x227" ] }, { @@ -82394,7 +82005,7 @@ ], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] }, { @@ -82404,7 +82015,7 @@ ], "operation": "static_cast", "arguments": [ - "x230" + "x229" ] } ] diff --git a/fiat-json/src/secp256k1_montgomery_64.json b/fiat-json/src/secp256k1_montgomery_64.json index f2f8050d32..8d92c94e1a 100644 --- a/fiat-json/src/secp256k1_montgomery_64.json +++ b/fiat-json/src/secp256k1_montgomery_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -20686,16 +20650,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20705,7 +20669,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -20727,7 +20691,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -20736,16 +20700,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20755,7 +20719,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -20777,7 +20741,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -20786,16 +20750,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20805,7 +20769,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -20827,7 +20791,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -20845,7 +20809,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20855,7 +20819,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -20877,7 +20841,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -20886,16 +20850,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20905,7 +20869,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -20927,7 +20891,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -20936,16 +20900,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -20955,7 +20919,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -20977,7 +20941,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -20986,16 +20950,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21005,7 +20969,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -21027,7 +20991,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -21036,26 +21000,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -21077,7 +21041,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -21086,16 +21050,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21105,7 +21069,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -21127,7 +21091,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -21136,16 +21100,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21155,7 +21119,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -21177,7 +21141,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -21195,7 +21159,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21205,7 +21169,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -21227,7 +21191,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -21236,16 +21200,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21255,7 +21219,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -21277,7 +21241,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -21286,16 +21250,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21305,7 +21269,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -21327,7 +21291,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -21336,16 +21300,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21355,7 +21319,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -21377,7 +21341,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -21388,49 +21352,33 @@ { "datatype": "u8", "name": [ - "x33" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x5" ] } ] @@ -21438,49 +21386,33 @@ { "datatype": "u8", "name": [ - "x35" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x36" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x7" ] } ] @@ -21488,653 +21420,20 @@ { "datatype": "u8", "name": [ - "x37" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" + "x8" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, { "datatype": "u8", "name": [ @@ -22142,7 +21441,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -22152,7 +21458,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -22162,7 +21475,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -22172,7 +21485,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -22182,7 +21502,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -22192,7 +21519,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -22202,7 +21536,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -22212,7 +21553,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -22222,7 +21570,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -22232,7 +21587,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -22242,7 +21604,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -22252,7 +21614,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -22262,7 +21631,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -22272,7 +21648,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -22282,7 +21665,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -22292,7 +21682,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -22302,7 +21699,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -22312,7 +21716,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -22322,7 +21733,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -22332,7 +21743,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -22342,7 +21760,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -22352,7 +21777,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -22362,7 +21794,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -22372,7 +21811,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -22382,7 +21828,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -22392,7 +21845,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -22402,7 +21862,7 @@ ], "operation": "static_cast", "arguments": [ - "x60" + "x32" ] } ] @@ -24559,22 +24019,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -26330,43 +25775,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x74" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x22" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x75" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" + } ] }, "0x0", @@ -26383,7 +25810,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -26392,7 +25819,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26409,7 +25843,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -26418,7 +25852,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26435,7 +25876,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -26444,7 +25885,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26461,7 +25909,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -26470,7 +25918,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26487,8 +25942,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -26509,7 +25964,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -26517,8 +25972,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -26535,7 +25990,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -26553,7 +26008,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -26561,8 +26016,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -26579,7 +26034,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -26597,7 +26052,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -26605,8 +26060,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -26623,7 +26078,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -26641,7 +26096,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -26649,7 +26104,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -26667,7 +26122,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -26685,7 +26140,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -26693,7 +26148,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -26702,7 +26157,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26719,7 +26181,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -26728,7 +26190,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26745,7 +26214,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -26754,7 +26223,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26771,7 +26247,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -26780,7 +26256,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -26797,8 +26280,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -26819,7 +26302,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -26827,8 +26310,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -26845,7 +26328,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -26863,7 +26346,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -26871,8 +26354,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -26889,7 +26372,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -26907,7 +26390,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -26915,8 +26398,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -26933,7 +26416,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -26951,7 +26434,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -26959,8 +26442,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -26978,7 +26461,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -26989,8 +26472,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -27007,7 +26490,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -27022,7 +26505,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -27033,8 +26516,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -27051,7 +26534,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -27066,7 +26549,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -27077,8 +26560,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -27095,7 +26578,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -27110,7 +26593,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -27122,7 +26605,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -27139,7 +26622,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -27154,7 +26637,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -27165,7 +26648,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -27188,7 +26671,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -27217,7 +26700,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -27252,7 +26735,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -27272,7 +26755,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -27301,7 +26784,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -27336,7 +26819,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -27356,7 +26839,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -27385,7 +26868,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -27420,7 +26903,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -27440,7 +26923,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -27469,7 +26952,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -27504,7 +26987,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -27524,7 +27007,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -27553,7 +27036,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -27583,7 +27066,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -27600,7 +27083,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -27654,7 +27137,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -27708,7 +27191,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -27762,7 +27245,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -27816,7 +27299,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -27830,7 +27313,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -27845,7 +27328,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -27860,7 +27343,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -27870,7 +27353,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -27884,7 +27367,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -27899,7 +27382,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -27914,7 +27397,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -27924,7 +27407,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -27938,7 +27421,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -27953,7 +27436,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -27968,7 +27451,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -27978,7 +27461,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -27992,7 +27475,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28007,7 +27490,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -28022,7 +27505,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -28041,7 +27524,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -28103,7 +27586,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -28113,7 +27596,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -28123,7 +27606,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -28133,7 +27616,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -28143,7 +27626,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -28153,7 +27636,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -28163,7 +27646,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -28173,7 +27656,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -28183,7 +27666,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -28193,7 +27676,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -28203,7 +27686,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -28213,7 +27696,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -28223,7 +27706,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-json/src/secp256k1_montgomery_scalar_32.json b/fiat-json/src/secp256k1_montgomery_scalar_32.json index c0c9078f2f..62b83fb7e8 100644 --- a/fiat-json/src/secp256k1_montgomery_scalar_32.json +++ b/fiat-json/src/secp256k1_montgomery_scalar_32.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u32", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u32", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffff" + "32" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u32", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u32", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "32" + "x1" ] } ] }, - { - "datatype": "u32", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u32", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -76254,35 +76218,10 @@ "arg1[0]" ] }, - { - "datatype": "u8", - "name": [ - "x9" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x8" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x10" + "x9" ], "operation": "static_cast", "arguments": [ @@ -76304,35 +76243,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x11" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x10" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x12" + "x10" ], "operation": "static_cast", "arguments": [ @@ -76346,7 +76260,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x9" ] }, "8" @@ -76357,32 +76271,7 @@ { "datatype": "u8", "name": [ - "x13" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x12" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x14" + "x11" ], "operation": "static_cast", "arguments": [ @@ -76396,7 +76285,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x10" ] }, "8" @@ -76404,35 +76293,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x15" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x16" + "x12" ], "operation": "static_cast", "arguments": [ @@ -76454,35 +76318,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x17" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x16" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x18" + "x13" ], "operation": "static_cast", "arguments": [ @@ -76496,7 +76335,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x12" ] }, "8" @@ -76507,32 +76346,7 @@ { "datatype": "u8", "name": [ - "x19" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x18" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x20" + "x14" ], "operation": "static_cast", "arguments": [ @@ -76546,7 +76360,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x18" + "x13" ] }, "8" @@ -76554,35 +76368,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x21" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x6" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x22" + "x15" ], "operation": "static_cast", "arguments": [ @@ -76604,35 +76393,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x23" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x22" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x24" + "x16" ], "operation": "static_cast", "arguments": [ @@ -76646,7 +76410,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x15" ] }, "8" @@ -76657,32 +76421,7 @@ { "datatype": "u8", "name": [ - "x25" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x24" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x26" + "x17" ], "operation": "static_cast", "arguments": [ @@ -76696,7 +76435,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x16" ] }, "8" @@ -76704,35 +76443,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x27" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x28" + "x18" ], "operation": "static_cast", "arguments": [ @@ -76754,35 +76468,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x29" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x28" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x30" + "x19" ], "operation": "static_cast", "arguments": [ @@ -76796,7 +76485,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x18" ] }, "8" @@ -76807,32 +76496,7 @@ { "datatype": "u8", "name": [ - "x31" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x30" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x32" + "x20" ], "operation": "static_cast", "arguments": [ @@ -76846,7 +76510,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x19" ] }, "8" @@ -76854,35 +76518,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x33" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x4" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x34" + "x21" ], "operation": "static_cast", "arguments": [ @@ -76904,35 +76543,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x35" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x36" + "x22" ], "operation": "static_cast", "arguments": [ @@ -76946,7 +76560,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x34" + "x21" ] }, "8" @@ -76957,32 +76571,7 @@ { "datatype": "u8", "name": [ - "x37" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x38" + "x23" ], "operation": "static_cast", "arguments": [ @@ -76996,7 +76585,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x36" + "x22" ] }, "8" @@ -77004,35 +76593,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x3" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x40" + "x24" ], "operation": "static_cast", "arguments": [ @@ -77054,35 +76618,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x42" + "x25" ], "operation": "static_cast", "arguments": [ @@ -77096,7 +76635,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x40" + "x24" ] }, "8" @@ -77107,32 +76646,7 @@ { "datatype": "u8", "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x44" + "x26" ], "operation": "static_cast", "arguments": [ @@ -77146,7 +76660,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x42" + "x25" ] }, "8" @@ -77154,35 +76668,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x46" + "x27" ], "operation": "static_cast", "arguments": [ @@ -77204,35 +76693,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x46" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x48" + "x28" ], "operation": "static_cast", "arguments": [ @@ -77246,7 +76710,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x46" + "x27" ] }, "8" @@ -77257,32 +76721,7 @@ { "datatype": "u8", "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x50" + "x29" ], "operation": "static_cast", "arguments": [ @@ -77296,7 +76735,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x48" + "x28" ] }, "8" @@ -77304,35 +76743,10 @@ } ] }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, { "datatype": "u32", "name": [ - "x52" + "x30" ], "operation": "static_cast", "arguments": [ @@ -77355,39 +76769,39 @@ ] }, { - "datatype": "u8", + "datatype": "u32", "name": [ - "x53" + "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u32", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u32", "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x30" ] }, - "0xff" + "8" ] } ] }, { - "datatype": "u32", + "datatype": "u8", "name": [ - "x54" + "x32" ], "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u8", "name": [], "operation": ">>", "arguments": [ @@ -77396,7 +76810,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x52" + "x31" ] }, "8" @@ -77407,24 +76821,16 @@ { "datatype": "u8", "name": [ - "x55" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" + "x8" ] } ] @@ -77432,48 +76838,20 @@ { "datatype": "u8", "name": [ - "x56" + "out1[1]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" + "x9" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, { "datatype": "u8", "name": [ @@ -77481,7 +76859,14 @@ ], "operation": "static_cast", "arguments": [ - "x13" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -77491,7 +76876,7 @@ ], "operation": "static_cast", "arguments": [ - "x14" + "x11" ] }, { @@ -77501,7 +76886,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x7" + ] + } ] }, { @@ -77511,7 +76903,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -77521,7 +76920,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -77531,7 +76937,7 @@ ], "operation": "static_cast", "arguments": [ - "x20" + "x14" ] }, { @@ -77541,7 +76947,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x6" + ] + } ] }, { @@ -77551,7 +76964,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -77561,7 +76981,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -77571,7 +76998,7 @@ ], "operation": "static_cast", "arguments": [ - "x26" + "x17" ] }, { @@ -77581,7 +77008,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x5" + ] + } ] }, { @@ -77591,7 +77025,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x18" + ] + } ] }, { @@ -77601,7 +77042,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -77611,7 +77059,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x20" ] }, { @@ -77621,7 +77069,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x4" + ] + } ] }, { @@ -77631,7 +77086,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -77641,7 +77103,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -77651,7 +77120,7 @@ ], "operation": "static_cast", "arguments": [ - "x38" + "x23" ] }, { @@ -77661,7 +77130,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -77671,7 +77147,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -77681,7 +77164,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x25" + ] + } ] }, { @@ -77691,7 +77181,7 @@ ], "operation": "static_cast", "arguments": [ - "x44" + "x26" ] }, { @@ -77701,7 +77191,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -77711,7 +77208,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -77721,7 +77225,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -77731,7 +77242,7 @@ ], "operation": "static_cast", "arguments": [ - "x50" + "x29" ] }, { @@ -77741,7 +77252,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -77751,7 +77269,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -77761,7 +77286,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -77771,7 +77303,7 @@ ], "operation": "static_cast", "arguments": [ - "x56" + "x32" ] } ] @@ -79948,22 +79480,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u32", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -83311,43 +82828,25 @@ ] }, { - "datatype": "u1", + "datatype": "u32", "name": [ "x134" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u32", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x34" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u32", - "name": [ - "x135" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x134" + } ] }, "0x0", @@ -83364,7 +82863,7 @@ { "datatype": "u32", "name": [ - "x136" + "x135" ], "operation": "cmovznz", "arguments": [ @@ -83373,7 +82872,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83390,7 +82896,7 @@ { "datatype": "u32", "name": [ - "x137" + "x136" ], "operation": "cmovznz", "arguments": [ @@ -83399,7 +82905,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83416,7 +82929,7 @@ { "datatype": "u32", "name": [ - "x138" + "x137" ], "operation": "cmovznz", "arguments": [ @@ -83425,7 +82938,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83442,7 +82962,7 @@ { "datatype": "u32", "name": [ - "x139" + "x138" ], "operation": "cmovznz", "arguments": [ @@ -83451,7 +82971,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83468,7 +82995,7 @@ { "datatype": "u32", "name": [ - "x140" + "x139" ], "operation": "cmovznz", "arguments": [ @@ -83477,7 +83004,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83494,7 +83028,7 @@ { "datatype": "u32", "name": [ - "x141" + "x140" ], "operation": "cmovznz", "arguments": [ @@ -83503,7 +83037,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83520,7 +83061,7 @@ { "datatype": "u32", "name": [ - "x142" + "x141" ], "operation": "cmovznz", "arguments": [ @@ -83529,7 +83070,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83546,7 +83094,7 @@ { "datatype": "u32", "name": [ - "x143" + "x142" ], "operation": "cmovznz", "arguments": [ @@ -83555,7 +83103,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83572,8 +83127,8 @@ { "datatype": "(auto)", "name": [ - "x144", - "x145" + "x143", + "x144" ], "operation": "addcarryx", "parameters": { @@ -83594,7 +83149,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x135" + "x134" ] } ] @@ -83602,8 +83157,8 @@ { "datatype": "(auto)", "name": [ - "x146", - "x147" + "x145", + "x146" ], "operation": "addcarryx", "parameters": { @@ -83620,7 +83175,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x145" + "x144" ] } ] @@ -83638,7 +83193,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x136" + "x135" ] } ] @@ -83646,8 +83201,8 @@ { "datatype": "(auto)", "name": [ - "x148", - "x149" + "x147", + "x148" ], "operation": "addcarryx", "parameters": { @@ -83664,7 +83219,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x147" + "x146" ] } ] @@ -83682,7 +83237,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x137" + "x136" ] } ] @@ -83690,8 +83245,8 @@ { "datatype": "(auto)", "name": [ - "x150", - "x151" + "x149", + "x150" ], "operation": "addcarryx", "parameters": { @@ -83708,7 +83263,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x149" + "x148" ] } ] @@ -83726,7 +83281,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x138" + "x137" ] } ] @@ -83734,8 +83289,8 @@ { "datatype": "(auto)", "name": [ - "x152", - "x153" + "x151", + "x152" ], "operation": "addcarryx", "parameters": { @@ -83752,7 +83307,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x151" + "x150" ] } ] @@ -83770,7 +83325,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x139" + "x138" ] } ] @@ -83778,8 +83333,8 @@ { "datatype": "(auto)", "name": [ - "x154", - "x155" + "x153", + "x154" ], "operation": "addcarryx", "parameters": { @@ -83796,7 +83351,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x153" + "x152" ] } ] @@ -83814,7 +83369,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x140" + "x139" ] } ] @@ -83822,8 +83377,8 @@ { "datatype": "(auto)", "name": [ - "x156", - "x157" + "x155", + "x156" ], "operation": "addcarryx", "parameters": { @@ -83840,7 +83395,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x155" + "x154" ] } ] @@ -83858,7 +83413,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x141" + "x140" ] } ] @@ -83866,8 +83421,8 @@ { "datatype": "(auto)", "name": [ - "x158", - "x159" + "x157", + "x158" ], "operation": "addcarryx", "parameters": { @@ -83884,7 +83439,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x157" + "x156" ] } ] @@ -83902,7 +83457,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x142" + "x141" ] } ] @@ -83910,7 +83465,7 @@ { "datatype": "(auto)", "name": [ - "x160", + "x159", "_" ], "operation": "addcarryx", @@ -83928,7 +83483,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x159" + "x158" ] } ] @@ -83946,7 +83501,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x143" + "x142" ] } ] @@ -83954,7 +83509,7 @@ { "datatype": "u32", "name": [ - "x162" + "x161" ], "operation": "cmovznz", "arguments": [ @@ -83963,7 +83518,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -83980,7 +83542,7 @@ { "datatype": "u32", "name": [ - "x163" + "x162" ], "operation": "cmovznz", "arguments": [ @@ -83989,7 +83551,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84006,7 +83575,7 @@ { "datatype": "u32", "name": [ - "x164" + "x163" ], "operation": "cmovznz", "arguments": [ @@ -84015,7 +83584,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84032,7 +83608,7 @@ { "datatype": "u32", "name": [ - "x165" + "x164" ], "operation": "cmovznz", "arguments": [ @@ -84041,7 +83617,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84058,7 +83641,7 @@ { "datatype": "u32", "name": [ - "x166" + "x165" ], "operation": "cmovznz", "arguments": [ @@ -84067,7 +83650,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84084,7 +83674,7 @@ { "datatype": "u32", "name": [ - "x167" + "x166" ], "operation": "cmovznz", "arguments": [ @@ -84093,7 +83683,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84110,7 +83707,7 @@ { "datatype": "u32", "name": [ - "x168" + "x167" ], "operation": "cmovznz", "arguments": [ @@ -84119,7 +83716,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84136,7 +83740,7 @@ { "datatype": "u32", "name": [ - "x169" + "x168" ], "operation": "cmovznz", "arguments": [ @@ -84145,7 +83749,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x134" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x34" + ] + } ] }, "0x0", @@ -84162,8 +83773,8 @@ { "datatype": "(auto)", "name": [ - "x170", - "x171" + "x169", + "x170" ], "operation": "addcarryx", "parameters": { @@ -84184,7 +83795,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x162" + "x161" ] } ] @@ -84192,8 +83803,8 @@ { "datatype": "(auto)", "name": [ - "x172", - "x173" + "x171", + "x172" ], "operation": "addcarryx", "parameters": { @@ -84210,7 +83821,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x171" + "x170" ] } ] @@ -84228,7 +83839,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x163" + "x162" ] } ] @@ -84236,8 +83847,8 @@ { "datatype": "(auto)", "name": [ - "x174", - "x175" + "x173", + "x174" ], "operation": "addcarryx", "parameters": { @@ -84254,7 +83865,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x173" + "x172" ] } ] @@ -84272,7 +83883,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x164" + "x163" ] } ] @@ -84280,8 +83891,8 @@ { "datatype": "(auto)", "name": [ - "x176", - "x177" + "x175", + "x176" ], "operation": "addcarryx", "parameters": { @@ -84298,7 +83909,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x175" + "x174" ] } ] @@ -84316,7 +83927,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x165" + "x164" ] } ] @@ -84324,8 +83935,8 @@ { "datatype": "(auto)", "name": [ - "x178", - "x179" + "x177", + "x178" ], "operation": "addcarryx", "parameters": { @@ -84342,7 +83953,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x177" + "x176" ] } ] @@ -84360,7 +83971,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x166" + "x165" ] } ] @@ -84368,8 +83979,8 @@ { "datatype": "(auto)", "name": [ - "x180", - "x181" + "x179", + "x180" ], "operation": "addcarryx", "parameters": { @@ -84386,7 +83997,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x179" + "x178" ] } ] @@ -84404,7 +84015,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x167" + "x166" ] } ] @@ -84412,8 +84023,8 @@ { "datatype": "(auto)", "name": [ - "x182", - "x183" + "x181", + "x182" ], "operation": "addcarryx", "parameters": { @@ -84430,7 +84041,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x181" + "x180" ] } ] @@ -84448,7 +84059,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x168" + "x167" ] } ] @@ -84456,8 +84067,8 @@ { "datatype": "(auto)", "name": [ - "x184", - "x185" + "x183", + "x184" ], "operation": "addcarryx", "parameters": { @@ -84474,7 +84085,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x183" + "x182" ] } ] @@ -84492,7 +84103,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x169" + "x168" ] } ] @@ -84500,8 +84111,8 @@ { "datatype": "(auto)", "name": [ - "x186", - "x187" + "x185", + "x186" ], "operation": "subborrowx", "parameters": { @@ -84519,7 +84130,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -84530,8 +84141,8 @@ { "datatype": "(auto)", "name": [ - "x188", - "x189" + "x187", + "x188" ], "operation": "subborrowx", "parameters": { @@ -84548,7 +84159,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x187" + "x186" ] } ] @@ -84563,7 +84174,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -84574,8 +84185,8 @@ { "datatype": "(auto)", "name": [ - "x190", - "x191" + "x189", + "x190" ], "operation": "subborrowx", "parameters": { @@ -84592,7 +84203,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x189" + "x188" ] } ] @@ -84607,7 +84218,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -84618,8 +84229,8 @@ { "datatype": "(auto)", "name": [ - "x192", - "x193" + "x191", + "x192" ], "operation": "subborrowx", "parameters": { @@ -84636,7 +84247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x191" + "x190" ] } ] @@ -84651,7 +84262,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -84662,8 +84273,8 @@ { "datatype": "(auto)", "name": [ - "x194", - "x195" + "x193", + "x194" ], "operation": "subborrowx", "parameters": { @@ -84680,7 +84291,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x193" + "x192" ] } ] @@ -84695,7 +84306,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -84706,8 +84317,8 @@ { "datatype": "(auto)", "name": [ - "x196", - "x197" + "x195", + "x196" ], "operation": "subborrowx", "parameters": { @@ -84724,7 +84335,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x195" + "x194" ] } ] @@ -84739,7 +84350,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -84750,8 +84361,8 @@ { "datatype": "(auto)", "name": [ - "x198", - "x199" + "x197", + "x198" ], "operation": "subborrowx", "parameters": { @@ -84768,7 +84379,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x197" + "x196" ] } ] @@ -84783,7 +84394,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -84794,8 +84405,8 @@ { "datatype": "(auto)", "name": [ - "x200", - "x201" + "x199", + "x200" ], "operation": "subborrowx", "parameters": { @@ -84812,7 +84423,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x199" + "x198" ] } ] @@ -84827,7 +84438,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -84839,7 +84450,7 @@ "datatype": "(auto)", "name": [ "_", - "x203" + "x202" ], "operation": "subborrowx", "parameters": { @@ -84856,7 +84467,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x201" + "x200" ] } ] @@ -84871,7 +84482,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x185" + "x184" ] } ] @@ -84882,7 +84493,7 @@ { "datatype": "(auto)", "name": [ - "x204", + "x203", "_" ], "operation": "addcarryx", @@ -84905,7 +84516,7 @@ { "datatype": "u32", "name": [ - "x206" + "x205" ], "operation": "static_cast", "arguments": [ @@ -84934,7 +84545,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x144" + "x143" ] } ] @@ -84969,7 +84580,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -84989,7 +84600,7 @@ { "datatype": "u32", "name": [ - "x207" + "x206" ], "operation": "static_cast", "arguments": [ @@ -85018,7 +84629,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x146" + "x145" ] } ] @@ -85053,7 +84664,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -85073,7 +84684,7 @@ { "datatype": "u32", "name": [ - "x208" + "x207" ], "operation": "static_cast", "arguments": [ @@ -85102,7 +84713,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x148" + "x147" ] } ] @@ -85137,7 +84748,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -85157,7 +84768,7 @@ { "datatype": "u32", "name": [ - "x209" + "x208" ], "operation": "static_cast", "arguments": [ @@ -85186,7 +84797,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x150" + "x149" ] } ] @@ -85221,7 +84832,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -85241,7 +84852,7 @@ { "datatype": "u32", "name": [ - "x210" + "x209" ], "operation": "static_cast", "arguments": [ @@ -85270,7 +84881,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x152" + "x151" ] } ] @@ -85305,7 +84916,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -85325,7 +84936,7 @@ { "datatype": "u32", "name": [ - "x211" + "x210" ], "operation": "static_cast", "arguments": [ @@ -85354,7 +84965,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x154" + "x153" ] } ] @@ -85389,7 +85000,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -85409,7 +85020,7 @@ { "datatype": "u32", "name": [ - "x212" + "x211" ], "operation": "static_cast", "arguments": [ @@ -85438,7 +85049,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x156" + "x155" ] } ] @@ -85473,7 +85084,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -85493,7 +85104,7 @@ { "datatype": "u32", "name": [ - "x213" + "x212" ], "operation": "static_cast", "arguments": [ @@ -85522,7 +85133,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x158" + "x157" ] } ] @@ -85557,7 +85168,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -85577,7 +85188,7 @@ { "datatype": "u32", "name": [ - "x214" + "x213" ], "operation": "static_cast", "arguments": [ @@ -85606,7 +85217,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -85636,7 +85247,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x160" + "x159" ] } ] @@ -85653,7 +85264,7 @@ { "datatype": "u32", "name": [ - "x215" + "x214" ], "operation": "cmovznz", "arguments": [ @@ -85707,7 +85318,7 @@ { "datatype": "u32", "name": [ - "x216" + "x215" ], "operation": "cmovznz", "arguments": [ @@ -85761,7 +85372,7 @@ { "datatype": "u32", "name": [ - "x217" + "x216" ], "operation": "cmovznz", "arguments": [ @@ -85815,7 +85426,7 @@ { "datatype": "u32", "name": [ - "x218" + "x217" ], "operation": "cmovznz", "arguments": [ @@ -85869,7 +85480,7 @@ { "datatype": "u32", "name": [ - "x219" + "x218" ], "operation": "cmovznz", "arguments": [ @@ -85923,7 +85534,7 @@ { "datatype": "u32", "name": [ - "x220" + "x219" ], "operation": "cmovznz", "arguments": [ @@ -85977,7 +85588,7 @@ { "datatype": "u32", "name": [ - "x221" + "x220" ], "operation": "cmovznz", "arguments": [ @@ -86031,7 +85642,7 @@ { "datatype": "u32", "name": [ - "x222" + "x221" ], "operation": "cmovznz", "arguments": [ @@ -86085,7 +85696,7 @@ { "datatype": "u32", "name": [ - "x223" + "x222" ], "operation": "cmovznz", "arguments": [ @@ -86099,7 +85710,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86114,7 +85725,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x186" + "x185" ] } ] @@ -86129,7 +85740,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x170" + "x169" ] } ] @@ -86139,7 +85750,7 @@ { "datatype": "u32", "name": [ - "x224" + "x223" ], "operation": "cmovznz", "arguments": [ @@ -86153,7 +85764,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86168,7 +85779,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x188" + "x187" ] } ] @@ -86183,7 +85794,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x172" + "x171" ] } ] @@ -86193,7 +85804,7 @@ { "datatype": "u32", "name": [ - "x225" + "x224" ], "operation": "cmovznz", "arguments": [ @@ -86207,7 +85818,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86222,7 +85833,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x190" + "x189" ] } ] @@ -86237,7 +85848,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x174" + "x173" ] } ] @@ -86247,7 +85858,7 @@ { "datatype": "u32", "name": [ - "x226" + "x225" ], "operation": "cmovznz", "arguments": [ @@ -86261,7 +85872,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86276,7 +85887,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x192" + "x191" ] } ] @@ -86291,7 +85902,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x176" + "x175" ] } ] @@ -86301,7 +85912,7 @@ { "datatype": "u32", "name": [ - "x227" + "x226" ], "operation": "cmovznz", "arguments": [ @@ -86315,7 +85926,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86330,7 +85941,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x194" + "x193" ] } ] @@ -86345,7 +85956,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x178" + "x177" ] } ] @@ -86355,7 +85966,7 @@ { "datatype": "u32", "name": [ - "x228" + "x227" ], "operation": "cmovznz", "arguments": [ @@ -86369,7 +85980,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86384,7 +85995,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x196" + "x195" ] } ] @@ -86399,7 +86010,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x180" + "x179" ] } ] @@ -86409,7 +86020,7 @@ { "datatype": "u32", "name": [ - "x229" + "x228" ], "operation": "cmovznz", "arguments": [ @@ -86423,7 +86034,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86438,7 +86049,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x198" + "x197" ] } ] @@ -86453,7 +86064,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x182" + "x181" ] } ] @@ -86463,7 +86074,7 @@ { "datatype": "u32", "name": [ - "x230" + "x229" ], "operation": "cmovznz", "arguments": [ @@ -86477,7 +86088,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x203" + "x202" ] } ] @@ -86492,7 +86103,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x200" + "x199" ] } ] @@ -86507,7 +86118,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x184" + "x183" ] } ] @@ -86526,7 +86137,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x204" + "x203" ] } ] @@ -86628,7 +86239,7 @@ ], "operation": "static_cast", "arguments": [ - "x206" + "x205" ] }, { @@ -86638,7 +86249,7 @@ ], "operation": "static_cast", "arguments": [ - "x207" + "x206" ] }, { @@ -86648,7 +86259,7 @@ ], "operation": "static_cast", "arguments": [ - "x208" + "x207" ] }, { @@ -86658,7 +86269,7 @@ ], "operation": "static_cast", "arguments": [ - "x209" + "x208" ] }, { @@ -86668,7 +86279,7 @@ ], "operation": "static_cast", "arguments": [ - "x210" + "x209" ] }, { @@ -86678,7 +86289,7 @@ ], "operation": "static_cast", "arguments": [ - "x211" + "x210" ] }, { @@ -86688,7 +86299,7 @@ ], "operation": "static_cast", "arguments": [ - "x212" + "x211" ] }, { @@ -86698,7 +86309,7 @@ ], "operation": "static_cast", "arguments": [ - "x213" + "x212" ] }, { @@ -86708,7 +86319,7 @@ ], "operation": "static_cast", "arguments": [ - "x214" + "x213" ] }, { @@ -86718,7 +86329,7 @@ ], "operation": "static_cast", "arguments": [ - "x215" + "x214" ] }, { @@ -86728,7 +86339,7 @@ ], "operation": "static_cast", "arguments": [ - "x216" + "x215" ] }, { @@ -86738,7 +86349,7 @@ ], "operation": "static_cast", "arguments": [ - "x217" + "x216" ] }, { @@ -86748,7 +86359,7 @@ ], "operation": "static_cast", "arguments": [ - "x218" + "x217" ] }, { @@ -86758,7 +86369,7 @@ ], "operation": "static_cast", "arguments": [ - "x219" + "x218" ] }, { @@ -86768,7 +86379,7 @@ ], "operation": "static_cast", "arguments": [ - "x220" + "x219" ] }, { @@ -86778,7 +86389,7 @@ ], "operation": "static_cast", "arguments": [ - "x221" + "x220" ] }, { @@ -86788,7 +86399,7 @@ ], "operation": "static_cast", "arguments": [ - "x222" + "x221" ] }, { @@ -86798,7 +86409,7 @@ ], "operation": "static_cast", "arguments": [ - "x223" + "x222" ] }, { @@ -86808,7 +86419,7 @@ ], "operation": "static_cast", "arguments": [ - "x224" + "x223" ] }, { @@ -86818,7 +86429,7 @@ ], "operation": "static_cast", "arguments": [ - "x225" + "x224" ] }, { @@ -86828,7 +86439,7 @@ ], "operation": "static_cast", "arguments": [ - "x226" + "x225" ] }, { @@ -86838,7 +86449,7 @@ ], "operation": "static_cast", "arguments": [ - "x227" + "x226" ] }, { @@ -86848,7 +86459,7 @@ ], "operation": "static_cast", "arguments": [ - "x228" + "x227" ] }, { @@ -86858,7 +86469,7 @@ ], "operation": "static_cast", "arguments": [ - "x229" + "x228" ] }, { @@ -86868,7 +86479,7 @@ ], "operation": "static_cast", "arguments": [ - "x230" + "x229" ] } ] diff --git a/fiat-json/src/secp256k1_montgomery_scalar_64.json b/fiat-json/src/secp256k1_montgomery_scalar_64.json index daadd8b966..bd1567c731 100644 --- a/fiat-json/src/secp256k1_montgomery_scalar_64.json +++ b/fiat-json/src/secp256k1_montgomery_scalar_64.json @@ -90,35 +90,10 @@ } ] }, - { - "datatype": "u64", - "name": [ - "x2" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xffffffffffffffff" - ] - } - ] - }, { "datatype": "u1", "name": [ - "x3" + "x2" ], "operation": "static_cast", "arguments": [ @@ -147,7 +122,14 @@ ], "operation": "static_cast", "arguments": [ - "x2" + { + "datatype": "u64", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -157,7 +139,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -413,7 +395,7 @@ { "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u128", @@ -423,7 +405,7 @@ "x1" ] }, - "0xffffffffffffffff" + "64" ] } ] @@ -431,38 +413,20 @@ { "datatype": "u64", "name": [ - "x3" + "out1" ], "operation": "static_cast", "arguments": [ { "datatype": "u64", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u128", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "64" + "x1" ] } ] }, - { - "datatype": "u64", - "name": [ - "out1" - ], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, { "datatype": "u64", "name": [ @@ -470,7 +434,7 @@ ], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] } ] @@ -21775,16 +21739,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x5" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21794,7 +21758,7 @@ "x4" ] }, - "0xff" + "8" ] } ] @@ -21816,7 +21780,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x4" + "x5" ] }, "8" @@ -21825,16 +21789,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x7" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21844,7 +21808,7 @@ "x6" ] }, - "0xff" + "8" ] } ] @@ -21866,7 +21830,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x6" + "x7" ] }, "8" @@ -21875,16 +21839,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x9" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21894,7 +21858,7 @@ "x8" ] }, - "0xff" + "8" ] } ] @@ -21916,7 +21880,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x8" + "x9" ] }, "8" @@ -21934,7 +21898,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21944,7 +21908,7 @@ "x10" ] }, - "0xff" + "8" ] } ] @@ -21966,7 +21930,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x10" + "x3" ] }, "8" @@ -21975,16 +21939,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x13" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -21994,7 +21958,7 @@ "x12" ] }, - "0xff" + "8" ] } ] @@ -22016,7 +21980,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x12" + "x13" ] }, "8" @@ -22025,16 +21989,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x15" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22044,7 +22008,7 @@ "x14" ] }, - "0xff" + "8" ] } ] @@ -22066,7 +22030,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x14" + "x15" ] }, "8" @@ -22075,16 +22039,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x17" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22094,7 +22058,7 @@ "x16" ] }, - "0xff" + "8" ] } ] @@ -22116,7 +22080,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x16" + "x17" ] }, "8" @@ -22125,26 +22089,26 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x19" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x2" ] }, - "0xff" + "8" ] } ] @@ -22166,7 +22130,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x3" + "x19" ] }, "8" @@ -22175,16 +22139,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x21" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22194,7 +22158,7 @@ "x20" ] }, - "0xff" + "8" ] } ] @@ -22216,7 +22180,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x20" + "x21" ] }, "8" @@ -22225,16 +22189,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x23" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22244,7 +22208,7 @@ "x22" ] }, - "0xff" + "8" ] } ] @@ -22266,7 +22230,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x22" + "x23" ] }, "8" @@ -22284,7 +22248,7 @@ { "datatype": "u8", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22294,7 +22258,7 @@ "x24" ] }, - "0xff" + "8" ] } ] @@ -22316,7 +22280,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x24" + "x1" ] }, "8" @@ -22325,16 +22289,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x27" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22344,7 +22308,7 @@ "x26" ] }, - "0xff" + "8" ] } ] @@ -22366,7 +22330,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x26" + "x27" ] }, "8" @@ -22375,16 +22339,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x29" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22394,7 +22358,7 @@ "x28" ] }, - "0xff" + "8" ] } ] @@ -22416,7 +22380,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x28" + "x29" ] }, "8" @@ -22425,16 +22389,16 @@ ] }, { - "datatype": "u8", + "datatype": "u64", "name": [ "x31" ], "operation": "static_cast", "arguments": [ { - "datatype": "u8", + "datatype": "u64", "name": [], - "operation": "&", + "operation": ">>", "arguments": [ { "datatype": "u64", @@ -22444,7 +22408,7 @@ "x30" ] }, - "0xff" + "8" ] } ] @@ -22466,7 +22430,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x30" + "x31" ] }, "8" @@ -22477,49 +22441,33 @@ { "datatype": "u8", "name": [ - "x33" + "out1[0]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "0xff" + "x4" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x34" + "out1[1]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x2" - ] - }, - "8" + "x5" ] } ] @@ -22527,49 +22475,33 @@ { "datatype": "u8", "name": [ - "x35" + "out1[2]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "0xff" + "x6" ] } ] }, { - "datatype": "u64", + "datatype": "u8", "name": [ - "x36" + "out1[3]" ], "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u8", "name": [], - "operation": ">>", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x34" - ] - }, - "8" + "x7" ] } ] @@ -22577,653 +22509,20 @@ { "datatype": "u8", "name": [ - "x37" + "out1[4]" ], "operation": "static_cast", "arguments": [ { "datatype": "u8", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x38" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x36" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x39" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x40" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x38" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x41" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x42" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x40" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x43" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x44" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x42" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x45" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x46" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x44" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x47" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x48" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x1" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x49" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x50" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x48" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x51" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x52" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x50" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x53" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x54" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x52" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x55" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x56" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x54" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x57" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x58" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x56" - ] - }, - "8" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x59" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "0xff" - ] - } - ] - }, - { - "datatype": "u8", - "name": [ - "x60" - ], - "operation": "static_cast", - "arguments": [ - { - "datatype": "u8", - "name": [], - "operation": ">>", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "x58" - ] - }, - "8" + "x8" ] } ] }, - { - "datatype": "u8", - "name": [ - "out1[0]" - ], - "operation": "static_cast", - "arguments": [ - "x5" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[1]" - ], - "operation": "static_cast", - "arguments": [ - "x7" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[2]" - ], - "operation": "static_cast", - "arguments": [ - "x9" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[3]" - ], - "operation": "static_cast", - "arguments": [ - "x11" - ] - }, - { - "datatype": "u8", - "name": [ - "out1[4]" - ], - "operation": "static_cast", - "arguments": [ - "x13" - ] - }, { "datatype": "u8", "name": [ @@ -23231,7 +22530,14 @@ ], "operation": "static_cast", "arguments": [ - "x15" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x9" + ] + } ] }, { @@ -23241,7 +22547,14 @@ ], "operation": "static_cast", "arguments": [ - "x17" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x10" + ] + } ] }, { @@ -23251,7 +22564,7 @@ ], "operation": "static_cast", "arguments": [ - "x18" + "x11" ] }, { @@ -23261,7 +22574,14 @@ ], "operation": "static_cast", "arguments": [ - "x19" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x3" + ] + } ] }, { @@ -23271,7 +22591,14 @@ ], "operation": "static_cast", "arguments": [ - "x21" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x12" + ] + } ] }, { @@ -23281,7 +22608,14 @@ ], "operation": "static_cast", "arguments": [ - "x23" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x13" + ] + } ] }, { @@ -23291,7 +22625,14 @@ ], "operation": "static_cast", "arguments": [ - "x25" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x14" + ] + } ] }, { @@ -23301,7 +22642,14 @@ ], "operation": "static_cast", "arguments": [ - "x27" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x15" + ] + } ] }, { @@ -23311,7 +22659,14 @@ ], "operation": "static_cast", "arguments": [ - "x29" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x16" + ] + } ] }, { @@ -23321,7 +22676,14 @@ ], "operation": "static_cast", "arguments": [ - "x31" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x17" + ] + } ] }, { @@ -23331,7 +22693,7 @@ ], "operation": "static_cast", "arguments": [ - "x32" + "x18" ] }, { @@ -23341,7 +22703,14 @@ ], "operation": "static_cast", "arguments": [ - "x33" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x2" + ] + } ] }, { @@ -23351,7 +22720,14 @@ ], "operation": "static_cast", "arguments": [ - "x35" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x19" + ] + } ] }, { @@ -23361,7 +22737,14 @@ ], "operation": "static_cast", "arguments": [ - "x37" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x20" + ] + } ] }, { @@ -23371,7 +22754,14 @@ ], "operation": "static_cast", "arguments": [ - "x39" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x21" + ] + } ] }, { @@ -23381,7 +22771,14 @@ ], "operation": "static_cast", "arguments": [ - "x41" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, { @@ -23391,7 +22788,14 @@ ], "operation": "static_cast", "arguments": [ - "x43" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x23" + ] + } ] }, { @@ -23401,7 +22805,14 @@ ], "operation": "static_cast", "arguments": [ - "x45" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x24" + ] + } ] }, { @@ -23411,7 +22822,7 @@ ], "operation": "static_cast", "arguments": [ - "x46" + "x25" ] }, { @@ -23421,7 +22832,14 @@ ], "operation": "static_cast", "arguments": [ - "x47" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x1" + ] + } ] }, { @@ -23431,7 +22849,14 @@ ], "operation": "static_cast", "arguments": [ - "x49" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x26" + ] + } ] }, { @@ -23441,7 +22866,14 @@ ], "operation": "static_cast", "arguments": [ - "x51" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x27" + ] + } ] }, { @@ -23451,7 +22883,14 @@ ], "operation": "static_cast", "arguments": [ - "x53" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x28" + ] + } ] }, { @@ -23461,7 +22900,14 @@ ], "operation": "static_cast", "arguments": [ - "x55" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x29" + ] + } ] }, { @@ -23471,7 +22917,14 @@ ], "operation": "static_cast", "arguments": [ - "x57" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x30" + ] + } ] }, { @@ -23481,7 +22934,14 @@ ], "operation": "static_cast", "arguments": [ - "x59" + { + "datatype": "u8", + "name": [], + "operation": "static_cast", + "arguments": [ + "x31" + ] + } ] }, { @@ -23491,7 +22951,7 @@ ], "operation": "static_cast", "arguments": [ - "x60" + "x32" ] } ] @@ -25648,22 +25108,7 @@ "name": [], "operation": "static_cast", "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "&", - "arguments": [ - { - "datatype": "u64", - "name": [], - "operation": "static_cast", - "arguments": [ - "arg3[0]" - ] - }, - "0x1" - ] - } + "arg3[0]" ] } ] @@ -27449,43 +26894,25 @@ ] }, { - "datatype": "u1", + "datatype": "u64", "name": [ "x74" ], - "operation": "static_cast", + "operation": "cmovznz", "arguments": [ { "datatype": "u1", "name": [], - "operation": "&", + "operation": "static_cast", "arguments": [ { - "datatype": "u64", + "datatype": "u1", "name": [], "operation": "static_cast", "arguments": [ "x22" ] - }, - "0x1" - ] - } - ] - }, - { - "datatype": "u64", - "name": [ - "x75" - ], - "operation": "cmovznz", - "arguments": [ - { - "datatype": "u1", - "name": [], - "operation": "static_cast", - "arguments": [ - "x74" + } ] }, "0x0", @@ -27502,7 +26929,7 @@ { "datatype": "u64", "name": [ - "x76" + "x75" ], "operation": "cmovznz", "arguments": [ @@ -27511,7 +26938,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27528,7 +26962,7 @@ { "datatype": "u64", "name": [ - "x77" + "x76" ], "operation": "cmovznz", "arguments": [ @@ -27537,7 +26971,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27554,7 +26995,7 @@ { "datatype": "u64", "name": [ - "x78" + "x77" ], "operation": "cmovznz", "arguments": [ @@ -27563,7 +27004,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27580,7 +27028,7 @@ { "datatype": "u64", "name": [ - "x79" + "x78" ], "operation": "cmovznz", "arguments": [ @@ -27589,7 +27037,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27606,8 +27061,8 @@ { "datatype": "(auto)", "name": [ - "x80", - "x81" + "x79", + "x80" ], "operation": "addcarryx", "parameters": { @@ -27628,7 +27083,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x75" + "x74" ] } ] @@ -27636,8 +27091,8 @@ { "datatype": "(auto)", "name": [ - "x82", - "x83" + "x81", + "x82" ], "operation": "addcarryx", "parameters": { @@ -27654,7 +27109,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x81" + "x80" ] } ] @@ -27672,7 +27127,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x76" + "x75" ] } ] @@ -27680,8 +27135,8 @@ { "datatype": "(auto)", "name": [ - "x84", - "x85" + "x83", + "x84" ], "operation": "addcarryx", "parameters": { @@ -27698,7 +27153,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x83" + "x82" ] } ] @@ -27716,7 +27171,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x77" + "x76" ] } ] @@ -27724,8 +27179,8 @@ { "datatype": "(auto)", "name": [ - "x86", - "x87" + "x85", + "x86" ], "operation": "addcarryx", "parameters": { @@ -27742,7 +27197,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x85" + "x84" ] } ] @@ -27760,7 +27215,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x78" + "x77" ] } ] @@ -27768,7 +27223,7 @@ { "datatype": "(auto)", "name": [ - "x88", + "x87", "_" ], "operation": "addcarryx", @@ -27786,7 +27241,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x87" + "x86" ] } ] @@ -27804,7 +27259,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x79" + "x78" ] } ] @@ -27812,7 +27267,7 @@ { "datatype": "u64", "name": [ - "x90" + "x89" ], "operation": "cmovznz", "arguments": [ @@ -27821,7 +27276,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27838,7 +27300,7 @@ { "datatype": "u64", "name": [ - "x91" + "x90" ], "operation": "cmovznz", "arguments": [ @@ -27847,7 +27309,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27864,7 +27333,7 @@ { "datatype": "u64", "name": [ - "x92" + "x91" ], "operation": "cmovznz", "arguments": [ @@ -27873,7 +27342,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27890,7 +27366,7 @@ { "datatype": "u64", "name": [ - "x93" + "x92" ], "operation": "cmovznz", "arguments": [ @@ -27899,7 +27375,14 @@ "name": [], "operation": "static_cast", "arguments": [ - "x74" + { + "datatype": "u1", + "name": [], + "operation": "static_cast", + "arguments": [ + "x22" + ] + } ] }, "0x0", @@ -27916,8 +27399,8 @@ { "datatype": "(auto)", "name": [ - "x94", - "x95" + "x93", + "x94" ], "operation": "addcarryx", "parameters": { @@ -27938,7 +27421,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x90" + "x89" ] } ] @@ -27946,8 +27429,8 @@ { "datatype": "(auto)", "name": [ - "x96", - "x97" + "x95", + "x96" ], "operation": "addcarryx", "parameters": { @@ -27964,7 +27447,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x95" + "x94" ] } ] @@ -27982,7 +27465,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x91" + "x90" ] } ] @@ -27990,8 +27473,8 @@ { "datatype": "(auto)", "name": [ - "x98", - "x99" + "x97", + "x98" ], "operation": "addcarryx", "parameters": { @@ -28008,7 +27491,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x97" + "x96" ] } ] @@ -28026,7 +27509,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x92" + "x91" ] } ] @@ -28034,8 +27517,8 @@ { "datatype": "(auto)", "name": [ - "x100", - "x101" + "x99", + "x100" ], "operation": "addcarryx", "parameters": { @@ -28052,7 +27535,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x99" + "x98" ] } ] @@ -28070,7 +27553,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x93" + "x92" ] } ] @@ -28078,8 +27561,8 @@ { "datatype": "(auto)", "name": [ - "x102", - "x103" + "x101", + "x102" ], "operation": "subborrowx", "parameters": { @@ -28097,7 +27580,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -28108,8 +27591,8 @@ { "datatype": "(auto)", "name": [ - "x104", - "x105" + "x103", + "x104" ], "operation": "subborrowx", "parameters": { @@ -28126,7 +27609,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x103" + "x102" ] } ] @@ -28141,7 +27624,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -28152,8 +27635,8 @@ { "datatype": "(auto)", "name": [ - "x106", - "x107" + "x105", + "x106" ], "operation": "subborrowx", "parameters": { @@ -28170,7 +27653,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x105" + "x104" ] } ] @@ -28185,7 +27668,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -28196,8 +27679,8 @@ { "datatype": "(auto)", "name": [ - "x108", - "x109" + "x107", + "x108" ], "operation": "subborrowx", "parameters": { @@ -28214,7 +27697,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x107" + "x106" ] } ] @@ -28229,7 +27712,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -28241,7 +27724,7 @@ "datatype": "(auto)", "name": [ "_", - "x111" + "x110" ], "operation": "subborrowx", "parameters": { @@ -28258,7 +27741,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x109" + "x108" ] } ] @@ -28273,7 +27756,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x101" + "x100" ] } ] @@ -28284,7 +27767,7 @@ { "datatype": "(auto)", "name": [ - "x112", + "x111", "_" ], "operation": "addcarryx", @@ -28307,7 +27790,7 @@ { "datatype": "u64", "name": [ - "x114" + "x113" ], "operation": "static_cast", "arguments": [ @@ -28336,7 +27819,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x80" + "x79" ] } ] @@ -28371,7 +27854,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -28391,7 +27874,7 @@ { "datatype": "u64", "name": [ - "x115" + "x114" ], "operation": "static_cast", "arguments": [ @@ -28420,7 +27903,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x82" + "x81" ] } ] @@ -28455,7 +27938,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -28475,7 +27958,7 @@ { "datatype": "u64", "name": [ - "x116" + "x115" ], "operation": "static_cast", "arguments": [ @@ -28504,7 +27987,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x84" + "x83" ] } ] @@ -28539,7 +28022,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -28559,7 +28042,7 @@ { "datatype": "u64", "name": [ - "x117" + "x116" ], "operation": "static_cast", "arguments": [ @@ -28588,7 +28071,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x86" + "x85" ] } ] @@ -28623,7 +28106,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28643,7 +28126,7 @@ { "datatype": "u64", "name": [ - "x118" + "x117" ], "operation": "static_cast", "arguments": [ @@ -28672,7 +28155,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28702,7 +28185,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x88" + "x87" ] } ] @@ -28719,7 +28202,7 @@ { "datatype": "u64", "name": [ - "x119" + "x118" ], "operation": "cmovznz", "arguments": [ @@ -28773,7 +28256,7 @@ { "datatype": "u64", "name": [ - "x120" + "x119" ], "operation": "cmovznz", "arguments": [ @@ -28827,7 +28310,7 @@ { "datatype": "u64", "name": [ - "x121" + "x120" ], "operation": "cmovznz", "arguments": [ @@ -28881,7 +28364,7 @@ { "datatype": "u64", "name": [ - "x122" + "x121" ], "operation": "cmovznz", "arguments": [ @@ -28935,7 +28418,7 @@ { "datatype": "u64", "name": [ - "x123" + "x122" ], "operation": "cmovznz", "arguments": [ @@ -28949,7 +28432,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -28964,7 +28447,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x102" + "x101" ] } ] @@ -28979,7 +28462,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x94" + "x93" ] } ] @@ -28989,7 +28472,7 @@ { "datatype": "u64", "name": [ - "x124" + "x123" ], "operation": "cmovznz", "arguments": [ @@ -29003,7 +28486,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -29018,7 +28501,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x104" + "x103" ] } ] @@ -29033,7 +28516,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x96" + "x95" ] } ] @@ -29043,7 +28526,7 @@ { "datatype": "u64", "name": [ - "x125" + "x124" ], "operation": "cmovznz", "arguments": [ @@ -29057,7 +28540,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -29072,7 +28555,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x106" + "x105" ] } ] @@ -29087,7 +28570,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x98" + "x97" ] } ] @@ -29097,7 +28580,7 @@ { "datatype": "u64", "name": [ - "x126" + "x125" ], "operation": "cmovznz", "arguments": [ @@ -29111,7 +28594,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x111" + "x110" ] } ] @@ -29126,7 +28609,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x108" + "x107" ] } ] @@ -29141,7 +28624,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x100" + "x99" ] } ] @@ -29160,7 +28643,7 @@ "name": [], "operation": "static_cast", "arguments": [ - "x112" + "x111" ] } ] @@ -29222,7 +28705,7 @@ ], "operation": "static_cast", "arguments": [ - "x114" + "x113" ] }, { @@ -29232,7 +28715,7 @@ ], "operation": "static_cast", "arguments": [ - "x115" + "x114" ] }, { @@ -29242,7 +28725,7 @@ ], "operation": "static_cast", "arguments": [ - "x116" + "x115" ] }, { @@ -29252,7 +28735,7 @@ ], "operation": "static_cast", "arguments": [ - "x117" + "x116" ] }, { @@ -29262,7 +28745,7 @@ ], "operation": "static_cast", "arguments": [ - "x118" + "x117" ] }, { @@ -29272,7 +28755,7 @@ ], "operation": "static_cast", "arguments": [ - "x119" + "x118" ] }, { @@ -29282,7 +28765,7 @@ ], "operation": "static_cast", "arguments": [ - "x120" + "x119" ] }, { @@ -29292,7 +28775,7 @@ ], "operation": "static_cast", "arguments": [ - "x121" + "x120" ] }, { @@ -29302,7 +28785,7 @@ ], "operation": "static_cast", "arguments": [ - "x122" + "x121" ] }, { @@ -29312,7 +28795,7 @@ ], "operation": "static_cast", "arguments": [ - "x123" + "x122" ] }, { @@ -29322,7 +28805,7 @@ ], "operation": "static_cast", "arguments": [ - "x124" + "x123" ] }, { @@ -29332,7 +28815,7 @@ ], "operation": "static_cast", "arguments": [ - "x125" + "x124" ] }, { @@ -29342,7 +28825,7 @@ ], "operation": "static_cast", "arguments": [ - "x126" + "x125" ] } ] diff --git a/fiat-rust/src/curve25519_32.rs b/fiat-rust/src/curve25519_32.rs index 0a48a8a976..aedde3e724 100644 --- a/fiat-rust/src/curve25519_32.rs +++ b/fiat-rust/src/curve25519_32.rs @@ -693,106 +693,76 @@ pub fn fiat_25519_to_bytes(out1: &mut [u8; 32], arg1: &fiat_25519_tight_field_el let x47: u32 = (x28 << 5); let x48: u32 = (x26 << 3); let x49: u32 = (x24 << 2); - let x50: u8 = ((x22 & (0xff as u32)) as u8); - let x51: u32 = (x22 >> 8); - let x52: u8 = ((x51 & (0xff as u32)) as u8); - let x53: u32 = (x51 >> 8); - let x54: u8 = ((x53 & (0xff as u32)) as u8); - let x55: u8 = ((x53 >> 8) as u8); - let x56: u32 = (x49 + (x55 as u32)); - let x57: u8 = ((x56 & (0xff as u32)) as u8); - let x58: u32 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u32)) as u8); - let x60: u32 = (x58 >> 8); - let x61: u8 = ((x60 & (0xff as u32)) as u8); - let x62: u8 = ((x60 >> 8) as u8); - let x63: u32 = (x48 + (x62 as u32)); - let x64: u8 = ((x63 & (0xff as u32)) as u8); - let x65: u32 = (x63 >> 8); - let x66: u8 = ((x65 & (0xff as u32)) as u8); - let x67: u32 = (x65 >> 8); - let x68: u8 = ((x67 & (0xff as u32)) as u8); - let x69: u8 = ((x67 >> 8) as u8); - let x70: u32 = (x47 + (x69 as u32)); - let x71: u8 = ((x70 & (0xff as u32)) as u8); - let x72: u32 = (x70 >> 8); - let x73: u8 = ((x72 & (0xff as u32)) as u8); - let x74: u32 = (x72 >> 8); - let x75: u8 = ((x74 & (0xff as u32)) as u8); - let x76: u8 = ((x74 >> 8) as u8); - let x77: u32 = (x46 + (x76 as u32)); - let x78: u8 = ((x77 & (0xff as u32)) as u8); - let x79: u32 = (x77 >> 8); - let x80: u8 = ((x79 & (0xff as u32)) as u8); - let x81: u32 = (x79 >> 8); - let x82: u8 = ((x81 & (0xff as u32)) as u8); - let x83: u8 = ((x81 >> 8) as u8); - let x84: u8 = ((x32 & (0xff as u32)) as u8); - let x85: u32 = (x32 >> 8); - let x86: u8 = ((x85 & (0xff as u32)) as u8); - let x87: u32 = (x85 >> 8); - let x88: u8 = ((x87 & (0xff as u32)) as u8); - let x89: fiat_25519_u1 = ((x87 >> 8) as fiat_25519_u1); - let x90: u32 = (x45 + (x89 as u32)); - let x91: u8 = ((x90 & (0xff as u32)) as u8); - let x92: u32 = (x90 >> 8); - let x93: u8 = ((x92 & (0xff as u32)) as u8); - let x94: u32 = (x92 >> 8); - let x95: u8 = ((x94 & (0xff as u32)) as u8); - let x96: u8 = ((x94 >> 8) as u8); - let x97: u32 = (x44 + (x96 as u32)); - let x98: u8 = ((x97 & (0xff as u32)) as u8); - let x99: u32 = (x97 >> 8); - let x100: u8 = ((x99 & (0xff as u32)) as u8); - let x101: u32 = (x99 >> 8); - let x102: u8 = ((x101 & (0xff as u32)) as u8); - let x103: u8 = ((x101 >> 8) as u8); - let x104: u32 = (x43 + (x103 as u32)); - let x105: u8 = ((x104 & (0xff as u32)) as u8); - let x106: u32 = (x104 >> 8); - let x107: u8 = ((x106 & (0xff as u32)) as u8); - let x108: u32 = (x106 >> 8); - let x109: u8 = ((x108 & (0xff as u32)) as u8); - let x110: u8 = ((x108 >> 8) as u8); - let x111: u32 = (x42 + (x110 as u32)); - let x112: u8 = ((x111 & (0xff as u32)) as u8); - let x113: u32 = (x111 >> 8); - let x114: u8 = ((x113 & (0xff as u32)) as u8); - let x115: u32 = (x113 >> 8); - let x116: u8 = ((x115 & (0xff as u32)) as u8); - let x117: u8 = ((x115 >> 8) as u8); - out1[0] = x50; - out1[1] = x52; - out1[2] = x54; - out1[3] = x57; - out1[4] = x59; - out1[5] = x61; - out1[6] = x64; - out1[7] = x66; - out1[8] = x68; - out1[9] = x71; - out1[10] = x73; - out1[11] = x75; - out1[12] = x78; - out1[13] = x80; - out1[14] = x82; - out1[15] = x83; - out1[16] = x84; - out1[17] = x86; - out1[18] = x88; - out1[19] = x91; - out1[20] = x93; - out1[21] = x95; - out1[22] = x98; - out1[23] = x100; - out1[24] = x102; - out1[25] = x105; - out1[26] = x107; - out1[27] = x109; - out1[28] = x112; - out1[29] = x114; - out1[30] = x116; - out1[31] = x117; + let x50: u32 = (x22 >> 8); + let x51: u32 = (x50 >> 8); + let x52: u8 = ((x51 >> 8) as u8); + let x53: u32 = (x49 + (x52 as u32)); + let x54: u32 = (x53 >> 8); + let x55: u32 = (x54 >> 8); + let x56: u8 = ((x55 >> 8) as u8); + let x57: u32 = (x48 + (x56 as u32)); + let x58: u32 = (x57 >> 8); + let x59: u32 = (x58 >> 8); + let x60: u8 = ((x59 >> 8) as u8); + let x61: u32 = (x47 + (x60 as u32)); + let x62: u32 = (x61 >> 8); + let x63: u32 = (x62 >> 8); + let x64: u8 = ((x63 >> 8) as u8); + let x65: u32 = (x46 + (x64 as u32)); + let x66: u32 = (x65 >> 8); + let x67: u32 = (x66 >> 8); + let x68: u8 = ((x67 >> 8) as u8); + let x69: u32 = (x32 >> 8); + let x70: u32 = (x69 >> 8); + let x71: fiat_25519_u1 = ((x70 >> 8) as fiat_25519_u1); + let x72: u32 = (x45 + (x71 as u32)); + let x73: u32 = (x72 >> 8); + let x74: u32 = (x73 >> 8); + let x75: u8 = ((x74 >> 8) as u8); + let x76: u32 = (x44 + (x75 as u32)); + let x77: u32 = (x76 >> 8); + let x78: u32 = (x77 >> 8); + let x79: u8 = ((x78 >> 8) as u8); + let x80: u32 = (x43 + (x79 as u32)); + let x81: u32 = (x80 >> 8); + let x82: u32 = (x81 >> 8); + let x83: u8 = ((x82 >> 8) as u8); + let x84: u32 = (x42 + (x83 as u32)); + let x85: u32 = (x84 >> 8); + let x86: u32 = (x85 >> 8); + let x87: u8 = ((x86 >> 8) as u8); + out1[0] = (x22 as u8); + out1[1] = (x50 as u8); + out1[2] = (x51 as u8); + out1[3] = (x53 as u8); + out1[4] = (x54 as u8); + out1[5] = (x55 as u8); + out1[6] = (x57 as u8); + out1[7] = (x58 as u8); + out1[8] = (x59 as u8); + out1[9] = (x61 as u8); + out1[10] = (x62 as u8); + out1[11] = (x63 as u8); + out1[12] = (x65 as u8); + out1[13] = (x66 as u8); + out1[14] = (x67 as u8); + out1[15] = x68; + out1[16] = (x32 as u8); + out1[17] = (x69 as u8); + out1[18] = (x70 as u8); + out1[19] = (x72 as u8); + out1[20] = (x73 as u8); + out1[21] = (x74 as u8); + out1[22] = (x76 as u8); + out1[23] = (x77 as u8); + out1[24] = (x78 as u8); + out1[25] = (x80 as u8); + out1[26] = (x81 as u8); + out1[27] = (x82 as u8); + out1[28] = (x84 as u8); + out1[29] = (x85 as u8); + out1[30] = (x86 as u8); + out1[31] = x87; } /// The function fiat_25519_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/curve25519_64.rs b/fiat-rust/src/curve25519_64.rs index 13a36c4f41..e64d195d77 100644 --- a/fiat-rust/src/curve25519_64.rs +++ b/fiat-rust/src/curve25519_64.rs @@ -380,104 +380,73 @@ pub fn fiat_25519_to_bytes(out1: &mut [u8; 32], arg1: &fiat_25519_tight_field_el let x23: u64 = (x18 * (0x2 as u64)); let x24: u64 = (x16 << 6); let x25: u64 = (x14 << 3); - let x26: u8 = ((x12 & (0xff as u64)) as u8); - let x27: u64 = (x12 >> 8); - let x28: u8 = ((x27 & (0xff as u64)) as u8); - let x29: u64 = (x27 >> 8); - let x30: u8 = ((x29 & (0xff as u64)) as u8); - let x31: u64 = (x29 >> 8); - let x32: u8 = ((x31 & (0xff as u64)) as u8); - let x33: u64 = (x31 >> 8); - let x34: u8 = ((x33 & (0xff as u64)) as u8); - let x35: u64 = (x33 >> 8); - let x36: u8 = ((x35 & (0xff as u64)) as u8); - let x37: u8 = ((x35 >> 8) as u8); - let x38: u64 = (x25 + (x37 as u64)); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u64 = (x44 >> 8); - let x47: u8 = ((x46 & (0xff as u64)) as u8); - let x48: u64 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u64 = (x24 + (x50 as u64)); - let x52: u8 = ((x51 & (0xff as u64)) as u8); - let x53: u64 = (x51 >> 8); - let x54: u8 = ((x53 & (0xff as u64)) as u8); - let x55: u64 = (x53 >> 8); - let x56: u8 = ((x55 & (0xff as u64)) as u8); - let x57: u64 = (x55 >> 8); - let x58: u8 = ((x57 & (0xff as u64)) as u8); - let x59: u64 = (x57 >> 8); - let x60: u8 = ((x59 & (0xff as u64)) as u8); - let x61: u64 = (x59 >> 8); - let x62: u8 = ((x61 & (0xff as u64)) as u8); - let x63: u64 = (x61 >> 8); - let x64: u8 = ((x63 & (0xff as u64)) as u8); - let x65: fiat_25519_u1 = ((x63 >> 8) as fiat_25519_u1); - let x66: u64 = (x23 + (x65 as u64)); - let x67: u8 = ((x66 & (0xff as u64)) as u8); - let x68: u64 = (x66 >> 8); - let x69: u8 = ((x68 & (0xff as u64)) as u8); - let x70: u64 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u64)) as u8); - let x72: u64 = (x70 >> 8); - let x73: u8 = ((x72 & (0xff as u64)) as u8); - let x74: u64 = (x72 >> 8); - let x75: u8 = ((x74 & (0xff as u64)) as u8); - let x76: u64 = (x74 >> 8); - let x77: u8 = ((x76 & (0xff as u64)) as u8); - let x78: u8 = ((x76 >> 8) as u8); - let x79: u64 = (x22 + (x78 as u64)); - let x80: u8 = ((x79 & (0xff as u64)) as u8); - let x81: u64 = (x79 >> 8); - let x82: u8 = ((x81 & (0xff as u64)) as u8); - let x83: u64 = (x81 >> 8); - let x84: u8 = ((x83 & (0xff as u64)) as u8); - let x85: u64 = (x83 >> 8); - let x86: u8 = ((x85 & (0xff as u64)) as u8); - let x87: u64 = (x85 >> 8); - let x88: u8 = ((x87 & (0xff as u64)) as u8); - let x89: u64 = (x87 >> 8); - let x90: u8 = ((x89 & (0xff as u64)) as u8); - let x91: u8 = ((x89 >> 8) as u8); - out1[0] = x26; - out1[1] = x28; - out1[2] = x30; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x45; - out1[10] = x47; - out1[11] = x49; - out1[12] = x52; - out1[13] = x54; - out1[14] = x56; - out1[15] = x58; - out1[16] = x60; - out1[17] = x62; - out1[18] = x64; - out1[19] = x67; - out1[20] = x69; - out1[21] = x71; - out1[22] = x73; - out1[23] = x75; - out1[24] = x77; - out1[25] = x80; - out1[26] = x82; - out1[27] = x84; - out1[28] = x86; - out1[29] = x88; - out1[30] = x90; - out1[31] = x91; + let x26: u64 = (x12 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u8 = ((x30 >> 8) as u8); + let x32: u64 = (x25 + (x31 as u64)); + let x33: u64 = (x32 >> 8); + let x34: u64 = (x33 >> 8); + let x35: u64 = (x34 >> 8); + let x36: u64 = (x35 >> 8); + let x37: u64 = (x36 >> 8); + let x38: u8 = ((x37 >> 8) as u8); + let x39: u64 = (x24 + (x38 as u64)); + let x40: u64 = (x39 >> 8); + let x41: u64 = (x40 >> 8); + let x42: u64 = (x41 >> 8); + let x43: u64 = (x42 >> 8); + let x44: u64 = (x43 >> 8); + let x45: u64 = (x44 >> 8); + let x46: fiat_25519_u1 = ((x45 >> 8) as fiat_25519_u1); + let x47: u64 = (x23 + (x46 as u64)); + let x48: u64 = (x47 >> 8); + let x49: u64 = (x48 >> 8); + let x50: u64 = (x49 >> 8); + let x51: u64 = (x50 >> 8); + let x52: u64 = (x51 >> 8); + let x53: u8 = ((x52 >> 8) as u8); + let x54: u64 = (x22 + (x53 as u64)); + let x55: u64 = (x54 >> 8); + let x56: u64 = (x55 >> 8); + let x57: u64 = (x56 >> 8); + let x58: u64 = (x57 >> 8); + let x59: u64 = (x58 >> 8); + let x60: u8 = ((x59 >> 8) as u8); + out1[0] = (x12 as u8); + out1[1] = (x26 as u8); + out1[2] = (x27 as u8); + out1[3] = (x28 as u8); + out1[4] = (x29 as u8); + out1[5] = (x30 as u8); + out1[6] = (x32 as u8); + out1[7] = (x33 as u8); + out1[8] = (x34 as u8); + out1[9] = (x35 as u8); + out1[10] = (x36 as u8); + out1[11] = (x37 as u8); + out1[12] = (x39 as u8); + out1[13] = (x40 as u8); + out1[14] = (x41 as u8); + out1[15] = (x42 as u8); + out1[16] = (x43 as u8); + out1[17] = (x44 as u8); + out1[18] = (x45 as u8); + out1[19] = (x47 as u8); + out1[20] = (x48 as u8); + out1[21] = (x49 as u8); + out1[22] = (x50 as u8); + out1[23] = (x51 as u8); + out1[24] = (x52 as u8); + out1[25] = (x54 as u8); + out1[26] = (x55 as u8); + out1[27] = (x56 as u8); + out1[28] = (x57 as u8); + out1[29] = (x58 as u8); + out1[30] = (x59 as u8); + out1[31] = x60; } /// The function fiat_25519_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/curve25519_scalar_32.rs b/fiat-rust/src/curve25519_scalar_32.rs index e38b24c239..6430d90267 100644 --- a/fiat-rust/src/curve25519_scalar_32.rs +++ b/fiat-rust/src/curve25519_scalar_32.rs @@ -50,10 +50,9 @@ pub type fiat_25519_scalar_non_montgomery_domain_field_element = [u32; 8]; #[inline] pub fn fiat_25519_scalar_addcarryx_u32(out1: &mut u32, out2: &mut fiat_25519_scalar_u1, arg1: fiat_25519_scalar_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_25519_scalar_u1 = ((x1 >> 32) as fiat_25519_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_25519_scalar_u1 = ((x1 >> 32) as fiat_25519_scalar_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_25519_scalar_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_25519_scalar_subborrowx_u32(out1: &mut u32, out2: &mut fiat_25519_sc #[inline] pub fn fiat_25519_scalar_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_25519_scalar_cmovznz_u32 is a single-word conditional move. @@ -4137,86 +4135,62 @@ pub fn fiat_25519_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u32; 8]) -> () { let x6: u32 = (arg1[2]); let x7: u32 = (arg1[1]); let x8: u32 = (arg1[0]); - let x9: u8 = ((x8 & (0xff as u32)) as u8); - let x10: u32 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u32)) as u8); - let x12: u32 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u8 = ((x12 >> 8) as u8); - let x15: u8 = ((x7 & (0xff as u32)) as u8); - let x16: u32 = (x7 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u32 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u32)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x6 & (0xff as u32)) as u8); - let x22: u32 = (x6 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u32 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u32)) as u8); - let x26: u8 = ((x24 >> 8) as u8); - let x27: u8 = ((x5 & (0xff as u32)) as u8); - let x28: u32 = (x5 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u32 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u32)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x4 & (0xff as u32)) as u8); - let x34: u32 = (x4 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u32 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u32)) as u8); - let x38: u8 = ((x36 >> 8) as u8); - let x39: u8 = ((x3 & (0xff as u32)) as u8); - let x40: u32 = (x3 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u8 = ((x2 & (0xff as u32)) as u8); - let x46: u32 = (x2 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u32 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u32)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u8 = ((x1 & (0xff as u32)) as u8); - let x52: u32 = (x1 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u32 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u32)) as u8); - let x56: u8 = ((x54 >> 8) as u8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + let x9: u32 = (x8 >> 8); + let x10: u32 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u32 = (x7 >> 8); + let x13: u32 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u32 = (x6 >> 8); + let x16: u32 = (x15 >> 8); + let x17: u8 = ((x16 >> 8) as u8); + let x18: u32 = (x5 >> 8); + let x19: u32 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u32 = (x4 >> 8); + let x22: u32 = (x21 >> 8); + let x23: u8 = ((x22 >> 8) as u8); + let x24: u32 = (x3 >> 8); + let x25: u32 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u32 = (x2 >> 8); + let x28: u32 = (x27 >> 8); + let x29: u8 = ((x28 >> 8) as u8); + let x30: u32 = (x1 >> 8); + let x31: u32 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x9 as u8); + out1[2] = (x10 as u8); + out1[3] = x11; + out1[4] = (x7 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = x17; + out1[12] = (x5 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = x23; + out1[20] = (x3 as u8); + out1[21] = (x24 as u8); + out1[22] = (x25 as u8); + out1[23] = x26; + out1[24] = (x2 as u8); + out1[25] = (x27 as u8); + out1[26] = (x28 as u8); + out1[27] = x29; + out1[28] = (x1 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_25519_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4371,7 +4345,7 @@ pub fn fiat_25519_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut let mut x1: u32 = 0; let mut x2: fiat_25519_scalar_u1 = 0; fiat_25519_scalar_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_25519_scalar_u1 = (((x1 >> 31) as fiat_25519_scalar_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_25519_scalar_u1)); + let x3: fiat_25519_scalar_u1 = (((x1 >> 31) as fiat_25519_scalar_u1) & ((arg3[0]) as fiat_25519_scalar_u1)); let mut x4: u32 = 0; let mut x5: fiat_25519_scalar_u1 = 0; fiat_25519_scalar_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -4581,164 +4555,163 @@ pub fn fiat_25519_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut fiat_25519_scalar_cmovznz_u32(&mut x132, x3, (arg5[6]), x122); let mut x133: u32 = 0; fiat_25519_scalar_cmovznz_u32(&mut x133, x3, (arg5[7]), x124); - let x134: fiat_25519_scalar_u1 = ((x34 & (0x1 as u32)) as fiat_25519_scalar_u1); + let mut x134: u32 = 0; + fiat_25519_scalar_cmovznz_u32(&mut x134, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x7); let mut x135: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x135, x134, (0x0 as u32), x7); + fiat_25519_scalar_cmovznz_u32(&mut x135, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x8); let mut x136: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x136, x134, (0x0 as u32), x8); + fiat_25519_scalar_cmovznz_u32(&mut x136, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x9); let mut x137: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x137, x134, (0x0 as u32), x9); + fiat_25519_scalar_cmovznz_u32(&mut x137, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x10); let mut x138: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x138, x134, (0x0 as u32), x10); + fiat_25519_scalar_cmovznz_u32(&mut x138, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x11); let mut x139: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x139, x134, (0x0 as u32), x11); + fiat_25519_scalar_cmovznz_u32(&mut x139, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x12); let mut x140: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x140, x134, (0x0 as u32), x12); + fiat_25519_scalar_cmovznz_u32(&mut x140, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x13); let mut x141: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x141, x134, (0x0 as u32), x13); + fiat_25519_scalar_cmovznz_u32(&mut x141, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x14); let mut x142: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x142, x134, (0x0 as u32), x14); + fiat_25519_scalar_cmovznz_u32(&mut x142, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x15); let mut x143: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x143, x134, (0x0 as u32), x15); - let mut x144: u32 = 0; - let mut x145: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x144, &mut x145, 0x0, x34, x135); - let mut x146: u32 = 0; - let mut x147: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x146, &mut x147, x145, x35, x136); - let mut x148: u32 = 0; - let mut x149: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x148, &mut x149, x147, x36, x137); - let mut x150: u32 = 0; - let mut x151: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x150, &mut x151, x149, x37, x138); - let mut x152: u32 = 0; - let mut x153: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x152, &mut x153, x151, x38, x139); - let mut x154: u32 = 0; - let mut x155: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x154, &mut x155, x153, x39, x140); - let mut x156: u32 = 0; - let mut x157: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x156, &mut x157, x155, x40, x141); - let mut x158: u32 = 0; - let mut x159: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x158, &mut x159, x157, x41, x142); - let mut x160: u32 = 0; - let mut x161: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x160, &mut x161, x159, x42, x143); + let mut x144: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x143, &mut x144, 0x0, x34, x134); + let mut x145: u32 = 0; + let mut x146: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x145, &mut x146, x144, x35, x135); + let mut x147: u32 = 0; + let mut x148: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x147, &mut x148, x146, x36, x136); + let mut x149: u32 = 0; + let mut x150: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x149, &mut x150, x148, x37, x137); + let mut x151: u32 = 0; + let mut x152: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x151, &mut x152, x150, x38, x138); + let mut x153: u32 = 0; + let mut x154: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x153, &mut x154, x152, x39, x139); + let mut x155: u32 = 0; + let mut x156: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x155, &mut x156, x154, x40, x140); + let mut x157: u32 = 0; + let mut x158: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x157, &mut x158, x156, x41, x141); + let mut x159: u32 = 0; + let mut x160: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x159, &mut x160, x158, x42, x142); + let mut x161: u32 = 0; + fiat_25519_scalar_cmovznz_u32(&mut x161, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x43); let mut x162: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x162, x134, (0x0 as u32), x43); + fiat_25519_scalar_cmovznz_u32(&mut x162, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x44); let mut x163: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x163, x134, (0x0 as u32), x44); + fiat_25519_scalar_cmovznz_u32(&mut x163, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x45); let mut x164: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x164, x134, (0x0 as u32), x45); + fiat_25519_scalar_cmovznz_u32(&mut x164, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x46); let mut x165: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x165, x134, (0x0 as u32), x46); + fiat_25519_scalar_cmovznz_u32(&mut x165, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x47); let mut x166: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x166, x134, (0x0 as u32), x47); + fiat_25519_scalar_cmovznz_u32(&mut x166, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x48); let mut x167: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x167, x134, (0x0 as u32), x48); + fiat_25519_scalar_cmovznz_u32(&mut x167, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x49); let mut x168: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x168, x134, (0x0 as u32), x49); + fiat_25519_scalar_cmovznz_u32(&mut x168, (x34 as fiat_25519_scalar_u1), (0x0 as u32), x50); let mut x169: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x169, x134, (0x0 as u32), x50); - let mut x170: u32 = 0; - let mut x171: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x170, &mut x171, 0x0, x126, x162); - let mut x172: u32 = 0; - let mut x173: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x172, &mut x173, x171, x127, x163); - let mut x174: u32 = 0; - let mut x175: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x174, &mut x175, x173, x128, x164); - let mut x176: u32 = 0; - let mut x177: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x176, &mut x177, x175, x129, x165); - let mut x178: u32 = 0; - let mut x179: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x178, &mut x179, x177, x130, x166); - let mut x180: u32 = 0; - let mut x181: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x180, &mut x181, x179, x131, x167); - let mut x182: u32 = 0; - let mut x183: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x182, &mut x183, x181, x132, x168); - let mut x184: u32 = 0; - let mut x185: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x184, &mut x185, x183, x133, x169); - let mut x186: u32 = 0; - let mut x187: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x186, &mut x187, 0x0, x170, 0x5cf5d3ed); - let mut x188: u32 = 0; - let mut x189: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x188, &mut x189, x187, x172, 0x5812631a); - let mut x190: u32 = 0; - let mut x191: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x190, &mut x191, x189, x174, 0xa2f79cd6); - let mut x192: u32 = 0; - let mut x193: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x192, &mut x193, x191, x176, 0x14def9de); - let mut x194: u32 = 0; - let mut x195: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x194, &mut x195, x193, x178, (0x0 as u32)); - let mut x196: u32 = 0; - let mut x197: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x196, &mut x197, x195, x180, (0x0 as u32)); - let mut x198: u32 = 0; - let mut x199: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x198, &mut x199, x197, x182, (0x0 as u32)); - let mut x200: u32 = 0; - let mut x201: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x200, &mut x201, x199, x184, 0x10000000); - let mut x202: u32 = 0; - let mut x203: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u32(&mut x202, &mut x203, x201, (x185 as u32), (0x0 as u32)); - let mut x204: u32 = 0; - let mut x205: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u32(&mut x204, &mut x205, 0x0, x6, (0x1 as u32)); - let x206: u32 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - let x207: u32 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - let x208: u32 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - let x209: u32 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - let x210: u32 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - let x211: u32 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - let x212: u32 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - let x213: u32 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - let x214: u32 = ((x160 & 0x80000000) | (x160 >> 1)); + let mut x170: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x169, &mut x170, 0x0, x126, x161); + let mut x171: u32 = 0; + let mut x172: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x171, &mut x172, x170, x127, x162); + let mut x173: u32 = 0; + let mut x174: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x173, &mut x174, x172, x128, x163); + let mut x175: u32 = 0; + let mut x176: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x175, &mut x176, x174, x129, x164); + let mut x177: u32 = 0; + let mut x178: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x177, &mut x178, x176, x130, x165); + let mut x179: u32 = 0; + let mut x180: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x179, &mut x180, x178, x131, x166); + let mut x181: u32 = 0; + let mut x182: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x181, &mut x182, x180, x132, x167); + let mut x183: u32 = 0; + let mut x184: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x183, &mut x184, x182, x133, x168); + let mut x185: u32 = 0; + let mut x186: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x185, &mut x186, 0x0, x169, 0x5cf5d3ed); + let mut x187: u32 = 0; + let mut x188: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x187, &mut x188, x186, x171, 0x5812631a); + let mut x189: u32 = 0; + let mut x190: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x189, &mut x190, x188, x173, 0xa2f79cd6); + let mut x191: u32 = 0; + let mut x192: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x191, &mut x192, x190, x175, 0x14def9de); + let mut x193: u32 = 0; + let mut x194: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x193, &mut x194, x192, x177, (0x0 as u32)); + let mut x195: u32 = 0; + let mut x196: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x195, &mut x196, x194, x179, (0x0 as u32)); + let mut x197: u32 = 0; + let mut x198: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x197, &mut x198, x196, x181, (0x0 as u32)); + let mut x199: u32 = 0; + let mut x200: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x199, &mut x200, x198, x183, 0x10000000); + let mut x201: u32 = 0; + let mut x202: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u32(&mut x201, &mut x202, x200, (x184 as u32), (0x0 as u32)); + let mut x203: u32 = 0; + let mut x204: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u32(&mut x203, &mut x204, 0x0, x6, (0x1 as u32)); + let x205: u32 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + let x206: u32 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + let x207: u32 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + let x208: u32 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + let x209: u32 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + let x210: u32 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + let x211: u32 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + let x212: u32 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + let x213: u32 = ((x159 & 0x80000000) | (x159 >> 1)); + let mut x214: u32 = 0; + fiat_25519_scalar_cmovznz_u32(&mut x214, x84, x67, x51); let mut x215: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x215, x84, x67, x51); + fiat_25519_scalar_cmovznz_u32(&mut x215, x84, x69, x53); let mut x216: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x216, x84, x69, x53); + fiat_25519_scalar_cmovznz_u32(&mut x216, x84, x71, x55); let mut x217: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x217, x84, x71, x55); + fiat_25519_scalar_cmovznz_u32(&mut x217, x84, x73, x57); let mut x218: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x218, x84, x73, x57); + fiat_25519_scalar_cmovznz_u32(&mut x218, x84, x75, x59); let mut x219: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x219, x84, x75, x59); + fiat_25519_scalar_cmovznz_u32(&mut x219, x84, x77, x61); let mut x220: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x220, x84, x77, x61); + fiat_25519_scalar_cmovznz_u32(&mut x220, x84, x79, x63); let mut x221: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x221, x84, x79, x63); + fiat_25519_scalar_cmovznz_u32(&mut x221, x84, x81, x65); let mut x222: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x222, x84, x81, x65); + fiat_25519_scalar_cmovznz_u32(&mut x222, x202, x185, x169); let mut x223: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x223, x203, x186, x170); + fiat_25519_scalar_cmovznz_u32(&mut x223, x202, x187, x171); let mut x224: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x224, x203, x188, x172); + fiat_25519_scalar_cmovznz_u32(&mut x224, x202, x189, x173); let mut x225: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x225, x203, x190, x174); + fiat_25519_scalar_cmovznz_u32(&mut x225, x202, x191, x175); let mut x226: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x226, x203, x192, x176); + fiat_25519_scalar_cmovznz_u32(&mut x226, x202, x193, x177); let mut x227: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x227, x203, x194, x178); + fiat_25519_scalar_cmovznz_u32(&mut x227, x202, x195, x179); let mut x228: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x228, x203, x196, x180); + fiat_25519_scalar_cmovznz_u32(&mut x228, x202, x197, x181); let mut x229: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x229, x203, x198, x182); - let mut x230: u32 = 0; - fiat_25519_scalar_cmovznz_u32(&mut x230, x203, x200, x184); - *out1 = x204; + fiat_25519_scalar_cmovznz_u32(&mut x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4748,31 +4721,31 @@ pub fn fiat_25519_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function fiat_25519_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/curve25519_scalar_64.rs b/fiat-rust/src/curve25519_scalar_64.rs index dc45f1b8ef..af7ca2d738 100644 --- a/fiat-rust/src/curve25519_scalar_64.rs +++ b/fiat-rust/src/curve25519_scalar_64.rs @@ -50,10 +50,9 @@ pub type fiat_25519_scalar_non_montgomery_domain_field_element = [u64; 4]; #[inline] pub fn fiat_25519_scalar_addcarryx_u64(out1: &mut u64, out2: &mut fiat_25519_scalar_u1, arg1: fiat_25519_scalar_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_25519_scalar_u1 = ((x1 >> 64) as fiat_25519_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_25519_scalar_u1 = ((x1 >> 64) as fiat_25519_scalar_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_25519_scalar_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_25519_scalar_subborrowx_u64(out1: &mut u64, out2: &mut fiat_25519_sc #[inline] pub fn fiat_25519_scalar_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_25519_scalar_cmovznz_u64 is a single-word conditional move. @@ -1359,94 +1357,66 @@ pub fn fiat_25519_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u64; 4]) -> () { let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = (x28 as u8); + out1[28] = (x29 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_25519_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1593,7 +1563,7 @@ pub fn fiat_25519_scalar_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut let mut x1: u64 = 0; let mut x2: fiat_25519_scalar_u1 = 0; fiat_25519_scalar_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_25519_scalar_u1 = (((x1 >> 63) as fiat_25519_scalar_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_25519_scalar_u1)); + let x3: fiat_25519_scalar_u1 = (((x1 >> 63) as fiat_25519_scalar_u1) & ((arg3[0]) as fiat_25519_scalar_u1)); let mut x4: u64 = 0; let mut x5: fiat_25519_scalar_u1 = 0; fiat_25519_scalar_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1707,110 +1677,109 @@ pub fn fiat_25519_scalar_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut fiat_25519_scalar_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_25519_scalar_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_25519_scalar_u1 = ((x22 & (0x1 as u64)) as fiat_25519_scalar_u1); + let mut x74: u64 = 0; + fiat_25519_scalar_cmovznz_u64(&mut x74, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_25519_scalar_cmovznz_u64(&mut x75, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_25519_scalar_cmovznz_u64(&mut x76, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_25519_scalar_cmovznz_u64(&mut x77, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_25519_scalar_cmovznz_u64(&mut x78, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_25519_scalar_cmovznz_u64(&mut x89, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_25519_scalar_cmovznz_u64(&mut x90, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_25519_scalar_cmovznz_u64(&mut x91, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_25519_scalar_cmovznz_u64(&mut x92, (x22 as fiat_25519_scalar_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, 0x5812631a5cf5d3ed); - let mut x104: u64 = 0; - let mut x105: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0x14def9dea2f79cd6); - let mut x106: u64 = 0; - let mut x107: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u64(&mut x106, &mut x107, x105, x98, (0x0 as u64)); - let mut x108: u64 = 0; - let mut x109: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0x1000000000000000); - let mut x110: u64 = 0; - let mut x111: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_25519_scalar_u1 = 0; - fiat_25519_scalar_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, 0x5812631a5cf5d3ed); + let mut x103: u64 = 0; + let mut x104: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0x14def9dea2f79cd6); + let mut x105: u64 = 0; + let mut x106: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u64(&mut x105, &mut x106, x104, x97, (0x0 as u64)); + let mut x107: u64 = 0; + let mut x108: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0x1000000000000000); + let mut x109: u64 = 0; + let mut x110: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_25519_scalar_u1 = 0; + fiat_25519_scalar_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_25519_scalar_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_25519_scalar_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_25519_scalar_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_25519_scalar_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_25519_scalar_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_25519_scalar_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_25519_scalar_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_25519_scalar_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_25519_scalar_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_25519_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/curve25519_solinas_64.rs b/fiat-rust/src/curve25519_solinas_64.rs index edda9bb439..fdadb171e1 100644 --- a/fiat-rust/src/curve25519_solinas_64.rs +++ b/fiat-rust/src/curve25519_solinas_64.rs @@ -32,10 +32,9 @@ pub type fiat_curve25519_solinas_i2 = i8; #[inline] pub fn fiat_curve25519_solinas_addcarryx_u64(out1: &mut u64, out2: &mut fiat_curve25519_solinas_u1, arg1: fiat_curve25519_solinas_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_curve25519_solinas_u1 = ((x1 >> 64) as fiat_curve25519_solinas_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_curve25519_solinas_u1 = ((x1 >> 64) as fiat_curve25519_solinas_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_curve25519_solinas_subborrowx_u64 is a subtraction with borrow. @@ -75,10 +74,9 @@ pub fn fiat_curve25519_solinas_subborrowx_u64(out1: &mut u64, out2: &mut fiat_cu #[inline] pub fn fiat_curve25519_solinas_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_curve25519_solinas_cmovznz_u64 is a single-word conditional move. diff --git a/fiat-rust/src/p224_32.rs b/fiat-rust/src/p224_32.rs index ebe45dfd6c..5072987c3d 100644 --- a/fiat-rust/src/p224_32.rs +++ b/fiat-rust/src/p224_32.rs @@ -50,10 +50,9 @@ pub type fiat_p224_non_montgomery_domain_field_element = [u32; 7]; #[inline] pub fn fiat_p224_addcarryx_u32(out1: &mut u32, out2: &mut fiat_p224_u1, arg1: fiat_p224_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_p224_u1 = ((x1 >> 32) as fiat_p224_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p224_u1 = ((x1 >> 32) as fiat_p224_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p224_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p224_subborrowx_u32(out1: &mut u32, out2: &mut fiat_p224_u1, arg1: f #[inline] pub fn fiat_p224_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p224_cmovznz_u32 is a single-word conditional move. @@ -1908,7 +1906,7 @@ pub fn fiat_p224_sub(out1: &mut fiat_p224_montgomery_domain_field_element, arg1: fiat_p224_cmovznz_u32(&mut x15, x14, (0x0 as u32), 0xffffffff); let mut x16: u32 = 0; let mut x17: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x16, &mut x17, 0x0, x1, (((x15 & (0x1 as u32)) as fiat_p224_u1) as u32)); + fiat_p224_addcarryx_u32(&mut x16, &mut x17, 0x0, x1, ((x15 as fiat_p224_u1) as u32)); let mut x18: u32 = 0; let mut x19: fiat_p224_u1 = 0; fiat_p224_addcarryx_u32(&mut x18, &mut x19, x17, x3, (0x0 as u32)); @@ -1971,7 +1969,7 @@ pub fn fiat_p224_opp(out1: &mut fiat_p224_montgomery_domain_field_element, arg1: fiat_p224_cmovznz_u32(&mut x15, x14, (0x0 as u32), 0xffffffff); let mut x16: u32 = 0; let mut x17: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x16, &mut x17, 0x0, x1, (((x15 & (0x1 as u32)) as fiat_p224_u1) as u32)); + fiat_p224_addcarryx_u32(&mut x16, &mut x17, 0x0, x1, ((x15 as fiat_p224_u1) as u32)); let mut x18: u32 = 0; let mut x19: fiat_p224_u1 = 0; fiat_p224_addcarryx_u32(&mut x18, &mut x19, x17, x3, (0x0 as u32)); @@ -3160,76 +3158,55 @@ pub fn fiat_p224_to_bytes(out1: &mut [u8; 28], arg1: &[u32; 7]) -> () { let x5: u32 = (arg1[2]); let x6: u32 = (arg1[1]); let x7: u32 = (arg1[0]); - let x8: u8 = ((x7 & (0xff as u32)) as u8); - let x9: u32 = (x7 >> 8); - let x10: u8 = ((x9 & (0xff as u32)) as u8); - let x11: u32 = (x9 >> 8); - let x12: u8 = ((x11 & (0xff as u32)) as u8); - let x13: u8 = ((x11 >> 8) as u8); - let x14: u8 = ((x6 & (0xff as u32)) as u8); - let x15: u32 = (x6 >> 8); - let x16: u8 = ((x15 & (0xff as u32)) as u8); - let x17: u32 = (x15 >> 8); - let x18: u8 = ((x17 & (0xff as u32)) as u8); - let x19: u8 = ((x17 >> 8) as u8); - let x20: u8 = ((x5 & (0xff as u32)) as u8); - let x21: u32 = (x5 >> 8); - let x22: u8 = ((x21 & (0xff as u32)) as u8); - let x23: u32 = (x21 >> 8); - let x24: u8 = ((x23 & (0xff as u32)) as u8); - let x25: u8 = ((x23 >> 8) as u8); - let x26: u8 = ((x4 & (0xff as u32)) as u8); - let x27: u32 = (x4 >> 8); - let x28: u8 = ((x27 & (0xff as u32)) as u8); - let x29: u32 = (x27 >> 8); - let x30: u8 = ((x29 & (0xff as u32)) as u8); - let x31: u8 = ((x29 >> 8) as u8); - let x32: u8 = ((x3 & (0xff as u32)) as u8); - let x33: u32 = (x3 >> 8); - let x34: u8 = ((x33 & (0xff as u32)) as u8); - let x35: u32 = (x33 >> 8); - let x36: u8 = ((x35 & (0xff as u32)) as u8); - let x37: u8 = ((x35 >> 8) as u8); - let x38: u8 = ((x2 & (0xff as u32)) as u8); - let x39: u32 = (x2 >> 8); - let x40: u8 = ((x39 & (0xff as u32)) as u8); - let x41: u32 = (x39 >> 8); - let x42: u8 = ((x41 & (0xff as u32)) as u8); - let x43: u8 = ((x41 >> 8) as u8); - let x44: u8 = ((x1 & (0xff as u32)) as u8); - let x45: u32 = (x1 >> 8); - let x46: u8 = ((x45 & (0xff as u32)) as u8); - let x47: u32 = (x45 >> 8); - let x48: u8 = ((x47 & (0xff as u32)) as u8); - let x49: u8 = ((x47 >> 8) as u8); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x13; - out1[4] = x14; - out1[5] = x16; - out1[6] = x18; - out1[7] = x19; - out1[8] = x20; - out1[9] = x22; - out1[10] = x24; - out1[11] = x25; - out1[12] = x26; - out1[13] = x28; - out1[14] = x30; - out1[15] = x31; - out1[16] = x32; - out1[17] = x34; - out1[18] = x36; - out1[19] = x37; - out1[20] = x38; - out1[21] = x40; - out1[22] = x42; - out1[23] = x43; - out1[24] = x44; - out1[25] = x46; - out1[26] = x48; - out1[27] = x49; + let x8: u32 = (x7 >> 8); + let x9: u32 = (x8 >> 8); + let x10: u8 = ((x9 >> 8) as u8); + let x11: u32 = (x6 >> 8); + let x12: u32 = (x11 >> 8); + let x13: u8 = ((x12 >> 8) as u8); + let x14: u32 = (x5 >> 8); + let x15: u32 = (x14 >> 8); + let x16: u8 = ((x15 >> 8) as u8); + let x17: u32 = (x4 >> 8); + let x18: u32 = (x17 >> 8); + let x19: u8 = ((x18 >> 8) as u8); + let x20: u32 = (x3 >> 8); + let x21: u32 = (x20 >> 8); + let x22: u8 = ((x21 >> 8) as u8); + let x23: u32 = (x2 >> 8); + let x24: u32 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u32 = (x1 >> 8); + let x27: u32 = (x26 >> 8); + let x28: u8 = ((x27 >> 8) as u8); + out1[0] = (x7 as u8); + out1[1] = (x8 as u8); + out1[2] = (x9 as u8); + out1[3] = x10; + out1[4] = (x6 as u8); + out1[5] = (x11 as u8); + out1[6] = (x12 as u8); + out1[7] = x13; + out1[8] = (x5 as u8); + out1[9] = (x14 as u8); + out1[10] = (x15 as u8); + out1[11] = x16; + out1[12] = (x4 as u8); + out1[13] = (x17 as u8); + out1[14] = (x18 as u8); + out1[15] = x19; + out1[16] = (x3 as u8); + out1[17] = (x20 as u8); + out1[18] = (x21 as u8); + out1[19] = x22; + out1[20] = (x2 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = x28; } /// The function fiat_p224_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3374,7 +3351,7 @@ pub fn fiat_p224_divstep(out1: &mut u32, out2: &mut [u32; 8], out3: &mut [u32; 8 let mut x1: u32 = 0; let mut x2: fiat_p224_u1 = 0; fiat_p224_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_p224_u1 = (((x1 >> 31) as fiat_p224_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_p224_u1)); + let x3: fiat_p224_u1 = (((x1 >> 31) as fiat_p224_u1) & ((arg3[0]) as fiat_p224_u1)); let mut x4: u32 = 0; let mut x5: fiat_p224_u1 = 0; fiat_p224_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -3527,7 +3504,7 @@ pub fn fiat_p224_divstep(out1: &mut u32, out2: &mut [u32; 8], out3: &mut [u32; 8 fiat_p224_cmovznz_u32(&mut x97, x96, (0x0 as u32), 0xffffffff); let mut x98: u32 = 0; let mut x99: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x98, &mut x99, 0x0, x83, (((x97 & (0x1 as u32)) as fiat_p224_u1) as u32)); + fiat_p224_addcarryx_u32(&mut x98, &mut x99, 0x0, x83, ((x97 as fiat_p224_u1) as u32)); let mut x100: u32 = 0; let mut x101: fiat_p224_u1 = 0; fiat_p224_addcarryx_u32(&mut x100, &mut x101, x99, x85, (0x0 as u32)); @@ -3560,146 +3537,145 @@ pub fn fiat_p224_divstep(out1: &mut u32, out2: &mut [u32; 8], out3: &mut [u32; 8 fiat_p224_cmovznz_u32(&mut x117, x3, (arg5[5]), x108); let mut x118: u32 = 0; fiat_p224_cmovznz_u32(&mut x118, x3, (arg5[6]), x110); - let x119: fiat_p224_u1 = ((x31 & (0x1 as u32)) as fiat_p224_u1); + let mut x119: u32 = 0; + fiat_p224_cmovznz_u32(&mut x119, (x31 as fiat_p224_u1), (0x0 as u32), x7); let mut x120: u32 = 0; - fiat_p224_cmovznz_u32(&mut x120, x119, (0x0 as u32), x7); + fiat_p224_cmovznz_u32(&mut x120, (x31 as fiat_p224_u1), (0x0 as u32), x8); let mut x121: u32 = 0; - fiat_p224_cmovznz_u32(&mut x121, x119, (0x0 as u32), x8); + fiat_p224_cmovznz_u32(&mut x121, (x31 as fiat_p224_u1), (0x0 as u32), x9); let mut x122: u32 = 0; - fiat_p224_cmovznz_u32(&mut x122, x119, (0x0 as u32), x9); + fiat_p224_cmovznz_u32(&mut x122, (x31 as fiat_p224_u1), (0x0 as u32), x10); let mut x123: u32 = 0; - fiat_p224_cmovznz_u32(&mut x123, x119, (0x0 as u32), x10); + fiat_p224_cmovznz_u32(&mut x123, (x31 as fiat_p224_u1), (0x0 as u32), x11); let mut x124: u32 = 0; - fiat_p224_cmovznz_u32(&mut x124, x119, (0x0 as u32), x11); + fiat_p224_cmovznz_u32(&mut x124, (x31 as fiat_p224_u1), (0x0 as u32), x12); let mut x125: u32 = 0; - fiat_p224_cmovznz_u32(&mut x125, x119, (0x0 as u32), x12); + fiat_p224_cmovznz_u32(&mut x125, (x31 as fiat_p224_u1), (0x0 as u32), x13); let mut x126: u32 = 0; - fiat_p224_cmovznz_u32(&mut x126, x119, (0x0 as u32), x13); + fiat_p224_cmovznz_u32(&mut x126, (x31 as fiat_p224_u1), (0x0 as u32), x14); let mut x127: u32 = 0; - fiat_p224_cmovznz_u32(&mut x127, x119, (0x0 as u32), x14); - let mut x128: u32 = 0; - let mut x129: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x128, &mut x129, 0x0, x31, x120); - let mut x130: u32 = 0; - let mut x131: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x130, &mut x131, x129, x32, x121); - let mut x132: u32 = 0; - let mut x133: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x132, &mut x133, x131, x33, x122); - let mut x134: u32 = 0; - let mut x135: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x134, &mut x135, x133, x34, x123); - let mut x136: u32 = 0; - let mut x137: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x136, &mut x137, x135, x35, x124); - let mut x138: u32 = 0; - let mut x139: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x138, &mut x139, x137, x36, x125); - let mut x140: u32 = 0; - let mut x141: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x140, &mut x141, x139, x37, x126); - let mut x142: u32 = 0; - let mut x143: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x142, &mut x143, x141, x38, x127); + let mut x128: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x127, &mut x128, 0x0, x31, x119); + let mut x129: u32 = 0; + let mut x130: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x129, &mut x130, x128, x32, x120); + let mut x131: u32 = 0; + let mut x132: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x131, &mut x132, x130, x33, x121); + let mut x133: u32 = 0; + let mut x134: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x133, &mut x134, x132, x34, x122); + let mut x135: u32 = 0; + let mut x136: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x135, &mut x136, x134, x35, x123); + let mut x137: u32 = 0; + let mut x138: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x137, &mut x138, x136, x36, x124); + let mut x139: u32 = 0; + let mut x140: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x139, &mut x140, x138, x37, x125); + let mut x141: u32 = 0; + let mut x142: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x141, &mut x142, x140, x38, x126); + let mut x143: u32 = 0; + fiat_p224_cmovznz_u32(&mut x143, (x31 as fiat_p224_u1), (0x0 as u32), x39); let mut x144: u32 = 0; - fiat_p224_cmovznz_u32(&mut x144, x119, (0x0 as u32), x39); + fiat_p224_cmovznz_u32(&mut x144, (x31 as fiat_p224_u1), (0x0 as u32), x40); let mut x145: u32 = 0; - fiat_p224_cmovznz_u32(&mut x145, x119, (0x0 as u32), x40); + fiat_p224_cmovznz_u32(&mut x145, (x31 as fiat_p224_u1), (0x0 as u32), x41); let mut x146: u32 = 0; - fiat_p224_cmovznz_u32(&mut x146, x119, (0x0 as u32), x41); + fiat_p224_cmovznz_u32(&mut x146, (x31 as fiat_p224_u1), (0x0 as u32), x42); let mut x147: u32 = 0; - fiat_p224_cmovznz_u32(&mut x147, x119, (0x0 as u32), x42); + fiat_p224_cmovznz_u32(&mut x147, (x31 as fiat_p224_u1), (0x0 as u32), x43); let mut x148: u32 = 0; - fiat_p224_cmovznz_u32(&mut x148, x119, (0x0 as u32), x43); + fiat_p224_cmovznz_u32(&mut x148, (x31 as fiat_p224_u1), (0x0 as u32), x44); let mut x149: u32 = 0; - fiat_p224_cmovznz_u32(&mut x149, x119, (0x0 as u32), x44); + fiat_p224_cmovznz_u32(&mut x149, (x31 as fiat_p224_u1), (0x0 as u32), x45); let mut x150: u32 = 0; - fiat_p224_cmovznz_u32(&mut x150, x119, (0x0 as u32), x45); - let mut x151: u32 = 0; - let mut x152: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x151, &mut x152, 0x0, x112, x144); - let mut x153: u32 = 0; - let mut x154: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x153, &mut x154, x152, x113, x145); - let mut x155: u32 = 0; - let mut x156: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x155, &mut x156, x154, x114, x146); - let mut x157: u32 = 0; - let mut x158: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x157, &mut x158, x156, x115, x147); - let mut x159: u32 = 0; - let mut x160: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x159, &mut x160, x158, x116, x148); - let mut x161: u32 = 0; - let mut x162: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x161, &mut x162, x160, x117, x149); - let mut x163: u32 = 0; - let mut x164: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x163, &mut x164, x162, x118, x150); - let mut x165: u32 = 0; - let mut x166: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x165, &mut x166, 0x0, x151, (0x1 as u32)); - let mut x167: u32 = 0; - let mut x168: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x167, &mut x168, x166, x153, (0x0 as u32)); - let mut x169: u32 = 0; - let mut x170: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x169, &mut x170, x168, x155, (0x0 as u32)); - let mut x171: u32 = 0; - let mut x172: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x171, &mut x172, x170, x157, 0xffffffff); - let mut x173: u32 = 0; - let mut x174: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x173, &mut x174, x172, x159, 0xffffffff); - let mut x175: u32 = 0; - let mut x176: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x175, &mut x176, x174, x161, 0xffffffff); - let mut x177: u32 = 0; - let mut x178: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x177, &mut x178, x176, x163, 0xffffffff); - let mut x179: u32 = 0; - let mut x180: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u32(&mut x179, &mut x180, x178, (x164 as u32), (0x0 as u32)); - let mut x181: u32 = 0; - let mut x182: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u32(&mut x181, &mut x182, 0x0, x6, (0x1 as u32)); - let x183: u32 = ((x128 >> 1) | ((x130 << 31) & 0xffffffff)); - let x184: u32 = ((x130 >> 1) | ((x132 << 31) & 0xffffffff)); - let x185: u32 = ((x132 >> 1) | ((x134 << 31) & 0xffffffff)); - let x186: u32 = ((x134 >> 1) | ((x136 << 31) & 0xffffffff)); - let x187: u32 = ((x136 >> 1) | ((x138 << 31) & 0xffffffff)); - let x188: u32 = ((x138 >> 1) | ((x140 << 31) & 0xffffffff)); - let x189: u32 = ((x140 >> 1) | ((x142 << 31) & 0xffffffff)); - let x190: u32 = ((x142 & 0x80000000) | (x142 >> 1)); + let mut x151: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x150, &mut x151, 0x0, x112, x143); + let mut x152: u32 = 0; + let mut x153: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x152, &mut x153, x151, x113, x144); + let mut x154: u32 = 0; + let mut x155: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x154, &mut x155, x153, x114, x145); + let mut x156: u32 = 0; + let mut x157: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x156, &mut x157, x155, x115, x146); + let mut x158: u32 = 0; + let mut x159: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x158, &mut x159, x157, x116, x147); + let mut x160: u32 = 0; + let mut x161: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x160, &mut x161, x159, x117, x148); + let mut x162: u32 = 0; + let mut x163: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x162, &mut x163, x161, x118, x149); + let mut x164: u32 = 0; + let mut x165: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x164, &mut x165, 0x0, x150, (0x1 as u32)); + let mut x166: u32 = 0; + let mut x167: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x166, &mut x167, x165, x152, (0x0 as u32)); + let mut x168: u32 = 0; + let mut x169: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x168, &mut x169, x167, x154, (0x0 as u32)); + let mut x170: u32 = 0; + let mut x171: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x170, &mut x171, x169, x156, 0xffffffff); + let mut x172: u32 = 0; + let mut x173: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x172, &mut x173, x171, x158, 0xffffffff); + let mut x174: u32 = 0; + let mut x175: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x174, &mut x175, x173, x160, 0xffffffff); + let mut x176: u32 = 0; + let mut x177: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x176, &mut x177, x175, x162, 0xffffffff); + let mut x178: u32 = 0; + let mut x179: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u32(&mut x178, &mut x179, x177, (x163 as u32), (0x0 as u32)); + let mut x180: u32 = 0; + let mut x181: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u32(&mut x180, &mut x181, 0x0, x6, (0x1 as u32)); + let x182: u32 = ((x127 >> 1) | ((x129 << 31) & 0xffffffff)); + let x183: u32 = ((x129 >> 1) | ((x131 << 31) & 0xffffffff)); + let x184: u32 = ((x131 >> 1) | ((x133 << 31) & 0xffffffff)); + let x185: u32 = ((x133 >> 1) | ((x135 << 31) & 0xffffffff)); + let x186: u32 = ((x135 >> 1) | ((x137 << 31) & 0xffffffff)); + let x187: u32 = ((x137 >> 1) | ((x139 << 31) & 0xffffffff)); + let x188: u32 = ((x139 >> 1) | ((x141 << 31) & 0xffffffff)); + let x189: u32 = ((x141 & 0x80000000) | (x141 >> 1)); + let mut x190: u32 = 0; + fiat_p224_cmovznz_u32(&mut x190, x75, x60, x46); let mut x191: u32 = 0; - fiat_p224_cmovznz_u32(&mut x191, x75, x60, x46); + fiat_p224_cmovznz_u32(&mut x191, x75, x62, x48); let mut x192: u32 = 0; - fiat_p224_cmovznz_u32(&mut x192, x75, x62, x48); + fiat_p224_cmovznz_u32(&mut x192, x75, x64, x50); let mut x193: u32 = 0; - fiat_p224_cmovznz_u32(&mut x193, x75, x64, x50); + fiat_p224_cmovznz_u32(&mut x193, x75, x66, x52); let mut x194: u32 = 0; - fiat_p224_cmovznz_u32(&mut x194, x75, x66, x52); + fiat_p224_cmovznz_u32(&mut x194, x75, x68, x54); let mut x195: u32 = 0; - fiat_p224_cmovznz_u32(&mut x195, x75, x68, x54); + fiat_p224_cmovznz_u32(&mut x195, x75, x70, x56); let mut x196: u32 = 0; - fiat_p224_cmovznz_u32(&mut x196, x75, x70, x56); + fiat_p224_cmovznz_u32(&mut x196, x75, x72, x58); let mut x197: u32 = 0; - fiat_p224_cmovznz_u32(&mut x197, x75, x72, x58); + fiat_p224_cmovznz_u32(&mut x197, x179, x164, x150); let mut x198: u32 = 0; - fiat_p224_cmovznz_u32(&mut x198, x180, x165, x151); + fiat_p224_cmovznz_u32(&mut x198, x179, x166, x152); let mut x199: u32 = 0; - fiat_p224_cmovznz_u32(&mut x199, x180, x167, x153); + fiat_p224_cmovznz_u32(&mut x199, x179, x168, x154); let mut x200: u32 = 0; - fiat_p224_cmovznz_u32(&mut x200, x180, x169, x155); + fiat_p224_cmovznz_u32(&mut x200, x179, x170, x156); let mut x201: u32 = 0; - fiat_p224_cmovznz_u32(&mut x201, x180, x171, x157); + fiat_p224_cmovznz_u32(&mut x201, x179, x172, x158); let mut x202: u32 = 0; - fiat_p224_cmovznz_u32(&mut x202, x180, x173, x159); + fiat_p224_cmovznz_u32(&mut x202, x179, x174, x160); let mut x203: u32 = 0; - fiat_p224_cmovznz_u32(&mut x203, x180, x175, x161); - let mut x204: u32 = 0; - fiat_p224_cmovznz_u32(&mut x204, x180, x177, x163); - *out1 = x181; + fiat_p224_cmovznz_u32(&mut x203, x179, x176, x162); + *out1 = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3708,28 +3684,28 @@ pub fn fiat_p224_divstep(out1: &mut u32, out2: &mut [u32; 8], out3: &mut [u32; 8 out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /// The function fiat_p224_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p224_64.rs b/fiat-rust/src/p224_64.rs index 785eac4051..05599dd383 100644 --- a/fiat-rust/src/p224_64.rs +++ b/fiat-rust/src/p224_64.rs @@ -50,10 +50,9 @@ pub type fiat_p224_non_montgomery_domain_field_element = [u64; 4]; #[inline] pub fn fiat_p224_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p224_u1, arg1: fiat_p224_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p224_u1 = ((x1 >> 64) as fiat_p224_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p224_u1 = ((x1 >> 64) as fiat_p224_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p224_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p224_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p224_u1, arg1: f #[inline] pub fn fiat_p224_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p224_cmovznz_u64 is a single-word conditional move. @@ -828,7 +826,7 @@ pub fn fiat_p224_sub(out1: &mut fiat_p224_montgomery_domain_field_element, arg1: fiat_p224_cmovznz_u64(&mut x9, x8, (0x0 as u64), 0xffffffffffffffff); let mut x10: u64 = 0; let mut x11: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x10, &mut x11, 0x0, x1, (((x9 & (0x1 as u64)) as fiat_p224_u1) as u64)); + fiat_p224_addcarryx_u64(&mut x10, &mut x11, 0x0, x1, ((x9 as fiat_p224_u1) as u64)); let mut x12: u64 = 0; let mut x13: fiat_p224_u1 = 0; fiat_p224_addcarryx_u64(&mut x12, &mut x13, x11, x3, (x9 & 0xffffffff00000000)); @@ -870,7 +868,7 @@ pub fn fiat_p224_opp(out1: &mut fiat_p224_montgomery_domain_field_element, arg1: fiat_p224_cmovznz_u64(&mut x9, x8, (0x0 as u64), 0xffffffffffffffff); let mut x10: u64 = 0; let mut x11: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x10, &mut x11, 0x0, x1, (((x9 & (0x1 as u64)) as fiat_p224_u1) as u64)); + fiat_p224_addcarryx_u64(&mut x10, &mut x11, 0x0, x1, ((x9 as fiat_p224_u1) as u64)); let mut x12: u64 = 0; let mut x13: fiat_p224_u1 = 0; fiat_p224_addcarryx_u64(&mut x12, &mut x13, x11, x3, (x9 & 0xffffffff00000000)); @@ -1419,82 +1417,58 @@ pub fn fiat_p224_to_bytes(out1: &mut [u8; 28], arg1: &[u64; 4]) -> () { let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u8 = ((x50 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x52; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u8 = ((x27 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = x28; } /// The function fiat_p224_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1633,7 +1607,7 @@ pub fn fiat_p224_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut [u64; 5 let mut x1: u64 = 0; let mut x2: fiat_p224_u1 = 0; fiat_p224_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p224_u1 = (((x1 >> 63) as fiat_p224_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p224_u1)); + let x3: fiat_p224_u1 = (((x1 >> 63) as fiat_p224_u1) & ((arg3[0]) as fiat_p224_u1)); let mut x4: u64 = 0; let mut x5: fiat_p224_u1 = 0; fiat_p224_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1729,7 +1703,7 @@ pub fn fiat_p224_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut [u64; 5 fiat_p224_cmovznz_u64(&mut x61, x60, (0x0 as u64), 0xffffffffffffffff); let mut x62: u64 = 0; let mut x63: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x62, &mut x63, 0x0, x53, (((x61 & (0x1 as u64)) as fiat_p224_u1) as u64)); + fiat_p224_addcarryx_u64(&mut x62, &mut x63, 0x0, x53, ((x61 as fiat_p224_u1) as u64)); let mut x64: u64 = 0; let mut x65: fiat_p224_u1 = 0; fiat_p224_addcarryx_u64(&mut x64, &mut x65, x63, x55, (x61 & 0xffffffff00000000)); @@ -1747,110 +1721,109 @@ pub fn fiat_p224_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut [u64; 5 fiat_p224_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_p224_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_p224_u1 = ((x22 & (0x1 as u64)) as fiat_p224_u1); + let mut x74: u64 = 0; + fiat_p224_cmovznz_u64(&mut x74, (x22 as fiat_p224_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_p224_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_p224_cmovznz_u64(&mut x75, (x22 as fiat_p224_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_p224_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_p224_cmovznz_u64(&mut x76, (x22 as fiat_p224_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_p224_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_p224_cmovznz_u64(&mut x77, (x22 as fiat_p224_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_p224_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_p224_cmovznz_u64(&mut x78, (x22 as fiat_p224_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_p224_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_p224_cmovznz_u64(&mut x89, (x22 as fiat_p224_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_p224_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_p224_cmovznz_u64(&mut x90, (x22 as fiat_p224_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_p224_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_p224_cmovznz_u64(&mut x91, (x22 as fiat_p224_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_p224_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_p224_cmovznz_u64(&mut x92, (x22 as fiat_p224_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_p224_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, (0x1 as u64)); - let mut x104: u64 = 0; - let mut x105: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0xffffffff00000000); - let mut x106: u64 = 0; - let mut x107: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u64(&mut x106, &mut x107, x105, x98, 0xffffffffffffffff); - let mut x108: u64 = 0; - let mut x109: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0xffffffff); - let mut x110: u64 = 0; - let mut x111: fiat_p224_u1 = 0; - fiat_p224_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_p224_u1 = 0; - fiat_p224_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, (0x1 as u64)); + let mut x103: u64 = 0; + let mut x104: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0xffffffff00000000); + let mut x105: u64 = 0; + let mut x106: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u64(&mut x105, &mut x106, x104, x97, 0xffffffffffffffff); + let mut x107: u64 = 0; + let mut x108: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0xffffffff); + let mut x109: u64 = 0; + let mut x110: fiat_p224_u1 = 0; + fiat_p224_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_p224_u1 = 0; + fiat_p224_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_p224_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_p224_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_p224_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_p224_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_p224_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_p224_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_p224_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_p224_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_p224_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_p224_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_p224_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_p224_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_p224_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_p224_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_p224_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_p224_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_p224_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p256_32.rs b/fiat-rust/src/p256_32.rs index 5eb80994db..f2e707aefa 100644 --- a/fiat-rust/src/p256_32.rs +++ b/fiat-rust/src/p256_32.rs @@ -50,10 +50,9 @@ pub type fiat_p256_non_montgomery_domain_field_element = [u32; 8]; #[inline] pub fn fiat_p256_addcarryx_u32(out1: &mut u32, out2: &mut fiat_p256_u1, arg1: fiat_p256_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_p256_u1 = ((x1 >> 32) as fiat_p256_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p256_u1 = ((x1 >> 32) as fiat_p256_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p256_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p256_subborrowx_u32(out1: &mut u32, out2: &mut fiat_p256_u1, arg1: f #[inline] pub fn fiat_p256_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p256_cmovznz_u32 is a single-word conditional move. @@ -2270,7 +2268,7 @@ pub fn fiat_p256_sub(out1: &mut fiat_p256_montgomery_domain_field_element, arg1: fiat_p256_addcarryx_u32(&mut x28, &mut x29, x27, x11, (0x0 as u32)); let mut x30: u32 = 0; let mut x31: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x30, &mut x31, x29, x13, (((x17 & (0x1 as u32)) as fiat_p256_u1) as u32)); + fiat_p256_addcarryx_u32(&mut x30, &mut x31, x29, x13, ((x17 as fiat_p256_u1) as u32)); let mut x32: u32 = 0; let mut x33: fiat_p256_u1 = 0; fiat_p256_addcarryx_u32(&mut x32, &mut x33, x31, x15, x17); @@ -2340,7 +2338,7 @@ pub fn fiat_p256_opp(out1: &mut fiat_p256_montgomery_domain_field_element, arg1: fiat_p256_addcarryx_u32(&mut x28, &mut x29, x27, x11, (0x0 as u32)); let mut x30: u32 = 0; let mut x31: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x30, &mut x31, x29, x13, (((x17 & (0x1 as u32)) as fiat_p256_u1) as u32)); + fiat_p256_addcarryx_u32(&mut x30, &mut x31, x29, x13, ((x17 as fiat_p256_u1) as u32)); let mut x32: u32 = 0; let mut x33: fiat_p256_u1 = 0; fiat_p256_addcarryx_u32(&mut x32, &mut x33, x31, x15, x17); @@ -3853,86 +3851,62 @@ pub fn fiat_p256_to_bytes(out1: &mut [u8; 32], arg1: &[u32; 8]) -> () { let x6: u32 = (arg1[2]); let x7: u32 = (arg1[1]); let x8: u32 = (arg1[0]); - let x9: u8 = ((x8 & (0xff as u32)) as u8); - let x10: u32 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u32)) as u8); - let x12: u32 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u8 = ((x12 >> 8) as u8); - let x15: u8 = ((x7 & (0xff as u32)) as u8); - let x16: u32 = (x7 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u32 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u32)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x6 & (0xff as u32)) as u8); - let x22: u32 = (x6 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u32 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u32)) as u8); - let x26: u8 = ((x24 >> 8) as u8); - let x27: u8 = ((x5 & (0xff as u32)) as u8); - let x28: u32 = (x5 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u32 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u32)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x4 & (0xff as u32)) as u8); - let x34: u32 = (x4 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u32 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u32)) as u8); - let x38: u8 = ((x36 >> 8) as u8); - let x39: u8 = ((x3 & (0xff as u32)) as u8); - let x40: u32 = (x3 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u8 = ((x2 & (0xff as u32)) as u8); - let x46: u32 = (x2 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u32 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u32)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u8 = ((x1 & (0xff as u32)) as u8); - let x52: u32 = (x1 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u32 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u32)) as u8); - let x56: u8 = ((x54 >> 8) as u8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + let x9: u32 = (x8 >> 8); + let x10: u32 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u32 = (x7 >> 8); + let x13: u32 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u32 = (x6 >> 8); + let x16: u32 = (x15 >> 8); + let x17: u8 = ((x16 >> 8) as u8); + let x18: u32 = (x5 >> 8); + let x19: u32 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u32 = (x4 >> 8); + let x22: u32 = (x21 >> 8); + let x23: u8 = ((x22 >> 8) as u8); + let x24: u32 = (x3 >> 8); + let x25: u32 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u32 = (x2 >> 8); + let x28: u32 = (x27 >> 8); + let x29: u8 = ((x28 >> 8) as u8); + let x30: u32 = (x1 >> 8); + let x31: u32 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x9 as u8); + out1[2] = (x10 as u8); + out1[3] = x11; + out1[4] = (x7 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = x17; + out1[12] = (x5 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = x23; + out1[20] = (x3 as u8); + out1[21] = (x24 as u8); + out1[22] = (x25 as u8); + out1[23] = x26; + out1[24] = (x2 as u8); + out1[25] = (x27 as u8); + out1[26] = (x28 as u8); + out1[27] = x29; + out1[28] = (x1 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_p256_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4087,7 +4061,7 @@ pub fn fiat_p256_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut [u32; 9 let mut x1: u32 = 0; let mut x2: fiat_p256_u1 = 0; fiat_p256_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_p256_u1 = (((x1 >> 31) as fiat_p256_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_p256_u1)); + let x3: fiat_p256_u1 = (((x1 >> 31) as fiat_p256_u1) & ((arg3[0]) as fiat_p256_u1)); let mut x4: u32 = 0; let mut x5: fiat_p256_u1 = 0; fiat_p256_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -4277,7 +4251,7 @@ pub fn fiat_p256_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut [u32; 9 fiat_p256_addcarryx_u32(&mut x120, &mut x121, x119, x103, (0x0 as u32)); let mut x122: u32 = 0; let mut x123: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x122, &mut x123, x121, x105, (((x109 & (0x1 as u32)) as fiat_p256_u1) as u32)); + fiat_p256_addcarryx_u32(&mut x122, &mut x123, x121, x105, ((x109 as fiat_p256_u1) as u32)); let mut x124: u32 = 0; let mut x125: fiat_p256_u1 = 0; fiat_p256_addcarryx_u32(&mut x124, &mut x125, x123, x107, x109); @@ -4297,164 +4271,163 @@ pub fn fiat_p256_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut [u32; 9 fiat_p256_cmovznz_u32(&mut x132, x3, (arg5[6]), x122); let mut x133: u32 = 0; fiat_p256_cmovznz_u32(&mut x133, x3, (arg5[7]), x124); - let x134: fiat_p256_u1 = ((x34 & (0x1 as u32)) as fiat_p256_u1); + let mut x134: u32 = 0; + fiat_p256_cmovznz_u32(&mut x134, (x34 as fiat_p256_u1), (0x0 as u32), x7); let mut x135: u32 = 0; - fiat_p256_cmovznz_u32(&mut x135, x134, (0x0 as u32), x7); + fiat_p256_cmovznz_u32(&mut x135, (x34 as fiat_p256_u1), (0x0 as u32), x8); let mut x136: u32 = 0; - fiat_p256_cmovznz_u32(&mut x136, x134, (0x0 as u32), x8); + fiat_p256_cmovznz_u32(&mut x136, (x34 as fiat_p256_u1), (0x0 as u32), x9); let mut x137: u32 = 0; - fiat_p256_cmovznz_u32(&mut x137, x134, (0x0 as u32), x9); + fiat_p256_cmovznz_u32(&mut x137, (x34 as fiat_p256_u1), (0x0 as u32), x10); let mut x138: u32 = 0; - fiat_p256_cmovznz_u32(&mut x138, x134, (0x0 as u32), x10); + fiat_p256_cmovznz_u32(&mut x138, (x34 as fiat_p256_u1), (0x0 as u32), x11); let mut x139: u32 = 0; - fiat_p256_cmovznz_u32(&mut x139, x134, (0x0 as u32), x11); + fiat_p256_cmovznz_u32(&mut x139, (x34 as fiat_p256_u1), (0x0 as u32), x12); let mut x140: u32 = 0; - fiat_p256_cmovznz_u32(&mut x140, x134, (0x0 as u32), x12); + fiat_p256_cmovznz_u32(&mut x140, (x34 as fiat_p256_u1), (0x0 as u32), x13); let mut x141: u32 = 0; - fiat_p256_cmovznz_u32(&mut x141, x134, (0x0 as u32), x13); + fiat_p256_cmovznz_u32(&mut x141, (x34 as fiat_p256_u1), (0x0 as u32), x14); let mut x142: u32 = 0; - fiat_p256_cmovznz_u32(&mut x142, x134, (0x0 as u32), x14); + fiat_p256_cmovznz_u32(&mut x142, (x34 as fiat_p256_u1), (0x0 as u32), x15); let mut x143: u32 = 0; - fiat_p256_cmovznz_u32(&mut x143, x134, (0x0 as u32), x15); - let mut x144: u32 = 0; - let mut x145: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x144, &mut x145, 0x0, x34, x135); - let mut x146: u32 = 0; - let mut x147: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x146, &mut x147, x145, x35, x136); - let mut x148: u32 = 0; - let mut x149: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x148, &mut x149, x147, x36, x137); - let mut x150: u32 = 0; - let mut x151: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x150, &mut x151, x149, x37, x138); - let mut x152: u32 = 0; - let mut x153: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x152, &mut x153, x151, x38, x139); - let mut x154: u32 = 0; - let mut x155: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x154, &mut x155, x153, x39, x140); - let mut x156: u32 = 0; - let mut x157: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x156, &mut x157, x155, x40, x141); - let mut x158: u32 = 0; - let mut x159: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x158, &mut x159, x157, x41, x142); - let mut x160: u32 = 0; - let mut x161: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x160, &mut x161, x159, x42, x143); + let mut x144: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x143, &mut x144, 0x0, x34, x134); + let mut x145: u32 = 0; + let mut x146: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x145, &mut x146, x144, x35, x135); + let mut x147: u32 = 0; + let mut x148: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x147, &mut x148, x146, x36, x136); + let mut x149: u32 = 0; + let mut x150: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x149, &mut x150, x148, x37, x137); + let mut x151: u32 = 0; + let mut x152: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x151, &mut x152, x150, x38, x138); + let mut x153: u32 = 0; + let mut x154: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x153, &mut x154, x152, x39, x139); + let mut x155: u32 = 0; + let mut x156: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x155, &mut x156, x154, x40, x140); + let mut x157: u32 = 0; + let mut x158: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x157, &mut x158, x156, x41, x141); + let mut x159: u32 = 0; + let mut x160: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x159, &mut x160, x158, x42, x142); + let mut x161: u32 = 0; + fiat_p256_cmovznz_u32(&mut x161, (x34 as fiat_p256_u1), (0x0 as u32), x43); let mut x162: u32 = 0; - fiat_p256_cmovznz_u32(&mut x162, x134, (0x0 as u32), x43); + fiat_p256_cmovznz_u32(&mut x162, (x34 as fiat_p256_u1), (0x0 as u32), x44); let mut x163: u32 = 0; - fiat_p256_cmovznz_u32(&mut x163, x134, (0x0 as u32), x44); + fiat_p256_cmovznz_u32(&mut x163, (x34 as fiat_p256_u1), (0x0 as u32), x45); let mut x164: u32 = 0; - fiat_p256_cmovznz_u32(&mut x164, x134, (0x0 as u32), x45); + fiat_p256_cmovznz_u32(&mut x164, (x34 as fiat_p256_u1), (0x0 as u32), x46); let mut x165: u32 = 0; - fiat_p256_cmovznz_u32(&mut x165, x134, (0x0 as u32), x46); + fiat_p256_cmovznz_u32(&mut x165, (x34 as fiat_p256_u1), (0x0 as u32), x47); let mut x166: u32 = 0; - fiat_p256_cmovznz_u32(&mut x166, x134, (0x0 as u32), x47); + fiat_p256_cmovznz_u32(&mut x166, (x34 as fiat_p256_u1), (0x0 as u32), x48); let mut x167: u32 = 0; - fiat_p256_cmovznz_u32(&mut x167, x134, (0x0 as u32), x48); + fiat_p256_cmovznz_u32(&mut x167, (x34 as fiat_p256_u1), (0x0 as u32), x49); let mut x168: u32 = 0; - fiat_p256_cmovznz_u32(&mut x168, x134, (0x0 as u32), x49); + fiat_p256_cmovznz_u32(&mut x168, (x34 as fiat_p256_u1), (0x0 as u32), x50); let mut x169: u32 = 0; - fiat_p256_cmovznz_u32(&mut x169, x134, (0x0 as u32), x50); - let mut x170: u32 = 0; - let mut x171: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x170, &mut x171, 0x0, x126, x162); - let mut x172: u32 = 0; - let mut x173: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x172, &mut x173, x171, x127, x163); - let mut x174: u32 = 0; - let mut x175: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x174, &mut x175, x173, x128, x164); - let mut x176: u32 = 0; - let mut x177: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x176, &mut x177, x175, x129, x165); - let mut x178: u32 = 0; - let mut x179: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x178, &mut x179, x177, x130, x166); - let mut x180: u32 = 0; - let mut x181: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x180, &mut x181, x179, x131, x167); - let mut x182: u32 = 0; - let mut x183: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x182, &mut x183, x181, x132, x168); - let mut x184: u32 = 0; - let mut x185: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x184, &mut x185, x183, x133, x169); - let mut x186: u32 = 0; - let mut x187: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x186, &mut x187, 0x0, x170, 0xffffffff); - let mut x188: u32 = 0; - let mut x189: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x188, &mut x189, x187, x172, 0xffffffff); - let mut x190: u32 = 0; - let mut x191: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x190, &mut x191, x189, x174, 0xffffffff); - let mut x192: u32 = 0; - let mut x193: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x192, &mut x193, x191, x176, (0x0 as u32)); - let mut x194: u32 = 0; - let mut x195: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x194, &mut x195, x193, x178, (0x0 as u32)); - let mut x196: u32 = 0; - let mut x197: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x196, &mut x197, x195, x180, (0x0 as u32)); - let mut x198: u32 = 0; - let mut x199: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x198, &mut x199, x197, x182, (0x1 as u32)); - let mut x200: u32 = 0; - let mut x201: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x200, &mut x201, x199, x184, 0xffffffff); - let mut x202: u32 = 0; - let mut x203: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u32(&mut x202, &mut x203, x201, (x185 as u32), (0x0 as u32)); - let mut x204: u32 = 0; - let mut x205: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u32(&mut x204, &mut x205, 0x0, x6, (0x1 as u32)); - let x206: u32 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - let x207: u32 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - let x208: u32 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - let x209: u32 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - let x210: u32 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - let x211: u32 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - let x212: u32 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - let x213: u32 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - let x214: u32 = ((x160 & 0x80000000) | (x160 >> 1)); + let mut x170: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x169, &mut x170, 0x0, x126, x161); + let mut x171: u32 = 0; + let mut x172: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x171, &mut x172, x170, x127, x162); + let mut x173: u32 = 0; + let mut x174: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x173, &mut x174, x172, x128, x163); + let mut x175: u32 = 0; + let mut x176: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x175, &mut x176, x174, x129, x164); + let mut x177: u32 = 0; + let mut x178: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x177, &mut x178, x176, x130, x165); + let mut x179: u32 = 0; + let mut x180: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x179, &mut x180, x178, x131, x166); + let mut x181: u32 = 0; + let mut x182: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x181, &mut x182, x180, x132, x167); + let mut x183: u32 = 0; + let mut x184: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x183, &mut x184, x182, x133, x168); + let mut x185: u32 = 0; + let mut x186: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x185, &mut x186, 0x0, x169, 0xffffffff); + let mut x187: u32 = 0; + let mut x188: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x187, &mut x188, x186, x171, 0xffffffff); + let mut x189: u32 = 0; + let mut x190: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x189, &mut x190, x188, x173, 0xffffffff); + let mut x191: u32 = 0; + let mut x192: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x191, &mut x192, x190, x175, (0x0 as u32)); + let mut x193: u32 = 0; + let mut x194: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x193, &mut x194, x192, x177, (0x0 as u32)); + let mut x195: u32 = 0; + let mut x196: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x195, &mut x196, x194, x179, (0x0 as u32)); + let mut x197: u32 = 0; + let mut x198: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x197, &mut x198, x196, x181, (0x1 as u32)); + let mut x199: u32 = 0; + let mut x200: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x199, &mut x200, x198, x183, 0xffffffff); + let mut x201: u32 = 0; + let mut x202: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u32(&mut x201, &mut x202, x200, (x184 as u32), (0x0 as u32)); + let mut x203: u32 = 0; + let mut x204: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u32(&mut x203, &mut x204, 0x0, x6, (0x1 as u32)); + let x205: u32 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + let x206: u32 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + let x207: u32 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + let x208: u32 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + let x209: u32 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + let x210: u32 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + let x211: u32 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + let x212: u32 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + let x213: u32 = ((x159 & 0x80000000) | (x159 >> 1)); + let mut x214: u32 = 0; + fiat_p256_cmovznz_u32(&mut x214, x84, x67, x51); let mut x215: u32 = 0; - fiat_p256_cmovznz_u32(&mut x215, x84, x67, x51); + fiat_p256_cmovznz_u32(&mut x215, x84, x69, x53); let mut x216: u32 = 0; - fiat_p256_cmovznz_u32(&mut x216, x84, x69, x53); + fiat_p256_cmovznz_u32(&mut x216, x84, x71, x55); let mut x217: u32 = 0; - fiat_p256_cmovznz_u32(&mut x217, x84, x71, x55); + fiat_p256_cmovznz_u32(&mut x217, x84, x73, x57); let mut x218: u32 = 0; - fiat_p256_cmovznz_u32(&mut x218, x84, x73, x57); + fiat_p256_cmovznz_u32(&mut x218, x84, x75, x59); let mut x219: u32 = 0; - fiat_p256_cmovznz_u32(&mut x219, x84, x75, x59); + fiat_p256_cmovznz_u32(&mut x219, x84, x77, x61); let mut x220: u32 = 0; - fiat_p256_cmovznz_u32(&mut x220, x84, x77, x61); + fiat_p256_cmovznz_u32(&mut x220, x84, x79, x63); let mut x221: u32 = 0; - fiat_p256_cmovznz_u32(&mut x221, x84, x79, x63); + fiat_p256_cmovznz_u32(&mut x221, x84, x81, x65); let mut x222: u32 = 0; - fiat_p256_cmovznz_u32(&mut x222, x84, x81, x65); + fiat_p256_cmovznz_u32(&mut x222, x202, x185, x169); let mut x223: u32 = 0; - fiat_p256_cmovznz_u32(&mut x223, x203, x186, x170); + fiat_p256_cmovznz_u32(&mut x223, x202, x187, x171); let mut x224: u32 = 0; - fiat_p256_cmovznz_u32(&mut x224, x203, x188, x172); + fiat_p256_cmovznz_u32(&mut x224, x202, x189, x173); let mut x225: u32 = 0; - fiat_p256_cmovznz_u32(&mut x225, x203, x190, x174); + fiat_p256_cmovznz_u32(&mut x225, x202, x191, x175); let mut x226: u32 = 0; - fiat_p256_cmovznz_u32(&mut x226, x203, x192, x176); + fiat_p256_cmovznz_u32(&mut x226, x202, x193, x177); let mut x227: u32 = 0; - fiat_p256_cmovznz_u32(&mut x227, x203, x194, x178); + fiat_p256_cmovznz_u32(&mut x227, x202, x195, x179); let mut x228: u32 = 0; - fiat_p256_cmovznz_u32(&mut x228, x203, x196, x180); + fiat_p256_cmovznz_u32(&mut x228, x202, x197, x181); let mut x229: u32 = 0; - fiat_p256_cmovznz_u32(&mut x229, x203, x198, x182); - let mut x230: u32 = 0; - fiat_p256_cmovznz_u32(&mut x230, x203, x200, x184); - *out1 = x204; + fiat_p256_cmovznz_u32(&mut x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4464,31 +4437,31 @@ pub fn fiat_p256_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut [u32; 9 out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function fiat_p256_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p256_64.rs b/fiat-rust/src/p256_64.rs index 0a3c6fb843..4ec6bd3dae 100644 --- a/fiat-rust/src/p256_64.rs +++ b/fiat-rust/src/p256_64.rs @@ -50,10 +50,9 @@ pub type fiat_p256_non_montgomery_domain_field_element = [u64; 4]; #[inline] pub fn fiat_p256_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p256_u1, arg1: fiat_p256_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p256_u1 = ((x1 >> 64) as fiat_p256_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p256_u1 = ((x1 >> 64) as fiat_p256_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p256_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p256_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p256_u1, arg1: f #[inline] pub fn fiat_p256_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p256_cmovznz_u64 is a single-word conditional move. @@ -1322,94 +1320,66 @@ pub fn fiat_p256_to_bytes(out1: &mut [u8; 32], arg1: &[u64; 4]) -> () { let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = (x28 as u8); + out1[28] = (x29 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_p256_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1556,7 +1526,7 @@ pub fn fiat_p256_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut [u64; 5 let mut x1: u64 = 0; let mut x2: fiat_p256_u1 = 0; fiat_p256_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p256_u1 = (((x1 >> 63) as fiat_p256_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p256_u1)); + let x3: fiat_p256_u1 = (((x1 >> 63) as fiat_p256_u1) & ((arg3[0]) as fiat_p256_u1)); let mut x4: u64 = 0; let mut x5: fiat_p256_u1 = 0; fiat_p256_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1670,110 +1640,109 @@ pub fn fiat_p256_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut [u64; 5 fiat_p256_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_p256_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_p256_u1 = ((x22 & (0x1 as u64)) as fiat_p256_u1); + let mut x74: u64 = 0; + fiat_p256_cmovznz_u64(&mut x74, (x22 as fiat_p256_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_p256_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_p256_cmovznz_u64(&mut x75, (x22 as fiat_p256_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_p256_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_p256_cmovznz_u64(&mut x76, (x22 as fiat_p256_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_p256_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_p256_cmovznz_u64(&mut x77, (x22 as fiat_p256_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_p256_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_p256_cmovznz_u64(&mut x78, (x22 as fiat_p256_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_p256_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_p256_cmovznz_u64(&mut x89, (x22 as fiat_p256_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_p256_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_p256_cmovznz_u64(&mut x90, (x22 as fiat_p256_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_p256_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_p256_cmovznz_u64(&mut x91, (x22 as fiat_p256_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_p256_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_p256_cmovznz_u64(&mut x92, (x22 as fiat_p256_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_p256_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, 0xffffffffffffffff); - let mut x104: u64 = 0; - let mut x105: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0xffffffff); - let mut x106: u64 = 0; - let mut x107: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u64(&mut x106, &mut x107, x105, x98, (0x0 as u64)); - let mut x108: u64 = 0; - let mut x109: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0xffffffff00000001); - let mut x110: u64 = 0; - let mut x111: fiat_p256_u1 = 0; - fiat_p256_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_p256_u1 = 0; - fiat_p256_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, 0xffffffffffffffff); + let mut x103: u64 = 0; + let mut x104: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0xffffffff); + let mut x105: u64 = 0; + let mut x106: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u64(&mut x105, &mut x106, x104, x97, (0x0 as u64)); + let mut x107: u64 = 0; + let mut x108: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0xffffffff00000001); + let mut x109: u64 = 0; + let mut x110: fiat_p256_u1 = 0; + fiat_p256_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_p256_u1 = 0; + fiat_p256_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_p256_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_p256_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_p256_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_p256_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_p256_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_p256_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_p256_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_p256_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_p256_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_p256_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_p256_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_p256_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_p256_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_p256_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_p256_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_p256_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_p256_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p256_scalar_32.rs b/fiat-rust/src/p256_scalar_32.rs index 4028e42edc..73f6a58808 100644 --- a/fiat-rust/src/p256_scalar_32.rs +++ b/fiat-rust/src/p256_scalar_32.rs @@ -50,10 +50,9 @@ pub type fiat_p256_scalar_non_montgomery_domain_field_element = [u32; 8]; #[inline] pub fn fiat_p256_scalar_addcarryx_u32(out1: &mut u32, out2: &mut fiat_p256_scalar_u1, arg1: fiat_p256_scalar_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_p256_scalar_u1 = ((x1 >> 32) as fiat_p256_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p256_scalar_u1 = ((x1 >> 32) as fiat_p256_scalar_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p256_scalar_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p256_scalar_subborrowx_u32(out1: &mut u32, out2: &mut fiat_p256_scal #[inline] pub fn fiat_p256_scalar_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p256_scalar_cmovznz_u32 is a single-word conditional move. @@ -4651,86 +4649,62 @@ pub fn fiat_p256_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u32; 8]) -> () { let x6: u32 = (arg1[2]); let x7: u32 = (arg1[1]); let x8: u32 = (arg1[0]); - let x9: u8 = ((x8 & (0xff as u32)) as u8); - let x10: u32 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u32)) as u8); - let x12: u32 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u8 = ((x12 >> 8) as u8); - let x15: u8 = ((x7 & (0xff as u32)) as u8); - let x16: u32 = (x7 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u32 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u32)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x6 & (0xff as u32)) as u8); - let x22: u32 = (x6 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u32 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u32)) as u8); - let x26: u8 = ((x24 >> 8) as u8); - let x27: u8 = ((x5 & (0xff as u32)) as u8); - let x28: u32 = (x5 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u32 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u32)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x4 & (0xff as u32)) as u8); - let x34: u32 = (x4 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u32 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u32)) as u8); - let x38: u8 = ((x36 >> 8) as u8); - let x39: u8 = ((x3 & (0xff as u32)) as u8); - let x40: u32 = (x3 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u8 = ((x2 & (0xff as u32)) as u8); - let x46: u32 = (x2 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u32 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u32)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u8 = ((x1 & (0xff as u32)) as u8); - let x52: u32 = (x1 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u32 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u32)) as u8); - let x56: u8 = ((x54 >> 8) as u8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + let x9: u32 = (x8 >> 8); + let x10: u32 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u32 = (x7 >> 8); + let x13: u32 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u32 = (x6 >> 8); + let x16: u32 = (x15 >> 8); + let x17: u8 = ((x16 >> 8) as u8); + let x18: u32 = (x5 >> 8); + let x19: u32 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u32 = (x4 >> 8); + let x22: u32 = (x21 >> 8); + let x23: u8 = ((x22 >> 8) as u8); + let x24: u32 = (x3 >> 8); + let x25: u32 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u32 = (x2 >> 8); + let x28: u32 = (x27 >> 8); + let x29: u8 = ((x28 >> 8) as u8); + let x30: u32 = (x1 >> 8); + let x31: u32 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x9 as u8); + out1[2] = (x10 as u8); + out1[3] = x11; + out1[4] = (x7 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = x17; + out1[12] = (x5 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = x23; + out1[20] = (x3 as u8); + out1[21] = (x24 as u8); + out1[22] = (x25 as u8); + out1[23] = x26; + out1[24] = (x2 as u8); + out1[25] = (x27 as u8); + out1[26] = (x28 as u8); + out1[27] = x29; + out1[28] = (x1 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_p256_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4885,7 +4859,7 @@ pub fn fiat_p256_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut let mut x1: u32 = 0; let mut x2: fiat_p256_scalar_u1 = 0; fiat_p256_scalar_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_p256_scalar_u1 = (((x1 >> 31) as fiat_p256_scalar_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_p256_scalar_u1)); + let x3: fiat_p256_scalar_u1 = (((x1 >> 31) as fiat_p256_scalar_u1) & ((arg3[0]) as fiat_p256_scalar_u1)); let mut x4: u32 = 0; let mut x5: fiat_p256_scalar_u1 = 0; fiat_p256_scalar_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -5095,164 +5069,163 @@ pub fn fiat_p256_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut fiat_p256_scalar_cmovznz_u32(&mut x132, x3, (arg5[6]), x122); let mut x133: u32 = 0; fiat_p256_scalar_cmovznz_u32(&mut x133, x3, (arg5[7]), x124); - let x134: fiat_p256_scalar_u1 = ((x34 & (0x1 as u32)) as fiat_p256_scalar_u1); + let mut x134: u32 = 0; + fiat_p256_scalar_cmovznz_u32(&mut x134, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x7); let mut x135: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x135, x134, (0x0 as u32), x7); + fiat_p256_scalar_cmovznz_u32(&mut x135, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x8); let mut x136: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x136, x134, (0x0 as u32), x8); + fiat_p256_scalar_cmovznz_u32(&mut x136, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x9); let mut x137: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x137, x134, (0x0 as u32), x9); + fiat_p256_scalar_cmovznz_u32(&mut x137, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x10); let mut x138: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x138, x134, (0x0 as u32), x10); + fiat_p256_scalar_cmovznz_u32(&mut x138, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x11); let mut x139: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x139, x134, (0x0 as u32), x11); + fiat_p256_scalar_cmovznz_u32(&mut x139, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x12); let mut x140: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x140, x134, (0x0 as u32), x12); + fiat_p256_scalar_cmovznz_u32(&mut x140, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x13); let mut x141: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x141, x134, (0x0 as u32), x13); + fiat_p256_scalar_cmovznz_u32(&mut x141, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x14); let mut x142: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x142, x134, (0x0 as u32), x14); + fiat_p256_scalar_cmovznz_u32(&mut x142, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x15); let mut x143: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x143, x134, (0x0 as u32), x15); - let mut x144: u32 = 0; - let mut x145: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x144, &mut x145, 0x0, x34, x135); - let mut x146: u32 = 0; - let mut x147: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x146, &mut x147, x145, x35, x136); - let mut x148: u32 = 0; - let mut x149: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x148, &mut x149, x147, x36, x137); - let mut x150: u32 = 0; - let mut x151: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x150, &mut x151, x149, x37, x138); - let mut x152: u32 = 0; - let mut x153: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x152, &mut x153, x151, x38, x139); - let mut x154: u32 = 0; - let mut x155: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x154, &mut x155, x153, x39, x140); - let mut x156: u32 = 0; - let mut x157: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x156, &mut x157, x155, x40, x141); - let mut x158: u32 = 0; - let mut x159: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x158, &mut x159, x157, x41, x142); - let mut x160: u32 = 0; - let mut x161: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x160, &mut x161, x159, x42, x143); + let mut x144: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x143, &mut x144, 0x0, x34, x134); + let mut x145: u32 = 0; + let mut x146: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x145, &mut x146, x144, x35, x135); + let mut x147: u32 = 0; + let mut x148: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x147, &mut x148, x146, x36, x136); + let mut x149: u32 = 0; + let mut x150: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x149, &mut x150, x148, x37, x137); + let mut x151: u32 = 0; + let mut x152: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x151, &mut x152, x150, x38, x138); + let mut x153: u32 = 0; + let mut x154: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x153, &mut x154, x152, x39, x139); + let mut x155: u32 = 0; + let mut x156: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x155, &mut x156, x154, x40, x140); + let mut x157: u32 = 0; + let mut x158: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x157, &mut x158, x156, x41, x141); + let mut x159: u32 = 0; + let mut x160: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x159, &mut x160, x158, x42, x142); + let mut x161: u32 = 0; + fiat_p256_scalar_cmovznz_u32(&mut x161, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x43); let mut x162: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x162, x134, (0x0 as u32), x43); + fiat_p256_scalar_cmovznz_u32(&mut x162, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x44); let mut x163: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x163, x134, (0x0 as u32), x44); + fiat_p256_scalar_cmovznz_u32(&mut x163, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x45); let mut x164: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x164, x134, (0x0 as u32), x45); + fiat_p256_scalar_cmovznz_u32(&mut x164, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x46); let mut x165: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x165, x134, (0x0 as u32), x46); + fiat_p256_scalar_cmovznz_u32(&mut x165, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x47); let mut x166: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x166, x134, (0x0 as u32), x47); + fiat_p256_scalar_cmovznz_u32(&mut x166, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x48); let mut x167: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x167, x134, (0x0 as u32), x48); + fiat_p256_scalar_cmovznz_u32(&mut x167, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x49); let mut x168: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x168, x134, (0x0 as u32), x49); + fiat_p256_scalar_cmovznz_u32(&mut x168, (x34 as fiat_p256_scalar_u1), (0x0 as u32), x50); let mut x169: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x169, x134, (0x0 as u32), x50); - let mut x170: u32 = 0; - let mut x171: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x170, &mut x171, 0x0, x126, x162); - let mut x172: u32 = 0; - let mut x173: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x172, &mut x173, x171, x127, x163); - let mut x174: u32 = 0; - let mut x175: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x174, &mut x175, x173, x128, x164); - let mut x176: u32 = 0; - let mut x177: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x176, &mut x177, x175, x129, x165); - let mut x178: u32 = 0; - let mut x179: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x178, &mut x179, x177, x130, x166); - let mut x180: u32 = 0; - let mut x181: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x180, &mut x181, x179, x131, x167); - let mut x182: u32 = 0; - let mut x183: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x182, &mut x183, x181, x132, x168); - let mut x184: u32 = 0; - let mut x185: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x184, &mut x185, x183, x133, x169); - let mut x186: u32 = 0; - let mut x187: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x186, &mut x187, 0x0, x170, 0xfc632551); - let mut x188: u32 = 0; - let mut x189: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x188, &mut x189, x187, x172, 0xf3b9cac2); - let mut x190: u32 = 0; - let mut x191: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x190, &mut x191, x189, x174, 0xa7179e84); - let mut x192: u32 = 0; - let mut x193: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x192, &mut x193, x191, x176, 0xbce6faad); - let mut x194: u32 = 0; - let mut x195: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x194, &mut x195, x193, x178, 0xffffffff); - let mut x196: u32 = 0; - let mut x197: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x196, &mut x197, x195, x180, 0xffffffff); - let mut x198: u32 = 0; - let mut x199: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x198, &mut x199, x197, x182, (0x0 as u32)); - let mut x200: u32 = 0; - let mut x201: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x200, &mut x201, x199, x184, 0xffffffff); - let mut x202: u32 = 0; - let mut x203: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u32(&mut x202, &mut x203, x201, (x185 as u32), (0x0 as u32)); - let mut x204: u32 = 0; - let mut x205: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u32(&mut x204, &mut x205, 0x0, x6, (0x1 as u32)); - let x206: u32 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - let x207: u32 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - let x208: u32 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - let x209: u32 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - let x210: u32 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - let x211: u32 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - let x212: u32 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - let x213: u32 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - let x214: u32 = ((x160 & 0x80000000) | (x160 >> 1)); + let mut x170: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x169, &mut x170, 0x0, x126, x161); + let mut x171: u32 = 0; + let mut x172: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x171, &mut x172, x170, x127, x162); + let mut x173: u32 = 0; + let mut x174: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x173, &mut x174, x172, x128, x163); + let mut x175: u32 = 0; + let mut x176: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x175, &mut x176, x174, x129, x164); + let mut x177: u32 = 0; + let mut x178: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x177, &mut x178, x176, x130, x165); + let mut x179: u32 = 0; + let mut x180: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x179, &mut x180, x178, x131, x166); + let mut x181: u32 = 0; + let mut x182: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x181, &mut x182, x180, x132, x167); + let mut x183: u32 = 0; + let mut x184: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x183, &mut x184, x182, x133, x168); + let mut x185: u32 = 0; + let mut x186: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x185, &mut x186, 0x0, x169, 0xfc632551); + let mut x187: u32 = 0; + let mut x188: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x187, &mut x188, x186, x171, 0xf3b9cac2); + let mut x189: u32 = 0; + let mut x190: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x189, &mut x190, x188, x173, 0xa7179e84); + let mut x191: u32 = 0; + let mut x192: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x191, &mut x192, x190, x175, 0xbce6faad); + let mut x193: u32 = 0; + let mut x194: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x193, &mut x194, x192, x177, 0xffffffff); + let mut x195: u32 = 0; + let mut x196: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x195, &mut x196, x194, x179, 0xffffffff); + let mut x197: u32 = 0; + let mut x198: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x197, &mut x198, x196, x181, (0x0 as u32)); + let mut x199: u32 = 0; + let mut x200: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x199, &mut x200, x198, x183, 0xffffffff); + let mut x201: u32 = 0; + let mut x202: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u32(&mut x201, &mut x202, x200, (x184 as u32), (0x0 as u32)); + let mut x203: u32 = 0; + let mut x204: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u32(&mut x203, &mut x204, 0x0, x6, (0x1 as u32)); + let x205: u32 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + let x206: u32 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + let x207: u32 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + let x208: u32 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + let x209: u32 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + let x210: u32 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + let x211: u32 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + let x212: u32 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + let x213: u32 = ((x159 & 0x80000000) | (x159 >> 1)); + let mut x214: u32 = 0; + fiat_p256_scalar_cmovznz_u32(&mut x214, x84, x67, x51); let mut x215: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x215, x84, x67, x51); + fiat_p256_scalar_cmovznz_u32(&mut x215, x84, x69, x53); let mut x216: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x216, x84, x69, x53); + fiat_p256_scalar_cmovznz_u32(&mut x216, x84, x71, x55); let mut x217: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x217, x84, x71, x55); + fiat_p256_scalar_cmovznz_u32(&mut x217, x84, x73, x57); let mut x218: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x218, x84, x73, x57); + fiat_p256_scalar_cmovznz_u32(&mut x218, x84, x75, x59); let mut x219: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x219, x84, x75, x59); + fiat_p256_scalar_cmovznz_u32(&mut x219, x84, x77, x61); let mut x220: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x220, x84, x77, x61); + fiat_p256_scalar_cmovznz_u32(&mut x220, x84, x79, x63); let mut x221: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x221, x84, x79, x63); + fiat_p256_scalar_cmovznz_u32(&mut x221, x84, x81, x65); let mut x222: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x222, x84, x81, x65); + fiat_p256_scalar_cmovznz_u32(&mut x222, x202, x185, x169); let mut x223: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x223, x203, x186, x170); + fiat_p256_scalar_cmovznz_u32(&mut x223, x202, x187, x171); let mut x224: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x224, x203, x188, x172); + fiat_p256_scalar_cmovznz_u32(&mut x224, x202, x189, x173); let mut x225: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x225, x203, x190, x174); + fiat_p256_scalar_cmovznz_u32(&mut x225, x202, x191, x175); let mut x226: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x226, x203, x192, x176); + fiat_p256_scalar_cmovznz_u32(&mut x226, x202, x193, x177); let mut x227: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x227, x203, x194, x178); + fiat_p256_scalar_cmovznz_u32(&mut x227, x202, x195, x179); let mut x228: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x228, x203, x196, x180); + fiat_p256_scalar_cmovznz_u32(&mut x228, x202, x197, x181); let mut x229: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x229, x203, x198, x182); - let mut x230: u32 = 0; - fiat_p256_scalar_cmovznz_u32(&mut x230, x203, x200, x184); - *out1 = x204; + fiat_p256_scalar_cmovznz_u32(&mut x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5262,31 +5235,31 @@ pub fn fiat_p256_scalar_divstep(out1: &mut u32, out2: &mut [u32; 9], out3: &mut out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function fiat_p256_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p256_scalar_64.rs b/fiat-rust/src/p256_scalar_64.rs index 3467605c99..6b434c44a4 100644 --- a/fiat-rust/src/p256_scalar_64.rs +++ b/fiat-rust/src/p256_scalar_64.rs @@ -50,10 +50,9 @@ pub type fiat_p256_scalar_non_montgomery_domain_field_element = [u64; 4]; #[inline] pub fn fiat_p256_scalar_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p256_scalar_u1, arg1: fiat_p256_scalar_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p256_scalar_u1 = ((x1 >> 64) as fiat_p256_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p256_scalar_u1 = ((x1 >> 64) as fiat_p256_scalar_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p256_scalar_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p256_scalar_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p256_scal #[inline] pub fn fiat_p256_scalar_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p256_scalar_cmovznz_u64 is a single-word conditional move. @@ -1526,94 +1524,66 @@ pub fn fiat_p256_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u64; 4]) -> () { let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = (x28 as u8); + out1[28] = (x29 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_p256_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1760,7 +1730,7 @@ pub fn fiat_p256_scalar_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut let mut x1: u64 = 0; let mut x2: fiat_p256_scalar_u1 = 0; fiat_p256_scalar_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p256_scalar_u1 = (((x1 >> 63) as fiat_p256_scalar_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p256_scalar_u1)); + let x3: fiat_p256_scalar_u1 = (((x1 >> 63) as fiat_p256_scalar_u1) & ((arg3[0]) as fiat_p256_scalar_u1)); let mut x4: u64 = 0; let mut x5: fiat_p256_scalar_u1 = 0; fiat_p256_scalar_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1874,110 +1844,109 @@ pub fn fiat_p256_scalar_divstep(out1: &mut u64, out2: &mut [u64; 5], out3: &mut fiat_p256_scalar_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_p256_scalar_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_p256_scalar_u1 = ((x22 & (0x1 as u64)) as fiat_p256_scalar_u1); + let mut x74: u64 = 0; + fiat_p256_scalar_cmovznz_u64(&mut x74, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_p256_scalar_cmovznz_u64(&mut x75, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_p256_scalar_cmovznz_u64(&mut x76, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_p256_scalar_cmovznz_u64(&mut x77, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_p256_scalar_cmovznz_u64(&mut x78, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_p256_scalar_cmovznz_u64(&mut x89, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_p256_scalar_cmovznz_u64(&mut x90, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_p256_scalar_cmovznz_u64(&mut x91, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_p256_scalar_cmovznz_u64(&mut x92, (x22 as fiat_p256_scalar_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, 0xf3b9cac2fc632551); - let mut x104: u64 = 0; - let mut x105: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0xbce6faada7179e84); - let mut x106: u64 = 0; - let mut x107: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u64(&mut x106, &mut x107, x105, x98, 0xffffffffffffffff); - let mut x108: u64 = 0; - let mut x109: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0xffffffff00000000); - let mut x110: u64 = 0; - let mut x111: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_p256_scalar_u1 = 0; - fiat_p256_scalar_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, 0xf3b9cac2fc632551); + let mut x103: u64 = 0; + let mut x104: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0xbce6faada7179e84); + let mut x105: u64 = 0; + let mut x106: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u64(&mut x105, &mut x106, x104, x97, 0xffffffffffffffff); + let mut x107: u64 = 0; + let mut x108: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0xffffffff00000000); + let mut x109: u64 = 0; + let mut x110: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_p256_scalar_u1 = 0; + fiat_p256_scalar_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_p256_scalar_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_p256_scalar_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_p256_scalar_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_p256_scalar_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_p256_scalar_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_p256_scalar_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_p256_scalar_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_p256_scalar_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_p256_scalar_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_p256_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p384_32.rs b/fiat-rust/src/p384_32.rs index 8160e28ea9..83729fd5f4 100644 --- a/fiat-rust/src/p384_32.rs +++ b/fiat-rust/src/p384_32.rs @@ -50,10 +50,9 @@ pub type fiat_p384_non_montgomery_domain_field_element = [u32; 12]; #[inline] pub fn fiat_p384_addcarryx_u32(out1: &mut u32, out2: &mut fiat_p384_u1, arg1: fiat_p384_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_p384_u1 = ((x1 >> 32) as fiat_p384_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p384_u1 = ((x1 >> 32) as fiat_p384_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p384_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p384_subborrowx_u32(out1: &mut u32, out2: &mut fiat_p384_u1, arg1: f #[inline] pub fn fiat_p384_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p384_cmovznz_u32 is a single-word conditional move. @@ -8866,126 +8864,90 @@ pub fn fiat_p384_to_bytes(out1: &mut [u8; 48], arg1: &[u32; 12]) -> () { let x10: u32 = (arg1[2]); let x11: u32 = (arg1[1]); let x12: u32 = (arg1[0]); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u32 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u32)) as u8); - let x16: u32 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x11 & (0xff as u32)) as u8); - let x20: u32 = (x11 >> 8); - let x21: u8 = ((x20 & (0xff as u32)) as u8); - let x22: u32 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u8 = ((x22 >> 8) as u8); - let x25: u8 = ((x10 & (0xff as u32)) as u8); - let x26: u32 = (x10 >> 8); - let x27: u8 = ((x26 & (0xff as u32)) as u8); - let x28: u32 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u8 = ((x28 >> 8) as u8); - let x31: u8 = ((x9 & (0xff as u32)) as u8); - let x32: u32 = (x9 >> 8); - let x33: u8 = ((x32 & (0xff as u32)) as u8); - let x34: u32 = (x32 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u8 = ((x34 >> 8) as u8); - let x37: u8 = ((x8 & (0xff as u32)) as u8); - let x38: u32 = (x8 >> 8); - let x39: u8 = ((x38 & (0xff as u32)) as u8); - let x40: u32 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u8 = ((x40 >> 8) as u8); - let x43: u8 = ((x7 & (0xff as u32)) as u8); - let x44: u32 = (x7 >> 8); - let x45: u8 = ((x44 & (0xff as u32)) as u8); - let x46: u32 = (x44 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u8 = ((x46 >> 8) as u8); - let x49: u8 = ((x6 & (0xff as u32)) as u8); - let x50: u32 = (x6 >> 8); - let x51: u8 = ((x50 & (0xff as u32)) as u8); - let x52: u32 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u8 = ((x52 >> 8) as u8); - let x55: u8 = ((x5 & (0xff as u32)) as u8); - let x56: u32 = (x5 >> 8); - let x57: u8 = ((x56 & (0xff as u32)) as u8); - let x58: u32 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u32)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - let x61: u8 = ((x4 & (0xff as u32)) as u8); - let x62: u32 = (x4 >> 8); - let x63: u8 = ((x62 & (0xff as u32)) as u8); - let x64: u32 = (x62 >> 8); - let x65: u8 = ((x64 & (0xff as u32)) as u8); - let x66: u8 = ((x64 >> 8) as u8); - let x67: u8 = ((x3 & (0xff as u32)) as u8); - let x68: u32 = (x3 >> 8); - let x69: u8 = ((x68 & (0xff as u32)) as u8); - let x70: u32 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u32)) as u8); - let x72: u8 = ((x70 >> 8) as u8); - let x73: u8 = ((x2 & (0xff as u32)) as u8); - let x74: u32 = (x2 >> 8); - let x75: u8 = ((x74 & (0xff as u32)) as u8); - let x76: u32 = (x74 >> 8); - let x77: u8 = ((x76 & (0xff as u32)) as u8); - let x78: u8 = ((x76 >> 8) as u8); - let x79: u8 = ((x1 & (0xff as u32)) as u8); - let x80: u32 = (x1 >> 8); - let x81: u8 = ((x80 & (0xff as u32)) as u8); - let x82: u32 = (x80 >> 8); - let x83: u8 = ((x82 & (0xff as u32)) as u8); - let x84: u8 = ((x82 >> 8) as u8); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + let x13: u32 = (x12 >> 8); + let x14: u32 = (x13 >> 8); + let x15: u8 = ((x14 >> 8) as u8); + let x16: u32 = (x11 >> 8); + let x17: u32 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u32 = (x10 >> 8); + let x20: u32 = (x19 >> 8); + let x21: u8 = ((x20 >> 8) as u8); + let x22: u32 = (x9 >> 8); + let x23: u32 = (x22 >> 8); + let x24: u8 = ((x23 >> 8) as u8); + let x25: u32 = (x8 >> 8); + let x26: u32 = (x25 >> 8); + let x27: u8 = ((x26 >> 8) as u8); + let x28: u32 = (x7 >> 8); + let x29: u32 = (x28 >> 8); + let x30: u8 = ((x29 >> 8) as u8); + let x31: u32 = (x6 >> 8); + let x32: u32 = (x31 >> 8); + let x33: u8 = ((x32 >> 8) as u8); + let x34: u32 = (x5 >> 8); + let x35: u32 = (x34 >> 8); + let x36: u8 = ((x35 >> 8) as u8); + let x37: u32 = (x4 >> 8); + let x38: u32 = (x37 >> 8); + let x39: u8 = ((x38 >> 8) as u8); + let x40: u32 = (x3 >> 8); + let x41: u32 = (x40 >> 8); + let x42: u8 = ((x41 >> 8) as u8); + let x43: u32 = (x2 >> 8); + let x44: u32 = (x43 >> 8); + let x45: u8 = ((x44 >> 8) as u8); + let x46: u32 = (x1 >> 8); + let x47: u32 = (x46 >> 8); + let x48: u8 = ((x47 >> 8) as u8); + out1[0] = (x12 as u8); + out1[1] = (x13 as u8); + out1[2] = (x14 as u8); + out1[3] = x15; + out1[4] = (x11 as u8); + out1[5] = (x16 as u8); + out1[6] = (x17 as u8); + out1[7] = x18; + out1[8] = (x10 as u8); + out1[9] = (x19 as u8); + out1[10] = (x20 as u8); + out1[11] = x21; + out1[12] = (x9 as u8); + out1[13] = (x22 as u8); + out1[14] = (x23 as u8); + out1[15] = x24; + out1[16] = (x8 as u8); + out1[17] = (x25 as u8); + out1[18] = (x26 as u8); + out1[19] = x27; + out1[20] = (x7 as u8); + out1[21] = (x28 as u8); + out1[22] = (x29 as u8); + out1[23] = x30; + out1[24] = (x6 as u8); + out1[25] = (x31 as u8); + out1[26] = (x32 as u8); + out1[27] = x33; + out1[28] = (x5 as u8); + out1[29] = (x34 as u8); + out1[30] = (x35 as u8); + out1[31] = x36; + out1[32] = (x4 as u8); + out1[33] = (x37 as u8); + out1[34] = (x38 as u8); + out1[35] = x39; + out1[36] = (x3 as u8); + out1[37] = (x40 as u8); + out1[38] = (x41 as u8); + out1[39] = x42; + out1[40] = (x2 as u8); + out1[41] = (x43 as u8); + out1[42] = (x44 as u8); + out1[43] = x45; + out1[44] = (x1 as u8); + out1[45] = (x46 as u8); + out1[46] = (x47 as u8); + out1[47] = x48; } /// The function fiat_p384_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -9180,7 +9142,7 @@ pub fn fiat_p384_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut [u32; let mut x1: u32 = 0; let mut x2: fiat_p384_u1 = 0; fiat_p384_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_p384_u1 = (((x1 >> 31) as fiat_p384_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_p384_u1)); + let x3: fiat_p384_u1 = (((x1 >> 31) as fiat_p384_u1) & ((arg3[0]) as fiat_p384_u1)); let mut x4: u32 = 0; let mut x5: fiat_p384_u1 = 0; fiat_p384_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -9486,236 +9448,235 @@ pub fn fiat_p384_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut [u32; fiat_p384_cmovznz_u32(&mut x192, x3, (arg5[10]), x178); let mut x193: u32 = 0; fiat_p384_cmovznz_u32(&mut x193, x3, (arg5[11]), x180); - let x194: fiat_p384_u1 = ((x46 & (0x1 as u32)) as fiat_p384_u1); + let mut x194: u32 = 0; + fiat_p384_cmovznz_u32(&mut x194, (x46 as fiat_p384_u1), (0x0 as u32), x7); let mut x195: u32 = 0; - fiat_p384_cmovznz_u32(&mut x195, x194, (0x0 as u32), x7); + fiat_p384_cmovznz_u32(&mut x195, (x46 as fiat_p384_u1), (0x0 as u32), x8); let mut x196: u32 = 0; - fiat_p384_cmovznz_u32(&mut x196, x194, (0x0 as u32), x8); + fiat_p384_cmovznz_u32(&mut x196, (x46 as fiat_p384_u1), (0x0 as u32), x9); let mut x197: u32 = 0; - fiat_p384_cmovznz_u32(&mut x197, x194, (0x0 as u32), x9); + fiat_p384_cmovznz_u32(&mut x197, (x46 as fiat_p384_u1), (0x0 as u32), x10); let mut x198: u32 = 0; - fiat_p384_cmovznz_u32(&mut x198, x194, (0x0 as u32), x10); + fiat_p384_cmovznz_u32(&mut x198, (x46 as fiat_p384_u1), (0x0 as u32), x11); let mut x199: u32 = 0; - fiat_p384_cmovznz_u32(&mut x199, x194, (0x0 as u32), x11); + fiat_p384_cmovznz_u32(&mut x199, (x46 as fiat_p384_u1), (0x0 as u32), x12); let mut x200: u32 = 0; - fiat_p384_cmovznz_u32(&mut x200, x194, (0x0 as u32), x12); + fiat_p384_cmovznz_u32(&mut x200, (x46 as fiat_p384_u1), (0x0 as u32), x13); let mut x201: u32 = 0; - fiat_p384_cmovznz_u32(&mut x201, x194, (0x0 as u32), x13); + fiat_p384_cmovznz_u32(&mut x201, (x46 as fiat_p384_u1), (0x0 as u32), x14); let mut x202: u32 = 0; - fiat_p384_cmovznz_u32(&mut x202, x194, (0x0 as u32), x14); + fiat_p384_cmovznz_u32(&mut x202, (x46 as fiat_p384_u1), (0x0 as u32), x15); let mut x203: u32 = 0; - fiat_p384_cmovznz_u32(&mut x203, x194, (0x0 as u32), x15); + fiat_p384_cmovznz_u32(&mut x203, (x46 as fiat_p384_u1), (0x0 as u32), x16); let mut x204: u32 = 0; - fiat_p384_cmovznz_u32(&mut x204, x194, (0x0 as u32), x16); + fiat_p384_cmovznz_u32(&mut x204, (x46 as fiat_p384_u1), (0x0 as u32), x17); let mut x205: u32 = 0; - fiat_p384_cmovznz_u32(&mut x205, x194, (0x0 as u32), x17); + fiat_p384_cmovznz_u32(&mut x205, (x46 as fiat_p384_u1), (0x0 as u32), x18); let mut x206: u32 = 0; - fiat_p384_cmovznz_u32(&mut x206, x194, (0x0 as u32), x18); + fiat_p384_cmovznz_u32(&mut x206, (x46 as fiat_p384_u1), (0x0 as u32), x19); let mut x207: u32 = 0; - fiat_p384_cmovznz_u32(&mut x207, x194, (0x0 as u32), x19); - let mut x208: u32 = 0; - let mut x209: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x208, &mut x209, 0x0, x46, x195); - let mut x210: u32 = 0; - let mut x211: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x210, &mut x211, x209, x47, x196); - let mut x212: u32 = 0; - let mut x213: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x212, &mut x213, x211, x48, x197); - let mut x214: u32 = 0; - let mut x215: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x214, &mut x215, x213, x49, x198); - let mut x216: u32 = 0; - let mut x217: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x216, &mut x217, x215, x50, x199); - let mut x218: u32 = 0; - let mut x219: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x218, &mut x219, x217, x51, x200); - let mut x220: u32 = 0; - let mut x221: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x220, &mut x221, x219, x52, x201); - let mut x222: u32 = 0; - let mut x223: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x222, &mut x223, x221, x53, x202); - let mut x224: u32 = 0; - let mut x225: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x224, &mut x225, x223, x54, x203); - let mut x226: u32 = 0; - let mut x227: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x226, &mut x227, x225, x55, x204); - let mut x228: u32 = 0; - let mut x229: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x228, &mut x229, x227, x56, x205); - let mut x230: u32 = 0; - let mut x231: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x230, &mut x231, x229, x57, x206); - let mut x232: u32 = 0; - let mut x233: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x232, &mut x233, x231, x58, x207); + let mut x208: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x207, &mut x208, 0x0, x46, x194); + let mut x209: u32 = 0; + let mut x210: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x209, &mut x210, x208, x47, x195); + let mut x211: u32 = 0; + let mut x212: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x211, &mut x212, x210, x48, x196); + let mut x213: u32 = 0; + let mut x214: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x213, &mut x214, x212, x49, x197); + let mut x215: u32 = 0; + let mut x216: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x215, &mut x216, x214, x50, x198); + let mut x217: u32 = 0; + let mut x218: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x217, &mut x218, x216, x51, x199); + let mut x219: u32 = 0; + let mut x220: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x219, &mut x220, x218, x52, x200); + let mut x221: u32 = 0; + let mut x222: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x221, &mut x222, x220, x53, x201); + let mut x223: u32 = 0; + let mut x224: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x223, &mut x224, x222, x54, x202); + let mut x225: u32 = 0; + let mut x226: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x225, &mut x226, x224, x55, x203); + let mut x227: u32 = 0; + let mut x228: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x227, &mut x228, x226, x56, x204); + let mut x229: u32 = 0; + let mut x230: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x229, &mut x230, x228, x57, x205); + let mut x231: u32 = 0; + let mut x232: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x231, &mut x232, x230, x58, x206); + let mut x233: u32 = 0; + fiat_p384_cmovznz_u32(&mut x233, (x46 as fiat_p384_u1), (0x0 as u32), x59); let mut x234: u32 = 0; - fiat_p384_cmovznz_u32(&mut x234, x194, (0x0 as u32), x59); + fiat_p384_cmovznz_u32(&mut x234, (x46 as fiat_p384_u1), (0x0 as u32), x60); let mut x235: u32 = 0; - fiat_p384_cmovznz_u32(&mut x235, x194, (0x0 as u32), x60); + fiat_p384_cmovznz_u32(&mut x235, (x46 as fiat_p384_u1), (0x0 as u32), x61); let mut x236: u32 = 0; - fiat_p384_cmovznz_u32(&mut x236, x194, (0x0 as u32), x61); + fiat_p384_cmovznz_u32(&mut x236, (x46 as fiat_p384_u1), (0x0 as u32), x62); let mut x237: u32 = 0; - fiat_p384_cmovznz_u32(&mut x237, x194, (0x0 as u32), x62); + fiat_p384_cmovznz_u32(&mut x237, (x46 as fiat_p384_u1), (0x0 as u32), x63); let mut x238: u32 = 0; - fiat_p384_cmovznz_u32(&mut x238, x194, (0x0 as u32), x63); + fiat_p384_cmovznz_u32(&mut x238, (x46 as fiat_p384_u1), (0x0 as u32), x64); let mut x239: u32 = 0; - fiat_p384_cmovznz_u32(&mut x239, x194, (0x0 as u32), x64); + fiat_p384_cmovznz_u32(&mut x239, (x46 as fiat_p384_u1), (0x0 as u32), x65); let mut x240: u32 = 0; - fiat_p384_cmovznz_u32(&mut x240, x194, (0x0 as u32), x65); + fiat_p384_cmovznz_u32(&mut x240, (x46 as fiat_p384_u1), (0x0 as u32), x66); let mut x241: u32 = 0; - fiat_p384_cmovznz_u32(&mut x241, x194, (0x0 as u32), x66); + fiat_p384_cmovznz_u32(&mut x241, (x46 as fiat_p384_u1), (0x0 as u32), x67); let mut x242: u32 = 0; - fiat_p384_cmovznz_u32(&mut x242, x194, (0x0 as u32), x67); + fiat_p384_cmovznz_u32(&mut x242, (x46 as fiat_p384_u1), (0x0 as u32), x68); let mut x243: u32 = 0; - fiat_p384_cmovznz_u32(&mut x243, x194, (0x0 as u32), x68); + fiat_p384_cmovznz_u32(&mut x243, (x46 as fiat_p384_u1), (0x0 as u32), x69); let mut x244: u32 = 0; - fiat_p384_cmovznz_u32(&mut x244, x194, (0x0 as u32), x69); + fiat_p384_cmovznz_u32(&mut x244, (x46 as fiat_p384_u1), (0x0 as u32), x70); let mut x245: u32 = 0; - fiat_p384_cmovznz_u32(&mut x245, x194, (0x0 as u32), x70); - let mut x246: u32 = 0; - let mut x247: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x246, &mut x247, 0x0, x182, x234); - let mut x248: u32 = 0; - let mut x249: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x248, &mut x249, x247, x183, x235); - let mut x250: u32 = 0; - let mut x251: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x250, &mut x251, x249, x184, x236); - let mut x252: u32 = 0; - let mut x253: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x252, &mut x253, x251, x185, x237); - let mut x254: u32 = 0; - let mut x255: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x254, &mut x255, x253, x186, x238); - let mut x256: u32 = 0; - let mut x257: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x256, &mut x257, x255, x187, x239); - let mut x258: u32 = 0; - let mut x259: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x258, &mut x259, x257, x188, x240); - let mut x260: u32 = 0; - let mut x261: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x260, &mut x261, x259, x189, x241); - let mut x262: u32 = 0; - let mut x263: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x262, &mut x263, x261, x190, x242); - let mut x264: u32 = 0; - let mut x265: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x264, &mut x265, x263, x191, x243); - let mut x266: u32 = 0; - let mut x267: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x266, &mut x267, x265, x192, x244); - let mut x268: u32 = 0; - let mut x269: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x268, &mut x269, x267, x193, x245); - let mut x270: u32 = 0; - let mut x271: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x270, &mut x271, 0x0, x246, 0xffffffff); - let mut x272: u32 = 0; - let mut x273: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x272, &mut x273, x271, x248, (0x0 as u32)); - let mut x274: u32 = 0; - let mut x275: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x274, &mut x275, x273, x250, (0x0 as u32)); - let mut x276: u32 = 0; - let mut x277: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x276, &mut x277, x275, x252, 0xffffffff); - let mut x278: u32 = 0; - let mut x279: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x278, &mut x279, x277, x254, 0xfffffffe); - let mut x280: u32 = 0; - let mut x281: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x280, &mut x281, x279, x256, 0xffffffff); - let mut x282: u32 = 0; - let mut x283: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x282, &mut x283, x281, x258, 0xffffffff); - let mut x284: u32 = 0; - let mut x285: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x284, &mut x285, x283, x260, 0xffffffff); - let mut x286: u32 = 0; - let mut x287: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x286, &mut x287, x285, x262, 0xffffffff); - let mut x288: u32 = 0; - let mut x289: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x288, &mut x289, x287, x264, 0xffffffff); - let mut x290: u32 = 0; - let mut x291: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x290, &mut x291, x289, x266, 0xffffffff); - let mut x292: u32 = 0; - let mut x293: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x292, &mut x293, x291, x268, 0xffffffff); - let mut x294: u32 = 0; - let mut x295: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u32(&mut x294, &mut x295, x293, (x269 as u32), (0x0 as u32)); - let mut x296: u32 = 0; - let mut x297: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u32(&mut x296, &mut x297, 0x0, x6, (0x1 as u32)); - let x298: u32 = ((x208 >> 1) | ((x210 << 31) & 0xffffffff)); - let x299: u32 = ((x210 >> 1) | ((x212 << 31) & 0xffffffff)); - let x300: u32 = ((x212 >> 1) | ((x214 << 31) & 0xffffffff)); - let x301: u32 = ((x214 >> 1) | ((x216 << 31) & 0xffffffff)); - let x302: u32 = ((x216 >> 1) | ((x218 << 31) & 0xffffffff)); - let x303: u32 = ((x218 >> 1) | ((x220 << 31) & 0xffffffff)); - let x304: u32 = ((x220 >> 1) | ((x222 << 31) & 0xffffffff)); - let x305: u32 = ((x222 >> 1) | ((x224 << 31) & 0xffffffff)); - let x306: u32 = ((x224 >> 1) | ((x226 << 31) & 0xffffffff)); - let x307: u32 = ((x226 >> 1) | ((x228 << 31) & 0xffffffff)); - let x308: u32 = ((x228 >> 1) | ((x230 << 31) & 0xffffffff)); - let x309: u32 = ((x230 >> 1) | ((x232 << 31) & 0xffffffff)); - let x310: u32 = ((x232 & 0x80000000) | (x232 >> 1)); + let mut x246: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x245, &mut x246, 0x0, x182, x233); + let mut x247: u32 = 0; + let mut x248: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x247, &mut x248, x246, x183, x234); + let mut x249: u32 = 0; + let mut x250: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x249, &mut x250, x248, x184, x235); + let mut x251: u32 = 0; + let mut x252: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x251, &mut x252, x250, x185, x236); + let mut x253: u32 = 0; + let mut x254: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x253, &mut x254, x252, x186, x237); + let mut x255: u32 = 0; + let mut x256: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x255, &mut x256, x254, x187, x238); + let mut x257: u32 = 0; + let mut x258: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x257, &mut x258, x256, x188, x239); + let mut x259: u32 = 0; + let mut x260: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x259, &mut x260, x258, x189, x240); + let mut x261: u32 = 0; + let mut x262: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x261, &mut x262, x260, x190, x241); + let mut x263: u32 = 0; + let mut x264: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x263, &mut x264, x262, x191, x242); + let mut x265: u32 = 0; + let mut x266: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x265, &mut x266, x264, x192, x243); + let mut x267: u32 = 0; + let mut x268: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x267, &mut x268, x266, x193, x244); + let mut x269: u32 = 0; + let mut x270: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x269, &mut x270, 0x0, x245, 0xffffffff); + let mut x271: u32 = 0; + let mut x272: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x271, &mut x272, x270, x247, (0x0 as u32)); + let mut x273: u32 = 0; + let mut x274: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x273, &mut x274, x272, x249, (0x0 as u32)); + let mut x275: u32 = 0; + let mut x276: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x275, &mut x276, x274, x251, 0xffffffff); + let mut x277: u32 = 0; + let mut x278: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x277, &mut x278, x276, x253, 0xfffffffe); + let mut x279: u32 = 0; + let mut x280: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x279, &mut x280, x278, x255, 0xffffffff); + let mut x281: u32 = 0; + let mut x282: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x281, &mut x282, x280, x257, 0xffffffff); + let mut x283: u32 = 0; + let mut x284: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x283, &mut x284, x282, x259, 0xffffffff); + let mut x285: u32 = 0; + let mut x286: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x285, &mut x286, x284, x261, 0xffffffff); + let mut x287: u32 = 0; + let mut x288: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x287, &mut x288, x286, x263, 0xffffffff); + let mut x289: u32 = 0; + let mut x290: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x289, &mut x290, x288, x265, 0xffffffff); + let mut x291: u32 = 0; + let mut x292: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x291, &mut x292, x290, x267, 0xffffffff); + let mut x293: u32 = 0; + let mut x294: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u32(&mut x293, &mut x294, x292, (x268 as u32), (0x0 as u32)); + let mut x295: u32 = 0; + let mut x296: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u32(&mut x295, &mut x296, 0x0, x6, (0x1 as u32)); + let x297: u32 = ((x207 >> 1) | ((x209 << 31) & 0xffffffff)); + let x298: u32 = ((x209 >> 1) | ((x211 << 31) & 0xffffffff)); + let x299: u32 = ((x211 >> 1) | ((x213 << 31) & 0xffffffff)); + let x300: u32 = ((x213 >> 1) | ((x215 << 31) & 0xffffffff)); + let x301: u32 = ((x215 >> 1) | ((x217 << 31) & 0xffffffff)); + let x302: u32 = ((x217 >> 1) | ((x219 << 31) & 0xffffffff)); + let x303: u32 = ((x219 >> 1) | ((x221 << 31) & 0xffffffff)); + let x304: u32 = ((x221 >> 1) | ((x223 << 31) & 0xffffffff)); + let x305: u32 = ((x223 >> 1) | ((x225 << 31) & 0xffffffff)); + let x306: u32 = ((x225 >> 1) | ((x227 << 31) & 0xffffffff)); + let x307: u32 = ((x227 >> 1) | ((x229 << 31) & 0xffffffff)); + let x308: u32 = ((x229 >> 1) | ((x231 << 31) & 0xffffffff)); + let x309: u32 = ((x231 & 0x80000000) | (x231 >> 1)); + let mut x310: u32 = 0; + fiat_p384_cmovznz_u32(&mut x310, x120, x95, x71); let mut x311: u32 = 0; - fiat_p384_cmovznz_u32(&mut x311, x120, x95, x71); + fiat_p384_cmovznz_u32(&mut x311, x120, x97, x73); let mut x312: u32 = 0; - fiat_p384_cmovznz_u32(&mut x312, x120, x97, x73); + fiat_p384_cmovznz_u32(&mut x312, x120, x99, x75); let mut x313: u32 = 0; - fiat_p384_cmovznz_u32(&mut x313, x120, x99, x75); + fiat_p384_cmovznz_u32(&mut x313, x120, x101, x77); let mut x314: u32 = 0; - fiat_p384_cmovznz_u32(&mut x314, x120, x101, x77); + fiat_p384_cmovznz_u32(&mut x314, x120, x103, x79); let mut x315: u32 = 0; - fiat_p384_cmovznz_u32(&mut x315, x120, x103, x79); + fiat_p384_cmovznz_u32(&mut x315, x120, x105, x81); let mut x316: u32 = 0; - fiat_p384_cmovznz_u32(&mut x316, x120, x105, x81); + fiat_p384_cmovznz_u32(&mut x316, x120, x107, x83); let mut x317: u32 = 0; - fiat_p384_cmovznz_u32(&mut x317, x120, x107, x83); + fiat_p384_cmovznz_u32(&mut x317, x120, x109, x85); let mut x318: u32 = 0; - fiat_p384_cmovznz_u32(&mut x318, x120, x109, x85); + fiat_p384_cmovznz_u32(&mut x318, x120, x111, x87); let mut x319: u32 = 0; - fiat_p384_cmovznz_u32(&mut x319, x120, x111, x87); + fiat_p384_cmovznz_u32(&mut x319, x120, x113, x89); let mut x320: u32 = 0; - fiat_p384_cmovznz_u32(&mut x320, x120, x113, x89); + fiat_p384_cmovznz_u32(&mut x320, x120, x115, x91); let mut x321: u32 = 0; - fiat_p384_cmovznz_u32(&mut x321, x120, x115, x91); + fiat_p384_cmovznz_u32(&mut x321, x120, x117, x93); let mut x322: u32 = 0; - fiat_p384_cmovznz_u32(&mut x322, x120, x117, x93); + fiat_p384_cmovznz_u32(&mut x322, x294, x269, x245); let mut x323: u32 = 0; - fiat_p384_cmovznz_u32(&mut x323, x295, x270, x246); + fiat_p384_cmovznz_u32(&mut x323, x294, x271, x247); let mut x324: u32 = 0; - fiat_p384_cmovznz_u32(&mut x324, x295, x272, x248); + fiat_p384_cmovznz_u32(&mut x324, x294, x273, x249); let mut x325: u32 = 0; - fiat_p384_cmovznz_u32(&mut x325, x295, x274, x250); + fiat_p384_cmovznz_u32(&mut x325, x294, x275, x251); let mut x326: u32 = 0; - fiat_p384_cmovznz_u32(&mut x326, x295, x276, x252); + fiat_p384_cmovznz_u32(&mut x326, x294, x277, x253); let mut x327: u32 = 0; - fiat_p384_cmovznz_u32(&mut x327, x295, x278, x254); + fiat_p384_cmovznz_u32(&mut x327, x294, x279, x255); let mut x328: u32 = 0; - fiat_p384_cmovznz_u32(&mut x328, x295, x280, x256); + fiat_p384_cmovznz_u32(&mut x328, x294, x281, x257); let mut x329: u32 = 0; - fiat_p384_cmovznz_u32(&mut x329, x295, x282, x258); + fiat_p384_cmovznz_u32(&mut x329, x294, x283, x259); let mut x330: u32 = 0; - fiat_p384_cmovznz_u32(&mut x330, x295, x284, x260); + fiat_p384_cmovznz_u32(&mut x330, x294, x285, x261); let mut x331: u32 = 0; - fiat_p384_cmovznz_u32(&mut x331, x295, x286, x262); + fiat_p384_cmovznz_u32(&mut x331, x294, x287, x263); let mut x332: u32 = 0; - fiat_p384_cmovznz_u32(&mut x332, x295, x288, x264); + fiat_p384_cmovznz_u32(&mut x332, x294, x289, x265); let mut x333: u32 = 0; - fiat_p384_cmovznz_u32(&mut x333, x295, x290, x266); - let mut x334: u32 = 0; - fiat_p384_cmovznz_u32(&mut x334, x295, x292, x268); - *out1 = x296; + fiat_p384_cmovznz_u32(&mut x333, x294, x291, x267); + *out1 = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -9729,43 +9690,43 @@ pub fn fiat_p384_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut [u32; out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /// The function fiat_p384_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p384_64.rs b/fiat-rust/src/p384_64.rs index a14d7d3c24..f1a3ab0e00 100644 --- a/fiat-rust/src/p384_64.rs +++ b/fiat-rust/src/p384_64.rs @@ -50,10 +50,9 @@ pub type fiat_p384_non_montgomery_domain_field_element = [u64; 6]; #[inline] pub fn fiat_p384_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p384_u1, arg1: fiat_p384_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p384_u1 = ((x1 >> 64) as fiat_p384_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p384_u1 = ((x1 >> 64) as fiat_p384_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p384_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p384_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p384_u1, arg1: f #[inline] pub fn fiat_p384_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p384_cmovznz_u64 is a single-word conditional move. @@ -2926,138 +2924,96 @@ pub fn fiat_p384_to_bytes(out1: &mut [u8; 48], arg1: &[u64; 6]) -> () { let x4: u64 = (arg1[2]); let x5: u64 = (arg1[1]); let x6: u64 = (arg1[0]); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u64 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u64)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x5 & (0xff as u64)) as u8); - let x22: u64 = (x5 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u64 = (x30 >> 8); - let x33: u8 = ((x32 & (0xff as u64)) as u8); - let x34: u8 = ((x32 >> 8) as u8); - let x35: u8 = ((x4 & (0xff as u64)) as u8); - let x36: u64 = (x4 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u64 = (x44 >> 8); - let x47: u8 = ((x46 & (0xff as u64)) as u8); - let x48: u8 = ((x46 >> 8) as u8); - let x49: u8 = ((x3 & (0xff as u64)) as u8); - let x50: u64 = (x3 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u64 = (x58 >> 8); - let x61: u8 = ((x60 & (0xff as u64)) as u8); - let x62: u8 = ((x60 >> 8) as u8); - let x63: u8 = ((x2 & (0xff as u64)) as u8); - let x64: u64 = (x2 >> 8); - let x65: u8 = ((x64 & (0xff as u64)) as u8); - let x66: u64 = (x64 >> 8); - let x67: u8 = ((x66 & (0xff as u64)) as u8); - let x68: u64 = (x66 >> 8); - let x69: u8 = ((x68 & (0xff as u64)) as u8); - let x70: u64 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u64)) as u8); - let x72: u64 = (x70 >> 8); - let x73: u8 = ((x72 & (0xff as u64)) as u8); - let x74: u64 = (x72 >> 8); - let x75: u8 = ((x74 & (0xff as u64)) as u8); - let x76: u8 = ((x74 >> 8) as u8); - let x77: u8 = ((x1 & (0xff as u64)) as u8); - let x78: u64 = (x1 >> 8); - let x79: u8 = ((x78 & (0xff as u64)) as u8); - let x80: u64 = (x78 >> 8); - let x81: u8 = ((x80 & (0xff as u64)) as u8); - let x82: u64 = (x80 >> 8); - let x83: u8 = ((x82 & (0xff as u64)) as u8); - let x84: u64 = (x82 >> 8); - let x85: u8 = ((x84 & (0xff as u64)) as u8); - let x86: u64 = (x84 >> 8); - let x87: u8 = ((x86 & (0xff as u64)) as u8); - let x88: u64 = (x86 >> 8); - let x89: u8 = ((x88 & (0xff as u64)) as u8); - let x90: u8 = ((x88 >> 8) as u8); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u64 = (x10 >> 8); + let x12: u64 = (x11 >> 8); + let x13: u8 = ((x12 >> 8) as u8); + let x14: u64 = (x5 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u64 = (x17 >> 8); + let x19: u64 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u64 = (x4 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u64 = (x24 >> 8); + let x26: u64 = (x25 >> 8); + let x27: u8 = ((x26 >> 8) as u8); + let x28: u64 = (x3 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u64 = (x31 >> 8); + let x33: u64 = (x32 >> 8); + let x34: u8 = ((x33 >> 8) as u8); + let x35: u64 = (x2 >> 8); + let x36: u64 = (x35 >> 8); + let x37: u64 = (x36 >> 8); + let x38: u64 = (x37 >> 8); + let x39: u64 = (x38 >> 8); + let x40: u64 = (x39 >> 8); + let x41: u8 = ((x40 >> 8) as u8); + let x42: u64 = (x1 >> 8); + let x43: u64 = (x42 >> 8); + let x44: u64 = (x43 >> 8); + let x45: u64 = (x44 >> 8); + let x46: u64 = (x45 >> 8); + let x47: u64 = (x46 >> 8); + let x48: u8 = ((x47 >> 8) as u8); + out1[0] = (x6 as u8); + out1[1] = (x7 as u8); + out1[2] = (x8 as u8); + out1[3] = (x9 as u8); + out1[4] = (x10 as u8); + out1[5] = (x11 as u8); + out1[6] = (x12 as u8); + out1[7] = x13; + out1[8] = (x5 as u8); + out1[9] = (x14 as u8); + out1[10] = (x15 as u8); + out1[11] = (x16 as u8); + out1[12] = (x17 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = (x23 as u8); + out1[20] = (x24 as u8); + out1[21] = (x25 as u8); + out1[22] = (x26 as u8); + out1[23] = x27; + out1[24] = (x3 as u8); + out1[25] = (x28 as u8); + out1[26] = (x29 as u8); + out1[27] = (x30 as u8); + out1[28] = (x31 as u8); + out1[29] = (x32 as u8); + out1[30] = (x33 as u8); + out1[31] = x34; + out1[32] = (x2 as u8); + out1[33] = (x35 as u8); + out1[34] = (x36 as u8); + out1[35] = (x37 as u8); + out1[36] = (x38 as u8); + out1[37] = (x39 as u8); + out1[38] = (x40 as u8); + out1[39] = x41; + out1[40] = (x1 as u8); + out1[41] = (x42 as u8); + out1[42] = (x43 as u8); + out1[43] = (x44 as u8); + out1[44] = (x45 as u8); + out1[45] = (x46 as u8); + out1[46] = (x47 as u8); + out1[47] = x48; } /// The function fiat_p384_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3240,7 +3196,7 @@ pub fn fiat_p384_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut [u64; 7 let mut x1: u64 = 0; let mut x2: fiat_p384_u1 = 0; fiat_p384_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p384_u1 = (((x1 >> 63) as fiat_p384_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p384_u1)); + let x3: fiat_p384_u1 = (((x1 >> 63) as fiat_p384_u1) & ((arg3[0]) as fiat_p384_u1)); let mut x4: u64 = 0; let mut x5: fiat_p384_u1 = 0; fiat_p384_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -3402,128 +3358,127 @@ pub fn fiat_p384_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut [u64; 7 fiat_p384_cmovznz_u64(&mut x102, x3, (arg5[4]), x94); let mut x103: u64 = 0; fiat_p384_cmovznz_u64(&mut x103, x3, (arg5[5]), x96); - let x104: fiat_p384_u1 = ((x28 & (0x1 as u64)) as fiat_p384_u1); + let mut x104: u64 = 0; + fiat_p384_cmovznz_u64(&mut x104, (x28 as fiat_p384_u1), (0x0 as u64), x7); let mut x105: u64 = 0; - fiat_p384_cmovznz_u64(&mut x105, x104, (0x0 as u64), x7); + fiat_p384_cmovznz_u64(&mut x105, (x28 as fiat_p384_u1), (0x0 as u64), x8); let mut x106: u64 = 0; - fiat_p384_cmovznz_u64(&mut x106, x104, (0x0 as u64), x8); + fiat_p384_cmovznz_u64(&mut x106, (x28 as fiat_p384_u1), (0x0 as u64), x9); let mut x107: u64 = 0; - fiat_p384_cmovznz_u64(&mut x107, x104, (0x0 as u64), x9); + fiat_p384_cmovznz_u64(&mut x107, (x28 as fiat_p384_u1), (0x0 as u64), x10); let mut x108: u64 = 0; - fiat_p384_cmovznz_u64(&mut x108, x104, (0x0 as u64), x10); + fiat_p384_cmovznz_u64(&mut x108, (x28 as fiat_p384_u1), (0x0 as u64), x11); let mut x109: u64 = 0; - fiat_p384_cmovznz_u64(&mut x109, x104, (0x0 as u64), x11); + fiat_p384_cmovznz_u64(&mut x109, (x28 as fiat_p384_u1), (0x0 as u64), x12); let mut x110: u64 = 0; - fiat_p384_cmovznz_u64(&mut x110, x104, (0x0 as u64), x12); + fiat_p384_cmovznz_u64(&mut x110, (x28 as fiat_p384_u1), (0x0 as u64), x13); let mut x111: u64 = 0; - fiat_p384_cmovznz_u64(&mut x111, x104, (0x0 as u64), x13); - let mut x112: u64 = 0; - let mut x113: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x112, &mut x113, 0x0, x28, x105); - let mut x114: u64 = 0; - let mut x115: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x114, &mut x115, x113, x29, x106); - let mut x116: u64 = 0; - let mut x117: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x116, &mut x117, x115, x30, x107); - let mut x118: u64 = 0; - let mut x119: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x118, &mut x119, x117, x31, x108); - let mut x120: u64 = 0; - let mut x121: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x120, &mut x121, x119, x32, x109); - let mut x122: u64 = 0; - let mut x123: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x122, &mut x123, x121, x33, x110); - let mut x124: u64 = 0; - let mut x125: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x124, &mut x125, x123, x34, x111); + let mut x112: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x111, &mut x112, 0x0, x28, x104); + let mut x113: u64 = 0; + let mut x114: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x113, &mut x114, x112, x29, x105); + let mut x115: u64 = 0; + let mut x116: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x115, &mut x116, x114, x30, x106); + let mut x117: u64 = 0; + let mut x118: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x117, &mut x118, x116, x31, x107); + let mut x119: u64 = 0; + let mut x120: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x119, &mut x120, x118, x32, x108); + let mut x121: u64 = 0; + let mut x122: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x121, &mut x122, x120, x33, x109); + let mut x123: u64 = 0; + let mut x124: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x123, &mut x124, x122, x34, x110); + let mut x125: u64 = 0; + fiat_p384_cmovznz_u64(&mut x125, (x28 as fiat_p384_u1), (0x0 as u64), x35); let mut x126: u64 = 0; - fiat_p384_cmovznz_u64(&mut x126, x104, (0x0 as u64), x35); + fiat_p384_cmovznz_u64(&mut x126, (x28 as fiat_p384_u1), (0x0 as u64), x36); let mut x127: u64 = 0; - fiat_p384_cmovznz_u64(&mut x127, x104, (0x0 as u64), x36); + fiat_p384_cmovznz_u64(&mut x127, (x28 as fiat_p384_u1), (0x0 as u64), x37); let mut x128: u64 = 0; - fiat_p384_cmovznz_u64(&mut x128, x104, (0x0 as u64), x37); + fiat_p384_cmovznz_u64(&mut x128, (x28 as fiat_p384_u1), (0x0 as u64), x38); let mut x129: u64 = 0; - fiat_p384_cmovznz_u64(&mut x129, x104, (0x0 as u64), x38); + fiat_p384_cmovznz_u64(&mut x129, (x28 as fiat_p384_u1), (0x0 as u64), x39); let mut x130: u64 = 0; - fiat_p384_cmovznz_u64(&mut x130, x104, (0x0 as u64), x39); + fiat_p384_cmovznz_u64(&mut x130, (x28 as fiat_p384_u1), (0x0 as u64), x40); let mut x131: u64 = 0; - fiat_p384_cmovznz_u64(&mut x131, x104, (0x0 as u64), x40); - let mut x132: u64 = 0; - let mut x133: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x132, &mut x133, 0x0, x98, x126); - let mut x134: u64 = 0; - let mut x135: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x134, &mut x135, x133, x99, x127); - let mut x136: u64 = 0; - let mut x137: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x136, &mut x137, x135, x100, x128); - let mut x138: u64 = 0; - let mut x139: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x138, &mut x139, x137, x101, x129); - let mut x140: u64 = 0; - let mut x141: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x140, &mut x141, x139, x102, x130); - let mut x142: u64 = 0; - let mut x143: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x142, &mut x143, x141, x103, x131); - let mut x144: u64 = 0; - let mut x145: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x144, &mut x145, 0x0, x132, 0xffffffff); - let mut x146: u64 = 0; - let mut x147: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x146, &mut x147, x145, x134, 0xffffffff00000000); - let mut x148: u64 = 0; - let mut x149: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x148, &mut x149, x147, x136, 0xfffffffffffffffe); - let mut x150: u64 = 0; - let mut x151: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x150, &mut x151, x149, x138, 0xffffffffffffffff); - let mut x152: u64 = 0; - let mut x153: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x152, &mut x153, x151, x140, 0xffffffffffffffff); - let mut x154: u64 = 0; - let mut x155: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x154, &mut x155, x153, x142, 0xffffffffffffffff); - let mut x156: u64 = 0; - let mut x157: fiat_p384_u1 = 0; - fiat_p384_subborrowx_u64(&mut x156, &mut x157, x155, (x143 as u64), (0x0 as u64)); - let mut x158: u64 = 0; - let mut x159: fiat_p384_u1 = 0; - fiat_p384_addcarryx_u64(&mut x158, &mut x159, 0x0, x6, (0x1 as u64)); - let x160: u64 = ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)); - let x161: u64 = ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)); - let x162: u64 = ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)); - let x163: u64 = ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)); - let x164: u64 = ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)); - let x165: u64 = ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)); - let x166: u64 = ((x124 & 0x8000000000000000) | (x124 >> 1)); + let mut x132: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x131, &mut x132, 0x0, x98, x125); + let mut x133: u64 = 0; + let mut x134: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x133, &mut x134, x132, x99, x126); + let mut x135: u64 = 0; + let mut x136: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x135, &mut x136, x134, x100, x127); + let mut x137: u64 = 0; + let mut x138: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x137, &mut x138, x136, x101, x128); + let mut x139: u64 = 0; + let mut x140: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x139, &mut x140, x138, x102, x129); + let mut x141: u64 = 0; + let mut x142: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x141, &mut x142, x140, x103, x130); + let mut x143: u64 = 0; + let mut x144: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x143, &mut x144, 0x0, x131, 0xffffffff); + let mut x145: u64 = 0; + let mut x146: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x145, &mut x146, x144, x133, 0xffffffff00000000); + let mut x147: u64 = 0; + let mut x148: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x147, &mut x148, x146, x135, 0xfffffffffffffffe); + let mut x149: u64 = 0; + let mut x150: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x149, &mut x150, x148, x137, 0xffffffffffffffff); + let mut x151: u64 = 0; + let mut x152: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x151, &mut x152, x150, x139, 0xffffffffffffffff); + let mut x153: u64 = 0; + let mut x154: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x153, &mut x154, x152, x141, 0xffffffffffffffff); + let mut x155: u64 = 0; + let mut x156: fiat_p384_u1 = 0; + fiat_p384_subborrowx_u64(&mut x155, &mut x156, x154, (x142 as u64), (0x0 as u64)); + let mut x157: u64 = 0; + let mut x158: fiat_p384_u1 = 0; + fiat_p384_addcarryx_u64(&mut x157, &mut x158, 0x0, x6, (0x1 as u64)); + let x159: u64 = ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)); + let x160: u64 = ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)); + let x161: u64 = ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)); + let x162: u64 = ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)); + let x163: u64 = ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)); + let x164: u64 = ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)); + let x165: u64 = ((x123 & 0x8000000000000000) | (x123 >> 1)); + let mut x166: u64 = 0; + fiat_p384_cmovznz_u64(&mut x166, x66, x53, x41); let mut x167: u64 = 0; - fiat_p384_cmovznz_u64(&mut x167, x66, x53, x41); + fiat_p384_cmovznz_u64(&mut x167, x66, x55, x43); let mut x168: u64 = 0; - fiat_p384_cmovznz_u64(&mut x168, x66, x55, x43); + fiat_p384_cmovznz_u64(&mut x168, x66, x57, x45); let mut x169: u64 = 0; - fiat_p384_cmovznz_u64(&mut x169, x66, x57, x45); + fiat_p384_cmovznz_u64(&mut x169, x66, x59, x47); let mut x170: u64 = 0; - fiat_p384_cmovznz_u64(&mut x170, x66, x59, x47); + fiat_p384_cmovznz_u64(&mut x170, x66, x61, x49); let mut x171: u64 = 0; - fiat_p384_cmovznz_u64(&mut x171, x66, x61, x49); + fiat_p384_cmovznz_u64(&mut x171, x66, x63, x51); let mut x172: u64 = 0; - fiat_p384_cmovznz_u64(&mut x172, x66, x63, x51); + fiat_p384_cmovznz_u64(&mut x172, x156, x143, x131); let mut x173: u64 = 0; - fiat_p384_cmovznz_u64(&mut x173, x157, x144, x132); + fiat_p384_cmovznz_u64(&mut x173, x156, x145, x133); let mut x174: u64 = 0; - fiat_p384_cmovznz_u64(&mut x174, x157, x146, x134); + fiat_p384_cmovznz_u64(&mut x174, x156, x147, x135); let mut x175: u64 = 0; - fiat_p384_cmovznz_u64(&mut x175, x157, x148, x136); + fiat_p384_cmovznz_u64(&mut x175, x156, x149, x137); let mut x176: u64 = 0; - fiat_p384_cmovznz_u64(&mut x176, x157, x150, x138); + fiat_p384_cmovznz_u64(&mut x176, x156, x151, x139); let mut x177: u64 = 0; - fiat_p384_cmovznz_u64(&mut x177, x157, x152, x140); - let mut x178: u64 = 0; - fiat_p384_cmovznz_u64(&mut x178, x157, x154, x142); - *out1 = x158; + fiat_p384_cmovznz_u64(&mut x177, x156, x153, x141); + *out1 = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3531,25 +3486,25 @@ pub fn fiat_p384_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut [u64; 7 out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /// The function fiat_p384_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p384_scalar_32.rs b/fiat-rust/src/p384_scalar_32.rs index ef07b88f17..976dd4a19d 100644 --- a/fiat-rust/src/p384_scalar_32.rs +++ b/fiat-rust/src/p384_scalar_32.rs @@ -50,10 +50,9 @@ pub type fiat_p384_scalar_non_montgomery_domain_field_element = [u32; 12]; #[inline] pub fn fiat_p384_scalar_addcarryx_u32(out1: &mut u32, out2: &mut fiat_p384_scalar_u1, arg1: fiat_p384_scalar_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_p384_scalar_u1 = ((x1 >> 32) as fiat_p384_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p384_scalar_u1 = ((x1 >> 32) as fiat_p384_scalar_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p384_scalar_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p384_scalar_subborrowx_u32(out1: &mut u32, out2: &mut fiat_p384_scal #[inline] pub fn fiat_p384_scalar_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_p384_scalar_cmovznz_u32 is a single-word conditional move. @@ -10450,126 +10448,90 @@ pub fn fiat_p384_scalar_to_bytes(out1: &mut [u8; 48], arg1: &[u32; 12]) -> () { let x10: u32 = (arg1[2]); let x11: u32 = (arg1[1]); let x12: u32 = (arg1[0]); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u32 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u32)) as u8); - let x16: u32 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x11 & (0xff as u32)) as u8); - let x20: u32 = (x11 >> 8); - let x21: u8 = ((x20 & (0xff as u32)) as u8); - let x22: u32 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u8 = ((x22 >> 8) as u8); - let x25: u8 = ((x10 & (0xff as u32)) as u8); - let x26: u32 = (x10 >> 8); - let x27: u8 = ((x26 & (0xff as u32)) as u8); - let x28: u32 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u8 = ((x28 >> 8) as u8); - let x31: u8 = ((x9 & (0xff as u32)) as u8); - let x32: u32 = (x9 >> 8); - let x33: u8 = ((x32 & (0xff as u32)) as u8); - let x34: u32 = (x32 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u8 = ((x34 >> 8) as u8); - let x37: u8 = ((x8 & (0xff as u32)) as u8); - let x38: u32 = (x8 >> 8); - let x39: u8 = ((x38 & (0xff as u32)) as u8); - let x40: u32 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u8 = ((x40 >> 8) as u8); - let x43: u8 = ((x7 & (0xff as u32)) as u8); - let x44: u32 = (x7 >> 8); - let x45: u8 = ((x44 & (0xff as u32)) as u8); - let x46: u32 = (x44 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u8 = ((x46 >> 8) as u8); - let x49: u8 = ((x6 & (0xff as u32)) as u8); - let x50: u32 = (x6 >> 8); - let x51: u8 = ((x50 & (0xff as u32)) as u8); - let x52: u32 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u8 = ((x52 >> 8) as u8); - let x55: u8 = ((x5 & (0xff as u32)) as u8); - let x56: u32 = (x5 >> 8); - let x57: u8 = ((x56 & (0xff as u32)) as u8); - let x58: u32 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u32)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - let x61: u8 = ((x4 & (0xff as u32)) as u8); - let x62: u32 = (x4 >> 8); - let x63: u8 = ((x62 & (0xff as u32)) as u8); - let x64: u32 = (x62 >> 8); - let x65: u8 = ((x64 & (0xff as u32)) as u8); - let x66: u8 = ((x64 >> 8) as u8); - let x67: u8 = ((x3 & (0xff as u32)) as u8); - let x68: u32 = (x3 >> 8); - let x69: u8 = ((x68 & (0xff as u32)) as u8); - let x70: u32 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u32)) as u8); - let x72: u8 = ((x70 >> 8) as u8); - let x73: u8 = ((x2 & (0xff as u32)) as u8); - let x74: u32 = (x2 >> 8); - let x75: u8 = ((x74 & (0xff as u32)) as u8); - let x76: u32 = (x74 >> 8); - let x77: u8 = ((x76 & (0xff as u32)) as u8); - let x78: u8 = ((x76 >> 8) as u8); - let x79: u8 = ((x1 & (0xff as u32)) as u8); - let x80: u32 = (x1 >> 8); - let x81: u8 = ((x80 & (0xff as u32)) as u8); - let x82: u32 = (x80 >> 8); - let x83: u8 = ((x82 & (0xff as u32)) as u8); - let x84: u8 = ((x82 >> 8) as u8); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + let x13: u32 = (x12 >> 8); + let x14: u32 = (x13 >> 8); + let x15: u8 = ((x14 >> 8) as u8); + let x16: u32 = (x11 >> 8); + let x17: u32 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u32 = (x10 >> 8); + let x20: u32 = (x19 >> 8); + let x21: u8 = ((x20 >> 8) as u8); + let x22: u32 = (x9 >> 8); + let x23: u32 = (x22 >> 8); + let x24: u8 = ((x23 >> 8) as u8); + let x25: u32 = (x8 >> 8); + let x26: u32 = (x25 >> 8); + let x27: u8 = ((x26 >> 8) as u8); + let x28: u32 = (x7 >> 8); + let x29: u32 = (x28 >> 8); + let x30: u8 = ((x29 >> 8) as u8); + let x31: u32 = (x6 >> 8); + let x32: u32 = (x31 >> 8); + let x33: u8 = ((x32 >> 8) as u8); + let x34: u32 = (x5 >> 8); + let x35: u32 = (x34 >> 8); + let x36: u8 = ((x35 >> 8) as u8); + let x37: u32 = (x4 >> 8); + let x38: u32 = (x37 >> 8); + let x39: u8 = ((x38 >> 8) as u8); + let x40: u32 = (x3 >> 8); + let x41: u32 = (x40 >> 8); + let x42: u8 = ((x41 >> 8) as u8); + let x43: u32 = (x2 >> 8); + let x44: u32 = (x43 >> 8); + let x45: u8 = ((x44 >> 8) as u8); + let x46: u32 = (x1 >> 8); + let x47: u32 = (x46 >> 8); + let x48: u8 = ((x47 >> 8) as u8); + out1[0] = (x12 as u8); + out1[1] = (x13 as u8); + out1[2] = (x14 as u8); + out1[3] = x15; + out1[4] = (x11 as u8); + out1[5] = (x16 as u8); + out1[6] = (x17 as u8); + out1[7] = x18; + out1[8] = (x10 as u8); + out1[9] = (x19 as u8); + out1[10] = (x20 as u8); + out1[11] = x21; + out1[12] = (x9 as u8); + out1[13] = (x22 as u8); + out1[14] = (x23 as u8); + out1[15] = x24; + out1[16] = (x8 as u8); + out1[17] = (x25 as u8); + out1[18] = (x26 as u8); + out1[19] = x27; + out1[20] = (x7 as u8); + out1[21] = (x28 as u8); + out1[22] = (x29 as u8); + out1[23] = x30; + out1[24] = (x6 as u8); + out1[25] = (x31 as u8); + out1[26] = (x32 as u8); + out1[27] = x33; + out1[28] = (x5 as u8); + out1[29] = (x34 as u8); + out1[30] = (x35 as u8); + out1[31] = x36; + out1[32] = (x4 as u8); + out1[33] = (x37 as u8); + out1[34] = (x38 as u8); + out1[35] = x39; + out1[36] = (x3 as u8); + out1[37] = (x40 as u8); + out1[38] = (x41 as u8); + out1[39] = x42; + out1[40] = (x2 as u8); + out1[41] = (x43 as u8); + out1[42] = (x44 as u8); + out1[43] = x45; + out1[44] = (x1 as u8); + out1[45] = (x46 as u8); + out1[46] = (x47 as u8); + out1[47] = x48; } /// The function fiat_p384_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -10764,7 +10726,7 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut let mut x1: u32 = 0; let mut x2: fiat_p384_scalar_u1 = 0; fiat_p384_scalar_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_p384_scalar_u1 = (((x1 >> 31) as fiat_p384_scalar_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_p384_scalar_u1)); + let x3: fiat_p384_scalar_u1 = (((x1 >> 31) as fiat_p384_scalar_u1) & ((arg3[0]) as fiat_p384_scalar_u1)); let mut x4: u32 = 0; let mut x5: fiat_p384_scalar_u1 = 0; fiat_p384_scalar_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -11070,236 +11032,235 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut fiat_p384_scalar_cmovznz_u32(&mut x192, x3, (arg5[10]), x178); let mut x193: u32 = 0; fiat_p384_scalar_cmovznz_u32(&mut x193, x3, (arg5[11]), x180); - let x194: fiat_p384_scalar_u1 = ((x46 & (0x1 as u32)) as fiat_p384_scalar_u1); + let mut x194: u32 = 0; + fiat_p384_scalar_cmovznz_u32(&mut x194, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x7); let mut x195: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x195, x194, (0x0 as u32), x7); + fiat_p384_scalar_cmovznz_u32(&mut x195, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x8); let mut x196: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x196, x194, (0x0 as u32), x8); + fiat_p384_scalar_cmovznz_u32(&mut x196, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x9); let mut x197: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x197, x194, (0x0 as u32), x9); + fiat_p384_scalar_cmovznz_u32(&mut x197, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x10); let mut x198: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x198, x194, (0x0 as u32), x10); + fiat_p384_scalar_cmovznz_u32(&mut x198, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x11); let mut x199: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x199, x194, (0x0 as u32), x11); + fiat_p384_scalar_cmovznz_u32(&mut x199, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x12); let mut x200: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x200, x194, (0x0 as u32), x12); + fiat_p384_scalar_cmovznz_u32(&mut x200, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x13); let mut x201: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x201, x194, (0x0 as u32), x13); + fiat_p384_scalar_cmovznz_u32(&mut x201, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x14); let mut x202: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x202, x194, (0x0 as u32), x14); + fiat_p384_scalar_cmovznz_u32(&mut x202, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x15); let mut x203: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x203, x194, (0x0 as u32), x15); + fiat_p384_scalar_cmovznz_u32(&mut x203, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x16); let mut x204: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x204, x194, (0x0 as u32), x16); + fiat_p384_scalar_cmovznz_u32(&mut x204, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x17); let mut x205: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x205, x194, (0x0 as u32), x17); + fiat_p384_scalar_cmovznz_u32(&mut x205, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x18); let mut x206: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x206, x194, (0x0 as u32), x18); + fiat_p384_scalar_cmovznz_u32(&mut x206, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x19); let mut x207: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x207, x194, (0x0 as u32), x19); - let mut x208: u32 = 0; - let mut x209: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x208, &mut x209, 0x0, x46, x195); - let mut x210: u32 = 0; - let mut x211: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x210, &mut x211, x209, x47, x196); - let mut x212: u32 = 0; - let mut x213: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x212, &mut x213, x211, x48, x197); - let mut x214: u32 = 0; - let mut x215: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x214, &mut x215, x213, x49, x198); - let mut x216: u32 = 0; - let mut x217: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x216, &mut x217, x215, x50, x199); - let mut x218: u32 = 0; - let mut x219: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x218, &mut x219, x217, x51, x200); - let mut x220: u32 = 0; - let mut x221: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x220, &mut x221, x219, x52, x201); - let mut x222: u32 = 0; - let mut x223: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x222, &mut x223, x221, x53, x202); - let mut x224: u32 = 0; - let mut x225: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x224, &mut x225, x223, x54, x203); - let mut x226: u32 = 0; - let mut x227: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x226, &mut x227, x225, x55, x204); - let mut x228: u32 = 0; - let mut x229: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x228, &mut x229, x227, x56, x205); - let mut x230: u32 = 0; - let mut x231: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x230, &mut x231, x229, x57, x206); - let mut x232: u32 = 0; - let mut x233: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x232, &mut x233, x231, x58, x207); + let mut x208: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x207, &mut x208, 0x0, x46, x194); + let mut x209: u32 = 0; + let mut x210: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x209, &mut x210, x208, x47, x195); + let mut x211: u32 = 0; + let mut x212: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x211, &mut x212, x210, x48, x196); + let mut x213: u32 = 0; + let mut x214: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x213, &mut x214, x212, x49, x197); + let mut x215: u32 = 0; + let mut x216: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x215, &mut x216, x214, x50, x198); + let mut x217: u32 = 0; + let mut x218: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x217, &mut x218, x216, x51, x199); + let mut x219: u32 = 0; + let mut x220: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x219, &mut x220, x218, x52, x200); + let mut x221: u32 = 0; + let mut x222: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x221, &mut x222, x220, x53, x201); + let mut x223: u32 = 0; + let mut x224: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x223, &mut x224, x222, x54, x202); + let mut x225: u32 = 0; + let mut x226: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x225, &mut x226, x224, x55, x203); + let mut x227: u32 = 0; + let mut x228: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x227, &mut x228, x226, x56, x204); + let mut x229: u32 = 0; + let mut x230: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x229, &mut x230, x228, x57, x205); + let mut x231: u32 = 0; + let mut x232: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x231, &mut x232, x230, x58, x206); + let mut x233: u32 = 0; + fiat_p384_scalar_cmovznz_u32(&mut x233, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x59); let mut x234: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x234, x194, (0x0 as u32), x59); + fiat_p384_scalar_cmovznz_u32(&mut x234, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x60); let mut x235: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x235, x194, (0x0 as u32), x60); + fiat_p384_scalar_cmovznz_u32(&mut x235, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x61); let mut x236: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x236, x194, (0x0 as u32), x61); + fiat_p384_scalar_cmovznz_u32(&mut x236, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x62); let mut x237: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x237, x194, (0x0 as u32), x62); + fiat_p384_scalar_cmovznz_u32(&mut x237, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x63); let mut x238: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x238, x194, (0x0 as u32), x63); + fiat_p384_scalar_cmovznz_u32(&mut x238, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x64); let mut x239: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x239, x194, (0x0 as u32), x64); + fiat_p384_scalar_cmovznz_u32(&mut x239, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x65); let mut x240: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x240, x194, (0x0 as u32), x65); + fiat_p384_scalar_cmovznz_u32(&mut x240, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x66); let mut x241: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x241, x194, (0x0 as u32), x66); + fiat_p384_scalar_cmovznz_u32(&mut x241, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x67); let mut x242: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x242, x194, (0x0 as u32), x67); + fiat_p384_scalar_cmovznz_u32(&mut x242, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x68); let mut x243: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x243, x194, (0x0 as u32), x68); + fiat_p384_scalar_cmovznz_u32(&mut x243, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x69); let mut x244: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x244, x194, (0x0 as u32), x69); + fiat_p384_scalar_cmovznz_u32(&mut x244, (x46 as fiat_p384_scalar_u1), (0x0 as u32), x70); let mut x245: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x245, x194, (0x0 as u32), x70); - let mut x246: u32 = 0; - let mut x247: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x246, &mut x247, 0x0, x182, x234); - let mut x248: u32 = 0; - let mut x249: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x248, &mut x249, x247, x183, x235); - let mut x250: u32 = 0; - let mut x251: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x250, &mut x251, x249, x184, x236); - let mut x252: u32 = 0; - let mut x253: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x252, &mut x253, x251, x185, x237); - let mut x254: u32 = 0; - let mut x255: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x254, &mut x255, x253, x186, x238); - let mut x256: u32 = 0; - let mut x257: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x256, &mut x257, x255, x187, x239); - let mut x258: u32 = 0; - let mut x259: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x258, &mut x259, x257, x188, x240); - let mut x260: u32 = 0; - let mut x261: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x260, &mut x261, x259, x189, x241); - let mut x262: u32 = 0; - let mut x263: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x262, &mut x263, x261, x190, x242); - let mut x264: u32 = 0; - let mut x265: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x264, &mut x265, x263, x191, x243); - let mut x266: u32 = 0; - let mut x267: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x266, &mut x267, x265, x192, x244); - let mut x268: u32 = 0; - let mut x269: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x268, &mut x269, x267, x193, x245); - let mut x270: u32 = 0; - let mut x271: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x270, &mut x271, 0x0, x246, 0xccc52973); - let mut x272: u32 = 0; - let mut x273: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x272, &mut x273, x271, x248, 0xecec196a); - let mut x274: u32 = 0; - let mut x275: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x274, &mut x275, x273, x250, 0x48b0a77a); - let mut x276: u32 = 0; - let mut x277: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x276, &mut x277, x275, x252, 0x581a0db2); - let mut x278: u32 = 0; - let mut x279: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x278, &mut x279, x277, x254, 0xf4372ddf); - let mut x280: u32 = 0; - let mut x281: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x280, &mut x281, x279, x256, 0xc7634d81); - let mut x282: u32 = 0; - let mut x283: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x282, &mut x283, x281, x258, 0xffffffff); - let mut x284: u32 = 0; - let mut x285: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x284, &mut x285, x283, x260, 0xffffffff); - let mut x286: u32 = 0; - let mut x287: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x286, &mut x287, x285, x262, 0xffffffff); - let mut x288: u32 = 0; - let mut x289: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x288, &mut x289, x287, x264, 0xffffffff); - let mut x290: u32 = 0; - let mut x291: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x290, &mut x291, x289, x266, 0xffffffff); - let mut x292: u32 = 0; - let mut x293: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x292, &mut x293, x291, x268, 0xffffffff); - let mut x294: u32 = 0; - let mut x295: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u32(&mut x294, &mut x295, x293, (x269 as u32), (0x0 as u32)); - let mut x296: u32 = 0; - let mut x297: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u32(&mut x296, &mut x297, 0x0, x6, (0x1 as u32)); - let x298: u32 = ((x208 >> 1) | ((x210 << 31) & 0xffffffff)); - let x299: u32 = ((x210 >> 1) | ((x212 << 31) & 0xffffffff)); - let x300: u32 = ((x212 >> 1) | ((x214 << 31) & 0xffffffff)); - let x301: u32 = ((x214 >> 1) | ((x216 << 31) & 0xffffffff)); - let x302: u32 = ((x216 >> 1) | ((x218 << 31) & 0xffffffff)); - let x303: u32 = ((x218 >> 1) | ((x220 << 31) & 0xffffffff)); - let x304: u32 = ((x220 >> 1) | ((x222 << 31) & 0xffffffff)); - let x305: u32 = ((x222 >> 1) | ((x224 << 31) & 0xffffffff)); - let x306: u32 = ((x224 >> 1) | ((x226 << 31) & 0xffffffff)); - let x307: u32 = ((x226 >> 1) | ((x228 << 31) & 0xffffffff)); - let x308: u32 = ((x228 >> 1) | ((x230 << 31) & 0xffffffff)); - let x309: u32 = ((x230 >> 1) | ((x232 << 31) & 0xffffffff)); - let x310: u32 = ((x232 & 0x80000000) | (x232 >> 1)); + let mut x246: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x245, &mut x246, 0x0, x182, x233); + let mut x247: u32 = 0; + let mut x248: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x247, &mut x248, x246, x183, x234); + let mut x249: u32 = 0; + let mut x250: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x249, &mut x250, x248, x184, x235); + let mut x251: u32 = 0; + let mut x252: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x251, &mut x252, x250, x185, x236); + let mut x253: u32 = 0; + let mut x254: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x253, &mut x254, x252, x186, x237); + let mut x255: u32 = 0; + let mut x256: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x255, &mut x256, x254, x187, x238); + let mut x257: u32 = 0; + let mut x258: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x257, &mut x258, x256, x188, x239); + let mut x259: u32 = 0; + let mut x260: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x259, &mut x260, x258, x189, x240); + let mut x261: u32 = 0; + let mut x262: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x261, &mut x262, x260, x190, x241); + let mut x263: u32 = 0; + let mut x264: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x263, &mut x264, x262, x191, x242); + let mut x265: u32 = 0; + let mut x266: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x265, &mut x266, x264, x192, x243); + let mut x267: u32 = 0; + let mut x268: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x267, &mut x268, x266, x193, x244); + let mut x269: u32 = 0; + let mut x270: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x269, &mut x270, 0x0, x245, 0xccc52973); + let mut x271: u32 = 0; + let mut x272: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x271, &mut x272, x270, x247, 0xecec196a); + let mut x273: u32 = 0; + let mut x274: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x273, &mut x274, x272, x249, 0x48b0a77a); + let mut x275: u32 = 0; + let mut x276: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x275, &mut x276, x274, x251, 0x581a0db2); + let mut x277: u32 = 0; + let mut x278: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x277, &mut x278, x276, x253, 0xf4372ddf); + let mut x279: u32 = 0; + let mut x280: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x279, &mut x280, x278, x255, 0xc7634d81); + let mut x281: u32 = 0; + let mut x282: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x281, &mut x282, x280, x257, 0xffffffff); + let mut x283: u32 = 0; + let mut x284: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x283, &mut x284, x282, x259, 0xffffffff); + let mut x285: u32 = 0; + let mut x286: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x285, &mut x286, x284, x261, 0xffffffff); + let mut x287: u32 = 0; + let mut x288: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x287, &mut x288, x286, x263, 0xffffffff); + let mut x289: u32 = 0; + let mut x290: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x289, &mut x290, x288, x265, 0xffffffff); + let mut x291: u32 = 0; + let mut x292: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x291, &mut x292, x290, x267, 0xffffffff); + let mut x293: u32 = 0; + let mut x294: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u32(&mut x293, &mut x294, x292, (x268 as u32), (0x0 as u32)); + let mut x295: u32 = 0; + let mut x296: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u32(&mut x295, &mut x296, 0x0, x6, (0x1 as u32)); + let x297: u32 = ((x207 >> 1) | ((x209 << 31) & 0xffffffff)); + let x298: u32 = ((x209 >> 1) | ((x211 << 31) & 0xffffffff)); + let x299: u32 = ((x211 >> 1) | ((x213 << 31) & 0xffffffff)); + let x300: u32 = ((x213 >> 1) | ((x215 << 31) & 0xffffffff)); + let x301: u32 = ((x215 >> 1) | ((x217 << 31) & 0xffffffff)); + let x302: u32 = ((x217 >> 1) | ((x219 << 31) & 0xffffffff)); + let x303: u32 = ((x219 >> 1) | ((x221 << 31) & 0xffffffff)); + let x304: u32 = ((x221 >> 1) | ((x223 << 31) & 0xffffffff)); + let x305: u32 = ((x223 >> 1) | ((x225 << 31) & 0xffffffff)); + let x306: u32 = ((x225 >> 1) | ((x227 << 31) & 0xffffffff)); + let x307: u32 = ((x227 >> 1) | ((x229 << 31) & 0xffffffff)); + let x308: u32 = ((x229 >> 1) | ((x231 << 31) & 0xffffffff)); + let x309: u32 = ((x231 & 0x80000000) | (x231 >> 1)); + let mut x310: u32 = 0; + fiat_p384_scalar_cmovznz_u32(&mut x310, x120, x95, x71); let mut x311: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x311, x120, x95, x71); + fiat_p384_scalar_cmovznz_u32(&mut x311, x120, x97, x73); let mut x312: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x312, x120, x97, x73); + fiat_p384_scalar_cmovznz_u32(&mut x312, x120, x99, x75); let mut x313: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x313, x120, x99, x75); + fiat_p384_scalar_cmovznz_u32(&mut x313, x120, x101, x77); let mut x314: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x314, x120, x101, x77); + fiat_p384_scalar_cmovznz_u32(&mut x314, x120, x103, x79); let mut x315: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x315, x120, x103, x79); + fiat_p384_scalar_cmovznz_u32(&mut x315, x120, x105, x81); let mut x316: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x316, x120, x105, x81); + fiat_p384_scalar_cmovznz_u32(&mut x316, x120, x107, x83); let mut x317: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x317, x120, x107, x83); + fiat_p384_scalar_cmovznz_u32(&mut x317, x120, x109, x85); let mut x318: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x318, x120, x109, x85); + fiat_p384_scalar_cmovznz_u32(&mut x318, x120, x111, x87); let mut x319: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x319, x120, x111, x87); + fiat_p384_scalar_cmovznz_u32(&mut x319, x120, x113, x89); let mut x320: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x320, x120, x113, x89); + fiat_p384_scalar_cmovznz_u32(&mut x320, x120, x115, x91); let mut x321: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x321, x120, x115, x91); + fiat_p384_scalar_cmovznz_u32(&mut x321, x120, x117, x93); let mut x322: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x322, x120, x117, x93); + fiat_p384_scalar_cmovznz_u32(&mut x322, x294, x269, x245); let mut x323: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x323, x295, x270, x246); + fiat_p384_scalar_cmovznz_u32(&mut x323, x294, x271, x247); let mut x324: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x324, x295, x272, x248); + fiat_p384_scalar_cmovznz_u32(&mut x324, x294, x273, x249); let mut x325: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x325, x295, x274, x250); + fiat_p384_scalar_cmovznz_u32(&mut x325, x294, x275, x251); let mut x326: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x326, x295, x276, x252); + fiat_p384_scalar_cmovznz_u32(&mut x326, x294, x277, x253); let mut x327: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x327, x295, x278, x254); + fiat_p384_scalar_cmovznz_u32(&mut x327, x294, x279, x255); let mut x328: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x328, x295, x280, x256); + fiat_p384_scalar_cmovznz_u32(&mut x328, x294, x281, x257); let mut x329: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x329, x295, x282, x258); + fiat_p384_scalar_cmovznz_u32(&mut x329, x294, x283, x259); let mut x330: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x330, x295, x284, x260); + fiat_p384_scalar_cmovznz_u32(&mut x330, x294, x285, x261); let mut x331: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x331, x295, x286, x262); + fiat_p384_scalar_cmovznz_u32(&mut x331, x294, x287, x263); let mut x332: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x332, x295, x288, x264); + fiat_p384_scalar_cmovznz_u32(&mut x332, x294, x289, x265); let mut x333: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x333, x295, x290, x266); - let mut x334: u32 = 0; - fiat_p384_scalar_cmovznz_u32(&mut x334, x295, x292, x268); - *out1 = x296; + fiat_p384_scalar_cmovznz_u32(&mut x333, x294, x291, x267); + *out1 = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -11313,43 +11274,43 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u32, out2: &mut [u32; 13], out3: &mut out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /// The function fiat_p384_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p384_scalar_64.rs b/fiat-rust/src/p384_scalar_64.rs index 63474c2399..509123f607 100644 --- a/fiat-rust/src/p384_scalar_64.rs +++ b/fiat-rust/src/p384_scalar_64.rs @@ -50,10 +50,9 @@ pub type fiat_p384_scalar_non_montgomery_domain_field_element = [u64; 6]; #[inline] pub fn fiat_p384_scalar_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p384_scalar_u1, arg1: fiat_p384_scalar_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p384_scalar_u1 = ((x1 >> 64) as fiat_p384_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p384_scalar_u1 = ((x1 >> 64) as fiat_p384_scalar_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p384_scalar_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p384_scalar_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p384_scal #[inline] pub fn fiat_p384_scalar_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p384_scalar_cmovznz_u64 is a single-word conditional move. @@ -2980,138 +2978,96 @@ pub fn fiat_p384_scalar_to_bytes(out1: &mut [u8; 48], arg1: &[u64; 6]) -> () { let x4: u64 = (arg1[2]); let x5: u64 = (arg1[1]); let x6: u64 = (arg1[0]); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u64 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u64)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x5 & (0xff as u64)) as u8); - let x22: u64 = (x5 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u64 = (x30 >> 8); - let x33: u8 = ((x32 & (0xff as u64)) as u8); - let x34: u8 = ((x32 >> 8) as u8); - let x35: u8 = ((x4 & (0xff as u64)) as u8); - let x36: u64 = (x4 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u64 = (x44 >> 8); - let x47: u8 = ((x46 & (0xff as u64)) as u8); - let x48: u8 = ((x46 >> 8) as u8); - let x49: u8 = ((x3 & (0xff as u64)) as u8); - let x50: u64 = (x3 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u64 = (x58 >> 8); - let x61: u8 = ((x60 & (0xff as u64)) as u8); - let x62: u8 = ((x60 >> 8) as u8); - let x63: u8 = ((x2 & (0xff as u64)) as u8); - let x64: u64 = (x2 >> 8); - let x65: u8 = ((x64 & (0xff as u64)) as u8); - let x66: u64 = (x64 >> 8); - let x67: u8 = ((x66 & (0xff as u64)) as u8); - let x68: u64 = (x66 >> 8); - let x69: u8 = ((x68 & (0xff as u64)) as u8); - let x70: u64 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u64)) as u8); - let x72: u64 = (x70 >> 8); - let x73: u8 = ((x72 & (0xff as u64)) as u8); - let x74: u64 = (x72 >> 8); - let x75: u8 = ((x74 & (0xff as u64)) as u8); - let x76: u8 = ((x74 >> 8) as u8); - let x77: u8 = ((x1 & (0xff as u64)) as u8); - let x78: u64 = (x1 >> 8); - let x79: u8 = ((x78 & (0xff as u64)) as u8); - let x80: u64 = (x78 >> 8); - let x81: u8 = ((x80 & (0xff as u64)) as u8); - let x82: u64 = (x80 >> 8); - let x83: u8 = ((x82 & (0xff as u64)) as u8); - let x84: u64 = (x82 >> 8); - let x85: u8 = ((x84 & (0xff as u64)) as u8); - let x86: u64 = (x84 >> 8); - let x87: u8 = ((x86 & (0xff as u64)) as u8); - let x88: u64 = (x86 >> 8); - let x89: u8 = ((x88 & (0xff as u64)) as u8); - let x90: u8 = ((x88 >> 8) as u8); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u64 = (x10 >> 8); + let x12: u64 = (x11 >> 8); + let x13: u8 = ((x12 >> 8) as u8); + let x14: u64 = (x5 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u64 = (x17 >> 8); + let x19: u64 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u64 = (x4 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u64 = (x24 >> 8); + let x26: u64 = (x25 >> 8); + let x27: u8 = ((x26 >> 8) as u8); + let x28: u64 = (x3 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u64 = (x31 >> 8); + let x33: u64 = (x32 >> 8); + let x34: u8 = ((x33 >> 8) as u8); + let x35: u64 = (x2 >> 8); + let x36: u64 = (x35 >> 8); + let x37: u64 = (x36 >> 8); + let x38: u64 = (x37 >> 8); + let x39: u64 = (x38 >> 8); + let x40: u64 = (x39 >> 8); + let x41: u8 = ((x40 >> 8) as u8); + let x42: u64 = (x1 >> 8); + let x43: u64 = (x42 >> 8); + let x44: u64 = (x43 >> 8); + let x45: u64 = (x44 >> 8); + let x46: u64 = (x45 >> 8); + let x47: u64 = (x46 >> 8); + let x48: u8 = ((x47 >> 8) as u8); + out1[0] = (x6 as u8); + out1[1] = (x7 as u8); + out1[2] = (x8 as u8); + out1[3] = (x9 as u8); + out1[4] = (x10 as u8); + out1[5] = (x11 as u8); + out1[6] = (x12 as u8); + out1[7] = x13; + out1[8] = (x5 as u8); + out1[9] = (x14 as u8); + out1[10] = (x15 as u8); + out1[11] = (x16 as u8); + out1[12] = (x17 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = (x23 as u8); + out1[20] = (x24 as u8); + out1[21] = (x25 as u8); + out1[22] = (x26 as u8); + out1[23] = x27; + out1[24] = (x3 as u8); + out1[25] = (x28 as u8); + out1[26] = (x29 as u8); + out1[27] = (x30 as u8); + out1[28] = (x31 as u8); + out1[29] = (x32 as u8); + out1[30] = (x33 as u8); + out1[31] = x34; + out1[32] = (x2 as u8); + out1[33] = (x35 as u8); + out1[34] = (x36 as u8); + out1[35] = (x37 as u8); + out1[36] = (x38 as u8); + out1[37] = (x39 as u8); + out1[38] = (x40 as u8); + out1[39] = x41; + out1[40] = (x1 as u8); + out1[41] = (x42 as u8); + out1[42] = (x43 as u8); + out1[43] = (x44 as u8); + out1[44] = (x45 as u8); + out1[45] = (x46 as u8); + out1[46] = (x47 as u8); + out1[47] = x48; } /// The function fiat_p384_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3294,7 +3250,7 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut let mut x1: u64 = 0; let mut x2: fiat_p384_scalar_u1 = 0; fiat_p384_scalar_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p384_scalar_u1 = (((x1 >> 63) as fiat_p384_scalar_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p384_scalar_u1)); + let x3: fiat_p384_scalar_u1 = (((x1 >> 63) as fiat_p384_scalar_u1) & ((arg3[0]) as fiat_p384_scalar_u1)); let mut x4: u64 = 0; let mut x5: fiat_p384_scalar_u1 = 0; fiat_p384_scalar_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -3456,128 +3412,127 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut fiat_p384_scalar_cmovznz_u64(&mut x102, x3, (arg5[4]), x94); let mut x103: u64 = 0; fiat_p384_scalar_cmovznz_u64(&mut x103, x3, (arg5[5]), x96); - let x104: fiat_p384_scalar_u1 = ((x28 & (0x1 as u64)) as fiat_p384_scalar_u1); + let mut x104: u64 = 0; + fiat_p384_scalar_cmovznz_u64(&mut x104, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x7); let mut x105: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x105, x104, (0x0 as u64), x7); + fiat_p384_scalar_cmovznz_u64(&mut x105, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x8); let mut x106: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x106, x104, (0x0 as u64), x8); + fiat_p384_scalar_cmovznz_u64(&mut x106, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x9); let mut x107: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x107, x104, (0x0 as u64), x9); + fiat_p384_scalar_cmovznz_u64(&mut x107, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x10); let mut x108: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x108, x104, (0x0 as u64), x10); + fiat_p384_scalar_cmovznz_u64(&mut x108, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x11); let mut x109: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x109, x104, (0x0 as u64), x11); + fiat_p384_scalar_cmovznz_u64(&mut x109, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x12); let mut x110: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x110, x104, (0x0 as u64), x12); + fiat_p384_scalar_cmovznz_u64(&mut x110, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x13); let mut x111: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x111, x104, (0x0 as u64), x13); - let mut x112: u64 = 0; - let mut x113: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x112, &mut x113, 0x0, x28, x105); - let mut x114: u64 = 0; - let mut x115: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x114, &mut x115, x113, x29, x106); - let mut x116: u64 = 0; - let mut x117: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x116, &mut x117, x115, x30, x107); - let mut x118: u64 = 0; - let mut x119: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x118, &mut x119, x117, x31, x108); - let mut x120: u64 = 0; - let mut x121: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x120, &mut x121, x119, x32, x109); - let mut x122: u64 = 0; - let mut x123: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x122, &mut x123, x121, x33, x110); - let mut x124: u64 = 0; - let mut x125: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x124, &mut x125, x123, x34, x111); + let mut x112: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x111, &mut x112, 0x0, x28, x104); + let mut x113: u64 = 0; + let mut x114: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x113, &mut x114, x112, x29, x105); + let mut x115: u64 = 0; + let mut x116: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x115, &mut x116, x114, x30, x106); + let mut x117: u64 = 0; + let mut x118: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x117, &mut x118, x116, x31, x107); + let mut x119: u64 = 0; + let mut x120: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x119, &mut x120, x118, x32, x108); + let mut x121: u64 = 0; + let mut x122: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x121, &mut x122, x120, x33, x109); + let mut x123: u64 = 0; + let mut x124: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x123, &mut x124, x122, x34, x110); + let mut x125: u64 = 0; + fiat_p384_scalar_cmovznz_u64(&mut x125, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x35); let mut x126: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x126, x104, (0x0 as u64), x35); + fiat_p384_scalar_cmovznz_u64(&mut x126, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x36); let mut x127: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x127, x104, (0x0 as u64), x36); + fiat_p384_scalar_cmovznz_u64(&mut x127, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x37); let mut x128: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x128, x104, (0x0 as u64), x37); + fiat_p384_scalar_cmovznz_u64(&mut x128, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x38); let mut x129: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x129, x104, (0x0 as u64), x38); + fiat_p384_scalar_cmovznz_u64(&mut x129, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x39); let mut x130: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x130, x104, (0x0 as u64), x39); + fiat_p384_scalar_cmovznz_u64(&mut x130, (x28 as fiat_p384_scalar_u1), (0x0 as u64), x40); let mut x131: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x131, x104, (0x0 as u64), x40); - let mut x132: u64 = 0; - let mut x133: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x132, &mut x133, 0x0, x98, x126); - let mut x134: u64 = 0; - let mut x135: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x134, &mut x135, x133, x99, x127); - let mut x136: u64 = 0; - let mut x137: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x136, &mut x137, x135, x100, x128); - let mut x138: u64 = 0; - let mut x139: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x138, &mut x139, x137, x101, x129); - let mut x140: u64 = 0; - let mut x141: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x140, &mut x141, x139, x102, x130); - let mut x142: u64 = 0; - let mut x143: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x142, &mut x143, x141, x103, x131); - let mut x144: u64 = 0; - let mut x145: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x144, &mut x145, 0x0, x132, 0xecec196accc52973); - let mut x146: u64 = 0; - let mut x147: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x146, &mut x147, x145, x134, 0x581a0db248b0a77a); - let mut x148: u64 = 0; - let mut x149: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x148, &mut x149, x147, x136, 0xc7634d81f4372ddf); - let mut x150: u64 = 0; - let mut x151: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x150, &mut x151, x149, x138, 0xffffffffffffffff); - let mut x152: u64 = 0; - let mut x153: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x152, &mut x153, x151, x140, 0xffffffffffffffff); - let mut x154: u64 = 0; - let mut x155: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x154, &mut x155, x153, x142, 0xffffffffffffffff); - let mut x156: u64 = 0; - let mut x157: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_subborrowx_u64(&mut x156, &mut x157, x155, (x143 as u64), (0x0 as u64)); - let mut x158: u64 = 0; - let mut x159: fiat_p384_scalar_u1 = 0; - fiat_p384_scalar_addcarryx_u64(&mut x158, &mut x159, 0x0, x6, (0x1 as u64)); - let x160: u64 = ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)); - let x161: u64 = ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)); - let x162: u64 = ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)); - let x163: u64 = ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)); - let x164: u64 = ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)); - let x165: u64 = ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)); - let x166: u64 = ((x124 & 0x8000000000000000) | (x124 >> 1)); + let mut x132: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x131, &mut x132, 0x0, x98, x125); + let mut x133: u64 = 0; + let mut x134: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x133, &mut x134, x132, x99, x126); + let mut x135: u64 = 0; + let mut x136: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x135, &mut x136, x134, x100, x127); + let mut x137: u64 = 0; + let mut x138: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x137, &mut x138, x136, x101, x128); + let mut x139: u64 = 0; + let mut x140: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x139, &mut x140, x138, x102, x129); + let mut x141: u64 = 0; + let mut x142: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x141, &mut x142, x140, x103, x130); + let mut x143: u64 = 0; + let mut x144: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x143, &mut x144, 0x0, x131, 0xecec196accc52973); + let mut x145: u64 = 0; + let mut x146: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x145, &mut x146, x144, x133, 0x581a0db248b0a77a); + let mut x147: u64 = 0; + let mut x148: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x147, &mut x148, x146, x135, 0xc7634d81f4372ddf); + let mut x149: u64 = 0; + let mut x150: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x149, &mut x150, x148, x137, 0xffffffffffffffff); + let mut x151: u64 = 0; + let mut x152: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x151, &mut x152, x150, x139, 0xffffffffffffffff); + let mut x153: u64 = 0; + let mut x154: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x153, &mut x154, x152, x141, 0xffffffffffffffff); + let mut x155: u64 = 0; + let mut x156: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_subborrowx_u64(&mut x155, &mut x156, x154, (x142 as u64), (0x0 as u64)); + let mut x157: u64 = 0; + let mut x158: fiat_p384_scalar_u1 = 0; + fiat_p384_scalar_addcarryx_u64(&mut x157, &mut x158, 0x0, x6, (0x1 as u64)); + let x159: u64 = ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)); + let x160: u64 = ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)); + let x161: u64 = ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)); + let x162: u64 = ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)); + let x163: u64 = ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)); + let x164: u64 = ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)); + let x165: u64 = ((x123 & 0x8000000000000000) | (x123 >> 1)); + let mut x166: u64 = 0; + fiat_p384_scalar_cmovznz_u64(&mut x166, x66, x53, x41); let mut x167: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x167, x66, x53, x41); + fiat_p384_scalar_cmovznz_u64(&mut x167, x66, x55, x43); let mut x168: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x168, x66, x55, x43); + fiat_p384_scalar_cmovznz_u64(&mut x168, x66, x57, x45); let mut x169: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x169, x66, x57, x45); + fiat_p384_scalar_cmovznz_u64(&mut x169, x66, x59, x47); let mut x170: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x170, x66, x59, x47); + fiat_p384_scalar_cmovznz_u64(&mut x170, x66, x61, x49); let mut x171: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x171, x66, x61, x49); + fiat_p384_scalar_cmovznz_u64(&mut x171, x66, x63, x51); let mut x172: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x172, x66, x63, x51); + fiat_p384_scalar_cmovznz_u64(&mut x172, x156, x143, x131); let mut x173: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x173, x157, x144, x132); + fiat_p384_scalar_cmovznz_u64(&mut x173, x156, x145, x133); let mut x174: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x174, x157, x146, x134); + fiat_p384_scalar_cmovznz_u64(&mut x174, x156, x147, x135); let mut x175: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x175, x157, x148, x136); + fiat_p384_scalar_cmovznz_u64(&mut x175, x156, x149, x137); let mut x176: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x176, x157, x150, x138); + fiat_p384_scalar_cmovznz_u64(&mut x176, x156, x151, x139); let mut x177: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x177, x157, x152, x140); - let mut x178: u64 = 0; - fiat_p384_scalar_cmovznz_u64(&mut x178, x157, x154, x142); - *out1 = x158; + fiat_p384_scalar_cmovznz_u64(&mut x177, x156, x153, x141); + *out1 = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3585,25 +3540,25 @@ pub fn fiat_p384_scalar_divstep(out1: &mut u64, out2: &mut [u64; 7], out3: &mut out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /// The function fiat_p384_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p434_64.rs b/fiat-rust/src/p434_64.rs index 1879479606..fd2729f35a 100644 --- a/fiat-rust/src/p434_64.rs +++ b/fiat-rust/src/p434_64.rs @@ -50,10 +50,9 @@ pub type fiat_p434_non_montgomery_domain_field_element = [u64; 7]; #[inline] pub fn fiat_p434_addcarryx_u64(out1: &mut u64, out2: &mut fiat_p434_u1, arg1: fiat_p434_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_p434_u1 = ((x1 >> 64) as fiat_p434_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_p434_u1 = ((x1 >> 64) as fiat_p434_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p434_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_p434_subborrowx_u64(out1: &mut u64, out2: &mut fiat_p434_u1, arg1: f #[inline] pub fn fiat_p434_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_p434_cmovznz_u64 is a single-word conditional move. @@ -3753,157 +3751,109 @@ pub fn fiat_p434_to_bytes(out1: &mut [u8; 55], arg1: &[u64; 7]) -> () { let x5: u64 = (arg1[2]); let x6: u64 = (arg1[1]); let x7: u64 = (arg1[0]); - let x8: u8 = ((x7 & (0xff as u64)) as u8); - let x9: u64 = (x7 >> 8); - let x10: u8 = ((x9 & (0xff as u64)) as u8); - let x11: u64 = (x9 >> 8); - let x12: u8 = ((x11 & (0xff as u64)) as u8); - let x13: u64 = (x11 >> 8); - let x14: u8 = ((x13 & (0xff as u64)) as u8); - let x15: u64 = (x13 >> 8); - let x16: u8 = ((x15 & (0xff as u64)) as u8); - let x17: u64 = (x15 >> 8); - let x18: u8 = ((x17 & (0xff as u64)) as u8); - let x19: u64 = (x17 >> 8); - let x20: u8 = ((x19 & (0xff as u64)) as u8); - let x21: u8 = ((x19 >> 8) as u8); - let x22: u8 = ((x6 & (0xff as u64)) as u8); - let x23: u64 = (x6 >> 8); - let x24: u8 = ((x23 & (0xff as u64)) as u8); - let x25: u64 = (x23 >> 8); - let x26: u8 = ((x25 & (0xff as u64)) as u8); - let x27: u64 = (x25 >> 8); - let x28: u8 = ((x27 & (0xff as u64)) as u8); - let x29: u64 = (x27 >> 8); - let x30: u8 = ((x29 & (0xff as u64)) as u8); - let x31: u64 = (x29 >> 8); - let x32: u8 = ((x31 & (0xff as u64)) as u8); - let x33: u64 = (x31 >> 8); - let x34: u8 = ((x33 & (0xff as u64)) as u8); - let x35: u8 = ((x33 >> 8) as u8); - let x36: u8 = ((x5 & (0xff as u64)) as u8); - let x37: u64 = (x5 >> 8); - let x38: u8 = ((x37 & (0xff as u64)) as u8); - let x39: u64 = (x37 >> 8); - let x40: u8 = ((x39 & (0xff as u64)) as u8); - let x41: u64 = (x39 >> 8); - let x42: u8 = ((x41 & (0xff as u64)) as u8); - let x43: u64 = (x41 >> 8); - let x44: u8 = ((x43 & (0xff as u64)) as u8); - let x45: u64 = (x43 >> 8); - let x46: u8 = ((x45 & (0xff as u64)) as u8); - let x47: u64 = (x45 >> 8); - let x48: u8 = ((x47 & (0xff as u64)) as u8); - let x49: u8 = ((x47 >> 8) as u8); - let x50: u8 = ((x4 & (0xff as u64)) as u8); - let x51: u64 = (x4 >> 8); - let x52: u8 = ((x51 & (0xff as u64)) as u8); - let x53: u64 = (x51 >> 8); - let x54: u8 = ((x53 & (0xff as u64)) as u8); - let x55: u64 = (x53 >> 8); - let x56: u8 = ((x55 & (0xff as u64)) as u8); - let x57: u64 = (x55 >> 8); - let x58: u8 = ((x57 & (0xff as u64)) as u8); - let x59: u64 = (x57 >> 8); - let x60: u8 = ((x59 & (0xff as u64)) as u8); - let x61: u64 = (x59 >> 8); - let x62: u8 = ((x61 & (0xff as u64)) as u8); - let x63: u8 = ((x61 >> 8) as u8); - let x64: u8 = ((x3 & (0xff as u64)) as u8); - let x65: u64 = (x3 >> 8); - let x66: u8 = ((x65 & (0xff as u64)) as u8); - let x67: u64 = (x65 >> 8); - let x68: u8 = ((x67 & (0xff as u64)) as u8); - let x69: u64 = (x67 >> 8); - let x70: u8 = ((x69 & (0xff as u64)) as u8); - let x71: u64 = (x69 >> 8); - let x72: u8 = ((x71 & (0xff as u64)) as u8); - let x73: u64 = (x71 >> 8); - let x74: u8 = ((x73 & (0xff as u64)) as u8); - let x75: u64 = (x73 >> 8); - let x76: u8 = ((x75 & (0xff as u64)) as u8); - let x77: u8 = ((x75 >> 8) as u8); - let x78: u8 = ((x2 & (0xff as u64)) as u8); - let x79: u64 = (x2 >> 8); - let x80: u8 = ((x79 & (0xff as u64)) as u8); - let x81: u64 = (x79 >> 8); - let x82: u8 = ((x81 & (0xff as u64)) as u8); - let x83: u64 = (x81 >> 8); - let x84: u8 = ((x83 & (0xff as u64)) as u8); - let x85: u64 = (x83 >> 8); - let x86: u8 = ((x85 & (0xff as u64)) as u8); - let x87: u64 = (x85 >> 8); - let x88: u8 = ((x87 & (0xff as u64)) as u8); - let x89: u64 = (x87 >> 8); - let x90: u8 = ((x89 & (0xff as u64)) as u8); - let x91: u8 = ((x89 >> 8) as u8); - let x92: u8 = ((x1 & (0xff as u64)) as u8); - let x93: u64 = (x1 >> 8); - let x94: u8 = ((x93 & (0xff as u64)) as u8); - let x95: u64 = (x93 >> 8); - let x96: u8 = ((x95 & (0xff as u64)) as u8); - let x97: u64 = (x95 >> 8); - let x98: u8 = ((x97 & (0xff as u64)) as u8); - let x99: u64 = (x97 >> 8); - let x100: u8 = ((x99 & (0xff as u64)) as u8); - let x101: u64 = (x99 >> 8); - let x102: u8 = ((x101 & (0xff as u64)) as u8); - let x103: u8 = ((x101 >> 8) as u8); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x14; - out1[4] = x16; - out1[5] = x18; - out1[6] = x20; - out1[7] = x21; - out1[8] = x22; - out1[9] = x24; - out1[10] = x26; - out1[11] = x28; - out1[12] = x30; - out1[13] = x32; - out1[14] = x34; - out1[15] = x35; - out1[16] = x36; - out1[17] = x38; - out1[18] = x40; - out1[19] = x42; - out1[20] = x44; - out1[21] = x46; - out1[22] = x48; - out1[23] = x49; - out1[24] = x50; - out1[25] = x52; - out1[26] = x54; - out1[27] = x56; - out1[28] = x58; - out1[29] = x60; - out1[30] = x62; - out1[31] = x63; - out1[32] = x64; - out1[33] = x66; - out1[34] = x68; - out1[35] = x70; - out1[36] = x72; - out1[37] = x74; - out1[38] = x76; - out1[39] = x77; - out1[40] = x78; - out1[41] = x80; - out1[42] = x82; - out1[43] = x84; - out1[44] = x86; - out1[45] = x88; - out1[46] = x90; - out1[47] = x91; - out1[48] = x92; - out1[49] = x94; - out1[50] = x96; - out1[51] = x98; - out1[52] = x100; - out1[53] = x102; - out1[54] = x103; + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u64 = (x10 >> 8); + let x12: u64 = (x11 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u64 = (x6 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u64 = (x17 >> 8); + let x19: u64 = (x18 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u8 = ((x20 >> 8) as u8); + let x22: u64 = (x5 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u64 = (x24 >> 8); + let x26: u64 = (x25 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u8 = ((x27 >> 8) as u8); + let x29: u64 = (x4 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u64 = (x31 >> 8); + let x33: u64 = (x32 >> 8); + let x34: u64 = (x33 >> 8); + let x35: u8 = ((x34 >> 8) as u8); + let x36: u64 = (x3 >> 8); + let x37: u64 = (x36 >> 8); + let x38: u64 = (x37 >> 8); + let x39: u64 = (x38 >> 8); + let x40: u64 = (x39 >> 8); + let x41: u64 = (x40 >> 8); + let x42: u8 = ((x41 >> 8) as u8); + let x43: u64 = (x2 >> 8); + let x44: u64 = (x43 >> 8); + let x45: u64 = (x44 >> 8); + let x46: u64 = (x45 >> 8); + let x47: u64 = (x46 >> 8); + let x48: u64 = (x47 >> 8); + let x49: u8 = ((x48 >> 8) as u8); + let x50: u64 = (x1 >> 8); + let x51: u64 = (x50 >> 8); + let x52: u64 = (x51 >> 8); + let x53: u64 = (x52 >> 8); + let x54: u64 = (x53 >> 8); + let x55: u8 = ((x54 >> 8) as u8); + out1[0] = (x7 as u8); + out1[1] = (x8 as u8); + out1[2] = (x9 as u8); + out1[3] = (x10 as u8); + out1[4] = (x11 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = (x17 as u8); + out1[12] = (x18 as u8); + out1[13] = (x19 as u8); + out1[14] = (x20 as u8); + out1[15] = x21; + out1[16] = (x5 as u8); + out1[17] = (x22 as u8); + out1[18] = (x23 as u8); + out1[19] = (x24 as u8); + out1[20] = (x25 as u8); + out1[21] = (x26 as u8); + out1[22] = (x27 as u8); + out1[23] = x28; + out1[24] = (x4 as u8); + out1[25] = (x29 as u8); + out1[26] = (x30 as u8); + out1[27] = (x31 as u8); + out1[28] = (x32 as u8); + out1[29] = (x33 as u8); + out1[30] = (x34 as u8); + out1[31] = x35; + out1[32] = (x3 as u8); + out1[33] = (x36 as u8); + out1[34] = (x37 as u8); + out1[35] = (x38 as u8); + out1[36] = (x39 as u8); + out1[37] = (x40 as u8); + out1[38] = (x41 as u8); + out1[39] = x42; + out1[40] = (x2 as u8); + out1[41] = (x43 as u8); + out1[42] = (x44 as u8); + out1[43] = (x45 as u8); + out1[44] = (x46 as u8); + out1[45] = (x47 as u8); + out1[46] = (x48 as u8); + out1[47] = x49; + out1[48] = (x1 as u8); + out1[49] = (x50 as u8); + out1[50] = (x51 as u8); + out1[51] = (x52 as u8); + out1[52] = (x53 as u8); + out1[53] = (x54 as u8); + out1[54] = x55; } /// The function fiat_p434_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4102,7 +4052,7 @@ pub fn fiat_p434_divstep(out1: &mut u64, out2: &mut [u64; 8], out3: &mut [u64; 8 let mut x1: u64 = 0; let mut x2: fiat_p434_u1 = 0; fiat_p434_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_p434_u1 = (((x1 >> 63) as fiat_p434_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_p434_u1)); + let x3: fiat_p434_u1 = (((x1 >> 63) as fiat_p434_u1) & ((arg3[0]) as fiat_p434_u1)); let mut x4: u64 = 0; let mut x5: fiat_p434_u1 = 0; fiat_p434_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -4288,146 +4238,145 @@ pub fn fiat_p434_divstep(out1: &mut u64, out2: &mut [u64; 8], out3: &mut [u64; 8 fiat_p434_cmovznz_u64(&mut x117, x3, (arg5[5]), x108); let mut x118: u64 = 0; fiat_p434_cmovznz_u64(&mut x118, x3, (arg5[6]), x110); - let x119: fiat_p434_u1 = ((x31 & (0x1 as u64)) as fiat_p434_u1); + let mut x119: u64 = 0; + fiat_p434_cmovznz_u64(&mut x119, (x31 as fiat_p434_u1), (0x0 as u64), x7); let mut x120: u64 = 0; - fiat_p434_cmovznz_u64(&mut x120, x119, (0x0 as u64), x7); + fiat_p434_cmovznz_u64(&mut x120, (x31 as fiat_p434_u1), (0x0 as u64), x8); let mut x121: u64 = 0; - fiat_p434_cmovznz_u64(&mut x121, x119, (0x0 as u64), x8); + fiat_p434_cmovznz_u64(&mut x121, (x31 as fiat_p434_u1), (0x0 as u64), x9); let mut x122: u64 = 0; - fiat_p434_cmovznz_u64(&mut x122, x119, (0x0 as u64), x9); + fiat_p434_cmovznz_u64(&mut x122, (x31 as fiat_p434_u1), (0x0 as u64), x10); let mut x123: u64 = 0; - fiat_p434_cmovznz_u64(&mut x123, x119, (0x0 as u64), x10); + fiat_p434_cmovznz_u64(&mut x123, (x31 as fiat_p434_u1), (0x0 as u64), x11); let mut x124: u64 = 0; - fiat_p434_cmovznz_u64(&mut x124, x119, (0x0 as u64), x11); + fiat_p434_cmovznz_u64(&mut x124, (x31 as fiat_p434_u1), (0x0 as u64), x12); let mut x125: u64 = 0; - fiat_p434_cmovznz_u64(&mut x125, x119, (0x0 as u64), x12); + fiat_p434_cmovznz_u64(&mut x125, (x31 as fiat_p434_u1), (0x0 as u64), x13); let mut x126: u64 = 0; - fiat_p434_cmovznz_u64(&mut x126, x119, (0x0 as u64), x13); + fiat_p434_cmovznz_u64(&mut x126, (x31 as fiat_p434_u1), (0x0 as u64), x14); let mut x127: u64 = 0; - fiat_p434_cmovznz_u64(&mut x127, x119, (0x0 as u64), x14); - let mut x128: u64 = 0; - let mut x129: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x128, &mut x129, 0x0, x31, x120); - let mut x130: u64 = 0; - let mut x131: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x130, &mut x131, x129, x32, x121); - let mut x132: u64 = 0; - let mut x133: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x132, &mut x133, x131, x33, x122); - let mut x134: u64 = 0; - let mut x135: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x134, &mut x135, x133, x34, x123); - let mut x136: u64 = 0; - let mut x137: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x136, &mut x137, x135, x35, x124); - let mut x138: u64 = 0; - let mut x139: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x138, &mut x139, x137, x36, x125); - let mut x140: u64 = 0; - let mut x141: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x140, &mut x141, x139, x37, x126); - let mut x142: u64 = 0; - let mut x143: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x142, &mut x143, x141, x38, x127); + let mut x128: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x127, &mut x128, 0x0, x31, x119); + let mut x129: u64 = 0; + let mut x130: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x129, &mut x130, x128, x32, x120); + let mut x131: u64 = 0; + let mut x132: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x131, &mut x132, x130, x33, x121); + let mut x133: u64 = 0; + let mut x134: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x133, &mut x134, x132, x34, x122); + let mut x135: u64 = 0; + let mut x136: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x135, &mut x136, x134, x35, x123); + let mut x137: u64 = 0; + let mut x138: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x137, &mut x138, x136, x36, x124); + let mut x139: u64 = 0; + let mut x140: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x139, &mut x140, x138, x37, x125); + let mut x141: u64 = 0; + let mut x142: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x141, &mut x142, x140, x38, x126); + let mut x143: u64 = 0; + fiat_p434_cmovznz_u64(&mut x143, (x31 as fiat_p434_u1), (0x0 as u64), x39); let mut x144: u64 = 0; - fiat_p434_cmovznz_u64(&mut x144, x119, (0x0 as u64), x39); + fiat_p434_cmovznz_u64(&mut x144, (x31 as fiat_p434_u1), (0x0 as u64), x40); let mut x145: u64 = 0; - fiat_p434_cmovznz_u64(&mut x145, x119, (0x0 as u64), x40); + fiat_p434_cmovznz_u64(&mut x145, (x31 as fiat_p434_u1), (0x0 as u64), x41); let mut x146: u64 = 0; - fiat_p434_cmovznz_u64(&mut x146, x119, (0x0 as u64), x41); + fiat_p434_cmovznz_u64(&mut x146, (x31 as fiat_p434_u1), (0x0 as u64), x42); let mut x147: u64 = 0; - fiat_p434_cmovznz_u64(&mut x147, x119, (0x0 as u64), x42); + fiat_p434_cmovznz_u64(&mut x147, (x31 as fiat_p434_u1), (0x0 as u64), x43); let mut x148: u64 = 0; - fiat_p434_cmovznz_u64(&mut x148, x119, (0x0 as u64), x43); + fiat_p434_cmovznz_u64(&mut x148, (x31 as fiat_p434_u1), (0x0 as u64), x44); let mut x149: u64 = 0; - fiat_p434_cmovznz_u64(&mut x149, x119, (0x0 as u64), x44); + fiat_p434_cmovznz_u64(&mut x149, (x31 as fiat_p434_u1), (0x0 as u64), x45); let mut x150: u64 = 0; - fiat_p434_cmovznz_u64(&mut x150, x119, (0x0 as u64), x45); - let mut x151: u64 = 0; - let mut x152: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x151, &mut x152, 0x0, x112, x144); - let mut x153: u64 = 0; - let mut x154: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x153, &mut x154, x152, x113, x145); - let mut x155: u64 = 0; - let mut x156: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x155, &mut x156, x154, x114, x146); - let mut x157: u64 = 0; - let mut x158: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x157, &mut x158, x156, x115, x147); - let mut x159: u64 = 0; - let mut x160: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x159, &mut x160, x158, x116, x148); - let mut x161: u64 = 0; - let mut x162: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x161, &mut x162, x160, x117, x149); - let mut x163: u64 = 0; - let mut x164: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x163, &mut x164, x162, x118, x150); - let mut x165: u64 = 0; - let mut x166: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x165, &mut x166, 0x0, x151, 0xffffffffffffffff); - let mut x167: u64 = 0; - let mut x168: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x167, &mut x168, x166, x153, 0xffffffffffffffff); - let mut x169: u64 = 0; - let mut x170: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x169, &mut x170, x168, x155, 0xffffffffffffffff); - let mut x171: u64 = 0; - let mut x172: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x171, &mut x172, x170, x157, 0xfdc1767ae2ffffff); - let mut x173: u64 = 0; - let mut x174: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x173, &mut x174, x172, x159, 0x7bc65c783158aea3); - let mut x175: u64 = 0; - let mut x176: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x175, &mut x176, x174, x161, 0x6cfc5fd681c52056); - let mut x177: u64 = 0; - let mut x178: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x177, &mut x178, x176, x163, 0x2341f27177344); - let mut x179: u64 = 0; - let mut x180: fiat_p434_u1 = 0; - fiat_p434_subborrowx_u64(&mut x179, &mut x180, x178, (x164 as u64), (0x0 as u64)); - let mut x181: u64 = 0; - let mut x182: fiat_p434_u1 = 0; - fiat_p434_addcarryx_u64(&mut x181, &mut x182, 0x0, x6, (0x1 as u64)); - let x183: u64 = ((x128 >> 1) | ((x130 << 63) & 0xffffffffffffffff)); - let x184: u64 = ((x130 >> 1) | ((x132 << 63) & 0xffffffffffffffff)); - let x185: u64 = ((x132 >> 1) | ((x134 << 63) & 0xffffffffffffffff)); - let x186: u64 = ((x134 >> 1) | ((x136 << 63) & 0xffffffffffffffff)); - let x187: u64 = ((x136 >> 1) | ((x138 << 63) & 0xffffffffffffffff)); - let x188: u64 = ((x138 >> 1) | ((x140 << 63) & 0xffffffffffffffff)); - let x189: u64 = ((x140 >> 1) | ((x142 << 63) & 0xffffffffffffffff)); - let x190: u64 = ((x142 & 0x8000000000000000) | (x142 >> 1)); + let mut x151: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x150, &mut x151, 0x0, x112, x143); + let mut x152: u64 = 0; + let mut x153: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x152, &mut x153, x151, x113, x144); + let mut x154: u64 = 0; + let mut x155: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x154, &mut x155, x153, x114, x145); + let mut x156: u64 = 0; + let mut x157: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x156, &mut x157, x155, x115, x146); + let mut x158: u64 = 0; + let mut x159: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x158, &mut x159, x157, x116, x147); + let mut x160: u64 = 0; + let mut x161: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x160, &mut x161, x159, x117, x148); + let mut x162: u64 = 0; + let mut x163: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x162, &mut x163, x161, x118, x149); + let mut x164: u64 = 0; + let mut x165: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x164, &mut x165, 0x0, x150, 0xffffffffffffffff); + let mut x166: u64 = 0; + let mut x167: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x166, &mut x167, x165, x152, 0xffffffffffffffff); + let mut x168: u64 = 0; + let mut x169: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x168, &mut x169, x167, x154, 0xffffffffffffffff); + let mut x170: u64 = 0; + let mut x171: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x170, &mut x171, x169, x156, 0xfdc1767ae2ffffff); + let mut x172: u64 = 0; + let mut x173: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x172, &mut x173, x171, x158, 0x7bc65c783158aea3); + let mut x174: u64 = 0; + let mut x175: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x174, &mut x175, x173, x160, 0x6cfc5fd681c52056); + let mut x176: u64 = 0; + let mut x177: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x176, &mut x177, x175, x162, 0x2341f27177344); + let mut x178: u64 = 0; + let mut x179: fiat_p434_u1 = 0; + fiat_p434_subborrowx_u64(&mut x178, &mut x179, x177, (x163 as u64), (0x0 as u64)); + let mut x180: u64 = 0; + let mut x181: fiat_p434_u1 = 0; + fiat_p434_addcarryx_u64(&mut x180, &mut x181, 0x0, x6, (0x1 as u64)); + let x182: u64 = ((x127 >> 1) | ((x129 << 63) & 0xffffffffffffffff)); + let x183: u64 = ((x129 >> 1) | ((x131 << 63) & 0xffffffffffffffff)); + let x184: u64 = ((x131 >> 1) | ((x133 << 63) & 0xffffffffffffffff)); + let x185: u64 = ((x133 >> 1) | ((x135 << 63) & 0xffffffffffffffff)); + let x186: u64 = ((x135 >> 1) | ((x137 << 63) & 0xffffffffffffffff)); + let x187: u64 = ((x137 >> 1) | ((x139 << 63) & 0xffffffffffffffff)); + let x188: u64 = ((x139 >> 1) | ((x141 << 63) & 0xffffffffffffffff)); + let x189: u64 = ((x141 & 0x8000000000000000) | (x141 >> 1)); + let mut x190: u64 = 0; + fiat_p434_cmovznz_u64(&mut x190, x75, x60, x46); let mut x191: u64 = 0; - fiat_p434_cmovznz_u64(&mut x191, x75, x60, x46); + fiat_p434_cmovznz_u64(&mut x191, x75, x62, x48); let mut x192: u64 = 0; - fiat_p434_cmovznz_u64(&mut x192, x75, x62, x48); + fiat_p434_cmovznz_u64(&mut x192, x75, x64, x50); let mut x193: u64 = 0; - fiat_p434_cmovznz_u64(&mut x193, x75, x64, x50); + fiat_p434_cmovznz_u64(&mut x193, x75, x66, x52); let mut x194: u64 = 0; - fiat_p434_cmovznz_u64(&mut x194, x75, x66, x52); + fiat_p434_cmovznz_u64(&mut x194, x75, x68, x54); let mut x195: u64 = 0; - fiat_p434_cmovznz_u64(&mut x195, x75, x68, x54); + fiat_p434_cmovznz_u64(&mut x195, x75, x70, x56); let mut x196: u64 = 0; - fiat_p434_cmovznz_u64(&mut x196, x75, x70, x56); + fiat_p434_cmovznz_u64(&mut x196, x75, x72, x58); let mut x197: u64 = 0; - fiat_p434_cmovznz_u64(&mut x197, x75, x72, x58); + fiat_p434_cmovznz_u64(&mut x197, x179, x164, x150); let mut x198: u64 = 0; - fiat_p434_cmovznz_u64(&mut x198, x180, x165, x151); + fiat_p434_cmovznz_u64(&mut x198, x179, x166, x152); let mut x199: u64 = 0; - fiat_p434_cmovznz_u64(&mut x199, x180, x167, x153); + fiat_p434_cmovznz_u64(&mut x199, x179, x168, x154); let mut x200: u64 = 0; - fiat_p434_cmovznz_u64(&mut x200, x180, x169, x155); + fiat_p434_cmovznz_u64(&mut x200, x179, x170, x156); let mut x201: u64 = 0; - fiat_p434_cmovznz_u64(&mut x201, x180, x171, x157); + fiat_p434_cmovznz_u64(&mut x201, x179, x172, x158); let mut x202: u64 = 0; - fiat_p434_cmovznz_u64(&mut x202, x180, x173, x159); + fiat_p434_cmovznz_u64(&mut x202, x179, x174, x160); let mut x203: u64 = 0; - fiat_p434_cmovznz_u64(&mut x203, x180, x175, x161); - let mut x204: u64 = 0; - fiat_p434_cmovznz_u64(&mut x204, x180, x177, x163); - *out1 = x181; + fiat_p434_cmovznz_u64(&mut x203, x179, x176, x162); + *out1 = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4436,28 +4385,28 @@ pub fn fiat_p434_divstep(out1: &mut u64, out2: &mut [u64; 8], out3: &mut [u64; 8 out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /// The function fiat_p434_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/p448_solinas_32.rs b/fiat-rust/src/p448_solinas_32.rs index 9f37fd21ae..26b924c275 100644 --- a/fiat-rust/src/p448_solinas_32.rs +++ b/fiat-rust/src/p448_solinas_32.rs @@ -1327,166 +1327,118 @@ pub fn fiat_p448_to_bytes(out1: &mut [u8; 56], arg1: &fiat_p448_tight_field_elem let x71: u32 = (x44 << 4); let x72: u32 = (x40 << 4); let x73: u32 = (x36 << 4); - let x74: u8 = ((x34 & (0xff as u32)) as u8); - let x75: u32 = (x34 >> 8); - let x76: u8 = ((x75 & (0xff as u32)) as u8); - let x77: u32 = (x75 >> 8); - let x78: u8 = ((x77 & (0xff as u32)) as u8); - let x79: u8 = ((x77 >> 8) as u8); - let x80: u32 = (x73 + (x79 as u32)); - let x81: u8 = ((x80 & (0xff as u32)) as u8); - let x82: u32 = (x80 >> 8); - let x83: u8 = ((x82 & (0xff as u32)) as u8); - let x84: u32 = (x82 >> 8); - let x85: u8 = ((x84 & (0xff as u32)) as u8); - let x86: u8 = ((x84 >> 8) as u8); - let x87: u8 = ((x38 & (0xff as u32)) as u8); - let x88: u32 = (x38 >> 8); - let x89: u8 = ((x88 & (0xff as u32)) as u8); - let x90: u32 = (x88 >> 8); - let x91: u8 = ((x90 & (0xff as u32)) as u8); - let x92: u8 = ((x90 >> 8) as u8); - let x93: u32 = (x72 + (x92 as u32)); - let x94: u8 = ((x93 & (0xff as u32)) as u8); - let x95: u32 = (x93 >> 8); - let x96: u8 = ((x95 & (0xff as u32)) as u8); - let x97: u32 = (x95 >> 8); - let x98: u8 = ((x97 & (0xff as u32)) as u8); - let x99: u8 = ((x97 >> 8) as u8); - let x100: u8 = ((x42 & (0xff as u32)) as u8); - let x101: u32 = (x42 >> 8); - let x102: u8 = ((x101 & (0xff as u32)) as u8); - let x103: u32 = (x101 >> 8); - let x104: u8 = ((x103 & (0xff as u32)) as u8); - let x105: u8 = ((x103 >> 8) as u8); - let x106: u32 = (x71 + (x105 as u32)); - let x107: u8 = ((x106 & (0xff as u32)) as u8); - let x108: u32 = (x106 >> 8); - let x109: u8 = ((x108 & (0xff as u32)) as u8); - let x110: u32 = (x108 >> 8); - let x111: u8 = ((x110 & (0xff as u32)) as u8); - let x112: u8 = ((x110 >> 8) as u8); - let x113: u8 = ((x46 & (0xff as u32)) as u8); - let x114: u32 = (x46 >> 8); - let x115: u8 = ((x114 & (0xff as u32)) as u8); - let x116: u32 = (x114 >> 8); - let x117: u8 = ((x116 & (0xff as u32)) as u8); - let x118: u8 = ((x116 >> 8) as u8); - let x119: u32 = (x70 + (x118 as u32)); - let x120: u8 = ((x119 & (0xff as u32)) as u8); - let x121: u32 = (x119 >> 8); - let x122: u8 = ((x121 & (0xff as u32)) as u8); - let x123: u32 = (x121 >> 8); - let x124: u8 = ((x123 & (0xff as u32)) as u8); - let x125: u8 = ((x123 >> 8) as u8); - let x126: u8 = ((x50 & (0xff as u32)) as u8); - let x127: u32 = (x50 >> 8); - let x128: u8 = ((x127 & (0xff as u32)) as u8); - let x129: u32 = (x127 >> 8); - let x130: u8 = ((x129 & (0xff as u32)) as u8); - let x131: u8 = ((x129 >> 8) as u8); - let x132: u32 = (x69 + (x131 as u32)); - let x133: u8 = ((x132 & (0xff as u32)) as u8); - let x134: u32 = (x132 >> 8); - let x135: u8 = ((x134 & (0xff as u32)) as u8); - let x136: u32 = (x134 >> 8); - let x137: u8 = ((x136 & (0xff as u32)) as u8); - let x138: u8 = ((x136 >> 8) as u8); - let x139: u8 = ((x54 & (0xff as u32)) as u8); - let x140: u32 = (x54 >> 8); - let x141: u8 = ((x140 & (0xff as u32)) as u8); - let x142: u32 = (x140 >> 8); - let x143: u8 = ((x142 & (0xff as u32)) as u8); - let x144: u8 = ((x142 >> 8) as u8); - let x145: u32 = (x68 + (x144 as u32)); - let x146: u8 = ((x145 & (0xff as u32)) as u8); - let x147: u32 = (x145 >> 8); - let x148: u8 = ((x147 & (0xff as u32)) as u8); - let x149: u32 = (x147 >> 8); - let x150: u8 = ((x149 & (0xff as u32)) as u8); - let x151: u8 = ((x149 >> 8) as u8); - let x152: u8 = ((x58 & (0xff as u32)) as u8); - let x153: u32 = (x58 >> 8); - let x154: u8 = ((x153 & (0xff as u32)) as u8); - let x155: u32 = (x153 >> 8); - let x156: u8 = ((x155 & (0xff as u32)) as u8); - let x157: u8 = ((x155 >> 8) as u8); - let x158: u32 = (x67 + (x157 as u32)); - let x159: u8 = ((x158 & (0xff as u32)) as u8); - let x160: u32 = (x158 >> 8); - let x161: u8 = ((x160 & (0xff as u32)) as u8); - let x162: u32 = (x160 >> 8); - let x163: u8 = ((x162 & (0xff as u32)) as u8); - let x164: u8 = ((x162 >> 8) as u8); - let x165: u8 = ((x62 & (0xff as u32)) as u8); - let x166: u32 = (x62 >> 8); - let x167: u8 = ((x166 & (0xff as u32)) as u8); - let x168: u32 = (x166 >> 8); - let x169: u8 = ((x168 & (0xff as u32)) as u8); - let x170: u8 = ((x168 >> 8) as u8); - let x171: u32 = (x66 + (x170 as u32)); - let x172: u8 = ((x171 & (0xff as u32)) as u8); - let x173: u32 = (x171 >> 8); - let x174: u8 = ((x173 & (0xff as u32)) as u8); - let x175: u32 = (x173 >> 8); - let x176: u8 = ((x175 & (0xff as u32)) as u8); - let x177: u8 = ((x175 >> 8) as u8); - out1[0] = x74; - out1[1] = x76; - out1[2] = x78; - out1[3] = x81; - out1[4] = x83; - out1[5] = x85; - out1[6] = x86; - out1[7] = x87; - out1[8] = x89; - out1[9] = x91; - out1[10] = x94; - out1[11] = x96; - out1[12] = x98; - out1[13] = x99; - out1[14] = x100; - out1[15] = x102; - out1[16] = x104; - out1[17] = x107; - out1[18] = x109; - out1[19] = x111; - out1[20] = x112; - out1[21] = x113; - out1[22] = x115; - out1[23] = x117; - out1[24] = x120; - out1[25] = x122; - out1[26] = x124; - out1[27] = x125; - out1[28] = x126; - out1[29] = x128; - out1[30] = x130; - out1[31] = x133; - out1[32] = x135; - out1[33] = x137; - out1[34] = x138; - out1[35] = x139; - out1[36] = x141; - out1[37] = x143; - out1[38] = x146; - out1[39] = x148; - out1[40] = x150; - out1[41] = x151; - out1[42] = x152; - out1[43] = x154; - out1[44] = x156; - out1[45] = x159; - out1[46] = x161; - out1[47] = x163; - out1[48] = x164; - out1[49] = x165; - out1[50] = x167; - out1[51] = x169; - out1[52] = x172; - out1[53] = x174; - out1[54] = x176; - out1[55] = x177; + let x74: u32 = (x34 >> 8); + let x75: u32 = (x74 >> 8); + let x76: u8 = ((x75 >> 8) as u8); + let x77: u32 = (x73 + (x76 as u32)); + let x78: u32 = (x77 >> 8); + let x79: u32 = (x78 >> 8); + let x80: u8 = ((x79 >> 8) as u8); + let x81: u32 = (x38 >> 8); + let x82: u32 = (x81 >> 8); + let x83: u8 = ((x82 >> 8) as u8); + let x84: u32 = (x72 + (x83 as u32)); + let x85: u32 = (x84 >> 8); + let x86: u32 = (x85 >> 8); + let x87: u8 = ((x86 >> 8) as u8); + let x88: u32 = (x42 >> 8); + let x89: u32 = (x88 >> 8); + let x90: u8 = ((x89 >> 8) as u8); + let x91: u32 = (x71 + (x90 as u32)); + let x92: u32 = (x91 >> 8); + let x93: u32 = (x92 >> 8); + let x94: u8 = ((x93 >> 8) as u8); + let x95: u32 = (x46 >> 8); + let x96: u32 = (x95 >> 8); + let x97: u8 = ((x96 >> 8) as u8); + let x98: u32 = (x70 + (x97 as u32)); + let x99: u32 = (x98 >> 8); + let x100: u32 = (x99 >> 8); + let x101: u8 = ((x100 >> 8) as u8); + let x102: u32 = (x50 >> 8); + let x103: u32 = (x102 >> 8); + let x104: u8 = ((x103 >> 8) as u8); + let x105: u32 = (x69 + (x104 as u32)); + let x106: u32 = (x105 >> 8); + let x107: u32 = (x106 >> 8); + let x108: u8 = ((x107 >> 8) as u8); + let x109: u32 = (x54 >> 8); + let x110: u32 = (x109 >> 8); + let x111: u8 = ((x110 >> 8) as u8); + let x112: u32 = (x68 + (x111 as u32)); + let x113: u32 = (x112 >> 8); + let x114: u32 = (x113 >> 8); + let x115: u8 = ((x114 >> 8) as u8); + let x116: u32 = (x58 >> 8); + let x117: u32 = (x116 >> 8); + let x118: u8 = ((x117 >> 8) as u8); + let x119: u32 = (x67 + (x118 as u32)); + let x120: u32 = (x119 >> 8); + let x121: u32 = (x120 >> 8); + let x122: u8 = ((x121 >> 8) as u8); + let x123: u32 = (x62 >> 8); + let x124: u32 = (x123 >> 8); + let x125: u8 = ((x124 >> 8) as u8); + let x126: u32 = (x66 + (x125 as u32)); + let x127: u32 = (x126 >> 8); + let x128: u32 = (x127 >> 8); + let x129: u8 = ((x128 >> 8) as u8); + out1[0] = (x34 as u8); + out1[1] = (x74 as u8); + out1[2] = (x75 as u8); + out1[3] = (x77 as u8); + out1[4] = (x78 as u8); + out1[5] = (x79 as u8); + out1[6] = x80; + out1[7] = (x38 as u8); + out1[8] = (x81 as u8); + out1[9] = (x82 as u8); + out1[10] = (x84 as u8); + out1[11] = (x85 as u8); + out1[12] = (x86 as u8); + out1[13] = x87; + out1[14] = (x42 as u8); + out1[15] = (x88 as u8); + out1[16] = (x89 as u8); + out1[17] = (x91 as u8); + out1[18] = (x92 as u8); + out1[19] = (x93 as u8); + out1[20] = x94; + out1[21] = (x46 as u8); + out1[22] = (x95 as u8); + out1[23] = (x96 as u8); + out1[24] = (x98 as u8); + out1[25] = (x99 as u8); + out1[26] = (x100 as u8); + out1[27] = x101; + out1[28] = (x50 as u8); + out1[29] = (x102 as u8); + out1[30] = (x103 as u8); + out1[31] = (x105 as u8); + out1[32] = (x106 as u8); + out1[33] = (x107 as u8); + out1[34] = x108; + out1[35] = (x54 as u8); + out1[36] = (x109 as u8); + out1[37] = (x110 as u8); + out1[38] = (x112 as u8); + out1[39] = (x113 as u8); + out1[40] = (x114 as u8); + out1[41] = x115; + out1[42] = (x58 as u8); + out1[43] = (x116 as u8); + out1[44] = (x117 as u8); + out1[45] = (x119 as u8); + out1[46] = (x120 as u8); + out1[47] = (x121 as u8); + out1[48] = x122; + out1[49] = (x62 as u8); + out1[50] = (x123 as u8); + out1[51] = (x124 as u8); + out1[52] = (x126 as u8); + out1[53] = (x127 as u8); + out1[54] = (x128 as u8); + out1[55] = x129; } /// The function fiat_p448_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/p448_solinas_64.rs b/fiat-rust/src/p448_solinas_64.rs index 13a99ccc6c..a15cb4e5d3 100644 --- a/fiat-rust/src/p448_solinas_64.rs +++ b/fiat-rust/src/p448_solinas_64.rs @@ -605,158 +605,110 @@ pub fn fiat_p448_to_bytes(out1: &mut [u8; 56], arg1: &fiat_p448_tight_field_elem let mut x32: u64 = 0; let mut x33: fiat_p448_u1 = 0; fiat_p448_addcarryx_u56(&mut x32, &mut x33, x31, x15, (x17 & 0xffffffffffffff)); - let x34: u8 = ((x18 & (0xff as u64)) as u8); - let x35: u64 = (x18 >> 8); - let x36: u8 = ((x35 & (0xff as u64)) as u8); - let x37: u64 = (x35 >> 8); - let x38: u8 = ((x37 & (0xff as u64)) as u8); - let x39: u64 = (x37 >> 8); - let x40: u8 = ((x39 & (0xff as u64)) as u8); - let x41: u64 = (x39 >> 8); - let x42: u8 = ((x41 & (0xff as u64)) as u8); - let x43: u64 = (x41 >> 8); - let x44: u8 = ((x43 & (0xff as u64)) as u8); - let x45: u8 = ((x43 >> 8) as u8); - let x46: u8 = ((x20 & (0xff as u64)) as u8); - let x47: u64 = (x20 >> 8); - let x48: u8 = ((x47 & (0xff as u64)) as u8); - let x49: u64 = (x47 >> 8); - let x50: u8 = ((x49 & (0xff as u64)) as u8); - let x51: u64 = (x49 >> 8); - let x52: u8 = ((x51 & (0xff as u64)) as u8); - let x53: u64 = (x51 >> 8); - let x54: u8 = ((x53 & (0xff as u64)) as u8); - let x55: u64 = (x53 >> 8); - let x56: u8 = ((x55 & (0xff as u64)) as u8); - let x57: u8 = ((x55 >> 8) as u8); - let x58: u8 = ((x22 & (0xff as u64)) as u8); - let x59: u64 = (x22 >> 8); - let x60: u8 = ((x59 & (0xff as u64)) as u8); - let x61: u64 = (x59 >> 8); - let x62: u8 = ((x61 & (0xff as u64)) as u8); - let x63: u64 = (x61 >> 8); - let x64: u8 = ((x63 & (0xff as u64)) as u8); - let x65: u64 = (x63 >> 8); - let x66: u8 = ((x65 & (0xff as u64)) as u8); - let x67: u64 = (x65 >> 8); - let x68: u8 = ((x67 & (0xff as u64)) as u8); - let x69: u8 = ((x67 >> 8) as u8); - let x70: u8 = ((x24 & (0xff as u64)) as u8); - let x71: u64 = (x24 >> 8); - let x72: u8 = ((x71 & (0xff as u64)) as u8); - let x73: u64 = (x71 >> 8); - let x74: u8 = ((x73 & (0xff as u64)) as u8); - let x75: u64 = (x73 >> 8); - let x76: u8 = ((x75 & (0xff as u64)) as u8); - let x77: u64 = (x75 >> 8); - let x78: u8 = ((x77 & (0xff as u64)) as u8); - let x79: u64 = (x77 >> 8); - let x80: u8 = ((x79 & (0xff as u64)) as u8); - let x81: u8 = ((x79 >> 8) as u8); - let x82: u8 = ((x26 & (0xff as u64)) as u8); - let x83: u64 = (x26 >> 8); - let x84: u8 = ((x83 & (0xff as u64)) as u8); - let x85: u64 = (x83 >> 8); - let x86: u8 = ((x85 & (0xff as u64)) as u8); - let x87: u64 = (x85 >> 8); - let x88: u8 = ((x87 & (0xff as u64)) as u8); - let x89: u64 = (x87 >> 8); - let x90: u8 = ((x89 & (0xff as u64)) as u8); - let x91: u64 = (x89 >> 8); - let x92: u8 = ((x91 & (0xff as u64)) as u8); - let x93: u8 = ((x91 >> 8) as u8); - let x94: u8 = ((x28 & (0xff as u64)) as u8); - let x95: u64 = (x28 >> 8); - let x96: u8 = ((x95 & (0xff as u64)) as u8); - let x97: u64 = (x95 >> 8); - let x98: u8 = ((x97 & (0xff as u64)) as u8); - let x99: u64 = (x97 >> 8); - let x100: u8 = ((x99 & (0xff as u64)) as u8); - let x101: u64 = (x99 >> 8); - let x102: u8 = ((x101 & (0xff as u64)) as u8); - let x103: u64 = (x101 >> 8); - let x104: u8 = ((x103 & (0xff as u64)) as u8); - let x105: u8 = ((x103 >> 8) as u8); - let x106: u8 = ((x30 & (0xff as u64)) as u8); - let x107: u64 = (x30 >> 8); - let x108: u8 = ((x107 & (0xff as u64)) as u8); - let x109: u64 = (x107 >> 8); - let x110: u8 = ((x109 & (0xff as u64)) as u8); - let x111: u64 = (x109 >> 8); - let x112: u8 = ((x111 & (0xff as u64)) as u8); - let x113: u64 = (x111 >> 8); - let x114: u8 = ((x113 & (0xff as u64)) as u8); - let x115: u64 = (x113 >> 8); - let x116: u8 = ((x115 & (0xff as u64)) as u8); - let x117: u8 = ((x115 >> 8) as u8); - let x118: u8 = ((x32 & (0xff as u64)) as u8); - let x119: u64 = (x32 >> 8); - let x120: u8 = ((x119 & (0xff as u64)) as u8); - let x121: u64 = (x119 >> 8); - let x122: u8 = ((x121 & (0xff as u64)) as u8); - let x123: u64 = (x121 >> 8); - let x124: u8 = ((x123 & (0xff as u64)) as u8); - let x125: u64 = (x123 >> 8); - let x126: u8 = ((x125 & (0xff as u64)) as u8); - let x127: u64 = (x125 >> 8); - let x128: u8 = ((x127 & (0xff as u64)) as u8); - let x129: u8 = ((x127 >> 8) as u8); - out1[0] = x34; - out1[1] = x36; - out1[2] = x38; - out1[3] = x40; - out1[4] = x42; - out1[5] = x44; - out1[6] = x45; - out1[7] = x46; - out1[8] = x48; - out1[9] = x50; - out1[10] = x52; - out1[11] = x54; - out1[12] = x56; - out1[13] = x57; - out1[14] = x58; - out1[15] = x60; - out1[16] = x62; - out1[17] = x64; - out1[18] = x66; - out1[19] = x68; - out1[20] = x69; - out1[21] = x70; - out1[22] = x72; - out1[23] = x74; - out1[24] = x76; - out1[25] = x78; - out1[26] = x80; - out1[27] = x81; - out1[28] = x82; - out1[29] = x84; - out1[30] = x86; - out1[31] = x88; - out1[32] = x90; - out1[33] = x92; - out1[34] = x93; - out1[35] = x94; - out1[36] = x96; - out1[37] = x98; - out1[38] = x100; - out1[39] = x102; - out1[40] = x104; - out1[41] = x105; - out1[42] = x106; - out1[43] = x108; - out1[44] = x110; - out1[45] = x112; - out1[46] = x114; - out1[47] = x116; - out1[48] = x117; - out1[49] = x118; - out1[50] = x120; - out1[51] = x122; - out1[52] = x124; - out1[53] = x126; - out1[54] = x128; - out1[55] = x129; + let x34: u64 = (x18 >> 8); + let x35: u64 = (x34 >> 8); + let x36: u64 = (x35 >> 8); + let x37: u64 = (x36 >> 8); + let x38: u64 = (x37 >> 8); + let x39: u8 = ((x38 >> 8) as u8); + let x40: u64 = (x20 >> 8); + let x41: u64 = (x40 >> 8); + let x42: u64 = (x41 >> 8); + let x43: u64 = (x42 >> 8); + let x44: u64 = (x43 >> 8); + let x45: u8 = ((x44 >> 8) as u8); + let x46: u64 = (x22 >> 8); + let x47: u64 = (x46 >> 8); + let x48: u64 = (x47 >> 8); + let x49: u64 = (x48 >> 8); + let x50: u64 = (x49 >> 8); + let x51: u8 = ((x50 >> 8) as u8); + let x52: u64 = (x24 >> 8); + let x53: u64 = (x52 >> 8); + let x54: u64 = (x53 >> 8); + let x55: u64 = (x54 >> 8); + let x56: u64 = (x55 >> 8); + let x57: u8 = ((x56 >> 8) as u8); + let x58: u64 = (x26 >> 8); + let x59: u64 = (x58 >> 8); + let x60: u64 = (x59 >> 8); + let x61: u64 = (x60 >> 8); + let x62: u64 = (x61 >> 8); + let x63: u8 = ((x62 >> 8) as u8); + let x64: u64 = (x28 >> 8); + let x65: u64 = (x64 >> 8); + let x66: u64 = (x65 >> 8); + let x67: u64 = (x66 >> 8); + let x68: u64 = (x67 >> 8); + let x69: u8 = ((x68 >> 8) as u8); + let x70: u64 = (x30 >> 8); + let x71: u64 = (x70 >> 8); + let x72: u64 = (x71 >> 8); + let x73: u64 = (x72 >> 8); + let x74: u64 = (x73 >> 8); + let x75: u8 = ((x74 >> 8) as u8); + let x76: u64 = (x32 >> 8); + let x77: u64 = (x76 >> 8); + let x78: u64 = (x77 >> 8); + let x79: u64 = (x78 >> 8); + let x80: u64 = (x79 >> 8); + let x81: u8 = ((x80 >> 8) as u8); + out1[0] = (x18 as u8); + out1[1] = (x34 as u8); + out1[2] = (x35 as u8); + out1[3] = (x36 as u8); + out1[4] = (x37 as u8); + out1[5] = (x38 as u8); + out1[6] = x39; + out1[7] = (x20 as u8); + out1[8] = (x40 as u8); + out1[9] = (x41 as u8); + out1[10] = (x42 as u8); + out1[11] = (x43 as u8); + out1[12] = (x44 as u8); + out1[13] = x45; + out1[14] = (x22 as u8); + out1[15] = (x46 as u8); + out1[16] = (x47 as u8); + out1[17] = (x48 as u8); + out1[18] = (x49 as u8); + out1[19] = (x50 as u8); + out1[20] = x51; + out1[21] = (x24 as u8); + out1[22] = (x52 as u8); + out1[23] = (x53 as u8); + out1[24] = (x54 as u8); + out1[25] = (x55 as u8); + out1[26] = (x56 as u8); + out1[27] = x57; + out1[28] = (x26 as u8); + out1[29] = (x58 as u8); + out1[30] = (x59 as u8); + out1[31] = (x60 as u8); + out1[32] = (x61 as u8); + out1[33] = (x62 as u8); + out1[34] = x63; + out1[35] = (x28 as u8); + out1[36] = (x64 as u8); + out1[37] = (x65 as u8); + out1[38] = (x66 as u8); + out1[39] = (x67 as u8); + out1[40] = (x68 as u8); + out1[41] = x69; + out1[42] = (x30 as u8); + out1[43] = (x70 as u8); + out1[44] = (x71 as u8); + out1[45] = (x72 as u8); + out1[46] = (x73 as u8); + out1[47] = (x74 as u8); + out1[48] = x75; + out1[49] = (x32 as u8); + out1[50] = (x76 as u8); + out1[51] = (x77 as u8); + out1[52] = (x78 as u8); + out1[53] = (x79 as u8); + out1[54] = (x80 as u8); + out1[55] = x81; } /// The function fiat_p448_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/p521_32.rs b/fiat-rust/src/p521_32.rs index 95b7a6e6af..04e8a34ed0 100644 --- a/fiat-rust/src/p521_32.rs +++ b/fiat-rust/src/p521_32.rs @@ -1365,214 +1365,151 @@ pub fn fiat_p521_to_bytes(out1: &mut [u8; 66], arg1: &fiat_p521_tight_field_elem let x91: u32 = (x46 << 3); let x92: u64 = ((x44 as u64) << 7); let x93: u32 = (x42 << 4); - let x94: u8 = ((x40 & (0xff as u32)) as u8); - let x95: u32 = (x40 >> 8); - let x96: u8 = ((x95 & (0xff as u32)) as u8); - let x97: u32 = (x95 >> 8); - let x98: u8 = ((x97 & (0xff as u32)) as u8); - let x99: u8 = ((x97 >> 8) as u8); - let x100: u32 = (x93 + (x99 as u32)); - let x101: u8 = ((x100 & (0xff as u32)) as u8); - let x102: u32 = (x100 >> 8); - let x103: u8 = ((x102 & (0xff as u32)) as u8); - let x104: u32 = (x102 >> 8); - let x105: u8 = ((x104 & (0xff as u32)) as u8); - let x106: u8 = ((x104 >> 8) as u8); - let x107: u64 = (x92 + (x106 as u64)); - let x108: u8 = ((x107 & (0xff as u64)) as u8); - let x109: u32 = ((x107 >> 8) as u32); - let x110: u8 = ((x109 & (0xff as u32)) as u8); - let x111: u32 = (x109 >> 8); - let x112: u8 = ((x111 & (0xff as u32)) as u8); - let x113: u32 = (x111 >> 8); - let x114: u8 = ((x113 & (0xff as u32)) as u8); - let x115: u8 = ((x113 >> 8) as u8); - let x116: u32 = (x91 + (x115 as u32)); - let x117: u8 = ((x116 & (0xff as u32)) as u8); - let x118: u32 = (x116 >> 8); - let x119: u8 = ((x118 & (0xff as u32)) as u8); - let x120: u32 = (x118 >> 8); - let x121: u8 = ((x120 & (0xff as u32)) as u8); - let x122: u8 = ((x120 >> 8) as u8); - let x123: u64 = (x90 + (x122 as u64)); - let x124: u8 = ((x123 & (0xff as u64)) as u8); - let x125: u32 = ((x123 >> 8) as u32); - let x126: u8 = ((x125 & (0xff as u32)) as u8); - let x127: u32 = (x125 >> 8); - let x128: u8 = ((x127 & (0xff as u32)) as u8); - let x129: u32 = (x127 >> 8); - let x130: u8 = ((x129 & (0xff as u32)) as u8); - let x131: u8 = ((x129 >> 8) as u8); - let x132: u32 = (x89 + (x131 as u32)); - let x133: u8 = ((x132 & (0xff as u32)) as u8); - let x134: u32 = (x132 >> 8); - let x135: u8 = ((x134 & (0xff as u32)) as u8); - let x136: u32 = (x134 >> 8); - let x137: u8 = ((x136 & (0xff as u32)) as u8); - let x138: u8 = ((x136 >> 8) as u8); - let x139: u32 = (x88 + (x138 as u32)); - let x140: u8 = ((x139 & (0xff as u32)) as u8); - let x141: u32 = (x139 >> 8); - let x142: u8 = ((x141 & (0xff as u32)) as u8); - let x143: u32 = (x141 >> 8); - let x144: u8 = ((x143 & (0xff as u32)) as u8); - let x145: u8 = ((x143 >> 8) as u8); - let x146: u8 = ((x54 & (0xff as u32)) as u8); - let x147: u32 = (x54 >> 8); - let x148: u8 = ((x147 & (0xff as u32)) as u8); - let x149: u32 = (x147 >> 8); - let x150: u8 = ((x149 & (0xff as u32)) as u8); - let x151: u8 = ((x149 >> 8) as u8); - let x152: u32 = (x87 + (x151 as u32)); - let x153: u8 = ((x152 & (0xff as u32)) as u8); - let x154: u32 = (x152 >> 8); - let x155: u8 = ((x154 & (0xff as u32)) as u8); - let x156: u32 = (x154 >> 8); - let x157: u8 = ((x156 & (0xff as u32)) as u8); - let x158: u8 = ((x156 >> 8) as u8); - let x159: u64 = (x86 + (x158 as u64)); - let x160: u8 = ((x159 & (0xff as u64)) as u8); - let x161: u32 = ((x159 >> 8) as u32); - let x162: u8 = ((x161 & (0xff as u32)) as u8); - let x163: u32 = (x161 >> 8); - let x164: u8 = ((x163 & (0xff as u32)) as u8); - let x165: u32 = (x163 >> 8); - let x166: u8 = ((x165 & (0xff as u32)) as u8); - let x167: u8 = ((x165 >> 8) as u8); - let x168: u32 = (x85 + (x167 as u32)); - let x169: u8 = ((x168 & (0xff as u32)) as u8); - let x170: u32 = (x168 >> 8); - let x171: u8 = ((x170 & (0xff as u32)) as u8); - let x172: u32 = (x170 >> 8); - let x173: u8 = ((x172 & (0xff as u32)) as u8); - let x174: u8 = ((x172 >> 8) as u8); - let x175: u64 = (x84 + (x174 as u64)); - let x176: u8 = ((x175 & (0xff as u64)) as u8); - let x177: u32 = ((x175 >> 8) as u32); - let x178: u8 = ((x177 & (0xff as u32)) as u8); - let x179: u32 = (x177 >> 8); - let x180: u8 = ((x179 & (0xff as u32)) as u8); - let x181: u32 = (x179 >> 8); - let x182: u8 = ((x181 & (0xff as u32)) as u8); - let x183: u8 = ((x181 >> 8) as u8); - let x184: u32 = (x83 + (x183 as u32)); - let x185: u8 = ((x184 & (0xff as u32)) as u8); - let x186: u32 = (x184 >> 8); - let x187: u8 = ((x186 & (0xff as u32)) as u8); - let x188: u32 = (x186 >> 8); - let x189: u8 = ((x188 & (0xff as u32)) as u8); - let x190: u8 = ((x188 >> 8) as u8); - let x191: u32 = (x82 + (x190 as u32)); - let x192: u8 = ((x191 & (0xff as u32)) as u8); - let x193: u32 = (x191 >> 8); - let x194: u8 = ((x193 & (0xff as u32)) as u8); - let x195: u32 = (x193 >> 8); - let x196: u8 = ((x195 & (0xff as u32)) as u8); - let x197: u8 = ((x195 >> 8) as u8); - let x198: u8 = ((x68 & (0xff as u32)) as u8); - let x199: u32 = (x68 >> 8); - let x200: u8 = ((x199 & (0xff as u32)) as u8); - let x201: u32 = (x199 >> 8); - let x202: u8 = ((x201 & (0xff as u32)) as u8); - let x203: u8 = ((x201 >> 8) as u8); - let x204: u32 = (x81 + (x203 as u32)); - let x205: u8 = ((x204 & (0xff as u32)) as u8); - let x206: u32 = (x204 >> 8); - let x207: u8 = ((x206 & (0xff as u32)) as u8); - let x208: u32 = (x206 >> 8); - let x209: u8 = ((x208 & (0xff as u32)) as u8); - let x210: u8 = ((x208 >> 8) as u8); - let x211: u64 = (x80 + (x210 as u64)); - let x212: u8 = ((x211 & (0xff as u64)) as u8); - let x213: u32 = ((x211 >> 8) as u32); - let x214: u8 = ((x213 & (0xff as u32)) as u8); - let x215: u32 = (x213 >> 8); - let x216: u8 = ((x215 & (0xff as u32)) as u8); - let x217: u32 = (x215 >> 8); - let x218: u8 = ((x217 & (0xff as u32)) as u8); - let x219: u8 = ((x217 >> 8) as u8); - let x220: u32 = (x79 + (x219 as u32)); - let x221: u8 = ((x220 & (0xff as u32)) as u8); - let x222: u32 = (x220 >> 8); - let x223: u8 = ((x222 & (0xff as u32)) as u8); - let x224: u32 = (x222 >> 8); - let x225: u8 = ((x224 & (0xff as u32)) as u8); - let x226: u8 = ((x224 >> 8) as u8); - let x227: u64 = (x78 + (x226 as u64)); - let x228: u8 = ((x227 & (0xff as u64)) as u8); - let x229: u32 = ((x227 >> 8) as u32); - let x230: u8 = ((x229 & (0xff as u32)) as u8); - let x231: u32 = (x229 >> 8); - let x232: u8 = ((x231 & (0xff as u32)) as u8); - let x233: u32 = (x231 >> 8); - let x234: u8 = ((x233 & (0xff as u32)) as u8); - let x235: fiat_p521_u1 = ((x233 >> 8) as fiat_p521_u1); - out1[0] = x94; - out1[1] = x96; - out1[2] = x98; - out1[3] = x101; - out1[4] = x103; - out1[5] = x105; - out1[6] = x108; - out1[7] = x110; - out1[8] = x112; - out1[9] = x114; - out1[10] = x117; - out1[11] = x119; - out1[12] = x121; - out1[13] = x124; - out1[14] = x126; - out1[15] = x128; - out1[16] = x130; - out1[17] = x133; - out1[18] = x135; - out1[19] = x137; - out1[20] = x140; - out1[21] = x142; - out1[22] = x144; - out1[23] = x145; - out1[24] = x146; - out1[25] = x148; - out1[26] = x150; - out1[27] = x153; - out1[28] = x155; - out1[29] = x157; - out1[30] = x160; - out1[31] = x162; - out1[32] = x164; - out1[33] = x166; - out1[34] = x169; - out1[35] = x171; - out1[36] = x173; - out1[37] = x176; - out1[38] = x178; - out1[39] = x180; - out1[40] = x182; - out1[41] = x185; - out1[42] = x187; - out1[43] = x189; - out1[44] = x192; - out1[45] = x194; - out1[46] = x196; - out1[47] = x197; - out1[48] = x198; - out1[49] = x200; - out1[50] = x202; - out1[51] = x205; - out1[52] = x207; - out1[53] = x209; - out1[54] = x212; - out1[55] = x214; - out1[56] = x216; - out1[57] = x218; - out1[58] = x221; - out1[59] = x223; - out1[60] = x225; - out1[61] = x228; - out1[62] = x230; - out1[63] = x232; - out1[64] = x234; - out1[65] = (x235 as u8); + let x94: u32 = (x40 >> 8); + let x95: u32 = (x94 >> 8); + let x96: u8 = ((x95 >> 8) as u8); + let x97: u32 = (x93 + (x96 as u32)); + let x98: u32 = (x97 >> 8); + let x99: u32 = (x98 >> 8); + let x100: u8 = ((x99 >> 8) as u8); + let x101: u64 = (x92 + (x100 as u64)); + let x102: u32 = ((x101 >> 8) as u32); + let x103: u32 = (x102 >> 8); + let x104: u32 = (x103 >> 8); + let x105: u8 = ((x104 >> 8) as u8); + let x106: u32 = (x91 + (x105 as u32)); + let x107: u32 = (x106 >> 8); + let x108: u32 = (x107 >> 8); + let x109: u8 = ((x108 >> 8) as u8); + let x110: u64 = (x90 + (x109 as u64)); + let x111: u32 = ((x110 >> 8) as u32); + let x112: u32 = (x111 >> 8); + let x113: u32 = (x112 >> 8); + let x114: u8 = ((x113 >> 8) as u8); + let x115: u32 = (x89 + (x114 as u32)); + let x116: u32 = (x115 >> 8); + let x117: u32 = (x116 >> 8); + let x118: u8 = ((x117 >> 8) as u8); + let x119: u32 = (x88 + (x118 as u32)); + let x120: u32 = (x119 >> 8); + let x121: u32 = (x120 >> 8); + let x122: u8 = ((x121 >> 8) as u8); + let x123: u32 = (x54 >> 8); + let x124: u32 = (x123 >> 8); + let x125: u8 = ((x124 >> 8) as u8); + let x126: u32 = (x87 + (x125 as u32)); + let x127: u32 = (x126 >> 8); + let x128: u32 = (x127 >> 8); + let x129: u8 = ((x128 >> 8) as u8); + let x130: u64 = (x86 + (x129 as u64)); + let x131: u32 = ((x130 >> 8) as u32); + let x132: u32 = (x131 >> 8); + let x133: u32 = (x132 >> 8); + let x134: u8 = ((x133 >> 8) as u8); + let x135: u32 = (x85 + (x134 as u32)); + let x136: u32 = (x135 >> 8); + let x137: u32 = (x136 >> 8); + let x138: u8 = ((x137 >> 8) as u8); + let x139: u64 = (x84 + (x138 as u64)); + let x140: u32 = ((x139 >> 8) as u32); + let x141: u32 = (x140 >> 8); + let x142: u32 = (x141 >> 8); + let x143: u8 = ((x142 >> 8) as u8); + let x144: u32 = (x83 + (x143 as u32)); + let x145: u32 = (x144 >> 8); + let x146: u32 = (x145 >> 8); + let x147: u8 = ((x146 >> 8) as u8); + let x148: u32 = (x82 + (x147 as u32)); + let x149: u32 = (x148 >> 8); + let x150: u32 = (x149 >> 8); + let x151: u8 = ((x150 >> 8) as u8); + let x152: u32 = (x68 >> 8); + let x153: u32 = (x152 >> 8); + let x154: u8 = ((x153 >> 8) as u8); + let x155: u32 = (x81 + (x154 as u32)); + let x156: u32 = (x155 >> 8); + let x157: u32 = (x156 >> 8); + let x158: u8 = ((x157 >> 8) as u8); + let x159: u64 = (x80 + (x158 as u64)); + let x160: u32 = ((x159 >> 8) as u32); + let x161: u32 = (x160 >> 8); + let x162: u32 = (x161 >> 8); + let x163: u8 = ((x162 >> 8) as u8); + let x164: u32 = (x79 + (x163 as u32)); + let x165: u32 = (x164 >> 8); + let x166: u32 = (x165 >> 8); + let x167: u8 = ((x166 >> 8) as u8); + let x168: u64 = (x78 + (x167 as u64)); + let x169: u32 = ((x168 >> 8) as u32); + let x170: u32 = (x169 >> 8); + let x171: u32 = (x170 >> 8); + let x172: fiat_p521_u1 = ((x171 >> 8) as fiat_p521_u1); + out1[0] = (x40 as u8); + out1[1] = (x94 as u8); + out1[2] = (x95 as u8); + out1[3] = (x97 as u8); + out1[4] = (x98 as u8); + out1[5] = (x99 as u8); + out1[6] = (x101 as u8); + out1[7] = (x102 as u8); + out1[8] = (x103 as u8); + out1[9] = (x104 as u8); + out1[10] = (x106 as u8); + out1[11] = (x107 as u8); + out1[12] = (x108 as u8); + out1[13] = (x110 as u8); + out1[14] = (x111 as u8); + out1[15] = (x112 as u8); + out1[16] = (x113 as u8); + out1[17] = (x115 as u8); + out1[18] = (x116 as u8); + out1[19] = (x117 as u8); + out1[20] = (x119 as u8); + out1[21] = (x120 as u8); + out1[22] = (x121 as u8); + out1[23] = x122; + out1[24] = (x54 as u8); + out1[25] = (x123 as u8); + out1[26] = (x124 as u8); + out1[27] = (x126 as u8); + out1[28] = (x127 as u8); + out1[29] = (x128 as u8); + out1[30] = (x130 as u8); + out1[31] = (x131 as u8); + out1[32] = (x132 as u8); + out1[33] = (x133 as u8); + out1[34] = (x135 as u8); + out1[35] = (x136 as u8); + out1[36] = (x137 as u8); + out1[37] = (x139 as u8); + out1[38] = (x140 as u8); + out1[39] = (x141 as u8); + out1[40] = (x142 as u8); + out1[41] = (x144 as u8); + out1[42] = (x145 as u8); + out1[43] = (x146 as u8); + out1[44] = (x148 as u8); + out1[45] = (x149 as u8); + out1[46] = (x150 as u8); + out1[47] = x151; + out1[48] = (x68 as u8); + out1[49] = (x152 as u8); + out1[50] = (x153 as u8); + out1[51] = (x155 as u8); + out1[52] = (x156 as u8); + out1[53] = (x157 as u8); + out1[54] = (x159 as u8); + out1[55] = (x160 as u8); + out1[56] = (x161 as u8); + out1[57] = (x162 as u8); + out1[58] = (x164 as u8); + out1[59] = (x165 as u8); + out1[60] = (x166 as u8); + out1[61] = (x168 as u8); + out1[62] = (x169 as u8); + out1[63] = (x170 as u8); + out1[64] = (x171 as u8); + out1[65] = (x172 as u8); } /// The function fiat_p521_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/p521_64.rs b/fiat-rust/src/p521_64.rs index c220311a1d..a3aed23ea2 100644 --- a/fiat-rust/src/p521_64.rs +++ b/fiat-rust/src/p521_64.rs @@ -630,204 +630,141 @@ pub fn fiat_p521_to_bytes(out1: &mut [u8; 66], arg1: &fiat_p521_tight_field_elem let x41: u64 = (x26 << 6); let x42: u64 = (x24 << 4); let x43: u64 = (x22 << 2); - let x44: u8 = ((x20 & (0xff as u64)) as u8); - let x45: u64 = (x20 >> 8); - let x46: u8 = ((x45 & (0xff as u64)) as u8); - let x47: u64 = (x45 >> 8); - let x48: u8 = ((x47 & (0xff as u64)) as u8); - let x49: u64 = (x47 >> 8); - let x50: u8 = ((x49 & (0xff as u64)) as u8); - let x51: u64 = (x49 >> 8); - let x52: u8 = ((x51 & (0xff as u64)) as u8); - let x53: u64 = (x51 >> 8); - let x54: u8 = ((x53 & (0xff as u64)) as u8); - let x55: u64 = (x53 >> 8); - let x56: u8 = ((x55 & (0xff as u64)) as u8); - let x57: u8 = ((x55 >> 8) as u8); - let x58: u64 = (x43 + (x57 as u64)); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u64 = (x58 >> 8); - let x61: u8 = ((x60 & (0xff as u64)) as u8); - let x62: u64 = (x60 >> 8); - let x63: u8 = ((x62 & (0xff as u64)) as u8); - let x64: u64 = (x62 >> 8); - let x65: u8 = ((x64 & (0xff as u64)) as u8); - let x66: u64 = (x64 >> 8); - let x67: u8 = ((x66 & (0xff as u64)) as u8); - let x68: u64 = (x66 >> 8); - let x69: u8 = ((x68 & (0xff as u64)) as u8); - let x70: u64 = (x68 >> 8); - let x71: u8 = ((x70 & (0xff as u64)) as u8); - let x72: u8 = ((x70 >> 8) as u8); - let x73: u64 = (x42 + (x72 as u64)); - let x74: u8 = ((x73 & (0xff as u64)) as u8); - let x75: u64 = (x73 >> 8); - let x76: u8 = ((x75 & (0xff as u64)) as u8); - let x77: u64 = (x75 >> 8); - let x78: u8 = ((x77 & (0xff as u64)) as u8); - let x79: u64 = (x77 >> 8); - let x80: u8 = ((x79 & (0xff as u64)) as u8); - let x81: u64 = (x79 >> 8); - let x82: u8 = ((x81 & (0xff as u64)) as u8); - let x83: u64 = (x81 >> 8); - let x84: u8 = ((x83 & (0xff as u64)) as u8); - let x85: u64 = (x83 >> 8); - let x86: u8 = ((x85 & (0xff as u64)) as u8); - let x87: u8 = ((x85 >> 8) as u8); - let x88: u64 = (x41 + (x87 as u64)); - let x89: u8 = ((x88 & (0xff as u64)) as u8); - let x90: u64 = (x88 >> 8); - let x91: u8 = ((x90 & (0xff as u64)) as u8); - let x92: u64 = (x90 >> 8); - let x93: u8 = ((x92 & (0xff as u64)) as u8); - let x94: u64 = (x92 >> 8); - let x95: u8 = ((x94 & (0xff as u64)) as u8); - let x96: u64 = (x94 >> 8); - let x97: u8 = ((x96 & (0xff as u64)) as u8); - let x98: u64 = (x96 >> 8); - let x99: u8 = ((x98 & (0xff as u64)) as u8); - let x100: u64 = (x98 >> 8); - let x101: u8 = ((x100 & (0xff as u64)) as u8); - let x102: u8 = ((x100 >> 8) as u8); - let x103: u8 = ((x28 & (0xff as u64)) as u8); - let x104: u64 = (x28 >> 8); - let x105: u8 = ((x104 & (0xff as u64)) as u8); - let x106: u64 = (x104 >> 8); - let x107: u8 = ((x106 & (0xff as u64)) as u8); - let x108: u64 = (x106 >> 8); - let x109: u8 = ((x108 & (0xff as u64)) as u8); - let x110: u64 = (x108 >> 8); - let x111: u8 = ((x110 & (0xff as u64)) as u8); - let x112: u64 = (x110 >> 8); - let x113: u8 = ((x112 & (0xff as u64)) as u8); - let x114: u64 = (x112 >> 8); - let x115: u8 = ((x114 & (0xff as u64)) as u8); - let x116: u8 = ((x114 >> 8) as u8); - let x117: u64 = (x40 + (x116 as u64)); - let x118: u8 = ((x117 & (0xff as u64)) as u8); - let x119: u64 = (x117 >> 8); - let x120: u8 = ((x119 & (0xff as u64)) as u8); - let x121: u64 = (x119 >> 8); - let x122: u8 = ((x121 & (0xff as u64)) as u8); - let x123: u64 = (x121 >> 8); - let x124: u8 = ((x123 & (0xff as u64)) as u8); - let x125: u64 = (x123 >> 8); - let x126: u8 = ((x125 & (0xff as u64)) as u8); - let x127: u64 = (x125 >> 8); - let x128: u8 = ((x127 & (0xff as u64)) as u8); - let x129: u64 = (x127 >> 8); - let x130: u8 = ((x129 & (0xff as u64)) as u8); - let x131: u8 = ((x129 >> 8) as u8); - let x132: u64 = (x39 + (x131 as u64)); - let x133: u8 = ((x132 & (0xff as u64)) as u8); - let x134: u64 = (x132 >> 8); - let x135: u8 = ((x134 & (0xff as u64)) as u8); - let x136: u64 = (x134 >> 8); - let x137: u8 = ((x136 & (0xff as u64)) as u8); - let x138: u64 = (x136 >> 8); - let x139: u8 = ((x138 & (0xff as u64)) as u8); - let x140: u64 = (x138 >> 8); - let x141: u8 = ((x140 & (0xff as u64)) as u8); - let x142: u64 = (x140 >> 8); - let x143: u8 = ((x142 & (0xff as u64)) as u8); - let x144: u64 = (x142 >> 8); - let x145: u8 = ((x144 & (0xff as u64)) as u8); - let x146: u8 = ((x144 >> 8) as u8); - let x147: u64 = (x38 + (x146 as u64)); - let x148: u8 = ((x147 & (0xff as u64)) as u8); - let x149: u64 = (x147 >> 8); - let x150: u8 = ((x149 & (0xff as u64)) as u8); - let x151: u64 = (x149 >> 8); - let x152: u8 = ((x151 & (0xff as u64)) as u8); - let x153: u64 = (x151 >> 8); - let x154: u8 = ((x153 & (0xff as u64)) as u8); - let x155: u64 = (x153 >> 8); - let x156: u8 = ((x155 & (0xff as u64)) as u8); - let x157: u64 = (x155 >> 8); - let x158: u8 = ((x157 & (0xff as u64)) as u8); - let x159: u64 = (x157 >> 8); - let x160: u8 = ((x159 & (0xff as u64)) as u8); - let x161: u8 = ((x159 >> 8) as u8); - let x162: u8 = ((x36 & (0xff as u64)) as u8); - let x163: u64 = (x36 >> 8); - let x164: u8 = ((x163 & (0xff as u64)) as u8); - let x165: u64 = (x163 >> 8); - let x166: u8 = ((x165 & (0xff as u64)) as u8); - let x167: u64 = (x165 >> 8); - let x168: u8 = ((x167 & (0xff as u64)) as u8); - let x169: u64 = (x167 >> 8); - let x170: u8 = ((x169 & (0xff as u64)) as u8); - let x171: u64 = (x169 >> 8); - let x172: u8 = ((x171 & (0xff as u64)) as u8); - let x173: u64 = (x171 >> 8); - let x174: u8 = ((x173 & (0xff as u64)) as u8); - let x175: fiat_p521_u1 = ((x173 >> 8) as fiat_p521_u1); - out1[0] = x44; - out1[1] = x46; - out1[2] = x48; - out1[3] = x50; - out1[4] = x52; - out1[5] = x54; - out1[6] = x56; - out1[7] = x59; - out1[8] = x61; - out1[9] = x63; - out1[10] = x65; - out1[11] = x67; - out1[12] = x69; - out1[13] = x71; - out1[14] = x74; - out1[15] = x76; - out1[16] = x78; - out1[17] = x80; - out1[18] = x82; - out1[19] = x84; - out1[20] = x86; - out1[21] = x89; - out1[22] = x91; - out1[23] = x93; - out1[24] = x95; - out1[25] = x97; - out1[26] = x99; - out1[27] = x101; - out1[28] = x102; - out1[29] = x103; - out1[30] = x105; - out1[31] = x107; - out1[32] = x109; - out1[33] = x111; - out1[34] = x113; - out1[35] = x115; - out1[36] = x118; - out1[37] = x120; - out1[38] = x122; - out1[39] = x124; - out1[40] = x126; - out1[41] = x128; - out1[42] = x130; - out1[43] = x133; - out1[44] = x135; - out1[45] = x137; - out1[46] = x139; - out1[47] = x141; - out1[48] = x143; - out1[49] = x145; - out1[50] = x148; - out1[51] = x150; - out1[52] = x152; - out1[53] = x154; - out1[54] = x156; - out1[55] = x158; - out1[56] = x160; - out1[57] = x161; - out1[58] = x162; - out1[59] = x164; - out1[60] = x166; - out1[61] = x168; - out1[62] = x170; - out1[63] = x172; - out1[64] = x174; - out1[65] = (x175 as u8); + let x44: u64 = (x20 >> 8); + let x45: u64 = (x44 >> 8); + let x46: u64 = (x45 >> 8); + let x47: u64 = (x46 >> 8); + let x48: u64 = (x47 >> 8); + let x49: u64 = (x48 >> 8); + let x50: u8 = ((x49 >> 8) as u8); + let x51: u64 = (x43 + (x50 as u64)); + let x52: u64 = (x51 >> 8); + let x53: u64 = (x52 >> 8); + let x54: u64 = (x53 >> 8); + let x55: u64 = (x54 >> 8); + let x56: u64 = (x55 >> 8); + let x57: u64 = (x56 >> 8); + let x58: u8 = ((x57 >> 8) as u8); + let x59: u64 = (x42 + (x58 as u64)); + let x60: u64 = (x59 >> 8); + let x61: u64 = (x60 >> 8); + let x62: u64 = (x61 >> 8); + let x63: u64 = (x62 >> 8); + let x64: u64 = (x63 >> 8); + let x65: u64 = (x64 >> 8); + let x66: u8 = ((x65 >> 8) as u8); + let x67: u64 = (x41 + (x66 as u64)); + let x68: u64 = (x67 >> 8); + let x69: u64 = (x68 >> 8); + let x70: u64 = (x69 >> 8); + let x71: u64 = (x70 >> 8); + let x72: u64 = (x71 >> 8); + let x73: u64 = (x72 >> 8); + let x74: u8 = ((x73 >> 8) as u8); + let x75: u64 = (x28 >> 8); + let x76: u64 = (x75 >> 8); + let x77: u64 = (x76 >> 8); + let x78: u64 = (x77 >> 8); + let x79: u64 = (x78 >> 8); + let x80: u64 = (x79 >> 8); + let x81: u8 = ((x80 >> 8) as u8); + let x82: u64 = (x40 + (x81 as u64)); + let x83: u64 = (x82 >> 8); + let x84: u64 = (x83 >> 8); + let x85: u64 = (x84 >> 8); + let x86: u64 = (x85 >> 8); + let x87: u64 = (x86 >> 8); + let x88: u64 = (x87 >> 8); + let x89: u8 = ((x88 >> 8) as u8); + let x90: u64 = (x39 + (x89 as u64)); + let x91: u64 = (x90 >> 8); + let x92: u64 = (x91 >> 8); + let x93: u64 = (x92 >> 8); + let x94: u64 = (x93 >> 8); + let x95: u64 = (x94 >> 8); + let x96: u64 = (x95 >> 8); + let x97: u8 = ((x96 >> 8) as u8); + let x98: u64 = (x38 + (x97 as u64)); + let x99: u64 = (x98 >> 8); + let x100: u64 = (x99 >> 8); + let x101: u64 = (x100 >> 8); + let x102: u64 = (x101 >> 8); + let x103: u64 = (x102 >> 8); + let x104: u64 = (x103 >> 8); + let x105: u8 = ((x104 >> 8) as u8); + let x106: u64 = (x36 >> 8); + let x107: u64 = (x106 >> 8); + let x108: u64 = (x107 >> 8); + let x109: u64 = (x108 >> 8); + let x110: u64 = (x109 >> 8); + let x111: u64 = (x110 >> 8); + let x112: fiat_p521_u1 = ((x111 >> 8) as fiat_p521_u1); + out1[0] = (x20 as u8); + out1[1] = (x44 as u8); + out1[2] = (x45 as u8); + out1[3] = (x46 as u8); + out1[4] = (x47 as u8); + out1[5] = (x48 as u8); + out1[6] = (x49 as u8); + out1[7] = (x51 as u8); + out1[8] = (x52 as u8); + out1[9] = (x53 as u8); + out1[10] = (x54 as u8); + out1[11] = (x55 as u8); + out1[12] = (x56 as u8); + out1[13] = (x57 as u8); + out1[14] = (x59 as u8); + out1[15] = (x60 as u8); + out1[16] = (x61 as u8); + out1[17] = (x62 as u8); + out1[18] = (x63 as u8); + out1[19] = (x64 as u8); + out1[20] = (x65 as u8); + out1[21] = (x67 as u8); + out1[22] = (x68 as u8); + out1[23] = (x69 as u8); + out1[24] = (x70 as u8); + out1[25] = (x71 as u8); + out1[26] = (x72 as u8); + out1[27] = (x73 as u8); + out1[28] = x74; + out1[29] = (x28 as u8); + out1[30] = (x75 as u8); + out1[31] = (x76 as u8); + out1[32] = (x77 as u8); + out1[33] = (x78 as u8); + out1[34] = (x79 as u8); + out1[35] = (x80 as u8); + out1[36] = (x82 as u8); + out1[37] = (x83 as u8); + out1[38] = (x84 as u8); + out1[39] = (x85 as u8); + out1[40] = (x86 as u8); + out1[41] = (x87 as u8); + out1[42] = (x88 as u8); + out1[43] = (x90 as u8); + out1[44] = (x91 as u8); + out1[45] = (x92 as u8); + out1[46] = (x93 as u8); + out1[47] = (x94 as u8); + out1[48] = (x95 as u8); + out1[49] = (x96 as u8); + out1[50] = (x98 as u8); + out1[51] = (x99 as u8); + out1[52] = (x100 as u8); + out1[53] = (x101 as u8); + out1[54] = (x102 as u8); + out1[55] = (x103 as u8); + out1[56] = (x104 as u8); + out1[57] = x105; + out1[58] = (x36 as u8); + out1[59] = (x106 as u8); + out1[60] = (x107 as u8); + out1[61] = (x108 as u8); + out1[62] = (x109 as u8); + out1[63] = (x110 as u8); + out1[64] = (x111 as u8); + out1[65] = (x112 as u8); } /// The function fiat_p521_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/poly1305_32.rs b/fiat-rust/src/poly1305_32.rs index 19a167a4e2..c98a85a8e8 100644 --- a/fiat-rust/src/poly1305_32.rs +++ b/fiat-rust/src/poly1305_32.rs @@ -379,56 +379,41 @@ pub fn fiat_poly1305_to_bytes(out1: &mut [u8; 17], arg1: &fiat_poly1305_tight_fi let x22: u32 = (x18 << 6); let x23: u32 = (x16 << 4); let x24: u32 = (x14 << 2); - let x25: u8 = ((x12 & (0xff as u32)) as u8); - let x26: u32 = (x12 >> 8); - let x27: u8 = ((x26 & (0xff as u32)) as u8); - let x28: u32 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u8 = ((x28 >> 8) as u8); - let x31: u32 = (x24 + (x30 as u32)); - let x32: u8 = ((x31 & (0xff as u32)) as u8); - let x33: u32 = (x31 >> 8); - let x34: u8 = ((x33 & (0xff as u32)) as u8); - let x35: u32 = (x33 >> 8); - let x36: u8 = ((x35 & (0xff as u32)) as u8); - let x37: u8 = ((x35 >> 8) as u8); - let x38: u32 = (x23 + (x37 as u32)); - let x39: u8 = ((x38 & (0xff as u32)) as u8); - let x40: u32 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u32 = (x22 + (x44 as u32)); - let x46: u8 = ((x45 & (0xff as u32)) as u8); - let x47: u32 = (x45 >> 8); - let x48: u8 = ((x47 & (0xff as u32)) as u8); - let x49: u32 = (x47 >> 8); - let x50: u8 = ((x49 & (0xff as u32)) as u8); - let x51: u8 = ((x49 >> 8) as u8); - let x52: u8 = ((x20 & (0xff as u32)) as u8); - let x53: u32 = (x20 >> 8); - let x54: u8 = ((x53 & (0xff as u32)) as u8); - let x55: u32 = (x53 >> 8); - let x56: u8 = ((x55 & (0xff as u32)) as u8); - let x57: u8 = ((x55 >> 8) as u8); - out1[0] = x25; - out1[1] = x27; - out1[2] = x29; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x46; - out1[10] = x48; - out1[11] = x50; - out1[12] = x51; - out1[13] = x52; - out1[14] = x54; - out1[15] = x56; - out1[16] = x57; + let x25: u32 = (x12 >> 8); + let x26: u32 = (x25 >> 8); + let x27: u8 = ((x26 >> 8) as u8); + let x28: u32 = (x24 + (x27 as u32)); + let x29: u32 = (x28 >> 8); + let x30: u32 = (x29 >> 8); + let x31: u8 = ((x30 >> 8) as u8); + let x32: u32 = (x23 + (x31 as u32)); + let x33: u32 = (x32 >> 8); + let x34: u32 = (x33 >> 8); + let x35: u8 = ((x34 >> 8) as u8); + let x36: u32 = (x22 + (x35 as u32)); + let x37: u32 = (x36 >> 8); + let x38: u32 = (x37 >> 8); + let x39: u8 = ((x38 >> 8) as u8); + let x40: u32 = (x20 >> 8); + let x41: u32 = (x40 >> 8); + let x42: u8 = ((x41 >> 8) as u8); + out1[0] = (x12 as u8); + out1[1] = (x25 as u8); + out1[2] = (x26 as u8); + out1[3] = (x28 as u8); + out1[4] = (x29 as u8); + out1[5] = (x30 as u8); + out1[6] = (x32 as u8); + out1[7] = (x33 as u8); + out1[8] = (x34 as u8); + out1[9] = (x36 as u8); + out1[10] = (x37 as u8); + out1[11] = (x38 as u8); + out1[12] = x39; + out1[13] = (x20 as u8); + out1[14] = (x40 as u8); + out1[15] = (x41 as u8); + out1[16] = x42; } /// The function fiat_poly1305_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/poly1305_64.rs b/fiat-rust/src/poly1305_64.rs index 05c51c8213..8fcbe792f8 100644 --- a/fiat-rust/src/poly1305_64.rs +++ b/fiat-rust/src/poly1305_64.rs @@ -337,57 +337,41 @@ pub fn fiat_poly1305_to_bytes(out1: &mut [u8; 17], arg1: &fiat_poly1305_tight_fi fiat_poly1305_addcarryx_u43(&mut x12, &mut x13, x11, x5, (x7 & 0x7ffffffffff)); let x14: u64 = (x12 << 7); let x15: u64 = (x10 << 4); - let x16: u8 = ((x8 & (0xff as u64)) as u8); - let x17: u64 = (x8 >> 8); - let x18: u8 = ((x17 & (0xff as u64)) as u8); - let x19: u64 = (x17 >> 8); - let x20: u8 = ((x19 & (0xff as u64)) as u8); - let x21: u64 = (x19 >> 8); - let x22: u8 = ((x21 & (0xff as u64)) as u8); - let x23: u64 = (x21 >> 8); - let x24: u8 = ((x23 & (0xff as u64)) as u8); - let x25: u8 = ((x23 >> 8) as u8); - let x26: u64 = (x15 + (x25 as u64)); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u64 = (x30 >> 8); - let x33: u8 = ((x32 & (0xff as u64)) as u8); - let x34: u64 = (x32 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u8 = ((x34 >> 8) as u8); - let x37: u64 = (x14 + (x36 as u64)); - let x38: u8 = ((x37 & (0xff as u64)) as u8); - let x39: u64 = (x37 >> 8); - let x40: u8 = ((x39 & (0xff as u64)) as u8); - let x41: u64 = (x39 >> 8); - let x42: u8 = ((x41 & (0xff as u64)) as u8); - let x43: u64 = (x41 >> 8); - let x44: u8 = ((x43 & (0xff as u64)) as u8); - let x45: u64 = (x43 >> 8); - let x46: u8 = ((x45 & (0xff as u64)) as u8); - let x47: u64 = (x45 >> 8); - let x48: u8 = ((x47 & (0xff as u64)) as u8); - let x49: u8 = ((x47 >> 8) as u8); - out1[0] = x16; - out1[1] = x18; - out1[2] = x20; - out1[3] = x22; - out1[4] = x24; - out1[5] = x27; - out1[6] = x29; - out1[7] = x31; - out1[8] = x33; - out1[9] = x35; - out1[10] = x38; - out1[11] = x40; - out1[12] = x42; - out1[13] = x44; - out1[14] = x46; - out1[15] = x48; - out1[16] = x49; + let x16: u64 = (x8 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u64 = (x17 >> 8); + let x19: u64 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u64 = (x15 + (x20 as u64)); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u64 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u64 = (x14 + (x26 as u64)); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u64 = (x31 >> 8); + let x33: u8 = ((x32 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x16 as u8); + out1[2] = (x17 as u8); + out1[3] = (x18 as u8); + out1[4] = (x19 as u8); + out1[5] = (x21 as u8); + out1[6] = (x22 as u8); + out1[7] = (x23 as u8); + out1[8] = (x24 as u8); + out1[9] = (x25 as u8); + out1[10] = (x27 as u8); + out1[11] = (x28 as u8); + out1[12] = (x29 as u8); + out1[13] = (x30 as u8); + out1[14] = (x31 as u8); + out1[15] = (x32 as u8); + out1[16] = x33; } /// The function fiat_poly1305_from_bytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-rust/src/secp256k1_dettman_64.rs b/fiat-rust/src/secp256k1_dettman_64.rs index 398b70725c..98e1005359 100644 --- a/fiat-rust/src/secp256k1_dettman_64.rs +++ b/fiat-rust/src/secp256k1_dettman_64.rs @@ -30,42 +30,40 @@ pub fn fiat_secp256k1_dettman_mul(out1: &mut [u64; 5], arg1: &[u64; 5], arg2: &[u64; 5]) -> () { let x1: u128 = (((arg1[4]) as u128) * ((arg2[4]) as u128)); let x2: u64 = ((x1 >> 64) as u64); - let x3: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x4: u128 = (((((arg1[0]) as u128) * ((arg2[3]) as u128)) + ((((arg1[1]) as u128) * ((arg2[2]) as u128)) + ((((arg1[2]) as u128) * ((arg2[1]) as u128)) + (((arg1[3]) as u128) * ((arg2[0]) as u128))))) + ((x3 as u128) * (0x1000003d10 as u128))); - let x5: u64 = ((x4 >> 52) as u64); - let x6: u64 = ((x4 & (0xfffffffffffff as u128)) as u64); - let x7: u128 = ((((((arg1[0]) as u128) * ((arg2[4]) as u128)) + ((((arg1[1]) as u128) * ((arg2[3]) as u128)) + ((((arg1[2]) as u128) * ((arg2[2]) as u128)) + ((((arg1[3]) as u128) * ((arg2[1]) as u128)) + (((arg1[4]) as u128) * ((arg2[0]) as u128)))))) + (x5 as u128)) + ((x2 as u128) * (0x1000003d10000 as u128))); - let x8: u64 = ((x7 >> 52) as u64); - let x9: u64 = ((x7 & (0xfffffffffffff as u128)) as u64); - let x10: u64 = (x9 >> 48); - let x11: u64 = (x9 & 0xffffffffffff); - let x12: u128 = (((((arg1[1]) as u128) * ((arg2[4]) as u128)) + ((((arg1[2]) as u128) * ((arg2[3]) as u128)) + ((((arg1[3]) as u128) * ((arg2[2]) as u128)) + (((arg1[4]) as u128) * ((arg2[1]) as u128))))) + (x8 as u128)); - let x13: u64 = ((x12 >> 52) as u64); - let x14: u64 = ((x12 & (0xfffffffffffff as u128)) as u64); - let x15: u128 = ((((arg1[0]) as u128) * ((arg2[0]) as u128)) + ((((x14 << 4) + x10) as u128) * (0x1000003d1 as u128))); - let x16: u64 = ((x15 >> 52) as u64); - let x17: u64 = ((x15 & (0xfffffffffffff as u128)) as u64); - let x18: u128 = (((((arg1[2]) as u128) * ((arg2[4]) as u128)) + ((((arg1[3]) as u128) * ((arg2[3]) as u128)) + (((arg1[4]) as u128) * ((arg2[2]) as u128)))) + (x13 as u128)); - let x19: u64 = ((x18 >> 52) as u64); - let x20: u64 = ((x18 & (0xfffffffffffff as u128)) as u64); - let x21: u128 = ((((((arg1[0]) as u128) * ((arg2[1]) as u128)) + (((arg1[1]) as u128) * ((arg2[0]) as u128))) + (x16 as u128)) + ((x20 as u128) * (0x1000003d10 as u128))); - let x22: u64 = ((x21 >> 52) as u64); - let x23: u64 = ((x21 & (0xfffffffffffff as u128)) as u64); - let x24: u128 = (((((arg1[3]) as u128) * ((arg2[4]) as u128)) + (((arg1[4]) as u128) * ((arg2[3]) as u128))) + (x19 as u128)); - let x25: u64 = ((x24 >> 64) as u64); - let x26: u64 = ((x24 & (0xffffffffffffffff as u128)) as u64); - let x27: u128 = ((((((arg1[0]) as u128) * ((arg2[2]) as u128)) + ((((arg1[1]) as u128) * ((arg2[1]) as u128)) + (((arg1[2]) as u128) * ((arg2[0]) as u128)))) + (x22 as u128)) + ((x26 as u128) * (0x1000003d10 as u128))); - let x28: u64 = ((x27 >> 52) as u64); - let x29: u64 = ((x27 & (0xfffffffffffff as u128)) as u64); - let x30: u128 = (((x6 + x28) as u128) + ((x25 as u128) * (0x1000003d10000 as u128))); - let x31: u64 = ((x30 >> 52) as u64); - let x32: u64 = ((x30 & (0xfffffffffffff as u128)) as u64); - let x33: u64 = (x11 + x31); - out1[0] = x17; - out1[1] = x23; - out1[2] = x29; - out1[3] = x32; - out1[4] = x33; + let x3: u128 = (((((arg1[0]) as u128) * ((arg2[3]) as u128)) + ((((arg1[1]) as u128) * ((arg2[2]) as u128)) + ((((arg1[2]) as u128) * ((arg2[1]) as u128)) + (((arg1[3]) as u128) * ((arg2[0]) as u128))))) + (((x1 as u64) as u128) * (0x1000003d10 as u128))); + let x4: u64 = ((x3 >> 52) as u64); + let x5: u64 = ((x3 & (0xfffffffffffff as u128)) as u64); + let x6: u128 = ((((((arg1[0]) as u128) * ((arg2[4]) as u128)) + ((((arg1[1]) as u128) * ((arg2[3]) as u128)) + ((((arg1[2]) as u128) * ((arg2[2]) as u128)) + ((((arg1[3]) as u128) * ((arg2[1]) as u128)) + (((arg1[4]) as u128) * ((arg2[0]) as u128)))))) + (x4 as u128)) + ((x2 as u128) * (0x1000003d10000 as u128))); + let x7: u64 = ((x6 >> 52) as u64); + let x8: u64 = ((x6 & (0xfffffffffffff as u128)) as u64); + let x9: u64 = (x8 >> 48); + let x10: u64 = (x8 & 0xffffffffffff); + let x11: u128 = (((((arg1[1]) as u128) * ((arg2[4]) as u128)) + ((((arg1[2]) as u128) * ((arg2[3]) as u128)) + ((((arg1[3]) as u128) * ((arg2[2]) as u128)) + (((arg1[4]) as u128) * ((arg2[1]) as u128))))) + (x7 as u128)); + let x12: u64 = ((x11 >> 52) as u64); + let x13: u64 = ((x11 & (0xfffffffffffff as u128)) as u64); + let x14: u128 = ((((arg1[0]) as u128) * ((arg2[0]) as u128)) + ((((x13 << 4) + x9) as u128) * (0x1000003d1 as u128))); + let x15: u64 = ((x14 >> 52) as u64); + let x16: u64 = ((x14 & (0xfffffffffffff as u128)) as u64); + let x17: u128 = (((((arg1[2]) as u128) * ((arg2[4]) as u128)) + ((((arg1[3]) as u128) * ((arg2[3]) as u128)) + (((arg1[4]) as u128) * ((arg2[2]) as u128)))) + (x12 as u128)); + let x18: u64 = ((x17 >> 52) as u64); + let x19: u64 = ((x17 & (0xfffffffffffff as u128)) as u64); + let x20: u128 = ((((((arg1[0]) as u128) * ((arg2[1]) as u128)) + (((arg1[1]) as u128) * ((arg2[0]) as u128))) + (x15 as u128)) + ((x19 as u128) * (0x1000003d10 as u128))); + let x21: u64 = ((x20 >> 52) as u64); + let x22: u64 = ((x20 & (0xfffffffffffff as u128)) as u64); + let x23: u128 = (((((arg1[3]) as u128) * ((arg2[4]) as u128)) + (((arg1[4]) as u128) * ((arg2[3]) as u128))) + (x18 as u128)); + let x24: u64 = ((x23 >> 64) as u64); + let x25: u128 = ((((((arg1[0]) as u128) * ((arg2[2]) as u128)) + ((((arg1[1]) as u128) * ((arg2[1]) as u128)) + (((arg1[2]) as u128) * ((arg2[0]) as u128)))) + (x21 as u128)) + (((x23 as u64) as u128) * (0x1000003d10 as u128))); + let x26: u64 = ((x25 >> 52) as u64); + let x27: u64 = ((x25 & (0xfffffffffffff as u128)) as u64); + let x28: u128 = (((x5 + x26) as u128) + ((x24 as u128) * (0x1000003d10000 as u128))); + let x29: u64 = ((x28 >> 52) as u64); + let x30: u64 = ((x28 & (0xfffffffffffff as u128)) as u64); + let x31: u64 = (x10 + x29); + out1[0] = x16; + out1[1] = x22; + out1[2] = x27; + out1[3] = x30; + out1[4] = x31; } /// The function fiat_secp256k1_dettman_square squares a field element. @@ -85,40 +83,38 @@ pub fn fiat_secp256k1_dettman_square(out1: &mut [u64; 5], arg1: &[u64; 5]) -> () let x4: u64 = ((arg1[0]) * 0x2); let x5: u128 = (((arg1[4]) as u128) * ((arg1[4]) as u128)); let x6: u64 = ((x5 >> 64) as u64); - let x7: u64 = ((x5 & (0xffffffffffffffff as u128)) as u64); - let x8: u128 = ((((x4 as u128) * ((arg1[3]) as u128)) + ((x3 as u128) * ((arg1[2]) as u128))) + ((x7 as u128) * (0x1000003d10 as u128))); - let x9: u64 = ((x8 >> 52) as u64); - let x10: u64 = ((x8 & (0xfffffffffffff as u128)) as u64); - let x11: u128 = (((((x4 as u128) * ((arg1[4]) as u128)) + (((x3 as u128) * ((arg1[3]) as u128)) + (((arg1[2]) as u128) * ((arg1[2]) as u128)))) + (x9 as u128)) + ((x6 as u128) * (0x1000003d10000 as u128))); - let x12: u64 = ((x11 >> 52) as u64); - let x13: u64 = ((x11 & (0xfffffffffffff as u128)) as u64); - let x14: u64 = (x13 >> 48); - let x15: u64 = (x13 & 0xffffffffffff); - let x16: u128 = ((((x3 as u128) * ((arg1[4]) as u128)) + ((x2 as u128) * ((arg1[3]) as u128))) + (x12 as u128)); - let x17: u64 = ((x16 >> 52) as u64); - let x18: u64 = ((x16 & (0xfffffffffffff as u128)) as u64); - let x19: u128 = ((((arg1[0]) as u128) * ((arg1[0]) as u128)) + ((((x18 << 4) + x14) as u128) * (0x1000003d1 as u128))); - let x20: u64 = ((x19 >> 52) as u64); - let x21: u64 = ((x19 & (0xfffffffffffff as u128)) as u64); - let x22: u128 = ((((x2 as u128) * ((arg1[4]) as u128)) + (((arg1[3]) as u128) * ((arg1[3]) as u128))) + (x17 as u128)); - let x23: u64 = ((x22 >> 52) as u64); - let x24: u64 = ((x22 & (0xfffffffffffff as u128)) as u64); - let x25: u128 = ((((x4 as u128) * ((arg1[1]) as u128)) + (x20 as u128)) + ((x24 as u128) * (0x1000003d10 as u128))); - let x26: u64 = ((x25 >> 52) as u64); - let x27: u64 = ((x25 & (0xfffffffffffff as u128)) as u64); - let x28: u128 = (((x1 as u128) * ((arg1[4]) as u128)) + (x23 as u128)); - let x29: u64 = ((x28 >> 64) as u64); - let x30: u64 = ((x28 & (0xffffffffffffffff as u128)) as u64); - let x31: u128 = (((((x4 as u128) * ((arg1[2]) as u128)) + (((arg1[1]) as u128) * ((arg1[1]) as u128))) + (x26 as u128)) + ((x30 as u128) * (0x1000003d10 as u128))); - let x32: u64 = ((x31 >> 52) as u64); - let x33: u64 = ((x31 & (0xfffffffffffff as u128)) as u64); - let x34: u128 = (((x10 + x32) as u128) + ((x29 as u128) * (0x1000003d10000 as u128))); - let x35: u64 = ((x34 >> 52) as u64); - let x36: u64 = ((x34 & (0xfffffffffffff as u128)) as u64); - let x37: u64 = (x15 + x35); - out1[0] = x21; - out1[1] = x27; - out1[2] = x33; - out1[3] = x36; - out1[4] = x37; + let x7: u128 = ((((x4 as u128) * ((arg1[3]) as u128)) + ((x3 as u128) * ((arg1[2]) as u128))) + (((x5 as u64) as u128) * (0x1000003d10 as u128))); + let x8: u64 = ((x7 >> 52) as u64); + let x9: u64 = ((x7 & (0xfffffffffffff as u128)) as u64); + let x10: u128 = (((((x4 as u128) * ((arg1[4]) as u128)) + (((x3 as u128) * ((arg1[3]) as u128)) + (((arg1[2]) as u128) * ((arg1[2]) as u128)))) + (x8 as u128)) + ((x6 as u128) * (0x1000003d10000 as u128))); + let x11: u64 = ((x10 >> 52) as u64); + let x12: u64 = ((x10 & (0xfffffffffffff as u128)) as u64); + let x13: u64 = (x12 >> 48); + let x14: u64 = (x12 & 0xffffffffffff); + let x15: u128 = ((((x3 as u128) * ((arg1[4]) as u128)) + ((x2 as u128) * ((arg1[3]) as u128))) + (x11 as u128)); + let x16: u64 = ((x15 >> 52) as u64); + let x17: u64 = ((x15 & (0xfffffffffffff as u128)) as u64); + let x18: u128 = ((((arg1[0]) as u128) * ((arg1[0]) as u128)) + ((((x17 << 4) + x13) as u128) * (0x1000003d1 as u128))); + let x19: u64 = ((x18 >> 52) as u64); + let x20: u64 = ((x18 & (0xfffffffffffff as u128)) as u64); + let x21: u128 = ((((x2 as u128) * ((arg1[4]) as u128)) + (((arg1[3]) as u128) * ((arg1[3]) as u128))) + (x16 as u128)); + let x22: u64 = ((x21 >> 52) as u64); + let x23: u64 = ((x21 & (0xfffffffffffff as u128)) as u64); + let x24: u128 = ((((x4 as u128) * ((arg1[1]) as u128)) + (x19 as u128)) + ((x23 as u128) * (0x1000003d10 as u128))); + let x25: u64 = ((x24 >> 52) as u64); + let x26: u64 = ((x24 & (0xfffffffffffff as u128)) as u64); + let x27: u128 = (((x1 as u128) * ((arg1[4]) as u128)) + (x22 as u128)); + let x28: u64 = ((x27 >> 64) as u64); + let x29: u128 = (((((x4 as u128) * ((arg1[2]) as u128)) + (((arg1[1]) as u128) * ((arg1[1]) as u128))) + (x25 as u128)) + (((x27 as u64) as u128) * (0x1000003d10 as u128))); + let x30: u64 = ((x29 >> 52) as u64); + let x31: u64 = ((x29 & (0xfffffffffffff as u128)) as u64); + let x32: u128 = (((x9 + x30) as u128) + ((x28 as u128) * (0x1000003d10000 as u128))); + let x33: u64 = ((x32 >> 52) as u64); + let x34: u64 = ((x32 & (0xfffffffffffff as u128)) as u64); + let x35: u64 = (x14 + x33); + out1[0] = x20; + out1[1] = x26; + out1[2] = x31; + out1[3] = x34; + out1[4] = x35; } diff --git a/fiat-rust/src/secp256k1_montgomery_32.rs b/fiat-rust/src/secp256k1_montgomery_32.rs index 9d0024faff..a38b187ce6 100644 --- a/fiat-rust/src/secp256k1_montgomery_32.rs +++ b/fiat-rust/src/secp256k1_montgomery_32.rs @@ -50,10 +50,9 @@ pub type fiat_secp256k1_montgomery_non_montgomery_domain_field_element = [u32; 8 #[inline] pub fn fiat_secp256k1_montgomery_addcarryx_u32(out1: &mut u32, out2: &mut fiat_secp256k1_montgomery_u1, arg1: fiat_secp256k1_montgomery_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_secp256k1_montgomery_u1 = ((x1 >> 32) as fiat_secp256k1_montgomery_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_secp256k1_montgomery_u1 = ((x1 >> 32) as fiat_secp256k1_montgomery_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_secp256k1_montgomery_subborrowx_u32(out1: &mut u32, out2: &mut fiat_ #[inline] pub fn fiat_secp256k1_montgomery_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_cmovznz_u32 is a single-word conditional move. @@ -4678,86 +4676,62 @@ pub fn fiat_secp256k1_montgomery_to_bytes(out1: &mut [u8; 32], arg1: &[u32; 8]) let x6: u32 = (arg1[2]); let x7: u32 = (arg1[1]); let x8: u32 = (arg1[0]); - let x9: u8 = ((x8 & (0xff as u32)) as u8); - let x10: u32 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u32)) as u8); - let x12: u32 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u8 = ((x12 >> 8) as u8); - let x15: u8 = ((x7 & (0xff as u32)) as u8); - let x16: u32 = (x7 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u32 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u32)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x6 & (0xff as u32)) as u8); - let x22: u32 = (x6 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u32 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u32)) as u8); - let x26: u8 = ((x24 >> 8) as u8); - let x27: u8 = ((x5 & (0xff as u32)) as u8); - let x28: u32 = (x5 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u32 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u32)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x4 & (0xff as u32)) as u8); - let x34: u32 = (x4 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u32 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u32)) as u8); - let x38: u8 = ((x36 >> 8) as u8); - let x39: u8 = ((x3 & (0xff as u32)) as u8); - let x40: u32 = (x3 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u8 = ((x2 & (0xff as u32)) as u8); - let x46: u32 = (x2 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u32 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u32)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u8 = ((x1 & (0xff as u32)) as u8); - let x52: u32 = (x1 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u32 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u32)) as u8); - let x56: u8 = ((x54 >> 8) as u8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + let x9: u32 = (x8 >> 8); + let x10: u32 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u32 = (x7 >> 8); + let x13: u32 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u32 = (x6 >> 8); + let x16: u32 = (x15 >> 8); + let x17: u8 = ((x16 >> 8) as u8); + let x18: u32 = (x5 >> 8); + let x19: u32 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u32 = (x4 >> 8); + let x22: u32 = (x21 >> 8); + let x23: u8 = ((x22 >> 8) as u8); + let x24: u32 = (x3 >> 8); + let x25: u32 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u32 = (x2 >> 8); + let x28: u32 = (x27 >> 8); + let x29: u8 = ((x28 >> 8) as u8); + let x30: u32 = (x1 >> 8); + let x31: u32 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x9 as u8); + out1[2] = (x10 as u8); + out1[3] = x11; + out1[4] = (x7 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = x17; + out1[12] = (x5 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = x23; + out1[20] = (x3 as u8); + out1[21] = (x24 as u8); + out1[22] = (x25 as u8); + out1[23] = x26; + out1[24] = (x2 as u8); + out1[25] = (x27 as u8); + out1[26] = (x28 as u8); + out1[27] = x29; + out1[28] = (x1 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_secp256k1_montgomery_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4912,7 +4886,7 @@ pub fn fiat_secp256k1_montgomery_divstep(out1: &mut u32, out2: &mut [u32; 9], ou let mut x1: u32 = 0; let mut x2: fiat_secp256k1_montgomery_u1 = 0; fiat_secp256k1_montgomery_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_secp256k1_montgomery_u1 = (((x1 >> 31) as fiat_secp256k1_montgomery_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_secp256k1_montgomery_u1)); + let x3: fiat_secp256k1_montgomery_u1 = (((x1 >> 31) as fiat_secp256k1_montgomery_u1) & ((arg3[0]) as fiat_secp256k1_montgomery_u1)); let mut x4: u32 = 0; let mut x5: fiat_secp256k1_montgomery_u1 = 0; fiat_secp256k1_montgomery_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -5122,164 +5096,163 @@ pub fn fiat_secp256k1_montgomery_divstep(out1: &mut u32, out2: &mut [u32; 9], ou fiat_secp256k1_montgomery_cmovznz_u32(&mut x132, x3, (arg5[6]), x122); let mut x133: u32 = 0; fiat_secp256k1_montgomery_cmovznz_u32(&mut x133, x3, (arg5[7]), x124); - let x134: fiat_secp256k1_montgomery_u1 = ((x34 & (0x1 as u32)) as fiat_secp256k1_montgomery_u1); + let mut x134: u32 = 0; + fiat_secp256k1_montgomery_cmovznz_u32(&mut x134, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x7); let mut x135: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x135, x134, (0x0 as u32), x7); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x135, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x8); let mut x136: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x136, x134, (0x0 as u32), x8); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x136, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x9); let mut x137: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x137, x134, (0x0 as u32), x9); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x137, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x10); let mut x138: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x138, x134, (0x0 as u32), x10); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x138, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x11); let mut x139: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x139, x134, (0x0 as u32), x11); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x139, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x12); let mut x140: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x140, x134, (0x0 as u32), x12); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x140, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x13); let mut x141: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x141, x134, (0x0 as u32), x13); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x141, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x14); let mut x142: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x142, x134, (0x0 as u32), x14); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x142, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x15); let mut x143: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x143, x134, (0x0 as u32), x15); - let mut x144: u32 = 0; - let mut x145: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x144, &mut x145, 0x0, x34, x135); - let mut x146: u32 = 0; - let mut x147: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x146, &mut x147, x145, x35, x136); - let mut x148: u32 = 0; - let mut x149: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x148, &mut x149, x147, x36, x137); - let mut x150: u32 = 0; - let mut x151: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x150, &mut x151, x149, x37, x138); - let mut x152: u32 = 0; - let mut x153: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x152, &mut x153, x151, x38, x139); - let mut x154: u32 = 0; - let mut x155: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x154, &mut x155, x153, x39, x140); - let mut x156: u32 = 0; - let mut x157: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x156, &mut x157, x155, x40, x141); - let mut x158: u32 = 0; - let mut x159: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x158, &mut x159, x157, x41, x142); - let mut x160: u32 = 0; - let mut x161: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x160, &mut x161, x159, x42, x143); + let mut x144: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x143, &mut x144, 0x0, x34, x134); + let mut x145: u32 = 0; + let mut x146: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x145, &mut x146, x144, x35, x135); + let mut x147: u32 = 0; + let mut x148: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x147, &mut x148, x146, x36, x136); + let mut x149: u32 = 0; + let mut x150: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x149, &mut x150, x148, x37, x137); + let mut x151: u32 = 0; + let mut x152: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x151, &mut x152, x150, x38, x138); + let mut x153: u32 = 0; + let mut x154: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x153, &mut x154, x152, x39, x139); + let mut x155: u32 = 0; + let mut x156: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x155, &mut x156, x154, x40, x140); + let mut x157: u32 = 0; + let mut x158: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x157, &mut x158, x156, x41, x141); + let mut x159: u32 = 0; + let mut x160: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x159, &mut x160, x158, x42, x142); + let mut x161: u32 = 0; + fiat_secp256k1_montgomery_cmovznz_u32(&mut x161, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x43); let mut x162: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x162, x134, (0x0 as u32), x43); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x162, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x44); let mut x163: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x163, x134, (0x0 as u32), x44); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x163, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x45); let mut x164: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x164, x134, (0x0 as u32), x45); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x164, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x46); let mut x165: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x165, x134, (0x0 as u32), x46); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x165, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x47); let mut x166: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x166, x134, (0x0 as u32), x47); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x166, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x48); let mut x167: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x167, x134, (0x0 as u32), x48); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x167, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x49); let mut x168: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x168, x134, (0x0 as u32), x49); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x168, (x34 as fiat_secp256k1_montgomery_u1), (0x0 as u32), x50); let mut x169: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x169, x134, (0x0 as u32), x50); - let mut x170: u32 = 0; - let mut x171: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x170, &mut x171, 0x0, x126, x162); - let mut x172: u32 = 0; - let mut x173: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x172, &mut x173, x171, x127, x163); - let mut x174: u32 = 0; - let mut x175: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x174, &mut x175, x173, x128, x164); - let mut x176: u32 = 0; - let mut x177: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x176, &mut x177, x175, x129, x165); - let mut x178: u32 = 0; - let mut x179: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x178, &mut x179, x177, x130, x166); - let mut x180: u32 = 0; - let mut x181: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x180, &mut x181, x179, x131, x167); - let mut x182: u32 = 0; - let mut x183: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x182, &mut x183, x181, x132, x168); - let mut x184: u32 = 0; - let mut x185: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x184, &mut x185, x183, x133, x169); - let mut x186: u32 = 0; - let mut x187: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x186, &mut x187, 0x0, x170, 0xfffffc2f); - let mut x188: u32 = 0; - let mut x189: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x188, &mut x189, x187, x172, 0xfffffffe); - let mut x190: u32 = 0; - let mut x191: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x190, &mut x191, x189, x174, 0xffffffff); - let mut x192: u32 = 0; - let mut x193: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x192, &mut x193, x191, x176, 0xffffffff); - let mut x194: u32 = 0; - let mut x195: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x194, &mut x195, x193, x178, 0xffffffff); - let mut x196: u32 = 0; - let mut x197: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x196, &mut x197, x195, x180, 0xffffffff); - let mut x198: u32 = 0; - let mut x199: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x198, &mut x199, x197, x182, 0xffffffff); - let mut x200: u32 = 0; - let mut x201: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x200, &mut x201, x199, x184, 0xffffffff); - let mut x202: u32 = 0; - let mut x203: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u32(&mut x202, &mut x203, x201, (x185 as u32), (0x0 as u32)); - let mut x204: u32 = 0; - let mut x205: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u32(&mut x204, &mut x205, 0x0, x6, (0x1 as u32)); - let x206: u32 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - let x207: u32 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - let x208: u32 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - let x209: u32 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - let x210: u32 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - let x211: u32 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - let x212: u32 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - let x213: u32 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - let x214: u32 = ((x160 & 0x80000000) | (x160 >> 1)); + let mut x170: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x169, &mut x170, 0x0, x126, x161); + let mut x171: u32 = 0; + let mut x172: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x171, &mut x172, x170, x127, x162); + let mut x173: u32 = 0; + let mut x174: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x173, &mut x174, x172, x128, x163); + let mut x175: u32 = 0; + let mut x176: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x175, &mut x176, x174, x129, x164); + let mut x177: u32 = 0; + let mut x178: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x177, &mut x178, x176, x130, x165); + let mut x179: u32 = 0; + let mut x180: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x179, &mut x180, x178, x131, x166); + let mut x181: u32 = 0; + let mut x182: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x181, &mut x182, x180, x132, x167); + let mut x183: u32 = 0; + let mut x184: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x183, &mut x184, x182, x133, x168); + let mut x185: u32 = 0; + let mut x186: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x185, &mut x186, 0x0, x169, 0xfffffc2f); + let mut x187: u32 = 0; + let mut x188: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x187, &mut x188, x186, x171, 0xfffffffe); + let mut x189: u32 = 0; + let mut x190: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x189, &mut x190, x188, x173, 0xffffffff); + let mut x191: u32 = 0; + let mut x192: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x191, &mut x192, x190, x175, 0xffffffff); + let mut x193: u32 = 0; + let mut x194: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x193, &mut x194, x192, x177, 0xffffffff); + let mut x195: u32 = 0; + let mut x196: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x195, &mut x196, x194, x179, 0xffffffff); + let mut x197: u32 = 0; + let mut x198: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x197, &mut x198, x196, x181, 0xffffffff); + let mut x199: u32 = 0; + let mut x200: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x199, &mut x200, x198, x183, 0xffffffff); + let mut x201: u32 = 0; + let mut x202: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u32(&mut x201, &mut x202, x200, (x184 as u32), (0x0 as u32)); + let mut x203: u32 = 0; + let mut x204: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u32(&mut x203, &mut x204, 0x0, x6, (0x1 as u32)); + let x205: u32 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + let x206: u32 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + let x207: u32 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + let x208: u32 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + let x209: u32 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + let x210: u32 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + let x211: u32 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + let x212: u32 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + let x213: u32 = ((x159 & 0x80000000) | (x159 >> 1)); + let mut x214: u32 = 0; + fiat_secp256k1_montgomery_cmovznz_u32(&mut x214, x84, x67, x51); let mut x215: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x215, x84, x67, x51); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x215, x84, x69, x53); let mut x216: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x216, x84, x69, x53); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x216, x84, x71, x55); let mut x217: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x217, x84, x71, x55); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x217, x84, x73, x57); let mut x218: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x218, x84, x73, x57); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x218, x84, x75, x59); let mut x219: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x219, x84, x75, x59); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x219, x84, x77, x61); let mut x220: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x220, x84, x77, x61); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x220, x84, x79, x63); let mut x221: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x221, x84, x79, x63); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x221, x84, x81, x65); let mut x222: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x222, x84, x81, x65); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x222, x202, x185, x169); let mut x223: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x223, x203, x186, x170); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x223, x202, x187, x171); let mut x224: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x224, x203, x188, x172); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x224, x202, x189, x173); let mut x225: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x225, x203, x190, x174); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x225, x202, x191, x175); let mut x226: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x226, x203, x192, x176); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x226, x202, x193, x177); let mut x227: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x227, x203, x194, x178); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x227, x202, x195, x179); let mut x228: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x228, x203, x196, x180); + fiat_secp256k1_montgomery_cmovznz_u32(&mut x228, x202, x197, x181); let mut x229: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x229, x203, x198, x182); - let mut x230: u32 = 0; - fiat_secp256k1_montgomery_cmovznz_u32(&mut x230, x203, x200, x184); - *out1 = x204; + fiat_secp256k1_montgomery_cmovznz_u32(&mut x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5289,31 +5262,31 @@ pub fn fiat_secp256k1_montgomery_divstep(out1: &mut u32, out2: &mut [u32; 9], ou out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function fiat_secp256k1_montgomery_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/secp256k1_montgomery_64.rs b/fiat-rust/src/secp256k1_montgomery_64.rs index f892ea5618..5919cfd282 100644 --- a/fiat-rust/src/secp256k1_montgomery_64.rs +++ b/fiat-rust/src/secp256k1_montgomery_64.rs @@ -50,10 +50,9 @@ pub type fiat_secp256k1_montgomery_non_montgomery_domain_field_element = [u64; 4 #[inline] pub fn fiat_secp256k1_montgomery_addcarryx_u64(out1: &mut u64, out2: &mut fiat_secp256k1_montgomery_u1, arg1: fiat_secp256k1_montgomery_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_secp256k1_montgomery_u1 = ((x1 >> 64) as fiat_secp256k1_montgomery_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_secp256k1_montgomery_u1 = ((x1 >> 64) as fiat_secp256k1_montgomery_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_secp256k1_montgomery_subborrowx_u64(out1: &mut u64, out2: &mut fiat_ #[inline] pub fn fiat_secp256k1_montgomery_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_cmovznz_u64 is a single-word conditional move. @@ -1486,94 +1484,66 @@ pub fn fiat_secp256k1_montgomery_to_bytes(out1: &mut [u8; 32], arg1: &[u64; 4]) let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = (x28 as u8); + out1[28] = (x29 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_secp256k1_montgomery_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1720,7 +1690,7 @@ pub fn fiat_secp256k1_montgomery_divstep(out1: &mut u64, out2: &mut [u64; 5], ou let mut x1: u64 = 0; let mut x2: fiat_secp256k1_montgomery_u1 = 0; fiat_secp256k1_montgomery_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_secp256k1_montgomery_u1 = (((x1 >> 63) as fiat_secp256k1_montgomery_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_secp256k1_montgomery_u1)); + let x3: fiat_secp256k1_montgomery_u1 = (((x1 >> 63) as fiat_secp256k1_montgomery_u1) & ((arg3[0]) as fiat_secp256k1_montgomery_u1)); let mut x4: u64 = 0; let mut x5: fiat_secp256k1_montgomery_u1 = 0; fiat_secp256k1_montgomery_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1834,110 +1804,109 @@ pub fn fiat_secp256k1_montgomery_divstep(out1: &mut u64, out2: &mut [u64; 5], ou fiat_secp256k1_montgomery_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_secp256k1_montgomery_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_secp256k1_montgomery_u1 = ((x22 & (0x1 as u64)) as fiat_secp256k1_montgomery_u1); + let mut x74: u64 = 0; + fiat_secp256k1_montgomery_cmovznz_u64(&mut x74, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x75, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x76, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x77, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x78, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_secp256k1_montgomery_cmovznz_u64(&mut x89, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x90, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x91, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x92, (x22 as fiat_secp256k1_montgomery_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, 0xfffffffefffffc2f); - let mut x104: u64 = 0; - let mut x105: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0xffffffffffffffff); - let mut x106: u64 = 0; - let mut x107: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u64(&mut x106, &mut x107, x105, x98, 0xffffffffffffffff); - let mut x108: u64 = 0; - let mut x109: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0xffffffffffffffff); - let mut x110: u64 = 0; - let mut x111: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_secp256k1_montgomery_u1 = 0; - fiat_secp256k1_montgomery_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, 0xfffffffefffffc2f); + let mut x103: u64 = 0; + let mut x104: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0xffffffffffffffff); + let mut x105: u64 = 0; + let mut x106: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u64(&mut x105, &mut x106, x104, x97, 0xffffffffffffffff); + let mut x107: u64 = 0; + let mut x108: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0xffffffffffffffff); + let mut x109: u64 = 0; + let mut x110: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_secp256k1_montgomery_u1 = 0; + fiat_secp256k1_montgomery_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_secp256k1_montgomery_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_secp256k1_montgomery_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_secp256k1_montgomery_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_secp256k1_montgomery_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_secp256k1_montgomery_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/secp256k1_montgomery_scalar_32.rs b/fiat-rust/src/secp256k1_montgomery_scalar_32.rs index b2ed348a11..ff88e97717 100644 --- a/fiat-rust/src/secp256k1_montgomery_scalar_32.rs +++ b/fiat-rust/src/secp256k1_montgomery_scalar_32.rs @@ -50,10 +50,9 @@ pub type fiat_secp256k1_montgomery_scalar_non_montgomery_domain_field_element = #[inline] pub fn fiat_secp256k1_montgomery_scalar_addcarryx_u32(out1: &mut u32, out2: &mut fiat_secp256k1_montgomery_scalar_u1, arg1: fiat_secp256k1_montgomery_scalar_u1, arg2: u32, arg3: u32) -> () { let x1: u64 = (((arg1 as u64) + (arg2 as u64)) + (arg3 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: fiat_secp256k1_montgomery_scalar_u1 = ((x1 >> 32) as fiat_secp256k1_montgomery_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_secp256k1_montgomery_scalar_u1 = ((x1 >> 32) as fiat_secp256k1_montgomery_scalar_u1); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_scalar_subborrowx_u32 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_secp256k1_montgomery_scalar_subborrowx_u32(out1: &mut u32, out2: &mu #[inline] pub fn fiat_secp256k1_montgomery_scalar_mulx_u32(out1: &mut u32, out2: &mut u32, arg1: u32, arg2: u32) -> () { let x1: u64 = ((arg1 as u64) * (arg2 as u64)); - let x2: u32 = ((x1 & (0xffffffff as u64)) as u32); - let x3: u32 = ((x1 >> 32) as u32); - *out1 = x2; - *out2 = x3; + let x2: u32 = ((x1 >> 32) as u32); + *out1 = (x1 as u32); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_scalar_cmovznz_u32 is a single-word conditional move. @@ -4942,86 +4940,62 @@ pub fn fiat_secp256k1_montgomery_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u3 let x6: u32 = (arg1[2]); let x7: u32 = (arg1[1]); let x8: u32 = (arg1[0]); - let x9: u8 = ((x8 & (0xff as u32)) as u8); - let x10: u32 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u32)) as u8); - let x12: u32 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u32)) as u8); - let x14: u8 = ((x12 >> 8) as u8); - let x15: u8 = ((x7 & (0xff as u32)) as u8); - let x16: u32 = (x7 >> 8); - let x17: u8 = ((x16 & (0xff as u32)) as u8); - let x18: u32 = (x16 >> 8); - let x19: u8 = ((x18 & (0xff as u32)) as u8); - let x20: u8 = ((x18 >> 8) as u8); - let x21: u8 = ((x6 & (0xff as u32)) as u8); - let x22: u32 = (x6 >> 8); - let x23: u8 = ((x22 & (0xff as u32)) as u8); - let x24: u32 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u32)) as u8); - let x26: u8 = ((x24 >> 8) as u8); - let x27: u8 = ((x5 & (0xff as u32)) as u8); - let x28: u32 = (x5 >> 8); - let x29: u8 = ((x28 & (0xff as u32)) as u8); - let x30: u32 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u32)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x4 & (0xff as u32)) as u8); - let x34: u32 = (x4 >> 8); - let x35: u8 = ((x34 & (0xff as u32)) as u8); - let x36: u32 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u32)) as u8); - let x38: u8 = ((x36 >> 8) as u8); - let x39: u8 = ((x3 & (0xff as u32)) as u8); - let x40: u32 = (x3 >> 8); - let x41: u8 = ((x40 & (0xff as u32)) as u8); - let x42: u32 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u32)) as u8); - let x44: u8 = ((x42 >> 8) as u8); - let x45: u8 = ((x2 & (0xff as u32)) as u8); - let x46: u32 = (x2 >> 8); - let x47: u8 = ((x46 & (0xff as u32)) as u8); - let x48: u32 = (x46 >> 8); - let x49: u8 = ((x48 & (0xff as u32)) as u8); - let x50: u8 = ((x48 >> 8) as u8); - let x51: u8 = ((x1 & (0xff as u32)) as u8); - let x52: u32 = (x1 >> 8); - let x53: u8 = ((x52 & (0xff as u32)) as u8); - let x54: u32 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u32)) as u8); - let x56: u8 = ((x54 >> 8) as u8); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + let x9: u32 = (x8 >> 8); + let x10: u32 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u32 = (x7 >> 8); + let x13: u32 = (x12 >> 8); + let x14: u8 = ((x13 >> 8) as u8); + let x15: u32 = (x6 >> 8); + let x16: u32 = (x15 >> 8); + let x17: u8 = ((x16 >> 8) as u8); + let x18: u32 = (x5 >> 8); + let x19: u32 = (x18 >> 8); + let x20: u8 = ((x19 >> 8) as u8); + let x21: u32 = (x4 >> 8); + let x22: u32 = (x21 >> 8); + let x23: u8 = ((x22 >> 8) as u8); + let x24: u32 = (x3 >> 8); + let x25: u32 = (x24 >> 8); + let x26: u8 = ((x25 >> 8) as u8); + let x27: u32 = (x2 >> 8); + let x28: u32 = (x27 >> 8); + let x29: u8 = ((x28 >> 8) as u8); + let x30: u32 = (x1 >> 8); + let x31: u32 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x8 as u8); + out1[1] = (x9 as u8); + out1[2] = (x10 as u8); + out1[3] = x11; + out1[4] = (x7 as u8); + out1[5] = (x12 as u8); + out1[6] = (x13 as u8); + out1[7] = x14; + out1[8] = (x6 as u8); + out1[9] = (x15 as u8); + out1[10] = (x16 as u8); + out1[11] = x17; + out1[12] = (x5 as u8); + out1[13] = (x18 as u8); + out1[14] = (x19 as u8); + out1[15] = x20; + out1[16] = (x4 as u8); + out1[17] = (x21 as u8); + out1[18] = (x22 as u8); + out1[19] = x23; + out1[20] = (x3 as u8); + out1[21] = (x24 as u8); + out1[22] = (x25 as u8); + out1[23] = x26; + out1[24] = (x2 as u8); + out1[25] = (x27 as u8); + out1[26] = (x28 as u8); + out1[27] = x29; + out1[28] = (x1 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_secp256k1_montgomery_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -5176,7 +5150,7 @@ pub fn fiat_secp256k1_montgomery_scalar_divstep(out1: &mut u32, out2: &mut [u32; let mut x1: u32 = 0; let mut x2: fiat_secp256k1_montgomery_scalar_u1 = 0; fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u32)); - let x3: fiat_secp256k1_montgomery_scalar_u1 = (((x1 >> 31) as fiat_secp256k1_montgomery_scalar_u1) & (((arg3[0]) & (0x1 as u32)) as fiat_secp256k1_montgomery_scalar_u1)); + let x3: fiat_secp256k1_montgomery_scalar_u1 = (((x1 >> 31) as fiat_secp256k1_montgomery_scalar_u1) & ((arg3[0]) as fiat_secp256k1_montgomery_scalar_u1)); let mut x4: u32 = 0; let mut x5: fiat_secp256k1_montgomery_scalar_u1 = 0; fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u32)); @@ -5386,164 +5360,163 @@ pub fn fiat_secp256k1_montgomery_scalar_divstep(out1: &mut u32, out2: &mut [u32; fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x132, x3, (arg5[6]), x122); let mut x133: u32 = 0; fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x133, x3, (arg5[7]), x124); - let x134: fiat_secp256k1_montgomery_scalar_u1 = ((x34 & (0x1 as u32)) as fiat_secp256k1_montgomery_scalar_u1); + let mut x134: u32 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x134, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x7); let mut x135: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x135, x134, (0x0 as u32), x7); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x135, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x8); let mut x136: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x136, x134, (0x0 as u32), x8); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x136, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x9); let mut x137: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x137, x134, (0x0 as u32), x9); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x137, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x10); let mut x138: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x138, x134, (0x0 as u32), x10); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x138, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x11); let mut x139: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x139, x134, (0x0 as u32), x11); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x139, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x12); let mut x140: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x140, x134, (0x0 as u32), x12); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x140, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x13); let mut x141: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x141, x134, (0x0 as u32), x13); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x141, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x14); let mut x142: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x142, x134, (0x0 as u32), x14); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x142, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x15); let mut x143: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x143, x134, (0x0 as u32), x15); - let mut x144: u32 = 0; - let mut x145: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x144, &mut x145, 0x0, x34, x135); - let mut x146: u32 = 0; - let mut x147: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x146, &mut x147, x145, x35, x136); - let mut x148: u32 = 0; - let mut x149: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x148, &mut x149, x147, x36, x137); - let mut x150: u32 = 0; - let mut x151: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x150, &mut x151, x149, x37, x138); - let mut x152: u32 = 0; - let mut x153: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x152, &mut x153, x151, x38, x139); - let mut x154: u32 = 0; - let mut x155: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x154, &mut x155, x153, x39, x140); - let mut x156: u32 = 0; - let mut x157: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x156, &mut x157, x155, x40, x141); - let mut x158: u32 = 0; - let mut x159: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x158, &mut x159, x157, x41, x142); - let mut x160: u32 = 0; - let mut x161: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x160, &mut x161, x159, x42, x143); + let mut x144: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x143, &mut x144, 0x0, x34, x134); + let mut x145: u32 = 0; + let mut x146: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x145, &mut x146, x144, x35, x135); + let mut x147: u32 = 0; + let mut x148: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x147, &mut x148, x146, x36, x136); + let mut x149: u32 = 0; + let mut x150: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x149, &mut x150, x148, x37, x137); + let mut x151: u32 = 0; + let mut x152: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x151, &mut x152, x150, x38, x138); + let mut x153: u32 = 0; + let mut x154: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x153, &mut x154, x152, x39, x139); + let mut x155: u32 = 0; + let mut x156: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x155, &mut x156, x154, x40, x140); + let mut x157: u32 = 0; + let mut x158: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x157, &mut x158, x156, x41, x141); + let mut x159: u32 = 0; + let mut x160: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x159, &mut x160, x158, x42, x142); + let mut x161: u32 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x161, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x43); let mut x162: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x162, x134, (0x0 as u32), x43); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x162, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x44); let mut x163: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x163, x134, (0x0 as u32), x44); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x163, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x45); let mut x164: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x164, x134, (0x0 as u32), x45); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x164, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x46); let mut x165: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x165, x134, (0x0 as u32), x46); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x165, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x47); let mut x166: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x166, x134, (0x0 as u32), x47); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x166, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x48); let mut x167: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x167, x134, (0x0 as u32), x48); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x167, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x49); let mut x168: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x168, x134, (0x0 as u32), x49); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x168, (x34 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u32), x50); let mut x169: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x169, x134, (0x0 as u32), x50); - let mut x170: u32 = 0; - let mut x171: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x170, &mut x171, 0x0, x126, x162); - let mut x172: u32 = 0; - let mut x173: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x172, &mut x173, x171, x127, x163); - let mut x174: u32 = 0; - let mut x175: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x174, &mut x175, x173, x128, x164); - let mut x176: u32 = 0; - let mut x177: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x176, &mut x177, x175, x129, x165); - let mut x178: u32 = 0; - let mut x179: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x178, &mut x179, x177, x130, x166); - let mut x180: u32 = 0; - let mut x181: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x180, &mut x181, x179, x131, x167); - let mut x182: u32 = 0; - let mut x183: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x182, &mut x183, x181, x132, x168); - let mut x184: u32 = 0; - let mut x185: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x184, &mut x185, x183, x133, x169); - let mut x186: u32 = 0; - let mut x187: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x186, &mut x187, 0x0, x170, 0xd0364141); - let mut x188: u32 = 0; - let mut x189: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x188, &mut x189, x187, x172, 0xbfd25e8c); - let mut x190: u32 = 0; - let mut x191: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x190, &mut x191, x189, x174, 0xaf48a03b); - let mut x192: u32 = 0; - let mut x193: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x192, &mut x193, x191, x176, 0xbaaedce6); - let mut x194: u32 = 0; - let mut x195: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x194, &mut x195, x193, x178, 0xfffffffe); - let mut x196: u32 = 0; - let mut x197: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x196, &mut x197, x195, x180, 0xffffffff); - let mut x198: u32 = 0; - let mut x199: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x198, &mut x199, x197, x182, 0xffffffff); - let mut x200: u32 = 0; - let mut x201: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x200, &mut x201, x199, x184, 0xffffffff); - let mut x202: u32 = 0; - let mut x203: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x202, &mut x203, x201, (x185 as u32), (0x0 as u32)); - let mut x204: u32 = 0; - let mut x205: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x204, &mut x205, 0x0, x6, (0x1 as u32)); - let x206: u32 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - let x207: u32 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - let x208: u32 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - let x209: u32 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - let x210: u32 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - let x211: u32 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - let x212: u32 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - let x213: u32 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - let x214: u32 = ((x160 & 0x80000000) | (x160 >> 1)); + let mut x170: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x169, &mut x170, 0x0, x126, x161); + let mut x171: u32 = 0; + let mut x172: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x171, &mut x172, x170, x127, x162); + let mut x173: u32 = 0; + let mut x174: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x173, &mut x174, x172, x128, x163); + let mut x175: u32 = 0; + let mut x176: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x175, &mut x176, x174, x129, x164); + let mut x177: u32 = 0; + let mut x178: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x177, &mut x178, x176, x130, x165); + let mut x179: u32 = 0; + let mut x180: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x179, &mut x180, x178, x131, x166); + let mut x181: u32 = 0; + let mut x182: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x181, &mut x182, x180, x132, x167); + let mut x183: u32 = 0; + let mut x184: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x183, &mut x184, x182, x133, x168); + let mut x185: u32 = 0; + let mut x186: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x185, &mut x186, 0x0, x169, 0xd0364141); + let mut x187: u32 = 0; + let mut x188: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x187, &mut x188, x186, x171, 0xbfd25e8c); + let mut x189: u32 = 0; + let mut x190: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x189, &mut x190, x188, x173, 0xaf48a03b); + let mut x191: u32 = 0; + let mut x192: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x191, &mut x192, x190, x175, 0xbaaedce6); + let mut x193: u32 = 0; + let mut x194: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x193, &mut x194, x192, x177, 0xfffffffe); + let mut x195: u32 = 0; + let mut x196: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x195, &mut x196, x194, x179, 0xffffffff); + let mut x197: u32 = 0; + let mut x198: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x197, &mut x198, x196, x181, 0xffffffff); + let mut x199: u32 = 0; + let mut x200: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x199, &mut x200, x198, x183, 0xffffffff); + let mut x201: u32 = 0; + let mut x202: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u32(&mut x201, &mut x202, x200, (x184 as u32), (0x0 as u32)); + let mut x203: u32 = 0; + let mut x204: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u32(&mut x203, &mut x204, 0x0, x6, (0x1 as u32)); + let x205: u32 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + let x206: u32 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + let x207: u32 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + let x208: u32 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + let x209: u32 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + let x210: u32 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + let x211: u32 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + let x212: u32 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + let x213: u32 = ((x159 & 0x80000000) | (x159 >> 1)); + let mut x214: u32 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x214, x84, x67, x51); let mut x215: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x215, x84, x67, x51); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x215, x84, x69, x53); let mut x216: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x216, x84, x69, x53); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x216, x84, x71, x55); let mut x217: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x217, x84, x71, x55); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x217, x84, x73, x57); let mut x218: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x218, x84, x73, x57); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x218, x84, x75, x59); let mut x219: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x219, x84, x75, x59); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x219, x84, x77, x61); let mut x220: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x220, x84, x77, x61); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x220, x84, x79, x63); let mut x221: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x221, x84, x79, x63); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x221, x84, x81, x65); let mut x222: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x222, x84, x81, x65); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x222, x202, x185, x169); let mut x223: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x223, x203, x186, x170); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x223, x202, x187, x171); let mut x224: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x224, x203, x188, x172); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x224, x202, x189, x173); let mut x225: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x225, x203, x190, x174); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x225, x202, x191, x175); let mut x226: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x226, x203, x192, x176); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x226, x202, x193, x177); let mut x227: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x227, x203, x194, x178); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x227, x202, x195, x179); let mut x228: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x228, x203, x196, x180); + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x228, x202, x197, x181); let mut x229: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x229, x203, x198, x182); - let mut x230: u32 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x230, x203, x200, x184); - *out1 = x204; + fiat_secp256k1_montgomery_scalar_cmovznz_u32(&mut x229, x202, x199, x183); + *out1 = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5553,31 +5526,31 @@ pub fn fiat_secp256k1_montgomery_scalar_divstep(out1: &mut u32, out2: &mut [u32; out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function fiat_secp256k1_montgomery_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-rust/src/secp256k1_montgomery_scalar_64.rs b/fiat-rust/src/secp256k1_montgomery_scalar_64.rs index 98f6bfde4d..7e2da04b5e 100644 --- a/fiat-rust/src/secp256k1_montgomery_scalar_64.rs +++ b/fiat-rust/src/secp256k1_montgomery_scalar_64.rs @@ -50,10 +50,9 @@ pub type fiat_secp256k1_montgomery_scalar_non_montgomery_domain_field_element = #[inline] pub fn fiat_secp256k1_montgomery_scalar_addcarryx_u64(out1: &mut u64, out2: &mut fiat_secp256k1_montgomery_scalar_u1, arg1: fiat_secp256k1_montgomery_scalar_u1, arg2: u64, arg3: u64) -> () { let x1: u128 = (((arg1 as u128) + (arg2 as u128)) + (arg3 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: fiat_secp256k1_montgomery_scalar_u1 = ((x1 >> 64) as fiat_secp256k1_montgomery_scalar_u1); - *out1 = x2; - *out2 = x3; + let x2: fiat_secp256k1_montgomery_scalar_u1 = ((x1 >> 64) as fiat_secp256k1_montgomery_scalar_u1); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_scalar_subborrowx_u64 is a subtraction with borrow. @@ -93,10 +92,9 @@ pub fn fiat_secp256k1_montgomery_scalar_subborrowx_u64(out1: &mut u64, out2: &mu #[inline] pub fn fiat_secp256k1_montgomery_scalar_mulx_u64(out1: &mut u64, out2: &mut u64, arg1: u64, arg2: u64) -> () { let x1: u128 = ((arg1 as u128) * (arg2 as u128)); - let x2: u64 = ((x1 & (0xffffffffffffffff as u128)) as u64); - let x3: u64 = ((x1 >> 64) as u64); - *out1 = x2; - *out2 = x3; + let x2: u64 = ((x1 >> 64) as u64); + *out1 = (x1 as u64); + *out2 = x2; } /// The function fiat_secp256k1_montgomery_scalar_cmovznz_u64 is a single-word conditional move. @@ -1546,94 +1544,66 @@ pub fn fiat_secp256k1_montgomery_scalar_to_bytes(out1: &mut [u8; 32], arg1: &[u6 let x2: u64 = (arg1[2]); let x3: u64 = (arg1[1]); let x4: u64 = (arg1[0]); - let x5: u8 = ((x4 & (0xff as u64)) as u8); - let x6: u64 = (x4 >> 8); - let x7: u8 = ((x6 & (0xff as u64)) as u8); - let x8: u64 = (x6 >> 8); - let x9: u8 = ((x8 & (0xff as u64)) as u8); - let x10: u64 = (x8 >> 8); - let x11: u8 = ((x10 & (0xff as u64)) as u8); - let x12: u64 = (x10 >> 8); - let x13: u8 = ((x12 & (0xff as u64)) as u8); - let x14: u64 = (x12 >> 8); - let x15: u8 = ((x14 & (0xff as u64)) as u8); - let x16: u64 = (x14 >> 8); - let x17: u8 = ((x16 & (0xff as u64)) as u8); - let x18: u8 = ((x16 >> 8) as u8); - let x19: u8 = ((x3 & (0xff as u64)) as u8); - let x20: u64 = (x3 >> 8); - let x21: u8 = ((x20 & (0xff as u64)) as u8); - let x22: u64 = (x20 >> 8); - let x23: u8 = ((x22 & (0xff as u64)) as u8); - let x24: u64 = (x22 >> 8); - let x25: u8 = ((x24 & (0xff as u64)) as u8); - let x26: u64 = (x24 >> 8); - let x27: u8 = ((x26 & (0xff as u64)) as u8); - let x28: u64 = (x26 >> 8); - let x29: u8 = ((x28 & (0xff as u64)) as u8); - let x30: u64 = (x28 >> 8); - let x31: u8 = ((x30 & (0xff as u64)) as u8); - let x32: u8 = ((x30 >> 8) as u8); - let x33: u8 = ((x2 & (0xff as u64)) as u8); - let x34: u64 = (x2 >> 8); - let x35: u8 = ((x34 & (0xff as u64)) as u8); - let x36: u64 = (x34 >> 8); - let x37: u8 = ((x36 & (0xff as u64)) as u8); - let x38: u64 = (x36 >> 8); - let x39: u8 = ((x38 & (0xff as u64)) as u8); - let x40: u64 = (x38 >> 8); - let x41: u8 = ((x40 & (0xff as u64)) as u8); - let x42: u64 = (x40 >> 8); - let x43: u8 = ((x42 & (0xff as u64)) as u8); - let x44: u64 = (x42 >> 8); - let x45: u8 = ((x44 & (0xff as u64)) as u8); - let x46: u8 = ((x44 >> 8) as u8); - let x47: u8 = ((x1 & (0xff as u64)) as u8); - let x48: u64 = (x1 >> 8); - let x49: u8 = ((x48 & (0xff as u64)) as u8); - let x50: u64 = (x48 >> 8); - let x51: u8 = ((x50 & (0xff as u64)) as u8); - let x52: u64 = (x50 >> 8); - let x53: u8 = ((x52 & (0xff as u64)) as u8); - let x54: u64 = (x52 >> 8); - let x55: u8 = ((x54 & (0xff as u64)) as u8); - let x56: u64 = (x54 >> 8); - let x57: u8 = ((x56 & (0xff as u64)) as u8); - let x58: u64 = (x56 >> 8); - let x59: u8 = ((x58 & (0xff as u64)) as u8); - let x60: u8 = ((x58 >> 8) as u8); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + let x5: u64 = (x4 >> 8); + let x6: u64 = (x5 >> 8); + let x7: u64 = (x6 >> 8); + let x8: u64 = (x7 >> 8); + let x9: u64 = (x8 >> 8); + let x10: u64 = (x9 >> 8); + let x11: u8 = ((x10 >> 8) as u8); + let x12: u64 = (x3 >> 8); + let x13: u64 = (x12 >> 8); + let x14: u64 = (x13 >> 8); + let x15: u64 = (x14 >> 8); + let x16: u64 = (x15 >> 8); + let x17: u64 = (x16 >> 8); + let x18: u8 = ((x17 >> 8) as u8); + let x19: u64 = (x2 >> 8); + let x20: u64 = (x19 >> 8); + let x21: u64 = (x20 >> 8); + let x22: u64 = (x21 >> 8); + let x23: u64 = (x22 >> 8); + let x24: u64 = (x23 >> 8); + let x25: u8 = ((x24 >> 8) as u8); + let x26: u64 = (x1 >> 8); + let x27: u64 = (x26 >> 8); + let x28: u64 = (x27 >> 8); + let x29: u64 = (x28 >> 8); + let x30: u64 = (x29 >> 8); + let x31: u64 = (x30 >> 8); + let x32: u8 = ((x31 >> 8) as u8); + out1[0] = (x4 as u8); + out1[1] = (x5 as u8); + out1[2] = (x6 as u8); + out1[3] = (x7 as u8); + out1[4] = (x8 as u8); + out1[5] = (x9 as u8); + out1[6] = (x10 as u8); + out1[7] = x11; + out1[8] = (x3 as u8); + out1[9] = (x12 as u8); + out1[10] = (x13 as u8); + out1[11] = (x14 as u8); + out1[12] = (x15 as u8); + out1[13] = (x16 as u8); + out1[14] = (x17 as u8); + out1[15] = x18; + out1[16] = (x2 as u8); + out1[17] = (x19 as u8); + out1[18] = (x20 as u8); + out1[19] = (x21 as u8); + out1[20] = (x22 as u8); + out1[21] = (x23 as u8); + out1[22] = (x24 as u8); + out1[23] = x25; + out1[24] = (x1 as u8); + out1[25] = (x26 as u8); + out1[26] = (x27 as u8); + out1[27] = (x28 as u8); + out1[28] = (x29 as u8); + out1[29] = (x30 as u8); + out1[30] = (x31 as u8); + out1[31] = x32; } /// The function fiat_secp256k1_montgomery_scalar_from_bytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1780,7 +1750,7 @@ pub fn fiat_secp256k1_montgomery_scalar_divstep(out1: &mut u64, out2: &mut [u64; let mut x1: u64 = 0; let mut x2: fiat_secp256k1_montgomery_scalar_u1 = 0; fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x1, &mut x2, 0x0, (!arg1), (0x1 as u64)); - let x3: fiat_secp256k1_montgomery_scalar_u1 = (((x1 >> 63) as fiat_secp256k1_montgomery_scalar_u1) & (((arg3[0]) & (0x1 as u64)) as fiat_secp256k1_montgomery_scalar_u1)); + let x3: fiat_secp256k1_montgomery_scalar_u1 = (((x1 >> 63) as fiat_secp256k1_montgomery_scalar_u1) & ((arg3[0]) as fiat_secp256k1_montgomery_scalar_u1)); let mut x4: u64 = 0; let mut x5: fiat_secp256k1_montgomery_scalar_u1 = 0; fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x4, &mut x5, 0x0, (!arg1), (0x1 as u64)); @@ -1894,110 +1864,109 @@ pub fn fiat_secp256k1_montgomery_scalar_divstep(out1: &mut u64, out2: &mut [u64; fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x72, x3, (arg5[2]), x66); let mut x73: u64 = 0; fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x73, x3, (arg5[3]), x68); - let x74: fiat_secp256k1_montgomery_scalar_u1 = ((x22 & (0x1 as u64)) as fiat_secp256k1_montgomery_scalar_u1); + let mut x74: u64 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x74, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x7); let mut x75: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x75, x74, (0x0 as u64), x7); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x75, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x8); let mut x76: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x76, x74, (0x0 as u64), x8); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x76, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x9); let mut x77: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x77, x74, (0x0 as u64), x9); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x77, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x10); let mut x78: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x78, x74, (0x0 as u64), x10); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x78, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x11); let mut x79: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x79, x74, (0x0 as u64), x11); - let mut x80: u64 = 0; - let mut x81: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x80, &mut x81, 0x0, x22, x75); - let mut x82: u64 = 0; - let mut x83: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x82, &mut x83, x81, x23, x76); - let mut x84: u64 = 0; - let mut x85: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x84, &mut x85, x83, x24, x77); - let mut x86: u64 = 0; - let mut x87: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x86, &mut x87, x85, x25, x78); - let mut x88: u64 = 0; - let mut x89: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x88, &mut x89, x87, x26, x79); + let mut x80: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x79, &mut x80, 0x0, x22, x74); + let mut x81: u64 = 0; + let mut x82: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x81, &mut x82, x80, x23, x75); + let mut x83: u64 = 0; + let mut x84: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x83, &mut x84, x82, x24, x76); + let mut x85: u64 = 0; + let mut x86: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x85, &mut x86, x84, x25, x77); + let mut x87: u64 = 0; + let mut x88: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x87, &mut x88, x86, x26, x78); + let mut x89: u64 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x89, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x27); let mut x90: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x90, x74, (0x0 as u64), x27); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x90, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x28); let mut x91: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x91, x74, (0x0 as u64), x28); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x91, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x29); let mut x92: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x92, x74, (0x0 as u64), x29); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x92, (x22 as fiat_secp256k1_montgomery_scalar_u1), (0x0 as u64), x30); let mut x93: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x93, x74, (0x0 as u64), x30); - let mut x94: u64 = 0; - let mut x95: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x94, &mut x95, 0x0, x70, x90); - let mut x96: u64 = 0; - let mut x97: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x96, &mut x97, x95, x71, x91); - let mut x98: u64 = 0; - let mut x99: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x98, &mut x99, x97, x72, x92); - let mut x100: u64 = 0; - let mut x101: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x100, &mut x101, x99, x73, x93); - let mut x102: u64 = 0; - let mut x103: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x102, &mut x103, 0x0, x94, 0xbfd25e8cd0364141); - let mut x104: u64 = 0; - let mut x105: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x104, &mut x105, x103, x96, 0xbaaedce6af48a03b); - let mut x106: u64 = 0; - let mut x107: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x106, &mut x107, x105, x98, 0xfffffffffffffffe); - let mut x108: u64 = 0; - let mut x109: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x108, &mut x109, x107, x100, 0xffffffffffffffff); - let mut x110: u64 = 0; - let mut x111: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x110, &mut x111, x109, (x101 as u64), (0x0 as u64)); - let mut x112: u64 = 0; - let mut x113: fiat_secp256k1_montgomery_scalar_u1 = 0; - fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x112, &mut x113, 0x0, x6, (0x1 as u64)); - let x114: u64 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - let x115: u64 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - let x116: u64 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - let x117: u64 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - let x118: u64 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + let mut x94: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x93, &mut x94, 0x0, x70, x89); + let mut x95: u64 = 0; + let mut x96: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x95, &mut x96, x94, x71, x90); + let mut x97: u64 = 0; + let mut x98: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x97, &mut x98, x96, x72, x91); + let mut x99: u64 = 0; + let mut x100: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x99, &mut x100, x98, x73, x92); + let mut x101: u64 = 0; + let mut x102: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x101, &mut x102, 0x0, x93, 0xbfd25e8cd0364141); + let mut x103: u64 = 0; + let mut x104: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x103, &mut x104, x102, x95, 0xbaaedce6af48a03b); + let mut x105: u64 = 0; + let mut x106: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x105, &mut x106, x104, x97, 0xfffffffffffffffe); + let mut x107: u64 = 0; + let mut x108: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x107, &mut x108, x106, x99, 0xffffffffffffffff); + let mut x109: u64 = 0; + let mut x110: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_subborrowx_u64(&mut x109, &mut x110, x108, (x100 as u64), (0x0 as u64)); + let mut x111: u64 = 0; + let mut x112: fiat_secp256k1_montgomery_scalar_u1 = 0; + fiat_secp256k1_montgomery_scalar_addcarryx_u64(&mut x111, &mut x112, 0x0, x6, (0x1 as u64)); + let x113: u64 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + let x114: u64 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + let x115: u64 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + let x116: u64 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + let x117: u64 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + let mut x118: u64 = 0; + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x118, x48, x39, x31); let mut x119: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x119, x48, x39, x31); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x119, x48, x41, x33); let mut x120: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x120, x48, x41, x33); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x120, x48, x43, x35); let mut x121: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x121, x48, x43, x35); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x121, x48, x45, x37); let mut x122: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x122, x48, x45, x37); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x122, x110, x101, x93); let mut x123: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x123, x111, x102, x94); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x123, x110, x103, x95); let mut x124: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x124, x111, x104, x96); + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x124, x110, x105, x97); let mut x125: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x125, x111, x106, x98); - let mut x126: u64 = 0; - fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x126, x111, x108, x100); - *out1 = x112; + fiat_secp256k1_montgomery_scalar_cmovznz_u64(&mut x125, x110, x107, x99); + *out1 = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function fiat_secp256k1_montgomery_scalar_divstep_precomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/curve25519_32.zig b/fiat-zig/src/curve25519_32.zig index 49ba39aee0..4fb99306de 100644 --- a/fiat-zig/src/curve25519_32.zig +++ b/fiat-zig/src/curve25519_32.zig @@ -714,106 +714,76 @@ pub fn toBytes(out1: *[32]u8, arg1: TightFieldElement) void { const x47 = (x28 << 5); const x48 = (x26 << 3); const x49 = (x24 << 2); - const x50 = cast(u8, (x22 & cast(u32, 0xff))); - const x51 = (x22 >> 8); - const x52 = cast(u8, (x51 & cast(u32, 0xff))); - const x53 = (x51 >> 8); - const x54 = cast(u8, (x53 & cast(u32, 0xff))); - const x55 = cast(u8, (x53 >> 8)); - const x56 = (x49 + cast(u32, x55)); - const x57 = cast(u8, (x56 & cast(u32, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u32, 0xff))); - const x60 = (x58 >> 8); - const x61 = cast(u8, (x60 & cast(u32, 0xff))); - const x62 = cast(u8, (x60 >> 8)); - const x63 = (x48 + cast(u32, x62)); - const x64 = cast(u8, (x63 & cast(u32, 0xff))); - const x65 = (x63 >> 8); - const x66 = cast(u8, (x65 & cast(u32, 0xff))); - const x67 = (x65 >> 8); - const x68 = cast(u8, (x67 & cast(u32, 0xff))); - const x69 = cast(u8, (x67 >> 8)); - const x70 = (x47 + cast(u32, x69)); - const x71 = cast(u8, (x70 & cast(u32, 0xff))); - const x72 = (x70 >> 8); - const x73 = cast(u8, (x72 & cast(u32, 0xff))); - const x74 = (x72 >> 8); - const x75 = cast(u8, (x74 & cast(u32, 0xff))); - const x76 = cast(u8, (x74 >> 8)); - const x77 = (x46 + cast(u32, x76)); - const x78 = cast(u8, (x77 & cast(u32, 0xff))); - const x79 = (x77 >> 8); - const x80 = cast(u8, (x79 & cast(u32, 0xff))); - const x81 = (x79 >> 8); - const x82 = cast(u8, (x81 & cast(u32, 0xff))); - const x83 = cast(u8, (x81 >> 8)); - const x84 = cast(u8, (x32 & cast(u32, 0xff))); - const x85 = (x32 >> 8); - const x86 = cast(u8, (x85 & cast(u32, 0xff))); - const x87 = (x85 >> 8); - const x88 = cast(u8, (x87 & cast(u32, 0xff))); - const x89 = cast(u1, (x87 >> 8)); - const x90 = (x45 + cast(u32, x89)); - const x91 = cast(u8, (x90 & cast(u32, 0xff))); - const x92 = (x90 >> 8); - const x93 = cast(u8, (x92 & cast(u32, 0xff))); - const x94 = (x92 >> 8); - const x95 = cast(u8, (x94 & cast(u32, 0xff))); - const x96 = cast(u8, (x94 >> 8)); - const x97 = (x44 + cast(u32, x96)); - const x98 = cast(u8, (x97 & cast(u32, 0xff))); - const x99 = (x97 >> 8); - const x100 = cast(u8, (x99 & cast(u32, 0xff))); - const x101 = (x99 >> 8); - const x102 = cast(u8, (x101 & cast(u32, 0xff))); - const x103 = cast(u8, (x101 >> 8)); - const x104 = (x43 + cast(u32, x103)); - const x105 = cast(u8, (x104 & cast(u32, 0xff))); - const x106 = (x104 >> 8); - const x107 = cast(u8, (x106 & cast(u32, 0xff))); - const x108 = (x106 >> 8); - const x109 = cast(u8, (x108 & cast(u32, 0xff))); - const x110 = cast(u8, (x108 >> 8)); - const x111 = (x42 + cast(u32, x110)); - const x112 = cast(u8, (x111 & cast(u32, 0xff))); - const x113 = (x111 >> 8); - const x114 = cast(u8, (x113 & cast(u32, 0xff))); - const x115 = (x113 >> 8); - const x116 = cast(u8, (x115 & cast(u32, 0xff))); - const x117 = cast(u8, (x115 >> 8)); - out1[0] = x50; - out1[1] = x52; - out1[2] = x54; - out1[3] = x57; - out1[4] = x59; - out1[5] = x61; - out1[6] = x64; - out1[7] = x66; - out1[8] = x68; - out1[9] = x71; - out1[10] = x73; - out1[11] = x75; - out1[12] = x78; - out1[13] = x80; - out1[14] = x82; - out1[15] = x83; - out1[16] = x84; - out1[17] = x86; - out1[18] = x88; - out1[19] = x91; - out1[20] = x93; - out1[21] = x95; - out1[22] = x98; - out1[23] = x100; - out1[24] = x102; - out1[25] = x105; - out1[26] = x107; - out1[27] = x109; - out1[28] = x112; - out1[29] = x114; - out1[30] = x116; - out1[31] = x117; + const x50 = (x22 >> 8); + const x51 = (x50 >> 8); + const x52 = cast(u8, (x51 >> 8)); + const x53 = (x49 + cast(u32, x52)); + const x54 = (x53 >> 8); + const x55 = (x54 >> 8); + const x56 = cast(u8, (x55 >> 8)); + const x57 = (x48 + cast(u32, x56)); + const x58 = (x57 >> 8); + const x59 = (x58 >> 8); + const x60 = cast(u8, (x59 >> 8)); + const x61 = (x47 + cast(u32, x60)); + const x62 = (x61 >> 8); + const x63 = (x62 >> 8); + const x64 = cast(u8, (x63 >> 8)); + const x65 = (x46 + cast(u32, x64)); + const x66 = (x65 >> 8); + const x67 = (x66 >> 8); + const x68 = cast(u8, (x67 >> 8)); + const x69 = (x32 >> 8); + const x70 = (x69 >> 8); + const x71 = cast(u1, (x70 >> 8)); + const x72 = (x45 + cast(u32, x71)); + const x73 = (x72 >> 8); + const x74 = (x73 >> 8); + const x75 = cast(u8, (x74 >> 8)); + const x76 = (x44 + cast(u32, x75)); + const x77 = (x76 >> 8); + const x78 = (x77 >> 8); + const x79 = cast(u8, (x78 >> 8)); + const x80 = (x43 + cast(u32, x79)); + const x81 = (x80 >> 8); + const x82 = (x81 >> 8); + const x83 = cast(u8, (x82 >> 8)); + const x84 = (x42 + cast(u32, x83)); + const x85 = (x84 >> 8); + const x86 = (x85 >> 8); + const x87 = cast(u8, (x86 >> 8)); + out1[0] = cast(u8, x22); + out1[1] = cast(u8, x50); + out1[2] = cast(u8, x51); + out1[3] = cast(u8, x53); + out1[4] = cast(u8, x54); + out1[5] = cast(u8, x55); + out1[6] = cast(u8, x57); + out1[7] = cast(u8, x58); + out1[8] = cast(u8, x59); + out1[9] = cast(u8, x61); + out1[10] = cast(u8, x62); + out1[11] = cast(u8, x63); + out1[12] = cast(u8, x65); + out1[13] = cast(u8, x66); + out1[14] = cast(u8, x67); + out1[15] = x68; + out1[16] = cast(u8, x32); + out1[17] = cast(u8, x69); + out1[18] = cast(u8, x70); + out1[19] = cast(u8, x72); + out1[20] = cast(u8, x73); + out1[21] = cast(u8, x74); + out1[22] = cast(u8, x76); + out1[23] = cast(u8, x77); + out1[24] = cast(u8, x78); + out1[25] = cast(u8, x80); + out1[26] = cast(u8, x81); + out1[27] = cast(u8, x82); + out1[28] = cast(u8, x84); + out1[29] = cast(u8, x85); + out1[30] = cast(u8, x86); + out1[31] = x87; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/curve25519_64.zig b/fiat-zig/src/curve25519_64.zig index be0808bead..a865917d2b 100644 --- a/fiat-zig/src/curve25519_64.zig +++ b/fiat-zig/src/curve25519_64.zig @@ -399,104 +399,73 @@ pub fn toBytes(out1: *[32]u8, arg1: TightFieldElement) void { const x23 = (x18 * cast(u64, 0x2)); const x24 = (x16 << 6); const x25 = (x14 << 3); - const x26 = cast(u8, (x12 & cast(u64, 0xff))); - const x27 = (x12 >> 8); - const x28 = cast(u8, (x27 & cast(u64, 0xff))); - const x29 = (x27 >> 8); - const x30 = cast(u8, (x29 & cast(u64, 0xff))); - const x31 = (x29 >> 8); - const x32 = cast(u8, (x31 & cast(u64, 0xff))); - const x33 = (x31 >> 8); - const x34 = cast(u8, (x33 & cast(u64, 0xff))); - const x35 = (x33 >> 8); - const x36 = cast(u8, (x35 & cast(u64, 0xff))); - const x37 = cast(u8, (x35 >> 8)); - const x38 = (x25 + cast(u64, x37)); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = (x44 >> 8); - const x47 = cast(u8, (x46 & cast(u64, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = (x24 + cast(u64, x50)); - const x52 = cast(u8, (x51 & cast(u64, 0xff))); - const x53 = (x51 >> 8); - const x54 = cast(u8, (x53 & cast(u64, 0xff))); - const x55 = (x53 >> 8); - const x56 = cast(u8, (x55 & cast(u64, 0xff))); - const x57 = (x55 >> 8); - const x58 = cast(u8, (x57 & cast(u64, 0xff))); - const x59 = (x57 >> 8); - const x60 = cast(u8, (x59 & cast(u64, 0xff))); - const x61 = (x59 >> 8); - const x62 = cast(u8, (x61 & cast(u64, 0xff))); - const x63 = (x61 >> 8); - const x64 = cast(u8, (x63 & cast(u64, 0xff))); - const x65 = cast(u1, (x63 >> 8)); - const x66 = (x23 + cast(u64, x65)); - const x67 = cast(u8, (x66 & cast(u64, 0xff))); - const x68 = (x66 >> 8); - const x69 = cast(u8, (x68 & cast(u64, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u64, 0xff))); - const x72 = (x70 >> 8); - const x73 = cast(u8, (x72 & cast(u64, 0xff))); - const x74 = (x72 >> 8); - const x75 = cast(u8, (x74 & cast(u64, 0xff))); - const x76 = (x74 >> 8); - const x77 = cast(u8, (x76 & cast(u64, 0xff))); - const x78 = cast(u8, (x76 >> 8)); - const x79 = (x22 + cast(u64, x78)); - const x80 = cast(u8, (x79 & cast(u64, 0xff))); - const x81 = (x79 >> 8); - const x82 = cast(u8, (x81 & cast(u64, 0xff))); - const x83 = (x81 >> 8); - const x84 = cast(u8, (x83 & cast(u64, 0xff))); - const x85 = (x83 >> 8); - const x86 = cast(u8, (x85 & cast(u64, 0xff))); - const x87 = (x85 >> 8); - const x88 = cast(u8, (x87 & cast(u64, 0xff))); - const x89 = (x87 >> 8); - const x90 = cast(u8, (x89 & cast(u64, 0xff))); - const x91 = cast(u8, (x89 >> 8)); - out1[0] = x26; - out1[1] = x28; - out1[2] = x30; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x45; - out1[10] = x47; - out1[11] = x49; - out1[12] = x52; - out1[13] = x54; - out1[14] = x56; - out1[15] = x58; - out1[16] = x60; - out1[17] = x62; - out1[18] = x64; - out1[19] = x67; - out1[20] = x69; - out1[21] = x71; - out1[22] = x73; - out1[23] = x75; - out1[24] = x77; - out1[25] = x80; - out1[26] = x82; - out1[27] = x84; - out1[28] = x86; - out1[29] = x88; - out1[30] = x90; - out1[31] = x91; + const x26 = (x12 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = cast(u8, (x30 >> 8)); + const x32 = (x25 + cast(u64, x31)); + const x33 = (x32 >> 8); + const x34 = (x33 >> 8); + const x35 = (x34 >> 8); + const x36 = (x35 >> 8); + const x37 = (x36 >> 8); + const x38 = cast(u8, (x37 >> 8)); + const x39 = (x24 + cast(u64, x38)); + const x40 = (x39 >> 8); + const x41 = (x40 >> 8); + const x42 = (x41 >> 8); + const x43 = (x42 >> 8); + const x44 = (x43 >> 8); + const x45 = (x44 >> 8); + const x46 = cast(u1, (x45 >> 8)); + const x47 = (x23 + cast(u64, x46)); + const x48 = (x47 >> 8); + const x49 = (x48 >> 8); + const x50 = (x49 >> 8); + const x51 = (x50 >> 8); + const x52 = (x51 >> 8); + const x53 = cast(u8, (x52 >> 8)); + const x54 = (x22 + cast(u64, x53)); + const x55 = (x54 >> 8); + const x56 = (x55 >> 8); + const x57 = (x56 >> 8); + const x58 = (x57 >> 8); + const x59 = (x58 >> 8); + const x60 = cast(u8, (x59 >> 8)); + out1[0] = cast(u8, x12); + out1[1] = cast(u8, x26); + out1[2] = cast(u8, x27); + out1[3] = cast(u8, x28); + out1[4] = cast(u8, x29); + out1[5] = cast(u8, x30); + out1[6] = cast(u8, x32); + out1[7] = cast(u8, x33); + out1[8] = cast(u8, x34); + out1[9] = cast(u8, x35); + out1[10] = cast(u8, x36); + out1[11] = cast(u8, x37); + out1[12] = cast(u8, x39); + out1[13] = cast(u8, x40); + out1[14] = cast(u8, x41); + out1[15] = cast(u8, x42); + out1[16] = cast(u8, x43); + out1[17] = cast(u8, x44); + out1[18] = cast(u8, x45); + out1[19] = cast(u8, x47); + out1[20] = cast(u8, x48); + out1[21] = cast(u8, x49); + out1[22] = cast(u8, x50); + out1[23] = cast(u8, x51); + out1[24] = cast(u8, x52); + out1[25] = cast(u8, x54); + out1[26] = cast(u8, x55); + out1[27] = cast(u8, x56); + out1[28] = cast(u8, x57); + out1[29] = cast(u8, x58); + out1[30] = cast(u8, x59); + out1[31] = x60; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/curve25519_scalar_32.zig b/fiat-zig/src/curve25519_scalar_32.zig index 262daaaadb..5ba177154a 100644 --- a/fiat-zig/src/curve25519_scalar_32.zig +++ b/fiat-zig/src/curve25519_scalar_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -4159,86 +4157,62 @@ pub fn toBytes(out1: *[32]u8, arg1: [8]u32) void { const x6 = (arg1[2]); const x7 = (arg1[1]); const x8 = (arg1[0]); - const x9 = cast(u8, (x8 & cast(u32, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u32, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = cast(u8, (x12 >> 8)); - const x15 = cast(u8, (x7 & cast(u32, 0xff))); - const x16 = (x7 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u32, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x6 & cast(u32, 0xff))); - const x22 = (x6 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u32, 0xff))); - const x26 = cast(u8, (x24 >> 8)); - const x27 = cast(u8, (x5 & cast(u32, 0xff))); - const x28 = (x5 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u32, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x4 & cast(u32, 0xff))); - const x34 = (x4 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u32, 0xff))); - const x38 = cast(u8, (x36 >> 8)); - const x39 = cast(u8, (x3 & cast(u32, 0xff))); - const x40 = (x3 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = cast(u8, (x2 & cast(u32, 0xff))); - const x46 = (x2 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u32, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = cast(u8, (x1 & cast(u32, 0xff))); - const x52 = (x1 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u32, 0xff))); - const x56 = cast(u8, (x54 >> 8)); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x7 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = cast(u8, (x16 >> 8)); + const x18 = (x5 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = cast(u8, (x22 >> 8)); + const x24 = (x3 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x2 >> 8); + const x28 = (x27 >> 8); + const x29 = cast(u8, (x28 >> 8)); + const x30 = (x1 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x9); + out1[2] = cast(u8, x10); + out1[3] = x11; + out1[4] = cast(u8, x7); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = x17; + out1[12] = cast(u8, x5); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = x23; + out1[20] = cast(u8, x3); + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x25); + out1[23] = x26; + out1[24] = cast(u8, x2); + out1[25] = cast(u8, x27); + out1[26] = cast(u8, x28); + out1[27] = x29; + out1[28] = cast(u8, x1); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4397,7 +4371,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -4607,164 +4581,163 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ cmovznzU32(&x132, x3, (arg5[6]), x122); var x133: u32 = undefined; cmovznzU32(&x133, x3, (arg5[7]), x124); - const x134 = cast(u1, (x34 & cast(u32, 0x1))); + var x134: u32 = undefined; + cmovznzU32(&x134, cast(u1, x34), cast(u32, 0x0), x7); var x135: u32 = undefined; - cmovznzU32(&x135, x134, cast(u32, 0x0), x7); + cmovznzU32(&x135, cast(u1, x34), cast(u32, 0x0), x8); var x136: u32 = undefined; - cmovznzU32(&x136, x134, cast(u32, 0x0), x8); + cmovznzU32(&x136, cast(u1, x34), cast(u32, 0x0), x9); var x137: u32 = undefined; - cmovznzU32(&x137, x134, cast(u32, 0x0), x9); + cmovznzU32(&x137, cast(u1, x34), cast(u32, 0x0), x10); var x138: u32 = undefined; - cmovznzU32(&x138, x134, cast(u32, 0x0), x10); + cmovznzU32(&x138, cast(u1, x34), cast(u32, 0x0), x11); var x139: u32 = undefined; - cmovznzU32(&x139, x134, cast(u32, 0x0), x11); + cmovznzU32(&x139, cast(u1, x34), cast(u32, 0x0), x12); var x140: u32 = undefined; - cmovznzU32(&x140, x134, cast(u32, 0x0), x12); + cmovznzU32(&x140, cast(u1, x34), cast(u32, 0x0), x13); var x141: u32 = undefined; - cmovznzU32(&x141, x134, cast(u32, 0x0), x13); + cmovznzU32(&x141, cast(u1, x34), cast(u32, 0x0), x14); var x142: u32 = undefined; - cmovznzU32(&x142, x134, cast(u32, 0x0), x14); + cmovznzU32(&x142, cast(u1, x34), cast(u32, 0x0), x15); var x143: u32 = undefined; - cmovznzU32(&x143, x134, cast(u32, 0x0), x15); - var x144: u32 = undefined; - var x145: u1 = undefined; - addcarryxU32(&x144, &x145, 0x0, x34, x135); - var x146: u32 = undefined; - var x147: u1 = undefined; - addcarryxU32(&x146, &x147, x145, x35, x136); - var x148: u32 = undefined; - var x149: u1 = undefined; - addcarryxU32(&x148, &x149, x147, x36, x137); - var x150: u32 = undefined; - var x151: u1 = undefined; - addcarryxU32(&x150, &x151, x149, x37, x138); - var x152: u32 = undefined; - var x153: u1 = undefined; - addcarryxU32(&x152, &x153, x151, x38, x139); - var x154: u32 = undefined; - var x155: u1 = undefined; - addcarryxU32(&x154, &x155, x153, x39, x140); - var x156: u32 = undefined; - var x157: u1 = undefined; - addcarryxU32(&x156, &x157, x155, x40, x141); - var x158: u32 = undefined; - var x159: u1 = undefined; - addcarryxU32(&x158, &x159, x157, x41, x142); - var x160: u32 = undefined; - var x161: u1 = undefined; - addcarryxU32(&x160, &x161, x159, x42, x143); + var x144: u1 = undefined; + addcarryxU32(&x143, &x144, 0x0, x34, x134); + var x145: u32 = undefined; + var x146: u1 = undefined; + addcarryxU32(&x145, &x146, x144, x35, x135); + var x147: u32 = undefined; + var x148: u1 = undefined; + addcarryxU32(&x147, &x148, x146, x36, x136); + var x149: u32 = undefined; + var x150: u1 = undefined; + addcarryxU32(&x149, &x150, x148, x37, x137); + var x151: u32 = undefined; + var x152: u1 = undefined; + addcarryxU32(&x151, &x152, x150, x38, x138); + var x153: u32 = undefined; + var x154: u1 = undefined; + addcarryxU32(&x153, &x154, x152, x39, x139); + var x155: u32 = undefined; + var x156: u1 = undefined; + addcarryxU32(&x155, &x156, x154, x40, x140); + var x157: u32 = undefined; + var x158: u1 = undefined; + addcarryxU32(&x157, &x158, x156, x41, x141); + var x159: u32 = undefined; + var x160: u1 = undefined; + addcarryxU32(&x159, &x160, x158, x42, x142); + var x161: u32 = undefined; + cmovznzU32(&x161, cast(u1, x34), cast(u32, 0x0), x43); var x162: u32 = undefined; - cmovznzU32(&x162, x134, cast(u32, 0x0), x43); + cmovznzU32(&x162, cast(u1, x34), cast(u32, 0x0), x44); var x163: u32 = undefined; - cmovznzU32(&x163, x134, cast(u32, 0x0), x44); + cmovznzU32(&x163, cast(u1, x34), cast(u32, 0x0), x45); var x164: u32 = undefined; - cmovznzU32(&x164, x134, cast(u32, 0x0), x45); + cmovznzU32(&x164, cast(u1, x34), cast(u32, 0x0), x46); var x165: u32 = undefined; - cmovznzU32(&x165, x134, cast(u32, 0x0), x46); + cmovznzU32(&x165, cast(u1, x34), cast(u32, 0x0), x47); var x166: u32 = undefined; - cmovznzU32(&x166, x134, cast(u32, 0x0), x47); + cmovznzU32(&x166, cast(u1, x34), cast(u32, 0x0), x48); var x167: u32 = undefined; - cmovznzU32(&x167, x134, cast(u32, 0x0), x48); + cmovznzU32(&x167, cast(u1, x34), cast(u32, 0x0), x49); var x168: u32 = undefined; - cmovznzU32(&x168, x134, cast(u32, 0x0), x49); + cmovznzU32(&x168, cast(u1, x34), cast(u32, 0x0), x50); var x169: u32 = undefined; - cmovznzU32(&x169, x134, cast(u32, 0x0), x50); - var x170: u32 = undefined; - var x171: u1 = undefined; - addcarryxU32(&x170, &x171, 0x0, x126, x162); - var x172: u32 = undefined; - var x173: u1 = undefined; - addcarryxU32(&x172, &x173, x171, x127, x163); - var x174: u32 = undefined; - var x175: u1 = undefined; - addcarryxU32(&x174, &x175, x173, x128, x164); - var x176: u32 = undefined; - var x177: u1 = undefined; - addcarryxU32(&x176, &x177, x175, x129, x165); - var x178: u32 = undefined; - var x179: u1 = undefined; - addcarryxU32(&x178, &x179, x177, x130, x166); - var x180: u32 = undefined; - var x181: u1 = undefined; - addcarryxU32(&x180, &x181, x179, x131, x167); - var x182: u32 = undefined; - var x183: u1 = undefined; - addcarryxU32(&x182, &x183, x181, x132, x168); - var x184: u32 = undefined; - var x185: u1 = undefined; - addcarryxU32(&x184, &x185, x183, x133, x169); - var x186: u32 = undefined; - var x187: u1 = undefined; - subborrowxU32(&x186, &x187, 0x0, x170, 0x5cf5d3ed); - var x188: u32 = undefined; - var x189: u1 = undefined; - subborrowxU32(&x188, &x189, x187, x172, 0x5812631a); - var x190: u32 = undefined; - var x191: u1 = undefined; - subborrowxU32(&x190, &x191, x189, x174, 0xa2f79cd6); - var x192: u32 = undefined; - var x193: u1 = undefined; - subborrowxU32(&x192, &x193, x191, x176, 0x14def9de); - var x194: u32 = undefined; - var x195: u1 = undefined; - subborrowxU32(&x194, &x195, x193, x178, cast(u32, 0x0)); - var x196: u32 = undefined; - var x197: u1 = undefined; - subborrowxU32(&x196, &x197, x195, x180, cast(u32, 0x0)); - var x198: u32 = undefined; - var x199: u1 = undefined; - subborrowxU32(&x198, &x199, x197, x182, cast(u32, 0x0)); - var x200: u32 = undefined; - var x201: u1 = undefined; - subborrowxU32(&x200, &x201, x199, x184, 0x10000000); - var x202: u32 = undefined; - var x203: u1 = undefined; - subborrowxU32(&x202, &x203, x201, cast(u32, x185), cast(u32, 0x0)); - var x204: u32 = undefined; - var x205: u1 = undefined; - addcarryxU32(&x204, &x205, 0x0, x6, cast(u32, 0x1)); - const x206 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - const x207 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - const x208 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - const x209 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - const x210 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - const x211 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - const x212 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - const x213 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - const x214 = ((x160 & 0x80000000) | (x160 >> 1)); + var x170: u1 = undefined; + addcarryxU32(&x169, &x170, 0x0, x126, x161); + var x171: u32 = undefined; + var x172: u1 = undefined; + addcarryxU32(&x171, &x172, x170, x127, x162); + var x173: u32 = undefined; + var x174: u1 = undefined; + addcarryxU32(&x173, &x174, x172, x128, x163); + var x175: u32 = undefined; + var x176: u1 = undefined; + addcarryxU32(&x175, &x176, x174, x129, x164); + var x177: u32 = undefined; + var x178: u1 = undefined; + addcarryxU32(&x177, &x178, x176, x130, x165); + var x179: u32 = undefined; + var x180: u1 = undefined; + addcarryxU32(&x179, &x180, x178, x131, x166); + var x181: u32 = undefined; + var x182: u1 = undefined; + addcarryxU32(&x181, &x182, x180, x132, x167); + var x183: u32 = undefined; + var x184: u1 = undefined; + addcarryxU32(&x183, &x184, x182, x133, x168); + var x185: u32 = undefined; + var x186: u1 = undefined; + subborrowxU32(&x185, &x186, 0x0, x169, 0x5cf5d3ed); + var x187: u32 = undefined; + var x188: u1 = undefined; + subborrowxU32(&x187, &x188, x186, x171, 0x5812631a); + var x189: u32 = undefined; + var x190: u1 = undefined; + subborrowxU32(&x189, &x190, x188, x173, 0xa2f79cd6); + var x191: u32 = undefined; + var x192: u1 = undefined; + subborrowxU32(&x191, &x192, x190, x175, 0x14def9de); + var x193: u32 = undefined; + var x194: u1 = undefined; + subborrowxU32(&x193, &x194, x192, x177, cast(u32, 0x0)); + var x195: u32 = undefined; + var x196: u1 = undefined; + subborrowxU32(&x195, &x196, x194, x179, cast(u32, 0x0)); + var x197: u32 = undefined; + var x198: u1 = undefined; + subborrowxU32(&x197, &x198, x196, x181, cast(u32, 0x0)); + var x199: u32 = undefined; + var x200: u1 = undefined; + subborrowxU32(&x199, &x200, x198, x183, 0x10000000); + var x201: u32 = undefined; + var x202: u1 = undefined; + subborrowxU32(&x201, &x202, x200, cast(u32, x184), cast(u32, 0x0)); + var x203: u32 = undefined; + var x204: u1 = undefined; + addcarryxU32(&x203, &x204, 0x0, x6, cast(u32, 0x1)); + const x205 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + const x206 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + const x207 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + const x208 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + const x209 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + const x210 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + const x211 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + const x212 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + const x213 = ((x159 & 0x80000000) | (x159 >> 1)); + var x214: u32 = undefined; + cmovznzU32(&x214, x84, x67, x51); var x215: u32 = undefined; - cmovznzU32(&x215, x84, x67, x51); + cmovznzU32(&x215, x84, x69, x53); var x216: u32 = undefined; - cmovznzU32(&x216, x84, x69, x53); + cmovznzU32(&x216, x84, x71, x55); var x217: u32 = undefined; - cmovznzU32(&x217, x84, x71, x55); + cmovznzU32(&x217, x84, x73, x57); var x218: u32 = undefined; - cmovznzU32(&x218, x84, x73, x57); + cmovznzU32(&x218, x84, x75, x59); var x219: u32 = undefined; - cmovznzU32(&x219, x84, x75, x59); + cmovznzU32(&x219, x84, x77, x61); var x220: u32 = undefined; - cmovznzU32(&x220, x84, x77, x61); + cmovznzU32(&x220, x84, x79, x63); var x221: u32 = undefined; - cmovznzU32(&x221, x84, x79, x63); + cmovznzU32(&x221, x84, x81, x65); var x222: u32 = undefined; - cmovznzU32(&x222, x84, x81, x65); + cmovznzU32(&x222, x202, x185, x169); var x223: u32 = undefined; - cmovznzU32(&x223, x203, x186, x170); + cmovznzU32(&x223, x202, x187, x171); var x224: u32 = undefined; - cmovznzU32(&x224, x203, x188, x172); + cmovznzU32(&x224, x202, x189, x173); var x225: u32 = undefined; - cmovznzU32(&x225, x203, x190, x174); + cmovznzU32(&x225, x202, x191, x175); var x226: u32 = undefined; - cmovznzU32(&x226, x203, x192, x176); + cmovznzU32(&x226, x202, x193, x177); var x227: u32 = undefined; - cmovznzU32(&x227, x203, x194, x178); + cmovznzU32(&x227, x202, x195, x179); var x228: u32 = undefined; - cmovznzU32(&x228, x203, x196, x180); + cmovznzU32(&x228, x202, x197, x181); var x229: u32 = undefined; - cmovznzU32(&x229, x203, x198, x182); - var x230: u32 = undefined; - cmovznzU32(&x230, x203, x200, x184); - out1.* = x204; + cmovznzU32(&x229, x202, x199, x183); + out1.* = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4774,31 +4747,31 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/curve25519_scalar_64.zig b/fiat-zig/src/curve25519_scalar_64.zig index 8d4de78618..81d57830e6 100644 --- a/fiat-zig/src/curve25519_scalar_64.zig +++ b/fiat-zig/src/curve25519_scalar_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -1381,94 +1379,66 @@ pub fn toBytes(out1: *[32]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = cast(u8, x28); + out1[28] = cast(u8, x29); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1619,7 +1589,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1733,110 +1703,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, 0x5812631a5cf5d3ed); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0x14def9dea2f79cd6); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, cast(u64, 0x0)); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0x1000000000000000); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, 0x5812631a5cf5d3ed); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0x14def9dea2f79cd6); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, cast(u64, 0x0)); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0x1000000000000000); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/curve25519_solinas_64.zig b/fiat-zig/src/curve25519_solinas_64.zig index c011a0a857..1b4e408f29 100644 --- a/fiat-zig/src/curve25519_solinas_64.zig +++ b/fiat-zig/src/curve25519_solinas_64.zig @@ -41,10 +41,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -86,10 +85,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. diff --git a/fiat-zig/src/p224_32.zig b/fiat-zig/src/p224_32.zig index efb2790123..bf2a60e0ce 100644 --- a/fiat-zig/src/p224_32.zig +++ b/fiat-zig/src/p224_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -1924,7 +1922,7 @@ pub fn sub(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme cmovznzU32(&x15, x14, cast(u32, 0x0), 0xffffffff); var x16: u32 = undefined; var x17: u1 = undefined; - addcarryxU32(&x16, &x17, 0x0, x1, cast(u32, cast(u1, (x15 & cast(u32, 0x1))))); + addcarryxU32(&x16, &x17, 0x0, x1, cast(u32, cast(u1, x15))); var x18: u32 = undefined; var x19: u1 = undefined; addcarryxU32(&x18, &x19, x17, x3, cast(u32, 0x0)); @@ -1988,7 +1986,7 @@ pub fn opp(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme cmovznzU32(&x15, x14, cast(u32, 0x0), 0xffffffff); var x16: u32 = undefined; var x17: u1 = undefined; - addcarryxU32(&x16, &x17, 0x0, x1, cast(u32, cast(u1, (x15 & cast(u32, 0x1))))); + addcarryxU32(&x16, &x17, 0x0, x1, cast(u32, cast(u1, x15))); var x18: u32 = undefined; var x19: u1 = undefined; addcarryxU32(&x18, &x19, x17, x3, cast(u32, 0x0)); @@ -3182,76 +3180,55 @@ pub fn toBytes(out1: *[28]u8, arg1: [7]u32) void { const x5 = (arg1[2]); const x6 = (arg1[1]); const x7 = (arg1[0]); - const x8 = cast(u8, (x7 & cast(u32, 0xff))); - const x9 = (x7 >> 8); - const x10 = cast(u8, (x9 & cast(u32, 0xff))); - const x11 = (x9 >> 8); - const x12 = cast(u8, (x11 & cast(u32, 0xff))); - const x13 = cast(u8, (x11 >> 8)); - const x14 = cast(u8, (x6 & cast(u32, 0xff))); - const x15 = (x6 >> 8); - const x16 = cast(u8, (x15 & cast(u32, 0xff))); - const x17 = (x15 >> 8); - const x18 = cast(u8, (x17 & cast(u32, 0xff))); - const x19 = cast(u8, (x17 >> 8)); - const x20 = cast(u8, (x5 & cast(u32, 0xff))); - const x21 = (x5 >> 8); - const x22 = cast(u8, (x21 & cast(u32, 0xff))); - const x23 = (x21 >> 8); - const x24 = cast(u8, (x23 & cast(u32, 0xff))); - const x25 = cast(u8, (x23 >> 8)); - const x26 = cast(u8, (x4 & cast(u32, 0xff))); - const x27 = (x4 >> 8); - const x28 = cast(u8, (x27 & cast(u32, 0xff))); - const x29 = (x27 >> 8); - const x30 = cast(u8, (x29 & cast(u32, 0xff))); - const x31 = cast(u8, (x29 >> 8)); - const x32 = cast(u8, (x3 & cast(u32, 0xff))); - const x33 = (x3 >> 8); - const x34 = cast(u8, (x33 & cast(u32, 0xff))); - const x35 = (x33 >> 8); - const x36 = cast(u8, (x35 & cast(u32, 0xff))); - const x37 = cast(u8, (x35 >> 8)); - const x38 = cast(u8, (x2 & cast(u32, 0xff))); - const x39 = (x2 >> 8); - const x40 = cast(u8, (x39 & cast(u32, 0xff))); - const x41 = (x39 >> 8); - const x42 = cast(u8, (x41 & cast(u32, 0xff))); - const x43 = cast(u8, (x41 >> 8)); - const x44 = cast(u8, (x1 & cast(u32, 0xff))); - const x45 = (x1 >> 8); - const x46 = cast(u8, (x45 & cast(u32, 0xff))); - const x47 = (x45 >> 8); - const x48 = cast(u8, (x47 & cast(u32, 0xff))); - const x49 = cast(u8, (x47 >> 8)); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x13; - out1[4] = x14; - out1[5] = x16; - out1[6] = x18; - out1[7] = x19; - out1[8] = x20; - out1[9] = x22; - out1[10] = x24; - out1[11] = x25; - out1[12] = x26; - out1[13] = x28; - out1[14] = x30; - out1[15] = x31; - out1[16] = x32; - out1[17] = x34; - out1[18] = x36; - out1[19] = x37; - out1[20] = x38; - out1[21] = x40; - out1[22] = x42; - out1[23] = x43; - out1[24] = x44; - out1[25] = x46; - out1[26] = x48; - out1[27] = x49; + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = cast(u8, (x9 >> 8)); + const x11 = (x6 >> 8); + const x12 = (x11 >> 8); + const x13 = cast(u8, (x12 >> 8)); + const x14 = (x5 >> 8); + const x15 = (x14 >> 8); + const x16 = cast(u8, (x15 >> 8)); + const x17 = (x4 >> 8); + const x18 = (x17 >> 8); + const x19 = cast(u8, (x18 >> 8)); + const x20 = (x3 >> 8); + const x21 = (x20 >> 8); + const x22 = cast(u8, (x21 >> 8)); + const x23 = (x2 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = cast(u8, (x27 >> 8)); + out1[0] = cast(u8, x7); + out1[1] = cast(u8, x8); + out1[2] = cast(u8, x9); + out1[3] = x10; + out1[4] = cast(u8, x6); + out1[5] = cast(u8, x11); + out1[6] = cast(u8, x12); + out1[7] = x13; + out1[8] = cast(u8, x5); + out1[9] = cast(u8, x14); + out1[10] = cast(u8, x15); + out1[11] = x16; + out1[12] = cast(u8, x4); + out1[13] = cast(u8, x17); + out1[14] = cast(u8, x18); + out1[15] = x19; + out1[16] = cast(u8, x3); + out1[17] = cast(u8, x20); + out1[18] = cast(u8, x21); + out1[19] = x22; + out1[20] = cast(u8, x2); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = x28; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3400,7 +3377,7 @@ pub fn divstep(out1: *u32, out2: *[8]u32, out3: *[8]u32, out4: *[7]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -3553,7 +3530,7 @@ pub fn divstep(out1: *u32, out2: *[8]u32, out3: *[8]u32, out4: *[7]u32, out5: *[ cmovznzU32(&x97, x96, cast(u32, 0x0), 0xffffffff); var x98: u32 = undefined; var x99: u1 = undefined; - addcarryxU32(&x98, &x99, 0x0, x83, cast(u32, cast(u1, (x97 & cast(u32, 0x1))))); + addcarryxU32(&x98, &x99, 0x0, x83, cast(u32, cast(u1, x97))); var x100: u32 = undefined; var x101: u1 = undefined; addcarryxU32(&x100, &x101, x99, x85, cast(u32, 0x0)); @@ -3586,146 +3563,145 @@ pub fn divstep(out1: *u32, out2: *[8]u32, out3: *[8]u32, out4: *[7]u32, out5: *[ cmovznzU32(&x117, x3, (arg5[5]), x108); var x118: u32 = undefined; cmovznzU32(&x118, x3, (arg5[6]), x110); - const x119 = cast(u1, (x31 & cast(u32, 0x1))); + var x119: u32 = undefined; + cmovznzU32(&x119, cast(u1, x31), cast(u32, 0x0), x7); var x120: u32 = undefined; - cmovznzU32(&x120, x119, cast(u32, 0x0), x7); + cmovznzU32(&x120, cast(u1, x31), cast(u32, 0x0), x8); var x121: u32 = undefined; - cmovznzU32(&x121, x119, cast(u32, 0x0), x8); + cmovznzU32(&x121, cast(u1, x31), cast(u32, 0x0), x9); var x122: u32 = undefined; - cmovznzU32(&x122, x119, cast(u32, 0x0), x9); + cmovznzU32(&x122, cast(u1, x31), cast(u32, 0x0), x10); var x123: u32 = undefined; - cmovznzU32(&x123, x119, cast(u32, 0x0), x10); + cmovznzU32(&x123, cast(u1, x31), cast(u32, 0x0), x11); var x124: u32 = undefined; - cmovznzU32(&x124, x119, cast(u32, 0x0), x11); + cmovznzU32(&x124, cast(u1, x31), cast(u32, 0x0), x12); var x125: u32 = undefined; - cmovznzU32(&x125, x119, cast(u32, 0x0), x12); + cmovznzU32(&x125, cast(u1, x31), cast(u32, 0x0), x13); var x126: u32 = undefined; - cmovznzU32(&x126, x119, cast(u32, 0x0), x13); + cmovznzU32(&x126, cast(u1, x31), cast(u32, 0x0), x14); var x127: u32 = undefined; - cmovznzU32(&x127, x119, cast(u32, 0x0), x14); - var x128: u32 = undefined; - var x129: u1 = undefined; - addcarryxU32(&x128, &x129, 0x0, x31, x120); - var x130: u32 = undefined; - var x131: u1 = undefined; - addcarryxU32(&x130, &x131, x129, x32, x121); - var x132: u32 = undefined; - var x133: u1 = undefined; - addcarryxU32(&x132, &x133, x131, x33, x122); - var x134: u32 = undefined; - var x135: u1 = undefined; - addcarryxU32(&x134, &x135, x133, x34, x123); - var x136: u32 = undefined; - var x137: u1 = undefined; - addcarryxU32(&x136, &x137, x135, x35, x124); - var x138: u32 = undefined; - var x139: u1 = undefined; - addcarryxU32(&x138, &x139, x137, x36, x125); - var x140: u32 = undefined; - var x141: u1 = undefined; - addcarryxU32(&x140, &x141, x139, x37, x126); - var x142: u32 = undefined; - var x143: u1 = undefined; - addcarryxU32(&x142, &x143, x141, x38, x127); + var x128: u1 = undefined; + addcarryxU32(&x127, &x128, 0x0, x31, x119); + var x129: u32 = undefined; + var x130: u1 = undefined; + addcarryxU32(&x129, &x130, x128, x32, x120); + var x131: u32 = undefined; + var x132: u1 = undefined; + addcarryxU32(&x131, &x132, x130, x33, x121); + var x133: u32 = undefined; + var x134: u1 = undefined; + addcarryxU32(&x133, &x134, x132, x34, x122); + var x135: u32 = undefined; + var x136: u1 = undefined; + addcarryxU32(&x135, &x136, x134, x35, x123); + var x137: u32 = undefined; + var x138: u1 = undefined; + addcarryxU32(&x137, &x138, x136, x36, x124); + var x139: u32 = undefined; + var x140: u1 = undefined; + addcarryxU32(&x139, &x140, x138, x37, x125); + var x141: u32 = undefined; + var x142: u1 = undefined; + addcarryxU32(&x141, &x142, x140, x38, x126); + var x143: u32 = undefined; + cmovznzU32(&x143, cast(u1, x31), cast(u32, 0x0), x39); var x144: u32 = undefined; - cmovznzU32(&x144, x119, cast(u32, 0x0), x39); + cmovznzU32(&x144, cast(u1, x31), cast(u32, 0x0), x40); var x145: u32 = undefined; - cmovznzU32(&x145, x119, cast(u32, 0x0), x40); + cmovznzU32(&x145, cast(u1, x31), cast(u32, 0x0), x41); var x146: u32 = undefined; - cmovznzU32(&x146, x119, cast(u32, 0x0), x41); + cmovznzU32(&x146, cast(u1, x31), cast(u32, 0x0), x42); var x147: u32 = undefined; - cmovznzU32(&x147, x119, cast(u32, 0x0), x42); + cmovznzU32(&x147, cast(u1, x31), cast(u32, 0x0), x43); var x148: u32 = undefined; - cmovznzU32(&x148, x119, cast(u32, 0x0), x43); + cmovznzU32(&x148, cast(u1, x31), cast(u32, 0x0), x44); var x149: u32 = undefined; - cmovznzU32(&x149, x119, cast(u32, 0x0), x44); + cmovznzU32(&x149, cast(u1, x31), cast(u32, 0x0), x45); var x150: u32 = undefined; - cmovznzU32(&x150, x119, cast(u32, 0x0), x45); - var x151: u32 = undefined; - var x152: u1 = undefined; - addcarryxU32(&x151, &x152, 0x0, x112, x144); - var x153: u32 = undefined; - var x154: u1 = undefined; - addcarryxU32(&x153, &x154, x152, x113, x145); - var x155: u32 = undefined; - var x156: u1 = undefined; - addcarryxU32(&x155, &x156, x154, x114, x146); - var x157: u32 = undefined; - var x158: u1 = undefined; - addcarryxU32(&x157, &x158, x156, x115, x147); - var x159: u32 = undefined; - var x160: u1 = undefined; - addcarryxU32(&x159, &x160, x158, x116, x148); - var x161: u32 = undefined; - var x162: u1 = undefined; - addcarryxU32(&x161, &x162, x160, x117, x149); - var x163: u32 = undefined; - var x164: u1 = undefined; - addcarryxU32(&x163, &x164, x162, x118, x150); - var x165: u32 = undefined; - var x166: u1 = undefined; - subborrowxU32(&x165, &x166, 0x0, x151, cast(u32, 0x1)); - var x167: u32 = undefined; - var x168: u1 = undefined; - subborrowxU32(&x167, &x168, x166, x153, cast(u32, 0x0)); - var x169: u32 = undefined; - var x170: u1 = undefined; - subborrowxU32(&x169, &x170, x168, x155, cast(u32, 0x0)); - var x171: u32 = undefined; - var x172: u1 = undefined; - subborrowxU32(&x171, &x172, x170, x157, 0xffffffff); - var x173: u32 = undefined; - var x174: u1 = undefined; - subborrowxU32(&x173, &x174, x172, x159, 0xffffffff); - var x175: u32 = undefined; - var x176: u1 = undefined; - subborrowxU32(&x175, &x176, x174, x161, 0xffffffff); - var x177: u32 = undefined; - var x178: u1 = undefined; - subborrowxU32(&x177, &x178, x176, x163, 0xffffffff); - var x179: u32 = undefined; - var x180: u1 = undefined; - subborrowxU32(&x179, &x180, x178, cast(u32, x164), cast(u32, 0x0)); - var x181: u32 = undefined; - var x182: u1 = undefined; - addcarryxU32(&x181, &x182, 0x0, x6, cast(u32, 0x1)); - const x183 = ((x128 >> 1) | ((x130 << 31) & 0xffffffff)); - const x184 = ((x130 >> 1) | ((x132 << 31) & 0xffffffff)); - const x185 = ((x132 >> 1) | ((x134 << 31) & 0xffffffff)); - const x186 = ((x134 >> 1) | ((x136 << 31) & 0xffffffff)); - const x187 = ((x136 >> 1) | ((x138 << 31) & 0xffffffff)); - const x188 = ((x138 >> 1) | ((x140 << 31) & 0xffffffff)); - const x189 = ((x140 >> 1) | ((x142 << 31) & 0xffffffff)); - const x190 = ((x142 & 0x80000000) | (x142 >> 1)); + var x151: u1 = undefined; + addcarryxU32(&x150, &x151, 0x0, x112, x143); + var x152: u32 = undefined; + var x153: u1 = undefined; + addcarryxU32(&x152, &x153, x151, x113, x144); + var x154: u32 = undefined; + var x155: u1 = undefined; + addcarryxU32(&x154, &x155, x153, x114, x145); + var x156: u32 = undefined; + var x157: u1 = undefined; + addcarryxU32(&x156, &x157, x155, x115, x146); + var x158: u32 = undefined; + var x159: u1 = undefined; + addcarryxU32(&x158, &x159, x157, x116, x147); + var x160: u32 = undefined; + var x161: u1 = undefined; + addcarryxU32(&x160, &x161, x159, x117, x148); + var x162: u32 = undefined; + var x163: u1 = undefined; + addcarryxU32(&x162, &x163, x161, x118, x149); + var x164: u32 = undefined; + var x165: u1 = undefined; + subborrowxU32(&x164, &x165, 0x0, x150, cast(u32, 0x1)); + var x166: u32 = undefined; + var x167: u1 = undefined; + subborrowxU32(&x166, &x167, x165, x152, cast(u32, 0x0)); + var x168: u32 = undefined; + var x169: u1 = undefined; + subborrowxU32(&x168, &x169, x167, x154, cast(u32, 0x0)); + var x170: u32 = undefined; + var x171: u1 = undefined; + subborrowxU32(&x170, &x171, x169, x156, 0xffffffff); + var x172: u32 = undefined; + var x173: u1 = undefined; + subborrowxU32(&x172, &x173, x171, x158, 0xffffffff); + var x174: u32 = undefined; + var x175: u1 = undefined; + subborrowxU32(&x174, &x175, x173, x160, 0xffffffff); + var x176: u32 = undefined; + var x177: u1 = undefined; + subborrowxU32(&x176, &x177, x175, x162, 0xffffffff); + var x178: u32 = undefined; + var x179: u1 = undefined; + subborrowxU32(&x178, &x179, x177, cast(u32, x163), cast(u32, 0x0)); + var x180: u32 = undefined; + var x181: u1 = undefined; + addcarryxU32(&x180, &x181, 0x0, x6, cast(u32, 0x1)); + const x182 = ((x127 >> 1) | ((x129 << 31) & 0xffffffff)); + const x183 = ((x129 >> 1) | ((x131 << 31) & 0xffffffff)); + const x184 = ((x131 >> 1) | ((x133 << 31) & 0xffffffff)); + const x185 = ((x133 >> 1) | ((x135 << 31) & 0xffffffff)); + const x186 = ((x135 >> 1) | ((x137 << 31) & 0xffffffff)); + const x187 = ((x137 >> 1) | ((x139 << 31) & 0xffffffff)); + const x188 = ((x139 >> 1) | ((x141 << 31) & 0xffffffff)); + const x189 = ((x141 & 0x80000000) | (x141 >> 1)); + var x190: u32 = undefined; + cmovznzU32(&x190, x75, x60, x46); var x191: u32 = undefined; - cmovznzU32(&x191, x75, x60, x46); + cmovznzU32(&x191, x75, x62, x48); var x192: u32 = undefined; - cmovznzU32(&x192, x75, x62, x48); + cmovznzU32(&x192, x75, x64, x50); var x193: u32 = undefined; - cmovznzU32(&x193, x75, x64, x50); + cmovznzU32(&x193, x75, x66, x52); var x194: u32 = undefined; - cmovznzU32(&x194, x75, x66, x52); + cmovznzU32(&x194, x75, x68, x54); var x195: u32 = undefined; - cmovznzU32(&x195, x75, x68, x54); + cmovznzU32(&x195, x75, x70, x56); var x196: u32 = undefined; - cmovznzU32(&x196, x75, x70, x56); + cmovznzU32(&x196, x75, x72, x58); var x197: u32 = undefined; - cmovznzU32(&x197, x75, x72, x58); + cmovznzU32(&x197, x179, x164, x150); var x198: u32 = undefined; - cmovznzU32(&x198, x180, x165, x151); + cmovznzU32(&x198, x179, x166, x152); var x199: u32 = undefined; - cmovznzU32(&x199, x180, x167, x153); + cmovznzU32(&x199, x179, x168, x154); var x200: u32 = undefined; - cmovznzU32(&x200, x180, x169, x155); + cmovznzU32(&x200, x179, x170, x156); var x201: u32 = undefined; - cmovznzU32(&x201, x180, x171, x157); + cmovznzU32(&x201, x179, x172, x158); var x202: u32 = undefined; - cmovznzU32(&x202, x180, x173, x159); + cmovznzU32(&x202, x179, x174, x160); var x203: u32 = undefined; - cmovznzU32(&x203, x180, x175, x161); - var x204: u32 = undefined; - cmovznzU32(&x204, x180, x177, x163); - out1.* = x181; + cmovznzU32(&x203, x179, x176, x162); + out1.* = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3734,28 +3710,28 @@ pub fn divstep(out1: *u32, out2: *[8]u32, out3: *[8]u32, out4: *[7]u32, out5: *[ out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p224_64.zig b/fiat-zig/src/p224_64.zig index 06272b3b1a..f71a00e6e0 100644 --- a/fiat-zig/src/p224_64.zig +++ b/fiat-zig/src/p224_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -844,7 +842,7 @@ pub fn sub(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme cmovznzU64(&x9, x8, cast(u64, 0x0), 0xffffffffffffffff); var x10: u64 = undefined; var x11: u1 = undefined; - addcarryxU64(&x10, &x11, 0x0, x1, cast(u64, cast(u1, (x9 & cast(u64, 0x1))))); + addcarryxU64(&x10, &x11, 0x0, x1, cast(u64, cast(u1, x9))); var x12: u64 = undefined; var x13: u1 = undefined; addcarryxU64(&x12, &x13, x11, x3, (x9 & 0xffffffff00000000)); @@ -887,7 +885,7 @@ pub fn opp(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme cmovznzU64(&x9, x8, cast(u64, 0x0), 0xffffffffffffffff); var x10: u64 = undefined; var x11: u1 = undefined; - addcarryxU64(&x10, &x11, 0x0, x1, cast(u64, cast(u1, (x9 & cast(u64, 0x1))))); + addcarryxU64(&x10, &x11, 0x0, x1, cast(u64, cast(u1, x9))); var x12: u64 = undefined; var x13: u1 = undefined; addcarryxU64(&x12, &x13, x11, x3, (x9 & 0xffffffff00000000)); @@ -1441,82 +1439,58 @@ pub fn toBytes(out1: *[28]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = cast(u8, (x50 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x52; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = cast(u8, (x27 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = x28; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1659,7 +1633,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1755,7 +1729,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x61, x60, cast(u64, 0x0), 0xffffffffffffffff); var x62: u64 = undefined; var x63: u1 = undefined; - addcarryxU64(&x62, &x63, 0x0, x53, cast(u64, cast(u1, (x61 & cast(u64, 0x1))))); + addcarryxU64(&x62, &x63, 0x0, x53, cast(u64, cast(u1, x61))); var x64: u64 = undefined; var x65: u1 = undefined; addcarryxU64(&x64, &x65, x63, x55, (x61 & 0xffffffff00000000)); @@ -1773,110 +1747,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, cast(u64, 0x1)); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0xffffffff00000000); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, 0xffffffffffffffff); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0xffffffff); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, cast(u64, 0x1)); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0xffffffff00000000); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, 0xffffffffffffffff); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0xffffffff); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p256_32.zig b/fiat-zig/src/p256_32.zig index 07e23d414b..fa7d3c83f1 100644 --- a/fiat-zig/src/p256_32.zig +++ b/fiat-zig/src/p256_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -2286,7 +2284,7 @@ pub fn sub(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme addcarryxU32(&x28, &x29, x27, x11, cast(u32, 0x0)); var x30: u32 = undefined; var x31: u1 = undefined; - addcarryxU32(&x30, &x31, x29, x13, cast(u32, cast(u1, (x17 & cast(u32, 0x1))))); + addcarryxU32(&x30, &x31, x29, x13, cast(u32, cast(u1, x17))); var x32: u32 = undefined; var x33: u1 = undefined; addcarryxU32(&x32, &x33, x31, x15, x17); @@ -2357,7 +2355,7 @@ pub fn opp(out1: *MontgomeryDomainFieldElement, arg1: MontgomeryDomainFieldEleme addcarryxU32(&x28, &x29, x27, x11, cast(u32, 0x0)); var x30: u32 = undefined; var x31: u1 = undefined; - addcarryxU32(&x30, &x31, x29, x13, cast(u32, cast(u1, (x17 & cast(u32, 0x1))))); + addcarryxU32(&x30, &x31, x29, x13, cast(u32, cast(u1, x17))); var x32: u32 = undefined; var x33: u1 = undefined; addcarryxU32(&x32, &x33, x31, x15, x17); @@ -3875,86 +3873,62 @@ pub fn toBytes(out1: *[32]u8, arg1: [8]u32) void { const x6 = (arg1[2]); const x7 = (arg1[1]); const x8 = (arg1[0]); - const x9 = cast(u8, (x8 & cast(u32, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u32, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = cast(u8, (x12 >> 8)); - const x15 = cast(u8, (x7 & cast(u32, 0xff))); - const x16 = (x7 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u32, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x6 & cast(u32, 0xff))); - const x22 = (x6 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u32, 0xff))); - const x26 = cast(u8, (x24 >> 8)); - const x27 = cast(u8, (x5 & cast(u32, 0xff))); - const x28 = (x5 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u32, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x4 & cast(u32, 0xff))); - const x34 = (x4 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u32, 0xff))); - const x38 = cast(u8, (x36 >> 8)); - const x39 = cast(u8, (x3 & cast(u32, 0xff))); - const x40 = (x3 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = cast(u8, (x2 & cast(u32, 0xff))); - const x46 = (x2 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u32, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = cast(u8, (x1 & cast(u32, 0xff))); - const x52 = (x1 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u32, 0xff))); - const x56 = cast(u8, (x54 >> 8)); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x7 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = cast(u8, (x16 >> 8)); + const x18 = (x5 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = cast(u8, (x22 >> 8)); + const x24 = (x3 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x2 >> 8); + const x28 = (x27 >> 8); + const x29 = cast(u8, (x28 >> 8)); + const x30 = (x1 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x9); + out1[2] = cast(u8, x10); + out1[3] = x11; + out1[4] = cast(u8, x7); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = x17; + out1[12] = cast(u8, x5); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = x23; + out1[20] = cast(u8, x3); + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x25); + out1[23] = x26; + out1[24] = cast(u8, x2); + out1[25] = cast(u8, x27); + out1[26] = cast(u8, x28); + out1[27] = x29; + out1[28] = cast(u8, x1); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4113,7 +4087,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -4303,7 +4277,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ addcarryxU32(&x120, &x121, x119, x103, cast(u32, 0x0)); var x122: u32 = undefined; var x123: u1 = undefined; - addcarryxU32(&x122, &x123, x121, x105, cast(u32, cast(u1, (x109 & cast(u32, 0x1))))); + addcarryxU32(&x122, &x123, x121, x105, cast(u32, cast(u1, x109))); var x124: u32 = undefined; var x125: u1 = undefined; addcarryxU32(&x124, &x125, x123, x107, x109); @@ -4323,164 +4297,163 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ cmovznzU32(&x132, x3, (arg5[6]), x122); var x133: u32 = undefined; cmovznzU32(&x133, x3, (arg5[7]), x124); - const x134 = cast(u1, (x34 & cast(u32, 0x1))); + var x134: u32 = undefined; + cmovznzU32(&x134, cast(u1, x34), cast(u32, 0x0), x7); var x135: u32 = undefined; - cmovznzU32(&x135, x134, cast(u32, 0x0), x7); + cmovznzU32(&x135, cast(u1, x34), cast(u32, 0x0), x8); var x136: u32 = undefined; - cmovznzU32(&x136, x134, cast(u32, 0x0), x8); + cmovznzU32(&x136, cast(u1, x34), cast(u32, 0x0), x9); var x137: u32 = undefined; - cmovznzU32(&x137, x134, cast(u32, 0x0), x9); + cmovznzU32(&x137, cast(u1, x34), cast(u32, 0x0), x10); var x138: u32 = undefined; - cmovznzU32(&x138, x134, cast(u32, 0x0), x10); + cmovznzU32(&x138, cast(u1, x34), cast(u32, 0x0), x11); var x139: u32 = undefined; - cmovznzU32(&x139, x134, cast(u32, 0x0), x11); + cmovznzU32(&x139, cast(u1, x34), cast(u32, 0x0), x12); var x140: u32 = undefined; - cmovznzU32(&x140, x134, cast(u32, 0x0), x12); + cmovznzU32(&x140, cast(u1, x34), cast(u32, 0x0), x13); var x141: u32 = undefined; - cmovznzU32(&x141, x134, cast(u32, 0x0), x13); + cmovznzU32(&x141, cast(u1, x34), cast(u32, 0x0), x14); var x142: u32 = undefined; - cmovznzU32(&x142, x134, cast(u32, 0x0), x14); + cmovznzU32(&x142, cast(u1, x34), cast(u32, 0x0), x15); var x143: u32 = undefined; - cmovznzU32(&x143, x134, cast(u32, 0x0), x15); - var x144: u32 = undefined; - var x145: u1 = undefined; - addcarryxU32(&x144, &x145, 0x0, x34, x135); - var x146: u32 = undefined; - var x147: u1 = undefined; - addcarryxU32(&x146, &x147, x145, x35, x136); - var x148: u32 = undefined; - var x149: u1 = undefined; - addcarryxU32(&x148, &x149, x147, x36, x137); - var x150: u32 = undefined; - var x151: u1 = undefined; - addcarryxU32(&x150, &x151, x149, x37, x138); - var x152: u32 = undefined; - var x153: u1 = undefined; - addcarryxU32(&x152, &x153, x151, x38, x139); - var x154: u32 = undefined; - var x155: u1 = undefined; - addcarryxU32(&x154, &x155, x153, x39, x140); - var x156: u32 = undefined; - var x157: u1 = undefined; - addcarryxU32(&x156, &x157, x155, x40, x141); - var x158: u32 = undefined; - var x159: u1 = undefined; - addcarryxU32(&x158, &x159, x157, x41, x142); - var x160: u32 = undefined; - var x161: u1 = undefined; - addcarryxU32(&x160, &x161, x159, x42, x143); + var x144: u1 = undefined; + addcarryxU32(&x143, &x144, 0x0, x34, x134); + var x145: u32 = undefined; + var x146: u1 = undefined; + addcarryxU32(&x145, &x146, x144, x35, x135); + var x147: u32 = undefined; + var x148: u1 = undefined; + addcarryxU32(&x147, &x148, x146, x36, x136); + var x149: u32 = undefined; + var x150: u1 = undefined; + addcarryxU32(&x149, &x150, x148, x37, x137); + var x151: u32 = undefined; + var x152: u1 = undefined; + addcarryxU32(&x151, &x152, x150, x38, x138); + var x153: u32 = undefined; + var x154: u1 = undefined; + addcarryxU32(&x153, &x154, x152, x39, x139); + var x155: u32 = undefined; + var x156: u1 = undefined; + addcarryxU32(&x155, &x156, x154, x40, x140); + var x157: u32 = undefined; + var x158: u1 = undefined; + addcarryxU32(&x157, &x158, x156, x41, x141); + var x159: u32 = undefined; + var x160: u1 = undefined; + addcarryxU32(&x159, &x160, x158, x42, x142); + var x161: u32 = undefined; + cmovznzU32(&x161, cast(u1, x34), cast(u32, 0x0), x43); var x162: u32 = undefined; - cmovznzU32(&x162, x134, cast(u32, 0x0), x43); + cmovznzU32(&x162, cast(u1, x34), cast(u32, 0x0), x44); var x163: u32 = undefined; - cmovznzU32(&x163, x134, cast(u32, 0x0), x44); + cmovznzU32(&x163, cast(u1, x34), cast(u32, 0x0), x45); var x164: u32 = undefined; - cmovznzU32(&x164, x134, cast(u32, 0x0), x45); + cmovznzU32(&x164, cast(u1, x34), cast(u32, 0x0), x46); var x165: u32 = undefined; - cmovznzU32(&x165, x134, cast(u32, 0x0), x46); + cmovznzU32(&x165, cast(u1, x34), cast(u32, 0x0), x47); var x166: u32 = undefined; - cmovznzU32(&x166, x134, cast(u32, 0x0), x47); + cmovznzU32(&x166, cast(u1, x34), cast(u32, 0x0), x48); var x167: u32 = undefined; - cmovznzU32(&x167, x134, cast(u32, 0x0), x48); + cmovznzU32(&x167, cast(u1, x34), cast(u32, 0x0), x49); var x168: u32 = undefined; - cmovznzU32(&x168, x134, cast(u32, 0x0), x49); + cmovznzU32(&x168, cast(u1, x34), cast(u32, 0x0), x50); var x169: u32 = undefined; - cmovznzU32(&x169, x134, cast(u32, 0x0), x50); - var x170: u32 = undefined; - var x171: u1 = undefined; - addcarryxU32(&x170, &x171, 0x0, x126, x162); - var x172: u32 = undefined; - var x173: u1 = undefined; - addcarryxU32(&x172, &x173, x171, x127, x163); - var x174: u32 = undefined; - var x175: u1 = undefined; - addcarryxU32(&x174, &x175, x173, x128, x164); - var x176: u32 = undefined; - var x177: u1 = undefined; - addcarryxU32(&x176, &x177, x175, x129, x165); - var x178: u32 = undefined; - var x179: u1 = undefined; - addcarryxU32(&x178, &x179, x177, x130, x166); - var x180: u32 = undefined; - var x181: u1 = undefined; - addcarryxU32(&x180, &x181, x179, x131, x167); - var x182: u32 = undefined; - var x183: u1 = undefined; - addcarryxU32(&x182, &x183, x181, x132, x168); - var x184: u32 = undefined; - var x185: u1 = undefined; - addcarryxU32(&x184, &x185, x183, x133, x169); - var x186: u32 = undefined; - var x187: u1 = undefined; - subborrowxU32(&x186, &x187, 0x0, x170, 0xffffffff); - var x188: u32 = undefined; - var x189: u1 = undefined; - subborrowxU32(&x188, &x189, x187, x172, 0xffffffff); - var x190: u32 = undefined; - var x191: u1 = undefined; - subborrowxU32(&x190, &x191, x189, x174, 0xffffffff); - var x192: u32 = undefined; - var x193: u1 = undefined; - subborrowxU32(&x192, &x193, x191, x176, cast(u32, 0x0)); - var x194: u32 = undefined; - var x195: u1 = undefined; - subborrowxU32(&x194, &x195, x193, x178, cast(u32, 0x0)); - var x196: u32 = undefined; - var x197: u1 = undefined; - subborrowxU32(&x196, &x197, x195, x180, cast(u32, 0x0)); - var x198: u32 = undefined; - var x199: u1 = undefined; - subborrowxU32(&x198, &x199, x197, x182, cast(u32, 0x1)); - var x200: u32 = undefined; - var x201: u1 = undefined; - subborrowxU32(&x200, &x201, x199, x184, 0xffffffff); - var x202: u32 = undefined; - var x203: u1 = undefined; - subborrowxU32(&x202, &x203, x201, cast(u32, x185), cast(u32, 0x0)); - var x204: u32 = undefined; - var x205: u1 = undefined; - addcarryxU32(&x204, &x205, 0x0, x6, cast(u32, 0x1)); - const x206 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - const x207 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - const x208 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - const x209 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - const x210 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - const x211 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - const x212 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - const x213 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - const x214 = ((x160 & 0x80000000) | (x160 >> 1)); + var x170: u1 = undefined; + addcarryxU32(&x169, &x170, 0x0, x126, x161); + var x171: u32 = undefined; + var x172: u1 = undefined; + addcarryxU32(&x171, &x172, x170, x127, x162); + var x173: u32 = undefined; + var x174: u1 = undefined; + addcarryxU32(&x173, &x174, x172, x128, x163); + var x175: u32 = undefined; + var x176: u1 = undefined; + addcarryxU32(&x175, &x176, x174, x129, x164); + var x177: u32 = undefined; + var x178: u1 = undefined; + addcarryxU32(&x177, &x178, x176, x130, x165); + var x179: u32 = undefined; + var x180: u1 = undefined; + addcarryxU32(&x179, &x180, x178, x131, x166); + var x181: u32 = undefined; + var x182: u1 = undefined; + addcarryxU32(&x181, &x182, x180, x132, x167); + var x183: u32 = undefined; + var x184: u1 = undefined; + addcarryxU32(&x183, &x184, x182, x133, x168); + var x185: u32 = undefined; + var x186: u1 = undefined; + subborrowxU32(&x185, &x186, 0x0, x169, 0xffffffff); + var x187: u32 = undefined; + var x188: u1 = undefined; + subborrowxU32(&x187, &x188, x186, x171, 0xffffffff); + var x189: u32 = undefined; + var x190: u1 = undefined; + subborrowxU32(&x189, &x190, x188, x173, 0xffffffff); + var x191: u32 = undefined; + var x192: u1 = undefined; + subborrowxU32(&x191, &x192, x190, x175, cast(u32, 0x0)); + var x193: u32 = undefined; + var x194: u1 = undefined; + subborrowxU32(&x193, &x194, x192, x177, cast(u32, 0x0)); + var x195: u32 = undefined; + var x196: u1 = undefined; + subborrowxU32(&x195, &x196, x194, x179, cast(u32, 0x0)); + var x197: u32 = undefined; + var x198: u1 = undefined; + subborrowxU32(&x197, &x198, x196, x181, cast(u32, 0x1)); + var x199: u32 = undefined; + var x200: u1 = undefined; + subborrowxU32(&x199, &x200, x198, x183, 0xffffffff); + var x201: u32 = undefined; + var x202: u1 = undefined; + subborrowxU32(&x201, &x202, x200, cast(u32, x184), cast(u32, 0x0)); + var x203: u32 = undefined; + var x204: u1 = undefined; + addcarryxU32(&x203, &x204, 0x0, x6, cast(u32, 0x1)); + const x205 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + const x206 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + const x207 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + const x208 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + const x209 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + const x210 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + const x211 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + const x212 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + const x213 = ((x159 & 0x80000000) | (x159 >> 1)); + var x214: u32 = undefined; + cmovznzU32(&x214, x84, x67, x51); var x215: u32 = undefined; - cmovznzU32(&x215, x84, x67, x51); + cmovznzU32(&x215, x84, x69, x53); var x216: u32 = undefined; - cmovznzU32(&x216, x84, x69, x53); + cmovznzU32(&x216, x84, x71, x55); var x217: u32 = undefined; - cmovznzU32(&x217, x84, x71, x55); + cmovznzU32(&x217, x84, x73, x57); var x218: u32 = undefined; - cmovznzU32(&x218, x84, x73, x57); + cmovznzU32(&x218, x84, x75, x59); var x219: u32 = undefined; - cmovznzU32(&x219, x84, x75, x59); + cmovznzU32(&x219, x84, x77, x61); var x220: u32 = undefined; - cmovznzU32(&x220, x84, x77, x61); + cmovznzU32(&x220, x84, x79, x63); var x221: u32 = undefined; - cmovznzU32(&x221, x84, x79, x63); + cmovznzU32(&x221, x84, x81, x65); var x222: u32 = undefined; - cmovznzU32(&x222, x84, x81, x65); + cmovznzU32(&x222, x202, x185, x169); var x223: u32 = undefined; - cmovznzU32(&x223, x203, x186, x170); + cmovznzU32(&x223, x202, x187, x171); var x224: u32 = undefined; - cmovznzU32(&x224, x203, x188, x172); + cmovznzU32(&x224, x202, x189, x173); var x225: u32 = undefined; - cmovznzU32(&x225, x203, x190, x174); + cmovznzU32(&x225, x202, x191, x175); var x226: u32 = undefined; - cmovznzU32(&x226, x203, x192, x176); + cmovznzU32(&x226, x202, x193, x177); var x227: u32 = undefined; - cmovznzU32(&x227, x203, x194, x178); + cmovznzU32(&x227, x202, x195, x179); var x228: u32 = undefined; - cmovznzU32(&x228, x203, x196, x180); + cmovznzU32(&x228, x202, x197, x181); var x229: u32 = undefined; - cmovznzU32(&x229, x203, x198, x182); - var x230: u32 = undefined; - cmovznzU32(&x230, x203, x200, x184); - out1.* = x204; + cmovznzU32(&x229, x202, x199, x183); + out1.* = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4490,31 +4463,31 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p256_64.zig b/fiat-zig/src/p256_64.zig index 75dc4d07f0..865af4cdff 100644 --- a/fiat-zig/src/p256_64.zig +++ b/fiat-zig/src/p256_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -1344,94 +1342,66 @@ pub fn toBytes(out1: *[32]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = cast(u8, x28); + out1[28] = cast(u8, x29); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1582,7 +1552,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1696,110 +1666,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, 0xffffffffffffffff); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0xffffffff); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, cast(u64, 0x0)); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0xffffffff00000001); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, 0xffffffffffffffff); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0xffffffff); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, cast(u64, 0x0)); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0xffffffff00000001); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p256_scalar_32.zig b/fiat-zig/src/p256_scalar_32.zig index d78a4b14af..0f1cdbcf86 100644 --- a/fiat-zig/src/p256_scalar_32.zig +++ b/fiat-zig/src/p256_scalar_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -4673,86 +4671,62 @@ pub fn toBytes(out1: *[32]u8, arg1: [8]u32) void { const x6 = (arg1[2]); const x7 = (arg1[1]); const x8 = (arg1[0]); - const x9 = cast(u8, (x8 & cast(u32, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u32, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = cast(u8, (x12 >> 8)); - const x15 = cast(u8, (x7 & cast(u32, 0xff))); - const x16 = (x7 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u32, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x6 & cast(u32, 0xff))); - const x22 = (x6 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u32, 0xff))); - const x26 = cast(u8, (x24 >> 8)); - const x27 = cast(u8, (x5 & cast(u32, 0xff))); - const x28 = (x5 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u32, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x4 & cast(u32, 0xff))); - const x34 = (x4 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u32, 0xff))); - const x38 = cast(u8, (x36 >> 8)); - const x39 = cast(u8, (x3 & cast(u32, 0xff))); - const x40 = (x3 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = cast(u8, (x2 & cast(u32, 0xff))); - const x46 = (x2 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u32, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = cast(u8, (x1 & cast(u32, 0xff))); - const x52 = (x1 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u32, 0xff))); - const x56 = cast(u8, (x54 >> 8)); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x7 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = cast(u8, (x16 >> 8)); + const x18 = (x5 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = cast(u8, (x22 >> 8)); + const x24 = (x3 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x2 >> 8); + const x28 = (x27 >> 8); + const x29 = cast(u8, (x28 >> 8)); + const x30 = (x1 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x9); + out1[2] = cast(u8, x10); + out1[3] = x11; + out1[4] = cast(u8, x7); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = x17; + out1[12] = cast(u8, x5); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = x23; + out1[20] = cast(u8, x3); + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x25); + out1[23] = x26; + out1[24] = cast(u8, x2); + out1[25] = cast(u8, x27); + out1[26] = cast(u8, x28); + out1[27] = x29; + out1[28] = cast(u8, x1); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4911,7 +4885,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -5121,164 +5095,163 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ cmovznzU32(&x132, x3, (arg5[6]), x122); var x133: u32 = undefined; cmovznzU32(&x133, x3, (arg5[7]), x124); - const x134 = cast(u1, (x34 & cast(u32, 0x1))); + var x134: u32 = undefined; + cmovznzU32(&x134, cast(u1, x34), cast(u32, 0x0), x7); var x135: u32 = undefined; - cmovznzU32(&x135, x134, cast(u32, 0x0), x7); + cmovznzU32(&x135, cast(u1, x34), cast(u32, 0x0), x8); var x136: u32 = undefined; - cmovznzU32(&x136, x134, cast(u32, 0x0), x8); + cmovznzU32(&x136, cast(u1, x34), cast(u32, 0x0), x9); var x137: u32 = undefined; - cmovznzU32(&x137, x134, cast(u32, 0x0), x9); + cmovznzU32(&x137, cast(u1, x34), cast(u32, 0x0), x10); var x138: u32 = undefined; - cmovznzU32(&x138, x134, cast(u32, 0x0), x10); + cmovznzU32(&x138, cast(u1, x34), cast(u32, 0x0), x11); var x139: u32 = undefined; - cmovznzU32(&x139, x134, cast(u32, 0x0), x11); + cmovznzU32(&x139, cast(u1, x34), cast(u32, 0x0), x12); var x140: u32 = undefined; - cmovznzU32(&x140, x134, cast(u32, 0x0), x12); + cmovznzU32(&x140, cast(u1, x34), cast(u32, 0x0), x13); var x141: u32 = undefined; - cmovznzU32(&x141, x134, cast(u32, 0x0), x13); + cmovznzU32(&x141, cast(u1, x34), cast(u32, 0x0), x14); var x142: u32 = undefined; - cmovznzU32(&x142, x134, cast(u32, 0x0), x14); + cmovznzU32(&x142, cast(u1, x34), cast(u32, 0x0), x15); var x143: u32 = undefined; - cmovznzU32(&x143, x134, cast(u32, 0x0), x15); - var x144: u32 = undefined; - var x145: u1 = undefined; - addcarryxU32(&x144, &x145, 0x0, x34, x135); - var x146: u32 = undefined; - var x147: u1 = undefined; - addcarryxU32(&x146, &x147, x145, x35, x136); - var x148: u32 = undefined; - var x149: u1 = undefined; - addcarryxU32(&x148, &x149, x147, x36, x137); - var x150: u32 = undefined; - var x151: u1 = undefined; - addcarryxU32(&x150, &x151, x149, x37, x138); - var x152: u32 = undefined; - var x153: u1 = undefined; - addcarryxU32(&x152, &x153, x151, x38, x139); - var x154: u32 = undefined; - var x155: u1 = undefined; - addcarryxU32(&x154, &x155, x153, x39, x140); - var x156: u32 = undefined; - var x157: u1 = undefined; - addcarryxU32(&x156, &x157, x155, x40, x141); - var x158: u32 = undefined; - var x159: u1 = undefined; - addcarryxU32(&x158, &x159, x157, x41, x142); - var x160: u32 = undefined; - var x161: u1 = undefined; - addcarryxU32(&x160, &x161, x159, x42, x143); + var x144: u1 = undefined; + addcarryxU32(&x143, &x144, 0x0, x34, x134); + var x145: u32 = undefined; + var x146: u1 = undefined; + addcarryxU32(&x145, &x146, x144, x35, x135); + var x147: u32 = undefined; + var x148: u1 = undefined; + addcarryxU32(&x147, &x148, x146, x36, x136); + var x149: u32 = undefined; + var x150: u1 = undefined; + addcarryxU32(&x149, &x150, x148, x37, x137); + var x151: u32 = undefined; + var x152: u1 = undefined; + addcarryxU32(&x151, &x152, x150, x38, x138); + var x153: u32 = undefined; + var x154: u1 = undefined; + addcarryxU32(&x153, &x154, x152, x39, x139); + var x155: u32 = undefined; + var x156: u1 = undefined; + addcarryxU32(&x155, &x156, x154, x40, x140); + var x157: u32 = undefined; + var x158: u1 = undefined; + addcarryxU32(&x157, &x158, x156, x41, x141); + var x159: u32 = undefined; + var x160: u1 = undefined; + addcarryxU32(&x159, &x160, x158, x42, x142); + var x161: u32 = undefined; + cmovznzU32(&x161, cast(u1, x34), cast(u32, 0x0), x43); var x162: u32 = undefined; - cmovznzU32(&x162, x134, cast(u32, 0x0), x43); + cmovznzU32(&x162, cast(u1, x34), cast(u32, 0x0), x44); var x163: u32 = undefined; - cmovznzU32(&x163, x134, cast(u32, 0x0), x44); + cmovznzU32(&x163, cast(u1, x34), cast(u32, 0x0), x45); var x164: u32 = undefined; - cmovznzU32(&x164, x134, cast(u32, 0x0), x45); + cmovznzU32(&x164, cast(u1, x34), cast(u32, 0x0), x46); var x165: u32 = undefined; - cmovznzU32(&x165, x134, cast(u32, 0x0), x46); + cmovznzU32(&x165, cast(u1, x34), cast(u32, 0x0), x47); var x166: u32 = undefined; - cmovznzU32(&x166, x134, cast(u32, 0x0), x47); + cmovznzU32(&x166, cast(u1, x34), cast(u32, 0x0), x48); var x167: u32 = undefined; - cmovznzU32(&x167, x134, cast(u32, 0x0), x48); + cmovznzU32(&x167, cast(u1, x34), cast(u32, 0x0), x49); var x168: u32 = undefined; - cmovznzU32(&x168, x134, cast(u32, 0x0), x49); + cmovznzU32(&x168, cast(u1, x34), cast(u32, 0x0), x50); var x169: u32 = undefined; - cmovznzU32(&x169, x134, cast(u32, 0x0), x50); - var x170: u32 = undefined; - var x171: u1 = undefined; - addcarryxU32(&x170, &x171, 0x0, x126, x162); - var x172: u32 = undefined; - var x173: u1 = undefined; - addcarryxU32(&x172, &x173, x171, x127, x163); - var x174: u32 = undefined; - var x175: u1 = undefined; - addcarryxU32(&x174, &x175, x173, x128, x164); - var x176: u32 = undefined; - var x177: u1 = undefined; - addcarryxU32(&x176, &x177, x175, x129, x165); - var x178: u32 = undefined; - var x179: u1 = undefined; - addcarryxU32(&x178, &x179, x177, x130, x166); - var x180: u32 = undefined; - var x181: u1 = undefined; - addcarryxU32(&x180, &x181, x179, x131, x167); - var x182: u32 = undefined; - var x183: u1 = undefined; - addcarryxU32(&x182, &x183, x181, x132, x168); - var x184: u32 = undefined; - var x185: u1 = undefined; - addcarryxU32(&x184, &x185, x183, x133, x169); - var x186: u32 = undefined; - var x187: u1 = undefined; - subborrowxU32(&x186, &x187, 0x0, x170, 0xfc632551); - var x188: u32 = undefined; - var x189: u1 = undefined; - subborrowxU32(&x188, &x189, x187, x172, 0xf3b9cac2); - var x190: u32 = undefined; - var x191: u1 = undefined; - subborrowxU32(&x190, &x191, x189, x174, 0xa7179e84); - var x192: u32 = undefined; - var x193: u1 = undefined; - subborrowxU32(&x192, &x193, x191, x176, 0xbce6faad); - var x194: u32 = undefined; - var x195: u1 = undefined; - subborrowxU32(&x194, &x195, x193, x178, 0xffffffff); - var x196: u32 = undefined; - var x197: u1 = undefined; - subborrowxU32(&x196, &x197, x195, x180, 0xffffffff); - var x198: u32 = undefined; - var x199: u1 = undefined; - subborrowxU32(&x198, &x199, x197, x182, cast(u32, 0x0)); - var x200: u32 = undefined; - var x201: u1 = undefined; - subborrowxU32(&x200, &x201, x199, x184, 0xffffffff); - var x202: u32 = undefined; - var x203: u1 = undefined; - subborrowxU32(&x202, &x203, x201, cast(u32, x185), cast(u32, 0x0)); - var x204: u32 = undefined; - var x205: u1 = undefined; - addcarryxU32(&x204, &x205, 0x0, x6, cast(u32, 0x1)); - const x206 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - const x207 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - const x208 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - const x209 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - const x210 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - const x211 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - const x212 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - const x213 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - const x214 = ((x160 & 0x80000000) | (x160 >> 1)); + var x170: u1 = undefined; + addcarryxU32(&x169, &x170, 0x0, x126, x161); + var x171: u32 = undefined; + var x172: u1 = undefined; + addcarryxU32(&x171, &x172, x170, x127, x162); + var x173: u32 = undefined; + var x174: u1 = undefined; + addcarryxU32(&x173, &x174, x172, x128, x163); + var x175: u32 = undefined; + var x176: u1 = undefined; + addcarryxU32(&x175, &x176, x174, x129, x164); + var x177: u32 = undefined; + var x178: u1 = undefined; + addcarryxU32(&x177, &x178, x176, x130, x165); + var x179: u32 = undefined; + var x180: u1 = undefined; + addcarryxU32(&x179, &x180, x178, x131, x166); + var x181: u32 = undefined; + var x182: u1 = undefined; + addcarryxU32(&x181, &x182, x180, x132, x167); + var x183: u32 = undefined; + var x184: u1 = undefined; + addcarryxU32(&x183, &x184, x182, x133, x168); + var x185: u32 = undefined; + var x186: u1 = undefined; + subborrowxU32(&x185, &x186, 0x0, x169, 0xfc632551); + var x187: u32 = undefined; + var x188: u1 = undefined; + subborrowxU32(&x187, &x188, x186, x171, 0xf3b9cac2); + var x189: u32 = undefined; + var x190: u1 = undefined; + subborrowxU32(&x189, &x190, x188, x173, 0xa7179e84); + var x191: u32 = undefined; + var x192: u1 = undefined; + subborrowxU32(&x191, &x192, x190, x175, 0xbce6faad); + var x193: u32 = undefined; + var x194: u1 = undefined; + subborrowxU32(&x193, &x194, x192, x177, 0xffffffff); + var x195: u32 = undefined; + var x196: u1 = undefined; + subborrowxU32(&x195, &x196, x194, x179, 0xffffffff); + var x197: u32 = undefined; + var x198: u1 = undefined; + subborrowxU32(&x197, &x198, x196, x181, cast(u32, 0x0)); + var x199: u32 = undefined; + var x200: u1 = undefined; + subborrowxU32(&x199, &x200, x198, x183, 0xffffffff); + var x201: u32 = undefined; + var x202: u1 = undefined; + subborrowxU32(&x201, &x202, x200, cast(u32, x184), cast(u32, 0x0)); + var x203: u32 = undefined; + var x204: u1 = undefined; + addcarryxU32(&x203, &x204, 0x0, x6, cast(u32, 0x1)); + const x205 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + const x206 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + const x207 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + const x208 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + const x209 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + const x210 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + const x211 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + const x212 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + const x213 = ((x159 & 0x80000000) | (x159 >> 1)); + var x214: u32 = undefined; + cmovznzU32(&x214, x84, x67, x51); var x215: u32 = undefined; - cmovznzU32(&x215, x84, x67, x51); + cmovznzU32(&x215, x84, x69, x53); var x216: u32 = undefined; - cmovznzU32(&x216, x84, x69, x53); + cmovznzU32(&x216, x84, x71, x55); var x217: u32 = undefined; - cmovznzU32(&x217, x84, x71, x55); + cmovznzU32(&x217, x84, x73, x57); var x218: u32 = undefined; - cmovznzU32(&x218, x84, x73, x57); + cmovznzU32(&x218, x84, x75, x59); var x219: u32 = undefined; - cmovznzU32(&x219, x84, x75, x59); + cmovznzU32(&x219, x84, x77, x61); var x220: u32 = undefined; - cmovznzU32(&x220, x84, x77, x61); + cmovznzU32(&x220, x84, x79, x63); var x221: u32 = undefined; - cmovznzU32(&x221, x84, x79, x63); + cmovznzU32(&x221, x84, x81, x65); var x222: u32 = undefined; - cmovznzU32(&x222, x84, x81, x65); + cmovznzU32(&x222, x202, x185, x169); var x223: u32 = undefined; - cmovznzU32(&x223, x203, x186, x170); + cmovznzU32(&x223, x202, x187, x171); var x224: u32 = undefined; - cmovznzU32(&x224, x203, x188, x172); + cmovznzU32(&x224, x202, x189, x173); var x225: u32 = undefined; - cmovznzU32(&x225, x203, x190, x174); + cmovznzU32(&x225, x202, x191, x175); var x226: u32 = undefined; - cmovznzU32(&x226, x203, x192, x176); + cmovznzU32(&x226, x202, x193, x177); var x227: u32 = undefined; - cmovznzU32(&x227, x203, x194, x178); + cmovznzU32(&x227, x202, x195, x179); var x228: u32 = undefined; - cmovznzU32(&x228, x203, x196, x180); + cmovznzU32(&x228, x202, x197, x181); var x229: u32 = undefined; - cmovznzU32(&x229, x203, x198, x182); - var x230: u32 = undefined; - cmovznzU32(&x230, x203, x200, x184); - out1.* = x204; + cmovznzU32(&x229, x202, x199, x183); + out1.* = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5288,31 +5261,31 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p256_scalar_64.zig b/fiat-zig/src/p256_scalar_64.zig index d749884731..b840ac3839 100644 --- a/fiat-zig/src/p256_scalar_64.zig +++ b/fiat-zig/src/p256_scalar_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -1548,94 +1546,66 @@ pub fn toBytes(out1: *[32]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = cast(u8, x28); + out1[28] = cast(u8, x29); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1786,7 +1756,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1900,110 +1870,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, 0xf3b9cac2fc632551); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0xbce6faada7179e84); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, 0xffffffffffffffff); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0xffffffff00000000); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, 0xf3b9cac2fc632551); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0xbce6faada7179e84); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, 0xffffffffffffffff); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0xffffffff00000000); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p384_32.zig b/fiat-zig/src/p384_32.zig index a3210804c3..856a601446 100644 --- a/fiat-zig/src/p384_32.zig +++ b/fiat-zig/src/p384_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -8888,126 +8886,90 @@ pub fn toBytes(out1: *[48]u8, arg1: [12]u32) void { const x10 = (arg1[2]); const x11 = (arg1[1]); const x12 = (arg1[0]); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u32, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x11 & cast(u32, 0xff))); - const x20 = (x11 >> 8); - const x21 = cast(u8, (x20 & cast(u32, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = cast(u8, (x22 >> 8)); - const x25 = cast(u8, (x10 & cast(u32, 0xff))); - const x26 = (x10 >> 8); - const x27 = cast(u8, (x26 & cast(u32, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = cast(u8, (x28 >> 8)); - const x31 = cast(u8, (x9 & cast(u32, 0xff))); - const x32 = (x9 >> 8); - const x33 = cast(u8, (x32 & cast(u32, 0xff))); - const x34 = (x32 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = cast(u8, (x34 >> 8)); - const x37 = cast(u8, (x8 & cast(u32, 0xff))); - const x38 = (x8 >> 8); - const x39 = cast(u8, (x38 & cast(u32, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = cast(u8, (x40 >> 8)); - const x43 = cast(u8, (x7 & cast(u32, 0xff))); - const x44 = (x7 >> 8); - const x45 = cast(u8, (x44 & cast(u32, 0xff))); - const x46 = (x44 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = cast(u8, (x46 >> 8)); - const x49 = cast(u8, (x6 & cast(u32, 0xff))); - const x50 = (x6 >> 8); - const x51 = cast(u8, (x50 & cast(u32, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = cast(u8, (x52 >> 8)); - const x55 = cast(u8, (x5 & cast(u32, 0xff))); - const x56 = (x5 >> 8); - const x57 = cast(u8, (x56 & cast(u32, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u32, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - const x61 = cast(u8, (x4 & cast(u32, 0xff))); - const x62 = (x4 >> 8); - const x63 = cast(u8, (x62 & cast(u32, 0xff))); - const x64 = (x62 >> 8); - const x65 = cast(u8, (x64 & cast(u32, 0xff))); - const x66 = cast(u8, (x64 >> 8)); - const x67 = cast(u8, (x3 & cast(u32, 0xff))); - const x68 = (x3 >> 8); - const x69 = cast(u8, (x68 & cast(u32, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u32, 0xff))); - const x72 = cast(u8, (x70 >> 8)); - const x73 = cast(u8, (x2 & cast(u32, 0xff))); - const x74 = (x2 >> 8); - const x75 = cast(u8, (x74 & cast(u32, 0xff))); - const x76 = (x74 >> 8); - const x77 = cast(u8, (x76 & cast(u32, 0xff))); - const x78 = cast(u8, (x76 >> 8)); - const x79 = cast(u8, (x1 & cast(u32, 0xff))); - const x80 = (x1 >> 8); - const x81 = cast(u8, (x80 & cast(u32, 0xff))); - const x82 = (x80 >> 8); - const x83 = cast(u8, (x82 & cast(u32, 0xff))); - const x84 = cast(u8, (x82 >> 8)); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = cast(u8, (x14 >> 8)); + const x16 = (x11 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x10 >> 8); + const x20 = (x19 >> 8); + const x21 = cast(u8, (x20 >> 8)); + const x22 = (x9 >> 8); + const x23 = (x22 >> 8); + const x24 = cast(u8, (x23 >> 8)); + const x25 = (x8 >> 8); + const x26 = (x25 >> 8); + const x27 = cast(u8, (x26 >> 8)); + const x28 = (x7 >> 8); + const x29 = (x28 >> 8); + const x30 = cast(u8, (x29 >> 8)); + const x31 = (x6 >> 8); + const x32 = (x31 >> 8); + const x33 = cast(u8, (x32 >> 8)); + const x34 = (x5 >> 8); + const x35 = (x34 >> 8); + const x36 = cast(u8, (x35 >> 8)); + const x37 = (x4 >> 8); + const x38 = (x37 >> 8); + const x39 = cast(u8, (x38 >> 8)); + const x40 = (x3 >> 8); + const x41 = (x40 >> 8); + const x42 = cast(u8, (x41 >> 8)); + const x43 = (x2 >> 8); + const x44 = (x43 >> 8); + const x45 = cast(u8, (x44 >> 8)); + const x46 = (x1 >> 8); + const x47 = (x46 >> 8); + const x48 = cast(u8, (x47 >> 8)); + out1[0] = cast(u8, x12); + out1[1] = cast(u8, x13); + out1[2] = cast(u8, x14); + out1[3] = x15; + out1[4] = cast(u8, x11); + out1[5] = cast(u8, x16); + out1[6] = cast(u8, x17); + out1[7] = x18; + out1[8] = cast(u8, x10); + out1[9] = cast(u8, x19); + out1[10] = cast(u8, x20); + out1[11] = x21; + out1[12] = cast(u8, x9); + out1[13] = cast(u8, x22); + out1[14] = cast(u8, x23); + out1[15] = x24; + out1[16] = cast(u8, x8); + out1[17] = cast(u8, x25); + out1[18] = cast(u8, x26); + out1[19] = x27; + out1[20] = cast(u8, x7); + out1[21] = cast(u8, x28); + out1[22] = cast(u8, x29); + out1[23] = x30; + out1[24] = cast(u8, x6); + out1[25] = cast(u8, x31); + out1[26] = cast(u8, x32); + out1[27] = x33; + out1[28] = cast(u8, x5); + out1[29] = cast(u8, x34); + out1[30] = cast(u8, x35); + out1[31] = x36; + out1[32] = cast(u8, x4); + out1[33] = cast(u8, x37); + out1[34] = cast(u8, x38); + out1[35] = x39; + out1[36] = cast(u8, x3); + out1[37] = cast(u8, x40); + out1[38] = cast(u8, x41); + out1[39] = x42; + out1[40] = cast(u8, x2); + out1[41] = cast(u8, x43); + out1[42] = cast(u8, x44); + out1[43] = x45; + out1[44] = cast(u8, x1); + out1[45] = cast(u8, x46); + out1[46] = cast(u8, x47); + out1[47] = x48; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -9206,7 +9168,7 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -9512,236 +9474,235 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: cmovznzU32(&x192, x3, (arg5[10]), x178); var x193: u32 = undefined; cmovznzU32(&x193, x3, (arg5[11]), x180); - const x194 = cast(u1, (x46 & cast(u32, 0x1))); + var x194: u32 = undefined; + cmovznzU32(&x194, cast(u1, x46), cast(u32, 0x0), x7); var x195: u32 = undefined; - cmovznzU32(&x195, x194, cast(u32, 0x0), x7); + cmovznzU32(&x195, cast(u1, x46), cast(u32, 0x0), x8); var x196: u32 = undefined; - cmovznzU32(&x196, x194, cast(u32, 0x0), x8); + cmovznzU32(&x196, cast(u1, x46), cast(u32, 0x0), x9); var x197: u32 = undefined; - cmovznzU32(&x197, x194, cast(u32, 0x0), x9); + cmovznzU32(&x197, cast(u1, x46), cast(u32, 0x0), x10); var x198: u32 = undefined; - cmovznzU32(&x198, x194, cast(u32, 0x0), x10); + cmovznzU32(&x198, cast(u1, x46), cast(u32, 0x0), x11); var x199: u32 = undefined; - cmovznzU32(&x199, x194, cast(u32, 0x0), x11); + cmovznzU32(&x199, cast(u1, x46), cast(u32, 0x0), x12); var x200: u32 = undefined; - cmovznzU32(&x200, x194, cast(u32, 0x0), x12); + cmovznzU32(&x200, cast(u1, x46), cast(u32, 0x0), x13); var x201: u32 = undefined; - cmovznzU32(&x201, x194, cast(u32, 0x0), x13); + cmovznzU32(&x201, cast(u1, x46), cast(u32, 0x0), x14); var x202: u32 = undefined; - cmovznzU32(&x202, x194, cast(u32, 0x0), x14); + cmovznzU32(&x202, cast(u1, x46), cast(u32, 0x0), x15); var x203: u32 = undefined; - cmovznzU32(&x203, x194, cast(u32, 0x0), x15); + cmovznzU32(&x203, cast(u1, x46), cast(u32, 0x0), x16); var x204: u32 = undefined; - cmovznzU32(&x204, x194, cast(u32, 0x0), x16); + cmovznzU32(&x204, cast(u1, x46), cast(u32, 0x0), x17); var x205: u32 = undefined; - cmovznzU32(&x205, x194, cast(u32, 0x0), x17); + cmovznzU32(&x205, cast(u1, x46), cast(u32, 0x0), x18); var x206: u32 = undefined; - cmovznzU32(&x206, x194, cast(u32, 0x0), x18); + cmovznzU32(&x206, cast(u1, x46), cast(u32, 0x0), x19); var x207: u32 = undefined; - cmovznzU32(&x207, x194, cast(u32, 0x0), x19); - var x208: u32 = undefined; - var x209: u1 = undefined; - addcarryxU32(&x208, &x209, 0x0, x46, x195); - var x210: u32 = undefined; - var x211: u1 = undefined; - addcarryxU32(&x210, &x211, x209, x47, x196); - var x212: u32 = undefined; - var x213: u1 = undefined; - addcarryxU32(&x212, &x213, x211, x48, x197); - var x214: u32 = undefined; - var x215: u1 = undefined; - addcarryxU32(&x214, &x215, x213, x49, x198); - var x216: u32 = undefined; - var x217: u1 = undefined; - addcarryxU32(&x216, &x217, x215, x50, x199); - var x218: u32 = undefined; - var x219: u1 = undefined; - addcarryxU32(&x218, &x219, x217, x51, x200); - var x220: u32 = undefined; - var x221: u1 = undefined; - addcarryxU32(&x220, &x221, x219, x52, x201); - var x222: u32 = undefined; - var x223: u1 = undefined; - addcarryxU32(&x222, &x223, x221, x53, x202); - var x224: u32 = undefined; - var x225: u1 = undefined; - addcarryxU32(&x224, &x225, x223, x54, x203); - var x226: u32 = undefined; - var x227: u1 = undefined; - addcarryxU32(&x226, &x227, x225, x55, x204); - var x228: u32 = undefined; - var x229: u1 = undefined; - addcarryxU32(&x228, &x229, x227, x56, x205); - var x230: u32 = undefined; - var x231: u1 = undefined; - addcarryxU32(&x230, &x231, x229, x57, x206); - var x232: u32 = undefined; - var x233: u1 = undefined; - addcarryxU32(&x232, &x233, x231, x58, x207); + var x208: u1 = undefined; + addcarryxU32(&x207, &x208, 0x0, x46, x194); + var x209: u32 = undefined; + var x210: u1 = undefined; + addcarryxU32(&x209, &x210, x208, x47, x195); + var x211: u32 = undefined; + var x212: u1 = undefined; + addcarryxU32(&x211, &x212, x210, x48, x196); + var x213: u32 = undefined; + var x214: u1 = undefined; + addcarryxU32(&x213, &x214, x212, x49, x197); + var x215: u32 = undefined; + var x216: u1 = undefined; + addcarryxU32(&x215, &x216, x214, x50, x198); + var x217: u32 = undefined; + var x218: u1 = undefined; + addcarryxU32(&x217, &x218, x216, x51, x199); + var x219: u32 = undefined; + var x220: u1 = undefined; + addcarryxU32(&x219, &x220, x218, x52, x200); + var x221: u32 = undefined; + var x222: u1 = undefined; + addcarryxU32(&x221, &x222, x220, x53, x201); + var x223: u32 = undefined; + var x224: u1 = undefined; + addcarryxU32(&x223, &x224, x222, x54, x202); + var x225: u32 = undefined; + var x226: u1 = undefined; + addcarryxU32(&x225, &x226, x224, x55, x203); + var x227: u32 = undefined; + var x228: u1 = undefined; + addcarryxU32(&x227, &x228, x226, x56, x204); + var x229: u32 = undefined; + var x230: u1 = undefined; + addcarryxU32(&x229, &x230, x228, x57, x205); + var x231: u32 = undefined; + var x232: u1 = undefined; + addcarryxU32(&x231, &x232, x230, x58, x206); + var x233: u32 = undefined; + cmovznzU32(&x233, cast(u1, x46), cast(u32, 0x0), x59); var x234: u32 = undefined; - cmovznzU32(&x234, x194, cast(u32, 0x0), x59); + cmovznzU32(&x234, cast(u1, x46), cast(u32, 0x0), x60); var x235: u32 = undefined; - cmovznzU32(&x235, x194, cast(u32, 0x0), x60); + cmovznzU32(&x235, cast(u1, x46), cast(u32, 0x0), x61); var x236: u32 = undefined; - cmovznzU32(&x236, x194, cast(u32, 0x0), x61); + cmovznzU32(&x236, cast(u1, x46), cast(u32, 0x0), x62); var x237: u32 = undefined; - cmovznzU32(&x237, x194, cast(u32, 0x0), x62); + cmovznzU32(&x237, cast(u1, x46), cast(u32, 0x0), x63); var x238: u32 = undefined; - cmovznzU32(&x238, x194, cast(u32, 0x0), x63); + cmovznzU32(&x238, cast(u1, x46), cast(u32, 0x0), x64); var x239: u32 = undefined; - cmovznzU32(&x239, x194, cast(u32, 0x0), x64); + cmovznzU32(&x239, cast(u1, x46), cast(u32, 0x0), x65); var x240: u32 = undefined; - cmovznzU32(&x240, x194, cast(u32, 0x0), x65); + cmovznzU32(&x240, cast(u1, x46), cast(u32, 0x0), x66); var x241: u32 = undefined; - cmovznzU32(&x241, x194, cast(u32, 0x0), x66); + cmovznzU32(&x241, cast(u1, x46), cast(u32, 0x0), x67); var x242: u32 = undefined; - cmovznzU32(&x242, x194, cast(u32, 0x0), x67); + cmovznzU32(&x242, cast(u1, x46), cast(u32, 0x0), x68); var x243: u32 = undefined; - cmovznzU32(&x243, x194, cast(u32, 0x0), x68); + cmovznzU32(&x243, cast(u1, x46), cast(u32, 0x0), x69); var x244: u32 = undefined; - cmovznzU32(&x244, x194, cast(u32, 0x0), x69); + cmovznzU32(&x244, cast(u1, x46), cast(u32, 0x0), x70); var x245: u32 = undefined; - cmovznzU32(&x245, x194, cast(u32, 0x0), x70); - var x246: u32 = undefined; - var x247: u1 = undefined; - addcarryxU32(&x246, &x247, 0x0, x182, x234); - var x248: u32 = undefined; - var x249: u1 = undefined; - addcarryxU32(&x248, &x249, x247, x183, x235); - var x250: u32 = undefined; - var x251: u1 = undefined; - addcarryxU32(&x250, &x251, x249, x184, x236); - var x252: u32 = undefined; - var x253: u1 = undefined; - addcarryxU32(&x252, &x253, x251, x185, x237); - var x254: u32 = undefined; - var x255: u1 = undefined; - addcarryxU32(&x254, &x255, x253, x186, x238); - var x256: u32 = undefined; - var x257: u1 = undefined; - addcarryxU32(&x256, &x257, x255, x187, x239); - var x258: u32 = undefined; - var x259: u1 = undefined; - addcarryxU32(&x258, &x259, x257, x188, x240); - var x260: u32 = undefined; - var x261: u1 = undefined; - addcarryxU32(&x260, &x261, x259, x189, x241); - var x262: u32 = undefined; - var x263: u1 = undefined; - addcarryxU32(&x262, &x263, x261, x190, x242); - var x264: u32 = undefined; - var x265: u1 = undefined; - addcarryxU32(&x264, &x265, x263, x191, x243); - var x266: u32 = undefined; - var x267: u1 = undefined; - addcarryxU32(&x266, &x267, x265, x192, x244); - var x268: u32 = undefined; - var x269: u1 = undefined; - addcarryxU32(&x268, &x269, x267, x193, x245); - var x270: u32 = undefined; - var x271: u1 = undefined; - subborrowxU32(&x270, &x271, 0x0, x246, 0xffffffff); - var x272: u32 = undefined; - var x273: u1 = undefined; - subborrowxU32(&x272, &x273, x271, x248, cast(u32, 0x0)); - var x274: u32 = undefined; - var x275: u1 = undefined; - subborrowxU32(&x274, &x275, x273, x250, cast(u32, 0x0)); - var x276: u32 = undefined; - var x277: u1 = undefined; - subborrowxU32(&x276, &x277, x275, x252, 0xffffffff); - var x278: u32 = undefined; - var x279: u1 = undefined; - subborrowxU32(&x278, &x279, x277, x254, 0xfffffffe); - var x280: u32 = undefined; - var x281: u1 = undefined; - subborrowxU32(&x280, &x281, x279, x256, 0xffffffff); - var x282: u32 = undefined; - var x283: u1 = undefined; - subborrowxU32(&x282, &x283, x281, x258, 0xffffffff); - var x284: u32 = undefined; - var x285: u1 = undefined; - subborrowxU32(&x284, &x285, x283, x260, 0xffffffff); - var x286: u32 = undefined; - var x287: u1 = undefined; - subborrowxU32(&x286, &x287, x285, x262, 0xffffffff); - var x288: u32 = undefined; - var x289: u1 = undefined; - subborrowxU32(&x288, &x289, x287, x264, 0xffffffff); - var x290: u32 = undefined; - var x291: u1 = undefined; - subborrowxU32(&x290, &x291, x289, x266, 0xffffffff); - var x292: u32 = undefined; - var x293: u1 = undefined; - subborrowxU32(&x292, &x293, x291, x268, 0xffffffff); - var x294: u32 = undefined; - var x295: u1 = undefined; - subborrowxU32(&x294, &x295, x293, cast(u32, x269), cast(u32, 0x0)); - var x296: u32 = undefined; - var x297: u1 = undefined; - addcarryxU32(&x296, &x297, 0x0, x6, cast(u32, 0x1)); - const x298 = ((x208 >> 1) | ((x210 << 31) & 0xffffffff)); - const x299 = ((x210 >> 1) | ((x212 << 31) & 0xffffffff)); - const x300 = ((x212 >> 1) | ((x214 << 31) & 0xffffffff)); - const x301 = ((x214 >> 1) | ((x216 << 31) & 0xffffffff)); - const x302 = ((x216 >> 1) | ((x218 << 31) & 0xffffffff)); - const x303 = ((x218 >> 1) | ((x220 << 31) & 0xffffffff)); - const x304 = ((x220 >> 1) | ((x222 << 31) & 0xffffffff)); - const x305 = ((x222 >> 1) | ((x224 << 31) & 0xffffffff)); - const x306 = ((x224 >> 1) | ((x226 << 31) & 0xffffffff)); - const x307 = ((x226 >> 1) | ((x228 << 31) & 0xffffffff)); - const x308 = ((x228 >> 1) | ((x230 << 31) & 0xffffffff)); - const x309 = ((x230 >> 1) | ((x232 << 31) & 0xffffffff)); - const x310 = ((x232 & 0x80000000) | (x232 >> 1)); + var x246: u1 = undefined; + addcarryxU32(&x245, &x246, 0x0, x182, x233); + var x247: u32 = undefined; + var x248: u1 = undefined; + addcarryxU32(&x247, &x248, x246, x183, x234); + var x249: u32 = undefined; + var x250: u1 = undefined; + addcarryxU32(&x249, &x250, x248, x184, x235); + var x251: u32 = undefined; + var x252: u1 = undefined; + addcarryxU32(&x251, &x252, x250, x185, x236); + var x253: u32 = undefined; + var x254: u1 = undefined; + addcarryxU32(&x253, &x254, x252, x186, x237); + var x255: u32 = undefined; + var x256: u1 = undefined; + addcarryxU32(&x255, &x256, x254, x187, x238); + var x257: u32 = undefined; + var x258: u1 = undefined; + addcarryxU32(&x257, &x258, x256, x188, x239); + var x259: u32 = undefined; + var x260: u1 = undefined; + addcarryxU32(&x259, &x260, x258, x189, x240); + var x261: u32 = undefined; + var x262: u1 = undefined; + addcarryxU32(&x261, &x262, x260, x190, x241); + var x263: u32 = undefined; + var x264: u1 = undefined; + addcarryxU32(&x263, &x264, x262, x191, x242); + var x265: u32 = undefined; + var x266: u1 = undefined; + addcarryxU32(&x265, &x266, x264, x192, x243); + var x267: u32 = undefined; + var x268: u1 = undefined; + addcarryxU32(&x267, &x268, x266, x193, x244); + var x269: u32 = undefined; + var x270: u1 = undefined; + subborrowxU32(&x269, &x270, 0x0, x245, 0xffffffff); + var x271: u32 = undefined; + var x272: u1 = undefined; + subborrowxU32(&x271, &x272, x270, x247, cast(u32, 0x0)); + var x273: u32 = undefined; + var x274: u1 = undefined; + subborrowxU32(&x273, &x274, x272, x249, cast(u32, 0x0)); + var x275: u32 = undefined; + var x276: u1 = undefined; + subborrowxU32(&x275, &x276, x274, x251, 0xffffffff); + var x277: u32 = undefined; + var x278: u1 = undefined; + subborrowxU32(&x277, &x278, x276, x253, 0xfffffffe); + var x279: u32 = undefined; + var x280: u1 = undefined; + subborrowxU32(&x279, &x280, x278, x255, 0xffffffff); + var x281: u32 = undefined; + var x282: u1 = undefined; + subborrowxU32(&x281, &x282, x280, x257, 0xffffffff); + var x283: u32 = undefined; + var x284: u1 = undefined; + subborrowxU32(&x283, &x284, x282, x259, 0xffffffff); + var x285: u32 = undefined; + var x286: u1 = undefined; + subborrowxU32(&x285, &x286, x284, x261, 0xffffffff); + var x287: u32 = undefined; + var x288: u1 = undefined; + subborrowxU32(&x287, &x288, x286, x263, 0xffffffff); + var x289: u32 = undefined; + var x290: u1 = undefined; + subborrowxU32(&x289, &x290, x288, x265, 0xffffffff); + var x291: u32 = undefined; + var x292: u1 = undefined; + subborrowxU32(&x291, &x292, x290, x267, 0xffffffff); + var x293: u32 = undefined; + var x294: u1 = undefined; + subborrowxU32(&x293, &x294, x292, cast(u32, x268), cast(u32, 0x0)); + var x295: u32 = undefined; + var x296: u1 = undefined; + addcarryxU32(&x295, &x296, 0x0, x6, cast(u32, 0x1)); + const x297 = ((x207 >> 1) | ((x209 << 31) & 0xffffffff)); + const x298 = ((x209 >> 1) | ((x211 << 31) & 0xffffffff)); + const x299 = ((x211 >> 1) | ((x213 << 31) & 0xffffffff)); + const x300 = ((x213 >> 1) | ((x215 << 31) & 0xffffffff)); + const x301 = ((x215 >> 1) | ((x217 << 31) & 0xffffffff)); + const x302 = ((x217 >> 1) | ((x219 << 31) & 0xffffffff)); + const x303 = ((x219 >> 1) | ((x221 << 31) & 0xffffffff)); + const x304 = ((x221 >> 1) | ((x223 << 31) & 0xffffffff)); + const x305 = ((x223 >> 1) | ((x225 << 31) & 0xffffffff)); + const x306 = ((x225 >> 1) | ((x227 << 31) & 0xffffffff)); + const x307 = ((x227 >> 1) | ((x229 << 31) & 0xffffffff)); + const x308 = ((x229 >> 1) | ((x231 << 31) & 0xffffffff)); + const x309 = ((x231 & 0x80000000) | (x231 >> 1)); + var x310: u32 = undefined; + cmovznzU32(&x310, x120, x95, x71); var x311: u32 = undefined; - cmovznzU32(&x311, x120, x95, x71); + cmovznzU32(&x311, x120, x97, x73); var x312: u32 = undefined; - cmovznzU32(&x312, x120, x97, x73); + cmovznzU32(&x312, x120, x99, x75); var x313: u32 = undefined; - cmovznzU32(&x313, x120, x99, x75); + cmovznzU32(&x313, x120, x101, x77); var x314: u32 = undefined; - cmovznzU32(&x314, x120, x101, x77); + cmovznzU32(&x314, x120, x103, x79); var x315: u32 = undefined; - cmovznzU32(&x315, x120, x103, x79); + cmovznzU32(&x315, x120, x105, x81); var x316: u32 = undefined; - cmovznzU32(&x316, x120, x105, x81); + cmovznzU32(&x316, x120, x107, x83); var x317: u32 = undefined; - cmovznzU32(&x317, x120, x107, x83); + cmovznzU32(&x317, x120, x109, x85); var x318: u32 = undefined; - cmovznzU32(&x318, x120, x109, x85); + cmovznzU32(&x318, x120, x111, x87); var x319: u32 = undefined; - cmovznzU32(&x319, x120, x111, x87); + cmovznzU32(&x319, x120, x113, x89); var x320: u32 = undefined; - cmovznzU32(&x320, x120, x113, x89); + cmovznzU32(&x320, x120, x115, x91); var x321: u32 = undefined; - cmovznzU32(&x321, x120, x115, x91); + cmovznzU32(&x321, x120, x117, x93); var x322: u32 = undefined; - cmovznzU32(&x322, x120, x117, x93); + cmovznzU32(&x322, x294, x269, x245); var x323: u32 = undefined; - cmovznzU32(&x323, x295, x270, x246); + cmovznzU32(&x323, x294, x271, x247); var x324: u32 = undefined; - cmovznzU32(&x324, x295, x272, x248); + cmovznzU32(&x324, x294, x273, x249); var x325: u32 = undefined; - cmovznzU32(&x325, x295, x274, x250); + cmovznzU32(&x325, x294, x275, x251); var x326: u32 = undefined; - cmovznzU32(&x326, x295, x276, x252); + cmovznzU32(&x326, x294, x277, x253); var x327: u32 = undefined; - cmovznzU32(&x327, x295, x278, x254); + cmovznzU32(&x327, x294, x279, x255); var x328: u32 = undefined; - cmovznzU32(&x328, x295, x280, x256); + cmovznzU32(&x328, x294, x281, x257); var x329: u32 = undefined; - cmovznzU32(&x329, x295, x282, x258); + cmovznzU32(&x329, x294, x283, x259); var x330: u32 = undefined; - cmovznzU32(&x330, x295, x284, x260); + cmovznzU32(&x330, x294, x285, x261); var x331: u32 = undefined; - cmovznzU32(&x331, x295, x286, x262); + cmovznzU32(&x331, x294, x287, x263); var x332: u32 = undefined; - cmovznzU32(&x332, x295, x288, x264); + cmovznzU32(&x332, x294, x289, x265); var x333: u32 = undefined; - cmovznzU32(&x333, x295, x290, x266); - var x334: u32 = undefined; - cmovznzU32(&x334, x295, x292, x268); - out1.* = x296; + cmovznzU32(&x333, x294, x291, x267); + out1.* = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -9755,43 +9716,43 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p384_64.zig b/fiat-zig/src/p384_64.zig index 2d7e525129..a3cdeeb326 100644 --- a/fiat-zig/src/p384_64.zig +++ b/fiat-zig/src/p384_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -2948,138 +2946,96 @@ pub fn toBytes(out1: *[48]u8, arg1: [6]u64) void { const x4 = (arg1[2]); const x5 = (arg1[1]); const x6 = (arg1[0]); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u64, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x5 & cast(u64, 0xff))); - const x22 = (x5 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = (x30 >> 8); - const x33 = cast(u8, (x32 & cast(u64, 0xff))); - const x34 = cast(u8, (x32 >> 8)); - const x35 = cast(u8, (x4 & cast(u64, 0xff))); - const x36 = (x4 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = (x44 >> 8); - const x47 = cast(u8, (x46 & cast(u64, 0xff))); - const x48 = cast(u8, (x46 >> 8)); - const x49 = cast(u8, (x3 & cast(u64, 0xff))); - const x50 = (x3 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = (x58 >> 8); - const x61 = cast(u8, (x60 & cast(u64, 0xff))); - const x62 = cast(u8, (x60 >> 8)); - const x63 = cast(u8, (x2 & cast(u64, 0xff))); - const x64 = (x2 >> 8); - const x65 = cast(u8, (x64 & cast(u64, 0xff))); - const x66 = (x64 >> 8); - const x67 = cast(u8, (x66 & cast(u64, 0xff))); - const x68 = (x66 >> 8); - const x69 = cast(u8, (x68 & cast(u64, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u64, 0xff))); - const x72 = (x70 >> 8); - const x73 = cast(u8, (x72 & cast(u64, 0xff))); - const x74 = (x72 >> 8); - const x75 = cast(u8, (x74 & cast(u64, 0xff))); - const x76 = cast(u8, (x74 >> 8)); - const x77 = cast(u8, (x1 & cast(u64, 0xff))); - const x78 = (x1 >> 8); - const x79 = cast(u8, (x78 & cast(u64, 0xff))); - const x80 = (x78 >> 8); - const x81 = cast(u8, (x80 & cast(u64, 0xff))); - const x82 = (x80 >> 8); - const x83 = cast(u8, (x82 & cast(u64, 0xff))); - const x84 = (x82 >> 8); - const x85 = cast(u8, (x84 & cast(u64, 0xff))); - const x86 = (x84 >> 8); - const x87 = cast(u8, (x86 & cast(u64, 0xff))); - const x88 = (x86 >> 8); - const x89 = cast(u8, (x88 & cast(u64, 0xff))); - const x90 = cast(u8, (x88 >> 8)); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = (x10 >> 8); + const x12 = (x11 >> 8); + const x13 = cast(u8, (x12 >> 8)); + const x14 = (x5 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = (x17 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = (x24 >> 8); + const x26 = (x25 >> 8); + const x27 = cast(u8, (x26 >> 8)); + const x28 = (x3 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = (x31 >> 8); + const x33 = (x32 >> 8); + const x34 = cast(u8, (x33 >> 8)); + const x35 = (x2 >> 8); + const x36 = (x35 >> 8); + const x37 = (x36 >> 8); + const x38 = (x37 >> 8); + const x39 = (x38 >> 8); + const x40 = (x39 >> 8); + const x41 = cast(u8, (x40 >> 8)); + const x42 = (x1 >> 8); + const x43 = (x42 >> 8); + const x44 = (x43 >> 8); + const x45 = (x44 >> 8); + const x46 = (x45 >> 8); + const x47 = (x46 >> 8); + const x48 = cast(u8, (x47 >> 8)); + out1[0] = cast(u8, x6); + out1[1] = cast(u8, x7); + out1[2] = cast(u8, x8); + out1[3] = cast(u8, x9); + out1[4] = cast(u8, x10); + out1[5] = cast(u8, x11); + out1[6] = cast(u8, x12); + out1[7] = x13; + out1[8] = cast(u8, x5); + out1[9] = cast(u8, x14); + out1[10] = cast(u8, x15); + out1[11] = cast(u8, x16); + out1[12] = cast(u8, x17); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = cast(u8, x23); + out1[20] = cast(u8, x24); + out1[21] = cast(u8, x25); + out1[22] = cast(u8, x26); + out1[23] = x27; + out1[24] = cast(u8, x3); + out1[25] = cast(u8, x28); + out1[26] = cast(u8, x29); + out1[27] = cast(u8, x30); + out1[28] = cast(u8, x31); + out1[29] = cast(u8, x32); + out1[30] = cast(u8, x33); + out1[31] = x34; + out1[32] = cast(u8, x2); + out1[33] = cast(u8, x35); + out1[34] = cast(u8, x36); + out1[35] = cast(u8, x37); + out1[36] = cast(u8, x38); + out1[37] = cast(u8, x39); + out1[38] = cast(u8, x40); + out1[39] = x41; + out1[40] = cast(u8, x1); + out1[41] = cast(u8, x42); + out1[42] = cast(u8, x43); + out1[43] = cast(u8, x44); + out1[44] = cast(u8, x45); + out1[45] = cast(u8, x46); + out1[46] = cast(u8, x47); + out1[47] = x48; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3266,7 +3222,7 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -3428,128 +3384,127 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ cmovznzU64(&x102, x3, (arg5[4]), x94); var x103: u64 = undefined; cmovznzU64(&x103, x3, (arg5[5]), x96); - const x104 = cast(u1, (x28 & cast(u64, 0x1))); + var x104: u64 = undefined; + cmovznzU64(&x104, cast(u1, x28), cast(u64, 0x0), x7); var x105: u64 = undefined; - cmovznzU64(&x105, x104, cast(u64, 0x0), x7); + cmovznzU64(&x105, cast(u1, x28), cast(u64, 0x0), x8); var x106: u64 = undefined; - cmovznzU64(&x106, x104, cast(u64, 0x0), x8); + cmovznzU64(&x106, cast(u1, x28), cast(u64, 0x0), x9); var x107: u64 = undefined; - cmovznzU64(&x107, x104, cast(u64, 0x0), x9); + cmovznzU64(&x107, cast(u1, x28), cast(u64, 0x0), x10); var x108: u64 = undefined; - cmovznzU64(&x108, x104, cast(u64, 0x0), x10); + cmovznzU64(&x108, cast(u1, x28), cast(u64, 0x0), x11); var x109: u64 = undefined; - cmovznzU64(&x109, x104, cast(u64, 0x0), x11); + cmovznzU64(&x109, cast(u1, x28), cast(u64, 0x0), x12); var x110: u64 = undefined; - cmovznzU64(&x110, x104, cast(u64, 0x0), x12); + cmovznzU64(&x110, cast(u1, x28), cast(u64, 0x0), x13); var x111: u64 = undefined; - cmovznzU64(&x111, x104, cast(u64, 0x0), x13); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x28, x105); - var x114: u64 = undefined; - var x115: u1 = undefined; - addcarryxU64(&x114, &x115, x113, x29, x106); - var x116: u64 = undefined; - var x117: u1 = undefined; - addcarryxU64(&x116, &x117, x115, x30, x107); - var x118: u64 = undefined; - var x119: u1 = undefined; - addcarryxU64(&x118, &x119, x117, x31, x108); - var x120: u64 = undefined; - var x121: u1 = undefined; - addcarryxU64(&x120, &x121, x119, x32, x109); - var x122: u64 = undefined; - var x123: u1 = undefined; - addcarryxU64(&x122, &x123, x121, x33, x110); - var x124: u64 = undefined; - var x125: u1 = undefined; - addcarryxU64(&x124, &x125, x123, x34, x111); + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x28, x104); + var x113: u64 = undefined; + var x114: u1 = undefined; + addcarryxU64(&x113, &x114, x112, x29, x105); + var x115: u64 = undefined; + var x116: u1 = undefined; + addcarryxU64(&x115, &x116, x114, x30, x106); + var x117: u64 = undefined; + var x118: u1 = undefined; + addcarryxU64(&x117, &x118, x116, x31, x107); + var x119: u64 = undefined; + var x120: u1 = undefined; + addcarryxU64(&x119, &x120, x118, x32, x108); + var x121: u64 = undefined; + var x122: u1 = undefined; + addcarryxU64(&x121, &x122, x120, x33, x109); + var x123: u64 = undefined; + var x124: u1 = undefined; + addcarryxU64(&x123, &x124, x122, x34, x110); + var x125: u64 = undefined; + cmovznzU64(&x125, cast(u1, x28), cast(u64, 0x0), x35); var x126: u64 = undefined; - cmovznzU64(&x126, x104, cast(u64, 0x0), x35); + cmovznzU64(&x126, cast(u1, x28), cast(u64, 0x0), x36); var x127: u64 = undefined; - cmovznzU64(&x127, x104, cast(u64, 0x0), x36); + cmovznzU64(&x127, cast(u1, x28), cast(u64, 0x0), x37); var x128: u64 = undefined; - cmovznzU64(&x128, x104, cast(u64, 0x0), x37); + cmovznzU64(&x128, cast(u1, x28), cast(u64, 0x0), x38); var x129: u64 = undefined; - cmovznzU64(&x129, x104, cast(u64, 0x0), x38); + cmovznzU64(&x129, cast(u1, x28), cast(u64, 0x0), x39); var x130: u64 = undefined; - cmovznzU64(&x130, x104, cast(u64, 0x0), x39); + cmovznzU64(&x130, cast(u1, x28), cast(u64, 0x0), x40); var x131: u64 = undefined; - cmovznzU64(&x131, x104, cast(u64, 0x0), x40); - var x132: u64 = undefined; - var x133: u1 = undefined; - addcarryxU64(&x132, &x133, 0x0, x98, x126); - var x134: u64 = undefined; - var x135: u1 = undefined; - addcarryxU64(&x134, &x135, x133, x99, x127); - var x136: u64 = undefined; - var x137: u1 = undefined; - addcarryxU64(&x136, &x137, x135, x100, x128); - var x138: u64 = undefined; - var x139: u1 = undefined; - addcarryxU64(&x138, &x139, x137, x101, x129); - var x140: u64 = undefined; - var x141: u1 = undefined; - addcarryxU64(&x140, &x141, x139, x102, x130); - var x142: u64 = undefined; - var x143: u1 = undefined; - addcarryxU64(&x142, &x143, x141, x103, x131); - var x144: u64 = undefined; - var x145: u1 = undefined; - subborrowxU64(&x144, &x145, 0x0, x132, 0xffffffff); - var x146: u64 = undefined; - var x147: u1 = undefined; - subborrowxU64(&x146, &x147, x145, x134, 0xffffffff00000000); - var x148: u64 = undefined; - var x149: u1 = undefined; - subborrowxU64(&x148, &x149, x147, x136, 0xfffffffffffffffe); - var x150: u64 = undefined; - var x151: u1 = undefined; - subborrowxU64(&x150, &x151, x149, x138, 0xffffffffffffffff); - var x152: u64 = undefined; - var x153: u1 = undefined; - subborrowxU64(&x152, &x153, x151, x140, 0xffffffffffffffff); - var x154: u64 = undefined; - var x155: u1 = undefined; - subborrowxU64(&x154, &x155, x153, x142, 0xffffffffffffffff); - var x156: u64 = undefined; - var x157: u1 = undefined; - subborrowxU64(&x156, &x157, x155, cast(u64, x143), cast(u64, 0x0)); - var x158: u64 = undefined; - var x159: u1 = undefined; - addcarryxU64(&x158, &x159, 0x0, x6, cast(u64, 0x1)); - const x160 = ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)); - const x161 = ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)); - const x162 = ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)); - const x163 = ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)); - const x164 = ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)); - const x165 = ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)); - const x166 = ((x124 & 0x8000000000000000) | (x124 >> 1)); + var x132: u1 = undefined; + addcarryxU64(&x131, &x132, 0x0, x98, x125); + var x133: u64 = undefined; + var x134: u1 = undefined; + addcarryxU64(&x133, &x134, x132, x99, x126); + var x135: u64 = undefined; + var x136: u1 = undefined; + addcarryxU64(&x135, &x136, x134, x100, x127); + var x137: u64 = undefined; + var x138: u1 = undefined; + addcarryxU64(&x137, &x138, x136, x101, x128); + var x139: u64 = undefined; + var x140: u1 = undefined; + addcarryxU64(&x139, &x140, x138, x102, x129); + var x141: u64 = undefined; + var x142: u1 = undefined; + addcarryxU64(&x141, &x142, x140, x103, x130); + var x143: u64 = undefined; + var x144: u1 = undefined; + subborrowxU64(&x143, &x144, 0x0, x131, 0xffffffff); + var x145: u64 = undefined; + var x146: u1 = undefined; + subborrowxU64(&x145, &x146, x144, x133, 0xffffffff00000000); + var x147: u64 = undefined; + var x148: u1 = undefined; + subborrowxU64(&x147, &x148, x146, x135, 0xfffffffffffffffe); + var x149: u64 = undefined; + var x150: u1 = undefined; + subborrowxU64(&x149, &x150, x148, x137, 0xffffffffffffffff); + var x151: u64 = undefined; + var x152: u1 = undefined; + subborrowxU64(&x151, &x152, x150, x139, 0xffffffffffffffff); + var x153: u64 = undefined; + var x154: u1 = undefined; + subborrowxU64(&x153, &x154, x152, x141, 0xffffffffffffffff); + var x155: u64 = undefined; + var x156: u1 = undefined; + subborrowxU64(&x155, &x156, x154, cast(u64, x142), cast(u64, 0x0)); + var x157: u64 = undefined; + var x158: u1 = undefined; + addcarryxU64(&x157, &x158, 0x0, x6, cast(u64, 0x1)); + const x159 = ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)); + const x160 = ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)); + const x161 = ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)); + const x162 = ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)); + const x163 = ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)); + const x164 = ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)); + const x165 = ((x123 & 0x8000000000000000) | (x123 >> 1)); + var x166: u64 = undefined; + cmovznzU64(&x166, x66, x53, x41); var x167: u64 = undefined; - cmovznzU64(&x167, x66, x53, x41); + cmovznzU64(&x167, x66, x55, x43); var x168: u64 = undefined; - cmovznzU64(&x168, x66, x55, x43); + cmovznzU64(&x168, x66, x57, x45); var x169: u64 = undefined; - cmovznzU64(&x169, x66, x57, x45); + cmovznzU64(&x169, x66, x59, x47); var x170: u64 = undefined; - cmovznzU64(&x170, x66, x59, x47); + cmovznzU64(&x170, x66, x61, x49); var x171: u64 = undefined; - cmovznzU64(&x171, x66, x61, x49); + cmovznzU64(&x171, x66, x63, x51); var x172: u64 = undefined; - cmovznzU64(&x172, x66, x63, x51); + cmovznzU64(&x172, x156, x143, x131); var x173: u64 = undefined; - cmovznzU64(&x173, x157, x144, x132); + cmovznzU64(&x173, x156, x145, x133); var x174: u64 = undefined; - cmovznzU64(&x174, x157, x146, x134); + cmovznzU64(&x174, x156, x147, x135); var x175: u64 = undefined; - cmovznzU64(&x175, x157, x148, x136); + cmovznzU64(&x175, x156, x149, x137); var x176: u64 = undefined; - cmovznzU64(&x176, x157, x150, x138); + cmovznzU64(&x176, x156, x151, x139); var x177: u64 = undefined; - cmovznzU64(&x177, x157, x152, x140); - var x178: u64 = undefined; - cmovznzU64(&x178, x157, x154, x142); - out1.* = x158; + cmovznzU64(&x177, x156, x153, x141); + out1.* = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3557,25 +3512,25 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p384_scalar_32.zig b/fiat-zig/src/p384_scalar_32.zig index 0dca71eedc..92ab2e6978 100644 --- a/fiat-zig/src/p384_scalar_32.zig +++ b/fiat-zig/src/p384_scalar_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -10472,126 +10470,90 @@ pub fn toBytes(out1: *[48]u8, arg1: [12]u32) void { const x10 = (arg1[2]); const x11 = (arg1[1]); const x12 = (arg1[0]); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u32, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x11 & cast(u32, 0xff))); - const x20 = (x11 >> 8); - const x21 = cast(u8, (x20 & cast(u32, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = cast(u8, (x22 >> 8)); - const x25 = cast(u8, (x10 & cast(u32, 0xff))); - const x26 = (x10 >> 8); - const x27 = cast(u8, (x26 & cast(u32, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = cast(u8, (x28 >> 8)); - const x31 = cast(u8, (x9 & cast(u32, 0xff))); - const x32 = (x9 >> 8); - const x33 = cast(u8, (x32 & cast(u32, 0xff))); - const x34 = (x32 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = cast(u8, (x34 >> 8)); - const x37 = cast(u8, (x8 & cast(u32, 0xff))); - const x38 = (x8 >> 8); - const x39 = cast(u8, (x38 & cast(u32, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = cast(u8, (x40 >> 8)); - const x43 = cast(u8, (x7 & cast(u32, 0xff))); - const x44 = (x7 >> 8); - const x45 = cast(u8, (x44 & cast(u32, 0xff))); - const x46 = (x44 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = cast(u8, (x46 >> 8)); - const x49 = cast(u8, (x6 & cast(u32, 0xff))); - const x50 = (x6 >> 8); - const x51 = cast(u8, (x50 & cast(u32, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = cast(u8, (x52 >> 8)); - const x55 = cast(u8, (x5 & cast(u32, 0xff))); - const x56 = (x5 >> 8); - const x57 = cast(u8, (x56 & cast(u32, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u32, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - const x61 = cast(u8, (x4 & cast(u32, 0xff))); - const x62 = (x4 >> 8); - const x63 = cast(u8, (x62 & cast(u32, 0xff))); - const x64 = (x62 >> 8); - const x65 = cast(u8, (x64 & cast(u32, 0xff))); - const x66 = cast(u8, (x64 >> 8)); - const x67 = cast(u8, (x3 & cast(u32, 0xff))); - const x68 = (x3 >> 8); - const x69 = cast(u8, (x68 & cast(u32, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u32, 0xff))); - const x72 = cast(u8, (x70 >> 8)); - const x73 = cast(u8, (x2 & cast(u32, 0xff))); - const x74 = (x2 >> 8); - const x75 = cast(u8, (x74 & cast(u32, 0xff))); - const x76 = (x74 >> 8); - const x77 = cast(u8, (x76 & cast(u32, 0xff))); - const x78 = cast(u8, (x76 >> 8)); - const x79 = cast(u8, (x1 & cast(u32, 0xff))); - const x80 = (x1 >> 8); - const x81 = cast(u8, (x80 & cast(u32, 0xff))); - const x82 = (x80 >> 8); - const x83 = cast(u8, (x82 & cast(u32, 0xff))); - const x84 = cast(u8, (x82 >> 8)); - out1[0] = x13; - out1[1] = x15; - out1[2] = x17; - out1[3] = x18; - out1[4] = x19; - out1[5] = x21; - out1[6] = x23; - out1[7] = x24; - out1[8] = x25; - out1[9] = x27; - out1[10] = x29; - out1[11] = x30; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x37; - out1[17] = x39; - out1[18] = x41; - out1[19] = x42; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x54; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; - out1[32] = x61; - out1[33] = x63; - out1[34] = x65; - out1[35] = x66; - out1[36] = x67; - out1[37] = x69; - out1[38] = x71; - out1[39] = x72; - out1[40] = x73; - out1[41] = x75; - out1[42] = x77; - out1[43] = x78; - out1[44] = x79; - out1[45] = x81; - out1[46] = x83; - out1[47] = x84; + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = cast(u8, (x14 >> 8)); + const x16 = (x11 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x10 >> 8); + const x20 = (x19 >> 8); + const x21 = cast(u8, (x20 >> 8)); + const x22 = (x9 >> 8); + const x23 = (x22 >> 8); + const x24 = cast(u8, (x23 >> 8)); + const x25 = (x8 >> 8); + const x26 = (x25 >> 8); + const x27 = cast(u8, (x26 >> 8)); + const x28 = (x7 >> 8); + const x29 = (x28 >> 8); + const x30 = cast(u8, (x29 >> 8)); + const x31 = (x6 >> 8); + const x32 = (x31 >> 8); + const x33 = cast(u8, (x32 >> 8)); + const x34 = (x5 >> 8); + const x35 = (x34 >> 8); + const x36 = cast(u8, (x35 >> 8)); + const x37 = (x4 >> 8); + const x38 = (x37 >> 8); + const x39 = cast(u8, (x38 >> 8)); + const x40 = (x3 >> 8); + const x41 = (x40 >> 8); + const x42 = cast(u8, (x41 >> 8)); + const x43 = (x2 >> 8); + const x44 = (x43 >> 8); + const x45 = cast(u8, (x44 >> 8)); + const x46 = (x1 >> 8); + const x47 = (x46 >> 8); + const x48 = cast(u8, (x47 >> 8)); + out1[0] = cast(u8, x12); + out1[1] = cast(u8, x13); + out1[2] = cast(u8, x14); + out1[3] = x15; + out1[4] = cast(u8, x11); + out1[5] = cast(u8, x16); + out1[6] = cast(u8, x17); + out1[7] = x18; + out1[8] = cast(u8, x10); + out1[9] = cast(u8, x19); + out1[10] = cast(u8, x20); + out1[11] = x21; + out1[12] = cast(u8, x9); + out1[13] = cast(u8, x22); + out1[14] = cast(u8, x23); + out1[15] = x24; + out1[16] = cast(u8, x8); + out1[17] = cast(u8, x25); + out1[18] = cast(u8, x26); + out1[19] = x27; + out1[20] = cast(u8, x7); + out1[21] = cast(u8, x28); + out1[22] = cast(u8, x29); + out1[23] = x30; + out1[24] = cast(u8, x6); + out1[25] = cast(u8, x31); + out1[26] = cast(u8, x32); + out1[27] = x33; + out1[28] = cast(u8, x5); + out1[29] = cast(u8, x34); + out1[30] = cast(u8, x35); + out1[31] = x36; + out1[32] = cast(u8, x4); + out1[33] = cast(u8, x37); + out1[34] = cast(u8, x38); + out1[35] = x39; + out1[36] = cast(u8, x3); + out1[37] = cast(u8, x40); + out1[38] = cast(u8, x41); + out1[39] = x42; + out1[40] = cast(u8, x2); + out1[41] = cast(u8, x43); + out1[42] = cast(u8, x44); + out1[43] = x45; + out1[44] = cast(u8, x1); + out1[45] = cast(u8, x46); + out1[46] = cast(u8, x47); + out1[47] = x48; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -10790,7 +10752,7 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -11096,236 +11058,235 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: cmovznzU32(&x192, x3, (arg5[10]), x178); var x193: u32 = undefined; cmovznzU32(&x193, x3, (arg5[11]), x180); - const x194 = cast(u1, (x46 & cast(u32, 0x1))); + var x194: u32 = undefined; + cmovznzU32(&x194, cast(u1, x46), cast(u32, 0x0), x7); var x195: u32 = undefined; - cmovznzU32(&x195, x194, cast(u32, 0x0), x7); + cmovznzU32(&x195, cast(u1, x46), cast(u32, 0x0), x8); var x196: u32 = undefined; - cmovznzU32(&x196, x194, cast(u32, 0x0), x8); + cmovznzU32(&x196, cast(u1, x46), cast(u32, 0x0), x9); var x197: u32 = undefined; - cmovznzU32(&x197, x194, cast(u32, 0x0), x9); + cmovznzU32(&x197, cast(u1, x46), cast(u32, 0x0), x10); var x198: u32 = undefined; - cmovznzU32(&x198, x194, cast(u32, 0x0), x10); + cmovznzU32(&x198, cast(u1, x46), cast(u32, 0x0), x11); var x199: u32 = undefined; - cmovznzU32(&x199, x194, cast(u32, 0x0), x11); + cmovznzU32(&x199, cast(u1, x46), cast(u32, 0x0), x12); var x200: u32 = undefined; - cmovznzU32(&x200, x194, cast(u32, 0x0), x12); + cmovznzU32(&x200, cast(u1, x46), cast(u32, 0x0), x13); var x201: u32 = undefined; - cmovznzU32(&x201, x194, cast(u32, 0x0), x13); + cmovznzU32(&x201, cast(u1, x46), cast(u32, 0x0), x14); var x202: u32 = undefined; - cmovznzU32(&x202, x194, cast(u32, 0x0), x14); + cmovznzU32(&x202, cast(u1, x46), cast(u32, 0x0), x15); var x203: u32 = undefined; - cmovznzU32(&x203, x194, cast(u32, 0x0), x15); + cmovznzU32(&x203, cast(u1, x46), cast(u32, 0x0), x16); var x204: u32 = undefined; - cmovznzU32(&x204, x194, cast(u32, 0x0), x16); + cmovznzU32(&x204, cast(u1, x46), cast(u32, 0x0), x17); var x205: u32 = undefined; - cmovznzU32(&x205, x194, cast(u32, 0x0), x17); + cmovznzU32(&x205, cast(u1, x46), cast(u32, 0x0), x18); var x206: u32 = undefined; - cmovznzU32(&x206, x194, cast(u32, 0x0), x18); + cmovznzU32(&x206, cast(u1, x46), cast(u32, 0x0), x19); var x207: u32 = undefined; - cmovznzU32(&x207, x194, cast(u32, 0x0), x19); - var x208: u32 = undefined; - var x209: u1 = undefined; - addcarryxU32(&x208, &x209, 0x0, x46, x195); - var x210: u32 = undefined; - var x211: u1 = undefined; - addcarryxU32(&x210, &x211, x209, x47, x196); - var x212: u32 = undefined; - var x213: u1 = undefined; - addcarryxU32(&x212, &x213, x211, x48, x197); - var x214: u32 = undefined; - var x215: u1 = undefined; - addcarryxU32(&x214, &x215, x213, x49, x198); - var x216: u32 = undefined; - var x217: u1 = undefined; - addcarryxU32(&x216, &x217, x215, x50, x199); - var x218: u32 = undefined; - var x219: u1 = undefined; - addcarryxU32(&x218, &x219, x217, x51, x200); - var x220: u32 = undefined; - var x221: u1 = undefined; - addcarryxU32(&x220, &x221, x219, x52, x201); - var x222: u32 = undefined; - var x223: u1 = undefined; - addcarryxU32(&x222, &x223, x221, x53, x202); - var x224: u32 = undefined; - var x225: u1 = undefined; - addcarryxU32(&x224, &x225, x223, x54, x203); - var x226: u32 = undefined; - var x227: u1 = undefined; - addcarryxU32(&x226, &x227, x225, x55, x204); - var x228: u32 = undefined; - var x229: u1 = undefined; - addcarryxU32(&x228, &x229, x227, x56, x205); - var x230: u32 = undefined; - var x231: u1 = undefined; - addcarryxU32(&x230, &x231, x229, x57, x206); - var x232: u32 = undefined; - var x233: u1 = undefined; - addcarryxU32(&x232, &x233, x231, x58, x207); + var x208: u1 = undefined; + addcarryxU32(&x207, &x208, 0x0, x46, x194); + var x209: u32 = undefined; + var x210: u1 = undefined; + addcarryxU32(&x209, &x210, x208, x47, x195); + var x211: u32 = undefined; + var x212: u1 = undefined; + addcarryxU32(&x211, &x212, x210, x48, x196); + var x213: u32 = undefined; + var x214: u1 = undefined; + addcarryxU32(&x213, &x214, x212, x49, x197); + var x215: u32 = undefined; + var x216: u1 = undefined; + addcarryxU32(&x215, &x216, x214, x50, x198); + var x217: u32 = undefined; + var x218: u1 = undefined; + addcarryxU32(&x217, &x218, x216, x51, x199); + var x219: u32 = undefined; + var x220: u1 = undefined; + addcarryxU32(&x219, &x220, x218, x52, x200); + var x221: u32 = undefined; + var x222: u1 = undefined; + addcarryxU32(&x221, &x222, x220, x53, x201); + var x223: u32 = undefined; + var x224: u1 = undefined; + addcarryxU32(&x223, &x224, x222, x54, x202); + var x225: u32 = undefined; + var x226: u1 = undefined; + addcarryxU32(&x225, &x226, x224, x55, x203); + var x227: u32 = undefined; + var x228: u1 = undefined; + addcarryxU32(&x227, &x228, x226, x56, x204); + var x229: u32 = undefined; + var x230: u1 = undefined; + addcarryxU32(&x229, &x230, x228, x57, x205); + var x231: u32 = undefined; + var x232: u1 = undefined; + addcarryxU32(&x231, &x232, x230, x58, x206); + var x233: u32 = undefined; + cmovznzU32(&x233, cast(u1, x46), cast(u32, 0x0), x59); var x234: u32 = undefined; - cmovznzU32(&x234, x194, cast(u32, 0x0), x59); + cmovznzU32(&x234, cast(u1, x46), cast(u32, 0x0), x60); var x235: u32 = undefined; - cmovznzU32(&x235, x194, cast(u32, 0x0), x60); + cmovznzU32(&x235, cast(u1, x46), cast(u32, 0x0), x61); var x236: u32 = undefined; - cmovznzU32(&x236, x194, cast(u32, 0x0), x61); + cmovznzU32(&x236, cast(u1, x46), cast(u32, 0x0), x62); var x237: u32 = undefined; - cmovznzU32(&x237, x194, cast(u32, 0x0), x62); + cmovznzU32(&x237, cast(u1, x46), cast(u32, 0x0), x63); var x238: u32 = undefined; - cmovznzU32(&x238, x194, cast(u32, 0x0), x63); + cmovznzU32(&x238, cast(u1, x46), cast(u32, 0x0), x64); var x239: u32 = undefined; - cmovznzU32(&x239, x194, cast(u32, 0x0), x64); + cmovznzU32(&x239, cast(u1, x46), cast(u32, 0x0), x65); var x240: u32 = undefined; - cmovznzU32(&x240, x194, cast(u32, 0x0), x65); + cmovznzU32(&x240, cast(u1, x46), cast(u32, 0x0), x66); var x241: u32 = undefined; - cmovznzU32(&x241, x194, cast(u32, 0x0), x66); + cmovznzU32(&x241, cast(u1, x46), cast(u32, 0x0), x67); var x242: u32 = undefined; - cmovznzU32(&x242, x194, cast(u32, 0x0), x67); + cmovznzU32(&x242, cast(u1, x46), cast(u32, 0x0), x68); var x243: u32 = undefined; - cmovznzU32(&x243, x194, cast(u32, 0x0), x68); + cmovznzU32(&x243, cast(u1, x46), cast(u32, 0x0), x69); var x244: u32 = undefined; - cmovznzU32(&x244, x194, cast(u32, 0x0), x69); + cmovznzU32(&x244, cast(u1, x46), cast(u32, 0x0), x70); var x245: u32 = undefined; - cmovznzU32(&x245, x194, cast(u32, 0x0), x70); - var x246: u32 = undefined; - var x247: u1 = undefined; - addcarryxU32(&x246, &x247, 0x0, x182, x234); - var x248: u32 = undefined; - var x249: u1 = undefined; - addcarryxU32(&x248, &x249, x247, x183, x235); - var x250: u32 = undefined; - var x251: u1 = undefined; - addcarryxU32(&x250, &x251, x249, x184, x236); - var x252: u32 = undefined; - var x253: u1 = undefined; - addcarryxU32(&x252, &x253, x251, x185, x237); - var x254: u32 = undefined; - var x255: u1 = undefined; - addcarryxU32(&x254, &x255, x253, x186, x238); - var x256: u32 = undefined; - var x257: u1 = undefined; - addcarryxU32(&x256, &x257, x255, x187, x239); - var x258: u32 = undefined; - var x259: u1 = undefined; - addcarryxU32(&x258, &x259, x257, x188, x240); - var x260: u32 = undefined; - var x261: u1 = undefined; - addcarryxU32(&x260, &x261, x259, x189, x241); - var x262: u32 = undefined; - var x263: u1 = undefined; - addcarryxU32(&x262, &x263, x261, x190, x242); - var x264: u32 = undefined; - var x265: u1 = undefined; - addcarryxU32(&x264, &x265, x263, x191, x243); - var x266: u32 = undefined; - var x267: u1 = undefined; - addcarryxU32(&x266, &x267, x265, x192, x244); - var x268: u32 = undefined; - var x269: u1 = undefined; - addcarryxU32(&x268, &x269, x267, x193, x245); - var x270: u32 = undefined; - var x271: u1 = undefined; - subborrowxU32(&x270, &x271, 0x0, x246, 0xccc52973); - var x272: u32 = undefined; - var x273: u1 = undefined; - subborrowxU32(&x272, &x273, x271, x248, 0xecec196a); - var x274: u32 = undefined; - var x275: u1 = undefined; - subborrowxU32(&x274, &x275, x273, x250, 0x48b0a77a); - var x276: u32 = undefined; - var x277: u1 = undefined; - subborrowxU32(&x276, &x277, x275, x252, 0x581a0db2); - var x278: u32 = undefined; - var x279: u1 = undefined; - subborrowxU32(&x278, &x279, x277, x254, 0xf4372ddf); - var x280: u32 = undefined; - var x281: u1 = undefined; - subborrowxU32(&x280, &x281, x279, x256, 0xc7634d81); - var x282: u32 = undefined; - var x283: u1 = undefined; - subborrowxU32(&x282, &x283, x281, x258, 0xffffffff); - var x284: u32 = undefined; - var x285: u1 = undefined; - subborrowxU32(&x284, &x285, x283, x260, 0xffffffff); - var x286: u32 = undefined; - var x287: u1 = undefined; - subborrowxU32(&x286, &x287, x285, x262, 0xffffffff); - var x288: u32 = undefined; - var x289: u1 = undefined; - subborrowxU32(&x288, &x289, x287, x264, 0xffffffff); - var x290: u32 = undefined; - var x291: u1 = undefined; - subborrowxU32(&x290, &x291, x289, x266, 0xffffffff); - var x292: u32 = undefined; - var x293: u1 = undefined; - subborrowxU32(&x292, &x293, x291, x268, 0xffffffff); - var x294: u32 = undefined; - var x295: u1 = undefined; - subborrowxU32(&x294, &x295, x293, cast(u32, x269), cast(u32, 0x0)); - var x296: u32 = undefined; - var x297: u1 = undefined; - addcarryxU32(&x296, &x297, 0x0, x6, cast(u32, 0x1)); - const x298 = ((x208 >> 1) | ((x210 << 31) & 0xffffffff)); - const x299 = ((x210 >> 1) | ((x212 << 31) & 0xffffffff)); - const x300 = ((x212 >> 1) | ((x214 << 31) & 0xffffffff)); - const x301 = ((x214 >> 1) | ((x216 << 31) & 0xffffffff)); - const x302 = ((x216 >> 1) | ((x218 << 31) & 0xffffffff)); - const x303 = ((x218 >> 1) | ((x220 << 31) & 0xffffffff)); - const x304 = ((x220 >> 1) | ((x222 << 31) & 0xffffffff)); - const x305 = ((x222 >> 1) | ((x224 << 31) & 0xffffffff)); - const x306 = ((x224 >> 1) | ((x226 << 31) & 0xffffffff)); - const x307 = ((x226 >> 1) | ((x228 << 31) & 0xffffffff)); - const x308 = ((x228 >> 1) | ((x230 << 31) & 0xffffffff)); - const x309 = ((x230 >> 1) | ((x232 << 31) & 0xffffffff)); - const x310 = ((x232 & 0x80000000) | (x232 >> 1)); + var x246: u1 = undefined; + addcarryxU32(&x245, &x246, 0x0, x182, x233); + var x247: u32 = undefined; + var x248: u1 = undefined; + addcarryxU32(&x247, &x248, x246, x183, x234); + var x249: u32 = undefined; + var x250: u1 = undefined; + addcarryxU32(&x249, &x250, x248, x184, x235); + var x251: u32 = undefined; + var x252: u1 = undefined; + addcarryxU32(&x251, &x252, x250, x185, x236); + var x253: u32 = undefined; + var x254: u1 = undefined; + addcarryxU32(&x253, &x254, x252, x186, x237); + var x255: u32 = undefined; + var x256: u1 = undefined; + addcarryxU32(&x255, &x256, x254, x187, x238); + var x257: u32 = undefined; + var x258: u1 = undefined; + addcarryxU32(&x257, &x258, x256, x188, x239); + var x259: u32 = undefined; + var x260: u1 = undefined; + addcarryxU32(&x259, &x260, x258, x189, x240); + var x261: u32 = undefined; + var x262: u1 = undefined; + addcarryxU32(&x261, &x262, x260, x190, x241); + var x263: u32 = undefined; + var x264: u1 = undefined; + addcarryxU32(&x263, &x264, x262, x191, x242); + var x265: u32 = undefined; + var x266: u1 = undefined; + addcarryxU32(&x265, &x266, x264, x192, x243); + var x267: u32 = undefined; + var x268: u1 = undefined; + addcarryxU32(&x267, &x268, x266, x193, x244); + var x269: u32 = undefined; + var x270: u1 = undefined; + subborrowxU32(&x269, &x270, 0x0, x245, 0xccc52973); + var x271: u32 = undefined; + var x272: u1 = undefined; + subborrowxU32(&x271, &x272, x270, x247, 0xecec196a); + var x273: u32 = undefined; + var x274: u1 = undefined; + subborrowxU32(&x273, &x274, x272, x249, 0x48b0a77a); + var x275: u32 = undefined; + var x276: u1 = undefined; + subborrowxU32(&x275, &x276, x274, x251, 0x581a0db2); + var x277: u32 = undefined; + var x278: u1 = undefined; + subborrowxU32(&x277, &x278, x276, x253, 0xf4372ddf); + var x279: u32 = undefined; + var x280: u1 = undefined; + subborrowxU32(&x279, &x280, x278, x255, 0xc7634d81); + var x281: u32 = undefined; + var x282: u1 = undefined; + subborrowxU32(&x281, &x282, x280, x257, 0xffffffff); + var x283: u32 = undefined; + var x284: u1 = undefined; + subborrowxU32(&x283, &x284, x282, x259, 0xffffffff); + var x285: u32 = undefined; + var x286: u1 = undefined; + subborrowxU32(&x285, &x286, x284, x261, 0xffffffff); + var x287: u32 = undefined; + var x288: u1 = undefined; + subborrowxU32(&x287, &x288, x286, x263, 0xffffffff); + var x289: u32 = undefined; + var x290: u1 = undefined; + subborrowxU32(&x289, &x290, x288, x265, 0xffffffff); + var x291: u32 = undefined; + var x292: u1 = undefined; + subborrowxU32(&x291, &x292, x290, x267, 0xffffffff); + var x293: u32 = undefined; + var x294: u1 = undefined; + subborrowxU32(&x293, &x294, x292, cast(u32, x268), cast(u32, 0x0)); + var x295: u32 = undefined; + var x296: u1 = undefined; + addcarryxU32(&x295, &x296, 0x0, x6, cast(u32, 0x1)); + const x297 = ((x207 >> 1) | ((x209 << 31) & 0xffffffff)); + const x298 = ((x209 >> 1) | ((x211 << 31) & 0xffffffff)); + const x299 = ((x211 >> 1) | ((x213 << 31) & 0xffffffff)); + const x300 = ((x213 >> 1) | ((x215 << 31) & 0xffffffff)); + const x301 = ((x215 >> 1) | ((x217 << 31) & 0xffffffff)); + const x302 = ((x217 >> 1) | ((x219 << 31) & 0xffffffff)); + const x303 = ((x219 >> 1) | ((x221 << 31) & 0xffffffff)); + const x304 = ((x221 >> 1) | ((x223 << 31) & 0xffffffff)); + const x305 = ((x223 >> 1) | ((x225 << 31) & 0xffffffff)); + const x306 = ((x225 >> 1) | ((x227 << 31) & 0xffffffff)); + const x307 = ((x227 >> 1) | ((x229 << 31) & 0xffffffff)); + const x308 = ((x229 >> 1) | ((x231 << 31) & 0xffffffff)); + const x309 = ((x231 & 0x80000000) | (x231 >> 1)); + var x310: u32 = undefined; + cmovznzU32(&x310, x120, x95, x71); var x311: u32 = undefined; - cmovznzU32(&x311, x120, x95, x71); + cmovznzU32(&x311, x120, x97, x73); var x312: u32 = undefined; - cmovznzU32(&x312, x120, x97, x73); + cmovznzU32(&x312, x120, x99, x75); var x313: u32 = undefined; - cmovznzU32(&x313, x120, x99, x75); + cmovznzU32(&x313, x120, x101, x77); var x314: u32 = undefined; - cmovznzU32(&x314, x120, x101, x77); + cmovznzU32(&x314, x120, x103, x79); var x315: u32 = undefined; - cmovznzU32(&x315, x120, x103, x79); + cmovznzU32(&x315, x120, x105, x81); var x316: u32 = undefined; - cmovznzU32(&x316, x120, x105, x81); + cmovznzU32(&x316, x120, x107, x83); var x317: u32 = undefined; - cmovznzU32(&x317, x120, x107, x83); + cmovznzU32(&x317, x120, x109, x85); var x318: u32 = undefined; - cmovznzU32(&x318, x120, x109, x85); + cmovznzU32(&x318, x120, x111, x87); var x319: u32 = undefined; - cmovznzU32(&x319, x120, x111, x87); + cmovznzU32(&x319, x120, x113, x89); var x320: u32 = undefined; - cmovznzU32(&x320, x120, x113, x89); + cmovznzU32(&x320, x120, x115, x91); var x321: u32 = undefined; - cmovznzU32(&x321, x120, x115, x91); + cmovznzU32(&x321, x120, x117, x93); var x322: u32 = undefined; - cmovznzU32(&x322, x120, x117, x93); + cmovznzU32(&x322, x294, x269, x245); var x323: u32 = undefined; - cmovznzU32(&x323, x295, x270, x246); + cmovznzU32(&x323, x294, x271, x247); var x324: u32 = undefined; - cmovznzU32(&x324, x295, x272, x248); + cmovznzU32(&x324, x294, x273, x249); var x325: u32 = undefined; - cmovznzU32(&x325, x295, x274, x250); + cmovznzU32(&x325, x294, x275, x251); var x326: u32 = undefined; - cmovznzU32(&x326, x295, x276, x252); + cmovznzU32(&x326, x294, x277, x253); var x327: u32 = undefined; - cmovznzU32(&x327, x295, x278, x254); + cmovznzU32(&x327, x294, x279, x255); var x328: u32 = undefined; - cmovznzU32(&x328, x295, x280, x256); + cmovznzU32(&x328, x294, x281, x257); var x329: u32 = undefined; - cmovznzU32(&x329, x295, x282, x258); + cmovznzU32(&x329, x294, x283, x259); var x330: u32 = undefined; - cmovznzU32(&x330, x295, x284, x260); + cmovznzU32(&x330, x294, x285, x261); var x331: u32 = undefined; - cmovznzU32(&x331, x295, x286, x262); + cmovznzU32(&x331, x294, x287, x263); var x332: u32 = undefined; - cmovznzU32(&x332, x295, x288, x264); + cmovznzU32(&x332, x294, x289, x265); var x333: u32 = undefined; - cmovznzU32(&x333, x295, x290, x266); - var x334: u32 = undefined; - cmovznzU32(&x334, x295, x292, x268); - out1.* = x296; + cmovznzU32(&x333, x294, x291, x267); + out1.* = x295; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -11339,43 +11300,43 @@ pub fn divstep(out1: *u32, out2: *[13]u32, out3: *[13]u32, out4: *[12]u32, out5: out2[10] = x17; out2[11] = x18; out2[12] = x19; - out3[0] = x298; - out3[1] = x299; - out3[2] = x300; - out3[3] = x301; - out3[4] = x302; - out3[5] = x303; - out3[6] = x304; - out3[7] = x305; - out3[8] = x306; - out3[9] = x307; - out3[10] = x308; - out3[11] = x309; - out3[12] = x310; - out4[0] = x311; - out4[1] = x312; - out4[2] = x313; - out4[3] = x314; - out4[4] = x315; - out4[5] = x316; - out4[6] = x317; - out4[7] = x318; - out4[8] = x319; - out4[9] = x320; - out4[10] = x321; - out4[11] = x322; - out5[0] = x323; - out5[1] = x324; - out5[2] = x325; - out5[3] = x326; - out5[4] = x327; - out5[5] = x328; - out5[6] = x329; - out5[7] = x330; - out5[8] = x331; - out5[9] = x332; - out5[10] = x333; - out5[11] = x334; + out3[0] = x297; + out3[1] = x298; + out3[2] = x299; + out3[3] = x300; + out3[4] = x301; + out3[5] = x302; + out3[6] = x303; + out3[7] = x304; + out3[8] = x305; + out3[9] = x306; + out3[10] = x307; + out3[11] = x308; + out3[12] = x309; + out4[0] = x310; + out4[1] = x311; + out4[2] = x312; + out4[3] = x313; + out4[4] = x314; + out4[5] = x315; + out4[6] = x316; + out4[7] = x317; + out4[8] = x318; + out4[9] = x319; + out4[10] = x320; + out4[11] = x321; + out5[0] = x322; + out5[1] = x323; + out5[2] = x324; + out5[3] = x325; + out5[4] = x326; + out5[5] = x327; + out5[6] = x328; + out5[7] = x329; + out5[8] = x330; + out5[9] = x331; + out5[10] = x332; + out5[11] = x333; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p384_scalar_64.zig b/fiat-zig/src/p384_scalar_64.zig index 9a89d0efd2..6bd4cfaa37 100644 --- a/fiat-zig/src/p384_scalar_64.zig +++ b/fiat-zig/src/p384_scalar_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -3002,138 +3000,96 @@ pub fn toBytes(out1: *[48]u8, arg1: [6]u64) void { const x4 = (arg1[2]); const x5 = (arg1[1]); const x6 = (arg1[0]); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u64, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x5 & cast(u64, 0xff))); - const x22 = (x5 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = (x30 >> 8); - const x33 = cast(u8, (x32 & cast(u64, 0xff))); - const x34 = cast(u8, (x32 >> 8)); - const x35 = cast(u8, (x4 & cast(u64, 0xff))); - const x36 = (x4 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = (x44 >> 8); - const x47 = cast(u8, (x46 & cast(u64, 0xff))); - const x48 = cast(u8, (x46 >> 8)); - const x49 = cast(u8, (x3 & cast(u64, 0xff))); - const x50 = (x3 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = (x58 >> 8); - const x61 = cast(u8, (x60 & cast(u64, 0xff))); - const x62 = cast(u8, (x60 >> 8)); - const x63 = cast(u8, (x2 & cast(u64, 0xff))); - const x64 = (x2 >> 8); - const x65 = cast(u8, (x64 & cast(u64, 0xff))); - const x66 = (x64 >> 8); - const x67 = cast(u8, (x66 & cast(u64, 0xff))); - const x68 = (x66 >> 8); - const x69 = cast(u8, (x68 & cast(u64, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u64, 0xff))); - const x72 = (x70 >> 8); - const x73 = cast(u8, (x72 & cast(u64, 0xff))); - const x74 = (x72 >> 8); - const x75 = cast(u8, (x74 & cast(u64, 0xff))); - const x76 = cast(u8, (x74 >> 8)); - const x77 = cast(u8, (x1 & cast(u64, 0xff))); - const x78 = (x1 >> 8); - const x79 = cast(u8, (x78 & cast(u64, 0xff))); - const x80 = (x78 >> 8); - const x81 = cast(u8, (x80 & cast(u64, 0xff))); - const x82 = (x80 >> 8); - const x83 = cast(u8, (x82 & cast(u64, 0xff))); - const x84 = (x82 >> 8); - const x85 = cast(u8, (x84 & cast(u64, 0xff))); - const x86 = (x84 >> 8); - const x87 = cast(u8, (x86 & cast(u64, 0xff))); - const x88 = (x86 >> 8); - const x89 = cast(u8, (x88 & cast(u64, 0xff))); - const x90 = cast(u8, (x88 >> 8)); - out1[0] = x7; - out1[1] = x9; - out1[2] = x11; - out1[3] = x13; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x27; - out1[12] = x29; - out1[13] = x31; - out1[14] = x33; - out1[15] = x34; - out1[16] = x35; - out1[17] = x37; - out1[18] = x39; - out1[19] = x41; - out1[20] = x43; - out1[21] = x45; - out1[22] = x47; - out1[23] = x48; - out1[24] = x49; - out1[25] = x51; - out1[26] = x53; - out1[27] = x55; - out1[28] = x57; - out1[29] = x59; - out1[30] = x61; - out1[31] = x62; - out1[32] = x63; - out1[33] = x65; - out1[34] = x67; - out1[35] = x69; - out1[36] = x71; - out1[37] = x73; - out1[38] = x75; - out1[39] = x76; - out1[40] = x77; - out1[41] = x79; - out1[42] = x81; - out1[43] = x83; - out1[44] = x85; - out1[45] = x87; - out1[46] = x89; - out1[47] = x90; + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = (x10 >> 8); + const x12 = (x11 >> 8); + const x13 = cast(u8, (x12 >> 8)); + const x14 = (x5 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = (x17 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = (x24 >> 8); + const x26 = (x25 >> 8); + const x27 = cast(u8, (x26 >> 8)); + const x28 = (x3 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = (x31 >> 8); + const x33 = (x32 >> 8); + const x34 = cast(u8, (x33 >> 8)); + const x35 = (x2 >> 8); + const x36 = (x35 >> 8); + const x37 = (x36 >> 8); + const x38 = (x37 >> 8); + const x39 = (x38 >> 8); + const x40 = (x39 >> 8); + const x41 = cast(u8, (x40 >> 8)); + const x42 = (x1 >> 8); + const x43 = (x42 >> 8); + const x44 = (x43 >> 8); + const x45 = (x44 >> 8); + const x46 = (x45 >> 8); + const x47 = (x46 >> 8); + const x48 = cast(u8, (x47 >> 8)); + out1[0] = cast(u8, x6); + out1[1] = cast(u8, x7); + out1[2] = cast(u8, x8); + out1[3] = cast(u8, x9); + out1[4] = cast(u8, x10); + out1[5] = cast(u8, x11); + out1[6] = cast(u8, x12); + out1[7] = x13; + out1[8] = cast(u8, x5); + out1[9] = cast(u8, x14); + out1[10] = cast(u8, x15); + out1[11] = cast(u8, x16); + out1[12] = cast(u8, x17); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = cast(u8, x23); + out1[20] = cast(u8, x24); + out1[21] = cast(u8, x25); + out1[22] = cast(u8, x26); + out1[23] = x27; + out1[24] = cast(u8, x3); + out1[25] = cast(u8, x28); + out1[26] = cast(u8, x29); + out1[27] = cast(u8, x30); + out1[28] = cast(u8, x31); + out1[29] = cast(u8, x32); + out1[30] = cast(u8, x33); + out1[31] = x34; + out1[32] = cast(u8, x2); + out1[33] = cast(u8, x35); + out1[34] = cast(u8, x36); + out1[35] = cast(u8, x37); + out1[36] = cast(u8, x38); + out1[37] = cast(u8, x39); + out1[38] = cast(u8, x40); + out1[39] = x41; + out1[40] = cast(u8, x1); + out1[41] = cast(u8, x42); + out1[42] = cast(u8, x43); + out1[43] = cast(u8, x44); + out1[44] = cast(u8, x45); + out1[45] = cast(u8, x46); + out1[46] = cast(u8, x47); + out1[47] = x48; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -3320,7 +3276,7 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -3482,128 +3438,127 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ cmovznzU64(&x102, x3, (arg5[4]), x94); var x103: u64 = undefined; cmovznzU64(&x103, x3, (arg5[5]), x96); - const x104 = cast(u1, (x28 & cast(u64, 0x1))); + var x104: u64 = undefined; + cmovznzU64(&x104, cast(u1, x28), cast(u64, 0x0), x7); var x105: u64 = undefined; - cmovznzU64(&x105, x104, cast(u64, 0x0), x7); + cmovznzU64(&x105, cast(u1, x28), cast(u64, 0x0), x8); var x106: u64 = undefined; - cmovznzU64(&x106, x104, cast(u64, 0x0), x8); + cmovznzU64(&x106, cast(u1, x28), cast(u64, 0x0), x9); var x107: u64 = undefined; - cmovznzU64(&x107, x104, cast(u64, 0x0), x9); + cmovznzU64(&x107, cast(u1, x28), cast(u64, 0x0), x10); var x108: u64 = undefined; - cmovznzU64(&x108, x104, cast(u64, 0x0), x10); + cmovznzU64(&x108, cast(u1, x28), cast(u64, 0x0), x11); var x109: u64 = undefined; - cmovznzU64(&x109, x104, cast(u64, 0x0), x11); + cmovznzU64(&x109, cast(u1, x28), cast(u64, 0x0), x12); var x110: u64 = undefined; - cmovznzU64(&x110, x104, cast(u64, 0x0), x12); + cmovznzU64(&x110, cast(u1, x28), cast(u64, 0x0), x13); var x111: u64 = undefined; - cmovznzU64(&x111, x104, cast(u64, 0x0), x13); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x28, x105); - var x114: u64 = undefined; - var x115: u1 = undefined; - addcarryxU64(&x114, &x115, x113, x29, x106); - var x116: u64 = undefined; - var x117: u1 = undefined; - addcarryxU64(&x116, &x117, x115, x30, x107); - var x118: u64 = undefined; - var x119: u1 = undefined; - addcarryxU64(&x118, &x119, x117, x31, x108); - var x120: u64 = undefined; - var x121: u1 = undefined; - addcarryxU64(&x120, &x121, x119, x32, x109); - var x122: u64 = undefined; - var x123: u1 = undefined; - addcarryxU64(&x122, &x123, x121, x33, x110); - var x124: u64 = undefined; - var x125: u1 = undefined; - addcarryxU64(&x124, &x125, x123, x34, x111); + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x28, x104); + var x113: u64 = undefined; + var x114: u1 = undefined; + addcarryxU64(&x113, &x114, x112, x29, x105); + var x115: u64 = undefined; + var x116: u1 = undefined; + addcarryxU64(&x115, &x116, x114, x30, x106); + var x117: u64 = undefined; + var x118: u1 = undefined; + addcarryxU64(&x117, &x118, x116, x31, x107); + var x119: u64 = undefined; + var x120: u1 = undefined; + addcarryxU64(&x119, &x120, x118, x32, x108); + var x121: u64 = undefined; + var x122: u1 = undefined; + addcarryxU64(&x121, &x122, x120, x33, x109); + var x123: u64 = undefined; + var x124: u1 = undefined; + addcarryxU64(&x123, &x124, x122, x34, x110); + var x125: u64 = undefined; + cmovznzU64(&x125, cast(u1, x28), cast(u64, 0x0), x35); var x126: u64 = undefined; - cmovznzU64(&x126, x104, cast(u64, 0x0), x35); + cmovznzU64(&x126, cast(u1, x28), cast(u64, 0x0), x36); var x127: u64 = undefined; - cmovznzU64(&x127, x104, cast(u64, 0x0), x36); + cmovznzU64(&x127, cast(u1, x28), cast(u64, 0x0), x37); var x128: u64 = undefined; - cmovznzU64(&x128, x104, cast(u64, 0x0), x37); + cmovznzU64(&x128, cast(u1, x28), cast(u64, 0x0), x38); var x129: u64 = undefined; - cmovznzU64(&x129, x104, cast(u64, 0x0), x38); + cmovznzU64(&x129, cast(u1, x28), cast(u64, 0x0), x39); var x130: u64 = undefined; - cmovznzU64(&x130, x104, cast(u64, 0x0), x39); + cmovznzU64(&x130, cast(u1, x28), cast(u64, 0x0), x40); var x131: u64 = undefined; - cmovznzU64(&x131, x104, cast(u64, 0x0), x40); - var x132: u64 = undefined; - var x133: u1 = undefined; - addcarryxU64(&x132, &x133, 0x0, x98, x126); - var x134: u64 = undefined; - var x135: u1 = undefined; - addcarryxU64(&x134, &x135, x133, x99, x127); - var x136: u64 = undefined; - var x137: u1 = undefined; - addcarryxU64(&x136, &x137, x135, x100, x128); - var x138: u64 = undefined; - var x139: u1 = undefined; - addcarryxU64(&x138, &x139, x137, x101, x129); - var x140: u64 = undefined; - var x141: u1 = undefined; - addcarryxU64(&x140, &x141, x139, x102, x130); - var x142: u64 = undefined; - var x143: u1 = undefined; - addcarryxU64(&x142, &x143, x141, x103, x131); - var x144: u64 = undefined; - var x145: u1 = undefined; - subborrowxU64(&x144, &x145, 0x0, x132, 0xecec196accc52973); - var x146: u64 = undefined; - var x147: u1 = undefined; - subborrowxU64(&x146, &x147, x145, x134, 0x581a0db248b0a77a); - var x148: u64 = undefined; - var x149: u1 = undefined; - subborrowxU64(&x148, &x149, x147, x136, 0xc7634d81f4372ddf); - var x150: u64 = undefined; - var x151: u1 = undefined; - subborrowxU64(&x150, &x151, x149, x138, 0xffffffffffffffff); - var x152: u64 = undefined; - var x153: u1 = undefined; - subborrowxU64(&x152, &x153, x151, x140, 0xffffffffffffffff); - var x154: u64 = undefined; - var x155: u1 = undefined; - subborrowxU64(&x154, &x155, x153, x142, 0xffffffffffffffff); - var x156: u64 = undefined; - var x157: u1 = undefined; - subborrowxU64(&x156, &x157, x155, cast(u64, x143), cast(u64, 0x0)); - var x158: u64 = undefined; - var x159: u1 = undefined; - addcarryxU64(&x158, &x159, 0x0, x6, cast(u64, 0x1)); - const x160 = ((x112 >> 1) | ((x114 << 63) & 0xffffffffffffffff)); - const x161 = ((x114 >> 1) | ((x116 << 63) & 0xffffffffffffffff)); - const x162 = ((x116 >> 1) | ((x118 << 63) & 0xffffffffffffffff)); - const x163 = ((x118 >> 1) | ((x120 << 63) & 0xffffffffffffffff)); - const x164 = ((x120 >> 1) | ((x122 << 63) & 0xffffffffffffffff)); - const x165 = ((x122 >> 1) | ((x124 << 63) & 0xffffffffffffffff)); - const x166 = ((x124 & 0x8000000000000000) | (x124 >> 1)); + var x132: u1 = undefined; + addcarryxU64(&x131, &x132, 0x0, x98, x125); + var x133: u64 = undefined; + var x134: u1 = undefined; + addcarryxU64(&x133, &x134, x132, x99, x126); + var x135: u64 = undefined; + var x136: u1 = undefined; + addcarryxU64(&x135, &x136, x134, x100, x127); + var x137: u64 = undefined; + var x138: u1 = undefined; + addcarryxU64(&x137, &x138, x136, x101, x128); + var x139: u64 = undefined; + var x140: u1 = undefined; + addcarryxU64(&x139, &x140, x138, x102, x129); + var x141: u64 = undefined; + var x142: u1 = undefined; + addcarryxU64(&x141, &x142, x140, x103, x130); + var x143: u64 = undefined; + var x144: u1 = undefined; + subborrowxU64(&x143, &x144, 0x0, x131, 0xecec196accc52973); + var x145: u64 = undefined; + var x146: u1 = undefined; + subborrowxU64(&x145, &x146, x144, x133, 0x581a0db248b0a77a); + var x147: u64 = undefined; + var x148: u1 = undefined; + subborrowxU64(&x147, &x148, x146, x135, 0xc7634d81f4372ddf); + var x149: u64 = undefined; + var x150: u1 = undefined; + subborrowxU64(&x149, &x150, x148, x137, 0xffffffffffffffff); + var x151: u64 = undefined; + var x152: u1 = undefined; + subborrowxU64(&x151, &x152, x150, x139, 0xffffffffffffffff); + var x153: u64 = undefined; + var x154: u1 = undefined; + subborrowxU64(&x153, &x154, x152, x141, 0xffffffffffffffff); + var x155: u64 = undefined; + var x156: u1 = undefined; + subborrowxU64(&x155, &x156, x154, cast(u64, x142), cast(u64, 0x0)); + var x157: u64 = undefined; + var x158: u1 = undefined; + addcarryxU64(&x157, &x158, 0x0, x6, cast(u64, 0x1)); + const x159 = ((x111 >> 1) | ((x113 << 63) & 0xffffffffffffffff)); + const x160 = ((x113 >> 1) | ((x115 << 63) & 0xffffffffffffffff)); + const x161 = ((x115 >> 1) | ((x117 << 63) & 0xffffffffffffffff)); + const x162 = ((x117 >> 1) | ((x119 << 63) & 0xffffffffffffffff)); + const x163 = ((x119 >> 1) | ((x121 << 63) & 0xffffffffffffffff)); + const x164 = ((x121 >> 1) | ((x123 << 63) & 0xffffffffffffffff)); + const x165 = ((x123 & 0x8000000000000000) | (x123 >> 1)); + var x166: u64 = undefined; + cmovznzU64(&x166, x66, x53, x41); var x167: u64 = undefined; - cmovznzU64(&x167, x66, x53, x41); + cmovznzU64(&x167, x66, x55, x43); var x168: u64 = undefined; - cmovznzU64(&x168, x66, x55, x43); + cmovznzU64(&x168, x66, x57, x45); var x169: u64 = undefined; - cmovznzU64(&x169, x66, x57, x45); + cmovznzU64(&x169, x66, x59, x47); var x170: u64 = undefined; - cmovznzU64(&x170, x66, x59, x47); + cmovznzU64(&x170, x66, x61, x49); var x171: u64 = undefined; - cmovznzU64(&x171, x66, x61, x49); + cmovznzU64(&x171, x66, x63, x51); var x172: u64 = undefined; - cmovznzU64(&x172, x66, x63, x51); + cmovznzU64(&x172, x156, x143, x131); var x173: u64 = undefined; - cmovznzU64(&x173, x157, x144, x132); + cmovznzU64(&x173, x156, x145, x133); var x174: u64 = undefined; - cmovznzU64(&x174, x157, x146, x134); + cmovznzU64(&x174, x156, x147, x135); var x175: u64 = undefined; - cmovznzU64(&x175, x157, x148, x136); + cmovznzU64(&x175, x156, x149, x137); var x176: u64 = undefined; - cmovznzU64(&x176, x157, x150, x138); + cmovznzU64(&x176, x156, x151, x139); var x177: u64 = undefined; - cmovznzU64(&x177, x157, x152, x140); - var x178: u64 = undefined; - cmovznzU64(&x178, x157, x154, x142); - out1.* = x158; + cmovznzU64(&x177, x156, x153, x141); + out1.* = x157; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -3611,25 +3566,25 @@ pub fn divstep(out1: *u64, out2: *[7]u64, out3: *[7]u64, out4: *[6]u64, out5: *[ out2[4] = x11; out2[5] = x12; out2[6] = x13; - out3[0] = x160; - out3[1] = x161; - out3[2] = x162; - out3[3] = x163; - out3[4] = x164; - out3[5] = x165; - out3[6] = x166; - out4[0] = x167; - out4[1] = x168; - out4[2] = x169; - out4[3] = x170; - out4[4] = x171; - out4[5] = x172; - out5[0] = x173; - out5[1] = x174; - out5[2] = x175; - out5[3] = x176; - out5[4] = x177; - out5[5] = x178; + out3[0] = x159; + out3[1] = x160; + out3[2] = x161; + out3[3] = x162; + out3[4] = x163; + out3[5] = x164; + out3[6] = x165; + out4[0] = x166; + out4[1] = x167; + out4[2] = x168; + out4[3] = x169; + out4[4] = x170; + out4[5] = x171; + out5[0] = x172; + out5[1] = x173; + out5[2] = x174; + out5[3] = x175; + out5[4] = x176; + out5[5] = x177; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p434_64.zig b/fiat-zig/src/p434_64.zig index 92d0fe3f68..6fc8cf5961 100644 --- a/fiat-zig/src/p434_64.zig +++ b/fiat-zig/src/p434_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -3775,157 +3773,109 @@ pub fn toBytes(out1: *[55]u8, arg1: [7]u64) void { const x5 = (arg1[2]); const x6 = (arg1[1]); const x7 = (arg1[0]); - const x8 = cast(u8, (x7 & cast(u64, 0xff))); - const x9 = (x7 >> 8); - const x10 = cast(u8, (x9 & cast(u64, 0xff))); - const x11 = (x9 >> 8); - const x12 = cast(u8, (x11 & cast(u64, 0xff))); - const x13 = (x11 >> 8); - const x14 = cast(u8, (x13 & cast(u64, 0xff))); - const x15 = (x13 >> 8); - const x16 = cast(u8, (x15 & cast(u64, 0xff))); - const x17 = (x15 >> 8); - const x18 = cast(u8, (x17 & cast(u64, 0xff))); - const x19 = (x17 >> 8); - const x20 = cast(u8, (x19 & cast(u64, 0xff))); - const x21 = cast(u8, (x19 >> 8)); - const x22 = cast(u8, (x6 & cast(u64, 0xff))); - const x23 = (x6 >> 8); - const x24 = cast(u8, (x23 & cast(u64, 0xff))); - const x25 = (x23 >> 8); - const x26 = cast(u8, (x25 & cast(u64, 0xff))); - const x27 = (x25 >> 8); - const x28 = cast(u8, (x27 & cast(u64, 0xff))); - const x29 = (x27 >> 8); - const x30 = cast(u8, (x29 & cast(u64, 0xff))); - const x31 = (x29 >> 8); - const x32 = cast(u8, (x31 & cast(u64, 0xff))); - const x33 = (x31 >> 8); - const x34 = cast(u8, (x33 & cast(u64, 0xff))); - const x35 = cast(u8, (x33 >> 8)); - const x36 = cast(u8, (x5 & cast(u64, 0xff))); - const x37 = (x5 >> 8); - const x38 = cast(u8, (x37 & cast(u64, 0xff))); - const x39 = (x37 >> 8); - const x40 = cast(u8, (x39 & cast(u64, 0xff))); - const x41 = (x39 >> 8); - const x42 = cast(u8, (x41 & cast(u64, 0xff))); - const x43 = (x41 >> 8); - const x44 = cast(u8, (x43 & cast(u64, 0xff))); - const x45 = (x43 >> 8); - const x46 = cast(u8, (x45 & cast(u64, 0xff))); - const x47 = (x45 >> 8); - const x48 = cast(u8, (x47 & cast(u64, 0xff))); - const x49 = cast(u8, (x47 >> 8)); - const x50 = cast(u8, (x4 & cast(u64, 0xff))); - const x51 = (x4 >> 8); - const x52 = cast(u8, (x51 & cast(u64, 0xff))); - const x53 = (x51 >> 8); - const x54 = cast(u8, (x53 & cast(u64, 0xff))); - const x55 = (x53 >> 8); - const x56 = cast(u8, (x55 & cast(u64, 0xff))); - const x57 = (x55 >> 8); - const x58 = cast(u8, (x57 & cast(u64, 0xff))); - const x59 = (x57 >> 8); - const x60 = cast(u8, (x59 & cast(u64, 0xff))); - const x61 = (x59 >> 8); - const x62 = cast(u8, (x61 & cast(u64, 0xff))); - const x63 = cast(u8, (x61 >> 8)); - const x64 = cast(u8, (x3 & cast(u64, 0xff))); - const x65 = (x3 >> 8); - const x66 = cast(u8, (x65 & cast(u64, 0xff))); - const x67 = (x65 >> 8); - const x68 = cast(u8, (x67 & cast(u64, 0xff))); - const x69 = (x67 >> 8); - const x70 = cast(u8, (x69 & cast(u64, 0xff))); - const x71 = (x69 >> 8); - const x72 = cast(u8, (x71 & cast(u64, 0xff))); - const x73 = (x71 >> 8); - const x74 = cast(u8, (x73 & cast(u64, 0xff))); - const x75 = (x73 >> 8); - const x76 = cast(u8, (x75 & cast(u64, 0xff))); - const x77 = cast(u8, (x75 >> 8)); - const x78 = cast(u8, (x2 & cast(u64, 0xff))); - const x79 = (x2 >> 8); - const x80 = cast(u8, (x79 & cast(u64, 0xff))); - const x81 = (x79 >> 8); - const x82 = cast(u8, (x81 & cast(u64, 0xff))); - const x83 = (x81 >> 8); - const x84 = cast(u8, (x83 & cast(u64, 0xff))); - const x85 = (x83 >> 8); - const x86 = cast(u8, (x85 & cast(u64, 0xff))); - const x87 = (x85 >> 8); - const x88 = cast(u8, (x87 & cast(u64, 0xff))); - const x89 = (x87 >> 8); - const x90 = cast(u8, (x89 & cast(u64, 0xff))); - const x91 = cast(u8, (x89 >> 8)); - const x92 = cast(u8, (x1 & cast(u64, 0xff))); - const x93 = (x1 >> 8); - const x94 = cast(u8, (x93 & cast(u64, 0xff))); - const x95 = (x93 >> 8); - const x96 = cast(u8, (x95 & cast(u64, 0xff))); - const x97 = (x95 >> 8); - const x98 = cast(u8, (x97 & cast(u64, 0xff))); - const x99 = (x97 >> 8); - const x100 = cast(u8, (x99 & cast(u64, 0xff))); - const x101 = (x99 >> 8); - const x102 = cast(u8, (x101 & cast(u64, 0xff))); - const x103 = cast(u8, (x101 >> 8)); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x14; - out1[4] = x16; - out1[5] = x18; - out1[6] = x20; - out1[7] = x21; - out1[8] = x22; - out1[9] = x24; - out1[10] = x26; - out1[11] = x28; - out1[12] = x30; - out1[13] = x32; - out1[14] = x34; - out1[15] = x35; - out1[16] = x36; - out1[17] = x38; - out1[18] = x40; - out1[19] = x42; - out1[20] = x44; - out1[21] = x46; - out1[22] = x48; - out1[23] = x49; - out1[24] = x50; - out1[25] = x52; - out1[26] = x54; - out1[27] = x56; - out1[28] = x58; - out1[29] = x60; - out1[30] = x62; - out1[31] = x63; - out1[32] = x64; - out1[33] = x66; - out1[34] = x68; - out1[35] = x70; - out1[36] = x72; - out1[37] = x74; - out1[38] = x76; - out1[39] = x77; - out1[40] = x78; - out1[41] = x80; - out1[42] = x82; - out1[43] = x84; - out1[44] = x86; - out1[45] = x88; - out1[46] = x90; - out1[47] = x91; - out1[48] = x92; - out1[49] = x94; - out1[50] = x96; - out1[51] = x98; - out1[52] = x100; - out1[53] = x102; - out1[54] = x103; + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = (x10 >> 8); + const x12 = (x11 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = (x17 >> 8); + const x19 = (x18 >> 8); + const x20 = (x19 >> 8); + const x21 = cast(u8, (x20 >> 8)); + const x22 = (x5 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = (x24 >> 8); + const x26 = (x25 >> 8); + const x27 = (x26 >> 8); + const x28 = cast(u8, (x27 >> 8)); + const x29 = (x4 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = (x31 >> 8); + const x33 = (x32 >> 8); + const x34 = (x33 >> 8); + const x35 = cast(u8, (x34 >> 8)); + const x36 = (x3 >> 8); + const x37 = (x36 >> 8); + const x38 = (x37 >> 8); + const x39 = (x38 >> 8); + const x40 = (x39 >> 8); + const x41 = (x40 >> 8); + const x42 = cast(u8, (x41 >> 8)); + const x43 = (x2 >> 8); + const x44 = (x43 >> 8); + const x45 = (x44 >> 8); + const x46 = (x45 >> 8); + const x47 = (x46 >> 8); + const x48 = (x47 >> 8); + const x49 = cast(u8, (x48 >> 8)); + const x50 = (x1 >> 8); + const x51 = (x50 >> 8); + const x52 = (x51 >> 8); + const x53 = (x52 >> 8); + const x54 = (x53 >> 8); + const x55 = cast(u8, (x54 >> 8)); + out1[0] = cast(u8, x7); + out1[1] = cast(u8, x8); + out1[2] = cast(u8, x9); + out1[3] = cast(u8, x10); + out1[4] = cast(u8, x11); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = cast(u8, x17); + out1[12] = cast(u8, x18); + out1[13] = cast(u8, x19); + out1[14] = cast(u8, x20); + out1[15] = x21; + out1[16] = cast(u8, x5); + out1[17] = cast(u8, x22); + out1[18] = cast(u8, x23); + out1[19] = cast(u8, x24); + out1[20] = cast(u8, x25); + out1[21] = cast(u8, x26); + out1[22] = cast(u8, x27); + out1[23] = x28; + out1[24] = cast(u8, x4); + out1[25] = cast(u8, x29); + out1[26] = cast(u8, x30); + out1[27] = cast(u8, x31); + out1[28] = cast(u8, x32); + out1[29] = cast(u8, x33); + out1[30] = cast(u8, x34); + out1[31] = x35; + out1[32] = cast(u8, x3); + out1[33] = cast(u8, x36); + out1[34] = cast(u8, x37); + out1[35] = cast(u8, x38); + out1[36] = cast(u8, x39); + out1[37] = cast(u8, x40); + out1[38] = cast(u8, x41); + out1[39] = x42; + out1[40] = cast(u8, x2); + out1[41] = cast(u8, x43); + out1[42] = cast(u8, x44); + out1[43] = cast(u8, x45); + out1[44] = cast(u8, x46); + out1[45] = cast(u8, x47); + out1[46] = cast(u8, x48); + out1[47] = x49; + out1[48] = cast(u8, x1); + out1[49] = cast(u8, x50); + out1[50] = cast(u8, x51); + out1[51] = cast(u8, x52); + out1[52] = cast(u8, x53); + out1[53] = cast(u8, x54); + out1[54] = x55; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4128,7 +4078,7 @@ pub fn divstep(out1: *u64, out2: *[8]u64, out3: *[8]u64, out4: *[7]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -4314,146 +4264,145 @@ pub fn divstep(out1: *u64, out2: *[8]u64, out3: *[8]u64, out4: *[7]u64, out5: *[ cmovznzU64(&x117, x3, (arg5[5]), x108); var x118: u64 = undefined; cmovznzU64(&x118, x3, (arg5[6]), x110); - const x119 = cast(u1, (x31 & cast(u64, 0x1))); + var x119: u64 = undefined; + cmovznzU64(&x119, cast(u1, x31), cast(u64, 0x0), x7); var x120: u64 = undefined; - cmovznzU64(&x120, x119, cast(u64, 0x0), x7); + cmovznzU64(&x120, cast(u1, x31), cast(u64, 0x0), x8); var x121: u64 = undefined; - cmovznzU64(&x121, x119, cast(u64, 0x0), x8); + cmovznzU64(&x121, cast(u1, x31), cast(u64, 0x0), x9); var x122: u64 = undefined; - cmovznzU64(&x122, x119, cast(u64, 0x0), x9); + cmovznzU64(&x122, cast(u1, x31), cast(u64, 0x0), x10); var x123: u64 = undefined; - cmovznzU64(&x123, x119, cast(u64, 0x0), x10); + cmovznzU64(&x123, cast(u1, x31), cast(u64, 0x0), x11); var x124: u64 = undefined; - cmovznzU64(&x124, x119, cast(u64, 0x0), x11); + cmovznzU64(&x124, cast(u1, x31), cast(u64, 0x0), x12); var x125: u64 = undefined; - cmovznzU64(&x125, x119, cast(u64, 0x0), x12); + cmovznzU64(&x125, cast(u1, x31), cast(u64, 0x0), x13); var x126: u64 = undefined; - cmovznzU64(&x126, x119, cast(u64, 0x0), x13); + cmovznzU64(&x126, cast(u1, x31), cast(u64, 0x0), x14); var x127: u64 = undefined; - cmovznzU64(&x127, x119, cast(u64, 0x0), x14); - var x128: u64 = undefined; - var x129: u1 = undefined; - addcarryxU64(&x128, &x129, 0x0, x31, x120); - var x130: u64 = undefined; - var x131: u1 = undefined; - addcarryxU64(&x130, &x131, x129, x32, x121); - var x132: u64 = undefined; - var x133: u1 = undefined; - addcarryxU64(&x132, &x133, x131, x33, x122); - var x134: u64 = undefined; - var x135: u1 = undefined; - addcarryxU64(&x134, &x135, x133, x34, x123); - var x136: u64 = undefined; - var x137: u1 = undefined; - addcarryxU64(&x136, &x137, x135, x35, x124); - var x138: u64 = undefined; - var x139: u1 = undefined; - addcarryxU64(&x138, &x139, x137, x36, x125); - var x140: u64 = undefined; - var x141: u1 = undefined; - addcarryxU64(&x140, &x141, x139, x37, x126); - var x142: u64 = undefined; - var x143: u1 = undefined; - addcarryxU64(&x142, &x143, x141, x38, x127); + var x128: u1 = undefined; + addcarryxU64(&x127, &x128, 0x0, x31, x119); + var x129: u64 = undefined; + var x130: u1 = undefined; + addcarryxU64(&x129, &x130, x128, x32, x120); + var x131: u64 = undefined; + var x132: u1 = undefined; + addcarryxU64(&x131, &x132, x130, x33, x121); + var x133: u64 = undefined; + var x134: u1 = undefined; + addcarryxU64(&x133, &x134, x132, x34, x122); + var x135: u64 = undefined; + var x136: u1 = undefined; + addcarryxU64(&x135, &x136, x134, x35, x123); + var x137: u64 = undefined; + var x138: u1 = undefined; + addcarryxU64(&x137, &x138, x136, x36, x124); + var x139: u64 = undefined; + var x140: u1 = undefined; + addcarryxU64(&x139, &x140, x138, x37, x125); + var x141: u64 = undefined; + var x142: u1 = undefined; + addcarryxU64(&x141, &x142, x140, x38, x126); + var x143: u64 = undefined; + cmovznzU64(&x143, cast(u1, x31), cast(u64, 0x0), x39); var x144: u64 = undefined; - cmovznzU64(&x144, x119, cast(u64, 0x0), x39); + cmovznzU64(&x144, cast(u1, x31), cast(u64, 0x0), x40); var x145: u64 = undefined; - cmovznzU64(&x145, x119, cast(u64, 0x0), x40); + cmovznzU64(&x145, cast(u1, x31), cast(u64, 0x0), x41); var x146: u64 = undefined; - cmovznzU64(&x146, x119, cast(u64, 0x0), x41); + cmovznzU64(&x146, cast(u1, x31), cast(u64, 0x0), x42); var x147: u64 = undefined; - cmovznzU64(&x147, x119, cast(u64, 0x0), x42); + cmovznzU64(&x147, cast(u1, x31), cast(u64, 0x0), x43); var x148: u64 = undefined; - cmovznzU64(&x148, x119, cast(u64, 0x0), x43); + cmovznzU64(&x148, cast(u1, x31), cast(u64, 0x0), x44); var x149: u64 = undefined; - cmovznzU64(&x149, x119, cast(u64, 0x0), x44); + cmovznzU64(&x149, cast(u1, x31), cast(u64, 0x0), x45); var x150: u64 = undefined; - cmovznzU64(&x150, x119, cast(u64, 0x0), x45); - var x151: u64 = undefined; - var x152: u1 = undefined; - addcarryxU64(&x151, &x152, 0x0, x112, x144); - var x153: u64 = undefined; - var x154: u1 = undefined; - addcarryxU64(&x153, &x154, x152, x113, x145); - var x155: u64 = undefined; - var x156: u1 = undefined; - addcarryxU64(&x155, &x156, x154, x114, x146); - var x157: u64 = undefined; - var x158: u1 = undefined; - addcarryxU64(&x157, &x158, x156, x115, x147); - var x159: u64 = undefined; - var x160: u1 = undefined; - addcarryxU64(&x159, &x160, x158, x116, x148); - var x161: u64 = undefined; - var x162: u1 = undefined; - addcarryxU64(&x161, &x162, x160, x117, x149); - var x163: u64 = undefined; - var x164: u1 = undefined; - addcarryxU64(&x163, &x164, x162, x118, x150); - var x165: u64 = undefined; - var x166: u1 = undefined; - subborrowxU64(&x165, &x166, 0x0, x151, 0xffffffffffffffff); - var x167: u64 = undefined; - var x168: u1 = undefined; - subborrowxU64(&x167, &x168, x166, x153, 0xffffffffffffffff); - var x169: u64 = undefined; - var x170: u1 = undefined; - subborrowxU64(&x169, &x170, x168, x155, 0xffffffffffffffff); - var x171: u64 = undefined; - var x172: u1 = undefined; - subborrowxU64(&x171, &x172, x170, x157, 0xfdc1767ae2ffffff); - var x173: u64 = undefined; - var x174: u1 = undefined; - subborrowxU64(&x173, &x174, x172, x159, 0x7bc65c783158aea3); - var x175: u64 = undefined; - var x176: u1 = undefined; - subborrowxU64(&x175, &x176, x174, x161, 0x6cfc5fd681c52056); - var x177: u64 = undefined; - var x178: u1 = undefined; - subborrowxU64(&x177, &x178, x176, x163, 0x2341f27177344); - var x179: u64 = undefined; - var x180: u1 = undefined; - subborrowxU64(&x179, &x180, x178, cast(u64, x164), cast(u64, 0x0)); - var x181: u64 = undefined; - var x182: u1 = undefined; - addcarryxU64(&x181, &x182, 0x0, x6, cast(u64, 0x1)); - const x183 = ((x128 >> 1) | ((x130 << 63) & 0xffffffffffffffff)); - const x184 = ((x130 >> 1) | ((x132 << 63) & 0xffffffffffffffff)); - const x185 = ((x132 >> 1) | ((x134 << 63) & 0xffffffffffffffff)); - const x186 = ((x134 >> 1) | ((x136 << 63) & 0xffffffffffffffff)); - const x187 = ((x136 >> 1) | ((x138 << 63) & 0xffffffffffffffff)); - const x188 = ((x138 >> 1) | ((x140 << 63) & 0xffffffffffffffff)); - const x189 = ((x140 >> 1) | ((x142 << 63) & 0xffffffffffffffff)); - const x190 = ((x142 & 0x8000000000000000) | (x142 >> 1)); + var x151: u1 = undefined; + addcarryxU64(&x150, &x151, 0x0, x112, x143); + var x152: u64 = undefined; + var x153: u1 = undefined; + addcarryxU64(&x152, &x153, x151, x113, x144); + var x154: u64 = undefined; + var x155: u1 = undefined; + addcarryxU64(&x154, &x155, x153, x114, x145); + var x156: u64 = undefined; + var x157: u1 = undefined; + addcarryxU64(&x156, &x157, x155, x115, x146); + var x158: u64 = undefined; + var x159: u1 = undefined; + addcarryxU64(&x158, &x159, x157, x116, x147); + var x160: u64 = undefined; + var x161: u1 = undefined; + addcarryxU64(&x160, &x161, x159, x117, x148); + var x162: u64 = undefined; + var x163: u1 = undefined; + addcarryxU64(&x162, &x163, x161, x118, x149); + var x164: u64 = undefined; + var x165: u1 = undefined; + subborrowxU64(&x164, &x165, 0x0, x150, 0xffffffffffffffff); + var x166: u64 = undefined; + var x167: u1 = undefined; + subborrowxU64(&x166, &x167, x165, x152, 0xffffffffffffffff); + var x168: u64 = undefined; + var x169: u1 = undefined; + subborrowxU64(&x168, &x169, x167, x154, 0xffffffffffffffff); + var x170: u64 = undefined; + var x171: u1 = undefined; + subborrowxU64(&x170, &x171, x169, x156, 0xfdc1767ae2ffffff); + var x172: u64 = undefined; + var x173: u1 = undefined; + subborrowxU64(&x172, &x173, x171, x158, 0x7bc65c783158aea3); + var x174: u64 = undefined; + var x175: u1 = undefined; + subborrowxU64(&x174, &x175, x173, x160, 0x6cfc5fd681c52056); + var x176: u64 = undefined; + var x177: u1 = undefined; + subborrowxU64(&x176, &x177, x175, x162, 0x2341f27177344); + var x178: u64 = undefined; + var x179: u1 = undefined; + subborrowxU64(&x178, &x179, x177, cast(u64, x163), cast(u64, 0x0)); + var x180: u64 = undefined; + var x181: u1 = undefined; + addcarryxU64(&x180, &x181, 0x0, x6, cast(u64, 0x1)); + const x182 = ((x127 >> 1) | ((x129 << 63) & 0xffffffffffffffff)); + const x183 = ((x129 >> 1) | ((x131 << 63) & 0xffffffffffffffff)); + const x184 = ((x131 >> 1) | ((x133 << 63) & 0xffffffffffffffff)); + const x185 = ((x133 >> 1) | ((x135 << 63) & 0xffffffffffffffff)); + const x186 = ((x135 >> 1) | ((x137 << 63) & 0xffffffffffffffff)); + const x187 = ((x137 >> 1) | ((x139 << 63) & 0xffffffffffffffff)); + const x188 = ((x139 >> 1) | ((x141 << 63) & 0xffffffffffffffff)); + const x189 = ((x141 & 0x8000000000000000) | (x141 >> 1)); + var x190: u64 = undefined; + cmovznzU64(&x190, x75, x60, x46); var x191: u64 = undefined; - cmovznzU64(&x191, x75, x60, x46); + cmovznzU64(&x191, x75, x62, x48); var x192: u64 = undefined; - cmovznzU64(&x192, x75, x62, x48); + cmovznzU64(&x192, x75, x64, x50); var x193: u64 = undefined; - cmovznzU64(&x193, x75, x64, x50); + cmovznzU64(&x193, x75, x66, x52); var x194: u64 = undefined; - cmovznzU64(&x194, x75, x66, x52); + cmovznzU64(&x194, x75, x68, x54); var x195: u64 = undefined; - cmovznzU64(&x195, x75, x68, x54); + cmovznzU64(&x195, x75, x70, x56); var x196: u64 = undefined; - cmovznzU64(&x196, x75, x70, x56); + cmovznzU64(&x196, x75, x72, x58); var x197: u64 = undefined; - cmovznzU64(&x197, x75, x72, x58); + cmovznzU64(&x197, x179, x164, x150); var x198: u64 = undefined; - cmovznzU64(&x198, x180, x165, x151); + cmovznzU64(&x198, x179, x166, x152); var x199: u64 = undefined; - cmovznzU64(&x199, x180, x167, x153); + cmovznzU64(&x199, x179, x168, x154); var x200: u64 = undefined; - cmovznzU64(&x200, x180, x169, x155); + cmovznzU64(&x200, x179, x170, x156); var x201: u64 = undefined; - cmovznzU64(&x201, x180, x171, x157); + cmovznzU64(&x201, x179, x172, x158); var x202: u64 = undefined; - cmovznzU64(&x202, x180, x173, x159); + cmovznzU64(&x202, x179, x174, x160); var x203: u64 = undefined; - cmovznzU64(&x203, x180, x175, x161); - var x204: u64 = undefined; - cmovznzU64(&x204, x180, x177, x163); - out1.* = x181; + cmovznzU64(&x203, x179, x176, x162); + out1.* = x180; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -4462,28 +4411,28 @@ pub fn divstep(out1: *u64, out2: *[8]u64, out3: *[8]u64, out4: *[7]u64, out5: *[ out2[5] = x12; out2[6] = x13; out2[7] = x14; - out3[0] = x183; - out3[1] = x184; - out3[2] = x185; - out3[3] = x186; - out3[4] = x187; - out3[5] = x188; - out3[6] = x189; - out3[7] = x190; - out4[0] = x191; - out4[1] = x192; - out4[2] = x193; - out4[3] = x194; - out4[4] = x195; - out4[5] = x196; - out4[6] = x197; - out5[0] = x198; - out5[1] = x199; - out5[2] = x200; - out5[3] = x201; - out5[4] = x202; - out5[5] = x203; - out5[6] = x204; + out3[0] = x182; + out3[1] = x183; + out3[2] = x184; + out3[3] = x185; + out3[4] = x186; + out3[5] = x187; + out3[6] = x188; + out3[7] = x189; + out4[0] = x190; + out4[1] = x191; + out4[2] = x192; + out4[3] = x193; + out4[4] = x194; + out4[5] = x195; + out4[6] = x196; + out5[0] = x197; + out5[1] = x198; + out5[2] = x199; + out5[3] = x200; + out5[4] = x201; + out5[5] = x202; + out5[6] = x203; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/p448_solinas_32.zig b/fiat-zig/src/p448_solinas_32.zig index 51f288def4..45f74c8f0f 100644 --- a/fiat-zig/src/p448_solinas_32.zig +++ b/fiat-zig/src/p448_solinas_32.zig @@ -1346,166 +1346,118 @@ pub fn toBytes(out1: *[56]u8, arg1: TightFieldElement) void { const x71 = (x44 << 4); const x72 = (x40 << 4); const x73 = (x36 << 4); - const x74 = cast(u8, (x34 & cast(u32, 0xff))); - const x75 = (x34 >> 8); - const x76 = cast(u8, (x75 & cast(u32, 0xff))); - const x77 = (x75 >> 8); - const x78 = cast(u8, (x77 & cast(u32, 0xff))); - const x79 = cast(u8, (x77 >> 8)); - const x80 = (x73 + cast(u32, x79)); - const x81 = cast(u8, (x80 & cast(u32, 0xff))); - const x82 = (x80 >> 8); - const x83 = cast(u8, (x82 & cast(u32, 0xff))); - const x84 = (x82 >> 8); - const x85 = cast(u8, (x84 & cast(u32, 0xff))); - const x86 = cast(u8, (x84 >> 8)); - const x87 = cast(u8, (x38 & cast(u32, 0xff))); - const x88 = (x38 >> 8); - const x89 = cast(u8, (x88 & cast(u32, 0xff))); - const x90 = (x88 >> 8); - const x91 = cast(u8, (x90 & cast(u32, 0xff))); - const x92 = cast(u8, (x90 >> 8)); - const x93 = (x72 + cast(u32, x92)); - const x94 = cast(u8, (x93 & cast(u32, 0xff))); - const x95 = (x93 >> 8); - const x96 = cast(u8, (x95 & cast(u32, 0xff))); - const x97 = (x95 >> 8); - const x98 = cast(u8, (x97 & cast(u32, 0xff))); - const x99 = cast(u8, (x97 >> 8)); - const x100 = cast(u8, (x42 & cast(u32, 0xff))); - const x101 = (x42 >> 8); - const x102 = cast(u8, (x101 & cast(u32, 0xff))); - const x103 = (x101 >> 8); - const x104 = cast(u8, (x103 & cast(u32, 0xff))); - const x105 = cast(u8, (x103 >> 8)); - const x106 = (x71 + cast(u32, x105)); - const x107 = cast(u8, (x106 & cast(u32, 0xff))); - const x108 = (x106 >> 8); - const x109 = cast(u8, (x108 & cast(u32, 0xff))); - const x110 = (x108 >> 8); - const x111 = cast(u8, (x110 & cast(u32, 0xff))); - const x112 = cast(u8, (x110 >> 8)); - const x113 = cast(u8, (x46 & cast(u32, 0xff))); - const x114 = (x46 >> 8); - const x115 = cast(u8, (x114 & cast(u32, 0xff))); - const x116 = (x114 >> 8); - const x117 = cast(u8, (x116 & cast(u32, 0xff))); - const x118 = cast(u8, (x116 >> 8)); - const x119 = (x70 + cast(u32, x118)); - const x120 = cast(u8, (x119 & cast(u32, 0xff))); - const x121 = (x119 >> 8); - const x122 = cast(u8, (x121 & cast(u32, 0xff))); - const x123 = (x121 >> 8); - const x124 = cast(u8, (x123 & cast(u32, 0xff))); - const x125 = cast(u8, (x123 >> 8)); - const x126 = cast(u8, (x50 & cast(u32, 0xff))); - const x127 = (x50 >> 8); - const x128 = cast(u8, (x127 & cast(u32, 0xff))); - const x129 = (x127 >> 8); - const x130 = cast(u8, (x129 & cast(u32, 0xff))); - const x131 = cast(u8, (x129 >> 8)); - const x132 = (x69 + cast(u32, x131)); - const x133 = cast(u8, (x132 & cast(u32, 0xff))); - const x134 = (x132 >> 8); - const x135 = cast(u8, (x134 & cast(u32, 0xff))); - const x136 = (x134 >> 8); - const x137 = cast(u8, (x136 & cast(u32, 0xff))); - const x138 = cast(u8, (x136 >> 8)); - const x139 = cast(u8, (x54 & cast(u32, 0xff))); - const x140 = (x54 >> 8); - const x141 = cast(u8, (x140 & cast(u32, 0xff))); - const x142 = (x140 >> 8); - const x143 = cast(u8, (x142 & cast(u32, 0xff))); - const x144 = cast(u8, (x142 >> 8)); - const x145 = (x68 + cast(u32, x144)); - const x146 = cast(u8, (x145 & cast(u32, 0xff))); - const x147 = (x145 >> 8); - const x148 = cast(u8, (x147 & cast(u32, 0xff))); - const x149 = (x147 >> 8); - const x150 = cast(u8, (x149 & cast(u32, 0xff))); - const x151 = cast(u8, (x149 >> 8)); - const x152 = cast(u8, (x58 & cast(u32, 0xff))); - const x153 = (x58 >> 8); - const x154 = cast(u8, (x153 & cast(u32, 0xff))); - const x155 = (x153 >> 8); - const x156 = cast(u8, (x155 & cast(u32, 0xff))); - const x157 = cast(u8, (x155 >> 8)); - const x158 = (x67 + cast(u32, x157)); - const x159 = cast(u8, (x158 & cast(u32, 0xff))); - const x160 = (x158 >> 8); - const x161 = cast(u8, (x160 & cast(u32, 0xff))); - const x162 = (x160 >> 8); - const x163 = cast(u8, (x162 & cast(u32, 0xff))); - const x164 = cast(u8, (x162 >> 8)); - const x165 = cast(u8, (x62 & cast(u32, 0xff))); - const x166 = (x62 >> 8); - const x167 = cast(u8, (x166 & cast(u32, 0xff))); - const x168 = (x166 >> 8); - const x169 = cast(u8, (x168 & cast(u32, 0xff))); - const x170 = cast(u8, (x168 >> 8)); - const x171 = (x66 + cast(u32, x170)); - const x172 = cast(u8, (x171 & cast(u32, 0xff))); - const x173 = (x171 >> 8); - const x174 = cast(u8, (x173 & cast(u32, 0xff))); - const x175 = (x173 >> 8); - const x176 = cast(u8, (x175 & cast(u32, 0xff))); - const x177 = cast(u8, (x175 >> 8)); - out1[0] = x74; - out1[1] = x76; - out1[2] = x78; - out1[3] = x81; - out1[4] = x83; - out1[5] = x85; - out1[6] = x86; - out1[7] = x87; - out1[8] = x89; - out1[9] = x91; - out1[10] = x94; - out1[11] = x96; - out1[12] = x98; - out1[13] = x99; - out1[14] = x100; - out1[15] = x102; - out1[16] = x104; - out1[17] = x107; - out1[18] = x109; - out1[19] = x111; - out1[20] = x112; - out1[21] = x113; - out1[22] = x115; - out1[23] = x117; - out1[24] = x120; - out1[25] = x122; - out1[26] = x124; - out1[27] = x125; - out1[28] = x126; - out1[29] = x128; - out1[30] = x130; - out1[31] = x133; - out1[32] = x135; - out1[33] = x137; - out1[34] = x138; - out1[35] = x139; - out1[36] = x141; - out1[37] = x143; - out1[38] = x146; - out1[39] = x148; - out1[40] = x150; - out1[41] = x151; - out1[42] = x152; - out1[43] = x154; - out1[44] = x156; - out1[45] = x159; - out1[46] = x161; - out1[47] = x163; - out1[48] = x164; - out1[49] = x165; - out1[50] = x167; - out1[51] = x169; - out1[52] = x172; - out1[53] = x174; - out1[54] = x176; - out1[55] = x177; + const x74 = (x34 >> 8); + const x75 = (x74 >> 8); + const x76 = cast(u8, (x75 >> 8)); + const x77 = (x73 + cast(u32, x76)); + const x78 = (x77 >> 8); + const x79 = (x78 >> 8); + const x80 = cast(u8, (x79 >> 8)); + const x81 = (x38 >> 8); + const x82 = (x81 >> 8); + const x83 = cast(u8, (x82 >> 8)); + const x84 = (x72 + cast(u32, x83)); + const x85 = (x84 >> 8); + const x86 = (x85 >> 8); + const x87 = cast(u8, (x86 >> 8)); + const x88 = (x42 >> 8); + const x89 = (x88 >> 8); + const x90 = cast(u8, (x89 >> 8)); + const x91 = (x71 + cast(u32, x90)); + const x92 = (x91 >> 8); + const x93 = (x92 >> 8); + const x94 = cast(u8, (x93 >> 8)); + const x95 = (x46 >> 8); + const x96 = (x95 >> 8); + const x97 = cast(u8, (x96 >> 8)); + const x98 = (x70 + cast(u32, x97)); + const x99 = (x98 >> 8); + const x100 = (x99 >> 8); + const x101 = cast(u8, (x100 >> 8)); + const x102 = (x50 >> 8); + const x103 = (x102 >> 8); + const x104 = cast(u8, (x103 >> 8)); + const x105 = (x69 + cast(u32, x104)); + const x106 = (x105 >> 8); + const x107 = (x106 >> 8); + const x108 = cast(u8, (x107 >> 8)); + const x109 = (x54 >> 8); + const x110 = (x109 >> 8); + const x111 = cast(u8, (x110 >> 8)); + const x112 = (x68 + cast(u32, x111)); + const x113 = (x112 >> 8); + const x114 = (x113 >> 8); + const x115 = cast(u8, (x114 >> 8)); + const x116 = (x58 >> 8); + const x117 = (x116 >> 8); + const x118 = cast(u8, (x117 >> 8)); + const x119 = (x67 + cast(u32, x118)); + const x120 = (x119 >> 8); + const x121 = (x120 >> 8); + const x122 = cast(u8, (x121 >> 8)); + const x123 = (x62 >> 8); + const x124 = (x123 >> 8); + const x125 = cast(u8, (x124 >> 8)); + const x126 = (x66 + cast(u32, x125)); + const x127 = (x126 >> 8); + const x128 = (x127 >> 8); + const x129 = cast(u8, (x128 >> 8)); + out1[0] = cast(u8, x34); + out1[1] = cast(u8, x74); + out1[2] = cast(u8, x75); + out1[3] = cast(u8, x77); + out1[4] = cast(u8, x78); + out1[5] = cast(u8, x79); + out1[6] = x80; + out1[7] = cast(u8, x38); + out1[8] = cast(u8, x81); + out1[9] = cast(u8, x82); + out1[10] = cast(u8, x84); + out1[11] = cast(u8, x85); + out1[12] = cast(u8, x86); + out1[13] = x87; + out1[14] = cast(u8, x42); + out1[15] = cast(u8, x88); + out1[16] = cast(u8, x89); + out1[17] = cast(u8, x91); + out1[18] = cast(u8, x92); + out1[19] = cast(u8, x93); + out1[20] = x94; + out1[21] = cast(u8, x46); + out1[22] = cast(u8, x95); + out1[23] = cast(u8, x96); + out1[24] = cast(u8, x98); + out1[25] = cast(u8, x99); + out1[26] = cast(u8, x100); + out1[27] = x101; + out1[28] = cast(u8, x50); + out1[29] = cast(u8, x102); + out1[30] = cast(u8, x103); + out1[31] = cast(u8, x105); + out1[32] = cast(u8, x106); + out1[33] = cast(u8, x107); + out1[34] = x108; + out1[35] = cast(u8, x54); + out1[36] = cast(u8, x109); + out1[37] = cast(u8, x110); + out1[38] = cast(u8, x112); + out1[39] = cast(u8, x113); + out1[40] = cast(u8, x114); + out1[41] = x115; + out1[42] = cast(u8, x58); + out1[43] = cast(u8, x116); + out1[44] = cast(u8, x117); + out1[45] = cast(u8, x119); + out1[46] = cast(u8, x120); + out1[47] = cast(u8, x121); + out1[48] = x122; + out1[49] = cast(u8, x62); + out1[50] = cast(u8, x123); + out1[51] = cast(u8, x124); + out1[52] = cast(u8, x126); + out1[53] = cast(u8, x127); + out1[54] = cast(u8, x128); + out1[55] = x129; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/p448_solinas_64.zig b/fiat-zig/src/p448_solinas_64.zig index 4a0aaf54e0..1f3c64b79a 100644 --- a/fiat-zig/src/p448_solinas_64.zig +++ b/fiat-zig/src/p448_solinas_64.zig @@ -624,158 +624,110 @@ pub fn toBytes(out1: *[56]u8, arg1: TightFieldElement) void { var x32: u64 = undefined; var x33: u1 = undefined; addcarryxU56(&x32, &x33, x31, x15, (x17 & 0xffffffffffffff)); - const x34 = cast(u8, (x18 & cast(u64, 0xff))); - const x35 = (x18 >> 8); - const x36 = cast(u8, (x35 & cast(u64, 0xff))); - const x37 = (x35 >> 8); - const x38 = cast(u8, (x37 & cast(u64, 0xff))); - const x39 = (x37 >> 8); - const x40 = cast(u8, (x39 & cast(u64, 0xff))); - const x41 = (x39 >> 8); - const x42 = cast(u8, (x41 & cast(u64, 0xff))); - const x43 = (x41 >> 8); - const x44 = cast(u8, (x43 & cast(u64, 0xff))); - const x45 = cast(u8, (x43 >> 8)); - const x46 = cast(u8, (x20 & cast(u64, 0xff))); - const x47 = (x20 >> 8); - const x48 = cast(u8, (x47 & cast(u64, 0xff))); - const x49 = (x47 >> 8); - const x50 = cast(u8, (x49 & cast(u64, 0xff))); - const x51 = (x49 >> 8); - const x52 = cast(u8, (x51 & cast(u64, 0xff))); - const x53 = (x51 >> 8); - const x54 = cast(u8, (x53 & cast(u64, 0xff))); - const x55 = (x53 >> 8); - const x56 = cast(u8, (x55 & cast(u64, 0xff))); - const x57 = cast(u8, (x55 >> 8)); - const x58 = cast(u8, (x22 & cast(u64, 0xff))); - const x59 = (x22 >> 8); - const x60 = cast(u8, (x59 & cast(u64, 0xff))); - const x61 = (x59 >> 8); - const x62 = cast(u8, (x61 & cast(u64, 0xff))); - const x63 = (x61 >> 8); - const x64 = cast(u8, (x63 & cast(u64, 0xff))); - const x65 = (x63 >> 8); - const x66 = cast(u8, (x65 & cast(u64, 0xff))); - const x67 = (x65 >> 8); - const x68 = cast(u8, (x67 & cast(u64, 0xff))); - const x69 = cast(u8, (x67 >> 8)); - const x70 = cast(u8, (x24 & cast(u64, 0xff))); - const x71 = (x24 >> 8); - const x72 = cast(u8, (x71 & cast(u64, 0xff))); - const x73 = (x71 >> 8); - const x74 = cast(u8, (x73 & cast(u64, 0xff))); - const x75 = (x73 >> 8); - const x76 = cast(u8, (x75 & cast(u64, 0xff))); - const x77 = (x75 >> 8); - const x78 = cast(u8, (x77 & cast(u64, 0xff))); - const x79 = (x77 >> 8); - const x80 = cast(u8, (x79 & cast(u64, 0xff))); - const x81 = cast(u8, (x79 >> 8)); - const x82 = cast(u8, (x26 & cast(u64, 0xff))); - const x83 = (x26 >> 8); - const x84 = cast(u8, (x83 & cast(u64, 0xff))); - const x85 = (x83 >> 8); - const x86 = cast(u8, (x85 & cast(u64, 0xff))); - const x87 = (x85 >> 8); - const x88 = cast(u8, (x87 & cast(u64, 0xff))); - const x89 = (x87 >> 8); - const x90 = cast(u8, (x89 & cast(u64, 0xff))); - const x91 = (x89 >> 8); - const x92 = cast(u8, (x91 & cast(u64, 0xff))); - const x93 = cast(u8, (x91 >> 8)); - const x94 = cast(u8, (x28 & cast(u64, 0xff))); - const x95 = (x28 >> 8); - const x96 = cast(u8, (x95 & cast(u64, 0xff))); - const x97 = (x95 >> 8); - const x98 = cast(u8, (x97 & cast(u64, 0xff))); - const x99 = (x97 >> 8); - const x100 = cast(u8, (x99 & cast(u64, 0xff))); - const x101 = (x99 >> 8); - const x102 = cast(u8, (x101 & cast(u64, 0xff))); - const x103 = (x101 >> 8); - const x104 = cast(u8, (x103 & cast(u64, 0xff))); - const x105 = cast(u8, (x103 >> 8)); - const x106 = cast(u8, (x30 & cast(u64, 0xff))); - const x107 = (x30 >> 8); - const x108 = cast(u8, (x107 & cast(u64, 0xff))); - const x109 = (x107 >> 8); - const x110 = cast(u8, (x109 & cast(u64, 0xff))); - const x111 = (x109 >> 8); - const x112 = cast(u8, (x111 & cast(u64, 0xff))); - const x113 = (x111 >> 8); - const x114 = cast(u8, (x113 & cast(u64, 0xff))); - const x115 = (x113 >> 8); - const x116 = cast(u8, (x115 & cast(u64, 0xff))); - const x117 = cast(u8, (x115 >> 8)); - const x118 = cast(u8, (x32 & cast(u64, 0xff))); - const x119 = (x32 >> 8); - const x120 = cast(u8, (x119 & cast(u64, 0xff))); - const x121 = (x119 >> 8); - const x122 = cast(u8, (x121 & cast(u64, 0xff))); - const x123 = (x121 >> 8); - const x124 = cast(u8, (x123 & cast(u64, 0xff))); - const x125 = (x123 >> 8); - const x126 = cast(u8, (x125 & cast(u64, 0xff))); - const x127 = (x125 >> 8); - const x128 = cast(u8, (x127 & cast(u64, 0xff))); - const x129 = cast(u8, (x127 >> 8)); - out1[0] = x34; - out1[1] = x36; - out1[2] = x38; - out1[3] = x40; - out1[4] = x42; - out1[5] = x44; - out1[6] = x45; - out1[7] = x46; - out1[8] = x48; - out1[9] = x50; - out1[10] = x52; - out1[11] = x54; - out1[12] = x56; - out1[13] = x57; - out1[14] = x58; - out1[15] = x60; - out1[16] = x62; - out1[17] = x64; - out1[18] = x66; - out1[19] = x68; - out1[20] = x69; - out1[21] = x70; - out1[22] = x72; - out1[23] = x74; - out1[24] = x76; - out1[25] = x78; - out1[26] = x80; - out1[27] = x81; - out1[28] = x82; - out1[29] = x84; - out1[30] = x86; - out1[31] = x88; - out1[32] = x90; - out1[33] = x92; - out1[34] = x93; - out1[35] = x94; - out1[36] = x96; - out1[37] = x98; - out1[38] = x100; - out1[39] = x102; - out1[40] = x104; - out1[41] = x105; - out1[42] = x106; - out1[43] = x108; - out1[44] = x110; - out1[45] = x112; - out1[46] = x114; - out1[47] = x116; - out1[48] = x117; - out1[49] = x118; - out1[50] = x120; - out1[51] = x122; - out1[52] = x124; - out1[53] = x126; - out1[54] = x128; - out1[55] = x129; + const x34 = (x18 >> 8); + const x35 = (x34 >> 8); + const x36 = (x35 >> 8); + const x37 = (x36 >> 8); + const x38 = (x37 >> 8); + const x39 = cast(u8, (x38 >> 8)); + const x40 = (x20 >> 8); + const x41 = (x40 >> 8); + const x42 = (x41 >> 8); + const x43 = (x42 >> 8); + const x44 = (x43 >> 8); + const x45 = cast(u8, (x44 >> 8)); + const x46 = (x22 >> 8); + const x47 = (x46 >> 8); + const x48 = (x47 >> 8); + const x49 = (x48 >> 8); + const x50 = (x49 >> 8); + const x51 = cast(u8, (x50 >> 8)); + const x52 = (x24 >> 8); + const x53 = (x52 >> 8); + const x54 = (x53 >> 8); + const x55 = (x54 >> 8); + const x56 = (x55 >> 8); + const x57 = cast(u8, (x56 >> 8)); + const x58 = (x26 >> 8); + const x59 = (x58 >> 8); + const x60 = (x59 >> 8); + const x61 = (x60 >> 8); + const x62 = (x61 >> 8); + const x63 = cast(u8, (x62 >> 8)); + const x64 = (x28 >> 8); + const x65 = (x64 >> 8); + const x66 = (x65 >> 8); + const x67 = (x66 >> 8); + const x68 = (x67 >> 8); + const x69 = cast(u8, (x68 >> 8)); + const x70 = (x30 >> 8); + const x71 = (x70 >> 8); + const x72 = (x71 >> 8); + const x73 = (x72 >> 8); + const x74 = (x73 >> 8); + const x75 = cast(u8, (x74 >> 8)); + const x76 = (x32 >> 8); + const x77 = (x76 >> 8); + const x78 = (x77 >> 8); + const x79 = (x78 >> 8); + const x80 = (x79 >> 8); + const x81 = cast(u8, (x80 >> 8)); + out1[0] = cast(u8, x18); + out1[1] = cast(u8, x34); + out1[2] = cast(u8, x35); + out1[3] = cast(u8, x36); + out1[4] = cast(u8, x37); + out1[5] = cast(u8, x38); + out1[6] = x39; + out1[7] = cast(u8, x20); + out1[8] = cast(u8, x40); + out1[9] = cast(u8, x41); + out1[10] = cast(u8, x42); + out1[11] = cast(u8, x43); + out1[12] = cast(u8, x44); + out1[13] = x45; + out1[14] = cast(u8, x22); + out1[15] = cast(u8, x46); + out1[16] = cast(u8, x47); + out1[17] = cast(u8, x48); + out1[18] = cast(u8, x49); + out1[19] = cast(u8, x50); + out1[20] = x51; + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x52); + out1[23] = cast(u8, x53); + out1[24] = cast(u8, x54); + out1[25] = cast(u8, x55); + out1[26] = cast(u8, x56); + out1[27] = x57; + out1[28] = cast(u8, x26); + out1[29] = cast(u8, x58); + out1[30] = cast(u8, x59); + out1[31] = cast(u8, x60); + out1[32] = cast(u8, x61); + out1[33] = cast(u8, x62); + out1[34] = x63; + out1[35] = cast(u8, x28); + out1[36] = cast(u8, x64); + out1[37] = cast(u8, x65); + out1[38] = cast(u8, x66); + out1[39] = cast(u8, x67); + out1[40] = cast(u8, x68); + out1[41] = x69; + out1[42] = cast(u8, x30); + out1[43] = cast(u8, x70); + out1[44] = cast(u8, x71); + out1[45] = cast(u8, x72); + out1[46] = cast(u8, x73); + out1[47] = cast(u8, x74); + out1[48] = x75; + out1[49] = cast(u8, x32); + out1[50] = cast(u8, x76); + out1[51] = cast(u8, x77); + out1[52] = cast(u8, x78); + out1[53] = cast(u8, x79); + out1[54] = cast(u8, x80); + out1[55] = x81; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/p521_32.zig b/fiat-zig/src/p521_32.zig index f29542c75e..653571475c 100644 --- a/fiat-zig/src/p521_32.zig +++ b/fiat-zig/src/p521_32.zig @@ -1386,214 +1386,151 @@ pub fn toBytes(out1: *[66]u8, arg1: TightFieldElement) void { const x91 = (x46 << 3); const x92 = (cast(u64, x44) << 7); const x93 = (x42 << 4); - const x94 = cast(u8, (x40 & cast(u32, 0xff))); - const x95 = (x40 >> 8); - const x96 = cast(u8, (x95 & cast(u32, 0xff))); - const x97 = (x95 >> 8); - const x98 = cast(u8, (x97 & cast(u32, 0xff))); - const x99 = cast(u8, (x97 >> 8)); - const x100 = (x93 + cast(u32, x99)); - const x101 = cast(u8, (x100 & cast(u32, 0xff))); - const x102 = (x100 >> 8); - const x103 = cast(u8, (x102 & cast(u32, 0xff))); - const x104 = (x102 >> 8); - const x105 = cast(u8, (x104 & cast(u32, 0xff))); - const x106 = cast(u8, (x104 >> 8)); - const x107 = (x92 + cast(u64, x106)); - const x108 = cast(u8, (x107 & cast(u64, 0xff))); - const x109 = cast(u32, (x107 >> 8)); - const x110 = cast(u8, (x109 & cast(u32, 0xff))); - const x111 = (x109 >> 8); - const x112 = cast(u8, (x111 & cast(u32, 0xff))); - const x113 = (x111 >> 8); - const x114 = cast(u8, (x113 & cast(u32, 0xff))); - const x115 = cast(u8, (x113 >> 8)); - const x116 = (x91 + cast(u32, x115)); - const x117 = cast(u8, (x116 & cast(u32, 0xff))); - const x118 = (x116 >> 8); - const x119 = cast(u8, (x118 & cast(u32, 0xff))); - const x120 = (x118 >> 8); - const x121 = cast(u8, (x120 & cast(u32, 0xff))); - const x122 = cast(u8, (x120 >> 8)); - const x123 = (x90 + cast(u64, x122)); - const x124 = cast(u8, (x123 & cast(u64, 0xff))); - const x125 = cast(u32, (x123 >> 8)); - const x126 = cast(u8, (x125 & cast(u32, 0xff))); - const x127 = (x125 >> 8); - const x128 = cast(u8, (x127 & cast(u32, 0xff))); - const x129 = (x127 >> 8); - const x130 = cast(u8, (x129 & cast(u32, 0xff))); - const x131 = cast(u8, (x129 >> 8)); - const x132 = (x89 + cast(u32, x131)); - const x133 = cast(u8, (x132 & cast(u32, 0xff))); - const x134 = (x132 >> 8); - const x135 = cast(u8, (x134 & cast(u32, 0xff))); - const x136 = (x134 >> 8); - const x137 = cast(u8, (x136 & cast(u32, 0xff))); - const x138 = cast(u8, (x136 >> 8)); - const x139 = (x88 + cast(u32, x138)); - const x140 = cast(u8, (x139 & cast(u32, 0xff))); - const x141 = (x139 >> 8); - const x142 = cast(u8, (x141 & cast(u32, 0xff))); - const x143 = (x141 >> 8); - const x144 = cast(u8, (x143 & cast(u32, 0xff))); - const x145 = cast(u8, (x143 >> 8)); - const x146 = cast(u8, (x54 & cast(u32, 0xff))); - const x147 = (x54 >> 8); - const x148 = cast(u8, (x147 & cast(u32, 0xff))); - const x149 = (x147 >> 8); - const x150 = cast(u8, (x149 & cast(u32, 0xff))); - const x151 = cast(u8, (x149 >> 8)); - const x152 = (x87 + cast(u32, x151)); - const x153 = cast(u8, (x152 & cast(u32, 0xff))); - const x154 = (x152 >> 8); - const x155 = cast(u8, (x154 & cast(u32, 0xff))); - const x156 = (x154 >> 8); - const x157 = cast(u8, (x156 & cast(u32, 0xff))); - const x158 = cast(u8, (x156 >> 8)); - const x159 = (x86 + cast(u64, x158)); - const x160 = cast(u8, (x159 & cast(u64, 0xff))); - const x161 = cast(u32, (x159 >> 8)); - const x162 = cast(u8, (x161 & cast(u32, 0xff))); - const x163 = (x161 >> 8); - const x164 = cast(u8, (x163 & cast(u32, 0xff))); - const x165 = (x163 >> 8); - const x166 = cast(u8, (x165 & cast(u32, 0xff))); - const x167 = cast(u8, (x165 >> 8)); - const x168 = (x85 + cast(u32, x167)); - const x169 = cast(u8, (x168 & cast(u32, 0xff))); - const x170 = (x168 >> 8); - const x171 = cast(u8, (x170 & cast(u32, 0xff))); - const x172 = (x170 >> 8); - const x173 = cast(u8, (x172 & cast(u32, 0xff))); - const x174 = cast(u8, (x172 >> 8)); - const x175 = (x84 + cast(u64, x174)); - const x176 = cast(u8, (x175 & cast(u64, 0xff))); - const x177 = cast(u32, (x175 >> 8)); - const x178 = cast(u8, (x177 & cast(u32, 0xff))); - const x179 = (x177 >> 8); - const x180 = cast(u8, (x179 & cast(u32, 0xff))); - const x181 = (x179 >> 8); - const x182 = cast(u8, (x181 & cast(u32, 0xff))); - const x183 = cast(u8, (x181 >> 8)); - const x184 = (x83 + cast(u32, x183)); - const x185 = cast(u8, (x184 & cast(u32, 0xff))); - const x186 = (x184 >> 8); - const x187 = cast(u8, (x186 & cast(u32, 0xff))); - const x188 = (x186 >> 8); - const x189 = cast(u8, (x188 & cast(u32, 0xff))); - const x190 = cast(u8, (x188 >> 8)); - const x191 = (x82 + cast(u32, x190)); - const x192 = cast(u8, (x191 & cast(u32, 0xff))); - const x193 = (x191 >> 8); - const x194 = cast(u8, (x193 & cast(u32, 0xff))); - const x195 = (x193 >> 8); - const x196 = cast(u8, (x195 & cast(u32, 0xff))); - const x197 = cast(u8, (x195 >> 8)); - const x198 = cast(u8, (x68 & cast(u32, 0xff))); - const x199 = (x68 >> 8); - const x200 = cast(u8, (x199 & cast(u32, 0xff))); - const x201 = (x199 >> 8); - const x202 = cast(u8, (x201 & cast(u32, 0xff))); - const x203 = cast(u8, (x201 >> 8)); - const x204 = (x81 + cast(u32, x203)); - const x205 = cast(u8, (x204 & cast(u32, 0xff))); - const x206 = (x204 >> 8); - const x207 = cast(u8, (x206 & cast(u32, 0xff))); - const x208 = (x206 >> 8); - const x209 = cast(u8, (x208 & cast(u32, 0xff))); - const x210 = cast(u8, (x208 >> 8)); - const x211 = (x80 + cast(u64, x210)); - const x212 = cast(u8, (x211 & cast(u64, 0xff))); - const x213 = cast(u32, (x211 >> 8)); - const x214 = cast(u8, (x213 & cast(u32, 0xff))); - const x215 = (x213 >> 8); - const x216 = cast(u8, (x215 & cast(u32, 0xff))); - const x217 = (x215 >> 8); - const x218 = cast(u8, (x217 & cast(u32, 0xff))); - const x219 = cast(u8, (x217 >> 8)); - const x220 = (x79 + cast(u32, x219)); - const x221 = cast(u8, (x220 & cast(u32, 0xff))); - const x222 = (x220 >> 8); - const x223 = cast(u8, (x222 & cast(u32, 0xff))); - const x224 = (x222 >> 8); - const x225 = cast(u8, (x224 & cast(u32, 0xff))); - const x226 = cast(u8, (x224 >> 8)); - const x227 = (x78 + cast(u64, x226)); - const x228 = cast(u8, (x227 & cast(u64, 0xff))); - const x229 = cast(u32, (x227 >> 8)); - const x230 = cast(u8, (x229 & cast(u32, 0xff))); - const x231 = (x229 >> 8); - const x232 = cast(u8, (x231 & cast(u32, 0xff))); - const x233 = (x231 >> 8); - const x234 = cast(u8, (x233 & cast(u32, 0xff))); - const x235 = cast(u1, (x233 >> 8)); - out1[0] = x94; - out1[1] = x96; - out1[2] = x98; - out1[3] = x101; - out1[4] = x103; - out1[5] = x105; - out1[6] = x108; - out1[7] = x110; - out1[8] = x112; - out1[9] = x114; - out1[10] = x117; - out1[11] = x119; - out1[12] = x121; - out1[13] = x124; - out1[14] = x126; - out1[15] = x128; - out1[16] = x130; - out1[17] = x133; - out1[18] = x135; - out1[19] = x137; - out1[20] = x140; - out1[21] = x142; - out1[22] = x144; - out1[23] = x145; - out1[24] = x146; - out1[25] = x148; - out1[26] = x150; - out1[27] = x153; - out1[28] = x155; - out1[29] = x157; - out1[30] = x160; - out1[31] = x162; - out1[32] = x164; - out1[33] = x166; - out1[34] = x169; - out1[35] = x171; - out1[36] = x173; - out1[37] = x176; - out1[38] = x178; - out1[39] = x180; - out1[40] = x182; - out1[41] = x185; - out1[42] = x187; - out1[43] = x189; - out1[44] = x192; - out1[45] = x194; - out1[46] = x196; - out1[47] = x197; - out1[48] = x198; - out1[49] = x200; - out1[50] = x202; - out1[51] = x205; - out1[52] = x207; - out1[53] = x209; - out1[54] = x212; - out1[55] = x214; - out1[56] = x216; - out1[57] = x218; - out1[58] = x221; - out1[59] = x223; - out1[60] = x225; - out1[61] = x228; - out1[62] = x230; - out1[63] = x232; - out1[64] = x234; - out1[65] = cast(u8, x235); + const x94 = (x40 >> 8); + const x95 = (x94 >> 8); + const x96 = cast(u8, (x95 >> 8)); + const x97 = (x93 + cast(u32, x96)); + const x98 = (x97 >> 8); + const x99 = (x98 >> 8); + const x100 = cast(u8, (x99 >> 8)); + const x101 = (x92 + cast(u64, x100)); + const x102 = cast(u32, (x101 >> 8)); + const x103 = (x102 >> 8); + const x104 = (x103 >> 8); + const x105 = cast(u8, (x104 >> 8)); + const x106 = (x91 + cast(u32, x105)); + const x107 = (x106 >> 8); + const x108 = (x107 >> 8); + const x109 = cast(u8, (x108 >> 8)); + const x110 = (x90 + cast(u64, x109)); + const x111 = cast(u32, (x110 >> 8)); + const x112 = (x111 >> 8); + const x113 = (x112 >> 8); + const x114 = cast(u8, (x113 >> 8)); + const x115 = (x89 + cast(u32, x114)); + const x116 = (x115 >> 8); + const x117 = (x116 >> 8); + const x118 = cast(u8, (x117 >> 8)); + const x119 = (x88 + cast(u32, x118)); + const x120 = (x119 >> 8); + const x121 = (x120 >> 8); + const x122 = cast(u8, (x121 >> 8)); + const x123 = (x54 >> 8); + const x124 = (x123 >> 8); + const x125 = cast(u8, (x124 >> 8)); + const x126 = (x87 + cast(u32, x125)); + const x127 = (x126 >> 8); + const x128 = (x127 >> 8); + const x129 = cast(u8, (x128 >> 8)); + const x130 = (x86 + cast(u64, x129)); + const x131 = cast(u32, (x130 >> 8)); + const x132 = (x131 >> 8); + const x133 = (x132 >> 8); + const x134 = cast(u8, (x133 >> 8)); + const x135 = (x85 + cast(u32, x134)); + const x136 = (x135 >> 8); + const x137 = (x136 >> 8); + const x138 = cast(u8, (x137 >> 8)); + const x139 = (x84 + cast(u64, x138)); + const x140 = cast(u32, (x139 >> 8)); + const x141 = (x140 >> 8); + const x142 = (x141 >> 8); + const x143 = cast(u8, (x142 >> 8)); + const x144 = (x83 + cast(u32, x143)); + const x145 = (x144 >> 8); + const x146 = (x145 >> 8); + const x147 = cast(u8, (x146 >> 8)); + const x148 = (x82 + cast(u32, x147)); + const x149 = (x148 >> 8); + const x150 = (x149 >> 8); + const x151 = cast(u8, (x150 >> 8)); + const x152 = (x68 >> 8); + const x153 = (x152 >> 8); + const x154 = cast(u8, (x153 >> 8)); + const x155 = (x81 + cast(u32, x154)); + const x156 = (x155 >> 8); + const x157 = (x156 >> 8); + const x158 = cast(u8, (x157 >> 8)); + const x159 = (x80 + cast(u64, x158)); + const x160 = cast(u32, (x159 >> 8)); + const x161 = (x160 >> 8); + const x162 = (x161 >> 8); + const x163 = cast(u8, (x162 >> 8)); + const x164 = (x79 + cast(u32, x163)); + const x165 = (x164 >> 8); + const x166 = (x165 >> 8); + const x167 = cast(u8, (x166 >> 8)); + const x168 = (x78 + cast(u64, x167)); + const x169 = cast(u32, (x168 >> 8)); + const x170 = (x169 >> 8); + const x171 = (x170 >> 8); + const x172 = cast(u1, (x171 >> 8)); + out1[0] = cast(u8, x40); + out1[1] = cast(u8, x94); + out1[2] = cast(u8, x95); + out1[3] = cast(u8, x97); + out1[4] = cast(u8, x98); + out1[5] = cast(u8, x99); + out1[6] = cast(u8, x101); + out1[7] = cast(u8, x102); + out1[8] = cast(u8, x103); + out1[9] = cast(u8, x104); + out1[10] = cast(u8, x106); + out1[11] = cast(u8, x107); + out1[12] = cast(u8, x108); + out1[13] = cast(u8, x110); + out1[14] = cast(u8, x111); + out1[15] = cast(u8, x112); + out1[16] = cast(u8, x113); + out1[17] = cast(u8, x115); + out1[18] = cast(u8, x116); + out1[19] = cast(u8, x117); + out1[20] = cast(u8, x119); + out1[21] = cast(u8, x120); + out1[22] = cast(u8, x121); + out1[23] = x122; + out1[24] = cast(u8, x54); + out1[25] = cast(u8, x123); + out1[26] = cast(u8, x124); + out1[27] = cast(u8, x126); + out1[28] = cast(u8, x127); + out1[29] = cast(u8, x128); + out1[30] = cast(u8, x130); + out1[31] = cast(u8, x131); + out1[32] = cast(u8, x132); + out1[33] = cast(u8, x133); + out1[34] = cast(u8, x135); + out1[35] = cast(u8, x136); + out1[36] = cast(u8, x137); + out1[37] = cast(u8, x139); + out1[38] = cast(u8, x140); + out1[39] = cast(u8, x141); + out1[40] = cast(u8, x142); + out1[41] = cast(u8, x144); + out1[42] = cast(u8, x145); + out1[43] = cast(u8, x146); + out1[44] = cast(u8, x148); + out1[45] = cast(u8, x149); + out1[46] = cast(u8, x150); + out1[47] = x151; + out1[48] = cast(u8, x68); + out1[49] = cast(u8, x152); + out1[50] = cast(u8, x153); + out1[51] = cast(u8, x155); + out1[52] = cast(u8, x156); + out1[53] = cast(u8, x157); + out1[54] = cast(u8, x159); + out1[55] = cast(u8, x160); + out1[56] = cast(u8, x161); + out1[57] = cast(u8, x162); + out1[58] = cast(u8, x164); + out1[59] = cast(u8, x165); + out1[60] = cast(u8, x166); + out1[61] = cast(u8, x168); + out1[62] = cast(u8, x169); + out1[63] = cast(u8, x170); + out1[64] = cast(u8, x171); + out1[65] = cast(u8, x172); } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/p521_64.zig b/fiat-zig/src/p521_64.zig index 80cb0f2b81..c1dc540dd8 100644 --- a/fiat-zig/src/p521_64.zig +++ b/fiat-zig/src/p521_64.zig @@ -651,204 +651,141 @@ pub fn toBytes(out1: *[66]u8, arg1: TightFieldElement) void { const x41 = (x26 << 6); const x42 = (x24 << 4); const x43 = (x22 << 2); - const x44 = cast(u8, (x20 & cast(u64, 0xff))); - const x45 = (x20 >> 8); - const x46 = cast(u8, (x45 & cast(u64, 0xff))); - const x47 = (x45 >> 8); - const x48 = cast(u8, (x47 & cast(u64, 0xff))); - const x49 = (x47 >> 8); - const x50 = cast(u8, (x49 & cast(u64, 0xff))); - const x51 = (x49 >> 8); - const x52 = cast(u8, (x51 & cast(u64, 0xff))); - const x53 = (x51 >> 8); - const x54 = cast(u8, (x53 & cast(u64, 0xff))); - const x55 = (x53 >> 8); - const x56 = cast(u8, (x55 & cast(u64, 0xff))); - const x57 = cast(u8, (x55 >> 8)); - const x58 = (x43 + cast(u64, x57)); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = (x58 >> 8); - const x61 = cast(u8, (x60 & cast(u64, 0xff))); - const x62 = (x60 >> 8); - const x63 = cast(u8, (x62 & cast(u64, 0xff))); - const x64 = (x62 >> 8); - const x65 = cast(u8, (x64 & cast(u64, 0xff))); - const x66 = (x64 >> 8); - const x67 = cast(u8, (x66 & cast(u64, 0xff))); - const x68 = (x66 >> 8); - const x69 = cast(u8, (x68 & cast(u64, 0xff))); - const x70 = (x68 >> 8); - const x71 = cast(u8, (x70 & cast(u64, 0xff))); - const x72 = cast(u8, (x70 >> 8)); - const x73 = (x42 + cast(u64, x72)); - const x74 = cast(u8, (x73 & cast(u64, 0xff))); - const x75 = (x73 >> 8); - const x76 = cast(u8, (x75 & cast(u64, 0xff))); - const x77 = (x75 >> 8); - const x78 = cast(u8, (x77 & cast(u64, 0xff))); - const x79 = (x77 >> 8); - const x80 = cast(u8, (x79 & cast(u64, 0xff))); - const x81 = (x79 >> 8); - const x82 = cast(u8, (x81 & cast(u64, 0xff))); - const x83 = (x81 >> 8); - const x84 = cast(u8, (x83 & cast(u64, 0xff))); - const x85 = (x83 >> 8); - const x86 = cast(u8, (x85 & cast(u64, 0xff))); - const x87 = cast(u8, (x85 >> 8)); - const x88 = (x41 + cast(u64, x87)); - const x89 = cast(u8, (x88 & cast(u64, 0xff))); - const x90 = (x88 >> 8); - const x91 = cast(u8, (x90 & cast(u64, 0xff))); - const x92 = (x90 >> 8); - const x93 = cast(u8, (x92 & cast(u64, 0xff))); - const x94 = (x92 >> 8); - const x95 = cast(u8, (x94 & cast(u64, 0xff))); - const x96 = (x94 >> 8); - const x97 = cast(u8, (x96 & cast(u64, 0xff))); - const x98 = (x96 >> 8); - const x99 = cast(u8, (x98 & cast(u64, 0xff))); - const x100 = (x98 >> 8); - const x101 = cast(u8, (x100 & cast(u64, 0xff))); - const x102 = cast(u8, (x100 >> 8)); - const x103 = cast(u8, (x28 & cast(u64, 0xff))); - const x104 = (x28 >> 8); - const x105 = cast(u8, (x104 & cast(u64, 0xff))); - const x106 = (x104 >> 8); - const x107 = cast(u8, (x106 & cast(u64, 0xff))); - const x108 = (x106 >> 8); - const x109 = cast(u8, (x108 & cast(u64, 0xff))); - const x110 = (x108 >> 8); - const x111 = cast(u8, (x110 & cast(u64, 0xff))); - const x112 = (x110 >> 8); - const x113 = cast(u8, (x112 & cast(u64, 0xff))); - const x114 = (x112 >> 8); - const x115 = cast(u8, (x114 & cast(u64, 0xff))); - const x116 = cast(u8, (x114 >> 8)); - const x117 = (x40 + cast(u64, x116)); - const x118 = cast(u8, (x117 & cast(u64, 0xff))); - const x119 = (x117 >> 8); - const x120 = cast(u8, (x119 & cast(u64, 0xff))); - const x121 = (x119 >> 8); - const x122 = cast(u8, (x121 & cast(u64, 0xff))); - const x123 = (x121 >> 8); - const x124 = cast(u8, (x123 & cast(u64, 0xff))); - const x125 = (x123 >> 8); - const x126 = cast(u8, (x125 & cast(u64, 0xff))); - const x127 = (x125 >> 8); - const x128 = cast(u8, (x127 & cast(u64, 0xff))); - const x129 = (x127 >> 8); - const x130 = cast(u8, (x129 & cast(u64, 0xff))); - const x131 = cast(u8, (x129 >> 8)); - const x132 = (x39 + cast(u64, x131)); - const x133 = cast(u8, (x132 & cast(u64, 0xff))); - const x134 = (x132 >> 8); - const x135 = cast(u8, (x134 & cast(u64, 0xff))); - const x136 = (x134 >> 8); - const x137 = cast(u8, (x136 & cast(u64, 0xff))); - const x138 = (x136 >> 8); - const x139 = cast(u8, (x138 & cast(u64, 0xff))); - const x140 = (x138 >> 8); - const x141 = cast(u8, (x140 & cast(u64, 0xff))); - const x142 = (x140 >> 8); - const x143 = cast(u8, (x142 & cast(u64, 0xff))); - const x144 = (x142 >> 8); - const x145 = cast(u8, (x144 & cast(u64, 0xff))); - const x146 = cast(u8, (x144 >> 8)); - const x147 = (x38 + cast(u64, x146)); - const x148 = cast(u8, (x147 & cast(u64, 0xff))); - const x149 = (x147 >> 8); - const x150 = cast(u8, (x149 & cast(u64, 0xff))); - const x151 = (x149 >> 8); - const x152 = cast(u8, (x151 & cast(u64, 0xff))); - const x153 = (x151 >> 8); - const x154 = cast(u8, (x153 & cast(u64, 0xff))); - const x155 = (x153 >> 8); - const x156 = cast(u8, (x155 & cast(u64, 0xff))); - const x157 = (x155 >> 8); - const x158 = cast(u8, (x157 & cast(u64, 0xff))); - const x159 = (x157 >> 8); - const x160 = cast(u8, (x159 & cast(u64, 0xff))); - const x161 = cast(u8, (x159 >> 8)); - const x162 = cast(u8, (x36 & cast(u64, 0xff))); - const x163 = (x36 >> 8); - const x164 = cast(u8, (x163 & cast(u64, 0xff))); - const x165 = (x163 >> 8); - const x166 = cast(u8, (x165 & cast(u64, 0xff))); - const x167 = (x165 >> 8); - const x168 = cast(u8, (x167 & cast(u64, 0xff))); - const x169 = (x167 >> 8); - const x170 = cast(u8, (x169 & cast(u64, 0xff))); - const x171 = (x169 >> 8); - const x172 = cast(u8, (x171 & cast(u64, 0xff))); - const x173 = (x171 >> 8); - const x174 = cast(u8, (x173 & cast(u64, 0xff))); - const x175 = cast(u1, (x173 >> 8)); - out1[0] = x44; - out1[1] = x46; - out1[2] = x48; - out1[3] = x50; - out1[4] = x52; - out1[5] = x54; - out1[6] = x56; - out1[7] = x59; - out1[8] = x61; - out1[9] = x63; - out1[10] = x65; - out1[11] = x67; - out1[12] = x69; - out1[13] = x71; - out1[14] = x74; - out1[15] = x76; - out1[16] = x78; - out1[17] = x80; - out1[18] = x82; - out1[19] = x84; - out1[20] = x86; - out1[21] = x89; - out1[22] = x91; - out1[23] = x93; - out1[24] = x95; - out1[25] = x97; - out1[26] = x99; - out1[27] = x101; - out1[28] = x102; - out1[29] = x103; - out1[30] = x105; - out1[31] = x107; - out1[32] = x109; - out1[33] = x111; - out1[34] = x113; - out1[35] = x115; - out1[36] = x118; - out1[37] = x120; - out1[38] = x122; - out1[39] = x124; - out1[40] = x126; - out1[41] = x128; - out1[42] = x130; - out1[43] = x133; - out1[44] = x135; - out1[45] = x137; - out1[46] = x139; - out1[47] = x141; - out1[48] = x143; - out1[49] = x145; - out1[50] = x148; - out1[51] = x150; - out1[52] = x152; - out1[53] = x154; - out1[54] = x156; - out1[55] = x158; - out1[56] = x160; - out1[57] = x161; - out1[58] = x162; - out1[59] = x164; - out1[60] = x166; - out1[61] = x168; - out1[62] = x170; - out1[63] = x172; - out1[64] = x174; - out1[65] = cast(u8, x175); + const x44 = (x20 >> 8); + const x45 = (x44 >> 8); + const x46 = (x45 >> 8); + const x47 = (x46 >> 8); + const x48 = (x47 >> 8); + const x49 = (x48 >> 8); + const x50 = cast(u8, (x49 >> 8)); + const x51 = (x43 + cast(u64, x50)); + const x52 = (x51 >> 8); + const x53 = (x52 >> 8); + const x54 = (x53 >> 8); + const x55 = (x54 >> 8); + const x56 = (x55 >> 8); + const x57 = (x56 >> 8); + const x58 = cast(u8, (x57 >> 8)); + const x59 = (x42 + cast(u64, x58)); + const x60 = (x59 >> 8); + const x61 = (x60 >> 8); + const x62 = (x61 >> 8); + const x63 = (x62 >> 8); + const x64 = (x63 >> 8); + const x65 = (x64 >> 8); + const x66 = cast(u8, (x65 >> 8)); + const x67 = (x41 + cast(u64, x66)); + const x68 = (x67 >> 8); + const x69 = (x68 >> 8); + const x70 = (x69 >> 8); + const x71 = (x70 >> 8); + const x72 = (x71 >> 8); + const x73 = (x72 >> 8); + const x74 = cast(u8, (x73 >> 8)); + const x75 = (x28 >> 8); + const x76 = (x75 >> 8); + const x77 = (x76 >> 8); + const x78 = (x77 >> 8); + const x79 = (x78 >> 8); + const x80 = (x79 >> 8); + const x81 = cast(u8, (x80 >> 8)); + const x82 = (x40 + cast(u64, x81)); + const x83 = (x82 >> 8); + const x84 = (x83 >> 8); + const x85 = (x84 >> 8); + const x86 = (x85 >> 8); + const x87 = (x86 >> 8); + const x88 = (x87 >> 8); + const x89 = cast(u8, (x88 >> 8)); + const x90 = (x39 + cast(u64, x89)); + const x91 = (x90 >> 8); + const x92 = (x91 >> 8); + const x93 = (x92 >> 8); + const x94 = (x93 >> 8); + const x95 = (x94 >> 8); + const x96 = (x95 >> 8); + const x97 = cast(u8, (x96 >> 8)); + const x98 = (x38 + cast(u64, x97)); + const x99 = (x98 >> 8); + const x100 = (x99 >> 8); + const x101 = (x100 >> 8); + const x102 = (x101 >> 8); + const x103 = (x102 >> 8); + const x104 = (x103 >> 8); + const x105 = cast(u8, (x104 >> 8)); + const x106 = (x36 >> 8); + const x107 = (x106 >> 8); + const x108 = (x107 >> 8); + const x109 = (x108 >> 8); + const x110 = (x109 >> 8); + const x111 = (x110 >> 8); + const x112 = cast(u1, (x111 >> 8)); + out1[0] = cast(u8, x20); + out1[1] = cast(u8, x44); + out1[2] = cast(u8, x45); + out1[3] = cast(u8, x46); + out1[4] = cast(u8, x47); + out1[5] = cast(u8, x48); + out1[6] = cast(u8, x49); + out1[7] = cast(u8, x51); + out1[8] = cast(u8, x52); + out1[9] = cast(u8, x53); + out1[10] = cast(u8, x54); + out1[11] = cast(u8, x55); + out1[12] = cast(u8, x56); + out1[13] = cast(u8, x57); + out1[14] = cast(u8, x59); + out1[15] = cast(u8, x60); + out1[16] = cast(u8, x61); + out1[17] = cast(u8, x62); + out1[18] = cast(u8, x63); + out1[19] = cast(u8, x64); + out1[20] = cast(u8, x65); + out1[21] = cast(u8, x67); + out1[22] = cast(u8, x68); + out1[23] = cast(u8, x69); + out1[24] = cast(u8, x70); + out1[25] = cast(u8, x71); + out1[26] = cast(u8, x72); + out1[27] = cast(u8, x73); + out1[28] = x74; + out1[29] = cast(u8, x28); + out1[30] = cast(u8, x75); + out1[31] = cast(u8, x76); + out1[32] = cast(u8, x77); + out1[33] = cast(u8, x78); + out1[34] = cast(u8, x79); + out1[35] = cast(u8, x80); + out1[36] = cast(u8, x82); + out1[37] = cast(u8, x83); + out1[38] = cast(u8, x84); + out1[39] = cast(u8, x85); + out1[40] = cast(u8, x86); + out1[41] = cast(u8, x87); + out1[42] = cast(u8, x88); + out1[43] = cast(u8, x90); + out1[44] = cast(u8, x91); + out1[45] = cast(u8, x92); + out1[46] = cast(u8, x93); + out1[47] = cast(u8, x94); + out1[48] = cast(u8, x95); + out1[49] = cast(u8, x96); + out1[50] = cast(u8, x98); + out1[51] = cast(u8, x99); + out1[52] = cast(u8, x100); + out1[53] = cast(u8, x101); + out1[54] = cast(u8, x102); + out1[55] = cast(u8, x103); + out1[56] = cast(u8, x104); + out1[57] = x105; + out1[58] = cast(u8, x36); + out1[59] = cast(u8, x106); + out1[60] = cast(u8, x107); + out1[61] = cast(u8, x108); + out1[62] = cast(u8, x109); + out1[63] = cast(u8, x110); + out1[64] = cast(u8, x111); + out1[65] = cast(u8, x112); } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/poly1305_32.zig b/fiat-zig/src/poly1305_32.zig index a0ba34a4bf..3cb3b50853 100644 --- a/fiat-zig/src/poly1305_32.zig +++ b/fiat-zig/src/poly1305_32.zig @@ -398,56 +398,41 @@ pub fn toBytes(out1: *[17]u8, arg1: TightFieldElement) void { const x22 = (x18 << 6); const x23 = (x16 << 4); const x24 = (x14 << 2); - const x25 = cast(u8, (x12 & cast(u32, 0xff))); - const x26 = (x12 >> 8); - const x27 = cast(u8, (x26 & cast(u32, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = cast(u8, (x28 >> 8)); - const x31 = (x24 + cast(u32, x30)); - const x32 = cast(u8, (x31 & cast(u32, 0xff))); - const x33 = (x31 >> 8); - const x34 = cast(u8, (x33 & cast(u32, 0xff))); - const x35 = (x33 >> 8); - const x36 = cast(u8, (x35 & cast(u32, 0xff))); - const x37 = cast(u8, (x35 >> 8)); - const x38 = (x23 + cast(u32, x37)); - const x39 = cast(u8, (x38 & cast(u32, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = (x22 + cast(u32, x44)); - const x46 = cast(u8, (x45 & cast(u32, 0xff))); - const x47 = (x45 >> 8); - const x48 = cast(u8, (x47 & cast(u32, 0xff))); - const x49 = (x47 >> 8); - const x50 = cast(u8, (x49 & cast(u32, 0xff))); - const x51 = cast(u8, (x49 >> 8)); - const x52 = cast(u8, (x20 & cast(u32, 0xff))); - const x53 = (x20 >> 8); - const x54 = cast(u8, (x53 & cast(u32, 0xff))); - const x55 = (x53 >> 8); - const x56 = cast(u8, (x55 & cast(u32, 0xff))); - const x57 = cast(u8, (x55 >> 8)); - out1[0] = x25; - out1[1] = x27; - out1[2] = x29; - out1[3] = x32; - out1[4] = x34; - out1[5] = x36; - out1[6] = x39; - out1[7] = x41; - out1[8] = x43; - out1[9] = x46; - out1[10] = x48; - out1[11] = x50; - out1[12] = x51; - out1[13] = x52; - out1[14] = x54; - out1[15] = x56; - out1[16] = x57; + const x25 = (x12 >> 8); + const x26 = (x25 >> 8); + const x27 = cast(u8, (x26 >> 8)); + const x28 = (x24 + cast(u32, x27)); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = cast(u8, (x30 >> 8)); + const x32 = (x23 + cast(u32, x31)); + const x33 = (x32 >> 8); + const x34 = (x33 >> 8); + const x35 = cast(u8, (x34 >> 8)); + const x36 = (x22 + cast(u32, x35)); + const x37 = (x36 >> 8); + const x38 = (x37 >> 8); + const x39 = cast(u8, (x38 >> 8)); + const x40 = (x20 >> 8); + const x41 = (x40 >> 8); + const x42 = cast(u8, (x41 >> 8)); + out1[0] = cast(u8, x12); + out1[1] = cast(u8, x25); + out1[2] = cast(u8, x26); + out1[3] = cast(u8, x28); + out1[4] = cast(u8, x29); + out1[5] = cast(u8, x30); + out1[6] = cast(u8, x32); + out1[7] = cast(u8, x33); + out1[8] = cast(u8, x34); + out1[9] = cast(u8, x36); + out1[10] = cast(u8, x37); + out1[11] = cast(u8, x38); + out1[12] = x39; + out1[13] = cast(u8, x20); + out1[14] = cast(u8, x40); + out1[15] = cast(u8, x41); + out1[16] = x42; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/poly1305_64.zig b/fiat-zig/src/poly1305_64.zig index af037dd614..bb4de2f69c 100644 --- a/fiat-zig/src/poly1305_64.zig +++ b/fiat-zig/src/poly1305_64.zig @@ -358,57 +358,41 @@ pub fn toBytes(out1: *[17]u8, arg1: TightFieldElement) void { addcarryxU43(&x12, &x13, x11, x5, (x7 & 0x7ffffffffff)); const x14 = (x12 << 7); const x15 = (x10 << 4); - const x16 = cast(u8, (x8 & cast(u64, 0xff))); - const x17 = (x8 >> 8); - const x18 = cast(u8, (x17 & cast(u64, 0xff))); - const x19 = (x17 >> 8); - const x20 = cast(u8, (x19 & cast(u64, 0xff))); - const x21 = (x19 >> 8); - const x22 = cast(u8, (x21 & cast(u64, 0xff))); - const x23 = (x21 >> 8); - const x24 = cast(u8, (x23 & cast(u64, 0xff))); - const x25 = cast(u8, (x23 >> 8)); - const x26 = (x15 + cast(u64, x25)); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = (x30 >> 8); - const x33 = cast(u8, (x32 & cast(u64, 0xff))); - const x34 = (x32 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = cast(u8, (x34 >> 8)); - const x37 = (x14 + cast(u64, x36)); - const x38 = cast(u8, (x37 & cast(u64, 0xff))); - const x39 = (x37 >> 8); - const x40 = cast(u8, (x39 & cast(u64, 0xff))); - const x41 = (x39 >> 8); - const x42 = cast(u8, (x41 & cast(u64, 0xff))); - const x43 = (x41 >> 8); - const x44 = cast(u8, (x43 & cast(u64, 0xff))); - const x45 = (x43 >> 8); - const x46 = cast(u8, (x45 & cast(u64, 0xff))); - const x47 = (x45 >> 8); - const x48 = cast(u8, (x47 & cast(u64, 0xff))); - const x49 = cast(u8, (x47 >> 8)); - out1[0] = x16; - out1[1] = x18; - out1[2] = x20; - out1[3] = x22; - out1[4] = x24; - out1[5] = x27; - out1[6] = x29; - out1[7] = x31; - out1[8] = x33; - out1[9] = x35; - out1[10] = x38; - out1[11] = x40; - out1[12] = x42; - out1[13] = x44; - out1[14] = x46; - out1[15] = x48; - out1[16] = x49; + const x16 = (x8 >> 8); + const x17 = (x16 >> 8); + const x18 = (x17 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x15 + cast(u64, x20)); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x14 + cast(u64, x26)); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = (x31 >> 8); + const x33 = cast(u8, (x32 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x16); + out1[2] = cast(u8, x17); + out1[3] = cast(u8, x18); + out1[4] = cast(u8, x19); + out1[5] = cast(u8, x21); + out1[6] = cast(u8, x22); + out1[7] = cast(u8, x23); + out1[8] = cast(u8, x24); + out1[9] = cast(u8, x25); + out1[10] = cast(u8, x27); + out1[11] = cast(u8, x28); + out1[12] = cast(u8, x29); + out1[13] = cast(u8, x30); + out1[14] = cast(u8, x31); + out1[15] = cast(u8, x32); + out1[16] = x33; } /// The function fromBytes deserializes a field element from bytes in little-endian order. diff --git a/fiat-zig/src/secp256k1_dettman_64.zig b/fiat-zig/src/secp256k1_dettman_64.zig index 19d45ab0e1..405025209a 100644 --- a/fiat-zig/src/secp256k1_dettman_64.zig +++ b/fiat-zig/src/secp256k1_dettman_64.zig @@ -43,42 +43,40 @@ pub fn mul(out1: *[5]u64, arg1: [5]u64, arg2: [5]u64) void { const x1 = (cast(u128, (arg1[4])) * cast(u128, (arg2[4]))); const x2 = cast(u64, (x1 >> 64)); - const x3 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x4 = (((cast(u128, (arg1[0])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[3])) * cast(u128, (arg2[0])))))) + (cast(u128, x3) * cast(u128, 0x1000003d10))); - const x5 = cast(u64, (x4 >> 52)); - const x6 = cast(u64, (x4 & cast(u128, 0xfffffffffffff))); - const x7 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[0]))))))) + cast(u128, x5)) + (cast(u128, x2) * cast(u128, 0x1000003d10000))); - const x8 = cast(u64, (x7 >> 52)); - const x9 = cast(u64, (x7 & cast(u128, 0xfffffffffffff))); - const x10 = (x9 >> 48); - const x11 = (x9 & 0xffffffffffff); - const x12 = (((cast(u128, (arg1[1])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[2]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[1])))))) + cast(u128, x8)); - const x13 = cast(u64, (x12 >> 52)); - const x14 = cast(u64, (x12 & cast(u128, 0xfffffffffffff))); - const x15 = ((cast(u128, (arg1[0])) * cast(u128, (arg2[0]))) + (cast(u128, ((x14 << 4) + x10)) * cast(u128, 0x1000003d1))); - const x16 = cast(u64, (x15 >> 52)); - const x17 = cast(u64, (x15 & cast(u128, 0xfffffffffffff))); - const x18 = (((cast(u128, (arg1[2])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[3]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[2]))))) + cast(u128, x13)); - const x19 = cast(u64, (x18 >> 52)); - const x20 = cast(u64, (x18 & cast(u128, 0xfffffffffffff))); - const x21 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[1])) * cast(u128, (arg2[0])))) + cast(u128, x16)) + (cast(u128, x20) * cast(u128, 0x1000003d10))); - const x22 = cast(u64, (x21 >> 52)); - const x23 = cast(u64, (x21 & cast(u128, 0xfffffffffffff))); - const x24 = (((cast(u128, (arg1[3])) * cast(u128, (arg2[4]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[3])))) + cast(u128, x19)); - const x25 = cast(u64, (x24 >> 64)); - const x26 = cast(u64, (x24 & cast(u128, 0xffffffffffffffff))); - const x27 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[2])) * cast(u128, (arg2[0]))))) + cast(u128, x22)) + (cast(u128, x26) * cast(u128, 0x1000003d10))); - const x28 = cast(u64, (x27 >> 52)); - const x29 = cast(u64, (x27 & cast(u128, 0xfffffffffffff))); - const x30 = (cast(u128, (x6 + x28)) + (cast(u128, x25) * cast(u128, 0x1000003d10000))); - const x31 = cast(u64, (x30 >> 52)); - const x32 = cast(u64, (x30 & cast(u128, 0xfffffffffffff))); - const x33 = (x11 + x31); - out1[0] = x17; - out1[1] = x23; - out1[2] = x29; - out1[3] = x32; - out1[4] = x33; + const x3 = (((cast(u128, (arg1[0])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[3])) * cast(u128, (arg2[0])))))) + (cast(u128, cast(u64, x1)) * cast(u128, 0x1000003d10))); + const x4 = cast(u64, (x3 >> 52)); + const x5 = cast(u64, (x3 & cast(u128, 0xfffffffffffff))); + const x6 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[0]))))))) + cast(u128, x4)) + (cast(u128, x2) * cast(u128, 0x1000003d10000))); + const x7 = cast(u64, (x6 >> 52)); + const x8 = cast(u64, (x6 & cast(u128, 0xfffffffffffff))); + const x9 = (x8 >> 48); + const x10 = (x8 & 0xffffffffffff); + const x11 = (((cast(u128, (arg1[1])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[2])) * cast(u128, (arg2[3]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[2]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[1])))))) + cast(u128, x7)); + const x12 = cast(u64, (x11 >> 52)); + const x13 = cast(u64, (x11 & cast(u128, 0xfffffffffffff))); + const x14 = ((cast(u128, (arg1[0])) * cast(u128, (arg2[0]))) + (cast(u128, ((x13 << 4) + x9)) * cast(u128, 0x1000003d1))); + const x15 = cast(u64, (x14 >> 52)); + const x16 = cast(u64, (x14 & cast(u128, 0xfffffffffffff))); + const x17 = (((cast(u128, (arg1[2])) * cast(u128, (arg2[4]))) + ((cast(u128, (arg1[3])) * cast(u128, (arg2[3]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[2]))))) + cast(u128, x12)); + const x18 = cast(u64, (x17 >> 52)); + const x19 = cast(u64, (x17 & cast(u128, 0xfffffffffffff))); + const x20 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[1])) * cast(u128, (arg2[0])))) + cast(u128, x15)) + (cast(u128, x19) * cast(u128, 0x1000003d10))); + const x21 = cast(u64, (x20 >> 52)); + const x22 = cast(u64, (x20 & cast(u128, 0xfffffffffffff))); + const x23 = (((cast(u128, (arg1[3])) * cast(u128, (arg2[4]))) + (cast(u128, (arg1[4])) * cast(u128, (arg2[3])))) + cast(u128, x18)); + const x24 = cast(u64, (x23 >> 64)); + const x25 = ((((cast(u128, (arg1[0])) * cast(u128, (arg2[2]))) + ((cast(u128, (arg1[1])) * cast(u128, (arg2[1]))) + (cast(u128, (arg1[2])) * cast(u128, (arg2[0]))))) + cast(u128, x21)) + (cast(u128, cast(u64, x23)) * cast(u128, 0x1000003d10))); + const x26 = cast(u64, (x25 >> 52)); + const x27 = cast(u64, (x25 & cast(u128, 0xfffffffffffff))); + const x28 = (cast(u128, (x5 + x26)) + (cast(u128, x24) * cast(u128, 0x1000003d10000))); + const x29 = cast(u64, (x28 >> 52)); + const x30 = cast(u64, (x28 & cast(u128, 0xfffffffffffff))); + const x31 = (x10 + x29); + out1[0] = x16; + out1[1] = x22; + out1[2] = x27; + out1[3] = x30; + out1[4] = x31; } /// The function square squares a field element. @@ -99,40 +97,38 @@ pub fn square(out1: *[5]u64, arg1: [5]u64) void { const x4 = ((arg1[0]) * 0x2); const x5 = (cast(u128, (arg1[4])) * cast(u128, (arg1[4]))); const x6 = cast(u64, (x5 >> 64)); - const x7 = cast(u64, (x5 & cast(u128, 0xffffffffffffffff))); - const x8 = (((cast(u128, x4) * cast(u128, (arg1[3]))) + (cast(u128, x3) * cast(u128, (arg1[2])))) + (cast(u128, x7) * cast(u128, 0x1000003d10))); - const x9 = cast(u64, (x8 >> 52)); - const x10 = cast(u64, (x8 & cast(u128, 0xfffffffffffff))); - const x11 = ((((cast(u128, x4) * cast(u128, (arg1[4]))) + ((cast(u128, x3) * cast(u128, (arg1[3]))) + (cast(u128, (arg1[2])) * cast(u128, (arg1[2]))))) + cast(u128, x9)) + (cast(u128, x6) * cast(u128, 0x1000003d10000))); - const x12 = cast(u64, (x11 >> 52)); - const x13 = cast(u64, (x11 & cast(u128, 0xfffffffffffff))); - const x14 = (x13 >> 48); - const x15 = (x13 & 0xffffffffffff); - const x16 = (((cast(u128, x3) * cast(u128, (arg1[4]))) + (cast(u128, x2) * cast(u128, (arg1[3])))) + cast(u128, x12)); - const x17 = cast(u64, (x16 >> 52)); - const x18 = cast(u64, (x16 & cast(u128, 0xfffffffffffff))); - const x19 = ((cast(u128, (arg1[0])) * cast(u128, (arg1[0]))) + (cast(u128, ((x18 << 4) + x14)) * cast(u128, 0x1000003d1))); - const x20 = cast(u64, (x19 >> 52)); - const x21 = cast(u64, (x19 & cast(u128, 0xfffffffffffff))); - const x22 = (((cast(u128, x2) * cast(u128, (arg1[4]))) + (cast(u128, (arg1[3])) * cast(u128, (arg1[3])))) + cast(u128, x17)); - const x23 = cast(u64, (x22 >> 52)); - const x24 = cast(u64, (x22 & cast(u128, 0xfffffffffffff))); - const x25 = (((cast(u128, x4) * cast(u128, (arg1[1]))) + cast(u128, x20)) + (cast(u128, x24) * cast(u128, 0x1000003d10))); - const x26 = cast(u64, (x25 >> 52)); - const x27 = cast(u64, (x25 & cast(u128, 0xfffffffffffff))); - const x28 = ((cast(u128, x1) * cast(u128, (arg1[4]))) + cast(u128, x23)); - const x29 = cast(u64, (x28 >> 64)); - const x30 = cast(u64, (x28 & cast(u128, 0xffffffffffffffff))); - const x31 = ((((cast(u128, x4) * cast(u128, (arg1[2]))) + (cast(u128, (arg1[1])) * cast(u128, (arg1[1])))) + cast(u128, x26)) + (cast(u128, x30) * cast(u128, 0x1000003d10))); - const x32 = cast(u64, (x31 >> 52)); - const x33 = cast(u64, (x31 & cast(u128, 0xfffffffffffff))); - const x34 = (cast(u128, (x10 + x32)) + (cast(u128, x29) * cast(u128, 0x1000003d10000))); - const x35 = cast(u64, (x34 >> 52)); - const x36 = cast(u64, (x34 & cast(u128, 0xfffffffffffff))); - const x37 = (x15 + x35); - out1[0] = x21; - out1[1] = x27; - out1[2] = x33; - out1[3] = x36; - out1[4] = x37; + const x7 = (((cast(u128, x4) * cast(u128, (arg1[3]))) + (cast(u128, x3) * cast(u128, (arg1[2])))) + (cast(u128, cast(u64, x5)) * cast(u128, 0x1000003d10))); + const x8 = cast(u64, (x7 >> 52)); + const x9 = cast(u64, (x7 & cast(u128, 0xfffffffffffff))); + const x10 = ((((cast(u128, x4) * cast(u128, (arg1[4]))) + ((cast(u128, x3) * cast(u128, (arg1[3]))) + (cast(u128, (arg1[2])) * cast(u128, (arg1[2]))))) + cast(u128, x8)) + (cast(u128, x6) * cast(u128, 0x1000003d10000))); + const x11 = cast(u64, (x10 >> 52)); + const x12 = cast(u64, (x10 & cast(u128, 0xfffffffffffff))); + const x13 = (x12 >> 48); + const x14 = (x12 & 0xffffffffffff); + const x15 = (((cast(u128, x3) * cast(u128, (arg1[4]))) + (cast(u128, x2) * cast(u128, (arg1[3])))) + cast(u128, x11)); + const x16 = cast(u64, (x15 >> 52)); + const x17 = cast(u64, (x15 & cast(u128, 0xfffffffffffff))); + const x18 = ((cast(u128, (arg1[0])) * cast(u128, (arg1[0]))) + (cast(u128, ((x17 << 4) + x13)) * cast(u128, 0x1000003d1))); + const x19 = cast(u64, (x18 >> 52)); + const x20 = cast(u64, (x18 & cast(u128, 0xfffffffffffff))); + const x21 = (((cast(u128, x2) * cast(u128, (arg1[4]))) + (cast(u128, (arg1[3])) * cast(u128, (arg1[3])))) + cast(u128, x16)); + const x22 = cast(u64, (x21 >> 52)); + const x23 = cast(u64, (x21 & cast(u128, 0xfffffffffffff))); + const x24 = (((cast(u128, x4) * cast(u128, (arg1[1]))) + cast(u128, x19)) + (cast(u128, x23) * cast(u128, 0x1000003d10))); + const x25 = cast(u64, (x24 >> 52)); + const x26 = cast(u64, (x24 & cast(u128, 0xfffffffffffff))); + const x27 = ((cast(u128, x1) * cast(u128, (arg1[4]))) + cast(u128, x22)); + const x28 = cast(u64, (x27 >> 64)); + const x29 = ((((cast(u128, x4) * cast(u128, (arg1[2]))) + (cast(u128, (arg1[1])) * cast(u128, (arg1[1])))) + cast(u128, x25)) + (cast(u128, cast(u64, x27)) * cast(u128, 0x1000003d10))); + const x30 = cast(u64, (x29 >> 52)); + const x31 = cast(u64, (x29 & cast(u128, 0xfffffffffffff))); + const x32 = (cast(u128, (x9 + x30)) + (cast(u128, x28) * cast(u128, 0x1000003d10000))); + const x33 = cast(u64, (x32 >> 52)); + const x34 = cast(u64, (x32 & cast(u128, 0xfffffffffffff))); + const x35 = (x14 + x33); + out1[0] = x20; + out1[1] = x26; + out1[2] = x31; + out1[3] = x34; + out1[4] = x35; } diff --git a/fiat-zig/src/secp256k1_montgomery_32.zig b/fiat-zig/src/secp256k1_montgomery_32.zig index db2534e551..91447ca0d0 100644 --- a/fiat-zig/src/secp256k1_montgomery_32.zig +++ b/fiat-zig/src/secp256k1_montgomery_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -4700,86 +4698,62 @@ pub fn toBytes(out1: *[32]u8, arg1: [8]u32) void { const x6 = (arg1[2]); const x7 = (arg1[1]); const x8 = (arg1[0]); - const x9 = cast(u8, (x8 & cast(u32, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u32, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = cast(u8, (x12 >> 8)); - const x15 = cast(u8, (x7 & cast(u32, 0xff))); - const x16 = (x7 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u32, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x6 & cast(u32, 0xff))); - const x22 = (x6 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u32, 0xff))); - const x26 = cast(u8, (x24 >> 8)); - const x27 = cast(u8, (x5 & cast(u32, 0xff))); - const x28 = (x5 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u32, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x4 & cast(u32, 0xff))); - const x34 = (x4 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u32, 0xff))); - const x38 = cast(u8, (x36 >> 8)); - const x39 = cast(u8, (x3 & cast(u32, 0xff))); - const x40 = (x3 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = cast(u8, (x2 & cast(u32, 0xff))); - const x46 = (x2 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u32, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = cast(u8, (x1 & cast(u32, 0xff))); - const x52 = (x1 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u32, 0xff))); - const x56 = cast(u8, (x54 >> 8)); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x7 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = cast(u8, (x16 >> 8)); + const x18 = (x5 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = cast(u8, (x22 >> 8)); + const x24 = (x3 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x2 >> 8); + const x28 = (x27 >> 8); + const x29 = cast(u8, (x28 >> 8)); + const x30 = (x1 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x9); + out1[2] = cast(u8, x10); + out1[3] = x11; + out1[4] = cast(u8, x7); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = x17; + out1[12] = cast(u8, x5); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = x23; + out1[20] = cast(u8, x3); + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x25); + out1[23] = x26; + out1[24] = cast(u8, x2); + out1[25] = cast(u8, x27); + out1[26] = cast(u8, x28); + out1[27] = x29; + out1[28] = cast(u8, x1); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -4938,7 +4912,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -5148,164 +5122,163 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ cmovznzU32(&x132, x3, (arg5[6]), x122); var x133: u32 = undefined; cmovznzU32(&x133, x3, (arg5[7]), x124); - const x134 = cast(u1, (x34 & cast(u32, 0x1))); + var x134: u32 = undefined; + cmovznzU32(&x134, cast(u1, x34), cast(u32, 0x0), x7); var x135: u32 = undefined; - cmovznzU32(&x135, x134, cast(u32, 0x0), x7); + cmovznzU32(&x135, cast(u1, x34), cast(u32, 0x0), x8); var x136: u32 = undefined; - cmovznzU32(&x136, x134, cast(u32, 0x0), x8); + cmovznzU32(&x136, cast(u1, x34), cast(u32, 0x0), x9); var x137: u32 = undefined; - cmovznzU32(&x137, x134, cast(u32, 0x0), x9); + cmovznzU32(&x137, cast(u1, x34), cast(u32, 0x0), x10); var x138: u32 = undefined; - cmovznzU32(&x138, x134, cast(u32, 0x0), x10); + cmovznzU32(&x138, cast(u1, x34), cast(u32, 0x0), x11); var x139: u32 = undefined; - cmovznzU32(&x139, x134, cast(u32, 0x0), x11); + cmovznzU32(&x139, cast(u1, x34), cast(u32, 0x0), x12); var x140: u32 = undefined; - cmovznzU32(&x140, x134, cast(u32, 0x0), x12); + cmovznzU32(&x140, cast(u1, x34), cast(u32, 0x0), x13); var x141: u32 = undefined; - cmovznzU32(&x141, x134, cast(u32, 0x0), x13); + cmovznzU32(&x141, cast(u1, x34), cast(u32, 0x0), x14); var x142: u32 = undefined; - cmovznzU32(&x142, x134, cast(u32, 0x0), x14); + cmovznzU32(&x142, cast(u1, x34), cast(u32, 0x0), x15); var x143: u32 = undefined; - cmovznzU32(&x143, x134, cast(u32, 0x0), x15); - var x144: u32 = undefined; - var x145: u1 = undefined; - addcarryxU32(&x144, &x145, 0x0, x34, x135); - var x146: u32 = undefined; - var x147: u1 = undefined; - addcarryxU32(&x146, &x147, x145, x35, x136); - var x148: u32 = undefined; - var x149: u1 = undefined; - addcarryxU32(&x148, &x149, x147, x36, x137); - var x150: u32 = undefined; - var x151: u1 = undefined; - addcarryxU32(&x150, &x151, x149, x37, x138); - var x152: u32 = undefined; - var x153: u1 = undefined; - addcarryxU32(&x152, &x153, x151, x38, x139); - var x154: u32 = undefined; - var x155: u1 = undefined; - addcarryxU32(&x154, &x155, x153, x39, x140); - var x156: u32 = undefined; - var x157: u1 = undefined; - addcarryxU32(&x156, &x157, x155, x40, x141); - var x158: u32 = undefined; - var x159: u1 = undefined; - addcarryxU32(&x158, &x159, x157, x41, x142); - var x160: u32 = undefined; - var x161: u1 = undefined; - addcarryxU32(&x160, &x161, x159, x42, x143); + var x144: u1 = undefined; + addcarryxU32(&x143, &x144, 0x0, x34, x134); + var x145: u32 = undefined; + var x146: u1 = undefined; + addcarryxU32(&x145, &x146, x144, x35, x135); + var x147: u32 = undefined; + var x148: u1 = undefined; + addcarryxU32(&x147, &x148, x146, x36, x136); + var x149: u32 = undefined; + var x150: u1 = undefined; + addcarryxU32(&x149, &x150, x148, x37, x137); + var x151: u32 = undefined; + var x152: u1 = undefined; + addcarryxU32(&x151, &x152, x150, x38, x138); + var x153: u32 = undefined; + var x154: u1 = undefined; + addcarryxU32(&x153, &x154, x152, x39, x139); + var x155: u32 = undefined; + var x156: u1 = undefined; + addcarryxU32(&x155, &x156, x154, x40, x140); + var x157: u32 = undefined; + var x158: u1 = undefined; + addcarryxU32(&x157, &x158, x156, x41, x141); + var x159: u32 = undefined; + var x160: u1 = undefined; + addcarryxU32(&x159, &x160, x158, x42, x142); + var x161: u32 = undefined; + cmovznzU32(&x161, cast(u1, x34), cast(u32, 0x0), x43); var x162: u32 = undefined; - cmovznzU32(&x162, x134, cast(u32, 0x0), x43); + cmovznzU32(&x162, cast(u1, x34), cast(u32, 0x0), x44); var x163: u32 = undefined; - cmovznzU32(&x163, x134, cast(u32, 0x0), x44); + cmovznzU32(&x163, cast(u1, x34), cast(u32, 0x0), x45); var x164: u32 = undefined; - cmovznzU32(&x164, x134, cast(u32, 0x0), x45); + cmovznzU32(&x164, cast(u1, x34), cast(u32, 0x0), x46); var x165: u32 = undefined; - cmovznzU32(&x165, x134, cast(u32, 0x0), x46); + cmovznzU32(&x165, cast(u1, x34), cast(u32, 0x0), x47); var x166: u32 = undefined; - cmovznzU32(&x166, x134, cast(u32, 0x0), x47); + cmovznzU32(&x166, cast(u1, x34), cast(u32, 0x0), x48); var x167: u32 = undefined; - cmovznzU32(&x167, x134, cast(u32, 0x0), x48); + cmovznzU32(&x167, cast(u1, x34), cast(u32, 0x0), x49); var x168: u32 = undefined; - cmovznzU32(&x168, x134, cast(u32, 0x0), x49); + cmovznzU32(&x168, cast(u1, x34), cast(u32, 0x0), x50); var x169: u32 = undefined; - cmovznzU32(&x169, x134, cast(u32, 0x0), x50); - var x170: u32 = undefined; - var x171: u1 = undefined; - addcarryxU32(&x170, &x171, 0x0, x126, x162); - var x172: u32 = undefined; - var x173: u1 = undefined; - addcarryxU32(&x172, &x173, x171, x127, x163); - var x174: u32 = undefined; - var x175: u1 = undefined; - addcarryxU32(&x174, &x175, x173, x128, x164); - var x176: u32 = undefined; - var x177: u1 = undefined; - addcarryxU32(&x176, &x177, x175, x129, x165); - var x178: u32 = undefined; - var x179: u1 = undefined; - addcarryxU32(&x178, &x179, x177, x130, x166); - var x180: u32 = undefined; - var x181: u1 = undefined; - addcarryxU32(&x180, &x181, x179, x131, x167); - var x182: u32 = undefined; - var x183: u1 = undefined; - addcarryxU32(&x182, &x183, x181, x132, x168); - var x184: u32 = undefined; - var x185: u1 = undefined; - addcarryxU32(&x184, &x185, x183, x133, x169); - var x186: u32 = undefined; - var x187: u1 = undefined; - subborrowxU32(&x186, &x187, 0x0, x170, 0xfffffc2f); - var x188: u32 = undefined; - var x189: u1 = undefined; - subborrowxU32(&x188, &x189, x187, x172, 0xfffffffe); - var x190: u32 = undefined; - var x191: u1 = undefined; - subborrowxU32(&x190, &x191, x189, x174, 0xffffffff); - var x192: u32 = undefined; - var x193: u1 = undefined; - subborrowxU32(&x192, &x193, x191, x176, 0xffffffff); - var x194: u32 = undefined; - var x195: u1 = undefined; - subborrowxU32(&x194, &x195, x193, x178, 0xffffffff); - var x196: u32 = undefined; - var x197: u1 = undefined; - subborrowxU32(&x196, &x197, x195, x180, 0xffffffff); - var x198: u32 = undefined; - var x199: u1 = undefined; - subborrowxU32(&x198, &x199, x197, x182, 0xffffffff); - var x200: u32 = undefined; - var x201: u1 = undefined; - subborrowxU32(&x200, &x201, x199, x184, 0xffffffff); - var x202: u32 = undefined; - var x203: u1 = undefined; - subborrowxU32(&x202, &x203, x201, cast(u32, x185), cast(u32, 0x0)); - var x204: u32 = undefined; - var x205: u1 = undefined; - addcarryxU32(&x204, &x205, 0x0, x6, cast(u32, 0x1)); - const x206 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - const x207 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - const x208 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - const x209 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - const x210 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - const x211 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - const x212 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - const x213 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - const x214 = ((x160 & 0x80000000) | (x160 >> 1)); + var x170: u1 = undefined; + addcarryxU32(&x169, &x170, 0x0, x126, x161); + var x171: u32 = undefined; + var x172: u1 = undefined; + addcarryxU32(&x171, &x172, x170, x127, x162); + var x173: u32 = undefined; + var x174: u1 = undefined; + addcarryxU32(&x173, &x174, x172, x128, x163); + var x175: u32 = undefined; + var x176: u1 = undefined; + addcarryxU32(&x175, &x176, x174, x129, x164); + var x177: u32 = undefined; + var x178: u1 = undefined; + addcarryxU32(&x177, &x178, x176, x130, x165); + var x179: u32 = undefined; + var x180: u1 = undefined; + addcarryxU32(&x179, &x180, x178, x131, x166); + var x181: u32 = undefined; + var x182: u1 = undefined; + addcarryxU32(&x181, &x182, x180, x132, x167); + var x183: u32 = undefined; + var x184: u1 = undefined; + addcarryxU32(&x183, &x184, x182, x133, x168); + var x185: u32 = undefined; + var x186: u1 = undefined; + subborrowxU32(&x185, &x186, 0x0, x169, 0xfffffc2f); + var x187: u32 = undefined; + var x188: u1 = undefined; + subborrowxU32(&x187, &x188, x186, x171, 0xfffffffe); + var x189: u32 = undefined; + var x190: u1 = undefined; + subborrowxU32(&x189, &x190, x188, x173, 0xffffffff); + var x191: u32 = undefined; + var x192: u1 = undefined; + subborrowxU32(&x191, &x192, x190, x175, 0xffffffff); + var x193: u32 = undefined; + var x194: u1 = undefined; + subborrowxU32(&x193, &x194, x192, x177, 0xffffffff); + var x195: u32 = undefined; + var x196: u1 = undefined; + subborrowxU32(&x195, &x196, x194, x179, 0xffffffff); + var x197: u32 = undefined; + var x198: u1 = undefined; + subborrowxU32(&x197, &x198, x196, x181, 0xffffffff); + var x199: u32 = undefined; + var x200: u1 = undefined; + subborrowxU32(&x199, &x200, x198, x183, 0xffffffff); + var x201: u32 = undefined; + var x202: u1 = undefined; + subborrowxU32(&x201, &x202, x200, cast(u32, x184), cast(u32, 0x0)); + var x203: u32 = undefined; + var x204: u1 = undefined; + addcarryxU32(&x203, &x204, 0x0, x6, cast(u32, 0x1)); + const x205 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + const x206 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + const x207 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + const x208 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + const x209 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + const x210 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + const x211 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + const x212 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + const x213 = ((x159 & 0x80000000) | (x159 >> 1)); + var x214: u32 = undefined; + cmovznzU32(&x214, x84, x67, x51); var x215: u32 = undefined; - cmovznzU32(&x215, x84, x67, x51); + cmovznzU32(&x215, x84, x69, x53); var x216: u32 = undefined; - cmovznzU32(&x216, x84, x69, x53); + cmovznzU32(&x216, x84, x71, x55); var x217: u32 = undefined; - cmovznzU32(&x217, x84, x71, x55); + cmovznzU32(&x217, x84, x73, x57); var x218: u32 = undefined; - cmovznzU32(&x218, x84, x73, x57); + cmovznzU32(&x218, x84, x75, x59); var x219: u32 = undefined; - cmovznzU32(&x219, x84, x75, x59); + cmovznzU32(&x219, x84, x77, x61); var x220: u32 = undefined; - cmovznzU32(&x220, x84, x77, x61); + cmovznzU32(&x220, x84, x79, x63); var x221: u32 = undefined; - cmovznzU32(&x221, x84, x79, x63); + cmovznzU32(&x221, x84, x81, x65); var x222: u32 = undefined; - cmovznzU32(&x222, x84, x81, x65); + cmovznzU32(&x222, x202, x185, x169); var x223: u32 = undefined; - cmovznzU32(&x223, x203, x186, x170); + cmovznzU32(&x223, x202, x187, x171); var x224: u32 = undefined; - cmovznzU32(&x224, x203, x188, x172); + cmovznzU32(&x224, x202, x189, x173); var x225: u32 = undefined; - cmovznzU32(&x225, x203, x190, x174); + cmovznzU32(&x225, x202, x191, x175); var x226: u32 = undefined; - cmovznzU32(&x226, x203, x192, x176); + cmovznzU32(&x226, x202, x193, x177); var x227: u32 = undefined; - cmovznzU32(&x227, x203, x194, x178); + cmovznzU32(&x227, x202, x195, x179); var x228: u32 = undefined; - cmovznzU32(&x228, x203, x196, x180); + cmovznzU32(&x228, x202, x197, x181); var x229: u32 = undefined; - cmovznzU32(&x229, x203, x198, x182); - var x230: u32 = undefined; - cmovznzU32(&x230, x203, x200, x184); - out1.* = x204; + cmovznzU32(&x229, x202, x199, x183); + out1.* = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5315,31 +5288,31 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/secp256k1_montgomery_64.zig b/fiat-zig/src/secp256k1_montgomery_64.zig index 20daaf1f0f..87de3c0ceb 100644 --- a/fiat-zig/src/secp256k1_montgomery_64.zig +++ b/fiat-zig/src/secp256k1_montgomery_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -1508,94 +1506,66 @@ pub fn toBytes(out1: *[32]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = cast(u8, x28); + out1[28] = cast(u8, x29); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1746,7 +1716,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1860,110 +1830,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, 0xfffffffefffffc2f); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0xffffffffffffffff); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, 0xffffffffffffffff); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0xffffffffffffffff); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, 0xfffffffefffffc2f); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0xffffffffffffffff); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, 0xffffffffffffffff); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0xffffffffffffffff); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/secp256k1_montgomery_scalar_32.zig b/fiat-zig/src/secp256k1_montgomery_scalar_32.zig index 65dec125b7..e91270059c 100644 --- a/fiat-zig/src/secp256k1_montgomery_scalar_32.zig +++ b/fiat-zig/src/secp256k1_montgomery_scalar_32.zig @@ -59,10 +59,9 @@ inline fn addcarryxU32(out1: *u32, out2: *u1, arg1: u1, arg2: u32, arg3: u32) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u64, arg1) + cast(u64, arg2)) + cast(u64, arg3)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u1, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function subborrowxU32 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU32(out1: *u32, out2: *u32, arg1: u32, arg2: u32) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u64, arg1) * cast(u64, arg2)); - const x2 = cast(u32, (x1 & cast(u64, 0xffffffff))); - const x3 = cast(u32, (x1 >> 32)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u32, (x1 >> 32)); + out1.* = cast(u32, x1); + out2.* = x2; } /// The function cmovznzU32 is a single-word conditional move. @@ -4964,86 +4962,62 @@ pub fn toBytes(out1: *[32]u8, arg1: [8]u32) void { const x6 = (arg1[2]); const x7 = (arg1[1]); const x8 = (arg1[0]); - const x9 = cast(u8, (x8 & cast(u32, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u32, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u32, 0xff))); - const x14 = cast(u8, (x12 >> 8)); - const x15 = cast(u8, (x7 & cast(u32, 0xff))); - const x16 = (x7 >> 8); - const x17 = cast(u8, (x16 & cast(u32, 0xff))); - const x18 = (x16 >> 8); - const x19 = cast(u8, (x18 & cast(u32, 0xff))); - const x20 = cast(u8, (x18 >> 8)); - const x21 = cast(u8, (x6 & cast(u32, 0xff))); - const x22 = (x6 >> 8); - const x23 = cast(u8, (x22 & cast(u32, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u32, 0xff))); - const x26 = cast(u8, (x24 >> 8)); - const x27 = cast(u8, (x5 & cast(u32, 0xff))); - const x28 = (x5 >> 8); - const x29 = cast(u8, (x28 & cast(u32, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u32, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x4 & cast(u32, 0xff))); - const x34 = (x4 >> 8); - const x35 = cast(u8, (x34 & cast(u32, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u32, 0xff))); - const x38 = cast(u8, (x36 >> 8)); - const x39 = cast(u8, (x3 & cast(u32, 0xff))); - const x40 = (x3 >> 8); - const x41 = cast(u8, (x40 & cast(u32, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u32, 0xff))); - const x44 = cast(u8, (x42 >> 8)); - const x45 = cast(u8, (x2 & cast(u32, 0xff))); - const x46 = (x2 >> 8); - const x47 = cast(u8, (x46 & cast(u32, 0xff))); - const x48 = (x46 >> 8); - const x49 = cast(u8, (x48 & cast(u32, 0xff))); - const x50 = cast(u8, (x48 >> 8)); - const x51 = cast(u8, (x1 & cast(u32, 0xff))); - const x52 = (x1 >> 8); - const x53 = cast(u8, (x52 & cast(u32, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u32, 0xff))); - const x56 = cast(u8, (x54 >> 8)); - out1[0] = x9; - out1[1] = x11; - out1[2] = x13; - out1[3] = x14; - out1[4] = x15; - out1[5] = x17; - out1[6] = x19; - out1[7] = x20; - out1[8] = x21; - out1[9] = x23; - out1[10] = x25; - out1[11] = x26; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x38; - out1[20] = x39; - out1[21] = x41; - out1[22] = x43; - out1[23] = x44; - out1[24] = x45; - out1[25] = x47; - out1[26] = x49; - out1[27] = x50; - out1[28] = x51; - out1[29] = x53; - out1[30] = x55; - out1[31] = x56; + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x7 >> 8); + const x13 = (x12 >> 8); + const x14 = cast(u8, (x13 >> 8)); + const x15 = (x6 >> 8); + const x16 = (x15 >> 8); + const x17 = cast(u8, (x16 >> 8)); + const x18 = (x5 >> 8); + const x19 = (x18 >> 8); + const x20 = cast(u8, (x19 >> 8)); + const x21 = (x4 >> 8); + const x22 = (x21 >> 8); + const x23 = cast(u8, (x22 >> 8)); + const x24 = (x3 >> 8); + const x25 = (x24 >> 8); + const x26 = cast(u8, (x25 >> 8)); + const x27 = (x2 >> 8); + const x28 = (x27 >> 8); + const x29 = cast(u8, (x28 >> 8)); + const x30 = (x1 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x8); + out1[1] = cast(u8, x9); + out1[2] = cast(u8, x10); + out1[3] = x11; + out1[4] = cast(u8, x7); + out1[5] = cast(u8, x12); + out1[6] = cast(u8, x13); + out1[7] = x14; + out1[8] = cast(u8, x6); + out1[9] = cast(u8, x15); + out1[10] = cast(u8, x16); + out1[11] = x17; + out1[12] = cast(u8, x5); + out1[13] = cast(u8, x18); + out1[14] = cast(u8, x19); + out1[15] = x20; + out1[16] = cast(u8, x4); + out1[17] = cast(u8, x21); + out1[18] = cast(u8, x22); + out1[19] = x23; + out1[20] = cast(u8, x3); + out1[21] = cast(u8, x24); + out1[22] = cast(u8, x25); + out1[23] = x26; + out1[24] = cast(u8, x2); + out1[25] = cast(u8, x27); + out1[26] = cast(u8, x28); + out1[27] = x29; + out1[28] = cast(u8, x1); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -5202,7 +5176,7 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ var x1: u32 = undefined; var x2: u1 = undefined; addcarryxU32(&x1, &x2, 0x0, (~arg1), cast(u32, 0x1)); - const x3 = (cast(u1, (x1 >> 31)) & cast(u1, ((arg3[0]) & cast(u32, 0x1)))); + const x3 = (cast(u1, (x1 >> 31)) & cast(u1, (arg3[0]))); var x4: u32 = undefined; var x5: u1 = undefined; addcarryxU32(&x4, &x5, 0x0, (~arg1), cast(u32, 0x1)); @@ -5412,164 +5386,163 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ cmovznzU32(&x132, x3, (arg5[6]), x122); var x133: u32 = undefined; cmovznzU32(&x133, x3, (arg5[7]), x124); - const x134 = cast(u1, (x34 & cast(u32, 0x1))); + var x134: u32 = undefined; + cmovznzU32(&x134, cast(u1, x34), cast(u32, 0x0), x7); var x135: u32 = undefined; - cmovznzU32(&x135, x134, cast(u32, 0x0), x7); + cmovznzU32(&x135, cast(u1, x34), cast(u32, 0x0), x8); var x136: u32 = undefined; - cmovznzU32(&x136, x134, cast(u32, 0x0), x8); + cmovznzU32(&x136, cast(u1, x34), cast(u32, 0x0), x9); var x137: u32 = undefined; - cmovznzU32(&x137, x134, cast(u32, 0x0), x9); + cmovznzU32(&x137, cast(u1, x34), cast(u32, 0x0), x10); var x138: u32 = undefined; - cmovznzU32(&x138, x134, cast(u32, 0x0), x10); + cmovznzU32(&x138, cast(u1, x34), cast(u32, 0x0), x11); var x139: u32 = undefined; - cmovznzU32(&x139, x134, cast(u32, 0x0), x11); + cmovznzU32(&x139, cast(u1, x34), cast(u32, 0x0), x12); var x140: u32 = undefined; - cmovznzU32(&x140, x134, cast(u32, 0x0), x12); + cmovznzU32(&x140, cast(u1, x34), cast(u32, 0x0), x13); var x141: u32 = undefined; - cmovznzU32(&x141, x134, cast(u32, 0x0), x13); + cmovznzU32(&x141, cast(u1, x34), cast(u32, 0x0), x14); var x142: u32 = undefined; - cmovznzU32(&x142, x134, cast(u32, 0x0), x14); + cmovznzU32(&x142, cast(u1, x34), cast(u32, 0x0), x15); var x143: u32 = undefined; - cmovznzU32(&x143, x134, cast(u32, 0x0), x15); - var x144: u32 = undefined; - var x145: u1 = undefined; - addcarryxU32(&x144, &x145, 0x0, x34, x135); - var x146: u32 = undefined; - var x147: u1 = undefined; - addcarryxU32(&x146, &x147, x145, x35, x136); - var x148: u32 = undefined; - var x149: u1 = undefined; - addcarryxU32(&x148, &x149, x147, x36, x137); - var x150: u32 = undefined; - var x151: u1 = undefined; - addcarryxU32(&x150, &x151, x149, x37, x138); - var x152: u32 = undefined; - var x153: u1 = undefined; - addcarryxU32(&x152, &x153, x151, x38, x139); - var x154: u32 = undefined; - var x155: u1 = undefined; - addcarryxU32(&x154, &x155, x153, x39, x140); - var x156: u32 = undefined; - var x157: u1 = undefined; - addcarryxU32(&x156, &x157, x155, x40, x141); - var x158: u32 = undefined; - var x159: u1 = undefined; - addcarryxU32(&x158, &x159, x157, x41, x142); - var x160: u32 = undefined; - var x161: u1 = undefined; - addcarryxU32(&x160, &x161, x159, x42, x143); + var x144: u1 = undefined; + addcarryxU32(&x143, &x144, 0x0, x34, x134); + var x145: u32 = undefined; + var x146: u1 = undefined; + addcarryxU32(&x145, &x146, x144, x35, x135); + var x147: u32 = undefined; + var x148: u1 = undefined; + addcarryxU32(&x147, &x148, x146, x36, x136); + var x149: u32 = undefined; + var x150: u1 = undefined; + addcarryxU32(&x149, &x150, x148, x37, x137); + var x151: u32 = undefined; + var x152: u1 = undefined; + addcarryxU32(&x151, &x152, x150, x38, x138); + var x153: u32 = undefined; + var x154: u1 = undefined; + addcarryxU32(&x153, &x154, x152, x39, x139); + var x155: u32 = undefined; + var x156: u1 = undefined; + addcarryxU32(&x155, &x156, x154, x40, x140); + var x157: u32 = undefined; + var x158: u1 = undefined; + addcarryxU32(&x157, &x158, x156, x41, x141); + var x159: u32 = undefined; + var x160: u1 = undefined; + addcarryxU32(&x159, &x160, x158, x42, x142); + var x161: u32 = undefined; + cmovznzU32(&x161, cast(u1, x34), cast(u32, 0x0), x43); var x162: u32 = undefined; - cmovznzU32(&x162, x134, cast(u32, 0x0), x43); + cmovznzU32(&x162, cast(u1, x34), cast(u32, 0x0), x44); var x163: u32 = undefined; - cmovznzU32(&x163, x134, cast(u32, 0x0), x44); + cmovznzU32(&x163, cast(u1, x34), cast(u32, 0x0), x45); var x164: u32 = undefined; - cmovznzU32(&x164, x134, cast(u32, 0x0), x45); + cmovznzU32(&x164, cast(u1, x34), cast(u32, 0x0), x46); var x165: u32 = undefined; - cmovznzU32(&x165, x134, cast(u32, 0x0), x46); + cmovznzU32(&x165, cast(u1, x34), cast(u32, 0x0), x47); var x166: u32 = undefined; - cmovznzU32(&x166, x134, cast(u32, 0x0), x47); + cmovznzU32(&x166, cast(u1, x34), cast(u32, 0x0), x48); var x167: u32 = undefined; - cmovznzU32(&x167, x134, cast(u32, 0x0), x48); + cmovznzU32(&x167, cast(u1, x34), cast(u32, 0x0), x49); var x168: u32 = undefined; - cmovznzU32(&x168, x134, cast(u32, 0x0), x49); + cmovznzU32(&x168, cast(u1, x34), cast(u32, 0x0), x50); var x169: u32 = undefined; - cmovznzU32(&x169, x134, cast(u32, 0x0), x50); - var x170: u32 = undefined; - var x171: u1 = undefined; - addcarryxU32(&x170, &x171, 0x0, x126, x162); - var x172: u32 = undefined; - var x173: u1 = undefined; - addcarryxU32(&x172, &x173, x171, x127, x163); - var x174: u32 = undefined; - var x175: u1 = undefined; - addcarryxU32(&x174, &x175, x173, x128, x164); - var x176: u32 = undefined; - var x177: u1 = undefined; - addcarryxU32(&x176, &x177, x175, x129, x165); - var x178: u32 = undefined; - var x179: u1 = undefined; - addcarryxU32(&x178, &x179, x177, x130, x166); - var x180: u32 = undefined; - var x181: u1 = undefined; - addcarryxU32(&x180, &x181, x179, x131, x167); - var x182: u32 = undefined; - var x183: u1 = undefined; - addcarryxU32(&x182, &x183, x181, x132, x168); - var x184: u32 = undefined; - var x185: u1 = undefined; - addcarryxU32(&x184, &x185, x183, x133, x169); - var x186: u32 = undefined; - var x187: u1 = undefined; - subborrowxU32(&x186, &x187, 0x0, x170, 0xd0364141); - var x188: u32 = undefined; - var x189: u1 = undefined; - subborrowxU32(&x188, &x189, x187, x172, 0xbfd25e8c); - var x190: u32 = undefined; - var x191: u1 = undefined; - subborrowxU32(&x190, &x191, x189, x174, 0xaf48a03b); - var x192: u32 = undefined; - var x193: u1 = undefined; - subborrowxU32(&x192, &x193, x191, x176, 0xbaaedce6); - var x194: u32 = undefined; - var x195: u1 = undefined; - subborrowxU32(&x194, &x195, x193, x178, 0xfffffffe); - var x196: u32 = undefined; - var x197: u1 = undefined; - subborrowxU32(&x196, &x197, x195, x180, 0xffffffff); - var x198: u32 = undefined; - var x199: u1 = undefined; - subborrowxU32(&x198, &x199, x197, x182, 0xffffffff); - var x200: u32 = undefined; - var x201: u1 = undefined; - subborrowxU32(&x200, &x201, x199, x184, 0xffffffff); - var x202: u32 = undefined; - var x203: u1 = undefined; - subborrowxU32(&x202, &x203, x201, cast(u32, x185), cast(u32, 0x0)); - var x204: u32 = undefined; - var x205: u1 = undefined; - addcarryxU32(&x204, &x205, 0x0, x6, cast(u32, 0x1)); - const x206 = ((x144 >> 1) | ((x146 << 31) & 0xffffffff)); - const x207 = ((x146 >> 1) | ((x148 << 31) & 0xffffffff)); - const x208 = ((x148 >> 1) | ((x150 << 31) & 0xffffffff)); - const x209 = ((x150 >> 1) | ((x152 << 31) & 0xffffffff)); - const x210 = ((x152 >> 1) | ((x154 << 31) & 0xffffffff)); - const x211 = ((x154 >> 1) | ((x156 << 31) & 0xffffffff)); - const x212 = ((x156 >> 1) | ((x158 << 31) & 0xffffffff)); - const x213 = ((x158 >> 1) | ((x160 << 31) & 0xffffffff)); - const x214 = ((x160 & 0x80000000) | (x160 >> 1)); + var x170: u1 = undefined; + addcarryxU32(&x169, &x170, 0x0, x126, x161); + var x171: u32 = undefined; + var x172: u1 = undefined; + addcarryxU32(&x171, &x172, x170, x127, x162); + var x173: u32 = undefined; + var x174: u1 = undefined; + addcarryxU32(&x173, &x174, x172, x128, x163); + var x175: u32 = undefined; + var x176: u1 = undefined; + addcarryxU32(&x175, &x176, x174, x129, x164); + var x177: u32 = undefined; + var x178: u1 = undefined; + addcarryxU32(&x177, &x178, x176, x130, x165); + var x179: u32 = undefined; + var x180: u1 = undefined; + addcarryxU32(&x179, &x180, x178, x131, x166); + var x181: u32 = undefined; + var x182: u1 = undefined; + addcarryxU32(&x181, &x182, x180, x132, x167); + var x183: u32 = undefined; + var x184: u1 = undefined; + addcarryxU32(&x183, &x184, x182, x133, x168); + var x185: u32 = undefined; + var x186: u1 = undefined; + subborrowxU32(&x185, &x186, 0x0, x169, 0xd0364141); + var x187: u32 = undefined; + var x188: u1 = undefined; + subborrowxU32(&x187, &x188, x186, x171, 0xbfd25e8c); + var x189: u32 = undefined; + var x190: u1 = undefined; + subborrowxU32(&x189, &x190, x188, x173, 0xaf48a03b); + var x191: u32 = undefined; + var x192: u1 = undefined; + subborrowxU32(&x191, &x192, x190, x175, 0xbaaedce6); + var x193: u32 = undefined; + var x194: u1 = undefined; + subborrowxU32(&x193, &x194, x192, x177, 0xfffffffe); + var x195: u32 = undefined; + var x196: u1 = undefined; + subborrowxU32(&x195, &x196, x194, x179, 0xffffffff); + var x197: u32 = undefined; + var x198: u1 = undefined; + subborrowxU32(&x197, &x198, x196, x181, 0xffffffff); + var x199: u32 = undefined; + var x200: u1 = undefined; + subborrowxU32(&x199, &x200, x198, x183, 0xffffffff); + var x201: u32 = undefined; + var x202: u1 = undefined; + subborrowxU32(&x201, &x202, x200, cast(u32, x184), cast(u32, 0x0)); + var x203: u32 = undefined; + var x204: u1 = undefined; + addcarryxU32(&x203, &x204, 0x0, x6, cast(u32, 0x1)); + const x205 = ((x143 >> 1) | ((x145 << 31) & 0xffffffff)); + const x206 = ((x145 >> 1) | ((x147 << 31) & 0xffffffff)); + const x207 = ((x147 >> 1) | ((x149 << 31) & 0xffffffff)); + const x208 = ((x149 >> 1) | ((x151 << 31) & 0xffffffff)); + const x209 = ((x151 >> 1) | ((x153 << 31) & 0xffffffff)); + const x210 = ((x153 >> 1) | ((x155 << 31) & 0xffffffff)); + const x211 = ((x155 >> 1) | ((x157 << 31) & 0xffffffff)); + const x212 = ((x157 >> 1) | ((x159 << 31) & 0xffffffff)); + const x213 = ((x159 & 0x80000000) | (x159 >> 1)); + var x214: u32 = undefined; + cmovznzU32(&x214, x84, x67, x51); var x215: u32 = undefined; - cmovznzU32(&x215, x84, x67, x51); + cmovznzU32(&x215, x84, x69, x53); var x216: u32 = undefined; - cmovznzU32(&x216, x84, x69, x53); + cmovznzU32(&x216, x84, x71, x55); var x217: u32 = undefined; - cmovznzU32(&x217, x84, x71, x55); + cmovznzU32(&x217, x84, x73, x57); var x218: u32 = undefined; - cmovznzU32(&x218, x84, x73, x57); + cmovznzU32(&x218, x84, x75, x59); var x219: u32 = undefined; - cmovznzU32(&x219, x84, x75, x59); + cmovznzU32(&x219, x84, x77, x61); var x220: u32 = undefined; - cmovznzU32(&x220, x84, x77, x61); + cmovznzU32(&x220, x84, x79, x63); var x221: u32 = undefined; - cmovznzU32(&x221, x84, x79, x63); + cmovznzU32(&x221, x84, x81, x65); var x222: u32 = undefined; - cmovznzU32(&x222, x84, x81, x65); + cmovznzU32(&x222, x202, x185, x169); var x223: u32 = undefined; - cmovznzU32(&x223, x203, x186, x170); + cmovznzU32(&x223, x202, x187, x171); var x224: u32 = undefined; - cmovznzU32(&x224, x203, x188, x172); + cmovznzU32(&x224, x202, x189, x173); var x225: u32 = undefined; - cmovznzU32(&x225, x203, x190, x174); + cmovznzU32(&x225, x202, x191, x175); var x226: u32 = undefined; - cmovznzU32(&x226, x203, x192, x176); + cmovznzU32(&x226, x202, x193, x177); var x227: u32 = undefined; - cmovznzU32(&x227, x203, x194, x178); + cmovznzU32(&x227, x202, x195, x179); var x228: u32 = undefined; - cmovznzU32(&x228, x203, x196, x180); + cmovznzU32(&x228, x202, x197, x181); var x229: u32 = undefined; - cmovznzU32(&x229, x203, x198, x182); - var x230: u32 = undefined; - cmovznzU32(&x230, x203, x200, x184); - out1.* = x204; + cmovznzU32(&x229, x202, x199, x183); + out1.* = x203; out2[0] = x7; out2[1] = x8; out2[2] = x9; @@ -5579,31 +5552,31 @@ pub fn divstep(out1: *u32, out2: *[9]u32, out3: *[9]u32, out4: *[8]u32, out5: *[ out2[6] = x13; out2[7] = x14; out2[8] = x15; - out3[0] = x206; - out3[1] = x207; - out3[2] = x208; - out3[3] = x209; - out3[4] = x210; - out3[5] = x211; - out3[6] = x212; - out3[7] = x213; - out3[8] = x214; - out4[0] = x215; - out4[1] = x216; - out4[2] = x217; - out4[3] = x218; - out4[4] = x219; - out4[5] = x220; - out4[6] = x221; - out4[7] = x222; - out5[0] = x223; - out5[1] = x224; - out5[2] = x225; - out5[3] = x226; - out5[4] = x227; - out5[5] = x228; - out5[6] = x229; - out5[7] = x230; + out3[0] = x205; + out3[1] = x206; + out3[2] = x207; + out3[3] = x208; + out3[4] = x209; + out3[5] = x210; + out3[6] = x211; + out3[7] = x212; + out3[8] = x213; + out4[0] = x214; + out4[1] = x215; + out4[2] = x216; + out4[3] = x217; + out4[4] = x218; + out4[5] = x219; + out4[6] = x220; + out4[7] = x221; + out5[0] = x222; + out5[1] = x223; + out5[2] = x224; + out5[3] = x225; + out5[4] = x226; + out5[5] = x227; + out5[6] = x228; + out5[7] = x229; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). diff --git a/fiat-zig/src/secp256k1_montgomery_scalar_64.zig b/fiat-zig/src/secp256k1_montgomery_scalar_64.zig index 318fb0a4e5..60c2cb73e1 100644 --- a/fiat-zig/src/secp256k1_montgomery_scalar_64.zig +++ b/fiat-zig/src/secp256k1_montgomery_scalar_64.zig @@ -59,10 +59,9 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo @setRuntimeSafety(mode == .Debug); const x1 = ((cast(u128, arg1) + cast(u128, arg2)) + cast(u128, arg3)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u1, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u1, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function subborrowxU64 is a subtraction with borrow. @@ -104,10 +103,9 @@ inline fn mulxU64(out1: *u64, out2: *u64, arg1: u64, arg2: u64) void { @setRuntimeSafety(mode == .Debug); const x1 = (cast(u128, arg1) * cast(u128, arg2)); - const x2 = cast(u64, (x1 & cast(u128, 0xffffffffffffffff))); - const x3 = cast(u64, (x1 >> 64)); - out1.* = x2; - out2.* = x3; + const x2 = cast(u64, (x1 >> 64)); + out1.* = cast(u64, x1); + out2.* = x2; } /// The function cmovznzU64 is a single-word conditional move. @@ -1568,94 +1566,66 @@ pub fn toBytes(out1: *[32]u8, arg1: [4]u64) void { const x2 = (arg1[2]); const x3 = (arg1[1]); const x4 = (arg1[0]); - const x5 = cast(u8, (x4 & cast(u64, 0xff))); - const x6 = (x4 >> 8); - const x7 = cast(u8, (x6 & cast(u64, 0xff))); - const x8 = (x6 >> 8); - const x9 = cast(u8, (x8 & cast(u64, 0xff))); - const x10 = (x8 >> 8); - const x11 = cast(u8, (x10 & cast(u64, 0xff))); - const x12 = (x10 >> 8); - const x13 = cast(u8, (x12 & cast(u64, 0xff))); - const x14 = (x12 >> 8); - const x15 = cast(u8, (x14 & cast(u64, 0xff))); - const x16 = (x14 >> 8); - const x17 = cast(u8, (x16 & cast(u64, 0xff))); - const x18 = cast(u8, (x16 >> 8)); - const x19 = cast(u8, (x3 & cast(u64, 0xff))); - const x20 = (x3 >> 8); - const x21 = cast(u8, (x20 & cast(u64, 0xff))); - const x22 = (x20 >> 8); - const x23 = cast(u8, (x22 & cast(u64, 0xff))); - const x24 = (x22 >> 8); - const x25 = cast(u8, (x24 & cast(u64, 0xff))); - const x26 = (x24 >> 8); - const x27 = cast(u8, (x26 & cast(u64, 0xff))); - const x28 = (x26 >> 8); - const x29 = cast(u8, (x28 & cast(u64, 0xff))); - const x30 = (x28 >> 8); - const x31 = cast(u8, (x30 & cast(u64, 0xff))); - const x32 = cast(u8, (x30 >> 8)); - const x33 = cast(u8, (x2 & cast(u64, 0xff))); - const x34 = (x2 >> 8); - const x35 = cast(u8, (x34 & cast(u64, 0xff))); - const x36 = (x34 >> 8); - const x37 = cast(u8, (x36 & cast(u64, 0xff))); - const x38 = (x36 >> 8); - const x39 = cast(u8, (x38 & cast(u64, 0xff))); - const x40 = (x38 >> 8); - const x41 = cast(u8, (x40 & cast(u64, 0xff))); - const x42 = (x40 >> 8); - const x43 = cast(u8, (x42 & cast(u64, 0xff))); - const x44 = (x42 >> 8); - const x45 = cast(u8, (x44 & cast(u64, 0xff))); - const x46 = cast(u8, (x44 >> 8)); - const x47 = cast(u8, (x1 & cast(u64, 0xff))); - const x48 = (x1 >> 8); - const x49 = cast(u8, (x48 & cast(u64, 0xff))); - const x50 = (x48 >> 8); - const x51 = cast(u8, (x50 & cast(u64, 0xff))); - const x52 = (x50 >> 8); - const x53 = cast(u8, (x52 & cast(u64, 0xff))); - const x54 = (x52 >> 8); - const x55 = cast(u8, (x54 & cast(u64, 0xff))); - const x56 = (x54 >> 8); - const x57 = cast(u8, (x56 & cast(u64, 0xff))); - const x58 = (x56 >> 8); - const x59 = cast(u8, (x58 & cast(u64, 0xff))); - const x60 = cast(u8, (x58 >> 8)); - out1[0] = x5; - out1[1] = x7; - out1[2] = x9; - out1[3] = x11; - out1[4] = x13; - out1[5] = x15; - out1[6] = x17; - out1[7] = x18; - out1[8] = x19; - out1[9] = x21; - out1[10] = x23; - out1[11] = x25; - out1[12] = x27; - out1[13] = x29; - out1[14] = x31; - out1[15] = x32; - out1[16] = x33; - out1[17] = x35; - out1[18] = x37; - out1[19] = x39; - out1[20] = x41; - out1[21] = x43; - out1[22] = x45; - out1[23] = x46; - out1[24] = x47; - out1[25] = x49; - out1[26] = x51; - out1[27] = x53; - out1[28] = x55; - out1[29] = x57; - out1[30] = x59; - out1[31] = x60; + const x5 = (x4 >> 8); + const x6 = (x5 >> 8); + const x7 = (x6 >> 8); + const x8 = (x7 >> 8); + const x9 = (x8 >> 8); + const x10 = (x9 >> 8); + const x11 = cast(u8, (x10 >> 8)); + const x12 = (x3 >> 8); + const x13 = (x12 >> 8); + const x14 = (x13 >> 8); + const x15 = (x14 >> 8); + const x16 = (x15 >> 8); + const x17 = (x16 >> 8); + const x18 = cast(u8, (x17 >> 8)); + const x19 = (x2 >> 8); + const x20 = (x19 >> 8); + const x21 = (x20 >> 8); + const x22 = (x21 >> 8); + const x23 = (x22 >> 8); + const x24 = (x23 >> 8); + const x25 = cast(u8, (x24 >> 8)); + const x26 = (x1 >> 8); + const x27 = (x26 >> 8); + const x28 = (x27 >> 8); + const x29 = (x28 >> 8); + const x30 = (x29 >> 8); + const x31 = (x30 >> 8); + const x32 = cast(u8, (x31 >> 8)); + out1[0] = cast(u8, x4); + out1[1] = cast(u8, x5); + out1[2] = cast(u8, x6); + out1[3] = cast(u8, x7); + out1[4] = cast(u8, x8); + out1[5] = cast(u8, x9); + out1[6] = cast(u8, x10); + out1[7] = x11; + out1[8] = cast(u8, x3); + out1[9] = cast(u8, x12); + out1[10] = cast(u8, x13); + out1[11] = cast(u8, x14); + out1[12] = cast(u8, x15); + out1[13] = cast(u8, x16); + out1[14] = cast(u8, x17); + out1[15] = x18; + out1[16] = cast(u8, x2); + out1[17] = cast(u8, x19); + out1[18] = cast(u8, x20); + out1[19] = cast(u8, x21); + out1[20] = cast(u8, x22); + out1[21] = cast(u8, x23); + out1[22] = cast(u8, x24); + out1[23] = x25; + out1[24] = cast(u8, x1); + out1[25] = cast(u8, x26); + out1[26] = cast(u8, x27); + out1[27] = cast(u8, x28); + out1[28] = cast(u8, x29); + out1[29] = cast(u8, x30); + out1[30] = cast(u8, x31); + out1[31] = x32; } /// The function fromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order. @@ -1806,7 +1776,7 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ var x1: u64 = undefined; var x2: u1 = undefined; addcarryxU64(&x1, &x2, 0x0, (~arg1), cast(u64, 0x1)); - const x3 = (cast(u1, (x1 >> 63)) & cast(u1, ((arg3[0]) & cast(u64, 0x1)))); + const x3 = (cast(u1, (x1 >> 63)) & cast(u1, (arg3[0]))); var x4: u64 = undefined; var x5: u1 = undefined; addcarryxU64(&x4, &x5, 0x0, (~arg1), cast(u64, 0x1)); @@ -1920,110 +1890,109 @@ pub fn divstep(out1: *u64, out2: *[5]u64, out3: *[5]u64, out4: *[4]u64, out5: *[ cmovznzU64(&x72, x3, (arg5[2]), x66); var x73: u64 = undefined; cmovznzU64(&x73, x3, (arg5[3]), x68); - const x74 = cast(u1, (x22 & cast(u64, 0x1))); + var x74: u64 = undefined; + cmovznzU64(&x74, cast(u1, x22), cast(u64, 0x0), x7); var x75: u64 = undefined; - cmovznzU64(&x75, x74, cast(u64, 0x0), x7); + cmovznzU64(&x75, cast(u1, x22), cast(u64, 0x0), x8); var x76: u64 = undefined; - cmovznzU64(&x76, x74, cast(u64, 0x0), x8); + cmovznzU64(&x76, cast(u1, x22), cast(u64, 0x0), x9); var x77: u64 = undefined; - cmovznzU64(&x77, x74, cast(u64, 0x0), x9); + cmovznzU64(&x77, cast(u1, x22), cast(u64, 0x0), x10); var x78: u64 = undefined; - cmovznzU64(&x78, x74, cast(u64, 0x0), x10); + cmovznzU64(&x78, cast(u1, x22), cast(u64, 0x0), x11); var x79: u64 = undefined; - cmovznzU64(&x79, x74, cast(u64, 0x0), x11); - var x80: u64 = undefined; - var x81: u1 = undefined; - addcarryxU64(&x80, &x81, 0x0, x22, x75); - var x82: u64 = undefined; - var x83: u1 = undefined; - addcarryxU64(&x82, &x83, x81, x23, x76); - var x84: u64 = undefined; - var x85: u1 = undefined; - addcarryxU64(&x84, &x85, x83, x24, x77); - var x86: u64 = undefined; - var x87: u1 = undefined; - addcarryxU64(&x86, &x87, x85, x25, x78); - var x88: u64 = undefined; - var x89: u1 = undefined; - addcarryxU64(&x88, &x89, x87, x26, x79); + var x80: u1 = undefined; + addcarryxU64(&x79, &x80, 0x0, x22, x74); + var x81: u64 = undefined; + var x82: u1 = undefined; + addcarryxU64(&x81, &x82, x80, x23, x75); + var x83: u64 = undefined; + var x84: u1 = undefined; + addcarryxU64(&x83, &x84, x82, x24, x76); + var x85: u64 = undefined; + var x86: u1 = undefined; + addcarryxU64(&x85, &x86, x84, x25, x77); + var x87: u64 = undefined; + var x88: u1 = undefined; + addcarryxU64(&x87, &x88, x86, x26, x78); + var x89: u64 = undefined; + cmovznzU64(&x89, cast(u1, x22), cast(u64, 0x0), x27); var x90: u64 = undefined; - cmovznzU64(&x90, x74, cast(u64, 0x0), x27); + cmovznzU64(&x90, cast(u1, x22), cast(u64, 0x0), x28); var x91: u64 = undefined; - cmovznzU64(&x91, x74, cast(u64, 0x0), x28); + cmovznzU64(&x91, cast(u1, x22), cast(u64, 0x0), x29); var x92: u64 = undefined; - cmovznzU64(&x92, x74, cast(u64, 0x0), x29); + cmovznzU64(&x92, cast(u1, x22), cast(u64, 0x0), x30); var x93: u64 = undefined; - cmovznzU64(&x93, x74, cast(u64, 0x0), x30); - var x94: u64 = undefined; - var x95: u1 = undefined; - addcarryxU64(&x94, &x95, 0x0, x70, x90); - var x96: u64 = undefined; - var x97: u1 = undefined; - addcarryxU64(&x96, &x97, x95, x71, x91); - var x98: u64 = undefined; - var x99: u1 = undefined; - addcarryxU64(&x98, &x99, x97, x72, x92); - var x100: u64 = undefined; - var x101: u1 = undefined; - addcarryxU64(&x100, &x101, x99, x73, x93); - var x102: u64 = undefined; - var x103: u1 = undefined; - subborrowxU64(&x102, &x103, 0x0, x94, 0xbfd25e8cd0364141); - var x104: u64 = undefined; - var x105: u1 = undefined; - subborrowxU64(&x104, &x105, x103, x96, 0xbaaedce6af48a03b); - var x106: u64 = undefined; - var x107: u1 = undefined; - subborrowxU64(&x106, &x107, x105, x98, 0xfffffffffffffffe); - var x108: u64 = undefined; - var x109: u1 = undefined; - subborrowxU64(&x108, &x109, x107, x100, 0xffffffffffffffff); - var x110: u64 = undefined; - var x111: u1 = undefined; - subborrowxU64(&x110, &x111, x109, cast(u64, x101), cast(u64, 0x0)); - var x112: u64 = undefined; - var x113: u1 = undefined; - addcarryxU64(&x112, &x113, 0x0, x6, cast(u64, 0x1)); - const x114 = ((x80 >> 1) | ((x82 << 63) & 0xffffffffffffffff)); - const x115 = ((x82 >> 1) | ((x84 << 63) & 0xffffffffffffffff)); - const x116 = ((x84 >> 1) | ((x86 << 63) & 0xffffffffffffffff)); - const x117 = ((x86 >> 1) | ((x88 << 63) & 0xffffffffffffffff)); - const x118 = ((x88 & 0x8000000000000000) | (x88 >> 1)); + var x94: u1 = undefined; + addcarryxU64(&x93, &x94, 0x0, x70, x89); + var x95: u64 = undefined; + var x96: u1 = undefined; + addcarryxU64(&x95, &x96, x94, x71, x90); + var x97: u64 = undefined; + var x98: u1 = undefined; + addcarryxU64(&x97, &x98, x96, x72, x91); + var x99: u64 = undefined; + var x100: u1 = undefined; + addcarryxU64(&x99, &x100, x98, x73, x92); + var x101: u64 = undefined; + var x102: u1 = undefined; + subborrowxU64(&x101, &x102, 0x0, x93, 0xbfd25e8cd0364141); + var x103: u64 = undefined; + var x104: u1 = undefined; + subborrowxU64(&x103, &x104, x102, x95, 0xbaaedce6af48a03b); + var x105: u64 = undefined; + var x106: u1 = undefined; + subborrowxU64(&x105, &x106, x104, x97, 0xfffffffffffffffe); + var x107: u64 = undefined; + var x108: u1 = undefined; + subborrowxU64(&x107, &x108, x106, x99, 0xffffffffffffffff); + var x109: u64 = undefined; + var x110: u1 = undefined; + subborrowxU64(&x109, &x110, x108, cast(u64, x100), cast(u64, 0x0)); + var x111: u64 = undefined; + var x112: u1 = undefined; + addcarryxU64(&x111, &x112, 0x0, x6, cast(u64, 0x1)); + const x113 = ((x79 >> 1) | ((x81 << 63) & 0xffffffffffffffff)); + const x114 = ((x81 >> 1) | ((x83 << 63) & 0xffffffffffffffff)); + const x115 = ((x83 >> 1) | ((x85 << 63) & 0xffffffffffffffff)); + const x116 = ((x85 >> 1) | ((x87 << 63) & 0xffffffffffffffff)); + const x117 = ((x87 & 0x8000000000000000) | (x87 >> 1)); + var x118: u64 = undefined; + cmovznzU64(&x118, x48, x39, x31); var x119: u64 = undefined; - cmovznzU64(&x119, x48, x39, x31); + cmovznzU64(&x119, x48, x41, x33); var x120: u64 = undefined; - cmovznzU64(&x120, x48, x41, x33); + cmovznzU64(&x120, x48, x43, x35); var x121: u64 = undefined; - cmovznzU64(&x121, x48, x43, x35); + cmovznzU64(&x121, x48, x45, x37); var x122: u64 = undefined; - cmovznzU64(&x122, x48, x45, x37); + cmovznzU64(&x122, x110, x101, x93); var x123: u64 = undefined; - cmovznzU64(&x123, x111, x102, x94); + cmovznzU64(&x123, x110, x103, x95); var x124: u64 = undefined; - cmovznzU64(&x124, x111, x104, x96); + cmovznzU64(&x124, x110, x105, x97); var x125: u64 = undefined; - cmovznzU64(&x125, x111, x106, x98); - var x126: u64 = undefined; - cmovznzU64(&x126, x111, x108, x100); - out1.* = x112; + cmovznzU64(&x125, x110, x107, x99); + out1.* = x111; out2[0] = x7; out2[1] = x8; out2[2] = x9; out2[3] = x10; out2[4] = x11; - out3[0] = x114; - out3[1] = x115; - out3[2] = x116; - out3[3] = x117; - out3[4] = x118; - out4[0] = x119; - out4[1] = x120; - out4[2] = x121; - out4[3] = x122; - out5[0] = x123; - out5[1] = x124; - out5[2] = x125; - out5[3] = x126; + out3[0] = x113; + out3[1] = x114; + out3[2] = x115; + out3[3] = x116; + out3[4] = x117; + out4[0] = x118; + out4[1] = x119; + out4[2] = x120; + out4[3] = x121; + out5[0] = x122; + out5[1] = x123; + out5[2] = x124; + out5[3] = x125; } /// The function divstepPrecomp returns the precomputed value for Bernstein-Yang-inversion (in montgomery form). From c78648d953a1b4bc3f423a3e82b565d7bde3030e Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Thu, 18 May 2023 12:30:39 -0400 Subject: [PATCH 26/27] small fixes to error messages --- src/PushButtonSynthesis/DettmanMultiplication.v | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/PushButtonSynthesis/DettmanMultiplication.v b/src/PushButtonSynthesis/DettmanMultiplication.v index 1472e28982..0ed93ccfc2 100644 --- a/src/PushButtonSynthesis/DettmanMultiplication.v +++ b/src/PushButtonSynthesis/DettmanMultiplication.v @@ -120,11 +120,11 @@ Section __. (List.map (fun v => (true, v)) [(negb (s - c =? 0), Pipeline.Values_not_provably_distinctZ "s - c <> 0" (s - c) 0) - ; (4 <=? n, Pipeline.Value_not_leZ "4 <= n" 3 n) + ; (4 <=? n, Pipeline.Value_not_leZ "4 <= n" 4 n) ; (last_limb_width * n <=? Z.log2 s, Pipeline.Value_not_leZ "last_limb_width * n <= Z.log2 s" (last_limb_width * n) (Z.log2 s)) ; (1 <=? last_limb_width, Pipeline.Value_not_leZ "1 <= last_limb_width" 1 last_limb_width) ; (2 ^ (Z.log2 s) =? s, Pipeline.Values_not_provably_equalZ "2 ^ (Z.log2 s) = s" (2 ^ Z.log2 s) s) - ; (Z.log2 s - last_limb_width <=? (Z.to_nat machine_wordsize) * (n - 1), Pipeline.Value_not_leZ "Z.log2 s - last_limb_width <= (Z.to_nat machine_wordsize) * (n - 1)" (Z.log2 s - last_limb_width) (Z.to_nat machine_wordsize * (n - 1))) + ; (Z.log2 s - last_limb_width <=? (Z.to_nat machine_wordsize) * (n - 1), Pipeline.Value_not_leZ "Z.log2 s - last_limb_width <= machine_wordsize * (n - 1)" (Z.log2 s - last_limb_width) (Z.to_nat machine_wordsize * (n - 1))) ; (Z.log2 s <=? n * (Z.log2 s - last_limb_width) / (n - 1), Pipeline.Value_not_leZ "Z.log2 s <= n * (Z.log2 s - last_limb_width) / (n - 1)" (Z.log2 s) (n * (Z.log2 s - last_limb_width) / (n - 1))) ]) res. From 2bba8e2d62711919f53525698fe614801bf9e4a4 Mon Sep 17 00:00:00 2001 From: Owen Conoly Date: Thu, 18 May 2023 12:46:03 -0400 Subject: [PATCH 27/27] slightly simplified a proof --- src/Rewriter/RulesProofs.v | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Rewriter/RulesProofs.v b/src/Rewriter/RulesProofs.v index 5d6bcac9d6..6e7cc2dddd 100644 --- a/src/Rewriter/RulesProofs.v +++ b/src/Rewriter/RulesProofs.v @@ -584,7 +584,7 @@ Lemma relaxed_rules_work rland rm1 rv v : Proof. intros H1 H2 H3 H4 H5 H6. replace (ident.cast rland v) with (ident.cast rland (ident.cast rv v)). - - interp_good_t_step_arith. interp_good_t_step_arith. rewrite Z.land_ones. + - do 3 interp_good_t_step_arith. rewrite Z.land_ones. + replace (2 ^ Z.succ (Z.log2 (upper rland))) with (upper rland + 1). -- rewrite <- ident.cast_out_of_bounds_simple_0_mod. ++ destruct rland. simpl in *. subst. apply ident.cast_idempotent.