Home
last modified time | relevance | path

Searched refs:y (Results 1 – 25 of 51) sorted by relevance

123

/crypto/fipsmodule/aes/asm/
A Dbsaes-armv7.pl252 veor @y[0], @y[0], @y[2]
253 veor @y[1], @y[1], @y[3]
269 veor @y[0], @y[0], @y[2]
270 veor @y[1], @y[1], @y[3]
499 veor @y[1], @y[1], @y[0]
510 veor @y[1], @y[1], @y[0]
540 veor @y[4], @y[4], @y[7]
549 veor @y[3], @y[3], @y[1]
558 veor @y[3], @y[3], @y[1]
568 veor @y[4], @y[4], @y[7]
[all …]
/crypto/fipsmodule/bn/
A Dsqrt.cc.inc72 y = BN_CTX_get(ctx);
73 if (y == NULL) {
156 // y := b^2
199 if (BN_usub(y, y, p)) {
203 // now 0 <= y < |p|
204 if (BN_is_zero(y)) {
238 if (!BN_mod_exp_mont(y, y, q, p, ctx, NULL)) {
241 if (BN_is_one(y)) {
310 // y^2^(e-1) = -1,
341 // t := y^2^(e - i - 1)
[all …]
A Dmontgomery_inv.cc.inc130 // Dietz calculates (x+y)/2 by (x⊕y)>>1 + x&y. This is valid for all
131 // (unsigned) x and y, even when x+y overflows. Evidence for 32-bit values
135 // (declare-fun y () (_ BitVec 64))
141 // (bvult y (bvshl one thirtyTwo))
143 // (bvadd (bvlshr (bvxor x y) one) (bvand x y))
144 // (bvlshr (bvadd x y) one)))
A Dgcd_extra.cc.inc50 const BIGNUM *y, BN_CTX *ctx) {
51 size_t width = x->width > y->width ? x->width : y->width;
66 !BN_copy(v, y) || //
76 y_bits = y->width * BN_BITS2;
108 // zero, unless |y| was already zero on input. Fix this by combining the
119 int BN_gcd(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) {
121 return bn_gcd_consttime(r, &shift, x, y, ctx) && BN_lshift(r, r, shift);
125 const BIGNUM *y, BN_CTX *ctx) {
129 if (gcd == nullptr || !bn_gcd_consttime(gcd, &shift, x, y, ctx)) {
/crypto/
A Dinternal.h1469 return __builtin_addc(x, y, carry, out_carry); in CRYPTO_addc_impl()
1475 return __builtin_addcl(x, y, carry, out_carry); in CRYPTO_addc_impl()
1502 *out_carry = _addcarry_u32(carry, x, y, &sum); in CRYPTO_addc_u32()
1506 ret += (uint64_t)x + y; in CRYPTO_addc_u32()
1517 *out_carry = _addcarry_u64(carry, x, y, &sum); in CRYPTO_addc_u64()
1521 ret += (uint128_t)x + y; in CRYPTO_addc_u64()
1527 uint64_t ret = x + y; in CRYPTO_addc_u64()
1579 uint32_t ret = x - y - borrow; in CRYPTO_subc_u32()
1580 *out_borrow = (x < y) | ((x == y) & borrow); in CRYPTO_subc_u32()
1593 uint64_t ret = x - y - borrow; in CRYPTO_subc_u64()
[all …]
/crypto/md5/asm/
A Dmd5-x86_64.pl30 my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
34 xor $y, %r11d /* y ^ ... */
41 mov $y, %r11d /* (NEXT STEP) z' = $y */
54 my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
62 and $y, %r11d /* y & (not z) */
65 mov $y, %r11d /* (NEXT STEP) z' = $y */
67 mov $y, %r12d /* (NEXT STEP) z' = $y */
80 my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
102 my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
110 xor $y, %r11d /* y ^ ... */
[all …]
/crypto/rc4/
A Drc4.cc20 uint32_t y = key->y; in RC4() local
26 y = (tx + y) & 0xff; in RC4()
27 uint32_t ty = d[y]; in RC4()
29 d[y] = tx; in RC4()
34 key->y = y; in RC4()
40 rc4key->y = 0; in RC4_set_key()
/crypto/fipsmodule/ec/
A Dmake_p256-nistz-tests.go59 func modMul(z, x, y *big.Int) *big.Int {
60 z.Mul(x, y)
72 func isAffineInfinity(x, y *big.Int) bool {
75 return x.Sign() == 0 && y.Sign() == 0
90 func randPoint() (x, y *big.Int) {
95 func toJacobian(xIn, yIn *big.Int) (x, y, z *big.Int) {
115 y = randNonZeroInt(p)
123 y = modMul(new(big.Int), z, z)
124 x = modMul(new(big.Int), xIn, y)
127 modMul(y, y, z)
[all …]
A Dmake_tables.go309 x, y := curve.Params().Gx, curve.Params().Gy
311 x, y = curve.Double(x, y)
313 ret[1-1] = [2]*big.Int{x, y}
317 ret[i-1] = [2]*big.Int{x, y}
320 ret[i-1] = [2]*big.Int{x, y}
332 x, y := curve.Params().Gx, curve.Params().Gy
334 x, y = curve.Double(x, y)
336 ret[1<<0-1] = [2]*big.Int{x, y}
341 x, y = curve.Double(x, y)
343 ret[1<<i-1] = [2]*big.Int{x, y}
[all …]
A Doct.cc.inc74 EC_FELEM x, y;
77 !ec_point_set_affine_coordinates(group, out, &x, &y)) {
230 BIGNUM *y = BN_CTX_get(ctx);
235 // Recover y. We have a Weierstrass equation
236 // y^2 = x^3 + a*x + b,
237 // so y is one of the square roots of x^3 + a*x + b.
264 if (!BN_mod_sqrt(y, tmp1, field, ctx)) {
276 if (y_bit != BN_is_odd(y)) {
277 if (BN_is_zero(y)) {
281 if (!BN_usub(y, field, y)) {
[all …]
A Dec_test.cc186 bssl::UniquePtr<BIGNUM> y(BN_new()); in TEST() local
188 ASSERT_TRUE(y); in TEST()
354 y.get(), nullptr)); in TEST()
528 EXPECT_EQ(0, BN_cmp(y.get(), qy.get())); in TEST()
553 bssl::UniquePtr<BIGNUM> y(BN_new()); in TEST_P() local
554 ASSERT_TRUE(y); in TEST_P()
569 EXPECT_TRUE(BN_sub(y.get(), y.get(), BN_value_one())); in TEST_P()
578 EXPECT_TRUE(BN_add(y.get(), y.get(), BN_value_one())); in TEST_P()
579 EXPECT_TRUE(BN_add(y.get(), y.get(), p.get())); in TEST_P()
1043 ASSERT_TRUE(y); in TEST()
[all …]
A Dp256.cc.inc270 fiat_p256_felem y;
271 fiat_p256_from_generic(y, &point->Y);
273 fiat_p256_mul(y, y, z1); // y * z
274 fiat_p256_mul(y, y, z2); // y * z^-3
275 fiat_p256_to_generic(y_out, y);
298 fiat_p256_felem x, y, z;
300 fiat_p256_from_generic(y, &a->Y);
302 fiat_p256_point_double(x, y, z, x, y, z);
304 fiat_p256_to_generic(&r->Y, y);
492 y = &tmp;
[all …]
A Dp256-nistz_test.cc269 bssl::UniquePtr<BIGNUM> x(BN_new()), y(BN_new()), z(BN_new()); in PointToAffine() local
271 if (!x || !y || !z || !p || in PointToAffine()
273 !bn_set_words(y.get(), in->Y, P256_LIMBS) || in PointToAffine()
280 BN_cmp(y.get(), p.get()) >= 0 || in PointToAffine()
304 !BN_mod_mul_montgomery(y.get(), y.get(), z.get(), mont.get(), in PointToAffine()
306 !BN_mod_mul_montgomery(y.get(), y.get(), z.get(), mont.get(), in PointToAffine()
308 !BN_mod_mul_montgomery(y.get(), y.get(), z.get(), mont.get(), in PointToAffine()
311 !bn_copy_words(out->Y, P256_LIMBS, y.get())) { in PointToAffine()
A Dec.cc.inc503 BIGNUM *y, BN_CTX *ctx) {
517 (y != NULL && !ec_felem_to_bignum(group, y, &y_felem))) {
526 return EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx);
551 const EC_FELEM *x, const EC_FELEM *y) {
559 felem_sqr(group, &lhs, y); // lhs = y^2
578 out->Y = *y;
583 const BIGNUM *x, const BIGNUM *y,
590 if (x == NULL || y == NULL) {
598 !ec_bignum_to_felem(group, &y_felem, y) ||
611 const BIGNUM *x, const BIGNUM *y,
[all …]
A Dec_montgomery.cc.inc95 EC_FELEM *x, EC_FELEM *y) {
102 // Transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3). Note the check above
112 if (y != NULL) {
114 ec_GFp_mont_felem_mul(group, y, &point->Y, &z1);
156 // Compute affine coordinates: x = X * Z^-2 and y = Y * Z^-3.
289 // gamma = y^2
309 // z' = (y + z)^2 - gamma - delta
315 // y' = alpha*(4*beta - x') - 8*gamma^2
A Dmake_ec_scalar_base_mult_tests.go44 x, y := curve.ScalarBaseMult(n.Bytes())
46 printPadded("Y", y, curve.Params().P)
/crypto/curve25519/
A Dmake_curve25519_tables.py31 def recover_x(y, sign): argument
32 if y >= p:
34 x2 = (y*y-1) * modp_inv(d*y*y+1)
87 x, y = P
88 return ((y + x) % p, (y - x) % p, (x * y * 2 * d) % p)
/crypto/fipsmodule/ecdsa/
A Decdsa_test.cc54 y = HexToBIGNUM(kY), n = HexToBIGNUM(kN); in NewSecp160r1Group() local
55 if (!p || !a || !b || !x || !y || !n) { in NewSecp160r1Group()
67 y.get(), nullptr) || in NewSecp160r1Group()
317 y(BN_new()); in MakeCustomClone() local
318 if (!ctx || !p || !a || !b || !x || !y || in MakeCustomClone()
362 bssl::UniquePtr<BIGNUM> y = GetBIGNUM(t, "Y"); in TEST() local
363 ASSERT_TRUE(y); in TEST()
379 group.get(), pub_key.get(), x.get(), y.get(), nullptr)); in TEST()
406 bssl::UniquePtr<BIGNUM> y = GetBIGNUM(t, "Y"); in TEST() local
407 ASSERT_TRUE(y); in TEST()
[all …]
/crypto/fipsmodule/keccak/
A Dkeccak.cc.inc39 for (int y = 0; y < 5; y++) {
40 state[y * 5 + x] ^= d;
47 // (x,y), is rotated and written to the point (y, 2x + 3y). In the Keccak
95 for (int y = 0; y < 5; y++) {
96 const int row_index = 5 * y;
/crypto/ec/
A Dhash_to_curve.cc277 EC_FELEM tv1, tv2, tv3, tv4, tv5, tv6, x, y, y1; in map_to_curve_simple_swu() local
305 felem_mul(group, &y, &tv1, u); // 19. y = tv1 * u in map_to_curve_simple_swu()
306 felem_mul(group, &y, &y, &y1); // 20. y = y * y1 in map_to_curve_simple_swu()
311 ec_felem_select(group, &y, is_gx1_square, &y1, &y); in map_to_curve_simple_swu()
315 BN_ULONG sgn0_y = sgn0(group, &y); in map_to_curve_simple_swu()
320 ec_felem_neg(group, &tv1, &y); in map_to_curve_simple_swu()
321 ec_felem_select(group, &y, not_e1, &tv1, &y); in map_to_curve_simple_swu()
331 felem_mul(group, &out->Y, &y, &tv6); in map_to_curve_simple_swu()
A Dec_asn1.cc345 bssl::UniquePtr<BIGNUM> y(BN_new()); in EC_KEY_parse_parameters() local
347 y == nullptr) { in EC_KEY_parse_parameters()
368 group, EC_GROUP_get0_generator(group), x.get(), y.get(), nullptr)) { in EC_KEY_parse_parameters()
372 !integers_equal(&curve.base_y, y.get())) { in EC_KEY_parse_parameters()
/crypto/hrss/
A Dhrss.cc980 vec_fma(result[x + 0], vec_a[0], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
982 vec_fma(result[x + 1], vec_a[1], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
984 vec_fma(result[x + 2], vec_a[2], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1042 vec_fma(result[x + 0], vec_a[0], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1044 vec_fma(result[x + 1], vec_a[1], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1045 result[x + 2] = vec_mul(vec_a[2], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1058 vec_fma(result[x + 0], vec_a[0], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1060 vec_fma(result[x + 1], vec_a[1], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1062 vec_fma(result[x + 2], vec_a[2], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
1064 vec_fma(result[x + 3], vec_a[3], vec_get_word(b[y / 8], y % 8)); \ in poly_mul_vec_aux()
[all …]
/crypto/ecdh/
A Decdh_test.cc78 bssl::UniquePtr<BIGNUM> y = GetBIGNUM(t, "Y"); in TEST() local
79 ASSERT_TRUE(y); in TEST()
96 x.get(), y.get(), nullptr)); in TEST()
232 bssl::UniquePtr<BIGNUM> y(BN_bin2bn(kY, sizeof(kY), nullptr)); in MakeCustomGroup() local
234 if (!ctx || !p || !a || !b || !x || !y || !order) { in MakeCustomGroup()
245 x.get(), y.get(), ctx.get()) || in MakeCustomGroup()
/crypto/spake2plus/
A Dspake2plus.cc386 Span<const uint8_t> y) { in Init() argument
392 (!y.empty() && in Init()
393 !ec_scalar_from_bytes(group, &y_, y.data(), y.size())) || // in Init()
394 (y.empty() && !ec_random_scalar(group, &y_, kDefaultAdditionalData))) { in Init()
/crypto/fipsmodule/sha/
A Dsha256.cc.inc154 #define Ch(x, y, z) (((x) & (y)) ^ ((~(x)) & (z)))
155 #define Maj(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))

Completed in 67 milliseconds

123