1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
From 39bd2609ca730b3b628003b3f938aed7d49132ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= <peterke@gmail.com>
Date: Thu, 28 Feb 2019 14:53:44 +0200
Subject: [PATCH] crypto/bn256/cloudflare: pull in upstream fix for Go 1.12 R18
---
crypto/bn256/cloudflare/mul_arm64.h | 32 ++++++++++++++---------------
1 file changed, 16 insertions(+), 16 deletions(-)
diff --git a/crypto/bn256/cloudflare/mul_arm64.h b/crypto/bn256/cloudflare/mul_arm64.h
index 75d52217311..d405eb8f728 100644
--- a/crypto/bn256/cloudflare/mul_arm64.h
+++ b/crypto/bn256/cloudflare/mul_arm64.h
@@ -12,7 +12,7 @@
UMULH R1, R8, c4 \
ADCS ZR, c4 \
\
- MUL R2, R5, R25 \
+ MUL R2, R5, R1 \
UMULH R2, R5, R26 \
MUL R2, R6, R0 \
ADDS R0, R26 \
@@ -24,13 +24,13 @@
ADCS R0, R29 \
UMULH R2, R8, c5 \
ADCS ZR, c5 \
- ADDS R25, c1 \
+ ADDS R1, c1 \
ADCS R26, c2 \
ADCS R27, c3 \
ADCS R29, c4 \
ADCS ZR, c5 \
\
- MUL R3, R5, R25 \
+ MUL R3, R5, R1 \
UMULH R3, R5, R26 \
MUL R3, R6, R0 \
ADDS R0, R26 \
@@ -42,13 +42,13 @@
ADCS R0, R29 \
UMULH R3, R8, c6 \
ADCS ZR, c6 \
- ADDS R25, c2 \
+ ADDS R1, c2 \
ADCS R26, c3 \
ADCS R27, c4 \
ADCS R29, c5 \
ADCS ZR, c6 \
\
- MUL R4, R5, R25 \
+ MUL R4, R5, R1 \
UMULH R4, R5, R26 \
MUL R4, R6, R0 \
ADDS R0, R26 \
@@ -60,7 +60,7 @@
ADCS R0, R29 \
UMULH R4, R8, c7 \
ADCS ZR, c7 \
- ADDS R25, c3 \
+ ADDS R1, c3 \
ADCS R26, c4 \
ADCS R27, c5 \
ADCS R29, c6 \
@@ -69,15 +69,15 @@
#define gfpReduce() \
\ // m = (T * N') mod R, store m in R1:R2:R3:R4
MOVD ·np+0(SB), R17 \
- MOVD ·np+8(SB), R18 \
+ MOVD ·np+8(SB), R25 \
MOVD ·np+16(SB), R19 \
MOVD ·np+24(SB), R20 \
\
MUL R9, R17, R1 \
UMULH R9, R17, R2 \
- MUL R9, R18, R0 \
+ MUL R9, R25, R0 \
ADDS R0, R2 \
- UMULH R9, R18, R3 \
+ UMULH R9, R25, R3 \
MUL R9, R19, R0 \
ADCS R0, R3 \
UMULH R9, R19, R4 \
@@ -86,9 +86,9 @@
\
MUL R10, R17, R21 \
UMULH R10, R17, R22 \
- MUL R10, R18, R0 \
+ MUL R10, R25, R0 \
ADDS R0, R22 \
- UMULH R10, R18, R23 \
+ UMULH R10, R25, R23 \
MUL R10, R19, R0 \
ADCS R0, R23 \
ADDS R21, R2 \
@@ -97,7 +97,7 @@
\
MUL R11, R17, R21 \
UMULH R11, R17, R22 \
- MUL R11, R18, R0 \
+ MUL R11, R25, R0 \
ADDS R0, R22 \
ADDS R21, R3 \
ADCS R22, R4 \
@@ -107,19 +107,19 @@
\
\ // m * N
loadModulus(R5,R6,R7,R8) \
- mul(R17,R18,R19,R20,R21,R22,R23,R24) \
+ mul(R17,R25,R19,R20,R21,R22,R23,R24) \
\
\ // Add the 512-bit intermediate to m*N
- MOVD ZR, R25 \
+ MOVD ZR, R0 \
ADDS R9, R17 \
- ADCS R10, R18 \
+ ADCS R10, R25 \
ADCS R11, R19 \
ADCS R12, R20 \
ADCS R13, R21 \
ADCS R14, R22 \
ADCS R15, R23 \
ADCS R16, R24 \
- ADCS ZR, R25 \
+ ADCS ZR, R0 \
\
\ // Our output is R21:R22:R23:R24. Reduce mod p if necessary.
SUBS R5, R21, R10 \
|