Lines Matching defs:mod
333 // c[] = a[] - mod, fixed timing
336 static const uint32_t* subM(const clBignumModulus * mod,
343 for (i = 0; i < mod->nwords; ++i) {
344 A += (uint64_t)a[i] - (mod->n[i] * mask);
351 // montgomery c[] += a * b[] / R % mod, fixed timing.
352 static void montMulAdd(const clBignumModulus * mod,
357 uint32_t d0 = (uint32_t)A * mod->n0inv;
358 uint64_t B = (uint64_t)d0 * mod->n[0] + (uint32_t)A;
361 for (i = 1; i < mod->nwords; ++i) {
363 B = (B >> 32) + (uint64_t)d0 * mod->n[i] + (uint32_t)A;
371 subM(mod, c, c, (uint32_t)(A >> 32)); // A >> 32 either 0 or 1.
374 // montgomery c[] = a[] * b[] / R % mod, fixed timing.
375 static void montMul(const clBignumModulus * mod,
380 memset(c, 0, mod->size);
381 for (i = 0; i < mod->nwords; ++i) {
382 montMulAdd(mod, c, a[i], b);
424 montMul(key, aR, a, key->rr); // aR = a * RR / R mod M
426 montMul(key, aaR, aR, aR); // aaR = aR * aR / R mod M
427 montMul(key, aR, aaR, aaR); // aR = aaR * aaR / R mod M
429 montMul(key, aaa, aR, a); // aaa = aR * a / R mod M
468 // c[] = a[] * 1 / R mod M, fixed timing.
479 // c = a[] ** x mod M, fixed timing.
492 montMul1(M, one, M->rr); // 1 * RR / R mod M == R mod M aka '1'
493 montMul(M, base, a, M->rr); // base = a * R mod M
494 montMul1(M, accu, M->rr); // accu = 1 * RR / R = R mod M aka '1'
495 montMul1(M, tmp, M->rr); // tmp = 1 * RR / R = R mod M aka '1'
508 montMul1(M, accu, tmp); // accu = 1 * tmp * R / R mod M; undo last sqr.