Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 1 | .text |
| 2 | |
| 3 | .global bn_mul_mont |
| 4 | .type bn_mul_mont,%function |
| 5 | |
| 6 | .align 2 |
| 7 | bn_mul_mont: |
| 8 | stmdb sp!,{r0,r2} @ sp points at argument block |
| 9 | ldr r0,[sp,#3*4] @ load num |
| 10 | cmp r0,#2 |
| 11 | movlt r0,#0 |
| 12 | addlt sp,sp,#2*4 |
| 13 | blt .Labrt |
| 14 | |
| 15 | stmdb sp!,{r4-r12,lr} @ save 10 registers |
| 16 | |
| 17 | mov r0,r0,lsl#2 @ rescale r0 for byte count |
| 18 | sub sp,sp,r0 @ alloca(4*num) |
| 19 | sub sp,sp,#4 @ +extra dword |
| 20 | sub r0,r0,#4 @ "num=num-1" |
| 21 | add r4,r2,r0 @ &bp[num-1] |
| 22 | |
| 23 | add r0,sp,r0 @ r0 to point at &tp[num-1] |
| 24 | ldr r8,[r0,#14*4] @ &n0 |
| 25 | ldr r2,[r2] @ bp[0] |
| 26 | ldr r5,[r1],#4 @ ap[0],ap++ |
| 27 | ldr r6,[r3],#4 @ np[0],np++ |
| 28 | ldr r8,[r8] @ *n0 |
| 29 | str r4,[r0,#15*4] @ save &bp[num] |
| 30 | |
| 31 | umull r10,r11,r5,r2 @ ap[0]*bp[0] |
| 32 | str r8,[r0,#14*4] @ save n0 value |
| 33 | mul r8,r10,r8 @ "tp[0]"*n0 |
| 34 | mov r12,#0 |
| 35 | umlal r10,r12,r6,r8 @ np[0]*n0+"t[0]" |
| 36 | mov r4,sp |
| 37 | |
| 38 | .L1st: |
| 39 | ldr r5,[r1],#4 @ ap[j],ap++ |
| 40 | mov r10,r11 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 41 | mov r11,#0 |
| 42 | umlal r10,r11,r5,r2 @ ap[j]*bp[0] |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 43 | ldr r6,[r3],#4 @ np[j],np++ |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 44 | mov r14,#0 |
| 45 | umlal r12,r14,r6,r8 @ np[j]*n0 |
| 46 | adds r12,r12,r10 |
| 47 | str r12,[r4],#4 @ tp[j-1]=,tp++ |
| 48 | adc r12,r14,#0 |
| 49 | cmp r4,r0 |
| 50 | bne .L1st |
| 51 | |
| 52 | adds r12,r12,r11 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 53 | mov r14,#0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 54 | adc r14,r14,#0 |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 55 | ldr r4,[r0,#13*4] @ restore bp |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 56 | str r12,[r0] @ tp[num-1]= |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 57 | ldr r8,[r0,#14*4] @ restore n0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 58 | str r14,[r0,#4] @ tp[num]= |
| 59 | |
| 60 | .Louter: |
| 61 | sub r7,r0,sp @ "original" r0-1 value |
| 62 | sub r1,r1,r7 @ "rewind" ap to &ap[1] |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 63 | sub r3,r3,r7 @ "rewind" np to &np[1] |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 64 | ldr r2,[r4,#4]! @ *(++bp) |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 65 | ldr r5,[r1,#-4] @ ap[0] |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 66 | ldr r6,[r3,#-4] @ np[0] |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 67 | ldr r10,[sp] @ tp[0] |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 68 | ldr r7,[sp,#4] @ tp[1] |
| 69 | |
| 70 | mov r11,#0 |
| 71 | umlal r10,r11,r5,r2 @ ap[0]*bp[i]+tp[0] |
| 72 | str r4,[r0,#13*4] @ save bp |
| 73 | mul r8,r10,r8 |
| 74 | mov r12,#0 |
| 75 | umlal r10,r12,r6,r8 @ np[0]*n0+"tp[0]" |
| 76 | mov r4,sp |
| 77 | |
| 78 | .Linner: |
| 79 | ldr r5,[r1],#4 @ ap[j],ap++ |
| 80 | adds r10,r11,r7 @ +=tp[j] |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 81 | mov r11,#0 |
| 82 | umlal r10,r11,r5,r2 @ ap[j]*bp[i] |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 83 | ldr r6,[r3],#4 @ np[j],np++ |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 84 | mov r14,#0 |
| 85 | umlal r12,r14,r6,r8 @ np[j]*n0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 86 | ldr r7,[r4,#8] @ tp[j+1] |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 87 | adc r11,r11,#0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 88 | adds r12,r12,r10 |
| 89 | str r12,[r4],#4 @ tp[j-1]=,tp++ |
| 90 | adc r12,r14,#0 |
| 91 | cmp r4,r0 |
| 92 | bne .Linner |
| 93 | |
| 94 | adds r12,r12,r11 |
| 95 | mov r14,#0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 96 | adc r14,r14,#0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 97 | adds r12,r12,r7 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 98 | adc r14,r14,#0 |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 99 | ldr r4,[r0,#13*4] @ restore bp |
| 100 | ldr r7,[r0,#15*4] @ restore &bp[num] |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 101 | str r12,[r0] @ tp[num-1]= |
Alexandre Savard | 7541067 | 2012-08-08 09:50:01 -0400 | [diff] [blame] | 102 | ldr r8,[r0,#14*4] @ restore n0 |
Alexandre Savard | 1b09e31 | 2012-08-07 20:33:29 -0400 | [diff] [blame] | 103 | str r14,[r0,#4] @ tp[num]= |
| 104 | |
| 105 | cmp r4,r7 |
| 106 | bne .Louter |
| 107 | |
| 108 | ldr r2,[r0,#12*4] @ pull rp |
| 109 | add r0,r0,#4 @ r0 to point at &tp[num] |
| 110 | sub r5,r0,sp @ "original" num value |
| 111 | mov r4,sp @ "rewind" r4 |
| 112 | mov r1,r4 @ "borrow" r1 |
| 113 | sub r3,r3,r5 @ "rewind" r3 to &np[0] |
| 114 | |
| 115 | subs r7,r7,r7 @ "clear" carry flag |
| 116 | .Lsub: ldr r7,[r4],#4 |
| 117 | ldr r6,[r3],#4 |
| 118 | sbcs r7,r7,r6 @ tp[j]-np[j] |
| 119 | str r7,[r2],#4 @ rp[j]= |
| 120 | teq r4,r0 @ preserve carry |
| 121 | bne .Lsub |
| 122 | sbcs r14,r14,#0 @ upmost carry |
| 123 | mov r4,sp @ "rewind" r4 |
| 124 | sub r2,r2,r5 @ "rewind" r2 |
| 125 | |
| 126 | and r1,r4,r14 |
| 127 | bic r3,r2,r14 |
| 128 | orr r1,r1,r3 @ ap=borrow?tp:rp |
| 129 | |
| 130 | .Lcopy: ldr r7,[r1],#4 @ copy or in-place refresh |
| 131 | str sp,[r4],#4 @ zap tp |
| 132 | str r7,[r2],#4 |
| 133 | cmp r4,r0 |
| 134 | bne .Lcopy |
| 135 | |
| 136 | add sp,r0,#4 @ skip over tp[num+1] |
| 137 | ldmia sp!,{r4-r12,lr} @ restore registers |
| 138 | add sp,sp,#2*4 @ skip over {r0,r2} |
| 139 | mov r0,#1 |
| 140 | .Labrt: tst lr,#1 |
| 141 | moveq pc,lr @ be binary compatible with V4, yet |
| 142 | .word 0xe12fff1e @ interoperable with Thumb ISA:-) |
| 143 | .size bn_mul_mont,.-bn_mul_mont |
| 144 | .asciz "Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro@openssl.org>" |
| 145 | .align 2 |