368 #define uECC_N_WORDS uECC_CONCAT(uECC_N_WORDS_, uECC_CURVE)  macro
378 static const uECC_word_t curve_n[uECC_N_WORDS] = uECC_CONCAT(Curve_N_, uECC_CURVE);
2205     vli[uECC_N_WORDS - 1] = 0;  in vli_clear_n()
2209     if (vli[uECC_N_WORDS - 1]) {  in vli_isZero_n()
2217     dest[uECC_N_WORDS - 1] = src[uECC_N_WORDS - 1];  in vli_set_n()
2221     if (left[uECC_N_WORDS - 1] > right[uECC_N_WORDS - 1]) {  in vli_cmp_n()
2223     } else if (left[uECC_N_WORDS - 1] < right[uECC_N_WORDS - 1]) {  in vli_cmp_n()
2231     vli[uECC_N_WORDS - 2] |= vli[uECC_N_WORDS - 1] << (uECC_WORD_BITS - 1);  in vli_rshift1_n()
2232     vli[uECC_N_WORDS - 1] = vli[uECC_N_WORDS - 1] >> 1;  in vli_rshift1_n()
2239     uECC_word_t sum = left[uECC_N_WORDS - 1] + right[uECC_N_WORDS - 1] + carry;  in vli_add_n()
2240     if (sum != left[uECC_N_WORDS - 1]) {  in vli_add_n()
2241         carry = (sum < left[uECC_N_WORDS - 1]);  in vli_add_n()
2243     result[uECC_N_WORDS - 1] = sum;  in vli_add_n()
2251     uECC_word_t diff = left[uECC_N_WORDS - 1] - right[uECC_N_WORDS - 1] - borrow;  in vli_sub_n()
2252     if (diff != left[uECC_N_WORDS - 1]) {  in vli_sub_n()
2253         borrow = (diff > left[uECC_N_WORDS - 1]);  in vli_sub_n()
2255     result[uECC_N_WORDS - 1] = diff;  in vli_sub_n()
2281     for (k = 0; k < uECC_N_WORDS * 2 - 1; ++k) {  in vli_mult_n()
2282         wordcount_t min = (k < uECC_N_WORDS ? 0 : (k + 1) - uECC_N_WORDS);  in vli_mult_n()
2283         wordcount_t max = (k < uECC_N_WORDS ? k : uECC_N_WORDS - 1);  in vli_mult_n()
2292     result[uECC_N_WORDS * 2 - 1] = r0;  in vli_mult_n()
2306     uECC_word_t a[uECC_N_WORDS], b[uECC_N_WORDS], u[uECC_N_WORDS], v[uECC_N_WORDS];  in vli_modInv_n()
2329                 u[uECC_N_WORDS - 1] |= HIGH_BIT_SET;  in vli_modInv_n()
2338                 v[uECC_N_WORDS - 1] |= HIGH_BIT_SET;  in vli_modInv_n()
2352                 u[uECC_N_WORDS - 1] |= HIGH_BIT_SET;  in vli_modInv_n()
2366                 v[uECC_N_WORDS - 1] |= HIGH_BIT_SET;  in vli_modInv_n()
2375     vli[uECC_N_WORDS - 1] |= vli[uECC_N_WORDS] << (uECC_WORD_BITS - 1);  in vli2_rshift1_n()
2376     vli_rshift1_n(vli + uECC_N_WORDS);  in vli2_rshift1_n()
2384     for (i = 0; i < uECC_N_WORDS * 2; ++i) {  in vli2_sub_n()
2397     uECC_word_t product[2 * uECC_N_WORDS];  in vli_modMult_n()
2398     uECC_word_t modMultiple[2 * uECC_N_WORDS];  in vli_modMult_n()
2399     uECC_word_t tmp[2 * uECC_N_WORDS];  in vli_modMult_n()
2405     vli_set(modMultiple + uECC_N_WORDS + 1, curve_n);  in vli_modMult_n()
2406     vli_rshift1(modMultiple + uECC_N_WORDS + 1);  in vli_modMult_n()
2407     modMultiple[2 * uECC_N_WORDS - 1] |= HIGH_BIT_SET;  in vli_modMult_n()
2408     modMultiple[uECC_N_WORDS] = HIGH_BIT_SET;  in vli_modMult_n()
2411          i <= ((((bitcount_t)uECC_N_WORDS) << uECC_WORD_BITS_SHIFT) + (uECC_WORD_BITS - 1));  in vli_modMult_n()
2471                             uECC_word_t k[uECC_N_WORDS],  in uECC_sign_with_k()  argument
2473     uECC_word_t tmp[uECC_N_WORDS];  in uECC_sign_with_k()
2474     uECC_word_t s[uECC_N_WORDS];  in uECC_sign_with_k()
2539     tmp[uECC_N_WORDS - 1] = 0;  in uECC_sign_with_k()
2541     s[uECC_N_WORDS - 1] = 0;  in uECC_sign_with_k()
2549     if (s[uECC_N_WORDS - 1]) {  in uECC_sign_with_k()
2560     uECC_word_t k[uECC_N_WORDS];  in uECC_sign()
2659         uECC_word_t T[uECC_N_WORDS];  in uECC_sign_deterministic()
2694     uECC_word_t u1[uECC_N_WORDS], u2[uECC_N_WORDS];  in uECC_verify()
2695     uECC_word_t z[uECC_N_WORDS];  in uECC_verify()
2706     uECC_word_t r[uECC_N_WORDS], s[uECC_N_WORDS];  in uECC_verify()
2707     r[uECC_N_WORDS - 1] = 0;  in uECC_verify()
2708     s[uECC_N_WORDS - 1] = 0;  in uECC_verify()
2727     u1[uECC_N_WORDS - 1] = 0;  in uECC_verify()
2747     numBits = smax(vli_numBits(u1, uECC_N_WORDS), vli_numBits(u2, uECC_N_WORDS));  in uECC_verify()