From 3add4a8d545f4c18f8e3fa125084c82d9fb18ddc Mon Sep 17 00:00:00 2001 From: Sun Yimin Date: Thu, 9 Oct 2025 16:23:50 +0800 Subject: [PATCH] internal/sm2ec: loong64 p256NegCond --- internal/sm2ec/p256_asm_loong64.s | 71 ++++++++++++++++++++++ internal/sm2ec/sm2p256_asm_loong64.go | 5 ++ internal/sm2ec/sm2p256_asm_loong64_test.go | 33 ++++++++++ 3 files changed, 109 insertions(+) diff --git a/internal/sm2ec/p256_asm_loong64.s b/internal/sm2ec/p256_asm_loong64.s index 65e8e92..14e7ca6 100644 --- a/internal/sm2ec/p256_asm_loong64.s +++ b/internal/sm2ec/p256_asm_loong64.s @@ -16,6 +16,28 @@ #define acc3 R11 #define acc4 R12 #define acc5 R13 +#define t0 R14 +#define t1 R15 +#define t2 R16 +#define t3 R17 + +DATA p256p<>+0x00(SB)/8, $0xffffffffffffffff +DATA p256p<>+0x08(SB)/8, $0xffffffff00000000 +DATA p256p<>+0x10(SB)/8, $0xffffffffffffffff +DATA p256p<>+0x18(SB)/8, $0xfffffffeffffffff +DATA p256ordK0<>+0x00(SB)/8, $0x327f9e8872350975 +DATA p256ord<>+0x00(SB)/8, $0x53bbf40939d54123 +DATA p256ord<>+0x08(SB)/8, $0x7203df6b21c6052b +DATA p256ord<>+0x10(SB)/8, $0xffffffffffffffff +DATA p256ord<>+0x18(SB)/8, $0xfffffffeffffffff +DATA p256one<>+0x00(SB)/8, $0x0000000000000001 +DATA p256one<>+0x08(SB)/8, $0x00000000ffffffff +DATA p256one<>+0x10(SB)/8, $0x0000000000000000 +DATA p256one<>+0x18(SB)/8, $0x0000000100000000 +GLOBL p256p<>(SB), RODATA, $32 +GLOBL p256ordK0<>(SB), RODATA, $8 +GLOBL p256ord<>(SB), RODATA, $32 +GLOBL p256one<>(SB), RODATA, $32 /* ---------------------------------------*/ // func p256OrdLittleToBig(res *[32]byte, in *p256OrdElement) @@ -51,3 +73,52 @@ TEXT ·p256BigToLittle(SB),NOSPLIT,$0 MOVV acc0, (8*3)(res_ptr) RET + +/* ---------------------------------------*/ +// func p256NegCond(val *p256Element, cond int) +TEXT ·p256NegCond(SB),NOSPLIT,$0 + MOVV val+0(FP), res_ptr + MOVV cond+8(FP), t0 + // acc = poly + MOVV $-1, acc0 + MOVV p256p<>+0x08(SB), acc1 + MOVV $-1, acc2 + MOVV p256p<>+0x18(SB), acc3 + // Load the original value + MOVV (8*0)(res_ptr), acc4 + MOVV (8*1)(res_ptr), x_ptr + MOVV (8*2)(res_ptr), y_ptr + MOVV (8*3)(res_ptr), acc5 + + // Speculatively subtract + SUBV acc4, acc0 + SGTU x_ptr, acc1, t1 + SUBV x_ptr, acc1 + SUBV y_ptr, acc2 + SGTU t1, acc2, t2 + SUBV t1, acc2 + SUBV acc5, acc3 + SUBV t2, acc3 + + MASKNEZ t0, acc4, acc4 + MASKEQZ t0, acc0, acc0 + OR acc4, acc0 + + MASKNEZ t0, x_ptr, x_ptr + MASKEQZ t0, acc1, acc1 + OR x_ptr, acc1 + + MASKNEZ t0, y_ptr, y_ptr + MASKEQZ t0, acc2, acc2 + OR y_ptr, acc2 + + MASKNEZ t0, acc5, acc5 + MASKEQZ t0, acc3, acc3 + OR acc5, acc3 + + MOVV acc0, (8*0)(res_ptr) + MOVV acc1, (8*1)(res_ptr) + MOVV acc2, (8*2)(res_ptr) + MOVV acc3, (8*3)(res_ptr) + + RET diff --git a/internal/sm2ec/sm2p256_asm_loong64.go b/internal/sm2ec/sm2p256_asm_loong64.go index b45e167..5414d8d 100644 --- a/internal/sm2ec/sm2p256_asm_loong64.go +++ b/internal/sm2ec/sm2p256_asm_loong64.go @@ -9,3 +9,8 @@ func p256BigToLittle(res *p256Element, in *[32]byte) //go:noescape func p256LittleToBig(res *[32]byte, in *p256Element) + +// If cond is not 0, sets val = -val mod p. +// +//go:noescape +func p256NegCond(val *p256Element, cond int) diff --git a/internal/sm2ec/sm2p256_asm_loong64_test.go b/internal/sm2ec/sm2p256_asm_loong64_test.go index 3e51aa9..5266168 100644 --- a/internal/sm2ec/sm2p256_asm_loong64_test.go +++ b/internal/sm2ec/sm2p256_asm_loong64_test.go @@ -34,3 +34,36 @@ func TestP256BigToLittle(t *testing.T) { t.Errorf("p256LittleToBig(p256BigToLittle(...)) mismatch\nin: %x\nback: %x", in, back) } } + +func TestP256NegCond(t *testing.T) { + var tests = []struct { + input p256Element + cond int + expected p256Element + }{ + { + input: p256Element{1, 0, 0, 0}, + cond: 1, + expected: p256Element{0xfffffffffffffffe, 0xffffffff00000000, 0xffffffffffffffff, 0xfffffffeffffffff}, + }, + { + input: p256Element{1, 0, 0, 0}, + cond: 0, + expected: p256Element{1, 0, 0, 0}, + }, + { + input: p256Element{0x1, 0xffffffff00000001, 0xfffffffffffffffe, 0xfffffffeffffffff}, + cond: 1, + expected: p256Element{0xfffffffffffffffe, 0xffffffffffffffff, 0, 0}, + }, + } + + for i, test := range tests { + var result p256Element + copy(result[:], test.input[:]) + p256NegCond(&result, test.cond) + if result != test.expected { + t.Errorf("test %d: got %x, want %x", i, result, test.expected) + } + } +}