Updated MFMM (markdown)

2025-09-17 20:33:50 +08:00 · 2021-12-19 20:47:17 +08:00 · 2021-12-19 20:47:17 +08:00 · fe929e491c
commit fe929e491c
parent 1a70e815f4
1 changed files with 23 additions and 1 deletions
--- a/MFMM.md
+++ b/MFMM.md
@ -43,6 +43,28 @@ acc0, acc1, acc2, acc3, acc4, acc5是64位寄存器
        =acc4 * 2^192 + (acc0 * p3 + acc3) * 2^128 + acc2 * 2^64 + acc1 + acc0* 2^32 
        =acc4 * 2^192 + (acc0 * p3 + acc3) * 2^128 + (acc2 + H(acc0* 2^32))* 2^64 + acc1 + L(acc0* 2^32) 

+    amd64 汇编表示为：
+	MOVQ acc0, AX
+	MOVQ acc0, t1
+	SHLQ $32, acc0         // L(acc0 * 2^32) 
+	MULQ p256const1<>(SB)  // acc0 * p3 = (DX, AX), DX为高64位
+	SHRQ $32, t1           // t1 = H(acc0 * 2^32)
+	ADDQ acc0, acc1        // (carry1, acc1) = acc1 + L(acc0 * 2^32)
+	ADCQ t1, acc2          // (carry2, acc2) = carry1 + acc2 + H(acc0 * 2^32)
+	ADCQ AX, acc3          // (carry3, acc3) = carry2 + acc3 + L(acc0 * p3)
+	ADCQ DX, acc4          // (carry4, acc4) = carry3 + acc4 + H(acc0 * p3)
+	ADCQ $0, acc5          // acc5 = carry4
+	XORQ acc0, acc0        // acc0 = 0
+
+    arm64 汇编表示为：
+	ADDS	acc0<<32, acc1, acc1  // (carry1, acc1) = acc1 + L(acc0 * 2^32)
+	LSR	$32, acc0, t0         // t0 = H(acc0 * 2^32)
+	MUL	acc0, const1, t1      // t1 = L(acc0 * p3)
+	UMULH	acc0, const1, acc0    // acc0 = H(acc0 * p3)
+	ADCS	t0, acc2              // (carry2, acc2) = carry1 + acc2 + H(acc0 * 2^32)
+	ADCS	t1, acc3              // (carry3, acc3) = carry2 + acc3 + L(acc0 * p3)
+	ADC	$0, acc0              // acc0 = carry3 + H(acc0 * p3), why?
+
    SM2曲线
    p = 0x fffffffeffffffff ffffffffffffffff ffffffff00000000 ffffffffffffffff
       =  (2^64 - 2^32  - 1) * 2^192 + (2^64 - 1) * 2^128 + (2^64 - 2^32) * 2^64 + (2^64 - 1)