├── x64
├── 755.jpg
├── Random.exe
├── Collider.exe
├── example-bat.jpg
└── large-bitcoin-collider.png
├── README.md
└── PureBasic
└── lib
└── Curve64.pb
/x64/755.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nightwalker89/Collider/HEAD/x64/755.jpg
--------------------------------------------------------------------------------
/x64/Random.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nightwalker89/Collider/HEAD/x64/Random.exe
--------------------------------------------------------------------------------
/x64/Collider.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nightwalker89/Collider/HEAD/x64/Collider.exe
--------------------------------------------------------------------------------
/x64/example-bat.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nightwalker89/Collider/HEAD/x64/example-bat.jpg
--------------------------------------------------------------------------------
/x64/large-bitcoin-collider.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nightwalker89/Collider/HEAD/x64/large-bitcoin-collider.png
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ## GPU BSGS Collider v1.7.8
2 | #### Cuda (Nvidia card only) and Windows x64
3 | 
4 | Forked from [Etayson/BSGS-cuda](https://github.com/Etayson/BSGS-cuda)
5 | ## Help page: Collider.exe -h
6 | ```
7 | C:\Users\User>Collider.exe -h
8 |
9 | -t Number of GPU threads, Default 512
10 | -b Number of GPU blocks, Default 68
11 | -p Number of pparam, Default 256
12 | -d Select GPU IDs, Default 0 (-d 1,2,3)
13 | -pb Set single uncompressed/compressed pubkey for searching
14 | -pk Range start from , Default 0x1
15 | -pke End range
16 | -w Set number of baby items 2^ (-w 22 mean 2^22 points)
17 | -htsz Set number of HashTable 2^ , Default 26
18 | -infile Set file with pubkey for searching in uncompressed/compressed format (search sequential), one pubkey per line
19 | -wl Set recovery file from which the state will be loaded
20 | -wt Set timer for autosaving current state, Default every 180 seconds
21 | ```
22 | ### Collider Speed:
23 | - RTX 3090 (24 GB) = 4.7 Ekeys/s
24 | - RTX 3080 (10 GB) = 2.7 Ekeys/s
25 | - RTX 2070 ( 8 GB) = 1,7 Ekeys/s
26 | - 1 Ekeys = 1,000,000,000,000,000,000
27 |
28 | When using 5 or more GPUs, there is a decrease in the overall speed by -30%
29 | In order not to lose speed, it is better to run window copies for each GPU with the -d 0 or -d 1 parameter ...
30 |
31 | ### Search [Puzzles 120-160](https://privatekeys.pw/puzzles/bitcoin-puzzle-tx)
32 | #120 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT
33 | -pk 800000000000000000000000000000
34 | -pke FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
35 | -pb 02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
36 |
37 | #125 1PXAyUB8ZoH3WD8n5zoAthYjN15yN5CVq5
38 | -pk 10000000000000000000000000000000
39 | -pke 1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
40 | -pb 0233709EB11E0D4439A729F21C2C443DEDB727528229713F0065721BA8FA46F00E
41 |
42 | #130 1Fo65aKq8s8iquMt6weF1rku1moWVEd5Ua
43 | -pk 200000000000000000000000000000000
44 | -pke 3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
45 | -pb 03633CBE3EC02B9401C5EFFA144C5B4D22F87940259634858FC7E59B1C09937852
46 |
47 | #135 16RGFo6hjq9ym6Pj7N5H7L1NR1rVPJyw2v
48 | -pk 4000000000000000000000000000000000
49 | -pke 7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
50 | -pb 02145D2611C823A396EF6712CE0F712F09B9B4F3135E3E0AA3230FB9B6D08D1E16
51 |
52 | #140 1QKBaU6WAeycb3DbKbLBkX7vJiaS8r42Xo
53 | -pk 80000000000000000000000000000000000
54 | -pke FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
55 | -pb 031F6A332D3C5C4F2DE2378C012F429CD109BA07D69690C6C701B6BB87860D6640
56 |
57 | #145 19GpszRNUej5yYqxXoLnbZWKew3KdVLkXg
58 | -pk 1000000000000000000000000000000000000
59 | -pke 1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
60 | -pb 03AFDDA497369E219A2C1C369954A930E4D3740968E5E4352475BCFFCE3140DAE5
61 |
62 | #150 1MUJSJYtGPVGkBCTqGspnxyHahpt5Te8jy
63 | -pk 20000000000000000000000000000000000000
64 | -pke 3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
65 | -pb 03137807790EA7DC6E97901C2BC87411F45ED74A5629315C4E4B03A0A102250C49
66 |
67 | #155 1AoeP37TmHdFh8uN72fu9AqgtLrUwcv2wJ
68 | -pk 400000000000000000000000000000000000000
69 | -pke 7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
70 | -pb 035CD1854CAE45391CA4EC428CC7E6C7D9984424B954209A8EEA197B9E364C05F6
71 |
72 | #160 1NBC8uXJy1GiJ6drkiZa1WuKn51ps7EPTv
73 | -pk 8000000000000000000000000000000000000000
74 | -pke FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
75 | -pb 02E0A8B039282FAF6FE0FD769CFBC4B6B4CF8758BA68220EAC420E32B91DDFA673
76 |
77 | ## Use:
78 | Current state is always saved to file currentwork.txt
79 | If app crash or you stop app, you can start working from the last saved state. Provided the launch configuration has not been changed.
80 | Note! set minimal -htsz value depending on -w
81 |
82 | | Value | GPU Memory |
83 | | ---------- | ----------- |
84 | | -w 30 | 11.03 GB |
85 | | -w 29 | 8.01 GB |
86 | | -w 28 | 7.01 GB |
87 | | -w 27 | 6.02 GB |
88 |
89 | | Value | RAM |
90 | | ---------- | ----------- |
91 | | -w 30 | -htsz 28 32GB|
92 | | -w 29 | -htsz 28 |
93 | | -w 28 | -htsz 27 |
94 | | -w 27 | -htsz 25 |
95 |
96 | All arrays(Baby, Giant) and hashtable saved to the disk for fast spinup solver next time (if parameters will not changed).
97 | After you have the arrays saved, you will need less RAM to launch.
98 |
99 | Example range 64 bit:
100 | Run test: ```Collider.exe -t 512 -b 72 -p 306 -pk 49dccfd96dc5df56487436f5a1b18c4f5d34f65ddb48cb5e0000000000000000 -pke 49dccfd96dc5df56487436f5a1b18c4f5d34f65ddb48cb5effffffffffffffff -w 30 -htsz 28 -pb 03c5bcdd76b64cbbd8212080fe5efa9bf577cdcaac9f5853b216e71723ec3aca19```
101 |
102 | ## Example work 64 bit:
103 | 
104 | - Solved Private keys will be saved to the **Found.txt** file!
105 |
106 | ## Random mode:
107 | - For random mode, you need to create a Collider-Random.bat file
108 | - The parameters for creating a baht file must correspond to the parameters of the saved table.
109 | - If they do not match, instead of random, new bin tables will be created, and the timer will reload the Collider.
110 |
111 | ### Help page Random.exe -h
112 | ```
113 | C:\Users\User>Random.exe -h
114 | Random for Collider [OPTIONS...]
115 | -h, --help : Display this message
116 | -t, --t : Number of GPU threads, Default -t 512
117 | -b, --b : Number of GPU blocks, Default -b 68
118 | -p, --p : Number of pparam, Default -p 256
119 |
120 | -pb, --pb : Set single Public key (uncompressed or compressed)
121 | : Default (puzzle120): -pb 02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
122 |
123 | --range : START:END Random between. Example --range 1111111:7777777
124 | : For puzzle120: --range 800000000000000000000000000001:ffffffffffffffffffffffffffffff
125 |
126 | -w, --w : Set number of baby items 2^ (-w 22 mean 2^22 points) Default -w 22
127 | -htsz, --htsz : Set number of HashTable 2^ , Default -htsz 26
128 | -time, --time : Time in seconds after how many to update the private key. Default -time 300
129 | -n, --n : How many random start private keys to generate? Default -n 1000
130 |
131 | Example: Random.exe -t 512 -b 72 -p 306 --range 800000000000000000000000000001:ffffffffffffffffffffffffffffff -w 30 -htsz 28 -pb 02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630 -time 300 -n 1000
132 | ```
133 | ### Example of creating a bat file :
134 | 
135 | - For Start Run: ```Collider-Random.bat```
136 |
137 | ## Building
138 | - To compile the Cpllider you need [Purebasic v5.31](https://www.purebasic.com)
139 |
140 | ## Donation
141 | - BTC: bc1qh2mvnf5fujg93mwl8pe688yucaw9sflmwsukz9
142 |
143 | ## __Disclaimer__
144 | ALL THE CODES, PROGRAM AND INFORMATION ARE FOR EDUCATIONAL PURPOSES ONLY. USE IT AT YOUR OWN RISK. THE DEVELOPER WILL NOT BE RESPONSIBLE FOR ANY LOSS, DAMAGE OR CLAIM ARISING FROM USING THIS PROGRAM.
145 |
--------------------------------------------------------------------------------
/PureBasic/lib/Curve64.pb:
--------------------------------------------------------------------------------
1 | EnableExplicit
2 | CompilerIf #PB_Compiler_Unicode
3 | Debug" switch to Ascii mode"
4 | End
5 | CompilerEndIf
6 | CompilerIf Not #PB_Compiler_Processor = #PB_Processor_x64
7 | Debug" only x64 processor support"
8 | End
9 | CompilerEndIf
10 |
11 | DeclareModule Curve
12 | Declare m_sethex32(*buffer, *string_pointer)
13 | Declare$ m_gethex32(*buffer)
14 | Declare m_serializeX64(*bufferFrom,offset,*bufferTo,counter=8)
15 | Declare.i m_IsInfinityX64(*buffer)
16 | Declare.i m_check_nonzeroX64(*buffer)
17 | Declare.i m_check_less_more_equilX64(*bufferA,*bufferB)
18 | Declare.i m_check_equilX64(*bufferA,*bufferB)
19 | Declare m_Ecc_TestBitX64(*buffer, testbit)
20 | Declare m_Ecc_AndX64(*bufferResult, *bufferA, *bufferB)
21 | Declare m_Ecc_OrX64(*bufferResult, *bufferA, *bufferB)
22 | Declare m_shrX64(*buffer)
23 | Declare m_shlX64(*buffer)
24 | Declare m_NegX64(*bufferResult,*bufferA)
25 | Declare m_NegModX64(*bufferResult,*bufferA,*p)
26 | Declare m_addX64(*bufferResult, *bufferA, *bufferB)
27 | Declare m_subX64(*bufferResult, *bufferA, *bufferB)
28 | Declare m_subModX64(*bufferResult, *bufferA, *bufferB, *p)
29 | Declare m_addModX64(*bufferResult, *bufferA, *bufferB, *p)
30 | Declare m_mulModX64(*bufferResult, *bufferA, *bufferB, *p, *high)
31 | Declare m_squareModX64(*bufferResult,*bufferA,*p, *r512)
32 | Declare m_Ecc_modInvX64(*bufferResult, *bufferA, *p)
33 | Declare m_YfromX64(*bufferResult,*bufferA,*p)
34 | Declare m_DBLTX64(*resultX, *resultY, *PointX, *PointY, *p)
35 | Declare m_ADDPTX64(*resultX,*resultY,*APointX,*APointY,*BPointX,*BPointY,*p)
36 | Declare m_PTMULX64(*resultX, *resultY, *APointX, *APointY, *buffer,*p)
37 | Declare m_PTDIVX64(*resultX, *resultY, *APointX, *APointY, *buffer,*p, *n)
38 | Declare m_EccPoint_multX64(*resultX, *resultY, *GPointX, *GPointY, *buffer)
39 | Declare beginBatchAdd(*Invout, totalpoints, *apointX, *apointY, *pointarr)
40 | Declare completeBatchAddWithDouble(*newpointarr, lenline, totalpoints, *apointX, *apointY, *pointarr, *InvTotal)
41 | Declare fillarrayN(*pointarr, totalpoints, *apointX, *apointY)
42 | Declare.i m_getCurveValues()
43 | Declare m_deserializeX64(*a,b,*sptr,counter=8)
44 | Declare m_serializeX64(*a,b,*sptr,counter=8)
45 | EndDeclareModule
46 |
47 | Module Curve
48 | EnableExplicit
49 | Define *CurveP, *CurveGx, *CurveGY, *Curveq1, *Curveq2, *Curveqn, *Curveqncut
50 | *CurveP = AllocateMemory(160)
51 | *CurveGx = *CurveP+32
52 | *CurveGY = *CurveP+64
53 | *Curveqn = *CurveP+96
54 | *Curveqncut=*CurveP+128
55 | m_sethex32(*CurveP, @"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F")
56 | m_sethex32(*CurveGx, @"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798")
57 | m_sethex32(*CurveGy, @"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8")
58 | m_sethex32(*Curveqn,@"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141")
59 | m_sethex32(*Curveqncut,@"000000000000000000000000000000febaaedce6af48a03bbfd25e8cd0364141")
60 |
61 |
62 | Macro move16b_1(offset_target_s,offset_target_d)
63 | !movdqa xmm0,[rdx++offset_target_s]
64 | !movdqa [rcx+offset_target_d],xmm0
65 | EndMacro
66 |
67 | Macro move32b_(s,d,offset_target_s,offset_target_d)
68 | !mov rdx, [s]
69 | !mov rcx, [d]
70 | move16b_1(0+offset_target_s,0+offset_target_d)
71 | move16b_1(16+offset_target_s,16+offset_target_d)
72 | EndMacro
73 |
74 | Macro mul4blo(offset)
75 | !mov rax,r10
76 | !mov rbx, [rdi+offset]
77 | !mul rbx ;edx:eax
78 | !mov [rsi+offset], rax
79 | EndMacro
80 |
81 | Macro madhi(offsetB, offsetC)
82 | !mov rbx, [rdi+offsetB] ;rbx lo32b =ebx
83 | !mov rax,r10
84 | !mul rbx;edx:eax
85 | !add rdx,[rsi+offsetC]
86 | ;store carry
87 | !mov rcx,0
88 | !adc rcx, rcx
89 |
90 | !mov [rsi+offsetC], rdx
91 | EndMacro
92 |
93 | Macro madhicc(offsetB, offsetC)
94 | !mov rbx, [rdi+offsetB] ;rbx lo32b =ebx
95 | !mov rax,r10
96 | !mul rbx;edx:eax
97 | ;add carry
98 | !add rdx,rcx
99 | !add rdx,[rsi+offsetC]
100 |
101 | ;store carry
102 | !mov rcx,0
103 | !adc rcx, rcx
104 |
105 | !mov [rsi+offsetC], rdx
106 | EndMacro
107 |
108 | Macro madlo(offsetB, offsetC)
109 | !mov rbx, [rdi+offsetB]
110 | !mov rax,r10
111 | !mul rbx
112 | !add rax,[rsi+offsetC]
113 | ;store carry
114 | !mov rcx,0
115 | !adc rcx, rcx
116 |
117 | !mov [rsi+offsetC], rax
118 | EndMacro
119 |
120 | Macro madlocc(offsetB, offsetC)
121 | !mov rbx, [rdi+offsetB]
122 | !mov rax,r10
123 | !mul rbx
124 | ;add carry
125 | !add rax,rcx
126 | !add rax,[rsi+offsetC]
127 |
128 | ;store carry
129 | !mov rcx,0
130 | !adc rcx, rcx
131 |
132 | !mov [rsi+offsetC], rax
133 | EndMacro
134 |
135 | Macro madhiccHIGH(offsetB, offsetHIGH)
136 | !mov rbx, [rdi+offsetB] ;b
137 | !mov rax,r10;a
138 | !mul rbx;edx:eax
139 | ;add carry
140 | !add rdx,rcx
141 | !add rdx,[r8+offsetHIGH];high
142 |
143 | ;store carry
144 | !mov rcx,0
145 | !adc rcx, rcx
146 |
147 | !mov [r8+offsetHIGH], rdx
148 | EndMacro
149 |
150 | Macro madloccHIGH(offsetB, offsetHIGH)
151 | !mov rbx, [rdi+offsetB];b
152 | !mov rax,r10;a
153 | !mul rbx
154 | !add rax,rcx
155 | ;store carry
156 | !add rax,[r8+offsetHIGH]
157 | ;add carry
158 |
159 | !mov rcx,0
160 | !adc rcx, rcx
161 |
162 | !mov [r8+offsetHIGH], rax
163 | EndMacro
164 |
165 | Macro madhiccHIGHZero(offsetB, offsetHIGH)
166 | !mov rbx, [rdi+offsetB] ;b
167 | !mov rax,r10;a
168 | !mul rbx;edx:eax
169 | ;add carry
170 | !add rdx,rcx
171 | ;!add rdx,[r8+offsetHIGH];high first time HIGH shold be zero
172 |
173 | ;store carry
174 | !mov rcx,0
175 | !adc rcx, rcx
176 |
177 | !mov [r8+offsetHIGH], rdx
178 | EndMacro
179 |
180 |
181 | Procedure m_getCurveValues()
182 | Shared *CurveP
183 | ProcedureReturn *CurveP
184 | EndProcedure
185 |
186 | Procedure m_deserializeX64(*a,b,*sptr,counter=8)
187 | Protected *ptr
188 | *ptr=*a+64*b
189 |
190 | !mov rbx,[p.p_ptr]
191 | !mov rdi,[p.p_sptr]
192 |
193 | !mov rax,[p.v_counter]
194 | !cmp rax,0
195 | !jz llm_MyLabelfexit ;if counter is zero break
196 | !dec rax
197 | !shl rax,2 ;*4
198 | !add rbx,rax
199 |
200 | !xor cx,cx
201 | !llm_MyLabelf:
202 |
203 | !push cx
204 | !mov rax,[rdi]
205 | !mov rcx,rax
206 | !xor edx,edx
207 |
208 |
209 | !sub al,48
210 | !cmp al,15
211 | !jb llm_MyLabelf1
212 | !sub al,7
213 |
214 | !llm_MyLabelf1:
215 | !and al,15 ;1
216 | !or dl,al
217 | !rol edx,4
218 | !ror rcx,8
219 | !mov al,cl
220 |
221 | !sub al,48
222 | !cmp al,15
223 | !jb llm_MyLabelf2
224 | !sub al,7
225 |
226 | !llm_MyLabelf2:
227 | !and al,15 ;2
228 | !or dl,al
229 | !rol edx,4
230 | !ror rcx,8
231 | !mov al,cl
232 |
233 | !sub al,48
234 | !cmp al,15
235 | !jb llm_MyLabelf3
236 | !sub al,7
237 |
238 | !llm_MyLabelf3:
239 | !and al,15 ;3
240 | !or dl,al
241 | !rol edx,4
242 | !ror rcx,8
243 | !mov al,cl
244 |
245 | !sub al,48
246 | !cmp al,15
247 | !jb llm_MyLabelf4
248 | !sub al,7
249 |
250 | !llm_MyLabelf4:
251 | !and al,15 ;4
252 | !or dl,al
253 | !rol edx,4
254 | !ror rcx,8
255 | !mov al,cl
256 |
257 | !sub al,48
258 | !cmp al,15
259 | !jb llm_MyLabelf5
260 | !sub al,7
261 |
262 | !llm_MyLabelf5:
263 | !and al,15 ;5
264 | !or dl,al
265 | !rol edx,4
266 | !ror rcx,8
267 | !mov al,cl
268 |
269 | !sub al,48
270 | !cmp al,15
271 | !jb llm_MyLabelf6
272 | !sub al,7
273 |
274 | !llm_MyLabelf6:
275 | !and al,15 ;6
276 | !or dl,al
277 | !rol edx,4
278 | !ror rcx,8
279 | !mov al,cl
280 |
281 | !sub al,48
282 | !cmp al,15
283 | !jb llm_MyLabelf7
284 | !sub al,7
285 |
286 | !llm_MyLabelf7:
287 | !and al,15 ;7
288 | !or dl,al
289 | !rol edx,4
290 | !ror rcx,8
291 | !mov al,cl
292 |
293 | !sub al,48
294 | !cmp al,15
295 | !jb llm_MyLabelf8
296 | !sub al,7
297 |
298 | !llm_MyLabelf8:
299 | !and al,15 ;8
300 | !or dl,al
301 |
302 | ;!ror rdx,8
303 | !mov [rbx],edx
304 | !add rdi,8
305 | !sub rbx,4
306 |
307 |
308 | !pop cx
309 | !inc cx
310 | !cmp cx,[p.v_counter]
311 | !jb llm_MyLabelf
312 |
313 | !llm_MyLabelfexit:
314 |
315 |
316 | EndProcedure
317 |
318 | Procedure m_serializeX64(*a,b,*sptr,counter=8);>hex
319 | Protected *ptr
320 | *ptr=*a+32*b
321 |
322 | !mov rbx,[p.p_ptr] ;bin input
323 | !mov rdi,[p.p_sptr] ;hex output
324 |
325 | !mov rax,[p.v_counter]
326 | !cmp rax,0
327 | !jz llm_MyLabelexit ;if counter is zero break
328 | !dec rax
329 | !shl rax,3 ;*8
330 | !add rdi,rax
331 |
332 | !xor cx,cx
333 | !llm_MyLabel:
334 |
335 | !push cx
336 |
337 | !mov eax,[rbx]; get 4bytes>8hex digit
338 | !xor rdx,rdx ;4B each 2bhex = 8b total
339 |
340 | !mov ecx,eax
341 |
342 | !and ax,0fh
343 | !cmp al,10 ;1
344 | !jb llm_MyLabel1
345 | !add al,39
346 | !llm_MyLabel1:
347 | !add al,48
348 | !or dx,ax
349 | !shl rdx,8
350 | !ror ecx,4
351 |
352 | !mov ax,cx
353 | !and ax,0fh
354 | !cmp al,10 ;2
355 | !jb llm_MyLabel2
356 | !add al,39
357 | !llm_MyLabel2:
358 | !add al,48
359 | !or dx,ax
360 | !shl rdx,8
361 | !ror ecx,4
362 |
363 | !mov ax,cx
364 | !and ax,0fh
365 | !cmp al,10 ;3
366 | !jb llm_MyLabel3
367 | !add al,39
368 | !llm_MyLabel3:
369 | !add al,48
370 | !or dx,ax
371 | !shl rdx,8
372 | !ror ecx,4
373 |
374 | !mov ax,cx
375 | !and ax,0fh
376 | !cmp al,10 ;4
377 | !jb llm_MyLabel4
378 | !add al,39
379 | !llm_MyLabel4:
380 | !add al,48
381 | !or dx,ax
382 | !shl rdx,8
383 | !ror ecx,4
384 |
385 | !mov ax,cx
386 | !and ax,0fh
387 | !cmp al,10 ;5
388 | !jb llm_MyLabel5
389 | !add al,39
390 | !llm_MyLabel5:
391 | !add al,48
392 | !or dx,ax
393 | !shl rdx,8
394 | !ror ecx,4
395 |
396 | !mov ax,cx
397 | !and ax,0fh
398 | !cmp al,10 ;6
399 | !jb llm_MyLabel6
400 | !add al,39
401 | !llm_MyLabel6:
402 | !add al,48
403 | !or dx,ax
404 | !shl rdx,8
405 | !ror ecx,4
406 |
407 | !mov ax,cx
408 | !and ax,0fh
409 | !cmp al,10 ;7
410 | !jb llm_MyLabel7
411 | !add al,39
412 | !llm_MyLabel7:
413 | !add al,48
414 | !or dx,ax
415 | !shl rdx,8
416 | !ror ecx,4
417 |
418 | !mov ax,cx
419 | !and ax,0fh
420 | !cmp al,10 ;8
421 | !jb llm_MyLabel8
422 | !add al,39
423 | !llm_MyLabel8:
424 | !add al,48
425 | !or dx,ax
426 | ;!ror edx,16
427 | !mov [rdi],rdx
428 | !sub rdi,8
429 | !add rbx,4
430 |
431 | !pop cx
432 | !inc cx
433 | !cmp cx,[p.v_counter]; words
434 | !jb llm_MyLabel
435 |
436 | !llm_MyLabelexit:
437 | EndProcedure
438 |
439 | Procedure.s m_cutHex(a$)
440 | a$=Trim(UCase(a$))
441 | If Left(a$,2)="0X"
442 | a$=Mid(a$,3,Len(a$)-2)
443 | EndIf
444 | If Len(a$)=1
445 | a$="0"+a$
446 | EndIf
447 | ProcedureReturn LCase(a$)
448 | EndProcedure
449 |
450 | Procedure m_sethex32(*bin, *hash)
451 | Protected a$=PeekS(*hash), i
452 | ;************************************************************************
453 | ;Convert HEX string in BIG indian format to bytes in LITTLE indian format
454 | ;************************************************************************
455 | a$ = RSet(m_cutHex(a$),64,"0")
456 | If Len(a$)<>64
457 | Debug "Invalid argument length for m_sethex32"
458 | End
459 | EndIf
460 | m_deserializeX64(*bin,0,@a$,8)
461 | EndProcedure
462 |
463 | Procedure.s m_gethex32(*bin)
464 | Protected *sertemp=AllocateMemory(64, #PB_Memory_NoClear)
465 | Protected res$
466 | ;************************************************************************
467 | ;Convert bytes in LITTLE indian format to HEX string in BIG indian format
468 | ;************************************************************************
469 | m_serializeX64(*bin,0,*sertemp,8)
470 | res$=PeekS(*sertemp,64, #PB_Ascii)
471 | FreeMemory(*sertemp)
472 | ProcedureReturn res$
473 | EndProcedure
474 |
475 | Procedure m_check_less_more_equilX64(*s,*t);len *8 byte 0 - s = t, 1- s < t, 2- s > t
476 | !mov rsi,[p.p_s]
477 | !mov rdi,[p.p_t]
478 |
479 | !mov rax,24
480 | !add rsi,rax
481 | !add rdi,rax
482 |
483 | !xor cx,cx
484 | !llm_check_less_continue:
485 |
486 | !mov rax,[rsi]
487 | !mov rbx,[rdi]
488 | !sub rsi,8
489 | !sub rdi,8
490 | !cmp rax,rbx
491 | !jb llm_check_less_exit_less
492 | !ja llm_check_less_exit_more
493 | !inc cx
494 | !cmp cx,4
495 | !jb llm_check_less_continue
496 |
497 | !xor rax,rax
498 | !jmp llm_check_less_exit
499 |
500 | !llm_check_less_exit_more:
501 | !mov rax,2
502 | !jmp llm_check_less_exit
503 |
504 | !llm_check_less_exit_less:
505 | !mov rax,1
506 | !llm_check_less_exit:
507 | ProcedureReturn
508 | EndProcedure
509 |
510 | Procedure m_check_equilX64(*s,*t)
511 | !mov rsi,[p.p_s]
512 | !mov rdi,[p.p_t]
513 |
514 | !xor cx,cx
515 | !llm_check_equil_continue:
516 |
517 | !mov rax,[rsi]
518 | !mov rbx,[rdi]
519 | !add rsi,8
520 | !add rdi,8
521 | !cmp rax,rbx
522 | !jne llm_check_equil_exit_noteqil
523 | !inc cx
524 | !cmp cx,4
525 | !jb llm_check_equil_continue
526 |
527 | !mov rax,1
528 | !jmp llm_check_equil_exit
529 |
530 | !llm_check_equil_exit_noteqil:
531 | !mov rax,0
532 | !llm_check_equil_exit:
533 | ProcedureReturn
534 | EndProcedure
535 |
536 | Procedure m_check_nonzeroX64(*a)
537 | !mov rdx, [p.p_a]
538 | !mov rax, [rdx]
539 | !mov rcx,1
540 | !cmp rax,0
541 | !jne llcheck_nonzeroIfNoExit
542 | !mov rax, [rdx+8]
543 | !cmp rax,0
544 | !jne llcheck_nonzeroIfNoExit
545 | !mov rax, [rdx+16]
546 | !cmp rax,0
547 | !jne llcheck_nonzeroIfNoExit
548 | !mov rax, [rdx+24]
549 | !cmp rax,0
550 | !jne llcheck_nonzeroIfNoExit
551 | !xor rcx,rcx
552 | !llcheck_nonzeroIfNoExit:
553 | !mov rax,rcx
554 | ProcedureReturn
555 | EndProcedure
556 |
557 | Procedure m_IsInfinityX64(*a)
558 | !mov rdx, [p.p_a]
559 | !mov rax, [rdx]
560 | !xor rcx,rcx
561 | !cmp rax,0xffffffffffffffff
562 | !jne ll_IfNoExit
563 | !mov rax, [rdx+8]
564 | !cmp rax,0xffffffffffffffff
565 | !jne ll_IfNoExit
566 | !mov rax, [rdx+16]
567 | !cmp rax,0xffffffffffffffff
568 | !jne ll_IfNoExit
569 | !mov rax, [rdx+24]
570 | !cmp rax,0xffffffffffffffff
571 | !jne ll_IfNoExit
572 | !or ecx,1
573 | !ll_IfNoExit:
574 | !mov rax,rcx
575 | ProcedureReturn
576 | EndProcedure
577 |
578 | Procedure m_Ecc_EvenX64(*a)
579 | !mov rsi,[p.p_a]
580 | !xor rax,rax
581 | !mov al,[rsi]
582 | !and al,1
583 | !xor al,1
584 | ProcedureReturn
585 | EndProcedure
586 |
587 | Procedure m_Ecc_TestBitX64(*a, testbit)
588 | !mov rsi,[p.p_a]
589 | !xor rcx, rcx
590 | !xor ebx, ebx
591 | !xor rdx, rdx
592 | !mov dl,[p.v_testbit]
593 | !mov cl,dl
594 | !shr cl,6;//64
595 | !mov bl,cl
596 | !shl cl,3
597 | !add rsi,rcx
598 | !shl bl,6
599 | !sub dl,bl
600 | !mov rax,[rsi]
601 | !bt rax,rdx
602 | !mov rax,0
603 | !adc rax,rax
604 | ProcedureReturn
605 | EndProcedure
606 |
607 | Procedure m_Ecc_AndX64(*c, *a, *b)
608 | !mov rsi,[p.p_a]
609 | !mov rdi,[p.p_b]
610 | !mov rbx,[p.p_c]
611 |
612 | !mov rax,[rsi]
613 | !and rax,[rdi]
614 | !mov [rbx],rax
615 |
616 | !mov rax,[rsi+8]
617 | !and rax,[rdi+8]
618 | !mov [rbx+8],rax
619 |
620 | !mov rax,[rsi+16]
621 | !and rax,[rdi+16]
622 | !mov [rbx+16],rax
623 |
624 | !mov rax,[rsi+24]
625 | !and rax,[rdi+24]
626 | !mov [rbx+24],rax
627 | EndProcedure
628 |
629 | Procedure m_Ecc_OrX64(*c, *a, *b)
630 | !mov rsi,[p.p_a]
631 | !mov rdi,[p.p_b]
632 | !mov rbx,[p.p_c]
633 |
634 | !mov rax,[rsi]
635 | !or rax,[rdi]
636 | !mov [rbx],rax
637 |
638 | !mov rax,[rsi+8]
639 | !or rax,[rdi+8]
640 | !mov [rbx+8],rax
641 |
642 | !mov rax,[rsi+16]
643 | !or rax,[rdi+16]
644 | !mov [rbx+16],rax
645 |
646 | !mov rax,[rsi+24]
647 | !or rax,[rdi+24]
648 | !mov [rbx+24],rax
649 | EndProcedure
650 |
651 | Procedure m_Ecc_ClearMX64(*a)
652 | !mov rsi,[p.p_a]
653 | !xor rax,rax
654 | !mov [rsi],rax
655 | !mov [rsi+8],rax
656 | !mov [rsi+16],rax
657 | !mov [rsi+24],rax
658 | EndProcedure
659 |
660 | Procedure m_shrX64(*a)
661 | !mov rdi,[p.p_a]
662 | !clc
663 | !mov rax,[rdi+24]
664 | !RCR rax,1
665 | !mov [rdi+24],rax
666 |
667 | !mov rax,[rdi+16]
668 | !RCR rax,1
669 | !mov [rdi+16],rax
670 |
671 | !mov rax,[rdi+8]
672 | !RCR rax,1
673 | !mov [rdi+8],rax
674 |
675 | !mov rax,[rdi]
676 | !RCR rax,1
677 | !mov [rdi],rax
678 | EndProcedure
679 |
680 | Procedure m_shlX64(*a)
681 | !mov rdi,[p.p_a]
682 | !clc
683 | !mov rax,[rdi]
684 | !RCL rax,1
685 | !mov [rdi],rax
686 |
687 | !mov rax,[rdi+8]
688 | !RCL rax,1
689 | !mov [rdi+8],rax
690 |
691 | !mov rax,[rdi+16]
692 | !RCL rax,1
693 | !mov [rdi+16],rax
694 |
695 | !mov rax,[rdi+24]
696 | !RCL rax,1
697 | !mov [rdi+24],rax
698 | EndProcedure
699 |
700 | Procedure m_NegX64(*c,*a)
701 | !mov rsi,[p.p_a]
702 | !mov rdi,[p.p_c]
703 |
704 | !mov rax,0
705 | !sub rax, [rsi]
706 | !mov [rdi],rax
707 |
708 | !mov rax,0
709 | !sbb rax, [rsi+8]
710 | !mov [rdi+8],rax
711 |
712 | !mov rax,0
713 | !sbb rax, [rsi+16]
714 | !mov [rdi+16],rax
715 |
716 | !mov rax,0
717 | !sbb rax, [rsi+24]
718 | !mov [rdi+24],rax
719 | EndProcedure
720 |
721 |
722 | Procedure m_NegModX64(*c,*a,*p)
723 | !mov rsi,[p.p_a]
724 | !mov rdi,[p.p_c]
725 | !mov rdx,[p.p_p]
726 |
727 | !mov rax,0
728 | !mov rbx,[rsi]
729 | !sub rax,rbx
730 | ;store borrow
731 | !mov rcx,0
732 | !adc rcx,rcx
733 |
734 | !add rax,[rdx];c0 + p0
735 | ;store carry
736 | !mov r8,0
737 | !adc r8,r8
738 | !mov [rdi],rax
739 |
740 |
741 | !mov rax,0
742 | !mov rbx,[rsi+8]
743 | ;add borrow
744 | !sub rax,rcx
745 |
746 | ;store borrow
747 | !mov rcx,0
748 | !adc rcx,rcx
749 |
750 | !sub rax,rbx
751 |
752 |
753 |
754 | ;add carry
755 | !add rax,r8
756 | !add rax,[rdx+8];c1 + p1
757 | ;store carry
758 | !mov r8,0
759 | !adc r8,r8
760 | !mov [rdi+8],rax
761 |
762 |
763 | !mov rax,0
764 | !mov rbx,[rsi+16]
765 | ;add borrow
766 | !sub rax,rcx
767 |
768 | ;store borrow
769 | !mov rcx,0
770 | !adc rcx,rcx
771 |
772 | !sub rax,rbx
773 |
774 |
775 |
776 | ;add carry
777 | !add rax,r8
778 | !add rax,[rdx+16];c2 + p2
779 | ;store carry
780 | !mov r8,0
781 | !adc r8,r8
782 | !mov [rdi+16],rax
783 |
784 |
785 | !mov rax,0
786 | !mov rbx,[rsi+24]
787 | ;add borrow
788 | !sub rax,rcx
789 | !sub rax,rbx
790 |
791 | ;add carry
792 | !add rax,r8
793 | !add rax,[rdx+24];c3 + p3
794 |
795 | !mov [rdi+24],rax
796 |
797 | EndProcedure
798 |
799 | Procedure m_NegModX64Old(*c,*a,*p)
800 | !mov rcx,[p.p_a]
801 | !mov rdi,[p.p_c]
802 |
803 | !mov rax,0
804 | !sub rax, [rcx]
805 | !mov [rdi],rax
806 |
807 | !mov rax,0
808 | !sbb rax, [rcx+8]
809 | !mov [rdi+8],rax
810 |
811 | !mov rax,0
812 | !sbb rax, [rcx+16]
813 | !mov [rdi+16],rax
814 |
815 | !mov rax,0
816 | !sbb rax, [rcx+24]
817 | !mov [rdi+24],rax
818 |
819 | ;add P
820 | !mov rdx,[p.p_p]
821 |
822 | !mov rax, [rdi]
823 | !add rax, [rdx]
824 | !mov [rdi],rax
825 |
826 | !mov rax, [rdi+8]
827 | !adc rax, [rdx+8]
828 | !mov [rdi+8],rax
829 |
830 | !mov rax, [rdi+16]
831 | !adc rax, [rdx+16]
832 | !mov [rdi+16],rax
833 |
834 | !mov rax, [rdi+24]
835 | !adc rax, [rdx+24]
836 | !mov [rdi+24],rax
837 |
838 | EndProcedure
839 |
840 | Procedure m_addX64(*c,*a,*b)
841 | !mov rcx,[p.p_a]
842 | !mov rdx,[p.p_b]
843 | !mov rdi,[p.p_c]
844 |
845 | !mov rax, [rcx]
846 | !add rax, [rdx]
847 | !mov [rdi],rax
848 |
849 | !mov rax, [rcx+8]
850 | !adc rax, [rdx+8]
851 | !mov [rdi+8],rax
852 |
853 | !mov rax, [rcx+16]
854 | !adc rax, [rdx+16]
855 | !mov [rdi+16],rax
856 |
857 | !mov rax, [rcx+24]
858 | !adc rax, [rdx+24]
859 | !mov [rdi+24],rax
860 |
861 | !mov rax,0
862 | !adc rax, rax
863 | ProcedureReturn
864 | EndProcedure
865 |
866 | Procedure m_subX64(*c,*a,*b)
867 | !mov rcx,[p.p_a]
868 | !mov rdx,[p.p_b]
869 | !mov rdi,[p.p_c]
870 |
871 | !mov rax, [rcx]
872 | !sub rax, [rdx]
873 | !mov [rdi],rax
874 |
875 | !mov rax, [rcx+8]
876 | !sbb rax, [rdx+8]
877 | !mov [rdi+8],rax
878 |
879 | !mov rax, [rcx+16]
880 | !sbb rax, [rdx+16]
881 | !mov [rdi+16],rax
882 |
883 | !mov rax, [rcx+24]
884 | !sbb rax, [rdx+24]
885 | !mov [rdi+24],rax
886 |
887 | !mov rax,0
888 | !sbb rax, rax
889 | !and rax,0x01
890 | ProcedureReturn
891 | EndProcedure
892 |
893 | Procedure m_subModX64(*c,*a,*b,*p)
894 | ;Protected borrow
895 | ;borrow = m_subX64(*c,*a,*b)
896 | ;If borrow
897 | ; m_addX64(*c,*c,*p)
898 | ; EndIf
899 |
900 | !mov rcx,[p.p_a]
901 | !mov rdx,[p.p_b]
902 | !mov rdi,[p.p_c]
903 |
904 | !mov rax, [rcx]
905 | !sub rax, [rdx]
906 | !mov [rdi],rax
907 |
908 | !mov rax, [rcx+8]
909 | !sbb rax, [rdx+8]
910 | !mov [rdi+8],rax
911 |
912 | !mov rax, [rcx+16]
913 | !sbb rax, [rdx+16]
914 | !mov [rdi+16],rax
915 |
916 | !mov rax, [rcx+24]
917 | !sbb rax, [rdx+24]
918 | !mov [rdi+24],rax
919 |
920 | !jnc ll_subModExit
921 | ;if borrow m_addX64(*c,*c,*p)
922 |
923 | !mov rdx,[p.p_p]; rdi>*c rdx>*p
924 |
925 | !mov rax, [rdi]
926 | !add rax, [rdx]
927 | !mov [rdi],rax
928 |
929 | !mov rax, [rdi+8]
930 | !adc rax, [rdx+8]
931 | !mov [rdi+8],rax
932 |
933 | !mov rax, [rdi+16]
934 | !adc rax, [rdx+16]
935 | !mov [rdi+16],rax
936 |
937 | !mov rax, [rdi+24]
938 | !adc rax, [rdx+24]
939 | !mov [rdi+24],rax
940 |
941 |
942 | !ll_subModExit:
943 | EndProcedure
944 |
945 | Procedure m_addModX64(*c,*a,*b,*p)
946 | ;Protected carry, gt
947 | ;carry = m_addX64(*c,*a,*b)
948 | ;gt = m_check_less_more_equilX64(*c,*p)>>1
949 | ;If(carry Or gt)
950 | ;m_subX64(*c,*c,*p)
951 | ;EndIf
952 |
953 | !mov rcx,[p.p_a]
954 | !mov rdx,[p.p_b]
955 | !mov rsi,[p.p_c]
956 |
957 | !mov rax, [rcx]
958 | !add rax, [rdx]
959 | !mov [rsi],rax
960 |
961 | !mov rax, [rcx+8]
962 | !adc rax, [rdx+8]
963 | !mov [rsi+8],rax
964 |
965 | !mov rax, [rcx+16]
966 | !adc rax, [rdx+16]
967 | !mov [rsi+16],rax
968 |
969 | !mov rax, [rcx+24]
970 | !adc rax, [rdx+24]
971 | !mov [rsi+24],rax
972 |
973 | !jc ll_addMod_needsub ;if carry m_subX64(*c,*c,*p)
974 |
975 | ;check gt
976 | !mov rdi,[p.p_p]; rsi>*c rdi>*p
977 |
978 | !mov rax,24
979 | !add rsi,rax
980 | !add rdi,rax
981 |
982 | !xor cx,cx
983 | !ll_addMod_check_less_continue:
984 |
985 | !mov rax,[rsi]
986 | !mov rbx,[rdi]
987 | !sub rsi,8
988 | !sub rdi,8
989 | !cmp rax,rbx
990 | !jb ll_addMod_check_less_exit_less
991 | !ja ll_addMod_check_less_exit_more
992 | !inc cx
993 | !cmp cx,4
994 | !jb ll_addMod_check_less_continue
995 |
996 | !xor rax,rax
997 | !jmp ll_addMod_check_less_exit
998 |
999 | !ll_addMod_check_less_exit_more:
1000 | !mov rax,1
1001 | !jmp ll_addMod_check_less_exit
1002 |
1003 | !ll_addMod_check_less_exit_less:
1004 | !xor rax,rax
1005 | !ll_addMod_check_less_exit:
1006 |
1007 | !cmp rax,1
1008 | !jne ll_addMod_Exit ;if not gt>exit
1009 | ;else m_subX64(*c,*c,*p)
1010 | !ll_addMod_needsub:
1011 |
1012 |
1013 |
1014 | !mov rdx,[p.p_p]
1015 | !mov rdi,[p.p_c]
1016 | !mov rcx, rdi
1017 |
1018 | !mov rax, [rcx]
1019 | !sub rax, [rdx]
1020 | !mov [rdi],rax
1021 |
1022 | !mov rax, [rcx+8]
1023 | !sbb rax, [rdx+8]
1024 | !mov [rdi+8],rax
1025 |
1026 | !mov rax, [rcx+16]
1027 | !sbb rax, [rdx+16]
1028 | !mov [rdi+16],rax
1029 |
1030 | !mov rax, [rcx+24]
1031 | !sbb rax, [rdx+24]
1032 | !mov [rdi+24],rax
1033 |
1034 |
1035 | !ll_addMod_Exit:
1036 | EndProcedure
1037 |
1038 | Procedure m_mulModX64(*res,*a,*b,*p, *r512)
1039 | Protected *tt, overflow, borrow
1040 | ;NOTE!!! *r512 buffer 64+40=104bytes!!!
1041 | ;m_Ecc_ClearMX64(*r512+32)
1042 | *tt=*r512+64
1043 |
1044 | !mov rbx,[p.p_tt]
1045 | !mov rdi, [p.p_a]
1046 | !mov rsi,[p.p_r512]
1047 |
1048 |
1049 |
1050 | ;imm_umul A*B0
1051 | !mov r8, [p.p_b];b
1052 | !mov rax,[r8+0];b0
1053 | !mov r8,rax;b0
1054 |
1055 | !mov rax,[rdi+0];a0
1056 | !mul r8; a0*b0>r512[0]
1057 | !mov [rsi+0], rax;r512[0]
1058 | !mov rcx,rdx;carry
1059 |
1060 | !mov rax,[rdi+8];a1
1061 | !mul r8; a1*b0>r512[1]
1062 | !add rax, rcx
1063 | ;cf=0
1064 | ;store cf
1065 | !mov r9,0
1066 | !adc r9,0
1067 | !mov [rsi+8], rax;r512[1]
1068 | !mov rcx,rdx;carry
1069 |
1070 | !mov rax,[rdi+16];a2
1071 | !mul r8; a2*b0>r512[2]
1072 | ;add cf
1073 | !add rax,r9
1074 | !adc rax, rcx
1075 | ;store cf
1076 | !mov r9,0
1077 | !adc r9,0
1078 | !mov [rsi+16], rax;r512[2]
1079 | !mov rcx,rdx;carry
1080 |
1081 | !mov rax,[rdi+24];a3
1082 | !mul r8; a3*b0>r512[3]
1083 | ;add cf
1084 | !add rax,r9
1085 | !adc rax, rcx
1086 | ;store cf
1087 | !mov r9,0
1088 | !adc r9,0
1089 | !mov [rsi+24], rax;r512[3]
1090 | !mov rcx,rdx;carry
1091 |
1092 | !mov rax,0
1093 | ;add cf
1094 | !add rax,r9
1095 | !adc rax, rcx
1096 | !mov [rsi+32], rax;r512[4]
1097 | ;end imm_umul
1098 |
1099 |
1100 | ;imm_umul A*B1
1101 | !mov r8, [p.p_b];b
1102 | !mov rax,[r8+8];b1
1103 | !mov r8,rax;b1
1104 |
1105 | !mov rax,[rdi+0];a0
1106 | !mul r8; a0*b1>t[0]
1107 | !mov [rbx+0], rax;t[0]
1108 | !mov rcx,rdx;carry
1109 |
1110 | !mov rax,[rdi+8];a1
1111 | !mul r8; a1*b1>t[1]
1112 | !add rax, rcx
1113 | ;cf=0
1114 | ;store cf
1115 | !mov r9,0
1116 | !adc r9,0
1117 | !mov [rbx+8], rax;t[1]
1118 | !mov rcx,rdx;carry
1119 |
1120 | !mov rax,[rdi+16];a2
1121 | !mul r8; a2*b1>t[2]
1122 | ;add cf
1123 | !add rax,r9
1124 | !adc rax, rcx
1125 | ;store cf
1126 | !mov r9,0
1127 | !adc r9,0
1128 | !mov [rbx+16], rax;t[2]
1129 | !mov rcx,rdx;carry
1130 |
1131 | !mov rax,[rdi+24];a3
1132 | !mul r8; a3*b1>t[3]
1133 | ;add cf
1134 | !add rax,r9
1135 | !adc rax, rcx
1136 | ;store cf
1137 | !mov r9,0
1138 | !adc r9,0
1139 | !mov [rbx+24], rax;t[3]
1140 | !mov rcx,rdx;carry
1141 |
1142 | !mov rax,0
1143 | ;add cf
1144 | !add rax,r9
1145 | !adc rax, rcx
1146 | !mov [rbx+32], rax;t[4]
1147 | ;end imm_umul
1148 |
1149 | !mov rax,[rsi+8];r512[1]
1150 | !add rax,[rbx+0]; r512[1]+t[0]>r512[1]
1151 | !mov [rsi+8],rax
1152 |
1153 | !mov rax,[rsi+16];r512[2]
1154 | !adc rax,[rbx+8]; r512[2]+t[1]>r512[2]
1155 | !mov [rsi+16],rax
1156 |
1157 | !mov rax,[rsi+24];r512[3]
1158 | !adc rax,[rbx+16]; r512[3]+t[2]>r512[3]
1159 | !mov [rsi+24],rax
1160 |
1161 | !mov rax,[rsi+32];r512[4]
1162 | !adc rax,[rbx+24]; r512[4]+t[3]>r512[4]
1163 | !mov [rsi+32],rax
1164 |
1165 | ;!mov rax,[rsi+40];r512[5]
1166 | !mov rax,0
1167 | !adc rax,[rbx+32]; r512[5]+t[4]>r512[5]
1168 | !mov [rsi+40],rax
1169 |
1170 | ;imm_umul A*B2
1171 | !mov r8, [p.p_b];b
1172 | !mov rax,[r8+16];b2
1173 | !mov r8,rax;b2
1174 |
1175 | !mov rax,[rdi+0];a0
1176 | !mul r8; a0*b2>t[0]
1177 | !mov [rbx+0], rax;t[0]
1178 | !mov rcx,rdx;carry
1179 |
1180 | !mov rax,[rdi+8];a1
1181 | !mul r8; a1*b2>t[1]
1182 | !add rax, rcx
1183 | ;cf=0
1184 | ;store cf
1185 | !mov r9,0
1186 | !adc r9,0
1187 | !mov [rbx+8], rax;t[1]
1188 | !mov rcx,rdx;carry
1189 |
1190 | !mov rax,[rdi+16];a2
1191 | !mul r8; a2*b2>t[2]
1192 | ;add cf
1193 | !add rax,r9
1194 | !adc rax, rcx
1195 | ;store cf
1196 | !mov r9,0
1197 | !adc r9,0
1198 | !mov [rbx+16], rax;t[2]
1199 | !mov rcx,rdx;carry
1200 |
1201 | !mov rax,[rdi+24];a3
1202 | !mul r8; a3*b2>t[3]
1203 | ;add cf
1204 | !add rax,r9
1205 | !adc rax, rcx
1206 | ;store cf
1207 | !mov r9,0
1208 | !adc r9,0
1209 | !mov [rbx+24], rax;t[3]
1210 | !mov rcx,rdx;carry
1211 |
1212 | !mov rax,0
1213 | ;add cf
1214 | !add rax,r9
1215 | !adc rax, rcx
1216 | !mov [rbx+32], rax;t[4]
1217 | ;end imm_umul
1218 |
1219 |
1220 | !mov rax,[rsi+16];r512[2]
1221 | !add rax,[rbx+0]; r512[2]+t[0]>r512[2]
1222 | !mov [rsi+16],rax
1223 |
1224 | !mov rax,[rsi+24];r512[3]
1225 | !adc rax,[rbx+8]; r512[3]+t[1]>r512[3]
1226 | !mov [rsi+24],rax
1227 |
1228 | !mov rax,[rsi+32];r512[4]
1229 | !adc rax,[rbx+16]; r512[4]+t[2]>r512[4]
1230 | !mov [rsi+32],rax
1231 |
1232 | !mov rax,[rsi+40];r512[5]
1233 | !adc rax,[rbx+24]; r512[5]+t[3]>r512[5]
1234 | !mov [rsi+40],rax
1235 |
1236 | ;!mov rax,[rsi+48];r512[6]
1237 | !mov rax,0
1238 | !adc rax,[rbx+32]; r512[6]+t[4]>r512[6]
1239 | !mov [rsi+48],rax
1240 |
1241 |
1242 | ;imm_umul A*B3
1243 | !mov r8, [p.p_b];b
1244 | !mov rax,[r8+24];b3
1245 | !mov r8,rax;b3
1246 |
1247 | !mov rax,[rdi+0];a0
1248 | !mul r8; a0*b3>t[0]
1249 | !mov [rbx+0], rax;t[0]
1250 | !mov rcx,rdx;carry
1251 |
1252 | !mov rax,[rdi+8];a1
1253 | !mul r8; a1*b3>t[1]
1254 | !add rax, rcx
1255 | ;cf=0
1256 | ;store cf
1257 | !mov r9,0
1258 | !adc r9,0
1259 | !mov [rbx+8], rax;t[1]
1260 | !mov rcx,rdx;carry
1261 |
1262 | !mov rax,[rdi+16];a2
1263 | !mul r8; a2*b3>t[2]
1264 | ;add cf
1265 | !add rax,r9
1266 | !adc rax, rcx
1267 | ;store cf
1268 | !mov r9,0
1269 | !adc r9,0
1270 | !mov [rbx+16], rax;t[2]
1271 | !mov rcx,rdx;carry
1272 |
1273 | !mov rax,[rdi+24];a3
1274 | !mul r8; a3*b3>t[3]
1275 | ;add cf
1276 | !add rax,r9
1277 | !adc rax, rcx
1278 | ;store cf
1279 | !mov r9,0
1280 | !adc r9,0
1281 | !mov [rbx+24], rax;t[3]
1282 | !mov rcx,rdx;carry
1283 |
1284 | !mov rax,0
1285 | ;add cf
1286 | !add rax,r9
1287 | !adc rax, rcx
1288 | !mov [rbx+32], rax;t[4]
1289 | ;end imm_umul
1290 |
1291 |
1292 | !mov rax,[rsi+24];r512[3]
1293 | !add rax,[rbx+0]; r512[3]+t[0]>r512[3]
1294 | !mov [rsi+24],rax
1295 |
1296 | !mov rax,[rsi+32];r512[4]
1297 | !adc rax,[rbx+8]; r512[4]+t[1]>r512[4]
1298 | !mov [rsi+32],rax
1299 |
1300 | !mov rax,[rsi+40];r512[5]
1301 | !adc rax,[rbx+16]; r512[5]+t[2]>r512[5]
1302 | !mov [rsi+40],rax
1303 |
1304 | !mov rax,[rsi+48];r512[6]
1305 | !adc rax,[rbx+24]; r512[6]+t[3]>r512[6]
1306 | !mov [rsi+48],rax
1307 |
1308 | ;!mov rax,[rsi+56];r512[7]
1309 | !mov rax,0
1310 | !adc rax,[rbx+32]; r512[7]+t[4]>r512[7]
1311 | !mov [rsi+56],rax
1312 |
1313 | ; At this point we have 16 32-bit words representing a 512-bit value
1314 | ; high[0 ... 7] And c[0 ... 7]
1315 |
1316 | ;Debug "high:"+m_gethex32(*r512+32)
1317 | ;Debug "low :"+m_gethex32(*r512)
1318 | ;End
1319 | ;****************************************************************
1320 | ; At this poin result correct!!!
1321 | ; high: 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1322 | ; low : 29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1323 | ;
1324 | ;result:
1325 | ;high:225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1326 | ;low :29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1327 | ;correct!!!
1328 | ;****************************************************************
1329 |
1330 | ;Store high[6] And high[7] since they will be overwritten
1331 | ;**Reduce from 512 to 320
1332 | !mov r8, 0x1000003D1
1333 |
1334 | ;imm_umul
1335 |
1336 | !mov rax,[rsi+32]
1337 | !mul r8; *1000003D1h>t[0]
1338 | !mov [rbx+0], rax;
1339 | !mov rcx,rdx;carry
1340 |
1341 | !mov rax,[rsi+40]
1342 | !mul r8; *1000003D1h
1343 | !add rax, rcx
1344 | ;cf=0
1345 | ;store cf
1346 | !mov r9,0
1347 | !adc r9,0
1348 | !mov [rbx+8], rax;t[1]
1349 | !mov rcx,rdx;carry
1350 |
1351 | !mov rax,[rsi+48]
1352 | !mul r8; *1000003D1h
1353 | ;add cf
1354 | !add rax,r9
1355 | !adc rax, rcx
1356 | ;store cf
1357 | !mov r9,0
1358 | !adc r9,0
1359 | !mov [rbx+16], rax;t[2]
1360 | !mov rcx,rdx;carry
1361 |
1362 | !mov rax,[rsi+56]
1363 | !mul r8; *1000003D1h
1364 | ;add cf
1365 | !add rax,r9
1366 | !adc rax, rcx
1367 | ;store cf
1368 | !mov r9,0
1369 | !adc r9,0
1370 | !mov [rbx+24], rax;t[3]
1371 | !mov rcx,rdx;carry
1372 |
1373 | !mov rax,0
1374 | ;add cf
1375 | !add rax,r9
1376 | !adc rax, rcx
1377 | !mov [rbx+32], rax;t[4]
1378 | ;end imm_umul
1379 |
1380 |
1381 | !mov rax,[rsi+0];r512[0]
1382 | !add rax, [rbx+0];512[0]+t[0]>512[0]
1383 | !mov [rsi+0],rax;r512[0]
1384 |
1385 | !mov rax,[rsi+8];r512[1]
1386 | !adc rax,[rbx+8];512[1]+t[1]>512[1]
1387 | !mov [rsi+8],rax;r512[1]
1388 |
1389 | !mov rax,[rsi+16];r512[2]
1390 | !adc rax,[rbx+16];512[2]+t[2]>512[2]
1391 | !mov [rsi+16],rax;r512[2]
1392 |
1393 | !mov rax,[rsi+24];r512[3]
1394 | !adc rax,[rbx+24];512[3]+t[2]>512[3]
1395 | !mov [rsi+24],rax;r512[3]
1396 |
1397 |
1398 | ;**Reduce from 320 to 256
1399 | ;No overflow possible here t[4]+c<=0x1000003D1ULL
1400 | !mov rax,[rbx+32];t[4]+carry
1401 | !adc rax,0
1402 | !mul r8; (t[4]+carry)*1000003D1h>rax>u10 rdx>u11
1403 |
1404 | !add rax,[rsi+0];u10+512[0]>512[0]
1405 | !mov [rsi+0],rax;r512[0]
1406 |
1407 | !adc rdx,[rsi+8];u11+512[1]>512[1]
1408 | !mov [rsi+8],rdx;r512[1]
1409 |
1410 | !mov rax,0
1411 | !adc rax,[rsi+16];0+512[2]>512[2]
1412 | !mov [rsi+16],rax;r512[2]
1413 |
1414 | !mov rax,0
1415 | !adc rax,[rsi+24];0+512[3]>512[3]
1416 | !mov [rsi+24],rax;r512[3]
1417 |
1418 | !mov rax,0
1419 | !adc rax,rax
1420 | !mov [p.v_overflow],rax
1421 |
1422 |
1423 |
1424 | borrow = m_subX64(*r512,*r512,*p)
1425 | If overflow
1426 | If Not borrow
1427 | m_subX64(*r512,*r512,*p)
1428 | EndIf
1429 | Else
1430 | If borrow
1431 | m_addX64(*r512,*r512,*p)
1432 | EndIf
1433 | EndIf
1434 |
1435 |
1436 | move32b_(p.p_r512,p.p_res,0,0)
1437 | EndProcedure
1438 |
1439 | Procedure m_mulModX64v2(*res,*a,*b,*p, *high)
1440 | Protected *c, overflow, borrow
1441 |
1442 | ;m_Ecc_ClearMX64(*high)
1443 | *c=*high
1444 | *high=*c+32
1445 |
1446 | !mov rdi,[p.p_b]
1447 | !mov rsi,[p.p_c]
1448 | !mov r9,[p.p_a]
1449 | !mov r8, [p.p_high]
1450 |
1451 |
1452 | ;a[7] * b (low)
1453 | !mov r10, [r9];a7
1454 | mul4blo(0)
1455 | mul4blo(8)
1456 | mul4blo(16)
1457 | mul4blo(24)
1458 |
1459 | ;a[7] * b (high)
1460 |
1461 | madhi(0, 8)
1462 | madhicc(8, 16)
1463 | madhicc(16, 24)
1464 | madhiccHIGHZero(24, 0) ;b0;high7
1465 |
1466 | ;a[6] * b (low)
1467 | !mov r10, [r9+8];a6
1468 | madlo(0, 8)
1469 | madlocc(8, 16)
1470 | madlocc(16, 24)
1471 | madloccHIGH(24, 0) ;b0;high7
1472 | ;add carry
1473 | !mov [r8+8], rcx ;HIGH6
1474 |
1475 | ;a[6] * b (high)
1476 | madhi(0, 16)
1477 | madhicc(8, 24)
1478 | madhiccHIGH(16, 0) ;b1;high7
1479 | madhiccHIGH(24, 8) ;b0;high6
1480 |
1481 | ;a[5] * b (low)
1482 | !mov r10, [r9+16];a5
1483 | madlo(0, 16)
1484 | madlocc(8, 24)
1485 | madloccHIGH(16, 0) ;b1;high7;a5
1486 | madloccHIGH(24, 8) ;b0;high6;a5
1487 | ;add carry
1488 | !mov [r8+16], rcx ;HIGH5
1489 |
1490 | ;a[5] * b (high)
1491 | madhi(0, 24)
1492 | madhiccHIGH(8, 0) ;b2;high7;a5
1493 | madhiccHIGH(16, 8) ;b1;high6;a5
1494 | madhiccHIGH(24, 16) ;b0;high5;a5
1495 |
1496 | ;a[4] * b (low)
1497 | !mov r10, [r9+24];a4
1498 | madlo(0, 24)
1499 | madloccHIGH(8, 0) ;b2;high7;a4
1500 | madloccHIGH(16, 8) ;b1;high6;a4
1501 | madloccHIGH(24, 16) ;b0;high5;a4
1502 | ;add carry
1503 | !mov [r8+24], rcx ;HIGH4
1504 |
1505 |
1506 |
1507 | !xor ecx,ecx ;clear carry!
1508 | madhiccHIGH(0, 0) ;b7;high7;a0
1509 | madhiccHIGH(8, 8) ;b6;high6;a0
1510 | madhiccHIGH(16, 16) ;b5;high5;a0
1511 | madhiccHIGH(24, 24) ;b4;high4;a0
1512 |
1513 | ; At this point we have 16 32-bit words representing a 512-bit value
1514 | ; high[0 ... 7] And c[0 ... 7]
1515 | ;Debug "high:"+m_gethex32(*high)
1516 | ;Debug "low :"+m_gethex32(*c)
1517 | ;End
1518 | ;****************************************************************
1519 | ; At this poin result correct!!!
1520 | ; high: 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1521 | ; low : 29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1522 | ;
1523 | ;result:
1524 | ;high:225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1525 | ;low :29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1526 | ;correct!!!
1527 | ;****************************************************************
1528 |
1529 | ;Store high[6] And high[7] since they will be overwritten
1530 | ;**Reduce from 512 to 320
1531 |
1532 | !mov rbx, rsi
1533 | !add rbx,64
1534 | !mov r8, 0x1000003D1
1535 |
1536 | ;imm_umul
1537 |
1538 | !mov rax,[rsi+32]
1539 | !mul r8; *1000003D1h>t[0]
1540 | !mov [rbx+0], rax;
1541 | !mov rcx,rdx;carry
1542 |
1543 | !mov rax,[rsi+40]
1544 | !mul r8; *1000003D1h
1545 | !add rax, rcx
1546 | ;cf=0
1547 | ;store cf
1548 | !mov r9,0
1549 | !adc r9,0
1550 | !mov [rbx+8], rax;t[1]
1551 | !mov rcx,rdx;carry
1552 |
1553 | !mov rax,[rsi+48]
1554 | !mul r8; *1000003D1h
1555 | ;add cf
1556 | !add rax,r9
1557 | !adc rax, rcx
1558 | ;store cf
1559 | !mov r9,0
1560 | !adc r9,0
1561 | !mov [rbx+16], rax;t[2]
1562 | !mov rcx,rdx;carry
1563 |
1564 | !mov rax,[rsi+56]
1565 | !mul r8; *1000003D1h
1566 | ;add cf
1567 | !add rax,r9
1568 | !adc rax, rcx
1569 | ;store cf
1570 | !mov r9,0
1571 | !adc r9,0
1572 | !mov [rbx+24], rax;t[3]
1573 | !mov rcx,rdx;carry
1574 |
1575 | !mov rax,0
1576 | ;add cf
1577 | !add rax,r9
1578 | !adc rax, rcx
1579 | !mov [rbx+32], rax;t[4]
1580 | ;end imm_umul
1581 |
1582 |
1583 | !mov rax,[rsi+0];r512[0]
1584 | !add rax, [rbx+0];512[0]+t[0]>512[0]
1585 | !mov [rsi+0],rax;r512[0]
1586 |
1587 | !mov rax,[rsi+8];r512[1]
1588 | !adc rax,[rbx+8];512[1]+t[1]>512[1]
1589 | !mov [rsi+8],rax;r512[1]
1590 |
1591 | !mov rax,[rsi+16];r512[2]
1592 | !adc rax,[rbx+16];512[2]+t[2]>512[2]
1593 | !mov [rsi+16],rax;r512[2]
1594 |
1595 | !mov rax,[rsi+24];r512[3]
1596 | !adc rax,[rbx+24];512[3]+t[2]>512[3]
1597 | !mov [rsi+24],rax;r512[3]
1598 |
1599 |
1600 | ;**Reduce from 320 to 256
1601 | ;No overflow possible here t[4]+c<=0x1000003D1ULL
1602 | !mov rax,[rbx+32];t[4]+carry
1603 | !adc rax,0
1604 | !mul r8; (t[4]+carry)*1000003D1h>rax>u10 rdx>u11
1605 |
1606 | !add rax,[rsi+0];u10+512[0]>512[0]
1607 | !mov [rsi+0],rax;r512[0]
1608 |
1609 | !adc rdx,[rsi+8];u11+512[1]>512[1]
1610 | !mov [rsi+8],rdx;r512[1]
1611 |
1612 | !mov rax,0
1613 | !adc rax,[rsi+16];0+512[2]>512[2]
1614 | !mov [rsi+16],rax;r512[2]
1615 |
1616 | !mov rax,0
1617 | !adc rax,[rsi+24];0+512[3]>512[3]
1618 | !mov [rsi+24],rax;r512[3]
1619 |
1620 | !mov rax,0
1621 | !adc rax,rax
1622 | !mov [p.v_overflow],rax
1623 |
1624 |
1625 |
1626 | borrow = m_subX64(*c,*c,*p)
1627 | If overflow
1628 | If Not borrow
1629 | m_subX64(*c,*c,*p)
1630 | EndIf
1631 | Else
1632 | If borrow
1633 | m_addX64(*c,*c,*p)
1634 | EndIf
1635 | EndIf
1636 |
1637 |
1638 | move32b_(p.p_c,p.p_res,0,0)
1639 | EndProcedure
1640 |
1641 | Procedure m_mulModX64v1(*res,*a,*b,*p, *high)
1642 | Protected *c, overflow, borrow
1643 |
1644 | ;m_Ecc_ClearMX64(*high)
1645 | *c=*high+32
1646 |
1647 | !mov rdi,[p.p_b]
1648 | !mov rsi,[p.p_c]
1649 | !mov r9,[p.p_a]
1650 | !mov r8, [p.p_high]
1651 |
1652 |
1653 | ;a[7] * b (low)
1654 | !mov r10, [r9];a7
1655 | mul4blo(0)
1656 | mul4blo(8)
1657 | mul4blo(16)
1658 | mul4blo(24)
1659 |
1660 | ;a[7] * b (high)
1661 |
1662 | madhi(0, 8)
1663 | madhicc(8, 16)
1664 | madhicc(16, 24)
1665 | madhiccHIGHZero(24, 0) ;b0;high7
1666 |
1667 | ;a[6] * b (low)
1668 | !mov r10, [r9+8];a6
1669 | madlo(0, 8)
1670 | madlocc(8, 16)
1671 | madlocc(16, 24)
1672 | madloccHIGH(24, 0) ;b0;high7
1673 | ;add carry
1674 | !mov [r8+8], rcx ;HIGH6
1675 |
1676 | ;a[6] * b (high)
1677 | madhi(0, 16)
1678 | madhicc(8, 24)
1679 | madhiccHIGH(16, 0) ;b1;high7
1680 | madhiccHIGH(24, 8) ;b0;high6
1681 |
1682 | ;a[5] * b (low)
1683 | !mov r10, [r9+16];a5
1684 | madlo(0, 16)
1685 | madlocc(8, 24)
1686 | madloccHIGH(16, 0) ;b1;high7;a5
1687 | madloccHIGH(24, 8) ;b0;high6;a5
1688 | ;add carry
1689 | !mov [r8+16], rcx ;HIGH5
1690 |
1691 | ;a[5] * b (high)
1692 | madhi(0, 24)
1693 | madhiccHIGH(8, 0) ;b2;high7;a5
1694 | madhiccHIGH(16, 8) ;b1;high6;a5
1695 | madhiccHIGH(24, 16) ;b0;high5;a5
1696 |
1697 | ;a[4] * b (low)
1698 | !mov r10, [r9+24];a4
1699 | madlo(0, 24)
1700 | madloccHIGH(8, 0) ;b2;high7;a4
1701 | madloccHIGH(16, 8) ;b1;high6;a4
1702 | madloccHIGH(24, 16) ;b0;high5;a4
1703 | ;add carry
1704 | !mov [r8+24], rcx ;HIGH4
1705 |
1706 |
1707 |
1708 | !xor ecx,ecx ;clear carry!
1709 | madhiccHIGH(0, 0) ;b7;high7;a0
1710 | madhiccHIGH(8, 8) ;b6;high6;a0
1711 | madhiccHIGH(16, 16) ;b5;high5;a0
1712 | madhiccHIGH(24, 24) ;b4;high4;a0
1713 |
1714 | ; At this point we have 16 32-bit words representing a 512-bit value
1715 | ; high[0 ... 7] And c[0 ... 7]
1716 | ;Debug "high:"+m_gethex32(*high)
1717 | ;Debug "low :"+m_gethex32(*c)
1718 | ;End
1719 | ;****************************************************************
1720 | ; At this poin result correct!!!
1721 | ; high: 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1722 | ; low : 29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1723 | ;
1724 | ;result:
1725 | ;high:225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11261167d213c1f060d
1726 | ;low :29520a21508989b06ed1194129efb1517cee385a708abe44718bc509775ad540
1727 | ;correct!!!
1728 | ;****************************************************************
1729 |
1730 | ;Store high[6] And high[7] since they will be overwritten
1731 |
1732 | !mov rdi,r8
1733 |
1734 | !mov r8d, [rdi+4] ;high6
1735 | !mov r9d, [rdi+0] ;high7
1736 |
1737 | ;Take high 256 bits, multiply by 2^32, add to low 256 bits
1738 | ;That is, take high[0 ... 7], shift it left 1 word And add it To c[0 ... 7]
1739 |
1740 | ;rdi- poiner to HIGH, rsi -pointer to C
1741 | !clc
1742 | !xor rcx,rcx
1743 |
1744 | !mov rax,[rsi+4];c6
1745 | !add rax,[rdi+0];high7
1746 | !mov [rsi+4], rax
1747 |
1748 | !mov rax,[rsi+12];c5
1749 | !adc rax,[rdi+8];high6
1750 | !mov [rsi+12], rax
1751 |
1752 | !mov rax,[rsi+20];c4
1753 | !adc rax,[rdi+16];high5
1754 | !mov [rsi+20], rax
1755 |
1756 | !mov eax,[rsi+28];c0
1757 | !adc eax,[rdi+24];high1
1758 | !mov [rsi+28], eax
1759 |
1760 | !mov eax,0
1761 | !adc eax,[rdi+28];high0
1762 | !mov [rdi+0], eax;high7
1763 |
1764 | !mov eax,0
1765 | !adc eax,0
1766 | !mov [rdi+4], eax;high6
1767 |
1768 | ;****************************************************************
1769 | ;shold be e586a59082262d9f4648bdb07fa18d746669296cd1a13b65adaacb16775ad540
1770 | ; high 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11200000000225989db
1771 | ;****************************************************************
1772 | ;high :225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11200000000225989db
1773 | ;low :e586a59082262d9f4648bdb07fa18d746669296cd1a13b65adaacb16775ad540
1774 | ;success!!!
1775 |
1776 | ;Debug "high :"+m_gethex32(*high)
1777 | ;Debug "low :"+m_gethex32(*c)
1778 | ;End
1779 |
1780 | ;Take high 256 bits, multiply by 977, add To low 256 bits
1781 | ;That is, take high[0 ... 5], high6, high7, multiply by 977 And add To c[0 ... 7]
1782 |
1783 | !mov ebx, r9d ;hightemp7
1784 | !mov eax,977
1785 | !mul ebx
1786 | !add eax,[rsi+0];c7
1787 | ;store carry
1788 | !mov ecx,0
1789 | !adc ecx, ecx
1790 | !mov [rsi+0], eax
1791 |
1792 | !mov ebx, r8d
1793 | !mov eax,977
1794 | !mul ebx
1795 | ;add carry
1796 | !add eax,ecx
1797 | !add eax,[rsi+4];c6
1798 | ;store carry
1799 | !mov ecx,0
1800 | !adc ecx, ecx
1801 | !mov [rsi+4], eax;c6
1802 |
1803 | ;madlocc
1804 | !mov ebx, [rdi+8] ;high5
1805 | !mov eax,977
1806 | !mul ebx
1807 | ;add carry
1808 | !add eax,ecx
1809 | !add eax,[rsi+8]
1810 | ;store carry
1811 | !mov ecx,0
1812 | !adc ecx, ecx
1813 | !mov [rsi+8], eax;c5
1814 |
1815 | !mov ebx, [rdi+12] ;high4
1816 | !mov eax,977
1817 | !mul ebx
1818 | ;add carry
1819 | !add eax,ecx
1820 | !add eax,[rsi+12]
1821 | ;store carry
1822 | !mov ecx,0
1823 | !adc ecx, ecx
1824 | !mov [rsi+12], eax;c4
1825 |
1826 | !mov ebx, [rdi+16] ;high3
1827 | !mov eax,977
1828 | !mul ebx
1829 | ;add carry
1830 | !add eax,ecx
1831 | !add eax,[rsi+16]
1832 | ;store carry
1833 | !mov ecx,0
1834 | !adc ecx, ecx
1835 | !mov [rsi+16], eax;c3
1836 |
1837 | !mov ebx, [rdi+20] ;high2
1838 | !mov eax,977
1839 | !mul ebx
1840 | ;add carry
1841 | !add eax,ecx
1842 | !add eax,[rsi+20]
1843 | ;store carry
1844 | !mov ecx,0
1845 | !adc ecx, ecx
1846 | !mov [rsi+20], eax;c2
1847 |
1848 | !mov ebx, [rdi+24] ;high1
1849 | !mov eax,977
1850 | !mul ebx
1851 | ;add carry
1852 | !add eax,ecx
1853 | !add eax,[rsi+24]
1854 | ;store carry
1855 | !mov ecx,0
1856 | !adc ecx, ecx
1857 | !mov [rsi+24], eax;c1
1858 |
1859 | !mov ebx, [rdi+28] ;high0
1860 | !mov eax,977
1861 | !mul ebx
1862 | ;add carry
1863 | !add eax,ecx
1864 | !add eax,[rsi+28]
1865 | ;store carry
1866 | !mov ecx,0
1867 | !adc ecx, ecx
1868 | !mov [rsi+28], eax;c0
1869 |
1870 | ;add carry
1871 | !mov eax, ecx
1872 | !add eax, [rdi];high7
1873 | ;store carry
1874 | !mov ecx,0
1875 | !adc ecx, ecx
1876 | !mov [rdi], eax ;high7
1877 |
1878 | ;add carry
1879 | !mov eax, ecx
1880 | !add eax, [rdi+4] ;high6
1881 | !mov [rdi+4], eax ;high6
1882 |
1883 |
1884 | ;****************************************************************
1885 | ;shold be fd3dc25bc6eb603e9d165cfecf3c19137232472edfd34118347e5607e9c0ecdd
1886 | ; high 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11200000000225989db
1887 | ;****************************************************************
1888 | ; high 225989dbbc349b6f319ca3eed777a46f55b1dc22e97af11200000000225989db
1889 | ; fd3dc25bc6eb603e9d165cfecf3c19137232472edfd34118347e5607e9c0ecdd
1890 | ;success!!!
1891 | ;Debug "high :"+m_gethex32(*high)
1892 |
1893 | ;Debug "low :"+m_gethex32(*c)
1894 | ;End
1895 | !mov ebx, r9d ;hightemp7
1896 | !mov eax,977
1897 | !mul ebx
1898 | !add edx,[rsi+4] ;c6
1899 | ;store carry
1900 | !mov ecx,0
1901 | !adc ecx, ecx
1902 | !mov [rsi+4], edx ;c6
1903 |
1904 | !mov ebx, r8d
1905 | !mov eax,977
1906 | !mul ebx
1907 | ;add carry
1908 | !add edx,ecx
1909 | !add edx,[rsi+8] ;c5
1910 | ;store carry
1911 | !mov ecx,0
1912 | !adc ecx, ecx
1913 | !mov [rsi+8], edx ;c5
1914 |
1915 | ;madhighcc
1916 | !mov ebx, [rdi+8]; high5
1917 | !mov eax,977
1918 | !mul ebx;edx:eax
1919 | ;add carry
1920 | !add edx,ecx
1921 | !add edx,[rsi+12]
1922 | ;store carry
1923 | !mov ecx,0
1924 | !adc ecx, ecx
1925 | !mov [rsi+12], edx;c4
1926 |
1927 | !mov ebx, [rdi+12]; high4
1928 | !mov eax,977
1929 | !mul ebx;edx:eax
1930 | ;add carry
1931 | !add edx,ecx
1932 | !add edx,[rsi+16]
1933 | ;store carry
1934 | !mov ecx,0
1935 | !adc ecx, ecx
1936 | !mov [rsi+16], edx;c3
1937 |
1938 | !mov ebx, [rdi+16]; high3
1939 | !mov eax,977
1940 | !mul ebx;edx:eax
1941 | ;add carry
1942 | !add edx,ecx
1943 | !add edx,[rsi+20]
1944 | ;store carry
1945 | !mov ecx,0
1946 | !adc ecx, ecx
1947 | !mov [rsi+20], edx;c2
1948 |
1949 | !mov ebx, [rdi+20]; high2
1950 | !mov eax,977
1951 | !mul ebx;edx:eax
1952 | ;add carry
1953 | !add edx,ecx
1954 | !add edx,[rsi+24]
1955 | ;store carry
1956 | !mov ecx,0
1957 | !adc ecx, ecx
1958 | !mov [rsi+24], edx;c1
1959 |
1960 | !mov ebx, [rdi+24]; high1
1961 | !mov eax,977
1962 | !mul ebx;edx:eax
1963 | ;add carry
1964 | !add edx,ecx
1965 | !add edx,[rsi+28]
1966 | ;store carry
1967 | !mov ecx,0
1968 | !adc ecx, ecx
1969 | !mov [rsi+28], edx;c0
1970 |
1971 |
1972 | !mov ebx, [rdi+28];high0
1973 | !mov eax,977
1974 | !mul ebx
1975 | ;add carry
1976 | !add edx,ecx
1977 | !add edx,[rdi+0];high7
1978 | ;store carry
1979 | !mov ecx,0
1980 | !adc ecx, ecx
1981 | !mov [rdi+0], edx;high7
1982 |
1983 | ;add carry
1984 | !mov eax,ecx
1985 | !add eax, [rdi+4];high6
1986 | !mov [rdi+4], eax;high6
1987 |
1988 | ;****************************************************************
1989 | ;fd3dc529c6eb60fb9d166034cf3c1a5a72324aa9dfd3428a347e56ece9c0ecdd
1990 | ;****************************************************************
1991 | ; success!!!
1992 | ;Debug "low :"+m_gethex32(*c)
1993 | ;End
1994 | ;Repeat the same steps, but this time we only need To handle high[6] And high[7]
1995 | !mov r8d, [rdi+4] ;high6
1996 | !mov r9d, [rdi+0] ;high7
1997 |
1998 | ;Take the high 64 bits, multiply by 2^32 and add to the low 256 bits
1999 | !mov eax,[rsi+4];c6
2000 | !add eax,[rdi+0];high7
2001 | !mov [rsi+4], eax;c6
2002 |
2003 | !mov eax,[rsi+8];c5
2004 | !adc eax,[rdi+4];high6
2005 | !mov [rsi+8], eax;c5
2006 |
2007 | !mov eax,[rsi+12];c4
2008 | !adc eax,0
2009 | !mov [rsi+12], eax
2010 |
2011 | !mov eax,[rsi+16];c3
2012 | !adc eax,0
2013 | !mov [rsi+16], eax
2014 |
2015 | !mov eax,[rsi+20];c2
2016 | !adc eax,0
2017 | !mov [rsi+20], eax
2018 |
2019 | !mov eax,[rsi+24];c1
2020 | !adc eax,0
2021 | !mov [rsi+24], eax
2022 |
2023 | !mov eax,[rsi+28];c0
2024 | !adc eax,0
2025 | !mov [rsi+28], eax
2026 |
2027 | !mov eax,0
2028 | !adc eax,0
2029 | !mov [rdi+0], eax;high7
2030 |
2031 | ;****************************************************************
2032 | ;fd3dc529c6eb60fb9d166034cf3c1a5a72324aa9dfd3428a56d7e14ae9c0ecdd
2033 | ;****************************************************************
2034 | ;success!!!
2035 | ;Debug "low :"+m_gethex32(*c)
2036 | ;End
2037 | ;Take the high 64 bits, multiply by 977 and add to the low 256 bits
2038 | !mov ebx, r9d ;hightemp7
2039 | !mov eax,977
2040 | !mul ebx
2041 | !add eax,[rsi+0];c7
2042 | ;store carry
2043 | !mov ecx,0
2044 | !adc ecx, ecx
2045 | !mov [rsi+0], eax
2046 |
2047 |
2048 | !mov ebx, r8d
2049 | !mov eax,977
2050 | !mul ebx
2051 | ;add carry
2052 | !add eax,ecx
2053 | !add eax,[rsi+4];c6
2054 | ;store carry
2055 | !mov ecx,0
2056 | !adc ecx, ecx
2057 | !mov [rsi+4], eax;c6
2058 |
2059 |
2060 | !mov eax,ecx
2061 | !adc eax,[rsi+8];c5
2062 | !mov [rsi+8], eax
2063 |
2064 | !mov eax,[rsi+12];c4
2065 | !adc eax,0
2066 | !mov [rsi+12], eax
2067 |
2068 | !mov eax,[rsi+16];c3
2069 | !adc eax,0
2070 | !mov [rsi+16], eax
2071 |
2072 | !mov eax,[rsi+20];c2
2073 | !adc eax,0
2074 | !mov [rsi+20], eax
2075 |
2076 | !mov eax,[rsi+24];c1
2077 | !adc eax,0
2078 | !mov [rsi+24], eax
2079 |
2080 | !mov eax,[rsi+28];c0
2081 | !adc eax,0
2082 | !mov [rsi+28], eax
2083 |
2084 | !mov eax,[rdi+0];high7
2085 | !adc eax,0
2086 | !mov [rdi+0], eax
2087 |
2088 | ;****************************************************************
2089 | ;fd3dc529c6eb60fb9d166034cf3c1a5a72324aa9dfd3428a56d7e14b0179fd9b
2090 | ;****************************************************************
2091 | ;success!!!
2092 | ;Debug "low :"+m_gethex32(*c)
2093 | ;End
2094 | !mov ebx, r9d ;hightemp7
2095 | !mov eax,977
2096 | !mul ebx
2097 | !add edx,[rsi+4] ;c6
2098 | ;store carry
2099 | !mov ecx,0
2100 | !adc ecx, ecx
2101 | !mov [rsi+4], edx ;c6
2102 |
2103 | !mov ebx, r8d
2104 | !mov eax,977
2105 | !mul ebx
2106 | ;add carry
2107 | !add edx,ecx
2108 | !add edx,[rsi+8] ;c5
2109 | ;store carry
2110 | !mov ecx,0
2111 | !adc ecx, ecx
2112 | !mov [rsi+8], edx ;c5
2113 |
2114 |
2115 |
2116 | !mov eax,ecx
2117 | !adc eax,[rsi+12];c4
2118 | !mov [rsi+12], eax
2119 |
2120 | !mov eax,[rsi+16];c3
2121 | !adc eax,0
2122 | !mov [rsi+16], eax
2123 |
2124 | !mov eax,[rsi+20];c2
2125 | !adc eax,0
2126 | !mov [rsi+20], eax
2127 |
2128 | !mov eax,[rsi+24];c1
2129 | !adc eax,0
2130 | !mov [rsi+24], eax
2131 |
2132 | !mov eax,[rsi+28];c0
2133 | !adc eax,0
2134 | !mov [rsi+28], eax
2135 |
2136 | !mov eax,[rdi+0];high7
2137 | !adc eax,0
2138 | !mov [p.v_overflow],eax
2139 |
2140 |
2141 |
2142 | ;low :fd3dc529c6eb60fb9d166034cf3c1a5a72324aa9dfd3428a56d7e1ce0179fd9b
2143 |
2144 | ;Debug "low :"+m_gethex32(*c)
2145 | ;End
2146 | borrow = m_subX64(*c,*c,*p)
2147 |
2148 | If overflow
2149 | If Not borrow
2150 | m_subX64(*c,*c,*p)
2151 | EndIf
2152 | Else
2153 | If borrow
2154 | m_addX64(*c,*c,*p)
2155 | EndIf
2156 | EndIf
2157 | move32b_(p.p_c,p.p_res,0,0)
2158 | ;FreeMemory(*high)
2159 | EndProcedure
2160 |
2161 | Procedure m_squareModX64(*res,*a,*p, *r512)
2162 | Protected *tt, overflow, borrow
2163 |
2164 | ;NOTE!!! *r512 buffer 64+40=104bytes!!!
2165 |
2166 | *tt=*r512+64
2167 |
2168 | !mov rbx,[p.p_tt]
2169 | !mov rdi, [p.p_a]
2170 | !mov rsi,[p.p_r512]
2171 |
2172 | ;**K=0
2173 | !mov rax, [rdi];a0
2174 | !mov r8, rax;store a0
2175 | !mul rax ;a0>>rax>512[0] rdx>t[1]
2176 | !mov [rsi], rax;low>512[0]
2177 | !mov [rbx+8], rdx;high>t[1]
2178 | ;**K=1
2179 | !mov rax, r8;a0
2180 | !mul qword[rdi+8];a1>>rax>t[3] rdx>t[4]
2181 | !add rax,rax;t[3]+t[3]>t[3]
2182 | !adc rdx, rdx;t[4]+t[4]>t[4]
2183 |
2184 | ;store carry
2185 | !mov rcx,0
2186 | !adc rcx, rcx ;t1
2187 |
2188 | !add rax,[rbx+8];t[3]+t[1]>t[3]
2189 | !mov [rbx+24], rax;t[3]
2190 |
2191 | !adc rdx, 0;t[4]+0>t[4]
2192 | !mov [rbx+32], rdx;t[4]
2193 |
2194 | !adc rcx, 0
2195 | !mov r9, rcx;t1
2196 | !mov [rsi+8], rax;r512[1] = t[3]
2197 |
2198 |
2199 | ;**K=2
2200 | !mov rax, r8;a0
2201 | !mul qword [rdi+16];a2>>rax>t[0] rdx>t[1]
2202 |
2203 | !add rax,rax;t[0]+t[0]>t[0]
2204 | !mov [rbx+0], rax;t[0]
2205 |
2206 | !adc rdx, rdx;t[1]+t[1]>t[1]
2207 | !mov [rbx+8], rdx;t[1]
2208 |
2209 | ;store carry
2210 | !mov rcx,0
2211 | !adc rcx, 0;t2
2212 |
2213 | !mov rax, [rdi+8];a1
2214 | !mul rax ;a1>>rax>u10 rdx>u11
2215 |
2216 | !add rax,[rbx+0];u10+t[0]>t[0]
2217 |
2218 | !adc rdx, [rbx+8];u11+t[1]>t[1]
2219 |
2220 | !adc rcx, 0;t2
2221 |
2222 |
2223 | !add rax,[rbx+32];t[0]+t[4]>t[0]
2224 | !mov [rbx+0], rax;t[0]
2225 |
2226 | !adc rdx, r9;t[1]+t1>t[1]
2227 | !mov [rbx+8], rdx;t[1]
2228 |
2229 | !adc rcx, 0
2230 | !mov r9, rcx;t2
2231 | !mov [rsi+16], rax;r512[2] = t[0]
2232 |
2233 | ;**K=3
2234 | !mov rax, r8;a0
2235 | !mul qword [rdi+24];a3>>rax>t[3] rdx>t[4]
2236 | !mov [rbx+24], rax;t[3]
2237 | !mov [rbx+32], rdx;t[4]
2238 |
2239 | !mov rax, [rdi+8];a1
2240 | !mov r8,rax;store a1
2241 | !mul qword [rdi+16];a2>>rax>u10 rdx>u11
2242 |
2243 | !add rax,[rbx+24];u10+t[3]>t[3]
2244 |
2245 | !adc rdx, [rbx+32];u11+t[4]>t[4]
2246 |
2247 | ;store carry
2248 | !mov rcx,0
2249 | !adc rcx, 0;t1
2250 |
2251 | !add rcx,rcx;t1 += t1
2252 |
2253 | !add rax,rax;t[3]+t[3]>t[3]
2254 |
2255 | !adc rdx,rdx;t[4]+t[4]>t[4]
2256 |
2257 |
2258 | !adc rcx, 0;t1
2259 |
2260 | !add rax,[rbx+8];t[3]+t[1]>t[3]
2261 | !mov [rbx+24], rax;t[3]
2262 |
2263 | !adc rdx,r9;t[4]+t2>t[4]
2264 | !mov [rbx+32], rdx;t[4]
2265 |
2266 | !adc rcx, 0;t1
2267 | !mov r9, rcx;t1
2268 | !mov [rsi+24], rax;r512[3] = t[3]
2269 |
2270 | ;**K=4
2271 | !mov rax, r8;a1
2272 | !mul qword [rdi+24];a3>>rax>t[0] rdx>t[1]
2273 | !add rax,rax;t[0]+t[0]>t[0]
2274 | !mov [rbx+0], rax;t[0]
2275 |
2276 | !adc rdx,rdx;t[1]+t[1]>t[1]
2277 | !mov [rbx+8], rdx;t[1]
2278 |
2279 | ;store carry
2280 | !mov rcx,0
2281 | !adc rcx, 0;t2
2282 |
2283 | !mov rax,[rdi+16];a2
2284 | !mov r8,rax;store a2
2285 | !mul rax;a2>>rax>u10 rdx>u11
2286 | !add rax,[rbx+0];u10+t[0]>t[0]
2287 |
2288 | !adc rdx,[rbx+8];u11+t[1]>t[1]
2289 |
2290 |
2291 | !adc rcx, 0;t2
2292 |
2293 | !add rax,[rbx+32];t[0]+t[4]>t[0]
2294 | !mov [rbx+0], rax;t[0]
2295 |
2296 | !adc rdx,r9;t[1]+t1>t[1]
2297 | !mov [rbx+8], rdx;t[1]
2298 |
2299 | !adc rcx, 0;t2
2300 | !mov r9, rcx;t2
2301 | !mov [rsi+32], rax;r512[4] = t[0]
2302 |
2303 | ;**K=5
2304 | !mov rax, r8;a2
2305 | !mul qword [rdi+24];a3>>rax>t[3] rdx>t[4]
2306 | !add rax,rax;t[3]+t[3]>t[3]
2307 |
2308 | !adc rdx,rdx;t[4]+t[4]>t[4]
2309 |
2310 | ;store carry
2311 | !mov rcx,0
2312 | !adc rcx, 0;t1
2313 |
2314 | !add rax,[rbx+8];t[3]+t[1]>t[3]
2315 | !mov [rbx+24], rax;t[3]
2316 |
2317 | !adc rdx,r9;t[4]+t2>t[4]
2318 | !mov [rbx+32], rdx;t[4]
2319 |
2320 | !adc rcx, 0;t1
2321 | !mov r9, rcx;t1
2322 | !mov [rsi+40], rax;r512[5] = t[3]
2323 |
2324 | ;**K=6
2325 | !mov rax,[rdi+24];a3
2326 | !mul rax;a3>>rax>t[0] rdx>t[1]
2327 |
2328 | !add rax,[rbx+32];t[0]+t[4]>t[0]
2329 | !mov [rbx+0], rax;t[0]
2330 |
2331 | !adc rdx,r9;t[1]+t1>t[1]
2332 | !mov [rbx+8], rdx;t[1]
2333 |
2334 | !mov [rsi+48], rax;r512[6] = t[0]
2335 |
2336 | ;**K=6
2337 | !mov [rsi+56], rdx;r512[7] = t[1]
2338 |
2339 | ;sould be
2340 | ;high 0fee1a06f69e1b8286bf0b2d8858740848984fa8f6a052b12d136d89f930e01e
2341 | ;low 7b1cd51763e164b25e3a46f9d61432f7f003bbabe62013086c3f2ef66fbb2e31
2342 | ;result correct!!!
2343 |
2344 |
2345 | ;**Reduce from 512 to 320
2346 | !mov r8, 0x1000003D1
2347 |
2348 | ;imm_umul
2349 |
2350 | !mov rax,[rsi+32]
2351 | !mul r8; *1000003D1h>t[0]
2352 | !mov [rbx+0], rax;
2353 | !mov rcx,rdx;carry
2354 |
2355 | !mov rax,[rsi+40]
2356 | !mul r8; *1000003D1h
2357 | !add rax, rcx
2358 | ;cf=0
2359 | ;store cf
2360 | !mov r9,0
2361 | !adc r9,0
2362 | !mov [rbx+8], rax;t[1]
2363 | !mov rcx,rdx;carry
2364 |
2365 | !mov rax,[rsi+48]
2366 | !mul r8; *1000003D1h
2367 | ;add cf
2368 | !add rax,r9
2369 | !adc rax, rcx
2370 | ;store cf
2371 | !mov r9,0
2372 | !adc r9,0
2373 | !mov [rbx+16], rax;t[2]
2374 | !mov rcx,rdx;carry
2375 |
2376 | !mov rax,[rsi+56]
2377 | !mul r8; *1000003D1h
2378 | ;add cf
2379 | !add rax,r9
2380 | !adc rax, rcx
2381 | ;store cf
2382 | !mov r9,0
2383 | !adc r9,0
2384 | !mov [rbx+24], rax;t[3]
2385 | !mov rcx,rdx;carry
2386 |
2387 | !mov rax,0
2388 | ;add cf
2389 | !add rax,r9
2390 | !adc rax, rcx
2391 | !mov [rbx+32], rax;t[4]
2392 | ;end imm_umul
2393 |
2394 |
2395 | !mov rax,[rsi+0];r512[0]
2396 | !add rax, [rbx+0];512[0]+t[0]>512[0]
2397 | !mov [rsi+0],rax;r512[0]
2398 |
2399 | !mov rax,[rsi+8];r512[1]
2400 | !adc rax,[rbx+8];512[1]+t[1]>512[1]
2401 | !mov [rsi+8],rax;r512[1]
2402 |
2403 | !mov rax,[rsi+16];r512[2]
2404 | !adc rax,[rbx+16];512[2]+t[2]>512[2]
2405 | !mov [rsi+16],rax;r512[2]
2406 |
2407 | !mov rax,[rsi+24];r512[3]
2408 | !adc rax,[rbx+24];512[3]+t[2]>512[3]
2409 | !mov [rsi+24],rax;r512[3]
2410 |
2411 |
2412 | ;**Reduce from 320 to 256
2413 | ;No overflow possible here t[4]+c<=0x1000003D1ULL
2414 | !mov rax,[rbx+32];t[4]+carry
2415 | !adc rax,0
2416 | !mul r8; (t[4]+carry)*1000003D1h>rax>u10 rdx>u11
2417 |
2418 | !add rax,[rsi+0];u10+512[0]>512[0]
2419 | !mov [rsi+0],rax;r512[0]
2420 |
2421 | !adc rdx,[rsi+8];u11+512[1]>512[1]
2422 | !mov [rsi+8],rdx;r512[1]
2423 |
2424 | !mov rax,0
2425 | !adc rax,[rsi+16];0+512[2]>512[2]
2426 | !mov [rsi+16],rax;r512[2]
2427 |
2428 | !mov rax,0
2429 | !adc rax,[rsi+24];0+512[3]>512[3]
2430 | !mov [rsi+24],rax;r512[3]
2431 |
2432 | !mov rax,0
2433 | !adc rax,rax
2434 | !mov [p.v_overflow],rax
2435 | ;Probability of carry here Or that this>P is very very unlikely
2436 |
2437 | ;Debug "low :"+m_gethex32(*r512)
2438 | ;End
2439 | borrow = m_subX64(*r512,*r512,*p)
2440 | ;38f37014ce22fc29cf19f28a5ce4da091445536c3e2cff318ba07c2a3048f518
2441 | If overflow
2442 | If Not borrow
2443 | m_subX64(*r512,*r512,*p)
2444 | EndIf
2445 | Else
2446 | If borrow
2447 | m_addX64(*r512,*r512,*p)
2448 | EndIf
2449 | EndIf
2450 | ;shold be 3d6c452d1c076d0425ac63c7783f563df3ec12324d0f16bf7c8335253ef4be33
2451 |
2452 |
2453 | move32b_(p.p_r512,p.p_res,0,0)
2454 |
2455 | EndProcedure
2456 |
2457 | Procedure m_Ecc_modInv_updateX64(*uv, *mod)
2458 | Protected carry
2459 | If Not m_Ecc_EvenX64(*uv)
2460 | carry=m_addX64(*uv,*uv,*mod)
2461 | EndIf
2462 | m_shrX64(*uv)
2463 | If carry
2464 | PokeI(*uv+24,PeekI(*uv+24)|$8000000000000000)
2465 | EndIf
2466 | EndProcedure
2467 |
2468 |
2469 |
2470 | Procedure m_Ecc_modInvX64(*res,*inp,*mod)
2471 | Protected *a, *b, *u, *v, cmpResult
2472 | ;Computes result = (1 / input) % mod
2473 | ;From Euclid's GCD to Montgomery Multiplication to the Great Divide
2474 |
2475 | If Not m_check_nonzeroX64(*inp)
2476 | ;==0
2477 | FillMemory(*res,32,0,#PB_Long)
2478 | Else
2479 | *a=AllocateMemory(128, #PB_Memory_NoClear)
2480 | *b=*a+32
2481 | *u=*a+64
2482 | *v=*a+96
2483 |
2484 | move32b_(p.p_inp, p.p_a,0,0)
2485 | move32b_(p.p_mod, p.p_b,0,0)
2486 | m_Ecc_ClearMX64(*u)
2487 | m_Ecc_ClearMX64(*v)
2488 |
2489 | PokeI(*u,1)
2490 | ;Debug Curve::m_gethex32(*u)
2491 | cmpResult=m_check_less_more_equilX64(*a,*b)
2492 | While cmpResult
2493 |
2494 | If m_Ecc_EvenX64(*a)
2495 | m_shrX64(*a)
2496 | m_Ecc_modInv_updateX64(*u, *mod)
2497 | ElseIf m_Ecc_EvenX64(*b)
2498 | m_shrX64(*b)
2499 | m_Ecc_modInv_updateX64(*v, *mod)
2500 | ElseIf cmpResult=2;more
2501 | m_subX64(*a,*a,*b)
2502 | m_shrX64(*a)
2503 | If m_check_less_more_equilX64(*u,*v)=1; less
2504 | m_addX64(*u,*u,*mod)
2505 | EndIf
2506 | m_subX64(*u,*u,*v)
2507 | m_Ecc_modInv_updateX64(*u, *mod)
2508 | Else
2509 | m_subX64(*b,*b,*a)
2510 | m_shrX64(*b)
2511 | If m_check_less_more_equilX64(*v,*u)=1; less
2512 | m_addX64(*v,*v,*mod)
2513 | EndIf
2514 | m_subX64(*v,*v,*u)
2515 | m_Ecc_modInv_updateX64(*v, *mod)
2516 | EndIf
2517 | cmpResult=m_check_less_more_equilX64(*a,*b)
2518 | Wend
2519 | move32b_(p.p_u, p.p_res,0,0)
2520 | FreeMemory(*a)
2521 | EndIf
2522 | EndProcedure
2523 |
2524 | Procedure m_DBLTX64(*cx,*cy,*x,*y,*p)
2525 | Protected *s, *ds, *dx, *tx, *high
2526 | *s=AllocateMemory(192+40,#PB_Memory_NoClear)
2527 | *ds=*s+32
2528 | *dx=*s+64
2529 | *tx=*s+96
2530 | *high=*s+128
2531 | ;get inverse inverse(2*y,p)
2532 | m_addModX64(*s,*y,*y,*p)
2533 | m_Ecc_modInvX64(*s,*s,*p)
2534 | ;3x^2
2535 | m_squareModX64(*dx,*x,*p, *high)
2536 | m_addModX64(*tx,*dx,*dx,*p)
2537 | m_addModX64(*tx,*dx,*tx,*p)
2538 | ;s = 3x^2 * 1/2y
2539 | m_mulModX64(*s,*tx,*s,*p, *high)
2540 | ;s^2
2541 | m_squareModX64(*ds,*s,*p, *high)
2542 | ;Rx = s^2 - 2px
2543 | m_subModX64(*ds,*ds,*x,*p)
2544 | m_subModX64(*ds,*ds,*x,*p);ds=x
2545 | ;Ry = s(px - rx) - py =>slope*(x-xsum)-y
2546 | m_subModX64(*dx,*x,*ds,*p)
2547 | m_mulModX64(*tx,*s,*dx,*p, *high)
2548 | m_subModX64(*cy,*tx,*y,*p)
2549 | move32b_(p.p_ds, p.p_cx,0,0)
2550 | FreeMemory(*s)
2551 | EndProcedure
2552 |
2553 | Procedure m_ADDPTX64(*cxout,*cyout,*ax,*ay,*bx,*by,*p)
2554 | Protected *s,*cx,*cy, *high
2555 | *s=AllocateMemory(160+40, #PB_Memory_NoClear)
2556 | *cx = *s+32
2557 | *cy = *s+64
2558 | *high = *s+96
2559 |
2560 | If m_check_equilX64(*ax,*bx)
2561 | m_DBLTX64(*cxout,*cyout,*ax,*ay,*p)
2562 | Else
2563 | ;get inverse inverse(x1-x2,p)
2564 | m_subModX64(*s,*ax,*bx,*p)
2565 | m_Ecc_modInvX64(*s,*s,*p)
2566 | ;slope=(y1-y2)*inverse(x1-x2,p)
2567 | m_subModX64(*cy,*ay,*by,*p)
2568 | m_mulModX64(*s,*cy,*s,*p, *high)
2569 | ;Rx = s^2 - Gx - Qx => pow_mod(slope,2,p)-(x1+x2)
2570 | m_squareModX64(*cy,*s,*p, *high)
2571 | m_subModX64(*cy,*cy,*ax,*p)
2572 | m_subModX64(*cx,*cy,*bx,*p)
2573 | ;Ry = s(px - rx) - py => slope*(x1-xsum)-y1
2574 | m_subModX64(*cy,*ax,*cx,*p)
2575 | m_mulModX64(*cy,*s,*cy,*p, *high)
2576 | m_subModX64(*cy,*cy,*ay,*p)
2577 | move32b_(p.p_cx, p.p_cxout,0,0)
2578 | move32b_(p.p_cy, p.p_cyout,0,0)
2579 | EndIf
2580 |
2581 | FreeMemory(*s)
2582 | EndProcedure
2583 |
2584 |
2585 |
2586 | Procedure m_PTMULX64(*cx, *cy, *ax, *ay, *multipler,*p)
2587 | Protected *locala, *scaleX, *scaleY
2588 | *locala = AllocateMemory(96)
2589 | *scaleX = *locala+32
2590 | *scaleY = *locala+64
2591 |
2592 | move32b_(p.p_multipler, p.p_locala,0,0)
2593 |
2594 |
2595 | move32b_(p.p_ax, p.p_scaleX,0,0)
2596 | move32b_(p.p_ay, p.p_scaleY,0,0)
2597 |
2598 | m_Ecc_ClearMX64(*cx):m_Ecc_ClearMX64(*cy)
2599 |
2600 | While m_check_nonzeroX64(*locala)
2601 | !mov rsi,[p.p_locala]
2602 | !mov eax,[rsi]
2603 | !bt eax,0
2604 | !jnc llm_ptmul_continue
2605 |
2606 | If m_check_nonzeroX64(*cx)=0 Or m_check_nonzeroX64(*cy)=0
2607 | move32b_(p.p_scaleX, p.p_cx,0,0)
2608 | move32b_(p.p_scaleY, p.p_cy,0,0)
2609 | Else
2610 | m_ADDPTX64(*cx,*cy,*cx,*cy,*scaleX,*scaleY,*p)
2611 | EndIf
2612 |
2613 | !llm_ptmul_continue:
2614 | m_DBLTX64(*scaleX,*scaleY,*scaleX,*scaleY,*p)
2615 | m_shrX64(*locala)
2616 | Wend
2617 |
2618 | FreeMemory(*locala)
2619 | EndProcedure
2620 |
2621 | Procedure m_PTDIVX64(*cx, *cy, *ax, *ay, *multipler,*p, *n)
2622 | Protected *indiv
2623 | Shared *Curveqn
2624 | *indiv = AllocateMemory(32)
2625 | m_Ecc_modInvX64(*indiv,*multipler,*n)
2626 |
2627 | m_PTMULX64(*cx, *cy, *ax, *ay, *indiv,*p)
2628 | FreeMemory(*indiv)
2629 | EndProcedure
2630 | Procedure DoPowMod(*res, *base, *exp, *modulus, *high)
2631 | Protected *s,*e,*b
2632 | *s=AllocateMemory(96, #PB_Memory_NoClear)
2633 | *e = *s+32
2634 | *b = *s+64
2635 |
2636 |
2637 | CopyMemory(*exp,*e,32)
2638 | CopyMemory(*base,*b,32)
2639 |
2640 | Curve::m_sethex32(*s, @"0000000000000000000000000000000000000000000000000000000000000001")
2641 |
2642 | ;base = DoMod(base, modulus) ;base % modulus;
2643 | ;Debug "base:"+base
2644 | While Curve::m_check_nonzeroX64(*e);exp > 0
2645 |
2646 | If Curve::m_Ecc_TestBitX64(*e, 0) ;(exp & 1)
2647 | Curve::m_mulModX64(*s,*s,*b,*modulus, *high);(result * base) % modulus;
2648 | EndIf
2649 | Curve::m_mulModX64(*b,*b,*b,*modulus, *high);(base * base) % modulus
2650 | Curve::m_shrX64(*e);exp>> 1
2651 | Wend
2652 | CopyMemory(*s,*res,32)
2653 | FreeMemory(*s)
2654 | EndProcedure
2655 |
2656 | Procedure m_YfromX64(*cyout,*ax,*p)
2657 | Protected *s,*c7,*c1, *high, *p1
2658 | *s=AllocateMemory(160+128, #PB_Memory_NoClear)
2659 | *c7 = *s+32
2660 | *c1 = *s+64
2661 | *p1 = *s+96
2662 | *high = *s+128
2663 | Curve::m_sethex32(*c7, @"0000000000000000000000000000000000000000000000000000000000000007")
2664 | Curve::m_sethex32(*c1, @"0000000000000000000000000000000000000000000000000000000000000001")
2665 | ;a = (pow(x, 3, p) + 7) % p
2666 | Curve::m_mulModX64(*s,*ax,*ax,*p, *high)
2667 | Curve::m_mulModX64(*s,*s,*ax,*p, *high)
2668 | Curve::m_addModX64(*s,*s,*c7,*p)
2669 |
2670 |
2671 | ;y = Pow(a, (p+1)//4, p)
2672 | Curve::m_addX64(*p1,*p,*c1)
2673 | Curve::m_shrX64(*p1)
2674 | Curve::m_shrX64(*p1)
2675 | DoPowMod(*cyout,*s,*p1,*p,*high)
2676 |
2677 | ;Curve::m_NegModX64(*cyout,*s,*p)
2678 |
2679 |
2680 |
2681 | FreeMemory(*s)
2682 | EndProcedure
2683 |
2684 | Procedure m_Ecc_XYcZ_addX64(*X1, *Y1, *X2, *Y2, *inpX1,*inpY1,*inpX2,*inpY2)
2685 | Protected *t5, *high
2686 | Shared *CurveP
2687 | *t5=AllocateMemory(96+40)
2688 | *high = *t5+32
2689 | move32b_(p.p_inpX1, p.p_X1,0,0)
2690 | move32b_(p.p_inpY1, p.p_Y1,0,0)
2691 | move32b_(p.p_inpX2, p.p_X2,0,0)
2692 | move32b_(p.p_inpY2, p.p_Y2,0,0)
2693 |
2694 | m_subModX64(*t5,*X2,*X1,*CurveP);t5 = x2 - x1
2695 | m_squareModX64(*t5,*t5,*CurveP, *high);t5 = (x2 - x1)^2 = A
2696 | m_mulModX64(*X1,*X1,*t5,*CurveP, *high);t1 = x1*A = B
2697 | m_mulModX64(*X2,*X2,*t5,*CurveP, *high);t3 = x2*A = C
2698 | m_subModX64(*Y2,*Y2,*Y1,*CurveP);t4 = y2 - y1
2699 | m_squareModX64(*t5,*Y2,*CurveP, *high);t5 = (y2 - y1)^2 = D
2700 |
2701 |
2702 | m_subModX64(*t5,*t5,*X1,*CurveP);t5 = D - B
2703 | m_subModX64(*t5,*t5,*X2,*CurveP);t5 = D - B - C = x3
2704 | m_subModX64(*X2,*X2,*X1,*CurveP);t3 = C - B
2705 | m_mulModX64(*Y1,*Y1,*X2,*CurveP, *high);t2 = y1*(C - B)
2706 | m_subModX64(*X2,*X1,*t5,*CurveP);t3 = B - x3
2707 | m_mulModX64(*Y2,*Y2,*X2,*CurveP, *high);t4 = (y2 - y1)*(B - x3)
2708 | m_subModX64(*Y2,*Y2,*Y1,*CurveP);t4 = y3
2709 |
2710 | move32b_(p.p_t5, p.p_X2,0,0)
2711 |
2712 | FreeMemory(*t5)
2713 | EndProcedure
2714 |
2715 | Procedure m_Ecc_XYcZ_addCX64(*X1, *Y1, *X2, *Y2, *inpX1,*inpY1,*inpX2,*inpY2)
2716 | Protected *t5, *t6, *t7, *high
2717 | Shared *CurveP
2718 | *t5=AllocateMemory(160+40)
2719 | *t6=*t5+32
2720 | *t7=*t5+64
2721 | *high = *t5+96
2722 | ;*rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32
2723 |
2724 | move32b_(p.p_inpX1, p.p_X1,0,0)
2725 | move32b_(p.p_inpY1, p.p_Y1,0,0)
2726 | move32b_(p.p_inpX2, p.p_X2,0,0)
2727 | move32b_(p.p_inpY2, p.p_Y2,0,0)
2728 | ;Debug "x1 "+m_gethex32(*X1)
2729 | ;Debug "y1 "+m_gethex32(*Y1)
2730 | ;Debug "x2 "+m_gethex32(*X2)
2731 | ;Debug "y2 "+m_gethex32(*Y2)
2732 |
2733 | ;t1 = X1, t2 = Y1, t3 = X2, t4 = Y2
2734 | m_subModX64(*t5,*X2,*X1,*CurveP);t5 = x2 - x1
2735 | m_squareModX64(*t5,*t5,*CurveP, *high);t5 = (x2 - x1)^2 = A
2736 | m_mulModX64(*X1,*X1,*t5,*CurveP, *high);t1 = x1*A = B
2737 | m_mulModX64(*X2,*X2,*t5,*CurveP, *high);t3 = x2*A = C
2738 | m_addModX64(*t5,*Y2,*Y1,*CurveP);t5 = y2 + y1
2739 | m_subModX64(*Y2,*Y2,*Y1,*CurveP);t4 = y2 - y1
2740 |
2741 | m_subModX64(*t6,*X2,*X1,*CurveP);t6 = C - B
2742 | m_mulModX64(*Y1,*Y1,*t6,*CurveP, *high);t2 = y1 * (C - B) = E
2743 | m_addModX64(*t6,*X1,*X2,*CurveP);t6 = B + C
2744 | m_squareModX64(*X2,*Y2,*CurveP, *high);t3 = (y2 - y1)^2 = D
2745 | m_subModX64(*X2,*X2,*t6,*CurveP);t3 = D - (B + C) = x3
2746 |
2747 | m_subModX64(*t7,*X1,*X2,*CurveP);t7 = B - x3
2748 | m_mulModX64(*Y2,*Y2,*t7,*CurveP, *high);t4 = (y2 - y1)*(B - x3)
2749 | m_subModX64(*Y2,*Y2,*Y1,*CurveP);t4 = (y2 - y1)*(B - x3) - E = y3
2750 |
2751 | m_squareModX64(*t7,*t5,*CurveP, *high);t7 = (y2 + y1)^2 = F
2752 | m_subModX64(*t7,*t7,*t6,*CurveP);t7 = F - (B + C) = x3'
2753 | m_subModX64(*t6,*t7,*X1,*CurveP);t6 = x3' - B
2754 | m_mulModX64(*t6,*t6,*t5,*CurveP, *high);t6 = (y2+y1)*(x3' - B)
2755 | m_subModX64(*Y1,*t6,*Y1,*CurveP);t2 = (y2+y1)*(x3' - B) - E = y3'
2756 |
2757 | move32b_(p.p_t7, p.p_X1,0,0)
2758 | FreeMemory(*t5)
2759 | EndProcedure
2760 |
2761 | Procedure m_Ecc_apply_zX64(*X1, *Y1, *Z1)
2762 | Protected *t1, *high
2763 | Shared *CurveP
2764 | *t1=AllocateMemory(96+40)
2765 | *high=*t1+32
2766 | m_squareModX64(*t1,*Z1,*CurveP, *high)
2767 | m_mulModX64(*X1,*X1,*t1,*CurveP, *high)
2768 | m_mulModX64(*t1,*t1,*Z1,*CurveP, *high)
2769 | m_mulModX64(*Y1,*Y1,*t1,*CurveP, *high)
2770 | FreeMemory(*t1)
2771 | EndProcedure
2772 |
2773 | Procedure m_Ecc_double_jacobian_secp256k1X64(*X1, *Y1, *Z1)
2774 | Protected *t5, *t4, *high
2775 | Shared *CurveP
2776 | *t5=AllocateMemory(128+40)
2777 | *t4=*t5+32;32-63
2778 | *high=*t5+64
2779 | If Not m_check_nonzeroX64(*Z1)
2780 | ;==0
2781 | Debug "requered z>0(double_jacobian_secp256k1)"
2782 | End
2783 | EndIf
2784 | m_squareModX64(*t5,*Y1,*CurveP, *high);t5 = y1^2
2785 | m_mulModX64(*t4,*X1,*t5,*CurveP, *high);t4 = x1*y1^2 = A
2786 | m_squareModX64(*X1,*X1,*CurveP, *high);t1 = x1^2
2787 | m_squareModX64(*t5,*t5,*CurveP, *high);t5 = y1^4
2788 | m_mulModX64(*Z1,*Y1,*Z1,*CurveP, *high);t3 = y1*z1 = z3
2789 |
2790 | m_addModX64(*Y1,*X1,*X1,*CurveP);t2 = 2*x1^2
2791 | m_addModX64(*Y1,*Y1,*X1,*CurveP);t2 = 3*x1^2
2792 |
2793 | ;t2 = 3/2*(x1^2) = B
2794 | If PeekB(*Y1) & 1
2795 | m_addX64(*Y1,*Y1,*CurveP)
2796 | EndIf
2797 | m_shrX64(*Y1)
2798 |
2799 | m_squareModX64(*X1,*Y1,*CurveP, *high);t1 = B^2
2800 | m_subModX64(*X1,*X1,*t4,*CurveP);t1 = B^2 - A
2801 | m_subModX64(*X1,*X1,*t4,*CurveP);t1 = B^2 - 2A = x3
2802 |
2803 | m_subModX64(*t4,*t4,*X1,*CurveP);t4 = A - x3
2804 | m_mulModX64(*Y1,*Y1,*t4,*CurveP, *high);t2 = B * (A - x3)
2805 | m_subModX64(*Y1,*Y1,*t5,*CurveP);t2 = B * (A - x3) - y1^4 = y3
2806 |
2807 | FreeMemory(*t5)
2808 | EndProcedure
2809 |
2810 | Procedure m_Ecc_XYcZ_initial_doubleX64(*X1, *Y1, *X2, *Y2, *gx, *gy, *z)
2811 | If Not m_check_nonzeroX64(*z)
2812 | ;==0
2813 | FillMemory(*z,32,0,#PB_Long)
2814 | PokeI(*z,1)
2815 | EndIf
2816 | move32b_(p.p_gx, p.p_X1,0,0)
2817 | move32b_(p.p_gy, p.p_Y1,0,0)
2818 | move32b_(p.p_X1, p.p_X2,0,0)
2819 | move32b_(p.p_Y1, p.p_Y2,0,0)
2820 | m_Ecc_apply_zX64(*X1, *Y1, *z)
2821 | m_Ecc_double_jacobian_secp256k1X64(*X1, *Y1, *z)
2822 | m_Ecc_apply_zX64(*X2, *Y2, *z)
2823 | EndProcedure
2824 |
2825 |
2826 |
2827 |
2828 | Procedure m_Ecc_regularize_kX64(*k0, *key)
2829 | Protected carry, *nt, *ntcut, gt
2830 | Shared *Curveqn , *Curveqncut
2831 |
2832 | *nt = *Curveqn
2833 | *ntcut = *Curveqncut
2834 | carry = m_subX64(*k0,*key,*nt)
2835 | Debug carry
2836 | gt = m_check_less_more_equilX64(*k0,*nt)>>1
2837 | Debug gt
2838 | Debug "testbit"+Str(m_Ecc_TestBitX64(*k0,255))
2839 | If(carry)
2840 | Debug "add"
2841 | m_addX64(*k0,*key,*nt)
2842 | EndIf
2843 |
2844 | EndProcedure
2845 |
2846 | Procedure m_EccPoint_multX64(*resultX, *resultY, *Gx, *Gy, *key)
2847 | Protected *z, *rx0, *ry0, *rx1, *ry1, *scalar, i, *high
2848 | Protected num_bits=257, nb
2849 |
2850 | Shared *CurveP
2851 | *z =AllocateMemory(256+40, #PB_Memory_NoClear)
2852 | *rx0=*z+32;31-63
2853 | *rx1=*z+64;64-95
2854 | *ry0=*z+96;96-127
2855 | *ry1=*z+128;128-159
2856 | *scalar = *z+160;160-191
2857 | *high=*z+192
2858 |
2859 | m_Ecc_ClearMX64(*z)
2860 |
2861 | If m_check_equilX64(*key,*z)
2862 | ;key==0
2863 | m_Ecc_ClearMX64(*resultX)
2864 | m_Ecc_ClearMX64(*resulty)
2865 | Else
2866 | PokeI(*z,1)
2867 | If m_check_equilX64(*key,*z)
2868 | ;key==1
2869 | move32b_(p.p_Gx, p.p_resultX,0,0)
2870 | move32b_(p.p_Gy, p.p_resultY,0,0)
2871 | Else
2872 | m_Ecc_XYcZ_initial_doubleX64(*rx1,*ry1,*rx0,*ry0, *Gx, *Gy, *z)
2873 |
2874 | m_Ecc_regularize_kX64(*scalar, *key)
2875 |
2876 | i=num_bits-2
2877 | While i>0
2878 | nb= 1 - m_Ecc_TestBitX64(*scalar, i)
2879 |
2880 |
2881 | m_Ecc_XYcZ_addCX64(*rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32, *rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32)
2882 |
2883 | m_Ecc_XYcZ_addX64(*rx0+nb*32, *ry0+nb*32 ,*rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32 ,*rx0+(1-nb)*32, *ry0+(1-nb)*32)
2884 |
2885 | i-1
2886 | Wend
2887 |
2888 | nb= 1 - m_Ecc_TestBitX64(*scalar, i)
2889 | m_Ecc_XYcZ_addCX64(*rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32, *rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32)
2890 | ;Find final 1/Z value.
2891 |
2892 |
2893 | m_subModX64(*z,*rx1,*rx0,*CurveP)
2894 | m_mulModX64(*z,*z,*ry0+(1-nb)*32,*CurveP, *high)
2895 | m_mulModX64(*z,*z,*Gx,*CurveP, *high)
2896 | m_Ecc_modInvX64(*z,*z,*CurveP)
2897 |
2898 |
2899 | m_mulModX64(*z,*z,*Gy,*CurveP, *high)
2900 | m_mulModX64(*z,*z,*rx0+(1-nb)*32,*CurveP, *high)
2901 |
2902 |
2903 | m_Ecc_XYcZ_addX64(*rx0+nb*32, *ry0+nb*32 ,*rx0+(1-nb)*32, *ry0+(1-nb)*32, *rx0+nb*32, *ry0+nb*32 ,*rx0+(1-nb)*32, *ry0+(1-nb)*32)
2904 |
2905 | m_Ecc_apply_zX64(*rx0, *ry0, *z)
2906 | move32b_(p.p_rx0, p.p_resultX,0,0)
2907 | move32b_(p.p_ry0, p.p_resultY,0,0)
2908 | EndIf
2909 | EndIf
2910 |
2911 | FreeMemory(*z)
2912 | EndProcedure
2913 |
2914 | Procedure beginBatchAdd(*Invout, totalpoints, *apointX, *apointY, *pointarr)
2915 | Protected *s, *pointer, *temp, i, *high
2916 | Shared *CurveP
2917 | *s=AllocateMemory(128+40)
2918 | *temp=*s+32
2919 | *high=*s+64
2920 | PokeI(*s,1)
2921 |
2922 | *pointer=*pointarr
2923 | ;pointarr 96b line (x32,y32,diff32)
2924 | i=0
2925 | While i0
2962 | *pointerdiff = *pointer-96
2963 | m_mulModX64(*s,*curvInv,*pointerdiff+64,*CurveP, *high)
2964 |
2965 | If m_check_equilX64(*apointX, *pointer)
2966 | ;px==x
2967 | ;addModP(py, py, x)
2968 | m_addModX64(*temp,*apointY,*apointY,*CurveP)
2969 | Else
2970 | ;px!=x
2971 | ;subModP(px, x, x)
2972 | m_subModX64(*temp,*apointX,*pointer,*CurveP)
2973 | EndIf
2974 |
2975 | m_mulModX64(*curvInv,*curvInv,*temp,*CurveP, *high)
2976 |
2977 | If m_check_equilX64(*apointX, *pointer)
2978 | ;x1==x2
2979 | m_DBLTX64(*NewpointX,*NewpointY,*apointX,*apointY,*CurveP)
2980 | Else
2981 | ;//slope=(y1-y2)*inverse(x1-x2,p)
2982 | m_subModX64(*NewpointY,*apointY,*pointer+32,*CurveP)
2983 | m_mulModX64(*s,*NewpointY,*s,*CurveP, *high)
2984 | ;Rx = s^2 - Gx - Qx => pow_mod(slope,2,p)-(x1+x2)
2985 | m_squareModX64(*NewpointY,*s,*CurveP, *high)
2986 | m_subModX64(*NewpointY,*NewpointY,*apointX,*CurveP)
2987 | m_subModX64(*NewpointX,*NewpointY,*pointer,*CurveP)
2988 | ;Ry = s(px - rx) - py
2989 | m_subModX64(*NewpointY,*apointX,*NewpointX,*CurveP)
2990 | m_mulModX64(*NewpointY,*NewpointY,*s,*CurveP, *high)
2991 | m_subModX64(*NewpointY,*NewpointY,*apointY,*CurveP)
2992 |
2993 | EndIf
2994 | ;Debug("["+Str(totalpoints)+"] x: "+m_gethex32(*NewpointX))
2995 | ;Debug("["+Str(totalpoints)+"] y: "+m_gethex32(*NewpointY))
2996 |
2997 | move32b_(p.p_NewpointX, p.p_pointerToNew,0,0)
2998 | move32b_(p.p_NewpointY, p.p_pointerToNew,0,32)
2999 |
3000 | *pointer-96
3001 | *pointerToNew-lenline
3002 | totalpoints - 1
3003 | Wend
3004 | If totalpoints=0
3005 | If m_check_equilX64(*apointX, *pointer)
3006 | ;x1==x2
3007 | m_DBLTX64(*NewpointX,*NewpointY,*apointX,*apointY,*CurveP)
3008 | Else
3009 | ;slope=(y1-y2)*inverse(x1-x2,p)
3010 | m_subModX64(*NewpointY,*apointY,*pointer+32,*CurveP)
3011 | m_mulModX64(*curvInv,*NewpointY,*curvInv,*CurveP, *high)
3012 | ;Rx = s^2 - Gx - Qx => pow_mod(slope,2,p)-(x1+x2)
3013 | m_squareModX64(*NewpointY,*curvInv,*CurveP, *high)
3014 | m_subModX64(*NewpointY,*NewpointY,*apointX,*CurveP)
3015 | m_subModX64(*NewpointX,*NewpointY,*pointer,*CurveP)
3016 | ;Ry = s(px - rx) - py
3017 | ;Ry = s(px - rx) - py
3018 | m_subModX64(*NewpointY,*apointX,*NewpointX,*CurveP)
3019 | m_mulModX64(*NewpointY,*NewpointY,*curvInv,*CurveP, *high)
3020 | m_subModX64(*NewpointY,*NewpointY,*apointY,*CurveP)
3021 | EndIf
3022 |
3023 | ;Debug("["+Str(totalpoints)+"] x: "+m_gethex32(*NewpointX))
3024 | ;Debug("["+Str(totalpoints)+"] y: "+m_gethex32(*NewpointY))
3025 |
3026 | move32b_(p.p_NewpointX, p.p_pointerToNew,0,0)
3027 | move32b_(p.p_NewpointY, p.p_pointerToNew,0,32)
3028 | EndIf
3029 |
3030 | FreeMemory(*s)
3031 | EndProcedure
3032 |
3033 | Procedure fillarrayN(*pointarr, totalpoints, *apointX, *apointY)
3034 | Protected *pointer, i, k, *invret, j
3035 | Shared *CurveP, *CurveGx, *CurveGy
3036 |
3037 | *invret=AllocateMemory(32)
3038 | If *invret=0
3039 | Debug"!"
3040 | EndIf
3041 | *pointer=*pointarr
3042 |
3043 | If totalpoints
3044 | move32b_(p.p_apointX, p.p_pointer,0,0)
3045 | move32b_(p.p_apointY, p.p_pointer,0,32)
3046 |
3047 | i+1
3048 | While i=totalpoints
3051 | k=totalpoints-i
3052 | EndIf
3053 |
3054 | beginBatchAdd(*invret, k, *pointer, *pointer+32, *pointarr)
3055 | completeBatchAddWithDouble(*pointer+96, 96, k, *pointer, *pointer+32, *pointarr, *invret)
3056 |
3057 | *pointer+k*96
3058 | i+k
3059 |
3060 | Wend
3061 | EndIf
3062 |
3063 | FreeMemory(*invret)
3064 | EndProcedure
3065 | EndModule
3066 |
3067 | ;-Usage - Example
3068 | CompilerIf #PB_Compiler_IsMainFile
3069 | OpenConsole()
3070 |
3071 | Define *CurveP, *CurveGx, *CurveGY
3072 | *CurveP = Curve::m_getCurveValues()
3073 | *CurveGx = *CurveP+32
3074 | *CurveGY = *CurveP+64
3075 | Define a$, b$, c$, *a, *ax, *ay, *b, *bx, *by, *c, *cx, *cy, i, carry, borrow, starttime, *high
3076 |
3077 | *a=AllocateMemory(32)
3078 | *ax=AllocateMemory(32)
3079 | *ay=AllocateMemory(32)
3080 | *b=AllocateMemory(32)
3081 | *bx=AllocateMemory(32)
3082 | *by=AllocateMemory(32)
3083 | *c=AllocateMemory(32)
3084 | *cx=AllocateMemory(32)
3085 | *cy=AllocateMemory(32)
3086 | *high=AllocateMemory(64+40)
3087 |
3088 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3089 | Curve::m_sethex32(*b, @b$)
3090 | PrintN( "b:"+Curve::m_gethex32(*b))
3091 | PrintN("Negative")
3092 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3093 | Curve::m_NegModX64(*c,*b,*CurveP)
3094 | PrintN( "low:"+Curve::m_gethex32(*c))
3095 | ;sould be b7c52588d95c3b9a a25b0403f1eef757 02e84bb7597aabe6 63b82f6f04ef2777
3096 |
3097 | a$ = "0000000000000000000000000000000000000000000000000000000000000003"
3098 | b$ = "0000000000000000000000000000000000000000000000000000000000000004"
3099 | c$ = "0000000000000000000000000000000000000000000000000000000000000005"
3100 | Curve::m_sethex32(*a, @a$)
3101 | Curve::m_sethex32(*b, @b$)
3102 | Curve::m_sethex32(*c, @c$)
3103 | PrintN( "a:"+Curve::m_gethex32(*a))
3104 | PrintN( "*")
3105 | PrintN( "b:"+Curve::m_gethex32(*b))
3106 | PrintN( "mod "+Curve::m_gethex32(*c))
3107 | Curve::m_mulModX64(*c,*a,*b,*c, *high)
3108 | PrintN( "low:"+Curve::m_gethex32(*c))
3109 | ;should be fd3dc529c6eb60fb9d166034cf3c1a5a72324aa9dfd3428a56d7e1ce0179fd9b
3110 | PrintN("------------------------")
3111 |
3112 |
3113 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3114 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3115 | Curve::m_sethex32(*ax, @a$)
3116 | Curve::m_sethex32(*ay, @b$)
3117 | a$ = "c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5"
3118 | b$ = "1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a"
3119 | Curve::m_sethex32(*bx, @a$)
3120 | Curve::m_sethex32(*by, @b$)
3121 | PrintN( "ax:"+Curve::m_gethex32(*ax))
3122 | PrintN( "ay:"+Curve::m_gethex32(*ay))
3123 | PrintN( "+(addpt)")
3124 | PrintN( "bx:"+Curve::m_gethex32(*bx))
3125 | PrintN( "by:"+Curve::m_gethex32(*by))
3126 | Curve::m_ADDPTX64(*cx,*cy,*ax,*ay,*bx,*by,*CurveP)
3127 | PrintN( "x:"+Curve::m_gethex32(*cx))
3128 | PrintN( "y:"+Curve::m_gethex32(*cy))
3129 | PrintN("------------------------")
3130 | ;shold be
3131 | ;x: f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9
3132 | ;y: 388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672
3133 |
3134 |
3135 | a$="0x342119815c0f816f31f431a9fe98a6c76d11425ecaeaecf2d0ef6def197c56b0"
3136 | Curve::m_sethex32(*a, @a$)
3137 | PrintN( "a:"+Curve::m_gethex32(*a))
3138 | PrintN( "^2")
3139 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3140 | Curve::m_squareModX64(*c,*a,*CurveP, *high)
3141 | PrintN( "="+Curve::m_gethex32(*c))
3142 | PrintN("------------------------")
3143 | ;sould be
3144 | ; 38f37014ce22fc29cf19f28a5ce4da091445536c3e2cff318ba07c2a3048f518
3145 |
3146 |
3147 |
3148 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3149 | Curve::m_sethex32(*a, @a$)
3150 | PrintN( "a:"+Curve::m_gethex32(*a))
3151 | PrintN( "^2")
3152 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3153 | Curve::m_squareModX64(*c,*a,*CurveP, *high)
3154 | PrintN( "="+Curve::m_gethex32(*c))
3155 | PrintN("------------------------")
3156 | ;sould be
3157 | ; 3d6c452d1c076d0425ac63c7783f563df3ec12324d0f16bf7c8335253ef4be33
3158 |
3159 | a$="0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3160 | Curve::m_sethex32(*a, @a$)
3161 | PrintN( "a:"+Curve::m_gethex32(*a))
3162 | PrintN( "^2")
3163 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3164 | Curve::m_squareModX64(*c,*a,*CurveP, *high)
3165 | PrintN( "="+Curve::m_gethex32(*c))
3166 | PrintN("------------------------")
3167 | ;sould be
3168 | ; 4866d6a5ab41ab2c6bcc57ccd3735da5f16f80a548e5e20a44e4e9b8118c26f2
3169 |
3170 |
3171 | a$ = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
3172 | Curve::m_sethex32(*a, @a$)
3173 | PrintN( "a:"+ Curve::m_gethex32(*a))
3174 | PrintN( "a is infininty?"+Str(Curve::m_IsInfinityX64(*a)))
3175 | PrintN("------------------------")
3176 |
3177 |
3178 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3179 | Curve::m_sethex32(*a, @a$)
3180 |
3181 | For i=255 To 0 Step -1
3182 | Print(Str( Curve::m_Ecc_TestBitX64(*a,i)))
3183 | Next i
3184 | ;0011111111011100001010100000010110000010100010100000011011000001100011100000010101111010100011011001010101001001101111011100001111111111000001011110111001101001101000110101001000110100001011001110001110000010101010101111111010101110101110011000111011111001
3185 | ;0011111111011100001010100000010110000010100010100000011011000001100011100000010101111010100011011001010101001001101111011100001111111111000001011110111001101001101000110101001000110100001011001110001110000010101010101111111010101110101110011000111011111001
3186 | PrintN("")
3187 | PrintN("------------------------")
3188 |
3189 |
3190 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3191 | Curve::m_sethex32(*a, @a$)
3192 | b$="0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3193 | Curve::m_sethex32(*b, @b$)
3194 | Curve::m_Ecc_AndX64(*c, *a, *b)
3195 | PrintN("a: "+Curve::m_gethex32(*a))
3196 | PrintN("AND")
3197 | PrintN("b: "+Curve::m_gethex32(*b))
3198 | PrintN("result: "+Curve::m_gethex32(*c))
3199 | ;sould be 1fc80001820802c100002a05050999c06b004640a2521008608202cc24200878
3200 | PrintN("---------------")
3201 |
3202 |
3203 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3204 | Curve::m_sethex32(*a, @a$)
3205 | b$="0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3206 | Curve::m_sethex32(*b, @b$)
3207 | carry = Curve::m_addX64(*c, *a, *b)
3208 | PrintN("a: "+Curve::m_gethex32(*a))
3209 | PrintN("+")
3210 | PrintN("b: "+Curve::m_gethex32(*b))
3211 | PrintN("result: "+Curve::m_gethex32(*c))
3212 | PrintN("carry: "+Str(carry))
3213 | ;sould be 11fa6fb7755a3729caef029b4c4d959906a60363ea1a608055869aecbd41fa877
3214 | PrintN("---------------")
3215 |
3216 |
3217 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3218 | Curve::m_sethex32(*a, @a$)
3219 | b$="0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3220 | Curve::m_sethex32(*b, @b$)
3221 | borrow = Curve::m_subX64(*c, *a, *b)
3222 | PrintN("a: "+Curve::m_gethex32(*a))
3223 | PrintN("-")
3224 | PrintN("b: "+Curve::m_gethex32(*b))
3225 | PrintN("result: "+Curve::m_gethex32(*c))
3226 | PrintN("borrow: "+Str(borrow))
3227 | ;sould be 60115893af709ae66d1acb6665ba21f793aba694a4fe60546e9ba7318953757b
3228 | PrintN("---------------")
3229 |
3230 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3231 | Curve::m_sethex32(*a, @a$)
3232 | b$="0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3233 | Curve::m_sethex32(*b, @b$)
3234 | PrintN( "a:"+Curve::m_gethex32(*a))
3235 | PrintN( "+")
3236 | PrintN( "b:"+Curve::m_gethex32(*b))
3237 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3238 | Curve::m_addModX64(*c,*a,*b,*CurveP)
3239 | PrintN( "="+Curve::m_gethex32(*c))
3240 | PrintN("------------------------")
3241 | ;shold be 1fa6fb7755a3729caef029b4c4d959906a60363ea1a608055869aeccd41fac48
3242 | ;1fa6fb7755a3729caef029b4c4d959906a60363ea1a608055869aeccd41fac48
3243 |
3244 | a$="0x3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3245 | Curve::m_sethex32(*a, @a$)
3246 | b$="0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3247 | Curve::m_sethex32(*b, @b$)
3248 | PrintN( "a:"+Curve::m_gethex32(*a))
3249 | PrintN( "-")
3250 | PrintN( "b:"+Curve::m_gethex32(*b))
3251 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3252 | Curve::m_subModX64(*c,*a,*b,*CurveP)
3253 | PrintN( "="+Curve::m_gethex32(*c))
3254 | PrintN("------------------------")
3255 | ;shold be 60115893af709ae66d1acb6665ba21f793aba694a4fe60546e9ba730895371aa
3256 |
3257 |
3258 |
3259 |
3260 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3261 | Curve::m_sethex32(*a, @a$)
3262 | PrintN( "a:"+Curve::m_gethex32(*a))
3263 | PrintN( "Inverse")
3264 | PrintN( "mod "+Curve::m_gethex32(*CurveP))
3265 | Curve::m_Ecc_modInvX64(*c,*a,*CurveP)
3266 | PrintN( "low:"+Curve::m_gethex32(*c))
3267 | ;shold be 237afdf1d2938d86870aaeb8ad77626a67b8e794abfb076be61d003687ca9ef6
3268 | PrintN("------------------------")
3269 |
3270 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3271 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3272 | Curve::m_sethex32(*a, @a$)
3273 | Curve::m_sethex32(*b, @b$)
3274 | PrintN( "a:"+Curve::m_gethex32(*a))
3275 | PrintN( "b:"+Curve::m_gethex32(*b))
3276 | PrintN( "DBPTL")
3277 | Curve::m_DBLTX64(*cx,*cy,*a,*b,*CurveP)
3278 | PrintN( "x:"+Curve::m_gethex32(*cx))
3279 | PrintN( "y:"+Curve::m_gethex32(*cy))
3280 | PrintN("------------------------")
3281 | ;shold be
3282 | ;x: c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
3283 | ;y: 1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a
3284 |
3285 |
3286 | a$ = "c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5"
3287 | b$ = "1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a"
3288 | Curve::m_sethex32(*a, @a$)
3289 | Curve::m_sethex32(*b, @b$)
3290 | PrintN( "a:"+Curve::m_gethex32(*a))
3291 | PrintN( "b:"+Curve::m_gethex32(*b))
3292 | PrintN( "DBPTL")
3293 | Curve::m_DBLTX64(*cx,*cy,*a,*b,*CurveP)
3294 | PrintN( "x:"+Curve::m_gethex32(*cx))
3295 | PrintN( "y:"+Curve::m_gethex32(*cy))
3296 | PrintN("------------------------")
3297 | ;shold be
3298 | ;x: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13
3299 | ;y: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922
3300 |
3301 |
3302 |
3303 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3304 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3305 | Curve::m_sethex32(*ax, @a$)
3306 | Curve::m_sethex32(*ay, @b$)
3307 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3308 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3309 | Curve::m_sethex32(*bx, @a$)
3310 | Curve::m_sethex32(*by, @b$)
3311 | starttime= ElapsedMilliseconds()
3312 | For i = 0 To 9999
3313 | Curve::m_ADDPTX64(*bx,*by,*ax,*ay,*bx,*by,*CurveP)
3314 | Next i
3315 | PrintN( "x:"+Curve::m_gethex32(*bx))
3316 | PrintN( "y:"+Curve::m_gethex32(*by))
3317 | PrintN( "compute in"+Str(ElapsedMilliseconds()-starttime)+"ms")
3318 | ;sould be
3319 | ;x:db7432110ba814bfe6371ddfd03ba554b558548aa90e81b8e1421321656065a8
3320 | ;y:8236f24d965a900384b382e8d772d7e92dee2ce6c3cb33883ea627d54a5170c4
3321 |
3322 |
3323 |
3324 |
3325 | a$ = "0x109a76b996c4b957445be784c15af96b6c7ff16363f1ede51925ecacd1ac6263"
3326 | Curve::m_sethex32(*a, @a$)
3327 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3328 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3329 | Curve::m_sethex32(*ax, @a$)
3330 | Curve::m_sethex32(*ay, @b$)
3331 |
3332 | PrintN( "a:"+Curve::m_gethex32(*a))
3333 | PrintN( "Ecc_pointMult")
3334 | Curve::m_EccPoint_multX64(*cx, *cy, *ax, *ay, *a)
3335 | PrintN( "x:"+Curve::m_gethex32(*cx))
3336 | PrintN( "y:"+Curve::m_gethex32(*cy))
3337 | PrintN("------------------------")
3338 |
3339 |
3340 | a$ = "0xdfcad171d3196bdb20eaaf272f8f9bcc6b5a47d4fe53d3d874e703cd2566197e"
3341 | Curve::m_sethex32(*a, @a$)
3342 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3343 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3344 | Curve::m_sethex32(*ax, @a$)
3345 | Curve::m_sethex32(*ay, @b$)
3346 |
3347 | PrintN( "a:"+Curve::m_gethex32(*a))
3348 | PrintN( "Ecc_pointMult")
3349 | Curve::m_EccPoint_multX64(*cx, *cy, *ax, *ay, *a)
3350 | PrintN( "x:"+Curve::m_gethex32(*cx))
3351 | PrintN( "y:"+Curve::m_gethex32(*cy))
3352 | PrintN("------------------------")
3353 |
3354 |
3355 |
3356 | a$ = "0x342119815c0f816f31f431a9fe98a6c76d11425ecaeaecf2d0ef6def197c56b0"
3357 | Curve::m_sethex32(*a, @a$)
3358 | a$ = "c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5"
3359 | b$ = "1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a"
3360 | Curve::m_sethex32(*ax, @a$)
3361 | Curve::m_sethex32(*ay, @b$)
3362 |
3363 | PrintN( "a:"+Curve::m_gethex32(*a))
3364 | PrintN( "Ecc_pointMult")
3365 | Curve::m_EccPoint_multX64(*cx, *cy, *ax, *ay, *a)
3366 | PrintN( "x:"+Curve::m_gethex32(*cx))
3367 | PrintN( "y:"+Curve::m_gethex32(*cy))
3368 | PrintN("------------------------")
3369 |
3370 | ;G base point!!
3371 | a$ = "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
3372 | b$ = "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"
3373 | Curve::m_sethex32(*ax, @a$)
3374 | Curve::m_sethex32(*ay, @b$)
3375 |
3376 | ;multipler
3377 | c$ = "000000000000000000000000000000000000000000000000000000000000000A"
3378 | c$ = "3fdc2a05828a06c18e057a8d9549bdc3ff05ee69a352342ce382aafeaeb98ef9"
3379 | Curve::m_sethex32(*c, @c$)
3380 |
3381 | PrintN( "Gx:"+Curve::m_gethex32(*ax))
3382 | PrintN( "Gy:"+Curve::m_gethex32(*ay))
3383 | PrintN( "*(ptmul)")
3384 | PrintN( "multipler:"+Curve::m_gethex32(*c))
3385 |
3386 | Curve::m_PTMULX64(*cx, *cy, *ax, *ay, *c,*CurveP)
3387 | PrintN( "x:"+Curve::m_gethex32(*cx))
3388 | PrintN( "y:"+Curve::m_gethex32(*cy))
3389 | PrintN("------------------------")
3390 | ;shold be
3391 | ;x:510f6efbef396a1985da989104a295063606319beafa4e1fd0ebd29ace19088f
3392 | ;y:fcf1cb9e1a9c02fea09e983fe5fe8fb7ce74a80ed3b1783706e27bde4b2ede5e
3393 |
3394 |
3395 | Input()
3396 | CloseConsole()
3397 | CompilerEndIf
3398 |
--------------------------------------------------------------------------------